Privacy Policy

Effective date: 4 February 2026

This Privacy Policy explains how personal data is processed in connection with the use of this website, the booking of accommodation, and the stay at Ferienpark Grafschaft Bentheim.

Who is responsible for processing your data?

Primary data controller (website, bookings, payments, customer service)

BUNGALOWNET HOLIDAYS FZCO (the “BungalowNet” brand; “BN”) operates this website and is the primary data controller for personal data processed in connection with:

• website use and enquiries;
• bookings and customer service;
• payments and refunds;
• complaints and dispute handling;
• marketing and analytics (where applicable).

On-site operator (your stay at the park)

Ferienpark Grafschaft Bentheim is the holiday park where the accommodation is located. For the operation of your stay, the park processes certain personal data for on-site guest services and compliance purposes, such as check-in administration, enforcement of house rules, safety measures, incident handling, and statutory obligations.

Depending on the purpose, the park may process personal data:

• as an independent data controller (for example, where local law requires guest registration or where the park must manage safety and incidents on site);
• and/or under BN’s instructions (for example, where information is needed to deliver the booked stay or to support customer service).

Contact for data protection matters

For questions or requests regarding the processing of personal data by BN, including exercising your data protection rights, you may contact:

Email: privacy@bungalow.net or dpo@bungalow.net

For matters relating exclusively to on-site processing by Ferienpark Grafschaft Bentheim during your stay, you may also contact:

Email: legal@bungalow.net

EU representative (if applicable)

If BN is required to appoint an EU representative under Article 27 GDPR, the representative’s contact details will be stated in the Legal Notice and/or provided on request via the contact details above.

What personal data do we process?

Depending on how you interact with us, we may process the following categories of personal data.

Website and enquiry data

• name, email address, telephone number;
• enquiry or message content;
• technical data (e.g. IP address, browser type, device information, approximate location derived from IP address);
• cookie and preference data.

Booking and payment data

• reservation details (dates, accommodation type, number of guests);
• contact details of the booker and, where relevant, other guests;
• payment status, payment method, refund information (where applicable);
• communications relating to the booking.

Stay-related data (on site)

• identification details required at check-in (where required or necessary for the stay);
• information required to comply with statutory or local obligations;
• incident, loss, damage, or house-rule reports and related communications.

Marketing and analytics data

• newsletter subscription status and preferences;
• interaction data (e.g. email opens or clicks where used and permitted);
• analytics and tracking data, subject to consent where required.

Special categories of personal data (limited cases)

In limited situations, you may provide information that can qualify as special category data under the GDPR, for example health information in connection with a cancellation request or claim. We do not request this information unless necessary and ask that you limit what you share to what is relevant.

Bookings are intended for adults. Where a booking includes children, the booker provides the necessary information for the booking and stay.

Purposes and legal bases of processing

BN processes personal data for the following purposes and legal bases:

Performance of a contract (Article 6(1)(b) GDPR)

To create and manage bookings, provide customer support, communicate service messages, manage check-in information where needed for the stay, and handle changes and cancellations.

Legal obligations (Article 6(1)(c) GDPR)

To meet accounting and tax requirements, respond to lawful requests from authorities, and comply with statutory obligations applicable to the booking and/or stay.

Legitimate interests (Article 6(1)(f) GDPR)

To secure the website, prevent fraud and misuse, maintain service quality, manage disputes and chargebacks, improve the website and booking experience, and keep records necessary to defend or exercise legal rights.

Consent (Article 6(1)(a) GDPR)

Where required, for newsletters and marketing communications, and for non-essential cookies and similar technologies.

Special category data (Article 9 GDPR)

Where we process special category data, such as medical information you choose to provide, we do so only where permitted under applicable law and with appropriate safeguards, such as your explicit consent where required and/or where necessary to handle or defend legal claims.

Cookies and tracking technologies

This website uses cookies and similar technologies. Non-essential cookies, including analytics and marketing cookies, are used only with your prior consent where required. Further information about the cookies used, their purposes and retention periods is available in the Cookie Policy on this website.

With whom do we share personal data?

BN may share personal data, as necessary for the purposes described in this Privacy Policy, with:

• Ferienpark Grafschaft Bentheim for the delivery and operation of your booked stay and on-site services;
• payment service providers and financial institutions supporting payment processing, refunds and fraud prevention;
• IT, hosting, communications, customer support and security providers supporting website and booking operations;
• analytics and marketing providers, only where applicable and subject to consent requirements;
• professional advisers, such as legal or audit advisers;
• public authorities where required by law.

All recipients process personal data under appropriate contractual and security safeguards.

International transfers

Personal data may be accessed from, stored in, or otherwise processed in countries outside the EEA. Where this occurs, appropriate safeguards are applied in accordance with the GDPR, including Standard Contractual Clauses and supplementary technical and organisational measures.

Data retention

• booking and contractual data for the duration of the relationship and applicable statutory retention periods;
• payment and accounting data as required by tax and accounting rules;
• complaints and dispute records as necessary to manage claims and defend legal rights;
• marketing data until you withdraw consent or object, as applicable;
• cookie and analytics data as stated in the Cookie Policy.

Your rights

• access your personal data;
• rectify inaccurate or incomplete data;
• request erasure of your data;
• restrict processing;
• object to processing, including direct marketing;
• withdraw consent at any time where processing is based on consent;
• request data portability;
• lodge a complaint with a supervisory authority in an EU Member State.

You may lodge a complaint with the supervisory authority of your habitual residence, place of work or the place of the alleged infringement.

Security measures

BN implements appropriate technical and organisational measures to protect personal data against unauthorised access, loss, alteration or misuse, taking into account the nature of the data and associated risks.

Automated decision-making

BN does not use automated decision-making, including profiling, that produces legal effects or similarly significantly affects you, unless you are informed otherwise and such processing is permitted under applicable law.

Changes to this Privacy Policy

This Privacy Policy may be updated from time to time. The most recent version will always be available on this website and will apply from the effective date stated above.

This Privacy Policy is intended to comply with the GDPR and applicable European data protection laws.