Data protection declaration
Data protection declaration
When it comes to your personal details, we want you to feel safe on Adrialin d.o.o.’s website (www.kroatien-adrialin.de).
We would like to inform you of how your data is used by us and how you can exercise your rights.
1. Name and contact details of persons responsible and representative
Person responsible for personal data pursuant to Article 4 para. 7 GDPR
Telefonnummer: +49 (0)7255 9880 0
Geschäftsführer: Josip Šojat
2. General information for visitors to this website
As part of the booking process, certain cookies from your browser are stored onto your computer's hard drive. These are small text files which you can delete at any time. Most web browsers automatically accept cookies. You can individually change your browser settings.
You can set your browser so that it informs you when cookies are used, allowing you to accept or reject the cookies in each individual case. If a cookie is not accepted, the functionality of our website may be restricted.
The following cookies remain after your browser session:
-pid: This is a cookie which is only stored if you visit a partner site linked to Adrialin. Only the partner's identification number will be stored. Duration: 30 days
-reference: This cookie is stored when you are redirected to our website after clicking on one of our offers on Trivago. The arrangement of offers on Trivago for the actual booking should be possible on our website. A combination of letters and numbers will be stored but no additional personal data. Duration: 30 days
-utm_term: This cookie is used if you are transferred to our website via a HomeToGo web page. The click ID that transferred you to us is saved. This does not reference any personal data but is used by HomeToGo for internal statistics (e.g. booking market, which property was selected, which filters were used, etc.). Duration: 30 days
-first: This is a cookie which is generated upon the first visit to our website. It contains the URL of the site from which you came provided you clicked on a link from a third-party website directing you to our siten. Duration: 90 days
-oldOrder: This is a cookie which is stored if you click on the email link for alternative offers after refusing a booking. This allows us to recognise if you are creating a new booking with us as an existing customer. Duration: 30 days
These cookies serve to monitor the success of marketing campaigns. Without this data it is impossible for us to evaluate marketing campaigns and manage them accordingly. This data is processed in accordance with Article 6, para. 1, sentence 1, letter f) GDPR. Adrialin GmbH pursues the legitimate interests of evaluating the success of its advertising campaigns and manages them accordingly. Since data is only used from persons who have expressed their interest in our offers and services, this in no way affects the fundamental rights of individuals concerned.
-lng: This is a cookie which is stored in the customer's language. Duration: 1 year
-booking: This is a cookie which is generated once you confirm and submit your details in the basic or detailed search or when calculating the price of a holiday property. This remembers your choices during this and subsequent visits. Duration: 30 days
-merkzettel: This is a cookie which is used when the customer adds a property to their wish list. The contents are the item numbers of the selected properties. Duration 30 days
These cookies serve to improve the user-friendliness of our website. This data is processed in accordance with Article 6, para. 1, sentence 1, letter f) GDPR. Adrialin GmbH pursues the legitimate interests of optimising the user-friendliness of its website in order to increase its travel sales. Since data is only used from persons who have expressed their interest in our offers and services, this in no way affects the fundamental rights of individuals concerned.
2.2. Google Analytics
In order to improve our offers we collect statistical data regarding its use. For this reason we use the Google Analytics service. This ensures that no connection is made to the abovementioned cookies. Google requires that we submit the following declaration:
Data will be deleted after 26 months.
2.3. Google Remarketing
2.4. Google AdWords
2.5. Google reCAPTCHA
2.6. Purpose of processing and legal bases for Google services
We use the Google Remarketing and Google AdWords services in order to monitor and control the success of our marketing campaigns. This is not possible without the provision of data.
We use Google Analytics for the purpose of acquiring information about the use of our site in order to optimise the user-friendliness of our website.
We use Google reCAPTCHA in order to protect our forms from misuse or hackers and thereby ensure the security of your personal data.
As an online travel agency we have an invested interest in monitoring and controlling our marketing campaigns, acquiring information about the use of our website and preventing it from being misused. Article 6, para. 1, sentence 1, letter f) of the GDPR forms the legal basis for the processing of data.
