Privacy policy
Content
Introduction
When you use the services of Holiday-NL, we need to collect various personal data from you. We strive for an extremely careful and transparent handling of your personal data. With this data protection declaration, we would like to inform you for what purposes and in what way we process your personal data. This Privacy Policy applies to all personal data that we process when you make a booking with us, use our services or visit our website or when we have contact with you.
This privacy policy was last updated on 01. February 2023 and replaces all previous versions of this Privacy Policy.
Who are we?
Holiday-NL does everything to offer you a perfect holiday. The following entities are responsible for the correct processing of your personal data:
Pure VCATION B.V.
The registered office of both legal entities is located at Kapellerpoort1, (6041 HZ) Roermond, The Netherlands.
What data do we collect from you and why?
We process your personal data primarily to offer you a perfect holiday. We hope for a long-term relationship so that we can continue to serve you in the future and make you offers based on your interests or your booking history.
When booking a holiday accommodation
When you book one of the accommodations we offer, we collect from you by default the data we need to provide you with the accommodation.
Buchungsdetails
Booking details are data about the holiday you have booked with us, for example the type of accommodation, the date of arrival, the departure date and preferences. In order for us to properly process your booking, we collect this data in our reservation system.
Name and address
We need your name and address in order to be able to record your booking in our reservation system, as well as for registration in the official accommodation directory, but also, for example, to be able to fulfil the obligation to pay tourist tax. If we are unable to send certain items to you by email, we will send them to the address you provided.
Phone number and email address
The confirmation of your booking, as well as interesting information about the park where you will spend your holidays and the surrounding area, will be sent to the e-mail address provided by you. If we have any questions shortly before your stay, we will call you.
Date of birth
Only persons over 21 years of age can make bookings. If you provide your date of birth, we can check whether you are allowed to make a booking.
Account number
You can pay for your booking in our secure payment environment or by bank transfer. We charge you a deposit for accommodation. We collect your account number solely to refund you the deposit. We will not and cannot debit any funds from your account. If you want to pay by credit card, your data will be forwarded to our banking institution, which processes the payment. We don't have any insight into your credit card details, but we can see that you paid with a credit card.
Lease
If you rent a holiday home for a longer period of time, we will draw up a rental agreement that must be signed by you.
Contact our guest service
Our guest service will be happy to help you if you have a question about your booking or stay. You can contact us in several ways.
Online Contact
If you contact us using the contact form on the website, your title, name, contact details and question or note will be recorded. If you ask us a question via social media or online chat, only your name, email address and the content of the conversation will be recorded. The same applies if you send us an e-mail message. The collection of this data is necessary so that we can communicate with you. In addition, we can answer your question quickly and efficiently and find your data immediately.
WhatsApp
We can also be reached via WhatsApp. In order for us to communicate with you via WhatsApp, we need to collect your phone number. We use your phone number and the question you ask to answer your question and for training purposes.
Telephone contact
If you contact our guest service, we can ask you various control questions to ensure that your data does not fall into the wrong hands.
When submitting a complaint
If you have an unexpected complaint, please submit it to our Quality Department. In this case, we will register your name and the content of your complaint in order to process your complaint.
Payment
In the context of contractual and other legal relationships, due to legal obligations or otherwise on the basis of our legitimate interests, we offer the data subjects efficient and secure payment options and use other service providers in addition to banks and credit institutions (collectively "payment service providers"). The data processed by the payment service providers includes inventory data, such as name and address, bank data, such as account numbers or credit card numbers, passwords, TANs and checksums as well as contract, total and recipient-related information. The information is required to carry out the transactions. However, the data entered will only be processed by the payment service providers and stored by them. This means that we do not receive any account or credit card-related information, but only information with confirmation or negative information of the payment. Under certain circumstances, the data may be transmitted by the payment service providers to credit agencies. The purpose of this transmission is to check identity and creditworthiness. For this purpose, we refer to the GTC and the data protection information of the payment service providers. For payment transactions, the terms and conditions and the data protection information of the respective payment service providers apply, which can be accessed within the respective websites or transaction applications. We also refer to these for the purpose of further information and assertion of revocation, information and other rights of data subjects.
