Privacy Policy

This privacy statement explains which personal data may be collected by us or third parties during your visit to our website, to what extent such data is collected, and how this information is used. The same applies if we collect or use additional personal data in the context of providing our media services (websites) for the use of a telemedia service.

Definitions
The privacy policy of HQ High Quality Chauffeur Service GmbH is based on the terminology used by the European legislator when adopting the General Data Protection Regulation (GDPR). Our privacy policy is intended to be easy to read and understand for both the general public as well as our customers and business partners. To ensure this, we would like to explain the terminology used in advance.
In this privacy policy, we use, among others, the following terms:

a) Personal data
Personal data means any information relating to an identified or identifiable natural person (hereinafter referred to as the "data subject"). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.

b) Data subject
A data subject is any identified or identifiable natural person whose personal data is processed by the controller responsible for the processing.

c) Processing
Processing means any operation or set of operations which is performed on personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

d) Restriction of processing
Restriction of processing is the marking of stored personal data with the aim of limiting their future processing.

e) Profiling
Profiling is any form of automated processing of personal data consisting of the use of such personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location or movements.

f) Pseudonymization
Pseudonymization is the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organizational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.

g) Controller or controller responsible for the processing
Controller or controller responsible for the processing is the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.
If the purposes and means of this processing are determined by Union law or the law of the Member States, the controller or the specific criteria for their nomination may be provided for by Union law or the law of the Member States.

h) Processor
Processor is a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.

i) Recipient
Recipient is a natural or legal person, public authority, agency or another body to which personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union law or the law of the Member States shall not be regarded as recipients.

j) Third party
Third party is a natural or legal person, public authority, agency or body other than the data subject, the controller, the processor, and persons who, under the direct authority of the controller or processor, are authorized to process personal data.

k) Consent
Consent is any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.

Collection of general data and information

Each time the website of HQ High Quality Chauffeur Service GmbH is accessed by a data subject or an automated system, a series of general data and information is collected. These general data and information are stored in the server’s log files. The data collected may include: (1) the browser types and versions used, (2) the operating system used by the accessing system, (3) the website from which an accessing system reaches our website (so-called referrer), (4) the subpages accessed via an accessing system on our website, (5) the date and time of access to the website, (6) an Internet Protocol address (IP address), (7) the Internet service provider of the accessing system, and (8) other similar data and information that serve to prevent danger in the event of attacks on our information technology systems.
When using these general data and information, HQ High Quality Chauffeur Service GmbH does not draw any conclusions about the data subject. Rather, this information is needed to (1) deliver the content of our website correctly, (2) optimize the content of our website as well as its advertising, (3) ensure the long-term functionality of our information technology systems and the technology of our website, and (4) provide law enforcement authorities with the information necessary for prosecution in the event of a cyberattack. Therefore, HQ High Quality Chauffeur Service GmbH analyzes these anonymously collected data and information both statistically and with the aim of increasing data protection and data security within our company, in order to ultimately ensure an optimal level of protection for the personal data we process. The anonymous data of the server log files are stored separately from all personal data provided by a data subject.

1. Collection and Use of IP Addresses
A computer that connects to the Internet is assigned a unique number by an Internet service provider. This is the Internet Protocol (IP) address. Depending on the user's service, the provider may assign a different address each time the user connects to the Internet. Since IP addresses are typically assigned in country-specific blocks, an IP address can often be used to identify the country from which a computer is connecting to the Internet. When you visit our websites, our web server temporarily records the following server log data: the IP address, the name of the accessed file, the date and time of access, the amount of data transferred, a notification of successful access, the browser type and version, the user's operating system, the referrer URL (the previously visited page), and the requesting provider. We collect and use this log data for the purposes of system security and the proper functioning of the website.
If this is not the case, IP addresses are shortened by us before any further processing, so that a personal reference is no longer possible. If you enter into a contractual relationship with us, the collection and use of log data will take place for the purpose of contract documentation and the prevention of misuse. Where content from third parties — such as videos, maps, RSS feeds, graphics, or social plugins from other service providers (websites) — is integrated into our websites, this always technically requires that these service providers (“third-party providers”) perceive the IP address of the users. Without the IP address, they would not be able to transmit their content to the user's browser. The IP address is therefore necessary for the display of such content. We have no influence over whether third-party providers, for example, use the IP address for statistical or other purposes. Where we are aware of this, we will inform users accordingly.
We would like to point out that internet-based data transmission may have security vulnerabilities, and that complete protection against access by third parties is therefore not possible.

