Privacy Notice

Trusted. Unique. Inspiring. At TUI, we create unforgettable moments for our customers worldwide and make their dreams come true. One key part of this is our responsible handling of any personal data that you share with us. We want to reassure you that your data is safe with us and that you know how we use it to provide you with a better, unique and inspiring experience. Further information can be found on the TUI Group website. You can find our detailed cookie notice here.

1. Scope of application of this data privacy statement

Robinson Club GmbH (referred to as "we" or "us" in this data privacy statement) collects and processes your data as the controller. We are part of the TUI Group and therefore a subsidiary of TUI AG.

We broker the following TUI Group hotel brands (referred to as "TUI hotel brands" in this data privacy statement) on tuiamello.com:

  • TUI BLUE (TUI Hotel Betriebsgesellschaft mbH)

  • ROBINSON (Robinson Club GmbH)

  • TUI MAGIC LIFE (Robinson Club GmbH)

  • TUI Suneo (TUI Hotels & Resorts)

  • The Mora (TUI Hotel Betriebsgesellschaft mbH)

  • AQI (TUI Hotels & Resorts Türkiye)

The TUI hotel brands we offer on tuiamello.com are based on different concepts. During your hotel stay, your personal data will therefore be managed by both Robinson Club GmbH and the respective hotel. Both act as the controller within the meaning of data protection legislation.

The hotel you book may belong to a company that is not itself a TUI Group company. This is because hotels of the TUI hotel brands may be operated by a TUI Group company itself or on the basis of a franchise or management agreement concluded between the hotel operating company, which does not belong to the TUI Group, and a TUI Group company. A list of hotels operated by a TUI Group company can be found here. To find out which company operates a franchise or management hotel, please contact the hotel.

Robinson Club GmbH processes your data as part of its central booking system and its global customer database, which records customers staying in a TUI hotel brand hotel. Robinson Club GmbH (and its affiliated companies) also manage the Group's customer loyalty programme and implement marketing activities.

The hotel operating companies process your data to handle the contractual relationship with you (this includes invoicing, payment, and booking management), to implement the hotel's own marketing activities and to meet the legal requirements.

2. Scope of this data privacy statement

We are committed to doing the right thing when it comes to how we collect, use and protect your personal data. Below we inform you about the processing of your personal data in the context of our offers. Your privacy is important to us, so please take the time to read our data privacy statement. This explains:

  1. Scope of application of this data privacy statement

  2. Scope of this data privacy statement

  3. Personal data that we collect

  4. Other sources of personal data

  5. Personal data about other persons that you share with us

  6. Are you obliged to provide us with your personal data?

  7. Use of your personal data and the legal basis for this

  8. Sharing of personal data

  9. Protection of your personal data

  10. Automated decision-making

  11. Your rights under data protection law

  12. Key terms and miscellaneou

We have endeavoured to make this statement as comprehensible as possible. If you are not familiar with terms such as "controller" or "special categories of personal data", you can find out more in the Key Terms section below.

3. Personal data that we collect

We process personal data in accordance with the provisions of the EU General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG). The types of personal data we process from you depend on the nature of our business relationship with you and the respective purposes of the data processing:

3.1. When you register for our services, you might be providing us with:

  • Your personal details, such as your address, email address, telephone number and date of birth,

  • Your account login details, such as your user name and the password you have chosen. Your account settings

3.2. When you book hotel stays or other products or services from our offers, we collect data for the fulfilment of your hotel contract with the hotels of our hotel brands:

  • Your personal details, such as your address, email address, telephone number and date of birth,

  • The personal details of your fellow travellers,

  • Payment data (e.g. credit card details, account information, billing address),

  • Your booked products or services,

3.3. We may collect data when you browse our websites or use our mobile apps:

  • Data on your travel preferences,

    • Information about your online behaviour on our websites and mobile apps, e.g. which pages you visit and what content you are interested in,

    • Information about holidays and other products that you have searched for on our website or that you have added to your shortlist or otherwise saved or marked,

  • Information about when you click on one of our advertisements, including those displayed on other organisations' websites,

  • Information about the way in which you access our digital services, including the date and time of your access, operating system, IP address, online identifiers, language features and browser details,

  • Your location data, if you share it with us,

  • Social preferences, interests and activities.

You can find more information on this in our detailed cookie notice.