Processed data types: Inventory data (e.g. names, addresses); Payment data (e.g. bank details, invoices, payment history); Contract data (e.g. subject matter of the contract, term, customer category); Usage data (e.g. websites visited, interest in content, access times); Meta, communication and procedural data (e.g. IP addresses, times, identification numbers, consent status); Contact details (e.g. e-mail, telephone numbers).
Data subjects: customers; Interested parties.
Purposes of processing: Provision of contractual services and customer service.
Legal basis: Performance of contract and pre-contractual inquiries (Art. 6 para. 1 sentence 1 lit. b) GDPR).
Further information on processing operations, procedures, and services:
Apple Pay: payment services (technical connection of online payment methods); Service provider: Apple Inc., Infinite Loop, Cupertino, CA 95014, USA; Legal basis: Performance of contract and pre-contractual enquiries (Art. 6 para. 1 sentence 1 lit. b) GDPR); Website:https://www.apple.com/de/apple-pay/; Privacy Policy: https://www.apple.com/legal/privacy/de-ww/.
Giropay: payment services (technical connection of online payment methods); Service provider: giropay GmbH, An der Welle 4, 60322 Frankfurt, Germany; Legal basis: Performance of contract and pre-contractual enquiries (Art. 6 para. 1 sentence 1 lit. b) GDPR); Website:https://www.giropay.de; Privacy Policy: https://www.giropay.de/rechtliches/datenschutzerklaerung/.
Google Pay: payment services (technical connection of online payment methods); Service providers: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland; Legal basis: Performance of contract and pre-contractual enquiries (Art. 6 para. 1 sentence 1 lit. b) GDPR); Website: https://pay.google.com/intl/de_de/about/; Privacy Policy:https://policies.google.com/privacy.
Klarna / Sofortüberweisung: payment services (technical connection of online payment methods); Service provider: Klarna Bank AB (publ), Sveavägen 46, 111 34 Stockholm, Sweden; Legal basis:Performance of contract and pre-contractual inquiries (Art. 6 para. 1 sentence 1 lit. b) GDPR); Website: https://www.klarna.com/de; Privacy Policy:https://www.klarna.com/de/datenschutz.
Mastercard: payment services (technical connection of online payment methods); Service provider: Mastercard Europe SA, Chaussée de Tervuren 198A, B-1410 Waterloo, Belgium; Legal basis: Performance of contract and pre-contractual enquiries (Art. 6 para. 1 sentence 1 lit. b) GDPR); Website: https://www.mastercard.de/de-de.html; Privacy Policy: https://www.mastercard.de/de-de/datenschutz.html.
PayPal: Payment services (technical connection of online payment methods) (e.g. PayPal, PayPal Plus, Braintree); Service provider:PayPal (Europe) S.à r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg; Legal basis: Performance of contract and pre-contractual enquiries (Art. 6 para. 1 sentence 1 lit. b) GDPR); Website: https://www.paypal.com/de; Privacy Policy:https://www.paypal.com/de/webapps/mpp/ua/privacy-full.
Stripe: payment services (technical connection of online payment methods); Service provider: Stripe, Inc., 510 Townsend Street, San Francisco, CA 94103; Legal basis: Performance of contract and pre-contractual enquiries (Art. 6 para. 1 sentence 1 lit. b) GDPR); Website:https://stripe.com; Privacy Policy: https://stripe.com/de/privacy.
Visa: payment services (technical connection of online payment methods); Service provider: Visa Europe Services Inc., London Branch, 1 Sheldon Square, London W2 6TT, UK; Legal basis: Performance of contract and pre-contractual enquiries (Art. 6 para. 1 sentence 1 lit. b) GDPR); Website: https://www.visa.de; Privacy Policy:https://www.visa.de/nutzungsbedingungen/visa-privacy-center.html.
Web analytics tools and advertising
Newsletter
After you have made a booking with Holiday-NL or signed up for our newsletter on the website, we will use your email address to send you our personalised newsletters. Personalised newsletters are holiday offers that are similar to your previous holiday bookings.
