Privacy Policy
1. Privacy Protection Overview
General remarks
Privacy is an important matter for Voyages Emile Weber, this declaration explains how your personal data is processed when you browse our website.
Data collection on our website
Who is responsible for data collection on this website?
Data on this website is processed by the website operator, whose contact details may be found in this website’s legal notices.
How do we collect your data?
Some data is collected when provided by yourself, for example when filling out the contact form. Other data is collected automatically by our computer systems when you browse our website. It is mainly a matter of technical data (e.g., internet browsers, operating systems, or the time at which the page was viewed). Data is collected automatically once you access our website.
Why do we collect your data?
Some of the data is collected to ensure our website may be used without error messages. Others may be used to analyse your user behaviour.
What are your rights regarding your data?
You are entitled to receive information free of charge about the origin, recipient, and the purpose of your saved personal data at any time. Furthermore, you are entitled to ask for data to be corrected and limit its processing until we verify its accuracy, you may request for it to be blocked or erased and may take action with the relevant supervisory authority.
Further information regarding your rights can be found below: https://cnpd.public.lu/en/particuliers/vos-droits.html
Analysis tools and third-party service provider tools
Your browsing behaviour may be subject to statistical analysis when you view our website, mainly by using cookies and analysis programs. Your browsing behaviour analysis is mainly anonymous, this means that your browsing behaviour cannot be traced back to you. You may object to this analysis or prevent it by not using some tools. More information can be found about this in the confidentiality declaration below.
2. General remarks and mandatory information
Data protection
The website operators take protection of your personal data very seriously. We process your personal data in a confidential manner and in accordance with Luxembourgish and European legal provisions regarding data protection such as the General Data Protection Regulation (N°679/2016/EU) (GDPR), as well as this confidentiality declaration.
A variety of personal data is collected when you use this website. Personal data is data which personally identifies you. This confidentiality declaration explains the data we collect and what we use it for. It also explains how and why.
We would like to draw your attention to the fact that transferring data on the internet (for example via email communications) may present security shortcomings. It is impossible to fully protect data from being accessed by third parties.
Information about the responsible organisation
The organisation responsible for data processing on this website is:
Voyages Emile Weber S.à r.l.
Z.A. Reckschleed L-5411 Canach, Luxembourg
Telephone: (+352) 35 65 75 – 1
Email: dpo@ew.lu
The organisation responsible is a physical person or entity, who, alone or with others, may make decisions about the purpose and means used to process personal data (e.g., surnames, email addresses, etc.).
Withdrawal of consent for data processing
Many data processing processes require your express consent. You may withdraw your consent at any time and object to the processing of your data in the future; you simply need to send us an informal email. Withdrawal does not affect the legality of data processing processes performed prior to withdrawal.
Right to take action with the relevant supervisory authority
In the event of a data protection infraction, the person affected is entitled to take action with the relevant supervisory authority. The relevant supervisory authority for data protection matters is the CNPD (National Commission for Data Protection): https://cnpd.public.lu/en.html
Right to data portability
You are entitled to recover or provide the data we automatically process to a third-party based on your consent or as part of fulfilling a contract, in a format that is currently used and readable by a machine. Any request from yourself to directly transfer data to another entity responsible for processing data will only be carried out if the transfer is technically possible.
SSL/TLS encryption
This website uses SSL/TLS encryption for security purposes and to protect confidential content transfers such as orders or requests you send to us as site operator. A secure connection may be identified by “https://” in the browser address bar rather than “http://” as well as a padlock which appears.
Data you transmit cannot be read by third parties when the SSL/TLS encryption is activated.
Secure payments on this website
If you are required to send your payment details to us when you sign a contract for a paid service (e.g., account number for authorising a direct debit), these details are needed to complete payment.
Payment by the usual means (Visa/MasterCard, direct debit) is only carried out via an SSL/TLS secure connection. A secure connection may be identified by “https://” in the browser address bar rather than “http://” as well as a padlock which appears.
The payment data you transmit to us cannot be read by third parties during a secure connection.
