powered by
Main Sponsor

Notes on Data Protection

Privacy Policy

When you use our online services (called here “services”), you, as a user, agree that we – the Nuremberg Convention and Tourism Office /Verkehrsverein Nürnberg e.V. (called here “CTZ“) – as the responsible party in terms of the German data protection law (BDSG), may collect, process and use the following data listed here in the manner described in this document. This privacy policy informs you about the type, scope and purpose of the collection and use of personal data by our services.

  1. Type, Scope and Purpose of the Collection, Processing and Use
  2. Processes to Optimize Our Services
  3. Additional Applications of Our Services (Third-Party & Social Media)
  4. Protection of Your Rights as a Concerned Party
  5. Contact for Further Questions or Suggestions for Data Protection

1. Type, Scope and Purpose of the Collection, Processing and Use

Personal data is information that allows the identification of a specific individual. This includes, for example, names, contact data, photos, information about interests and hobbies and memberships. We collect, process and use your personal data only within the scope of legal regulations or with your consent.

Data collected by our system and the protection of your privacy

When you use our services or view content, the CTZ (or our online- provider) automatically collects data in the form of serverlog files. This includes the name, date and time of the viewed website, filenames, quantity of data transmitted, notification of successful request, browser type and version, user’s operating system, the previously visited page (referrer URL), IP address and internet service provider.

CTZ uses all logged data only for its own analysis of operation, for security purposes and to optimize its services. We reserve the right to subsequently review the log files when there is tangible evidence or a justified suspicion of illegal use of our services.


Anytime you make contact with us, whether by order form, e-mail or by telephone, we collect and use your data within the framework of specified business activities or to process your query. At your request, we will send you information about our services and products.

Transfer of Data

We process the collected data for the purpose of optimizing customer service in cooperation with all departments within our organization. By this means we can spare you unnecessary multiple queries and contacts and provide you with the appropriate contact person for your specific request, who can provide you with complete and expert advice. We do not transfer your data to third parties, nor do we sell your data.

A processing of personal data outside the European Union (EU) and European Economic Area (EEA) does not take place and is also not planned, unless expressly stated in an individual case hereinafter.

Mobile Use

Please note that when using our services on mobile end devices (such as cell phones, smart phones and tablets) that, depending on the technology used, precise location data may be collected, used and shared, including the geographic location of your device. In addition, within the framework of the terms of use of your respective telecommunications provider, further data may be collected, processed and used.

2. Processes to Optimize Our Services

The use of our internet websites is, in principle, possible without disclosing personal data. All of the following elements described here work with a pseudonymized form of your data, as usage data is not linked with user data. In this manner, even the IP Address remains a pseudonym.


Our publicly accessible services can be used, in principle, without cookies.

On various websites of our services, cookies of various types are used. Cookies are small text files which are saved on your computer. They do no damage and contain no personal data. The device-related data in the cookies allow us to analyze your use of our services without reference to you as an individual and to recognize your end device if you visit our sites again. This makes the use of our websites easier for you (user-friendliness) and gives us the opportunity to optimize our services for you. You can set your browser to warn you that you are about to receive a cookie, allowing you to decide on a case-by-case basis when to accept a cookie or you may exclude all incoming cookies. You can find more details at http://www.aboutcookies.org.


For optimal operability without cookies and for analysis of the attractiveness of our services, we use the Canvas element. Through its use, device-related characteristics can be taken into consideration, making use of our services more comfortable. Conventional browsers unfortunately offer no means to shut off this element. If you wish to do so, we recommend the use of the necessary plug-ins or a browser that offers an advanced user more control possibilities (for example, the Tor Browser, available at https://www.torproject.org/).

Statistical Analysis of User Access "AT Internet" (Audience Measurement)

Part of our online services (currently, the internet page of the Nuremberg christkindlesmarkt) uses technologies from the company Applied Technologies Internet SAS, 85 avenue Président JF Kennedy, 33700 Mérignac, France. The company has agreed to adhere to the data privacy pinciples of the EU data protection principles and uses wide-ranging measures to protect your private data. The collected technicla data deliver anonymous traffic statistics (such as the number of page views. number of visits and the frequency of return visits). You can prohibit this provider from collecting and processing your data when you file an objection (Opt-out) at the following link: http://www.xiti.com/de/optout.aspx.The company provides you detailed information about its privacy policies online at: https://www.atinternet.com/en/company/data-protection/data-collection-on-our-customers-sites/

Google AdServices

Part of our internet pages, especially our ad services, use applications from Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Google Adservices collects information about user behavior with the help of cookies. In addition, Google also places so-called “web beacons”, invisible graphics which transfer via the IP-Address personal data and activities to the Google server in the US. Here, the data is processed and saved. You can prevent the collection and processing of your data by this application when you deactivate the execution of Java Scripts in your browser or install an application which suppresses such scripts.

To allow you to take advantage of your right to object to the collection of user data by Google, Google has made a Deactivation Add-On available, which you can install (http://tools.google.com/dlpage/gaoptout?hl=de). You can find detailed information about data processing by Google in the most current version at their Data Protection Center at http://www.google.de/intl/de/policies/privacy/.

3. Additional Applications of Our Services (Third-Party & Social Media)

In some cases, we round out our services for you through links to carefully selected third parties. CTZ accepts no responsibility for their contents or privacy policies. Based on the technology, third parties may sometimes receive your IP Address. In your interest, we strive to only offer links for which the providers use IP Addresses for delivery of content only. However, we have no influence on whether or not third-party providers store your IP Address for statistical purposes. If we are aware that this is the case, we will inform you.

