Privacy policy

We are very pleased about your interest in using our website. As the protection of your privacy is important to us, we would like to inform you in detail below about how we handle your data.

In both your interest and ours, we strive to collect as little personal data as possible while at the same time providing you with the best possible service. However, in some cases, we have an interest in collecting additional data, so we collect, store, and, if necessary, further use the following information under the points listed below in order to ensure the optimal presentation and accessibility of our offering or to provide certain functionalities. If you have concerns about transmitting personal data to us via the Internet, you are always free to contact us through alternative communication channels (for example, by telephone).

Controller responsible for data processing:

WINDEA Heinemann Hotelbetriebsgesellschaft mbH
Holger Heinemann
Am Tidehafen 3
26931 Elsfleth
info@shipyard-guesthouse.de

1) Hosting and Server Log Files

[a] Hosting by third-party providers
We commission a third-party provider as a service provider to provide the hosting/web server for this website. Data collected in the context of the general use of this website or in forms, applications, or other functionalities provided for this purpose, as explained below, is processed on the service provider’s servers unless otherwise described. If you have any questions about the service provider we use and the basis of our cooperation with them, please feel free to contact us using the contact option described in this privacy policy.

[b] Server log files
Visiting our pages is always possible without providing any information about your person. In so-called server log files, the web server of our website automatically stores access data, which includes the following information:
(1) Hostname of the accessing computer (your IP address),
(2) Name of the requested file,
(3) Time and date of the server request,
(4) Amount of data transferred, and
(5) Protocol used,
(6) Response of the web server to the respective request (status code),
(7) Browser type and version,
(8) Operating system used, as well as
(9) The address from which the requested document was referred (referrer).

The server log files are only evaluated to ensure the trouble-free operation of our pages and to improve our offering in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR. The access data will not be merged with other data sources. Furthermore, the server log files are stored separately from all other personal data provided by the user. The log files are not stored longer than necessary and are deleted regularly and automatically.

2) Data Collection/Use via Web Forms or Customer Account Opening

We only collect personal data if you voluntarily provide it to us in the context of an order, when contacting us via form or email, or when opening a customer account on our website. Mandatory fields in the respective input options are marked accordingly. These details are essential for processing the contract or handling your request, and without such data, it is not possible to complete the order/account opening or contact request. The respective input forms show which data is collected. Fields not marked as mandatory do not need to be filled in by you. The data you provide in this process will be used to process the contract or handle your inquiries in accordance with Art. 6 para. 1 sentence 1 lit. b GDPR. If you open a customer account with us, the consent and processing of your data will be carried out in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR.

Once your order/contract or contact has been completed, we will restrict your data for further processing and delete it after the expiry of tax and commercial retention periods in accordance with Art. 6 para. 1 sentence 1 lit. c GDPR. If we have your consent to further process your data in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR or there is a reservation of further legally permitted data use, about which we may also inform you in this privacy policy, no deletion will take place. If it is possible to open a customer account on our pages, this customer account can be deleted by you at any time, if the option is available, in the customer account itself, or you can have the account deleted by sending a message to the contact option specified in this privacy policy.

3) Use of Cookies

We use cookies to make our offering more user-friendly, effective, and attractive. Cookies also enable us to provide certain functionalities. Cookies are small text files that are created by our website and placed on your device by your browser when you use our website.

Some of the cookies we use are session cookies. These are deleted as soon as you close your browser. Another type of cookies we use are persistent cookies. These cookies remain stored on your device until you delete them. Many of these cookies contain a unique so-called cookie ID, which enables the website to assign the internet browser to the respective visit of the website. This allows us to recognise your browser the next time you visit our website and to offer you better service. For example, these cookies can store settings, shopping cart contents, or the login status. An internet browser can be recognised again using the cookie ID. We have an overriding legitimate interest in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR in the correct display and delivery of content appropriate to the respective users, which makes the use of the cookies we use necessary.

