The responsible body within the meaning of the General Data Protection Regulation (GDPR) and other data protection regulations is:
Stadt Tegernsee
Rathausplatz 1
83684 Tegernsee
Phone: +49 8022/1801 – 0
E-Mail: rathaus@tegernsee.de
2 Name and address of the data protection officer
The data protection officer of the data controller is:
actago GmbH
Weidenstraße 66
94405 Landau a. d. Isar
Phone: +49 (0)9951 99990-20
E-Mail: Internet:
3 General information on data processing
3.1 Legal basis for processing personal data
In accordance with Article 13 GDPR, we will inform you of the legal basis for our data processing. If the legal basis is not specified in the privacy notice, the following applies: the legal basis for obtaining consent is Articel 6(1)(a) in conjunction with Article 7 GDPR. The legal basis for processing in order to provide our services and fulfil contractual measures, as well as answering inquiries, is Article 6(1)(b) GDPR. The legal basis for processing in order to fulfil our legal obligations is Article 6(1)(c) GDPR. In the event that vital interests of the data subject or another natural person require the processing of personal data, Article 6(1)(d) GDPR serves as the legal basis. If the processing of your data is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller, Article 6(1)(e) GDPR serves as the legal basis for the processing.
3.2 Data deletion and storage period
We adhere to the principles of data minimisation in accordance with Article 5(1)(c) GDPR and storage limitation according to Article 5(1)(e) GDPR. We only store your personal data for as long as is necessary to achieve the purposes stated here, or as stipulated by the retention periods provided for by law. After the respective purpose no longer applies or after these retention periods have expired, the corresponding data will be deleted as quickly as possible.
3.3 External links
This website may contain links to third-party websites or to other websites under our responsibility. If you follow a link to any of the websites outside our control, please note that these websites have their own privacy notices. We do not assume any responsibility or liability for these external websites and their privacy notices. Before using these websites, please check whether you agree with their privacy policies.
You can recognise external links either by the fact that they are displayed in a colour which is slightly different from the rest of the text or that they are underlined. Your cursor will show you external links when you move it over such a link. Only when you click on an external link will your personal data be transferred to the destination of the link. The operator of the other website will then receive your IP address, the time at which you clicked on the link, the website you were on when you clicked on the link, and other information that you can find in the respective provider’s privacy notice.
Please also note that individual links may result in data transfer outside the European Economic Area. This could give foreign authorities access to your data. You may not be entitled to any legal recourse against such data access. If you do not want your personal data to be transferred to the link destination or potentially even accessed by foreign authorities against your will, please do not click on any links.
3.4 Rights of data subjects
As a data subject within the meaning of the GDPR, you have the option to assert various rights. The data subject rights arising from the GDPR are the right to information (Article 15), the right to rectification (Article 16), the right to deletion (Article 17), the right to restriction of processing (Article 18), the right to object (Article 21), the right to lodge a complaint with a supervisory authority and the right to data portability (Article 20).
Right of revocation:
Some data processing can only take place with your express consent.You have the option to revoke your consent at any time. However, the lawfulness of the data processing up to the point of revocation is not affected by this.
Right of objection:
If the processing is based on Article 6(1)(e) or (f) GDPR, you as the data subject can object to the processing of your personal data at any time for reasons arising from your particular situation. You are also entitled to this right in the case of profiling based on these provisions within the meaning of Article 4(4) GDPR. Unless we can prove a legitimate interest for the processing which overrides your interests, rights and freedoms, or the processing serves the assertion, exercise or defence of legal claims, we will refrain from processing your data after the objection has been made.
If the processing of personal data serves the purpose of direct marketing, you also have the right to object at any time. The same applies to profiling associated with direct marketing. Here, too, we will no longer process personal data as soon as you raise an objection.
Right to lodge a complaint with a supervisory authority:
If you believe that the processing of your personal data violates the GDPR, you have the right to lodge a complaint with a supervisory authority, in particular in the member state of your place of residence, without prejudice to any other administrative or judicial remedy, your place of work or the location of the alleged violation.
