Search
Language

Privacy policy

Name and address of the controller

The controller within the meaning of the General Data Protection Regulation (GDPR) and other national data protection regulations of the Member States and other regulations relating to data protection is:

Europa-Park GmbH & Co. Mack KG
Europa-Park-Str. 2
77977 Rust
Germany

Tel.: +49 (0)7822-770
Email: info@europapark.de
Website: https://www.europapark.de/en

Name and address of the Data Protection Officer

The controller’s Data Protection Officer is:
Sina Krenz
Tel.: +49 (0)7822-770
Email: datenschutz@europapark.de

General information on data processing

Definitions

‘personal data’ means any information relating to an identified or identifiable natural person (hereinafter referred to as ‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier (e.g. cookie) or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

‘Processing’ is any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means. The definition is far-reaching and encompasses almost all data handling.

‘Pseudonymisation’ refers to the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organisational measures to ensure that the personal data is not attributed to an identified or identifiable natural person.

‘Profiling’ is any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements.

‘Controller’ means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.

‘Processor’ means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.

Scope of the processing of personal data

As a general rule, we only process the personal data of our users to the extent necessary to provide a fully functioning website and to deliver our content and services.

Legal basis for the processing of personal data

The respective legal basis for the respective processing is presented and explained in the following. The legal basis is typically founded

  • on a (purchase) contract or within the framework of contract initiation (e.g. when purchasing goods, the Europa-Park Clubcard or vouchers)
  • on our company’s legitimate interest, for instance, when collecting traffic data when you use our online shop
  • on your consent/permission (e.g. for newsletter distribution)

Data erasure and retention period

In general, your personal data which we have stored shall be deleted as soon as it is no longer required for the intended purpose and the erasure does not conflict with any statutory retention requirements. Insofar as the data is not erased because it is required for other and legally admissible purposes, its processing shall be restricted. This means that the data will be blocked and not used for any other purposes. This applies, for instance, to data which must be kept for commercial or tax reasons.

According to legal requirements in Germany, books, records, management reports, accounting receipts, trading books, documents relevant for taxation, etc. shall be retained for a period of 10 years in accordance with Sections 147 (1) Tax Code (AO), 257 (1) (1) and (4), Para. 4 German Commercial Code (HGB) and in the case of commercial letters for a period of six years in accordance with Section 257 (1) (2) and (3), Para. 4 HGB. This includes, for example, documents and data required for processing your purchase of goods or the Europa-Park Clubcard in the online shop.

Security

Our websites are encrypted with SSL or TLS protocols for reasons of security as well as to protect the transmission of personal data and other confidential content (e.g. orders or enquiries sent to us). An encrypted connection can be recognised by the string ‘https: //’ and the padlock symbol in your browser line.

Data transfer to third parties

It is sometimes necessary to pass on your personal data to third parties as service providers in order to fulfil our legal obligations to you. This generally takes place as part contractually regulated commissioned processing. However, it may also be the case that the third party itself acts as the controller.

As an example, data may need to be transferred if we send you ordered goods, lost property or competition prizes by post. Here, your name, address and—in the case of tracking—your e-mail address will be sent to the shipping service provider. We would be happy to provide you with information about the specific service provider on a case-by-case basis.

Providing the website and creating log files

Description and scope of data processing

Each time our website is accessed, our system automatically collects data and information from the computer system of the requesting computer. This data is also referred to as ‘traffic data’.

The following data is collected:

  • Information about browser type and version used
  • The user’s operating system
  • The user’s Internet provider
  • Date and time of access
  • Websites from which the user’s system accesses our website
  • Websites accessed by the user’s system from our website

It is necessary for the system to store the IP address temporarily so that the website can be displayed on the user’s computer. To this end, the user’s IP address is stored for the duration of the session. Traffic data is collected in order to make technical improvements to our offer.

This data is also stored in our system’s log files. The user’s IP addresses or other data that enables said data to be linked to a specific user is not included here. This data is not stored together with other personal data of the user.

Legal basis for data processing

Art. 6 (1) f) GDPR provides the legal basis for the temporary storage of data. Our legitimate interest is to deliver our web content to you.

Retention period

We automatically delete your traffic data once your visit to our website is terminated.

Objection and deletion options

The collection of data to enable provision of the website and the storage of data in log files is essential for the website to function properly. You have the option to object to this in accordance with Art. 21 GDPR, insofar that you assert the special circumstances that prevent the processing of your personal data. The use of personal data is restricted to the necessary minimum, just as the period of retention is limited to your website visit.

Use of cookies

Description, purpose and scope of data processing

Our website uses cookies. Cookies are text files that are stored on the Internet browser used on the user’s computer system.

The primary purpose of a cookie is to store data on a user (or the device on which the cookie is stored) during or after their visit to a website. We use cookies to make our website more user-friendly. The purpose of using technically essential cookies is to make it easier for users to navigate websites. Analysis cookies are used for the purpose of improving the quality of our website and its content. The analysis cookies show us how the website is used, enabling us to continue to optimise our offers.

