Privacy policy

The responsible body within the meaning of the relevant data protection laws is:


Nestpick Global Services GmbH
Neue Schönhauserstrasse 3-5,  10178 Berlin
Local Court of Berlin-Charlottenburg, HRB 161705 B
Managing Director: Ömer Kücükdere
Working hours: Montag bis Freitag, 9.00 - 18.00 Uhr
E-Mail: info@nestpick.com


This privacy policy informs you about the type, scope, and purpose of data collection and use in connection with the website www.nestpick.com and its sub-pages and in connection with the mobile app. A current version of the privacy policy is available on the Website. If you leave our Website via a link or visit our page on a social media platform , you also leave the scope of this privacy policy.


The transmission of information to or from this Website is secured by encryption.


You can access, download, and print this privacy policy permanently and at any time at https://www.nestpick.com/privacy-policy/.


I. General Information

Type and scope of processing of personal data


The provision of the website and the mobile app requires processing of various information. The scope of data processing depends in particular on the type and scope of use of the functions of the website/app. You are not obliged to provide personal data when you visit the Website or use the mobile app. As far as such data provision is technically required when visiting the Website, a refusal leads to the fact that you cannot visit and use our Website. In the context of placing a booking, there may also be a contractual or statutory obligation to provide personal data to us. As far as the indication of your data is necessary for the fulfilment of our obligations, there exists a respective obligation on your part. A refusal may result in the loss of your entitlement to benefits. As a User of our Website/App, you are not subject to any automated decision-making within the meaning of Art. 22 of the General Data Protection Regulation (GDPR).


Legal bases for the processing of personal data

The legal bases for processing of personal data are described below.

Reason for Processing Legal Basis (GDPR) Comment
Fulfilment of the contract or implementation of pre-contractual measures Art. 6 para. 1 b) Unless expressly stated otherwise, data will only be processed by us to the extent necessary for the exercise and fulfilment of the rights and obligations arising from the contract. Unless expressly stated otherwise, data will only be processed by us to this extent.
Justifiable Interest Art. 6 para. 1 f) Processing takes place insofar as we have a legitimate interest and no conflicting overriding interests of the data subject are apparent. The specific interest is explained in this privacy policy within the framework of the processing description.
Consent Art. 6 para. 1 a) Data will be processed to the extent you have expressly agreed to the type and scope of data processing. You can revoke your consent at any time with effect for the future, but this does not affect the processing that has taken place up to this point in time.
Legal Obligation Art. 6 para. 1 c) Processing data takes place insofar as this is necessary to fulfil German or European statutory obligations

Deletion of data and storage period

We will delete your personal data as soon as the legal basis for its processing ceases to exist. Multiple legal bases may exist or a new legal basis may be applicable if a legal basis ceases to exist.



II. Data processing for the provision of the website/mobile app and Communication

Alerts


Visitors of the website can set up so-called alerts for a certain search. For this, the user must enter his or her e-mail address. By clicking on the "Send" button the visitor gives his consent to receive e-mail notifications from Nestpick regarding new results according to his search criteria . To activate the search, the user must click on an activation link that is sent to the specified e-mail address.


Booking inquiries

We do not offer accommodation ourselves, but respective services by our partners. For booking requests we collect the following data:

  • request type;
  • arrival and departure days;
  • purpose of the stay;
  • first and last name;
  • number of guest;
  • e-mail address;
  • telephone number;
  • (optional) message to the landlord.

The collection of the aforementioned data serves the purpose of forwarding the information to our partners. This constitutes a measure in the preparation of the conclusion of the contract which is necessary for entering into a contract with your respective partner and is permitted under Art. 6 (1) sentence 1 (b) GDPR. The user will be informed of the forwarding to the respective partner when making the booking request.


Contact Form


The website provides a contact form which you can use to ask us questions by entering your name and your email address. The use of the contact form is voluntary, and your data is processed in order to fulfill our contractual service obligations (Article 6 (1) (b) GDPR).


