top of page

Privacy Policy

Last updated: 09 May 2024

We welcome you to our website and are pleased about your interest in our company. We take the protection of your personal data very seriously. We process your data in accordance with the applicable legal provisions for the protection of personal data, in particular the EU General Data Protection Regulation (EU-GDPR) and the country-specific implementation laws applicable to us. With the help of this privacy policy, we would like to inform you comprehensively about the processing of your personal data by Delphian Paths and of your rights.

Personal data means the information that makes it possible to identify a natural person. This includes, in particular, your name, date of birth, address, telephone number and email address but also your IP address.

Data are anonymous if no personal reference to the user can be established.

Delphian Paths is committed to protecting the privacy of its website visitors. Please read the following policy to understand how we collect and use your personal data and the rights you have in relation to this data. Note that Delphian Paths reserves the right to amend and update this policy from time to time, so please check this page periodically.

  1. Categories of personal data we collect.

You are not obliged to provide us with your personal data to access any area of this website. However, when you contact us by email or other means, when you choose to sign up to receive our newsletters or when you decide to accept our services, we will collect the necessary data so that we can respond to your requests, send you our emails about news and updates in areas of interest to you. Delphian Paths processes - indicatively and not restrictively - the following personal data: 

1. Name of the internet service provider

2. Information about the website from which you visit us

3. Web browser and operating system used

4. The IP address assigned by your internet service provider

5. Requested files, transferred data volume, downloads/file export

6. Information about the web pages that you access on our website including date and time

7. Name, first name

8. Company name

9. Date of birth

10. Billing address (Postcode, city, country)

11. Email address

12. Phone number

13. Personal information about your health, nutrition etc

14. Payment method

15. Data that may legitimately be processed from other sources (e.g. ΙΒΑΝ, provider, card number, payment information etc)

We invite you not to disclose sensitive personal data which relate to your racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership or not, genetic data, biometric data, health data or data concerning sexual life or sexual orientation. Our company does not intend to process such information and in case such data are disclosed by you, they will be immediately deleted, unless it is necessary to process them if they are connected to obligations, tasks or purposes of Delphian Paths. 

It is our policy to collect only the minimum information needed to complete your request.

 

2. Purposes and legal bases of data processing

When processing your personal data, the provisions of the EU GDPR and all other applicable data protection regulations are observed. We have implemented generally accepted standards of technology and operational security to protect personally identifiable information from loss, misuse, alteration, or destruction. Only duly authorized persons are provided access to personally identifiable information collected via our website; such individuals have agreed to maintain the confidentiality of this information. Your data will be processed both with the aid of computerized or automated tools and on paper and will be protected through appropriate measures to ensure the confidentiality and security of personal data.

The legal basis for data processing is derived in particular from Art. 6 EU GDPR.

We use your data for business initiation, to fulfil contractual and legal obligations, to implement the contractual relationship, to offer services, to process your payments, to contact you in the event of any problems with your reservation, to send marketing offers such as newsletters, to strengthen the customer relationship, which may also include analyses for marketing purposes and direct advertising, to improve our website, to conduct and analyze our marketing activities and to prevent fraud or criminal activity and protect our technology systems and data security.

Your consent also constitutes a permission under data protection law. Here we inform you about the purposes of data processing and your right of withdrawal. Should your consent also refer to the processing of special categories of personal data, we will expressly point this out in the consent declaration.

Processing of special categories of personal data in the sense of Art. 9 para. 1 EU GDPR is only carried out if this is necessary due to legal provisions and there is no reason to assume that your legitimate interest in excluding processing outweighs your legitimate interest in protection.

 

3. Transfer to third parties

We never pass on, sell or swap your data for marketing purposes to third parties outside our company. We will only pass on your data to third parties in order to provide you with the services mentioned above or within the framework of the legal regulations or with the appropriate consent. Otherwise the data will not be passed on to third parties, unless we are obliged to do so by mandatory legal provisions (passing on to external bodies such as supervisory authorities or law enforcement agencies).

