Privacy Policy

In accordance with Article 13 of the EU General Data Protection Regulation (GDPR)

We, Frankreichsonne  (hereinafter “we” or “the controller”), take the protection of your personal data very seriously. This privacy policy informs you about how, for what purpose and on what legal basis we process personal data when you use our website www.frankreichsonne.de (hereinafter “the website”).

1. Data Controller and contact details

Data controller within the meaning of the General Data Protection Regulation (GDPR) and the Telecommunications and Digital Services Act (TDDDG):

France
25 Village de Campagne · Modul E
883310 Cogolin
France

Legally represented by:
Susanne Tschirch

Contact:
Email: frankreichsonne[at]live.de
Telephone: +33 603065374
Website: www.frankreichsonne.de

2. General information on data processing

a) Scope of personal data processing

We process our users’ personal data only to the extent necessary to provide a fully functional website and our content and services or where there is a legal basis (e.g. consent, performance of a contract, legitimate interest).
Processing for other purposes (e.g. marketing) takes place only with your express consent.

b) Legal bases

The processing of your data is carried out on the basis of the EU General Data Protection Regulation (GDPR) and the Telecommunications and Digital Services Act (TDDDG). Specific legal bases are:

  • Art. 6(1)(a) GDPR: Consent (e.g. for Google Maps, marketing cookies)
  • Art. 6(1)(b) GDPR: Performance of a contract (e.g. for enquiries via the contact form)
  • Art. 6(1)(c) GDPR: Legal obligation (e.g. retention obligations)
  • Art. 6(1)(f) GDPR: Legitimate interest (e.g. website security, log files)

c) Duration of storage

Your data will be stored only for as long as is necessary for the respective purpose or as required by statutory retention periods (e.g. 10 years for tax-relevant data under the German Fiscal Code (AO)).
Log files are stored for a maximum of 2 months and are then automatically deleted.

3. Provision of the website and creation of log files

a) Description and scope

Each time our website is accessed, our system automatically records the following data (server log files):

  • IP address (deleted or anonymised after 2 months)
  • Date and time of access
  • Browser type and version
  • Operating system
  • Referrer URL (the previously visited page)
  • Pages accessed on our website

The data will not be combined with other personal data (e.g. from contact forms).

b) Legal basis

The legal basis is Article 6(1)(f) of the GDPR (legitimate interest in the security and functionality of the website).

c) Purpose

The storage of log files serves to:

  • Ensure the functionality of the website
  • Defend against attacks (e.g. DDoS, hacking)
  • Troubleshooting

d) Objection

The collection of log files is technically essential and cannot be disabled.

4. Hosting and Content Delivery Network (CDN)

Our website is hosted on servers provided by Hetzner Online GmbH (Industriepark 3, 91710 Gunzenhausen, Germany).

  • Server location: Germany (GDPR-compliant)
  • Data processing: Hetzner processes data exclusively as a data processor on the basis of a data processing agreement (DPA) in accordance with Art. 28 GDPR.
  • Purpose: Provision of the website and storage of log files.
  • Legal basis: Art. 6(1)(f) GDPR (legitimate interest in secure and stable hosting).

5. Use of cookies and consent management (n3t Cookie Consent)

a) Description

Our website uses cookies, which are divided into two categories:

  1. Strictly necessary cookies (technically necessary, cannot be disabled)
  2. Marketing cookies (requiring consent, can be refused)

Consent for non-technically necessary cookies is obtained via the consent management tool “n3t Cookie Consent”.

b) Strictly necessary cookies (technically necessary)

NamePurposeProviderStorage periodLegal basis
_cf_bm Technical cookie used to distinguish between humans and bots in order to prevent spam attacks on our forms (Cloudflare Turnstile). Cloudflare Inc. Session (approx. 30 minutes) Art. 6(1)(f) GDPR (legitimate interest in website security)
n3t_cc Stores your consent status for cookies on this website to remember your preferences and avoid having to ask again on every visit. frankreichsonne.de 395 days Art. 6(1)(c) GDPR (Accountability: proof of consent) and Art. 6(1)(f) GDPR (User-friendliness)

Note:

  • _cf_bm is automatically deleted as soon as you close your browser.
  • n3t_cc is automatically deleted after 395 days or can be manually deleted in your browser.

c) Marketing cookies (requiring consent)

NamePurposeProviderStorage periodLegal basis
NID Used by Google Maps to save user settings (e.g. zoom level, map view) when viewing Google Maps maps. Google Ireland Limited 6 months Art. 6(1)(a) GDPR (Consent)

Note:

  • The NID cookie is only set once you have activated Google Maps (opt-in via n3t Cookie Consent).
  • You can withdraw your consent at any time via the cookie banner or delete the cookie manually in your browser.

