Положения о защите данных (на английском языке)

The protection of your personal data and your private sphere is very important to us. Therefore we adhere to the regulations of the Federal Data Protection Act (BDSG) as a matter of course. The purpose of this Act is to protect individuals from detriment to their personal rights during the handling of their personal data. Because you have a right to information, we herewith inform you of our public directory of procedures in conformity with §§ 4 ff BDSG.

You can, of course, object to the use of your data at any time, unless they are required for completing a contractual relationship. As a rule, however, this is not necessary, because in accordance with the statutory provisions we automatically delete your personal data as soon as they are no longer necessary for the contractual relationship. If you, nonetheless would like to be proactive, simply send us an e-mail to You will receive confirmation at your return address as soon as the data has been entered into our system. Our data protection officers will be happy to answer any further questions (contact data below).

For reasons of readability we are not using gender distinctions in our text, although both female as well as male users are being addressed.

1. Responsible authority

Verkehrsverein Nürnberg e.V. Congress- und Tourismus-Zentrale Nürnberg (Nuremberg Convention and Tourist Office, hereinafter CTZ)

2. Represented by

Chairman: Dr. Ulrich Maly 
1st Deputy Chairman: Dr. Gerhard Engelmann 
Managing Director: Yvonne Coulin

Responsible data processing managers: 
Gerhard Arnold, Ulrike Schmidt

Data protection officer: 
Kerstin Blossey 
Tel.: +49 (0)9856/9219991
E-Mail: datenschutz(at)

The competent data protection authorities: 
Bayerisches Landesamt für Datenschutzaufsicht 
Promenade 27 (Schloss), 91522 Ansbach 
Tel.: +49 (0)981/53-1300 
Fax: +49 (0)981/53-5300

3. Address of responsible authority

Congress- und Tourismus-Zentrale Nürnberg (CTZ) 
Frauentorgraben 3 
90443 Nürnberg

4. Specification of purpose

The Verkehrsverein Nürnberg e. V. is an organization officially commissioned by the City of Nuremberg to deal with all the questions regarding city tourism in Nuremberg. For this purpose the Verkehrsverein (Tourist Office) is divided up into three business segments: the Congress- und Tourismus-Zentrale, the Tourist Information Office and the Incoming- und Congress Office Nuremberg-Fürth. The tasks of the organization include: market observation, design and distribution of offers for which bookings can be made; advising of companies, authorities as well as convention and travel organizers; advertising, sales promotion and public relations work for tourism programs; agency services for tourism services such as hotel accommodation, restaurant booking, city tours and excursions; information and advising of individual guests and groups of guests before and after a stay; sales of goods and services to customers in the Tourist Information Office; representation of Nuremberg's city tourism interests in regional, national and international associations and organizations.

5. Groups of persons concerned

  • Parties interested in our range of offers
  • Customers 
  • External service providers and their employees 
  • Our employees 
  • Cooperation and distribution partners
  • Contact persons to the above listed groups

6. Relevant data or data categories

  • First and last name, if necessary, also maiden name
  • Date of birth (if required) 
  • Customer number 
  • Address
  • Telephone number(s) 
  • E-mail address 
  • Bank reference/ Credit card details 
  • Elements for identification of a user
  • Information on the start, duration and end of a contractual relationship 
  • Type and extent of performance, services and subscriptions made use of 
  • Data in the context of an employment relationship 
  • Information on customer satisfaction (customer service) 
  • Data which customers themselves send 
  • Voluntary information from customers on individual restrictions that should be taken into consideration in completing an order for the customer (e.g. physical impairments, nutritional habits)

Provided you have given written consent for this we will also use your data for

  • Advertising campaigns and measures 
  • Market research
  • Consumer behavior analyses

to optimize our services for our customers.

7. Recipients or categories of recipients of data

  • Internal departments and their employees
  • Employees of third-party providers (e.g. hotel reception desk) 
  • Cooperation and distribution partners 
  • Public authorities in the event of legal obligations taking priority

Provided you have given your written consent for this we will also use your data for

  • Market research institutes 
  • Other authorities

to optimize our services for our customers.

8. Standard time limits for deletion of data

The time limits regarding the obligation of data retention and deletion of personal data are currently not clearly regulated, because in many areas judicial decisions require an adjustment of the time limits. Where there are regulations, we fulfill the obligation of routinely deleting your data. This concerns in particular the following data and time limits:

  • Connection data => deleted after use
  • Contact data after objection => deleted immediately, provided this does not conflict with other legal time limits

If deletion is not possible for technical or organizational reasons, your data will be barred from further processing or use in compliance with data protection.

9. Data transfer abroad

Transfer of your personal data to EU or third countries is not currently being carried out nor is this planned.

10. Security measures pursuant to § 9 BDSG + Attachment

We have taken a number of precautions to protect your data. A detailed description would be contra productive in as much as the structure itself would also be open to attack. For this reason the legislators stipulate in their own interest according to the Federal Data Protection Act that information on the technical and organizational individual measures should not be made available to the public.

We assure you, however, that we have taken diverse steps, appropriate to a company of our size, under the following requirements of the §9 BDSG (Federal Data Protection Act) and continue to improve these:

  • Physical access control 
  • Logical access control
  • Security check
  • Transfer control 
  • Input control 
  • Order control 
  • Availability check 
  • Separation rule