Legal

Privacy Policy

This is a translation for your convenience. In case of discrepancies, the German privacy policy is legally binding.

1. Controller

Cindy & Damian Roller
Untere Schloßhalde 2
78351 Bodman-Ludwigshafen, Germany
Phone: +49 172 62 02 931
E-mail: info@aviva-bodman.de

2. Your rights under the GDPR

You have the right to access (Art. 15), rectification (Art. 16), erasure (Art. 17), restriction of processing (Art. 18), data portability (Art. 20) and objection to processing (Art. 21 GDPR). Where processing is based on consent, you may withdraw it at any time with effect for the future (Art. 7 (3) GDPR).

Complaints may be lodged with the supervisory authority: Landesbeauftragte für den Datenschutz und die Informationsfreiheit Baden-Württemberg, Lautenschlagerstraße 20, 70173 Stuttgart, Germany.

3. Hosting & server logs

This website is hosted by ALL-INKL.COM, Neue Medien Münnich, Inh. René Münnich, Hauptstraße 68, 02742 Friedersdorf, Germany. A data processing agreement under Art. 28 GDPR is in place. Data is processed exclusively in Germany.

When you access the site, the server stores technical log data (IP address, timestamp, transferred bytes, HTTP status, referrer, browser, operating system) for a maximum of 7 days for security and stability purposes. Legal basis: Art. 6 (1)(f) GDPR (legitimate interest in a stable and secure operation of the website).

4. Contact form & e-mail

When you use the contact form, we process the data you provide (name, e-mail, optional phone number, subject, message) solely to respond to your enquiry. Legal basis: Art. 6 (1)(b) GDPR (pre-contractual measures) or Art. 6 (1)(f) GDPR. Messages are kept for 12 months; if your enquiry leads to a booking contract, statutory retention periods of up to 10 years apply (§ 147 AO).

5. Newsletter (early-bird dates & tips)

You can sign up for our newsletter on this website (occasional emails with offers, available dates and tips for the region). We process your email address and, to document your consent, the time, IP address and page of your signup. Legal basis: Art. 6 (1)(a) GDPR (consent).

Before the first mailing we confirm your signup by email (double opt-in). You can unsubscribe at any time by replying to any of our emails or by writing to info@aviva-bodman.de; your data will then be removed from the list. We currently do not use an external newsletter provider; the data remains in our email inbox (hosting: ALL-INKL, see section 3).

6. Booking system (Smoobu)

For availability display and online bookings we use the booking system of Smoobu GmbH, Wattstraße 11, 13355 Berlin, Germany, our data processor under Art. 28 GDPR.

The Smoobu widget (booking form and availability calendar) is loaded on this site only after your explicit consent (two-click solution). No connection to Smoobu is established before you consent. Once activated, Smoobu processes: IP address, browser data, access timestamp and technical cookies required for the booking process.

When you complete a booking, Smoobu additionally processes name, address, e-mail, phone number, payment data, travel data, and any special arrangements (e.g. pets). Legal basis: Art. 6 (1)(b) GDPR. Storage period: 10 years (statutory commercial and tax retention rules, § 147 AO).

Smoobu's privacy notice: smoobu.com/en/privacy.

7. Cookies

This website sets no cookies of its own. Features that require cookies or similar technologies (such as the Smoobu booking widget) are only activated after your explicit consent. We may use sessionStorage in your browser to remember your consent for the duration of your visit; it is cleared automatically when the tab is closed. Legal basis: Art. 6 (1)(a) GDPR and § 25 (1) TDDDG (consent).

8. Web analytics (Matomo, cookieless)

To improve our website we use the self-hosted web analytics software Matomo, with no data transfer to third parties or third countries. Matomo is deliberately configured cookieless: no cookies are set and no cross-device profiles are created. We collect a truncated, anonymised IP address, pages visited, browser/device type and interactions such as clicks on booking and contact buttons.

Legal basis: Art. 6 (1)(f) GDPR (legitimate interest in anonymised usage analysis). As no cookies are set and no information is stored on your device, no consent under § 25 TDDDG is required. The "Do Not Track" browser setting is respected.

9. Fonts (self-hosted)

The fonts used on this website (Inter, DM Serif Display) are stored on our own server and delivered locally to your browser. No data is transmitted to Google Fonts or other third parties.

10. Linked external services

WhatsApp: Our contact page contains a link that opens WhatsApp. A connection to WhatsApp Ireland Ltd. (subsidiary of Meta Platforms, Inc., USA) is only established when you click the link.

Instagram & Facebook: Our footer contains links to our profiles on Instagram and Facebook (Meta Platforms Ireland Ltd.). These are plain links, not embedded plugins. Data is only transmitted to Meta when you click.

Google Maps (link only): On our location page we link to a Google Maps entry. This is a plain link, not an embed.

11. Booking portals (Booking.com, Airbnb)

Our apartments are also listed on Booking.com and Airbnb. If you book via these portals, the respective portal operator is the controller under the GDPR. Their privacy policies apply. We receive from them the data necessary to fulfil the contract.

12. Recipients & disclosure

Your personal data is disclosed solely to the recipients named in this policy and only where necessary to perform the contract, protect legitimate interests, or comply with statutory obligations (e.g. reporting to authorities, payment of the local tourist tax to the municipality of Bodman-Ludwigshafen).

13. Changes to this policy

We will update this notice if legal or technical changes make it necessary. The current version is always available on this page.

Last updated: June 2026