Hanse in Europa mit Nessie

Privacy Policy

Data Privacy Statement

of HANSA-PARK Freizeit- & Familienpark GmbH & Co. KG

Last updated on 07 June 2018

We strive to offer you the service you have come to expect from us online too. You do not have to give us any personal information to make use of most of our websites. However, if you do not provide certain information, you may not be able to enjoy all our services.

HANSA-PARK is very serious about protecting your personal information.

We do our utmost to respect your privacy. We are aware of the sensitive nature of the personal data you provide to us when you use our website. We are committed to protecting your privacy, and we only collect, store or process the data obtained as part of our business activities in compliance with the applicable data protection regulations.

This Data Privacy Statement sets out what type of personal data we process, how and why we process them in relation to our online offer and our websites, apps, functions, contents and external online presences associated with it. Below we will provide you the information in accordance with Articles 13, 14, 21 General Data Protection Regulation (GDPR). Please take a moment to review our Data Privacy Statement and learn how we process your personal data and what rights you have under the data protection laws.

I. Data Controller

The data controller as defined in the European General Data Protection Regulation (GDPR) and other national data protection laws of the Member States as well as other data protection regulations is:

HANSA-PARK Freizeit- und Familienpark GmbH & Co. KG
Am Fahrenkrog 1
23730 Sierksdorf - Deutschland

Telephone: +49 (0) 4563/474-0
Fax: +49 (0) 4563/474-100
Email: info@hansapark.de
Website: https://www.hansapark.de

II. Data Protection Officer

If you have any questions, please contact our data protection officer:

HANSA-PARK Freizeit- und Familienpark GmbH & Co. KG
Wolfgang Wiemann
Am Fahrenkrog 1
23730 Sierksdorf
Email: data protection@hansapark.de

III. General Information about how and why we process Data

1. What does “personal data” mean?

Personal data comprise any information that refers to an identified or identifiable natural person. An identifiable natural person is a person who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification code, location data, an online identifier or by reference to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

2. How and why we collect personal data

We collect and process personal data only insofar as it is necessary to provide

  • a functional website, app and other online services and
  • our contents and services.


We regularly collect and process your personal data only after you have given us your consent, unless it is impossible for us to obtain your prior consent for factual reasons and processing your data is legally permitted.

We are permitted to create usage profiles for advertising and market research purposes as well as to design our internet offer as needed if we pseudonymise the data. You have the right to object to such use of your data at any time. We are not permitted to merge the usage profiles with data about the person behind the pseudonym.

3. For how long do you store my personal information and when do you erase it?

Data can be stored if European or national legislators provide for it in Union legislation, laws or other regulations. Your personal data will be erased or blocked

  • as soon as it is no longer necessary to store the information and
  • when the retention period stipulated in one of the aforementioned legal regulations expires, unless the information is needed to enter into or perform a contract and must be retained longer.

4. On what legal basis do you process my personal information?

We process your personal information solely as provided for by law, the European General Data Protection Regulation (GDPR) and the Federal Data Protection Act [BDSG].

  • Article 6(1) letter (a) European General Data Protection Regulation (GDPR) concerning the processing of personal data that we collected with your consent;
  • Article 6(1) letter (b) GDPR concerning the processing of personal data needed to fulfil a contract that we entered into with you or to take steps at your request prior to entering into a contract;
  • Article 6(1) letter (c) GDPR concerning the processing of personal data, including their disclosure to third parties - for instance revenue authorities, courts, etc. - to meet a statutory obligation;
  • Article 6(1) letter (f) GDPR concerning the processing of personal data needed to pursue our or a third party’s legitimate interests which override your interests, fundamental rights and freedoms. Our legitimate interest usually is to conduct our business activities;
  • Article 6(1) letter (d) GDPR concerning the processing of personal data to protect your vital interests or those of another natural person;
  • Article 28 GDPR concerning the transfer of personal data to service providers whom we have engaged to process the data on our behalf (processors);
  • Section 26 BDSG insofar as it is necessary to implement the provisions of employment contracts;
  • Section 4(1) 1st and 2nd sentence BDSG concerning video surveillance in the Park;
  • Section 4(3) 1st and 2nd sentence BDSG concerning video recording in the Park.

5. Who gets my data and do you transfer my data to third countries?

Within HANSA-PARK the only parties that have access to your data are parties that need them for the purposes mentioned above. This also applies to service providers and vicarious agents engaged by us. We may disclose your data to processors who process data on our behalf as defined in Art. 28 GDPR for the purposes outlined in this Data Privacy Statement. Such processors primarily provide services in the fields of IT, logistics, printing, telecommunications, claims management, advice and consulting as well as, if applicable, marketing, sales and distribution. We will only disclose personal information to third parties if this is necessary for the purposes mentioned above or if you have given your consent to it. We do not transfer any data to third countries (states that are not a member of the European Economic Area – EEA) and we do not intend to do so in the future. We will not disclose your personal information to address brokers or other companies for advertising purposes.

6. Area of validity – responsibility for linked content

The information below refers and applies to the domains and mobile applications mentioned below.
The following domains form part of our websites:

  • https://www.hansapark.de and the associated subdomains, for instance the Business Events our online shop https://my.hansapark.de
  • as well as the forms available for download there, for example https://www.hansapark.de/files/download/arbeiten_im_hansa_park/Einstellungsfragebogen.pdf
  • our HANSA-PARK speaking trumpet at https://www.hansapark-feedback.de.

Our mobile applications comprise:

  • https://itunes.apple.com/de/app/hansa-park/id552006576?mt=8
  • https://play.google.com/store/apps/details?id=de.evenmedia.hansa_park_webapp

Our website contains links to other websites that are operated by independent third parties although they might use HANSA-PARK logos and/or trademarks and thus look similar to the websites operated by HANSA-PARK. However, such third-party websites, their terms of use or data protection guidelines should mention this. 

To that extent this Data Privacy Statement does not apply. Insofar as such third-party website operators collect, process or use personal data when you visit their websites, please refer to the privacy policy of the relevant operator. We cannot be held liable for how they process and protect data. 

On top, HANSA-PARK is not responsible for fulfilling orders placed on or rendering services ordered via the third-party website.

7. Your rights at a glance 

If the prerequisites have been met, you have the right at any time to 

  • request from us access to your personal data;
  • rectification, restriction of processing and erasure of your personal data;
  • object to the processing of your personal data; 
  • withdraw consent to the processing of your personal data;
  • information and data portability; 
  • lodge a complaint with a supervisory authority.

