Data Protection
As of: October 2024
Data protection is very important to us. When you register, we process your personal data. Personal data may also be collected through the use of the website or the Android applications.
The processing of personal data is necessary to ensure the operation of the website with information about restaurants and the presentation and provision of services related to these topics. The processing of personal data is necessary to finance our offers and services and to improve them for users. However, we do this responsibly and only to the extent permitted by applicable data protection laws, especially the EU General Data Protection Regulation (GDPR).
The use of data for advertising purposes makes it possible to operate free offers and services. We also want to constantly improve and tailor offers and services specifically to the user, i.e., personalize them. We can only achieve this if we closely monitor and evaluate the use of the offers and services.
We will not do this and everything else that happens with your data secretly, but only with the necessary transparency. Therefore, we provide you with comprehensive information here about the what, how, and why of such processing. We have also compiled all relevant mandatory information that we are required to provide in accordance with the EU General Data Protection Regulation.
This privacy policy applies to all online offers and services available at www.restaurant-advisor.de. It also applies to other apps and other digital offerings from Restaurant Advisor that link here.
These include, in particular:
- the smartphone application "Digi Handwerk" for Android
The corresponding platforms, sites, apps, services, and offers are hereinafter referred to simply as "SERVICES."
Restaurant Advisor UG (limited liability), hereinafter referred to as Restaurant Advisor UG, is responsible for the protection of your personal data and compliance with the EU General Data Protection Regulation (GDPR). Restaurant Advisor UG operates the above-mentioned offers and services. Further contact details, contact persons, and mandatory information regarding Restaurant Advisor UG can be found in our Imprint.
If you have any further questions regarding data protection at Restaurant Advisor UG or would like to exercise your data protection rights (see "Your rights as a data subject"), please contact our data protection officer. You can reach him at the following email address:
The most important information at a glance:
I. What data is collected when you use our services?
Direct entry of clear data. When you register with us or create an account or use services such as the contact form for support requests, we request personal data from you via the corresponding forms that is recognizable and directly related to you or your identity (so-called clear data).
This clear data includes in particular your email address, username and password, as well as, for paid services, other contact details (name, postal address, telephone number), order, delivery and payment data. In addition, you can voluntarily provide further personal information about yourself, which will of course also be saved for you, for example in your user profile. Information about restaurants, reviews or pictures that you enter or upload and which contain personal details about you will of course also be saved and published.
We never request particularly sensitive data under data protection law (so-called special categories of data according to Article 9 GDPR - for example, relating to state of health, ethnicity, ideology, genetics, intimacy).
Data enrichment. We may occasionally enrich your data set with our own observations, but only with regard to presumed interests and only to the extent described in more detail below in this privacy policy. >
Pseudonymous data. In addition, data is also processed that has no directly identifiable reference to you as a person (so-called pseudonymized data). Pseudonymized means that although you or your computer or browser could be recognized under an ID (“pseudonym”), it is not possible to find out who exactly you are or how you can be contacted using conventional means. Pseudonyms are not combined with real data such as your name or email address, simply because in this case we do not need to know more than necessary.
This applies, for example, if we want to find out which pages of our service are clicked on particularly frequently and which not at all, or if we do not want to constantly show a user the same things.
Pseudonyms are also used to create user profiles by third-party providers or advertising partners (so-called third parties) that are integrated into the advertising banners within this service. Some of these also function on other applications or websites beyond our service.
If you would like to know more about certain things, we have compiled the details for you below.
II. Why is this data processed?
Personal data is processed primarily for the following purposes or based on the following legitimate interests:
- for customization: so as not to constantly suggest or display the same posts and banners to you, and, if possible, only those that are likely to interest you;
- to fulfill legal requirements, in particular commercial and tax retention obligations, and any disclosure obligations to authorities, as well as for criminal prosecution, the defense or enforcement of claims, including the exercise and enforcement of our 'digital house rules'.