Use of Social Plug-Ins: Measures to Protect Your Privacy

We offer you the opportunity to show your interest in our services on social media platforms which you use. For this purpose, we have built in the popular “like” buttons at the end of each webpage. To protect your privacy, we use the so-called “two-click procedure”, that is, the buttons from Facebook, Google+, Twitter and Pinterest must first be actively clicked on by you, before you can transfer your data.

If you do not want data collected through our services to be directly assigned to your profile, please log out of the respective social network before you visit our services. You can control or block the loading of plug-ins with the corresponding add-on applications for your internet browser, for example with a script-blocker such as “NoScript” (http://noscript.net). You could also use a browser that offers an advanced user more control possibilities (See Section 2).

Here follows provider-specific details for the social media services we provide.

Use of Facebook Social Plug-Ins

This service uses Social Plug-Ins ("plug-ins") of the facebook.com social network, operated by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA ("Facebook"). The “Like” and “Share” plug-ins can be recognized by the Facebook logo (white "f" on a blue tile or a "thumbs-up" sign) or are marked with "Facebook Social Plug-In". A list and description of the Facebook Social Plug-Ins can be seen at: https://developers.facebook.com/docs/plugins/. When you, as user, open a webpage of our services that contains such a plug-in, your browser will create a direct link to the Facebook server. The content of the plug-in will be transferred from Facebook directly to your browser and tied into the webpage. We have no influence over the amount of data that Facebook collects with this plug-in and therefore we here inform you based on the information available at the time of publication.

Through the integration of plug-ins (“Like” button, etc.), Facebook receives notice that a user has called up the respective webpage of the service. If the user is logged in to Facebook, Facebook can assign the visit to the Facebook account of the user. When the user interacts with the plug-ins, for example by clicking on the “Like” button or writing a comment, the respective data will be directly transferred to Facebook from your browser and stored there. If a user is not a member of Facebook, it is still possible that Facebook receives his or her IP Address and stores it. According to Facebook, in Germany only anonymized IP Addresses are stored. The purpose and amount of data collection and the further processing and use of the data by Facebook as well as the respective rights and configuration options for privacy protection of the user can be read in the privacy policy of Facebook: https://www.facebook.com/about/privacy/.

+1 Buttons from Google

Our online services use the “+1″ button of the social network Google Plus, which are operated by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”). The button from Google+ can be recognized by a “+1″ symbol on a white or colored background. If you open one of the webpages of our services which contain one or more such buttons, your browser will create a direct link to the Google servers. The content of the button will be transferred from Google directly to the browser and tied into the webpage. We have no influence over the amount of data that Google collects with this button. According to Google, no personal data will be collected without a previous click on the button. Only in the case of logged-in members will data, including the IP Address, be collected and processed. The purpose and amount of data collection and the further processing and use of the data by Google as well as the respective rights and configuration options for privacy protection of the user can be read in the privacy policy of the “+1” button from Google: http://www.google.com/intl/de/+/policy/+1button.html. Answers to FAQs can be read at http://www.google.com/intl/de/+1/button/.


Our services use the Tweet button of the Twitter service. This button is offered by Twitter Inc., 795 Folsom St., Suite 600, San Francisco, CA 94107, USA. It can be recognized by terms such as "Twitter", “Tweet“ or "Follow", in combination with a stylized blue bird. With the aid of this button, it is possible to share a message or a webpage of our services via Twitter or to follow us at Twitter. When you open a webpage of our services that contains such a button, your browser will create a direct link to the Twitter servers. The content of the Twitter button will be transferred from Twitter directly to your browser. We have no influence over the amount of data that Twitter collects with this plug-in. According to Twitter, only the IP Address of the user will be sent to the URL of the website when clicking on the button, but will not be used for purposes other than the depiction of the button. More information is available in the Privacy Policy of Twitter at http://twitter.com/privacy.

4. Protection of Your Rights as a Concerned Party

We have taken wide-ranging technical and organizational steps to protect your data when it is processed. If you would like to see a copy of our public procedure directory, you can send an informal e-mail to the contact listed below.

The evaluation of logged data takes place by authorized employees, who are required to protect your privacy and are continually receiving training on the best methods to do so. Access to our data processing systems takes place via a pre-determined authorization procedure.

Your permission to log data, your e-mail address and its use to send you a newsletter for which you have subscribed can be revoked at any time. This revocation can take place via a link at the end of each newsletter e-mail or by informal notification to the contact listed in Section 5 of this document.

As a user, you have the right to receive free-of-charge information about the personal data we have logged. You have the right to correct inaccurate data, delete or block the use of your personal data, as long as it is not required to fulfill a contract and when deletion does not violate a legal obligation to retain data.

When within our services you call up webpages and data from third parties and thereby transfer data about yourself, please note that this data transfer takes place unencrypted over the internet and the data may therefore be accessed by unauthorized persons.

Please note that we have no influence on the collection and use of your data when you visit or use our services with third-party providers, for example, our Profile on Facebook. This applies to all related interaction options such as posting pictures and audio material or commentaries, unless these are transferred to our company in a clearly recognizable form such as e-mail. The responsible party in each case is the operator of the platform that you have visited and used.

5. Contact for Further Questions or Suggestions for Data Protection

Our Privacy Policy Administrator Ms. Blossey is happy to address any other issues concerning data protection at datenschutz@ctz-nuernberg.de. This privacy policy will be updated as necessary. For maximum transparency we therefore recommend that you visit this document often.

Last modified: 20 April 2018