8. Automated decision-making

We have no automated decision-making processes pursuant to Art. 22 GDPR in place to establish, foster and maintain customer relations. This includes profiling.

9. Data security

We have taken technical and organisational steps to ensure that your personal data are protected against accidental or wilful loss, destruction or manipulations as well as against unauthorised access by third parties. We regularly review the measures in place and adapt them to technical progress.

10. Changes to this Data Privacy Statement

From time to time, we may revise our Privacy Statement. We will inform you about any changes to it by email or on this website, so you should check here regularly.   

11. Data protection guideline, terms of use and GTC

This data protection guideline applies together with our terms of use and our general business terms and conditions (GTC).

IV. hansapark.de Website and Server Log Files

1. What kind of data, to what extent and why do you process my data?

Every time you visit our website we automatically store the following user access data in a protocol file (log file) on our server to enable you to use the website and us to bill the use:

  • The browser type and browser version used;
  • The operating system used by the system accessing our website;
  • The internet page from which a system is referred to our website (known as referrers);
  • The subsites accessed by a system on our web pages;
  • The date and time our website is accessed;
  • The internet protocol address (IP address);
  • Other similar data and information processed to protect our information technology systems in the event of an attack;
  • The documents called up; and
  • The data volume transmitted.

The above data do not identify persons. We do not merge these data with other data sources.

We need to temporarily store the IP address and the other data mentioned above in the system to enable us to deliver the website to your computer/device. This is also why we need to store your IP address for the duration of your session. Pursuant to Article 6(1) letter (f) GDPR the processing of your data for the purposes above is necessary to pursue our legitimate interests.

2. On what legal basis do you process my personal information?

Article 6(1) letter (f) GDPR

3. For how long do you keep my data?

We will erase your data as soon as we no longer need them for the purpose we collected them for. Insofar as we collect data to provide our website, such data will be erased when you close your browser.

4. Can I object and will my data be erased?

We need to collect your data to operate our internet pages, provide the website and store your data in log files. You cannot object to that kind of data collection.

V. Cookies

1. What kind of data, to what extent and why do you process my data?

When you call up our website, cookies will be placed on your computer/device.

Cookies are small text files that are stored on your computer/device in a specific file directory. These text files allow us to identify your computer/device during a session. Cookies are not harmful to your computer/device. You can manually delete them – most easily in your browser – at any time.

Cookies primarily serve to store your information (or the information about the device a cookie is placed on) during or after your visit to an online service.

Temporary, session or transient cookies are cookies that are deleted once you exit an online offer and close your browser. These cookies store, for example, a log-in status or the items you put into the shopping basket of an online shop.

Permanent or persistent cookies are cookies that remain stored on your device even after you have closed your browser. For example, they store your log-in status so that the website remembers you and/or your preferences on your next visit. We may use the preference data stored in the cookies to measure media reach or for marketing purposes.

We may use temporary and permanent cookies on our websites. Please refer to our Data Privacy Statement for more information.

You can alter the settings in your browser to prevent it from automatically accepting and storing cookies on your device or to notify you each time before a new cookie is placed. Please note that if you choose not to permit cookies, some services and features on our website may not be available or function as intended.

We use cookies, in this case session cookies, to continuously improve our online services and make your visit to our website more enjoyable.

We use technically required cookies to make it easier for you to use our websites. Some functions of our internet pages would not be available without the use of cookies. The system must be able to recognise your browser each time you call up a new page. Cookies allow us to recognise you within our website. We do not use the personal data collected by technically required cookies to create user profiles. We need cookies for the following applications:

  • Shopping basket
  • Language settings
  • Search options

We use analysis cookies to improve the quality and contents of our website. They allow us to measure how our website is used so that we can continuously optimise our services.
Pursuant to Article 6(1) letter (f) GDPR the processing of your data for the purposes above is necessary to pursue our legitimate interests.

2. On what legal basis do you process my personal information?

Article 6(1) letter (f) GDPR

3. For how long do you keep my data? Can I object and will my data be erased?

Cookies are stored on your computer/device from where they are transmitted to our site. This means that you can decide if and when you want to accept the use of cookies. By altering the settings in your internet browser, you can de-activate or restrict the transmission of cookies. Cookies already stored can be erased at any time. You can also set your browser to do that automatically. However, please note that if you de-activate the cookies on our website, some areas of our website may not function properly or be accessible.

VI. Newsletter

1. What kind of data, to what extent and why do you process my data?

Our website allows you to subscribe to our complimentary newsletter. Newsletters are sent in compliance with our Data Privacy Statement to advertise and promote our own products and services. When you subscribe to the newsletter, the data you enter will be transmitted to us:

  • Email address
  • First name and surname (not mandatory)

When you register for the newsletter service, we collect the following information:

  • The IP address of the requesting computer/device
  • The time of the registration and confirmation
  • The time you open the newsletter
  • The time you click on links embedded in the newsletter

We use the double-opt-in procedure for subscriptions to our newsletter. In other words, we will send you an email after you have registered for the newsletter service to the email address you have provided, in which we ask you to confirm that you wish to receive the newsletter. If you do not confirm the registration within 24 hours, we will block the information and automatically erase it after 24 hours.

To receive the newsletter, you only have to provide an email address. You can provide more, non-mandatory information that we will use to address you by name. After you have confirmed your registration, we will store the email address provided only for the purpose of sending you the newsletter.

If you want to subscribe to our newsletter, we need an email address as well as your confirmation that you are the holder of the email address given and consent to receiving the newsletter. These data are collected for the sole purpose of sending you the newsletter and documenting our authorisation to do so. We will not disclose your data to any third parties.

You are not obligated to give your name. However, if you do so, we will only use it to address you by name when we send you the newsletter.

In addition, we will store your IP address as well as the time of your registration and confirmation respectively. We do so to be able to prove that you have registered and, if not, clarify any potential abuse of your personal data.

2. On what legal basis do you process my personal information?

We base on the provisions of Article 6(1) letter (a) GDPR to process your data after you have registered and given your consent as well as the provisions of section 7(3) German Unfair Competition Act [UWG] to ship goods after selling them or to render services.

3. For how long do you keep my data?

We will erase your data as soon as we no longer need them for the purpose we collected them for. Your email address will thus be stored for as long as you keep your newsletter subscription active.

4. Can I withdraw my consent and will my data be erased?

You can withdraw at any time your consent to receiving [the newsletter] and having your data stored (go to https://my.hansapark.de/newsletter/unsubscribe, use the “unsubscribe” link in the newsletter, write an email to data protection@hansapark.de or contact us (contact data are available in the Legal Notice Impressum)).