Cookies can be used for various tasks:

Temporary cookies: Temporary cookies (also referred to as ‘session cookies’ or ‘transient cookies’) are deleted when the user leaves the website and closes their browser. A cookie of this type might be used, for instance, to store the content of a shopping cart in an online shop or the user’s login status, their language settings, etc.

Permanent cookies: ‘Permanent’ or ‘persistent’ cookies remain stored on the device even after the user has closed their browser. To give an example, this makes it possible for the user’s login status to be stored even if there are a number of days between the user’s visits to this site. Such cookies can also be used to store data on user interests for the purposes of reach analysis and marketing activities.

‘Third-party cookies’ are cookies from providers other than the controller who operates the website.

Technical methods are used to pseudonymise the user data collected. As a result, the data can no longer be linked to the user accessing the website. The data is not stored together with other personal data of the users.

Upon accessing our website, a cookie consent (info banner featuring a consent function) informs users about the use of the cookies employed by us. The cookie consent allows you to confirm the use of the legally permitted cookies (transient and permanent cookies that are necessary for ensuring website functionality) and/or to apply individual settings or consent to the use of advertising or third-party cookies (e.g. permanent marketing cookies and third-party providers such as Google). Part of our website, especially subpages of europapark.de, are connected with an overarching cookie consent. This is the case when no new banner is shown after you opened a new page.

Upon switching to other websites, you may have to decide once again in a cookie consent if cookies can be used. The settings are also saved as cookies. Cookies will only be used once you have made your decision in the cookie consent. The cookie consent can be accessed at all times in the ‘Cookie settings’ section in the footer in order to change your settings and revoke your consent to the use of functional cookies, analysis cookies and cookies for marketing purposes. Further explanations about cookies can be found in the cookie settings under the cookie list and in our privacy policy.

We have commissioned OneTrust, a service of OneTrust Technology Limited, 82 St John St, Farringdon, London EC1M 4JN, United Kingdom (UK), and the Google Tag Manager, a service of Google Ireland Limited, Google Building Gordon House, Barrow St, Dublin 4, Ireland, to manage cookies.

Legal basis for data processing

Art. 6 (1) f) GDPR provides the legal basis for processing personal data using temporary or partially permanent cookies that are strictly necessary. Our legitimate interest lies in being able to provide you with a fully functioning website and an appropriate level of operating convenience.

Art. 6 (1) a) GDPR provides the legal basis for processing personal data using cookies that are not strictly necessary.

You will be asked to give your consent the first time you access the website. You may manage your consent status in the ‘Cookie settings’ section located in the website’s footer.

Retention period, right of revocation and right to object

Cookies are stored on the user’s computer and transmitted by it to our website. As a user, you therefore have full control over the use of cookies. You can disable or restrict the transmission of cookies by adjusting the settings in your Internet browser accordingly. Cookies that have already been stored can be deleted at any time. This can be done automatically. If cookies are disabled for our website, not all functions of the website may be available to you to their full extent.

You may change your settings for cookies used on our website in the ‘Cookies settings’ section.

Newsletter

Description and scope of data processing

You have the option of subscribing to a free Europa-Park newsletter on our website. When registering for the newsletter, the details stated on the input screen are transmitted to us. This data usually includes your email address as well as your first name and surname. Your language, interests, etc. may also be gathered.

The following data is also collected upon registration:

  • IP address of the requesting computer
  • Date and time of registration
  • Language setting

During the registration process, we obtain your consent for processing of the data and we advise you of our Privacy Policy. Further information is available under the option personalisation.

Where you state your email address when purchasing goods or services on our website, this address may be used by us for sending newsletters if separate reference to this is made. In such cases, we shall only use the newsletter to advertise our own goods and services that are similar to those purchased.

No data processed for the purpose of sending newsletters shall be passed on to third parties. The data is used solely for tailoring the newsletter to you and sending it to you.

Emarsys eMarketing System AG, Hansischer-Straße 10, 80339 München and Widas ID GmbH Maybachstraße 2 71299 Wimsheim, Germany, have been commissioned as the processor in charge of distributing, personalising and analysing Europa-Park newsletters.

Further information on newsletter personalisation is provided in the following.

Legal basis for data processing

Art. 6 (1) a) GDPR provides the legal basis for processing the data following the user’s registration for the newsletter, where consent has been given by the user to do so.

Section 7 (3) UWG [German Law Against Unfair Competition] provides the legal basis for sending the newsletter as a result of purchasing goods or services.

Purpose of data processing

The user’s email address is stored for the purpose of sending the newsletter.

The purpose of collecting other personal data during the registration process is to prevent misuse of the services or the email address used and to tailor offers to you.

Retention period

The data is erased as soon as it is no longer required to achieve the purpose for which it was collected. In connection with distributing the newsletter, the user’s email address is therefore retained until the newsletter subscription is terminated; in the case of revocation, the data shall be erased after a short processing period, insofar that there is no further purpose for it to be retained.

