Personal data is any information about you by which you can be identified. This can include information such as:
your name, date of birth, email address, postal address, phone number, mobile number;
debit card details, bank account details;
information about your device (such as the IP address, which is a numerical code to identify your device that can provide information about the country, region or city where you are based); and
information relating to your personal circumstances and how you use our site and services.
Who we are and how to contact us
The data controller for our site is Vincent Schmidlin, Lokstedter Damm 41, 22453 Hamburg. This means that we are responsible for deciding how and why we hold and use your personal data. You can contact us at firstname.lastname@example.org
What personal data we collect and how we use it
We collect personal data when you browse our site. This information is used to provide our services and analyse how visitors use our site. When you contact us we collect:
your email address;
your message or booking enquiry
your IP address - a numerical code to identify your device and which can provide information about the country, region or city where you are based;
your browsing history of the content you have visited on our site, including information on how you were referred to our site via another website; and
details of your devices, for example, the unique device ID, unique advertising ID and browsers used to access our content.
How we collect personal data
We collect personal data when you:
use mobile devices to access our content;
access our site, through cookies and other similar technology; and
when you contact us via email, social media or similar technologies or when you mention us on social media.
Why we use your personal data
We use personal data collected through our site for a number of purposes, including the following:
To provide the services you sign up for. We also use the personal data for related internal administrative purposes - such as our accounting and records - and to make you aware of any changes to our services.
To send marketing communications when we have your permission, or when permitted by law.
To personalise our services (for example, so you can sign in), remembering your settings, displaying personalised advertising as well as measuring how effective our online adverts are, recognising you when you sign in on different devices and tailoring our marketing communications based on what you read on our site.
To carry out marketing analysis, for example we look at what you have viewed on our site and what services you have bought (including what you have looked at to better understand what your interests and preferences are, and to improve our marketing by making it more relevant to your interests and preferences.
To improve our marketing communications, we use a similar technology to cookies to confirm whether you have opened a marketing email or clicked on a link in the email.
For statistical purposes such as analysing the performance of our site and to understand how visitors use them.
To respond to your queries and to resolve complaints.
To comply with applicable laws and regulations.
Legal grounds for using your personal data
We will only use your personal data where we have a legal ground to do so. We determine the legal grounds based on the purposes for which we have collected and used your personal data. In every case, the legal ground will be one of the following:
Consent: For example, where you have provided your consent to receive marketing emails from us. You can withdraw your consent at any time. In the case of marketing emails you can withdraw your consent by clicking on the “unsubscribe” link at the bottom of the email.
Our legitimate interests: Where it is necessary for us to understand our visitors, promote our services and operate our site efficiently for the creation, publication and distribution of our services, globally. For example, we will rely on our legitimate interest when we analyse what content has been viewed on our site, so that we can understand how they are used. It is also in our legitimate interest to carry out marketing analysis to determine what services may be relevant to the interests of our visitors.
Performance of a contract with you (or in order to take steps prior to entering into a contract with you): For example, where you have made a booking with us and we need to use your contact details and payment information in order to process your booking and deliver our services.
Compliance with law: In some cases, we may have a legal obligation to use or keep your personal data.
Personal data that we receive about you from other organisations
Adding to or combining the personal data you provide to us
When you access our services we may add to the personal data you give us by combining it with information shared with us by other trusted organisations. This includes, for example, information about the region that you are located in. We may also add information to improve the accuracy of your delivery address when we send out mail. We may also obtain information from partners whose offers we include in some of our marketing communications and we use this information to ensure that we do not send you irrelevant marketing.
Using children’s personal data
We do not aim any of our products or services directly at children under the age of 13 and we do not knowingly collect personal data about children under 13. Some of our services may have a higher age restriction and this will be shown at the point of registration.
Security of your personal data
We have implemented appropriate technical and organisational controls to protect your personal data against unauthorised processing and against accidental loss, damage or destruction. Unfortunately, sending information via the internet is not completely secure. Although we will do our best to protect your personal data once with us, we cannot guarantee the security of any personal data sent to our site while still in transit and so you provide it at your own risk.
Who we share your personal data with
We do not share your personal data with other people or organisations that are not directly linked to us except under the following circumstances:
We may share your data with other organisations that provide services on our behalf such as dealing with online payments and other forms of payment processing, ie credit card transactions and preventing fraud.
We may reveal your personal data to any law enforcement agency, court, regulator, government authority or other organisation if we are required to do so to meet a legal or regulatory obligation, or otherwise to protect our rights or the rights of anyone else.
Any organisations which access your data in the course of providing services on our behalf will be governed by strict contractual restrictions to make sure that they protect your data and keep to all data privacy laws that apply. We may also independently audit these service providers to make sure that they meet our standards.
We will not share your personal data with anyone else for their own marketing purposes unless we have your permission to do this.
Some of our webpages use social plug-ins from other organisations (such as the “Facebook Recommend” function, Twitter’s retweet function, Google+ function). These other organisations may receive and use personal data about your visit to our site. If you browse our site, information they collect may be connected to your account on their site. For more information on how these organisations use personal data, please read their privacy policies.
International data transfers
Whenever we transfer your personal data out of the European Economic Area (EEA), we ensure similar protection and put in place at least one of these safeguards:
We will only transfer your personal data to countries that have been found to provide an adequate level of protection for personal data.
We may also use specific approved contracts with our service providers that are based in countries outside the EEA. These contracts give your personal data the same protection it has in the EEA .
