Treffpunkt Bayrischzell
Legal

Privacy Policy

How your personal data is handled on this website.

1. Privacy at a Glance

General Information

The following notes provide a simple overview of what happens to your personal data when you visit this website. Personal data is any data that can be used to identify you personally. For detailed information on data protection, please refer to our privacy policy set out below this text.

Data Collection on This Website

Who is responsible for collecting data on this website?

Data on this website is processed by the website operator. You can find their contact details in the section "Information on the Responsible Party" in this privacy policy.

How do we collect your data?

Your data is collected in part when you provide it to us. This may, for example, be data you enter into a form.

Other data is collected automatically or with your consent by our IT systems when you visit the website. This is mainly technical data (e.g. internet browser, operating system, or the time the page was accessed). This data is collected automatically as soon as you enter this website.

What do we use your data for?

Some of the data is collected to ensure the website is provided without errors. Other data may be used to analyze your user behavior.

What rights do you have regarding your data?

You have the right at any time to receive information free of charge about the origin, recipients, and purpose of your stored personal data. You also have the right to request that this data be corrected or deleted. If you have given consent to data processing, you can withdraw that consent at any time with future effect. You also have the right, under certain circumstances, to request that the processing of your personal data be restricted. Furthermore, you have the right to lodge a complaint with the competent supervisory authority.

You can contact us at any time regarding this and any other questions about data protection.

2. Hosting

We host the content of our website with the following provider:

All-Inkl

The provider is ALL-INKL.COM - Neue Medien Münnich, owner René Münnich, Hauptstraße 68, 02742 Friedersdorf (hereinafter All-Inkl). For details, please see All-Inkl's privacy policy: https://all-inkl.com/datenschutzinformationen/.

All-Inkl is used on the basis of Art. 6 para. 1 lit. f GDPR. We have a legitimate interest in presenting our website as reliably as possible. Where corresponding consent has been requested, processing takes place exclusively on the basis of Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG, insofar as the consent covers the storage of cookies or access to information on the user's device (e.g. device fingerprinting) within the meaning of the TDDDG. Consent can be withdrawn at any time.

Data Processing Agreement

We have concluded a data processing agreement (DPA) for the use of the service mentioned above. This is a contract required under data protection law that ensures the provider processes the personal data of our website visitors only in accordance with our instructions and in compliance with the GDPR.

3. General Notes and Mandatory Information

Data Protection

The operators of these pages take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this privacy policy.

When you use this website, various personal data is collected. Personal data is data that can be used to identify you personally. This privacy policy explains what data we collect and what we use it for. It also explains how and for what purpose this is done.

We would like to point out that data transmission over the internet (e.g. when communicating by email) can have security gaps. Complete protection of data against access by third parties is not possible.

Information on the Responsible Party

The party responsible for data processing on this website is:

Michael Freyermuth
Grünwaldstr. 4
83735 Bayrischzell
Phone: 01739903142
Email: info@treffpunkt-bayrischzell.de

The responsible party is the natural or legal person who alone or jointly with others decides on the purposes and means of processing personal data (e.g. names, email addresses, or similar).

Storage Duration

Unless a more specific storage period is stated within this privacy policy, your personal data will remain with us until the purpose for processing it no longer applies. If you assert a legitimate request for deletion or withdraw your consent to data processing, your data will be deleted unless we have other legally permissible reasons for storing your personal data (e.g. retention periods under tax or commercial law); in the latter case, deletion takes place once these reasons no longer apply.

General Information on the Legal Bases for Data Processing on This Website

If you have consented to data processing, we process your personal data on the basis of Art. 6 para. 1 lit. a GDPR or Art. 9 para. 2 lit. a GDPR, insofar as special categories of data are processed pursuant to Art. 9 para. 1 GDPR. In the case of explicit consent to the transfer of personal data to third countries, data processing also takes place on the basis of Art. 49 para. 1 lit. a GDPR. If you have consented to the storage of cookies or to access to information on your device (e.g. via device fingerprinting), data processing also takes place on the basis of § 25 para. 1 TDDDG. Consent can be withdrawn at any time. If your data is required for the performance of a contract or for pre-contractual measures, we process your data on the basis of Art. 6 para. 1 lit. b GDPR. We also process your data insofar as it is necessary for the fulfillment of a legal obligation on the basis of Art. 6 para. 1 lit. c GDPR. Data processing may furthermore take place on the basis of our legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR. The legal bases relevant in each individual case are set out in the following paragraphs of this privacy policy.

