Welcome to the website of the MEININGER Group. It goes without saying that the protection of your personal data, as well as fair and transparent data processing, are important to us. Below, we wish to provide you with the information which you require to check and claim your rights in relation to data processing.
The controller is:
MEININGER Shared Services GmbH
Obentrautstrasse 72, 10963 Berlin, Germany
You can reach our data protection officer as follows:
MEININGER Shared Services GmbH
Data Protection Officer
Obentrautstrasse 72, 10963 Berlin, Germany
Should you surf on our website, visit our hotels or otherwise get in touch with us, we receive personal data from you. We generally process data in accordance with the following legal provisions:
- If you issue us with your express consent (Article 6 Paragraph 1 a) GDPR), if you wish us to contact you directly, take part in competitions, subscribe to our newsletter and wish to receive advertising tailored to you personally. We also process data in order to fulfil our contractual obligations (Article 6 Paragraph 1 b) GDPR), for example should you book an overnight stay with us.
- As a company, we are subject to various legal obligations (Article 1 Paragraph 1 c) GDPR). For example, under tax and commercial laws, we are obliged to retain certain documents.
- We also process data in accordance with our legitimate interest or that of a third party (Article 6 Paragraph 1 f) GDPR). Amongst others, a legitimate interest includes data processing for purposes connected to direct advertising, sales generation, IT security and prevention of fraud, as well as the creation of use profiles in the form of pseudonyms in order to carry out analysis and design the website in line with requirements (tracking). You have the right to raise an objection to the data processing which takes place in accordance with the legitimate interest in accordance with Article 21 Paragraph 1 GDPR.
3.1.1 Hotel bookings
You can book a hotel room directly via our website. So that we can carry out your booking, we require your contact and address data, as well as information concerning the services which are being requested (travel dates, number of travellers, meal requests). The legal basis is Article 6 Paragraph 1 Letter b) GDPR.
In order to carry out payment transactions via our website, we use various payment service providers, which collect your information directly and are therefore recipients of your personal data which is gathered in connection with the payment process.
The payment service provider is responsible for your payment data. You can obtain information, in particular concerning the responsible body of the payment service provider, the contact details of the data protection officers of the payment service providers and the categories of personal data which are processed by the payment service providers from the following addresses:
SIX Payment Services (Europe) S.A.
10, rue Gabriel Lippmann, 5365 Munsbach, Luxembourg
Data privacy statement: https://www.six-payment-services.com/en/services/legal/privacy-statement.html#country=de
Simon Carmiggeltstraat 6-50, 1011 DJ Amsterdam, The Netherlands
Data privacy statement: https://www.adyen.com/policies-and-disclaimer/privacy-policy
PayPal (Europe) S.à r.l. et Cie, S.C.A.
22-24 Boulevard Royal, 2449 Luxembourg, Luxembourg
Data privacy statement: https://www.paypal.com/de/webapps/mpp/ua/privacy-full?locale.x=en_DE
An der Welle 4, 60322 Frankfurt/Main, Germany
Data privacy statement: https://www.giropay.de/rechtliches/datenschutz-agb/
3.1.3 Get in touch with MEININGER
You can address queries to us and send messages to us via the contact form, our email address or by telephone. We only process your data in order to get in touch with you by the means you requested and in order to handle your matter (the legal basis is Article 6 Paragraph 1 Letters a) or b) GDPR).
We use our processor Freshworks Inc (2950 S. Delaware Street, Suite 201, San Mateo, CA 94403, USA) for the presentation of our FAQ and the handling of queries regarding our FAQ. For this, cookies may be saved on your computer. These do not serve to identify you personally. If Freshworks also processes your name and e-mail address (so that we can respond to you by name), this is only done with your consent and the personal data will be encrypted.
3.1.4 Participation in competitions
Should you participate in competitions, we gather the data which is necessary to perform the competition. This is generally an individual contribution to the competition (for example a commentary or photo), as well as your name and contact details. It may be the case that we pass your data on to our competition partners, for example in order to send you the prize. The data processing and passing on of data can vary depending on the competition and is therefore described in concrete terms in the terms and conditions of participation of the respective competition. The participation in the competition and the associated gathering of data is of course voluntary (legal basis is Article 6 Paragraph 1 Letter a) GDPR).