 

4. Recipients of the data/categories of recipients

Within our company, we ensure that only those persons receive your data who need it to fulfil contractual and legal obligations. In many cases, service providers support our specialist departments in fulfilling their tasks. These service providers support our specialist departments, for example in data analysis, reservation procedure etc.

We are also obliged to share your personal data with various third party recipients such as: Banks, companies or payment service providers and payment processing organizations (e.g. PAYPAL, VISA, Mastercard) in case of your transactions with the Company. Additionally, we are using a service provided by Wix for our site’s creation and maintenance, a service provided by CaptainBook.io for our reservation system’s operation and a service provided by Stripe for the execution of financial transactions. All the above providers may receive your data, if it is necessary in order to accomplish their tasks.

If you have given us your consent for the services of Google and the services provided by Microsoft, we transmit data to Google and Microsoft Corporation respectively. The transmission of the data takes place within the framework of order processing on the basis of the standard data protection clauses.

The third-party providers may use their own third-party subcontractors that may have access to your personal data (sub-processors).  It is our policy to use only third-party providers that are bound to maintain appropriate levels of security and confidentiality, to process personal information only as instructed by us, and to flow those same obligations down to their sub-processors.

Some of the aforementioned entities/professionals may be located in countries outside the European Union or the European Economic Area. In this case, in compliance with the applicable regulations, your data may also be transferred abroad to countries not belonging to the European Economic Area. Any transfer of data to countries located outside the European Economic Area will, in any case, be made in compliance with appropriate measures for the protection of your personal data by applying the appropriate and pertinent guarantees for the purposes of the transfer, pursuant to Articles 44 and following of the European Regulation.

In any case, you may obtain further information on the possible transfer of the data outside the European Union or the European Economic Area by making a request to us by email.

 

5. Data storage duration

We store your data for as long as they are needed for the respective processing purpose. Please note that numerous retention periods require that data continue to be (must be) stored. This concerns in particular commercial or tax retention obligations (e.g. Commercial Code, Tax Code, etc.). Provided that there are no further storage obligations, the data are routinely deleted after the purpose has been achieved.

In addition, we may retain data if legal disputes arise and we use evidence within the scope of legal limitation periods, which can be up to thirty years. 

 

6. Secure transfer of your data

In order to protect the data stored with us against accidental or intentional manipulation, loss, destruction or access by unauthorized persons in the best possible way, we use appropriate technical and organisational security measures. The security levels are continuously reviewed in cooperation with security experts and adapted to new security standards.

The data exchange from and to our website is always encrypted. We offer HTTPS as the transfer protocol for our website, in each case using the latest encryption protocols.

In addition, we offer our users content encryption as part of the contact forms. Only we can decrypt these data.

 

7. Obligation to provide data

Various personal data are necessary for the establishment, execution and termination of the debt relationship and the fulfilment of the contractual and legal obligations associated therewith. The same applies to the use of our website and the various functions it provides.

We have summarised details of this for you in the above point. In certain cases data must also be collected or made available due to legal regulations. Please note that it is not possible to process your enquiry or perform the underlying contractual relationship without providing these data.

 

8. Your rights

Without prejudice to the possibility for the Data Subject not to provide his/her own Data, you may, at any time and free of charge, exercise the following rights: 

Right of access (Article 15 GDPR): You have the right to request free access to your personal data held by us.

Right to rectification (Article 16 GDPR): You have the right to request the rectification of inaccurate personal data and the completion of incomplete data.

Right to erasure (Article 17 GDPR): You have the right to request the erasure of your personal data under certain conditions, such as when the data is no longer necessary, you have withdrawn your consent, you think that the data has been unlawfully processed etc. 

Right to restriction of processing (Article 18 GDPR): You have the right to request the restriction of the processing of your personal data if you think that the accuracy of your data is contested, the processing is unlawful, the data is no longer needed by us and/or you object to automated processing.