Other personal data collected during the registration process is usually deleted after a period of seven days.

Cancellation option

The user may cancel their subscription to the newsletter at any time. Each newsletter contains a corresponding link for this purpose.

You may cancel your newsletter subscription by posting your cancellation notification to Europa-Park GmbH & Co Mack KG, Europa-Park-Str. 2, 77977 Rust, Germany or emailing newsletter-service@europapark.de.

This link also provides an option for you to withdraw your consent to the storage of the personal data collected during the registration process after a short processing period.

Personalisation

Description and scope of data processing

We use the data that has been gathered in the scope of you using Europa-Park’s offers (among others website, apps, newsletter) to send you a personalised newsletter (if you have subscribed to it) as well as other personalised advertising campaigns and for consultancy services, maintenance of further customer relations, market research and analysis. Europa-Park offers include Europa-Park, Rulantica water world, Europa-Park Hotels, Camp Resort, Europa-Park Camping, Europa-Park Events, YULLBE and the online shop, ticket shop, hotel booking engine, etc.

When provided in addition to your email address, the following data is usually processed in this regard:

Salutation, gender, first and surname, date of birth, postcode, country of residence, language. Clubcard membership status, Clubcard number, email history, interests regarding newsletter topics and purchases, hotel reservations and stays, including room category and number, as well as the category of overnight guests, ticket purchases and stays, other orders, additional purchases and reservations, voucher redemption, event participation, usage behaviour during a stay, consent status for cookies, user ID, language, device information. Opening and interaction rate for emails.

If the controller of Europa-Park GmbH & Co. Mack KG did not directly collect these data, other companies with a direct relation to Europa-Park shall transmit the data:

  • Europa-Park GmbH & Co - Shopping KG regarding registration and purchases in the online shop
  • Rulantica - GmbH & Co Mack KG regarding a visit to Rulantica
  • Europa-Park GmbH & Co - Hotelbetriebe KG regarding hotel stays
  • Mack One Deutschland GmbH & Co KG in regards to special offers such as YULLBE.

Snowflake Inc., Munich, Mies-van-der-Rohe-Straße 8, 80807 Munich, Germany, Emarsys eMarketing System AG, Hansischer-Straße 10, 80339 Munich, Germany and the service provider Cidaas, of Widas ID GmbH Maybachstraße 2 71299 Wimsheim, Germany, shall act as the processor for analysing the data.

Legal basis and purpose of data processing

The legal basis for data processing is our legitimate interest (Art. 6 (1) f) GDPR) in getting to know our customers better and being able to address them in a personalised manner. This is necessary for promoting sales and supporting customers.

Retention period

The data is erased as soon as it is no longer required to achieve the purpose for which it was collected. This shall occur, among other things, if we have not been able to detect you acting on any Europa-Park offer for a long time, and there is no further purpose for storing your information.

If you object to the processing of data, the data shall be erased after a short processing time, unless the data must be saved for another purpose.

Objection and deletion options

You the option of objecting to the processing of data. To do this, please contact newsletter-service@europapark.de.

You can configure cookies in the cookie settings to prevent marketing campaigns from being personalised.

Registration of an account

Description and scope of data processing

We offer users the option to register and create an account on our website by providing their personal data. This account can then also sometimes be used for our various online offers (MackOne account). The data is entered on the input screen, transmitted to us and stored by us. The data is not passed on to third parties. The following data is regularly collected during the registration process:

  • Address details
  • Email address
  • Date of birth
  • Your personal password

At the time of registration, the following data is also saved:

  • The user’s IP address
  • Date and time of registrationg

If your email address has not yet been registered in our system, we shall send you a validation email upon registration.

Widas ID GmbH Maybachstraße 2, 71299 Wimsheim, Germany, with their service Cidaas shall act as the processor for analysing the data.

Legal basis for data processing

Art. 6 (1) b) GDPR provides the legal basis for processing data where registration is required in order to fulfil a contract to which the user is party, or to implement measures prior to entering into a contract.

Purpose of data processing

The user is required to register in order to fulfil a contract with the user or to implement measures prior to entering into a contract. For example, for

  • ordering goods and services
  • Reservations of all types
  • Request for information
  • Credit balance retrieval
  • Contact request

Retention period

The data is erased as soon as it is no longer required to achieve the purpose for which it was collected.

For data collected during the registration process, this is the case where registration on our website is cancelled or altered.

For data collected during the registration process for the purpose of fulfilling a contract or for implementing measures prior to entering into a contract, this is the case where the data is no longer required to execute the contract. It may be necessary to store the personal data of the contract partner even after the contract has been concluded in order to meet contractual or statutory obligations.

  • Continuing obligations
  • Warranty periods
  • Retention periods for tax purposes

Objection and deletion options

As a user, you have the right to cancel registration at any time. You can change the data stored under your name at any time.

The data can be deleted at any time by logging in to the user profile or by sending an email to datenschutz@europapark.de.

