Data Privacy Policy According to the Provisions of the GDPR

Name and address of the controller

The controller for the purposes of the General Data Protection Regulation and other national data protection laws of the member states as well as other data protection regulations is:

Hotel-BetriebsgesmbH & Co KG, Hotel St. Oswald
Familie Scheriau
St. Oswald
9546 Bad Kleinkirchheim
Österreich

ATU 261 79701

Tel: +43 (0) 4240 - 591
Fax: +43 (0) 4240 - 58372
Email: reservierung@hotel-st-oswald.at oder info@hotel-st-oswald.at
Internet: www.hotel-st-oswald.at

Rights of the data subject

If your personal data is processed, you are the data subject within the meaning of GDPR and you have the following rights against the controller:

1. Right to information

You may ask the controller to confirm if personal data concerning you is processed by us.
If such processing is being carried out, you can request information from the controller about the following:

  1. the purposes for which the personal data is processed;
  2. the categories of personal data being processed;
  3. the recipient or categories of recipients who have received or will receive the personal data concerned;
  4. the period for which the personal data will be stored, or if that is not possible, the criteria used to determine that period;
  5. the existence of the right to rectification or erasure of personal data or the right to restriction of processing by the controller or the objection to this processing;
  6. the right to lodge a complaint with a supervisory authority;
  7. all available information about the origin of the data when personal data is not collected from the data subject;
  8. the existence of automated decision-making, including profiling, referred to in Article 22 par. 1 and 4 GDPR and, at least in those cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject.

You have the right to request information about whether your personal data is transferred to a third country or an international organisation. In this context, you can request the appropriate guarantees according to Article 46 GDPR in connection with the transfer.

2. Right to rectification

You have a right against the controller to rectification and/or completion, if your personal data processed is incorrect or incomplete. The controller must make the correction immediately.

3. Right to the restriction of processing

You have the right to obtain from the controller restriction of processing where one of the following applies:

  1. the accuracy of the personal data is contested by the data subject, for a period enabling the controller to verify the accuracy of the personal data;
  2. the processing is unlawful and you oppose the erasure of the personal data and request the restriction of its use instead;
  3. the controller no longer needs the personal data for the purposes of processing, but it is required by the data subject for the establishment, exercise or defence of legal claims; or
  4. you have objected to processing pursuant to Article 21 par. 1 GDPR pending verification of whether the legitimate grounds of the controller override those of the data subject.

Where processing has been restricted, such personal data shall – with the exception of storage – only be processed with your consent or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the Union or of a Member State.
If restriction of processing has been obtained pursuant to the conditions set out above, you shall be informed by the controller before the restriction of processing is lifted.

4. Right to erasure

a) Obligation of erasure

You can demand the controller delete your personal data without delay, and the controller is required to delete that information immediately if one of the following applies:

  1. Your personal data is no longer necessary for the purposes for which it was collected or otherwise processed.
  2. You revoke your consent to the processing pursuant to Article 6 par. 1 p. 1 lit. a or Article 9 par. 2 lit. a GDPR and there is no other legal basis for processing.
  3. You oppose the processing according to Article 21 par. 1 GDPR and there are no overriding justifiable reasons for the processing, or you oppose the processing according to Article 21 par. 2 GDPR.
  4. Your personal data was unlawfully processed.
  5. The deletion of your personal data is required to fulfil a legal obligation under Union law or the law of the Member States to which the controller is subject.
  6. Your personal data was collected in relation to information society services offered pursuant to Article 8 par. 1 GDPR.

b) Information to third parties

If the controller has made the personal data concerning you public and is obliged to delete it according to Article 17 par. 1 GDPR, the controller shall, taking into account available technology and implementation costs, take appropriate measures, including technical means, to inform data controllers who process your personal data that you as data subject have requested all links to such personal data, or copies or replications of such personal data, to be deleted.

c) Exceptions

The right to erasure does not exist if the processing is necessary:

  1. for exercising the right of freedom of expression and information;
  2. for compliance with a legal obligation which requires processing by Union or Member State law to which the controller is subject or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
  3. for reasons of public interest in the area of public health in accordance with points (h) and (i) of Article 9 par. 2, as well as Article 9 par. 3 GDPR;
  4. for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes in accordance with Article 89 par. 1 GDPR insofar as the right referred to in item a) is likely to render impossible or seriously impair the achievement of the objectives of that processing; or
  5. for the establishment, exercise or defence of legal claims.

