top of page
Kölner Dom
in2germany_Logo_Gold.png

Data Protection Policy

​

Controller
Granit Tours GmbH
Siebenmorgen 16
51427 Bergisch Gladbach, Germany
Email: info@in2germany.eu
 

We appreciate your interest in our website. Protecting your privacy is important to us. This privacy policy explains in detail how we handle your personal data in accordance with the EU General Data Protection Regulation (GDPR).
 

1. Access Data and Hosting

You can visit our website without disclosing any personal information. Each time you access our site, our web server automatically stores a “server log file,” which includes the name of the file requested, your IP address, the date and time of access, the amount of data transferred, and the requesting internet provider (collectively “access data”).

We process this access data solely to ensure the smooth operation of our site and to improve our services. This is done under our overriding legitimate interest in providing an accurate and secure website (Article 6(1)(f) GDPR).

All access data is deleted no later than seven days after your visit.
 

1.1 Hosting

Some hosting and display services are provided by our service providers under data processing agreements. Unless otherwise stated in this policy, all access data and any data entered into website forms are processed on their servers.

Our providers are located and/or use servers in countries with an adequate level of data protection as determined by the European Commission (e.g., United Kingdom, USA). For the USA, this is based on the EU–US Data Privacy Framework for certified providers. If certification is not yet in place, transfers are based on the European Commission’s Standard Contractual Clauses.
 

1.2 Content Delivery Network (CDN)

To improve loading times, we use a “Content Delivery Network” (CDN) to deliver website content—such as large media files—via regionally distributed servers of external providers. These providers process access data on our behalf under data processing agreements.

Some CDN providers are located and/or use servers in countries outside the EU/EEA without an adequacy decision. In such cases, transfers are based on the European Commission’s Standard Contractual Clauses.
 

2. Data Processing for Contact and Customer Communication

2.1 User Accounts

If you choose to create a user account and consent under Article 6(1)(a) GDPR, we will use your data to set up and manage the account.
You may request deletion of your account at any time by contacting us or using the relevant account function. After deletion, your data will also be erased unless you have consented to further use or we are legally entitled to retain it.
 

2.2 Contacting Us

When you contact us (e.g., via form, live chat, or email), we collect the personal data you provide to process your request. Mandatory fields are marked as such because the information is essential to respond. The exact data collected is shown in the form.

Processing is carried out under Article 6(1)(b) GDPR to fulfill a contract or take steps before entering into one. Once your request has been fully processed, your data will be deleted unless you have consented to further use or we are legally entitled to retain it.

Live Chat – Userlike
We use the “Userlike” live chat tool (Userlike UG, Probsteigasse 44–46, 50670 Cologne, Germany) to communicate with customers. This serves our legitimate interest under Article 6(1)(f) GDPR in providing effective customer service. Userlike processes data on our behalf under a data processing agreement.
 

3. Advertising via Email

Email Newsletter with Registration & Tracking
If you subscribe to our newsletter, we use the necessary or separately provided data to send you our email newsletter based on your consent (Article 6(1)(a) GDPR).

You can unsubscribe at any time via the link in each newsletter or by contacting us. Your email will then be removed from the list unless you have consented to further use or we are legally entitled to retain it.

If you have also consented to newsletter tracking (Article 6(1)(a) GDPR), we analyze how you interact with our emails (open rates, link clicks) to improve campaigns. For this purpose, the emails include tracking pixels stored on our site, linked to your email or IP address.

You may withdraw your consent to tracking at any time via the unsubscribe link or by contacting us.
 

4. Cookies and Other Technologies
General Information:

We use cookies and similar technologies to make our site more user-friendly and to enable certain features.

Some cookies are essential for operation and do not require consent; others require your consent under Article 6(1)(a) GDPR. If you do not consent, some features may not work properly.

You can manage cookie settings in your browser: Microsoft Edge™, Safari™, Chrome™, Firefox™, Opera™.
 

5. Use of Cookies and Other Technologies

5.1 Adobe Services

We use Adobe Systems Software Ireland Limited. Data collected may be stored on Adobe Inc. servers in the USA. Transfers are based on the EU–US Data Privacy Framework or Standard Contractual Clauses.

Adobe Fonts – Loads fonts from Adobe servers to ensure consistent display.
 

5.2 Google Services

We use Google Ireland Ltd. services. Data is generally stored on Google LLC servers in the USA. Transfers are based on adequacy decisions or Standard Contractual Clauses.

Google Maps – Displays maps and processes location data.

Google reCAPTCHA – Protects forms from spam by analyzing usage patterns.

Google Fonts – Ensures consistent display of text.

YouTube Plugin – Loads videos in privacy-enhanced mode; data is sent to Google only when videos are played.
 

5.3 Facebook (Meta) Services

We use Facebook Pixel for analytics and targeted advertising under agreements with Meta Platforms Ireland Ltd.
 

5.4 Other Services

Vimeo Plugin – Embeds videos hosted by Vimeo Inc., which may also include Google Analytics tracking.
 

6. Social Media


6.1 Social Buttons

Our website contains social media buttons as simple links so no data is transmitted until you click them.
 

6.2 Online Presence

We maintain pages on Facebook, Instagram, YouTube, Tiktok and LinkedIn. If you visit these pages and have consented to the platform’s processing, your data will be used for market research and advertising. Data transfers may be based on adequacy decisions or Standard Contractual Clauses.
 

7. Your Rights and Contact
7.1 Rights

Under the GDPR, you have the right to:

Access your data (Art. 15)

Correct inaccurate data (Art. 16)

Delete your data (Art. 17)

Restrict processing (Art. 18)

Data portability (Art. 20)

Lodge a complaint with a supervisory authority (Art. 77)

Right to Object:
You may object to processing based on legitimate interests at any time with future effect. If processing is for direct marketing, you can object at any time and we will stop.
 

7.2 Contact

For questions about data protection or to exercise your rights, contact us using the details in our legal notice.

bottom of page