top of page


What data do we collect?


Below is an overview of the data we may collect:

Non-personal data

Non-personal data does not allow any conclusions to be drawn about whom it was collected. Non-personal data that we collect consists mainly of technical and aggregate usage information.

Personal data

Personal data is information from which you can be identified or could reasonably be identified ("personal data"). Personal data we collect through our services may include information collected through our contact and booking forms, i.e. information such as names, email addresses, addresses, telephone numbers, IP addresses and more. When we combine personal data with non-personal data, as long as it is in combination, we will treat it as personal data.


We will only use your personal data for the purposes set out in the Privacy Policy and only if we are satisfied that:


  • the use of your personal data is necessary to perform or enter into a contract (e.g. to provide you with the services themselves or customer care or technical support);

  • the use of your personal data is necessary to comply with relevant legal or regulatory obligations; or

  • the use of your personal data is necessary to support our legitimate business interests (provided that at all times this is done in a way that is proportionate and respects your data protection rights).

How do we collect data?


Below are the main methods we use to collect data:

  • We collect data when you use our services. So when you visit our digital formats and use services, we may collect, record and store usage, sessions and related information.

  • We collect data that you provide to us yourself, for example when you contact us directly through a communication channel.

  • We may collect information from third party sources as described below.

  • We collect information that you provide to us when you sign up to our services through a third party provider such as Facebook or Google.

Why do we collect this data?

We may use your data for the following purposes:

  • to provide our services;

  • to develop, adapt and improve our services;

  • to respond to your feedback, enquiries and requests and to provide assistance;

  • to analyse patterns of demand and use;

  • for other internal, statistical and research purposes;

  • to improve our data security and fraud prevention capabilities;

  • to investigate violations and enforce our terms and policies and to comply with applicable law, regulation or governmental request;

  • to provide you with news or other information about Ponyhof through our newsletter (which is not currently published). You can decide for yourself whether you wish to continue receiving our newsletter. If not, you can click on the unsubscribe link in one of the newsletter emails.

Who do we share this data with?


We may share your information with our service providers to operate our services (e.g. storing data via third party hosting services, providing technical support, etc.). 


Under no circumstances will we share your email address or other personal information with advertisers or advertising networks.


We may disclose your information in the following circumstances: (i) to investigate, detect, prevent or take action regarding illegal activities or other misconduct; (ii) to establish or exercise our rights of defence; (iii) to protect our rights, property or personal safety or the safety of our users or the public; (iv) in the event of a change of control of us or any of our affiliates (by way of merger, acquisition or purchase of substantially all of our assets, etc.); (v) to protect our rights or property or the safety of our users or the public. (v) to collect, maintain and/or manage your information through authorised third party service providers (e.g. cloud service providers) as appropriate for business purposes; (vi) to work with third party service providers to improve your user experience. For the avoidance of doubt, we may transfer, disclose or otherwise use non-personal data to third parties at our discretion.

Cookies and similar technologies

When you visit or access our Services, we authorise third parties to use web beacons, cookies, pixel tags, scripts and other technologies and analytics ("Tracking Technologies"). These Tracking Technologies may allow third parties to automatically collect your information to improve the navigation experience on our digital formats, optimise their performance and ensure a tailored user experience, as well as for security and fraud prevention purposes.


WIX places the following cookies: 

  • XSRF token (security, for the duration of the session, essential cookie).

  • hs (security, for the duration of the session, essential cookie)

  • svSession (at user login, for 12 months, essential cookie)

  • SSR-caching (to show the system from which the website was sent, for 1 minute, essential cookie)

  • _wixCIDX (for troubleshooting, for 3 months, essential cookie)

  • _wix_browser_sess (for troubleshooting, for duration of session, essential)

  • consent-policy (for cookie banner, for 12 months, essential cookie)

  • smSession (to identify logged in website members, for the duration of the session, essential cookie)

  • TS* (for measuring system effectiveness, for 30 minutes, essential cookie)

  • fedops.logger.X (used to measure system effectiveness, for 12 months, essential cookie)

  • wixLanguage (used on multilingual websites, 12 months, essential cookie)


Once you have agreed to this, you can also withdraw your consent by deleting your browser history. You will find instructions on how to do this in the relevant browser provider (i.e. Firefox, Google Chrome or doer...).


You can find more information on the topic of cookies at

Where do we store the data?