- for fraud prevention, the verification of a specified delivery address, and credit checks, the outcome of which we may make dependent on the payment options we offer you;
- to maintain customer relationships and for direct marketing on our own behalf as well as for our sponsors, cooperation partners, or other third parties, both by us and, in part, independently by the respective third parties;
- To process and bill your order, to offer things like newsletters and competitions, or to implement functions such as uploading or commenting on content in a user-friendly manner;
- To ensure operation: to identify and prevent attack patterns and uncover system errors, to prevent you from receiving emails from us against your will;
- For optimization: to find out what statistically particularly excites our users and what not, and what else can possibly be improved when using our services;
- For financing: to place banners for advertisers as ordered and to use the advertising revenue to pay our editorial staff, photographers, technicians, etc., as well as to keep our services largely free of charge for you;
- For personalization: to be able to address you by name in the newsletter or on other occasions, to congratulate you on your birthday, or to integrate other topics, content, and banners specifically tailored to you into the services. Your personal data is processed lawfully on the basis of the EU General Data Protection Regulation, specifically – depending on the case – on the basis of your consent (e.g. when sending a newsletter), a contract concluded with you (e.g. when agreeing to our terms and conditions) or pre-contractual requirements, to fulfill legal or official requirements and/or after weighing up legitimate interests in the individual case (e.g. when using our platform) (see GDPR Article 6 Paragraph 1 Letters a), b), c) and f) or Section 15 Paragraph 3 German Telemedia Act).
To the extent that we process personal data based on consent or due to a balancing of legitimate interests, we only do so unless you object or revoke your consent. Since we cannot technically combine plain data with pseudonyms and are not legally permitted to do so, a uniform, general objection to all processing is not feasible. We explain further details on revocation and objection below in the details of the respective processing operations.
III. Is data also sent to third parties or to other EU countries?
Digi-Handwerk refrains from commercially sharing your data (selling, renting) with third parties and does not engage in address trading.
However, there are things that others can do better than us. Therefore, we have engaged a number of service providers. With some of them, we are part of a corporate group; with others, we are only connected for business purposes. Some service providers will have to have, or at least be able to have, access to personal data. This particularly applies to the IT technology we use to run, monitor, and analyze our services or individual functionalities and offerings. It also includes, among other things, billing and shipping orders, as well as the collection of outstanding invoices.
We engage all our service providers strictly in accordance with the requirements of the EU General Data Protection Regulation in writing and, for example, have the technical and organizational measures the service providers use to protect the personal data entrusted to them from misuse explained to us.
Restaurant Advisor UG operates servers exclusively in Germany. Some of the IT service providers we engage are not based within the EU or the European Economic Area (EEA) or store and process personal data there. Unless the EU Commission considers these areas to already have the same level of data protection as Germany, we always insist on the guarantees required by data protection law for such international transfers. Typically, this involves the conclusion of a data protection agreement specified by the EU Commission (so-called EU standard contractual clauses); especially for transfers to the USA, this also involves the service provider's participation in the so-called EU-US Privacy Shield.
In some cases, we also transfer data to third parties in compliance with data protection regulations, who then process the data independently.
Your rights as a data subject
According to the EU General Data Protection Regulation, you have the right to request information about your personal data (Article 15 GDPR), as well as to request rectification (Article 16 GDPR), erasure (Article 17 GDPR), or at least the restriction of processing (Article GDPR) of your personal data. You also have the right to data portability (Article 20 GDPR). You also have the right to revoke your consent to the processing of personal data at any time (Article 7 (3)) and to object to processing based on a balancing of legitimate interests (Article 21 (4) GDPR). You can object to the use of your data, for example, for newsletters (e.g. newsletters) or for advertising and market research purposes. To do so, please use the opt-out links provided by us in the respective newsletters or contact our customer service. Please note that for organizational reasons, there may be an overlap between your revocation of consent and the use of your data as part of an ongoing campaign. Pursuant to Art. 77 GDPR, you may lodge a complaint with a supervisory authority if you believe that the processing of your personal data is unlawful. To do so, please contact the data protection authority responsible for your place of residence or federal state, or the data protection authority responsible for us. This is:
State Commissioner for Data Protection and Freedom of Information Bavaria
PO Box 22 12 19
80502 Munich
Tel.: 089/212672-0
Email:
If you have any questions about this or general questions about data protection, please contact us at