3.1.5 Sending of our newsletter
You can register for our newsletter in order to receive information concerning new hotels, current offers, events, travel tips and product news of the MEININGER Group and partner companies. Advertising information is only sent to your email address in connection with our newsletter if you have agreed to the use of your email address. It goes without saying that you can revoke your consent to the sending of newsletters at any time by clicking on the unsubscription link in the newsletter, using the unsubscription link on our website, or notifying us of your wish to cancel the subscription by sending an email to newsletter[at]meininger-hotels.com.
For subscription / unsubscription to our newsletter, we use the so-called double opt in / double opt out procedure. This means that following your registration / cancellation, we send an email to the email address which has been provided, in which we request confirmation that you wish to receive / cancel the newsletter. In addition, we save your respective IP addresses which have been used and the time of registration / cancellation and confirmation. By means of this, we can prove your registration / cancellation and, if applicable, clarify any possible misuse of your personal data by a third party.
3.1.6 Newsletter tracking
Based on your consent, we evaluate your user behaviour when the newsletter is sent in order to be able to improve the tracking of how our newsletter is used. For this evaluation, the emails which are sent contain so-called web beacons, also called tracking pixels. These are one-pixel image files which provide a link to our website and which enable us to evaluate your user behaviour. This takes place by means of the use of the web beacons, which are assigned to your email address and are mapped to your own ID. The links in the newsletter also contain these. With the data which is gathered in this way, we create a user profile, in order to tailor the newsletter to your individual interests. During this process, we record the time when you read our newsletters and which links you click in these, and are able to determine your personal interests from this information. We combine this data with the actions you carry out on our website.
You can object to this tracking at any time by unsubscribing from the newsletter. The information will be saved for as long as you remain subscribed to the newsletter. Following an unsubscription, we save the data in a purely statistical and anonymous form. Should you have de-activated the display of pictures in your email program in a standard form, such tracking is also not possible. In such a case, the newsletter will not be displayed to you in full and you may not be able to use all of the functions. Should you have the pictures displayed manually, the tracking referred to above takes place.
3.1.7 Other advertising by MEININGER
Should we receive your email address and postal address in connection with a stay in our hotels, we can use this data in order to inform you from then on of similar products and services offered by us. Should you prefer not to receive advertising information by post or email, you can object to the use of your contact data for advertising purposes at any time with effect for the future, without any costs being incurred apart from the transmission costs under the basic tariffs. You should send your objection to the following contact address:
MEININGER Shared Services GmbH
Obentrautstrasse 72, 10963 Berlin, Germany
You can apply to the companies of the MEININGER Group electronically, via the application form on our website or via email to jobs[at]meininger-hotels.com. It goes without saying that we will only use your information in order to process the application and we will not pass this on to third parties. Please bear in mind that emails which are sent in non-encrypted form cannot be protected against unauthorised access. More information about how we process your personal data can be found in our information sheet for the application process, which you receive from our Human Resources Department or can download here.
3.1.9 Use of social plugins
This website uses social plugins of the provider:
- Facebook (Operator: Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA)
- Twitter (Operator: Twitter Inc., 795 Folsom St., Suite 600, San Francisco, CA 94107, USA)
- LinkedIn (Operator: LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland)
- Google+ (Operator: Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA)
- Pinterest: (Operator: Pinterest Inc., 651 Brannan Street, San Francisco, CA 94103, USA)
- Instagram (Operator: Instagram LLC, 1601 Willow Rd, Menlo Park CA 94025, USA)
These plugins normally record standard data relating to you and transfer this to the server of the respective provider. In order to guarantee the protection of your private sphere, we have taken technical measures which ensure that your data cannot be recorded by the providers of the respective plugin without your agreement. When a page is accessed in which the plugins are integrated, these are initially de-activated. Only when you click on the respective symbol are the plugins activated and you are then issuing your agreement to your data being transferred to the respective provider. The legal basis for the use of the plugins is Article 6 Paragraph 1 a) and f) GDPR.
