Privacy Policy

The privacy policy applies to Destinaja.de as well as to all subdomains of destinaja.de. It is used to inform the users of our website about the nature, scope and purpose of the collection and use of personal data.

1. General information

We appreciate your interest in Destinaja.de. The protection of your data has a high priority for us, so that we only require personal data if it is necessary for the respective purpose. For all other personal data, the principle of voluntariness applies. We collect, process and use only personal data, as far as you have agreed or a law allows it.

The responsible person has implemented different technical and organizational procedures to ensure the most possible protection of your data. Nevertheless, data transmission on the Internet can generally have security holes. A complete protection of the data from access by third parties is not possible. Of course, you are free to provide us with your personal data in alternative ways, such as by mail or telephone.

The use of Destinaja.de is basically possible without declaration of personal data. However, special services and non-public areas may require the processing of personal data.

2. Responsible person

Responsible acc. Art. 4 no. 7 GDPR:

René Jung

Jäckhstraße 22

34121 Kassel

E-Mail: info@destinaja.de

3. Definitions

The terminology used in this privacy policy is taken from the GDPR. In order for this privacy statement to be understandable and easy to read, we would like to explain some terminology.

a) Personal data

The collective term personal data is any information that makes you identifiable. These particular include:

First and last name, address, location data, IP address, browser identification, online identification and other special characteristics that make you physically, physiologically, genetically, psychologically, economically, culturally or socially identifiable.

b) Processing

Processing is the ascertainment, collection, organization, ordering, storage, adaptation or modification, reading, querying, use, disclosure by transmission, distribution or provision, matching or dissemination, restriction as well as the deletion and destruction of data.

c) Restriction of processing

If processing is restricted, personal data already stored will be marked separately in order to regulate further processing.

d) Profiling

Profiling is any form of automated processing of personal data, including the evaluation of personal aspects, in particular for the analysis or prognosis of aspects relating to work performance, economic situation, health, personal preferences or interests, reliability or behavior, location or change of location of you.

e) Pseudonymization

Pseudonymisation is the processing of personal data in such a way that personal data can no longer be assigned to you without the need for additional information as long as that additional information is kept separate and subject to technical and organizational procedures to ensure that the personal data do not belong to one assigned to an identified or identifiable natural person.

f) Responsible Person

The responsible person or the responisve person of processing is a natural or legal person, public authority, institution or other authority, that decides alone or together with others about the purposes and means of processing personal data. If the purposes and means of such processing are determined by Union law or the law of the Member States, the responisve persons or the specific criteria for his designation may be provided for under Union or national law.

g) processor

The processor is a natural or legal person, public authority, institution or other authority that processes personal data on behalf of the responsible person.

h) Recipient

Recipient is a natural or legal person, public authority, institution or other authority to whom Personal Data is disclosed, whether or not it is a third party. Authorities which may receive personal data under Union or national law in connection with a particular mission are not considered as beneficiaries. The processing of these data by the these authorities shall be in accordance with the applicable data protection rules in accordance with the purposes of the processing.

i) Third party

Third party is a natural or legal person, public authority, institution or other authority except you, the responsible person, the processor and the persons authorized under the direct responsibility of the responsible person or the processor to process the personal data.

j) Consent

Consent is any of you voluntarily in an informed and unequivocal manner in the form of a statement or other unambiguous confirmatory act expressing for the specific case, that you understand that you consent to the processing of your personal data.

4. Your Rights

Right of access by the data subject (Art. 15 GDPR)

You have the right to ask the responsible person for confirmation of the processing of your personal data; if this is the case, you have a right to get informed about these personal data and to the information pursuant to Art. 18 para. 1 GDPR.

You also have the right to know whether personal data has been transmitted to a third country or to an international organization. If this is the case, then you have the right to obtain information about the appropriate guarantees in connection with the transfer.

