Declaration of Confidentiality

1. Data Protection at a Glance

    General Remarks

    The following remarks provide a simple overview of what happens to your personal data when you visit our website. Personal data is any data that allows you to be personally identified. More detailed information on data protection can be found in the privacy policy below.

    Data Collection on Our Website

    Who is responsible for data collection on this website?

    The data processing on this website is carried out by the website operator, whose contact details can be found in the legal notice of the website.

    How do we collect your data?

    Some data is collected when you provide it to us, for example by entering it into a contact form. Other data is collected automatically by our IT systems when you visit the website. This is primarily technical data (e.g., internet browser, operating system, or the time of page access). This data is collected automatically as soon as you enter our website.

    What do we use your data for?

    Part of the data is collected to ensure the error-free provision of our website. Other data may be used to analyze your user behavior.

    What rights do you have regarding your data?

    You have the right to receive data about the origin, recipient, and purpose of your stored personal data at any time, free of charge. You also have the right to request the correction, restriction of processing while we verify the accuracy, blocking, or deletion of these data. You have the right to lodge a complaint with the competent supervisory authority. More information on your rights can be found at https://cnpd.public.lu/fr/particuliers/vos-droits.html.

    Analytical Tools and Third-Party Tools

    Your browsing behavior may be analyzed statistically when you visit our website. This is mainly done using cookies and analysis programs. The analysis of your browsing behavior is usually anonymous; browsing behavior cannot be traced back to you. You can object to this analysis or prevent it by not using certain tools. More detailed information on this can be found in the privacy policy below.

    2. General Remarks and Mandatory Data

      Data Protection

      The operators of this website take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the legal data protection regulations and this privacy policy.

      Various personal data are collected when you use this website. Personal data is any data that allows you to be personally identified. This privacy policy explains what data we collect and what we use it for. It also explains how and for what purpose this happens.

      We point out that data transmission over the Internet (e.g., communication by e-mail) may have security vulnerabilities. It is not possible to completely protect data from third-party access.

      Information about the Responsible Party

      The responsible party for data processing on this website is:

      WEBTAXI S.à r.l.
      85, Rue du Golf
      L-1638 Senningerberg
      Phone: +352 27 515
      Email: dpo@ew.lu

      The responsible party is the natural or legal person who, alone or jointly with others, determines the purposes and means of processing personal data (e.g., names, email addresses, etc.).

      Revocation of Your Consent to Data Processing

      Many data processing operations are only possible with your express consent. You can revoke your consent at any time by sending us an informal email. The legality of the data processing carried out before the revocation remains unaffected by the revocation.

      Right to Lodge a Complaint with the Competent Supervisory Authority

      In case of data protection violations, the person concerned has the right to lodge a complaint with the competent supervisory authority. The competent supervisory authority for data protection issues is the CNPD (Commission nationale pour la protection des données): https://cnpd.public.lu/fr.html.

      Right to Data Portability

      You have the right to receive the data that we process based on your consent or in the execution of a contract, in a commonly used, machine-readable format, or to request its transfer to another controller. The direct transfer of data to another controller will only be done if it is technically feasible.

      SSL/TLS Encryption

      This site uses SSL/TLS encryption for security reasons and to protect the transmission of confidential content, such as orders or inquiries you send to us as the site operator. A secure connection is indicated by the browser’s address bar changing from “http://” to “https://” and the lock icon appearing in your browser bar.

      If SSL/TLS encryption is enabled, the data you transmit to us cannot be read by third parties.

      Secure Payments on this Website

      If the conclusion of a contract involves the obligation to provide us with your payment data (e.g., account number for direct debit authorization), this data is required for payment processing.

      Payment transactions via the common means of payment (Visa/MasterCard, direct debit) are carried out exclusively via an SSL/TLS-encrypted connection. A secure connection is indicated by the browser’s address bar changing from “http://” to “https://” and the lock icon appearing in your browser bar.

      When SSL/TLS encryption is enabled, the payment data you transmit to us cannot be read by third parties.

      Information, Correction, Blocking, Deletion

      Within the framework of the applicable legal provisions, you have the right to obtain information about your stored personal data, its origin and recipient, and the purpose of the data processing free of charge at any time, and, if applicable, a right to correction, blocking, or deletion of this data.