Cookies


To establish and maintain the connection or to improve the use of the Website, small text files are used, which contain information transmitted by the browser and stored on the computers of Users ("Cookies"); Cookies do not contain any personal data. The use of Cookies can be managed through browser settings and Cookies can be deleted.
The use and associated data processing of technically required Cookies is based on the legitimate interest in a technically flawless and user-friendly use of the Website. Technically required Cookies are usually automatically deleted when you close your browser (session Cookies), in other cases only after some time (persistent Cookies). The duration of storage of persistent Cookies is determined by the provider and is shown, for example, in your browser. The use of Cookies for advertising and analysis purposes is described in detail below. You may refuse the use of Cookies by selecting the respective settings in your browser. This can be configured for general use or specific for individual Cookies. In addition, there are special options for deactivating individual tracking and analysis Cookies, which are described separately. However, we would like to point out that if individual or all Cookies are deactivated, you may not be able to use all functions of the Website to their full extent.

Log files


When you visit the website/application, your browser sends various information to our server to establish and maintain the connection. The following data is collected:

  • IP address,
  • date and time at the time of acces,
  • name and URL of the retrieved file,
  • data volume retrieved,
  • retrieved successfully or not successfully,
  • previous website,
  • connection page,
  • browser and browser version,
  • the terminal device used (e.g. desktop computer or smartphone),
  • operating system and version of the operating system.

These data including the anonymized IP address are stored in so-called log files. This data is not combined with any other data about you. The storage of log files serves the legitimate interest in the meaning of Article 6 (1) (f) GDPR of providing the website and preventing misuse. Stored log files will be deleted after three months at the latest, unless a longer storage period is required, for example to clarify an attack on the website.


III. Analysis and tracking tools


The services listed below are used and implemented on the basis of Article 6 (1) (f) GDPR. User analysis and tracking serve the purpose to perform targeted advertising to customize and continuously optimize our websites. Through the measures, we want to make sure that advertisements which are geared to your interests are displayed on your devices.


Bing Ads


Bing Ads technology is used on the website to collect and store data from which pseudonymous user profiles are created. This is a service of Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA ("Microsoft"). This service makes it possible to track user activities on the website if they have reached the website via ads from Bing Ads. If Users access our website in this way, a Cookie is placed on their computer which, in combination with markings on the website, makes some non-personal data about the use of the website accessible. This includes the time spent on the website, which areas of the Website were visited and via which display the users accessed the website. Information on the identity of users is not collected. The information collected is transmitted to Microsoft servers in the United States and stored there for a maximum of 180 days. You can prevent the collection of data generated by the Cookie and related to your use of the website and the processing of this data by deactivating the setting of Cookies. This may restrict the functionality of the website. Microsoft may be able to track your usage across multiple electronic devices through cross-device tracking, enabling you to display personalized advertising on or in Microsoft websites and apps. You can disable this function under http://choice.microsoft.com/en-us/opt-out Further information on Bing Ads and data processing can be found here: https://advertise.bingads.microsoft.com/en-us/resources/policies/user-safety-and-privacy-policies https://privacy.microsoft.com/en-us/privacystatement.


Doubleclick


We also use the service Doubleclick by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA ("Google"), which sets a Cookie and assigns a pseudonymous identification number (ID) to your browser. The Cookie determines whether and which advertisements were displayed and clicked in your browser. This enables us to tailor your advertising to your interests. Since we have activated Google's IP anonymization on this Website, your IP address is also shortened within the scope of Doubleclick before being transmitted by Google within member states of the European Union or in other signatory states to the Agreement on the European Economic Area and only in exceptional cases the full IP address is transmitted to Google in the USA and only shortened there. Google analyses the information collected and sends us reports on the usage activities on our Website and provides us with additional services for this purpose. The IP address transmitted by your browser in the context of Google Analytics is not merged with other Google data. In addition to the general options mentioned above for preventing Cookies, you can also specifically prevent Google from saving the double-click Cookie by downloading an appropriate browser plug-in.