If the data is necessary for the purpose of fulfilling a contract or for implementing measures prior to entering into a contract, premature deletion of the data is only possible where there are no contractual or statutory obligations to retain such data.

Purchasing

Description and scope of data processing

You have the option of making purchases on our website. This includes purchasing online tickets and vouchers for Europa-Park and Rulantica, purchasing event tickets, paying to reserve hotel rooms, purchasing merchandise, etc. It is only possible to make an online purchase after previously registering an account.

Order processing

In order to process your order as well as register an account, you must also provide other data (e.g. your home address) if you wish for an order to be sent to your home.

Payments/use of payment service providers

We process your payment information in order to process payments for items you have bought or ordered. In other words, when you purchase merchandise, a Clubcard or vouchers via our online shop. Depending on the payment type, we may pass your payment information on to third parties (e.g. to your credit card provider for credit card payments).

We use PayZen, LYRA NETWORK GmbH, Gutleustraβe 47, 60329 Frankfurt, as our general payment service provider.

Credit card and direct debit

For Visa, Mastercard or American Express:

If you pay by credit card, our payment service provider collects the following data:

  • Name of the credit card holder
  • Credit card number
  • Credit card expiration date
  • Security code

Within the meaning of Art. 45 (1) GDPR, an adequacy decision applies for third countries in order to ensure an appropriate level of data protection is maintained.

If you select the direct debit payment option, the following payment data shall be collected directly by the direct debit companies:

  • Name of the account holder
  • IBAN

Europa-Park does not collect and save the payment data itself. This is done by the two service providers directly. Besides the payment data which has been provided, both service providers only have knowledge of the order number and invoice amount and do not have the possibility to associate this information with other information (e.g. your mailing address or email address). We comply with the highest security and data protection regulations when we work with payment service providers. Both service providers observe the provisions of the ‘Payment Card Industry (PCI) Data Security Standards’ and have been certified by Security Research & Consulting GmbH (further information on this subject available at www.src-gmbh.de).

SRC GmbH is accredited by the Federal Office for Information Security (BSI) as a test centre for evaluating security components in accordance with the internationally accepted Common Criteria (ISO 15408) (registration number BSI-APS-9026).

PayPal

When you pay via PayPal, credit card via PayPal, direct debit via PayPal or – if it is offered – via ‘purchase on account’ or ‘instalment payments’ via PayPal, we share your payment data with PayPal (Europe) S.a.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter referred to as ‘PayPal’) within the scope of the payment process.

PayPal reserves the right to carry out credit checks for the payment methods of credit card via PayPal, direct debit via PayPal or, if offered, ‘purchase on account’ or ‘payment by instalments’ via PayPal. For this purpose, your payment data may be passed on to credit agencies on the basis of PayPal’s legitimate interest in determining your solvency pursuant to Art. 6 (1) f) GDPR. The result of the credit check with respect to the statistical likelihood of default is used by PayPal for the purpose of making a decision concerning whether to provide the respective payment method. The credit report can include probability values (so-called ‘score values’). To the extent that score values are included in the results of the credit report, they will be based on a scientifically recognised mathematical-statistical procedure. Address data among other sorts of data will be included in the calculation of the score data. For more information on data protection, including the credit agencies used, please refer to PayPal’s privacy policy: https://www.paypal.com/de/webapps/mpp/ua/privacy-full.

You can object to your data being processed at any time by sending a message to PayPal. However, PayPal may still be entitled to process your personal data if this is necessary for contractual payment processing.

Paydirekt

We offer you the possibility of paying for your order via the service paydirekt. This service is provided by paydirekt GmbH, Stephanstr. 14-16, 60313 Frankfurt am Main. To use this service, you must first register with paydirekt (‘Participant’).

During the payment process, you will be forwarded to the paydirekt website at the end of your order. A description of paydirekt’s processing of your data during the payment process is available at https://www.paydirekt.de/agb/index.html, in particular under No. 2.

After a successful transaction, paydirekt passes the following data on to us:

  • Participant’s personal information (surname, first name)
  • Date and time of the payment authorisation
  • Amount of payment
  • Transaction identifier

When you open the paydirekt website or the service, paydirekt stores, according to its own specifications, cookies and tokens on your device to make offers user-friendly, effective and secure. Moreover, paydirekt uses analysis tools to improve their offer at regular intervals and to correct errors. Further information on this subject is available at: https://www.paydirekt.de/agb/index.html You can prevent paydirekt from setting web-tracking cookies by using a respective opt-out setting.

We store the data only so long as is required to implement and process your order and to fulfil the statutory retention periods.

Personal data must be provided for the conclusion of a contract. If you do not provide personal data, the contract cannot be concluded.

Giropay

We offer you the possibility of paying for your order via the service Giropay, operated by giropay GmbH, An der Welle 4, 60322 Frankfurt/Main (‘Giropay GmbH’).

During the payment process, you will be forwarded to the Giropay website at the end of your order to process payment, and you can select your bank there. Then you will be forwarded to your bank’s website and can carry out the transaction there. During this payment process, we do not process any of your data.