Recipients of Personal Data

In the course of our business activities, we work with various external parties. This sometimes requires the transfer of personal data to these external parties. We only pass on personal data to external parties if this is necessary for the performance of a contract, if we are legally obliged to do so (e.g. passing on data to tax authorities), if we have a legitimate interest in the transfer pursuant to Art. 6 para. 1 lit. f GDPR, or if some other legal basis permits the transfer of data. When using processors, we only pass on our customers' personal data on the basis of a valid data processing agreement. In the case of joint processing, a joint processing agreement is concluded.

Withdrawal of Your Consent to Data Processing

Many data processing operations are only possible with your express consent. You can withdraw consent you have already given at any time. The lawfulness of the data processing carried out up to the point of withdrawal remains unaffected by the withdrawal.

Right to Object to Data Collection in Special Cases and to Direct Marketing (Art. 21 GDPR)

IF DATA PROCESSING IS CARRIED OUT ON THE BASIS OF ART. 6 PARA. 1 LIT. E OR F GDPR, YOU HAVE THE RIGHT AT ANY TIME TO OBJECT TO THE PROCESSING OF YOUR PERSONAL DATA ON GROUNDS ARISING FROM YOUR PARTICULAR SITUATION; THIS ALSO APPLIES TO PROFILING BASED ON THESE PROVISIONS. THE RESPECTIVE LEGAL BASIS ON WHICH PROCESSING IS BASED CAN BE FOUND IN THIS PRIVACY POLICY. IF YOU OBJECT, WE WILL NO LONGER PROCESS YOUR AFFECTED PERSONAL DATA UNLESS WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR THE PROCESSING THAT OVERRIDE YOUR INTERESTS, RIGHTS, AND FREEDOMS, OR THE PROCESSING SERVES TO ASSERT, EXERCISE, OR DEFEND LEGAL CLAIMS (OBJECTION PURSUANT TO ART. 21 PARA. 1 GDPR).

IF YOUR PERSONAL DATA IS PROCESSED FOR THE PURPOSE OF DIRECT MARKETING, YOU HAVE THE RIGHT AT ANY TIME TO OBJECT TO THE PROCESSING OF PERSONAL DATA CONCERNING YOU FOR THE PURPOSE OF SUCH MARKETING; THIS ALSO APPLIES TO PROFILING INSOFAR AS IT IS CONNECTED WITH SUCH DIRECT MARKETING. IF YOU OBJECT, YOUR PERSONAL DATA WILL SUBSEQUENTLY NO LONGER BE USED FOR THE PURPOSE OF DIRECT MARKETING (OBJECTION PURSUANT TO ART. 21 PARA. 2 GDPR).

Right to Lodge a Complaint with the Competent Supervisory Authority

In the event of breaches of the GDPR, data subjects have the right to lodge a complaint with a supervisory authority, in particular in the member state of their habitual residence, their place of work, or the place of the alleged breach. This right to complain exists without prejudice to any other administrative or judicial remedies.

Right to Data Portability

You have the right to have data that we process automatically on the basis of your consent or in performance of a contract handed over to you or to a third party in a common, machine-readable format. If you request the direct transfer of the data to another controller, this will only be done insofar as it is technically feasible.

Information, Correction, and Deletion

Within the framework of the applicable legal provisions, you have the right at any time to free information about your stored personal data, its origin and recipients, and the purpose of the data processing, and, where applicable, a right to have this data corrected or deleted. You can contact us at any time regarding this and any other questions about personal data.

Right to Restriction of Processing

You have the right to request the restriction of the processing of your personal data. You can contact us at any time regarding this. The right to restriction of processing exists in the following cases:

If you dispute the accuracy of the personal data we have stored, we usually need time to verify this. For the duration of the verification, you have the right to request the restriction of the processing of your personal data. If the processing of your personal data was or is unlawful, you may request the restriction of data processing instead of deletion. If we no longer need your personal data but you need it to assert, defend, or exercise legal claims, you have the right to request the restriction of the processing of your personal data instead of deletion. If you have filed an objection pursuant to Art. 21 para. 1 GDPR, a balancing of your interests and ours must be carried out. As long as it has not been determined whose interests prevail, you have the right to request the restriction of the processing of your personal data.

If you have restricted the processing of your personal data, this data may (apart from being stored) only be processed with your consent or for the assertion, exercise, or defense of legal claims, or for the protection of the rights of another natural or legal person, or for reasons of important public interest of the European Union or a member state.

SSL/TLS Encryption

For security reasons and to protect the transmission of confidential content, such as requests that you send to us as the site operator, this site uses SSL/TLS encryption. You can recognize an encrypted connection by the fact that the browser's address bar changes from "http://" to "https://" and by the lock symbol in your browser bar.