There are technically necessary cookies that are required for the correct display and technical functionality. We do not obtain your consent for these. For cookies used, for example, for web analysis or marketing purposes, we require your prior consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR. Which cookies are set in detail can be found in this privacy policy.

Objection/Deletion of Cookies
In your browser settings, you can view how long cookies are stored and specify that you are informed about the setting of cookies. You also have the option in the browser settings to allow cookies only in individual cases, to store exceptions for certain pages, or to generally refuse the acceptance of cookies. There you can also activate the automatic deletion of cookies when closing the browser.

The way in which you can make cookie settings depends on your browser and device. In general, you can find out how and to what extent you can adjust the cookie settings of your browser via the help function of your browser. Below we have compiled instructions for some of the most commonly used browsers:
Microsoft Edge: https://support.microsoft.com/de-de/help/4027947/microsoft-edge-delete-cookies
Apple Safari: https://support.apple.com/de-de/guide/safari/sfri11471/mac
Google Chrome: http://support.google.com/chrome/bin/answer.py?hl=de&hlrm=en&answer=95647
Mozilla Firefox: https://support.mozilla.org/de/products/firefox/protect-your-privacy/cookies
Opera: https://help.opera.com/de/latest/web-preferences/

Please note that our website may no longer function or only function to a limited extent if you completely deactivate cookies.

4) Cookies and Data Transfers in Connection with Web Analytics Services and for Advertising Purposes as well as for Services Not Technically Required

If you give your consent to the following technologies from third-party providers, this is based on Art. 6 para. 1 sentence 1 lit. a GDPR. Cookies may be set. If the data we collect with this is no longer needed, it will be deleted. You can revoke your consent at any time with effect for the future. How you can revoke consent from the providers is described in the respective section. You can also use the general objection method described in the section “Use of Cookies”. Information including the basis of our cooperation with the providers can be found in the section of the respective provider. If you have questions about a service provider or want details about the basis of cooperation, you can contact us at any time using the contact option described in this privacy policy.

[a] Services and Privacy Notices from Google
The following offers and services are products of the operator Google Ireland Limited, Gordon House, Barrow Street, Dublin, D04 E5W5, Ireland (“Google”).
As a rule, the data collected through the use of these services is transmitted to a server of Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA) and stored there.
For the USA, there is no adequacy decision by the European Commission. Our cooperation is based on standard contractual clauses of the European Commission. Unless otherwise stated below, data processing is carried out on the basis of a joint controller agreement in accordance with Art. 26 GDPR. Further privacy information on Google and on specific Google services listed below, as well as further options to object to the use and processing of data by Google, can be found at any time in Google’s privacy policy at: http://www.google.com/policies/privacy.

Google Tag Manager
We use Google Tag Manager on our website to manage various services and code, allowing us to integrate various services and technologies. Through the implementation of individual tags, Google may process personal data such as IP addresses or online identifiers (cookies). This data processing is carried out based on a data processing agreement with Google. If you do not wish the use of specific tracking services, the deactivation remains in effect for all affected tracking tags integrated via Google Tag Manager.

Google Ads
We place advertisements in Google search results and on third-party websites. When you visit our website, the so-called Google Remarketing cookie is set. This automatically collects certain data (IP address, time of visit, device and browser information, and information about your use of our website). This enables us, using a pseudonymous cookie ID, to display interest-based advertising based on your visited pages.
If you have enabled the “personalised advertising” setting in your Google account, further data processing takes place. If you are logged into Google when visiting our website, Google uses your data along with other Google Analytics data to create and define lists for cross-device remarketing.
To analyse our website and track events, we use Google Ads Conversion Tracking to measure your usage behaviour if you have arrived at our website via a Google Ads advertisement. Using pseudonyms, usage profiles are created via cookies and other data (IP address, time of visit, device and browser information, and information about your use of our website based on predefined events such as visiting a page or subscribing to a newsletter).