As part of the confirmation about a transfer order being successfully placed by Giropay, we are provided with a transaction identifier selected by the online service provider.

The purpose of processing the data is to facilitate the payment process and to execute the contract. Art. 6 (1) b) GDPR serves as the legal basis for processing.

We store the data only so long as is required to implement and process your order and to fulfil the statutory retention periods.

Personal data must be provided for the conclusion of a contract. If you do not provide personal data, the contract cannot be concluded.

Sofortüberweisung (Klarna)

If ‘Sofortüberweisung’ is selected as the payment method, the payment will be processed by the payment service provider SOFORT GmbH, Theresienhöhe 12, 80339 Munich, Germany (hereinafter referred to as ‘SOFORT’). We send SOFORT the information you provided during the ordering process as well as your order information in accordance with Art. 6 (1) b) GDPR. Sofort GmbH is part of the Klarna Group (Klarna Bank AB [publ], Sveavägen 46, 11134 Stockholm, Sweden). Your data is only passed on to the service provider SOFORT for the purpose of processing the payment and only to the extent that this is necessary. Further information about SOFORT’s privacy policy can be found at the following Internet address: https://www.sofort.de/datenschutz.html

Legal basis for data processing

The legal basis for processing data is the initiation or fulfilment of a contract in accordance with Article 6 (1) b) GDPR.

Purpose of data processing

Data is processed in order to fulfil the contract with you.

Retention period

The data is erased as soon as it is no longer required to achieve the purpose for which it was collected. It may be necessary to store the personal data of the contract partner even after the contract has been concluded in order to meet contractual or statutory obligations, such as long-term obligations, warranty period and tax retention periods.

Contact form and email contact

Description and scope of data processing

Contact forms, which can be used to contact us electronically, are readily available on our website. If the user makes use of this option, the data entered on the input screen will be transmitted to us and stored by us. This data includes:

  • First name and surname
  • Address details
  • Email address
  • Content of the message
  • Where provided, telephone number

At the time the message is sent, the following data is also temporarily stored:

  • The user’s IP address
  • Date and time of registration

Before the contact form is transmitted, we obtain your consent for the processing of the data and refer you to this Privacy Policy.

Alternatively, you may contact us using the email address provided. In such cases, the user’s personal data transmitted in the email is stored.

The data is not passed on to third parties in this connection. The data is used solely for processing the conversation.

Legal basis for data processing

Art. 6 (1) a) GDPR provides the legal basis for processing data, where consent has been given by the user to do so.

Art. 6 (1) f) GDPR provides the legal basis for processing the personal data that is transmitted in an email or using the contact form. Art. 6 (1) b) GDPR provides the legal basis for processing data where the purpose of the email contact is to conclude a contract.

Purpose of data processing

We process the personal data entered on the input screen solely for the purpose of processing the request. If contact is made by email, this also constitutes the legitimate interest required for processing of the data.

The purpose of the other personal data processed during the transmission of the contact form is to prevent misuse of the contact form and to ensure the safety of our information technology systems.

Retention period

The data is erased as soon as it is no longer required to achieve the purpose for which it was collected. For the personal data entered on the input screen of the contact form and the personal data sent by email, this is the case when the conversation with the user has ended. The conversation is deemed to have ended when the circumstances suggest that the issue has been conclusively resolved.

Additional personal data collected during the transmission of the contact form is usually deleted after a period of seven days.

Objection and deletion options

The user has the right at any time to withdraw their consent to processing of the personal data. If the user contacts us by email, they may object to the storage of their personal data at any time. In such cases, the conversation cannot be continued.

The data can be deleted at any time by logging in to the user profile or by sending an email to datenschutz@europapark.de.

In this case, all personal data stored when contacting us is deleted.

We use the service Mailytica, of Mailytica GmbH, Bücklestraße 3, 78467 Konstanz, in the context of order processing for the automated handling of guest enquiries by email. In doing so, parts of the incoming emails are classified by the software and reply suggestions are created.

Reservations and Menu Selection

Description and scope of data processing

On our website you have the option of requesting a table reservation in our restaurant or specifying a menu selection. It may also be the case that certain arrangements require a written or verbal enquiry about wishes and intolerances. In order to be able to make such reservations or menu selections properly and communicate with you, we must ask you to provide some personal data. In our reservation or booking form, we will ask you for your name, e-mail address and telephone number, your preferred date and time, the number of visitors and the number of children under the age of 16 or your preferred menu selection.

As a rule, we will communicate with you by e-mail, but possibly also by telephone at short notice, for example if you are late for an agreed reservation. You can also indicate intolerances and allergies on a voluntary basis in our reservation form or when selecting the menu. We will take this information into account as much as possible when catering for you, so that your stay with us will be a real pleasure for you. You are also welcome to provide us with further information on a voluntary basis in the reservation enquiry, for example if there is a special occasion for your visit (e.g. anniversaries, wedding anniversaries, birthdays) or if there are other circumstances that we should take into account for your stay (such as an existing pregnancy.) We will also take this information into account as best we can to make your stay with us a special experience for you.