Right to data portability (Article 20 GDPR): You have the right to request the transfer of your data to another controller.

Right to object (Article 21 GDPR): You have the right to object to the processing of your personal data by us, provided that the public interest is not affected.

Right to non-automated individual decision-making, including profiling (Article 22 GDPR): You have the right to object when a decision concerning you is based solely on automated processing, including profiling, and that decision produces legitimate effects or significantly affects you.

To exercise these rights, please contact us at: delphianpaths@gmail.com The same applies if you have any questions about data processing in our company or wish to revoke any consent you have given. 

A response to such a request shall be provided within one (1) month after receipt and, in any case, within two (2) additional months if this is required by the complexity of the request or the general number of requests we have received.

You also have a right to lodge a complaint with a data protection supervisory authority.

In case of general questions about the processing of personal data, or for any data protection issues, you can contact us at  delphianpaths@gmail.com.

 

9.Visit to our website (Art. 6 para. 1 f) EU GDPR

When our website is called up, the following data are automatically recorded by our web server: Name of your internet service provider, information about the website from which you are visiting us, the web browser and operating system used, the IP address assigned by your internet service provider, files requested, data volume transferred, downloads/file exports and information about the websites you visit from our website, including date and time.

This data processing is technically necessary so that the contents of our website can be delivered to your end device. Your IP address must therefore also necessarily be collected and stored for the duration of the respective session. The same applies to other data whose processing is necessary for the correct display of our website. The storage of data in the so-called log files also serves to further optimise the site, to ensure its functionality, to guarantee the security of our applications and for legal protection (e.g. recognition and defence of attacks on our website).

The legal basis for this data processing and temporary data storage is our legitimate interest as a website operator (Art. 6 para. 1 f) EU GDPR).

The storage period of the data is limited and deletion takes place as soon as the data no longer need to be kept for processing purposes. 

10. Payment systems (Art. 6 para. 1 a), b) EU GDPR), credit assessment (Art. 6 para. 1 f) EU GDPR)

In our website you can pay by credit/debit card or PayPal. For this purpose, the respective payment-relevant data are collected in order to be able to process your reservation and payment. In addition, your IP address is processed for technical reasons and for legal protection.

The principle of data economy and data avoidance is observed by requiring you to provide us only with the data that we absolutely need to carry out the payment processing and thus the execution of the contract or that we are legally obliged to collect.

Without these data, we will unfortunately have to refuse to conclude the contract, as we will not be able to carry it out.

The payment system used by us uses TLS encryption for the protected transfer of your data.

Note on credit card payment:

As usual with credit card payments, the credit card details are checked and a credit assessment is carried out.

Note about PayPal:

PayPal is a company which is part of PayPal (Europe) S.à.r.l. et Cie, S.C.A. 22-24 Boulevard Royal, L-2449 Luxembourg. If the data subject selects "PayPal" as a payment option in our online shop during the ordering process, data of the data subject is automatically transferred to PayPal.

By selecting this payment option, the data subject consents to the transfer of personal data required for the processing of payments. Personal information submitted to PayPal is typically the first name, last name, address, email address, IP address, phone number, mobile phone number, or other information necessary to process payment.

For the processing of the sales contract, personal data which relate to the respective order are also necessary. Details about PayPal's privacy policy can be found at:

https://www.paypal.com/de/webapps/mpp/ua/privacy-prev

Note on direct debit procedure:

As usual with direct debit, your account details (account holder etc) are collected to debit the corresponding amount from your account.


11. Notice regarding copyright law and artists' rights

Should you wish to publish images, texts, plans, videos, music, etc. on our website, please be aware that you may be required to assign all associated usage rights to the network, which could ultimately have legal consequences for you if you are not the author or rights holder.

 

12. Contact form / contact by email (Art. 6 para. 1 a), b) EU GDPR)

There is a contact form on our website which can be used for electronic contact. If you write to us via the contact form, we process the data you provide to contact you and answer your questions and requests.