When SSL/TLS encryption is activated, the data you transmit to us cannot be read by third parties.

Objection to Advertising Emails

We hereby object to the use of contact data published within the scope of the legal notice obligation for the purpose of sending unsolicited advertising and information materials. The operators of the pages expressly reserve the right to take legal action in the event of the unsolicited sending of advertising information, for example through spam emails.

4. Data Collection on This Website

Cookies and Local Storage

Our web pages use so-called "cookies" as well as your browser's local storage (localStorage). Cookies are small data packets and do no harm to your device. They are stored on your device either temporarily for the duration of a session (session cookies) or permanently (persistent cookies). Session cookies are automatically deleted at the end of your visit. Persistent cookies remain stored on your device until you delete them yourself or until your web browser deletes them automatically.

We use your browser's local storage in particular to remember your consent to load external content (e.g. videos, podcast player, maps) so that you do not have to give it again on every visit. This information remains exclusively in your browser and is not transmitted to us or to third parties. You can delete it at any time via your browser settings.

Cookies and local storage that are necessary to carry out the electronic communication process or to provide certain functions you have requested are stored on the basis of Art. 6 para. 1 lit. f GDPR, unless another legal basis is specified. The website operator has a legitimate interest in providing its services in a technically error-free and optimized manner. Where consent has been requested, processing takes place exclusively on the basis of that consent (Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG); consent can be withdrawn at any time.

You can set your browser to inform you about the setting of cookies and to allow cookies only in individual cases, to exclude the acceptance of cookies for certain cases or in general, and to activate the automatic deletion of cookies when the browser is closed. If cookies are disabled, the functionality of this website may be limited.

Consent Banner

On your first visit, we ask you via a consent banner whether you would like to allow anonymous reach measurement (Google Analytics) and the loading of external content (maps, videos, podcasts, webcams). Without your consent, these services are not loaded and no corresponding data is transmitted to third parties. Technically necessary functions are excluded from this.

We store your decision in your browser's local storage so that we do not have to ask you again on every visit. You can change or withdraw your consent at any time with future effect by opening the "Cookie settings" link in the footer.

Wishlist

Using the heart symbol, you can add pages to a personal wishlist. This wishlist is stored exclusively in your browser's local storage. No personal data is transmitted to us or to third parties in the process. You can delete the wishlist at any time via your browser settings.

Server Log Files

The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are: browser type and browser version, the operating system used, referrer URL, hostname of the accessing computer, the time of the server request, and the IP address.

This data is not merged with other data sources.

This data is collected on the basis of Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in the technically error-free presentation and optimization of its website, and to this end the server log files must be recorded.

Inquiries by Email or Phone

If you contact us by email or phone, your inquiry, including all personal data resulting from it (name, inquiry), will be stored and processed by us for the purpose of handling your request. We do not pass on this data without your consent.

This data is processed on the basis of Art. 6 para. 1 lit. b GDPR if your inquiry is related to the performance of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, processing is based on our legitimate interest in the effective handling of the inquiries addressed to us (Art. 6 para. 1 lit. f GDPR) or on your consent (Art. 6 para. 1 lit. a GDPR) if it has been requested; consent can be withdrawn at any time.

The data you send us via contact inquiries remains with us until you ask us to delete it, withdraw your consent to storage, or the purpose for storing the data no longer applies (e.g. after your request has been fully processed). Mandatory statutory provisions, in particular statutory retention periods, remain unaffected.

5. Our Own Forms and Service Features

On treffpunkt-bayrischzell.de we run several self-developed features that process personal data. They run exclusively on our own installation. Data is not passed on to external third-party providers (exception: email delivery, see the section on "All-Inkl" hosting).

"Ask Michi" (Question Form)

You can submit questions using the question form. The following is processed: name, email address, and the question itself. Optionally, the URL of the page from which the form was submitted is also stored in order to put the question in context.

The data is used to answer your question and is forwarded to Michael Freyermuth personally. Your email address is not used for advertising purposes and is not passed on to third parties. The data is stored exclusively in our own database.

To prevent spam, we use an automatic honeypot method that does not process any third-party personal data.

Legal basis: Art. 6 para. 1 lit. a GDPR (consent given by actively submitting the form) and Art. 6 para. 1 lit. f GDPR (legitimate interest in handling the incoming question).

Storage duration: Your submission remains in our database until it has been fully processed, but for no more than two years. On request, we will delete your data at any time following an informal request to info@treffpunkt-bayrischzell.de.