We send a maximum of two newsletters per week. If you receive a newsletter from us, we can see whether you have received the newsletter and whether you have clicked on a link in the newsletter. We ask you about your holiday interests. Of course, you are not obliged to inform us of your interests. Based on the interests and/or bookings you have indicated in the past, we ensure that you only see individual advertisements that correspond to your holiday wishes. This prevents you from receiving an unnecessary amount of e-mail messages.
You can unsubscribe from the newsletter using the link in the newsletter.
Ads on other platforms
We also use your email address to show you advertisements that match your interests via social media. We can't see which ads are shown to which person, or whether your email address has a social media account linked. Let us know if you don't want to see personalized ads on social media.
When you visit the Holiday-NL website, we use cookies to show you personalised advertisements on other websites. You can read more about this in our Cookie Policy.
Further information on processing operations, procedures, and services:
Measurement of opening and click rates: The newsletters contain a so-called "web-beacon", i.e., a pixel-sized file that is retrieved from our server or, if we use a shipping service provider, from its server when the newsletter is opened. As part of this retrieval, technical information, such as information about the browser and your system, as well as your IP address and the time of retrieval, are initially collected. This information is used to technically improve our newsletter based on the technical data or the target groups and their reading behavior based on their retrieval locations (which can be determined with the help of the IP address) or access times. This analysis also includes determining whether the newsletters are opened, when they are opened and which links are clicked. This information is assigned to the individual newsletter recipients and stored in their profiles until they are deleted. The evaluations serve us to recognize the reading habits of our users and to adapt our content to them or to send different content according to the interests of our users. The measurement of the opening rates and the click rates as well as the storage of the measurement results in the profiles of the users
Legal basis: consent (Art. 6 para. 1 sentence 1 lit. a) GDPR).
Prerequisite for the use of free services: Consent to the sending of mailings can be made dependent as a prerequisite for the use of free services (e.g., access to certain content or participation in certain promotions). If users wish to use the free service without subscribing to the newsletter, please contact us.
Sending via SMS: The electronic notifications can also be sent as SMS text messages (or are sent exclusively via SMS if the sending authorization, e.g., consent, only includes sending via SMS); Legal basis: Consent (Art. 6 para. 1 sentence 1 lit. a) GDPR).
Facebook Messenger Broadcasts: Messenger with end-to-end encryption; Service providers: Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland; Legal basis: Legitimate interests (Art. 6 para. 1 sentence 1 lit. f) GDPR); Website:https://www.facebook.com; Privacy Policy: https://www.facebook.com/about/privacy; Data processing contract:https://www.facebook.com/legal/terms/dataprocessing; Standard contractual clauses (ensuring a level of data protection for processing in third countries):https://www.facebook.com/legal/EU_data_transfer_addendum; Possibility of objection (opt-out):https://www.facebook.com/adpreferences/ad_settings (login to Facebook is required).
HubSpot: Email marketing platform; Service provider: HubSpot, Inc., 25 First St., 2nd floor, Cambridge, Massachusetts 02141; Legal basis:legitimate interests (Art. 6 para. 1 sentence 1 lit. f) GDPR); Website: https://www.hubspot.de; Privacy Policy: https://legal.hubspot.com/de/privacy-policy; Data processing contract: https://legal.hubspot.com/dpa; Standard contractual clauses (guarantee of data protection level for processing in third countries): https://legal.hubspot.com/dpa.
Mailchimp: email sending and email marketing platform; Service provider: Rocket Science Group, LLC, 675 Ponce De Leon Ave NE #5000, Atlanta, GA 30308; Legal basis: legitimate interests (Art. 6 para. 1 sentence 1 lit. f) GDPR); Website: https://mailchimp.com; Privacy Policy:https://mailchimp.com/legal/; Data processing contract: https://mailchimp.com/legal/; Standard contractual clauses (guarantee of a level of data protection for processing in third countries): inclusion in the data processing contract; For more information: Special security measures: https://mailchimp.com/help/Mailchimp-european-data-transfers/.