Google Analytics for Web Analysis
To evaluate website access, we use Google Analytics technology with your explicit consent pursuant to Art. 6 para. 1 sentence 1 lit. a GDPR. This automatically collects and stores data from you, including your IP address, time of visit, browser and device information, and data on how you use our website. Google Analytics creates usage profiles from this data using pseudonyms. Cookies may be used. In principle, your IP address is not merged with other data collected by Google. Data processing is based on a data processing agreement with Google.

For obtaining your consent to processing by Google Analytics, we use an external service provider. This provider works on our behalf and supports us in obtaining consents. Please contact us via the contact option in this privacy policy if you have any questions regarding the service providers we use and the basis of our cooperation.

You can revoke your consent at any time with future effect by downloading and installing the browser plugin available here:
https://tools.google.com/dlpage/gaoptout?hl=de
This prevents the collection and processing of data generated by the cookie relating to your use of the website (including your IP address) by Google.

Cookies used by Google Analytics for statistical purposes:

• _ga: Registers a unique ID that is used to generate statistical data on how the visitor uses the website. (Storage period: 2 years, Type: HTTP, Data transfer to: USA)

• _gat: Used by Google Analytics to throttle request rate. (Storage period: 1 day, Type: HTTP, Data transfer to: USA)

• _gid: Registers a unique ID that is used to generate statistical data on how the visitor uses the website. (Storage period: 1 day, Type: HTTP, Data transfer to: USA)

• collect: Used to send data to Google Analytics about the visitor’s device and behaviour. Tracks the visitor across devices and marketing channels. (Storage period: session, Type: Pixel, Data transfer to: USA, Provider: Google)

Google Maps
To display our or other relevant locations or geographical information, we use the Google Maps map service. When you call up a page where Google Maps is integrated directly, a connection to Google’s servers is established. Google’s servers record the page you visited, and your IP address is usually transmitted to Google’s servers. Location data may also be transmitted to Google for position determination. If you have a Google account and are logged in while the connection to Google’s servers is established, Google may associate your browsing behaviour with your account (you can log out of your Google account before visiting our website to prevent this). We have no influence on this data processing.
You can also prevent any data transfer to Google Maps by disabling JavaScript in your browser. However, the use of Google Maps will then be impossible or limited. Data processing is based on a joint controller agreement in accordance with Art. 26 GDPR, which you can view at: https://privacy.google.com/intl/de/businesses/mapscontrollerterms/.
If you must give consent before displaying the Google Maps map, we sometimes use an external service provider to obtain consents. This provider works on our behalf and supports us in obtaining consents. Please contact us using the details provided in this privacy policy if you have any questions regarding the service providers we use and the basis of our cooperation.

5) Further Used Services and Technologies

[a] Google Services

Google Privacy Information
The following offers and services are products of the operating company Google Ireland Limited, Gordon House, Barrow Street, Dublin, D04 E5W5, Ireland (“Google”). As a rule, the data collected through the use of the services is transmitted to a server of Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA) and stored there. For the USA, there is no adequacy decision by the European Commission. Our cooperation is based on standard contractual clauses of the European Commission. Unless otherwise stated below, data processing is carried out on the basis of a joint controller agreement in accordance with Art. 26 GDPR. Further privacy information about Google, as well as about specific Google services listed below and other ways to object to the use and processing of data by Google, can be found at any time in Google’s privacy policy at: http://www.google.com/policies/privacy.

Google Fonts
On our website, fonts from the Google Fonts service (fonts.google.com) are integrated. By embedding the fonts via Google’s servers, the user is always delivered the latest version of the respective fonts. Google states that no cookies are sent to Google’s servers when calling up the font files; however, your IP address, time of visit, as well as browser and device information are usually transmitted to and processed on Google’s servers. We have no influence over this subsequent data processing.

