Wimdu Terms and Privacy

이용약관

wimdu.com 온라인 플랫폼을 사용에 대한 일반이용약관(GTC)

(Last updated version)

  1. 웹 사이트의 가능성 및 수정
  2. 예약절차, 지불, 송장
    1. 취소 규정에 표시된 옵션 중 하나의 규정에 합의 할 수있습니다. 그 결과로 필요한 환불은 섹션 8.4.3의 의미 내에서 게스트가 선택한 동일한 지불방법으로 사용자에게 윔두에 의해 지불 될 것입니다.
  3. 보증금
  4. 후기 시스템
  5. 기간, 종료
  6. 윔두의 책임
*To read more about our subsidiary liability insurance, click here

취소규정

1. 취소 규정은 어떻게 결정되나요?

  • 예약 취소 규정은 호스트가 직접 선택합니다. 호스트는 ‘매우 유연함’, ‘유연함’ 또는 ‘까다로움’ 세 가지 정책 중 하나를 선택할 수 있습니다. 취소 규정은 호스트와 게스트를 보호하기 위해 규정 되었습니다.

2. 어떻게 예약을 취소하나요?

  • 원활하고 안전한 프로세스를 보장하기 위해 모든 취소는 윔두를 통해 처리되어야 합니다.
  • 만약 예약을 취소하고자하는 경우, 저희 고객 지원팀으로 연락 주시기 바랍니다.
  • 취소는 서면으로 취소자에 의해 전달되어야 합니다. 취소는 예약 코드를 포함해야하며, 윔두에 등록된 사용자의 이메일 주소에서 보내져야 합니다.
  • 윔두로부터 공식적인 취소 확인메일을 받기 전까지 취소는 유효하지 않습니다.
  • 윔두 고객 지원팀은 즉시 취소 요청을 처리하고 호스트 또는 게스트에게 안내할 것입니다. 귀하는 더 이상의 추가 조치를 취할 필요가 없습니다.

3. 게스트가 취소하는 경우, 어떻게 게스트와 호스트에 대한 보상을 처리하나요?

3.1. 일반규정

  • 게스트에 대한 환불금액은 예약이 취소된 시점과 호스트가 선택한 취소 규정에 따라 달라집니다.
  • 환불 금액은 취소 수수료를 포함해 총 가격보다 적은 가격입니다. 즉, 각 예약 경우마다 달라질 수 있습니다. 취소 수수료 금액은 예약 과정에서 표시됩니다. 9.4 절에 규정에 따라 지불 프로세스는 적절하게 적용됩니다.
  • 호스트에 의해 설정된 취소 규정에 관계없이, 호스트가 취소 비용보다 더 적은 손실을 초래하지 않도록 게스트 스스로 입증해야 합니다.

3.2. 개별 취소정책

취소규정: Free Cancellation

You will be refunded the total price (including the Wimdu Service fee) if you cancel the booking at least 2 days before check-in by 12 noon CET (Central European Time). For cancellations that are made less than 2 days before check-in, you will be refunded 5% of the total price minus the Wimdu service fee.

2015년 7월 13일에 '무료 취소' 프로그램이 종료되므로 이에 주의해 주시기 바랍니다. '무료 취소' 프로그램 및 그 이용약관은, 예약시에 제공자에 의해 선택된 '무료 취소' 프로그램 시설에 대한 2015년 7월 13일 이전에 확인 및 요청된 모든 예약에 대해 유효합니다.

취소규정: 매우 유연함

귀하는 적어도 체크인 2일 전(오후 12시, 현지 시간) 전에 예약을 취소할 경우, 총 가격에서 윔두 취소 수수료 제한 금액을 돌려 받게 될 것입니다. 체크인 2일 미만 전 취소의 경우, 총 가격의 5%에서 취소 수수료를 제한 금액을 환불받게됩니다.

취소규정: 유연함

귀하는 적어도 체크인 4일 전(오후 12시, 현지 시간) 전에 예약을 취소할 경우, 총 가격에서 윔두 취소 수수료 제한 금액을 돌려 받게 될 것입니다. 체크인 4일 미만 전 취소의 경우, 총 가격의 5%에서 취소 수수료를 제한 금액을 환불받게됩니다.

취소규정: 까다로움

귀하는 적어도 체크인 7일 전(오후 12시, 현지 시간) 전에 예약을 취소할 경우, 총 가격의 절반 금액에서 윔두 취소 수수료 제한 금액을 돌려 받게 될 것입니다. 체크인 7일 미만 전 취소의 경우, 총 가격의 5%에서 취소 수수료를 제한 금액을 환불받게됩니다.

4. 게스트는 체크인 후 예약을 취소할 수 있나요?

