Privacy Policy

Information on the processing of your data

Pursuant to Art. 12 General Data Protection Regulation (hereinafter referred to as “GDPR”), we are obliged inform you about the processing of your data when you use our website. We take protecting your personal data very seriously, and this Data Privacy Statement informs you about the details of the processing of your data, as well as about your statutory rights in this respect.

We reserve the right to adapt the Data Privacy Statement, with effect for the future, in particular in the event of the website being enhanced, if we use new technologies or if there is any change in the statutory basis or the corresponding case law.

We recommend you to read the Data Privacy Statement from time to time, and print it out or make a copy for your records.

Definitions

  • “Website” or “Internet presence” shall mean, below, all pages of the Controller at www.amanogroup.de/de/.
  • “Personal data” shall mean any information which relates to an identified or identifiable natural person. A person who can be identified, either directly or indirectly, in particular by way of being allocated to an identifier, such as a name, an identification number, location data, an online identifier or one or more special features which are an expression of the physical, physiological, genetic, mental, economic, cultural or social identity of said natural person, is identifiable. Personal data therefore includes, for example, the name, e-mail address and telephone number of an individual, but may also include data on preferences, hobbies and memberships.
  • “Processing” shall mean procedures or sequences of procedures in connection with personal data that are carried out with or without the aid of automated processes, such as gathering, recording, organising, classifying, storing, adapting, changing, reading out, retrieving, using, disclosing by transmission or disseminating data, or any other form of provision, comparing, linking, limiting, erasing or destructing such data.
  • “Pseudonymisation” shall mean the processing of personal data in such a manner that the personal data can no longer be allocated to a specific data subject without drawing upon additional information, as long as such additional information is stored separately and is subject to technical and organisational measures which guarantee that the personal data is not allocated to an identified or identifiable natural person.
  • “Consent” shall mean, below, any declaration of intent voluntarily, in an informed manner and unmistakably submitted in regard to the particular case at hand, in the form of a statement or other clear act of confirmation, by which the data subject indicates that he/she is in agreement with the processing of the personal data relating to him/her.
  • “Google” shall hereinafter mean Google, LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Its contact details for the European Union are Google Dublin, Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland, Fax: +353 (1) 436 1001.

Scope of application
The Data Privacy Statement shall apply to all pages of www.amano-group.de/de/. It shall not extend to any linked websites or Internet presences of other providers.
Provider responsible
Responsible for the processing of personal data within the area of application of this Data Privacy Statement is:

R & S Hotelbetriebsgesellschaft mbH
Spichernstraße 24
10777 Berlin

Tel.: +49 (0) 30 790 1260
E-mail: amano@amanogroup.de

Questions concerning data protection

Should you have any questions on the topic of data protection in regard to our company or our website, you may contact our Data Protection Officer:

Spirit Legal LLP, Attorneys-at-Law
Attorney-at-Law and Data Protection Officer
Peter Hense

Postal address:

Data Protection Officer
c/o R & S Hotelbetriebsgesellschaft mbH
Spichernstraße 24
10777 Berlin
The Data Protection Officer can be contacted via an encrypted online form:

Contact Data Protection Officer

Security

We have taken extensive technical and organisational precautions to protect your personal data from unauthorised access, abuse, loss and any other external interference. For this purpose, we review our security measures regularly and adapt them to the state of the art.

Your rights
You have the following rights that you may assert vis-à-vis us in regard to the personal data concerning you:

  • The right of access to information (Art. 15 GDPR)
  • The right to rectification (Art. 16 GDPR) or erasure (Art. 17 GDPR)
  • The right to restriction of processing (Art. 18 GDPR)
  • The right to object to the processing (Art. 21 GDPR)
  • The right to withdraw your consent (Art. 7(3) GDPR)
  • The right to receive the data in a structured, common, machine-readable format (“data portability”), as well as the right to have the data passed on to a different controller, if the prerequisites of Art. 20(1)(a), (b) GDPR exist (Art. 20 GDPR).

You may assert your rights by notifying us using the contact details specified in the “Provider Responsible” section or vis-à-vis the Data Protection Officers appointed by us.
In addition, you are entitled to complain to a data protection supervisory authority about the processing of your personal data undertaken by us (Art. 77 GDPR).

Use of the website, access data

You can basically use our website for purely informational purposes without disclosing your identity. When you access the individual pages of the website for this purpose, access data is only transmitted to our webspace provider, so that the website can be displayed to you. That includes the following data:

  • Browser type and browser version
  • Operating system used
  • Language and version of the browser software
  • Host name of the accessing terminal
  • IP address
  • The website from which the request comes
  • The date and time of the server request
  • The referring URL (the page visited previously)
  • The volume of data transmitted
  • The time zone difference in relation to Greenwich Mean Time (GMT)

The temporary processing of the IP address by the system is necessary to technically enable the website to be delivered to your PC. It is therefore necessary for your IP address to be processed for the duration of the session. The legal basis for said processing is Art. 6(1)(1)(f) GDPR.

The access data is not used to identify individual users, and not merged with other data sources. The access data is erased once it is no longer necessary in order to achieve the purpose for which it was processed. In the case of the data being recorded to provide the website, the aforementioned is the case once you finish visiting the website.

The IP addresses are stored in log files to ensure the functionality of the website. In addition, the data serves the purpose of enabling us to optimise the website and ensure that our IT systems are secure. The data is also not evaluated for marketing purposes in this context. The data is essentially erased at the latest after seven days. It may be processed beyond that period in individual cases. In this case, the IP address is deleted or masked in such a way that it is no longer possible to allocate it to the accessing client.

The gathering of the data to prepare the website and the processing of the data in log files is absolutely necessary for operating the website. You may object to the processing. Your right to object exists in the case of grounds which arise from particular situations, unless we can provide evidence of grounds that are absolutely worthy of protection for processing the data which outweigh your interests, rights and freedoms, and, additionally, if the processing of your data serves to assert, exercise or defend legal claims (Art. 21(1) GDPR). In the event of your filing a substantiated opposition, we will review the circumstances and will either cease processing or adapt it or point out to you our compelling reasons, worthy of protection, based on which we will continue to process your data. You can file your objection using the contact details specified in the “Provider responsible” section.

Cookies

Beyond the above-mentioned access data, so-called cookies are stored in the web browser of the terminal used by you when you use the website. These are small text files containing a sequence of numbers, which are stored locally in the cache of the browser used. Cookies do not form a component of the PC system, and cannot execute any programs. They serve to design our website in a user-friendly manner. The use of cookies may be technically necessary or may serve other purposes (e.g. analysis/evaluation of the use of the website).

a) Cookies that are technically necessary

Some elements of our website make it necessary for the accessing browser to also be able to be identified following a change of page. The following data is, in this context, processed in the cookies:

  • Language settings
  • Login information

The user data gathered by way of technically necessary cookies is not processed in order to create user profiles. We also use so-called “session cookies”, which store a session ID that enables various requests of your browser to be allocated to the joint session. Session cookies are necessary in order to make use of the website. We can in particular thereby recognise the terminal used again when you return to the website. We place this cookie in order to recognise you when you visit the website subsequently, if you have an account with us. Otherwise, you would have to register again fresh each time you visited our website. The legal basis for said processing is Art. 6(1)(1)(f) GDPR. We deploy session cookies to design the use of the website so as to be more attractive and effective. The session cookies are deleted once you log out or close the browser.

