Privacy

1. Overview: data collection on our website

What data do we collect and how do we collect your data?
Some data are collected when you provide it to us. This could, for example, be data you enter on a contact form.
Other data are collected automatically by our server provider's IT systems when you visit the website. These data are primarily technical data such as the browser and operating system you are using or when you accessed the page. These data are collected automatically as soon as you enter our website and normally deleted after a short time.

What do we use your data for?
Part of the data is collected to ensure the proper functioning of the website and monitor it against abuse. Other data can be used to analyze how visitors use the site. Other data (e.g. your email address) is only collected for specific services you may request from us (e.g. newsletter, booking a tour and so on).

What rights do you have regarding your data?
You always have the right to request information about your stored data, its origin, its recipients, and the purpose of its collection at no charge. You also have the right to request that it be corrected, blocked, or deleted. You can contact us at any time using the address given in the legal notice if you have further questions about the issue of privacy and data protection. You may also, of course, file a complaint with the competent regulatory authorities.

Analytics and third-party tools
When visiting our website, statistical analyses may be made of your surfing behavior. This happens primarily using cookies and analytics. The analysis of your surfing behavior is usually anonymous, i.e. we will not be able to identify you from this data. You can object to this analysis or prevent it by not using certain tools. Detailed information can be found in the following privacy policy.
You can object to this analysis. We will inform you below about how to exercise your options in this regard.

2. General information and mandatory information

Data protection
The operators of this website take the protection of your personal data very seriously. We treat your personal data as confidential and in accordance with the statutory data protection regulations and this privacy policy.

If you use this website, various pieces of personal data will be collected. Personal information is any data with which you could be personally identified. This privacy policy explains what information we collect and what we use it for. It also explains how and for what purpose this happens.

Please note that data transmitted via the internet (e.g. via email communication) may be subject to security breaches. Complete protection of your data from third-party access is not possible.

Notice concerning the party responsible for this website
The party responsible for processing data on this website is:

VolcanoDiscovery GmbH
Geschäftsführer: Dr. Tom Pfeiffer
Registergericht Saarbrücken, HRB 103744

Heideweg 2, D-66606 St. Wendel, Germany
Telephone: +4968519777009
Email: [email protected]

The responsible party is the natural or legal person who alone or jointly with others decides on the purposes and means of processing personal data (names, email addresses, etc.).

Revocation of your consent to the processing of your data
Many data processing operations are only possible with your express consent. You may revoke your consent at any time with future effect. An informal email making this request is sufficient. The data processed before we receive your request may still be legally processed.

Right to file complaints with regulatory authorities
If there has been a breach of data protection legislation, the person affected may file a complaint with the competent regulatory authorities. The competent regulatory authority for matters related to data protection legislation is the data protection officer of the German state in which our company is headquartered. A list of data protection officers and their contact details can be found at the following link: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.

Right to data portability
You have the right to have data which we process based on your consent or in fulfillment of a contract automatically delivered to yourself or to a third party in a standard, machine-readable format. If you require the direct transfer of data to another responsible party, this will only be done to the extent technically feasible.

SSL or TLS encryption
This site uses SSL or TLS encryption for security reasons and for the protection of the transmission of confidential content, such as the inquiries you send to us as the site operator. You can recognize an encrypted connection in your browser's address line when it changes from "http://" to "https://" and the lock icon is displayed in your browser's address bar.
If SSL or TLS encryption is activated, the data you transfer to us cannot be read by third parties.

Encrypted payments via this website
There are no online payments possible directly on this website and we do not collect nor process any payment information (e.g. credit card numbers) ourselves.
However, we offer the possibility to pay online for certain products using 3rd party providers, namely PayPal (https://www.paypal.com) and GiroSolution GmbH (https://www.girosolution.de). These all offer industry-standard secure common means of payment (Visa/MasterCard, direct debit) via encrypted SSL or TLS connections.
When you make a payment for us online through them, we don't receive any of your payment data from them. We only receive essential information about the payment itself: whether it was successful or not, the amount and currency paid, the date and time of the transaction, our and the payment system's associated reference number to match it with an open invoice, and in case of PayPal, your name and email address. We have no access to any critical information such as your credit card number.

Information, blocking, deletion
As permitted by law, you have the right to be provided at any time with information free of charge about any of your personal data that is stored as well as its origin, the recipient and the purpose for which it has been processed. You also have the right to have this data corrected, blocked or deleted. You can contact us at any time using the address given in our legal notice if you have further questions on the topic of personal data.