Facebook Custom Audiences


In addition, we use the service Facebook Custom Audiences. Facebook Custom Audiences is a service of Facebook Inc, 1601 S. California Ave, Palo Alto, CA 94304, USA ("Facebook"). This service makes it possible to address you with interest-based advertising on the social network Facebook. The Facebook Remarketing Tag is implemented on our website for this purpose. This tag establishes a direct connection to Facebook servers when you visit the website. This gives Facebook information about the pages you have visited on our website. Facebook then compares this with your Facebook account. On your next visit to Facebook, you will then be shown personalized, interest-based advertisements - so-called Facebook ads. For more information, please see Facebook's privacy policy: https://www.facebook.com/about/privacy/. You may object to the use of the Custom Audiences service on the Facebook website https://www.facebook.com/ads/website_custom_audiences.


Firebase


In our mobile app, we use the analytics service of Firebase, Inc. (“Firebase), a Google company. The analytics service is implemented in our mobile app via a development environment (Software Developer Kit). The information generated by the development environment, are:

  • hashed (anonymized) IP address,
  • mobile identifiers such as the Advertising ID for iOS (IDFA) or the Google Advertising ID,
  • installation and initial opening of an mobile app on your mobile device,
  • your interaction within the mobile app (e.g., registration),
  • viewed and clicked ads.

The data is collected and used by Firebase to evaluate the use of the mobile app, to compile performance reports on mobile app activity, and to provide other services related to the use of the mobile app for purposes of market research and customization of the mobile app. Under no circumstances will the collected data be combined with other data that Firebase obtains via other mobile apps. You can find more information about Firebase's privacy policy here: https://www.firebase.com/terms/privacy-policy.html. You can turn off the service from your phone's settings.


Google AdWords


Our website uses the advertising tool Google AdWords by Google including its conversion tracking. Nestpick uses this tool to determine how successful advertising for our services on websites other than our own is. For this purpose, a conversion cookie is set when you click on one of our advertisements. This cookie enables us to recognize that you have accessed our website via this ad. With such usage data we create statistics to evaluate the conversion of our advertisements. We do not receive any personal information about you. The conversion cookie set in your browser is individual and cannot be used by other Google AdWords customers for their statistics.
You can prevent tracking by disabling the conversion tracking cookie in your browser settings.


Google (Universal) Analytics

This Website uses Google Analytics, a web analysis service from Google. Google collects information about your use of this Website (including your IP address) in the USA via a Cookie, and stores this information. However, we only use Google Analytics with an anonymization function by which the IP address is reduced before it is transmitted by Google within member states of the European Union or in other signatory states to the Agreement on the European Economic Area. The full IP address will only be transmitted to Google in the USA and shortened there in exceptional cases. Google analyses the information collected and sends us reports on the usage activities on our Website and provides us with additional services for this purpose. The IP address transmitted by your browser in the context of Google Analytics is not combined with other Google data.
In addition to blocking all Cookies by your browser, you can prevent Google from processing your data by downloading and installing the browser plug-in available under the following link: https://tools.google.com/dlpage/gaoptout?hl=en. You can find more information about Google Analytics in Google's privacy policy: https://support.google.com/analytics/answer/6004245?hl=en.


Google Dynamic Remarketing


Nestpick uses the features of Google Dynamic Remarketing with the cross-device features of Google AdWords and Google DoubleClick. This feature allows to link advertising audiences created with Google Dynamic Remarketing to cross-device features of Google AdWords and Google DoubleClick. Therefore, interest-based, personalized advertising messages that have been customized for you based on your past usage and browsing behavior on a device (e.g., smartphone) may also be displayed on another device you use (e. g., tablet). If you have given the appropriate consent to Google, Google will link your web and mobile app browsing history with your Google Account for this purpose. That way, the same personalized advertising messages can appear on any device you use to sign in to your Google Account. To support this feature, Google Analytics collects Google-authenticated IDs of users who are temporarily linked to our Google Analytics data to define and create audiences for cross-device ad promotion. You can permanently opt out of cross-device remarketing/targeting by turning off personalized advertising in your Google Account. To do so, follow this link: https://adssettings.google.com/. For more information, as well as the provisions regarding data privacy, please see Google’s Privacy Policy under https://policies.google.com/technologies/ads?hl.


