Privacy Policy

We take the protection of your personal data very seriously. This Privacy Policy explains what data we collect when you visit our website gotland.doryo.de, how we use it, and what rights you have regarding your data.

This website is operated from Sweden but uses a .de domain hosted on a server in Germany. The General Data Protection Regulation (GDPR) therefore applies in full.

1. Controller (Data Responsible)

The controller responsible for data processing on this website is:

[PLACEHOLDER: Full name of the responsible person or company]
[PLACEHOLDER: Legal form, e.g. sole trader / association / GmbH]
Tore 242
62330 Burgsvik
Gotland, Sweden

E-Mail: sundre.kommun@gmail.com

2. Hosting & Server Logs

This website is hosted by ALL-INKL.COM – Neue Medien Münnich, René Münnich, Hauptstraße 68, 02742 Friedersdorf, Germany (all-inkl.com).

To provide our website securely and efficiently, we use the hosting services of All-Inkl.com. All data transmitted when you use our website may be processed on their servers. This includes infrastructure services, computing capacity, storage, database services, and technical maintenance.

When you visit our website, All-Inkl.com automatically stores information in so-called server log files. These include:

Browser type and version
Operating system
Referrer URL (previously visited page)
Hostname (IP address) of the accessing device
Date and time of the request

This data is collected to ensure the technical operation of the website and to detect and investigate security incidents. It is not merged with other data sources.

Legal basis: Art. 6(1)(f) GDPR – legitimate interest in the secure and stable operation of the website.

Further information can be found in the All-Inkl.com Privacy Policy: all-inkl.com/datenschutzinformationen

Data Processing Agreement

We have concluded a Data Processing Agreement (DPA) with All-Inkl.com in accordance with Art. 28 GDPR. This legally required agreement ensures that All-Inkl.com processes the personal data of our website visitors only on our instructions and in compliance with the GDPR.

3. Cookies & Consent Management (Real Cookie Banner)

Our website uses cookies and similar technologies (e.g. tracking pixels, web beacons). Some of these are technically necessary; others are only activated with your prior consent.

To manage the cookies and similar technologies we use, and the related consents, we use the consent management tool Real Cookie Banner by devowl.io GmbH, Tannet 12, 94539 Grafling, Germany. Details about how Real Cookie Banner processes data can be found at devowl.io/rcb/data-processing/.

You can view and adjust your cookie preferences at any time by clicking the cookie settings icon at the bottom of the page.

Legal bases: Art. 6(1)(c) GDPR (legal obligation to document consent) and Art. 6(1)(f) GDPR (legitimate interest in managing cookies and related consents correctly).

Providing your personal data is neither contractually required nor necessary for entering into a contract. You are not obliged to provide it. However, if you do not interact with the consent banner, we cannot manage your cookie preferences.

Technically necessary cookies (no consent required):

Cookies set by Real Cookie Banner to store your consent preferences
WordPress session cookies required for basic page functionality

Optional cookies (require your prior consent, Art. 6(1)(a) GDPR) are described in the relevant sections below (e.g. Google Maps).

4. WordPress & Elementor Page Builder

WordPress

This website is built on WordPress, a widely used content management platform. As part of normal WordPress operation, so-called “static files” (images, CSS stylesheets, JavaScript files) are delivered to your browser to display the website correctly. These files are served from our own server (hosted by All-Inkl.com). No personal data is collected or processed solely through the delivery of these files.

Legal basis: Art. 6(1)(f) GDPR – legitimate interest in the efficient and reliable delivery of website content.

Elementor Page Builder

This website uses the Elementor page builder plugin, developed by Elementor Ltd., Rehov Tuval 40, 5252247 Ramat Gan, Israel. Elementor is used to design and structure the layout of our pages.

When using Elementor, some data (such as editor settings) may be stored locally in your browser’s Local Storage. This is essential for the correct display and functionality of the website. Based on current information, no personal data is transmitted to Elementor’s servers or to third parties during a regular visitor’s page view.

Legal basis: Art. 6(1)(f) GDPR – legitimate interest in a functional and well-designed website.

Further information: Elementor Privacy Policy

5. Fonts – Adobe Fonts / Typekit

This website currently loads fonts from Adobe Fonts (Typekit), a service provided by Adobe Inc., 345 Park Avenue, San Jose, CA 95110-2704, USA.

When a page is loaded, your browser establishes a direct connection to Adobe’s servers at use.typekit.net. In doing so, your IP address is transmitted to Adobe servers in the USA. This happens automatically when the page is opened, before any cookie consent is given.

Legal basis: Art. 6(1)(f) GDPR – legitimate interest in a uniform visual presentation of the website. Data transfer to the USA is based on standard contractual clauses (SCCs) pursuant to Art. 46(2)(c) GDPR.

Further information: Adobe Privacy Policy

Note: We are planning to host all fonts locally in the near future, which will eliminate this data transfer entirely.

6. Google Maps

Our website embeds interactive maps from Google Maps, a service provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

The integration of Google Maps may cause Google to set cookies in certain versions, which establish a connection to the Google network. When you visit a page with an embedded Google Maps widget, your browser establishes a connection to Google’s servers, transmitting your IP address and information about the page you are visiting. This occurs even if you are not logged into a Google account. If you are logged in, Google may associate this data with your account.

We embed Google Maps only after you have given your explicit consent via our cookie consent banner.

Legal basis: Art. 6(1)(a) GDPR – your consent. You may withdraw your consent at any time via the cookie settings.

Data transfer to the USA is based on standard contractual clauses (SCCs) pursuant to Art. 46(2)(c) GDPR.

