Privacy Policy

Privacy Policy – Rise Factor Travel

The protection of personal data is a top priority for Rise Factor. When booking travel services, information such as name, address, contact details, travel data, and, where applicable, passport and visa details are processed.

This processing is necessary for the efficient planning and execution of travel services, the fulfillment of individual customer requests, and compliance with legal requirements. Particularly for international travel, the secure and accurate transfer of data is essential to enable entry and ensure smooth operations.

Personal data is processed responsibly and only for specified, legitimate purposes. The rights of data subjects—including access, rectification, erasure, restriction of processing, and objection—are fully respected and protected.

Rise Factor does not use automated decision-making or profiling unless required for contractual purposes or legal obligations. Where possible, pseudonymization or anonymization techniques are applied to enhance data security.

Cookies are used to ensure the functionality of digital services and improve user experience. The data collected is used exclusively for internal purposes, such as optimizing data protection and security.

Personal data is only shared with authorized partners—such as tour operators, hotels, transport providers, or authorities—where necessary to carry out the travel services. Data is stored only as long as required by law or for the intended purposes, after which it is deleted or blocked.

Data subjects have the right to request deletion in cases of unlawful processing or incorrect storage. Objections to data processing are respected unless legal obligations prevent this. Consent may be withdrawn at any time, and complaints can be filed with a competent supervisory authority.

1. Definitions

This Privacy Policy is based on the terminology used in the General Data Protection Regulation (GDPR).

a) Personal Data
Any information relating to an identified or identifiable natural person.

b) Data Subject
Any identified or identifiable natural person whose personal data is processed.

c) Processing
Any operation performed on personal data (e.g., collection, storage, use, transmission, deletion).

d) Restriction of Processing
The marking of stored personal data to limit future processing.

e) Profiling
Automated processing to evaluate personal aspects such as preferences or behavior.

f) Pseudonymization
Processing data in a way that it cannot be attributed to a specific individual without additional information.

g) Controller
The entity that determines the purposes and means of processing personal data.

h) Processor
A party processing data on behalf of the controller.

i) Recipient
Any entity to which personal data is disclosed.

j) Third Party
Any party other than the data subject, controller, or processor.

k) Consent
Freely given, informed, and explicit agreement to data processing.

2. Controller Information

Controller under the GDPR:

Rise Factor Health Travel and Physiotherapy
Hadi Nagi
Eidelstedter Platz 18
22523 Hamburg
Germany

Phone: +49 40 35770238
Email: info@reisefactor.de
Website: www.reise-factor.de

3. Cookies

Our website uses cookies—small text files stored on your device.

Cookies help improve usability by recognizing users and optimizing website functionality. Users may disable cookies at any time via browser settings. However, some website features may not function properly without cookies.

4. Collection of General Data

When accessing our website, general data such as browser type, operating system, IP address, date/time, and referring websites are collected.

This data is used to:

  • ensure proper website functionality
  • optimize content and security
  • analyze usage for statistical purposes

This data is stored separately from personal data and does not identify individuals.

5. Contact via Website

If you contact us via email or contact form, your transmitted data will be stored for processing your request. This data will not be shared with third parties.

6. Data Retention

Personal data is stored only as long as necessary for its purpose or as required by law. After that, data is deleted or blocked.

7. Rights of Data Subjects

You have the following rights:

  • Right to confirmation
  • Right of access
  • Right to rectification
  • Right to erasure (“right to be forgotten”)
  • Right to restriction of processing
  • Right to data portability
  • Right to object
  • Right to withdraw consent

To exercise these rights, you may contact us at any time.

8. Applications and Recruitment

Applicant data is processed for recruitment purposes. If no employment contract is concluded, data will be deleted after two months unless legal obligations require otherwise.

9. Facebook Integration

This website may include Facebook components. Data may be transmitted to Facebook Ireland Ltd. Users can prevent this by logging out of Facebook before visiting the website.

More information:
https://www.facebook.com/about/privacy/

10. Google AdSense

We use Google AdSense for advertising. Google may collect data such as IP address and browsing behavior via cookies and tracking technologies.

11. Google Analytics

We use Google Analytics with IP anonymization to analyze website usage. Users can opt out using a browser add-on.

12. Google Ads (AdWords)

We use Google Ads for advertising and conversion tracking. Cookies may be used to analyze campaign performance.

13. Instagram Integration

Instagram plugins may collect data about your visit if you are logged into Instagram. You can prevent this by logging out beforehand.

14. Legal Basis of Processing

Processing is based on:

  • Consent (Art. 6(1)(a) GDPR)
  • Contract performance (Art. 6(1)(b))
  • Legal obligation (Art. 6(1)(c))
  • Legitimate interests (Art. 6(1)(f))

15. Legitimate Interests

Our legitimate interest lies in conducting business operations and improving our services.

16. Data Storage Duration

Data is stored according to legal retention periods and deleted afterward unless still required.

17. Obligation to Provide Data

Providing personal data may be legally or contractually required. Failure to provide data may result in inability to conclude a contract.

18. Automated Decision-Making

We do not use automated decision-making or profiling.