3.4. When you book, purchase or order hotel stays or other products or services in the hotels of our hotel brands, we may collect:

  • Information about the traveller, passport data, other ID information, insurance data,

  • Relevant medical data as well as any special dietary requirements or other requirements for religious reasons and reasons of physical impairment,

  • Information about your purchases, such as what you bought, when and where you bought it, how you paid and any credit or other payment information,

  • Information about your online behaviour on our websites and mobile apps,

  • Information about when you click on one of our advertisements, including those displayed on other organisations' websites,

  • Information about the way you access our digital services, including your operating system, IP address, online identifiers and browser details,

  • Social preferences, interests and activities,

  • Your accommodation preferences,

  • Your questions/comments/requests in connection with your hotel stay.

3.5. During your stay in the hotels of our hotel brands, we may collect:

  • Information about the traveller, passport data, other ID information.

  • Relevant medical data as well as any special dietary requirements or other food requirements for religious reasons and reasons of physical impairment.

  • Information about your purchases, e.g. what you bought, when and where you bought it, how you paid and any credit card or other payment information.

  • Information about reservations for services and activities (e.g. sports activities, table reservations, etc.).

  • Data in connection with your questions / comments / complaints / requests.

  • If you are travelling by car or motorbike, the vehicle registration number.

  • Data required for childcare.

  • Your IP address when using the Internet for hotel guests the meet the legal obligations and provide the Internet connection.

3.6. When you contact us or we contact you or when you participate in promotions, competitions, surveys about our services, we may collect:

  • Personal data that you provide when you contact us, including by email, post and telephone or via social media, such as your name, username and contact details,

  • Details of emails and other digital communications that we send to you and that you open, including any links contained therein that you click on,

  • Your feedback and contributions to customer surveys.

3.7. Special categories of personal data

As a rule, we do not collect any sensitive personal data about you. In exceptional cases, however, we may collect sensitive personal data or information from which special categories of personal data can be derived. We only collect such sensitive personal data with your consent or if this is required by law.

4. Other sources of personal data
We usually collect your personal data directly from you, but may also receive it from other sources, e.g. from

  • our TUI Group companies,

  • Companies that provide information and data (such as hotel operating companies), our sales partners and agents and from public registers,

  • Your insurance company, its agents and medical staff may share relevant personal data and special categories of personal data with us in circumstances where we/they need to act on your behalf or in the interests of other customers or in an emergency.

5. Personal data about other persons that you share with us

  • We use personal data provided by you about other people, e.g. further information about your booking.

  • If you share personal data of other persons, you must be sure that they agree to this and that you are authorised to share the data. You should also ensure that these persons are aware of how their personal data could be used by us.

6. Are you obliged to provide us with your personal data?

Generally speaking, you provide us with your personal data voluntarily. However, in order for you to conclude a travel contract, it is necessary to provide certain personal data. However, if you choose not to provide us with certain information we request, we may not be able to provide you with certain products or services. For example, we cannot process your booking if you do not provide us with your name and contact details.

7. Use of your personal data and the legal basis for this

We use your personal data in a variety of ways, as outlined below.

7.1. To provide products and services that you request and to communicate with you about them

We need to process your personal data so that we can manage your account or booking, provide you with the products and services you have requested and help you with orders.

Legal basis:
The processing is necessary for the fulfilment or initiation of a contract with you at your request (Article 6 (1) (b) GDPR).

7.2. To manage and improve our products and services

We use personal data to manage and improve our products, websites, mobile apps, customer loyalty and customer recognition programmes and other services.

We may use personal data to conduct market research and internal development and to develop and improve our product range, services, shops and IT systems, security, expertise and methods of communicating with you.

Legal basis:
Our legitimate interest in monitoring and improving our products and services (Article 6 (1) (f) GDPR).

7.3. For security reasons and to prevent and prosecute criminal activities

We monitor how our services are used to protect your personal data and to detect and prevent fraud, other criminal offences and misuse of services. This helps us to ensure that you can use our services safely.

Legal bases:

  • Our legitimate interest in the protection of our visitors, customers and other business partners as well as our assets and the security of our products and services (Article 6 (1) (f) GDPR).

  • The fulfilment of our legal obligations (Article 6 (1) (c) GDPR).

7.4. To personalise your experience

We want to ensure that marketing communications (including online advertising) relating to our products and services and those of our suppliers, trading partners and the TUI Group are tailored to your interests.

To do this, we use your personal data to better understand your interests so that we can try to predict what other products, services and information you might be most interested in. This enables us to tailor our communications to make them more relevant and interesting for you.

Looking at your online behaviour and purchases helps us to understand you as a customer and enables us to offer you personalised offers and services.

We may also consider your feedback on our marketing activities regarding our range of products and services. This allows us to offer you products and services that better meet your needs as a customer.