3. Data collection on our website

Server access log files:
The website provider (*) automatically collects and stores information that your browser automatically transmits to us in "server log files". These are:

- Browser type and browser version
- Operating system used
- Referrer URL
- Host name of the accessing computer
- Time of the server request
- Your IP address

These data will not be combined with data from other sources. These data are mainly used for basic statistical purposes and to monitor the network for hacking attacks or other abuse.
This is an example entry a visit of a page could leave in our log files:
162.158.78.110 - - [15/Jan/2018:11:37:50 +0100] "GET /privacy.html HTTP/1.1" 200 15063 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/600.1.25 (KHTML, like Gecko) Version/8.0 Safari/600.1.25"

It includes the IP (in this case, a network node from the CDN provider CloudFlare that forwarded your request), date and time the server sent out the html response (the page you look at in your browser), the specific page address (in this case, the ".../privacy.html" page), protocol (HTTP/1.1) and response code (200 = success), byte length (15063) and the type of browser that sent the request (e.g. Safari in this example).

The server access data is deleted automatically after a short amount of time (14 days on our origin server).

The basis for data processing is Art. 6 (1) (f) DSGVO, which allows the processing of data to fulfill a contract or for measures preliminary to a contract.

(*) Note on our website providers:
We don't run the server hosting the website ourselves, but through reputable providers who put industry-standard measures in place to protect the data stored on their systems and are fully compliant with DSGVO.
These include Hetzner GmbH (privacy policy), Mittwald GmbH (privacy policy), CloudFlare CDN (privacy policy).

Contact forms
Should you send us questions via the contact form, we will collect the data entered on the form, including the contact details you provide, to answer your question and any follow-up questions. We do not share this information without your permission.
We will, therefore, process any data you enter onto the contact form only with your consent per Art. 6 (1)(a) DSGVO. You may revoke your consent at any time. An informal email making this request is sufficient. The data processed before we receive your request may still be legally processed.
We will retain the data you provide on the contact form until you request its deletion, revoke your consent for its storage, or the purpose for its storage no longer pertains (e.g. after fulfilling your request). Any mandatory statutory provisions, especially those regarding mandatory data retention periods, remain unaffected by this provision.

Registration on this website / online accounts
You can register on our website in order to access additional functions offered here (e.g. submit pictures to our "Photo-of-the-Day contest"). The input data will only be used for the purpose of using the respective site or service for which you have registered. The mandatory information requested during registration must be provided in full (normally, these are username, email and a password). Otherwise, we will reject your registration.
To inform you about important changes such as those within the scope of our site or technical changes, we will use the email address specified during registration.
We will process the data provided during registration only based on your consent per Art. 6 (1)(a) DSGVO. You may revoke your consent at any time with future effect. An informal email making this request is sufficient. The data processed before we receive your request may still be legally processed.
We will continue to store the data collected during registration for as long as you remain registered on our website. Statutory retention periods remain unaffected.

Newsletter:
If you would like to receive our newsletter, we require a valid email address as well as information that allows us to verify that you are the owner of the specified email address and that you agree to receive this newsletter.

These data are stored in our secured internal database where only we have access and we only use your data in order to send you the newsletter and/or enable you to log in and perform certain tasks only logged-in users are allowed to do (e.g. upload pictures to our Image Pool for the "Photo of the Day" series.
You can opt-out from the newsletter, remove your account, request to have your data copied to you or deleted it any time.

No additional data is collected or is only collected on a voluntary basis. We only use this data to send the requested information and do not pass it on to third parties.

We will, therefore, process any data you enter onto the contact form only with your consent per Art. 6 (1) (a) DSGVO. You can revoke consent to the storage of your data and email address as well as their use for sending the newsletter at any time, e.g. through the "unsubscribe" link in the newsletter. The data processed before we receive your request may still be legally processed.

The data provided when registering for the newsletter will be used to distribute the newsletter until you cancel your subscription when said data will be deleted. Data we have stored for other purposes (e.g. email addresses for the members area) remain unaffected.

