Blue glowing padlock icon in concentric circular digital interface, symbolizing online security and data protection, suitable for technological or cybersecurity concepts © Mirivox - stock.adobe.de

Data protection

In the following, we provide information about the collection of personal data when using this website. The service provider and therefore the controller in accordance with the EU General Data Protection Regulation (GDPR) is Raiffeisen Touristik Group GmbH.
For more information on how to contact us, please refer to our legal notice


The protection of your privacy and personal data is of great importance to us. We also pay great attention to this aspect in the implementation of our internet activities. Our data protection practices are therefore in accordance with the applicable data protection regulations and other legal requirements.

In order to protect your data against accidental or intentional manipulation, loss, destruction or access by unauthorized third parties, we use technical and organizational security measures that we continuously optimize in accordance with technical and legal developments.


Access to personal data at Raiffeisen Touristik Group GmbH. only those persons who need this data to carry out their tasks within the responsible body, who are informed about the legal provisions on data protection and who have undertaken to comply with them in accordance with the applicable legal provisions.


We would like to explain to you below what personal data we collect from you and what we use it for. We therefore ask you to read the following information carefully.

1. personal data

Personal data within the meaning of Art. 4 (1) GDPR means any information relating to an identified or identifiable natural person (hereinafter referred to as "data subject"); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

2. collection and storage of personal data

a) When you visit the website
When you visit our website www.rtrtg.de, the browser used on your device automatically sends information to the server of our website. This information is temporarily stored in a so-called log file. The following information is collected without any action on your part and stored until it is automatically deleted:
IP address of the requesting computer,
date and time of access,
name and URL of the file accessed,
website from which access is made (referrer URL),
browser used and, if applicable, the operating system of your computer and the name of your access provider.
We process the aforementioned data for the following purposes:
Ensuring a smooth connection to the website,
Ensuring a comfortable use of our website,
Evaluation of system security and stability as well as
for further administrative purposes.
The legal basis for data processing is Art. 6 para. 1 sentence 1 lit. f GDPR. Our legitimate interest follows from the data collection purposes listed above. Under no circumstances do we use the data collected for the purpose of drawing conclusions about your person.
We also use cookies when you visit our website. You can find more detailed explanations on this in section 7 of this privacy policy.

b) When using our contact form
For questions of any kind, we offer you the opportunity to contact us via a form provided on the website. It is necessary to provide a valid e-mail address so that we know who sent the request and can respond to it. Further information can be provided voluntarily.
The data processing for the purpose of contacting us is carried out in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR on the basis of your voluntarily given consent.
The personal data collected by us for the use of the contact form will be automatically deleted after your request has been processed.

c) When subscribing to our newsletter
On the website of the Raiffeisen Touristik Group GmbH., users are given the opportunity to subscribe to our enterprise's newsletter. The input mask used for this purpose determines what personal data are transmitted to the controller when the newsletter is ordered.

Raiffeisen Touristik Group GmbH. informs its customers and business partners regularly by means of a newsletter about enterprise offers. The enterprise's newsletter may only be received by the data subject if
(1) the data subject has a valid e-mail address and
(2) the data subject registers for the newsletter shipping. For legal reasons, a confirmation email is sent to the email address entered by a data subject for the first time for the newsletter mailing using the double opt-in procedure. This confirmation email is used to check whether the owner of the email address as the data subject has authorized the receipt of the newsletter.

When registering for the newsletter, we also store the IP address assigned by the Internet service provider (ISP) of the computer system used by the data subject at the time of registration, as well as the date and time of registration. The collection of this data is necessary in order to be able to trace the (possible) misuse of a data subject's email address at a later date and therefore serves as legal protection for the controller.
The personal data collected when registering for the newsletter is used exclusively to send our newsletter. Data processing for the purpose of contacting us is carried out in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR on the basis of your voluntarily given consent.
Furthermore, subscribers to the newsletter may be informed by e-mail if this is necessary for the operation of the newsletter service or a registration in this regard, as could be the case in the event of changes to the newsletter offer or changes to the technical conditions. The personal data collected as part of the newsletter service will not be passed on to third parties. The subscription to our newsletter can be canceled by the data subject at any time. The consent to the storage of personal data, which the data subject has given us for the newsletter dispatch, can be revoked at any time. There is a corresponding link in every newsletter for the purpose of revoking consent. It is also possible to unsubscribe from the newsletter at any time directly on the controller's website or to inform the controller of this in another way

