data protection
The internal data protection officer is:
Frau Anja Vöge
Ramelsloher Allee 120
21220 Seevetal
This data protection declaration describes the collection, use, disclosure, storage and protection of your personal data. It applies to any application, service or tool that references this Privacy Policy, regardless of how you access or use the Services, including access via mobile devices.
By using our websites and using our advertising services and our services, you accept this data protection declaration and expressly agree to the collection, use, storage and protection of your personal data as described in this data protection declaration.
We collect and store personal data only to the extent that this is absolutely necessary. When collecting, processing, using and passing on your personal data, we comply with the European General Data Protection Regulation (EU-DSGVO) and the Telemedia Act (TMG). Below you will be informed about what type of data is collected and for what purpose it is collected:
security of your data
Your personal data made available to us will be secured by taking all technical and organizational security measures in such a way that they are inaccessible to unauthorized third parties. When sending very sensitive data or information, it is advisable to use the postal service, as complete data security cannot be guaranteed by e-mail.
1. Handling of customer data
Personal data, in particular name, address, telephone number, e-mail address and images are only collected and processed if you provide this information voluntarily, e.g. as part of an enquiry, advertisement or other assignment. The data is stored in our customer systems, which are not accessible to unauthorized third parties. We will only pass on this data if it is necessary to fulfill our contractually owed services. Any further use of the personal data as well as the collection of additional information regularly requires a separate consent from the person concerned.
Legal basis for processing
All customer data is collected and stored on the basis of your consent within the meaning of Article 6 (1) (a) GDPR in conjunction with Article 9 (1) and Article 9 (2) (a) GDPR. This data is also processed as part of the fulfillment of our contractually owed services within the meaning of Article 6 Paragraph 1 lit b GDPR. An exception applies in such cases in which the processing of the data is permitted by statutory provisions.
process of consent
After placing your order, you will receive an email from us with a link that is active for a period of 48 hours. Under this link you can give us the necessary consent to collect and store your personal data. If this is not done within a period of 48 hours, we will remind you by email. The email will be sent to the address you provided when you made your initial inquiry or placed your order. You must ensure that this e-mail address is correct. The customer's consent to data processing for the contractual purposes is deemed to have been given as soon as the box for the link is ticked. As part of this process, we store in particular your master data (name, address, e-mail address, telephone number, pictures) as well as other customer data provided about you. In addition, we have automatic access to the following data, which we do not save, unless we need it to fulfill our contractually owed service:
Your browser data (browser type and version)
IP-Adress
Operating system and device information as well as other, derivable user data
According to Art. 6 Para. 1, lit a GDPR, your consent is required in order to lawfully process personal data. If you do not give us the necessary consent on the basis of the process described above, we will store your personal data at least on the basis of Art. 6 Para.1 lit b GDPR in order to fulfill our contractual obligations.
Duration of data storage
Once the contract has been fully processed, which usually ends after the advertisement has been placed, we will remove the publicly provided data from our website. The data is only stored in our customer system for as long as it is required for your contractual purpose. Due to recurring follow-up orders, the data will be stored in our operational customer system until you revoke your consent.
We cannot guarantee complete data security from the time your data is published. In particular, due to numerous calls to our website by third parties, we cannot rule out the possibility that the information you have provided (in particular address, telephone number, name, pictures, etc.) will be copied, duplicated, stored or passed on.
Opportunities to object
If there are no necessary reasons in connection with a business transaction, you can revoke the previously given consent to your personal data storage with immediate effect in writing (e.g. by e-mail or fax) at any time (according to Art. 21 DSGVO). Your personal data (telephone number, e-mail address, place of residence, pictures, advertisement texts) will then be deleted immediately from our customer system, taking into account the retention periods under tax and commercial law.
You can also notify us in writing of important changes to your data. In accordance with applicable law, you can also ask us at any time whether and which personal data we have stored about you. You will receive a corresponding notification immediately after your request.
2. Handling access data and server log files
Every time you access our website and every time you retrieve the content stored on our website, your browser transmits data that is automatically recorded by our system.
Legal basis for processing
The legal basis for the collection and temporary storage of data and log files is Article 6 Paragraph 1 Letter f) GDPR. By visiting and using our website, you agree to the data collection and temporary storage.
