Rooms 05-15, 13A/F South Tower World Finance Center
Harbour City 17 Canton Road, Tsim Sha Tsui, Kowloon,
Registration number: 1984182
Managing director: Heinrich Sterz
We are responsible for the contents of our webpages in accordance with the regulations of the general laws, in particular pursuant to Sec. 7 (1) Tele Services Data Protection Act. All contents are created with the warranted care and according to the best of faith and belief. To the extent that we refer to webpages of third parties on our webpages by means of hyperlinks, we cannot extend any warranty for the continued currentness, correctness and completeness of the linked contents, as these contents are outside of the sphere of our responsibility and we do not have any influence over the future design. We do not accept any liability for the contents of the linked webpages and in particular not for damages arising from the use of the information that is retrievable at the linked webpages. If you believe that the contents violate applicable law or that they are incorrect or inappropriate, please tell us. We will then remove the link.
The legal notices on this page and all questions and disputes relating to the design of this website are governed by the law of the Federal Republic of Germany.
3. Copyright notice
The texts, pictures, photos, videos or graphics on our website are subject to copyright protection. Therefore, any unauthorised use (especially reproduction, processing or dissemination) of these copyright protected contents is prohibited. If you intend to use these contents or parts thereof, please see the contact details above to contact us beforehand. Unless we ourselves are the holders of the rights of use under copyright regulations, we will work toward establishing contact with the rights holder.
Data Privacy Statement
The protection of personal data is an important concern to us. Your personal data will be treated by us in compliance with the legal data protection regulations and this Data Privacy Statement. We provide information to you here about the processing of personal data during your visit to our website.
In accordance with Art. 4 GDPR, this Data Privacy Statement is based on the following definitions:
- “Personal data” (Art. 4 no. 1 of GDPR) means all information relating to an identified or identifiable natural person (“data subject”). A person is identifiable, if he/she can be identified directly or indirectly, especially by an attribution to an identifier such as a name, code number, online user name, location data, or by means of information about their physical, physiological, genetic, psychological, economic, cultural or social identity attributes. Identifiability can also be given by a combination of such information or other additional knowledge. Neither the way in which the information was created nor its form or embodiment are decisive (also photos, video or audio recordings may contain personal data).
- “Processing” (Art. 4 no. 2 GDPR) is any process, in which personal data are handled, regardless of whether this takes place with or without the help of automated processes (i.e. assisted by technology). This includes in particular the gathering (i.e. collecting), recording, organisation, sorting, storing, adjusting or modification, exporting, querying, using, disclosing by transmission, dissemination or other provision, reconciliation, linking, restriction, deletion or destruction of personal data and the change of a designated outcome or purpose, which originally served as the basis for a data processing.
- “Data Controller” (Art. 4 no. 7 GDPR) is any natural or legal person, authority, institution or other entity, which decides alone or together with others about the purposes and means of the processing of personal data.
- “Third party” (Art. 4 no. 10 GDPR) is any natural or legal entity, authority, institution or other entity, except for the data subject, data controller, commissioned data processor and the persons, who are authorised under the direct responsibility of the data controller or data processor to process the personal data; this also includes other legal entities that are affiliated with the corporate group.
- “Consent” (Art. 4 no. 11 GDPR) of the data subject refers to every freely given, specific, informed and unambiguous statement of intent given by the data subject in the form of a declaration or another unambiguous affirmative action, that he/she agrees with the processing of personal data relating to him or her.
II. Legal bases of the data processing
On principle, any processing of personal data is prohibited by law and permitted only if one of the following conditions for legitimation apply to the data processing:
- Art. 6 (1) sent. 1, lit. a) GDPR (“Consent”): If the data subject voluntarily consents, by a statement or other clear affirming action, in an informed and unambiguous manner, to the processing of the personal data relating to him/her for one or more specific purposes;
- Art. 6 (1) sent. 1, lit. b) GDPR: If the processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract;
- Art. 6 (1) sent. 1, lit. c) GDPR: If the processing is necessary for compliance with a legal obligation that applies to the controller (e.g. a statutory retention obligation);
- Art. 6 (1) sent. 1, lit. d) GDPR: If the processing is necessary in order to protect the vital interests of the data subject or of another natural person;
- Art. 6 (1) sent. 1, lit. e) GDPR: If the processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller; or
- Art. 6 (1) sent. 1, lit. f) GDPR (“Legitimate interests”): If the processing is necessary for the purposes of the legitimate interests (especially legal or economic interests) pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data (in particular where the data subject is a child).