Presence in social networks (social media)
We maintain online presences within social networks and process user data in this context in order to communicate with the users active there or to offer information about us. We would like to point out that user data may be processed outside the European Union. This can result in risks for users, e.g. because the enforcement of users' rights could be made more difficult. Furthermore, user data is usually processed within social networks for market research and advertising purposes. For example, user profiles can be created on the basis of the usage behavior and the resulting interests of the users. The usage profiles can in turn be used, for example, to place advertisements within and outside the networks that presumably correspond to the interests of the users. For these purposes, cookies are usually stored on the user's computers, in which the usage behavior and interests of the users are stored. Furthermore, data may also be stored in the usage profiles independently of the devices used by the users (in particular if the users are members of the respective platforms and are logged in to them). For a detailed description of the respective forms of processing and the possibilities of objection (opt-out), we refer to the data protection declarations and information provided by the operators of the respective networks.Even in the case of requests for information and the assertion of data subject rights, we point out that these can be asserted most effectively with the providers. Only the providers have access to the data of the users and can directly take appropriate measures and provide information. If you still need help, you can contact us.
Types of data processed: contact details (e.g., e-mail, telephone numbers); Content data (e.g. entries in online forms); Usage data (e.g. websites visited, interest in content, access times); Meta, communication and procedural data (e.g. IP addresses, times, identification numbers, consent status).
Data subjects: Users (e.g., website visitors, users of online services).
Purposes of processing: contact requests and communication; Feedback (e.g., collecting feedback via online form); Marketing.
Legal basis: Legitimate interests (Art. 6 para. 1 sentence 1 lit. f) GDPR).
Further information on processing operations, procedures and services:
Instagram: social network; Service providers: Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland; Legal basis: legitimate interests (Art. 6 para. 1 sentence 1 lit. f) GDPR); Website: https://www.instagram.com; Privacy Policy:https://instagram.com/about/legal/privacy.
Facebook pages: Profiles within the social network Facebook - We are jointly responsible with Meta Platforms Ireland Limited for the collection (but not the further processing) of data of visitors to our Facebook page (so-called "fan page"). This data includes information about the types of content users view or interact with or the actions they take (see "Things done and provided by you and others" in the Facebook Data Policy: https://www.facebook.com/policy), as well as information about the devices used by users (e.g., IP addresses, operating system, browser type, language settings, cookie data; see "Device Information" in the Facebook Data Policy: https://www.facebook.com/policy). As explained in the Facebook Data Policy under "How do we use this information?", Facebook also collects and uses information to provide analytics services, called "Page Insights", to site operators so that they can gain insight into how people interact with their pages and with the content associated with them. We have concluded a special agreement with Facebook ("Information on Page Insights", https://www.facebook.com/legal/terms/page_controller_addendum), which regulates in particular which security measures Facebook must observe and in which Facebook has agreed to fulfil the rights of data subjects (i.e. users can, for example, send information or deletion requests directly to Facebook). The rights of users (in particular to information, deletion, objection and complaint to the competent supervisory authority) are not restricted by the agreements with Facebook. For more information, see Page Insights Information (https://www.facebook.com/legal/terms/information_about_page_insights_data); Service providers: Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland; Legal basis: Legitimate interests (Art. 6 para. 1 sentence 1 lit. f) GDPR); Website:https://www.facebook.com; Privacy Policy: https://www.facebook.com/about/privacy; Standard contractual clauses (ensuring a level of data protection for processing in third countries): https://www.facebook.com/legal/EU_data_transfer_addendum; For more information: Joint Controller: https://www.facebook.com/legal/terms/information_about_page_insights_data. The joint controller is limited to the collection and transfer of data to Meta Platforms Ireland Limited, a company based in the EU. Further processing of the data is the sole responsibility of Meta Platforms Ireland Limited, in particular the transfer of the data to the parent company Meta Platforms, Inc. in the USA (on the basis of the standard contractual clauses concluded between Meta Platforms Ireland Limited and Meta Platforms, Inc.).