If you do not wish to receive a personalised service from us, you can change your preference at any time by contacting us online, by telephone or in writing (e.g. email). We will update your data as soon as possible.

Legal basis:
Our legitimate interest in offering our customers products and services tailored to their interests (Article 6 (1) (f) GDPR)

7.5. To contact and interact with you

We want to serve you as a customer even better. So if you contact us, for example by email, post, telephone or via social media, we may use personal data to deal with your request as quickly and efficiently as possible.

Legal basis:
The processing is necessary for the fulfilment or initiation of a contract with you at your request (Article 6 (1) (b) GDPR).

7.6. For advertising campaigns and customer surveys

We need to process your personal data in order to administer promotions and competitions in which you choose to participate. These include those that we organise together with our suppliers and trading partners. For example, if you win a prize.

We would like to invite you to participate in customer surveys and other market research activities conducted by TUI Group and other organisations for your benefit.

To help us better understand you as a customer and to be able to provide you with services and marketing communications (including online advertising tailored to your interests), we may combine the personal data we collect when you make purchases in a shop with personal data collected through our websites, mobile apps and other sources.

We do not sell your personal data to third parties.

Legal bases:

  • Your consent (Article 6 (1) (a) GDPR)

  • The processing is necessary for the fulfilment or initiation of a contract with you at your request (Article 6 (1) (b) GDPR)

7.7. Marketing communication

a) with your consent

From time to time, we would like to send you offers and news about our products and services in various ways, such as by email, messenger or telephone. We would also like to send you information about products and services from other companies that we think may be of interest to you. We will only do this if you have previously agreed to receive these marketing communications.

When you register with us or arrange a hotel stay through us, we will ask you whether you would like to receive marketing communications and through which channel. You can change your marketing preferences at any time by contacting us by email at dataprotection@robinson.com, by clicking on the unsubscribe link in our marketing emails or by writing to the Data Protection Officer at Robinson Club GmbH, Karl-Wiechert-Allee 23, 30625 Hannover, Germany.

Of course, the choice is entirely up to you. If you tell us that you do not want to receive marketing information from us, you will miss out on receiving great offers that may be of interest to you.

However, you may still receive service-related communications from us. For example, confirmations of bookings you make with us and important information about the use of our products and services.

Legal basis:
Your consent (Article 6 (1) (a) GDPR)

b) For product recommendations by email (existing customer advertising)

As a customer of Robinson Club GmbH, you will regularly receive product recommendations from us or our hotel operating companies by email. You will receive these product recommendations from us regardless of whether you have subscribed to a newsletter or have consented to marketing communication by email. In this way, we want to provide you with information about products from our range that may be of interest to you based on your recent purchases from us. In doing so, we adhere strictly to the legal requirements.

Whenever your contact details are used for advertising purposes, we expressly draw your attention to your right of objection, which you can exercise easily and without red tape at any time.

If you no longer wish to receive product recommendations from us by email, you can object to this at any time by sending a message in text form to dataprotection@robinson.com. Of course, you will also find an unsubscribe link in every email.

Legal basis:
Our legitimate interest in offering our customers comparable products and services (Article 6 (1) f) GDPR in the context of Section 7 (3) UWG)

c) To personalise your experience

We want to ensure that marketing communications (including online advertising) relating to our products and services and those of our suppliers, trading partners and the TUI Group are tailored to your interests.

To do this, we use the personal data you submit and any automatically generated data to better understand your interests so that we can try to predict what other products, services and information you might be most interested in. This enables us to tailor our communications to make them more relevant to you. We use existing information for this purpose, such as confirmations of receipt and read receipts of emails, information about your computer and connection to the Internet, operating system and platform, your order history, your service history, date and time of your visit to the homepage, products that you have viewed. We use this information exclusively in pseudonymised form. This analysis and evaluation helps us to better understand you as a customer and enables us to provide you with personalised offers and services. Our aim is to make our advertising more useful and interesting for you, i.e. to offer you products and services that better meet your needs as a customer.

If you do not wish to receive a personalised service from us, e.g. a personalised newsletter, you can object to the personalisation of your advertising to us at any time, e.g. by telephone, in writing or by email (e.g. to dataprotection@amello.com). In this case, you will receive unsuitable standard advertising. You can of course also object to marketing communication from us altogether or withdraw your consent at any time. We will update your data as soon as possible.

d) Market research

Your opinion is important to us. In order to improve our products and services, we may contact you for market research purposes. You always have the choice of whether you want to participate in our market research.