Most browsers are pre-set in such a way that they automatically accept cookies. You may object to your data being processed by cookies. Your right to object exists in the case of grounds which arise from particular situations, unless we can provide evidence of grounds that are absolutely worthy of protection for processing the data which outweigh your interests, rights and freedoms, and, additionally, if the processing of your data serves to assert, exercise or defend legal claims (Art. 21(1) GDPR). In the event of your filing a substantiated opposition, we will review the circumstances and will either cease processing or adapt it or point out to you our compelling reasons, worthy of protection, based on which we will continue to process your data.

By changing the settings in your web browser, you can disable or restrict the transmission of cookies. You can at any time delete any cookies already stored. This can also be done in an automated way. If cookies are disabled for our website, you may possibly no longer be able to use all the functions of the website in their entirety.

b) Cookies that are technically unnecessary
We moreover use cookies on the website that make it possible to analyse the user’s surfing patterns. In that respect, the following data, for instance, is stored and processed in the cookies:

  • Frequency of page views

These cookies are deployed in order to design the use of the website so as to be more attractive and effective. The legal basis for this processing is Art. 6(1)(1)(f) GDPR. The cookies that are technically unnecessary are automatically deleted after a predefined period of time, which may differ depending on the cookie.

You may object to your data being processed by cookies. Your right to object exists in the case of grounds which arise from particular situations, unless we can provide evidence of grounds that are absolutely worthy of protection for processing the data which outweigh your interests, rights and freedoms, and, additionally, if the processing of your data serves to assert, exercise or defend legal claims (Art. 21(1) GDPR). If you do not wish cookies to be used, you have the option, by changing your browser settings, to generally or selectively block cookies from being stored or remove any cookies already stored. You may also have corresponding notes displayed prior to cookies being placed. Should you change the browser settings on the use of cookies or disable cookies, the functional range of this website may be restricted.

In so far as we integrate cookies of third party providers into our website, we will point that out to you separately below.

c) Cookie banner notice
When accessing the website, you will be informed about the use of cookies by an info banner, and reference is made to this Data Privacy Statement. In this context, an indication of how the storage of cookies can be prevented in the browser settings is given as well.

Contacting our company

When making contact with our company, e.g. by e-mail, the personal data notified by you is processed by us in order to answer your enquiry. The legal basis for the processing is Art. 6(1)(1)(f) GDPR or Art. 6(1)(1)(b) GDPR if you are contacting us aiming at concluding an agreement. Should the processing be required in order to conclude an agreement, it may be impossible to conclude or execute an agreement if the data is not provided. If contact is made by e-mail, the legitimate interest in the processing of the data that is required lies in attending to the contact taken up.

No respective data is passed on to third parties in this context. The data is exclusively processed for the purpose of attending to the conversation. We delete the data occurring in this connection once the processing is no longer necessary, or restrict the processing to complying with the existing statutorily obligatory archival periods.

You at any time have the opportunity to object to your personal data being processed in connection with contact enquiries. Your right to file an objection exists in the case of grounds that arise from your particular situation, unless we are able to provide evidence of grounds for processing your data which are absolutely worthy of protection and outweigh your interests, rights and freedoms, or also if the processing of your data serves to assert, exercise or defend legal claims (Art. 21(1) GDPR). A right to file an objection in particular exists if the processing is not necessary in order to fulfil a contract with you, which is in each case explained by us when previously describing the functions. In such a case, we may not go ahead with processing the enquiry. In the event of your filing a substantiated opposition, we will review the circumstances and will either cease processing or adapt it or point out to you our compelling reasons, worthy of protection, based on which we will continue to process your data. You can file your objection using the contact details specified in the “Provider responsible” section.

Processing and passing on of personal data for contractual purposes

We process your personal data if, and to the extent that, it is necessary for initiating, concluding, executing and/or terminating a legal transaction with our company. The legal basis for this emerges from Art. 6(1)(1)(b) GDPR.

Should the data processing be necessary in order to conclude an agreement, if your personal data is not provided it may be impossible to conclude the agreement or execute and/or terminate a legal transaction with our company.

Once the purpose has been achieved (e.g. an agreement fulfilled), the personal data will be blocked for any further processing or erased, unless we are entitled to continue to store it based on any consent granted by you (e.g. consent to your e-mail address being processed for sending you electronic advertising mail), or a contractual agreement, a statutory authorisation (e.g. an authorisation to send you direct advertising) or based on legitimate interests (e.g. archival in order to enforce any claims), and, in the respective connection, are entitled to process it as necessary.
Your personal data is passed on to the extent that

  • it is necessary to conclude, execute or terminate legal transactions with our company (e.g. when passing on data to a payment service provider/a shipping company in order to execute an agreement with you (Art. 6(1)(1)(b) GDPR); or
  • a sub-contractor or vicarious agent whom we exclusively deploy in the context of providing the offers or services desired by you needs said data (such assistants are, unless you have expressly been informed of anything to the contrary, only entitled to process the data to the extent that it is necessary in order to provide the offer or service); or
  • an enforceable official decree exists (Art. 6(1)(1)(c) GDPR); or
  • an enforceable judicial order exists (Art. 6(1)(1)(c) GDPR); or
  • we are obliged by law to do so (Art. 6(1)(1)(c) GDPR); or
  • the processing is necessary in order to protect vital interests of the data subject or another natural person (Art. 6(1)(1)(d) GDPR); or
  • it is necessary in order to take on a task that is in the public interest or that is carried out exercising public authority (Art. 6(1)(1)(e) GDPR); or
  • we are authorised, or even obliged, to pass it on in order to pursue overwhelming legitimate interests (Art. 6(1)(1)(f) GDPR).

Any passing on of your personal data to other persons, companies or places extending beyond that will not occur unless you have effectively consented to such passing on of your data. The legal basis for the processing is then Art. 6(1)(1)(a) GDPR.

The processing and passing on of personal data in the online booking system

If you would like to make a booking in our online booking system, it is necessary for initiating and concluding the agreement that you provide personal data, such as your name, address and e-mail address. The obligatory details necessary for handling the booking and agreement are marked separately. Further details can be given voluntarily. We process your data in order to handle the booking. For that purpose, we shall, in particular, pass on payment data to the payment services provider selected by you or our principal bank. Within the context of your booking or booking enquiry, the booking information is also passed on to external operators of Internet booking machines (Travelclick, INC., 7 Times Square, 38th Floor, NY 10036, USA, as well as Hotelnetsolutions GmbH, Genthiner Straße 8, 10758 Berlin). Travelclick is certified under the US/EU data privacy agreement, known as the “Privacy Shield”, and thus undertakes to comply with the data privacy requirements of the European Union in regard to fulfilling or preparing an agreement. The legal basis for the processing is Art. 6(1)(1)(b) GDPR.

