Jonathan Bußhoff
Burgstraße 19
54470 Bernkastel - Kues
Germany
Email: jonathan@busshoff.net
Owners: Dorothee und Markus Bußhoff
Visitors and users of the website (hereinafter referred to as users).
"Personal data" means any information relating to an identified or identifiable natural person (hereinafter "data subject"); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier (e.g. cookie) or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
"Processing" means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means. The term is broad and covers practically any handling of data.
"Pseudonymisation" means the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organisational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.
"Profiling" means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning that natural person's performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements.
"Controller" means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.
"Processor" means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
In accordance with Art. 13 DSGVO, we inform you of the legal bases of our data processing. For users from the scope of the Datenschutzgrundverordnung (DSGVO), i.e. the EU and the EEA, the following applies unless the legal basis is not mentioned in the privacy policy:
The processing of data for purposes other than those for which they were collected is determined in accordance with the requirements of Art. 6 para. 4 DSGVO. The processing of special categories of data (according to Art. 9 para. 1 DSGVO) is determined in accordance with the requirements of Art. 9 para. 2 DSGVO.
We take appropriate technical and organizational measures in accordance with legal requirements, taking into account the state of the art, the implementation costs and the nature, scope, context and purposes of processing as well as the varying likelihood and severity of the risk to the rights and freedoms of natural persons, to ensure a level of protection appropriate to the risk.
The measures include, in particular, ensuring the confidentiality, integrity and availability of data by controlling physical access to the data, as well as access, input, disclosure, ensuring availability and their separation. Furthermore, we have established procedures that ensure the exercise of data subject rights, deletion of data and response to data threats. Furthermore, we take the protection of personal data into account as early as the development or selection of hardware, software and procedures, in accordance with the principle of data protection through technology design and through data protection-friendly default settings.
If, in the course of our processing, we disclose data to other persons and companies (processors, joint controllers or third parties), transmit it to them or otherwise grant them access to the data, this is done only on the basis of legal permission (e.g. if transmission of data to third parties, such as payment service providers, is necessary for contract fulfillment), users have consented, a legal obligation provides for this or on the basis of our legitimate interests (e.g. when using agents, web hosts, etc.).
If we disclose data to other companies in our group of companies, transmit it or otherwise grant them access, this is done in particular for administrative purposes as a legitimate interest and, beyond that, on a basis that complies with legal requirements.
Data is not processed by us outside the European Union (EU). When using third-party services, this may occur if it is necessary to fulfill our (pre)contractual obligations, based on your consent, due to a legal obligation or based on our legitimate interests. Subject to express consent or contractually required transmission, we only process or have data processed in third countries with a recognized level of data protection, which includes US processors certified under the "Privacy Shield" or on the basis of special guarantees, such as contractual obligations through so-called standard protection clauses of the EU Commission, the existence of certifications or binding internal data protection regulations (Art. 44 to 49 DSGVO).
You have the right to request confirmation as to whether relevant data is being processed and to information about this data as well as further information and a copy of the data in accordance with legal requirements.
You have the right, in accordance with legal requirements, to request the completion of data concerning you or the correction of incorrect data concerning you.
You have the right, in accordance with legal requirements, to request that relevant data be deleted immediately, or alternatively, in accordance with legal requirements, to request a restriction of the processing of the data.
You have the right to request that the data concerning you that you have provided to us be received in accordance with legal requirements and to request its transmission to other controllers.
You also have the right, in accordance with legal requirements, to lodge a complaint with the competent supervisory authority.
You have the right to revoke consents given with effect for the future.
You can object to the future processing of data concerning you at any time in accordance with legal requirements.
"Cookies" are small files that are stored on users' computers. Different information can be stored within cookies. A cookie primarily serves to store information about a user (or the device on which the cookie is stored) during or after their visit to an online offering.
Temporary cookies, or "session cookies" or "transient cookies", are cookies that are deleted after a user leaves an online offering and closes their browser. Such a cookie can store, for example, the contents of a shopping cart in an online shop or a login status.
Cookies that remain stored even after the browser is closed are referred to as "permanent" or "persistent". For example, the login status can be saved if users visit it after several days. Likewise, the interests of users can be stored in such a cookie, which are used for reach measurement or marketing purposes.
"Third-party cookies" are cookies that are offered by providers other than the controller who operates the online offering (otherwise, if they are only their cookies, they are referred to as "first-party cookies").
We may use temporary and permanent cookies and clarify this in our privacy policy. If we ask users for consent to the use of cookies (e.g. as part of cookie consent), the legal basis for this processing is Art. 6 para. 1 lit. a. DSGVO. Otherwise, users' personal cookies are processed in accordance with the following explanations in this privacy policy on the basis of our legitimate interests (i.e. interest in the analysis, optimization and economic operation of our online offering within the meaning of Art. 6 para. 1 lit. f. DSGVO) or if the use of cookies is necessary to provide our contract-related services, in accordance with Art. 6 para. 1 lit. b. DSGVO, or if the use of cookies is necessary to perform a task carried out in the public interest or in the exercise of official authority, in accordance with Art. 6 para. 1 lit. e. DSGVO.
If users do not want cookies to be stored on their computer, they are asked to deactivate the corresponding option in the system settings of their browser. Stored cookies can be deleted in the system settings of the browser. The exclusion of cookies may lead to functional restrictions of this online offering.