Further information: Google Privacy Policy

7. Search Engine Optimisation – Yoast SEO

To help optimise our website for search engines, we use the Yoast SEO plugin, provided by Yoast BV, Don Emanuelstraat 3, 6602 GX Wijchen, Netherlands.

Yoast SEO generates XML sitemaps and adds structured data (Schema.org) to our pages to improve visibility in search engine results. It may use cookies in connection with its functionality; please also refer to our cookie information in Section 3 above.

This use of Yoast SEO serves the goal of being found more easily online by visitors interested in our offerings.

Legal basis: Art. 6(1)(f) GDPR – legitimate interest in the search-engine-optimised presentation of our website.

No personal data is transmitted to Yoast’s servers through normal page visits.

8. Multilingual Plugin – WPML

This website uses the WPML (WordPress Multilingual Plugin) provided by OnTheGoSystems Limited, 22/F 3 Lockhart Road, Wanchai, Hong Kong, to offer our content in multiple languages.

WPML uses cookies to detect and store the visitor’s current language preference, their last visited language, and the language of logged-in users. This enables a consistent multilingual experience across the website.

Information about the cookies used by WPML can be found at: wpml.org – Browser Cookies Stored by WPML

Legal basis: Art. 6(1)(f) GDPR – legitimate interest in making our website accessible and understandable to visitors in their preferred language.

10. Newsletter (Mailchimp)

We offer a newsletter to which you can subscribe voluntarily. For sending our newsletter we use Mailchimp, a service provided by The Rocket Science Group, LLC, 675 Ponce de Leon Ave NE, Suite 5000, Atlanta, GA 30308, USA.

When you subscribe to our newsletter, we store:

Your e-mail address
[PLACEHOLDER: First name / last name if collected]
Date and time of subscription
IP address at the time of subscription (for verification purposes)

We use a double opt-in procedure: after entering your e-mail address, you will receive a confirmation e-mail and must click the link in it to complete your subscription. This ensures that only you can subscribe with your address.

Your data is transmitted to and processed on Mailchimp servers in the USA. This transfer is based on standard contractual clauses (SCCs) pursuant to Art. 46(2)(c) GDPR.

Legal basis: Art. 6(1)(a) GDPR – your explicit consent.

You may unsubscribe at any time by clicking the unsubscribe link included in every newsletter e-mail, or by contacting us directly. After unsubscribing, your data will be deleted from our mailing list.

Further information: Mailchimp Privacy Policy

11. Booking System

[PLACEHOLDER: Description of the booking system used, e.g. Fareharbor / Bokun / custom form. Include: what data is collected (name, email, payment details), legal basis (Art. 6(1)(b) GDPR – contract performance), any third-party processors and data transfers, retention period.]

12. Photo & Video Release / Consent Form

[PLACEHOLDER: Description of how photo and video consent is collected from guests/participants on the property. Include: what personal data is collected, how long it is stored, legal basis (Art. 6(1)(a) GDPR – consent), and how consent can be withdrawn.]

13. Contact by E-Mail

If you contact us by e-mail, we will store your e-mail address and the contents of your message for the purpose of processing your inquiry and for follow-up questions. We will not share this data with third parties without your consent.

Legal basis: Art. 6(1)(f) GDPR – legitimate interest in responding to your inquiry; Art. 6(1)(b) GDPR if the inquiry relates to a contractual relationship.

You may request deletion of your data at any time, provided there are no legal retention obligations.

14. External Links

Our website contains links to external websites, including our Instagram profile (instagram.com/sundrekommun), operated by Meta Platforms Ireland Ltd. When you follow these links, the privacy policy of the respective provider applies. We have no influence over how third-party websites process your data.

15. Your Rights Under the GDPR

As a data subject you have the following rights:

Right of access (Art. 15 GDPR): You have the right to obtain confirmation of whether we process personal data about you, and to receive a copy of that data.
Right to rectification (Art. 16 GDPR): You have the right to request correction of inaccurate personal data.
Right to erasure (Art. 17 GDPR): You have the right to request deletion of your personal data, subject to legal retention obligations.
Right to restriction of processing (Art. 18 GDPR): You have the right to request that we restrict the processing of your data under certain circumstances.
Right to data portability (Art. 20 GDPR): You have the right to receive your personal data in a structured, commonly used, machine-readable format.
Right to object (Art. 21 GDPR): You have the right to object at any time to the processing of your data based on a legitimate interest (Art. 6(1)(f) GDPR). If you object, we will no longer process your data unless we can demonstrate compelling legitimate grounds that override your interests.
Right to withdraw consent (Art. 7(3) GDPR): Where processing is based on your consent, you may withdraw that consent at any time with effect for the future.

To exercise your rights, please contact us at: sundre.kommun@gmail.com

16. Right to Lodge a Complaint

If you believe that our processing of your personal data violates the GDPR, you have the right to lodge a complaint with a supervisory authority.

As this website is hosted in Germany (Saxony), the responsible authority in Germany is:

Sächsischer Datenschutz- und Transparenzbeauftragter (SDTB)
Devrientstraße 5, 01067 Dresden, Germany
Website: www.datenschutz.sachsen.de

As the operator is based in Sweden, you may also contact the Swedish supervisory authority:

Integritetsskyddsmyndigheten (IMY)
Box 8114, 104 20 Stockholm, Sweden
Website: www.imy.se

17. Changes to This Privacy Policy

We reserve the right to update this Privacy Policy from time to time to reflect changes in legal requirements or our services. The current version is always available on this page. We recommend checking this page periodically.

Last updated: March 2026