3.6.2. Google Tag Manager
We use the Google Tag Manager. This Google service allows website tags to be managed through an interface. Only tags are implemented, i.e. no cookies are set and no personal data is collected. The Tag Manager triggers other tags that may themselves collect data. Google Tag Manager does not access this data. If deactivation has been done at the domain or cookie level, it will apply to all tracking tags implemented with Google Tag Manager. More information can be found in the Google Tag Manager use policy: https://www.google.com/intl/de/tagmanager/use-policy.html.
3.6.3. New Relic
We use the Snowplow open source web analytics service provided by Snowplow Analytics Limited, 32-38 Scrutton Street, London, EC2A 4RQ, United Kingdom. Cookies are used as part of this. The information generated by the cookie about your use of this website, e.g.
- browser type/version
- operating system used
- Referrer URL (the previously visited page)
- hostname of the accessing computer (IP address)
- time of server request
- search queries and filter settings
- clicks on the website
is transmitted to a Wimdu server in Frankfurt and stored there.
The information is used to evaluate the use of the website, to compile reports on the activity on the website, and to provide other services related to the use of the website and internet usage for the purposes of market research and to customize the design in line with the needs of users.
In our app, we use the analytics service of Adjust GmbH, Saarbrücker Str. 37A, 10405 Berlin, Germany. The analytics service is implemented in our app via a development environment (SDK - Software Developer Kit). The information generated by the development environment, e.g.
- hashed (anonymized) IP address
- mobile identifiers such as the Advertising ID for iOS (IDFA) or the Google Advertising ID
- installation and initial opening of an app on your mobile device
- your interaction within an app (e.g., in-app purchases, registration),
- viewed and clicked ads
is collected and used by Adjust GmbH to evaluate the use of the app, to compile performance reports on app activity, and to provide other services related to the use of the app for purposes of market research and customization of the app. Under no circumstances will the collected data be combined with other data that Adjust obtains via other apps.
The targeting measures listed below and used by us are implemented on the basis of Article 6 (1) (f) GDPR. Targeting is used to perform targeted advertising. Through the targeting measures we use, we want to make sure that advertisements which are geared to your interests are displayed on your devices.
3.7.1. Double Click
On our website, information used for the optimization of advertisements is collected and evaluated using cookies (see section 3.5.). To do this, we use Google's targeting technologies (Double Click). These technologies enable us to provide you with customized, interest-based advertising. The cookies used provide e.g. information regarding which of our products you are interested in. Based on this information, we can also display services on third-party websites that are specifically oriented towards your interests you have shown through your previous user behavior. The collection and evaluation of your user behavior takes place exclusively in pseudonymized manner and does not enable us to identify you. In particular, the information is not combined with personally identifiable information about you.
The cookie is automatically deleted after 30 days.
You can also set preferences for the display of interest-based advertising through the Google Ads Settings Manager (https://adssettings.google.com/authenticated?hl).
3.7.2. Google AdWords
Wimdu uses Google's AdWords service, which uses conversion tracking to measure the effectiveness of individual ads, offers and features. For this, a cookie is set as soon as you click on a Google ad. This cookie does not personally identify you, but rather makes it possible to determine whether you return to the page with the specific offer during the 30-day period in which the cookie is valid.
Each AdWords advertiser receives a different cookie. As a result, cookies cannot be tracked via the website of AdWords advertisers. The information obtained using the conversion cookie is used to generate conversion statistics for AdWords advertisers who have opted for conversion tracking. We track the total number of users who have clicked on an ad and were redirected to the website with a conversion-tracking tag.
3.7.3. Google Dynamic Remarketing
We use the features of Google Dynamic Remarketing with the cross-device features of Google AdWords and Google DoubleClick.
This feature allows us to link the advertising audiences created with Google Dynamic Remarketing to the cross-device features of Google AdWords and Google DoubleClick. In this way, interest-based, personalized advertising messages that have been customized for you based on your past usage and browsing behavior on a device (e.g., smartphone) may also be displayed on another device you use (e.g., tablet or PC).
If you have given the appropriate consent to Google, Google will link your web and app browsing history with your Google Account for this purpose. That way, the same personalized advertising messages can appear on any device you use to sign in to your Google Account.
To support this feature, Google Analytics collects Google-authenticated IDs of users who are temporarily linked to our Google Analytics data to define and create audiences for cross-device ad promotion.
You can permanently opt out of cross-device remarketing/targeting by turning off personalized advertising in your Google Account. To do so, follow this link: https://adssettings.google.com/authenticated?hl.
3.7.4. Google AdSense
On our website, we use Google AdSense for displaying advertisements. In this way we can show you advertisements that may be of interest to you. These advertisements can be recognized by the reference "Google Ads". To do this, Google uses web beacons and cookies (see section 3.5.). The information generated by cookies and web beacons about the use of the website (including your IP address) and delivery of advertising formats is transmitted to a Google server in the US and stored there. Google may share this information with third parties.
We have enabled third-party Google AdSense ads. The data may be transferred to third parties (named at https://support.google.com/dfp_sb/answer/94149).
