Privacy Statement - Luxembourg for Tourism

1. General information

We take the protection of your personal data very seriously. We will therefore treat this data confidentially in accordance with the applicable legal requirements and our privacy statement. Please note that providing any personal data is optional.

If you have any questions, suggestions and/or complaints, please contact us by telephone on (+352) 42 82 82 1 or by email at romain.schwartz@lft.lu

External links

If you use a link on our website to connect to other websites or apps, these newly opened links are not subject to this privacy statement. We therefore recommend that you read the privacy statements of these websites or apps for information regarding their procedures for the collection, use and disclosure of personal data.

2. Data collection on our website

Data controller

“Data controller” refers to the body responsible for how personal data is processed, communicated and stored.

The website publisher also acts as the data controller:

Luxembourg for Tourism GIE
Romain Schwartz
6, rue Antoine de Saint-Exupéry
L-1432 Luxembourg

P.O. Box 1001
L-1010 Luxembourg

Trade Register no.: C124
VAT identification number: LU28215929

Collecting your personal data

We collect personal data that you choose to share with us, for example, by subscribing to our newsletter, completing the contact form or sending us an email.

We also gather data from your use of the website and its services, when you visit webpages and fill out forms.

Use of your personal data

This website uses cookies. We use cookies to personalise content and advertisements and to analyse the use of our website. We also provide information on your use of our website to our social media, advertising and analytics partners. Our partners may combine this information with additional data that you have already made available to them or which they have collected when you have used services.

A cookie is a small piece of text used by webpages to enhance the efficiency of the user experience.

The law allows us to store cookies on your device if they are essential to operate these pages. We require your permission for any other types of cookies.

These pages use various types of cookies. Some cookies are placed by third parties that feature on our webpages.

You can change or delete your consent via our website’s cookie policy at any time.

Cookiebot consent management platform

Our website uses the Cookiebot consent management platform to collect your consent to save certain cookies on your device or to use certain technologies, and to document this consent in compliance with data privacy regulations. Cybot A/S, Havnegade 39, 1058 Copenhagen, Denmark (hereinafter referred to as “Cookiebot”) is the provider of this technology.

When you enter our website, a connection to the Cookiebot servers is established to obtain your consent and other statements regarding the use of cookies. Cookiebot then deposits a cookie in your browser to associate it with the consent or refusal you have provided. This data is saved until you ask us to delete it or delete the Cookiebot cookie yourself, or until the reason for saving the data no longer exists. Mandatory legal retention duties are not affected.

Cookiebot is used to obtain the legally required consent for the use of cookies. The legal basis for this is Article 6(1)(c) of the EU General Data Protection Regulation – GDPR.

Your rights

Pursuant to Regulation (EU) 2016/679 of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, you have the right of access to, and the rectification and erasure of your personal data. You also have the right to withdraw your consent at any time and to prevent the processing of your data if this is legally justified.

Please note that several of the aforementioned rights may be restricted if we have a compelling legitimate interest or legal obligation to continue processing the data.

If you wish to exercise these rights, please contact the data controller using the contact details provided above on this page.

You can also address any complaints to the Luxembourg National Commission for Data Protection (Commission nationale pour la protection des données) located at 1, avenue du Rock'n'Roll, L-4361 Esch-sur-Alzette.

Third-party analysis tools and tools

When you visit this website, your browsing behaviour may be subject to statistical analysis. This is performed primarily by analytics software.

You will find more information on analytics software under cookies.

    3. Hosting

    External hosting

    This website is hosted by an external web hosting provider. The personal data collected on this website is stored on the servers of the web hosting provider. This will primarily relate to IP addresses, metadata, telecommunications data, contract data, websites accessed and other data generated via a website.

    The website hosting provider’s service is used to ensure that we meet our contractual commitments to our potential and existing clients and in the interests of secure, swift and efficient provision of our online services by a professional provider.

    Our hosting provider will only process your data to the extent necessary to fulfil its duties as our service provider and will follow our instructions regarding this data.

    We use the following web hosting provider:

    infomax websolutions GmbH
    Aichfeld 2
    D-83224 Grassau
    Tel: +49 (0) 8641 - 6 99 30
    mail@infomax-it.de I www.infomax-it.de

    4. General and obligatory information

    Legal basis

    We collect personal data on the following basis:

    • To establish and fulfil the services agreement and to execute your online orders
    • To adjust and improve our service range
    • To comply with our legal obligations
    • To protect our interests in the event of legal proceedings
    • For commercial purposes providing that we have your consent

    Personal data collection

    Server log files

    The provider of the pages automatically creates and stores information in server log files, which your browser automatically sends to us. This information includes:

    • Browser type and version
    • Operating system used
    • Referring URL
    • Hostname of the device accessing the site
    • Time of the server request
    • IP address

    This data is not merged with other data sources.

    This data is collected in accordance with Article 6(1)(f) of the GDPR. The website operator has a legitimate interest in presenting a website that is free of technical errors and in optimising its operations; this requires the creation of server log files.

    This data is saved in an anonymous format and does not enable the identification of users.

    Ordering brochures online

    We collect the following personal data when you order brochures online:

    • Title
    • Last name and first name
    • Street name and number
    • Postcode and town/city
    • Country
    • Email address
    • Telephone number
    • Order

    This data is stored by the data controller for a period of 2 years.

    Contact form

    Luxembourg for Tourism saves your personal data in order to respond to your queries. In certain circumstances the following data is required for this:

    • Title
    • Last name and first name
    • Street name and number
    • Postcode and town/city
    • Country
    • Email address
    • Telephone number

    This data is stored by the data controller for a period of 2 years.

    reCAPTCHA Enterprise

    This website uses reCAPTCHA Enterprise as a security measure to protect our forms from spam, abuse, and unauthorized access. Our legitimate interests in using reCAPTCHA Enterprise include ensuring the safety and security of our website, protecting our users’ personal information, and preventing fraudulent activities. reCAPTCHA Enterprise is used to analyze the behaviour of our site visitors filling in a form to distinguish between human users and automated bots attempting to access our site.

    LuxembourgCard e-shop

    The website allows you to access other services. 

    When you purchase a LuxembourgCard, the following information is collected and stored electronically until the validity period expires:

    • First and last name
    • Address
    • Email address
    • Payment method

    The stored information will be read electronically from your card and used at participating service partners while the access control remains valid, but the information will not be saved. 

    Other third-party providers

    The website uses the content of third-party providers to present information and services.

    How is your data protected?

    SSL or TLS encryption

    This website uses SSL or TLS encryption for security purposes and to protect the transfer of confidential content, e.g. questions you have sent us as the website publisher. An encrypted connection can be recognised by the address, which starts with “https:/” (not “http:/”) and displays a padlock symbol.

    When SSL or TLS encryption is activated, data communicated by you cannot be read by third parties.

    Retention period for your personal data

    We do not keep personal data for longer than is necessary to fulfil the purposes for which the information was collected.

    Each type of personal data is kept for an appropriate period of time. These periods may differ depending on the purpose for which the data was collected:

    • Legal and contractual duties to retain data
    • Periods of limitation during which the relevant persons can enforce their rights vis-à-vis our economic interest group
    • Best practices
    • Commercial purposes of our economic interest group

    Personal data is kept for 2 years.

    Protection of your personal data

    We implement various organisational and technical measures to protect your personal data from disclosure to unauthorised persons.

    Version: March 2024