Privacy policy
We are pleased that you are visiting our website and thank you for your interest in Dinosaurier-Park Münchehagen GmbH & Co. KG and the corresponding services.
In the following we inform you about the collection of personal data when using our website. Personal data is all data that can be related to you personally, e.g. name, address, e-mail addresses, user behaviour.
Controller responsible for data processing
The controller pursuant to Article 4(7) of the General Data Protection Regulation (GDPR) is Dinosaurier-Park Münchehagen GmbH & Co. KG, see our legal notice.
Authorised service providers:
The general provision and maintenance of our websites and e-mail systems is carried out with the support of IT service providers who work on our behalf and may therefore also be able to view (receive) your data to the extent necessary.
Data protection officer
Our external data protection officer:
Althammer & Kill GmbH & Co. KG
E-mail: kontakt-dsb@ak-datenschutz.de
Collection and use of your data
The scope and nature of the collection and use of your personal data differs depending on whether you visit our website only to retrieve information or to make use of any services offered by us.
If we use other (IT) service providers for individual functions of our website or would like to use your data for advertising purposes, we will inform you in detail below about the respective processes (all data processing). We will also state the specified criteria for the storage period and the applicable legal basis for data processing.
Informational use
For the informational use of our websites, we only collect the personal data that your browser automatically transmits to us, such as:
- IP address
- Date and time of the enquiry
- Time zone difference to Greenwich Mean Time (GMT)
- Content of the request (specific page)
- the amount of data transferred and the access status (file transferred, file not found, etc.)
- Website from which the request originates
- Browser type / version / language
- Operating system and its interface
- Language and version of your browser.
Storage duration:
The storage period for this data (logs) is 30 days.
Legal basis(s) for data processing:
The above-mentioned data is technically necessary to display our websites to you and to ensure stability and security in accordance with Art. 6 para. 1 lit. f) GDPR.
Enquiries by email, post or telephone
If you contact us by e-mail, post or telephone, your enquiry and the personal data contained therein will be processed by the persons authorised to do so for the purpose of processing your enquiry.
Storage period:
We process and store the data until the purpose of the processing has been fulfilled and statutory retention obligations (generally 10 years retention period) do not prevent this or you have effectively objected to the processing.
Legal basis for data processing:
Your data is processed on the basis of Art. 6 para. 1 lit. b) GDPR if your enquiry is related to the fulfilment of a contract or the implementation of pre-contractual measures. In all other cases, the processing is carried out on the basis of Art. 6 para. 1 lit. f) GDPR, as we have a legitimate interest in processing enquiries.
Webshop
Use of cookies
We use cookies for our websites. Cookies are small text files that are sent from our web server to your browser when you visit our website and are stored on your computer for later retrieval. They are used to make the website more user-friendly and effective overall.
Cookies can basically be divided into two categories:
Transient cookies are automatically deleted when you close the browser. These include session cookies in particular. These store a so-called session ID, with which various requests from your browser can be assigned to the joint session. This allows your computer to be recognised when you return to the website. The session cookies are deleted when you log out or close the browser.
Persistent cookies are automatically deleted after a specified period, which may vary depending on the cookie. You can delete cookies at any time in the security settings of your browser.
We use the Consent Manager so that you can decide whether to consent to cookies that require your consent. You can view the cookies we use, including their function, assignment and storage duration, in our Consent Manager.
Regardless of your choice in the Consent Manager, you can configure your browser settings according to your wishes and, for example, refuse to accept third-party cookies or all cookies. However, we would like to point out that you may then not be able to use all the functions of this website.
Web analysis
We do not use any analytical tools.
Integrated services
We use the following external services in our own interest to design our websites and provide additional functions.
All services can be deactivated by using special plug-ins for your browser or, more specifically, the necessary connection to the corresponding servers can be prevented. Please note, however, that the use of such tools may be associated with a loss of familiar everyday convenience, as many things will no longer function as you would normally expect.
BootstrapCDN (MaxCDN)
We use Bootstrap technology on our websites for a modern design and presentation of the content offered on different end devices. To increase the loading speed of our websites, we use the BootstrapCDN (Content Delivery Network) from MaxCDN to deliver so-called libraries (collections of technical instructions) to your browser. It is very likely that you have already downloaded one of these libraries from BootstrapCDN by visiting another website. In this case, your browser can access the copy stored in the cache. If your browser has not saved a copy in the cache or has downloaded the file from BootstrapCDN for another reason, your IP address will be transmitted to the provider MaxCDN during the connection to the BootstrapCDN server.