2. Proprietary Cookies

a) Description and Scope of Data Processing
We use so-called cookies on our website to recognize repeated use of our offering by the same user or internet connection owner. Cookies are small text files that your internet browser stores on your computer. They are used to optimize our website and our services. These are mostly so-called 'session cookies,' which are deleted after your visit ends.

b) Legal Basis for Data Processing
The legal basis for the processing of personal data using technically necessary cookies is Article 6(1)(f) of the GDPR.
In the case of processing personal data using cookies for analytical purposes, the legal basis pursuant to Article 6(1)(a) of the GDPR is the user's consent.

c) Purpose of Data Processing
The purpose of technically necessary cookies is to make the use of our website easier for users. Some functions of our website cannot be offered without the use of cookies. Therefore, it is necessary for the browser to be recognized even after navigating to a different page.

We require cookies for the following applications, for example:
(1) Storing language settings
(2) Storing search terms

The user data collected through technically necessary cookies is not used by us to create user profiles. In some cases, cookies provide information that allows for automatic recognition of the user. This recognition is based on the IP address stored in the cookies. The information obtained in this way serves to optimize our services and to make it easier for you to access our website. Through the use of analytics cookies, we gain insights into how the website is used, allowing us to continuously improve our offerings.

These purposes also constitute our legitimate interest in the processing of personal data pursuant to Article 6(1)(f) of the GDPR.

d) Duration of Storage, Possibility of Objection and Removal
Cookies are stored on your device and transmitted to our site from there. This means that you have full control over the use of cookies collected.
You can prevent the installation of cookies by adjusting the settings of your browser accordingly. You can find these settings for the respective browsers at the following links:

Internet Explorer: http://windows.microsoft.com/de-DE/windows-vista/Block-or-allow-cookies

Safari: https://support.apple.com/kb/ph21411?locale=de_DE

Chrome: http://support.google.com/chrome/bin/answer.py?hl=de&hlrm=en&answer=95647

Firefox: https://support.mozilla.org/de/kb/cookies-erlauben-und-ablehnen

Opera: http://help.opera.com/Windows/10.20/de/cookies.html

However, we would like to point out that, in this case, you may not be able to fully use all functions of our website.

3. Third-Party Cookies & Tracking Technologies
Where third-party content is integrated into our websites, these third-party providers may set cookies, which you can generally prevent by adjusting the settings in your browser accordingly.
Our website also uses so-called tracking technologies. We use these technologies to make our online offerings more attractive for you. This technology enables us to target internet users who have already shown interest in our website with advertisements on our partners’ websites (e.g., Facebook, Google).

3.1 Google Analytics with Anonymization Feature
a) Description and Scope of Data Processing
We use Google Analytics on our website, a web analytics service provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043 USA, hereinafter referred to as 'Google.' Google Analytics uses so-called 'cookies,' text files that are stored on your computer and enable an analysis of your use of the website.
The information generated by these cookies, such as the time, location, and frequency of your website visit, including your IP address, is transferred to Google in the USA and stored there.
We use Google Analytics on our website with an IP anonymization feature. In this case, your IP address is shortened and anonymized by Google within the member states of the European Union or in other contracting states of the Agreement on the European Economic Area.
Google will use this information to evaluate your use of our site, compile reports on website activity for us, and provide other services related to website usage and internet usage. Google may also transfer this information to third parties if required by law or if third parties process these data on behalf of Google.
According to Google, they will not under any circumstances associate your IP address with other data from Google.
The following data may be stored, including but not limited to:
(1) The website visited
(2) The website from which the user arrived at the visited website (referrer)
(3) The duration of stay on the website

b) Legal Basis for Data Processing
The legal basis for the processing of users' personal data is Article 6(1)(f) of the GDPR.