Once activation has taken place, the plugins also record personal data such as your IP address, and send this to the servers of the respective provider, where it is then saved. When the website concerned is called up, activated plugins also use a cookie with an unambiguous code. By means of this, the providers can also create profiles concerning your use behaviour. This also takes place if you are not a member of the social network of the respective provider. Should you be a member of the social network of the provider and should you be logged in to the social network during your visit to this website, your data and information concerning the visit to this website can be connected to your profile on the social network. We have no control over the precise scope of the data relating to you which is gathered by the respective provider. You can find more detailed information concerning the scope, type and purpose of the data processing and your rights and settings options in order to protect your private sphere in the data protection notices of the respective provider. This can be accessed via the following addresses:
- Facebook: https://www.facebook.com/privacy/explanation
- Twitter: https://twitter.com/en/privacy
- LinkedIn: www.linkedin.com/legal/privacy-policy/
- Google+: https://policies.google.com/privacy?hl=en-DE
- Pinterest: https://policy.pinterest.com/en-gb/privacy-policy
- Instagram: help.instagram.com/155833707900388
Videos of YouTube are integrated into the website in the extended data protection mode. When the video is viewed, the following data will be transferred to Google as the operator of YouTube:
- The IP address
- The specific address of our page which has been accessed
- The transmitted name of the browser
- The system date and time of the access
- Cookies which are already present by means of which your browser can be clearly identified.
Only once the video is played are cookies and pixel tags set by YouTube in order to personalise advertising and search results. No information concerning the visitors to the website is saved by Google, unless they are watching the video.
We wish to point out that Google may receive additional data via cookies which have already been saved. We have no influence over the extent to which this data is used by Google. Google Inc is responsible for this data gathering and processing.
3.1.11 Google Maps
3.1.12 How are cookies used on this website?
These cookies are automatically deleted once you close the browser. These include the session cookies in particular. These save a so-called session ID, by means of which various requests of your browser can be assigned to the session. By means of this process, your computer can be recognised once again if you return to our website. The session cookies are deleted when you log out or close the browser.
These cookies are automatically deleted after a prescribed period of time, which can vary depending on the cookie. You can delete the cookies in the security settings of your browser at any time.
The flash cookies which are used are not recorded by your browser, rather by your flash plugin. We also use HTML 5 storage objects, which are deposited on your end device. These objects save the necessary data regardless of the browser which you use and do not have an automatic expiry date. Should you not wish the processing of the flash cookies to take place, you need to install a corresponding add on, for example "Better Privacy" for Mozilla Firefox or the Adobe Flash Killer cookie for Google Chrome. The use of HTML 1 storage objects can be prevented by using the private mode in your browser. We would also recommend that you regularly delete your cookies and browser history manually.
Prevention of cookies
You can configure your browser setting in accordance with your wishes and you can, for example, reject the acceptance of third party cookies or all cookies. However, we wish to point out that in such a case, you may not be able to use all functions of this website.
3.1.13 Analysis of websites
For the analysis and optimisation of our websites, we use various services which are set out below. For example, by means of these we can analyse how many users are visiting our website, what information is the most popular or how users find the service. Amongst other things, we record the website where a data subject came across a website (so-called referrer), which sub-pages of the website are accessed or how often and for how long a sub-page was viewed. This helps us make our services user friendly and helps us to improve them. The data which is gathered during this process is not used to personally identify individual users. Anonymous data or data with the highest level of pseudonymisation is gathered. The legal basis is Article 6 Paragraph 1 Letter f) GDPR. We consider the optimisation of our website to be a legitimate interest. Your basic rights and basic freedoms do not outweigh our interests, as we comprehensively inform you of the data gathering in our data protection declaration and you have the opt out option at any time (via link or browser settings). We also only used pseudonymised tracking.
This website uses Google Analytics, a web analysis service of Google Inc (1600 Amphitheatre Parkway Mountain View, CA 94043, USA). The use includes the Universal Analytics operating type. By means of this, it is possible to assign data, sessions and interactions via more than one device to a pseudonymous user ID and thus to analyse the activities of a user across several devices.