The responsible person will provide a copy of the personal data that is the subject of the processing. The right to receive a copy shall not not affect the rights and freedoms of others.

b) Right to rectification (Art. 16 GDPR)

You have the right to demand from the responsible persion without delay the correction of incorrect personal data concerning you as well as the completion of incomplete personal data.

c) Right to erasure (Art. 17 GDPR)

You have the right to demand the deletion of your personal data from the responsible person if the requirements of Art. 17 para. 1 GDPR are met. This shall not apply if the processing is necessary for the exercise of the right to freedom of expression and information, to fulfill a legal obligation, to perform a task in the public interest or in the exercise of official authority and to assert, pursue or defend legal claims.

d) Right to restriction of processing (Art. 18 GDPR)

You have the right to demand that the person in charge restrict the processing if the requirements of Art. 18 para. 1 GDPR are met. If the processing has been restricted, such personal data may only be processed with the consent of you or for the purposes of asserting, exercising or defending legal claims or protecting the rights of another natural or legal person or for important public interest of the Union or of a Member State. This does not apply to the storage of personal data. When removing the restriction, you must be informed in advance.

e) Notification obligation regarding rectification or erasure of personal data or restriction of processing (Art. 19 GDPR)

If the rectification, erasure or restriction of the processing of personal data has been placed, the responsible person shall be obliged to inform all recipients of the applied personal data concerned about this correction or deletion of data or restriction of processing. This does not apply if this is impossible or involves a disproportionate effort. At your request, the personal data must be communicated to you.

f) Right to data portability (Art. 20 GDPR)

You have the right to receive your personal data provided in a structured, established and machine-readable format or to request the transfer to another responsible person, insofar as this is technically feasible and this does not affect the rights and freedoms of other persons.

g) Right to object (Art. 21 GDPR)

You have the right to revoke your consent to the processing of your personal data at any time for the future processing of your personal data. This does not apply if the controller can demonstrate compelling legitimate grounds for processing that outweigh the interests, rights and freedoms on your part, that is necessary for the performance of a contract between you and the controller, or the processing of the enforcement, exercise or defense of Legal claims serves. In the case of revocation, the personal data will be pseudonymized or deleted.

h) Right to lodge a complaint with a supervisory authority (Art. 77 GDPR)

You have the right to lodge a complaint with a supervisory authority, in particular in the Member State of its usual place of residence, employment or the place of the alleged infringement, if you consider that the processing of personal data concerning them infringes the General Data Protection Regulation.

5. Data collection on our website

5.1 SSL/TSL encryption

In order to best protect your transmitted data, we use SSL encryption. You will recognize such an encrypted connection with the prefix "https: //." In the page link in the address bar of your browser. Unencrypted pages are identified by "http: //.".

All data that you transmit to our website can not be read by third parties thanks to SSL encryption.

5.2 server log files

In the case of merely informative use of our website and if you do not register or otherwise provide us with information, we will only collect the personal data that your browser automatically transmits to our server. In particular, if you wish to view our website, we collect the following data that is technically necessary for us to display our website and to ensure stability and security:

IP address of the visitor
date and time of request
time zone difference to Greenwich Mean Time (GTM)
"Request Line" from the client
content of the request (concrete page)
access status / HTTP status code
each transmitted amount of data
Website from which the request comes
browser
Operating system and its surface
language and version of the browser software

A merge of this data with other data sources will not be done. However, we reserve the right to retrospectively check the server logfiles should concrete evidence point to unlawful use.

The basis for data processing is Art. 6 para. 1 lit. b GDPR, which allows the processing of data to fulfill a contract or pre-contractual measures.

5.3 Cookies

This website uses partially so-called cookies. Cookies do not harm your computer and do not contain viruses. Cookies are designed to make offering more user-friendly, effective and secure. Cookies are small text files that are stored on your computer and stored by your browser.

Most of the cookies used are so-called "session cookies". They are automatically deleted after your visit. Other cookies remain stored on your device until you delete them. These cookies allow us to recognize your browser the next time you visit.

You can set your browser so that you are informed about the setting of cookies and allow cookies only in individual cases, the acceptance of cookies for certain cases or generally exclude and enable the automatic deletion of cookies when closing the browser. Disabling cookies may limit the functionality of this website.

Cookies that are required to carry out the electronic communication process or to provide certain functions that you wish to use (eg shopping cart function) are processed on the basis of Art. 6 para. 1 lit. f GDPR saved. The responsible person has a legitimate interest in the storage of cookies for the technically correct and optimized provision of its services. Insofar as other cookies (such as cookies for analyzing your surfing behavior) are stored, they will be treated separately in this privacy policy.

5.5 Registration on this website (user account)

You can register on our website to use additional features on the site, which by their very nature can only be offered to registered users. We use the personal data entered voluntarily for the purpose of using the respective offer or service for which you have registered. The mandatory information requested during registration must be given in full and truthfully. Otherwise, we will reject the registration.

For important changes, such as the scope of the offer or for technical changes, we use the e-mail address specified during registration to inform you in this way. Furthermore, according to your notification settings, you will receive notices about activities (comments, responses, conversations) from other users to their specified email address.

