• Crystal Collegium Travel GmbH
  Lindwurmstrasse 80
  80337 Munich
  If you have any questions, please contact our data protection officer at:
• Crystal Collegium Travel GmbH
  Data Protection Officer
  Lindwurmstrasse 80
  80337 Munich
  datenschutz@crystal-tours.de

In compliance with data minimization, we only collect personal data to the extent and for as long as it is necessary to use our service or as required by law. We take the protection of your personal data seriously and strictly adhere to the relevant legal regulations and this data protection declaration when collecting and processing personal data. If the purpose of data collection no longer applies or the end of the statutory storage period has been reached, the data collected will be blocked or deleted. Our website can be used regularly without passing on personal data. If we collect personal data – such as your name, address or email address – this data collection is voluntary. Without your express consent, this data will not be made known to third parties.

In order to minimize data, the data required for the service is only collected in the form necessary. We do not collect data that is not necessary to fulfill the service.

We process the following data, which is collected voluntarily and to implement the services we offer.

• Gender
• First and Last Name
• Address (street, zip code, city)
• Birthdate
• Telephone number
• Email address
• Travel data
• Taking out insurance
• Account details

We obtain additional data that is required for special cases through personal contact with the respective person using common means of communication. Primarily via email.
This could, for example, be the clarification of an insurance claim and the associated correspondence and mediation between the insured and the insurer.

All data stored by us is stored on servers located within the Federal Republic of Germany. Our server providers are therefore subject to the data protection law applicable in Germany, and therefore also to the new GDPR, valid since May 25, 2018.

Within our company, data is processed to fulfill the service. Only the necessary offices and departments that are involved in processing the service have access to the data. The data is used to book the trip. This includes, among other things, putting together the travel group, creating the individual booking with order confirmation, deposit invoice and main invoice as well as planning in our own CTS system. Your data will only be passed on to other companies with your consent and on the condition that these companies are part of the service. The data must be passed on to the following exemplary service providers, among others: ferry companies, airlines, bus companies and hotels. Furthermore, we do not actively pass on the data to third parties.

We secure your data in payment transactions. That’s why our site uses SSL encryption for security reasons and to protect your confidential and personal content when transmitting payment transactions. You can determine whether SSL encryption is activated or not. You can recognize the use of encryption in the address bar of the browser. Only when the regular display changes from “http://” to “https://” is the data transmission encrypted. The browser line “https://” indicates the use of SSL encryption; payment transactions are now encrypted. Activating SSL encryption makes it impossible for third parties to read your confidential data. Therefore, only transfer your data if SSL encryption is activated.

If you want to use the paid services offered on our website, we may need to collect additional data from you for billing purposes and for security reasons. This usually involves your name, a valid email address and, if necessary, your address and telephone number, as well as further information depending on the individual case. This may also include content that allows us to check the data provided, such as your ownership of the email address provided. For legal reasons, we must ensure that you actually want to receive the services offered and that we can properly invoice you for the service. To secure your data, we use the SSL encryption standard in payment transactions, which can be recognized by the browser line “https://”.

Data collected from minors as a result of the service requires the consent of the legal guardian. We will request this for confirmation after checking your age. For this purpose, the age is checked when entering data. If the person is a minor, additional data entry is displayed which establishes contact with the parents in order to obtain their consent.

We will actively use the data until the service is fulfilled. These then remain in our database in order to be able to comply with legal documentation requirements and business management tasks.

You will receive free information at any time about the personal data we have stored about you as well as the origin, recipient and purpose of data collection and data processing. You also have the right to request the correction, blocking or deletion of your data. Excluded from this are data that are retained due to legal regulations or required for proper business transactions. So that a data lock can be implemented at any time, data is kept in a lock file for control purposes. If data is not collected by a legal archiving requirement, we will delete your data at your request. If the archiving requirement applies, we will block your data.

On some of our pages we use so-called “session cookies” to make it easier for you to use our websites. These are small text files that are only stored on your hard drive for the duration of your visit to our website and, depending on the settings of your browser program, are deleted again when you close the browser. These cookies do not retrieve any information about you stored on your hard drive and do not affect your PC or its files. Most browsers are set to automatically accept cookies. However, you can deactivate the storage of cookies or set your browser to alert you when cookies are sent.

The offering on our website may also include content, services and benefits from other providers that complement our offering. Examples of such offers are maps from Google Maps, YouTube videos or graphic representations from third parties. Accessing these services from third parties regularly requires the transmission of your IP address. This makes it possible for these providers to perceive your user IP address and also store it. We make every effort to only include third parties that use IP addresses solely to deliver the content. However, we have no influence on which third party may store the IP address. This storage can, for example, serve statistical purposes. If we become aware of storage processes by third parties, we will immediately inform our users of this fact. In this context, please also note the special data protection declarations for individual third-party providers and service providers whose services we use on our website. You can also find these in this data protection declaration.

You will find plugins from the social network Facebook on our website. Its provider is Facebook Inc. It is based in the USA, California 94025, 1 Hacker Way, Menlo Park. The Facebook logo or the “Like” button on our site identifies the Facebook plugins so that you can recognize them. Please also note the overview of the Facebook plugins at http://developers.facebook.com/docs/plugins/. When you visit our website, we establish a direct connection to the Facebook server via the plugin. You are then switched there via your browser. For Facebook this is associated with the information that you have visited our website with your IP address. By clicking on the Facebook “Like button” you link content from our website to your profile on Facebook. For Facebook, your visit to our site can be assigned to your user account. We have no knowledge of what type of content is transmitted to Facebook or how Facebook uses it. You can find further information on data collection and data use in the Facebook data protection declaration, which you can find at http://de-de.facebook.com/policy.php. You can prevent your visit to our site from being associated with your Facebook profile by simply logging out of your Facebook account beforehand.