Legal basis and purpose of data processing

We use the information provided to us during the reservation enquiry or menu selection exclusively for the purpose of processing and carrying out the reservation and your visit to our restaurant or our event. The legal basis for the processing of the data is Art. 6 Para. 1 lit. b GDPR, namely the preparation and execution of the contract for your visit to our restaurant. With regard to the information you provide voluntarily, the legal basis is your consent pursuant to Art. 6 Para. 1 lit. a GDPR or Art. 9 Para. 2 lit. a GDPR, which you give us by providing and sending us this information.

Duration of storage

The data will be deleted as soon as it is no longer required to fulfil the purpose for which it was collected. This is the case after your visit to our restaurant, unless there is another legal basis for storage. Statutory retention periods remain unaffected.

Cancellation option

You can revoke your consent to the processing of your voluntarily provided data at any time. You can send your cancellation by post to Europa-Park GmbH & Co Mack KG, Europa Park-Str. 2, 77977 Rust or by e-mail to info@europapark.de

For arrangements you can contact guestrelations.resort@europapark.de directly.

Cookies for analysis and marketing purposes

You may change your settings for cookies used on our website in the ‘Cookie settings’ section located in the website’s footer. You can manage your consent status for individual cookies and entire categories there. Unless otherwise stated, the legal basis for processing is your consent in accordance with Article 6 (1) a) GDPR. Further details on the services integrated on our website are provided in the following.

Web analysis by Google Analytics with anonymisation function

We use Google Analytics, a web analysis service provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, hereinafter referred to as ‘Google’, on our website. Google Analytics uses so-called cookies; these are text files that are stored on your computer and enable an analysis of how you use the website.

The information collected by the cookies, for example, the time, place and frequency of your website visits, including your IP address, is transmitted to a Google server in the USA and stored there.

On our website, we use Google Analytics with the suffix ‘_gat._anonymizeIp’. In this case, your IP address will be truncated by Google within the Member States of the European Union or in other countries that are party to the Agreement on the European Economic Area and thereby anonymised.

Google will use this information to evaluate how you use our website, to compile reports on website activities for us, and to provide further services connected with the use of the website and the Internet. Google will also pass this information on to third parties if necessary, insofar as this is legally stipulated or insofar as third parties process this data on behalf of Google.

Google claims that it will not link your IP address with other Google data under any circumstances. You can prevent the installation of cookies by adjusting your browser settings accordingly; in this case, however, we must point out that not all functions of this website may be available to you to their full extent.

Google also offers a deactivation add-on for the most common browsers, which gives you more control over what data is collected by Google on the websites visited by you. The add-on informs Google Analytics JavaScript (ga.js) that no information about the website visit should be sent to Google Analytics. However, the Google Analytics deactivation add-on for browsers does not prevent information from being transmitted to us or to any other web analysis services used by us. You can find further information on the installation of the browser add-on at this link: https://tools.google.com/dlpage/gaoptout?hl=en

Google Ads

We also use Google Analytics to analyse data from Double-Click cookies and AdWords for statistical purposes. If you do not wish this to take place, you can disable it through the Ads Preferences Manager (https://www.google.com/settings/ads/onweb/?hl=en).

Web analysis by Facebook Pixel

This website uses the ‘Custom Audiences’ remarketing function of Facebook Inc. (‘Facebook’). The purpose of this function is to display interest-related ads (‘Facebook ads’) to visitors to this website when logged on to the social network Facebook. To this end, the Facebook remarketing tag has been implemented on this website. This tag makes it possible to establish a direct connection to the Facebook servers when the website is accessed. The information that you have visited this website is sent to the Facebook server, and Facebook links this information to your personal Facebook user account. You can find more information on the collection and use of data by Facebook, your rights with regard to the above and settings to protect your privacy can be found in Facebook’s Data Policy: https://www.facebook.com/about/privacy/. Alternatively, you may disable the ‘Custom Audiences’ remarketing function at https://www.facebook.com/settings/?tab=ads#_=_. You need to be logged into Facebook to do so.

LinkedIn Insight Tag

We use the LinkedIn Insight Tag, from LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland. By using the tag, we can create anonymised reports about the use of our website and display performance. If you have consented, LinkedIn can recognise that you have visited our website and whether a certain event or interaction (such as a click, purchase etc.) has taken place, and if you clicked on a link on LinkedIn which is linked to our website. Through retargeting, our website visitor is then shown interest-based content on LinkedIn. The tag installs a cookie in the browser. Linkedin collects data such as URL, referrer URL, shortened or hashed IP address (for cross-device retargeting), device and browser characteristics (user agent) and timestamp. We do not receive any personal data from LinkedIn about users, only anonymised reports about the demographics of the website audience, such as the industry of employment, job title, company size, career stage and location of website visitors and the performance of our ads.