5. Do you disclose my data to third parties? Who sends the newsletters?

HANSA-PARK uses the services of Episerver Campaign to send its newsletters. Episerver GmbH, Wallstraße 16, 10179 Berlin, Germany is the provider of the service. For more information please refer to Episerver GmbH’s Privacy Statement at https://www.episerver.de/legal/privacy-statement.

We use the newsletter service provider to pursue our legitimate interests pursuant to Article 6(1) letter (f) GDPR based on a contract with the processor pursuant to Article 28(3) 1st sentence GDPR.

The newsletter service provider may use recipients’ pseudonymised personal data – i.e. they do not identify users - to optimise or improve its own services, e.g. to technically optimise the sending or design of the newsletter or for statistical purposes. The newsletter service provider will not use the personal data of our newsletter subscribers to contact them or disclose them to third parties.

VII. Season Ticket News and Information Service

1. What kind of data, to what extent and why do you process my data?

Our season tickets holders can subscribe to our season ticket news and information service at https://my.hansapark.de/mail. We will mail the news and information as provided for in our Data Privacy Statement. The service provides details about the sale of and more information about our HANSA-PARK season tickets. Those interested in the service can choose whether they prefer to receive the information by email or by post or by email and by post.

When you subscribe to our season ticket news and information service and opt to have it sent by post, we will be transmitted the

  • season ticket number and
  • date of birth
  • to ensure that we can match your data to the correct contract data and post the news and information to the address you provided to us.

You only have to enter the season ticket number and the date of birth of the season ticket holder to be sent the season ticket news and information. This allows us to match your data to the correct contract data and post the news and information to the address you provided to us.

When you subscribe to our season ticket news and information service and opt to have it sent by email, we will be transmitted the

  • season ticket number
  • date of birth and
  • email address.

When you subscribe to the service, we collect the following information:

  • The IP address of the requesting computer/device
  • The time of the registration and confirmation

We use the double-opt-in procedure for subscriptions to our season ticket news and information service by email. In other words, we will send you an email after you have registered for the season ticket news and information service to the email address you have provided, in which we ask you to confirm that you wish to receive the season ticket news and information. If you do not confirm the registration within 24 hours, we will block the information and automatically erase it after 24 hours.

To receive the season ticket news and information, you only have to provide an email address. After you have confirmed your registration, we will store the email address provided only for the purpose of sending you the season ticket news and information.

If you want to subscribe to our season ticket news and information service, we need an email address as well as your confirmation that you are the holder of the email address given and consent to receiving the season ticket news and information. These data are collected for the sole purpose of sending you the season ticket news and information and documenting our authorisation to do so. We will not disclose your data to any third parties.

In addition, we store your IP address as well as the time of your registration and confirmation respectively. We do so to be able to prove that you have registered and, if not, clarify any potential abuse of your personal data.

2. On what legal basis do you process my personal information?

We base on the provisions of Article 6(1) letter (a) GDPR to process your data after you have registered for the service and given your consent.

3. For how long do you keep my data?

We will erase your data as soon as we no longer need them for the purpose we collected them for. Your email address will thus be stored for as long as you keep your season ticket news and information service subscription active.

4. Can I withdraw my consent and will my data be erased?

You can withdraw at any time your consent to receiving [the season ticket news and information] and having your data stored (go to https://my.hansapark.de/mail use the “I’d rather not” link, write an email to data protection@hansapark.de or contact us (contact data are available in the Legal Notice Impressum)).

5. Do you disclose my data to third parties? Who provides the service?

HANSA-PARK uses the services of Episerver Campaign to send the season ticket news and information. Episerver GmbH, Wallstraße 16, 10179 Berlin, Germany is the provider of the service. For more information please refer to Episerver GmbH’s privacy statement at https://www.episerver.de/legal/privacy-statement.

We use the newsletter service provider to pursue our legitimate interests pursuant to Article 6(1) letter (f) GDPR based on a contract with the processor pursuant to Article 28(3) 1st sentence GDPR.

The newsletter service provider may use recipients’ pseudonymised personal data – i.e. they do not identify users - to optimise or improve its own services, e.g. to technically optimise the sending or design of the news and information service or for statistical purposes. However, the service provider will not use the personal data of subscribers to our season ticket news and information service to contact them or disclose them to third parties.

VIII. Prize Games

1. What kind of data, to what extent and why do you process my data?

When you provide us information as a participant in prize games, we will only use it to determine and contact the winner/s (Article 6(1) letter (b) and (f) respectively GDPR).

Winners will be notified in writing.

We will not use your information for advertising and promotion purposes.

If you have won, we will only publish an abbreviated version of your name if you have given us your consent as provided for in Article 6(1) 1st sentence letter (a) GDPR.

2. On what legal basis do you process my personal information?

We base on the provisions of Article 6(1) letter (b) GDPR and Article 6(1) letter (f) GDPR with regard to your participation. We base on the provisions of Article 6(1) 1st sentence letter (a) GDPR with regard to the winners.

3. For how long do you keep my data? / Can I object and will my data be erased?

We erase your personal data immediately after the prize game is over and the prize has been awarded or when you object to the use of your data.

IX. Creation of a Customer Account

1. What kind of data, to what extent and why do you process my data?

You can create a HANSA-PARK customer account at https://my.hansapark.de. To create the account, you need to enter your personal data that will be transmitted to and stored by us. We will not disclose your personal data to third parties.

When you create an account, we collect the following information:

  • Email address
  • Address data (only after you have completed a purchase or if you provide them voluntarily)
  • Telephone number (only after you have completed a purchase or if you provide it voluntarily)
  • Customer history (e.g. the time certain activities such as “reset password” take place)

At the time you create an account, we also collect the following information:

  • Your IP address
  • The time of your registration and confirmation

For the account creation process we use the double-opt-in procedure to obtain your consent to us processing the above data.

If in the account creation process season ticket data are linked to the customer account, we also collect the following information:

  • First name und surname of the season ticket holder
  • Address data of the season ticket holder
  • Date of birth of the season ticket holder
  • Telephone number of the season ticket holder (not mandatory)
  • Contractual data (season ticket number of the season ticket holder)

You must have an account with us to be able to use certain content and services on our website, e.g.:

  • to call up information
  • to send an enquiry

You must have an account with us to enable us to carry out our obligations arising from any contracts entered into between you and us or to take steps at your request prior to entering into a contract, e.g.

