Use Easybooking GDPR compliant. Follow these instructions:

The GDPR compliant use of Easybooking

First of all, we have to clarify whether consent is required in order to integrate Easybooking GDPR compliant.

The use of Easybooking does not require consent. It can be carried out on one of the other applicable legal bases of Art. 6 GDPR.

A data processing agreement must be concluded with the processor (see https://www.easy-booking.at/wo/Services/com/eBook/legalDocs/legalDoc.php?legalDocName=avContract&legalDocType=www.easybooking.eu&legalDocCategory=guest&localeName=de_AT&content=textHTML). It must be checked whether all the criteria of Art. 28 GDPR are met and whether the technical and organizational measures specified by the service provider represent adequate protection for the risk.
The documents must be archived so that they can be proven to the supervisory authority if necessary.

1. Opt-in/Opt-out for Easybooking

Because Easybooking does not require consent, it can be carried out on one of the other applicable legal bases of Art. 6 GDPR. So no opt-in or opt-out decision has to be made. That means you don't need to ask your visitor if he want to or not.

2. Mention Easybooking in the privacy policy completely, simply and transparently

The privacy policy on your website must be comprehensive, transparent and accurate. It should be readable and understandable by anyone, even without legal training. It is important to include a section on Easybooking that clearly describes what data is collected, for what purpose it is used and who is responsible for it, as well as whether data is shared and what legal basis applies.

Privacy Statement for the Service EasybookingFor processing and organizing orders Processed data categories: data about your inquiry or contactYour IP address is a number assigned by your Internet Service Provider to any Internet connection. It is not always specific to your device and is not always a stable identifier.It is used to route information on the Internet and display online content (including ads) on your connected device.contact information like Name and e-mail address. Purpose of processing: display and booking of offers. The legal basis for processing: the need to fulfill an agreement or pre-contractual measures at your request (Article 6 (1) b GDPR). Data is transmitted: to the data processor Zadego GmbH, Anton-Melzer-Straße 10, 6020 Innsbruck, Austria (www.easybooking.at). 

3. Additional Information for Easybooking and GDPR

In addition to the above information, the data protection information must also contain the mandatory information from Art. 13 or 14 GDPR: Name and contact details of the controller, if necessary the contact details of the data protection officer, the purposes for which the personal data are to be processed, the legitimate interests, if the processing is based on Article 6 (1) f GDPR, the duration of the processing, information on the rights of the data subjects including the right to lodge a complaint with a supervisory authority, the possibility of simply revoking consent given, and information as to whether the Provision of the data is required by law or contract or what the possible consequences of non-provision would be. In the event that the data is used for automated decision-making, including profiling, meaningful information about the logic involved and the scope and impact on the data subject must be provided. The processing of the data must also be documented in the list of processing activities in accordance with Art. 30 GDPR. The information required for this can already be found in the privacy statement, which can be created from the previous information.

4. Use a Consent Management Provider CMP (cookie banner/cookie popup/cookie bar)

Different names, but usually the same purpose. CMP supports you with consent (opt-in and opt-out, data protection declaration and other GDPR topics. Technical support is recommended with regard to the GDPR and consent management in order to avoid errors.