Our company takes the protection of personal data very seriously. We want you to know what data we collect, when we collect it and how we use it. When handling and processing personal data, we comply with the requirements of the EU General Data Protection Regulation (GDPR) and the new Federal Data Protection Act (BDSG). In the following, we inform you in accordance with Art. 13 and Art. 14 GDPR about how we process your personal data.
In principle, it is not necessary to disclose personal data in order to use the TMGS website. Every time you access one of our pages, data about your visit to the website is stored in a log file. These log files and processed usage statistics are made available to us by our web host. This is not personal data; we cannot determine which user called up which data. Collected data will not be passed on to any third parties. Please note that data transmitted via the Internet (e.g. via e-mail communication) may be subject to security breaches. Completely protecting data against third-party access is therefore impossible.
Protection of minors
Consent to the processing of personal data can only be given by an adult. For information society services that are offered directly to the child, the consent of a child is permissible from the age of sixteen in accordance with Art. 8 GDPR.
Server log files
The website provider automatically collects and stores information in "server log files", which your browser automatically transmits to us. This includes:
• Browser type, browser version and browser language
• Operating system used
• Referrer URL
• Host name of the accessing computer
• Time of the server request
• Date and time zone difference to GMT of the server request
• IP address
• Name and URL of the retrieved file or website
• Amount of data transferred
• Access status / http status code
• Notification of successful retrieval
We use the log data only for statistical, operational and security purposes or to optimise our offer/our website. This data will not be combined with data from other sources.
For certain offers and services we need personal data in individual cases. In this case, the data you provide voluntarily – for example via a form – will only be used by us for the purpose you have requested, for example to contact you. Collected data will not be passed on to any third parties.
Application of cookies
"Cookies" are small files that enable us to store specific information related to you, the user, on your PC while you visit one of our websites. Cookies help us to determine the frequency of use and the number of users of our website, as well as to make our offers as convenient and efficient as possible for you.
First, we use "session cookies", which are cached exclusively for the duration of your visit to our website . Second, we use "permanent cookies" to record information about visitors who repeatedly access one of our websites. The purpose of using these cookies is to provide you with optimum user guidance, to "recognise" you and to present you with as varied a website as possible and new content in the event of repeated use. The content of a permanent cookie is limited to an identification number. Name, IP address etc. are not stored. An individual profile is not created about your usage behaviour.
It is also possible to use our offers without cookies. In your browser, you can deactivate the saving of cookies, limit them to particular websites, or set the browser to notify you when a cookie is sent. You can also delete cookies from your computer's hard drive at any time (folder: "Cookies"). Please note, however, that in this case, you should expect a limited page presentation and limited user guidance.
Rights of data subjects
As a data subject you have the right:
- to request information about the personal data processed by us under Art. 15 GDPR. In particular, you may obtain information about the purposes of processing; the category of personal data; the categories of recipients to whom your data have been or will be disclosed; the planned retention period; the existence of a right to correction, deletion, restriction of processing or objection; the existence of a right of appeal; the origin of your data, if they have not been collected by us, and requires the existence of automated decision-making including profiling and, where appropriate, meaningful information about its details;
- to immediately request the completion of or the correction of incorrect personal data stored by us in accordance with Art. 16 GDPR;
- to request the deletion of your personal data stored by us in accordance with Art. 17 GDPR, unless the processing is necessary to exercise the right to freedom of expression and information, to fulfil a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims;
- to demand the restriction of the processing of your personal data in accordance with Art. 18 GDPR, insofar as the accuracy of the data is disputed by you, the processing is unlawful, but you reject its deletion and we no longer need the data, but you need it to assert, exercise or defend legal claims or you have objected to their processing in accordance with Art. 21 GDPR.
For anything pertaining to this, please contact us via email at firstname.lastname@example.org. Alternatively, as in all other cases, you can of course contact our company at the postal address provided.
Furthermore, according to Art. 7 para. 3 GDPR, data subjects have the right to withdraw their consent to the processing of personal data concerning them for one or more purposes with future effect. The legality of the processing carried out on the basis of the consent until withdrawal is not affected. However, a withdrawal usually means that the purpose for which the data was collected cannot be fulfilled. For anything pertaining to this, please contact us via email at email@example.com.