  • to order goods and services
  • to make reservations of any kind.

2. On what legal basis do you process my personal information?

We base on the provisions of Article 6(1) letter (a) GDPR. To process your data, we additionally base on the provisions of Article 6(1) letter (b) GDPR insofar as the account is created to perform a contract which you are a party to or to take steps at your request prior to entering into a contract.

3. For how long do you keep my data?

We will erase your data as soon as we no longer need them for the purpose we collected them for.

The above applies to data collected during the account creation process if the account is deleted or modified on our website.

The above applies to [data collected] during the account creation process to perform a contract or to take steps at your request prior to entering into a contract if the data are no longer needed to perform the contract. We may need to store the personal data of a contractual partner even after the contract has been entered into to meet contractual or legal obligations.

The above-mentioned obligations arise from

  • continuing obligations
  • warranty periods
  • tax records retention periods.

4. Can I withdraw my consent and will my data be erased?

You have the right to delete your customer account or have your personal data rectified at any time.

You can delete your data at any time by logging in to your user profile or send an email to data protection@hansapark.de to have them erased.
If we need the data to perform a contract or take steps at your request prior to entering into a contract, the data can be deleted only if the deletion is not in conflict with any contractual or legal obligations.

X. Data collected in Connection with our Contact Form

1. What kind of data, to what extent and why do you process my data?

If you use our contact form to send us an enquiry, we will only use the information you provided in the contact form or in the email sent to the email address provided to contact us, including the contact data you provided, to process your enquiry and store it to answer follow-up questions.

At the time you send off the message, we store the following information:

  • Your IP address
  • The date and time the message was sent off

You will be asked to give your consent to the processing of your data and to refer to this Data Privacy Statement before you send off the message.

Alternatively, you can contact us via the email address provided. In this case we will store your personal data transmitted along with the email.

The personal information thus provided will not be disclosed to third parties. We will solely process the data provided to process your enquiry.

We process the personal data you entered in the forms solely to process your contact enquiry. If you contact us by email, we pursue our legitimate interest when we process your data.

We process the other personal data provided as part of the sending process to prevent abuse of the contact form and ensure that our IT systems are secure.

2. On what legal basis do you process my personal information?

The legal basis for processing your personal data is your consent given to us as provided for in Article 6(1) letter (a) GDPR. The legal basis for processing your personal data transmitted to us when you send us an email message is Article 6(1) letter (f) GDPR. If the aim of the email contact is to enter into a contract with us, we will additionally base on the provisions of Article 6(1) letter (b) GDPR to process your data.

3. For how long do you keep my data?

We will erase your data as soon as we no longer need them for the purpose we collected them for. With regard to the personal data provided and transmitted to us via the contact form and in the email message your data will be erased when the respective communication with you ends.

The communication with you ends when the circumstances clearly indicate that the matter in question has been fully settled.

4. Can I withdraw my consent and will my data be erased?

You can at any time withdraw your consent to the processing of your personal data. If you contact us by sending us an email to info@hansapark.de or data protection@hansapark.de, you can object to the storage of your data at any time. If you do so, we cannot process your enquiry.

Any personal data collected and stored in relation to the contact process will then be erased.

XI. Job Applications

1. What kind of data, to what extent and why do you process my data?

We process the personal data you provide to us in a job application to process your job application, i.e. to determine whether you are a suitable candidate and if we want to invite you for a job interview.

We process the personal data you provide to us based on the provisions of Article 6(1) letter (b) GDPR as we need to go through your data to decide if HANSA-PARK wants to employ you. Please do not provide any sensitive data in your job application, e.g. information about your health or religion, unless they are absolutely necessary for your job application. We are permitted to process sensitive data only after we have obtained your consent.

2. On what legal basis do you process my personal information?

Article 6(1) letter (b) GDPR

3. For how long do you keep my data?

If we employ you, we will store your job application data in your personnel file to the extent required. If we do not have a suitable job for you, we will erase your personal data six (6) months after we have informed you about our decision. Otherwise, we will, in each case, store your job application data only to meet the legal obligations to retain them.

If your job application was not successful, we will store your job application data for more than six months only if you have given us your express consent to do so. This is to enable us to contact you at a later point in time should we have a suitable vacancy. You can withdraw your consent at any time.

4. Can I withdraw my consent and will my data be erased?

Applicants have the right at any time to withdraw their consent to the processing of their personal data. If applicants contact us by sending us an email to info@hansapark.de or data protection@hansapark.de, they can object to the storage of their data at any time. In that case we cannot consider the job application.

Any personal data collected and stored in relation to the contact process will then be erased.

XII. Data collected as Part of an Order or Reservation or Purchase Process

1. What kind of data, to what extent and why do you process my data?

When you place an order, make a reservation or a purchase, you must provide the personal data we need to establish the business relationship and perform the contractual obligations associated with it. In addition, you have to provide the data we must collect to meet our legal obligations. If you do not provide such data, we cannot answer your enquiries and enter into any contract resulting from the enquiries. We also use such data to offer you and promote new services respectively.

We collect and process the categories of personal data listed below:

  • Master data (e.g. surname, first name, address)
  • Date of birth
  • Communication data
  • Contract data (e.g. customer number)
  • Customer history
  • Schedule/booking data
  • Planning data
  • Billing data

2. On what legal basis do you process my personal information?

a) We process personal data to pursue our legitimate interest (Article 6(1) letter (f) GDPR)

We lawfully process your data to pursue our legitimate interests.

That also includes the use of your personal information to

  • promote our offerings and services unless you have objected to the use of your data [for such purposes];
  • improve and develop new services and/or products to enable us to cater to your specific interests or make bespoke offers;
  • conduct market surveys and/or commission market research institutes to conduct market surveys and studies to enable us to gain an idea of the transparency and quality of our products, services and communication to best meet the requirements and wishes of our customers;
  • assert and defend against legal claims;
  • use your anonymised data for analytical purposes;
  • guarantee IT security and maintain IT operations;
  • take the appropriate actions to ensure that buildings and the Park are safe and secure (e.g. access controls);

If we intend to use your personal information for a purpose other than the ones mentioned above, we will inform you as required by law.

b) We process personal data to meet our legal obligations (Article 6(1) c GDPR)

HANSA-PARK must comply with various legal regulations (e.g. tax laws, German Commercial Code [HGB]) that provide for the processing of personal data. This includes in particular the processing of personal data for the purpose of preventing fraud and money laundering, complying with control and notification obligations under tax laws as well as assessing and managing corporate risks.