Non-personal data

Please note that our trusted partners and service providers identified through the hosting provider WIX are located around the world. For the purposes set out in this Privacy Policy, we store and process any non-personal data we collect in different jurisdictions.

Personal Data

Personal Data may be maintained, processed and stored in the United States, Ireland, South Korea, Taiwan, Israel and to the extent necessary for the proper provision of our Services and/or as required by law (as further explained below) in other jurisdictions.

How long will the data be retained?

Please note that we will retain the information we collect for as long as is necessary to provide our services, to comply with our legal and contractual obligations to you, to resolve disputes and to enforce our agreements. We may correct, amend or delete inaccurate or incomplete data at any time at our sole discretion.

How do we protect the data?

WIX, as a hosting service, provides us with the online platform for our digital formats through which we can offer you our services. Your data can be stored via the data storage, databases and general applications of Wix as a hosting provider. It stores your data on secure servers behind a firewall and it provides secure HTTPS access to most areas of its services.


All payment options offered by us and our hosting provider for our digital formats comply with the PCI Security Standards Council's PCI-DSS (Payment Card Industry Data Security Standard) regulations. This is the collaboration of brands such as Visa, MasterCard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of credit card data (including physical, electronic and procedural measures) by our shop and service providers.


Notwithstanding the measures and efforts taken by us and our hosting provider, we cannot and do not guarantee absolute protection and security of the information you upload, post or otherwise disclose to us or others. For this reason, we ask that you set strong passwords and, where possible, do not provide us or others with confidential information that you believe could cause you significant or lasting harm if disclosed. In addition, as email and instant messaging are not considered secure forms of communication, we ask that you do not share confidential information through either of these communication channels.

Use of our services by minors

Our services are not intended for users who have not reached the legal age of majority. We will not knowingly collect information from children. If you are under the age of majority, you should not use our services or provide us with any information.


We reserve the right to request proof of age at any time so that we can verify whether minors are using our services. In the event that we become aware that a minor is using our services, we may prohibit that user from accessing our services and block him or her, and we may delete any information we hold about that user. If you have reason to believe that a minor has disclosed information to us, please contact us as explained below.

Your control over your data


As an EU resident, you can:


  • Request confirmation as to whether or not personal data relating to you is being processed and access to your stored personal data and certain additional information;

  • request to receive the personal data you have provided to us in a structured, commonly used and machine-readable format;

  • request the correction of your personal data that we have stored;

  • request the deletion of your personal data;

  • object to the processing of your personal data by us;

  • request the restriction of the processing of your personal data, or

  • lodge a complaint with a supervisory authority.


Please note that these rights are not unlimited and may be subject to our own legitimate interests and regulatory requirements. If you have any general questions about the personal data we collect and how we use it, please contact us as set out below.


In the course of providing the Services, we may transfer data across borders to affiliates or other third parties and from Germany/the German jurisdiction to other countries/jurisdictions worldwide. By using the Services, you consent to the transfer of your data outside the European Economic Area (EEA).


If you are located in the EEA, your personal data will only be transferred to locations outside the EEA if we are satisfied that there is an adequate or comparable level of protection for personal data. We will take appropriate steps to ensure that we have adequate contractual arrangements in place with our third parties to ensure that appropriate safeguards are in place to minimise the risk of unlawful use, alteration, deletion, loss or theft of your personal data and that these third parties act at all times in accordance with applicable laws.


California Consumer Privacy Act Rights: If you use the Services as a California resident, you may be entitled to request access to and deletion of your information under the California Consumer Privacy Act ("CCPA"). To exercise your right to access and delete your information, please read below for how to contact us. We do not sell users' personal information for the purposes of the CCPA.

Updates or changes to the privacy policy

We may revise this Privacy Policy from time to time in our sole discretion, but the version posted on the Site will always be current (see the "Current" statement). We encourage you to review this Privacy Policy periodically for changes. In the event of material changes, we will post a notice of such changes on our website. Your continued use of the Services following notification of changes to our Website will constitute your acknowledgement and acceptance of the changes to the Privacy Policy.



If you have any general questions about the services or the information we collect about you and how we use it, please contact us at:


Name: Julia Reimers and Ernst Klöppel

Address: Kölnstraße 195, 53111 Bonn

E-mail address:


You can also use the contact form on the homepage.

Bonn, 12.08.2023

bottom of page