3. disclosure of data

Your personal data will not be disclosed to third parties for purposes other than those listed below.
We will only disclose your personal data to third parties if:
you have given your express consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR,
disclosure in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR is necessary for the assertion, exercise or defense of legal claims and there is no reason to assume that you have an overriding interest worthy of protection in not disclosing your data,
in the event that there is a legal obligation for disclosure pursuant to Art. 6 para. 1 sentence 1 lit. c GDPR, and
this is legally permissible and necessary for the processing of contractual relationships with you pursuant to Art. 6 para. 1 sentence 1 lit. b GDPR.

4. export and processing of data in countries outside the European Economic Area

Your personal data will not be exported to countries outside the European Economic Area (hereinafter referred to as EEA) if you object to this.
Nevertheless, if you have logged into social media plug-ins, personal data may be exported to the USA. For more detailed explanations and ways to prevent this data export, please read the section "11. Social Media Plugins" of this privacy policy.
However, personal data is not transmitted to Google as part of the use of analysis programs by the controller, as your IP address is only transmitted anonymously. Please read section "8. Analysis programs" in this privacy policy.
The service providers used by the controller are based and operate their IT infrastructure exclusively within the EEA. This also applies to any use of cloud-based services. Contracts are in place with the service providers that comply with the data protection and data security requirements of the European Data Protection Directive (95/46/EC) and German data protection law, or, from 25.05.2018, the GDPR. Even if external service providers are used, Raiffeisen Touristik Group GmbH remains the data controller .


5. deletion of your data

If your data is no longer required for the aforementioned purposes, it will be deleted. If data must be retained for legal reasons, it will be blocked. The data will then no longer be available for further use.

6. use of cookies

When you visit our website, information is stored on your computer in the form of a cookie within your browser software. This stores information about your use of the website. The use of cookies makes it easier for you to use the functions, as we recognize your computer on a subsequent visit and thus make it easier for you to enter data repeatedly.
The cookies we use (small files with configuration information) help us to determine the frequency of use and the number of users of our website and to enable you to make full use of the service. Most browsers are set to accept cookies automatically. However, you can deactivate the storage of cookies or set your browser to notify you as soon as cookies are sent. You also have the option of deleting the stored cookies from your hard disk at any time. Please note that if you deactivate the storage of cookies, you may only be able to use our website to a limited extent.

7. hCaptcha

To protect the contact form from unwanted, automated messages, I use the hCaptcha service provided by Intuition Machines, Inc. As soon as you click on the "Load Captcha" button, your IP address is transmitted to hCaptcha. The service is offered by Intuition Machines, Inc, 350 Alabama St, #10, San Francisco, CA 94110, USA.
Further information and the privacy policy of hCaptcha can be found at https://www.hcaptcha.com/privacy.

8. YouTube Video

YouTube Video is a streaming service provided by Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (hereinafter "Google"). We use the YouTube embedding function on our website, which enables us to display and play videos on our website.
To protect your data, we use a so-called consent banner in connection with our embedded YouTube videos. With the help of this banner, we can prevent your data from being processed by YouTube when you access the page on which the YouTube video is embedded, but only with your consent. In addition, we use the extended data protection mode on our website, which means that the videos you watch are not used to personalize your surfing on YouTube or to personalize advertising. When you play a video on our website, YouTube uses local storage. As part of this service, Google processes the IP address, browser and device information (e.g. the operating system), the referrer URL and information about the videos viewed.

Google itself is responsible for the data processing described above. Please note that Google transmits the above-mentioned information to Google's servers in the USA (see chapter Data transmission to third countries). Data collection is carried out in accordance with Section 25 (1) TTDSG, downstream data processing in accordance with Art. 6 (1) (a) GDPR on the basis of your express consent. You can withdraw your consent at any time with effect for the future by clicking on "Cookie settings" at the bottom of our website.
For more information about Google's privacy policy, please visit https://policies.google.com/privacy?hl=de.

9. liability for links

Our website contains links to external third-party websites over whose content we have no influence. We can therefore accept no liability for this third-party content. The respective provider or operator of the pages is always responsible for the content of the linked pages. The linked pages were checked for possible legal violations at the time of linking. Illegal content was not recognizable at the time of linking. However, permanent monitoring of the content of the linked pages is not reasonable without concrete evidence of an infringement. If we become aware of any legal infringements, we will remove such links immediately.