We will state the applicable legal basis below for the processing activities we implement. Processing can also be based on multiple legal bases.
III. Processing of personal data in the context of using the website
We process the personal data described in more detail below in accordance with the regulations of the GDPR, the further applicable data protection regulations, and we do so only to the required extent. When the webpages are used, the following categories of personal data are gathered, stored and processed by us:
1. Retrieval of the website
When our website is retrieved, a so-called log dataset (so-called server logfiles) is automatically stored on our webserver temporarily and in anonymised form. This includes:
- the page from which our page was requested (so-called referrer URL),
- the name and URL of the retrieved page,
- the data and time of the retrieval,
- the description of the type, language and version of the web browser used,
- the IP address of the requesting computer, which is truncated so that it can no longer be related to a person,
- the transmitted data volume,
- the operating system,
- the message of whether the retrieval was successful (access status/HTTP status code),
- the difference to the GMT time zone.
The processing of these data serves for the improvement of the quality of our website, especially of the stability and security of the connection (the legal basis is Art. 6 (1) sent. 1, lit. f) GDPR). These data will be used neither for the creation of personal user profiles nor be transferred to third parties, and they will be deleted at the latest after 5 days. Where the processing of the personal data is based on Art. 6 (1) sent. 1, lit. f) GDPR, said purposes simultaneously represent our legitimate interests.
2. Contact form
We make a contact form available to you on our website, which serves the purpose of contacting us. The data transmitted via the contact form if it is used will be processed (e.g. last name and first name, address, company name, email address and the time of transmission). The only required information for using our contact form is a valid email address. This is required to be able to categorise your query and to answer it. More data can be provided voluntarily but this is not required for the use.
The data transmitted by means of the contact form are processed for the purpose of handling customer requests based on your voluntarily granted consent according to Art. 6 (1) sent. 1, lit. a) GDPR.
Besides the use of our website purely for information, we also offer the subscription of our newsletter (Art. 6 (1) sent 1, lit. b) GDPR). You subscribe to the newsletter in two steps to prevent abuse of your email address. Following your registration, we will send an email to the email address you have provided in which you will be requested to confirm your email address (verification). If there is no verification, your data will be deleted after the end of the 48-hour period. You will receive our newsletter only after the confirmation link contained in this email has been activated. At the time of the registration and verification, we will store your IP address valid at these points in time in order to prevent abuse of your email address. By this verification, you consent to the storing of this data as at the time of registration and verification, and the IP address at these moments for the time until you unsubscribe from the newsletter.
The newsletter data are processed for the purpose of mailing you the newsletter. In the course of signing up for our newsletter, you consent to the processing of your personal data (legal basis is Art. 6 (1) lit. a) GDPR). You can revoke your consent to the transmission of the newsletter at any time and unsubscribe from the newsletter. You can declare revocation by clicking on the link provided in every newsletter email or by sending us a message to the contact details indicated in the legal notice.
After unsubscribing, all aforementioned data will be deleted. After this, you will not receive any further newsletter from us for the booked newsletter service.
IV. Data deletion and duration of storage; place of data processing
Unless a storage period is expressly stated in the foregoing, your personal data will be stored only for as long as this is required for reaching the aforementioned purposes of processing and a legal basis is given for this.
In the event of a revocation, your personal data will be deleted immediately, unless we are obligated to retain them pursuant to legal regulations.
We process your personal data solely on our servers in Germany and in the European Union.
