The controller within the meaning of the General Data Protection Regulation (GDPR) and other national data protection regulations of the Member States and other regulations relating to data protection is:
Europa-Park GmbH & Co. Mack KG
Europa-Park-Str. 2
77977 Rust
Germany
Tel.: +49 (0)7822-770
Email: info@europapark.de
Website: https://www.europapark.de/en
The controller’s Data Protection Officer is:
Sina Krenz
Tel.: +49 (0)7822-770
Email: datenschutz@europapark.de
We use the data that has been gathered in the scope of you using Europa-Park’s offers (among others website, apps, newsletter) to send you a personalised newsletter (if you have subscribed to it) as well as other personalised advertising campaigns and for consultancy services, maintenance of further customer relations, market research and analysis. Europa-Park offers include Europa-Park, Rulantica water world, Europa-Park Hotels, Camp Resort, Europa-Park Camping, Europa-Park Events, YULLBE and the online shop, ticket shop, hotel booking engine, etc.
When provided in addition to your email address, the following data is usually processed in this regard:
Salutation, gender, first and surname, date of birth, postcode, country of residence, language. Clubcard membership status, Clubcard number, email history, interests regarding newsletter topics and purchases, hotel reservations and stays, including room category and number, as well as the category of overnight guests, ticket purchases and stays, other orders, additional purchases and reservations, voucher redemption, event participation, usage behaviour during a stay, consent status for cookies, user ID, language, device information. Opening and interaction rate for emails.
If the controller of Europa-Park GmbH & Co. Mack KG did not directly collect these data, other companies with a direct relation to Europa-Park shall transmit the data:
Snowflake Inc., Munich, Mies-van-der-Rohe-Straße 8, 80807 Munich, Germany, Emarsys eMarketing System AG, Hansischer-Straße 10, 80339 Munich, Germany and the service provider Cidaas, of Widas ID GmbH Maybachstraße 2 71299 Wimsheim, Germany, shall act as the processor for analysing the data.
The legal basis for data processing is our legitimate interest (Art. 6 (1) f) GDPR) in getting to know our customers better and being able to address them in a personalised manner. This is necessary for promoting sales and supporting customers.
The data is erased as soon as it is no longer required to achieve the purpose for which it was collected. This shall occur, among other things, if we have not been able to detect you acting on any Europa-Park offer for a long time, and there is no further purpose for storing your information.
If you object to the processing of data, the data shall be erased after a short processing time, unless the data must be saved for another purpose.
You the option of objecting to the processing of data. To do this, please contact newsletter-service@europapark.de.
You can configure cookies in the cookie settings to prevent marketing campaigns from being personalised.
Contact forms, which can be used to contact us electronically, are readily available on our website. If the user makes use of this option, the data entered on the input screen will be transmitted to us and stored by us. This data includes:
At the time the message is sent, the following data is also temporarily stored:
Before the contact form is transmitted, we obtain your consent for the processing of the data and refer you to this Privacy Policy.
Alternatively, you may contact us using the email address provided. In such cases, the user’s personal data transmitted in the email is stored.
The data is not passed on to third parties in this connection. The data is used solely for processing the conversation.
Art. 6 (1) a) GDPR provides the legal basis for processing data, where consent has been given by the user to do so.
Art. 6 (1) f) GDPR provides the legal basis for processing the personal data that is transmitted in an email or using the contact form. Art. 6 (1) b) GDPR provides the legal basis for processing data where the purpose of the email contact is to conclude a contract.
We process the personal data entered on the input screen solely for the purpose of processing the request. If contact is made by email, this also constitutes the legitimate interest required for processing of the data.
The purpose of the other personal data processed during the transmission of the contact form is to prevent misuse of the contact form and to ensure the safety of our information technology systems.
The data is erased as soon as it is no longer required to achieve the purpose for which it was collected. For the personal data entered on the input screen of the contact form and the personal data sent by email, this is the case when the conversation with the user has ended. The conversation is deemed to have ended when the circumstances suggest that the issue has been conclusively resolved.
Additional personal data collected during the transmission of the contact form is usually deleted after a period of seven days.
The user has the right at any time to withdraw their consent to processing of the personal data. If the user contacts us by email, they may object to the storage of their personal data at any time. In such cases, the conversation cannot be continued.
The data can be deleted at any time by logging in to the user profile or by sending an email to datenschutz@europapark.de.
In this case, all personal data stored when contacting us is deleted.
You may change your settings for cookies used on our website in the ‘Cookie settings’ section located in the website’s footer. You can manage your consent status for individual cookies and entire categories there. Unless otherwise stated, the legal basis for processing is your consent in accordance with Article 6 (1) a) GDPR. Further details on the services integrated on our website are provided in the following.
We use Google Analytics, a web analysis service provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, hereinafter referred to as ‘Google’, on our website. Google Analytics uses so-called cookies; these are text files that are stored on your computer and enable an analysis of how you use the website.