The pseudonymisation of the data takes place after seven days; we use the data for a maximum of 365 days.
LinkedIn may link this data to your user account and use it for its own purposes. For more detailed information about LinkedIn's privacy policy and when it deletes your data, please see LinkedIn's privacy policy at: https://www.linkedin.com/legal/privacy-policy

LinkedIn members can control the use of their personal data for advertising purposes in their account settings. To disable the Insight Tag on our website ("Opt-out"): https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out

TikTok Pixel

We use the TikTok Pixel of TikTok Technology Limited, 10 Earlsfort Terrace, Dublin, D02 T380, Ireland and TikTok Information Technologies UK Limited, 1 London Wall, London, EC2Y 5EB, England.
If you have consented to this, TikTok Pixel installs a cookie in your browser. TikTok can recognise that you have visited our website and whether a certain event or interaction (such as a click, purchase etc.) has taken place. Through retargeting, our website visitor is then shown interest- based content on TikTok.

TikTok does not share any personal data with us, only anonymised reports on website audience demographics and the performance of our ads.
We delete the data after a maximum of 180 days.
Processing of data also takes place in the UK, which has a standard of protection comparable to that of the EU.

TikTok may link that data to your user account and use it for its own purposes. More detailed information on data protection and in particular on deletion at TikTok can be found in the TikTok privacy policy at: https://www.tiktok.com/legal/page/eea/privacy-policy/en


TikTok members can control the use of their personal data for advertising purposes in their account settings. To deactivate personalised advertising ("opt-out"): https://support.tiktok.com/en/account-and-privacy/personalized-ads-and-data/personalization-and-data

Web analysis by AdForm Pixel

This website uses the tracking tool from Adform, Silkegade 3B, 1113 Copenhagen, Denmark. Adform operates a platform for the programmatic purchase of digital advertising space.
The tool uses cookies to display relevant ads to users, analyse the performance of advertising campaigns and prevent the same ads from appearing more than once. A cookie ID is used to record which adverts are shown in which browser – this prevents multiple adverts being shown. Adform also uses this cookie to understand the interactions on our website and to send you targeted advertising based on this, as well as to record successful purchases following an advert.
User data such as the IP address, the URL of the visited page, the URL of the previously visited page, the domain of the marketer, the Adform cookie ID, the user agent, the timestamp and the referrer are processed. Access to the collected data is restricted to us, Adform and the advertising partner Converto AG, Firststrasse 3a, 8835 Feusisberg, Switzerland. The data is stored for a period of 13 months, after which it is deleted.
Data processing takes place on the basis of your voluntary consent. You have the right to revoke this consent at any time with effect for the future. To withdraw your consent, change your preferences in the cookie settings.
You can find more information about Adform at https://site.adform.com and the option to object to Adform directly at https://site.adform.com/privacy-center/website-privacy/opt-out/ and on data protection at Adform A/S in Denmark in general at https://site.adform.com/privacy-center/overview

Emarsys

We use the service Emarsys eMarketing System AG, Hansischer-Straße 10, 80339 Munich, to analyse usage behaviour on our website and our newsletter. Information recorded on behaviour, which also includes information about your browser, country, operating system and anonymised IP address, openings and clicks, is used to personalise the newsletter if you have subscribed to a newsletter.

You can configure the respective settings in the cookie settings or by unsubscribing from the newsletter.

Further information on this subject is available at: https://help.emarsys.com/hc/en-us/articles/360005205113-gdpr-and-web-extend-all-you-need-to-know

Outbrain

This website uses technology developed by Outbrain Inc. (‘Outbrain’, 39 W 13th Street New York, NY 10011 USA). This makes it possible to target those Internet users with advertising on our partners’ websites who might be interested in our content or who have already shown an interest in our content. The technology is based on a cookie-dependent analysis of previous user behaviour. This advertisement only appears on Outbrain advertising spaces, either on Outbrain Engage advertising space or on the Outbrain Extended Network. If you do not want interest-based advertising to be displayed to you, you can deactivate this function here: https://my.outbrain.com/recommendations-settings/home.

Further information can be found at: https://lp.outbrain.com/gdpr-ready

AdUp

Tracking from AdUp, a technology and service provider of Axel Springer Teaser Ad GmbH (Axel-Springer-Straße 65, 10969 Berlin), is integrated on our website. AdUp collects anonymised and/or pseudonymous data in order to then display advertisements on websites for a certain period of time as based on your interests. AdUp uses cookies for the purpose of offering advertisers a service known as ‘conversion tracking’. It determines the effectiveness of their ads and keywords. It is used to advertise our offers in a targeted manner. Further information about Axel Springer Teaser Ad GmbH’s data privacy is available at: https://www.adup-tech.com/privacy?lang=en. You can click the ‘Activate opt-out cookie’ offered there to activate an opt-out cookie in your browser and thus deactivate AdUp in this browser.