Here the principle of data economy and data avoidance is observed, in that you only have to provide the data that we absolutely need to contact you. These are your email address, salutation, first name, last name, subject and the message field itself. In addition, your IP address is processed for technical reasons and for legal protection. All other data are voluntary fields and can be entered optionally (e.g. to answer your questions more individually).

If you contact us by email, we will process the personal data provided in the email solely for the purpose of processing your request.

 

13. Online booking (Art. 6 para. 1 b) EU GDPR)

We process the data you provide in the order form only for the purpose of implementing or processing the contractual relationship, unless you agree to further use.

The principle of data economy and data avoidance is observed in that you only have to provide us with the data that we absolutely need in order to execute the contract or to fulfil our contractual obligations (i.e. your name, phone number, email address and the payment data required for the selected payment method) or that we are legally obliged to collect.

In addition, your IP address is processed for technical reasons and for legal protection. Without these data, we will unfortunately have to refuse to conclude the contract, as we will then not be able to carry it out or may have to terminate an existing contract. Of course, you can also provide more data of your own accord if you wish.

 

14. Information about privacy in social media

Our company maintains various appearances in social media in order to communicate with the users registered there and to inform them about our services.

We wish to point out that you are responsible for your use of these platforms and their included features. This applies in particular to your specific usage behaviour on these platforms. This is especially the case if you use interactive features (e.g. commenting, sharing, rating).

With regard to the processing of your personal data, however, we have a shared responsibility with Facebook/Instagram towards all existing customers, prospective customers and users. We are aware of this responsibility and the protection of your data is important to us. Unfortunately, we are unable to fully meet our responsibilities in this context because Facebook/Instagram does not provide us with the necessary transparency and the information required to fulfil the above-mentioned information obligations. Nevertheless, we strive to take all necessary measures to protect your data.

We further point out that when you use these platforms, your data may be processed outside the European Union. Please note that in the case of data transfer to so-called third countries outside the EU (e.g. USA), there may not be a level of protection there that complies with the EU Data Protection Regulation. It may therefore be possible for security authorities to access your data without you having any legal protection against this.

In addition, your usage and user-related information may be processed for market-research and promotional purposes. For example, user profiles may be generated on the basis of your usage behaviour and associated interests. This makes it possible to activate ads both within and outside these platforms. As a general rule, cookies are stored on your device for this purpose. Regardless of this, the usage profiles may also be used to store data that is not collected directly from your device (especially if you are a member of the respective platforms and are logged in to them).

In addition, as the provider of this information service, we do not collect and process data resulting from your use of our service.

Our processing of users' personal data is based on our legitimate interest in effectively informing and communicating with users in accordance with. Art. 6 (1f) GDPR. If you are asked to consent to data processing by the respective providers (e.g. by checking a box or clicking on a button), the legal basis for the processing is Art. 6 (1a) and Art. 7 GDPR.

 

15. Conversion tracking with Google Ads (Art. 6 para. 1 lit. a EU GDPR)

We use the advertising service Google Ads (formerly Google AdWords) of Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; “Google”). If you are a resident of the European Economic Area or Switzerland, Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland) is the controller of your data collected in these procedures. The types of display network and search that are active with us are used to measure your interactions with advertisements placed on Google. For this purpose, when you click on one of our advertisements placed by Google, a cookie is stored in your browser. This is used to track your further activity on the product advertised in the ad (conversion tracking). We use this data to measure the effectiveness of our advertising campaigns. The following data is collected from you: a unique ID, the number/frequency of advertisements (ad impressions) delivered to you and the actions/clicks you perform.

