Data protection
with Cologne Guide GbR
Privacy policy
Responsible body
(hereinafter referred to as "we") within the meaning of data protection laws, in particular the EU General Data Protection Regulation, unless otherwise stated in these data protection provisions:
​
Cologne Guide - Elisabeth Gieseler & Christian Schüler GbR
Ursulakloster 20
50668 Cologne
​
Further information can be found in the imprint.
​
This information on data protection describes what happens to your personal data and why this is the case. You will also find out how your data is protected and when it is deleted and what rights you have in this regard.
​
Business purpose and processing of personal data
We process our customers' personal data exclusively for the purpose of providing our services. The legal basis for processing to safeguard our legitimate interests is set out in Art. 6 (1) GDPR. This involves the following data
-
- Name and address
-
- e-mail address
-
- telephone number
-
- account details
-
- telephone numbers
-
- IP addresses when visiting our website
-
- If applicable, access data to our customers' profiles on social networks or our customers' web providers
Processing takes place in both automated and non-automated form. According to Article 4 No. 2 GDPR, "processing" is any "operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction".
​
Data will only be disclosed to third parties if this is really necessary in the context of a contractual relationship. When processing the data provided to us as part of our service, we act in accordance with the instructions of the customer and the legal requirements of order processing in accordance with Art. 28 GDPR and do not process the data for any purpose other than the purpose of the order.
​
Server log files
When you access our website as a visitor, your IP address is recorded by our provider and stored in log files. Our provider stores the IP addresses of visitors to our website for a maximum of two weeks to detect and defend against attacks. The provider of our website automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are
​
-
- Browser type and browser version
-
- Operating system used
-
- Referrer URL
-
- Host name of the accessing computer
-
- Time of the server request
This data cannot be assigned to specific persons. This data is not merged with other data sources. The data is stored for security reasons, e.g. to be able to clarify cases of misuse. We reserve the right to check this data retrospectively if we become aware of specific indications of unlawful use.
​
Collection, processing and forwarding of personal data in the event of a booking
In this case, we process personal data insofar as this is necessary for the fulfillment of our service, in accordance with Art. 6 GDPR. The same applies to the initiation of contractual relationships. Personal data is passed on if required by law or as part of contractual processes.
​
Contact form
If you send us inquiries via the contact form, your details from the inquiry form, including the contact data you provide there, will be stored by us for the purpose of processing the inquiry and in the event of follow-up questions. We will not pass on this data without your consent.
​
Inquiries and contact by email or telephone
If you contact us by email or telephone, we will store and process your request, including all resulting personal data (name, email address, request) for the purpose of processing your request. We will not pass on this data without your consent.
​
Service of third parties
If we use third parties (processors) to process personal data, this is done on the basis of legal permission. Cooperation with business partners or service providers is governed by an order processing contract. If this is not possible, third parties are obliged to comply with data and business secrecy.
​
Your rights
If you wish to assert any of the following rights, please contact us:
​
-
- Right of revocation pursuant to Art. 7 para. 3 GDPR
-
- Right to information in accordance with Art. 15 GDPR, if you would like to know what data we have stored about you
-
- Correction in accordance with Art. 16 GDPR, if your data has changed
-
- Erasure in accordance with Art. 17 GDPR
-
- Restriction of processing in accordance with Art. 18 GDPR
-
- Data portability in accordance with Art. 20 GDPR
-
- Objection pursuant to Art. 21 GDPR for processing pursuant to Art. 6 para. 1, lit. e. and f.
-
- Right to lodge a complaint with the competent supervisory authority pursuant to Art. 77 para. 1 f GDPR
The competent supervisory authority is
​
State Commissioner for Data Protection and Freedom of Information
North Rhine-Westphalia
Kavalleriestraße 2-4
40213 Düsseldorf
Phone: 0211 38424-0
Fax: 0211 38424-10
E-mail: poststelle@ldi.nrw.de
​
Deletion of data and storage period
Unless otherwise stated, your data will be deleted as soon as it is no longer required. Your data will also be blocked or deleted if a storage period prescribed by law expires, unless there is a need for further storage of the data for the conclusion or fulfillment of a contract or there is a retention period for legal reasons.
​
Security measures
Security measures are taken in accordance with legal requirements, taking into account the state of the art and weighing up the implementation costs and the type, scope, circumstances or purpose of the processing as well as the different probability of occurrence and the severity of the risk to the rights and freedoms of natural persons.
SSL or TLS encryption is used to protect the transmission of incoming and outgoing requests.
​
Cookies: Banner and guidelines
Cookies are small text files that are stored in a browser folder. When you visit our website, you can choose which cookies you wish to allow. The following types of cookies are used:
​
1. strictly necessary cookies
Cookies of this type enable basic functions. They are necessary for the website to function properly. It is not possible to deactivate them. The cookies are only used by the operator of the website (first-party cookie).
2. functional cookies
Functional cookies are important if the website provides certain functions and stores information entered by the user (e.g. name entry, language selection). This enables personalized functions.
3. performance cookies
Performance cookies collect information about how a website is used. In this way, the attractiveness, content and functionality of the website can be improved.
4. third party cookies
Marketing or third party cookies originate from external advertising companies, for example. They are used to collect user information. They enable target group-oriented advertising.
You can find out more about this in our cookie policy.
​
Deactivating or deleting all cookies
You have the option of adjusting your personal cookie settings or generally deactivating cookies in your browser. You can prevent cookies from being stored on your end device. You can delete cookies that have been set at any time. You can find information on this in the help function of your web browser.
​
Web hosting
Online platform for the creation of websites: Wix
Hoster: one.com
one.com privacy policy
​
Social media
It is currently not legally clear whether or to what extent social media offer their services in accordance with European data protection regulations. We would therefore like to point out that the services we use, such as Facebook, store the data of their users in accordance with their own data usage guidelines and use it for business purposes.
​
We have no influence on data collection and further use by social networks. We have no knowledge of the extent to which, where and for how long data is stored, whether social networks comply with their deletion obligations, whether the data is analyzed or linked and to whom the data is transmitted.
In addition, the terms and conditions and the following data processing guidelines of the respective operators apply when accessing these profiles:
​
​
Google Fonts
This site uses fonts provided by Google. At Wix, these Google fonts are hosted internally, not on Google's servers. This means that there is no connection to Google servers and therefore no data transfer or storage. You can find out more about how Wix uses Google Fonts here.
You can find more information about Google Fonts here and in Google's privacy policy.
​
Third party services
Booking tools
We use the Regiondo booking system to distribute our offers.
​
You can find out more about data protection at Regiondo here.
​
When you make a booking on our website, you agree to the storage and processing of your personal data by Regiondo. Your personal data will be forwarded to Regiondo and processed. This storage and processing of data is for the purpose of supporting and processing your orders, authenticating you, processing payment transactions and improving the services of Regiondo and Cologne Guide.
​
Services for payment
We use Stripe and PayPal as payment service providers.
You can find out more about data protection at Stripe here.
You can find out more about data protection at PayPal here.
​
Booking portals
Some of our offers can be booked on booking portals. The personal data collected there for the purchase (binding booking) of a city tour with Cologne Guide via the booking portal is partly forwarded to Cologne Guide for the execution of the city tour and contractual processing with the booking portal and stored by the portal.
​
The personal data will be deleted by Cologne Guide and the cooperation partners of Cologne Guide if they are no longer required or if the deletion does not conflict with any statutory retention obligations. Personal data will not be passed on to third parties by Cologne Guide. The privacy policies of the respective booking portals apply.
​
​
​
​