3. For how long do you keep my data?

We retain your personal information for the purposes mentioned above. Your data will be processed for the first time upon collection, i.e. when you or a third party provide them to us. We will erase your personal information after the contractual relationship with you has ended, each party has fulfilled their obligations under the contract and there are no other legal obligations or reasons to store the personal data such as, for example, the statutory obligation to retain data as provided for in the German Commercial Code [HGB] and the German Fiscal Code [AO]. In other words, we will erase your personal information after the legal retention period has expired at the latest, which usually is 10 years after the contract has ended. And finally, the storage period also depends on the statutory period of limitation applicable taking into account our reasonable legitimate interests. Pursuant to section 195 et seq. German Civil Code [BGB], for example, the standard limitation period is three years. In specific cases, however, the statutory period of limitation may be up to 30 years.

4. Can I object and will my data be erased?

If you have questions or complaints regarding our Data Privacy Statement, please contact us (HANSA-PARK Freizeit- und Familienpark GmbH & Co. KG, Am Fahrenkrog 1, 23730 Sierksdorf, email: datenschutz@hansapark.de).

You have the right to request from us, the controller, access to your personal data (Article 15 GDPR) as well as rectification (Article 16 GDPR), erasure (Article 17 GDPR) and restriction of processing of your personal data (Article 18 GDPR). Pursuant to Article 20 GDPR you have the right to data portability. To assert your right to demand access to and erasure of your personal data, the restrictions provided for in sections 34 and 35 BDSG apply. On top, you have the right to lodge a complaint with a data protection supervisory authority (Article 77 GDPR in connection with section 19 BDSG).

Individual right to object
Insofar as we process data to pursue our legitimate interests (see III.2. above), you have the right to object at any time to the processing of your personal data on grounds relating to your particular situation, including the right to object to the processing of your personal data for marketing purposes. If you object, we will stop processing your personal information unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights and freedoms or the processing of the data is necessary to assert, exercise or defend against legal claims.

Right to object to direct marketing
Where we process your personal information for direct marketing purposes, you have the right to object at any time to the processing of your data for such marketing, including profiling in relation to such direct marketing. If you object to the processing of your data for direct marketing purposes, we will stop processing your personal information for such purposes.

Right to withdraw consent
You can withdraw your consent at any time (see item III.2 above, data processing based on your consent). We will then stop processing your personal information. The withdrawal of consent does not affect the lawfulness of the processing of your data based on consent before its withdrawal.
To raise an objection or to withdraw consent, simply send us a letter (b)y post or an email.

5. Do you disclose my data to third parties? Who provides the e-mail service?

HANSA-PARK uses the services of Episerver Campaign to send emails to recipients from its online shop, https://my.hansapark.de. Episerver GmbH, Wallstraße 16, 10179 Berlin, Germany is the provider of the service. For more information please refer to Episerver GmbH’s privacy statement at https://www.episerver.de/legal/privacy-statement.

We use the service provider to pursue our legitimate interests as defined in Article 6(1) letter (f) GDPR based on a contract with the processor pursuant to Article 28(3) 1st sentence GDPR.

The service provider may use recipients’ pseudonymised personal data – i.e. they do not identify users - to optimise or improve its own services, e.g. to technically optimise the sending or design of the newsletter or for statistical purposes. The service provider will not use the personal data to contact newsletter subscribers or disclose them to third parties.

XIII. Payment Processes

1. Online shop payment methods

When you make payments in our online shop, we ask you to provide certain personal data to process payments. We offer a range of payment methods to make your shopping experience in our online shop as enjoyable as possible. We offer the following payment services:

a) PayPal

We have integrated PayPal elements into our online shop. PayPal is an online payment service provider that has no relations with HANSA-PARK. Payments are made from PayPal accounts - virtual private or business accounts. PayPal also offers the option to make virtual payments by credit card if you do not hold a PayPal account. A PayPal account is managed via an email address, which is why there are no account numbers in the traditional sense. PayPal allows its users to make online payments to third parties or receive payments. PayPal also acts in a fiduciary capacity and offers purchase protection services.

PayPal (Europe) S.à.r.l. & Cie. S.C.A., 22-24 Boulevard Royal, 2449 Luxembourg, Luxembourg is the European operating company of PayPal.

If you select the PayPal payment option in our online shop to pay for your purchases, your personal data will automatically be transmitted to PayPal. By selecting this payment option, you consent to your personal data required to process the payment being transmitted to PayPal.

The personal data transmitted to PayPal usually comprise your first name, surname, address, email address, IP address, telephone number, mobile phone number or such other data as are needed to process the payment. In addition, other personal data related to the respective order are needed to process the purchase contract.

The purpose of the transfer of the data is to process payments and prevent fraud. We transfer personal data to PayPal in particular if we have a legitimate interest in the transfer. PayPal may, in certain circumstances, transfer the personal data exchanged between PayPal and us to credit reference agencies to check identities and creditworthiness.

PayPal may disclose your personal data to affiliates and third-party service providers or subcontractors where this is necessary to meet contractual obligations or process orders.

You can at any time withdraw your consent to the processing of your personal data by notifying PayPal. The withdrawal does not affect personal data the processing, use or transfer of which is essential to process payments (under the contract).

You can download PayPal’s privacy policy at https://www.paypal.com/de/webapps/mpp/ua/privacy-full.

b) Payment by credit card

You can also make payments by credit card (VISA and Mastercard). In that case, we will transfer your data to our payment service provider, BS Payone GmbH, Lyoner Straße 9, 60528 Frankfurt am Main (subsequently referred to as “BS Payone GmbH”). BS Payone will match your payment data to the respective credit institute (VISA and/or Mastercard). Your credit card will be debited based on a payment form that you need to fill in on the payment platform of BS Payone GmbH. BS PAYONE GmbH is a company of the Sparkassen financial group that complies with the highest security standards and can draw on more than 20 years of experience in the processing of cashless payments. The service provider has been fully certified to PCI-DSS (Payment Card Industry Data Security Standard) for several years now. PCI-DSS is a standard that prescribes a range of binding regulations for the protection of sensitive card holder information. Companies must guarantee compliance with PCI-DSS to be authorised to store, transmit or process credit card transactions.