Plugins and embedded functions and content
We integrate functional and content elements into our online offer, which are obtained from the servers of their respective providers (hereinafter referred to as "third-party providers"). These may be, for example, graphics, videos or city maps (hereinafter uniformly referred to as "Content"). The integration always requires that the third-party providers of this content process the IP address of the users, as they would not be able to send the content to their browser without the IP address. The IP address is therefore required for the display of this content or functions. We endeavor to use only content whose respective providers only use the IP address to deliver the content. Third parties may also use so-called pixel tags (invisible graphics, also known as "web beacons") for statistical or marketing purposes. The "pixel tags" can be used to evaluate information such as visitor traffic on the pages of this website. The pseudonymous information may also be stored in cookies on the user's device and may contain, among other things, technical information about the browser and operating system, referring websites, the time of visit and other information on the use of our online offer as well as be linked to such information from other sources.
Types of data processed: usage data (e.g. websites visited, interest in content, access times); Meta, communication and procedural data (e.g. IP addresses, times, identification numbers, consent status); Location data (information about the geographic location of a device or person).
Data subjects: Users (e.g. website visitors, users of online services).
Purposes of processing: Provision of our online offer and user-friendliness.
Legal basis: Legitimate interests (Art. 6 para. 1 sentence 1 lit. f) GDPR).
Further information on processing processes, procedures and services Google Maps
: We integrate the maps of the "Google Maps" service of the provider Google. The processed data may include, in particular, IP addresses and location data of users; Service provider: Google Cloud EMEA Limited, 70 Sir John Rogerson's Quay, Dublin 2, Ireland; Legal basis: legitimate interests (Art. 6 para. 1 sentence 1 lit. f) GDPR); Website: https://mapsplatform.google.com/; Privacy Policy: https://policies.google.com/privacy.
Conducting surveys and participating in surveys
Surveys
We would like to know how you make your booking and how you liked the subsequent stay. Therefore, after a booking has been made, we ask you to complete a questionnaire so that we can improve the booking process. After your stay, we ask you once again to complete a questionnaire. We use your review of your stay internally to improve our service and anonymized in e-mail and advertising.
Surveys
In addition to the surveys, you receive from us, we may invite you to participate in a survey in connection with your stay. Of course, you are not obliged to participate in these surveys. However, if you participate, we will ask you about your booking history and your experience regarding your stay in one of our chalets so that we can guarantee the quality and representativeness of our surveys. We use the results of the investigation to improve our services.
Use of the website
When you use our website, we automatically store certain data. This may include information about which URL you came to us from, which URL you then access, which browser you use, your IP address and the date and time of your visit to our website. We also collect information about the hardware, software, and Internet browser you use. We use this data as part of the normal use and administration of our website and may share this data in aggregate. This aggregation makes it impossible to trace this data back to a specific user. We have no interest in data that tells us anything about the identity of visitors to our website. Holiday-NL is interested in data that reveals something about the use of the website, for example: How many visitors does the website have? When is the website most frequented and which pages are visited the most?
Holiday-NL uses cookies and other technologies on its website. If you would like more information, please refer to our Cookie Policy.
Kameraüberwachung
For the safety of our employees, guests and property in various parks, security cameras are installed in some places. All cameras are placed in places visible to you.
Photos
It may happen that we take photos and/or videos of you or your children during activities in the Parks and want to publish the photo and/or video recordings on social media. We will always ask you for your permission in advance.
Information we receive from third parties.
Sometimes we do not receive data directly from you, but from others. For example, if you book one of our accommodations through one of our partners, that partner will forward certain information about you to us. This allows us to record and process your booking. Our partners may also forward questions or changes related to your booking or accommodation to us. If this is reasonably possible, we will inform you that we have received your data. Any information we receive from third parties may be combined with information we have received from you.
What are the basics?
Basis for the execution of the contract
When processing your personal data, we observe the provisions of the General Data Protection Regulation. Thus, we can always provide a basis for processing your personal data. Your data is primarily collected when a rental agreement is concluded. We need this data for the execution of the contract between you and Holiday-NL. If you do not provide us with the required personal data, you will not be able to use our services.
Legitimate interest
Holiday-NL has a legitimate interest in processing your data in order to be able to send surveys and carry out investigations. This is the only way we are able to continuously improve our services.
The processing of your personal data for the purpose of sending our newsletter or presenting targeted advertisements takes place as part of our direct marketing activities.
We also process your data when you have direct contact with our staff so that we are able to process and respond quickly to your questions, complaints or comments. In addition, we are able to strive for a long-term relationship with you.