2.7. SSL encryption
Thanks to high-performance SSL encryption technology (Secure Sockets Layer) as well as PCT security standards (Private Communication Technology) supported by all major browsers, all of your transactions are protected. SSL encrypts your personal data before it is sent via the internet. This makes online business transactions as secure as telephone transactions. If your browser does not support secure transactions or you do not wish to carry out transactions online, you can place your order by calling +44 (0)203 499 6238 from Monday to Friday (excluding bank holidays) from 9 am to 6 pm. One of our employees will take your details in person.
2.8. Links to other sites
3. Facebook Fanpage
Personal data is collected about you when you visit our Facebook fan page. If you are logged in, this is your profile information on Facebook. In all cases this is your IP address and browser information. These data are processed by Facebook Ireland and us as the joint parties responsible. Read the agreement regarding this here at: https://www.facebook.com/legal/terms/page_controller_addendum
4. Processing customer and prospective customer data
4.1. Purpose and legal bases of data processing, consequences of non-provision of data and duration of storage
4.1.1. Contact form on our website and emails
Your communication data and messages sent via the contact form on our website or by email are used by us for the purpose of processing your request regarding a particular travel offer or your booking, the creation of offers upon request and for follow-up questions and stored for a period of 6 years. Collection, storage and transfer takes place for the purpose of precontractual measures at the request of the individual and for the fulfillment of the individual's contract pursuant to Article 6, para. 1, sentence 1, letter b GDPR. By withholding this data from us it is impossible for us to answer any queries you may have.
4.1.2. Data you submit upon making a booking
Upon booking you will be required to supply us with your surname, first name as well as the surname and first name of any co-travellers, your address, communication information, dates of birth, and the age of any children if applicable as well as your payment details.
The IP address will also be logged and saved.
If the booking is made via a travel agency rather than by you directly, this data will be passed on to us by the travel agency.
These details are required for concluding the agreement.
These are used for the following purposes:
Fulfilment of the travel agreement concluded with us
Booking, re-booking and cancellation of travel services with service providers
Invoices, electronic payment transactions and credit card payments, reminders, debt collection, invoicing with service providers
Booking confirmation, recording guest requirements, complaints, damage claims (travel cancellation insurance), creation of travel documents
Guest surveys and marketing campaigns
Evaluation of travel services and our services, information about travel offers
Data collected for the fulfilment of the travel agreement, invoicing and provision of services will be processed on the legal basis of fulfilment of a contract or pre-contractual measures pursuant to Article 6, paragraph 1, sentence 1, letter b GDPR. If this data is not provided we will be unable to book the desired travel services with the service provider for you, to respond to your enquiries, send you travel documents or fulfil the travel agreement concluded with you.
Article 6, paragraph 1, sentence 1, letter f) forms the legal basis for the purpose of guest surveys and marketing campaigns. Adrialin GmbH has a legitimate interest in allowing customers to review the travel services booked and the company's services for the purposes of quality assurance and to advertise its travel offers for the purpose of increasing sales. Since review requests and travel offers are only sent to existing customers who have already expressed an interest in our offers and services, it cannot be assumed that the statutory rights of the individual concerned have been affected. Without the provision of this data, it is not possible to review our service and/or deliver the booked travel services and provide you with travel offers. You may however opt out from submitting this information without incurring any additional costs other than the basic tariffs by sending an email to firstname.lastname@example.org Upon receipt of your objection we will refrain from sending any more content.
Contract details are stored for a period of 6 years. The statutory storage period for invoices and financial transactions is 10 years.
4.2. Recipient of the data
Your details will be stored in our back-end systems. Our employees, as well as employees in our parent and subsidiary companies, have access to these data since they are responsible for customer service and require access to your booking and details for this purpose. Our tax advisor will also require access to this information since they are responsible for our accounting and need access to our system in order to book incoming payments. The transfer of your data in this instance is part of a legal basis for the fulfilment of the contract and fulfilment of a legal obligation that we are subject to as the responsible party (Article 6, paragraph 1, sentence 1, letters b and c GDPR).
Depending on which offer you book with us, your personal details will be passed on to the service provider (lessor, hotels, airlines, consolidators, incoming agencies, bed databases, rental car providers) either directly or via booking systems and technical providers. In this case, the transfer of your data will also depend on fulfilment of the travel contract with you (Article 6, paragraph 1, sentence 1, letter b GDPR).