It is differentiated between session cookies that will be deleted again, as soon as you close your browser and permanent cookies, which will be stored beyond the individual session. Regarding the function of cookies, it is further differentiated between:
- Technical cookies: These are necessarily required to navigate the website, use basic features, and assure the security of the website; they neither gather information about you for marketing purposes nor do they store which webpages you have visited;
- Performance cookies: These cookies gather information about how you use our website, which pages you call up and, for example, if errors occur during the use of the webpages;
they do not gather any information that might be used to identify you – all gathered information is anonymous and will be used solely to improve our website and find out what our users are interested in;
- Advertising cookies, targeting cookies: These cookies have the purpose of offering advertising on the website to the user that is appropriate to needs and measuring the effectiveness of these offers;
- Sharing cookies: These cookies are used to improve the interactivity of our website with other services (e.g. social networks);
VI. Embedding of external contents
We integrate contents of third-party providers on our website. For this purpose, your browser may establish a connection with the servers of these third-party providers if applicable and transfer your personal data to these services in the process. You can find information below about the embedded contents and the data processing taking place in this context:
1. Google Maps
Our website uses Google Maps to display interactive maps and generate directions. Google Maps is a map service of Google Inc., 1600 Amphitheatre Parkway, Mountain View, California 94043, USA. When you call up a webpage of our internet appearance, which contains Google Maps, your browser will establish a direct connection to the servers of Google. The content of the map is transferred by Google directly to your browser, which integrates it in the website. We therefore have no influence on the scope of the data gathered by Google this way.
The use of Google Maps enables the transmission of information about the use of this website, including your IP address and the (departure) address entered in the route planner function to Google in the USA. This is done regardless of whether Google provides a user account in which you are logged in or if no user account exists. If you are logged in with Google, your data will be attributed directly to your account. Google stores your data as usage profile and uses it for the purpose of marketing, market research and/or design as appropriate to need of its website.
2. Google Fonts
For a consistent display of fonts, this page uses so-called web fonts from the provider Google Inc., 1600 Amphitheatre Parkway, Mountain View, California 94043, USA. When you call up a webpage of our internet appearance, your browser will establish a direct connection to the servers of Google and load the required web fonts to your browser cache to display texts and font types correctly. This way, Google will be informed that our website has been retrieved via your IP address. Google Web Fonts are used in the interest of an appealing presentation of our online appearance. This constitutes a legitimate interest in definition of Art. 6 (1) lit. f) GDPR.
VII. Your rights
You can assert your rights as data subject relating to your processed personal data against us at any time by sending a message to our contact details stated in the beginning under II. As a data subject, you have the right:
- According to Art. 15 GDPR, to request information about your personal data that are processed by us; In particular, you can request information about the processing purposes, the categories of the data, the categories of recipients to whom your data are or have been disclosed, and the planned storage duration;
- According to Art. 16 GDPR, to demand the immediate correction of inaccurate data or the completion of incomplete data about you that are stored by us;
- According to Art. 17 GDPR, to demand the deletion of your data that is stored by us, in particular insofar as the data are no longer needed for the intended purpose or that are processed illegitimately, or you have revoked your consent or stated your objection;
- According to Art. 18 GDPR, to demand the restriction of the processing of your data on certain conditions, in particular insofar as requirement for deletion is disputed;
- According to Art. 20 GDPR, to demand being provided with your personal data that you have made available to us in a structured, common and machine-readable format or demand the transmission of the data to another data controller (“Data Portability”);
- According to Art. 21 GDPR, to object to data processing, which takes place on the basis of Art. 6 (1) sent. 1, lit. e) or lit. f) GDPR for reasons arising from your particular situation. This is the case in particular if the processing is not required to perform a contract that has been concluded with you. When you make such an objection, please state the reasons why we should not process your data in the way it is done by us. In the case of a justified objection, we will check the facts and either stop or adjust the data processing, or explain our legitimate interests requiring protection and on the basis of which we will continue the processing;
- According to Art. 7 (3) GDPR, to revoke your consent once granted to us (also if granted before the applicability of the GDPR, i.e. before 25/05/2018) at any time with effect for the future, if you have given such consent. This entails that we may no longer continue with the data processing that was based on this consent in the future; and
- According to Art. 77 GDPR, to lodge complaint with a data protection supervisory authority regarding the processing of your personal data by our company, for example, with the Hess State Officer for Data Protection and Freedom of Information who is competent for us.
VII. Data security
We use suitable technical and organisational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or access by unauthorised persons (e.g. SSL encryption for our website) in consideration of the state of technology, the implementation costs and the nature, scope, context and purpose of the processing, as well as the existing risks of a data breach (including its probability and effects) for the data subject. Our security measures are being improved continuously according to technological progress.
IX. Further information
We have placed links on our website referring to the websites of other providers. Please note that we have no influence over whether these providers observe the legal regulations on data protection. We are not responsible for the data processing on these websites. You can find out how the respective providers handle data protection from their data privacy statements.