Google reCAPTCHA
To prevent or protect against misuse of forms and other input options by bots, etc., we partly use the Google reCAPTCHA service on these pages. On pages where reCAPTCHA is integrated, an automated mechanism runs in the background, which analyses various parameters (such as IP address, cookies, length of visit, browser information, or user input) to determine whether the visitor is a bot or a human. This data is usually sent to Google’s servers for analysis. In addition, other cookies stored by Google services in your browser are analysed by Google reCAPTCHA. No evaluation or storage of personal data entered into a form where reCAPTCHA is embedded takes place. You can prevent possible data transfers via Google reCAPTCHA by disabling JavaScript or cookies in your browser. However, use of our website may then be impossible or only possible to a limited extent.

YouTube Videos
On these pages, content (videos) from the online video platform YouTube is embedded using so-called frames. YouTube (address: YouTube LLC, 901 Cherry Ave., San Bruno, CA 94066, USA) is an offering and subsidiary of Google. As soon as you visit a page on which a YouTube video is embedded via a frame, a connection to YouTube’s or Google’s servers is established and your IP address, time of visit, as well as browser and device information are usually transmitted to Google / YouTube’s servers. The servers record the page you visited. If you have a Google or YouTube account and are logged in while the connection to YouTube’s servers is established, Google may associate your browsing behaviour with your account. If you do not want this, you must log out of your YouTube / Google account before calling up and playing the YouTube videos.
We also point out that YouTube videos on our website are embedded in “extended privacy mode”. Google states that this means that further data beyond that already mentioned is only collected from our website users when the video is actively played, for example through cookies.

[b] Wordfence
To protect this website against various types of attacks, we use the WordPress plugin Wordfence. Provider is Defiant, Inc., 800 5th Ave Ste 4100, Seattle, WA 98104, United States. Data processing generally takes place on the same web server where this WordPress site is installed. Wordfence uses cookies and similar technologies to provide protection, including to check user permissions when accessing WordPress functions, for administrator notifications of unusual login activities, and to prevent bypassing of country restrictions through specially modified links. The use of Wordfence is based on the legitimate interest of ensuring the necessary security for this website. Further information can be found in Wordfence’s privacy policy: https://www.wordfence.com/privacy-policy/.

[c] Chatlyn
When using the chatlyn WebChat on our website, the following personal data is processed, with data only being transmitted once you actually start a conversation:

• Date and time of access

• Browser type, browser version, and browser language

• Your IP address

• Session ID

• Operating system used

• URL of the website on which WebChat is used

• Content you send

When communicating with us via our communication channels, personal data may be processed if you provide it. The type of data depends on your concern or the problem you describe to us.

The data is processed for the purpose of communicating with you and handling and responding to your request.

The legal basis for processing your personal data is our legitimate interest in communicating with you and responding to inquiries pursuant to Art. 6 para. 1 lit. f GDPR, or the necessity of processing for the performance of a contract concluded with you or for the implementation of pre-contractual measures taken at your request pursuant to Art. 6 para. 1 lit. b GDPR.

We store the data we process in the course of communication with you for as long as it is needed to handle the conversation with you or until the end of a potential business relationship with you. In addition, we retain personal data for as long as statutory retention obligations exist or as long as limitation periods for legal claims, for which the data may be required, have not yet expired.

We do not transfer your personal data to third countries; the data is stored on servers in Germany by chatlyn on our behalf, and we have concluded a data processing agreement with chatlyn. To provide WebChat, the following cookies are stored on your device:

These cookies are technically necessary to provide WebChat. They are not used for tracking, and other websites have no access to them.

6) Our Online Presence in Social Networks

We operate company or profile pages on various social network portals. The operators aim to create usage profiles using pseudonyms. If you have given your consent pursuant to Art. 6 para. 1 sentence 1 lit. a GDPR, the operators of the social media platforms collect data from you. This data for market research and advertising purposes is then automatically collected when you visit the pages. Based on the usage profiles, you will be shown, among other things, interest-based advertisements outside the platforms. Cookies are generally used for this purpose.

We provide you below with further information from the respective providers, where you can learn more about the processing and use of your data, your rights, and the privacy notices and contact options of the companies, as well as – if offered – privacy settings, in particular objection options (opt-out). If you still have questions or need further assistance, you can contact us at any time. For the USA, there is no adequacy decision by the European Commission. Our cooperations are based on standard contractual clauses of the European Commission.