A general objection to the use of cookies used for online marketing purposes can be declared for a large number of services, especially in the case of tracking, via the US website http://www.aboutads.info/choices/ or the EU website http://www.youronlinechoices.com/. Furthermore, the storage of cookies can be achieved by switching them off in the browser settings. Please note that not all functions of this online offering may then be used.
The data processed by us will be deleted or restricted in their processing in accordance with legal requirements. Unless expressly stated in this privacy policy, the data stored by us will be deleted as soon as they are no longer required for their intended purpose and the deletion does not conflict with any statutory retention obligations.
If the data is not deleted because it is required for other and legally permissible purposes, its processing will be restricted. This means the data will be blocked and not processed for other purposes. This applies, for example, to data that must be retained for commercial or tax law reasons.
We ask you to regularly inform yourself about the content of our privacy policy. We adapt the privacy policy as soon as the changes to the data processing carried out by us make this necessary. We will inform you as soon as the changes require your cooperation (e.g. consent) or other individual notification.
No business-related data is collected by us.
When contacting us (e.g. via contact form, email, telephone), the user's information is processed to handle the contact request and its processing in accordance with Art. 6 para. 1 lit. b. (in the context of contractual/pre-contractual relationships), Art. 6 para. 1 lit. f. (other requests) DSGVO.
User information can be stored in a customer relationship management system. We delete requests if they are no longer required. We review the necessity every two years; furthermore, statutory archiving obligations apply.
The hosting services we use serve to provide the following services: infrastructure and platform services, computing capacity, storage space and database services, email dispatch, security services and technical maintenance services that we use for the purpose of operating this online offering.
In doing so, we or our hosting provider process inventory data, contact data, content data, contract data, usage data, meta and communication data of customers, interested parties and visitors to this online offering on the basis of our legitimate interests in an efficient and secure provision of this online offering in accordance with Art. 6 para. 1 lit. f DSGVO in conjunction with Art. 28 DSGVO (conclusion of order processing contract).
We or our hosting provider collect data on every access to the server on which this service is located (so-called server log files) on the basis of our legitimate interests within the meaning of Art. 6 para. 1 lit. f. DSGVO. Access data includes the name of the website accessed, file, date and time of access, amount of data transferred, notification of successful access, browser type and version, the user's operating system, referrer URL (the previously visited page), IP address and the requesting provider.
Log file information is stored for security reasons (e.g. to investigate abuse or fraud) for a maximum of 7 days and then deleted. Data whose further retention is required for evidence purposes is excluded from deletion until the respective incident has been finally clarified.
We use content or service offerings from third-party providers within our online offering on the basis of our legitimate interests (i.e. interest in the analysis, optimization and economic operation of our online offering within the meaning of Art. 6 para. 1 lit. f. DSGVO) in order to integrate their content and services, such as videos or fonts (hereinafter uniformly referred to as "content").
This always presupposes that the third-party providers of this content perceive the IP address of the users, since without the IP address they could not send the content to their browser. The IP address is therefore required for the display of this content. We strive to use only such content whose respective providers use the IP address only to deliver the content. Third-party providers may also use so-called pixel tags (invisible graphics, also referred to as "web beacons") for statistical or marketing purposes. The "pixel tags" can be used to evaluate information such as visitor traffic on the pages of this website. The pseudonymous information can also be stored in cookies on the user's device and may contain, among other things, technical information about the browser and operating system, referring websites, visit time and other information about the use of our online offering, as well as be linked to such information from other sources.
For the management of our table reservations, we use the tool Teburio. Teburio is an online table reservation service operated by Teburio GmbH, Technologiepark 13, 33100 Paderborn, Germany.
When you make a table reservation via our website, the data you provide (such as name, email address, telephone number, date and time of reservation, number of people) is transmitted to Teburio and processed there.
The processing of this data is based on Art. 6 para. 1 lit. b DSGVO (contract fulfillment or pre-contractual measures) and Art. 6 para. 1 lit. f DSGVO (legitimate interest in efficient management of table reservations). Teburio processes this data as a processor exclusively on our behalf and according to our instructions.
Your data will only be stored for as long as is necessary for the processing of the reservation and any statutory retention periods. You have the right to receive information about the data stored by us and can request its correction or deletion, provided that there are no statutory retention obligations to the contrary.
Further information on data processing by Teburio can be found in their privacy policy at: https://teburio.de/datenschutzerklaerung/
We use Plausible Analytics on this website to collect anonymous usage data for statistical purposes. Plausible Analytics is a privacy-friendly web analytics tool that is DSGVO-compliant and works without cookies.
What is collected?
Plausible Analytics collects only aggregated data and does not allow us to identify individual visitors to our website. No personal data is stored. The information collected includes:
What is NOT collected?
Legal Basis
Processing is based on our legitimate interests (Art. 6 para. 1 lit. f DSGVO) in the analysis and optimization of our web offering. Since Plausible Analytics does not collect personal data and does not use cookies, no consent is required.
Data Processing
All data collected by Plausible Analytics is stored exclusively in aggregated form and is used for statistical evaluation of website usage. The data is processed and stored on servers within the EU.
Further information can be found in the Plausible Analytics privacy policy: https://plausible.io/data-policy