Privacy Policy
This Privacy Policy explains how Familie Funck, operating as FUNCKYHOME (hereinafter "we", "us", or "FUNCKYHOME"), collects, uses, discloses, and protects your personal data in compliance with the General Data Protection Regulation (GDPR) (EU) 2016/679 and other applicable EU data protection laws. We are the data controller for the personal data we process in connection with our holiday apartment rental services. Our registered office is in the Municipality of Ratekau, Germany. This policy applies to all personal data collected through our website, bookings, inquiries, and during your stay. By using our services or providing your data, you consent to the practices described herein. If you do not agree, please do not use our services.
1. Contact Information Data Controller: Familie Funck (FUNCKYHOME), Ratekau, Germany. Contact: [Insert email, e.g., info@funckyho.me] or [Insert phone number]. Data Protection Officer (DPO): Not applicable, as we are a small family business exempt under GDPR Article 37. For data protection queries, contact us directly.
2. Personal Data We Collect We collect the following categories of personal data: Identification and Contact Data: Name, address, email, phone number, date of birth (if required for verification), and passport/ID details (for check-in or legal requirements). Booking and Payment Data: Booking details (dates, number of guests, preferences), payment information (credit card details processed via secure third-party providers like PayPal), and invoice data. Stay-Related Data: Guest preferences (e.g., allergies, special requests), pet information (if applicable), and any incident reports. Technical Data: IP address, browser type, device information, and usage data when visiting our website (via cookies or analytics tools). Communication Data: Emails, inquiries, or feedback you provide. Special Categories of Data: We do not routinely collect sensitive data (e.g., health, racial origin) unless voluntarily provided (e.g., for accessibility needs), in which case we process it with your explicit consent. We collect data directly from you (e.g., via booking forms), automatically (e.g., website logs), or from third parties (e.g., booking platforms).
3. Purposes and Legal Basis for Processing We process your data for the following purposes, based on the legal grounds under GDPR Article 6: Contract Fulfillment (Art. 6(1)(b)): To process bookings, provide accommodations, manage payments, and deliver services (e.g., check-in, pet accommodations). Legal Obligations (Art. 6(1)(c)): To comply with laws, such as tax reporting, anti-money laundering, or health/safety regulations. Legitimate Interests (Art. 6(1)(f)): To improve services, prevent fraud, send booking confirmations, or analyze website usage (balanced against your rights; you can object). Consent (Art. 6(1)(a)): For marketing (e.g., newsletters), cookies beyond essentials, or processing special data. You can withdraw consent anytime without affecting lawful processing prior. We do not use automated decision-making or profiling that significantly affects you.
4. Data Sharing and Transfers We may share your data with: Service Providers: Payment processors (e.g., PayPal), IT support, cleaning services, or booking platforms (acting as processors under GDPR-compliant agreements). Authorities: If required by law (e.g., police for incidents). Third Parties: Only with your consent or as necessary for services. Data is stored within the EU/EEA. If transferred outside (e.g., to US-based tools), we use Standard Contractual Clauses or other GDPR safeguards to ensure adequate protection.
5. Data Retention We retain data only as long as necessary: Booking data: Up to 10 years for tax/legal purposes. Contact data: Until you withdraw consent or object. Technical data: Up to 2 years for analytics. After retention periods, data is securely deleted or anonymized.
6. Your Rights Under GDPR You have the following rights (subject to conditions): Access: Request a copy of your data. Rectification: Correct inaccurate data. Erasure ("Right to be Forgotten"): Delete data if no longer needed. Restriction: Limit processing in certain cases. Portability: Receive data in a structured format. Objection: Object to processing based on legitimate interests or marketing. Withdraw Consent: Anytime, without affecting prior lawfulness. Complaint: Lodge with a supervisory authority (e.g., Landesdatenschutzbeauftragte Schleswig-Holstein, Germany). To exercise rights, contact us at . We respond within one month (extendable if complex). No fee unless requests are excessive.
7. Cookies and Tracking Our website uses cookies for functionality (essential) and analytics (optional). See our Cookie Policy for details. You can manage preferences via browser settings or our consent banner. We use tools like Google Analytics (anonymized IP) based on consent or legitimate interests.
8. Data Security We implement appropriate technical and organizational measures (e.g., encryption, access controls) to protect data from unauthorized access, loss, or breach. In case of a breach, we notify authorities and affected individuals as required by GDPR Articles 33-34.
9. Children's Data Our services are not directed at children under 16. We do not knowingly collect their data without parental consent.
10. Changes to This Policy We may update this policy to reflect changes in practices or laws. Updates will be posted on our website with the effective date. Continued use constitutes acceptance.
Effective Date: January 2026