Meta Platforms, Inc., 1 Hacker Way, Menlo Park, California 94025, USA (Facebook)
Meta Platforms Ireland Ltd., 4 Grand Canal Square, Dublin 2, Ireland (“Facebook (by Meta)” or “Meta Platforms Ireland”)
Privacy Policy: https://www.facebook.com/about/privacy/
Opt-out option: https://www.facebook.com/settings?tab=ads
Data processing is carried out on the basis of a joint controller agreement in accordance with Art. 26 GDPR: https://www.facebook.com/legal/terms/page_controller_addendum

Instagram (see Meta Platforms/Facebook)
Privacy Policy: https://help.instagram.com/519522125107875
Opt-out option: see Facebook and https://www.instagram.com/accounts/privacy_and_security/
Data processing is carried out on the basis of a joint controller agreement in accordance with Art. 26 GDPR.

Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland
Privacy Policy: http://www.google.com/policies/privacy
Opt-out option: https://myaccount.google.com/privacycheckup

LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland
Privacy Policy: https://www.linkedin.com/legal/privacy-policy
Opt-out option: https://www.linkedin.com/psettings/guest-controls

Als Nächstes folgt 7) Your Rights.
Ich übersetze den jetzt direkt für dich.

7) Your Rights

As a user of our website, you always have the right to:

• Free information about the data stored about you with us in accordance with Art. 15 GDPR to the extent specified therein; and

• The right to rectification or completion of your personal data in accordance with Art. 16 GDPR;

• Restriction of processing in accordance with Art. 18 GDPR, insofar as you dispute the accuracy of the data, the processing is unlawful, but you refuse deletion, we no longer need the data, but you require it for the assertion, exercise, or defence of legal claims, or you have objected to the processing in accordance with Art. 21 GDPR;

• Receive your personal data stored with us in a structured, common, and machine-readable format or have it transmitted to another controller (data portability) in accordance with Art. 20 GDPR; and

• Deletion of your data in accordance with Art. 17 GDPR, unless further processing is necessary for exercising the right to freedom of expression and information, for fulfilling a legal obligation, for reasons of public interest, or for asserting, exercising, or defending legal claims.

You also have the right to lodge a complaint with one of the competent data protection supervisory authorities at your usual place of residence, your place of work, or at our company headquarters in accordance with Art. 77 GDPR. A list of the respective competent data protection supervisory authorities can be found here:
https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html

Your Right to Object in Detail
IF YOUR OBJECTION RELATES TO DIRECT MARKETING AND THE PROCESSING OF YOUR PERSONAL DATA FOR SUCH PURPOSES, YOU MAY OBJECT TO THE USE OF THIS DATA AT ANY TIME WITHOUT GIVING REASONS, AS DESCRIBED ABOVE. WE WILL THEN NO LONGER PROCESS YOUR PERSONAL DATA FOR THIS PURPOSE.

YOU MAY OBJECT TO THE PROCESSING OF ANY PERSONAL DATA THAT WE PROCESS TO SAFEGUARD OUR OVERRIDING LEGITIMATE INTERESTS IN ALL OTHER CASES WITH EFFECT FOR THE FUTURE IF YOU PROVIDE US WITH REASONS ARISING FROM YOUR PARTICULAR SITUATION, UNLESS WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR THE FURTHER PROCESSING THAT OUTWEIGH YOUR RIGHTS, FREEDOMS, AND INTERESTS OR THE PROCESSING SERVES THE ASSERTION, EXERCISE, OR DEFENCE OF LEGAL CLAIMS.

Jetzt fehlt nur noch 8) Contact Options, den übersetze ich dir sofort.

8) Contact Options

You can contact us at any time using the contact details provided in the imprint if you have questions about the collection, processing, or use of your data, requests for information, rectification, restriction, blocking, or deletion of data, as well as revocation of consents given or objection to a specific data use.

(V202408201120MBREV40)