When you select a payment method (e.g. credit card payment) on the HANSA-PARK website, the system will generate and store an “alias” for the payment method (a randomly generated, clear alphanumerical series) you selected. This alias will be transmitted to BS Payone GmbH, where it will be stored together with the payment data. The alias will subsequently be used as a "substitute" for the actual payment data (e.g. credit card number) in the communication with BS Payone GmbH to avoid having to transmit the card data in each transaction.

When you choose to pay by credit card, we will process the following data:

  • Master data
  • Communication data
  • Type of card (VISA or MasterCard)
  • Name of the card holder
  • Card number
  • Credit card verification code
  • Expiry date

If you want to know more about how your personal data are used, please contact BS Payone by email (privacy@bspayone.com) or write a letter to BS Payone GmbH, Lyoner Straße 9, 60528 Frankfurt am Main.

c) Payment by Giropay

You can also pay by Giropay. In that case, we will transmit your data to our payment service provider, BS Payone GmbH, Lyoner Straße 9, 60528 Frankfurt am Main (subsequently referred to as “BS Payone GmbH”). BS Payone will match your payment data to the respective bank.

When you enter the master and communication data as well as the routing number in the payment form provided on the payment platform of BS Payone GmbH, you will be redirected to the homepage of your bank via a secure online connection. After you have entered your login name and PIN, the system will display a pre-completed online payment form that cannot be changed. You complete the payment process by entering a valid TAN.

If you want to know more about how your personal data are used, please contact BS Payone by email (privacy@bspayone.com) or write a letter to BS Payone GmbH, Lyoner Straße 9, 60528 Frankfurt am Main.

d) Payment by immediate bank transfer

You can also make payments by immediate bank transfer. In that case, we will transmit your data to our payment service provider, BS Payone GmbH, Lyoner Straße 9, 60528 Frankfurt am Main (subsequently referred to as “BS Payone GmbH”). BS Payone will match your payment data to the payment service provider that offers the immediate bank transfer service.

When you enter the master and communication data as well as the IBAN and BIC in the payment form provided on the payment platform of BS Payone GmbH, you will be redirected to the familiar immediate bank transfer payment page via a secure online connection.

Immediate bank transfer is a service provided by SOFORT GmbH, Theresienhöhe 12, 80339 Munich, Germany. The “immediate bank transfer” acts as an online payment service provider that enables you to make cashless payments for products and services offered on the internet.

The personal data transmitted to the immediate bank transfer service usually comprise your first name, surname, address, telephone number, IP address, email address or such other data as are needed to process your order as well as data in relation to your order such as the number of items ordered, item numbers, invoice amounts and taxes in per cent, invoice information, etc.

The above data must be transferred to allow the system to process your order and accept the payment method you selected, in particular to confirm your identity and manage your payment and the customer relationship.

Please note: Immediate bank transfer may involve the transfer of your personal data to third-party service providers, subcontractors or other affiliates where this is necessary to meet the contractual obligations in relation to your order or who need them to process the purchase contract.

The immediate bank transfer service may, in certain circumstances, involve the transfer of the personal data provided to credit reference agencies to check identities and creditworthiness.

Please refer to the privacy policy applicable to the immediate bank transfer service to learn more about the data protection regulations the processing of your data is based on. The privacy policy will be displayed to you during the immediate bank transfer payment process.

If you want to know more about how your personal data are used, please contact the immediate bank transfer service by email (data protection@sofort.com) or write a letter to SOFORT GmbH, Datenschutz, Theresienhöhe 12, 80339 München).

e) Payment by paydirekt

Another payment option is “paydirekt” In that case, we will transmit your data to our payment service provider, BS Payone GmbH, Lyoner Straße 9, 60528 Frankfurt am Main (subsequently referred to as “BS Payone GmbH”). BS Payone will match your payment data to the paydirekt service provider.

When you enter the master and communication data and tick a check box in the payment form that you need to fill in on the payment platform of BS Payone GmbH, you will be redirected to the familiar paydirekt page via a secure online connection.

If you pay by paydirekt, your payment data will be transmitted to paydirekt GmbH, Hamburger Allee 26-28, 60486 Frankfurt am Main, that will process your payment.

The payment data (e.g. payment amount, payment recipient data) and your confirmation that the payment data are correct, will be collected, processed and transmitted to the bank by paydirekt GmbH to have your paydirekt payment processed. paydirekt GmbH will authenticate the payment via the authentication procedure stored in the system under your identity. The bank will authorise payments to the dealer by involving paydirekt GmbH. paydirekt GmbH collects and stores the transaction data of paydirekt payments. The transaction data comprise the transaction reference and transaction ID as well as information about the shopping basket, which paydirekt GmbH receives from the dealer if the dealer supports the procedure. paydirekt GmbH and the bank base on the transaction data to identify and reference the transaction later (e.g. for refunds) and to match the transaction to the respective customer. To process refunds, paydirekt GmbH transmits the transaction data to the bank.

For more information please refer to paydirekt’s privacy policy available at https://www.paydirekt.de/agb/index.html.

2. Payment methods available at/in the Park

Apart from paying cash in € or the common foreign currencies, you can also pay by EC card or credit card (VISA or Mastercard) at/in the Park.

In that case, we will transmit the following data to our payment service provider, BS Payone GmbH, Lyoner Straße 9, 60528 Frankfurt am Main (subsequently referred to as “BS Payone GmbH”). BS Payone will process them.

  1. Name
  2. Credit card data (number, expiry date, verification code)
  3. Amount payable

BS PAYONE GmbH is a company of the Sparkassen financial group that complies with the highest security standards and can draw on more than 20 years of experience in processing cashless payments. The service provider has been fully certified to PCI-DSS (Payment Card Industry Data Security Standard) for several years now. PCI-DSS is a standard that prescribes a range of binding regulations for the protection of sensitive card holder information. Companies must guarantee compliance with PCI-DSS to be authorised to store, transmit or process credit card transactions.

If you want to know more about how your personal data are used, please contact BS Payone by email (privacy@bspayone.com) or write a letter to BS Payone GmbH, Lyoner Straße 9, 60528 Frankfurt am Main.

XIV. Web Analytics provided by etracker

On our websites - https://www.hansapark.de, https://eventplaner.hansapark.de and https://my.hansapark.de - we use the services of etracker to analyse website usage data. etracker GmbH, Erste Brunnenstraße 1, 20459 Hamburg, Germany is the service provider. We use cookies to statistically analyse how visitors use the websites and to deliver more personalised content or advertisements. Cookies are small text files which your internet browser places on your device. etracker cookies do not contain any information that would make it possible to identify you as a user.