External links are marked with this symbol:
Only when you click on an external link will data be transferred to the link destination.
This is technically necessary due to the protocol on which the Internet is based (TCP/IP = TCP - Transfer Control Protocol + IP - Internet Protocol). The data transmitted are in particular Your IP address, the time at which you clicked on the link, the page on which you clicked on the link as well as other information mentioned under section II no. 1 of this notice.
Clicking on individual links may involve a transfer of data to third parties. This may result in third parties, authorities or secret services receiving connection data. If you do not want the data mentioned to be transferred to the link destination or to the third parties mentioned or to be accessed by others, do not click on the link.

10. contact form

If you send us inquiries via the contact form, your details from the inquiry form, including the contact data you provide there, will be stored by us for the purpose of processing the inquiry and in the event of follow-up questions. We will not pass on this data without your consent.
The data entered in the contact form is therefore processed exclusively on the basis of your consent (Art. 6 para. 1 lit. a GDPR). You can revoke this consent at any time. All you need to do is send us an informal email. The legality of the data processing operations carried out until the revocation remains unaffected by the revocation.
The data you enter in the contact form will remain with us until you ask us to delete it, revoke your consent to storage or the purpose for data storage no longer applies (e.g. after your request has been processed). Mandatory statutory provisions - in particular retention periods - remain unaffected.

11. protection of your personal data

In order to process your personal data as securely as possible, we always use SSL (Secure Socket Layer) security software for data transmission between your computer and our server. This means that data transmission is always encrypted. We also maintain up-to-date technical measures to ensure data security, in particular to protect your personal data during data transfers and to prevent third parties from gaining knowledge of it. These are adapted to the current state of the art. Your personal data is always stored in compliance with the statutory regulations within the Federal Republic of Germany.

12. right to information, rectification, erasure (to be forgotten), restriction of processing, data portability, objection and withdrawal of consent.

You have the right to request information from us at any time in accordance with the provisions of Art. 15 GDPR about the data we have stored about you. You can also view this data free of charge at any time without giving reasons, request its rectification in accordance with Art. 16 GDPR and/or erasure in accordance with Art. 17 GDPR and/or the restriction of the processing of your personal data in accordance with Art. 18 GDPR and/or exercise your right to data portability in accordance with Art. 20 GDPR and/or your right to object in accordance with Art. 21 GDPR and/or revoke any consent given to us for data collection and use without giving reasons. If you have given your consent to the use of data, you can revoke this at any time free of charge without giving reasons.

For this purpose and/or to obtain further information on the subject of data protection, please contact our company data protection officer at the address given in the imprint or by e-mail at the e-mail address datenschutz@rtrtg.de.

13. complaint about data protection violations to the supervisory authority

Anyone who believes that their rights have been violated in the collection, processing or use of their personal data can contact the competent data protection supervisory authority in accordance with Art. 77 para. 1 GDPR. The competent supervisory authority for complaints regarding the data processing carried out by us is the
supervisory authority
Bayerisches Landesamt für Datenschutzaufsicht (BayLDA)
Promenade 27
91522Ansbach
This authority will investigate the complaint and inform the data subject of the outcome.

14. amendment of the data protection declaration

As the processing procedures used may change/develop further due to technical progress and organizational changes, we reserve the right to further develop this data protection declaration in accordance with the new technical framework conditions. We therefore ask you to review our privacy policy from time to time. If you do not agree with the further developments that occur in the course of time, you can request in writing, in accordance with Art. 17 GDPR, the deletion of data that is not stored on the basis of other legal requirements, such as commercial or tax retention obligations.

Service provider and responsible body for this website is:

Raiffeisen Touristik Group GmbH
Burghauser Straße 4a
84503 Altötting
Phone: 08671 505-1000
Fax: 08671 505-1771
Managing Director: Wolfgang Altmüller
Commercial register: AG Hamburg HRA 99961
VAT ID No. DE 186 194 857

For further information on the responsible body, please refer to the legal notice on our website.

RTG-white

RT/Raiffeisen Touristik Group GmbH
Burghauser Str. 4 a
84503 Altötting