1. Data Controller

2. General Information

We take the protection of your personal data very seriously. Your data is processed in accordance with the General Data Protection Regulation (GDPR) and applicable national data protection laws. Personal data refers to any information that can be used to identify you personally.

3. Data Collection on This Website

a) Server-Logfiles

When you visit our website, the following data is automatically collected:

• IP address
• Date and time of the request
• Browser type and version
• Operating system
• Referrer-URL
• Purpose: To ensure the stable and secure operation of the website
• Legal basis: Article 6(1)(f) of the GDPR (legitimate interest)

a) Kontaktaufnahme (E-Mail / Formular)

When you contact us, we process:

• Name
• Email address
• Subject of the inquiry

Purpose: Processing your inquiry
Legal basis: Article 6(1)(b) of the GDPR

4. Cookies

Our website may use cookies.

• Technically necessary cookies (for the operation of the website)
• Optional cookies (analytics or marketing – consent required)

Legal basis:

• Art. 6(1)(f) GDPR (necessary)
• Art. 6(1)(a) of the GDPR (Consent)
• A cookie notice will be displayed on your first visit.

5. Analysis Tools

Google Analytics:

• Use only with consent
• Data can be analyzed anonymously
• IP anonymization enabled

6. Integration of third-party content

Our website may embed content from third-party providers (e.g., Instagram, YouTube). When this content is loaded, data may be transmitted to the respective providers.

7. Data Processing by Zelfiespot®

The Zelfiespot® itself does not process any personal data:

• no camera
• no storage
• no transmission
• No cloud connection

This product is intended solely as a mechanical mount for smartphones.

8. QR Codes & External Landing Pages

Some selfie spots may include QR codes.
When scanning, please note the following:

• Redirects to external websites or landing pages
• The applicable privacy policies apply there

If the operator (e.g., a tourism association) uses its own campaigns, it is responsible for data processing.

9. Disclosure of Data

Your data will not be shared with third parties, except with service providers (e.g., hosting providers) who are contractually obligated to comply with the GDPR

• to fulfill the contract
• due to legal obligations
• to service providers (e.g., hosting providers) who are contractually obligated to comply with the GDPR

10. Retention period

Personal data is stored only for as long as is necessary for the respective purpose or as required by legal retention obligations.

11. Your Rights

You have the following rights at any time:

• Right of access (Art. 15 GDPR)
• Rectification (Art. 16 GDPR)
• Erasure (Art. 17 GDPR)
• Restriction of processing (Art. 18 GDPR)
• Data Portability (Art. 20 GDPR)
• Objection to processing (Art. 21 GDPR)

12. Withdrawal of Your Consent

You may revoke your consent at any time, effective for the future.

13. Right to Appeal

You have the right to file a complaint with a data protection supervisory authority.
Competent authority (Italy): Garante per la protezione dei dati personali

14. Data Security

We use appropriate technical and organizational measures to protect your data:

• secure servers
• SSL/TLS encryption
• Access restrictions

15. Changes

We reserve the right to update this privacy policy as needed.