5. Right to be informed

If you have the right of rectification, erasure or restriction of processing against the controller, he/she is obliged to notify all recipients to whom your personal data has been disclosed of this correction or deletion of the data or restriction of processing, unless this proves to be impossible or involves a disproportionate effort.
You have a right against the controller to be informed about these recipients.

6. Right to data portability

You have the right to receive the personal data concerning you, which you have provided to the controller, in a structured, commonly used and machine-readable format. You also have the right to transmit that data to another controller without hindrance from the controller to which the personal data has been provided, where:

  1. the processing is based on consent pursuant to Article 6 par. 1 p. 1 lit. a GDPR or Article 9 par. 2 lit. a GDPR or on a contract pursuant to Article 6 par. 1 p. 1 lit. b GDPR, and
  2. the processing is carried out by automated means.

In exercising this right, you shall have the right to have the personal data concerning you transmitted directly from one controller to another, where technically feasible. Freedoms and rights of other persons may not be affected by this right.

The right to data portability does not apply to the processing of personal data necessary for the performance of a task in the public interest or in the exercise of official authority which has been delegated to the controller.

7. Right to object

You have the right to object, on grounds relating to your particular situation, at any time to the processing of personal data concerning you which is based on Article 6 par. 1 lit. 2 or f GDPR; this is also valid for profiling based on those provisions.

The controller shall no longer process the personal data concerning you unless the controller can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or for the establishment, exercise or defence of legal claims.

Where personal data concerning you is processed for direct marketing purposes, you have the right to object at any time to processing of your personal data for such marketing; this includes profiling to the extent that it is related to such direct marketing.

If you object to processing for direct marketing purposes, your personal data shall no longer be processed for such purposes.

You may, in the context of the use of information society services – notwithstanding Directive 2002/58/EC – exercise your right to object by automated means using technical specifications.

8. Right to revoke the data protection declaration of consent

You have the right to revoke your data protection declaration of consent at any time. The revocation of consent does not affect the legality of the processing carried out on the basis of the existence of consent prior to consent being revoked.

9. Automated individual decision-making, including profiling

You have the right not to be subject to a decision based solely on automated processing – including profiling – which produces legal effects concerning you or similarly significantly affects you. This does not apply if the decision:

  1. is necessary for entering into or performance of a contract between you and the controller;
  2. is authorised by Union or Member State law to which the controller is subject and which also lays out suitable measures to safeguard your rights and freedoms and legitimate interests; or
  3. is based on your explicit consent.

However, these decisions shall not be based on special categories of personal data referred to in Article 9 par. 1 GDPR unless Article 9 par. 2 lit. a or g GDPR applies and suitable measures to safeguard your rights and freedoms and legitimate interests are in place.

With regard to the cases named in (1) and (3), the controller shall take appropriate measures to uphold the rights and freedoms and legitimate interests of the data subject, including at least the right to obtain the intervention of a person by the controller, to express his/her own position and to challenge the decision.

10. Right to lodge a complaint with a supervisory authority

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your residence, place of work or place of the alleged infringement if you consider the processing of your personal data to infringe the GDPR.

The supervisory authority with which the complaint is lodged shall inform the complainant on the progress and the outcome of the complaint including the possibility of a judicial remedy pursuant to Article 78 GDPR.

General information on data processing

1. Scope of the processing of personal data

In principle, we process our users’ personal data only to the extent necessary to provide a functioning website and our content and services. The processing of users’ personal data takes place regularly only with the consent of the user. An exception applies in cases in which prior consent cannot be obtained for reasons of fact and the processing of the data is permitted by law.

2. Legal basis for processing personal data

Insofar as we obtain the consent of the data subject for processing of personal data, Article 6 par. 1 p. 1 lit. a of the EU General Data Protection Regulation (GDPR) serves as legal basis.