Blocking and erasing data
As part of the current legal provisions, you may obtain information free of charge about your personal data which has been stored, about its origin, its recipient, as well as the purpose for the data processing, and, as the case may be, you are entitled to correct, block or erase this data. If you have any questions about this subject or any other aspect of personal data, you may contact us at the address stated in the legal notices.
Objection to advertising emails
It is hereby prohibited to use the contact details published in the legal notices to send advertising material and information that has not expressly been requested. The operators of this website expressly have the right to undertake legal action in the event of receiving unsolicited advertising such as spam.
3. Data Protection Officer
Legal Data Protection Officer
Our company has appointed a Data Protection Officer.
Please find their contact details below:
Philippe TEX
Z.A. Reckschleed, L-5411 Canach, Luxembourg
Telephone: (+352) 35 65 75 – 409
Email: dpo@ew.lu
4. Data collection on our website
Cookies
Internet pages sometimes use things called “cookies.” Cookies do not damage your computer in any way and do not contain viruses. Cookies help make our website more user-friendly, efficient, and secure. Cookies are little text files which are memorised on your device and stored on your browser.
Most of the cookies we use are what we call “session cookies.” They are automatically erased at the end of your visit. The other cookies stay saved on your device until you erase them. Cookies allow us to recognise your browser when you next visit.
Your browser may be set up to inform you when cookies are created, to not install them in specific cases, to exclude accepting cookies in some cases or in general and to activate automatic erasing of the cookies when you close your browser. Deactivation of cookies may restrict website functionality.
Cookies are necessary for running the electronic communication process or for some features you may wish to use (e.g., the “Basket” function), which are saved in accordance with article 6, paragraph 1, section f, of the GDPR. The website operator has a legitimate reason for saving cookies to ensure that services are technically free of errors and are optimised. Other cookies (e.g., cookies used for browsing behaviour analysis) will be handled separately in this confidentiality declaration.
Data from cookies is erased after a twelve-month period in any case.
Server log files
The website provider automatically collects and saves data in what we call server log files that your browser sends to us automatically. This data includes information about the type of browser and its version:
- the operating system used
- the referrer URL
- the host name of the access device
- the time of the request to the server
- the IP address
This data is not cross-checked with other data sources.
Data is processed based on article 6, paragraph 1, section b, of the GDPR, which authorises data processing when it is necessary to fulfil a contract or pre-contractual measures.
Contact form
If you send a request via the contact form, we will save the information provided in this form, including contact details to process your request and if there are any further questions. This data will not be transmitted without your consent.
The data provided in the contact form will only be processed according to your consent (article 6, paragraph 1, section a), of the GDPR). You may withdraw your consent at any time; you simply need to send us an informal email. Withdrawal does not affect the legality of data processing processes performed prior to withdrawal.
We store the data provided in the contact form until you request for it to be erased, until you withdraw your consent for its storage or until it is no longer required (e.g., once your request has been handled fully). The legally binding provisions - inter alia time limits for storing data - are not affected.
Data processing (customers and contracts)
We only collect, process, and use personal data that is necessary for establishing, arranging content, or modifying the legal relationship (permanent data). To do this we refer to article 6, paragraph 1, section b, of the GDPR, which authorises data processing when it is necessary to fulfil a contract or pre-contractual measures. We only collect, process, and use personal data from using our internet pages (data usage) when necessary to provide the user with a service or to invoice them for it.
Customer data collected is erased once the mandate has been completed or at the end of the business relationship. The legal provisions on time limits for storing data are not affected.
Transfer of data when entering into a contract for online shopping, retailers and sending goods
We only transfer personal data to third parties when it is necessary to fulfil a contract, for example to delivery companies or the credit institute in charge of payment completion. No other data transfer will take place unless you have expressly agreed to it. Your data is not transferred to third parties without your express agreement, for example for advertising.
Data is processed based on article 6, paragraph 1, section b, of the GDPR, which authorises data processing when it is necessary to fulfil a contract or pre-contractual measures.
