​Privacy policy for prize competition

A deal from , 5. Mar. 2017 5:57 pm

Privacy policy for prize competition

We give great importance to the protection of your personal data and compliance with data protection laws. Below, we inform you in particular about which personal data is processed for which purposes and on which legal basis.

1. Who is responsible for data processing?

HolidayPirates GmbH, Wallstraße 59, 10179 Berlin, Germany is the data controller. The Data Protection Officer of the HolidayPirates GmbH is Mr. Roman Maczkowsky. He can be contacted here: [email protected]

2. Which categories of personal data are being used?

We process the contact data and in addition to the protocol data which arise with the use of our IT systems. Furthermore, we process contact data like forename, surname, address, and e-mail address of the winner in this prize competition.

2.1 Information you will provide by participating in this contest:

Email address and name

For more information click here: https://www.holidaypirates.com/tourism/providers/about-us/dataprotection/

3. Where do these data come from?

The data comes directly from you as they have been collected in the course of participating at the prize draw.

4. For which purposes are my data being processed? Which is the legal basis that the company bases this on?

a. Art 6 para 1 b) GDPR
We process personal data within the framework of contractual negotiations and the performance of the contract for the prize draw that has been concluded between you and us.
Processing takes place for the provision of contractually guaranteed services like e.g. the fulfilment of a possible claim for the prize offered as part of the competition.

Legal basis is Art. 6 para. 1 b) GDPR. Within the scope of contract fulfilment and performance we process the data that you provide to us upon formation of the contract or in the course of the contractual relationship. This includes in particular your master information (name, surname, date of birth, address, e-mail address).

b. Art. 6 para 1 a) GDPR
If you have provided us with your consent to process data, we do so for the purposes informed about in the course of the declaration of consent. Consent that you have provided may be revoked at any time.

c. Art. 6 para 1 f) GDPR
We process your data in order to protect our own legitimate interest or those of third parties. This applies in particular to internal communication between affiliated companies and other administrative purposes.

5. Will data be transferred?

Within our company respectively the group of companies those employees receive access to your data who need the data in order to fulfil the contractual or legal responsibilities. Moreover, service providers that we use may also receive data for these purposes:


  • Address & place of jurisdiction: Crowd9 PTY LTD, 16 Jacaranda Crescent, Mornington, VIC 3931, Australia,
  • GDPR Compliance: https://gleam.io/privacy
  • Purpose: This supports the purpose to fulfill campaign obligations created by HolidayPirates GmbH, to detect fraudulent activity in campaigns and invalidate entries, to send out campaign emails
  • Disclosed Data: Email-address, Name, Cookie-ID, IP-address, general location, Browser Identification

Adjust GmbH (Apps)

  • Address: adjust GmbH, Saarbrücker Str. 37A, 10405 Berlin, Germany
  • GDPR Compliance: https://www.adjust.com/gdpr/
  • Purpose:
    • Support in the identification of mobile application behavior to prepare targeted marketing decisions; Support in the efficient handling and optimization of mobile campaigns for social networks and elsewhere on the Internet.
  • All pseudonymised data:
    • Pseudonymous cookie ID, ad ID and device ID used by a particular person, events in the mobile app about the use of the mobile app by a particular user (in particular login, successful completion of the transaction), but no payment and financial data.
    • Content of the advertisement to be delivered to a particular user and, as appropriate, classified advertising group to which that person belongs.

6. What are my rights?

Basically you have the following rights:

  • right of access (Art. 15 GDPR)
  • right to rectification (Art. 16 GDPR)
  • right to object (Art. 21 GDPR)
  • right to erasure (Art. 17 GDPR)
  • right to restriction of processing (Art. 18 GDPR)
  • right to data portability (Art. 20 GDPR)

Where we cite our legitimate interest (Art. 6 para 1 f) GDPR) as the legal basis, you have a right to objection pursuant to Art. 21 GDPR.

According to Art. 21 GDPR you have the right

to object to the processing of personal data at any time. We will then no longer process the personal data for direct marketing purposes or a related profiling.

We also do not process your personal data for other purposes after your objection unless we can demonstrate reasons that are binding and worthy of protection for the processing of the data which outweigh your interests, rights and freedoms, or the processing of your personal data serves to assert, exercise or defend legal claims (cf. Art. 21 para. 1, para. 6 GDPR, so-called "limited right of objection"). In this case, you must explain the reasons for the objection arising from your particular situation.

7. Do I have a right to complain?

Yes, you have the possibility to address your complaint directly to us or towards the competent data protection authority.

We attach great importance to transparency. Please do not hesitate to contact us if you have any questions.

8. How long will my data be saved?

We process and store your personal data for the period of the existing contract. We will regularly delete the data when data is not required for contractual or legal purposed anymore. However, we need to take into account legal retention periods (in particular § 257 HGB and § 147 AO). These are up to 10 years.
Insofar as data is to be retained to ensure enforcement of legal claims, the limitation periods can be up to 30 years, whereby the regular limitation period is three years.
If your data is used for advertising purposes, we will only process the data until you object to its use or have revoked your consent or until usage is no longer permitted by law.

9. Do I have to give you my data?

In the context of our contractual relationship, you must provide the personal data that is necessary for the performance and fulfilment of the contract or the processing of which we are legally bound. Failure to make them available would mean that we would regularly are unable to conclude the contract with you.