Buying things or services, e.g. tours:
When you buy something from our online shop or book a tour with us, we will need more or less detailed personal data as needed to complete a transaction: typically, this includes your full invoice address, a telephone number to reach you, an email, your birthday, nationality and similar standard information.
For legal and bookkeeping reasons, we are required to keep some or all of these data, or documents where they appear (e.g. invoices) for a minimum of the legal retention period. In Germany, this varies from 2-10 years, depending on the nature of the data. Invoices will need to be kept for 10 years.
After the retention period has passed, we delete all documents permanently.

4. Processing of data (customer and contract data)

We only collect the data we need
We collect, process, and use personal data only insofar as it is necessary to establish, or modify legal relationships with us (master data). This is done based on Art. 6 (1) (b) DSGVO, which allows the processing of data to fulfill a contract or for measures preliminary to a contract. We collect, process and use your personal data when accessing our website (usage data) only to the extent required to enable you to access our service or to bill you for the same.
Collected customer data shall be deleted after completion of the order or termination of the business relationship. Legal retention periods remain unaffected.

Data transmitted when entering into a contract with online shops, retailers, and mail order
We transmit personally identifiable data to third parties only to the extent required to fulfill the terms of your contract, for example, to companies entrusted to deliver goods to your location or banks entrusted to process your payments. Your data will not be transmitted for any other purpose unless you have given your express permission to do so. Your data will not be disclosed to third parties for advertising purposes without your express consent.
The basis for data processing is Art. 6 (1) (b) DSGVO, which allows the processing of data to fulfill a contract or for measures preliminary to a contract.

Data transferred when signing up for services and digital content
We transmit personally identifiable data to third parties only to the extent required to fulfill the terms of your contract with us, for example, to banks entrusted to process your payments.
Your data will not be transmitted for any other purpose unless you have given your express permission to do so. Your data will not be disclosed to third parties for advertising purposes without your express consent.
The basis for data processing is Art. 6 (1) (b) DSGVO, which allows the processing of data to fulfill a contract or for measures preliminary to a contract.

5. Cookies

As almost all websites, we use cookies to enable or improve functionality of the website as a whole, in particular allowing you to connect with social media and enabling 3rd parties to show customized advertising.

What are cookies?
Cookies do not harm your computer and do not contain any viruses. A cookie is a small text file that a website instructs your browser to save on your computer or mobile device when you visit the site, and to resend to the server on your next visit. It can be used to store and exchange various information between your browser and the website.
Examples include site-wide preferences (language, font size etc) or to remain logged in over a period of time.

Example:
This is the cookie we use for the domain www.volcanodiscovery.com: "cookieconsent_granted_general:yes". It is saved on your browser when you agree to allow cookies on websites of volcanodiscovery.com. When you load the website a second time, the code of the website instructs your browser to check whether this cookie is present or not: if not, the browser will not be able to use any services that need cookies to function (e.g. perform a login), and continue to show the overlay window asking for permission.
The other cookies our website stores on your browser are indicators whether a certain 3rd party service (see below list) should be enabled or disabled.

How to control cookies
You are in full control over which cookies are stored on your device if you use a reputable browser (e.g. Firefox, Chrome, Safari, Internet Exporer etc). The implementation varies from browser to browser, but you can normally adjust the settings looking into the browser's settings under "privacy".
There, you can control and/or delete cookies as you wish - for more details, see aboutcookies.org. You can delete all cookies that are already on your computer and you can set most browsers to prevent them from being placed. If you do this, however, you may have to manually adjust some preferences every time you visit a site and some services and some functionalities may not work.

Own cookies

This website uses cookies necessary for security and anonymous site usage statistics (related to google analytics, see below to adjust settings), and user-preferences only. We don't store any cookie data on our end. On modern browsers, most cookies are only stored as "local storage" on your computer and not sent out when requesting a web page.

The only case we need to use a cookie on the receiving end is if you are a registered user that can log-in or if you have paid a donation to support us (e.g. in order not to see advertising).
In these cases, a cookie is used and is necessary for the site to recognize you as a user with special privileges. In detail, the process is as follows:
When you log into our website or after you send us a payment, our server sends your browser a unique string code that contains a digital fingerprint of your session. If your browser sends this cookie back to our server (which it will do automatically in standard configurations), our server can recognize you and send you a personalized response only you can see. We do not track your visit on the website or any other information this way. Log-in cookies are short-lived and are deleted as soon as you log out or after a few hours of inactivity.

