Privacy Policy

Information regarding data protection (privacy policy)

This privacy policy informs you how your personal data is collected and processed when you use our website or contact us by email, telephone or using a contact form. For the purposes of this policy, “personal data” is deemed to be all data that can be referenced to you personally, for example your name, address, email addresses and user behaviour.

I. Contact information for the controller and data protection officer

1. The controller as per the EU General Data Protection Regulation (GDPR), s 4(7), is AugustusTours e. K., owner Anke Herrmann, Turnerweg 6, 01097 Dresden, Germany, +49 (0) 351 563 480, This email address is being protected from spambots. You need JavaScript enabled to view it. (please also refer to our legal notice at https://www.augustustours.de/en/privacy-policy.html).

2. Our data protection officer is the lawyer Christian Krösch, SLK Compliance Services GmbH, Königsbrücker Straße 76, 01099 Dresden, Germany, +49 (0) 351 896 763 60, This email address is being protected from spambots. You need JavaScript enabled to view it..

 

II. General information on the collection, passing on and storage of personal data

1. We process your personal data as per the terms of the GDPR, the German Data Protection Act (BDSG) and all other relevant, definitive laws.

2. Data processing is primarily necessary for the establishment and performance of contracts between us and you. If you contact us by email, telephone or using a contact form, the information you disclose (e.g. your email address, and, where applicable, your name and telephone number) will be stored by us in order to enable us to answer your questions. The prerequisites for the processing and storage of your personal data in this way are defined in GDPR, s 6(1)(b). In addition, it may be permissible to regard separate consent given by you as per GDPR, s 6(1)(a) and 7, as a statement of consent to our privacy policy. We will also process your data in order to fulfil our legal obligations in the fields of commercial and tax law in particular. Data processing for this purpose occurs as per GDPR, s 6(1)(c). Where necessary, we will also process your data as per GDPR, s 6(1)(f), in order to protect the legitimate interests of AugustusTours or third parties.

3. Your personal data will not be passed on to third parties for any purpose other than those described in the following. We will only pass your data on to third parties if you have given your explicit consent to the passing on of your personal data as per GDPR, s 6(1)(a), if the passing on of your personal data is necessary for the assertion, exertion or defence of legal rights as per GDPR, s 6(1)(f) and there is no reason to assume that you have an overriding, protection-worthy interest in the non-communication of your data, or if the passing on of your personal data is a legal obligation as per GDPR, s 6(1)(c), legally permissible and necessary for the performance of a contract as per GDPR, s 6(1)(b).

4. If we wish to commission subcontractors to perform individual elements of our products and services or use your data for advertising purposes, we will inform you in detail of the processes involved at the bottom of the description of the respective offer. We will also inform you of the storage periods involved.

5. We will delete your personal data as soon as it is no longer required for the following purposes. Once our contractual relationship has ended, we will store your data for as long as we are legally obliged to do so. Storage periods are generally governed by legal obligations to perpetuate evidence and store data as defined in statute such as the German Commercial Code (Handelsgesetzbuch) and German Tax Code (Abgabenordnung). Storage periods can be up to ten years in duration. Personal data may also need to be stored until such time as claims can no longer be made against us (here: a statutory period of limitation of between three and thirty years).

 

III. Collection of personal data on our website

1. Data collected when you visit our website

1.1 If you use our website for purely informational purposes (i.e. if you neither register nor actively communicate data to us by other means) we will only collect the personal data sent to our server by your browser. If you wish to view our website, we will collect the data we require in order to be able to display our website on your device and ensure the stability and security of our website. The data will also be stored in logfiles in our system. The data in question will not be stored along with other user-specific personal data. The data stored includes your IP address, the date and time of your request, the difference between your time zone and Greenwich Mean Time (GMT), the content (i.e. specific page) to which your request refers, your access status/HTTP status code, the volume of data transferred, the website from which the request is sent, your browser software (including language and version) and your operating system and interface.