Erasure of personal data
Personal data will be erased if the purpose for storage no longer applies and no legal norm (e.g. the statutory retention period) prescribes the retention of the data. The requirements of Art. 17 GDPR apply in conjunction with Section 35 BDSG. If the erasure is not possible for legal, contractual or commercial or tax reasons, the processing of the data can be restricted at the request of the data subject.
Right of data subject to data portability
The company ensures the right to data portability in accordance with Art. 20 GDPR. Every data subject has the right to receive a copy of their personal data in a standard machine-readable file format.
Data subject's right to lodge a complaint
According to Art. 77 GDPR, data subjects have the right to complain to a supervisory authority. As a rule, you can contact the supervisory authority at your usual place of residence our registered office.
Right of objection according to Art. 21 GDPR
If your personal data is processed on the basis of legitimate interests in accordance with Art 6 para. 1 sentence 1 lit. f) GDPR, you have the right to object to the processing of your personal data in accordance with Art 21 GDPR if there are reasons for this that arise from your particular situation or if the objection is directed against direct advertising. In the latter case, you have a general right of objection, which we will implement without the need for you to specify a particular situation. If you would like to make use of your right of withdrawal or objection, emailing firstname.lastname@example.org is sufficient.
We maintain up-to-date technical measures to ensure data security, in particular, to protect your personal data against dangers during data transfers, as well as prior knowledge of third parties. These are adapted to the current state of the art in each case.
When you visit our website, we utilise the common SSL (Secure Socket Layer) method together with the highest level of encryption supported by your browser. Usually this is a 256-bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead. The transmission of a single page of our website in encrypted form is indicated on our website by the display of a closed key or lock icon in the bottom status bar of your browser.
We also use suitable technical and organisational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction, or unauthorised access by third parties. Our security measures are continuously improved corresponding to the technological developments.
Plugins from the social networks Facebook, Instagram, YouTube, Pinterest and Twitter are integrated on our website. You can recognize the plugins by the corresponding logos or "Like" buttons on our site. To protect your personal data, no direct connection is initially established between your browser and the servers of the providers of the social media services Facebook, Instagram, YouTube, Pinterest and Twitter via the respective plugin. The plugins only become active when you activate these buttons and thus declare your consent to communication with Facebook, YouTube, Pinterest or Twitter and thus establish a connection to the social networks.
The 2-click system
The connection to the social media services is only established with a second click on the respective button. Clicking on one of these buttons means that you as the user give your consent to transmit data to the respective operator of the social network. But only for this one website and for the selected service. When you call up other TMGS pages, the deactivated button appears once more.
The buttons of the social networks you use regularly can also be permanently activated. To do this, tick the appropriate box under the gear icon. The selected button is then always directly active. You can change this again later using the gear icon.
Be careful what information you disclose in these channels via comments. These are visible to other visitors to the site and to the administrators. Because the websites are public, any information you share with a website is public data. This means that a comment can also be used outside of the respective social media channel. Be aware that this information may be indexed by search engines, including Google. This data is neither evaluated nor recorded elsewhere by us, neither now nor in the future. The statistics provided by the respective social media channels are issued in aggregated form and do not allow any conclusions to be drawn about personal data.
Plugins from the social network Facebook, provider Meta Platforms Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, are integrated on our website. You can recognize the Facebook plugins by the Facebook logo on our page. For an overview of Facebook plugins, see https://developers.facebook.com/docs/plugins/?locale=en_US.
Our website uses plugins from the YouTube site, which is operated by Google. The operator of the website is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.
If you visit one of our pages equipped with a YouTube plugin, no direct connection to the Google servers is initially established. Only when you activate the YouTube videos embedded in our website do you enter the scope of the Google data usage guidelines at https://policies.google.com/privacy?hl=en-GB&gl=de. This means that information about your use of YouTube is transmitted to the operator in the USA and may be saved.
If you are logged into your YouTube account, you enable YouTube to assign your surfing behaviour directly to your personal profile. You can prevent this by logging out of your YouTube account.