In order to prevent access to your personal data by unauthorised third parties, the booking procedure on the website is encrypted using SSL/TLS technology. You can voluntarily set up a customer account, where we store your data for subsequent further visits to the website. When you set up a customer account, the data given by you is processed. Once you have successfully registered, you can independently edit or delete any further data, including your customer account.

We shall delete the data stored within this context after their storage is no longer necessary, or restrict the processing of such data in the event that statutory storage obligations are in place. Due to mandatory trading and tax regulations, we are obliged to keep your address, payment and booking data for a period of ten years. After two years have passed since the agreement was terminated, we undertake a restriction of the processing and reduce the processing to complying with the existing statutory obligations.

Registering for events

You may register on the website for events of our company, or events at which our company is represented, either as a guest or as a speaker. The legal basis for the processing of your data for taking part in events is Art. 6(1)(1)(b) GDPR. The processing is necessary for concluding, executing or terminating legal transactions with our company (e.g. also in the case of data being passed on to a payment services provider/a shipping company in order to fulfil a contract with you).

Among other things, you need to give your name, your company, and also your e-mail address, telephone number and postal address on the registration form. The purpose of the processing is to maintain contact, as well as to improve our corporate image and our public relations work. Should you have expressed your interest in a personal appointment, your data will also be processed in order to prepare for and conduct the appointment. It is necessary to process data in order to conclude the agreement. Should the data not be provided, it is not possible to conclude the agreement or execute or terminate legal transactions with our company.

Your data is passed on to third parties (e.g. any payment services providers, any shipping companies and the organiser) for the purpose of processing payment, shipping event documentation and registering the event with the organiser. No targeted transmission of your personal data to a non-EU country is planned.

We shall delete the data stored within this context after their storage is no longer necessary, or restrict the processing of such data in the event that statutory storage obligations are in place.
Processing of personal data pursuant to Sec. 30 Federal Registration Act (BMG).

Providers of accommodation, such as, in particular, hotels, are obliged, under Sec. 30 Federal Registration Act (BMG), to gather the following data from the guest on the day of arrival and to arrange for the registration form to be signed by the guest in handwriting:

  • Date of arrival and the anticipated date of departure
  • Surnames
  • First names
  • Date of birth
  • Nationalities
  • Address
  • Number of fellow travellers and their nationality in the cases falling under Sec. 29(2), sentences 2 and 3.
  • Serial numbers of the recognised and valid passport or passport replacement document in the case of individuals from abroad
  • Any further data for collecting tourist and visitors’ taxes.

We are obliged to gather, process and pass on such data within the context of the Federal Registration Act (BMG). The legal basis for the processing arises from Art. 6(1)(1)(c) GDPR. You are statutorily obliged to specify your data. If you fail to provide your data, it is impossible to conclude or execute the agreement.

We erase this data or restrict the processing once it is permissible under the regulations of the Federal Registration Act (BMG) and if you have not consented to it being stored and processed (Art. 6(1)(1)(a) GDPR) and no other legitimate interest on our part in continuing to process it exists.

E-mail marketing

Advertising to existing customers

In so far as you have not already objected to the e-mail address notified by you being processed, we reserve the right to process it in the course of booking in line with the statutory provisions on the latter, in order to, inter alia, forward you the following content by e-mail during or following the fulfilment of the agreement:

  • Further interesting offers from our portfolio
  • concerning events of our company and third party events
  • Technical information
  • An overview of any leisure time offers
  • Directions on how to get to us using public transport
  • Special or limited period offers
  • Pre-stay/upselling e-mails
  • Post-stay: Feedback link to TripAdvisor or Google
  • Invitations to events

The legal basis for the processing is Art. 6(1)(1)(f) GDPR. We carry out the processing mentioned as part of customer relationship management and in order to improve our services. We delete your data once you end the newsletter subscription, however at the latest two years after the agreement has been terminated. It is necessary to provide your details in order to conclude the agreement. If you do not provide the data, it is impossible to send you the newsletter.
We would like to point out that you may object to receiving direct marketing at any time, without any other costs being incurred to you besides the transmittal fee in line with the basic tariffs. In that respect, you are entitled to assert a general right of objection without giving reasons (Art. 21(2) GDPR). To do so, click on the “Unsubscribe” link in the newsletter or forward us your objection, using the contact details specified in the “Provider responsible” section.
Newsletter
You have the opportunity on the website to subscribe to our e-mail newsletter, should you so wish, with which we regularly inform you about the following content:

  • Offers from our portfolio
  • Events held by our company
  • Offers (also events) of third parties, in so far as you have granted your consent to the latter
  • Special and limited period offers
  • Pre-stay/upselling e-mails
  • Post-stay: Feedback link to TripAdvisor or Google
  • Invitations to events

To receive the newsletter, it is necessary for you to specify the following personal details:

  • A valid e-mail address
  • Your name or a pseudonym
  • Language (DE/EN)
  • Check-in/check-out information
  • Reservation number
  • Number of stays

Registering for our e-mail newsletter involves a double opt-in procedure. Once you have entered the data in the data fields marked as mandatory, we then send you an e-mail at the e-mail address specified by you, in which we ask you to explicitly confirm the newsletter registration (by clicking on a “Confirm” link). In this way we ensure that you actually wish to receive our e-mail newsletter. Should we not receive your confirmation within 24 hours, we block the information transmitted to us and automatically delete it, at the latest after a month.
The following data is furthermore processed in addition as at the date of subscribing to our e-mail newsletter:

  • IP address
  • The date/time when you registered for the newsletter
  • The date on which you confirmed the “Confirm” link.

We process your IP address, the date on which you registered for the newsletter, and also the date of your confirmation, in order to document your newsletter registration and prevent your personal data from being abused. The legal basis for the processing is Art. 6(1)(1)(f) GDPR. It is necessary to provide your details in order to conclude the agreement. If you do not provide the data, it is impossible to send you the newsletter. We process this data until two years have expired since the agreement was terminated. Should you register for the newsletter outside the scope of concluding an agreement, we process this data until two years have expired following termination of the use procedure. We delete this data once the newsletter subscription ends.

Following your confirmation, we process the data subject’s e-mail address for the purpose of sending our e-mail newsletter. The legal basis for the processing is Art. 6(1)(1)(a) GDPR. We delete this data once you terminate the newsletter subscription.

It is possible to revoke your consent to the e-mail address being processed for the purpose of receiving the newsletter at any time, either by sending us a message (cf. the contact details in the “Provider responsible/Representative of the provider in the European Union” section) or by directly clicking on the “Unsubscribe” link contained in the newsletter. In that respect, the legitimacy of the processing that has been carried out based on the consent prior to the revocation is not affected (Art. 13(2)(c) GDPR).

