This data protection declaration informs users about the nature, scope and purpose of the collection and use of personal data by the responsible provider
Hard Rock Cafe
on this website (hereinafter referred to as the "Offer"). The legal basis for data protection can be found in the General Data Protection Regulation (DSGVO) and the German Telemedia Act (TMG).
Access data/ Server log files
The provider (or its web space provider) collects data about each access to the offer (so-called server log files) for statistical analysis for the purpose of operation, security and optimization of the offer. The access data includes:
- Name of the accessed website
- Date and time of the server request
- browser type and browser version
- operating system used
- IP address and the requesting provider
- Referrer URL (Internet address of the previously visited page)
- Name of the retrieved file and amount of data transferred
- Message whether the retrieval was successful
The provider reserves the right to check the log data subsequently if there is a justified suspicion of unlawful use based on concrete indications.
This data is not merged with other data sources.
The basis for data processing is Art. 6 para. 1 lit. b DSGVO, which permits the processing of data for the fulfillment of a contract or pre-contractual measures.
A complete protection of your data against access by third parties cannot be guaranteed during data transmission on the Internet (e.g. e-mail communication) due to possible security gaps.
Handling of personal data
When using the website, confidential, personal data is collected that may enable personal identification. This includes, for example, name, telephone number, address, as well as all data that you transmit to us during registration, payment processing, execution of a contract and when creating your customer account.
To protect the security of your personal data during transmission, we use SSL encryption (Secure Socket Layer).
Cookies that are required to carry out the electronic communication process or to provide certain functions that you have requested (e.g. shopping cart function) are stored on the basis of Art. 6 (1) lit. f DSGVO. The website operator has a legitimate interest in storing cookies for the technically error-free and optimized provision of its services.
You can manage many online ad cookies from companies via the US site aboutads.info/choices or the EU site youronlinechoices.com/uk/your-ad-choices.
Revoke cookie settings
Integration of third-party services and content
It may happen that third-party content, such as videos from YouTube, maps from Google Maps, RSS feeds or graphics from other websites are integrated within this offer. This always requires that the providers of this content (hereinafter referred to as "third-party providers") perceive the IP address of the user. Without the IP address, they could not send the content to the browser of the respective user. The IP address is thus necessary for the display of this content. We endeavor to use only such content whose respective providers use the IP address only for the delivery of the content. However, we have no influence if the third-party providers store the IP address, e.g. for statistical purposes. Insofar as this is known to us, we inform the users about it.
When contacting the provider (for example, via contact form or e-mail), the user's details are stored for the purpose of processing the request and in the event that follow-up questions arise. This data will not be passed on without your consent.
The processing of your data, which you transmit when contacting us, is based on your consent (Art. 6 para. 1 lit. a DSGVO). Your consent can be revoked at any time. The legality of the data processing operations carried out until the revocation remains unaffected by the revocation.
As long as no request for data deletion is made, the consent for storage is revoked or the purpose for data storage no longer applies, the data transmitted when contacting us will remain with us. Legal retention periods remain unaffected.
We use "Google reCAPTCHA" (hereinafter "reCAPTCHA") on this website. The provider is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.
The purpose of reCAPTCHA is to verify whether data entry on this website (e.g. in a contact form) is made by a human or by an automated program. For this purpose, reCAPTCHA analyzes the behavior of the website visitor based on various characteristics. This analysis begins automatically as soon as the website visitor enters the website. For the analysis, reCAPTCHA evaluates various information (e.g. IP address, time spent by the website visitor on the website or mouse movements made by the user). The data collected during the analysis is forwarded to Google.
The reCAPTCHA analyses run entirely in the background. Website visitors are not notified that an analysis is taking place.
The data entered during registration will be used exclusively for order processing. The collected data can be seen from the input mask within the registration.
For important changes, for example, in the scope of the offer or for technically necessary changes, we use the e-mail address provided during registration to inform you in this way. The processing of the data entered, which is necessary for registration, is based on your consent (Art. 6 para. 1 lit. a DSGVO). Your consent can be revoked at any time. The legality of the data processing operations carried out until the revocation remains unaffected by the revocation.
Your registration data will remain stored by us as long as no request for data deletion is made or consent to storage is revoked. Legal retention periods remain unaffected.
Data transmission upon conclusion of the contract (voucher order)
We transmit personal data to third parties only if this is necessary in the context of the contract, for example, to the payment platform commissioned with the payment processing, the service provider for the processing of the postal dispatch and to the service provider commissioned with the voucher processing.
A further transmission of the data does not take place or only if you have expressly consented to the transmission. Your data will not be passed on to third parties without your express consent, for example for advertising purposes. The basis for data processing is Art. 6 para. 1 lit. b DSGVO, which permits the processing of data for the fulfillment of a contract or pre-contractual measures.
Data transfer to shipping companies
For the fulfillment of the contract, we pass on your data (title, name, company, billing address, shipping address, photo and dedication) when sending the voucher by mail to the shipping company commissioned with the creation and delivery:
Voucher dispatch by mail
A&M Service GmbH Hinter dem Entenpfuhl 13/15 65604 Elz Deutschland
Data transfer to payment providers
The transfer of your data takes place exclusively via secure SSL encryption to the payment provider selected by you in the ordering process for the purpose of payment processing.
The transfer of your data to the payment provider is based on Art. 6 para. 1 lit. a DSGVO (consent) and Art. 6 para. 1 lit. b DSGVO (processing for the performance of a contract). You have the option to revoke your consent to data processing at any time. A revocation does not affect the validity of past data processing operations.
Payment by Visa, Mastercard and American Express
If you choose to pay by credit card, the payment will be processed by the payment provider "Stripe". The data required for this (card number, validity and verification number) are forwarded to the payment provider in encrypted form and cannot be viewed by the website operator. Stripe Payments Europe Ltd is certified according to the Industry Data Security Standard (PCI DSS) and is subject to the Safe Harbour Agreement. The payment provider transfers, processes and stores, if necessary, personal data outside the EU that is required to process the payment. Stripe is solely responsible for the processing of this
Stripe Payments Europe Ltd
Block 4, Harcourt Centre Harcourt Road Dublin 2, Ireland
Payment by giropay
The processing of the payment giropay takes place via the external payment provider Stripe and additionally via giropay GmbH. The payment provider giropay GmbH transfers, processes and stores, if necessary, personal data that are required for the processing of the payment. Only giropay GmbH is responsible for the processing of this
giropay GmbH An der Welle 4 60322 Frankfurt/Main Germany
Revocation, changes, deletion and right to information
Within the scope of the applicable legal provisions, the user has the right to receive information free of charge upon request about the personal data, its origin and recipient and the purpose of the data processing. In addition, the user has the right to correct incorrect data, blocking and deletion of his personal data, provided that this does not conflict with any legal obligation to retain