Plugins from the social network Twitter, provider Twitter, Inc., 1355 Market Street, San Francisco, California 94103, USA, are integrated on our website. You can recognize the Twitter plugins by the Twitter logo and the tweet buttons on our site. You can find an overview of the Twitter plugins here: https://dev.twitter.com/web/overview.
When you visit our website, no direct connection is established between your browser and the Twitter server via the plugin. A connection to the social network is only established when you click on the button and the associated consent to communication with Twitter.
You can change your data protection settings on Twitter in the account settings at https://twitter.com/de/account/settings.
The use of Instagram
We use Instagram to be able to display and offer you content and functions of the Instagram social platform on our website and thereby improve our offer and the user experience and make it more interesting. "Instagram" is a social plug-in from Meta Platforms Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (hereinafter referred to as: "Instagram") to display content from the Instagram social platform on websites on our website to involve Personal or personally identifiable data is passed on to Instagram. If you have an Instagram user account and are registered, Instagram can also assign the visit to your user account. Instagram stores this data as usage profiles and uses it for the purposes of advertising, market research and/or requirements-oriented design of its website. Such an evaluation is carried out in particular (even for non-logged-in users) to provide interest-based advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles. Please contact Instagram directly for this.
If you want to prevent data transfer, you cannot use the Instagram functions. Irrespective of this, we recommend that you regularly log out of your user account after using a social network, but especially before activating integrated content, as this way you can avoid being assigned to your profile with the respective provider. Third-party information: Meta Platforms Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. Further information on data protection and data use by LinkedIn can be found on the following LinkedIn website: https://help.instagram.com/155833707900388
The use of Pinterest
We have no influence on data collection and further processing by Pinterest. Furthermore, we do not know to what extent, where and for how long the data is stored, to what extent Pinterest fulfils existing deletion obligations, what assessments and links are made with the data and to whom the data is passed on. If you wish to prevent Pinterest from processing personal data that you have submitted to us, please do not link to your Pinterest account or contact us in a different way. You can find our complete contact details in our legal notice on Pinterest.
The use of web fonts
This website uses external fonts: Google Fonts. Google Fonts is a service of Google Inc. ("Google"), 1600 Amphitheatre Parkway, Mountain View, California, 94043, USA). Integration of these web fonts is implemented – insofar as they are not integrated locally – via a server access, typically a Google server in the United States. As a result, the following may be transmitted to the server and stored by Google:
Name and version of the browser used
Website from which the request was triggered (referrer URL)
Operating system of your computer
Screen resolution of your computer
IP address of the requesting computer
Language settings of the browser or the operating system that the user uses
The use of Google Fonts serves to make it easier for you to read our website and to make it graphically more pleasant. It is used either with your consent or through local integration.
The use of Google Analytics
We use Google Analytics, a web analysis service of Google Inc., for demand-oriented design and continuous optimisation of our pages. (https://www.google.de/intl/de/about/) (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; "Google"). In this context, pseudonymised user profiles are created and cookies (see Section 4) are used. The information generated by cookies about your use of this website, such as
- browser type/version,
- operating system used,
- referrer URL (the previously visited page),
- host name of the accessing computer (IP address),
- time of the server request,
are transferred to a Google server in the USA and stored there. However, if IP anonymisation is activated on this website, your IP address will be truncated by Google within the member states of the European Union or in other countries that are contracting parties to the Agreement in the European Economic Area. Only in exceptional cases will the full IP address be transferred to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information to analyse your use of the website, compile reports regarding website activity, and provide other services related to website activity and internet usage for the purposes of market research and the needs-based design of these websites. This information may also be transferred to third parties, provided this is legally required, or to the extent that such third parties process the information. Under no circumstances will your IP address be merged with other data from Google. The IP addresses are anonymised, so that an assignment is not possible (IP masking).
You may refuse the use or storage of cookies by selecting the appropriate settings in your browser. However, we would point out that in this case, it may not be possible to use all of the functions of our website to the full extent.