Data transmission and logging
With each access/call, the following data is transmitted and automatically recorded:
Browser type and version
operating system used
IP address of the requesting computer
Access date -/time
File request from the client (file name and URL)
amount of data transferred
Message whether the access/retrieval was successful
The data is also stored in the log files of our system. This data is not stored together with other personal data of the user.
purpose of data processing
The temporary storage of the IP address by the system is necessary to enable delivery of the website to the user's computer. For this purpose, the IP address of the user must remain stored for the duration of the session.
In individual cases, this data is also stored for statistical purposes. Any other use or disclosure to third parties, for commercial or non-commercial purposes, does not take place. We reserve the right to subsequently check the data listed if there is a suspicion of illegal use of our offer.
torage in log files takes place to ensure the functionality of the website. In addition, we use the data to optimize the website and to ensure the security of our information technology systems. Our legitimate interest in data processing in accordance with Article 6 (1) (f) GDPR also lies in these purposes.
Duration of data storage
The access data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected. In the case of the collection of data for the provision of the website, this is the case when the respective session has ended.
In the case of data storage in log files, this is the case after seven days at the latest. Storage beyond this is possible. In this case, the IP addresses of the users are alienated so that it is no longer possible to assign the calling client.
Possibility of objection and elimination
The collection of the data and the storage of the data in log files is absolutely necessary for the operation of the website. Consequently, there is no possibility of objection on the part of the user.
3. Dealing with registrations, comments and contributions
If there is a contact form on our website or you have the opportunity to register or create a user account, the data you enter in the input mask will be used as part of such a process (in addition to the automatically recorded technical data). transmitted to us and stored. This is usually about
First and last name (if provided)
username
Pseudonyms/nicknames
Postal addresses (if provided)
Telephone numbers (if provided)
Email addresses (if provided)
Bank details (if specified)
other personal data that must be provided as part of registrations, log-in areas, order forms or registrations
In this context, the data will not be passed on to third parties. The data will only be used to process the conversation.
Legal basis for processing
The legal basis for processing the data is Article 6(1)(a) GDPR if the user has given their consent.
The legal basis for the processing of data transmitted in the course of sending an email is Article 6 Paragraph 1 Letter f GDPR. If the e-mail contact is aimed at concluding a contract, the additional legal basis for processing is Art. 6 (1) (b) GDPR.
4. Purpose of data processing
The processing of the personal data from the input mask serves us solely to process the contact. If contact is made by e-mail, this is also the necessary legitimate interest in the processing of the data.
The personal data processed as part of log-ins, registrations or when using our contact form during the sending process serves to prevent misuse of the contact form and to ensure the security of our information technology systems. The IP address is stored solely for the purposes of the legal requirements for us as the operator of the website. Your IP address must be verifiable for us so that we can check it in criminal cases. In addition, the collection of this data is necessary in order to be able to offer our services at all.
Furthermore, your registration data will only be used for internal analysis purposes, e.g. for statistical evaluation of user behavior. Of course, we will not pass this data on to third parties without your consent, unless we are legally obliged to do so or the disclosure serves to clarify a violation of the law.
Posted online comments or contributions are published either with the registered real name (first and last name) or with a pseudonym (nickname) selected by the comment author. Your full name is therefore only visible to other users if you enter it as a user name during registration. If you do not want your real name to be published, it is advisable to choose a pseudonym.
Duration of storage
The data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected. This is usually the case for the data collected during the registration process if the registration on our website is canceled or changed.
Even after the registration process, it may be necessary to store personal data of the contractual partner in order to comply with legal obligations.
Opportunities to object
The user is entitled to object to the use of personal data at any time (according to Art. 21 GDPR). This includes in particular name, e-mail address and other personal user data. An e-mail to the e-mail address given in the imprint or to the data protection officer is sufficient for this.
All personal data that was saved in the course of making contact will be deleted in this case. In such a case, the conversation cannot be continued.
5. SSL Encryption
Our website is encrypted with the so-called SSL procedure (Secure Socket Layer), so that confidential and personal content of our users as well as personal data are transmitted securely. Data encrypted via SSL cannot be read by third parties. You can recognize the SSL encryption by the display in your browser line "https://".
6. Use of Cookies
So-called cookies are used to make our website more effective, safer and more user-friendly and to make it easier for you to use our website. These are small text files that are stored on your computer's hard drive.
If a user calls up a website, a cookie can be stored on the user's operating system. This cookie contains a characteristic character string that enables the browser to be clearly identified when the website is called up again.
Legal basis for processing
The legal basis for the processing of personal data using cookies for analysis purposes is - on the basis of the user's consent - Article 6 Paragraph 1 Letter a GDPR. The legal basis for the processing of personal data using technically necessary cookies is Article 6 Paragraph 1 Letter f of the GDPR.