The “Revinate” marketing platform

Your e-mail address is processed for sending marketing e-mails, as well as for sending pre-stay e-mails and post-stay feedback requests using Revinate. The provider is Revinate Inc., One Lettermann Drive, Bldg. C, Suite CM100, San Francisco, CA 94129.

Your e-mail address and your name are stored on the servers of Revinate in the USA. Revinate processes this information for sending these e-mails, as well as for evaluating these e-mails on our behalf, and also for optimising or improving its own services, e.g. to technically optimise the sending and the display of the content and guest surveys. When the pre- or post-stay e-mail or the guest survey are opened, initially technical information, such as information on the browser and your system, and also your IP address and date and time of access, is gathered via a web beacon. This information is processed in order to improve the services based on the technical data or the target groups, as well as your reading habits based on where you access the e-mails (which can be established with the aid of the IP address) or the access times. Revinate has subscribed to the EU/US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework. You can inspect the certification of Revinate Inc. at https://www.privacyshield.gov/participant?id=a2zt00000008SA1AAM&status=Active.

The legal basis for the processing is Art. 6(1)(1)(f) GDPR. It is not known to us for how long Revinate stores the data, and we have no control over this. We process said data until such time as two years after the agreement has been terminated have expired, for marketing purposes.

We would like to point out that you may object to receiving direct advertising, as well as your data being processed for the purpose of direct advertising, at any time, without any costs being incurred for that other than the costs of transmission according to the basic tariffs. In that respect, you are entitled to assert a general right of objection without giving reasons (Art. 21(2) GDPR). Once you have objected, we delete your data in connection with our advertising aimed at existing customers. To do so, click on the “Unsubscribe” link in the respective e-mail or forward us your objection, using the contact details specified in the “Provider responsible” section.

The “Oaky” marketing platform

Your e-mail address is processed for sending pre-stay e-mails as well as for sending post-stay feedback requests using Oaky. The provider is Oaky B.V., John M Keynesplein 12-46, 1017NP, Amsterdam, The Netherlands.

Oaky acts as a data processor of your personal data on behalf of us, with the purpose of offering the Oaky services to us. Oaky processes personal data on behalf of hotels, and acts as a white-labeled solution to offer personalised guest services related to the upcoming stay of the guest. Oaky retains personal data for as long as the agreement with us is in force, as that is the term for which it is necessary for Oaky to process the personal data in order to provide their services to us. After termination of the agreement, Oaky will either destroy or return the personal data, at our choice. There may be circumstances in which Oaky is legally required to retain personal data longer than the term of the agreement, but in that event Oaky will notify us.
Oaky is an EU based company, and is therefore not registered with the EU-US Privacy Shield. The EU-US Privacy Shield is intended for US companies to offer them an option to receive and process EU data. Whenever Oaky engages with sub-processors in the US they either enter into EU Model Clauses or require their sub-processors to be registered with the EU-US Privacy Shield.

We would like to point out that you may object to receiving direct advertising, as well as your data being processed for the purpose of direct advertising, at any time, without any costs being incurred for that other than the costs of transmission according to the basic tariffs. In that respect, you are entitled to assert a general right of objection without giving reasons (Art. 21(2) GDPR). Once you have objected, we delete your data in connection with our advertising aimed at existing customers. To do so, click on the “Unsubscribe” link in the respective e-mail or forward us your objection, using the contact details specified in the “Provider responsible” section.

Payment Service Providers (PSPs)

Passing on of personal data in the case of payment by credit card

Your personal data is essentially only passed on to the extent that it is necessary for executing the agreement. In particular in order to process the payment, we provide the payment data at the bank commissioned with the payment, necessary to settle the payment transaction, or pass it on to any payment and billing service provider commissioned by us.

The data is processed based on Art. 6(1)(1)(b) GDPR (Processing in order to fulfil an agreement). If you fail to provide your personal data, it may be impossible to conclude or execute the agreement. The data required for processing the payment is transmitted securely via the “SSL” procedure, and exclusively processed for the purpose of settling the payment transaction. We shall delete the data stored within this context after their storage is no longer necessary, or restrict the processing of such data in the event that statutory storage obligations are in place.

Passing on of personal data for purposes of enforcing rights/ascertaining the address/collecting debts

In the event of non-payment, if a legitimate interest under Art. 6(1)(1)(f) GDPR exists, we reserve the right to pass on the data notified at the time of booking to an attorney-at-law and/or an external companies (e.g. Verband der Vereine Creditreform e.V., Hellersbergstraße 12, D-41460 Neuss) for the purposes of ascertaining the address and/or enforcing rights.
We may, moreover, pass on your data if it is necessary in order to preserve our rights, as well as the rights of the companies affiliated with us, our co-operation partners, our employees and/or the users of our website. We will never sell or lease your data to third parties. Such data is passed on based on Art. 6(1)(1)(f) GDPR. It is in particular necessary to process data in order to conclude the agreement. If you fail to provide your personal data, it may be impossible to conclude or execute the agreement.

We shall delete the data stored within this context after their storage is no longer necessary, or restrict the processing of such data in the event that statutory storage obligations are in place.
You have a right to object. Your right to object exists in the case of grounds which arise from particular situations, unless we can provide evidence of grounds that are absolutely worthy of protection for processing the data which outweigh your interests, rights and freedoms, and, additionally, if the processing of your data serves to assert, exercise or defend legal claims (Art. 21(1) GDPR). A right to file an objection in particular exists if the processing is not necessary in order to fulfil a contract with you, which is in each case explained by us when previously describing the functions. You can file your objection using the contact details specified in the “Provider responsible” section. In the event of your filing a substantiated objection, we will review the circumstances and will either cease processing or adapt it or point out to you our compelling reasons, worthy of protection, based on which we will continue to process your data.

Hosting

We make use of external hosting providers, which serve the purpose of providing the following services: Infrastructural and platform services, computing capacity, memory resources and database services, security services and also technical maintenance services. In this context, all the data that is necessary for operating and using our website is processed.
We use external hosting providers for operating this website. By commissioning external hosting providers, we aim to make our website available in an efficient and secure manner. The legal basis for the processing is Art. 6(1)(1)(f) GDPR.

In order to operate the website, it is absolutely necessary to gather the data to provide and use the website and process the data via external web hosting companies. You may object to the processing. Your right to object exists in the case of grounds which arise from particular situations, unless we can provide evidence of grounds that are absolutely worthy of protection for processing the data which outweigh your interests, rights and freedoms, and, additionally, if the processing of your data serves to assert, exercise or defend legal claims (Art. 21(1) GDPR). You can file your objection using the contact details specified in the “Provider responsible” section. In the event of your filing a substantiated objection, we will review the circumstances and will either cease processing or adapt it or point out to you our compelling reasons, worthy of protection, based on which we will continue to process your data.