1.2 The prerequisites for the lawful temporary storage of data and logfiles are defined in GDPR, s 6(1)(f).

1.3 The temporary storage of your IP address in our system is necessary for the display of our website in your browser. Your IP address must therefore be stored for the duration of your session. Logfiles are stored in order to ensure website functionality. The aforementioned data also enables us to optimise our website and ensure the security of our information systems. These purposes substantiate our legitimate interest in the processing of personal data as per GDPR, s 6(1)(f). This does not constitute an opportunity for the evaluation of data for marketing purposes, nor will it be used as such.

1.4 Data will be deleted as soon as it is no longer required for the purpose it was collected for. In the case of data collected in order to display our website on your device, this is the case at the end of the respective session. Logfiles are deleted within 7 days of when the website was retrieved.

1.5 The collection of data when a user visits our website and the storage of that data in logfiles are essential to the proper operation of our website. You are therefore unable to appeal against it.

 

2. Use of cookies

2.1 Cookies are stored on your device when you use our website. Cookies are text files stored in your internet browser and/or by your internet browser on your device. Any visit to a website may result in a cookie being stored on your operating system. Each cookie contains a specific character sequence which enables the identification of your browser the next time you visit the website.

2.2 This website uses the following types of cookies, the scope and function of which are described in the following sections:

  • Transient cookies (temporary);
  • Persistent cookies (time-limited);
  • Third-party cookies (from third parties, information provided separately).

2.3 Transient cookies are automatically deleted when you close your browser. They include session cookies, which store a so-called session ID that keeps track of various requests sent by your browser during a continuous session. This makes it possible to recognise your device when you return to our website. Session cookies are deleted when you log out or close your browser. The prerequisites for the lawful processing of personal data with the aid of transient cookies are defined in GDPR, s 6(1)(f). The aim of transient cookies is to make websites more convenient for you to use. A number of functions on our website cannot be delivered without the aid of cookies, as they depend on your browser being recognised even when you return from another page. These purposes substantiate our legitimate interest in the processing of personal data as per GDPR, s 6(1)(f).

2.4 Persistent cookies are used exclusively in combination with the web analysis services we employ and only for as long as they are actually required. They have a maximum storage life of two years. You can delete these cookies using the security settings in your browser at any time, though this may restrict the usability and user-friendliness of our website. The prerequisites for the lawful processing of personal data with the aid of persistent cookies are defined in GDPR, s 6(1)(f). We use analytical cookies for the purpose of enhancing the quality of our website and the content thereof. Analytical cookies give us insights into how our website is used, thus enabling us to continuously improve the functions and content we provide on it. These purposes substantiate our legitimate interest in the processing of personal data as per GDPR, s 6(1)(f).

2.5 Cookies that are not essential to the performance of our services from a technical perspective are only stored with your consent, which can be revoked at any time. By continuing to use our website with corresponding browser settings, you consent to the use of cookies as set out in this privacy policy. You can manage your consent using your browser settings, for example by stipulating that you wish to be informed of any cookies stored and that they may only be stored once you have given your explicit consent. To give an example, you can elect to allow cookies in all or only in specific cases. You can configure your browser settings in accordance with your wishes, for example by allowing or blocking third-party cookies or all cookies. We nevertheless remind you that this may restrict the usability and user-friendliness of our website. The prerequisites for the lawful processing of personal data with the aid of analytical cookies for which the user has provided their consent are defined in GDPR, s 6(1)(a).

 

3. Other functions and offers on our website

3.1 In additional to its purely informational function, our website also offers various other services you may be interested in using. The submission of additional personal data is generally essential to the performance of these services, which are again subject to the aforementioned data processing principles.

3.2 In some cases we commission external service providers to process data on our behalf. They are carefully selected by us, given clear instructions to which they are obliged to adhere and assessed on a regular basis.

3.3 We may also pass your personal data on to third parties within the context of initiatives, competitions, contracts or similar services offered in cooperation with external partners. Further information will be provided to you when you submit your personal data or at the bottom of the description of the respective offer.