  • 만약 체크인 시 심각한 문제가 발생했을 경우, 24시간 안에 고객 지원팀 으로 연락주시기 바랍니다. 만약 숙소가 정보와 다를 시, 저희는 호스트에게 이에 상응하는 불만을 전달할 것입니다. 이후 문제 검토 후, 호스트에게 지불하는 금액 공제 후 나머지를 되돌려 드릴 것입니다.
  • 환불의 경우 24 시간 이내에 신고를 받을 경우에만 가능하다는 것을 유의해 주시기 바랍니다.
  • 윔두는 공급자로부터 최소 처리 수수료의 금액 지불을 요구할 수있는 권리를 보유합니다.

5. 호스트가 예약을 취소할 경우 어떻게 되나요?

  • 게스트는 총 금액을 돌려받습니다. 이러한 경우에는 취소 수수료가 발생되지 않습니다.
  • 또한, 윔두는 다른 숙소를 찾으실 수 있도록 도와드릴 것입니다.
  • 호스트는 전체 가격의 15 %의 취소 요금을 지불해야합니다. 만약 호스트가 체크인 8일 전 미만 전에 예약을 취소하면, 취소 수수료가 총 가격의 50 %로 상승하게 됩니다. 그리고 취소 수수료는 호스트의 다음 예약에서 공제됩니다

6. 특별한 취소의 경우

6.1. 사별

도착 7일 전과 24시간 전 가족 중 사별(어머니, 아버지, 남편 / 아내, 자매, 형제, 자식) 의 경우, 게스트는 총 금액을 돌려받게 됩니다. 호스트는 숙소 금액을 청구할 수 없으며, 취소 수수료는 발생되지 않습니다. 체크인 24시간 미만의 경우, 게스트는 총 금액의 75% 그리고 호스트는 25%를 받게 됩니다. 취소 수수료는 발생되지 않습니다. 사망 증명서는 증거로 필요합니다.

6.2. 자연 재해 및 기타 예기치 못한 사건

자연 재해 (눈사태, 눈보라, 사이클론, 허리케인, 지진, 홍수, 산사태, 번개), 전쟁, 테러나 핵 사고의 경우 호스트의 예약 이행을 불가능하게 합니다. 이 경우 게스트는 총 금액의 75% 그리고 호스트는 25%를 돌려받게 됩니다. 취소 수수료는 발생되지 않습니다. 이것은 또한, 숙소를 도달 할 수 있는 방법이 손상되어, 숙박시설에 도달 할 수 없는 경우 또한 적용됩니다.

개인보호

Privacy Policy of Wimdu GmbH (“Wimdu”)

1. Name and address of the controller

The controller pursuant to the General Data Protection Regulation and other national data protection laws of Member States as well as other legal data protection regulations is:

Wimdu GmbH

Voltastr. 5

13355 Berlin

Germany

Email: contact@wimdu.com

Website: www.wimdu.com

Contact Data Protection Officer

Data Protection Officer at Wimdu GmbH

Email: datenschutz@wimdu.com

2. General provisions for data processing

1. Scope of personal data processing

Protecting your privacy is very important to us. As far as we collect, process or use personal information about you as part of the services we provide, we do so in accordance with the relevant German and European data protection laws.

In principle, we collect and use the personal data of our users only to the extent necessary to provide a functional website, our content and services. The collection and use of the personal data of our users take place regularly only with the user’s consent. An exception applies to cases in which prior consent cannot be obtained for reasons of fact and the processing of the data is permitted by law.

2. Legal basis for personal data processing

Insofar as we obtain the consent of the data subject for processing personal data, point (a) of Art. 6(1) EU General Data Protection Regulation (GDPR) serves as the legal basis.

For the processing of personal data necessary for the conclusion and the performance of a contract to which the data subject is a party, point (b) of Article 6(1) GDPR serves as the legal basis. This also applies to processing operations required in order to take steps prior to entering into a contract.

Insofar as the processing of personal data is necessary for compliance with a legal obligation to which our company is subject, point (c) of Article 6(1) GDPR serves as the legal basis.

If the processing of personal data is necessary in order to protect the vital interests of the data subject or of another natural person, point (d) of Article 6(1) GDPR serves as the legal basis.

If the processing is necessary for the purposes of the legitimate interests pursued by our company or by a third party, and if the interests or fundamental rights and freedoms of the data subject do not override the first-mentioned interests, point (f) of Article 6(1) GDPR serves as the legal basis for processing.

3. Data erasure and storage period

The personal data of the data subject shall be erased or blocked as soon as the purpose of the storage ceases to apply. In addition, data storage may take place if provided for by the European or national legislator in EU regulations, laws or other provisions to which the controller is subject. Blocking or erasure of data also takes place when a storage period prescribed by the aforementioned standards expires, unless there is a need for further storage of data for the conclusion or performance of a contract.

