Data Protection Policy (As of: March 2023)
Woizzer AG, Singapurstrasse 5, 20457 Hamburg/Germany (“Woizzer”, “we”) provides its clients (“Users”, “Clients”) with the URL www.quinbook.com (the “Website”) under the QuinBook brand a web-based administration and booking solution for activity and leisure providers (hereafter “QuinBook”) available online. The following data protection policy governs the use of the website. In principle, use of the website is possible without providing any personal data. However, if an affected person wishes to use our company‘s special services through our website, personal data processing may be required. If the processing of personal data is required and there is no legal basis for such processing, we generally obtain the consent of the concerned person.
This data protection policy explains the nature, scope and purpose of the proces- sing of your personal data (hereinafter referred to as “data”) by us and your rights
in this regard.
1. Who is responsible for data processing and to whom I can refer to
Responsible according to the General Data Protection Regulation (GDPR) is:
Woizzer AG, Mr. Heiko Fuchs, Singapurstrasse 5, 20457 Hamburg/Germany, Tel.: +49 (0)40 2288-232, E-Mail: firstname.lastname@example.org, Website: https://quinbook.com/
If you wish to object to the collection, processing or use of your data in its entirety or to individual measures in accordance with the provisions of data protection law, you should address your objection to the above-mentioned address or by e-mail to the above-mentioned e-mail address.
2. On which legal basis we process your data
In the following, we will inform you of the legal basis of our data processing in accordance with art. 13 GDPR. If the legal basis is not expressly stated in this privacy statement, the following applies: If you have given your consent to the processing of your personal data, the legal basis is art. 6 para. 1 lit. a and art. 7 GDPR. If the processing is performed to fulfil our services and implementation of contractual measures as well as answering inquiries, the legal basis is art. 6 para. 1 lit. b GDPR. If processing takes place to fulfil our legal obligations, the legal basis is art. 6 para.
1 lit. c GDPR and if processing takes place to safeguard our legitimate interests, the legal basis is art. 6 para. 1 lit. f GDPR. If processing of personal data is required to protect vital interests of the data subject or another natural person, art. 6 para. 1 lit. d GDPR is the legal basis.
If processing takes place on the basis of your consent, you can withdraw it at any time with effect for the future. You can send your cancellation by post to the above address or by e-mail to the above e-mail address.
If in the course of our processing we disclose data to other persons and companies (contract processors or third parties), transmit data to them or otherwise grant access to the data, this is done exclusively on the basis of a statutory license (For example, if a transmission of the data to third parties, such as to payment service providers, acc. art. 6 para. 1 lit. b GDPR is required to fulfil the contract). It also applies if you have consented to, or there is a legal obligation to do so, or it is based on our legitimate interests (for example, in the use of agents, web hosts, etc. acc. art 6 para. 1 lit. C GDPR applies).
In the event that we entrust third parties with the processing of data, this is done on the basis of art. 28 GDPR. (So-called. “Order processing”).
3. What data is processed Registration
Clients can register on the website www.quinbook.com. The data entered over the
course of this registration, which can be seen during entry via the registration form, include your name, address, company telephone number and e-mail address. The data is collected and stored exclusively for the use of our offer. The processing of the data is based on art. 6 para. 1 lit. a GDPR as legal basis. By registering on our site, we will also store your IP address and the date and time of your registration. This is used as a safeguard on our part in the event that a third party misuses your data and registers with this data without your knowledge on our page. There is no transfer of information to a third party. A comparison of the data collected with data which may be collected by other components of our site, is also not performed.
computer system. By using cookies, we are able to measure the frequency of page
views and general navigation. We point out that some of these cookies are trans- ferred from our server to your computer system, i.e. so-called “session cookies”.
“Session cookies” are automatically deleted from your hard disk after the end of the browser session. Other cookies remain on your computer system and allow us to re- cognise your computer system during your next visit (so-called permanent cookies). If your browser allows, you can reject cookies at any time. Please note that certain functions of this website may not be used or can only be used to a limited extent if your browser is set in such a way that no cookies (from our website) are accepted.
The hosting services we use serve to provide the following services: Infrastructure and platform services, computing capacity, disk space and database services, colla- teral and technical maintenance services we use to operate this online offer. For this purpose, we or our hosting provider process your data on the basis of our legitimate interests in an efficient and secure provision of this online offer acc. art. 6 para. 1 lit. f GDPR IAW 28 GDPR (conclusion of agreement processing contract).
Collection of access data and log files
We or our hosting provider, collect on the basis of our legitimate interests according to art. 6 para. 1 lit. f. GDPR data on every access to the server on which this service is located (so-called server log files). The access data includes the date and time of the request, the name of the requested web page, the amount of data transmitted, the message about successful retrieval, the browser type and version, the user‘s ope- rating system, the previously visited page (so-called “Referrer URL”), the IP address and the requesting provider. Logfile information is stored for a maximum of 7 days and then deleted. Data whose further retention is required for evidential purposes shall be exempted from the cancellation until final clarification of the procedure.
When contacting us (for example via contact form, e-mail, telephone or via social media), the information provided by the user for processing the contact request is carried out acc. art. 6 para. 1 lit. b GDPR. The deletion of the data takes place after the completed processing of your request.