      If you find that data about you is inaccurate or irrelevant, but you do not want it deleted, you can request a restriction of your data. In the case of a restriction, the data can no longer be processed in any way.

      If you have questions about this or any other aspect of personal data, you can contact us at any time at the address provided in the legal notice.

      Objection to Advertising Emails

      We hereby object to the use of contact data published in the context of the legal notice for sending unsolicited advertising and information materials. The operators of this website expressly reserve the right to take legal action in the event of unsolicited sending of advertising information, such as spam emails.

      3. Data Protection Officer

        Legal Data Protection Officer

        We have appointed a data protection officer for our company.

        Contact details:

        Philippe Tex
        Z.A. Reckschléed – L-5411 Canach
        Phone: 35 65 75 – 409
        Email: dpo@ew.lu

        4. Data Collection on Our Website

          Cookies

          Some of our web pages use cookies. Cookies do not harm your computer and do not contain viruses. Cookies help make our offer more user-friendly, effective, and secure. Cookies are small text files that are stored on your computer and saved by your browser.

          Most of the cookies we use are so-called “session cookies.” They are automatically deleted after your visit. Other cookies remain stored on your device until you delete them. These cookies enable us to recognize your browser the next time you visit.

          You can configure your browser to inform you about the setting of cookies, to allow cookies only in individual cases, to exclude the acceptance of cookies in certain cases or generally, and to activate the automatic deletion of cookies when closing the browser. Disabling cookies may limit the functionality of this website.

          Cookies necessary for the communication process or for providing certain functions you wish to use (e.g., the shopping cart function) are stored in accordance with Article 6(1)(f) of the GDPR. The website operator has a legitimate interest in storing cookies to ensure the technically error-free and optimized provision of its services. If other cookies (e.g., cookies for analyzing your browsing behavior) are stored, they will be treated separately in this privacy policy.

          Server Log Files

          The website provider automatically collects and stores data in so-called server log files, which your browser automatically transmits to us. These are:

          • Browser type and browser version
          • Operating system used
          • Referrer URL
          • Host name of the accessing computer
          • Time of the server request
          • IP address

          These data are not merged with other data sources.

          The data is processed based on Article 6(1)(b) of the GDPR, which allows data processing for the execution of a contract or pre-contractual measures.

          Contact Form

          If you send us inquiries via the contact form, your details from the inquiry form, including the contact details you provided, will be stored by us to process the inquiry and in case of follow-up questions. We do not pass on these data without your consent.

          The data entered in the contact form is processed based on your consent (Article 6(1)(a) of the GDPR). You can revoke this consent at any time by sending us an informal email. The legality of the data processing operations carried out before the revocation remains unaffected by the revocation.

          We will retain the data you provide in the contact form until you request us to delete it, revoke your consent to store it, or the purpose for storing the data no longer applies (e.g., after your inquiry has been processed). Mandatory statutory provisions, especially retention periods, remain unaffected.

          Registration on this Website

          We do not manage user registrations on this website. Users now register with Autocab, our booking software provider. You can access this booking software online by clicking the ‘Login’ or ‘Book’ button on our website.

          All data regarding the booking process is managed by Autocab and not on our website or our servers.

          You can revoke your consent at any time by sending us an informal email.

          For more information, see Section 9 ‘Registration’.

          Data Processing (Clients and Contracts)

          We collect, process and use personal data only insofar as this is necessary for the establishment, content or modification of the legal relationship (permanent data). This is based on Article 6(1)(b) of the GDPR, which allows data processing for the execution of a contract or pre-contractual measures. We collect, process, and use personal data on the use of our web pages (usage data) only to the extent necessary to enable the user to use the service or to bill the user.

          The collected customer data will be deleted after the conclusion of the order or termination of the business relationship. Legal retention periods remain unaffected.

          Data Transfer upon Contract Conclusion for Online Shops, Dealers, and Goods Dispatch

          We only transfer personal data to third parties if this is necessary for the contract processing, for example to the companies entrusted with the delivery of the goods or the bank responsible for processing the payment. No further transfer of data takes place unless you have expressly consented to the transfer. Your data will not be passed on to third parties without your express consent, for example for advertising purposes.

          The data is processed based on Article 6(1)(b) of the GDPR, which allows data processing for the execution of a contract or pre-contractual measures.