Transfer of data when a contract has been signed for digital services and content
We only transfer personal data to third parties when it is necessary to fulfil a contract, for example to delivery companies or the credit institute in charge of payment completion.
No other data transfer will take place unless you have expressly agreed to it. Your data is not transferred to third parties without your express agreement, for example for advertising.
Data is processed based on article 6, paragraph 1, section b, of the GDPR, which authorises data processing when it is necessary to fulfil a contract or pre-contractual measures.
5. Analysis and advertising tools
Matomo
This website uses Matomo, an open source, self-hosted software to collect anonymous usage data for this website.
The data on visitor behaviour is collected to spot possible problems such as pages not found, search engine problems or unpopular pages. Once the data (number of visitors who see error pages or only one page, etc.) is processed, Matomo generates reports for website operators to react to. (layout changes, new content, etc.)
- Cookies
- Anonymised IP addresses by removing the last 2 bytes (i.e. 198.51.0.0 instead of 198.51.100.54)
- Pseudo-anonymised location (based on the anonymised IP address)
- Date and time
- Title of the page accessed
- URL of the accessed page
- URL of the previous page (if this is allowed)
- Screen resolution
- Local time
- Files that have been clicked and downloaded
- External links
- Duration of the page load
- Country, region, city (with low precision due to IP address)
- Main language of the browser
- User agent of the browser
6. Newsletter
Newsletter data
If you wish to receive the newsletter proposed on the website, we will need your email address as well as information to verify that the email address is indeed your own and that you agree to receiving the newsletter. No other data will be collected or solely on a voluntary basis. This data will only be used to send the requested information and will not be transferred to third parties. The data provided in the newsletter subscription form will only be processed according to your consent (article 6, paragraph 1, section a), of the GDPR). You may withdraw your consent for saving this data and your email address as well as its use for sending the newsletter at any time by using the newsletter unsubscribe link for example. Withdrawal does not affect the legality of data processing processes performed prior to withdrawal. We store the collected data to send the newsletter until you unsubscribe and will then be erased after this. Data saved for other purposes (e.g., email addresses in the member’s space) are not affected by this.
Mailchimp
In accordance with the GDPR, we only send electronic newsletters to persons who have given their express consent. These electronic newsletters are sent with the help of "Mailchimp software". This is a US-American software - the servers of this software are located in the U.S. According to Art. 44 GDPR, personal data such as names or e-mail addresses may only be processed in so-called third countries by Mailchimp if it has been checked whether compliance with data protection complies with European standards. Additional information can be found here: Collect Consent with GDPR Forms | Mailchimp
7. Plug-ins and tools
Vimeo
Our website uses plug-ins for Vimeo, the video portal. The provider is Vimeo Inc., 555 West 18th Street, New York, New York 10011, USA. When you browse one of our pages with a Vimeo plug-in, a connection is made to Vimeo’s servers. Page browsing history from our website will therefore be transmitted to the Vimeo server. Furthermore, Vimeo obtains your IP address. This is also the case when you are not logged in to your Vimeo account or do not have one. Data collected by Vimeo will be transferred to the Vimeo server in the USA. If you are logged in to your Vimeo account, you allow Vimeo to directly attribute your browsing behaviour to your personal profile. You can prevent this by logging out of your Vimeo account.
More information about managing user data with Vimeo may be found in Vimeo’s confidentiality rules: https://vimeo.com/privacy
Cloudflare
We use the Content Delivery Network (CDN) services of Cloudflare Germany GmbH, Rosental 7, c/o Mindspace, 80331 Munich, Germany (“Cloudflare”) in order to enhance the security, stability, and delivery speed of our website. This processing is based on our legitimate interest pursuant to Article 6(1)(f) GDPR. A CDN is a globally distributed network of servers designed to deliver website content efficiently and securely to users. In this context, personal data may be processed in Cloudflare server log files. Cloudflare acts as a data processor on our behalf and may receive personal data necessary for the provision of its services. The use of a CDN reflects our legitimate interest in maintaining a secure and high-performing online presence without operating our own content delivery infrastructure. You have the right to object to the processing of your personal data where such processing is based on legitimate interests. Whether an objection can be upheld depends on a balancing of interests on a case-by-case basis. The processing of the data specified in this section is neither legally nor contractually required. However, the functionality and security of the website cannot be guaranteed without such processing. Your personal data will be retained by Cloudflare only for as long as necessary to fulfil the purposes described above and in accordance with applicable legal retention obligations. Cloudflare has implemented appropriate safeguards for international data transfers, including the use of the European Commission’s Standard Contractual Clauses (SCCs), in compliance with the GDPR and applicable Luxembourg data protection requirements.