Where we use service providers in the United States, we may transfer personal data to them if they are part of the Privacy Shield scheme, which requires them to provide a similar level of protection of your personal data to what is required in the EEA.
If you are located in the EEA, you may contact us for a copy of the safeguards which we have put in place for the transfer of your personal data outside the EEA.
How long we keep your personal data
How we may contact you
From time to time we may send you service emails, for example, telling you your booking is confirmed or thanking you when you contribute or place an order with us.
Marketing communications and editorial newsletters
If we have your permission, we may send you materials we think may interest you, such as new offers and updates. Depending on your marketing preferences, this may be by email, phone, SMS or post.
We offer an editorial newsletter. You can decide not to receive these emails at any time and will be able to “unsubscribe” directly by clicking a link in the email.
Responding to your queries or complaints
If you have raised a query or a complaint with us, we may contact you to answer your query or to resolve your complaint.
Cookies and similar technology
When you visit our site, we may collect personal data from you automatically using cookies or similar technology. A cookie is a small file that can be placed on your device that allows us to recognise and remember you.
Your rights with regard to the personal data that we hold about you
You can contact us with regard to the following rights in relation to your personal data:
If you would like to have a copy of the personal data we hold on you or if you think that we hold incorrect personal data about you, please write to Vincent Schmidlin, Lokstedter Damm 41, 22453 Hamburg or email email@example.com. We will deal with requests for copies of your personal data or for correction of your personal data within one month. If your request is complicated or if you have made a large number of requests, it may take us longer. We will let you know if we need longer than one month to respond. You will not have to pay a fee to obtain a copy of your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive.
Where you have provided us with consent to use your personal data, you can withdraw this at any time.
Where applicable, you may also have a right to receive a machine-readable copy of your personal data.
You also have the right to ask us to delete your personal data or restrict how it is used. There may be exceptions to the right to erasure for specific legal reasons which, if applicable, we will set out for you in response to your request. Where applicable, you have the right to object to processing of your personal data for certain purposes.
If you do not want us to use your personal data for marketing analysis, you can do so by sending us an email to firstname.lastname@example.org
If you want to make any of these requests, please contact email@example.com
We may need to request specific information from you to help us confirm your identity.
Contact us for information about how we use your personal data
If you have any questions about how we use your personal data or if you have a concern about how your personal data is used, please write to Vincent Schmidlin, Lokstedter Damm 41, 22453 Hamburg or email firstname.lastname@example.org
Complaints will be dealt with by the Data Protection Manager, and will be responded to within 30 days.
If you are not satisfied with the way your concern has been handled, you can refer your complaint to the Information Commissioner’s Office.
What is a cookie?
A cookie is a small file that can be placed on your device that allows us to recognise and remember you. It is sent to your browser and stored on your computer’s hard drive or tablet or mobile device. When you visit our sites, we may collect information from you automatically through cookies or similar technology.
Understanding how you use our site
Showing you services that are relevant to you
Other organisations also collect user information on our sites through cookies, tags and pixels. Tags and pixels, also known as web beacons, are similar to cookies but are collected through embedded images.
Using cookies and other technology allows other organisations to help us to analyse how our site is being used, measure the number of visitors to the site, and display advertising.
Cookies that are used by Flor de s’almonia are referred to as “first-party cookies” and those that are used by our partners are “third-party cookies”. Because of how cookies work, our website cannot access third-party cookies; nor can other organisations access the data in the cookies we use on our website. There are more details about both in the following sections.
What types of cookies do we use ?
We use four types of cookies, which we describe in this section.
Essential – cookies that are essential to provide you with services you have requested. For example, these include the cookies that make it possible for you to stay logged into your Guardian account and make comments. If you set your browser to block these cookies, then these functions and services will not work for you. In particular, we won’t be able to save your preferences about cookies.
Performance - cookies which measure how often you visit our sites and how you use them. We use this information to get a better sense of how our users engage with our service and to improve our site, so that users have a better experience. For example, we collect information about which of our pages are most frequently visited, and by which types of users. We also use third-party cookies to help with performance. For example, the Google Analytics cookie gives us information such as your journey between pages and whether you have downloaded anything (details of how to opt out of it are below).
Functionality – cookies that are used to recognise you and remember your preferences or settings when you return to our site, so that we can provide you with a more personalised experience. For example, if you are based in the United Kingdom, we will remember this and make sure that you receive the UK homepage when you visit our site, rather than the US or Australia homepage. A mix of first-party and third-party cookies are used.
Limitation of Liability
The contents of this website are prepared with the greatest possible care. However, the provided does not assume any guarantee for the correctness, completeness and currentness of the contents provided. The use of the website contents takes place at the user’s risk. Contributions which include the author’s name reflect the respective author’s opinion and not necessarily the provider’s. Simple use of the provider’s website by no means denotes the existence of a contractual relationship in any form between the user and the provider.
Copyright & Intellectual Property Rights
The contents published on this website are subject to German copyright and intellectual property rights. Each non-permissible use according to German copyright and intellectual rights must be previously agreed to in writing by the provider or the respective owner of the rights. This specifically applies to duplication, handling, translation, storage, processing and the reproduction of contents in databases or other electronic media and systems. Contents and rights belonging to third parties are marked as such here. Non-permissible duplication or passing on of individual contents or full pages is not permissible and liable to prosecution.
Only the preparation of copies and downloads for personal, private and non-commercial use is permissible.