The supervisory authority is:
Postal address: Postfach 22 12 19, 80502 München
Address: Wagmüllerstraße 18, 80538 München
Phone: 089 212672-0
Fax: 089 212672-50
Online-report: https://www.datenschutz-bayern.de/service/complaint.html
Right to data portability:
If your data is processed automatically based on consent or fulfilment of a contract, you have the right to receive this data in a structured, common and machine-readable format. You also have the right to request that the data be transferred and made available to another data controller, insofar as this is technically feasible.
Right of access, rectification and erasure:
You have the right to obtain information about the processing of your personal data with regard to the purpose, categories and recipients of the data processing, as well as the duration of storage. If you have any questions on this topic or on other topics regarding personal data, you can of course contact us using the contact options provided in the legal notice.
Right to restriction of processing:
You may assert your right to the restriction of processing of your personal data at any time. To do this, you must meet one of the following requirements:
You contest the accuracy of the personal data. While the accuracy of the data is being verified, you have the right to demand that its processing is restricted.
If processing is unlawful, you can request the restriction of the use of the data as an alternative to deletion. If we no longer need your personal data for the purposes of processing, but you need the data to assert, exercise or defend legal claims, you can request the restriction of processing as an alternative to deletion. If you object to the processing in accordance with Article 21(1) GDPR, we will weigh up your interests against ours. Until this weighing up is completed, you have the right to request the restriction of processing. The effect of restricting processing is that, apart from storage, the personal data may only be processed with your consent or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of substantial public interest of the Union or a member state.
4 Provision of the website (web host)
Our website is hosted by:
Rematec Datentechnik GmbH (Systemlösungen, Hosting, Technik, Programmierung, Design)
Frauenschulstraße 42a
83714 Miesbach
info@rematec.de
0und1 IT-Dienste GmbH (Standleitung, Firewall, Hosting)
Am Sonnenhang 18
83174 Miesbach
info@0und1.de
When you access our website, we automatically collect and store information in so-called server log files. Your browser automatically transmits this information to our server or our hosting company’s server.
- IP address of the website visitor’s end device
- device used
- host name of the accessing computer
- visitor’s operating system
- browser type and version
- name of the retrieved file
- time of server request
- amount of data
- information on whether the retrieval of the data was successful
This data is not merged with other data sources.
Instead of operating this website on our own server, we may also commission an external service provider (hosting company) to operate it on their own server, which we have named above in this case. The personal data collected by this website will be stored on the hosting company’s servers. In addition to the data mentioned above, the web host also stores for us, for example, contact requests, contact details, names, website access data, meta and communication data, contract data and other data generated via a website.
The legal basis for processing this data is Article 6(1)(e) GDPR . Our legitimate interest is the technically error-free presentation and optimisation of this website. If the website is called up in order to enter into contract negotiations with us or to conclude a contract, this serves as a further legal basis (Article 6(1)(b) GDPR). In the event that we have commissioned a hosting company, a order processing contract will have been agreed with this service provider.
5 Cookies
We use cookies to ensure the correct technical and functional provision of this information service. Cookies are small text files that are stored on the device you are using.
The legal basis for the storage of information and the processing of personal data by means of technically necessary cookies is § 25(2) TDDDG and Art. 6(1)(e) GDPR in conjunction with. Art. 4 BayDSG
Technically necessary cookies are only valid for the current session and are automatically deleted as soon as you close your browser.
The use of functional cookies is voluntary. If these cookies are blocked, the provision of certain functions may not be fully possible.
The legal basis for the use of technically unnecessary cookies is the user’s consent in accordance with Section 25(1) TDDDG in conjunction with Art. 6 (1)(a) GDPR.
When you access this website, we store cookies (small files) on your device. These are valid for:
Name: Speicherdauer:
- __cf_bm 30 minutes
- _cfuvid Session
- vuid 400 days
- __Secure-ROLLOUT_TOKEN 180 days
- VISITOR_INFO1_LIVE 180 days
6 Contact by e-mail
6.1 Description and scope of data processing
Alternatively, you can contact us via the e-mail address provided. In this case, your personal data transmitted with the e-mail will be stored. No data will be passed on to third parties in this context.
The data will be used exclusively for processing the conversation.