Detailed information on the data collected in the questionnaire, in particular on the anonymous evaluation, is explained in detail in the accompanying information.
If customer satisfaction surveys are sent to you by email, we have either obtained your explicit advertising consent in accordance with Article 6 (1) (a) GDPR. If you do not wish to receive the questionnaire, simply let us know by sending an email to dataprotection@robinson.com.

Legal basis:
Our legitimate interest in improving our products and services through market research (Article 6 (1) (f) GDPR)

7.8. For legal purposes

We may process your personal data for the establishment, exercise or defence of legal claims, including related dispute or dispute resolution proceedings, for regulatory and governmental investigations and our general compliance obligations, for internal investigations, to enforce our terms and conditions and other terms of use, or to respond to lawful requests by law enforcement or other authorities.

Legal bases:

Our legitimate interest in the establishment, exercise or defence of legal claims (Article 6 (1) (f) GDPR)

The fulfilment of our legal obligations (Article 6 (1) (c) GDPR)

7.9. Special categories of personal data

If we have to process special categories of personal data for the above purposes (as described above), this is only done on the basis of a separate legal basis. The following may be considered as such:

  • Your express consent (Article 6 (1) (a) GDPR),

  • Processing is in a serious public interest or is carried out in the exercise of official authority (Article 6 (1) (e) GDPR,

  • It is necessary to protect the vital interests of you or other persons, e.g. if you are physically or legally incapable of giving your express consent (Article 6 (1) (d) GDPR),

  • The processing is necessary for the fulfilment of a contract with you (Article 6 (1) (b) GDPR).

8. Sharing of personal data

As a rule, we do not pass on your personal data to third parties unless this is necessary for the fulfilment of your contract, in particular for the execution of your booked trip or the provision of other products and services or for the other purposes of data processing mentioned above or for legal reasons. In particular, we may share your personal data with the following recipients:

8.1. With suppliers and service providers

In order to provide the products and services you request, we may need to share personal data with external service providers, including independent spa operators or sports providers (e.g. water sports), security services and transport companies.

We also work with carefully selected providers who perform certain functions for you. For example, with companies that help us with IT services, data storage and linking, marketing, market research, processing of payment transactions and the provision of products and services.

Where our service providers and partners process personal data on our behalf and exclusively in accordance with our instructions (processors), we retain control over your personal data and remain fully responsible for it. When engaging such processors, we will apply appropriate safeguards as required by applicable law to ensure the integrity and security of your personal data.

We may need to share personal data in order to protect or defend our legal rights; this includes the transfer of personal data to third parties, for example to prevent fraud and reduce the risk of non-payment.

Where we share personal data with other organisations, we require them to keep the data secure and they must not use your personal data for their own marketing purposes.

We only share the minimum amount of personal data that enables our suppliers and trading partners to provide their services to you and us.

Insofar as it is necessary for the realisation of your travel request, a transfer of data to third countries in accordance with Article 49 (1) (b) GDPR is lawful.

8.2. With public authorities or government agencies

We may disclose your personal data to public authorities such as regulatory or law enforcement authorities, lawyers or courts if we are required to do so by applicable laws or regulations, or at their request, if permitted by law and necessary to comply with a legal obligation or to establish, exercise or defend legal claims; including for the purposes of fraud prevention and credit risk reduction.

8.3. Within the TUI Group

Robinson Club GmbH is a wholly owned subsidiary of the TUI Group, based in Hanover. Further information on the Group companies can be found at: https://www.tuigroup.com/.

We share the necessary minimum of personal data with other Group companies insofar as this is necessary and legally permissible for the aforementioned purposes of data processing, for example

  • to provide the products and services you have requested,

  • to analyse, tailor and improve our products and services,

  • to personalise your travel experience if necessary,

  • to contact and interact with you,

  • to detect, prevent and investigate fraudulent and other illegal activities and data breaches,

  • and, if permitted and appropriate, for marketing or market research purposes.

We may also share personal data with other companies if contractual agreements exist with them. In these cases, we will sell or transfer our services or our rights and obligations that we may have under a contractual agreement with you. If such a transfer or sale takes place, the company receiving your personal data may use your data in accordance with this privacy statement.