You can prevent Google AdSense from installing cookies by disabling interest-based ads on Google via the link https://adssettings.google.com/authenticated?hl.
3.7.5. Google AdMob
We use Google AdMob to display ads in the Wimdu app. Google uses the Apple "Advertising Identifier" (hereafter “Apple Ad-ID”) for advertising control in the app. A pseudonymized user profile is created under the Apple Ad-ID so that the user can be matched to different advertising segments on the Apple advertising platform in order to be able to display interest-based advertising.
The Apple Ad-ID is a pseudonym that prevents personal plain data from being disclosed to Google. The Apple Ad-ID is transmitted to a Google server in the US and stored there.
You can prevent the use of the Apple Ad-ID by clicking on "No Ad-Tracking" under "Privacy/Advertising" in your system settings. Alternatively, you can also click “Reset Ad ID” to generate a new, randomly chosen Apple Ad ID and thus prevent a profile from being generated.
Pixel technologies (see section 3.6.5.) from Criteo SA, 32 Rue Blanche, 75009 Paris, France ("Criteo") collect and store data for marketing and optimization purposes.
The pixels send your IP address, the Referrer URL of the visited website, the time when the pixel was viewed, the browser used and previously set cookie information to a web server. This data can be used to create usage profiles under a pseudonym.
Using Criteo will load additional pixels from contractual partners with whom Criteo works. An overview of all publishers and networks that load pixels can be found at https://www.criteo.com/privacycriteo-works-with-the-following-platforms/. The data collected with Criteo technology will not be used to determine the personal identity of the website visitor unless agreed to separately by the data subject. Any use of data other than that described above or transfer to third parties is excluded.
Most browsers accept pixels automatically. You can use the appropriate tools or browser add-ons to prevent the use of pixels on our website (for example, by using the "AdBlock" add-on for the Firefox browser).
You can also object to the pseudonymous analysis of your surfing behavior by us at any time. For instructions on disabling Criteo's service, please visit the following Criteo link: https://www.criteo.com/privacy.
Please note that if you opt out of displaying personalized ads from Criteo and other affiliates, you will still receive advertisements, however these will be less tailored to your interests/browsing habits.
3.7.7. Bing Ads
We use Bing Universal Event Tracking (UET) from Microsoft Bing Ads. This is a service of Microsoft Corporation, One Microsoft Way, Redmond, WA 98052, USA ("Microsoft"). This allows us to track user activity on our website when users reach our website through advertisements from Bing Ads.
If you reach our website via a Bing Ads advertisement, a cookie will be placed on your computer (see section 3.5.). A Bing UET tag is integrated into our website. This is a code that is used to store data about the use of the website in connection with the cookie. Among others, this includes the time spent on the website, which areas of the website were accessed, and what ads brought users to the website. Information about your identity is not collected.
This information is transmitted to Microsoft servers in the US and stored there for a maximum of 180 days.
On our website, we use technology from the service provider Outbrain Inc., 39 West 13th Street, New York, NY 10011, USA (Outbrain, Outbrain Widgets, Outbrain Pixel). This technology enables us to use pixels (see section 3.6.5.) and cookies (see section 3.5.) to offer further content that may also be of interest to you within our website or on third-party websites ("retargeting"). The recommendations integrated by Outbrain are determined on the basis of your previously read content. The content is technically controlled and delivered by Outbrain automatically.
Display takes place on a pseudonymous basis. When selecting appropriate content, the cookie uses information about the source of the device, the type of browser and your IP address, which is fully anonymized by removing the last octet.
You can find more information about Taboola and the ability to disable the Taboola cookie here: https://www.taboola.com/privacy-policy.
3.7.10. Facebook Custom Audiences
In addition, we also use Facebook Custom Audiences. Facebook Custom Audiences is a Facebook marketing service. It allows us to display personalized and interest-based advertising on Facebook to certain groups of pseudonymized visitors to our website who also use Facebook.
A Facebook Custom Audience pixel is integrated into our website. This is a Java Script code used to store non-personal information about your use of the site. This includes your IP address, the browser you are using, and the source and destination pages. This information is transmitted to Facebook servers in the United States. There, an automatic check is performed to see if you have saved a Facebook cookie. The Facebook cookie automatically determines whether you belong to the relevant target group for us. If you belong to the target group, we will show you relevant ads on Facebook. You will not be personally identified by us or by Facebook as part of this process.
You may object to the use of the Custom Audiences service on the Facebook website (https://www.facebook.com/ads/website_custom_audiences). After logging in to your Facebook account, you will be taken to the settings for Facebook ads.
3.7.11. RTB House
On our website, we use technology from RTB House S.A., 61/101 Złota Street, 00-819 Warsaw, Poland. This technology enables us to use pixels (see section 3.6.5.) and cookies (see section 3.5.) to offer further content that may also be of interest to you within our website or on third-party websites ("retargeting"). Cookies are used as part of this process. The recommendations integrated by RTB House are determined on the basis of your previously read content. The content is technically controlled and delivered by RTB House automatically. Display takes place on a pseudonymous basis.