6. Google Maps (only with consent)

a) Description

We integrate Google Maps (provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland) to display interactive maps.
Google Maps is only loaded once you have given your consent via the n3t Cookie Consent banner for the “Marketing” category.

b) Data processing by Google Maps

When Google Maps is activated, the following data is transmitted to Google:

  • IP address
  • Browser and device information
  • Date and time of the visit
  • Subpage of our website visited
  • Google Maps-specific settings (stored in the NID cookie)

If you are logged in to a Google account, Google may link this data to your account. To prevent this, please log out before using Google Maps.

c) Legal basis

Art. 6(1)(a) GDPR (consent via n3t Cookie Consent).
You may withdraw your consent at any time by:

  1. Using the cookie banner and withdrawing your consent for ‘marketing’.
  2. Delete the NID cookie from your browser.

d) Data transfer to the USA

Google may transfer data to servers in the USA.

  • Data protection safeguards:
    • Google is EU-US Data Privacy Framework certified (Details).
    • Standard contractual clauses (Art. 46(2)(c) GDPR) are used.

e) Retention period

  • Google stores the data in accordance with its own privacy policy (usually anonymised after 2–26 months).
  • Our storage: We do not store any data from Google Maps on our servers.

f) Further information

7. Contact form and email contact

a) Description

You can send us messages via our contact form. The following data is processed in this process:

  • Name (optional)
  • Email address (required)
  • Message (required)
  • IP address (deleted after 2 months)
  • Timestamp

b) Legal basis

  • Art. 6(1)(a) GDPR (consent by submitting the form)
  • Art. 6(1)(b) GDPR (if the contact is aimed at entering into a contract)
  • Art. 6(1)(f) GDPR (Prevention of spam and misuse)

c) Purpose

  • Processing your enquiry
  • Prevention of misuse (e.g. by spam bots)

d) Retention period

Your data will be deleted as soon as your enquiry has been fully answered and there are no longer any legal retention obligations.
The data from the contact form will be deleted after 2 months at the latest.

e) Cloudflare Turnstile (spam protection)

To protect our contact form from spam and automated attacks, we use Cloudflare Turnstile from the provider:
Cloudflare Inc., 101 Townsend St., San Francisco, CA 94107, USA.

How it works

  • Turnstile uses technical means to check whether the interaction originates from a human or a bot.
  • No CAPTCHAs – instead, non-personal telemetry data and a technically necessary cookie (_cf_bm) are used.
  • No cross-platform tracking or creation of user profiles.

Legal basis

Article 6(1)(f) of the GDPR (legitimate interest in preventing spam and cyber attacks).

Data transfer to the USA

Cloudflare operates a global CDN. A transfer of data to the USA is not technically ruled out.

  • Data protection safeguards: Cloudflare uses Standard Contractual Clauses of the European Commission (Art. 46(2)(c) GDPR) and is EU-US Data Privacy Framework certified.
  • Further information: Cloudflare Privacy Policy

Retention period

The _cf_bm cookie has a lifetime of 30 minutes (session cookie).

8. Your rights as a data subject

You have the following rights in relation to us regarding your personal data:

RightDescriptionLegal basis
Access You may request information about the data we process. Art. 15 GDPR
Rectification You may request the rectification of inaccurate data. Art. 16 GDPR
Erasure You may request the erasure of your data, provided there are no statutory retention obligations. Art. 17 GDPR
Restriction You may request the restriction of processing (e.g. where the accuracy of the data is unclear). Art. 18 GDPR
Data portability You may receive your data in a machine-readable format. Art. 20 GDPR
Objection You may object to the processing, provided that it is based on Article 6(1)(e) or (f) of the GDPR. Article 21 of the GDPR
Withdrawal of consent You may withdraw your consent at any time (e.g. for Google Maps). Art. 7(3) GDPR
Complaint You may lodge a complaint with a supervisory authority (e.g. BfDI). Art. 77 GDPR

Contact details for exercising your rights:
[Your email address]

9. Data security

We implement technical and organisational measures (TOMs) to protect your data from loss, manipulation or unauthorised access. These include:

  • SSL encryption (HTTPS) for all data transfers.
  • Regular backups and access restrictions at server level.
  • No unencrypted transmission of sensitive data.

10. Validity and changes to this privacy policy

This privacy policy is currently valid (as of: ).

Do you have an booking enquiry or are you interested in further information?
We will be happy to inform you!

Frankreichsonne
  Susanne Tschirch · 52b Allee des Mimosas · 83310 Cogolin

  0033 603065374
  frankreichsonne[at]live.de
  www.frankreichsonne.de