When we share personal data with other organisations, we require them to keep the data secure. We only share the minimum amount of personal data that enables our suppliers and trading partners to provide their services to you and us. Our TUI Group service providers, with whom we very frequently exchange personal data for the processing of holiday trips, are as follows:

  • TUI InfoTec GmbH, Karl-Wiechert-Allee 23, 30625 Hanover, www.tui-tech.com, Info@tui-infotec.com

  • TUI Musement, C/Rita Levi S/N, Edificio TUI, Parc Bit, 07121 Palma de Mallorca, Spain, gdprdx@tui.com

  • TUI Business Services GmbH, Karl-Wiechert-Allee 23, 30625 Hanover, datenschutz@tui.de

  • TUI Global Business Services Tunisia SARL, Boulevard 14 Janiver au dessus de BIAT Khezama, 4011 Sousse Tunisia, datenschutz@tui.de

  • TUI Customer Operations GmbH, Karl-Wiechert-Allee 23, 30625 Hanover, www.tui.com, datenschutz@tui.de

  • TUIfly Vermarktungs GmbH, Karl-Wiechert-Allee 23, 30625 Hanover, www.tui.com, datenschutz@tui.de

We may receive personal data about you from other companies in the TUI Group or share it with them for the following purposes:

  • to provide services (including making and managing bookings or processing
    payments),

  • to provide services in the context of customer service,

  • to detect, prevent and investigate fraudulent and other illegal activities and data breaches,

  • for analysis purposes and product improvement,

  • for personalised offers, to send advertising with your consent or otherwise and as permitted by applicable law.

These purposes relate to legitimate interests in obtaining and sharing your personal data:

  • to ensure compliance with applicable laws

Where applicable, Robinson Club GmbH refers to compliance with legal obligations (such as lawful requests from law enforcement authorities). In addition, all companies within the TUI Group may need to share personal customer data to ensure that all users on their online platforms are protected from fraudulent activity.

8.4. With transaction parties

We may also disclose personal data to an organisation to which we sell companies or assets or sell or transfer (or enter into negotiations about a sale or transfer of) our rights or obligations under an agreement with you. If such a transfer or sale takes place, the company receiving your personal data may use your data in accordance with this privacy statement.

8.5. With credit reference agencies and fraud prevention agencies

We may share your personal data with credit reference agencies (CRAs) and fraud prevention agencies (FPAs). When you receive a request from us, a digital footprint is stored in your file for other organisations to see.

We may also carry out checks with credit reference agencies and fraud prevention agencies to confirm your identity and to keep your information and TUI account up to date. This is to protect you from identity theft and other types of fraud and to prevent and detect crime or money laundering. If false or inaccurate information is provided and identified as fraud, the details are forwarded to the data protection authorities. This information may also be passed on to the law enforcement authorities.

If you tell us that you have a spouse or financial partner, we will link your data records together. You must therefore ensure that you have their consent to disclose information about them. The rating agencies also link your data with each other, and these links remain in your and in their files – unless you or your partner successfully request the rating agencies to remove this link.

We may provide these agencies with details such as your name, address, accounts and invoices, including how you manage them. This includes informing you about the status of your TUI account, what you pay us and when you miss a payment. If you do not pay your bills on time, this will be recorded by the rating agencies. The agencies may also share this with others carrying out similar checks, including organisations trying to trace you or collect money you owe them.

Each credit bureau and fraud prevention agency has its own criteria for calculating a credit score. For more information about credit reference and fraud prevention agencies, e.g. Schufa, Creditrefrom, Avarto Infoscore and Bürgel etc., as well as the European Anti-Fraud Office (OLAF), and how they may use your personal data, please refer to the respective data privacy statements of the credit reference agencies and Olaf. As a rule, data processing is carried out on the basis of the special interest of the credit agencies.

9. Protection of your personal data

We know how important it is to protect your personal data and manage them accordingly. We take appropriate security measures to help protect your personal data from accidental loss and from unauthorised access, use, alteration and disclosure.

However, the security of your data also depends on you. For example, if we have given you, or you have chosen, a password to access certain services, you are responsible for keeping this password confidential.

The personal data that we collect from you may also be transferred to a destination outside the European Economic Area (EEA) and stored there. They may also be processed by companies operating outside the EEA that work for us or one of our suppliers. We take appropriate safeguards to ensure that your personal data remain adequately protected and that they are treated in accordance with this privacy statement. These safeguards include appropriate contractual clauses, e.g. standard contractual clauses approved by the European Commission, and appropriate security measures.

9.1. Transmission to third countries

The personal data that we collect from you may also be transferred to a destination outside the European Economic Area (EEA) and stored there. They may also be processed by companies operating outside the EEA that work for us or one of our suppliers. We take appropriate safeguards to ensure that your personal data remain adequately protected and that they are treated in accordance with this privacy statement. These safeguards include appropriate contractual clauses, e.g. standard contractual clauses approved by the European Commission, and appropriate security measures. You can contact us at any time using the contact details below if you would like further information on these protective measures.