c) Purpose of Data Processing
The processing of users' personal data allows us to analyze the browsing behavior of our users. By evaluating the data collected, we are able to compile information about the use of individual components of our website. This helps us continuously improve our website and its user-friendliness. These purposes also constitute our legitimate interest in processing the data pursuant to Article 6(1)(f) of the GDPR. The anonymization of the IP address adequately addresses the users' interest in the protection of their personal data.

d) Duration of Storage
The data is deleted as soon as it is no longer needed for our recording purposes. In our case, the data is not automatically deleted, as there is a legitimate interest for data processing under Article 6(1)(f) of the GDPR, and the data is required to create historical user data for the formation of target groups (e.g., for remarketing) and can be used indefinitely. Additionally, long-term analyses and well-founded optimizations can be carried out.

e) Right to Object and Deletion
You can prevent the installation of cookies by adjusting the settings of your browser software accordingly. However, we would like to point out that, in this case, you may not be able to fully use all functions of our website.

Furthermore, Google offers an opt-out option for the most common browsers, giving you more control over which data is collected and processed by Google. If you enable this option, no information regarding your website visit will be transmitted to Google Analytics. However, enabling this option does not prevent information from being transmitted to us or other web analytics services we may use. For more information on the opt-out option provided by Google and how to enable it, please refer to the following link: https://tools.google.com/dlpage/gaoptout?hl=de

3.2 Google Tag Manager

a) Description and Scope of Data Processing

This website also uses Google Tag Manager. This is a tool provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043 USA, to manage tags through an interface. The Tag Manager itself does not collect any personal data, as it is a cookie-free domain. The tool simply triggers other tags, which may, in turn, collect personal data. However, the Google Tag Manager does not access these data. If an opt-out has been implemented at the domain or cookie level, it will remain in effect for all tracking tags implemented with the Tag Manager.

For more information on the terms of use of Google Tag Manager, please refer to the following link: https://www.google.de/tagmanager/use-policy.html

b) Right to Object and Deletion

You can object to the collection and storage of data for web analytics by the Tag Manager at any time by disabling the setting of cookies. The website will still be fully usable. In order to implement a permanent opt-out, your browser must accept permanent cookies.

4. Data Processing Outside the EEA
Your data is typically not processed in countries outside the scope of Directive 95/46/EC of the European Parliament and Council of October 24, 1995, on the protection of individuals with regard to the processing of personal data and the free movement of such data (OJ EC No. L 281 p. 31), unless third-party providers mentioned in this privacy policy are involved, which are based outside the European Economic Area (EEA). This particularly applies to social plugins from Facebook and Google+ as well as measurement and evaluation procedures from Google (Google Analytics). Additionally, data transfer may occur if necessary for the fulfillment and execution of contracts (e.g., to airlines, hotels, etc.).

5. Inventory Data and Usage Data
We use your data for the following purposes:
For the execution of your purchases, bookings, or other orders.
As well as for the following purposes:
To offer you the possibilities of a personalized service and the optimal use of our website based on the information stored in your user profile.
To also send you personalized offers and information that are of particular interest to you.
In the event that personal data is collected and used through our website for the purpose of establishing, shaping, or modifying a contract for the use of an online service (inventory data) or to enable or bill the online service itself (usage data), we will explain the nature, scope, and purpose in the respective data collection form.

6. Disclosure to Third Parties
We will disclose data to the competent authorities only when required by law.

7. Data Confidentiality
Our personnel involved in data processing have been obligated to maintain confidentiality in accordance with data protection regulations.