We may use cookies to build anonymous profiles. These are then used for target group marketing, in which the delivery of the advertising material is aligned to the behavior shown (e.g. websites visited, the type of posts read, clicks, etc.). All our cookies are completely anonymous and do not contain any data about you. Cookies are also used to provide you with content and advertising tailored to your interests.
We therefore use the data obtained via cookies exclusively to optimize the delivery of advertising, to limit the frequency of repetition of advertising material, to display content and advertising tailored to your interests, to form anonymous user groups based on interest and for statistical analysis in order to better tailor our offer to the to adapt the interests of our users.
possibility of objection
If you do not agree to our use of cookies, you can switch off the saving and use of your interests (according to Art. 21 GDPR). Most browsers are set by default to automatically accept cookies. However, you can deactivate the storage of cookies or set your browser so that it informs you that cookies are being sent.
However, we would like to point out that you can only use our website with restrictions as a result of the above setting.
7. Links to other websites
Our online offer may contain links to other websites or services such as Facebook, Twitter, Google+ or YouTube. In this regard, the data protection regulations of the respective providers of the websites or services apply. We have no influence on whether they comply with data protection regulations.
Social Plugins
Links to social network services such as Facebook, Google+, Instagram and the microblogging service Twitter are used on our website. These services are provided by the companies Facebook Inc., Google Inc., Twitter Inc. and Instagram LLC. offered (“Provider”).
Facebook is operated by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA ("Facebook"). An overview of the Facebook plugins and their appearance can be found here: https://developers.facebook.com/docs/plugins
Google+ is operated by Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA ("Google"). An overview of the Google plugins and their appearance can be found here: https://developers.google.com/+/web/
Twitter is operated by Twitter Inc, 1355 Market St, Suite 900, San Francisco, CA 94103, USA ("Twitter"). You can find an overview of the Twitter buttons and their appearance here: https://publish.twitter.com/#
Instagram is operated by Instagram LLC., 1601 Willow Road, Menlo Park, CA 94025, USA ("Instagram"). You can find an overview of the Instagram plugins and their appearance here: http://blog.instagram.com/post/36222022872/introducing-instagram-badges
The above-mentioned social plugins are not directly integrated on our websites, but only linked to the respective services of the above-mentioned network providers. So if you call up a page on our website that contains such a link, your browser does not establish a direct connection to the Facebook, Google, Twitter or Instagram servers. Therefore, no information (not even your IP address) can be transmitted to the providers in the USA.
Only if you log in to one of the services can the provider directly assign the visit to our website to your profile on Facebook, Google+, Twitter or Instagram. The information and data (including your IP address) are then transmitted directly from your browser to a server of the respective provider in the USA and stored there.
We also use the Google Maps function, a service provided by Google Inc., USA, CA 94043, 1600 Amphitheater Parkway, Mountain View, to display an interactive map. If you use Google Maps on our website, information about your use of this website and your IP address can be sent to a server in the USA and stored on this server. We have no knowledge of the exact content of the transmitted data and to what extent it is used by Google. Google Inc. denies a connection of the data with information from other Google services. However, the company may transmit the information to third parties or use it to identify individual users. It is therefore possible that Google Inc. processes personal data and personality profiles of users over which we have no influence.
By using our websites, you expressly declare your consent to the collection and processing of information by Google Inc. as described above.
The purpose and scope of the data collection and the further processing and use of the data by the named providers as well as your rights in this regard and setting options for the protection of your privacy can be found in the data protection information of the respective provider.
Facebook privacy policy: http://www.facebook.com/policy.php
Google privacy policy: http://www.google.com/intl/de/+/policy/+1button.html
Data protection information from Twitter: https://twitter.com/privacy
Instagram privacy notices: https://help.instagram.com/155833707900388/
Data protection information and terms of use for Google Maps: https://www.google.com/intl/de_de/help/terms_maps.html
Opportunities to object
We would like to point out that you can object to the future processing of your personal data at any time in accordance with the statutory provisions (according to Art. 21 GDPR).
You can prevent Google Maps from running and data transfer by disabling JavaScript in your browser. However, you will then not be able to use a map display on our respective website.
With regard to the only linked services from third-party providers, there is no possibility of objection, since no personal data is processed by you in this process.