3.4 If one or more of our subcontractors or partners is based on a country outside the European Economic Area (EEA) we will inform you of any consequences in the description of the respective offer.

 

4. Use of contact forms

4.1 Any personal data you choose to make available to us using our contact forms will be collected by us. We will also store the information subsequently generated as a result of you making contact with us. In particular, this includes you name, contact details and the date and reason you made contact with is. Your personal data will only be used to make the requested products and services available to you and engage in correspondence with you. The prerequisites for the lawful processing of personal data as described above are defined in GDPR, s 6(1)(b).

4.2 We will delete your personal data as soon as it is no longer required for the purpose for which it was collected. In the case of personal data submitted via contact forms, this is deemed to be the case when the respective conversation with you ends. A conversation is deemed to end when circumstances clearly indicate that the issue at hand has been brought to a definitive conclusion. Insofar as it is subject to storage periods defined in tax and commercial law, the data submitted by you will be stored for the statutory storage period of ten years. It will then be deleted unless you have consented to a longer storage period or the data is necessary for the assertion, exertion or defence of legal rights (statutory periods of limitation range from three to thirty years).

 

5. Use of the assessment and comment function on our website

5.1 Our website allows you to submit public comments on a variety of articles we publish. Your comment and chosen user name will be published on the same page as the article itself. We recommend commenting under a pseudonym rather than your given name. You are required to give your user name and email address when you submit a comment; all other information is provided on a voluntary basis. When you submit a comment we will also store your IP address, which will be deleted a week later. We store your IP address in order to be able to defend ourselves against liability claims filed as a result of the publication of illegal content. We store your email address in order to be able to contact you if a third party claims your comment to be illegal. The prerequisites for the lawful storage of your personal data as described above are defined in GDPR, s 6(1)(b) and (f). Comments are not checked prior to publication. We reserve the right to delete comments to which third parties object on the grounds of illegality.

 

6. Use of our online enquiry and booking function

6.1 If you wish to make a booking on our website, it is a prerequisite for the conclusion of a contract between us that you submit the personal data we require in order to enable us to process your booking. Compulsory fields for information essential to contractual conclusion and performance are marked as such; all other fields are filled out on a voluntary basis. The prerequisites for the lawful processing of personal data as described above are defined in GDPR, s 6(1)(b).

6.2 Once a contract has been performed, your address and booking data will be stored for the statutory ten-year storage period defined in tax and commercial law. It will then be deleted unless you have consented to a longer storage period or the data is necessary for the assertion, exertion or defence of legal rights. The prerequisites for the lawful processing of personal data for the purpose of the fulfilment of statutory obligations to archive and store data are defined in GDPR, s 6(1)(c).

6.3 We will use the data you submit to process your booking. This may involve disclosing your data to our bank, logistics partners and the payment provider selected by you. We have the right to disclose this personal data as per GDPR, s 6(1)(b). Our contractors are only permitted to process or use your data for the purpose for which it was disclosed to them. Your data will remain accessible to you at all times. Insofar as your personal data is disclosed to external contractors, please note that we have implemented technical and organisational measures that ensure compliance with data protection regulations.

6.4 You are not obliged to submit the aforementioned personal data to us. The data is nevertheless a prerequisite for the conclusion of a contract between us. Failure to submit the data required may prevent communication and/or the conclusion and performance of a contract between us.

 

7. Newsletter

7.1 You can subscribe to our newsletter informing you of our latest attractive offers by declaring your consent to the mailing of our newsletter to you. The goods and services advertised are named in the corresponding declaration of consent.

7.2 We use the so-called “double-opt-in” process for newsletter subscriptions. This means that once you have registered and given us your email address we will send you a confirmation email to the stated address asking you to confirm that you wish to receive our newsletter. If you fail to confirm your registration within 7 days your information will be blocked and deleted automatically one month later. We will also store your IP addresses and the times when you registered and confirmed your subscription. The aim of this process is to create a trail of evidence for your registration/subscription and facilitate the investigation of any potential abuse of your personal data. The prerequisites for the lawful processing of personal data as described above are defined in GDPR, s 7(1).