We use the „Google Optimize" service on our website, which allows us to show different variations of our site to users and analyse users' activities to determine which variant is better accepted by users. This also allows us to customise the contents of websites. For example, we can use Google Optimize to make different versions of the site available to different audiences. User behaviour analytics is provided by Google Analytics or Google Ads within the scope of the use of Google Optimize. Google Optimize uses Google Analytics cookies for alignment and stability purposes. Further information about the cookies used in Google Analytics is available here.
You can prevent the saving of cookies by setting your browser software accordingly. However, we wish to point out that in such a case, you may not be able to fully use all functions of this website. In addition, you can prevent the recording of the data which is generated by the cookie and which relates to your use of the website (including your IP address) by Google, as well as the processing of this data by Google by downloading and installing the browser plugin which is available via the following link: https://tools.google.com/dlpage/gaoptout?hl=en-GB. Opt out cookies prevent the future recording of your data when you visit this website. In order to prevent the recording by Universal Analytics via various devices, you need to carry out the opt out on all systems which you are using.
3.1.14 Cookies for marketing purposes
At any time, you have the right to raise an objection to the processing of your data for the purpose of such advertising. For this purpose, we will provide you at the head of this website with the opt out options of the respective services. Alternatively, you can prevent the setting of cookies in your browser settings:
Google Chrome: https://support.google.com/chrome/answer/95647
Google AdWords and conversion tracking
Google Dynamic Remarketing
This website uses Bing Ads, a service of Microsoft (Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA). A cookie is set by Microsoft Bing Ads if you have come across our website via a Microsoft Bing advert. In this way, it can be shown that a person has clicked on an advert, was redirected to our website and has reached a pre-determined target page (conversion page). We are only informed of the total number of users who have clicked on a Bing advert and were then redirected to the conversion page. No personal information concerning the identity of the user is disclosed. Further information concerning data protection and the cookies used by Microsoft Bing can be found on the website of Microsoft.
We work together with THN (The Hotels Network), Muntaner 262, 3º, 08021 Barcelona, Spain as our processor.
When you visit our website, THN stores a cookie on your computer. Your IP address is also processed. The cookie does not store your IP address, but a string of characters (cookie ID). This cookie ID is also stored on THN's servers. The next time you visit THN, only this ID is read, enabling identification of the Internet browser you are using in the THN network. This does not allow THN to identify you personally. If THN also processes your e-mail address (so that you can complete your booking at a later date if necessary), this will only be done with your consent. ID and e-mail are not merged by THN.
The purpose of this data processing is to be able to show you widgets and notifications that are automatically selected based on your surfing behaviour in order to optimise the relevance of these ads for you (so-called "personalised" or "behaviour-based advertising delivery" or "behavioural targeting"). The aim is to present you only those ads that might be of interest to you.
The THN cookies have an expiration date and expire automatically after a maximum of two years. Without a valid cookie file, the character string stored on THN's servers can no longer be assigned by the provider.
If you do not want the processing operations described above to take place, you can prevent the cookies required for these technologies from being saved, for example, by changing your browser settings. You can also prevent your data from being processed by THN's scripts with the help of additional programs for your browser (e.g. with the add-on Ghostery or NoScript).
Facebook Custom Audiences
Custom Audience Pixel, a service of Facebook Inc., (1601 S. California Ave, Palo Alto, CA 94304, USA), is a small piece of Java script code which we have integrated into all of our websites. This piece of code provides a number of functions for the sending of application specific events and user defined data to Facebook. We use Custom Audience pixels in order to record information concerning the way in which visitors use our website. This pixel records and provides Facebook with information concerning the browser setting of the user, a hashed version of the Facebook ID and the URL which is being visited. Each Facebook user thus possesses a clear and device-independent Facebook ID, whereby it is possible to address the user via more than one device on the social network Facebook and to recognise him or her, so that we can target our visitors again for advertising purposes by means of Facebook adverts. After 180 days, the user information is deleted until the visitor accesses our website again. Therefore, no personal information is disclosed to MEININGER in relation to the individual website visitors and we can only solicit website customer target groups once the target customer group has reached a critical mass in terms of numbers. Further information concerning Facebook and its private sphere settings above and beyond the details set out can be found in the Data Policy and the Terms of Service of Facebook Inc.