4. Transfer of personal data to third parties

We may disclose your personal data to third parties where necessary and in compliance with local laws and regulations, in particular to the following categories of persons:

  • Affiliated companies
  • External service providers performing services on our behalf
  • Providers of outsourced IT services with whom we cooperate

Data are passed on to complete your booking, enable payments for bookings, send marketing material or for analytical support services.

3. Provision of the website and log file creation

1. Description and scope of data processing

Each time our website is visited, our system automatically collects data and information from the computer system of the requesting computer.

The following data are collected in this context:

  1. Information about the browser type and browser version used
  2. The operating system of the user
  3. The internet service provider of the user
  4. The IP address of the user
  5. The time and date of the visit
  6. Websites from which the system of the user accesses our website
  7. Websites which are accessed by the system of the user through our website

The data are also stored in the log files of our system. These data are not stored together with other personal data of the user.

If you are using a mobile device, we also collect device-specific settings and location data. This data will be stored whether or not you are registered with Wimdu or have logged into your Wimdu user account.

2. Legal basis for data processing

Point (f) of Article 6(1) GDPR is the legal basis for the temporary storage of data and log files.

3. Purpose of data processing

When you access our platform, for example, to search for accommodation, post listings, make bookings, accept booking requests, pay for accommodation, post comments or reviews, or communicate with other users or Wimdu, we may store information such as your IP address, the time and date of your visit, how you are using our platform, your browser type and information about your computer’s operating system as well as the pages you have visited and your original website.

The system needs to temporarily store the IP address to be able to deliver the website to the user’s computer. Therefore, the user’s IP address must be stored for the duration of the session.

Data are stored in log files to ensure the functionality of the website. In addition, the data are used to optimise our website and to ensure the security of our information technology systems. In this context, the data are not evaluated for marketing purposes.

For these purposes, we have a legitimate interest in processing the data pursuant to point (f) of Article 6(1) GDPR.

4. Period of storage

The data shall be erased as soon as they are no longer required to achieve the purpose of their collection. For data collected to provide the website, this is the case once the respective session is finished.

For data stored in log files, this is the case after 60 days at the latest. The data may be stored beyond this period. In this case, user IP addresses will be erased or modified to render impossible later assignment of the requesting client.

5. Possibility of objection and erasure

The collection of data for the provision of the website and the storage of data in log files is essential for the operation of the website. Consequently, the user has no possibility to object.

4. Registration

1. Description and scope of data processing

On our website, we offer users the possibility to register by providing their personal data and to create a user account. The data entered into the input mask will be transferred to us and stored by us. During the registration process, we collect the following personal data:

  • Name
  • Postal address (including invoice address), if required
  • Phone number, if required
  • Email address
  • Profile picture, if required
  • Information regarding social network accounts
  • Location and travel information and preferences such as your favourite holiday destination, dates and number of people/children travelling with you
  • Communication via our messaging system, if required
  • Driving licence, official ID card or passport, if required
  • Bank details (payments to the host), if required
  • IP address and derived localisation data (country/city of origin)
  • Date and time of your visit to our website
2. Legal basis for data processing

Points (a) of Article 6(1) and (b) Article 6(1) GDPR are the legal basis for the processing of data.

3. Purpose of data processing

User registration is required to make certain content and services available on our website.

In addition, you can create a personal user account on our website. This allows you to save your personal settings, to post a listing or make a booking.

Wimdu requires your email address, a freely chosen password, a form of address, first name and surname, address, date of birth and payment details to set up an account. The given email address serves as access identification for your user account. After successful registration, you will automatically receive a confirmation email. You can update your personal data in the settings of your user account at any time.

4. Period of storage

The data shall be erased as soon as they are no longer required to achieve the purpose of their collection.

This is the case for data collected during the registration process if the registration on our website is cancelled or modified.

In addition, this is the case if the data are no longer required for the performance of the mediation contract.

5. Possibility of objection and erasure

As a user you have the possibility to cancel your registration at any time. You may have all stored data concerning yourself modified at any time.

For the cancellation of your user account, please send your request to our Customer Support Team. You may contact Wimdu via our contact form or via email to datenschutz@wimdu.com. An employee of our support team will then cancel your account.

If the data are required for the performance of a contract or in order to take steps prior to entering into a contract, premature erasure is only possible if the erasure does not conflict with contractual or statutory obligations.

5. Use of cookies

1. Description and scope of data processing

Wimdu uses cookies on the website. Cookies are small text files that are stored in the cache of your browser to enable later recognition.