7.3 The only compulsory information you need to submit in order for the newsletter to be sent to you is your email address. Any additional information is submitted on a voluntary basis (and marked as such) and will be used to customize the newsletter to your interests. Once you have confirmed that you wish to subscribe we will store your email address for the purpose of sending you the newsletter. The prerequisites for the lawful processing of personal data as described above are defined in GDPR, s 6(1)(a) DSGVO. Your data will be deleted as soon as it is no longer required for the purpose for which it was collected. A user’s email address will therefore be stored for as long as their newsletter subscription remains active.

7.4 You have the right to revoke your consent to the receipt of the newsletter (i.e. unsubscribe) at any time. You can do so by clicking on the corresponding link provided in each newsletter email or by notifying us using the contact details given in the Imprint on our website.

 

8. Use of Google Analytics

8.1 This website uses Google Analytics, a web analysis service operated by Google Ireland Limited (“Google”) which uses so-called “cookies” (text files stored on your device in order to facilitate the analysis of how you use the website). As a general rule, the data on your use of this website collected by the cookie is sent to and stored on a Google server located in the USA. If IP anonymization is activated on this website and you are in an EU member state or another treaty state in the EEA, your IP address will be abbreviated/anonymized by Google prior to being sent to and stored on a server in the USA. Your full IP address will only be sent to and abbreviated/anonymized on a Google server in the USA in exceptional cases. Working on behalf of the operator of this website, Google uses the data collected by the cookie to analyse your use of this website, compile website activity reports and provide the website operator with other services linked to website use and internet use.

8.2 The IP address sent by your browser in connection with Google Analytics will not be matched to any other data held by Google.

8.3 You may prevent the generation and storage of cookies by activating the appropriate settings in your browser. Please note that cookie deactivation may render you unable to utilise the full range of functions available on this website. You can also prevent cookie-generated data on your use of this website (including your IP address) from being sent to and processed by Google by downloading and installing the browser plugin available on the following webpage: http://tools.google.com/dlpage/gaoptout?hl=en.

8.4 This website uses Google Analytics in combination with the “_anonymizeIp()” function. This means that IP addresses are abbreviated prior to processing, thus preventing data from being matched to a specific user. If the personal data collected from you can still be matched to you it will be blocked and deleted immediately.

8.5 We use Google Analytics to analyse and enhance the use of our website. The statistics provided by the service enable us to improve our offers and make them more interesting for you the user. In the exceptional cases in which personal data is sent to the USA, Google undertakes to comply with the EU-US-Privacy-Shield (https://www.privacyshield.gov/EU-US-Framework). The prerequisites for the lawful use of Google Analytics are defined in GDPR, s 6(1)(f).

8.6 Information on the third-party provider: Google Dublin, Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland, Fax: +353 (1) 436 1001, user terms and conditions: http://www.google.com/analytics/terms/de.html, general information on privacy: http://www.google.com/intl/de/analytics/learn/privacy.html privacy policy: http://www.google.de/intl/de/policies/privacy.

 

9. Use of Google Fonts

9.1 We use Google Fonts on our website. We use this service in order to ensure that our website is displayed in a uniform and attractive way. Each time you visit a page your browser will load the web fonts required into your browser cache in order to ensure that text and fonts are displayed correctly. If your browser does not support web fonts your device will use a default font instead. The prerequisites for the lawful use of Google Fonts are defined in GDPR, s 6(1)(f).

9.2 When you visit our website Google will receive notification that you have accessed the corresponding section of our website. Data is also transmitted as per section III.1 of this privacy policy, regardless of whether or not you are logged into a Google user account or do not have a Google user account. If you are logged into a Google user account your data will be matched directly to your account. If you do not wish your data to be matched to your Google profile you must log out before activating the button . Google stores your data as a user profile and uses it for the purposes of advertising, market research and/or the needs-oriented design of its own website. In particular, and even in the case of users who are not logged in, data evaluation is used to deliver needs-oriented advertising and inform other social network users about your activities on our website. You have the right to appeal against the generation of such user profiles; please contact Google if you wish to exercise this right.