Integrating third party content

Third party content, such as videos, map material, RSS feeds or graphics from other websites, is integrated into the website. Such integration always requires the providers of such content (“third party providers”) to make use of the users’ IP addresses. For, without the IP address, they cannot transmit the content to the browser of the respective user. The IP address is therefore necessary for displaying such content.

We endeavour to exclusively use content of third party providers who only use the IP address to deliver the content. We do not, however, have any control over it if the third party providers process the IP addresses for statistical purposes, for example. In so far as we are aware of this, we inform you about it below.
In the case of some of third party providers, it is possible that data will be processed outside the European Union.

You may object, by installing a JavaScript blocker, such as the browser plug-in “NoScript” (www.noscript.net) or disable JavaScript in your browser. Your right to object exists in the case of grounds which arise from particular situations, unless we can provide evidence of grounds that are absolutely worthy of protection for processing the data which outweigh your interests, rights and freedoms, and, additionally, if the processing of your data serves to assert, exercise or defend legal claims (Art. 21(1) GDPR). However, there may be limitations in the functioning of the website as a result.

LiveRate for comparing prices

In order to display the price comparison with other booking providers, we use LiveRate’s widget. The provider is LiveRate GmbH, Metzstr. 12, D-81667 Munich, Web: https://www.liverate.chat hereinafter referred to as: “LiveRate”.

Through the use of the widget on the website LiveRate obtains the information that you have accessed the corresponding function of our website. In this respect, the data specified in the “Access data” section is transmitted to LiveRate, and in this context cookies may be deployed as well, in accordance with the “Cookies” section. LiveRate stores your data and processes it for the purposes of advertising, market research and/or designing its widget in line with your requirements.

The legal basis for the processing is Art. 6(1)(1)(f) GDPR. The processing serves the purpose of designing our website more attractively and offering you additional service. It is not known to us for how long LiveRate stores the data, and we have no control over this.

You can find further information on the purpose and scope of processing by LiveRate in the provider’s data privacy statement. There you will also find further information on your rights and setting options to protect your privacy, in this respect: (https://www.liverate.chat/datenschutz/). It is not intended to transmit your personal data to countries outside the EU.
You have a right to object to the processing. Your right to object exists in the case of grounds which arise from particular situations, unless we can provide evidence of grounds that are absolutely worthy of protection for processing the data which outweigh your interests, rights and freedoms, and, additionally, if the processing of your data serves to assert, exercise or defend legal claims (Art. 21(1) GDPR). By changing the settings in your web browser, you can disable or restrict the transmission of cookies. You can at any time delete any cookies already stored. This can also be done in an automated way. If cookies are disabled for our website, you may possibly no longer be able to use all the functions of the website in their entirety.

Google Web Fonts

In order to display fonts uniformly, we use so-called web fonts, that are provided by Google. When a page is accessed, your browser loads the necessary web fonts into the browser cache, in order to display texts and fonts correctly.

For this purpose, the browser used by you needs to connect to Google’s servers. Thereby Google becomes aware of the fact that our website has been accessed via your IP address. Google also processes your personal data in the USA, and has submitted to the EU/US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework. You can inspect the certification of Google at https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active. Web fonts are deployed in the interests of a uniform and appealing display of our online services. This constitutes a legitimate interest within the meaning of Art. 6(1)(1)(f) GDPR. It is not known to us for how long Google stores the data, and we have no control over this.

You can find further information on Google web fonts at https://developers.google.com/fonts/faq and in Google’s Data Privacy Statement: https://www.google.com/policies/privacy/.
You may object to the processing by changing the browser settings, so that the browser does not support web fonts. However, a standard font of your PC is then used. Your right to object exists in the case of grounds which arise from particular situations, unless we can provide evidence of grounds that are absolutely worthy of protection for processing the data which outweigh your interests, rights and freedoms, and, additionally, if the processing of your data serves to assert, exercise or defend legal claims (Art. 21(1) GDPR). In the event of your filing a substantiated objection, we will review the circumstances and will either cease processing or adapt it or point out to you our compelling reasons, worthy of protection, based on which we will continue to process your data.

Google Tag Manager

We deploy the Google Tag Manager on our website. Google Tag Manager is a solution enabling marketers to administer website tags using an interface. The Tool Tag Manager itself (which implements the tags) is a cookie-less domain and does not gather any personal data. The tool ensures that other tags are triggered, which, for their part, gather data in certain circumstances. Google Tag Manager does not access such data. If a deactivation has been undertaken at domain or cookie level, this continues in force for all tracking tags that are implemented using Google Tag Manager.

Fonts.com

To display our website, we additionally use the services of Fonts.com belonging to Monotype (Monotype Imaging Inc., 600 Unicorn Park Drive, Woburn, MA 01801, United States). Whenever you access our website, the browser loads the necessary web fonts, in order to display texts and graphics correctly. For that purpose, your browser produces a connection with the servers of Monotype in the USA, whereby Monotype becomes aware of your IP address, as well as the fact that you have accessed the page. We have concluded so-called “standard contractual clauses” with Monotype, in order to oblige Monotype to comply with an appropriate level of data protection. Upon request, we will provide you with a copy of the agreement. Fonts.com stores your data for 30 days, and subsequently deletes it.
The legal basis for the processing is Art. 6(1)(1)(f) GDPR. We use Fonts.com to achieve a uniform and appealing display, in regard to which the latter constitutes a legitimate interest within the meaning of Art. 6(1)(1)(f) GDPR.

You can find further information on data privacy at Fonts.com at: https://www.monotype.com/legal/privacy-policy and https://www.monotype.com/legal/privacy-policy/web-font-tracking-privacy-policy/
You may object to the processing by changing the browser settings, so that the browser does not support Fonts.com. However, a standard font of your PC is then used. Your right to object exists in the case of grounds which arise from particular situations, unless we can provide evidence of grounds that are absolutely worthy of protection for processing the data which outweigh your interests, rights and freedoms, and, additionally, if the processing of your data serves to assert, exercise or defend legal claims (Art. 21(1) GDPR). In the event of your filing a substantiated objection, we will review the circumstances and will either cease processing or adapt it or point out to you our compelling reasons, worthy of protection, based on which we will continue to process your data.

Google Maps

This website also uses the “Google Maps” service of Google to display maps or map sections, and thus enables you to conveniently use the map function on the website.
Through the visit to the website Google obtains the information that you have accessed the corresponding sub-page of our website. In addition, the data specified in the “Access data” section is transmitted to Google. This is done irrespective of whether Google provides a user account, via which you are logged in, or whether no user account exists. If you are logged into Google, your data is directly assigned to your account. If you do not wish it to be assigned to your profile at Google, you need to log out prior to activating the button.

