Privacy policy in accordance with DSGVO - General Data Protection Regulation GDPR

Solely the German version of this policy is binding. The English version is for informational purposes only.

Entity responsible for the processing of your personal data (controller):

City of Bamberg
Oberbürgermeister (Mayor) Andreas Starke
Maximilianplatz 3
96047 Bamberg
Germany
tel. +49 951 87-0
E-Mail: info@bamberg.info
Website: www.bamberg.info

By using our website, you agree that the BAMBERG Tourismus & Kongress Service (may be referred to as "TKS" in the remainder of this policy) as the operator of this website, collects, processes and uses the data listed below in the manner described in this policy. At the same time, this privacy policy informs you about the nature, purpose and scope of the collection and use of personal data through our offer.

1. Type, scope and purpose of the collection, processing and use

2. Method of optimization

3. Additional applications of our offer (third party and social media)    

4. Safeguarding of your rights as an affected party

5. Contact for further questions / suggestions on data protection

1. Nature, scope and purpose of the collection, processing and use

The protection of your privacy and personal data is very important to us. Personal data is information that allows inference to a specific person. For example, names, contact details, but also photos, information about interests and hobbies or memberships. We collect, process and use your personal data only in the context of statutory provisions (in particular DSGVO/GDPR, BDSG, TKG) or with your consent.

System-collected data and protection of your personality

When you visit this website, the browser used on your device automatically sends information to the server of our website. This information is temporarily stored in a so-called log file. The following information is collected without your intervention and stored until automated deletion:

- IP address of the requesting computer

- Date and time of access

- Name and URL of the retrieved file

- Website from which access is made (referrer URL)

- Used browser and, if applicable, the operating system of your computer as well as the name of your access provider.

The data mentioned is processed by us for the following purposes:    

- Ensuring a smooth connection of the website

- Ensuring comfortable use of our website

- Evaluation of system security and stability as well as for further administrative purposes

The legal basis for data processing is Art. 6 (1) 1 f DSGVO/GDPR. Our legitimate interest follows the data collection purposes listed above. In no case do we use the collected data for the purpose of drawing conclusions about you.

Inquiries & Newsletter

If you wish, we will send you current information and information about our services and products. When contacting us, for example by order form, comment field, in person, by e-mail, fax or telephone, we store and use your information in the context of the stated business purpose or to process your request. By registering for one of our newsletters, we save the IP address and date of registration. This serves as proof, in the event that a third party misuses your e-mail address and, for example, signs up for the newsletter without the authorized person's knowledge.

You can sign up for various newsletters, for which we need your email address. In addition, we ask for the salutation and your first and last name, in order to offer you the best service possible (for example, in the form of the correct name by which we address you).

By completing and submitting the form, you consent to the collection, processing and use of your data as described above. You have the right to revoke your consent for the future at any time, without cause. Please contact us by e-mail at info@bamberg.info.

Bookings & Reviews

Recording function

If you would like to use our webstore, our online booking system or another application that is specially protected on the basis of sensitive data, we require - in some cases prescribed by law - mandatory information on the registration or processing of your order. Mandatory fields are marked accordingly and follow the requirement of data economy. If your consent to the collection and use of your information is required, you will be notified of your privacy before submitting your information. The data transmission is encrypted according to the current security standard.

Payment function

For fee-based offers you usually have the choice between different payment options. For processing by direct debit or credit card, for example, when making hotel reservations or booking our products, the certified Swiss payment partner "Datatrans AG" is responsible. Your relevant data will be transmitted by you, solely for the agreed purpose. For this purpose, our offer includes a specialized payment platform.

Of course, the data transmission is encrypted according to the current security standard. In addition, the procedures of both payment partners fulfill the requirements of the Payment Card Industry Data Security Standard (PCI DSS).

Data transfer

We process the data received for the purpose of optimal customer service in cooperation with all TKS departments affected. In this way, we can save you unnecessary multiple data entries and provide exactly one contact person for your specific request, who can give you competent advice. A transfer of your personal data to third parties for purposes other than those listed below does not take place.

We only share your personal information with third parties if:     

- You have given consent according to Art. 6 (1) 1 a DSGVO/GDPR

- The disclosure pursuant to Art. 6 (1) 1 f DSGVO/GDPR is required to assert, exercise or defend legal claims and there is no reason to believe that you have an overriding interest in not disclosing your data

- In the event that disclosure pursuant to Art. 6 (1) 1 c DSGVO/GDPR is a legal obligation

- This is legally permissible and, according to Art. 6 (1) 1 b DSGVO/GDPR, is required for the settlement of contractual relationships with you.