9.3 Further information on the purpose and scope of the data gathering and processing engaged in by this provider is available in the provider’s privacy policies, which also include information on your rights in this regard as well as settings that enable you to protect your privacy (http://www.google.de/intl/de/policies/privacy). In some cases Google processes your personal data in the USA in compliance with the EU-US Privacy Shield (https://www.privacyshield.gov/EU-US-Framework). To opt out, please visit https://adssettings.google.com/authenticated.

 

10. Use of Google Adwords Conversion

10.1 We use the services of Google Adwords to draw attention to our attractive offers with the help of advertising materials (so-called Google Adwords) on external websites. We can determine in relation to data collected during advertising campaigns how successful each individual advertising measure is. This enables us to pursue our interest in showing you advertisements that are of interest to you, making our website more interesting for you and ensuring the fair calculation of advertising costs.

10.2 The advertising materials are delivered by Google via so-called “ad servers”. We therefore use ad server cookies to measure specific parameters for success such as pop-up advertisements or user clicks. If you access our website via a Google ad, Google Adwords will store a cookie on your device. These cookies generally expire after 30 days and are not intended to identify you personally. The cookie generally stores analytical data in the form of a unique cookie ID, the number of ad impressions per placement (frequency), the last impression (relevant for post-view conversions) and opt-out information (a note signalling that the user no longer wishes to be addressed).

10.3 These cookies enable Google to recognise your internet browser. If a user visits certain pages on an Adwords customer’s website and the cookie stored on their device has not expired, Google and the customer can detect that the user has clicked on the ad and has been redirected to this page. A different cookie is assigned to each Adwords customer. Cookies therefore cannot be traced via the websites of Adwords customers. We ourselves do not collect or process any personal data within the context of the aforementioned advertising measures. Google only provides us with statistical evaluations. These evaluations enable us to identify which of the advertising measures used are particularly effective. We do not receive any additional data on the use of the advertising materials; more specifically, the information available to us does not enable us to identify specific users.

10.4 As a result of the marketing tools used your browser will automatically establish a direct connection to the Google server. We have no influence on either the scope of the data collected by Google using this tool or the way in which it is used. The following information is therefore provided to the best of our knowledge: As a result of the integration of AdWords Conversion into our website, Google receives notification that you have accessed a specific section of our website or clicked on one of our advertisements. If you are registered with a Google service, Google is able to match your visit to your account. Even if you are not registered with Google or have not logged in, it is still possible for the provider to obtain and store your IP address.

10.5 You can avoid participating in this tracking process in various ways: a) by adjusting the corresponding settings in your browser software (example: if you elect to block third-party cookies you will no longer receive any ads from third-party providers); b) by disabling conversion tracking cookies by setting your browser to block cookies from the domain “www.googleadservices.com” (also see https://www.google.com/settings/ads; please note that this setting is deleted each time you delete your cookies); c) by disabling interest-based ads from providers participating in the “About Ads” self-regulation campaign at http://www.aboutads.info/choices (please note that this setting is deleted each time you delete your cookies); d) by permanently disabling cookies in your browser (Firefox, Internet Explorer or Google Chrome) by installing the plugin available at http://www.google.com/settings/ads/plugin. Please note that if you permanently disable cookies you may not be able to make full use of all functions available on this website.

10.6 The prerequisites for the lawful use of Google Adwords are defined in GDPR, s 6(1)(f). Further information on Google’s privacy policy is available at http://www.google.com/intl/de/policies/privacy and https://services.google.com/sitestats/de.html. You can also visit the website operated by the Network Advertising Initiative (NAI) at http://www.networkadvertising.org. Google undertakes to process your data in compliance with the EU-US Privacy Shield (https://www.privacyshield.gov/EU-US-Framework).