Google stores your data in the form of usage profiles and uses it for the purpose of advertising, market research and/or designing its website in line with your requirements. Such an evaluation is in particular undertaken (even for non-logged in users) to provide customised advertising and to inform other users of the social network about your activities on our website.
The legal basis for the processing is Art. 6(1)(1)(f) GDPR. The processing serves the purpose of designing our website more attractively and offering you additional service. It is not known to us for how long Googles stores the data, and we have no control over this.

You can obtain further information on the purpose and scope of processing by the plug-in provider in the provider’s data privacy statements. There you will also receive further information on your rights and setting options to protect your privacy, in this respect: http://www.google.de/intl/de/policies/privacy. Google also processes your personal data in the USA, and has submitted to the EU/US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework. You can review the certification of Google Inc. at https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active.
You can find further information on the terms and conditions of use of Google Maps at: https://www.google.com/intl/de_de/help/terms_maps.html.

You have a right to object to the processing. Your right to object exists in the case of grounds which arise from particular situations, unless we can provide evidence of grounds that are absolutely worthy of protection for processing the data which outweigh your interests, rights and freedoms, and, additionally, if the processing of your data serves to assert, exercise or defend legal claims (Art. 21(1) GDPR). By changing the settings in your web browser, you can disable or restrict the transmission of cookies. You can at any time delete any cookies already stored. This can also be done in an automated way. If cookies are disabled for our website, you may possibly no longer be able to use all the functions of the website in their entirety.

Quandoo

We use plug-ins of the table reservation platform Quandoo on our website. The provider of Quandoo is Quandoo GmbH, Sonnenburger Straße 73, 10437 Berlin (“Quandoo”).
Quandoo permits us to embed a reservation tool for tables in restaurants using an embedding code. Your IP address is transmitted to Quandoo via the technical implementation of the embedding code. Quandoo moreover processes information on our website, the browser type used, the browser language, and also the date and time as well as duration of access. Quandoo may, moreover, record information on the use of our website (e.g. the accessing of sub-pages and clicks on links), as well as other interactions that you undertook when visiting our website. Quandoo processes your personal data in the sovereign territory of the European Union. Further information and the applicable data protection provisions of Quandoo can be accessed at  https://www.quandoo.de/data_privacy . It is necessary to process data in order to initiate the conclusion of the agreement. If you fail to provide your data, it is impossible to reserve you a table.

The legal basis for the processing is Art. 6(1)(1)(f) GDPR. The processing serves the purpose of designing our website more attractively and offering you additional service. You are neither statutorily nor contractually obliged to provide your data. It is not known to us for how long Quandoo stores the data, and we have no control over this.

You have a right to object to the processing. Your right to object exists in the case of grounds which arise from particular situations, unless we can provide evidence of grounds that are absolutely worthy of protection for processing the data which outweigh your interests, rights and freedoms, and, additionally, if the processing of your data serves to assert, exercise or defend legal claims (Art. 21(1) GDPR). By changing the settings in your web browser, you can disable or restrict the transmission of cookies. You can at any time delete any cookies already stored. This can also be done in an automated way. If cookies are deactivated for our website, you may possibly no longer be able to use all the functions of the website in their entirety.

Open Table

We use the table reservation platform Open Table on our website. The provider of Open Table is Open Table GmbH, Schumannstraße 27, 60325 Frankfurt (“Open Table”).

Through the reservation system being used, Open Table GmbH receives your contact details, as well as the information necessary to carry out the reservation (e.g. the date of the stay, any accommodation). In this respect, the data outlined in the “Access data” section is transmitted to Open Table, and cookies may be deployed in this context, in accordance with the “Cookies” section. Open Table stores your data and processes it for the purposes of booking and advertising, market research and/or designing its website in line with your requirements.

Your data may also be transmitted to areas outside the EU, in particular to the USA. For this eventuality, we have concluded a “Data Processing Agreement” with Open Table, in order to oblige Open Table to comply with an appropriate level of data protection. Upon request, we will provide you with a copy of the agreement. Further information and Open Table’s applicable data protection provisions can be accessed at https://www.opentable.de/legal/privacy-policy.

The legal basis for the processing is Art. 6(1)(1)(f) GDPR. The processing serves the purpose of designing our website more attractively and offering you additional service. It is not known to us for how long Open Table stores the data, and we have no control over this.

You may object to the processing. Your right to object exists in the case of grounds which arise from your particular situation. We will not subject your data to further processing, unless we can provide evidence of grounds that are absolutely worthy of protection for processing the data which outweigh your interests, rights and freedoms, and, additionally, if the processing of your data serves to assert, exercise or defend legal claims (Art. 21(1) GDPR). By changing the settings in your web browser, you can disable or restrict the transmission of cookies. You can at any time delete any cookies already stored. This can also be done in an automated way. You can also prevent cookies from being deployed by opening the browser used in “Private Mode”. If cookies are disabled for our website, you may possibly no longer be able to use all the functions of the website in their entirety.

Services for statistical, analytical and marketing purposes

We use services of third party providers for statistical, analytical and marketing purposes. This enables us to give you a user-friendly, optimised experience when using our website. The third party providers use cookies to manage their services (cf. the “Cookies” section). Unless anything to the contrary is explained below, personal data is not processed.

Some of the third party providers give you the opportunity to directly object to the respective service being deployed, e.g. by setting an opt-out cookie.

if you activate a corresponding opt-out cookie, the external provider will in future no longer process any data on your usage pattern. A merely selective objection to an individually taken selection of external services is likewise possible. If you change your browser or the terminal used, or delete all your cookies, you need to place the opt-out cookie again.

You may, moreover, also directly object to the use of cookies via the opt-out platform of the Bundesverband Digitale Wirtschaft e.V. (BVDW) at http://www.meine-cookies.org/cookies_verwalten/praeferenzmanager.html or via the deactivation page of the Network Advertising Initiative at http://www.networkadvertising.org/choices/. Your right to object exists in the case of grounds which arise from particular situations, unless we can provide evidence of grounds that are absolutely worthy of protection for processing the data which outweigh your interests, rights and freedoms, and, additionally, if the processing of your data serves to assert, exercise or defend legal claims (Art. 21(1) GDPR). Further information on usage-based advertising and the opt-out options can also be reviewed at the following link: http://www.youronlinechoices.com/de/.

We are informing you below about the services of external providers currently deployed on our website, as well as the purpose and scope of the respective processing in the individual case and on your existing opportunities to object.

Google Analytics

In order to be able to optimally co-ordinate our website with your interests, we deploy Google Analytics, a web analysis service of Google. Google Analytics deploys cookies (cf. the previous section, “Cookies”) – which are stored on your computer, enabling an analysis of the way you use the website. The information generated by the cookie on your use of this website is transferred to a server of Google in the USA and processed there.

Should IP anonymisation be activated on this website, your IP address is, however, first truncated by Google within Member States of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases is the full IP address transferred to a server of Google in the USA and truncated there. On our behalf, Google will use such information to evaluate your use of the website, in order to compile reports for us on the website activities, and in order to provide further services associated with the use of the website and the Internet to us.
The IP address transmitted by your browser within the context of Google Analytics is not merged with other data of Google.