6.2 Legal basis for data processing
The legal basis for the processing of your personal data transmitted in the course of sending an e-mail is Art. 6(1)(e) GDPR in conjunction with Art. 4 BayDSG. If the purpose of contacting us by e-mail is to conclude a contract, the additional legal basis for processing is Art. 6(1)(b) GDPR.
6.3 Purpose of data processing
The other personal data processed during the sending process is used to prevent misuse of the contact form and to ensure the security of our information technology systems.
6.4 Duration of storage
Your personal data will be deleted as soon as it is no longer required for the purpose for which it was collected. For personal data sent by e-mail, this is the case when the respective conversation with you has ended. The conversation is ended when it can be inferred from the circumstances that the matter in question has been conclusively clarified.
The additional personal data collected during the sending process will be deleted after a period of seven days at the latest.
6.5 Possibility of objection and removal
You have the option at any time to object to the processing of your personal data in the context of contacting us by e-mail for the future. In such a case, the conversation between you and us cannot be continued. All personal data stored in the course of contacting us will be deleted in this case.
7 Electronic mail (e-mail)
Information that you send to us unencrypted by electronic mail (e-mail) may be read by third parties during transmission. As a rule, we are also unable to verify your identity and do not know who is behind an e-mail address. Legally secure communication by simple e-mail is therefore not guaranteed. Like many e-mail providers, we use filters against unwanted advertising (“SPAM filters”), which in rare cases automatically classify normal e-mails as unwanted advertising and delete them. E-mails containing harmful programs (“viruses”) are automatically deleted by us in all cases.
If you have concerns about the transmission of personal data or other sensitive data, please agree suitable encryption with the recipient (our employees) before transmission, or use letter post.
8 Active components
Active components such as Javascript, Java applets or Active-X controls are used in the information provided. You can disable this function by changing the settings in your Internet browser.
9 Newsletter
9.1 Description and scope of data processing
Our website offers you a newsletter in which we inform you about current events and offers. If you would like to subscribe to the newsletter, you must enter a valid first name, a valid surname and a valid e-mail address. If you subscribe to the newsletter, you agree to receive the newsletter and to the procedures explained.
9.2 Legal basis for data processing
The legal basis for the processing of your personal data in the context of sending the newsletter is the existence of consent Art. 6(1)(a) GDPR.
9.3 Purpose of data processing
The purpose of collecting your personal data is to send you the newsletter. The purpose of processing your personal data in the context of sending the newsletter is to inform you about current events and offers.
9.4 Duration of storage
Your personal data will be deleted as soon as it is no longer required for the purpose for which it was collected. Your personal data will therefore be stored for as long as the subscription to the newsletter is active.
9.5 Possibility of objection and removal
You can cancel your subscription to the newsletter at any time. For this purpose, you will find a corresponding link in every newsletter. Your personal data will be deleted after you unsubscribe. Cancelling your subscription also enables you to withdraw your consent.
10 Google Web Fonts
This website may use Google Web Fonts for the uniform display of fonts. When using these fonts, your browser downloads the required fonts from our website system. These are then temporarily stored in the browser cache in order to display the fonts correctly. Your browser does not establish a connection to Google’s servers. This ensures that Google does not gain any knowledge of your visit or your IP address.
11 Use of YouTube videos
Videos from the external video platform YouTube are embedded on our website. By default, only deactivated images from the YouTube channel are embedded, which do not establish an automated connection with the YouTube servers. This means that the operator does not receive any data from the user when the web pages are accessed.
You can decide for yourself whether the YouTube videos should be activated. Only when you allow the videos to be played by clicking on “Permanent activation” do you give your consent for the necessary data (including the Internet address of the current page and the user’s IP address) to be transmitted to the operator.
In order to save the setting requested by the user, we set a cookie that saves the parameters. When these cookies are set, however, we do not store any personal data; they only contain anonymized data for browser customization. The videos are then active and can be played by the user. If you would like to deactivate the automatic loading of YouTube videos again, you can uncheck the consent box under the data protection symbol. This will also update the cookie settings.
YouTube is a service provided by YouTube LLC, 901 Cherry Ave, San Bruno, CA 94066, USA, a subsidiary of Google Inc, 1600 Amphitheater Parkway, Mountainview, California 94043, USA. Further information on the purpose and scope of data processing (including outside the European Union and outside the USA) and information on setting options to protect your privacy can be found in the privacy policy:
https://policies.google.com/privacy?hl=de&gl=de
Google processes your personal data in the USA, among other places.