Opting out of Google Analytics tracking
Furthermore, you can prevent the collection of data generated by the cookie and related to the usage of the website (including your IP address) and the processing of this data by Google by downloading and installing the browser plug that is available at the following link (http://tools.google.com/dlpage/gaoptout?hl=en). As an alternative to the browser add-on, especially for browsers on mobile devices, you can prevent Google Analytics from collecting data by clicking on the following link: https://tools.google.com/dlpage/gaoptout?hl=en. This sets an opt-out cookie that prevents the future collection of your data when visiting this website. The opt-out cookie applies only in this browser and only for our website and is stored on your device. If you delete the cookies in this browser, you must set the opt-out cookie again. Further information on data protection in connection with Google Analytics can be found in the Google Analytics help (https://support.google.com/analytics/answer/6004245?hl=en), atwww.google.com/analytics/terms/de.htmlor atwww.google.com/intl/de/analytics/privacyoverview.html.
Please note that on this website Google Analytics has been extended with the code “gat._anonymizeIp();” in order to ensure an anonymised collection of IP addresses (IP masking).
The use of Google ads
We use Google Ads to draw attention to our offer with the help of advertising ("Google Ads") on Google and external websites. In addition, we are able to analyse which of our advertising measures bring what success.
As part of the use of Google Ads, we use Google Ads conversion tracking. Google Ads conversion tracking makes it possible to analyse the usage behaviour of the person concerned after clicking on one of our advertisements. If you click on a Google ad, Google will store cookies on your end device. These cookies usually lose their validity after 30 days. They are not used for personal identification. Based on the cookies, it is then possible to recognize which of our offers you have viewed, and which features of our website you have subsequently used. Google provides us with corresponding statistical evaluations that we can use to determine the effectiveness of our advertising measures.
We also use the Google Ads remarketing function. The remarketing function makes it possible to present advertisements on websites operated by third parties. As part of the Google Ads remarketing function, the usage behaviour of the person concerned is analysed on our website, for example which of our offers the person concerned was interested in. Based on this, the data subject can be shown targeted advertising on other websites even after they have left our website. For this purpose, Google Ads stores cookies (cf. the explanations above under “Cookies”) on your system. These cookies usually lose their validity after 30 days. They are not used for personal identification. The setting of cookies enables Google to analyse the use of our website by the data subject.
The processing is carried out on the basis of your explicit consent. Only in the event that your consent should prove to be ineffective for formal reasons, will we base the processing on the legal basis of a balancing of interests, with our legitimate interest being in targeted advertising and in analysing the effect and efficiency of this advertising. You can change your participation in this tracking process here at any time. Please note that in this case, you may not be able to use all functions of this site in full.
The use of Google Tag Manager
The use of OpenWeatherMap
The use of the Outdooractive offer
Outdooractive receives the following data, which is technically necessary for Outdooractive to show you the electronic databases and to ensure stability and security (legal basis is Art. 6 para. 1 s. 1 lit f) GDPR):
- IP address
- Date and time of request
- Time zone difference from Greenwich Mean Time (GMT)
- Content of the request (specific page)
- Request status/HTTP status code
- Respective volume of data transferred
- The website making the request
- User Location
- Operating system and device
- Language and version of the browser software.
The IP address transmitted by your browser will not be merged with other data collected by us.
Outdooractive continues to use your GPS data when you use the electronic databases.
We have no influence on the data collected and the platforms' data processing nor are we aware of the full extent of data collection, the purposes of such processing, or for how long they will store your data. We also have no information on how Outdooractive deletes the data collected.
Outdooractive saves the data collected about you as a user profile and uses this for market research purposes and/or the needs-based design of electronic databases. You have the right to object to the creation of these user profiles, whereby you must contact Outdooractive to exercise this right. The legal basis for using the services of Outdooractive is Art. 6 para. 1 s. 1 lit. f) GDPR.
The use of Feratel with the TOSCS booking system
We use the feratel booking system. The service provider is feratel media technologies AG, Maria-Theresien-Strasse 8, A-6020 Innsbruck, Austria. Through feratel, we want to make it easy to book appointments on our website. By using feratel, data that you enter in the appointment booking mask is transferred to feratel media technologies AG. You are not obliged to use feratel to make an appointment. You can use other contact options.
The processing is carried out on the basis of your consent. You give your consent via the feratel media technologies AG cookie consent tool. We have no influence on this processing activity. More information on data processing by feratel media technologies AG can be found at: www.feratel.com/datenschutz.html.