This website uses Google Analytics with the extension “_anonymizeIp()”. As a result, your IP addresses are processed on in truncated form, so that any personal reference can thereby be excluded. Should the data gathered about you be attributed a personal reference, this is thus immediately excluded and the personal data is deleted at once.

We use Google Analytics to be able to analyse the use of our website and regularly enhance it. The statistics help us to enhance our website and design it in a more interesting way for you, as the user. For the exceptional cases, where personal data is transmitted to the USA, Google has submitted to the EU/US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework. You can review the certification of Google at https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active.

The legal basis for the processing by Google Analytics is Art. 6(1)(1)(f) GDPR. The Google Analytics cookies are deleted at the latest after fourteen months.

You can find further information of the third-party provider Google at:

http://www.google.com/analytics/terms/de.html, http://www.google.com/intl/de/analytics/learn/privacy.html, http://www.google.de/intl/de/policies/privacy.
You have a right to object. You may prevent cookies being stored by setting your browser software accordingly; however, we would like to point out to you that, in this case, you may not necessarily be able to use all functions of this website in their entirety. Your right to object exists in the case of grounds which arise from particular situations, unless we can provide evidence of grounds that are absolutely worthy of protection for processing the data which outweigh your interests, rights and freedoms, and, additionally, if the processing of your data serves to assert, exercise or defend legal claims (Art. 21(1) GDPR). You can, moreover, prevent the data generated by the cookie which relates to your use of the website (incl. your IP address) from being recorded by Google, as well as the processing of such data by Google, by downloading and installing the browser plug-in available at the following link: http://tools.google.com/dlpage/gaoptout?hl=de.

Usage-based online advertising

Google AdWords conversion

We use the offer of Google Adwords from Google to, with the aid of advertising media (“Google AdWords”), make users aware of our attractive offers on external websites. We are, in relation to the data of the advertising campaigns, able to ascertain how successful the individual advertising efforts are. We thereby pursue the interest of displaying to you advertisements that are of interest to you, designing our website so as to be more interesting to you, and achieving a fair calculation of advertising costs.

Such advertising media are delivered by Google via “Ad Servers”. For that purpose, we use Ad Server cookies, through which certain parameters for measuring success, such as displaying the advertisements or clicks by the user, can be measured. Should you arrive at our website via a Google advertisement, a cookie is stored on your PC by Google AdWords. These cookies generally lose their validity after 30 days, and are not supposed to serve the purpose of personally identifying you. The unique cookie ID, the number of Ad Impressions per placing (frequency), the latest impression (relevant for post-view conversions) and also opt-out information (indicating that the user would prefer no longer to be addressed) are usually stored within this cookie.

These cookies enable Google to recognise your browser again. Should a user visit certain pages of the website of an AdWord customer and the cookie stored on his or her PC not yet have expired, Google and the customer can discern that the user has clicked on the advertisement and has been redirected to this particular page. Every Google AdWords customer is assigned a different cookie. Cookies can therefore not be tracked via the websites of AdWords customers. We ourselves do not process any personal data in the course of said advertising efforts. Statistical evaluations are merely made available to us by Google. These evaluations enable us to recognise which of the advertising efforts deployed is particularly effective. We do not receive any further data from deploying the advertising media, and we can in particular not identify the user based on this information.

Based on the marketing tools deployed, your browser automatically produces a direct connection with Google’s server. We have no control over the scope and further processing of the data that is gathered by Google by deploying this tool, and we therefore keep you informed accordingly to the best of our knowledge: Through the integration of AdWords conversion, Google receives the information that you have accessed the corresponding section of our website or clicked on one of our advertisements. If you are registered with a service of Google, Google may assign the visit to your account. Even if you are not registered with Google, or are not logged in, it is possible that the provider obtains your IP address and stores it. Google also processes the data in the USA, and has submitted to the EU/US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework. You can review the certification of Google at https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active.

The legal basis for the processing is Art. 6(1)(1)(f) GDPR. It is not known to us for how long Google stores the data, and we have no control over this.
You can find further information on data privacy at Google here: http://www.google.com/intl/de/policies/privacy and https://services.google.com/sitestats/de.html. Alternatively, you can visit the website of the Network Advertising Initiative (NAI) at http://www.networkadvertising.org.

You have a right to object to the processing of your data by Google. Your right to object exists in the case of grounds which arise from particular situations, unless we can provide evidence of grounds that are absolutely worthy of protection for processing the data which outweigh your interests, rights and freedoms, and, additionally, if the processing of your data serves to assert, exercise or defend legal claims (Art. 21(1) GDPR).

You may prevent participation in this tracking procedure in various ways:

  • By setting your browser software accordingly. In particular, suppressing third party cookies leads to you not receiving any advertisements of third party providers:
  • by deactivating cookies in regard to conversion tracking, by setting your browser in such a way that cookies from the domain “www.googleadservices.com” are blocked, https://www.google.de/settings/ads, in regard to which this setting is deleted once you delete your cookies;
  • by deactivating the interest-related advertisements of the providers which form part of the “About Ads” self-regulation campaign, via the link http://www.aboutads.info/choices, in regard to which this setting is deleted once you delete your cookies
  • by permanently deactivating them in your Firefox, Internet Explorer or Google Chrome browsers at the link http://www.google.com/settings/ads/plugin. We would like to point out that you would, in such a case, not necessarily be able to use all the functions of this website in their entirety.

Google Remarketing

Besides Adwords Conversion, we use the Google Remarketing application of Google. This concerns a procedure with which we would like to address you again. Through this application, after you have visited our website our advertisements can be shown to you when you continue to use the Internet. This is done by means of cookies stored in your browser by means of which your usage pattern is recorded and evaluated by Google when you visit various websites. In this way, your previous visit to our website can be detected by Google. As per Google’s own statement, the data gathered in the context of the remarketing is not merged with your personal data that may be processed by Google. According to Google, in particular pseudonymisation is used in conjunction with remarketing.
The legal basis for the processing is Art. 6(1)(1)(f) GDPR. It is not known to us for how long Google stores the data, and we have no control over this.

You have a right to object to the processing of your data by Google. Your right to object exists in the case of grounds which arise from particular situations, unless we can provide evidence of grounds that are absolutely worthy of protection for processing the data which outweigh your interests, rights and freedoms, and, additionally, if the processing of your data serves to assert, exercise or defend legal claims (Art. 21(1) GDPR). You may prevent participation in this tracking procedure in various ways:

  • By setting your browser software accordingly. In particular, suppressing third party cookies leads to you not receiving any advertisements of third party providers:
  • by deactivating cookies in regard to conversion tracking, by setting your browser in such a way that cookies from the domain “www.googleadservices.com” are blocked, https://www.google.de/settings/ads, in regard to which this setting is deleted once you delete your cookies;
  • by deactivating the interest-related advertisements of the providers which form part of the “About Ads” self-regulation campaign, via the link http://www.aboutads.info/choices, in regard to which this setting is deleted once you delete your cookies;
  • by permanently deactivating them in your Firefox, Internet Explorer or Google Chrome browsers at the link http://www.google.com/settings/ads/plugin.