The data collected during registration will be stored by us as long as you are registered on our website and will subsequently be pseudonymised or deleted afterwards.

The IP address stored during registration will not be merged with other data sources basically. However, we reserve the right to process this data retrospectively should concrete evidence point to unlawful use. The stored IP address is deleted on the system side after 7 days.

The processing of the data entered during registration takes place on the basis of your consent (Art. 6 para. 1 lit. GDPR).

5.6 Posts, Conversations and Comments

On this website you can create threads, posts and comments in different areas. Many of these areas are open to the public. Furthermore, there is the possibility of conversation between registered users, which is not publicly available.

The associated data, such as date, time, the selected user name (pseudonym) and the IP addresses are stored. Storage takes place on the basis of your consent (Art. 6 para. 1 lit. a GDPR). The storage of the IP address is made for security reasons and in the event that the rights of third parties are infringed or illegal content is created. The stored IP address is deleted on the system side after 7 days.

In addition, it is possible to subscribe to the threads, posts and comments in order to be informed in the future about news. The function of subscribing is only available in the logged-in state. The notification frequency is also defined by the registered user.

5.7 Newsletter

If you would like to receive the newsletter offered on the website, we require an e-mail address from you, as well as information that allows us to verify that you are the owner of the provided e-mail address and that you agree to receive the newsletter. In addition, we store your IP address as well as the date and time of registration in order to be able to trace any possible misuse of your e-mail address at a later date. The stored IP address is deleted on the system side after 7 days. Further data are not collected or only on a voluntary basis. We use this data exclusively for the delivery of the requested information and do not pass it on to third parties.

The processing of the data entered into the newsletter registration form takes place exclusively on the basis of your consent (Art. 6 para. 1 lit. a GDPR).

For sending the newsletter, we use the so-called double opt-in procedure. This means that we will only send you an e-mail newsletter if you have explicitly confirmed to us that you agree to the sending of the newsletter. We will then send you a confirmation e-mail asking you to confirm by clicking on a link that you wish to receive newsletters in the future.

The granted consent to the storage of the data, the e-mail address and their use for sending the newsletter can be revoked at any time, for example via the "unsubscribe" link in the newsletter. The legality of the already completed data processing operations remains unaffected by the revocation.

The data deposited with us for the purpose of obtaining the newsletter will be saved by us from the newsletter until your cancellation and will be deleted after cancellation of the newsletter. Data that has been stored for other purposes with us (such as e-mail addresses for the members area) remain unaffected.

5.8 Data processing when opening a customer account and for contract execution

When creating a customer account, further personal data is collected and processed. Which data are collected, can be seen from the respective input forms. The personal data provided by you are required to fulfill the contract or to carry out pre-contractual measures. Without this data we can not conclude the contract with you.

The responsible person may arrange for the transfer of such data to one or more processors, such as a parcel service provider, if necessary to perform the contract.

The IP address stored in a contract is not merged with other data sources. However, we reserve the right to process this data retrospectively should concrete evidence point to unlawful use. The stored IP address is deleted on the system side after 7 days.

In addition, the buyer data is transmitted to the processing bank institutions / payment service providers for the purpose of debiting the purchase price and for fulfilling the tax obligations.

The collected data will be blocked after completion of the order or termination of the business relationship with regard to tax and commercial retention periods and will be deleted after expiration of these periods, unless you have expressly consented to a further use of your data or a legal permission of further use of data by our side which we will inform you accordingly below.

The data processing takes place on the basis of the legal regulations of the § 96 para. 3 TKG as well as the Art. 6 para. 1 lit. a (consent) and / or lit. b (necessary to fulfill the contract) of the GDPR.

5.9 Use of Package Servers to Obtain Software Updates

By creating a customer account, you will receive personalized access data for the package servers. A package server is used to distribute software updates. After purchasing a license for a software product in the shop, you will be asked for a domain for the license during the download process, as you can only use this software product on one webserver / webspace per license according to the license conditions.

The IP addresses of these domains are polled and stored at regular intervals on the system side.

If your system uses your personalized access data to access the packet servers, the used IP address will be stored and compared with the IP addresses of the stored domains.

The collection and processing of this data takes place in order to safeguard legitimate interests (Art. 6 para. 1 lit. f GDPR) against the background that only in this way can the misuse of our services be prevented. A disclosure of this data to third parties only takes place if concrete evidence points to unlawful use.

