Privacy policy

Information on data protection

With this data protection declaration, we inform you in accordance with Regulation (EU) 2016/679 (General Data Protection Regulation, GDPR) about the processing of your personal data in the context of the use of our website and about the rights to which you are entitled in this context. In addition, we also provide you with some basic information on data processing in the event that you book a ferry trip, apply for a job or contact us for business purposes.

Data controller

The entity responsible for data processing is
Wyker Dampfschiffs-Reederei Föhr-Amrum GmbH
Am Fähranleger 1
25933 Wyk auf Föhr

Further information about our company and the authorised representatives can be found in our imprint.

Who can I contact?

You can contact the appointed data protection officer at

Wyker Dampfschiffs-Reederei Föhr-Amrum GmbH
Data Protection Officer
Am Fähranleger 1
25933 Wyk auf Föhr
Email: datenschutzbeauftragter(at)

What data is processed?

Legal bases for data processing
In order to be able to offer you our website and the associated services, we process personal data on the basis of the following legal bases:

  • Consent (Art. 6 para. 1 lit. a) GDPR)
  • for the fulfilment of contracts (Art. 6 para. 1 lit. b) GDPR)
  • on the basis of a balancing of interests (Art. 6 para. 1 lit. f) GDPR)
  • for the fulfilment of a legal obligation (Art. 6 para. 1 lit. c) GDPR)

We will refer to the relevant terms in connection with the respective processing so that you can categorise the basis on which we process personal data.

If personal data is processed on the basis of your consent, you have the right to withdraw your consent from us at any time with effect for the future.

If we process data on the basis of a balancing of interests, you as the data subject have the right to object to the processing of personal data, taking into account the provisions of Art. 21 GDPR.

Access data

When you visit our website, personal data is processed in order to display the content of the website on your device.

In order for the pages to be displayed in your browser, the IP address of the device you are using must be processed. Further information about the browser on your device is also processed.

We are also obliged under data protection law to guarantee the confidentiality and integrity of the personal data processed with our IT systems.

For this purpose and out of this interest, the following data is logged on the basis of a balancing of interests:

  • IP address of the accessing computer (for a maximum of 7 days)
  • Operating system of the accessing computer
  • Browser version of the accessing computer
  • Name of the retrieved file
  • Date and time of access
  • Amount of data transferred
  • Referring URL

The IP address is deleted from all systems used in connection with the operation of this website after 7 days at the latest. We can then no longer establish a personal reference from the remaining data.

The data is also used to identify and rectify errors on the website.


Cookies are used on our website. Cookies are small text files that are stored on your end device via your browser. Cookies are required to enable certain functions of our website.

We use both session cookies, which are automatically deleted by your browser immediately after the end of your visit to the website, and temporary cookies, which are automatically deleted after 72 hours (see "Anonymous use of the website" below).

In the area of web analysis, however, we also use so-called persistent cookies, which are not automatically deleted at the end of your visit to our website.

You have the option of preventing the setting of cookies by making the appropriate settings in your browser. However, we would like to point out that the use of our website may then only be possible to a limited extent. Cookies do not install or start any programmes or other applications on your computer.

The use of cookies is based on a weighing of interests. Our interest is a user-friendly visit to our website.

Use of Cookiebot

Cookiebot is an online service that helps us to organise the use of cookies and the online tracking of these in compliance with data protection regulations. By using the web service Cybot A/S (Havnegrade 39, 1058 Copenhagen, Denmark), your browser transmits personal data to the above-mentioned company. The legal basis for data processing is Art. 6 para. 1 lit. f GDPR. The legitimate interest lies in the error-free functioning of the website. The data is deleted as soon as the purpose of its collection has been fulfilled. Further information on the handling of the transferred data can be found in's privacy policy: . You can prevent the collection and processing of your data by by deactivating the execution of script code in your browser or by installing a script blocker in your browser (you can find this at or, for example). You have the right to change or withdraw your consent at any time.

SSL encryption

This site uses SSL encryption for security reasons and to protect the transmission of confidential content, such as the enquiries you send to us as the site operator. You can recognise an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in your browser line. If SSL encryption is activated, the data you transmit to us cannot be read by third parties.

Use of Adobe Typekit

We use Adobe Typekit for the visually appealing design of our website. Typekit is a service provided by Adobe Systems Software Ireland Ltd. 4-6 Riverwalk, Citywest Business Campus, Dublin 24, Republic of Ireland ("Adobe"), which gives us access to the Adobe font library. In order for the fonts we use to be integrated, your web browser must connect to an Adobe server in the USA and download the required font. Adobe then receives the information that our website has been accessed from the IP address of your device. Adobe has submitted to the EU-US Privacy Shield and has thus undertaken to guarantee the European data protection principles and the local level of data protection even in the context of data processing taking place in the USA. The legal basis is Art. 6 para. 1 sentence 1 lit. f GDPR, based on our legitimate interest in the visually appealing design of our website.

Further information on Adobe Typekit can be found in Adobe's privacy policy .

Purposes of the processing of personal data

We process the aforementioned data for the operation of our website and for the fulfilment of contractual obligations towards our customers or the protection of our legitimate interests.

In the case of enquiries from you outside of an active customer relationship, we process the data for sales and advertising purposes. You can object to the use of your personal data for advertising purposes at any time.