The information collected by the cookies, for example, the time, place and frequency of your website visits, including your IP address, is transmitted to a Google server in the USA and stored there.
On our website, we use Google Analytics with the suffix ‘_gat._anonymizeIp’. In this case, your IP address will be truncated by Google within the Member States of the European Union or in other countries that are party to the Agreement on the European Economic Area and thereby anonymised.
Google will use this information to evaluate how you use our website, to compile reports on website activities for us, and to provide further services connected with the use of the website and the Internet. Google will also pass this information on to third parties if necessary, insofar as this is legally stipulated or insofar as third parties process this data on behalf of Google.
Google claims that it will not link your IP address with other Google data under any circumstances. You can prevent the installation of cookies by adjusting your browser settings accordingly; in this case, however, we must point out that not all functions of this website may be available to you to their full extent.
Google also offers a deactivation add-on for the most common browsers, which gives you more control over what data is collected by Google on the websites visited by you. The add-on informs Google Analytics JavaScript (ga.js) that no information about the website visit should be sent to Google Analytics. However, the Google Analytics deactivation add-on for browsers does not prevent information from being transmitted to us or to any other web analysis services used by us. You can find further information on the installation of the browser add-on at this link: https://tools.google.com/dlpage/gaoptout?hl=en
We also use Google Analytics to analyse data from Double-Click cookies and AdWords for statistical purposes. If you do not wish this to take place, you can disable it through the Ads Preferences Manager (https://www.google.com/settings/ads/onweb/?hl=en).
This website uses the ‘Custom Audiences’ remarketing function of Facebook Inc. (‘Facebook’). The purpose of this function is to display interest-related ads (‘Facebook ads’) to visitors to this website when logged on to the social network Facebook. To this end, the Facebook remarketing tag has been implemented on this website. This tag makes it possible to establish a direct connection to the Facebook servers when the website is accessed. The information that you have visited this website is sent to the Facebook server, and Facebook links this information to your personal Facebook user account. You can find more information on the collection and use of data by Facebook, your rights with regard to the above and settings to protect your privacy can be found in Facebook’s Data Policy: https://www.facebook.com/about/privacy/. Alternatively, you may disable the ‘Custom Audiences’ remarketing function at https://www.facebook.com/settings/?tab=ads#_=_. You need to be logged into Facebook to do so.
You can change your data processing setting for external content in the cookie settings, which can be found either in the footer of the website or via a privacy button. Some of our website offerings have directly integrated external content, e.g. via iFrames. If you have agreed to this, it means that the providers of this external content can set cookies directly for you and can process data. We do not have any direct influence over this data processing. For more information about this, please refer to the respective data privacy statement issued by the provider of the external content.
This website uses videos. Videos are a great way of easily conveying content in a comprehensible manner. Since it is not powerful enough to just host videos locally, this website uses external video providers. By integrating videos, it is – technically possible – to access the server of the provider Vimeo. We hereby refer you to the provider’s privacy policy for information on how the data from your browser is used in this regard. Vimeo’s Privacy Policy can be found here: vimeo.com/privacy
Vimeo claims to guarantee an appropriate level of data protection.
If your personal data is processed, you are a data subject within the meaning of the GDPR, and you have the following rights vis-à-vis the controller:
You have the right to obtain information about your personal data that we process. In the case of a request for information that is not made in writing, we ask for your understanding that we may require you to provide evidence proving that you are the person you claim to be. (Art. 15 GDPR)
Furthermore, you have a right to rectification or erasure of data or restriction of processing insofar as you are so entitled by law. (Art. 16, 17 and 18 GDPR). In such cases, we are obliged to notify any recipients of the rectification, erasure or restriction of processing of data (Art. 19 GDPR).
You also have a right to data portability within the framework of the data protection regulations (Art. 20 GDPR). This applies to data that you have provided to us.
You have the right to object at any time, on grounds relating to your particular situation, to the processing of your personal data that is performed based on Art. 6 (1) e) or f) GDPR; this shall also apply for any profiling based on these provisions.
In particular, you have the right to object in accordance with Art. 21 (1) and (2) GDPR to the processing of your data, in particular in connection with direct advertising (newsletter), if this is based on a legitimate interest or a weighing of interests.
You have the right to withdraw your declaration of consent under data protection law at any time and with effect for the future. The withdrawal of consent shall not affect the lawfulness of any processing for which consent was given and which was carried out prior to the withdrawal thereof.
You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects on you or significantly affects you in a similar manner.
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual place of residence, place of work or place of the alleged infringement, where it is your opinion that the processing of your personal data is in breach of GDPR regulations (Art. 77 GDPR).
The supervisory authority with which the complaint was lodged shall inform the complainant on the progress and the outcome of the complaint, including the possibility of judicial remedy pursuant to Article 78 GDPR.