We use ‘persistent’ cookies. They remain on the user's computer to simplify personalisation and registration services the next time our site is visited. Cookies can, for example, store what the user has selected. The user can manually remove the cookies at any time.

We also use ‘session’ cookies. These do not remain on the user’s computer. Once the user leaves the site, these temporary cookies are deleted.

We use cookies to make our site easier to use. By collecting the information, we can analyse the usage patterns and structures of the site. In this way we can continuously improve our services, for example, the content, personalisation and simplicity of the site.

The following data are stored and transmitted through cookies:

  • Language settings
  • Currency settings
  • Login information
2. Legal basis for data processing

Point (f) of Article 6(1) GDPR is the legal basis for the processing of personal data using technically required cookies.

3. Purpose of data processing

Technically required cookies are used for the purpose of making the site easier to use. Without the use of cookies, some features on our website cannot be offered. For these, the browser needs to be recognised also after switching to another site.

We require cookies for the following applications:

  • Storing language and currency settings
  • Remembering search terms

User data collected through technically required cookies are not used to create user profiles.

The purpose of using analysis cookies is to help improve the quality and content of our website. Analysis cookies show us how the website is used and help us to continuously optimise our offers.

4. Period of Storage, possibility of objection and erasure

Cookies are stored on the user’s computer and transmitted from there to our site. As a user, you thus have full control over the use of cookies. By changing the settings in your browser, you can deactivate or restrict the transmission of cookies. Cookies already stored can be erased at any time. This can also be done automatically. Deactivating cookies for our website may result in not being able to make full use of all the features on our website anymore. Moreover, this can lead to restrictions in the usability of our website. To opt out of third-party providers’ interest-based advertising, simply check the box that corresponds to the respective company on www.youronlinechoices.com.

6. Web analytics and tracking

By means of so-called ‘tracking tools’ used on the website, data are collected and stored for marketing and optimisation purposes. The user can object to future data collection and storage at any time.

1. Scope of personal data processing

On our website we use the following web analytics and tracking tools:

  • Google Analytics
  • Google Adwords
  • Webtrekk
  • New Relic
  • Hotjar
2. Legal basis for personal data processing

Point (f) of Article 6(1) GDPR is the legal basis for the processing of personal user data.

3. Purpose of data processing

The processing of personal user data allows us to analyse the browsing behaviour of our users. The evaluation of collected data enables us to gather information on the use of each individual component of our website. This helps us to continuously improve our website and make it easier to use. For this purpose, we have a legitimate interest in processing the data pursuant to point (f) of Article 6(1) GDPR. By anonymising the IP address, the users’ interest of personal data protection is sufficiently complied with. In detail, we use the web analytics and tracking tools as follows:

Google Analytics

Our website uses Google Analytics, a web analytics service provided by Google, Inc. (“Google”). Google Analytics uses cookies. The information generated by the cookie concerning your use of the website is usually transmitted to and stored by Google on servers in the United States. In case of activation of the IP anonymization on this website, Google will truncate your IP address for member states of the European Union as well as for other parties of the Agreement on the European Economic Area.

Only in exceptional cases is the full IP address sent to and shortened by a Google server in the United States. On behalf of Wimdu, Google will use this information to evaluate your use of our website, for compiling reports on website activity and providing other services relating to website activity and internet usage to Wimdu. The IP address, transmitted by your browser through Google Analytics, will not be merged with any other data stored by Google.

You can prevent Google’s collection of data generated by cookies relating to your use of the website (including your IP address) and the processing of these data by Google by downloading and installing the browser plug-in available under https://tools.google.com/dlpage/gaoptout?hl=en-GB..

Google AdWords

We also use the online advertising programme Google AdWords and conversion tracking, which is part of Google AdWords. Google Conversion Tracking is an analytics service provided by Google Inc. (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; “Google”). When you click on an advert displayed by Google, a cookie for conversion tracking is stored on your computer. These cookies expire after 30 days, do not contain any personal data and are therefore not used for personal identification.

If you visit certain pages of our website and the cookie has not yet expired, we and Google will be able to see that you clicked on the advert and were brought to this page. Every Google AdWords customer receives a different cookie. This ensures that cookies cannot be tracked on the websites of AdWords customers.

The information collected by means of the conversion cookie is used to compile conversion statistics for AdWords customers who have opted for conversion tracking. These statistics show the customer the total number of users who have clicked on their advert, and which of those customers were redirected to a page equipped with a conversion tracking tag. However, they do not contain any information that can be used to personally identify users.

Webtrekk

For the statistical evaluation of our websites, we use technology from Webtrekk GmbH, Boxhagener Str. 76-78, 10245 Berlin (www.webtrekk.de). We use Webtrekk services to collect data on the use of our website. This data is used to permanently improve and optimise our offers thus making them more interesting for you.