6. Payment provider

6.1 PayPal

p>On this website u.a. Payment is offered via PayPal. Provider of this payment service is PayPal (Europe) S.à.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter "PayPal").

If you choose to pay via PayPal, the payment details you enter will be sent to PayPal.

The transmission of your data to PayPal is based on Art. 6 para. 1 lit. a GDPR (consent) and Art. 6 para. 1 lit. b GDPR (processing to fulfill a contract). You have the option to revoke the consent to the handling of personal data to PayPal at any time. A revocation has no effect on personal data which must be processed, used or transmitted for (contractual) payment processing.

PayPal's applicable privacy policy is available at https://www.paypal.com/en/webapps/mpp/ua/privacy-full.

7. Plugins and Tools

7.1 Push Services

Notifications about your browser

Almost all current browsers provide support for push notifications from web pages. The system used here supports this form of communication. When you first visit this website, you will be asked for permission. By accepting this feature, notifications from this web page will be sent directly to your browser in the background.

WSC-Connect

On this website u.a. the push notification via WSC-Connect offered. Provider of this service is Christopher Walz, Vesoulerstraße 5, 70839 Gerlingen, Deutschland

If you connect your WSC Connect app in the account settings of this website, your personal data will be transmitted to WSC Connect.

The applicable WSC Connect Privacy Policy can be found at https://www.wsc-connect.com/privacy.

7.3 Google reCAPTCHA

We use "Google reCAPTCHA" (hereafter "reCAPTCHA") on our websites. Provider is Google Ireland Limited (Registration-No.: 368047) in Gordon House, Barrow Street, Dublin 4, Irland („Google“).

With reCAPTCHA we want to check if the data entry on our websites (for example in a contact form) is done by a human or by an automated program. For this, reCAPTCHA analyzes the behavior of the website visitor based on various characteristics. This analysis begins automatically as soon as the website visitor enters the website. For analysis, reCAPTCHA evaluates various information (for example, the IP address, the website visitor's visit time on the website, or user mouse movements). The data collected during the analysis will be forwarded to Google.

The reCAPTCHA analyzes are completely in the background. Site visitors are not advised that an analysis is taking place.

Data processing is based on Art. 6 para. 1 lit. f GDPR. The Web site operator has a legitimate interest in protecting its web sites from abusive automated spying and SPAM.

For more information about Google reCAPTCHA and Google's privacy policy, please visit the following links: https://www.google.com/intl/en/policies/privacy/ and https://www.google.com/recaptcha/intro/android.html.

7.4 Google Maps

This site uses the mapping service Google Maps via an API. Provider is Google Ireland Limited (Registration-No.: 368047) in Gordon House, Barrow Street, Dublin 4, Irland („Google“).

To use the features of Google Maps, it is necessary to save your IP address. This information is usually transmitted to and stored on a Google server in the United States. The provider of this site has no influence on this data transfer.

The use of Google Maps is in the interest of an attractive presentation of our online offers and an easy findability of the places we have indicated on the website. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR.

For more information on how to handle user data, please refer to Google's Privacy Policy: https://www.google.com/intl/en/policies/privacy/.

8. Media Provider

This website uses many of third parties to view and play media content. When a link to the supported providers is set, it will be automatically recognized and converted by using these third parties and displayed playable.

When you visit a page that contains these links, it will connect to the third-party server. Among other things, it will be communicated which subpage of this website you have visited. Furthermore, different third-party cookies can be stored on your device. If necessary, other data processing operations can be triggered on which we have no influence.

If you also have an account with the respective third-party provider, you will be able to assign your surfing behavior directly to your personal profile to the respective third-party provider. You can prevent this by logging out of the respective third-party account. In addition, the respective third-party provider obtains your IP address. This also applies if you are not logged in to the respective third-party provider or do not have an account with the respective third-party provider.

The use of the media providers is in the interest of an attractive presentation of the online offer. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR.

For more information about how to handle user information, please refer to the privacy statements in the list of supported third party providers listed below.

Instagram

Provider is Instagram Inc., 1601 Willow Road, Menlo Park, CA 94025, USA.

Twitch

Provider is Twitch Interactive, Inc., 225 Bush Street, 6th Floor, San Francisco, CA 94104, USA

Twitter

Provider is Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Ireland

YouTube

Provider is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA.

General external video and audio files

In addition to external third-party providers, HMTL5 makes it possible to directly play video and audio files. If these files are located on external servers, personal data is at least stored in server log files (analogous to 5.1).