1. General information
Social media have become an integral part of the internet and modern communication. To stay in contact with our customers and prospects, we have set up our own Fanpage on Facebook. Facebook is a service of Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA, and certified under the EU/US Privacy Shield. With the Commission's Implementation Decision (EU) 2016/1250 of 12 July 2016, the level of protection of personal data under the EU/US Privacy Shield is recognised as equivalent to the level of protection in the European Union.
We would like to expressly point out that Facebook stores and uses the user data (e.g. IP- address, preferences and personal interests, behaviour on the Facebook pages, further personal information possibly stored on Facebook, etc.) for business purposes.
We have no influence on the processing and further usage of this data, as only Facebook determines this processing and usage. To what extent, where and for how long the data will be stored, how the data will be combined and evaluated and to whom the data will be transfered, is currently not comprehensible to us. We also have no insight and no influence regarding deletion periods, i.e. whether and to what extent deletion periods are observed.
If you are a Facebook member and logged into your Facebook user account, Facebook may connect the information about your visit of our site with your user account. To prevent Facebook from connecting information about your visit of our Fanpage with your Facebook account information, you must
According to Facebook, all information by which you can be identified by Facebook, is deleted in this way.
2. Scope of data collection and storage
To view the content on our Facebook Fanpage, you do not need to be a Facebook member. However, Facebook collects, stores, and uses information each time you visit our site.
The moment you visit our Fanpage, your browser connects to a Facebook server. This may result in transferring personal data to countries outside the European Union. In any case, regardless of whether you are registered on Facebook or not, your IP address is transferred and cookies are set on your device. If you are a Facebook member and logged into your Facebook user account, Facebook can connect the information about your visit of our site with your user account.
The Cookies which are used include session cookies, which are deleted when the browser is closed, and persistent cookies, which remain on the device until they expire or are deleted by the user. A cookie is a small text file that enables a website to recognize a browser. Cookies are stored on the computer when a website is accessed and are retrieved and read out the next time the web server is accessed. You can decide yourself via your browser settings whether and which cookies you want to allow, block or delete. Instructions for different browsers can be found here: Internet Explorer, Firefox, Google Chrome, Google Chrome mobile, , Safari, Safari mobile. Alternatively, you can also install so-called ad blockers such as Ghostery.
According to Facebook, the cookies used by Facebook are used for authentication, security, website and product integrity, advertising and measurement, website functions and services, performance, analysis and research. Details of the cookies used by Facebook (e.g., cookie names, function, duration, content and purpose) can be found here: https://www.facebook.com/policies/cookies/
Settings regarding the advertisements which should be displayed or no longer displayed by Facebook can be choosen here: https://www.facebook.com/about/basics/advertising and http://www.youronlinechoices.com.
The above link allows you to manage your preferences for user-based online advertising. If you object to user-based online advertising from a specific provider using the preference manager, this only applies to the specific data collection via the web browser you are currently using. Preference management is cookie-based. If you delete all browser cookies, the preferences set with the preference manager will also be deleted.
Data: User interactions (postings, likes etc.) > Purpose: User-communication > Legal basis: Art. 6 para.1 lit. f) GDPR
Data: Facebook cookies > Purpose: Targeted advertising > Legal basis: Art. 6 para.1 lit. f) GDPR
Data: Demographic data (e.g. based on information about age, residence, language or gender) > Purpose: Targeted advertising > Legal basis: Art. 6 para.1 lit. f) GDPR
Data: Statistic data about user interactions in aggregated form, i.e. without direct references to persons (e.g. page activities, page views, page previews, likes, recommendations, articles, videos, page subscriptions incl. origin, times of day) > Purpose: Targeted advertising > Legal basis: Art. 6 para.1 lit. f) GDPR
Automated individual decision-making and profiling according to Art. 22 GDPR does not take place.