9.2. Security function for forms integrated on the website

Google reCAPTCHA (storage location: USA)
To protect our contact forms, this website uses the reCAPTCHA service provided by Google Inc ("Google"). The reCaptcha function is a security function that protects our website from hacker attacks and spam.

We use the Google service reCaptcha to determine whether a person or a computer makes a certain entry in our contact or newsletter form and is only activated at this point.

Google uses the following data to check whether you are a human or a computer:

  • IP address of the end device used,

  • our website/form that you visit into which the captcha is integrated,

  • the date and duration of your visit,

  • the identification data of the browser and operating system type used,

  • Google account if you are logged into Google,

  • Mouse movements on the reCaptcha areas and tasks in which you have to identify images.

The data are processed on the basis of Article 6 (1) (f) GDPR. The website operator has a legitimate interest in protecting its website from abusive automated spying and SPAM.

Further information on the data protection guidelines of Google Inc. can be found at https://www.google.de/intl/en/privacy

9.3. Storage of data

Your personal data will be deleted as soon as they are no longer required for the stated purposes. However, we may have to continue to store your data until the expiry of the retention obligations and periods issued by the legislator or supervisory authorities, which may result from the German Commercial Code, the German Fiscal Code and the German Money Laundering Act and generally amount to 6 to 10 years. In addition, we may retain your data until the expiry of the statutory limitation periods (i.e. usually 3 years; in individual cases, however, up to 30 years), insofar as this is necessary for the assertion, exercise or defence of legal claims. The corresponding data are then routinely deleted. If data are required after this period for analytical, historical or other legitimate business purposes, we take appropriate measures to anonymise these data.

9.4. About cookies, personal data protection settings and third-party providers

Cookies are small data files that allow a website to collect and store a range of data on your desktop computer, laptop or mobile device. Cookies help us to provide important features and functionalities on our websites and mobile apps. Further information on the cookies and similar technologies we use can be found in our cookie notice.

The legal basis for the setting and reading of cookies and the use of similar technologies or for the storage of information in the end user's end device and access to this information is regularly based on your consent within the meaning of Article 5 (3) ePrivacy Directive in conjunction with Article 6 (1) (a) GDPR. If cookies are absolutely necessary for us to provide a function you have expressly requested ("Necessary Cookies"), the data processing is carried out in accordance with Article 5 (3) e-Privacy Directive.

Further processing under data protection law is carried out in accordance with Article 6 (1) GDPR. Insofar as cookies are used for the data processing described in this data privacy statement, the principles described in the cookie notice apply. You can also track the cookies used there.

You can find information on how you can customise your desired cookie settings and further data processing for your visit to our website in the cookie settings there.

9.5. Links to other websites

Our websites or mobile apps may contain links to websites of other organisations that have their own data privacy statements. Please ensure that you read the terms of use and data privacy statement carefully before you submit any personal data to any other organisation's website, as we do not accept any responsibility or liability for other organisations' websites.

9.6. Features of social media and messenger services

Our websites or mobile apps may include social media features such as Facebook, Twitter, Pinterest or Instagram, which have their own data privacy statement.

We use various plugins on our websites: Facebook, Twitter, Pinterest and Instagram. If you do not want social networks to collect data about you via active plugins, you can select the "Block third-party cookies" function in your browser settings. Then the browser does not send cookies to the server for embedded content from other providers. With this setting, however, other cross-page functions may no longer work in addition to the plugins.

If these plugins are activated, your browser establishes a direct connection with the servers of the respective social network as soon as you access a page on our website. The content of the plugin is transmitted directly from the social network to your browser, which integrates it into the website. By integrating the plugins, the social network receives the information that you have accessed the corresponding page of our website. If you are logged into the social network, it can assign the visit to your account. If you interact with the plugins, for example by clicking the Facebook "Like" button or leaving a comment, the corresponding information is transmitted directly from your browser to the social network and stored there. The purpose and scope of the data collection and the further processing and use of the data by social networks as well as your rights in this regard and settings options to protect your privacy can be found in the data privacy statements of the respective networks or websites. You will find the links below.

Even if you are not logged into the social networks, websites with active social plugins can send data to the networks. An active plugin sets a cookie with an identifier each time the website is accessed. Since your browser sends this cookie every time you connect to a network server without being asked to do so, the network could in principle use it to create a profile of which websites the user belonging to the identifier has visited. It would be possible to assign this identifier to a person again later on, for example when logging into the social network at a later date.