Using Microsoft Advertising

This website uses Microsoft Advertising, a service of Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA – Microsoft Advertising Conversion Tracking. If you have consented to this and click on one of our advertisements on Bing or selected websites of the Bing advertising network, a temporary cookie will be stored on your computer. This will take you to one of our conversion pages. Then data will be collected – identifiable by Microsoft Advertising and us – stating that you have previously clicked on the advertisement. This is used to create conversion statistics, i.e. to record how many users reach a conversion page after clicking on an advertisement, i.e. complete an order transaction. The following data is collected: Your web request, IP address, browser type, browser language, and the date and time of your request. The cookies become invalid after 30 days. If you would not like to participate in the tracking process, you can also reject the cookie required for this, for example, example by using the browser setting that generally disables the automatic placement of cookies.

Further information and the privacy policy of Microsoft are available at: https://privacy.microsoft.com/de-de/privacystatement

Setting options are available directly from Microsoft: https://account.microsoft.com/privacy/ad-settings/signedout?refd=support.microsoft.com

Seedtag Advertising

We are using Seedtag, a technologiy of SEEDTAG ADVERTISING, SL, Calle Marqués de Valdeiglesias 6, 28004 in Madrid, Spain, that provides online advertising by analysing the content of the URLs that the user accesses in order to understand the context of each image that appears on a website. Once Seedtag recognizes the context, it integrates advertisements into the website's images that are related to the previously analysed content. Seedtag processes the following personal data: Information about the user's browser, device, location, interactions with ads and the users internet service such as the IP address. Seedtag is acting as a data processor. The personal data is stored for one year.

Link to Seedtag's Privacy Policy: https://www.seedtag.com/privacy/

Link to Seedtag's Cookie Policy: https://www.seedtag.com/cookies-policy/

External content

You can change your data processing setting for external content in the cookie settings, which can be found either in the footer of the website or via a privacy button. Some of our website offerings have directly integrated external content, e.g. via iFrames. If you have agreed to this, it means that the providers of this external content can set cookies directly for you and can process data. We do not have any direct influence over this data processing. For more information about this, please refer to the respective data privacy statement issued by the provider of the external content.

Web analysis by YouTube

This website contains at least one plug-in from YouTube, a company owned by Google Inc., based in San Bruno, California, USA. As soon as you visit any pages of our website that contain a YouTube plug-in, a connection is established to the YouTube servers. The YouTube server is informed of what specific page of our website you visited. Should you be logged in to your YouTube account at the same time, this would enable YouTube to establish a direct link between your personal profile and your surfing habits. You can prevent this link from being established by logging out of your account beforehand. Further information on the collection and use of your data by YouTube is available in YouTube’s Privacy Policy at https://www.youtube.com.

Deutsche Bahn travel widget

We have integrated the Deutsche Bahn travel widget tool into the website. This is provided by the service provider Basilicom GmbH, Sickingenstrasse 70, 10553 Berlin, Germany. When you use the widget, the IP address associated with the request is logged on Basilicom’s server.

For more information on the collection and use of your data by Deutsche Bahn, please refer to the data protection information which is available at www.bahn.de/datenschutz

Rights of the data subject

If your personal data is processed, you are a data subject within the meaning of the GDPR, and you have the following rights vis-à-vis the controller:

Right to information

You have the right to obtain information about your personal data that we process. In the case of a request for information that is not made in writing, we ask for your understanding that we may require you to provide evidence proving that you are the person you claim to be. (Art. 15 GDPR)

Right to rectification, erasure and restriction

Furthermore, you have a right to rectification or erasure of data or restriction of processing insofar as you are so entitled by law. (Art. 16, 17 and 18 GDPR). In such cases, we are obliged to notify any recipients of the rectification, erasure or restriction of processing of data (Art. 19 GDPR).

Right to data portability

You also have a right to data portability within the framework of the data protection regulations (Art. 20 GDPR). This applies to data that you have provided to us.

Right of objection

You have the right to object at any time, on grounds relating to your particular situation, to the processing of your personal data that is performed based on Art. 6 (1) e) or f) GDPR; this shall also apply for any profiling based on these provisions.

In particular, you have the right to object in accordance with Art. 21 (1) and (2) GDPR to the processing of your data, in particular in connection with direct advertising (newsletter), if this is based on a legitimate interest or a weighing of interests.

Right to withdrawal of the declaration of consent under data protection law

You have the right to withdraw your declaration of consent under data protection law at any time and with effect for the future. The withdrawal of consent shall not affect the lawfulness of any processing for which consent was given and which was carried out prior to the withdrawal thereof.

Automated individual decision-making process (including profiling)

You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects on you or significantly affects you in a similar manner.

Right to lodge a complaint with a supervisory authority

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual place of residence, place of work or place of the alleged infringement, where it is your opinion that the processing of your personal data is in breach of GDPR regulations (Art. 77 GDPR).

The supervisory authority with which the complaint was lodged shall inform the complainant on the progress and the outcome of the complaint, including the possibility of judicial remedy pursuant to Article 78 GDPR.