Page Feedback (Thumbs Up / Down)

At the end of many content pages there is a small rating option with the question "Did this page help you?". If you click one of the two options, we store only your choice (positive or negative) together with the page URL and a time-limited hash value in our database.

The hash is calculated from your IP address, the page URL, the current hour, and a secret salt using SHA-256. It serves solely to prevent double clicks within one hour and cannot be traced back to your IP address. No cookies are set; a short-term block against multiple clicks is implemented via your browser's local storage (localStorage). You can delete this at any time via your browser settings.

Legal basis: Art. 6 para. 1 lit. f GDPR (legitimate interest in the anonymous measurement of the success and quality of our content).

Storage duration: Aggregated data (choice and URL) remains permanently in the database for analysis purposes. The hash values are not deleted separately, but because of their hourly calculation they can no longer be attributed to the same IP address after one hour has passed.

Internal Short URLs / Click Tracking (/go/…)

On our website we use short, internal URLs of the form /go/… (e.g. for linking to partner offers or affiliate destinations).

When such a URL is clicked, we record technical data about the click. This data is stored locally on our server and used exclusively to evaluate the effectiveness of our own links. It is not passed on to third parties.

Legal basis: Art. 6 para. 1 lit. f GDPR (legitimate interest in measuring the success of our own linking and recommendation strategies).

Storage duration: Aggregated click statistics are kept permanently; IP addresses are removed from the click log or anonymized after 90 days.

News / Instagram Posts

On the "News" page we show a selection of our own Instagram posts. The associated images are stored on our server and delivered locally. Simply viewing this page does not establish any connection to Instagram or Meta, and no data is transmitted there. Only when you click on a post or the Instagram link are you redirected to Instagram; the privacy policy of Meta Platforms Ireland Limited then applies.

Legal basis: Art. 6 para. 1 lit. f GDPR (legitimate interest in an appealing presentation of our current posts, including for visitors without an Instagram account).

6. Plugins and Tools

Google Analytics

This website uses Google Analytics, a web analytics service, but only if you have expressly consented to the "Statistics" category in the consent banner. The provider is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.

Google Analytics allows us to analyze the behavior of website visitors, for example which pages are accessed and how often. Pseudonymous usage data is processed and, as a rule, cookies or comparable recognition technologies are used in your browser. IP anonymization is enabled; your full IP address is not stored by Google Analytics. Without your consent, Google Analytics is not loaded and no data is transmitted to Google.

Legal basis: Use takes place exclusively on the basis of your consent pursuant to Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG. Consent can be withdrawn at any time with future effect, for example via the "Cookie settings" link in the footer.

Insofar as personal data is transferred to the USA, the transfer is based on the EU-US Data Privacy Framework (DPF), under which Google is certified. You can find more information in Google's privacy policy at https://policies.google.com/privacy?hl=de and on the data processing terms at https://business.safety.google/adsprocessorterms/.

YouTube with Enhanced Privacy Mode

This website embeds videos from the YouTube website. The operator of the website is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.

Videos are only loaded after you have actively given your consent. When you visit one of our pages that has YouTube embedded and load the video, a connection to YouTube's servers is established. This tells the YouTube server which of our pages you have visited. If you are logged into your YouTube account, you allow YouTube to associate your browsing behavior directly with your personal profile. You can prevent this by logging out of your YouTube account.

We use YouTube in enhanced privacy mode. According to YouTube, videos played in enhanced privacy mode are not used to personalize browsing on YouTube. Ads shown in enhanced privacy mode are also not personalized. No cookies are set in enhanced privacy mode. However, so-called local storage elements are stored in the user's browser instead, which, like cookies, contain personal data and can be used for recognition. You can find details about enhanced privacy mode here: https://support.google.com/youtube/answer/171780.

We also use YouTube to embed our podcast episodes. The same data processing as described above applies to embedded content.

YouTube is used in the interest of an appealing presentation of our online offerings. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR. Where corresponding consent has been requested, processing takes place exclusively on the basis of Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG. Consent can be withdrawn at any time.

You can find more information about data protection at YouTube in their privacy policy at: https://policies.google.com/privacy?hl=de.

The company is certified under the "EU-US Data Privacy Framework" (DPF). You can obtain further information about this from the provider at the following link: https://www.dataprivacyframework.gov/participant/5780.

Spotify

This website incorporates features of the music and podcast service Spotify, in particular for listening to our podcast episodes. The provider is Spotify AB, Birger Jarlsgatan 61, 113 56 Stockholm, Sweden.