8. Rights of the Data Subject
The following list includes all the rights of data subjects under the GDPR. Rights that are not relevant for the specific website do not need to be mentioned. In this regard, the list can be shortened.
If your personal data is processed, you are a data subject under the GDPR and you have the following rights against the controller:

8.1 Right of Access
You have the right to obtain confirmation from the controller as to whether personal data concerning you is being processed by us.
If such processing is taking place, you have the right to request the following information from the controller:
(1) the purposes for which the personal data are being processed;
(2) the categories of personal data being processed;
(3) the recipients or categories of recipients to whom the personal data concerning you have been or will be disclosed;
(4) the planned duration of storage of the personal data concerning you or, if specific information is not available, the criteria used to determine the storage period;
(5) the existence of the right to rectification or erasure of the personal data concerning you, the right to restriction of processing by the controller, or the right to object to such processing;
(6) the existence of the right to lodge a complaint with a supervisory authority;
(7) all available information about the source of the data, if the personal data have not been collected from the data subject;
(8) the existence of automated decision-making, including profiling, pursuant to Article 22(1) and (4) of the GDPR, and, at least in these cases, meaningful information about the logic involved, as well as the scope and intended effects of such processing on the data subject.
You have the right to request information as to whether your personal data is transferred to a third country or to an international organization. In this context, you can request to be informed about the appropriate safeguards pursuant to Article 46 of the GDPR in connection with the transfer.

8.2 Right to Rectification
You have the right to request rectification and/or completion from the controller if the personal data concerning you is inaccurate or incomplete. The controller must make the rectification without undue delay.

8.3 Right to Restriction of Processing
You have the right to request the restriction of processing of your personal data under the following conditions:
(1) if you contest the accuracy of the personal data concerning you for a period enabling the controller to verify the accuracy of the personal data;
(2) the processing is unlawful and you oppose the erasure of the personal data and request instead the restriction of its use;
(3) the controller no longer needs the personal data for the purposes of processing, but you need it for the establishment, exercise, or defense of legal claims, or
(4) if you have objected to the processing pursuant to Article 21(1) of the GDPR, and it is not yet clear whether the legitimate grounds of the controller override your reasons.
If the processing of your personal data is restricted, such data – apart from being stored – may only be processed with your consent or for the establishment, exercise, or defense of legal claims, or to protect the rights of another natural or legal person, or for reasons of important public interest of the Union or a Member State.
If the restriction of processing has been applied according to the above conditions, you will be informed by the controller before the restriction is lifted.

8.4 Right to Erasure
a) Obligation to Erase
You have the right to request the controller to erase your personal data without undue delay, and the controller is obliged to erase this data without undue delay, if one of the following grounds applies:
(1) The personal data concerning you are no longer necessary for the purposes for which they were collected or otherwise processed.
(2) You withdraw your consent on which the processing was based according to Article 6(1)(a) or Article 9(2)(a) of the GDPR, and there is no other legal basis for the processing.
(3) You object to the processing pursuant to Article 21(1) of the GDPR and there are no overriding legitimate grounds for the processing, or you object to the processing pursuant to Article 21(2) of the GDPR.
(4) The personal data concerning you has been processed unlawfully.
(5) The erasure of the personal data concerning you is required to fulfill a legal obligation under Union law or the law of the Member States to which the controller is subject.
(6) The personal data concerning you was collected in relation to offered information society services pursuant to Article 8(1) of the GDPR.
b) Information to Third Parties
If the controller has made the personal data concerning you public and is obliged to erase it pursuant to Article 17(1) of the GDPR, they shall, taking into account the available technology and implementation costs, take reasonable steps, including technical measures, to inform controllers who process the personal data that you, as the data subject, have requested the erasure of all links to, or copies or replications of, this personal data.
c) Exceptions
The right to erasure does not apply where processing is necessary
(1) for the exercise of the right to freedom of expression and information;
(2) for the fulfillment of a legal obligation which requires processing under Union law or the law of the Member States to which the controller is subject, or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
(3) for reasons of public interest in the field of public health in accordance with Article 9(2)(h) and (i) as well as Article 9(3) of the GDPR;
(4) for archiving purposes in the public interest, scientific or historical research purposes, or for statistical purposes in accordance with Article 89(1) of the GDPR, insofar as the right referred to in section a) is likely to make it impossible or seriously impair the achievement of the objectives of such processing, or
(5) for the establishment, exercise, or defense of legal claims.