Article 6 par. 1 p. 1 lit. b GDPR serves as legal basis for the processing of personal data necessary for the performance of a contract to which the data subject is a party. This also applies to processing required to carry out pre-contractual measures.

Insofar as processing of personal data is required to fulfil a legal obligation to which our company is subject, Article 6 par. 1 p. 1 lit. c GDPR serves as legal basis.

In cases where the vital interests of the data subject or another natural person require the processing of personal data, Article 6 par. 1 p. 1 lit. d GDPR serves as legal basis.

If processing is necessary to safeguard the legitimate interests of our company or a third party, and if the interest, fundamental rights and freedoms of the data subject do not prevail over the first interest, Article 6 par. 1 p. 1 lit. f GDPR serves as legal basis for the processing.

3. Deletion of data and storage period

The data subject’s personal data shall be deleted or blocked as soon as the purpose of the storage no longer applies. In addition, such storage may occur when provided for by the European or national legislator in EU regulations, laws or other regulations to which the controller is subject. Blocking or deletion of the data also occurs when a storage period prescribed by the aforementioned standards expires, unless there is a need for further storage of the data for the conclusion or fulfilment of a contract.

Provision of the website and creation of log files

1. Description and scope of data processing

Each time our website is accessed, our system automatically collects data and information from the system of the computer accessing the website.
The following data is collected here:

  1. Information about the type of browser and version used
  2. The user’s operating system
  3. The user’s Internet Service Provider
  4. The user’s IP address
  5. Date and time of access
  6. Websites from which the user’s system accesses our website
  7. Websites accessed by the user’s system via our website

The data is also stored in the log files of our system. This data is not stored together with other personal data relating to the user.

2. Legal basis for the processing of data

The legal basis for temporary storage of the data and log files is Article 6 par. 1 p. 1 lit. f GDPR.

3. Purpose of data processing

The temporary storage of the IP address by the system is necessary to allow delivery of the website to the user’s computer. For this, the user’s IP address must be kept for the duration of the session.

Storage in log files is done to ensure the functionality of the website. In addition, the data is used to optimise the website and to ensure the security of our information technology systems. Evaluation of the data for marketing purposes does not take place in this context.

For these purposes, our legitimate interest is in the processing of data pursuant to Article 6 par. 1 p. 1 lit. f GDPR.

4. Duration of storage

The data will be deleted as soon as it is no longer necessary for the purpose of its collection. In cases of data collection for the provision of the website, this is the case when the respective session is completed.

In the case of storing the data in log files, this is after no more than seven days. Further storage is possible. In this case, the user's IP address is deleted or distorted to ensure it is no longer possible to identify the client.

5. Means of objection and removal

The collection of data for the provision of the website and the storage of the data in log files is essential for the operation of the website. There is consequently no means of objection on the part of the user.

Use of Cookies

a) Description and scope of data processing

Our website uses Cookies. Cookies are text files that are saved onto the Internet browser or by the Internet browser on the computer system of the user. If a user visits a website, a Cookie can be saved on the user’s operating system. This Cookie contains a characteristic string that allows the browser to be uniquely identified when the website is revisited.

We use Cookies to make our website more user-friendly. Some elements on our website require that the requesting browser be identified even after a change in pages.

The following data is saved and transmitted in the Cookies:

Language settings

Items in shopping cart

Log-In informations

We also use Cookies on our website that allow the user’s surfing habits to be analysed.

This allows the following data to be transmitted:

  1. Entered search terms
  2. Frequency of page views
  3. Use of website functions

The user data collected in this way is pseudonymised by technical means. Thus, it is no longer possible to assign the data to the user. The data will not be stored together with other personal data relating to the user.
When accessing our website, users are informed of the use of Cookies for analysis purposes by means of an informational banner and are referred to this privacy policy. In this context, there is also information on how to prevent the storage of Cookies in your browser settings.

b) Legal basis for the processing of data

The legal basis for the processing of personal data using Cookies is Article 6 par. 1 p. 1 lit. f GDPR.

c) Purpose of data processing

The purpose of using technically essential Cookies is to simplify the use of websites for users. Some features of our website cannot be offered without the use of Cookies. For these, it is necessary that the browser is recognised even after a change of pages.