Invoicing and payment data is passed on to technical providers, financial institutes and payment service providers as well as tax authorities if required. The legal basis for transferring your data to technical providers, financial institutes and payment service providers forms the fulfilment of the travel agreement with you (Article 6, paragraph 1, letter b GDPR). The transfer of data to accounts and, where required, tax authorities depends on the fulfilment of a legal obligation on our part pursuant to Article 6, paragraph 1, sentence 1 letter c GDPR.
Should you fail to meet your payment obligation, your data will be passed on to a collection service after a corresponding reminder. In the event of a legal dispute data may be passed on to a lawyer or court. Your data will be passed on for operational purposes based on Article 6, paragraph 1, sentence 1, letter f GDPR.
For customer survey purposes, data may be passed on to Trustpilot A/S, Pilestrædet 58, 5, 1112 Copenhagen, Denmark and to TÜV Saarland Holding GmbH, Am TÜV 1, 66280 Sulzbach/Saar, Germany. Data will be transferred within the scope of the legitimate interests of Adrialin GmbH and Adrialin Blue GmbH based on Article 6, paragraph 1, sentence 1, letter f GDPR.
Where service providers and booking systems are used to transfer your data, these are carefully selected by us, receive a written mandate and are bound to comply with our instructions. They are regularly monitored by us. Service providers will not pass this data on to third parties but instead will delete them once the contract has ended or upon expiry of the statutory storage period provided you have not consented to an extended storage period.
4.3. Data transfer to third countries
Your data will be collected and processed at our headquarters in Switzerland. Data transfer within Switzerland is permitted pursuant to Article 45, paragraph 1 GDPR since the European Commission has concluded that Switzerland offers an appropriate level of protection. Our parent and subsidiary companies and the tax office which has access to our back-end systems as well as technical providers and service providers to whom your data is transferred are exclusively situated within the European Union. Nonetheless, it is possible depending on your travel destination that our service providers may need to pass your data on to authorities or third country companies in order to fulfil the travel agreement. In this case the transfer of your personal data will depend on the exemption clause of Article 49, paragraph 1, letter b) GDPR since this is required for the fulfilment of the travel agreement.
5. Processing of data by business partners and their employees
5.1. Purpose and legal bases of data processing, consequences of non-provision of data and duration of storage
5.1.1. Travel agencies and free agents
As a travel agency or free agent you have the option of registering for an agency login on our website. Data which you send us in connection with this is used by us in order to contact you in good time regarding confirmed bookings and for invoicing and payment purposes. Your data will be processed on a legal basis for fulfilment of a contract or pre-contractual agreement pursuant to Article 6, paragraph 1, sentence 1, letter b) GDPR. Without the provision of data it is not possible as a travel agency to submit a booking to us and receive commission for the travel services arranged. Contract details will be deleted 6 years after the contract has finished. A statutory storage period of 10 years shall apply to commission invoices and financial transactions.
5.1.2. Service providers: lessors, hotels, partner agencies, bed databases, rental car providers
Data that you provide us with as a service provider will be used by us for the purposes of making convenient contact with regard to individual aspects of the contractual relationship, a confirmed booking, the creation of travel documents for our customers and for invoicing and booking payments. Your data will be processed on a legal basis for fulfilment of a contract or pre-contractual agreement pursuant to Article 6, paragraph 1, sentence 1, letter b) GDPR. If data is not provided we are unable to book travel services for our customers and pay you the agreed fees for any bookings. Contract data is deleted after 6 years following the end of the contractual relationship. A statutory storage period of 10 years applies to service provider invoices and financial transactions.
5.1.3. Other business partners
As a business partner, you will often provide us with the contact details of your employees. These are stored and used to quickly respond to individual contractual provisions or for general queries. Processing depends on the legal basis of the fulfilment of the contract or pre-contractual measures pursuant to Article 6, paragraph 1, sentence 1, letter b) GDPR. Without the provision of these data it is not possible for us to easily contact you. Your data will be deleted upon changing a contact person or at the latest 6 years after the contract has ended. Invoices and financial transactions will be legally stored for a period of 10 years.