Integration of Facebook plugins

Social plugins ("Plugins") from the Facebook social network, which is operated by Meta Platforms Ireland Ltd, 4 Grand Canal Square, Dublin 2, Ireland ("Meta"), are integrated into our website. The purpose and scope of the data collection and the further processing and use of the data by Meta as well as your rights in this regard and settings options to protect your privacy can be found in Meta's data protection information: https://www.facebook.com/privacy/center/.

Integration of Twitter plugins

Social plugins ("Plugins") of the Twitter social network, which is operated by Twitter Inc. with registered office at 795 Folsom St., Suite 600, San Francisco, CA 94107, USA ("Twitter"), are integrated into our website. The purpose and scope of the data collection and the further processing and use of the data by Twitter as well as your rights in this regard and settings options for protecting your privacy can be found in Twitter's data protection information: https://twitter.com/privacy.

Integration of Pinterest plugins

Furthermore, plugins of the social network Pinterest Inc., 635 High Street, Palo Alto, CA, 94301, USA ("Pinterest") are integrated on this website. You can recognise the Pinterest plugin by the "Pin it" button on our site.

If you click on the Pinterest "Pin it button" while you are logged into your Pinterest account, you can link the content of our pages to your Pinterest profile. This allows Pinterest to associate your visit to our pages with your user account. We would like to point out that we have no knowledge of the content of the transmitted data or its use by Pinterest. Further information can be found in Pinterest's privacy policy: http://about.pinterest.com/de/privacy

Integration of Instagram plugins

Plugins from the social network Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA ("Instagram") are also integrated on this website. You can recognise the Instagram plugin by the Instagram button on our website. If you click on the Instagram button while you are logged into your Instagram account, you can link the content of our pages to your Instagram profile.

This allows Instagram to associate your visit to our pages with your user account. We would like to point out that we have no knowledge of the content of the transmitted data or its use by Instagram. Further information can be found in Instagram's data privacy statement:
http://instagram.com/about/legal/privacy/

Push notifications

You can sign up to receive our push notifications. To send our push notifications, we use the shipping service "Airship", which is operated by Airship Group, Inc, 1225 W Burnside St #401, Portland, OR 97209, www.airship.com.

You will receive regular information about news, deals, products and suitable offers from Robinson Club GmbH via our push notifications.

To log in, you must confirm your browser's request to receive notifications. This process is documented and stored by Airship. This includes storing the login time and your browser ID or device ID. It is necessary to collect these data so that we can trace the processes in the event of misuse and therefore serves our legal protection.

In order to be able to display the push notifications to you, Airship collects and processes your browser ID on our behalf and, in the case of mobile access, your device ID. By subscribing to our push notifications, you agree to receive them. The legal basis for the processing of your data after registration for our push notifications is Art. 6 (1) (a) GDPR if you have given your consent.

Airship and Robinson Club GmbH also analyse the push notifications statistically. Airship can thus recognise whether and when our push notifications have been displayed and whether or when you clicked on them.

You can revoke your consent to the storage and use of your personal data, to receive our push notifications and to the statistical survey described above at any time with effect for the future. For the purpose of revoking your consent, you can change the settings provided for receiving push notifications in your browser. If you use our push notifications on a desktop PC with the Windows operating system, you can also unsubscribe from our push notifications by right-clicking on the respective push notification in the settings that appear there.

Your data will be deleted as soon as they are no longer required to fulfil the purpose for which it was collected. Your data will therefore be stored for as long as the subscription to our push notifications is active.

10. Automated decision-making

We use algorithms and automated decision-making to improve your user experience and to ensure the security of our website and other products and services. Automated decisions can be made, for example, as part of services on our websites or mobile apps, such as

  • the sort order of the search results you see on our website,

  • the nature of the recommendations for travel and travel experiences that we make on the website or in our promotional communications; or

  • the prevention and detection of breaches of our customer terms and conditions or other fraudulent activity on our website or other resources.

However, we will not make any automated decisions that would have a legal or similarly significant effect on you unless you have given us your express consent, the processing is necessary for the conclusion of a contract with you or it is permitted by law. We will take appropriate measures to protect your rights and freedoms in such cases, which may include your right to have the action reviewed by a member of our client team

11. Your rights under data protection law

You have the right to request a copy of the personal data we hold about you, although you should usually also be able to view and update the data associated with your customer account and booking online. You can of course still write to us and ask us for a copy of other personal data stored about you.

Please include details that will help us to identify and locate your personal data. Where we can provide access to data, we will do so free of charge unless further copies are requested. In this case, we may charge a reasonable fee based on the administrative costs.

We want to ensure that the personal data we hold about you are accurate and up to date. If any information we hold about you is incorrect, please let us know.