We require Cookies for the following application(s):

  1. Acceptance of language setting
  2. Shopping cart

The use of the analysis Cookies is for the purpose of improving the quality of our website and its contents. Through the analysis Cookies, we learn how the website is used and thus can continue to optimise our offer.

For these purposes, our legitimate interest is in the processing of personal data pursuant to Article 6 par. 1 p. 1 lit. f GDPR.

d) Duration of storage, means of objection and removal

Cookies are saved on the user’s computer and are transmitted by the computer to our site. Therefore, as a user, you have full control over the use of Cookies. By changing settings on your Internet browser, you can deactivate or restrict the transfer of Cookies. This can also be done automatically. If Cookies are deactivated for our website, it may not be possible to use all features of the website to full effect.

The transmission of Flash Cookies cannot be prevented in the browser settings, but by changing settings of your Flash Player.

Newsletter

1. Description and scope of data processing

On our website you can subscribe to a free newsletter. When registering for our newsletter, the following data from the input mask will be sent to us:

Email address
Surname
First name
Interests
P address of the calling computer
Date and time of registration

Data is not disclosed to third parties in connection with the processing of data for the sending of newsletters. The data will be used exclusively for sending the newsletter.

2. Legal basis for the processing of data

The legal basis for the processing of data after a user registers and gives consent for our newsletter is Article 6 par. 1 p. 1 lit. a GDPR.

3. Purpose of data processing  

The user’s email address is collected in order to deliver the newsletter.
The collection of other personal data in the context of the registration process serves to prevent misuse of the services or the email address used.

4. Duration of storage

The data will be deleted as soon as it is no longer necessary for the purpose of its collection. The user’s email address is therefore stored as long as the subscription to the newsletter is active.

The other personal data collected during the registration process will typically be deleted after a period of seven days.

5. Means of objection and removal

Subscription to the newsletter may be terminated by the user at any time. To do so, a corresponding link can be found in each newsletter.

This also allows consent to the storage of the personal data collected during the registration process to be revoked.

Online booking on our website

1. Description and scope of data processing

On our website you have the possibility to book and/or inquire rooms and offers. If a user uses this option, the data entered in the input mask will be transmitted to us and saved. This data is: title, first name, surname, email address, telephone number, address, number of guests, requests, date, time.

Online bookings via our website are completed using the online reservation system of websLINE Internet- & Marketing GmbH, Sägewerkstrasse 24, 83395 Freilassing, Germany. All booking data you enter shall be encrypted. websLINE commits to the data privacy-appropriate handling of your personal data. The company takes all organisational and technical measures to protect your data.

In this context, no further transfer of your data to third parties takes place. The data is used exclusively for processing your booking and for communication purposes.

2. Legal basis for the processing of data

The legal basis for the processing of the data is the conclusion of an accommodation contract with the user.

3. Purpose of data processing

The processing of personal data from the input mask serves solely to process your booking request and to process payment transactions.

4. Duration of storage

The data will be deleted as soon as it is no longer necessary for the purpose of its collection. In the case of a contractual relationship, we will delete the data received as soon as national, commercial, statutory or contractual retention requirements have been met.

5. Means of objection and removal

The user has the option to object to the processing of their personal data at any time.

We would like to point out that in the case of objection, the booking cannot be completed or the communication cannot be continued

Applying for employment in our company

1. Description and scope of data processing

You have the opportunity to apply for a job vacancy or to send us an unsolicited application. You can do so by email or on paper. You can access our job vacancies on our website. If you take this opportunity, we will store general information about you in our administration program. This data is:

  • Title
  • First name, surname
  • Address
  • Date of birth
  • Email address
  • Telephone number
  • Date of application
  • Position applied for
  • Department applied for
  • Method of application (by email, HotelCareer, HogastJobbörse job portal, mail)

In addition, we may forward your application internally to the responsible department head. In this context, your data is not further transferred to third parties. The data will be used exclusively for processing your application and for communication purposes.

2. Legal basis for the processing of data

The legal basis for the processing of the data is the initiation of the contract or contractual relationship.