8. Disclosure of Personal Information to Third Parties
The data will only be passed on to third parties within the scope of the clauses described above and within the scope of the purposes described therein. Data will not be sent beyond this without your prior express consent. However, we reserve the right to transmit data to third parties without consent if this is necessary to avert threats to public order or for criminal prosecution. Of course, data will then only be passed on on the basis of an existing authorization basis from the requesting party. If one of the last-mentioned reasons applies, the personal data you have stored will be passed on to the responsible law enforcement and supervisory authority in particular.
Furthermore, all data is automatically forwarded to Adult Profi. The automatic data transmission is based on a contract between the owner of this website and Adult Profi. Conversely, all data stored directly by the Adult Profi servers are also transmitted to the owner of this website.
Adult Profi will treat all data in accordance with the applicable data protection regulations securely and will not pass them on to third parties without your prior consent. You can find more information on Adult Profi’s data protection information under the following link: https://www.adult-profi.com/datenschutz/
Your personal data will not be passed on to third parties beyond this, especially not for advertising purposes. We will therefore not use your stored data for advertising or marketing measures and will not sell them to third parties either, unless you give us your express consent beforehand.
9. Rights of data subjects
If personal data is processed by you, you are the data subject within the meaning of the GDPR and you have various rights vis-à-vis the person responsible:
Affected persons in the narrower sense are in particular users/visitors of our website, those registering, buyers and customers or other persons whose personal data we collect, process and/or store. The data subject has the following rights:
Right to information (Article 15 GDPR)
i.e. you can request confirmation from us at any time as to whether and how personal data relating to you is being processed by us
Right to rectification (Article 16 GDPR)
i.e. you have the right to rectification and/or completion if the processed personal data concerning you is incorrect or incomplete. The person responsible must make the correction immediately.
Right to object (Art. 21 GDPR)
You have the right, for reasons arising from your particular situation, to object at any time to the processing of your personal data, which is based on Article 6 Paragraph 1 lit. e or f GDPR; this also applies to profiling based on these provisions.
Right to erasure (Art. 17 GDPR)
You can request the person responsible to delete the personal data concerning you immediately, and the person responsible is obliged to delete this data immediately if one of the following reasons applies:
Right to restriction of processing (Art. 18 f. GDPR)
Under certain conditions, you can request that the processing of your personal data be restricted. A list of these requirements can be found in Art. 18 GDPR.
Right to data portability (Art. 20 GDPR)
You have the right to receive the personal data that you have provided to us in a structured, common and machine-readable format. You also have the right to transmit this data to another person in charge without hindrance from us, to whom the personal data was provided. You also have the right to revoke your declaration of consent under data protection law at any time. The revocation of the consent does not affect the lawfulness of the processing carried out on the basis of the consent up to the point of revocation (Article 7 (3) GDPR).
The data subject also has the right to lodge a complaint with a data protection authority (supervisory authority) if they believe that the processing of their personal data violates the GDPR (Art. 77 GDPR). For inquiries of this kind, please contact the email address info@saunaclub-harmony.com given in the imprint. Please note that with such requests we must ensure that it is actually the person concerned.
10. Third Party Content and Services
On this website you will also receive offers or services from third parties. These are, for example, maps from Google Maps, YouTube videos or other third-party graphics. As soon as you use these third-party services via our website, your IP address will be recorded for technical reasons. The third-party provider therefore has the option of storing your IP address. Unfortunately, we have no influence on which service provider actually stores your IP address, be it for statistical purposes or for other purposes unknown to us. We will endeavor to only include providers who do not use IP addresses for any other purpose than to deliver the content. Please also note the respective data protection declarations of the individual third-party providers and service providers whose services we use on our website. The at least short-term storage of the IP address is technically necessary due to the way the internet works. However, the IP addresses are shortened by 1 byte before any forwarding to third parties and only processed anonymously. The unabridged IP addresses are not transmitted to third parties.
The objection is based on Art. 21 GDPR. The automated transmission of purely technical data, e.g. your IP address, is due to technical reasons. However, the IP addresses are shortened by 1 byte before any processing and only processed further anonymously. There is no right to object to the at least short-term storage of the IP address, as this is technically necessary.
11. Validity and topicality of the data protection declaration
By using our website, you agree to the use of data described above. The data protection declaration is currently valid and is dated May 25, 2018, when the European General Data Protection Regulation came into force.
Due to the further development of our website or the implementation of new technologies, it may become necessary to change this data protection declaration. We reserve the right to change the data protection declaration at any time with effect for the future. We encourage you to review the current Privacy Policy from time to time.