We only store personal data as long as it is necessary for the respective purpose for which it was collected. If we have a business relationship with you, we store your personal data as long as the business relationship continues, this also includes the initiation and performance of a contract and the regular periods of limitations. In addition, we store the data if and to the extent that we are subject to statutory storage obligations. Such obligations may arise, for example, from the German Commercial Code (HGB) or the German Tax Code (AO) or other national laws, depending on our company location. If you have given us consent for a specific data processing activity, the data associated with the granting of consent will be stored until you withdraw your consent or otherwise for the duration of the processing operation and after termination of the processing operation within the scope of the regular periods of limitations
3. Facebook Insights
We are using the Facebook Insights function for statistical evaluation purposes. In this context, we receive anonymous data about the users of our Facebook Fanpage. It is not possible for us to identify any individual user with this data. For further information, we refer to the Facebook Cookie-Policy.
4. Disclosure of personal data
Recipients or categories of recipients
If you interact with Facebook, Facebook also has access to your data. In particular, Facebook Inc., 1601 Willow Road, Menlo Park, California 94025, USA, may have access to your data. Facebook is located in a third country where the level of data protection is not equivalent to European standards. Facebook is subject to the EU-U.S. Privacy Shield to ensure an appropriate level of data protection according to European standards.
The EU/US Privacy Shield certifications can be found at https://www.privacyshield.gov/list. With the Commission's Implementation Decision (EU) 2016/1250 of 12 July 2016, the level of protection of personal data under the EU/US Privacy Shield is recognised as equivalent to the level of protection in the European Union.
5. Legal basis
Art. 6 para 1 lit. f GDPR is the legal basis for the processing of personal data if the processing is necessary for the purposes of the legitimate interests pursued by our company or by a third party, and if such interests are not overridden by the interests or fundamental rights and freedoms of the data subject. Our legitimate interest in the processing of personal data is the presentation of our company and our products as well as services for your information and in particular the provision of up-to-date communication channels for you.
6. Your rights
If the legal requirements are met, you are entitled to the following rights:
According to Art. 21 GDPR, you have the right to object, on grounds relating to your particular situation, at any time to the processing of your personal data based on Art. 6 para 1 lit. e or f GPDR, including profiling which is based on those provisions.
Where personal data are processed for direct marketing purposes, you have the right to object at any time to the processing of your personal data for such marketing, which includes profiling to the extent that it is related to such direct marketing.
7. Contact details of the controller and the data privacy officer; Jointcontrollership according to Art. 26 GDPR
MEININGER Shared Services GmbH
Obentrautstrasse 72, 10963 Berlin, Germany
Facebook Ireland Ltd.
4 Grand Canal Square , Grand Canal Harbour,
In the opinion of the European Court of Justice (ECJ), we are jointly responsible with Facebook for the processing of your personal data. The decision of the European Court of Justice of June 5, 2018 can be found here.
According to Art. 26 GDPR, we hereby inform you about the joint controller agreement between Facebook and us: https://www.facebook.com/legal/terms/page_controller_addendum
If you have any further questions regarding the collection, processing or use of your personal data, or if you want to assert your rights of access, correction, blocking or deletion of data as well as withdrawal of granted consents, please contact us:
MEININGER Shared Services GmbH
Data Protection Officer
Obentrautstrasse 72, 10963 Berlin, Germany
When you stay with us, we gather personal data about you. More information about how we process your personal data can be found in our information sheet for customers and guests, which you receive from the Reception or can download here.
If you contact us by telephone or in writing with support issues or reservation requests, we record your name, company name, query and, if applicable contact details for a response or return call, should the gathering of this information be necessary in order to carry out the processing. Your data is used to process your query. The legal basis is Article 6 Paragraph 1 b) and f) GDPR. A phone call is only recorded if you have issued your express agreement to this (§ 6 Paragraph 1 a) GDPR). The recording takes place in order to check the quality of our customer support and to improve it.
In order to better understand how our necessary emails (booking confirmation, etc.) are used, we evaluate your user behavior after dispatch. For this evaluation, the e-mails sent contain so-called web beacons, also known as tracking pixels. These are one-pixel image files that link to our website and thus enable us to evaluate your user behavior. Links contained in the mails themselves also contain these.
The data is collected exclusively under pseudonyms, so the IDs are not linked to your other personal data, and there is no possibility of direct personal reference.
More information about how we process your personal data can be found in our information sheet for customers and guests, which you receive from our Service Center or can download here.