What is a CDN (Wikipedia article)?
Service is provided by:
The provider is StackPath, LLC, 2021 McKinney Avenue, Suite 1100 Dallas, Texas 75201
Further information on data protection at StackPath, LLC. can be found at: https://www.stackpath.com/legal/master-service-agreement/#pp
Storage duration:
See storage duration of the logs under Informational use above in this privacy policy.
Legal basis(s) for data processing:
The service is integrated to optimise our websites in our own interest, pursuant to Art. 6 para. 1 lit. f) GDPR.
Google Maps
We integrate content from Google Maps on our websites in order to show you the location of our company in a simplified manner. This automatically establishes a connection from your browser to the Google Maps server and thus also transmits your IP address. If you are also logged in to Google with an existing user account at the same time as visiting our websites, Google may also be able to associate your visit to our websites with your user behaviour. Google may also send other cookies to your browser. We have no influence on this procedure and do not receive any information from Google about the transmitted content.
Analysis of your user behaviour by Google:
Google stores your data as usage profiles and uses them for the purposes of advertising, market research and/or customised design of its websites. Such an analysis is carried out in particular (even for users who are not logged in) to provide customised advertising and to inform other users of the social network about your activities on our websites.
You have the right to object to the creation of these user profiles, whereby you must contact Google to exercise this right.
This service is provided by:
Further information on data protection at Google Inc. can be found at: https://www.google.com/intl/de/policies/privacy/
Storage period:
See storage duration of the logs under Informational use above in this privacy policy.
Legal basis(s) for data processing:
We use Google Maps on the basis of your consent, pursuant to Art. 6 para. 1 lit. a) GDPR.
For the exceptional cases in which personal data (your IP address) is transferred to the USA, Google relies on the European Standard Contractual Clauses:
https://policies.google.com/privacy/frameworks?hl=de
Social media services
We currently use the following social media services:
Instagram plug-ins
Plugins from the social network Instagram are integrated on our website. The provider is Meta Platforms, Inc, Willow Road 1601, 94025 Menlo Park, CA, USA.
When you visit this website, a direct connection is established between your browser and the Instagram server via the plugin. Instagram thereby receives the information that you have visited this website with your IP address. We would like to point out that, as the provider of the pages, we have no knowledge of the content of the transmitted data or its use by Instagram. If you do not want Instagram to be able to associate your visit to this website with your Instagram user account, please log out of your Instagram user account.
Storage duration:
See storage duration of the logs under Informational use above in this privacy policy.
Legal basis(s) for processing:
The Instagram plugins are used on the basis of your consent in accordance with Art. 6 para. 1 lit. a) GDPR. Consent can be revoked at any time.
Presence on social media platforms
We have an online presence on the social networks and platforms listed below (e.g. fan pages or employer rating portals). These social networks and platforms are operated exclusively by the respective provider, which means that there is a so-called joint responsibility in accordance with Art. 26 GDPR.
When you visit our social media pages, your user data is collected and provided to us by the provider. The exact types of data differ from provider to provider, but generally include the following information:
- Followers: number and stored profiles; information about growth and development over a defined time frame.
- Reach: Number of people who see a specific post; number of interactions with a post. This can be used, for example, to determine which content is better received by the community than others.
- Ad performance: How many people were reached with a post or paid advert and interacted with it?
- Demographics: Average age of visitors, gender, place of residence, language.
As our social media channels are operated by the providers of the respective social network, your personal data may also be used by them, over which we have no influence. This often involves the collection of your IP address, the creation of static analyses and the processing of further information stored in the form of cookies. Sometimes your activities are assigned to a direct profile. This data is often also used to display interest-based advertising within and outside the platforms. As the operator, we have no influence on the generation and display of these adverts and cannot switch off this function or prevent the processing of the data.