When using our website, information transmitted by your browser is collected and analysed. This is accomplished by cookie technology and the so-called pixels which are included on each web page. The following data is collected in this context: request (file name of the requested file), browser type/version, browser language, operating system used, internal resolution of the browser window, screen resolution, JavaScript enabling, Java on/off, cookies on/off, colour depth, referrer URL, IP address (collected anonymously and deleted immediately after use), time of access, clicks, anonymised form content (for example, if a phone number has been specified or not).

A direct personal reference is excluded at all times. The data thus collected is used to generate anonymous usage profiles, which form the basis for web statistics. The data collected using Webtrekk technology is not used to identify website visitors personally, without their specific consent, and is not merged with the personal data of the bearer of the pseudonym.

New Relic

We use the plugin New Relic, which enables us to statistically analyse the speed of the web page. This service is operated by New Relic, Inc., 188 Spear Street, Suite 1200 San Francisco, CA 94105, USA (“New Relic”).

When a user visits a web page which contains such a plugin, their browser builds a direct connection to the servers of New Relic. Therefore, the provider has no influence on the scope of data collected by New Relic and informs the user according to its current information.

By integrating the plugin, New Relic receives the information that a user has accessed the corresponding page of the offer. If the user is logged in at New Relic, New Relic may assign their visit to their account at New Relic. If a user is not a member of New Relic, there is still the possibility that New Relic will detect and save their IP address.

The purpose and scope of data collection and the further processing and use of data by New Relic, as well as the corresponding rights and settings to protect the privacy of users, can be found in New Relic’s privacy policy under: https://newrelic.com/privacy.

Hotjar

We use the software Hotjar to improve user experience on our web pages. Hotjar helps us to measure and evaluate the user’s behaviour (mouse movements, clicks, scroll height, etc.) on our web pages. For this purpose, Hotjar uses cookies on the user’s devices and it can store user data such as browser information, operating system, time spent on the website, etc.

4. Period of storage

The data shall be erased as soon as they are no longer required for our tracking purposes.

5. Possibility of objection and erasure

Cookies are stored on the user’s computer and transmitted from there to our site. As a user you thus have full control over the use of cookies. By changing the settings in your browser you can deactivate or restrict cookie transmission. Cookies already stored can be erased at any time. This can also be done automatically. Deactivating cookies for our website may result in not being able to make full use of all the features on our website anymore.

Google Analytics:

You can prevent Google’s collection of data generated by cookies relating to your use of the website (including your IP address) and the processing of these data by Google by downloading and installing the browser plug-in available under https://tools.google.com/dlpage/gaoptout?hl=en-GB. Furthermore, you have the possibility to deactivate Google’s collection of website usage data. To do so, please click the following link. By providing confirmation via this link, an opt-out cookie is set on your data carrier. Please note that, when deleting all cookies on your computer, this opt-out cookie is also deleted. If you want to continue to object anonymised data collection by Google, you must set the opt-out cookie again. The opt-out cookie is set per browser and computer. If you visit our web pages from different devices or using different browsers, you must enable the opt-out cookie on each of the different browsers or computers.

Google Adwords:

If you do not want to participate in tracking, you can object to this usage by preventing the installation of cookies by selecting the appropriate setting in your browser software (deactivation option). By doing so, you will not be included in the conversion tracking statistics. For additional information and Google’s privacy policy, please visit http://www.google.com/policies/technologies/ads/, http://www.google.com/policies/privacy/.

Webtrekk:

The collection and storage of data by Webtrekk can be objected to at any time with future effect. To do so, please click the following link. By providing confirmation via this link, a so-called opt-out cookie is set on your data carrier. The validity period of this cookie is 5 years. Please note that, when deleting all cookies on your computer, this opt-out-cookie is also deleted. If you want to continue to object anonymised data collection by Webtrekk, you must set the opt-out cookie again. The opt-out cookie is set per browser and computer. If you visit our web pages from different devices or using different browsers, you must enable the opt-out cookie on each of the different browsers or computers.

New Relic:

If a user is a member of New Relic and does not want New Relic to collect data about them through this offer and associate them with their membership data saved at New Relic, the user must log out of New Relic before visiting the website.

Hotjar:

For more information about data processing by Hotjar, please click here: https://www.hotjar.com/privacy.

7. Re-targeting

1. Scope of personal data processing

Our website uses so called re-targeting technology. We use the following technologies:

  • Goolge Analytics
  • Criteo GmbH
  • Web beacons/pixels
2. Legal basis for personal data processing

Point (f) of Article 6(1) GDPR is the legal basis for the processing of personal user data.