Voluntary information

If you provide us with data voluntarily, e.g. in forms, and this data is not required for the fulfilment of our contractual obligations, we process this data on the legitimate assumption that the processing and use of this data is in your interest.

Recipients / forwarding of data

Data that you provide to us will not be passed on to third parties. In particular, your data will not be passed on to third parties for their advertising purposes.

However, we may use service providers for the operation of this website or for other products or services of ours. It may happen that a service provider obtains knowledge of personal data. We select our service providers carefully - particularly with regard to data protection and data security - and take all measures required under data protection law to ensure authorised data processing.

Anonymous use of the website.

If you use our website for information purposes only, we do not request any personal data from you. Temporary cookies are required for timetable enquiries and online bookings, but these are not stored permanently. Your entries are temporarily stored together with your Internet connection (IP address) for technical reasons. This data is automatically deleted from the online reservation system after 72 hours and is only used to check that the system is working correctly. Calls to the static Internet pages are recorded in the logs on our external Internet server. The logs are only analysed on a cumulative basis and do not allow any conclusions to be drawn about individual users.

The use of your data.

If you would like to book a crossing for your vehicle with us, we will ask you for your name, vehicle registration number, vehicle length, e-mail address and a password to record the customer data. Further details (e.g. address, telephone number) are optional. This contact information enables us to provide you with the printed tickets at the start of the outward journey and to inform you of any last-minute changes to the timetable. Furthermore, we use this data to find your booking at the ticket counter even without entering the booking number and to ensure that only one departure per day and port is booked for a licence plate number. We store the length of your vehicle's licence plate number when you make a booking so that you do not have to enter this information again the next time you make a booking. We assume that not all our customers can be reached by e-mail at short notice and therefore ask for a telephone number.

We save the planned journey dates, the printed tickets and the method of payment for each booking. Subsequent changes to bookings due to rebookings are logged. This data is stored for up to 18 months after expiry or use of the ticket and then deleted or permanently anonymised. Your personal data will only be used internally by Wyker Dampfschiffs-Reederei Föhr-Amrum GmbH and will not be passed on to third parties.

Information about your data and deletion.

The data of each online booking will be automatically confirmed to you by e-mail. You can request a complete overview of your data stored by us from the online booking by e-mail. After expiry or cancellation of all bookings, you can request the immediate deletion of your data by e-mail or by other means.

Processing of application documents

If you send us an application, we will process your associated personal data insofar as this is necessary to decide on the establishment of an employment relationship. We base the processing of personal data in the context of an application procedure on Art. 6 para. 1 lit. b GDPR (initiation and implementation of the employment relationship) and Art. 6 para. 1 lit. c GDPR (legal obligation to process employee data). In certain cases, we process your data to protect a legitimate interest of ours or of third parties (Art. 6 para. 1 lit. f GDPR). A legitimate interest exists, for example, if your data is required for the assertion, exercise or defence of legal claims in the context of the application process (e.g. claims under the General Equal Treatment Act). In the event of a legal dispute, we have an overriding legitimate interest in processing the data for evidence purposes.

If you provide information in your application documents that contains special categories of personal data within the meaning of Art. 9 para. 1 GDPR, we will also only process this data to the extent permitted by law.

If we are unable to make you a job offer, you reject a job offer or withdraw your application, we reserve the right to retain the data you have submitted on the basis of our legitimate interests (Art. 6 para. 1 lit. f GDPR) for up to 6 months from the end of the application process (rejection or withdrawal of the application). The data will then be deleted and the physical application documents destroyed. The retention serves in particular as evidence in the event of a legal dispute. If it is evident that the data will be required after the six-month period has expired (e.g. due to an impending or pending legal dispute), the data will only be deleted when the purpose for further storage no longer applies.

Longer storage may also take place if you have given your consent (Art. 6 para. 1 lit. a and Art. 9 para. 2 lit. a as well as § 26 para. 2 of the Federal Data Protection Act) or if statutory retention obligations prevent deletion.

Data processing outside the European Union

If personal data is processed outside the European Union, you can see this in the previous explanations.

Your rights as a data subject

You have the right to information about the personal data concerning you. You can contact us at any time for information.

In the case of a request for information that is not made in writing, we ask for your understanding that we may require proof from you that you are the person you claim to be.

Furthermore, you have a right to rectification or erasure or to restriction of processing, insofar as you are legally entitled to do so.

Finally, you have the right to object to processing within the scope of the statutory provisions. The same applies to the right to data portability.

Deletion of data

We generally erase personal data when there is no need for further storage. A requirement may exist in particular if the data is still needed to fulfil contractual services, to check and grant or defend against warranty and guarantee claims. In the case of statutory retention obligations, deletion will only be considered after expiry of the respective retention obligation.

Supervisory authority

If you believe that the processing of your personal data violates data protection law, you may - without prejudice to any other administrative or judicial remedy - lodge a complaint with the competent supervisory authority.

The address of the supervisory authority responsible for us is:

Unbhängiges Landeszentrum für Datenschutz Schleswig-Holstein
Holstenstraße 98
24103 Kiel

Phone: +49 431 988-1200
Fax: +49 431 988-1223
Email: mail(at)

Changes to this data protection notice

We will revise this data protection notice in the event of changes to this website or other occasions that make this necessary. You will always find the current version on this website