 

11. Facebook, Google+, Pinterest, Instagram, YouTube, WhatsApp and Flickr

11.1 Our website features links to the social media services Facebook, Google+, Pinterest, Instagram, YouTube, WhatsApp and Flickr. The links are marked with the logos of the respective social media services. Clicking on one of these links will take you to the AugustusTours profile on the respective social media service and establish a connection with the service’s servers. The fact that you have visited our website will therefore be communicated to the servers used by the respective social media service. Additional data will also be transmitted to the provider of the social media service, for example:

  • The address of the website on which the link was activated;
  • The date and time when the website was accessed and/or the link was activated,
  • Information on the browser and operating system used,
  • Your IP address.

11.2 If you were already logged into the respective social media service when the link was activated, the data transmitted may enable the service provider to identify your user name (and perhaps even your real name) and match that information to your personal user account on that social media service. You can prevent your information from being matched to your personal user account by logging out of your user account before activating the link.

11.3 The servers used by the social media services listed in section 11.1 are located in the USA and other countries outside the European Union. The providers of those social media services may therefore process data in countries outside the EU. Please note that the data protection laws to which companies in those countries are subject generally do not protect personal data to the same degree as the laws in force in EU member states.

11.4 Please note that AugustusTours has no influence on the scope, type, or purpose of the data processing activities engaged in by providers of social media services. Detailed information on the use of your data by the providers of the social media services featured on our website is available in the privacy policy published by the respective provider.

 

12. Social media presence

12.1 We currently use the following social networks, communication services and platforms: Facebook, Google+, Instagram, Pinterest, Flickr, Xing and LinkedIn. We maintain these social media presences primarily to communicate with customers, prospects and users, increase our brand awareness and promote our products and services.

12.2 We have no control over the data and data processing operations collected, nor are we aware of the full extent of the data collection, the purposes of the processing, the storage periods. We also do not have any information on the deletion of the collected data.

12.3 The respective provider stores the data collected about you as user profiles and uses these for the purposes of advertising, market research and/or the design of its website to meet requirements. Such an evaluation takes place in particular (also for users who are not logged in) for the representation of demand-meeting advertisement. The legal basis for the use of these social media presences is Art. 6 para. 1 lit. f) DSGVO, as we have a justified interest in communication and information of customers and interested parties about these presences. If the respective provider has obtained your consent for the processing of your personal data, the legal basis for the processing is Art. 6 Para. 1 a), 7 DSGVO.

12.4 The purpose and scope of the data collection and the further processing and use of the data by the providers as well as your rights in this regard and setting options for the protection of your privacy can be found in the data protection information of the providers. In any case, you have the right to object to the creation of user profiles, whereby you must contact the respective provider to exercise this right. Also in the case of the assertion of your concerning rights, we refer you to the respective providers. Only the providers have access to your data and can, for example, provide information or delete data. Beyond that we are to you gladly at the disposal.

Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland; http://www.facebook.com/policy.php; further information on data collection: http://www.facebook.com/help/186325668085084, http://www.facebook.com/about/privacy/your-info-on-other#applications and http://www.facebook.com/about/privacy/your-info#everyoneinfo. We work with Facebook on the basis of a contract pursuant to Art. 26 DSGVO, which you can access here: https://www.facebook.com/legal/terms/page_controller_addendum; Facebook has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.

Google LLC, 1600 Amphitheater Parkway, Mountainview, California 94043, USA; https://www.google.com/policies/privacy/partners/?hl=en. Google has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.

Instagram LLC, 1601 Willow Road, Menlo Park, CA 94025, USA; https://help.instagram.com/519522125107875.

Pinterest Inc., 808 Brannan Street, San Francisco, CA 94103, USA; https://policy.pinterest.com/de/privacy-policy.

Effective April 19, 2018, Fantastic Fox, Inc. (a subsidiary of Smug-Mug, Inc.) acquired Flickr. Smug-Mug Inc., Suite 200, 67 E Evelyn Avenue, Mountain View, CA 94041, USA. This privacy statement applies only to SmugMug's Flickr division: https://www.flickr.com/help/privacy.