12 Doubleclick by Google
This website contains components of DoubleClick by Google. DoubleClick is a brand of Google (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland), under which special online marketing solutions are marketed to advertising agencies and publishers.
DoubleClick by Google transmits data to the DoubleClick server with every impression as well as with clicks or other activities. Each of these data transfers triggers a cookie request to your browser. If the browser accepts this request, DoubleClick places a cookie on your IT system. The purpose of the cookie is to optimize and display advertising. Among other things, the cookie is used to place and display user-relevant advertising and to create reports on advertising campaigns or to improve them. The cookie is also used to avoid multiple displays of the same advertisement.
DoubleClick uses a cookie ID that is required for the technical process. The cookie ID is required, for example, to display an advertisement in a browser. DoubleClick can also use the cookie ID to record which advertisements have already been displayed in a browser in order to avoid duplication. The cookie ID also enables DoubleClick to record conversions.
A DoubleClick cookie does not contain any personal data. However, a DoubleClick cookie may contain additional campaign IDs. A campaign ID is used to identify the campaigns with which you have already been in contact.
Each time you access one of the individual pages of this website, which is operated by us and on which a DoubleClick component has been integrated, the Internet browser on your IT system is prompted by the respective DoubleClick component to transmit data to Google for the purpose of online advertising and billing of commissions. As part of this technical process, Google obtains knowledge of data that Google also uses to create commission statements. Among other things, Google can see that you have clicked on certain links on our website.
The legal basis for the use of Doubleclick by Google is the user’s consent pursuant to Art. 6(1)(a) GDPR.
Further information and the applicable data protection provisions of DoubleClick by Google can be found at .
13 Vimeo
This website uses plugins from the video portal Vimeo. The provider is Vimeo Inc, 555 West 18th Street, New York, New York 10011, USA.
When you visit one of our pages equipped with a Vimeo plugin, a connection to the Vimeo servers is established. This tells the Vimeo server which of our pages you have visited. Vimeo also obtains your IP address. This also applies if you are not logged in to Vimeo or do not have a Vimeo account. The information collected by Vimeo is transmitted to the Vimeo server in the USA.
If you are logged into your Vimeo account, you enable Vimeo to assign your surfing behavior directly to your personal profile. You can prevent this by logging out of your Vimeo account.
The use of Vimeo is based on consent in accordance with Art. 6 para. 1 lit. a GDPR; consent can be revoked at any time.
Further information on the handling of user data can be found in Vimeo’s privacy policy at: https://vimeo.com/privacy https://vimeo.com/privacy.
14 cloudflare.com
This website uses services from “Cloudflare” (provider: Cloudflare, Inc., 101 Townsend St, San Francisco, CA 94107, USA).
Cloudflare operates a content delivery network (CDN) and provides protection functions for the website (web application firewall). The data transfer between your browser and our servers flows via Cloudflare’s infrastructure and is analyzed there to ward off attacks. Cloudflare uses cookies to enable you to access our website. The use of Cloudflare is in the interest of the secure use of our website and the defense against harmful attacks from outside. This constitutes a legitimate interest within the meaning of Art. 6(1)(e) GDPR combined with Art. 4 BayDSG.
Further information can be found in the Cloudflare privacy policy: https://www.cloudflare.com/de-de/privacypolicy/
15 Note on the privacy policy
Unless otherwise regulated, the use of all information that we have about you is subject to this privacy policy.
The controller reserves the right to continuously adapt this privacy policy to the necessary security measures in line with technological developments and will announce any changes here.
State: March 25
16 Further information
16.1 Technical and organizational measures
The controller has taken technical and organizational measures to protect your data from loss, destruction or unauthorized access.
In addition, both the controller’s employees and any service providers are obliged to maintain confidentiality and to comply with data protection regulations.
16.2 SSL or TLS encryption
For security reasons and to protect the transmission of confidential content that you send to us as the site operator, our website uses SSL or TLS encryption. This means that data that you transmit via this website cannot be read by third parties. You can recognize an encrypted connection by the “https://” address line of your browser and the lock symbol in the browser line.