5.2. Recipient of the data
Your data as a travel agency, free agent or service provider is stored in our back-end systems. Our employees, as well as employees at our parent and subsidiary companies, have access to this data since they are responsible for supporting agencies and service providers and require access to your data as a result. The transfer of your data to these sites will depend on fulfilment of the travel contract with you pursuant to Article 6, paragraph 1, sentence 1, letter b) GDPR. Our accountant also requires access to this information since they oversee the entering of commission and service provider invoices into the books and pay the corresponding amounts to you. Data is passed on for the purpose of fulfilling our legal obligations (Article 6, paragraph 1, sentence 1, letter c) GDPR).
As a service provider, you will generally provide us with the coordinates of your property. We use this to display the locations on our website and on Google Maps, and to advertise them accordingly. These are also passed on to our customers together with your name, address, contact details where required and travel information with the travel documents so that they can easily find the booked property. Transfer of your data will take place as part of the fulfilment of your contract and on the basis of Article 6, paragraph 1, sentence 1, letter b) GDPR.
As another business partner, the contact details of your contacts will be stored by one of our employees in their email management programme. This ensures that only this aspect of your personal data can be processed. Transfer to any other providers will only take place with your consent.
Invoicing and payment details will be passed on to technical providers, financial institutes and payment service providers for the purpose of fulfilment of the contract pursuant to Article 6, paragraph 1, sentence 1, letter b) GDPR. This data will also be passed on to our tax advisor for accounting purposes and to the tax authorities if required. The basis for transferring your data forms the fulfilment of a legal obligation on our part pursuant to Article 6, paragraph 1, sentence 1, letter c) GDPR.
In the event of a legal dispute data may be passed on to a lawyer or court. Your data will be passed on for the purposes of operational interests based on Article 6, paragraph 1, sentence 1, letter f) GDPR.
Where technical service providers are required for transmitting your data, these are carefully selected by us, have received a written mandate and are bound to follow our instructions. These are regularly monitored by us. Service providers will not pass on this data to third parties, but instead will delete them upon completion of the contract and upon expiry of the statutory storage period provided you have not consented to an extended storage period.
5.3. Data transfer to third countries
Your data will be collected and processed at our headquarters in Switzerland. Data transfer within Switzerland is permitted pursuant to Article 45, paragraph 1 GDPR since the European Commission has concluded that Switzerland offers an appropriate level of protection. Our parent and subsidiary companies as well as the tax office who have access to our back-end systems are based exclusively in the European Union.
6. Your data protection rights
You are entitled at any time to request information about the personal data we have stored about you (Article 15 GDPR). This also concerns the recipients or categories of recipients to whom this data is passed on and the purpose of storage. You furthermore have the right under the conditions of Article 16 GDPR to correct and/or delete pursuant to Article 17 GDPR and/or limit processing of your data pursuant to Article 18 GDPR. Furthermore, you can request data transmission at any time under the provisions of Article 20 GDPR provided we still have these data stored.
In the event of processing of personal data for fulfilling a task in the general public interest (Article 6, paragraph 1, sentence 1, letter e) GDPR) or for fulfilling legitimate interests (Article 6, paragraph 1, sentence 1 letter f) GDPR) you can revoke your consent to the processing of your personal data at any time with immediate effect. In the event of an objection we shall refrain from processing your data further for the abovementioned purposes unless
- there are compelling and legitimate reasons for processing this data which outweigh your interests, rights and liberties, or
- This is required for asserting, exercising or defending legal claims.
Under the conditions of Article 21, paragraph 1 GDPR, the processing of data can be revoked for reasons arising from an individual's particular situation.
You also have the option to lodge a complaint with the Federal Data Protection and Information Commissioner (www.edoeb.admin.ch) with regards to data protection issues.
Based on legal framework conditions we are not obliged to appoint a data protection officer. Please email all requests for information, accommodation enquiries, cancellations or opposition to data processing to email@example.com or by letter to the address under section 1. For more information please see the full GDPR document available online at https://gdpr-info.eu.
In cooperation with
Secure payment with