We also use the remarketing function within the Google Ads service. With the remarketing function, we can connect users of our website to other websites within the Google advertising network (in Google Search or on YouTube, so-called “Google Ads” or on other websites) present advertisements based on their interests. For this purpose, the interaction of users on our website is analysed, e.g. which offers the user was interested in, in order to be able to display targeted advertising to users on other pages even after visiting our website. For this purpose, Google stores a number in the browsers of users who visit certain Google services or websites in the Google Display Network. This number, known as a "cookie", is used to record the visits of these users. This number is used to uniquely identify a web browser on a specific device and not to identify a person.

The use of Google tools is based on your consent in accordance with Art. 6 para. 1 lit. a EU GDPR, Section 25 para. 1 Telecommunications-Telemedia Data Protection Act - TTDSG) You can revoke your consent at any time. The withdrawal applies only to the device and the web browser on which the cookie was placed; please repeat the process where necessary on all devices. If you delete the opt-out cookie, you will be asked again for your consent to the data transfer.

You can also configure your browser accordingly to prevent third-party ads. You can also permanently prevent Google tracking via a corresponding plug-in for the common web browsers, which you have to download and install here: https://support.google.com/ads/answer/7395996. Your data will be transmitted to Google for evaluation. If you have an account with Google, Google can also merge the data obtained from the tracking. Data are transferred to third countries; see: Transfer of data to third countries/intention to transfer data to third countries.

For more information about Google and Google's privacy policy, please visit: www.google.com/privacy/ads/.

 

16. Microsoft Bing Ads (Art. 6 para. 1 a) EU GDPR)

We use Bing-Ads, an advertising service from Microsoft Corporation (One Microsoft Way, Redmond, WA 98052-6399, USA) on our website. For this purpose, three cookies are set in your browser, which are used for targeted advertising to you and measure valid clicks on advertisements of the Microsoft network. The following data are collected: a universal ID for event tracking, a Microsoft Bing Ads ID to measure your interactions with the ads. We use this tool to promote our products and measure the effectiveness of our advertisements.

The tool is used on the basis of your consent pursuant to Art. 6 para. 1 a) EU GDPR. You can revoke your consent at any time by clicking here https://choice.microsoft.com/de/opt-out. The revocation only applies to the device and the web browser on which it was set, please repeat the process on all devices if necessary. If you delete the opt-out cookie, you will be asked again for your consent to the transfer of data. Your data will be transferred to Microsoft for evaluation (see Third country transfer / Third country transfer intention). Together with Microsoft we are jointly responsible for data processing. 

 

17. Right of objection

Please note the following in connection with your right of objection:

If we process your personal data for the purpose of direct advertising, you have the right to object to this data processing at any time without giving reasons. This also applies to profiling, insofar as it is related to direct advertising.

If you object to processing for direct advertising purposes, we will no longer process your personal data for these purposes. The objection is free of charge and can be made informally, if possible to delphianpaths@gmail.com

In the event that we process your data to protect legitimate interests, you can object to this processing at any time for reasons arising from your particular situation; this also applies to profiling based on these provisions.

We will then no longer process your personal data unless we can prove compelling reasons for processing worthy of protection that outweigh your interests, rights and freedoms or the processing serves to assert, exercise or defend legal claims.

 

18. Cookies

A cookie is a small text file that is saved to, and, during subsequent visits, retrieved from your computer. Delphian Paths uses cookies to enhance and simplify your visit, to improve the Site and to deliver a better and more personalized service. We do not use cookies to store personal information, or to disclose information to third parties.

There are two types of cookies: permanent and temporary (session cookies). Permanent cookies are stored as a file on your computer or mobile device for no longer than 12 months. Session cookies are stored temporarily and disappear when you close your browser session.

You can easily erase cookies from your computer or mobile device using your browser. You can choose to disable cookies, or to receive a notification each time a new cookie is sent to your computer or mobile device. Please note that if you choose to disable cookies, you will not be able to take advantage of all our features.

Third-party cookies

We use third-party cookies to collect statistics in aggregate form in analysis tools such as Google Analytics. (We also use Google Analytics Advertising Features)

bottom of page