3. Purpose of data processing

We use these technologies to make our internet offers more appealing to you. This technology allows us to address internet users who are already interested in our offers via advertising on the websites of our partners. For this purpose, we have a legitimate interest in processing the data pursuant to point (f) of Article 6(1) GDPR. The anonymisation of the IP address sufficiently takes into account the interest of users in their protection of personal data. In detail, we use the technologies as follows:

Criteo GmbH

We use tracking technology from Criteo GmbH on our website. This technology allows us to address internet users who have visited our website via targeted product recommendations in the form of advertising banners on the websites of our partners. Such advertising banners are displayed on our partners’ sites based on cookies and an analysis of your previous user behaviour. This analysis is conducted anonymously; no usage profiles are merged with your real name.

Web beacons/pixels

We may also use pixels. A pixel is a tiny graphic that is only one pixel in size and is sent to your computer either via a web page request or in an HTML email format. These pixels are used either directly or by third parties as a part of online advertising on our website or third-party websites. This enables us to learn whether a customer viewing the advertisement actually makes a booking. In addition, this makes it possible to track conversion through partner websites and to analyse the traffic patterns of users on the website in order to optimise our offers for you.

4. Period of storage

The data shall be erased as soon as they are no longer required for our tracking purposes.

5. Possibility of objection and erasure

By changing the settings in your internet browser you can deactivate or restrict cookie transmission. This can also be done automatically. Deactivating cookies for our website may result in not being able to make full use of all the features on our website anymore.

Criteo GmbH

You may object to the collection of data by Criteo GmbH at any time under the following link: https://criteo.com/privacy.

8. Social plugins (Facebook Connect, Google Sign-In)

1. Scope of personal data processing

Facebook Connect is a service provided by Facebook, Inc. The use of Facebook Connect is subject to the privacy policy and terms of use of Facebook.

Google Sign-In is a service provided by Google LLC. The use of Google Sign-In is subject to the privacy policy and terms of use of Google.

When using Facebook Connect, data available to the public and data from your Facebook profile published on Facebook are transmitted to our website. When using Google Sign-In, data available to the public and data from your Google profile are transmitted to our website. Conversely, data from our website or the Wimdu app can also be transmitted to your Facebook or Google profile.

2. Legal basis for the processing of personal data

Point (a) of Article 6(1) GDPR is the legal basis for the processing of personal user data.

3. Purpose of data processing

Your transmitted data is stored and processed by Wimdu for the purpose of registration on our platform. By registering on our platform via Facebook Connect or Google Sign-In, you agree to the transfer of data from your Facebook or Google profile to Wimdu, and the transfer of data from Wimdu to Facebook or Google.

4. Period of storage

The data shall be erased as soon as they are no longer required for our tracking purposes. The data are thus stored for as long as the user needs the data for registration / login.

5. Possibility of objection and erasure

The user can terminate the user account at any time.

9. Contact form

1. Description and scope of data processing

You can contact Wimdu directly using the contact form provided in the imprint. If a user makes use of this option, the data entered into the input mask will be transferred to us and stored by us. This relates to the following data:

  • Email address
  • Phone number, if required
  • Offer number, if required
  • Entered text/request
  • Added attachments

At the time the message is sent, the following data are also stored:

  • IP address of the user
  • Date and time of registration

For the processing of data, your consent will be obtained during the sending process and reference is made to this privacy policy.

Alternatively, you can also contact us under the following email address: contact@wimdu.com. In this case, the personal user data transferred through the email are stored.

In this context, no data is disclosed to third parties. The data will be used strictly for the purpose of processing the conversation.

2. Legal basis for data processing

Point (a) of Article 6(1) GDPR is the legal basis for the processing of data, provided that the user has given consent.

Point (f) of Article 6(1) GDPR is the legal basis for the processing of data transferred when sending an email. If the email contact is aimed at concluding a contract, point (b) of Article 6(1) GDPR is an additional legal basis for the processing.

3. Purpose of data processing

Wimdu collects, processes and uses information provided by you via the contact form only for the purpose of processing your request. If contact was established via email, a legitimate interest to process data is given for this purpose.

Other personal data processed during the sending process are used to prevent misuse of the contact form and to ensure the security of our information technology systems.

4. Period of storage

The data shall be erased as soon as they are no longer required to achieve the purpose of their collection. For personal data from the input mask of the contact form and for personal data transferred via email this is the case as soon as the respective conversation with the user is finished. The conversation is finished when it can be inferred from the circumstances that the issue concerned was resolved.

The personal data additionally collected during the sending process shall be erased after a period of 60 days at the latest.

5. Possibility of objection and erasure

The user can at any time revoke their consent to the processing of personal data. If a user contacts us via email, they can at any time object to the storage of their personal data. In this case, the conversation cannot be continued.

