Data protection
Privacy Policy
Lakeside Oasis
1. Data Protection at a Glance
General Information
The following information provides a simple overview of what happens to your personal data when you visit our website or make a booking or enquiry for the holiday apartment “Lakeside Oasis” via our website. Personal data includes all data that can be used to personally identify you, for example your name, address, email address, telephone number, payment details or booking data. Detailed information on data protection can be found in the privacy policy below.
2. Controller
The controller responsible for data processing on this website is:
Claudia Fernandez
Lindenstraße 6 88138 Weißensberg Germany
Email: info@lakesideoasis.de
Phone: +49 176 34415392
The controller is the natural or legal person who, alone or jointly with others, determines the purposes and means of processing personal data.
3. Data Collection on This Website
How do we collect your data?
Some of your data is collected when you provide it to us. This may include data that you submit through a booking enquiry, direct booking, email, telephone call or contact form.
Other data is collected automatically by the technical systems used when you visit the website. This mainly includes technical data, such as your internet browser, operating system, IP address or the time at which the page was accessed.
What do we use your data for?
We process your data in particular for the following purposes:
• providing and technically securing the website
• processing enquiries
• carrying out bookings and reservations
• communication before, during and after your stay
• payment processing
• fulfilling legal retention and reporting obligations
• managing the accommodation via Smoobu and connected booking channels
• improving our services, where legally permitted
Depending on the purpose, processing is carried out on the basis of Art. 6(1)(b) GDPR, where processing is necessary for pre-contractual measures or the performance of a contract; on the basis of Art. 6(1)(c) GDPR, where legal obligations exist; on the basis of Art. 6(1)(f) GDPR, where legitimate interests exist; or on the basis of Art. 6(1)(a) GDPR, where you have given your consent.
4. Hosting, Website Builder and Booking System via Smoobu
Our website and/or booking system are operated or integrated via the platform Smoobu.
Provider: Smoobu GmbH Pappelallee 78/79 10437 Berlin Germany
Smoobu is software for managing holiday accommodation. Through Smoobu, availability, prices, bookings, guest data, messages and connected booking channels can be managed, among other things.
If you make a booking or enquiry via our website, the following data may be processed:
•name
• contact details, such as email address and telephone number
• travel dates, such as arrival and departure date
• number of guests
• booked accommodation
• payment and invoice information, where required
• messages and special requests
• technical data, such as IP address, date and time of booking
This data is processed for the purpose of carrying out pre-contractual measures and fulfilling the accommodation contract pursuant to Art. 6(1)(b) GDPR, as well as to safeguard our legitimate interest in efficiently managing our accommodation pursuant to Art. 6(1)(f) GDPR.
Smoobu processes personal data on our behalf. According to Smoobu, a data processing agreement is available for download in the Smoobu account. A data processing agreement pursuant to Art. 28 GDPR should exist with Smoobu.
Further information on data protection at Smoobu can be found in Smoobu’s privacy policy. Smoobu identifies Smoobu GmbH, based in Berlin, as the controller responsible for its own website.
6. Payment Processing
Depending on the payment method offered, payment data may be processed.
Possible payment methods include, for example:
• bank transfer / invoice
• payment via the booking system
• Stripe Connect / credit card payment
• PayPal payment
The specific payment methods available will be displayed during the booking process.
If you use an external payment service provider such as Stripe or PayPal, the data required for payment processing will be transmitted to the respective payment service provider. This may include, in particular, your name, email address, booking amount, payment details and transaction information.
Processing is carried out for payment processing and contract fulfilment pursuant to Art. 6(1)(b) GDPR. Where statutory retention obligations exist, processing is also carried out on the basis of Art. 6(1)(c) GDPR.
7. Contact by Email, Telephone or Contact Form
If you contact us by email, telephone or via a contact form, your details will be stored for the purpose of processing the enquiry and for any follow-up questions.
This may include in particular:
• name
• email address
• telephone number
• content of the message
• booking or travel dates, if provided
Processing is carried out on the basis of Art. 6(1)(b) GDPR if your enquiry is related to a booking or pre-contractual measures. In all other cases, processing is based on our legitimate interest in handling your enquiry pursuant to Art. 6(1)(f) GDPR or on your consent pursuant to Art. 6(1)(a) GDPR, where such consent has been requested.
The data you provide to us will remain with us until the purpose of storage no longer applies, you request deletion or statutory retention obligations prevent deletion.
8. Server Log Files
When you visit our website, technical information transmitted by your browser is automatically processed. This may include:
• browser type and browser version
• operating system used
• referrer URL
• hostname of the accessing computer
• time of the server request
• IP address
This data is technically necessary to display the website correctly, ensure the security of the website and identify possible technical disruptions.