Xing AG, Gänsemarkt 43, 20354 Hamburg, DE; https://www.xing.com/privacy.

LinkedIn Corporation, 2029 Stierlin Court, Mountain View, California 94043, USA; https://www.linkedin.com/legal/privacy-policy. LinkedIn has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.

13. Data security

13.1 Data communicated via our website is protected with the aid of the widely used SSL procedure (Secure Socket Layer) in combination with the highest level of encryption supported by your browser, which is generally 256-bit encryption. If your browser does not support 256-bit encryption we will use 128-bit v3 technology instead. A key or closed padlock icon in your browser’s lower status bar indicates that the respective page of our website is transmitted in encrypted form.

13.2 We also implement appropriate technical and organisational measures in order to protect your data against accidental or deliberate manipulation, partial or complete loss, destruction and unauthorised access by third parties. We continually optimise our safety measures in order to keep up with technological developments.

 

IV. Collection of personal data when you contact us by email, post or telephone

1. Collection of personal data from customers, interested parties and suppliers

1.1 We only collect personal data from customers, interested parties and suppliers if they disclose it to us voluntarily by email, post or telephone. When a customer, interested party or supplier enters into contact with us we collect the data generated as a result, and in particular names, contact details and the date and time when contact was made. The personal data we collect from you will only be used for the purpose of providing you with the desired products and services (the prerequisites for the lawful processing of personal data for this purpose are defined in GDPR, s 6(1)(b)) or other purposes to which you have consented (the prerequisites for the lawful processing of personal data for such purposes are defined in GDPR, s 6(1)(a)) as described in this privacy policy. You have the right to revoke your consent to the processing of your personal data at any time.

1.2 You are not obliged to disclose the aforementioned personal data to us. The data may nevertheless be a prerequisite for the conclusion of a contract between us. Failure to submit the data required may prevent communication and/or the conclusion and performance of a contract between us.

1.3 Any disclosure of your personal data will occur in accordance with statutory regulations and contractual agreements. Where relevant, data may be disclosed to official bodies (provided there is a legitimate legal reason to do so), external service providers, other contractors or other external bodies insofar as you have given your consent or disclosure is permissible for a compelling reason. We have no intention to disclose your data to recipients in third countries (i.e. countries outside the EU/EEA) or international organisations.

1.4 Data will be deleted as soon as it is no longer required for the purpose for which it was collected. In the case of any personal data collected from you, this is deemed to be the case when the respective conversation with you ends. A conversation is deemed to end when circumstances clearly indicate that the issue at hand has been brought to a definitive conclusion. To the extent that it is subject to storage periods defined in tax and commercial law, any personal data collected will be stored for the statutory period of ten years. It will then be deleted unless you have consented to a longer storage period or the data is necessary for the assertion, exertion or defence of legal rights. The prerequisites for the lawful processing of personal data for the purpose of the fulfilment of statutory obligations to archive and store data are defined in GDPR, s 6(1)(c).

 

2. Collection of personal data from applicants

2.1 We only collect personal data from applicants if they disclose it to us voluntarily by email, post or telephone. This applies to applications for advertised positions and unsolicited applications alike. When an applicant enters into contact with us we collect the data they disclose to us within the context of their application, and in particular their name, contact details, interests, qualifications and educational and professional careers. The prerequisites for the lawful processing of personal data within the context of application processes are defined in GDPR, s 6(1)(a), (b) and (f) and § 26 BDSG.

2.2 You are not obliged to disclose the aforementioned personal data to us. The data may be a prerequisite for the conclusion of a contract between us further to the conclusion of the application process. Failure to submit the data required may prevent communication, the completion of the application process and the conclusion of a contract between us.