Further information is available at: https://cf-assets.www.cloudflare.com/slt3lc6tev37/6irgPTeaoaj1J5woivgzER/a9a61395ed36a9da51de8e14b743594c/Cloudflare_Standard_Contractual_Clauses_for_Customers_1_Oct_2020.pdf
Cloudimage
We use the services of Scaleflex SAS (Cloudimage), 55 Boulevard Vincent Auriol, 75013 Paris, France (“Cloudimage”), which processes, compresses, and delivers images displayed on our website via Content Delivery Networks (CDNs) on our behalf. To enable the display of images, Cloudimage processes your IP address as well as a technically necessary cookie. Your IP address may be temporarily stored in pseudonymised form within Cloudimage’s logging systems and may also be processed by authorised subcontractors engaged by Cloudimage. The processing of data by Cloudimage is strictly necessary for the operation, performance, and technical monitoring of our website and is therefore carried out in accordance with Article 6(1)(f) GDPR based on our legitimate interest in providing an optimised and secure presentation of website content. Insofar as cookies or similar technologies are used that are strictly necessary for the provision of the service, such processing is carried out in accordance with the applicable Luxembourg implementation rules relating to electronic communications and data protection. You have the right to object to the processing of your personal data in accordance with Article 21 GDPR. You may exercise this right by disabling image display in your browser settings or by blocking the relevant cookies. Please note that disabling cookies or image display functionality may result in certain website content no longer being displayed correctly or becoming unavailable.
Further information regarding the collection and use of data by Cloudimage can be found at: https://legal.scaleflex.com/privacy-and-data-processing
Facebook Pixel
This website uses the “Meta Pixel” (formerly Facebook Pixel), a service provided by Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland (“Meta”). The Meta Pixel enables us to measure the effectiveness of our advertising campaigns and to display targeted advertisements to users on Facebook and Instagram based on their interests and interactions with our website. With your consent, which is obtained through our cookie consent banner, Meta may collect information about your visit to this website and associate it with your Meta/Facebook profile or use it to create or enrich an advertising profile. This may include information indicating that a user has shown interest in specific categories, such as travel-related services. When a user visits this website, Meta may record that the user accessed the site and may use this information for personalised advertising purposes. This may also apply to users who do not actively use Facebook or Instagram services. No directly identifiable personal data is stored by us through the Meta Pixel. The information collected is processed and stored by Meta through cookies or similar technologies placed on the user’s device. We do not have access to personal profile data held by Meta. The processing of personal data through the Meta Pixel is carried out solely on the basis of your consent pursuant to Article 6(1)(a) GDPR. Consent may be withdrawn at any time with future effect via the cookie settings available on our website. If cookies are deleted from your browser, the information associated with the Meta Pixel will also be removed from your device.
Further information regarding the processing of personal data by Meta can be found in Meta’s Privacy Policy: https://www.facebook.com/business/gdpr
8. Social media
Each time you access one of your profiles on social media (Facebook, Instagram, LinkedIn, TikTok) various data is generated, for example about the quantity of data transmitted to the IP address used or about the time it was accessed. Technical access as well as usage of data generated later when accessing one of our profiles on social media is managed essentially by social media operators. We do not have access to the usage data collected and cannot determine how this data is used by the various operators. We cannot therefore be held responsible for the way this data is managed in terms of data protection. Nevertheless, we would like to draw your attention to the fact that data processing by Facebook, Instagram, LinkedIn, or TikTok may be carried out outside of the European Union or the European Economic Area. Please contact the operators directly for more information about how they manage the data collected. Social media operators only transmit statistics analyses, which are anonymous about access to the profile we opened on their networks. We also see, as can any other user, messages published by individuals on these profiles. We do not analyse this data. We would like to draw your attention to the fact that messages you publish on profiles we own on these social media can be viewed anywhere in the world.
