top of page

Data protection

Data protection information pursuant to Art. 13/14 GDPR

1. Responsible party

Novus Concierge

Schöngartenstraße 54

88131, Lindau, Germany

Phone: +49 151 29768437

Email: info@novusconcierge.de

 

2. Purposes and legal basis of data processing

We process personal data in order to provide our concierge services. These include, among other things:

Arranging services and reservations

Organizing services (travel, events, errands, etc.)

Customer communication and service processing

Contract management and invoicing

Optimization of our range of services

Legal bases according to the GDPR:

Art. 6 (1) (b) – fulfillment of a contract or implementation of pre-contractual measures

Art. 6 (1) (a) – consent (e.g., when passing on data to third parties)

Art. 6 (1) (f) – legitimate interest (optimization and secure provision of our services)

Art. 6 (1) (c) – legal obligations (e.g., tax retention obligations)

 

3. Categories of data processed

We process the following personal data in particular:

• Master data: name, address, contact details

• Order and service data: desired services, booking details, preferences

• Payment data: billing information, payment status (no bank details unless necessary)

• Communication data: emails, phone calls, chat histories

• Special categories, if relevant and voluntarily provided (Art. 9 GDPR) – e.g., health information for travel bookings

4. Data sources

We usually receive data directly from you.

In addition, data may be transmitted via third parties authorized by you (e.g., hotel partners, travel providers, delivery services).

5. Recipients and disclosure of data

We only disclose personal data if this is necessary to fulfill our services or if you give your prior consent. Possible recipients are:

• Hotels, restaurants, event organizers

• Travel agencies and transport service providers

• Delivery and service partners

• IT service providers, software providers

• Tax advisors or authorities (in the case of legal obligations)

Data will only be transferred to third countries (outside the EU) if this is necessary for the provision of services (e.g., hotel bookings) and if appropriate security measures in accordance with the GDPR are in place.

 

6. Storage period

We only store personal data for as long as is necessary to fulfill the respective purposes.

Statutory retention obligations (e.g., tax 6–10 years) remain unaffected.

7. Your rights

You have the following rights at any time:

• Information about stored data (Art. 15 GDPR)

• Correction of inaccurate data (Art. 16 GDPR)

• Deletion (“right to be forgotten,” Art. 17 GDPR)

• Restriction of processing (Art. 18 GDPR)

• Data portability (Art. 20 GDPR)

• Objection to data processing (Art. 21 GDPR)

• Withdrawal of consent (Art. 7 (3) GDPR)

To exercise your rights, please contact us using the contact details above.

8. Right to lodge a complaint

You have the right to lodge a complaint with a data protection supervisory authority. The authority responsible is the authority of the federal state in which you live or in which our company is based.

9. Data security

We use technical and organizational measures to protect your data from loss, misuse, unauthorized access, and manipulation.

10. Up-to-dateness of the privacy policy

This privacy policy is regularly updated and adapted.

Status: 02/2025

bottom of page