The user may revoke their consent to the processing of personal data and object to the storage of personal data at any time with effect for the future free of charge under datenschutz@wimdu.com or by written notice to Wimdu GmbH, attn. Data Protection Officer, Voltastraße 5, 13355 Berlin.

All personal data stored in connection with contacting shall be erased in this case.

10. Newsletter

1. Description and scope of data processing

It is possible to subscribe to a free newsletter on our website. When registering for the newsletter, the data from the input mask is transferred to us.

In connection with the processing of data for sending newsletters, no data is disclosed to third parties. The data will be used strictly for the purpose of sending the newsletter.

2. Legal basis for data processing

Point (a) of Article 6(1) GDPR is the legal basis for the processing of data after the user has registered for the newsletter, provided that the user has given consent.

3. Purpose of data processing

Wimdu uses the email address used to create your user account to send you information about general promotions and offers from Wimdu via email, provided that you have agreed to receive the newsletter. Wimdu may personalise the newsletter content in a way that it contains information Wimdu considers to be of particular interest to you. For such a personalisation of information, Wimdu considers your booking history, i.e. past bookings and offers previously viewed on the website.

4. Period of storage

The data shall be erased as soon as they are no longer required to achieve the purpose of their collection. The user’s email address will be stored for as long as the subscription to the newsletter is active.

5. Possibility of objection and erasure

You can manage your settings for the Wimdu newsletter within your user account. You can also opt-out of receiving the newsletter in your user account or by using the contact form. Additionally, a link to unsubscribe is included in every newsletter.

11. Rights of the data subject

If personal data relating to you are processed, you are referred to as data subject as laid down in the GDPR and you shall be entitled to the following rights against the controller:

    1. Right of access

    You have the right to free information about your saved personal data.

    You have the right to obtain from the controller confirmation as to whether or not personal data concerning you are being processed by us.

    If that is the case, you can request access to the following information from the controller:

    1. the purposes for which the personal data are processed;
    2. the categories of personal data concerned;
    3. the recipients or categories of recipients to whom personal data concerning you have been or will be disclosed;
    4. the envisaged period for which personal data concerning you will be stored, or, if no concrete data are available, the criteria used to determine that period;
    5. the existence of the right to request from the controller rectification or erasure of personal data concerning you, a right to the restriction of processing of personal data by the controller or a right to object to such processing;
    6. the right to lodge a complaint with a supervisory authority;
    7. any available information regarding the source of the data, where the personal data are not collected from the data subject;
    8. the existence of automated decision-making, including profiling, referred to in Article 22(1) and (4) GDPR and, at least in those cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject.

    You have the right to request information as to whether personal data concerning you are transferred to a third country or to an international organisation. In this context, you have the right to be informed of the appropriate safeguards pursuant to Article 46 GDPR relating to the transfer.

    2. Right to rectification

    We take reasonable steps to ensure that saved personal data are accurate. It is your responsibility to ensure that the information transferred to us is accurate, complete and free from errors, and to inform us in due time of any changes to the information provided.

    You have the right to obtain from the controller the rectification and/or completion of inaccurate or incomplete personal data concerning you. Rectification shall be effected by the controller without undue delay.

    3. Right to restriction of processing

    You have the right to obtain restriction of processing personal data concerning you under the following conditions:

    1. if you contest the accuracy of personal data concerning you for a period enabling the controller to verify the accuracy of the personal data;
    2. if the processing is unlawful and you oppose the erasure of the personal data and request the restriction of their use instead;
    3. If the controller no longer needs the personal data for the purposes of the processing, but you require them for the establishment, exercise or defence of legal claims, or
    4. if you objected to processing pursuant to Article 21(1) GDPR pending the verification whether the legitimate grounds of the controller override yours.

    Where the processing of personal data concerning you have been restricted, such personal data shall, with the exception of storage, only be processed with your consent or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the Union or of a Member State.

    If the processing was restricted pursuant to the above mentioned conditions, you shall be informed by the controller before the restriction of processing is lifted.