Processing of personal data outside the European Union (EU) or the European Economic Area (EEA) does not take place, and is not planned, unless explicitly stated below, on an individual case basis.

Customer satisfaction

As part of your online, oral, written, telephone, fax or e-mail bookings, we offer you the opportunity to evaluate the services you use and our service. You will receive an e-mail with a link after your stay, which will forward you to our short questionnaire. The evaluation is voluntary and anonymous and serves the purpose of quality assurance of our products and services.

Mobile usage

We point out that when using our services with mobile devices (such as cell phones, smartphones, tablets) accurate location data may be collected, used and passed on due to technical reasons, including the geographical location of your device. In addition, further data may be collected, processed and used within the scope of the conditions of use of your respective telecommunications provider.

2. Procedure for optimizing our offer

The use of our internet pages is basically possible without providing personal data. All the elements below work at least with the pseudonymized form of your data because we do not combine user behaviour information with the user profile. In this way, even an IP address remains a pseudonym in any case.

Cookies

We use cookies on our site. These are small files that your browser automatically creates and that are stored on your device (laptop, tablet, smartphone, etc.) when you visit our site. Cookies do not damage your device, do not contain viruses, Trojans or other malicious software.

Information is stored in the cookie, resulting only in a connection to the specific, local machine used. However, this does not mean that we are immediately aware of your identity.

On the one hand, the use of cookies serves to make our website more user friendly. For example, we use so-called session cookies to recognize that you have already visited individual pages on our website. These are automatically deleted after leaving our page.

In addition, to improve usability, we also use temporary cookies that are stored on your device for a specified period. If you visit our site again to take advantage of our services, it will automatically recognize that you have already been with us and what inputs and settings you have made, so you do not have to re-enter them.

On the other hand, we use cookies to statistically record the use of our website and to evaluate it for the purpose of optimizing our site (see Section 5). These cookies allow us to automatically recognize when you visit our site again, that you have already been with us. These cookies are automatically deleted after a defined time.

The data processed by cookies are for the purposes mentioned, in order to safeguard our legitimate interests as well as third parties pursuant to the requirements of Art. 6 (1) 1 f DSGVO/GDPR.

Most browsers accept cookies automatically. However, you can configure your browser so no cookies are stored on your computer or a note always appears before a new cookie is created. However, disabling cookies completely may mean that you cannot use all the features of our website.

Additional cookies may vary depending on use, e.g. plug-ins (currently used by WordPress). These cookies are snippets of code that help, for example, retrieve data ​​from the address of the website (URL), link data ​​to WordPress, or record forms. This device-related information enables us to analyze the use of our services without reference to specific persons and to recognize your used device during the next visit. This makes it easier for you to use our website and gives us the opportunity to refine our offer for you. The collected data will not be merged with personal data about the bearer of the pseudonym. Your information will not be passed on to third parties.

External services

Google Analytics

We use Google Analytics, a web analysis service of Google Inc. (https://www.google.de/intl/de/about/, Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland; in the following referred to as “Google”), for making our websites more user friendly and optimizing them constantly. In this process, pseudonymized usage profiles are created and cookies are used. Information on your usage of this website created by cookies, e.g.

  • the browser kind/version
  • the used operating system
  • the referrer URL (the page that has been visited previously)
  • the host name of the accessing PC (IP address)
  • and the server request time

is transmitted to a Google server in the USA and stored on it. Information is used to evaluate the website usage, compile reports about website activities and develop other services associated with website and Internet usage with the purpose of carrying out market researches and structuring these websites according to users’ needs. If it is prescribed by law or these third parties are entrusted with the processing of this data specifically, this information may also be transmitted to third parties. In no case will Google associate your IP address with other data. IP addresses are anonymized in order to avoid any possible association.

If you do not want cookies to be installed, you can setup your browser software accordingly. However, this may restrict some functionalities of this website.