          Data Transfer upon Contract Conclusion for Digital Services and Content

          We only transfer personal data to third parties if this is necessary for the contract processing, for example to the bank responsible for processing the payment.

          No further transfer of data takes place unless you have expressly consented to the transfer. Your data will not be passed on to third parties without your express consent, for example for advertising purposes.

          The data is processed based on Article 6(1)(b) of the GDPR, which allows data processing for the execution of a contract or pre-contractual measures.

          5. Analytical Tools and Advertising

          IP Anonymization

          We have activated the IP anonymization function on this website. This means that your IP address will be truncated by Google within the member states of the European Union or in other contracting states of the Agreement on the European Economic Area before being transmitted to the USA. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and truncated there. On behalf of the operator of this website, Google will use this data to evaluate your use of the website, compile reports on website activity, and provide other services relating to website activity and internet usage for the website operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.

          Matomo

          This website uses Matomo, an open-source, self-hosted software to collect anonymous usage data for this website.

          The data on visitor behavior is collected to identify any problems such as pages not found, search engine problems, or unpopular pages. Once the data is processed (number of visitors seeing error pages or only one page, etc.), Matomo generates reports for website owners to react to. (layout changes, new content, etc.)

          Matomo processes the following data:

          • Cookies
          • Anonymized IP addresses by removing the last 2 bytes (so 198.51.0.0 instead of 198.51.100.54)
          • Pseudonymized location (based on anonymized IP address)
          • Date and time
          • Title of the page being viewed
          • URL of the page being viewed
          • URL of the previous page (if it allowed it)
          • Screen resolution
          • Local time
          • Files that were clicked and downloaded
          • External links
          • Page generation time
          • Country, region, city (with low accuracy due to IP address)
          • Main language of the browser
          • User agent of the browser

          Meta Pixel

          This website uses the “Facebook Visitor Action Pixel.” You have consented to this by giving your consent via “I accept the collection of my data as described above.” If you are under 13 years old, please ask a parent or guardian for permission. The service provider is Facebook Inc., 1 Hacker Way, Menlo Park, California 94025, USA.

          If you have been redirected to this website by clicking on one of our advertisements on Facebook or Instagram, conversion tracking is in place by setting a cookie on your device. We use this technology to continuously improve the offers, advertising campaigns, and quality of our Facebook pages, Instagram profiles, and this website. Conversion tracking means that the usage and click behavior after clicking on an advertisement is tracked and evaluated to optimize the structure of our website and future advertisements for all users.

          The data generated in this way cannot be associated with individual users as it is anonymous to us. Facebook stores this data; we are not aware of the nature of its further processing. You can find more information about this in Facebook’s data policies: http://de-de.facebook.com/policy.php

          6. Plug-ins and Tools

          YouTube

          Our website uses plugins from the YouTube site, operated by Google. The operator of the site is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA.

          When you visit one of our pages equipped with a YouTube plugin, a connection to the YouTube servers is established. The YouTube server is informed about which of our pages you have visited.

          If you are logged into your YouTube account, you enable YouTube to associate your browsing behavior directly with your personal profile. You can prevent this by logging out of your YouTube account.

          The use of YouTube is in the interest of an attractive presentation of our online offers. This constitutes a legitimate interest pursuant to Article 6(1)(f) of the GDPR.

          For more information on the handling of user data, please refer to YouTube’s privacy policy at: https://www.google.fr/intl/fr/policies/privacy

          Vimeo

          Our website uses plugins from the Vimeo video portal. The provider is Vimeo Inc., 555 West 18th Street, New York, New York 10011, USA.

          When you visit one of our pages equipped with a Vimeo plugin, a connection to the Vimeo servers is established. The Vimeo server is informed about which of our pages you have visited. Vimeo also obtains your IP address. This applies regardless of whether you are logged into your Vimeo account or do not have a Vimeo account. The data collected by Vimeo is transmitted to the Vimeo server in the USA.

          If you are logged into your Vimeo account, you enable Vimeo to associate your browsing behavior directly with your personal profile. You can prevent this by logging out of your Vimeo account.

          For more information on the handling of user data, please refer to Vimeo’s privacy policy at: https://vimeo.com/privacy

          Google Web Fonts

          For uniform representation of fonts, this page uses web fonts provided by Google. When you call up a page, your browser loads the required web fonts into your browser cache to display texts and fonts correctly.