    4. Right to erasure

    Under certain conditions you can request the erasure of personal data saved by us. This does not include data which need to be stored by Wimdu for reasons of public interest.

    a) Obligation to erase

    You have the right to obtain from the controller the erasure of personal data concerning you without undue delay and the controller shall have the obligation to erase such data without undue delay where one of the following grounds applies:

    1. The personal data concerning you are no longer necessary in relation to the purposes for which they were collected or otherwise processed.
    2. You withdraw consent on which the processing was based according to point (a) of Article 6(1) or point (a) of Article 9(2) GDPR, and there is no other legal ground for the processing.
    3. You object to the processing pursuant to Article 21(1) GDPR and there are no overriding legitimate grounds for the processing, or you object to the processing pursuant to Article 21(2) GDPR.
    4. The personal data concerning you have been unlawfully processed.
    5. It is necessary to erase the personal data concerning you for compliance with a legal obligation in Union or Member State law to which the controller is subject.
    6. The personal data concerning you have been collected in relation to the offer of information society services referred to in Article 8(1) GDPR.
    b) Information to third parties

    Where the controller has made the personal data concerning you public and is obliged pursuant to Article 17(1) GDPR to erase the personal data, the controller, taking account of available technology and the cost of implementation, shall take reasonable steps, including technical measures, to inform controllers which are processing the personal data that you, as the data subject, have requested the erasure by such controllers of any links to, or copy or replication of, those personal data.

    c) Exceptions

    The right to erasure shall not apply to the extent that processing is necessary:

    1. for exercising the right of freedom of expression and information;
    2. for compliance with a legal obligation which requires processing by Union or Member State law to which the controller is subject or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
    3. for reasons of public interest in the area of public health in accordance with points (h) and (i) of Article 9(2) as well as Article 9(3) GDPR;
    4. for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes in accordance with Article 89(1) GDPR in so far as the right referred to in paragraph 1 is likely to render impossible or seriously impair the achievement of the objectives of that processing, or
    5. for the establishment, exercise or defence of legal claims.
    5. Right to information

    If you exercised the right to rectification, erasure or restriction of processing against the controller, the controller is obliged to communicate any rectification or erasure of personal data or restriction of processing to each recipient to whom the personal data concerning you have been disclosed, unless this proves impossible or involves disproportionate effort.

    You have the right to be informed by the controller about those recipients.

    6. Right to data portability

    You have the right to receive the personal data concerning you, which you have provided to a controller, in a structured, commonly used and machine-readable format. Furthermore, you have the right to transmit those data to another controller without hindrance from the controller to which the personal data have been provided, where:

    1. the processing is based on consent pursuant to point (a) of Article 6(1) GDPR or point (a) of Article 9(2) GDPR or on a contract pursuant to point (b) of Article 6(1) GDPR; and
    2. the processing is carried out by automated means.

    In exercising this right, you also have the right to have the personal data concerning you transmitted directly from one controller to another, where technically feasible. This shall not adversely affect the rights and freedoms of others.

    The right to data portability shall not apply to processing personal data necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.

    7. Right to object

    You have the right to object, on grounds relating to your particular situation, at any time to the processing of personal data concerning you which is based on point (e) or (f) of Article 6(1) GDPR, including profiling based on those provisions.

    The controller shall no longer process the personal data concerning you unless the controller demonstrates compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims.

    Where personal data concerning you are processed for direct marketing purposes, you have the right to object at any time to the processing of personal data concerning you for such marketing, which includes profiling to the extent that it is related to such direct marketing.

    Where you object to processing for direct marketing purposes, the personal data concerning you shall no longer be processed for such purposes.

    In the context of the use of information society services, and notwithstanding Directive 2002/58/EC, you may exercise your right to object by automated means using technical specifications.

    8. Revocation of consent

    You may revoke your consent to the collection, processing and use of data at any time with effect for the future free of charge under datenschutz@wimdu.com or via written notice to Wimdu GmbH, attn. Data Protection Officer, Voltastraße 5, 13355 Berlin. The lawfulness of processing based on consent before its withdrawal shall not be affected by the withdrawal of consent.

    9. Automated individual decision-making, including profiling

    You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you. This shall not apply if the decision:

    1. is necessary for entering into, or the performance of, a contract between yourself and a data controller;
    2. is authorised by Union or Member State law to which the controller is subject and which also lays down suitable measures to safeguard your rights and freedoms and legitimate interests, or
    3. is based on your explicit consent.

    However, such decisions shall not be based on special categories of personal data referred to in Article 9(1) GDPR, unless point (a) or (g) of Article 9(2) GDPR applies and suitable measures to safeguard your rights and freedoms and legitimate interests are in place.

    In the cases referred to in points (1) and (3), the data controller shall implement suitable measures to safeguard your rights and freedoms and legitimate interests, at least the right to obtain human intervention on the part of the controller, to express your point of view and to contest the decision.

    10. Right to lodge a complaint with a supervisory authority

    Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement if you consider that the processing of personal data relating to yourself infringes the GDPR.

    The supervisory authority with which the complaint has been lodged shall inform the complainant on the progress and the outcome of the complaint including the possibility of a judicial remedy pursuant to Article 78 GDPR.

For further questions on our privacy policy and the processing of personal data, please contact us under datenschutz@wimdu.com. You may also reach us using the contact details provided in the imprint.