2.3 Any disclosure of your personal data will occur in accordance with statutory regulations and contractual agreements. Relevant data will be disclosed to employees responsible for recruitment and human resource management, management level employees and the head of the respective department or relevant trainers. Your personal data will not be disclosed to any third parties. There is no intention to disclose your data to recipients in a third country (i.e. a country outside the EU/EEA) or an international organisation.

2.4 Data will be deleted as soon as it is no longer required for the purpose for which it was collected. If your application is rejected we will store your data for a period of six months after you have been notified that your application has been rejected. If you consent to a longer storage period your data will be stored for a period of one year. When that period expires we will either delete your data or request that you renew your consent. You have the right to revoke your consent to the processing of your personal data at any time.

 

V. Appealing against and revoking your consent to the processing of your data

1. If you consent to the processing of your data you have the right to revoke that consent at any time. Revocation only affects the permissibility of the processing of your personal data after such time as we receive notification of the revocation of your consent.

2. If we process your personal data on the basis of the balancing of interests alone you have the right to appeal against such processing. This applies in particular to processing which is not essential to the performance of a contract with you. If you wish to exercise your right of appeal we request that you explain the reasons why we should not process your personal data in the way to which you object. If your appeal is legitimate we will examine the situation and either cease to process your data, adjust the way in which we process your data or provide compelling reasons why we will continue to process your data in the way to which you object.

3. You naturally have the right to appeal against the processing of your personal data for the purposes of advertising and data analysis at any time. Please use the following contact details if you wish to appeal against the processing of your personal data for advertising purposes: AugustusTours e.K., Katja Marquardt, Turnerweg 6, 01097 Dresden, email: This email address is being protected from spambots. You need JavaScript enabled to view it..

 

VI. Your rights

1. Section 15 of the GDPR gives you the right to demand information on the personal data we have collected on you. In particular, you can demand information on the purposes for which your data is processed, the categories of personal data held, the categories of recipients to whom your data has been or may be disclosed, the foreseen storage period, the existence of a right of correction, deletion, restriction on processing or appeal, the existence of a right of complaint, the origin of your data (insofar as it was not collected by us), the existence of a system of automated decision-making (including profiling) and, where applicable, definitive information on any decisions made using that system.

2. Section 16 of the GDPR gives you the right to demand the immediate correction or completion of incorrect or incomplete personal data we store on you. Section 17 of the GDPR gives you the right to demand the deletion of personal data we store on you insofar as the processing of that data is not essential i) to the exertion of the right to free speech, ii) to the fulfilment of a legal obligation, iii) for reasons in the public interest or iv) to the assertion, exertion or defence of legal rights.

3. Section 18 of the GDPR gives you the right to demand restrictions on the processing of your personal data insofar as you dispute the correctness of that data and the processing thereof is not lawful but you object to the deletion thereof – even though we no longer require the data in question – due to the fact that you require it for the assertion, exertion or defence of legal rights or have filed an appeal against the processing thereof as per section 21 of the GDPR.

4. Section 20 of the GDPR gives you the right to demand that your personal data is made available to you or another responsible person in a structured, conventional, machine-readable format.

5. Section 7(3) of the GDPR gives you the right to revoke consent you have granted us in the past at any time. The exertion of this right prohibits us from continuing with the data processing to which that consent referred in the future.

6. In addition, section 77 of the GDPR gives you the right to lodge a complaint regarding the processing of your personal data by us with a supervisory authority, for example with the supervisory authority responsible for our region (Saxony): Sächsischer Datenschutzbeauftragter, Bernhard-von-Lindenau-Platz 1, 01067 Dresden, Germany, tel. +49 (0) 351 49 35401, email: This email address is being protected from spambots. You need JavaScript enabled to view it..

 

VII. Topicality of and changes to this privacy policy

1. This privacy policy is valid in its current form, which was published in May 2018. The German version is binding; the English version is provided for information only.

2. Changes to our website, products and services as a result of changes to statutory and/or official regulations may necessitate changes to this privacy policy. The current version of this privacy policy is always available to retrieve and print at https://www.augustustours.de/en/privacy-policy.html.