          For this purpose, the browser you use must connect to Google’s servers. Google thus becomes aware that our website was accessed via your IP address. The use of Google Web Fonts is in the interest of a uniform and attractive presentation of our online offers. This constitutes a legitimate interest pursuant to Article 6(1)(f) of the GDPR.

          If your browser does not support web fonts, a default font is used by your computer.

          Further information about Google Web Fonts can be found at https://developers.google.com/fonts/faq and in Google’s privacy policy at: https://www.google.fr/policies/privacy/

          7. Social Networks

          Each access to one of our profiles on social networks (Facebook, Instagram, LinkedIn, YouTube, TikTok) generates various data, such as the amount of data transmitted, the IP address used, or the time of access. The technical access and further use of the data generated when accessing one of our profiles on social networks are fundamentally managed by the operators of these social networks. We do not have access to the usage data collected and cannot determine how these data are used by the different operators. Therefore, we cannot be held responsible for how these data are handled from a data protection perspective. However, we draw your attention to the fact that the data processing carried out by Facebook, Instagram, LinkedIn, YouTube, or TikTok may take place outside the European Union or the European Economic Area. Please contact the operators directly for further details on how they handle the collected data.

          The operators of social networks only provide us with anonymous, statistical analyses of the access to the profile we have opened on their networks. We also see, like any other user, the messages posted by individuals on these profiles. We do not perform any further analysis of these data.

          We would like to draw your attention to the fact that the messages you post on the profiles we have on these social networks are essentially viewable worldwide.

          For more information on the handling of your data by Facebook, see: https://www.facebook.com/full_data_use_policy

          For more information on the handling of your data by Instagram, see: https://help.instagram.com/519522125107875?helpref=page_content

          For more information on the handling of your data by LinkedIn, see: https://www.linkedin.com/legal/privacy-policy

          For more information on the handling of your data by YouTube, see: https://www.youtube.com/static?template=terms

          For more information on the handling of your data by TikTok, see: https://www.tiktok.com/legal/page/eea/privacy-policy/en

          8. Reservations

          Execution of Your Booking Request and Other Offers and Services

          To perform the services we offer, we need personal data concerning you as part of the intermediary service contract in accordance with Article 6(1)(b) of the GDPR, such as your title, name, date of birth if applicable, address, email address, phone number, and, if applicable, your bank details or credit card data. To book certain types of services, we also need the personal data of the persons accompanying you. Please ensure that you provide us with all the data of the persons accompanying you with their consent.

          We transfer these personal data to the involved service providers, such as members affiliated with our booking center or the electronic booking system. Without these data, we would not be able to execute the booking of a service.

          Reservations made online or via the Webtaxi app are managed by the provider Autocab. For more information on the management of your data and Autocab’s privacy policies, please refer to their privacy policy here: https://www.autocab.com/privacy-policy

          Direct payments for reservations made online or via the Webtaxi app are managed by the provider Judopay. For more information, see Section 10 ‘Payment Service Provider’.

          9. Registration

          Registration with Autocab

          The data entered during registration with Autocab is processed based on your consent (Article 6(1)(a) of the GDPR). You can revoke your consent at any time by contacting Autocab directly. The revocation does not affect the legality of the data processing carried out before the revocation.

          For more information on the management of your data and Autocab’s privacy policies, please refer to their privacy policy here: https://www.autocab.com/privacy-policy

          10. Payment Service Provider

            Judopay

            We do not manage credit card payments on our website. All payments are now processed by our payment service provider, Judopay, operated by Alternative Payments Limited, Rise London, 41 Luke Street, London, EC2A 4DP, United Kingdom. Judopay is responsible for managing all payment-related data.

            The payment data you provide is processed based on your consent (Article 6(1)(a) of the GDPR) and transmitted directly to Judopay for secure processing.

            The processing of payment data and execution are exclusively handled by Judopay. Judopay also informs us whether a direct debit of a payment and thus the reservation has been successfully made.

            Judopay is not responsible for processing contract data, but only for executing the payment.

            Judopay’s privacy policies confirm that your personal data is processed in accordance with the GDPR.

            You can revoke your consent at any time by sending us an informal email. The revocation does not affect the legality of the data processing carried out before the revocation.

            For more information on the management of your data and Judopay’s privacy policies, please refer to their privacy policy here: https://www.judopay.com/privacy-notice/privacy-policy