You can also prevent Google from collecting and processing data on your usage of this website that have been obtained through cookies (e.g. your IP address). In this case you need to download and install a specific browser add-on (https://tools.google.com/dlpage/gaoptout?hl=de)

Further information on data protection, with reference to Google Analytics is available in the support area of Google Analytics (https://support.google.com/analytics/answer/6004245?hl=de)

As far as your actual browser session is concerned, you can disable the web analysis of Google Analytics completely by clicking the following buttons:

Font service

This website uses fonts.com, a font service provided by Monotype Imaging Holdings Inc. („fonts.com“), Monotype GmbH, Horexstraße 30, 61352 Bad Homburg, Germany. Each time this website is accessed, files are uploaded from a fonts.com server in order to portray texts in a specific font. Your IP address may be transferred to a fonts.com server in the process and stored in the context of the usual weblogs. fonts.com is responsible for the subsequent processing of this information; please refer to the data use policy of „Monotype Imaging Holdings Inc.)“ for the relevant conditions and settings https://www.monotype.com/legal/privacy-policy/

For your current browser session, you have the option of disabling the font service completely by means of the following buttons.

3. Additional applications of our Website offers (third parties & social media)

We partially enhance our website offers for you by linking to carefully selected third-party providers. TKS cannot take responsibility for their content or privacy policy. For technical reasons, third parties also receive your IP address. In your interest we strive to offer only content from providers who use the IP address only to deliver the content. However, we have no control over the third parties who receive the IP addressess, for instance, if they save data for statsitical purposes. If we have facts on this issue, we will clarify our position.

4. Safeguarding your rights as an affected party

You have the following rights:  

- In accordance with Art. 15 DSGVO/GDPR, to request information about your personal data processed by us. In particular, you can request information on the processing purposes, the category of personal data, the categories of recipients to whom your data has been disclosed or the planned storage period, the right to rectification, deletion, limitation of processing or opposition, the existence of a right to complain, the source of the data, if not collected by us, and the existence of automated decision-making, including profiling and, where appropriate, meaningful information about their details.    

- In accordance with Art. 16 DSGVO/GDPR to demand the rectification of incorrect or the completion of personal data stored by us immediately.   

- In accordance with Art. 17 DSGVO/GDPR, to demand the deletion of your personal data stored by us, except where the processing is needed to exercise the right to freedom of expression and information, for the fulfillment of a legal obligation, for reasons of public interest or for the assertion, exercise or defense of legal claims.   

- In accordance with Art. 18 DSGVO/GDPR to demand the restriction of the processing of your personal data, as far as the accuracy of the data is disputed by you, the processing is unlawful, but you reject their deletion while we no longer need the data, but you do to assert, exercise or defend legal claims or you have objected to the processing in accordance with Art. 21 DSGVO/GDPR.

- Pursuant to Art. 20 DSGVO/GDPR to obtain your personal data provided to us in a structured, common and machine-readable format or to request transmission to another person who is responsible. 

- Pursuant to Art. 7 (3) DSGVO/GDPR to revoke your once granted consent to us at any time. As a result, we are no longer allowed to continue the data processing, based on this consent, for the future.

- According to Art. 77 DSGVO/GDPR to complain to a supervisory authority. As a rule, you can contact the supervisory authority of your usual place of residence or workplace or our registered office.

Right of objection

If your personal data is based on legitimate interests, in accordance with Art. 6 (1) 1 f DSGVO/GDPR and is processed, you have the right to file an objection against the processing in accordance with Art. 21 DSGVO/GDPR, provided that there are reasons for this, arising from your particular situation or the objection is directed against direct mail. In the latter case, you have a general right of objection, which is implemented by us without stating any specific situation.

If you would like to exercise your right of revocation or objection, please send an e-mail to info@bamberg.info. If necessary, we ask you to prove your identity in order to ensure that the assertion of rights is exercised by you (and not by unauthorized third parties).

Data security

We use the widely used Secure Socket Layer (SSL) method in conjunction with the highest level of encryption supported by your browser. In general, this is a 256-bit encryption. If your browser does not support 256-bit encryption, we'll use 128-bit v3 technology instead. Whether a single page of our website is encrypted is shown by the closed representation of the key or lock icon in the lower status bar of your browser.

We also take appropriate technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or total loss, destruction or unauthorized access by third parties. Our security measures are continuously improved in line with technological developments.

Currency and changes of this privacy policy

This privacy policy is currently valid (as of May 25, 2018). Due to the further development of our website and offers, or due to changed legal or regulatory requirements, it may be subject to change. The current privacy policy can be accessed and printed on the website at any time.

5. Contact for further questions / suggestions on data protection

Data protection officer of the City of Bamberg

Mr. Bernd Bauer-Banzhaf
Untere Sandstraße 34
96049 Bamberg
Germany

tel. +49 951 87-1130
E-Mail datenschutz@stadt.bamberg.de