3. Purpose of data processing

The processing of personal data serves solely to process your application.

4. Duration of storage

The data will be deleted as soon as it is no longer necessary for the purpose of its collection.

5. Means of objection and removal

You as an applicant have the option to object to the processing of your personal data at any time.

We would like to point out that in the case of objection, your application cannot be completed and communication cannot be continued.

Online reviews

1. Description and scope of data processing

Former guests can submit a review of our hotel after they check-out. We would therefore like to send you an email within 14 days of your departure to ask you for a hotel review. Each evaluation can be published anonymously if requested. If you did not feel comfortable in our hotel, we would like to take the opportunity to contact you.

If you submit an online review via our website, your data will be saved in the rating tool of TrustYou GmbH, Agnes-Pockels-Bogen 1, D-80992 Munich, Germany. TrustYou GmbH commits to the data privacy-appropriate handling of your personal data. It takes all organisational and technical measures to protect your data.

If a former guest makes an online review, data from the former guest is stored in the evaluation mask. This data is: email address, as well as voluntary information such as first name, surname, language as well as information for the review.

In this context, no further transfer of the data to third parties takes place. The data will only be used to publish the rating and to mediate in cases of poor ratings.

2. Legal basis for the processing of data

The legal basis for processing the data is also our legitimate interest in data processing.

3. Purpose of data processing

The purpose of the hotel review is to communicate and summarise the opinions of hotel guests on our website in order for interested parties to get an idea of our services. In addition, the results support our internal quality management.

4. Duration of storage

The data is not deleted.

5. Means of objection and removal

The user has the option to have their published review deleted (right to be forgotten) at any time. Please simply tell us which review is concerned.

Contact forms and email contact

1. Description and scope of data processing

Our website includes a contact form that can be used for electronic communication. If a user uses this option, the data entered in the input mask is transferred to us and saved. For the processing of the data in the context of the submission process, your consent shall be obtained and we hereby expressly refer you to this privacy statement.
Alternatively, you can make contact via the email address provided. In this case, the user’s personal data transmitted by email will be stored.
In this context, there is no disclosure of the data to third parties. The data is used exclusively for processing the conversation.

2. Legal basis for the processing of data

The basis of processing data with the user’s explicit consent is Article 6 par. 1 p. 1 lit. a GDPR.
The legal basis for the processing of the data transmitted in the course of sending an email is Article 6 par. 1 p. 1 lit. f GDPR. If the email contact is intended to conclude a contract, then additional legal basis for the processing is Article 6 par. 1 p. 1 lit. b GDPR.

3. Purpose of data processing

The processing of the personal data from the input mask serves only to process the establishment of contact. In the case of contact via email, this also includes the required legitimate interest in the processing of the data.
The other personal data processed during the submission process serves to prevent misuse of the contact form and to ensure the security of our information technology systems.

4. Duration of storage

The data will be deleted as soon as it is no longer necessary for the purpose of its collection. For the personal data from the input mask of the contact form and data sent by email, this is when the respective conversation with the user has ended. The conversation has ended when it can be inferred from the circumstances that the relevant facts have been clarified in full.
The additional personal data collected during the submission process will be deleted after a period of seven days at latest.

5. Means of objection and removal

The user has the option to revoke their consent to the processing of their personal data at any time. If the user contacts us by email, they may object to the storage of their personal data at any time. In such cases, communication cannot continue.

Use of Facebook Pixel

1. Scope of processing of personal data

We use “Facebook Pixel” from the social network Facebook, Facebook Inc., 1 Hacker Way, Menlo Park, CA 94025, United States; or, if you are an EU resident, Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. With this analysis tool, Facebook can choose users of our website as the target group for the display of ads.

2. Legal basis for the processing of personal data

The legal basis for the processing of personal data is Article 6 par. 1 p. 1 lit. f GDPR.

3. Purpose of data processing

The use of Facebook Pixel serves to evaluate the effectiveness of Facebook advertisements for statistical and market research purposes. As a result, future advertising measures can be optimised.

4. Duration of storage

We have no information about the duration of storage.

