Privacy Policy

Name and contact information of the Controller pursuant to Article 4 (7) GDPR

Monika Näther
Address: Schmidschneider Strasse 13b, 82211 Herrsching
Phone: 08152 4318

Safety and protection of your personal data

We consider it our primary responsibility to protect the confidentiality of the personal information you provide and to protect it from unauthorized access. That's why we take the utmost care and use state-of-the-art security standards to ensure maximum protection of your personal information.

As a private company, we are subject to the provisions of the European General Data Protection Regulation (GDPR) and the regulations of the German Federal Data Protection Act (BDSG). We have taken technical and organizational measures which ensure that data protection regulations are observed by us and by our external service providers.


The law requires that personal data be processed lawfully, in good faith and in a manner that is transparent to the data subject ("lawfulness, fairness, transparency"). To ensure this, we would like to inform you of the legal definitions that are used in this Privacy Statement:

  1. Personal data

"Personal data" means any information relating to an identified or identifiable natural person (hereinafter the "data subject"). A natural person is considered to be identifiable if he or she can be identified directly or indirectly, in particular by association with an identifier such as a name, an identification number, location data, an online identifier, or one or more special features which express the physical, physiological, genetic, mental, economic, cultural or social identity of the natural person.

  1. Processing

"Processing" means any operation or set of operations which is performed on personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

  1. Restriction of processing

"Restriction of processing" means the marking of stored personal data with the aim of limiting its processing in the future.

  1. Profiling

”Profiling“ means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning that natural person's performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location or movements.

  1. Pseudonymization

“Pseudonymization“ means the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organizational measures to ensure that the personal data is not attributed to an identified or identifiable natural person

  1. Filing system

“Filing system“ means any structured set of personal data which is accessible according to specific criteria, whether centralized, decentralized or dispersed on a functional or geographical basis.

  1. Controller

“Controller“ means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data. Where the purposes and means of such processing are determined by European Union or Member State law, the controller or the specific criteria for its nomination may be provided for by European Union or Member State law.

  1. Processor

“Processor“ means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.

  1. Recipient

“Recipient“ means a natural or legal person, public authority, agency or another body, to which the personal data is disclosed, whether a third party or not. However, public authorities which may receive potentially personal data in the framework of a particular inquiry in accordance with European Union or Member State law shall not be regarded as recipients. The processing of that data by those public authorities shall be in compliance with the applicable data protection rules according to the purposes of the processing.

  1. Third party

A “third party“ means a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorized to process personal data.

  1. Consent

The “consent“ of the data subject means any freely given, specific, informed and unambiguous indication of the data subject's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.

Lawfulness of processing

The processing of personal data is only lawful if there is a legal basis for such processing. Pursuant to Article 6 (1) (a) - (f) of the GDPR, the legal basis for the processing may be in particular:

  1. The data subject has given consent to the processing of his or her personal data for one or more specific purposes
  2. Processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract
  3. Processing is necessary for compliance with a legal obligation to which the controller is subject
  4. Processing is necessary in order to protect the vital interests of the data subject or of another natural person
  5. Processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller
  6. Processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child.

Information regarding the collection of personal data

(1) Below, we inform you of the collection of personal data when using our website. Personal data is e.g. you name, address, email addresses, user behavior, etc.

(2) When contacting us by email, the information you provide (your email address and, if applicable, your name and your telephone number) is stored by us in order to answer your questions. We delete the data collected in this manner once storage is no longer required, if processing is restricted, or in the event that legal retention obligations exist.

Collection of personal data when visiting our website

When you merely use the website for informational purposes, i.e. if you do not register or otherwise provide information to us, we only collect the personal data that your browser transmits to our server. If you wish to view our website, we collect the following data which is technically necessary for us to display our website to you and to ensure its stability and security (here, the legal basis is Article 6 (1) (f) GDPR):

– IP address
– date and time of the request
– time zone difference to Greenwich Mean Time (GMT)
– content of the request (specific page)
– access status/HTTP status code
– each transmitted volume of data
– website from which the request originates
– browser
– operating system and its user interface
– language and version of the browser software

Use of Cookies

(1) In addition to the aforementioned data, cookies are stored on your computer when you use our website. Cookies are small text files that are stored on your hard drive and that are assigned to the browser you are using and that provide certain information to the entity that sets the cookie. Cookies cannot execute programs or transmit viruses to your computer. They help make internet offerings overall more user-friendly and effective.

(2) This website uses the following types of cookies, whose scope and function are explained below:

– Transient cookies (see a.)
– Persistent cookies (see b.).

  1. Transient cookies are automatically deleted when you close the browser. These include in particular session cookies. These store what is known as a session ID, with which various requests from your browser can be assigned to a common session. This permits your computer to be recognized when you return to our website. Session cookies are deleted when you log out or close the browser.
  2. Persistent cookies are automatically deleted after a specified period, which may differ depending on the cookie. You can delete the cookies at any time from within the security settings of your browser.
  3. You can configure your browser setting to match your preferences and e.g. decline to accept third-party cookies or all cookies. "Third-party cookies" are cookies that have been set by a third party and therefore not by the actual website which you currently are on. Please note that disabling cookies may not enable you to use all features of this website.

More features and offerings on our website

(1) In addition to the purely informational use of our website, we offer various services that you can use if you are interested. To do this, you will generally need to provide other personal information that we use to provide the service and to which the aforementioned data processing principles apply.

(2) In part, we use external service providers to process your data. These have been carefully selected and commissioned by us, are bound by our instructions, and are regularly inspected.

(3) Furthermore, we may disclose your personal data to third parties if participation in promotional campaigns, sweepstakes, contracts or similar services are offered by us in conjunction with our partners. Further information will be available at the time you enter your personal information or at the bottom of the description of the respective offer.

(4) Insofar as our service providers or partners are based in a country outside the European Economic Area (EEA), we will inform you of the consequences of this in the description of the offer.

Existence of automated decision-making

We refrain from automatic decision-making or profiling.

Ferienwohnung SAMBIA in Herrsching am Ammersee

Monika Näther
Tel. 08152 4318
Mobil: 0175 2702500