The use of HERE maps
The use of Open Street Map
We only use your email address to inform you regularly about interesting travel destinations and current events. You give your consent exclusively to Tourismus Marketing Gesellschaft Sachsen mbH. Disclosure to unauthorized third parties is generally excluded. You can unsubscribe from the newsletter at any time by simply using the link directly in the newsletter.
Information on the newsletter and consent
Our website offers you the opportunity to subscribe to various newsletter. We use these newsletters to inform you about our offers at regular intervals. To receive our newsletter, you will need a valid email address. We send newsletters, emails and other electronic notifications containing advertising information (hereinafter referred to as "newsletters") only with the express consent of recipients or with statutory permission. Our newsletters contain information about travel topics (e.g. tourist information, events and bookable offers), from the field of market research and tourism cooperation.
Double opt-in and logging
Subscription to our newsletter takes place using a process known as double opt-in. This means that after registration you will receive an email in which you are asked to confirm your registration. Confirmation is required to ensure that no one can subscribe using another person's email address. A record of subscriptions to the newsletter is kept in order to record the subscription process in accordance with legal requirements. This includes the storage of the registration and confirmation time, as well as the IP address. Changes to your data stored with Maileon are also logged.
Use of the "Maileon" shipping service
The newsletter is sent using “Maileon”, a newsletter mailing platform from the German provider XQueue GmbH, Advanced E-Mail-Marketing Technologies, Christian-Pleß-Str, 11-13, 63069 Offenbach am Main. The email addresses of our newsletter recipients, as well as their other data described in this notice are stored on the servers of XQueue in Germany. XQueue uses this information to send and evaluate the newsletter on our behalf. Technical information (e.g., time of access, IP address, browser type and operating system) is collected as well. This information cannot be assigned to a specific recipient. It is used exclusively for the statistical analysis of our newsletter campaigns. The results of these analyses can be used to ensure that the content of future newsletters better matches the interests of recipients. If you do not wish your use of the newsletter to be analysed by XQueue, you will have to unsubscribe from the newsletter. However, XQueue does not use the recipient data of our newsletter to approach recipients directly, nor do they pass the information on to third parties. XQueue is obliged to comply with the EU General Data Protection Regulation. We have concluded an order processing contract with XQueue, in which we oblige XQueue to protect our customers' data and not to pass it on to third parties.
To subscribe to the newsletter, simply enter your email address. Optionally, we ask you to enter your form of address and your first and last name. This information is only used to personalise the newsletter. Furthermore, we also ask you to optionally indicate your place of residence and your country. We only use this information to adapt the contents of the newsletter to the interests of our readers.
Statistical surveys and analyses
Statistical data collection includes an analysis of when the newsletters are opened, and which links are clicked on. This information cannot be assigned to individual newsletter recipients. The evaluations serve us much more to recognize the reading habits of the readers and to adapt our content to them.
Online access and data management
You can cancel your subscription to our newsletter at any time, i.e. withdraw your consent. You will find a link to cancel the subscription to the newsletter at the end of each newsletter. You can also unsubscribe from the newsletter by sending an email to email@example.com. At the same time your consent to the newsletter's dispatch via XQueue and the statistical analyses expires. A separate cancellation of either the dispatch via XQueue or the statistical evaluation is unfortunately not possible. The information is retained for as long as you remain subscribed to the newsletter. After you have unsubscribed/cancelled/withdrawn consent, your personal data, which was only saved because you subscribed to the newsletter, will be irrevocably deleted.
Links to other websites
Our homepage contains links to other websites. We do not have any influence on whether their operators observe the data protection provisions. Please note the disclaimer in the legal notice.
Processing agency or data controller
The processing body or data controller within the meaning of the General Data Protection Regulation and the Federal Data Protection Act is Tourismus Marketing Gesellschaft Sachsen mbH in 01099 Dresden, Bautzner Str. 45-47, Tel.: +49 351 - 49 17 00, email: firstname.lastname@example.org, website: www.sachsen-tourismus.de.
Data protection officer
To protect data protection rights, our company has appointed an external data protection officer. Our data protection officer is
Astrid Kloss - Consultant for data protection and data security, www.kloss-consulting.de
YOUR CONTACT FOR DATA PROTECTION