The information generated by the cookie about your use of this website, such as browser type/version, operating system used, Referrer URL (the previously visited page), time of server request is transmitted to RTB House’s server and stored there.
3.7.12. Ad Up
3.7.13. Option to object/opt-out
You can prevent the targeting technologies we described by activating the appropriate cookie setting in your browser (see also section 3.5.). In addition, you have the option of deactivating preference-based advertising with the help of the preference manager available here: http://www.youronlinechoices.com/uk/your-ad-choices.
4. Third party services and plugins
4.1. Google Maps
We use Google Maps API for displaying interactive maps directly on our website and to enable the simplified use of map functionality. Your IP address is transmitted and stored on one of Google’s servers in the US for the usage of Google Maps functionality (see section 3.7.1 regarding the US Privacy Shield). Legal basis is Article 6 (1) (f) GDPR.
4.2. Google Fonts
On our website we use fonts (“Google Fonts”) provided by Google. For this your browser loads the required font into your browser cache when our website is opened. This is necessary so that the browser can display a visually improved version of our texts. If your browser does not support this feature, a default font will be used by your computer for display. The integration of these fonts is completed by a server call, usually a Google server in the USA. This will communicate to the server that you have visited this website.
When the page is accessed, cookies are not sent by users to the Google Fonts API. Data transferred in connection with the pageview is sent to resource-specific domains such as fonts.googleapis.com or fonts.gstatic.com. You will not be associated with any information collected or used in connection with the parallel use of authenticated Google services, such as Gmail. You can set your browser so that the fonts from Google servers are not loaded.
HomeToGo uses Google fonts to ensure an appealing presentation of its services. The legal basis is Article 6 (1) (f) GDPR.
Wimdu is a company of the HomeToGo Group. We may share your personal data with our associated companies within the HomeToGo Group on an occasional basis. The HomeToGo Group includes all (current and future) entities that are directly or indirectly controlled by HomeToGo GmbH (“HomeToGo”) or are under common control of HomeToGo. The transfer of data within the HomeToGo Group takes place for the following purposes:
a) Provision of our intermediary services and of our portal
b) Provision of customer service services
c) Sending advertising with your consent or if permitted by applicable law
d) Analysis, optimization and improvement of our website and app
e) Identification and investigation of fraud and illegal activities
f) Compliance with laws and regulations
The legal basis for the transfer of data within the HomeToGo Group is Article 6 (1) (a), (b) and (f) GDPR.
In detail, the legal basis for the purposes a) and b) is Article 6 (1) (b) GDPR. Sharing this data enables us to fulfill our contractual obligations arising from our terms of service.
The legal basis for purpose c) is your explicit consent (Article 6 (1) (a) GDPR) that you may revoke any time, or our legitimate interest to do marketing for existing customers (Article 6 (1) (f) GDPR). The lawfulness of the data processing already carried out remains unaffected by the revocation.
For purposes d), e) and f), our legitimate interest derives from the improvement of our services as well as the protection of your identity and the prevention of fraudulent activities (Article 6 (1) (f) GDPR).
6. Your rights
In addition to the right to revoke the consent you have granted to us, you are entitled to the following further rights if the relevant legal requirements apply:
- Right of access to information about your personal data stored with us pursuant to Article 15 GDPR
- Right of rectification of inaccurate personal data and right to have incomplete personal data completed pursuant to Article 16 GDPR
- Right to erasure of your personal data stored by us pursuant to Article 17 GDPR
- Right to restriction of processing of your data pursuant to Article 18 GDPR
- Right to data portability pursuant to Article 20 GDPR
6.2. Right to object
Under the conditions of Article 21 (1) GDPR, data processing can be objected to on grounds relating to the particular situation of the data subject.
7. Your California Privacy Rights
In case the California Consumer Privacy Act (“CCPA”) applies, you are entitled to the following rights:
- Right to request disclosure of your personal information we collected and used over the past 12 months
- Right to request deletion under certain circumstances
If you exercise your access right in a verified way, we will disclose the following information in a portable and (if technically feasible) readily usable form to you: categories of personal information collected, categories of sources for that information, business or commercial purpose for the collection, categories of third parties with whom we share the information, and the specific pieces of personal information we collected on you.
We do not sell (as such term is defined in the CCPA) personal information and will not sell it without providing a right to opt out.
We will not discriminate against you for exercising the rights under CCPA. In particular, we will not, deny you goods or services, charge you different prices for goods or services, whether through denying benefits or imposing penalties, provide you with a different level or quality of goods or services, and/or threaten you with any of the above.
As a California resident you may make a request and exercise your rights under CCPA by contacting us at the email address or telephone number indicated at the top of this page (in our imprint). Please provide sufficient information that allows us to reasonably verify that you are either the person on whom we collected personal information or an authorized representative of that person.
We may have collected the following categories of personal information on California residents in the past 12 months:
- Identifiers (e.g. name, postal address, email address, IP address, etc.)
- Commercial information (e.g. booking inquiries, bookings)
- Internet activity (e.g. browser information, referral URL, usage of our website)
- Geolocation data (country and region)
- Inferences about personal preferences and attributes via cookies
Version 2 – As of the 1st of October 2019