The registered user‘s e-mail address can also be used to send an e-mail newsletter at regular intervals, containing editorial information. If you consent to the receipt of our newsletter via our website, we will collect and use your name and e-mail address as well as other voluntarily provided data for sending a newsletter. The consent is revocable at any time.
You can unsubscribe from the newsletter at any time via the link provided in the newsletter. The aforementioned data is collected, processed and used exclusively for sending the newsletter. The data shared with us for the purpose of the news- letter will be stored by us until the time of your cancellation from the newsletter and deleted after the cancellation of the newsletter. This data processing is based on art. 6 para. 1 lit. a GDPR in connection with the consent given by you.
Registration for our newsletter takes place in a so-called double opt-in procedure. Meaning, after registration you will receive an e-mail asking you to confirm your registration. This confirmation is necessary so that nobody can register with exter- nal e-mail addresses. The registration for the newsletter will be logged in order to prove the registration process according to the legal requirements. This includes the storage of the login and the confirmation time, as well as the IP address. Likewise, changes to your data stored with the dispatching service provider will be logged.
The logging of the registration process is based on our legitimate interests in acc. art. 6 para. 1 lit. f GDPR. Our interest is focused on the use of a user-friendly and secure newsletter system, which serves our business interests as well as the users‘ expectations and allows us to prove consent.
4. How safe is my data
All data that you provide to us is encrypted and transmitted for security reasons using the SSL (Secure Socket Layer) method. SSL is a trusted and global encryption system that automatically encrypts your data before sending it to us. You can re- cognise an encrypted connection by changing the address line of the browser from “http: //” to “https: //” and the lock symbol in your browser line.
5. What rights do I have as an affected person?
You can always
• Get information about the data stored or processed by us
• Request rectifications or deletion of your data
• Require restriction in the processing of your data
• Object to the processing of your data
• Demand the transferability of your data
• Submit a complaint to the data protection supervisory authority. Your competent supervisory authority is that of your place of residence.
6. How long will my data be stored
The data processed by us is deleted or limited in its processing in accordance with art. 17 and 18 GDPR. As soon as the data is no longer required for its intended use and the deletion does not conflict with any statutory storage requirements, the data stored with us will be deleted. If the data is not deleted because it is required for other and legitimate purposes, its processing will be restricted. Meaning, the data
is blocked and not processed for other purposes. This applies, for example, to data that must be kept for commercial or tax reasons. According to legal requirements in Germany, the storage takes place in particular for 6 years according to art. 257 para. 1 HGB (German Commercial Code) as well as for 10 years according to art. 147 para. 1 AO (German Fiscal Code).
7. What services and content of third parties are involved
Within our online offer based on our legitimate interests, (i.e. interest in the analysis, optimisation and economic operation of our online offer as defined in art. 6 para. 1 lit. f. GDPR) we draw on content or services offered by third parties, to include videos or fonts (collectively referred to as “content”). This always presupposes that the third-party providers of this content perceive the IP address of the users, or else not be able to send the content to your browser without the IP address. The IP address is therefore required for the presentation of this content. To prevent the transfer
of data to Google, it is possible to deactivate the respective service. To do this, you must disable the Java Script feature in your browser.
Use of reCAPTCHA
To protect entry forms on our site, we use the service “reCAPTCHA” from Google
Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043 USA, hereafter “Googl e.”
By using this service, it can be distinguished whether the corresponding input is of human origin or abused by automated machine processing.
As far as we are aware, the referrer URL, the IP address, the behaviour of the websi te
visitors, information about the operating system, browser and duration, cookies, presentation instructions and scripts, the input behaviour of the user as well as mouse movements in the area of the “reCAPTCHA” checkbox will be transferred to “Google”.
Among other things, Google uses this information to digitalize books and other prin- ted matter, as well as to optimise services such as Google Street View and Google Maps (e.g. house number and street name recognition).
The scope of “reCAPTCHA” IP addresses will not be merged with other Google data
unless you are logged in to your Google account at the time of use of the “reCAPT-CH A” plug-ins. If you want to prevent this transmission and storage of data about
you and your behaviour on our website by “Google”, you must log out of “Google” before you visit our site or use the reCAPTCHA plug-in.
The QuinBook newsletter is sent via “CleverReach”, a newsletter shipping platform of the provider CleverReach GmbH & Co. KG, Schafjückenweg 2, 26180 Rastede, Germany. The e-mail addresses of our Newsletter recipients, as well as other infor- mation described in these notes, are stored on secure data centers in the European Region. CleverReach uses this information to send and evaluate the newsletters on our behalf. Furthermore, CleverReach may, according to its own information, use this data to optimise or improve its own services, e.g. for the technical optimisation of the dispatch and the presentation of the newsletter or for economic purposes to determine from which countries the recipients come. However, CleverReach does not use the data of our newsletter recipients to write them or to pass them on to third parties.
For more information on data protection at CleverReach, please visit:
Limited Use disclosure
QuinBook use of information received from Google APIs will adhere to the Google API Services User Data Policy (https://developers.google.com/terms/api-services-user- data-policy), including the Limited Use requirements (https:// developers.google.com/terms/api-services-user-data- policy#additional_requirements_for_specific_api_scopes).