8.5 Right to be Informed
If you have exercised your right to rectification, erasure, or restriction of processing with the controller, they are obligated to inform all recipients to whom the personal data concerning you has been disclosed of the rectification or erasure of the data or the restriction of processing, unless this proves impossible or involves disproportionate effort.
You have the right to be informed by the controller about these recipients.

8.6 Right to Data Portability
You have the right to receive the personal data concerning you that you have provided to the controller in a structured, commonly used, and machine-readable format. You also have the right to transmit these data to another controller without hindrance from the controller to whom the personal data was provided, provided that
(1) the processing is based on consent pursuant to Article 6(1)(a) of the GDPR or Article 9(2)(a) of the GDPR, or on a contract pursuant to Article 6(1)(b) of the GDPR, and
(2) the processing is carried out by automated means.
In exercising this right, you also have the right to obtain that the personal data concerning you is transmitted directly from one controller to another, where technically feasible. The freedoms and rights of other persons must not be adversely affected.
Das Recht auf Datenübertragbarkeit gilt nicht für eine Verarbeitung personenbezogener Daten, die für die Wahrnehmung einer Aufgabe erforderlich ist, die im öffentlichen Interesse liegt oder in Ausübung öffentlicher Gewalt erfolgt, die dem Verantwortlichen übertragen wurde.

8.7 Right to Object
You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you, which is based on Article 6(1)(e) or (f) of the GDPR; this also applies to profiling based on these provisions.
The controller shall no longer process the personal data concerning you unless they can demonstrate compelling legitimate grounds for the processing which override your interests, rights, and freedoms, or the processing is necessary for the establishment, exercise, or defense of legal claims.
If the personal data concerning you is processed for direct marketing purposes, you have the right to object at any time to the processing of your personal data for such marketing purposes; this also applies to profiling insofar as it is related to such direct marketing.
If you object to the processing for direct marketing purposes, the personal data concerning you will no longer be processed for such purposes.
You have the right to exercise your right to object in the context of the use of information society services – notwithstanding Directive 2002/58/EC – through automated means using technical specifications.

8.8 Right to Withdraw the Data Protection Consent
You have the right to withdraw your data protection consent at any time. The withdrawal of consent does not affect the lawfulness of the processing carried out on the basis of the consent before its withdrawal.

8.9 Automated Individual Decision-Making, Including Profiling
You have the right not to be subject to a decision based solely on automated processing – including profiling – that has legal effects on you or similarly significantly affects you. This does not apply if the decision
(1) is necessary for the entry into or performance of a contract between you and the controller,
(2) is permissible under Union or Member State law to which the controller is subject, and such laws contain appropriate measures to safeguard your rights and freedoms, as well as your legitimate interests, or
(3) is based on your explicit consent.
However, these decisions must not be based on special categories of personal data under Article 9(1) of the GDPR, unless Article 9(2)(a) or (g) of the GDPR applies and appropriate measures have been taken to safeguard the rights and freedoms, as well as your legitimate interests.
With regard to the cases mentioned in (1) and (3), the controller shall take appropriate measures to safeguard the rights and freedoms, as well as your legitimate interests, which shall at least include the right to obtain human intervention from the controller, to present your point of view, and to contest the decision.

8.10 Right to Lodge a Complaint with a Supervisory Authority
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your residence, place of work, or the place of the alleged infringement, if you consider that the processing of your personal data infringes the GDPR.
The supervisory authority with which the complaint has been lodged shall inform the complainant of the progress and outcome of the complaint, including the possibility of a judicial remedy under Article 78 of the GDPR.

Name and address of the data protection officer
Christine Knirsch-Franz
HQ High Quality Chauffeur Service GmbH
Bleichstraße 52
60313 Frankfurt am Main
admin@hqchauffeur.com

Name and address of the controller
The controller within the meaning of the General Data Protection Regulation (GDPR), other applicable data protection laws in the Member States of the European Union, and other provisions of a data protection nature is:
HQ High Quality Chauffeurservice GmbH
Managing Director: Dr. Andreas Dahmen
Commercial register entry: Local Court of Frankfurt, HRB 135999

Effective as of April 2025