We use the social media channels to communicate with customers, interested parties and users and for the purpose of advertising and market research. If you contact us via our social media channels, we process the data that you provide to us as well as the data that is necessary to process the enquiry (Art. 6 para. 1 lit. b GDPR). Further data is processed on the basis of Art. 6 para. 1 lit. f GDPR due to our legitimate interest in direct communication with users and optimising the design of our online presence. If you have given your consent to the operators of the respective social media platforms (e.g. via a checkbox opt-in), the processing is carried out on the basis of Art. 6 para. 1 lit. a GDPR. You can revoke your consent to the provider of the respective platform at any time with effect for the future.
We will delete your collected data once the purpose has been fulfilled.
The assertion of data subject rights and requests for information can be most effectively addressed directly to the providers of the platforms, as only they have access to your data and can take immediate action. If our co-operation is required for this, we will support you in enforcing your data subject rights if necessary.
Below you will find the network providers used. If data is processed outside the EU, we have taken the necessary measures to ensure that the level of data protection is maintained (usually by concluding the EU standard data protection clauses). Further information on the terms of use and data protection of the respective platform as well as a detailed description of further data processing and the respective objection options can be found on the providers’ websites at:
- Facebook (Meta Platforms, Inc., Willow Road 1601, 94025 Menlo Park, CA, USA): com/policies/cookies/ and www.facebook.com/policy.php/
- Opt-out link: com/settings
- Instagram (Meta Platforms, Inc., Willow Road 1601, 94025 Menlo Park, CA, USA): https://privacycenter.instagram.com/policy.
- YouTube (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland): https://policies.google.com/privacy?hl=en&gl=de. Opt-out link: tools.google.com/dlpage/gaoptout or https://www.google.com/account/about/.
Processing of your personal data in countries outside the EU and the EEA (third countries)
Your personal data will not be processed in countries outside the European Union and the European Economic Area, with the exception of the services declared above.
Your rights
You have the following rights vis-à-vis us with regard to your personal data:
- Right of access,
- Right to rectification or erasure,
- Right to restriction of processing,
- Right to data portability.
Right to lodge a complaint with a supervisory authority
You also have the right to complain to a data protection supervisory authority about the processing of your personal data by us. The supervisory authority directly responsible for us is:
The State Commissioner for Data Protection of Lower Saxony, Prinzenstr. 5, 30159 Hanover, https://lfd.niedersachsen.de/startseite/.
Right of objection and cancellation
If you have given your consent to the processing of your data, you can revoke this at any time. Such a revocation affects the permissibility of processing your personal data after you have given it to us.
Insofar as we base the processing of your personal data on the balancing of interests (legal basis is then Art. 6 para. 1 lit. f) GDPR), you can object to the processing. This is the case if, in particular, the processing is not necessary for the fulfilment of a contract with you, which is addressed by us in the explanation of the individual data processing and functions on our websites further up in this privacy policy. When exercising such an objection, we ask you to explain the reasons why we should not process your personal data as we have done. In the event of your justified objection, we will examine the situation and will either discontinue or adapt the data processing or show you our compelling reasons worthy of protection on the basis of which we will continue the processing.
Right to object to direct advertising
Of course, you can object to the processing of your personal data for advertising and data analysis purposes at any time, e.g. even if you receive advertising from us in the form of a newsletter, customer magazine or information material by post as part of a business relationship.
If we use your data in the context of functions of our websites for direct advertising and an associated data analysis, we will inform you about this data processing further above in this data protection declaration, including the possibility of exercising your right of objection by technical means if necessary.
Contact options regarding your rights
You can contact us at any time to exercise your rights. The best way to do this is to use the following email address INFO@DINOPARK.DE
You are also welcome to use one of the contact options in our legal notice or contact our data protection officer directly (contact details above).
Data security
We also use technical and organisational security measures to protect personal data that is generated or collected, in particular against accidental or intentional manipulation, loss, destruction or attack by unauthorised persons. Our security measures are continuously improved in line with technological developments.
The transmission of your personal data is encrypted using SSL technology (https) to prevent access by unauthorised third parties.
Communication by e-mail
Our e-mail systems support encrypted communication using SSL technology (TLS 1.2 incl. PFS). The transmission of your e-mail can therefore always be encrypted. Please note, however, that encryption also depends on the configuration of your e-mail programme and we are therefore unable to guarantee complete data security for the transport route.
For information requiring a high level of confidentiality, we recommend that you send it by post.