Should you provide us with your contact data at a trade fair, for example by handing your visitor card to us, participating in a competition (see 3.1.2) or subscribing to our newsletter (see 3.1.3), we record this data in our CRM system. We use this data to get in touch with you as requested, to enter into a business relationship and to provide you with information material.
So that MEININGER can process your data for the purposes described above, it may be necessary for other recipients also to view and process your data.
4.1 Recipients within the MEININGER Group
In certain cases, it may be necessary for us to distribute your data across the Group. However, data processing within the MEININGER Group only takes place if this is permitted by law. For example, this is the case if other companies of the MEININGER Group work for us in connection with the processing of an order or if a legitimate interest under Article 6 Paragraph1 f) GDPR is present. You can find a list of other companies of the MEININGER Group here.
4.2 External service providers (processors)
Your data will be passed on to service partners, should these work on our behalf and support MEININGER in the provision of its services. For example, should you subscribe to our newsletter, we have engaged a service provider in relation to the sending of the newsletter. Processing of your personal data by commissioned service providers takes place within the framework of order processing in accordance with Article 28 GDPR.
Our mail communication is managed on our behalf by a service provider based in Germany. This service provider performs the technical dispatch and administration of the mail communication for us and also processes personal data in this context. A transfer of your data to third parties does not take place unless we are legally obliged to do so or the data transfer is necessary for the execution of the contractual relationship. We ensure by legal, technical and organizational measures as well as by regular controls that personal data are processed on the basis of our instructions, in agreement with these data protection references and thus according to GDPR.
4.3 Other service providers, partners and third parties
MEININGER can co-operate with other partners, should this be necessary in order to fulfil the services which we offer or should we be legally obliged to hand over data. This can include the following partners or third parties:
- Banks and payment providers
- Public sector entities / authorities or by court order
- Police / customs authorities
We prefer to process your data within the EU / EEA. However, it may be the case that we use service providers which are located outside of the EU / EEA. In such cases, we ensure that prior to the transfer of your personal data, a reasonable level of data protection is guaranteed. This means that by means of EU standard contracts or adequacy resolutions, such as the EU Privacy Shield, a data protection level which is comparable to the standards within the EU is attained.
We delete personal data of the data subject once the purpose of the storage no longer applies and provided that statutory retention obligations do not prevent a deletion.
You have the following rights in relation to us concerning your personal data:
7.1 General rights
You have the right of access, correction, erasure, restriction of processing, objection to the processing and of data portability. Should processing take place with your consent, you have the right to revoke this in relation to us with effect for the future.
7.2 Rights in the case of data processing based on a legitimate interest
In accordance with Article 21 Paragraph 1 GDPR, you have the right at any time, for reasons connected to your specific situation, to raise an objection to the processing of personal data relating to you, which takes place under Article 6 Paragraph 1 e) GDPR (data processing in the public interest), or under Article 6 Paragraph 1 f) GDPR (data processing in order to safeguard a legitimate interest). This also applies to profiling which is based on this regulation. In the event that you raise an objection, we will no longer process your personal data, unless we can provide proof of mandatory protectable reasons for the processing which take priority over your interests, rights and freedoms or the processing takes place in order to assert, exercise or defend legal claims.
7.3 Rights in the case of direct advertising
Should we process your personal data in order to carry out direct advertising, then in accordance with Article 21 Paragraph 2 GDPR you have the right to raise an objection at any time to the processing of thepersonal data relating to you for the purpose of such advertising. This also applies to the profiling, should it be connected with such direct advertising.
Should you raise an objection against the processing for the purpose of direct advertising, we will no longer process your personal data for these purposes.
7.4 Right to complain to a supervisory authority
You also have the right to complain to a competent data protection supervisory authority in relation to the processing of your personal data by us.
8.1 Changes to the data protection declaration
This data protection declaration which has been issued is continually adjusted in the course of further developments related to the Internet or the services we offer. We will provide timely notification of such changes on this page. In order to remain up-to-date concerning the current status of our data protection provisions, please visit this page regularly.
8.2 Links to other websites
Our websites may contain links to websites of other providers. We wish to point out that this data protection declaration only applies to the websites of MEININGER. We have no influence over whether other providers comply with the applicable data protection provisions and do not monitor this.