3rd party cookies

Data collected through third party cookies
A number of 3rd party elements (=anything not hosted on servers controlled by us such as a sharing button, a video etc) are usually present on this website in order to provide additional functionality. The most common include facebook, google, youtube, amazon, twitter, the sharing service addThis, online advertisers (see below for full list).

We do not collect any data from or through these 3rd party services ourselves.

However, by visiting this website with all features enabled, you give us permission to show you resources from 3rd parties as well, who can (and usually do) store their own data about your request to include this resource from our site: this is especially true if you have accounts with them and even more if you are logged in with them and choose never to log out, i.e. keep their cookies on your browser even after you leave their websites:

By loading these elements - e.g. the facebook button, or a youtube video on our website, your browser will connect to the service to request the logo image, video etc. In standard configuration of your browser, it will also send out the cookie you have from them along with the standard http header information described above (IP, time, browser, the page that embeds the resource etc). This way, the 3rd party service can know which site you are visiting, in this case, our website. The purpose is in most cases to be able to send you personalized advertising.
Unfortunately, we have no way of controlling what 3rd parties exactly do with your data and explicitly deny any responsibility for this. Please read their individual policies about privacy if you're in doubt.

3rd party services that may be used on this website:
Please note that a given page may or may not use any of the mentioned services.

Website statistics

This website uses functions of the web analysis service Google Analytics. The provider of this service is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
Google Analytics uses so-called cookies. Cookies are text files, which are stored on your computer and that enable an analysis of the use of the website by users. The information generated by cookies on your use of this website is usually transferred to a Google server in the United States, where it is stored.
The storage of Google Analytics cookies and the utilization of this analysis tool are based on Art. 6 Sect. 1 lit. f GDPR. The operator of this website has a legitimate interest in the analysis of user patterns to optimize both, the services offered online and the operator's advertising activities.
IP anonymization
On this website, we have activated the IP anonymization function. As a result, your IP address will be abbreviated by Google within the member states of the European Union or in other states that have ratified the Convention on the European Economic Area prior to its transmission to the United States. The full IP address will be transmitted to one of Google's servers in the United States and abbreviated there only in exceptional cases. On behalf of the operator of this website, Google shall use this information to analyse your use of this website to generate reports on website activities and to render other services to the operator of this website that are related to the use of the website and the Internet. The IP address transmitted in conjunction with Google Analytics from your browser shall not be merged with other data in Google's possession.
Browser plug-in
You do have the option to prevent the archiving of cookies by making pertinent changes to the settings of your browser software. However, we have to point out that in this case you may not be able to use all of the functions of this website to their fullest extent. Moreover, you have the option prevent the recording of the data generated by the cookie and affiliated with your use of the website (including your IP address) by Google as well as the processing of this data by Google by downloading and installing the browser plug-in available under the following link: https://tools.google.com/dlpage/gaoptout?hl=en.
Objection to the recording of data
You have the option to prevent the recording of your data by Google Analytics by clicking on the following link. This will result in the placement of an opt out cookie, which prevents the recording of your data during future visits to this website: Google Analytics deactivation.
For more information about the handling of user data by Google Analytics, please consult Google's Data Privacy Declaration at: https://support.google.com/analytics/answer/6004245?hl=en.
Contract data processing
We have executed a contract data processing agreement with Google and are implementing the stringent provisions of the German data protection agencies to the fullest when using Google Analytics.
Demographic parameters provided by Google Analytics
This website uses the function “demographic parameters” provided by Google Analytics. It makes it possible to generate reports providing information on the age, gender and interests of website visitors. The sources of this information are interest-related advertising by Google as well as visitor data obtained from third party providers. This data cannot be allocated to a specific individual. You have the option to deactivate this function at any time by making pertinent settings changes for advertising in your Google account or you can generally prohibit the recording of your data by Google Analytics as explained in section “Objection to the recording of data.”

Social media

Interactive content

Advertising

California Consumer Privacy Act (“CCPA”)

Under CCPA, Californian residents have the right to declare their preferences on the sale of data for advertising and marketing purposes. If you wish to change your preferences, click this link to launch our preference portal.

Advertising Partners

Below, we list the partners we use for advertising on some or all sections of our site. To change your preferences for this site, click here.

Google Adsense
We use Google's Adsense program to show advertising. To learn more about them visit Google's privacy policy about advertising.

Publift
We use Publift to show advertising. To learn more about them To learn more about them visit the Publift privacy policy.

Our Privacy Policy