Spotify content is only loaded after you have actively given your consent. When embedded Spotify content is loaded, the plugin may establish a direct connection between your browser and the Spotify server. This tells Spotify that you have visited this website with your IP address. If you click the Spotify player while logged into your Spotify account, you can link the content of this website to your Spotify profile. This allows Spotify to associate your visit to this website with your user account.

The storage and analysis of the data takes place on the basis of Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in the appealing acoustic design of its website. Where corresponding consent has been requested, processing takes place exclusively on the basis of Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG. Consent can be withdrawn at any time.

You can find more information about this in Spotify's privacy policy: https://www.spotify.com/de/legal/privacy-policy/.

If you do not want Spotify to be able to associate your visit to this website with your Spotify user account, please log out of your Spotify account.

OpenStreetMap

On individual pages, in particular to show the filming locations of Frühling, we embed interactive maps from the OpenStreetMap service. The provider is the OpenStreetMap Foundation (OSMF), St John's Innovation Centre, Cowley Road, Cambridge, CB4 0WS, United Kingdom.

The map is only loaded after you have actively given your consent. The program library required for display (Leaflet) is also loaded, only after your consent, via a content delivery network, whereby your IP address is transmitted to the respective provider.

Your location is not processed; no location of your device is requested or evaluated.

OpenStreetMap is used on the basis of your consent pursuant to Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG. Consent can be withdrawn at any time with future effect. For the United Kingdom there is an adequacy decision by the EU Commission, so that a level of data protection comparable to that of the EU is guaranteed there.

You can find more information about data processing by the OSMF in their privacy policy: https://wiki.osmfoundation.org/wiki/Privacy_Policy.

Webcams

On the weather page we embed live images from external webcams (for example from foto-webcam.eu). The images are only loaded after you have actively given your consent. When they are loaded, a direct connection to the respective webcam provider is established, whereby your IP address is transmitted to that provider.

Legal basis: Your consent pursuant to Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG. Consent can be withdrawn at any time with future effect, for example via the "Cookie settings" link in the footer. We have no influence on the data processing carried out by the respective webcam provider; for details, please refer to the provider's privacy information.

7. Newsletter

Newsletter Data

If you would like to receive the newsletter offered on the website, we require an email address from you as well as information that allows us to verify that you are the owner of the email address provided and that you agree to receive the newsletter. No further data is collected, or only on a voluntary basis. To handle the newsletter, we use the newsletter service provider described below.

Rapidmail

This website uses Rapidmail to send newsletters. The provider is rapidmail GmbH, Augustinerplatz 2, 79098 Freiburg i.Br., Germany.

Rapidmail is a service that can be used, among other things, to organize and analyze the sending of newsletters. The data you enter for the purpose of subscribing to the newsletter is stored on Rapidmail's servers in Germany.

Data analysis by Rapidmail: For the purpose of analysis, the emails sent with Rapidmail contain a so-called "tracking pixel" that connects to Rapidmail's servers when the email is opened. In this way it can be determined whether a newsletter message has been opened. Furthermore, with the help of Rapidmail we can determine whether and which links in the newsletter message are clicked. If you do not want analysis by Rapidmail, you must unsubscribe from the newsletter. We provide a corresponding link for this in every newsletter message. You can find more details about Rapidmail's analysis functions at the following link: https://de.rapidmail.wiki/kategorien/statistiken/.

Legal basis: Data processing takes place on the basis of your consent (Art. 6 para. 1 lit. a GDPR). You can withdraw this consent at any time. The lawfulness of the data processing operations already carried out remains unaffected by the withdrawal.

Storage duration: The data you provide us for the purpose of subscribing to the newsletter is stored by us or the newsletter service provider until you unsubscribe from the newsletter, and is deleted from the newsletter distribution list after you unsubscribe. Data stored by us for other purposes remains unaffected by this.

After you unsubscribe from the newsletter distribution list, your email address may be stored by us or the newsletter service provider in a blacklist, insofar as this is necessary to prevent future mailings. The data from the blacklist is used only for this purpose and is not merged with other data. This serves both your interest and our interest in complying with the legal requirements when sending newsletters (legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR). Storage in the blacklist is not limited in time. You can object to the storage insofar as your interests outweigh our legitimate interest.

For more details, please see Rapidmail's data security information at: https://www.rapidmail.de/datensicherheit.

Data processing agreement: We have concluded a data processing agreement (DPA) for the use of the service mentioned above. This is a contract required under data protection law that ensures the provider processes the personal data of our website visitors only in accordance with our instructions and in compliance with the GDPR.

Last updated: July 2026.