5. Means of objection and removal

The collected data remain anonymous for us. It is saved and processed by Facebook. There is a possibility that a connection to your Facebook profile can be made. Facebook may use this information for its own promotional purposes under the Facebook Data Use Policy (https://www.facebook.com/about/privacy/). If you do not want Facebook to associate the use of our website with your Facebook profile, then please log out of your Facebook user account. You can object to collection of data by Facebook Pixel and the use of your data for the display of Facebook ads by clicking the following link.

You can also object to the use of Facebook Pixel using our opt-out link:

Use of Facebook plugins

1. Scope of processing of personal data

We use the plugins of Facebook Inc., 1 Hacker Way, Menlo Park, CA 94025, United States; or, if you are an EU resident, Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. Activating this plugin creates a connection between your browser and the Facebook server, allowing Facebook to learn that you visit our website with your IP address. Additionally, Facebook receives information about the date, time, browser type and version, operating system and version, and Facebook Cookies previously set on your browser. From this, Facebook can recognise which websites with Facebook content you were on. The plugin is part of Facebook and will only be displayed on our site. Any interaction with the plugin is an interaction on "facebook.com".

If you are signed into Facebook, your Facebook registration number is transmitted when the plugin is activated. The visit to our website can therefore be connected to your Facebook account. Depending on the settings of your Facebook account, clicking the plugin will be published on Facebook. You can prevent this by signing out of your Facebook account before you activate the plugin and deleting all Facebook Cookies after visiting websites with Facebook plugins.

2. Legal basis for the processing of personal data

The legal basis for processing is Article 6 par. 1 p. 1 lit. a GDPR.

3. Purpose of data processing

Facebook processes this data to find errors in its own system, to improve its own products and their adaptation to user behaviour, to monitor, place and individualise advertising. In addition, the processing also serves the purposes of localisation, recording of the way websites with Facebook content are used, and for the purpose of market research.

4. Duration of storage

According to their own information, Facebook stores the data for up to 90 days. After this the data is only used in anonymised form.

5. Means of objection and removal

Find more information about the use and collection of data in Facebook's privacy policy: https://facebook.com/about/privacy/.

Use of Google AdWords

1. Scope of processing of personal data

Our website uses Google AdWords from Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States. This is an online advertising program that uses conversion tracking. When you reach our website via a Google Ad, Google AdWords places a Cookie on your computer. Each Google AdWords customer will be assigned a different Cookie.

2. Legal basis for the processing of personal data

The legal basis for processing is Article 6 par. 1 p. 1 lit. f GDPR.

3. Purpose of data processing

We only receive information about the total number of users who respond to our ad. No information will be shared with us that allows us to identify you. The use is not for purposes of traceability.

4. Duration of storage

The Cookie becomes invalid after 30 days.

5. Means of objection and removal

You can stop Google conversion tracking by turning off tracking in your browser. Find more information by visiting https://policies.google.com/privacy?hl=en

Use of Google Analytics

1. Scope of processing of personal data

Our website uses Google Analytics, a web analysis service of Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States ("Google"). Google Analytics uses Cookies, text files that are saved onto your computer and allow the use of our website to be analysed. The information generated by the Cookie about your use of this website is transmitted to a Google server in the USA and saved there. However, if IP anonymisation is activated on this website, your IP address will be shortened by Google beforehand within member states of the European Union or other signatories to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be sent to a Google server in the US and shortened there. IP anonymisation is active on this website. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, compile reports on website activity and provide other services related to website activity and Internet usage to the website operator. The IP address provided by Google Analytics as part of Google Analytics will not be merged with other Google data. You can prevent the storage of Cookies by activating a corresponding setting on your browser software; however, we point out that in this case you may not be able to use all the features of our website in full.

2. Legal basis for the processing of personal data

The legal basis for the processing is Article 6 par. 1 p. 1 lit. f GDPR.

3. Purpose of data processing

The purpose of the processing of personal data is in the targeted approach of a target group that has already shown initial interest by visiting the page.

4. Duration of storage

Advertisement data in server logs is anonymised by Google, according to their own information, by deleting parts of the IP address and Cookie information after 9 or 18 months.

