We would like to inform you below about the processing of personal data in the context of the use of our Internet pages.
Responsible for these internet pages is the Luxembourg Capital Markets Association. Further information about our company can be found in our imprint.
DATA PROTECTION SUPERVISOR
When you visit our website, personal data is also processed.
In order for the pages to be displayed in your browser, the IP address of the device you are using must be processed. In addition, more information about the browser of your device.
In terms of data protection, we are also obliged to guarantee the confidentiality and integrity of personal data processed using our IT systems.
For this purpose, the following data is logged:
Information about the browser type and version used
The operating system of the user
The Internet service provider of the user
The IP address of the user (for a maximum of 7 days)
Date and time of access
Websites from which the system of the user comes to our website
Websites that are accessed by the user's system through our website
The IP address will be deleted or anonymised after 7 days at the latest of all systems used in connection with the operation of this website. We can no longer create a personal reference from the remaining data. The data is also used to fix website errors.
The legal basis for this data processing is Art. 6 Para. 1 lit. f) GDPR. Our "interest" according to Art. 6 para. 1 lit. f) is the operation of this website and the implementation of the protection goals of confidentiality, integrity and availability of the data.
Cookies are used on our website. Cookies are small textual information stored in your device via your browser. Cookies are required to enable certain features of our website. On the one hand, we use session cookies that are automatically deleted from your browser immediately after the visit to the website. In the field of web analytics, on the other hand, we also use persistent cookies. You have the option to prevent the setting of cookies by means of appropriate settings in your browser. We point out, however, that the use of our website may be limited. Cookies do not install or start any programs or other applications on your computer.
The legal basis for this data processing is Art. 6 para. 1 lit. f) DSGVO in conjunction with § 15 TMG. Our "interest" according to Art. 6 para. 1 lit. f) is the operation of this website.
In order to be able to inform you about the latest news via e-mail, we will save your e-mail address upon your registration until further notice. For security reasons, your IP address and the time of login or confirmation will also be saved. Once you have entered and submitted your registration data, we will send you an email confirming and activating your free subscription by clicking on "Double Opt-In". Only after confirmation you will receive our newsletter. The legal basis for the processing of the data after the user has registered for the newsletter is in case of the consent of the user Art. 6 para. 1 lit. a GDPR.
You can unsubscribe anytime. You will find a link to unsubscribe in each newsletter e-mail. In addition, you can unsubscribe the newsletter on our contact page behind the button "subscribe to newsletter" or directly by e-mail with the subject "newsletter unsubscribe".
The stored data will be used exclusively for the purposes stated by us. For the purpose of sending the newsletter, data is transferred to service providers in the field of newsletter services. The legal basis for this data processing is Art. 6 para. 1 lit. f) DSGVO in conjunction with § 7 UWG. Our "interest" according to Art. 6 para. 1 lit. f) is the administration and shipping of our newsletter.
The data will be deleted as soon as it is no longer necessary for the purpose of its collection. The e-mail address of the user is therefore stored as long as the subscription to the newsletter is active.
CONTACT BY FORM, E-MAIL CONTACT
We offer contact forms on our website that you can use to contact us regarding concerns about our Services, such as requests. The personal data provided will be stored for the purpose of processing the request as well as in the event that follow-up questions arise.
Alternatively, a contact via our e-mail address is possible, which is linked to various buttons. In this case, the user's personal data transmitted by e-mail will be stored for the purpose of processing the message and in case of follow-up questions.
Inquiries and messages received via the contact forms on our website or via our e-mail address are usually stored in our CRM system. The CRM system is regularly checked to see if data can be deleted. If data in the context of a guest or prospective customer relationship is no longer required or outweighs a conflicting interest of the guest or prospective customer, we will delete the relevant data, as far as there are no legal storage requirements.
The legal basis for this data processing is Art. 6 para. 1 lit. f) GDPR. Our "interest" according to Art. 6 para. 1 lit. f) is the communication with guests and interested parties.
SSL or TLS encryption
This site uses SSL or TLS encryption for security reasons and for the protection of the transmission of confidential content, such as the inquiries you send to us as the site operator. You can recognize an encrypted connection in your browser’s address line when it changes from “http://” to “https://” and the lock icon is displayed in your browser’s address bar.