You can also have your personal data corrected or deleted, object to the processing of your personal data and, where technically feasible, request that personal data that you have transmitted to us be transferred to another organisation.

We will update or delete your information unless we need to keep it for legitimate business or legal purposes.

You can also contact us if you have a complaint about how we collect, store and use your personal data. Our aim is to provide the best possible remedy for your complaints. According to Article 77 GDPR in conjunction with. Section 19 BDSG-New, you have the right to lodge a complaint with a supervisory authority. The supervisory authority responsible for Robinson Club GmbH is:

State Commissioner for Data Protection and Freedom of Information of Lower Saxony
Prinzenstraße 5, 30159 Hanover
Phone: +49 0511 120-4500
Email: poststelle@lfd.niedersachsen.de

However, if you are not satisfied with our response, you can also contact the local data protection authority https://www.lfd.niedersachsen.de/startseite/.

Please note that we may ask you to confirm your identity before we process your enquiry or complaint. We may also ask you for more information to help us ensure that you are authorised to make this request or complaint to us, for example if you are contacting us on behalf of someone else.

If you have any questions, requests or comments on the subject of data protection, please send an email to the data protection officer of Robinson Club GmbH: DPOHotels@tui.com.

As the data subject, you have the following rights vis-à-vis us

It is important to Robinson Club GmbH that our processing procedures are fair and transparent. It is therefore important to us that, in addition to the right to object, data subjects can exercise the following rights if the respective legal requirements are met:

  • Right to information, Article 15 GDPR

  • Right to rectification, Article 16 GDPR

  • Right to erasure ("right to be forgotten"), Article 17 GDPR

  • Right to restriction of processing, Article 18 GDPR

  • Right to data portability, Article 20 GDPR

  • Right to object, Article 21 GDPR

What rights do I have as a user and customer? (information, cancellation, revocation)

  • As a data subject, you have various rights under Articles 15 ff GDPR.

  • You can request information about which of your personal data is stored at any time.

  • You can request the correction or erasure, provided this is legally permissible and possible within the framework of an existing contractual relationship.

  • If you have set up a customer account, e.g. with the TUI portal "My TUI", you can delete it yourself or ask for it to be deleted.

  • You can request a restriction of processing or generally object to the processing of your data. If processing is based on your consent, you can also revoke this consent at any time without affecting the legality of the processing carried out until the revocation.

  • You have the right to data portability.

To exercise your rights, you can contact us by email at dataprotection@amello.com. For identification purposes, please provide the following information:

  • Surname

  • Postal address

  • Email address and optional: Customer number or booking code

In order to process your request and for identification purposes, we would like to point out that we process your personal data in accordance with Article 6 (1) (c) GDPR.

You will receive a response to your enquiry regarding your rights as a data subject within the statutory period of 4 weeks at the latest.

We will inform you in advance before we process your personal data for any other purpose.

12. Key terms and miscellaneous

Services:  This means all products and services, including travel experiences, that we broker or are in contact with you about.

Controller: The controller determines the purpose and manner in which personal data is used.

European Economic Area (EEA): EU member states plus Norway, Iceland and Liechtenstein.

Online advertising: Marketing messages you might see on the Internet.

Products: This means all the products you buy or are interested in through us, including travel bookings and travel experiences.

Special categories of personal data: This means categories of personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership; genetic data, biometric data for the purpose of uniquely identifying a natural person; data concerning health or data concerning a natural person's sex life or sexual orientation.

Hotel operating companies:

Overview of TUI amello property and franchise hotels


Affiliated companies of the TUI Group

  • L’tur GmbH

  • Robinson Club GmbH

  • TUI 4U GmbH

  • TUI AG

  • TUI Austria Holding GmbH TUI

  • TUI Customer Operations GmbH

  • TUI SPAIN S.L.U.

  • TUI Hotel Betriebsgesellschaft mbH

  • TUI Magic Life GmbH

  • TUI Austria GmbH

  • TUI Suisse Ltd

  • TUIfly Vermarktungs GmbH


Changes to our data privacy statement


This data privacy statement replaces all previous versions. We may change the statement at any time, so please check it regularly on our website(s) for any updates. If the changes are significant, we will provide a clearly recognisable message on our website(s). In addition, we will send electronic notification of changes to our privacy policy where we deem this appropriate.

Last updated: April 2025


Robinson Club GmbH | Karl-Wiechert-Allee 23 | 30625 Hanover | dataprotection@amello.com

DownloadIconDownload "TUI amello Privacy Notice" (PDF-File)