- More information about how Facebook processes your data here: https://www.facebook.com/full_data_use_policy
- More information about how Instagram processes your data here: https://help.instagram.com/519522125107875?helpref=page_content
- More information about how LinkedIn processes your data here: https://www.linkedin.com/legal/privacy-policy
- More information about how TikTok processes your data here: https://www.tiktok.com/legal/page/eea/privacy-policy/en
9. Bookings & Geolocation
Bookings
For the purpose of processing your booking request and providing the services offered by us (including bookings of campers or caravans), we process personal data necessary for the performance of a contract in accordance with Article 6(1)(b) GDPR.
The personal data processed may include, in particular:
- title and full name,
- date of birth (where required),
- postal address,
- email address,
- telephone number,
- payment information such as bank account or credit card details.
For certain bookings and travel-related services, we may also require personal data relating to accompanying travellers. Please ensure that you provide such information only with the knowledge and consent of the individuals concerned. Your personal data may be shared with participating service providers and contractual partners involved in the booking process, including affiliated booking partners and electronic reservation systems, solely to the extent necessary for the fulfilment of the requested service. Without the provision of this data, it may not be possible to process or complete your booking. Reservations made online or via webcamper.lu are managed through the booking platform provider Rentsoft. For further information regarding the processing of your personal data and Rentsoft’s applicable privacy practices, please refer to their Privacy Policy available here: https://rentsoft.de/datenschutz/. Direct payments for reservations made online are processed by the payment service provider Stripe. Further information can be found under Section 10 “Payment Service Provider”.
Geolocation Services
Please be informed that all vehicles operated by the Voyages Emile Weber Group are equipped with a geolocation system. This system is implemented in order to comply with regulatory and operational requirements, ensure driver safety, protect company vehicles, and support public authorities in the event of accidents or incidents. The geolocation system collects location-related data as well as certain vehicle usage and driving behaviour data, such as speed, fuel consumption, and similar operational information. The system does not directly identify the driver or renter of the camper vehicle. Vehicle identification is limited to the vehicle registration number, and no direct contact details of the renter are stored within the geolocation system. The processing of such data is carried out on the basis of our legitimate interests pursuant to Article 6(1)(f) GDPR, including vehicle security, fleet management, fraud prevention, accident analysis, and compliance with legal obligations where applicable. Data relating to vehicle users is retained for a maximum period of three (3) months, unless a longer retention period is required in connection with an incident, legal claim, or regulatory obligation. Aggregated or statistical data may be retained for up to three (3) years. Please note that this information may also be accessed where necessary for the handling of complaints, investigations, or incidents, including allegations made by third parties (for example, speeding violations or accident reconstruction scenarios). For information regarding your rights of access, rectification, objection, or other data protection rights, please refer to Section 3 “Data Protection Officer”.
10. Payment Service Provider
Stripe
If you choose to pay by credit card via the provider Stripe, the payment will be processed by the company Stripe Payments Europe, Limited, 3 Dublin Landings, North Wall Quay, Dublin 1, D01 C4E0, Ireland, to whom we will transmit the information you provided to us during the order process, along with information related to your order, in accordance with Article 6(1)(b) of the GDPR. Your data will be transmitted exclusively for the purpose of processing the payment by the provider Stripe and only to the extent necessary for this purpose. The processing of payment data and execution are carried out exclusively by Stripe, which also informs us whether the direct debit of a payment — and thus the reservation — has been successfully completed. Stripe’s privacy policy confirms that your personal data is processed in accordance with the GDPR.
You can view Stripe’s privacy policy here: https://stripe.com/en-lu/privacy/
11. Collection and Recipients of Data
These Privacy Policy is available in German, French and English. In the event of discrepancies between these versions, the German text prevails.