5. Means of objection and removal

You may additionally prevent Google from collecting the data generated by the Cookie and related to your use of the website (including your IP address), as well as the processing of this data by Google, by downloading and installing the browser plugin available at the following link: https://tools.google.com/dlpage/gaoptout?hl=en.
Find more information by visiting https://policies.google.com/privacy?hl=en.

Use of Google Analytics Remarketing

1. Scope of personal data processing

Our website uses the remarketing feature of Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States. Together with Google, we offer you appropriate and interest-based advertisements. Google Analytics Remarketing uses Cookies. These are saved on your computer. According to information from Google, this does not involve any collection of personal data. According to Google's information, no connection to other Google services is made.

2. Legal basis for the processing of personal data

The legal basis for the processing is Article 6 par. 1 p. 1 lit. f GDPR.

3. Purpose of data processing

The purpose of the processing of the personal data is to directly address a target group. The Cookies stored on your computer recognise you when you visit a website and can therefore show you interest-based advertising.

4. Duration of storage

Advertisement data in server logs is anonymised by Google, according to their own information, by deleting parts of the IP address and Cookie information after 9 or 18 months.

5. Means of objection and removal

You can prevent the use of the Remarketing feature by activating the appropriate settings at the following link: https://adssettings.google.com/authenticated?hl=en.
Find information by visiting: https://policies.google.com/privacy?hl=en.

Use of Google Maps Plugin

1. Scope of personal data processing

Our website uses the online map service Google Maps from Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States. By using Google Maps on our website, information about the use of our website, your IP address and address entered in the route planner feature are transmitted to a Google server in the USA and stored there. By using our website you consent to the processing of your data collected by Google Maps.

2. Legal basis for the processing of data

The legal basis for the processing is Article 6 par. 1 p. 1 lit. f GDPR.

3. Purpose of data processing

We have no information about the purpose of data processing nor of Google's use of the data.

4. Duration of storage

We have no information about the duration of storage.

5. Means of objection and removal

Find more information at https://policies.google.com/privacy?hl=en.

Use of Instagram Plugin

1. Scope of personal data processing

Our website features integrated plugins of the service Instagram. These are offered by Instagram Inc., 1601 Willow Road, Menlo Park, CA 94025, USA.
The integrated Instagram buttons are used by us to link to our Instagram profile. A widget is also integrated, which allows us to show certain photos and videos from our Instagram profile on our website.
When you visit one of our pages that contain such a plugin, your browser connects directly to an Instagram server. The contents of the plugins are directly transmitted by this to your browser and are integrated into the website. This automatically transfers data to Instagram and stores it on their servers. This data includes connection information (e.g. your IP address, date and time, URL visited), the browser you are using, and the operating system. Your visit to our website can be tracked by Instagram, even if you do not actively use the plugin features.
If you are logged into your Instagram account, you can link the content of our website to your Instagram profile by clicking on the Instagram button. This allows Instagram to associate your visit to our website with your user account. If you want to prevent this instant mapping, you must sign out of Instagram before visiting our website. For more information, please see the Instagram Privacy Policy: https://help.instagram.com/155833707900388

2. Legal basis for the processing of data

The legal basis for the processing of the user's personal data is Article 6 par. 1 p. 1 lit. f GDPR.

3. Purpose of data processing

Please refer to Instagram's privacy policy for information on the purpose of the processing of personal data: https://help.instagram.com/155833707900388

4. Duration of storage

We have no information about the duration of storage.

5. Means of objection and removal

Please find more information by visiting the following link: https://help.instagram.com/155833707900388.

Use of a customer relation management program

Purpose of the data collection

For the facilitation and realisation of guest booking; the successful execution of the guest’s stay; to coordinate the hotel stay according to the wishes and interests of the guest; to ensure the provision of future hotel services which correspond with the interests of the guest; for marketing purposes as pertaining to hotel performance and the improvement of this performance.

Data sharing with third parties

To contracted service providers who supply cloud-based software and data handling solutions to the hotel. These providers operate with the sole purpose of processing and analysing guest data for the aforementioned purposes.

Book
Enquiry
Call us
Email
DE
IT