As the data generated by etracker are processed and stored by etracker in Germany only, their processing is subject to the strict German and European data protection laws and standards. etracker has been inspected by an independent body, certified and awarded the ePrivacyseal, a data protection seal of approval (https://www.eprivacy.eu/kunden/vergebene-siegel/firma/etracker-gmbh/).

The data are processed in compliance with Article 6(1) letter (f) (legitimate interest) General Data Protection Regulation [GDPR]. It is our legitimate interest to improve our online services and internet presence. As we do our utmost to respect users’ privacy, etracker anonymises the IP address as early as possible and converts registration or device identifiers into a clear key that cannot be used to identify persons. etracker will not use or merge the data with other data and it will not disclose your data to third parties.

You can object to the processing of the data described above at any time insofar as the data are personal data. Your objection has no adverse effect on you.

I object to the processing of my personal data on this website by etracker.

For more information please refer to etracker’s privacy policy and terms of use available at https://www.etracker.com/ data protection/.

XV. Use of YouTube Plugins

We use the plugin function of the YouTube platform of Google Inc. (“Google”), San Bruno/California, USA on our website.

We embed videos from the YouTube platform in our website, i.e. videos are called up directly on YouTube.com but shown on our site. YouTube uses cookies. Each time you click on a video, a connection to the YouTube servers is established. The YouTube server is notified of your visit to our website. As far as we know your personal data are not stored. However, if you are logged in to your YouTube account while watching the video, YouTube will be able to match your browser history directly to your personal profile. You can prevent this by logging out of your account first.

We collect and process the data generated by the cookies based on your consent (Article 6(1) letter (a) GDPR) to provide you personalised services and make your visit to our website more enjoyable.

For more information please refer to YouTube’s privacy policy at https://www.youtube.de/t/privacy.

XVI. YouTube and Google+

HANSA-PARK holds user accounts with YouTube and Google+. Both platforms are operated by Google Inc. (“Google”), 1600 Amphitheatre Parkway Mountain View, CA 94043, USA.

We do not process any of your personal data on these platforms.

Please refer to Google Inc.’s privacy policy to learn more about how Google Inc. as the platforms’ operator processes personal data under your registration there or when you visit the website.

You will be asked to give your consent to the processing of the data and to refer to this Data Privacy Statement before you send off the message.

Alternatively, you can contact us via the email address provided. In that case we will store your personal data transmitted along with the email.

We will not disclose the personal information provided to third parties. We will solely process the data provided to process your enquiry.

We process the personal data you entered in the forms solely to process your contact enquiry. If you contact us by email, we pursue our legitimate interest when we process your data.

We process the other personal data provided as part of the sending process to prevent abuse of the contact form and ensure that our IT systems are secure.

2. On what legal basis do you process my personal information?

The legal basis for processing your personal data pursuant to Article 6(1) letter (a) GDPR is your consent given to us. The legal basis for processing your personal data transmitted to us when you send us an email message is Article 6(1) letter (f) GDPR. If the aim of the email contact is to enter into a contract with us, we will additionally base on the provisions of Article 6(1) letter (b) GDPR to process your data.

3. For how long do you keep my data?

We will erase your data as soon as we no longer need them for the purpose we collected them for. With regard to the personal data provided and transmitted to us via the contact form and in the email message your data will be erased when the respective communication with you ends.

The communication with you ends when the circumstances clearly indicate that the matter in question has been fully settled.

4. Can I withdraw my consent and will my data be erased?

You can at any time withdraw your consent to the processing of your personal data. If you contact us by sending us an email to info@hansapark.de or data protection@hansapark.de, you can object to the storage of your data at any time. If you do so, we cannot process your enquiry.

Any personal data collected and stored in relation to the contact process will then be erased.

XIX. Video Recording

As a large place of gathering and entertainment as defined in section 4(1) 2nd sentence number 1 Federal Data Protection Act [BDSG] HANSA-PARK has video surveillance in place throughout the Park. The safety and protection of our visitors, employees and facilities are of utmost importance to us. The data collected cannot be used to identify persons. The videos will automatically be erased if no incidents are reported. The controller is HANSA-PARK.

XX. Your Rights at a Glance

Insofar as we process your personal data on our websites, you are considered to be a data subject as defined in the GDPR. As a data subject you have the rights listed below.

1. Right of access to your personal data

You can request us to confirm whether we process any personal data of you. If we do, you can demand from us to provide you the following information:

  • the purposes of the processing of your personal data;
  • the categories of personal data we process;
  • the recipients or categories of recipient to whom the personal data have been or will be disclosed;
  • the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period;
  • the right to lodge a complaint with a supervisory authority;
  • any available information as to the source if the personal data have not been collected from you;
  • the existence of automated decision-making, including profiling, as defined in Article 22(1) and (4) GDPR and - at least in those cases - meaningful information about the logic involved as well as the significance and the envisaged consequences of such processing for you.

You also have the right to demand information about whether your personal data are transferred to a third country or to an international organisation. In this context you have the right to be informed of the appropriate safeguards pursuant to Article 46 GDPR relating to the transfer.

2. Right to rectification

You have the right to demand from us to rectify inaccurate personal data and/or to have incomplete personal data completed. If your personal data are inaccurate or incomplete, we will rectify the situation without undue delay.

3. Right to restriction of processing

You have the right to demand from us to restrict the processing of your personal data if

  • you dispute the accuracy of your personal data for a period that enables us to verify the accuracy of your personal data;
  • the processing is unlawful and you oppose the erasure of your personal data and request the restriction of their use instead;
  • we no longer need the personal data for the purposes of the processing, but you require the data to assert, exercise or defend against legal claims; or
  • you have objected to the processing pursuant to Article 21(1) GDPR pending the verification whether our legitimate grounds override those of you.

If you have requested us to restrict the processing of your personal data, we are only permitted to use such data – apart from storing them – with your consent or to assert, exercise or defend against legal claims or to protect the rights of other natural or legal persons or for reasons of important public interest of the Union or of a Member State. We will inform you before the restriction is lifted.

4. Right to erasure

You have the right to demand from us to erase your personal data without delay. We are obligated to erase your data without delay on one of the following grounds:

  • We no longer need your personal data for the purposes for which we collected or processed them;
  • You withdraw your consent, if you have given it, on which the processing of your personal data pursuant to Article 6(1) letter (a) or Article 9(2) letter (a) GDPR is based and where there is no other legal ground for the processing;
  • You object to the processing of your personal data as provided for in Article 21(1) GDPR and there are no overriding legitimate grounds for the processing;
  • You object to the processing of your personal data for direct marketing purposes as provided for in Article 21(2) GDPR;
  • Your personal data have been unlawfully processed;
  • We must erase your personal data to comply with a legal obligation under Union or Member State law we are subject to;
  • Your personal data have been collected in relation to the offer of information society services referred to in Article 8(1) GDPR.