If SSL or TLS encryption is activated, the data you transfer to us cannot be read by third parties.
As far as you give us data voluntarily, e.g. in forms, and these are not required for the performance of our contractual obligations, we process these data on the basis that we assume that the processing and use of this data is in your interest.
RECEIVER / DISTRIBUTION OF DATA
Data that you provide to us will generally not be disclosed to third parties. In particular, your data will not be disclosed to third parties for their advertising purposes.
However, we may use service providers for the operation of this website, our newsletter, online bookings via our website or for other products from us. Here it may happen that a service provider receives knowledge of personal data. We carefully select our service providers - in particular with regard to data protection and data security - and take all data protection measures necessary for permissible data processing.
We process the information you have provided to us in connection with your application in order to assess your suitability for the position (or, if applicable, other open positions in our companies) and to carry out the application process.
The legal basis for the processing of your personal data in this application process is primarily § 26 BDSG in the version valid from 25.05.2018. Thereafter, the processing of the data required in connection with the decision to establish an employment relationship is permitted.
If the data may be required for legal prosecution after completing the application process, data can be processed based on the requirements of Art. 6 GDPR, in particular for the exercise of legitimate interests pursuant to Art. 6 para. 1 lit. f) GDPR. Our interest then lies in the prosecution.
Applicants' data will be deleted in case of cancellation after six months.
In the event that you have consented to the further storage of your personal data, we will transfer your data to our applicant pool. There, the data will be deleted after two years.
If you have been awarded the contract as part of the application process, the data will be transferred to our personnel information system.
Your application data will be viewed by the HR department or the management after receipt of your application. Suitable applications are then forwarded internally to the responsible persons for the respective open position. Then the further procedure is tuned. In principle, only those persons in the company have access to your data, who need this for the proper execution of our application process.
Minors may not submit personal information to us without the consent of the guardian. As part of the website, we do not process any scienter acquired personal data of minors.
INTEGRATION OF SERVICES AND CONTENT OF THIRD-PARTY PROVIDERS
Within the website third-party content is included. For the use of such content, the transmission of the IP address of the user to the respective third-party provider is technically required. Because without the IP address, the third-party providers could not send the content embedded in the website to the browser of the respective user. We have no control over whether a third party provider stores for instance the IP address for statistical purposes or uses it otherwise.
The use of Google Maps takes place in the interest of easy discovery of Burg Schlitz. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f) DSGVO. When Google Maps is called, servers are called in the USA or at least outside the EU. An appropriate level of data protection is demonstrated by the fact that Google LLC is listed in the Privacy Shield.
We use “Google reCAPTCHA” (hereinafter “reCAPTCHA”) on our websites. This service is provided by Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA (“Google”).
reCAPTCHA is used to check whether the data entered on our website (such as on a contact form) has been entered by a human or by an automated program. To do this, reCAPTCHA analyzes the behavior of the website visitor based on various characteristics. This analysis starts automatically as soon as the website visitor enters the website. For the analysis, reCAPTCHA evaluates various information (e.g. IP address, how long the visitor has been on the website, or mouse movements made by the user). The data collected during the analysis will be forwarded to Google.
The reCAPTCHA analyses take place completely in the background. Website visitors are not advised that such an analysis is taking place.
Data processing is based on Art. 6 (1) (f) DSGVO. The website operator has a legitimate interest in protecting its site from abusive automated crawling and spam.
YOUR RIGHTS AS AFFECTED
You have the right to information about personal data concerning you. You can contact our data protection supervisor or us directly for information at any time.
In the case of a request for information that is not made in writing, we ask for your understanding that we may then ask for proof from you proving that you are the person for whom you are claiming to be.
You also have the right to correct or delete or limit processing to the extent that you are legally entitled to do so.
Furthermore, you have the right to object to the processing within the scope of the legal requirements. The same applies to a right to data portability.
If we process your personal data on the basis of a consent, you have the right to revoke your consent at any time, without affecting the legality of the processing carried out on the basis of the consent until the revocation.
COMPLAINTS AT A SUPERVISORY AUTHORITY
You have the right to complain about the processing of personal data by us at a data protection supervisory authority.