HasOffers


We use services of hasoffers.com of TUNE, Inc., 2200 Western Ave., Suite 200, Seattle WA, 98121 ("TUNE") to measure the effectiveness of our advertising measures. We collect statistical data about visitors who use one of our links (such as ad banners) to access the registration page, including, for example, information about the countries from which these visitors are likely to come. A hasoffers.com cookie will be placed on your device if you access the registration page via such a link. The cookie stores and transmits the following information to TUNE, to which Nestpick has access, while it is stored:

  • on which link you have clicked,
  • when you clicked the link,
  • (in some cases) on which website the link was located,
  • IP address of your device (hashed),
  • imprecise location information based on the IP address and, if applicable, WLAN information.
TUNE's privacy policy is available at http://www.hasoffers.com/privacy-policy


New Relic


This website uses a plugin of the web analysis service New Relic by New Relic Inc. 188 Spear Street, Suite 1200 San Francisco, CA 94105, USA ("New Relic"). With New Relic’s service we can carry out statistical surveys on the speed of the website, in particular its loading times. New Relic uses cookies for this purpose. When you visit our website, a direct connection of your browser to the servers of New Relic is established. Your IP address will also be transmitted and stored in the process. This way New Relic learns that you have visited our site. If you have a New Relic account and are logged in when you visit our website, New Relic may associate the website visit with your account. To prevent this, you must log off before visiting our website. For more information, please refer to New Relic's privacy policy: https://newrelic.com/privacy.


Yandex Metrica


Nestpick uses Yandex Metrica, a website analysis tool from the company, Yandex LLC,16, Leo Tolstoy Street, Moscow, 119021, Russia (“Yandex”). When you visit our website, Yandex will collect data generated by your behavior. This includes (i. a.):

  • anonymized IP address,
  • browser data,
  • click behavior.
You will also be provided with an ID by cookies which makes you recognizable. The collected data is stored on the Yandex servers in the Russian Federation and processed and made available there for us. According to information from Yandex, no personal data is used. The processed data allows us to improve the website and to design it to be more pleasant for users. You can find additional information concerning Yandex’s data protection provisions using the internet address below: https://metrica.yandex.com/about/info/privacy-policy.


IV. Rights of the parties concerned


If personal data are processed, you are a data subject within the meaning of Art. 4 Para. 1 GDPR and you have the following rights with regard to your personal data. To exercise these rights, please contact us under the contact details above.


Right to information according to Art. 15 GDPR

You have a right to information about your personal data processed by us. This includes the mandatory information set out in Art. 15 GDPR.


Right to correction under Art. 16 GDPR

You have the right to request the immediate correction of incorrect personal data and the completion of incorrect personal data.


Right to cancellation in accordance with Art. 17 GDPR

You have the right to request the deletion of your personal data if one of the reasons mentioned in Art. 17 GDPR applies, in particular if there is no longer a legal basis for the processing.


Right to limitation of processing according to Art. 18 GDPR

You have the right to request the restriction of the processing of your personal data if one of the reasons mentioned in Art. 18 GDPR applies, in particular, at your request, instead of deleting the data.


Right to data transferability according to Art. 20 GDPR

You have the right to request all personal data stored by us about you in a structured, current and machine-readable format and to transmit this data to another person in charge without obstruction by the person responsible to whom the personal data was provided.


Right of appeal to the competent supervisory authority, Art. 77 GDPR

According to Art. 77 GDPR, you have the right to file a complaint with the supervisory authority responsible for you.


Right to object

If the data processing is based on your consent or our legitimate interest, you have the right to object to the processing or to revoke your consent at any time. Your objection or revocation will only have an effect for the future If the analysis Cookies used offer their own technical solution for deactivation, this is explained respectively; you can contact info@nestpick.com (or the contact details of the responsible body listed above) at any time to exercise your right of objection or revocation. If you object to data processing on the basis of our legitimate interest, we may nevertheless continue processing if we can prove compelling reasons worthy of protection for the processing which outweigh your interests, rights and freedoms.


Last update: 20 August 2018