If we have made your personal data public and if, pursuant to Article 17(1) GDPR, we are obligated to erase them, we will take reasonable steps - taking account of the available technologies and costs of implementation - to inform controllers processing the personal data that you have requested to have erased any links to or any copies or replications of those personal data.

You do not have the right to erasure if the processing is necessary

  • to exercise the right of freedom of expression and information;
  • to comply with a legal obligation which requires the processing under Union or Member State law to which we are subject or to perform a task carried out in the public interest or to exercise official authority vested in us;
  • for reasons of public interest in the area of public health in accordance with Article 9(2) letter (h) and (i) as well as Article 9(3) GDPR;
  • for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes in accordance with Article 89(1) GDPR where the right referred to in paragraph 1 is likely to render impossible or seriously impair the achievement of the objectives of that processing; or
  • to assert, exercise or defend against legal claims.

5. Right to information

If you have demanded from us to rectify, erase or restrict the processing of your personal data, we are obligated to inform all parties (recipients) to whom your personal data have been disclosed of such rectification, erasure or restriction of the processing of your personal data, unless that proves to be impossible or would involve a disproportionate effort.

You have the right to demand from us to inform you about such recipients.

6. Right to data portability

You have the right to receive the personal data that you have provided to us in a structured, commonly used and machine-readable format. You also have the right to transmit those data to another controller without hindrance from us if

  • the processing is based on consent pursuant to Article 6(1) letter (a) GDPR or Article 9(2) letter (a) GDPR or on a contract pursuant to Article 6(1) letter (b) GDPR and
  • the processing is carried out by automated means.

You also have the right to demand from us to transmit your personal data directly from us to another controller where this is technically feasible. The transmission must not adversely affect the rights and freedoms of others.

The right to data portability does not apply to the processing of personal data that are necessary to perform a task carried out in the public interest or to exercise official authority vested in us.

With regard to the services offered on our website we believe that we are currently not processing any data to which the right to data portability applies.

7. Right to object

You have the right to object, on grounds relating to your particular situation, at any time to the processing of your personal data, which is based on Article 6(1) letter (e) or (f) GDPR, including profiling based on those provisions.

We will then stop processing your personal data unless we can demonstrate compelling legitimate grounds for the processing, which override your interests, rights and freedoms or to assert, exercise or defend against legal claims.

If we process your personal data for the purpose of direct marketing, you have the right at any time to object to the processing of personal data concerning you for the purpose of such marketing, including profiling associated with it.

If you object to the processing of your personal data for the purpose of direct marketing, we will stop processing your personal data for such purpose.

In the context of the use of information society services, and notwithstanding Directive 2002/58/EC, you may exercise your right to object by automated means using technical specifications.

8. Right to withdraw consent to the processing of personal data

You have the right to withdraw your consent to the processing of your personal data at any time. Such withdrawal of consent does not affect the lawfulness of processing based on consent before it was withdrawn.

9. Automated individual decision-making including profiling

You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affect you. We do not carry out that kind of processing.

10. Right to lodge a complaint with a supervisory authority

Without prejudice to any other administrative or judicial remedy you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement if you believe that the processing of your personal data infringes the GDPR.

Use of etracker

Our websites use the web analytics applications of etracker (www.etracker.com) to collect and store information for marketing and optimisation purposes. Based on this information usage profiles can be created under a pseudonym. This may include the use of cookies. Cookies are small text files which are locally stored in the cache of the site visitor’s internet browser. Cookies allow a website to recognise your internet browser on a subsequent visit.

Data collected with etracker web analytics applications will not be used to identify visitors of this website without their prior express consent. The data will also not be merged with personal information about the pseudonym holder. Users can object to the collection and storage of the data at any time.

It’s your decision

On written request HANSA-PARK will be pleased to let you know which personal information (e.g. name, address) has been stored.

If you go to our website “my.hansapark.de”, menu item “My Data”, you can delete your account on your own. Please click the “delete account” button and follow the instructions.

On HANSA-PARK’s other websites it is currently not possible for users to deactivate and/or delete their personal information on their own. Please send an email to datenschutz[at]hansapark.de and our data protection officer will be pleased to do it for you.

Security

To protect your personal data held by us from unauthorised access and abuse, we have comprehensive electronic and procedural safeguards in place. Our security procedures are checked and updated at regular intervals.

Among others, we protect your data with passwords and use servers protected by so-called firewalls. Information that you submit to us while you are using our website is transmitted via SSL (secure socket layer) encryption technology.

The servers hosting our websites are located in Nuremberg and Falkenstein, Germany

Links and third-party advertisements on the HANSA-PARK website

Our website contains links to other websites that are operated by independent third parties. Such websites may display HANSA-PARK logos and trademarks and resemble the websites operated by HANSA-PARK. If this is the case, the respective third-party website or the site’s terms of use or privacy policy should indicate it.

HANSA-PARK has no control over the content or the operation of third-party websites and is not responsible for the information contained thereon. Furthermore, HANSA-PARK is not liable to fulfil any orders placed and/or render any services bought via third-party websites or for the privacy policy on such websites.

Third-party websites may gather user data if you click on them. Please make sure you are familiar with the privacy policies of these sites.

Privacy policy, terms of use, and business terms and conditions [AGB]

This Data Privacy Statement applies in addition to our Terms of Use and our General Business Terms and Conditions.

Updating of and amendments to our privacy policy

HANSA-PARK may update this Data Privacy Statement from time to time and amend it at any time. Please contact us via email if you have any comments or questions relating to this Data Privacy Statement or other policies contained on this website.

Validity of this Data Privacy Statement

The use of this website is governed by this Data Privacy Statement. If you do not agree to it, please refrain from using our website.

Contact us

If you have any queries, comments or complaints in relation to this Data Privacy Statement and how we process your personal information, please write to our data protection officer at the address below:

HANSA-PARK Freizeit- und Familienpark GmbH & Co. KG
Wolfgang Wiemann
Am Fahrenkrog 1
23730 Sierksdorf

E-Mail: datenschutz@hansapark.de

If you have any further queries, send us an email to info@hansapark.de or call us on +49(0)4563 / 474-0. We will be pleased to assist you.