This website uses Google Analytics, a web analysis service provided by Google Inc. (“Google”). Use is based on Article 6 Paragraph 1 Sentence 1 Letter f of the GDPR. Google Analytics uses so-called “cookies”, text files that are stored on your computer and that enable your use of the website to be analyzed.
The information generated by the cookie about your use of the website such as

• Browser type/version.
• Operating system used.
• Referrer URL (the previously visited page).
• Host name of the accessing computer (IP address).
• Time off.

Server requests are usually transmitted to a Google server in the USA and stored there. The IP address transmitted by your browser as part of Google Analytics is not combined with other Google data. We have also expanded Google Analytics on this website to include the code “anonymizeIP”. This guarantees that your IP address is masked so that all data is collected anonymously. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there.

On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activities and to provide other services related to website activity and internet usage to the website operator. You can prevent the storage of cookies by setting your browser software accordingly; However, we would like to point out that in this case you may not be able to use all functions of this website to their full extent.

You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by Google by downloading the browser plug-in available under the following link and install: http://tools.google.com/dlpage/gaoptout?hl=de. As an alternative to the browser add-on, especially for browsers on mobile devices, you can also prevent data collection by Google Analytics by clicking on this link. An opt-out cookie will be set to prevent future collection of your data when you visit this website. The opt-out cookie only applies in this browser and only for our website and is stored on your device. If you delete the cookies in this browser, you will have to set the opt-out cookie again. [Note Information on integrating the opt-out cookie can be found at: https://developers.google.com/analytics/devguides/collection/gajs/?hl=de#disable].

We continue to use Google Analytics to evaluate data from double-click cookies and AdWords for statistical purposes. If you do not want this, you can deactivate this via the ad preferences manager (http://www.google.com/settings/ads/onweb/?hl=de).

Further information on data protection in connection with Google Analytics can be found in the Google Analytics help (https://support.google.com/analytics/answer/6004245?hl=de).

We use a plugin from the Google Maps internet service on our website. The operator of Google Maps is Google Inc., based in the USA, CA 94043, 1600 Amphitheater Parkway, Mountain View. By using Google Maps on our website, information about your use of this website and your IP address will be transmitted to a Google server in the USA and also stored on this server. We have no knowledge of the exact content of the data transmitted or how it is used by Google.

In this context, the company denies the connection of the data with information from other Google services and the collection of personal data.

However, Google may transmit the information to third parties. If you disable Javascript in your browser, you will prevent Google Maps from running.

However, you will then not be able to use the map display on our website.

By using our website, you agree to the collection and processing of information by Google Inc. as described. You can find out more about the data protection regulations and terms of use for Google Maps here: https://www.google.com/intl/de_de/help /terms_maps.html.

Instagram plugin
We also integrate functions of the online service Instagram on our website. The provider of these functions is Instagram Inc. It is based in the USA, CA 94025, 1601 Willow Road, Menlo Park. The Instagram button allows you to link to your Instagram account when you visit our pages, provided you are logged in to Instagram. Instagram thus receives information about your visit to our website and can assign this visit to your Instagram profile. We have no knowledge of the content of the information transmitted or how it is used by Instagram. You can find further information about data collection and data use by Instagram in the Instagram data protection declaration at http://instagram.com/about/legal/privacy/.

We also use functions of the microblogging service Twitter on our website. Twitter is operated by Twitter Inc. The US company is based in the USA, San Francisco, CA 94103, 1355 Market St, Suite 900.

The main function of Twitter is the “Tweet function”.

If you use this via our website, it will be linked to your Twitter account. Data may be exchanged with other users and data may be transferred to Twitter. We do not receive any knowledge of the content of the data sent to Twitter, nor are we informed of its use. Find out more about these questions at http://twitter.com/privacy.

There you will find Twitter’s detailed privacy policy. The platform also offers you the opportunity to design your data protection settings yourself via http://twitter.com/account/settings.

We use WhatsApp to make contact between our sales team and interested parties easier.
The Whatsapp number provided on our homepage is only used for initial contact.
The request is then assigned to a sales representative.
The chat history of the request will then be deleted from WhatsApp.
If a different communication platform is desired, this can be discussed with our sales team.
Please note that Whatsapp stores all data in non-European countries.

We offer the opportunity to use an app we developed ourselves on our trips.
This app takes over the login data from the existing customer login. (Booking number + password).
Using the app is free of charge.
The app accesses the data you registered. This allows the app to be personalized and provided with the data necessary for travel processing.
The app gives the customer the opportunity to view their travel program, locations of the destination and more.
We do not use any data used in the app for any other purposes.
The app is not used for data collection or advertising purposes. It is purely a service provided by Crystal Collegium Travel GmbH.

As part of the legal imprint obligation, we have to publish our contact details. These are sometimes used by third parties to send unwanted advertising and information. We hereby object to any sending of advertising material of any kind that we have not expressly authorized. We also expressly reserve the right to take legal action against the unwanted and unsolicited sending of advertising material. This applies in particular to so-called spam emails, spam letters and spam faxes. We would like to point out that the unauthorized transmission of advertising material can affect competition law, civil law and criminal law. Spam emails and spam faxes in particular can lead to high claims for damages if they disrupt business operations by overfilling mailboxes or fax machines.