The legal basis is Art. 6(1)(f) GDPR. Our legitimate interest lies in the secure, stable and technically error-free provision of our website.
9. Cookies and Consent
Our website may use cookies. Cookies are small text files stored on your device.
Some cookies are technically necessary for the website and booking system to function properly. Other cookies may be used to provide certain functions, embed content or analyze user behavior, where this has been activated.
Technically necessary cookies are processed on the basis of Art. 6(1)(f) GDPR, unless another legal basis is specified. Our legitimate interest lies in the technically error-free provision of the website and booking system.
Where consent is obtained for non-essential cookies, analytics tools or external content, processing is carried out on the basis of Art. 6(1)(a) GDPR. Consent can be withdrawn at any time.
Smoobu offers privacy settings and an adjustable privacy page in the Website Builder; according to Smoobu, cookie notices and privacy options can also be managed there.
10. Google Maps
Google Maps may be embedded on our website to display the location of the accommodation.
Provider:
Google Ireland Limited
Gordon House Barrow Street Dublin 4 Ireland
If Google Maps is actively embedded, personal data, in particular your IP address and location/usage data, may be transmitted to Google. Data may also be transferred to Google servers outside the European Union, in particular to the USA.
Google Maps is used to provide an appealing presentation of our accommodation and to make the location easier to find.
The legal basis is your consent pursuant to Art. 6(1)(a) GDPR, provided that Google Maps is only loaded after consent has been given. If Google Maps is loaded without prior consent, processing may be based on legitimate interests pursuant to Art. 6(1)(f) GDPR; however, from a data protection perspective, it is safer to load Google Maps only after consent has been given.
11. Google Fonts / Web Fonts
Our website may use so-called web fonts for the uniform display of fonts.
If fonts are loaded externally from Google servers, your browser may establish a connection to Google servers. This may allow Google to become aware that our website has been accessed via your IP address.
Provider:
Google Ireland Limited Gordon House Barrow Street Dublin 4 Ireland
The use of web fonts serves the uniform and appealing presentation of our website. The legal basis is Art. 6(1)(f) GDPR, provided that the fonts are technically necessary or locally embedded. If external Google Fonts are loaded without local storage, consent should be obtained for this.
12. Analytics Tools and Tracking
We use analytics or tracking tools only if they are expressly activated on the website.
If analytics tools, such as Google Analytics, Facebook/Meta Pixel or other tracking services, are used, they will only be loaded after your consent has been given, where such consent is legally required.
In this case, the legal basis is Art. 6(1)(a) GDPR. Consent can be withdrawn at any time.
13. SSL or TLS Encryption
This website uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as booking enquiries or other enquiries.
You can recognize an encrypted connection by the fact that the browser’s address bar begins with “https://” and a lock symbol is displayed in your browser bar.
If SSL or TLS encryption is activated, the data you transmit to us generally cannot be read by third parties.
14. Storage Period
We store personal data only for as long as is necessary for the respective purposes or as long as statutory retention obligations exist.
Booking, invoice and payment data may be stored for several years due to statutory commercial and tax retention obligations.
Data from general enquiries will be deleted once the enquiry has been finally processed and no statutory retention obligations prevent deletion.
15. Your Rights
Within the scope of the applicable legal provisions, you have the following rights at any time:
• right of access pursuant to Art. 15 GDPR
• right to rectification pursuant to Art. 16 GDPR
• right to erasure pursuant to Art. 17 GDPR
• right to restriction of processing pursuant to Art. 18 GDPR
• right to data portability pursuant to Art. 20 GDPR
• right to object to processing pursuant to Art. 21 GDPR
• right to withdraw consent given pursuant to Art. 7(3) GDPR
• right to lodge a complaint with a data protection supervisory authority
If you have given consent to data processing, you may withdraw this consent at any time with effect for the future. The lawfulness of processing carried out up to the time of withdrawal remains unaffected.
16. Right to Lodge a Complaint with the Competent Supervisory Authority
In the event of data protection violations, you have the right to lodge a complaint with a data protection supervisory authority.
The competent authority may in particular be the supervisory authority of your usual place of residence, your place of work or the place of the alleged violation.
For Bavaria, this is generally:
Bayerisches Landesamt für Datenschutzaufsicht
Promenade 18 91522 Ansbach Germany
17. Objection to Advertising Emails
The use of contact details published as part of the legal notice obligation for the purpose of sending unsolicited advertising and information materials is hereby objected to.
We expressly reserve the right to take legal action in the event of unsolicited advertising information being sent, for example by spam emails.