Legal obligations
The processing of various data about you is also necessary for us to comply with certain legal obligations. For example, we are required by law to record your name, place of residence and arrival and departure dates in the official accommodation directory.
Agreement
If we would like to receive more data from you, we will always ask for your consent. For example, to take and publish photo shoots at events in one of our parks.
With whom do we share your personal data?
The mandatory declaration of the tourist tax is made using the data you provide. It may be that the municipality carries out an audit of the declaration in the holiday park you are visiting. We will then need to give the municipality access to some of your personal data. Which data this is depends on the requirements of the respective municipality. In any case, the inspection is limited to your name, your postcode, your place of residence, your date of birth, your family composition and your arrival and departure dates.
After making a reservation, we will forward your data to the park where you will be staying so that the park staff can prepare for your arrival. It may be that we ourselves are the operator of the park, but it is also possible that the park is operated by third parties. However, we only forward the personal data that is necessary for the execution of the contract. The same applies if you book accommodation with us that is offered by one of our partners.
For the administration of our systems and the provision of our services, we use services of third parties, such as IT providers.
In order to be able to present you with personalized advertisements on social media, we may forward your e-mail address to the relevant social media channels.
If you unexpectedly fail to pay your invoices on time, we will be forced to hand over our claims to a debt collection agency or bailiff. We pass on the data required to collect the claim from you to the debt collection agency or the bailiff.
Data collected via cookies may be shared with the parties that set these cookies. You can find out more about this in our Cookie Policy.
How long do we keep your data?
We will not retain your data for longer than necessary to achieve the objectives set out in this Privacy Policy, unless we are legally obliged to do so.
Financial data
We keep our financial management for ten years. This means that all your data and documents relating to financial transactions between you and Holiday-NL will be kept for a period of ten years. This also includes all data relating to an insurance policy taken out by you.
Information we collect in direct contact
Contacts to our guest services in chat will be removed within fourteen days of contact unless the content of the messages may be important for your booking or any future bookings. Phone calls and WhatsApp conversations will be deleted within three months. We will keep e-mail messages sent to you or received by us and complaints submitted by you for a period of ten years.
Processing of data with your consent
Personal data processed by us with your consent will be retained until you revoke your consent.
Where is your data stored?
Your data will be stored within the European Union, with the exception of your name and e-mail address. Your name and email address are also hosted in the United States and Canada. For the proper functioning of our CRM system, subcontractors in India, Canada, the United States, Australia, Japan and Singapore have been used. The subcontractors act exclusively on behalf of the subcontractors and are only used after the subcontractors concerned have taken sufficient protective measures with regard to technical and organisational security measures. Safeguards include binding corporate rules, approved standard data protection terms, and the EU-US Privacy Shield.
What rights do you have?
Right of access, rectification, restriction and erasure
Right of access, rectification, restriction, and erasure where Holiday-NL processes yourpersonal data, you have the right to obtain a copy of the data collected about you. You can send your request to the following e-mail address: info@holiday-nl.com You can also send your request by post to: Pure Vacation B.V. / Holiday-NL, Kapellerpoort 1, 6041 HZ, The Netherlands. Holiday-NL will respond promptly to your request.
If it appears that your data is incorrect, incomplete or in your opinion does not belong in Holiday-NL's database, taking into account the purpose of the collection, you can ask Holiday-NL to adjust, remove or restrict the data. You also have the right to object to the processing of your data. For these requests, you can also use the above e-mail address or postal address.
If you ask us to adjust or delete data required for the execution of the contract, this may mean that you can no longer use our service.
Right to withdraw consent
If you have given your consent to the processing of your personal data, you have the right to withdraw your consent at any time. In this case, we will no longer process your data, which is processed based on your consent.
Complaints
If you have a complaint about the way we handle your personal data, you can let us know by sending us an email message (info@holiday-nl.com) or letter (Pure Vacation B.V. / Holiday-NL, Kapellerpoort 1, 6041 HZ, The Netherlands). We will use our best endeavours to resolve the reason for your complaint. You also have the right to lodge a complaint with the Dutch data protection supervisory authority, the Authority persoonsgegevens.
Status 02.2023
