1. Controller

Kerstin Brand and Andreas Brand
Neuteichnitzer Str. 53
02625 Bautzen
Germany
booking@cape-coral-holiday.com

2. Hosting

The website is hosted by netcup GmbH, Germany.
Server log files are processed automatically.

Legal basis: Article 6(1)(f) GDPR (legitimate interest in secure and stable operation of the website).

3. Booking System (Smoobu)

The website and booking system are operated via Smoobu GmbH.
Booking and contact data are processed.

Legal basis: Article 6(1)(b) GDPR (performance of a contract or pre-contractual measures).

4. Payment Service Providers

Payments are processed via PayPal and Stripe.
Personal data may be transferred to the United States in the course of payment processing.

Legal basis: Article 6(1)(b) GDPR.

5. Contact Form

The data entered into the contact form is processed for the purpose of handling inquiries.

6. Google Maps

Google Maps is integrated to display property locations.
Your IP address may be processed in this context.

7. Transfer of Data to Property Management

Sundreams Solutions Inc.
Cape Coral, Florida
United States

The following data is transferred:

• Name

• Telephone number

• Email address

Purpose: Coordination of check-in and on-site guest support.

Legal basis: Article 6(1)(b) GDPR.

8. Video Surveillance

Outdoor video surveillance is installed at the driveway and entrance area.
Storage period: maximum 72 hours.

Legal basis: Article 6(1)(f) GDPR (legitimate interest in property protection and security).

9. Data Subject Rights

You have the right to:

• access

• rectification

• erasure

• restriction of processing

• data portability

• objection

in accordance with the applicable provisions of the GDPR.

10. Right to Lodge a Complaint

You have the right to lodge a complaint with a supervisory authority.

The competent data protection authority is located in the Federal State of Saxony, Germany.

11. Transfer of Data to Third Countries (USA)

In the context of using payment service providers (PayPal, Stripe), Google Maps, and transferring guest data to the property management company in the United States, personal data may be transferred to the United States.

The United States is considered a third country within the meaning of the GDPR.

Data transfers take place:

• for the performance of a contract pursuant to Article 6(1)(b) GDPR

• on the basis of Article 49(1)(b) GDPR where the transfer is necessary for pre-contractual measures or for the performance of a contract

Where providers participate in the EU-US Data Privacy Framework, data transfers are carried out on that basis.

Please note that third countries may not provide a level of data protection equivalent to that within the European Union.

12. Cookies

Our website uses technically necessary cookies.

Cookies are small text files stored on your device that contain certain information.

We use exclusively:

• technically necessary cookies to provide the website

• functional cookies within the booking system (Smoobu)

Legal basis:

• Article 6(1)(f) GDPR (legitimate interest in technically error-free provision of the website)

• Section 25(2) TTDSG (technically necessary cookies)

We currently do not use analytics, tracking, or marketing cookies.

If this changes in the future, explicit consent will be obtained in advance.

13. Data Retention

Personal data is stored only as long as necessary:

• for the performance of the contract

• to comply with statutory retention obligations

• or for the assertion or defense of legal claims

After the expiration of statutory retention periods, the data will be deleted.