Google DoubleClick

We furthermore use Google’s online marketing tool “DoubleClick” on the website. DoubleClick deploys cookies to display advertisements relevant to the user, improve the reports on the campaign’s performance or prevent users from being shown the same advertisements repeatedly. Via a Cookie ID – which is a pseudonymous identification number assigned to your browser – Google records which advertisements are displayed in which browser, and can thus prevent them from being displayed repeatedly. Information on the user’s activities on the website is assigned to this pseudonym. This enables Google and its partner sites to display advertisements based on previous visits to websites. DoubleClick can, furthermore, with the aid of the Cookie ID, record conversions relating to advertisement enquiries. Conversion means, for example, a user being shown a double-click advertisement and subsequently accessing the website of the advertiser with the same browser and buying something there.
The information generated by the DoubleClick cookies is transmitted by Google to a server in the USA and stored there. Google complies with the data privacy regulations of the EU/US Privacy Shield Agreement and is certified for the Privacy Shield https://www.privacyshield.gov/EU-US-Framework. You can review the certification of Google at https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active. Data is only transmitted to third parties based on statutory regulations or within the context of contract data processing. As per Google, DoubleClick cookies do not contain any personal information.

Based on the marketing tools deployed, your browser automatically produces a direct connection with Google’s server. We have no control over the scope and further processing of the data that is gathered by Google by deploying this tool, and we therefore keep you informed accordingly to the best of our knowledge. Through the integration of DoubleClick, Google receives the information that you have accessed the corresponding section of our website or clicked on one of our advertisements. If you are registered with a service of Google, Google may assign the visit to your account. Even if you are not registered with Google, or are not logged in, it is possible that the provider obtains your IP address and stores it.

The legal basis for the processing is Art. 6(1)(1)(f) GDPR. The DoubleClick cookies are deleted at the latest after six months. By deploying DoubleClick, we pursue the interest of displaying to you advertisements that may be of interest to you, in order to design our website so as to be more interesting to you.

You can obtain further information on DoubleClick at: https://www.google.de/doubleclick, http://support.google.com, https://policies.google.com/privacy?hl=de (on data privacy at Google in general).
You have a right to object. Your right to object exists in the case of grounds which arise from particular situations, unless we can provide evidence of grounds that are absolutely worthy of protection for processing the data which outweigh your interests, rights and freedoms, and, additionally, if the processing of your data serves to assert, exercise or defend legal claims (Art. 21(1) GDPR). You may object to participation in this tracking procedure in various ways:

Bing Ads

We deploy the conversion and tracking tool Bing Ads of Microsoft Corporation (One Microsoft Way, Redmond, WA 98052-6399, hereinafter referred to as “Microsoft”) on our website.
This involves a cookie being stored by Microsoft on the user’s PC, so as to enable the use of our online services to be analysed. A prerequisite for the latter is that the user arrives at our website via an advertisement of Microsoft Bing Ads. Microsoft and we can, in this way, recognise that somebody has clicked on an advertisement, been re-routed to our online services, and arrived at a previously specified target page. In this context, we only find out the total number of users who have clicked on a Bing advertisement and then been re-routed to the target page (conversions). No IP addresses are stored.

Based on the marketing tools deployed, your browser automatically produces a direct connection with Microsoft’s server. We have no control over the scope and further processing of the data which is arranged for through the deployment of Bing Ads. Microsoft has committed to the EU/US-Privacy Shield (https://www.privacyshield.gov/EU-US-Framework), thereby providing a warranty to comply with European data protection law. You can review the certification of Microsoft at https://www.privacyshield.gov/participant?id=a2zt0000000KzNaAAK.

The legal basis for the processing is Art. 6(1)(1)(f) GDPR. It is not known to us for how long Microsoft stores the data, and we have no control over this. You can find further information on data privacy at Microsoft at: https://privacy.microsoft.com/de-de/privacystatement.

You have a right to object to the processing of your data. Your right to object exists in the case of grounds which arise from particular situations, unless we can provide evidence of grounds that are absolutely worthy of protection for processing the data which outweigh your interests, rights and freedoms, and, additionally, if the processing of your data serves to assert, exercise or defend legal claims (Art. 21(1) GDPR). You may object to your data being processed in various different ways:

  • By setting your browser software accordingly. In particular, suppressing third party cookies leads to you not receiving any advertisements of third party providers or
  • by deactivating the interest-related advertisements of the providers which form part of the “About Ads” self-regulation campaign, via the link http://www.aboutads.info/choices, in regard to which this setting is deleted once you delete your cookies.

Plug-ins of social networks

Social network plug-ins are integrated into our website. These are made available by the following providers:

The plug-ins are identified within the scope of our website by the above-mentioned fonts or by small stylised icons.
We give you the opportunity to communicate directly with the provider of the plug-in using the button. Only if you click on the field marked and thereby activate it does the plug-in provider receive the information that you have accessed the corresponding website of our online range of services. In addition, the data specified in the “Access data” section is transmitted.

In the case of Facebook and Xing, as per details given by the respective providers in Germany the IP address is anonymised immediately once it is gathered. That means that, through the plug-in being activated, personal data of yours is transmitted to the respective plug-in provider and stored there (in the case of US providers, in the USA). As the plug-in provider in particular gathers data using cookies, we recommend you to delete all cookies via your browser’s security settings prior to clicking on the greyed-out box.

We neither have any control over the data gathered or the data processing procedures nor are we are aware of the full extent of the data gathered, the purposes of the processing or the storage periods. We also have no information about the deletion of the data gathered by the plug-in provider.

The plug-in provider stores the data gathered about you in the form of usage profiles and uses it for the purpose of advertising, market research and/or designing its website in line with user requirements. Such an evaluation is in particular carried out (also for users who are not logged in) in order to display advertising in line with the user’s requirements and inform other users of the social network about your activities on our website.

The legal basis for the use of the plug-ins is Art. 6(1)(1)(f) GDPR. Via the plug-ins we give you the opportunity to interact with the social networks and other users, so that we can improve our website and design it in a more interesting way for you as a user.

You have a right to object to the creation of such user profiles. Your right to object exists in the case of grounds which arise from particular situations, unless we can provide evidence of grounds that are absolutely worthy of protection for processing the data which outweigh your interests, rights and freedoms, and, additionally, if the processing of your data serves to assert, exercise or defend legal claims (Art. 21(1) GDPR). You can also prevent the creation of user profiles in various ways, and thus make use of your right to object:

  • By setting your browser software accordingly. In particular, suppressing third party cookies leads to you not receiving any advertisements of third party providers:
  • by deactivating the interest-related advertisements of the providers which form part of the “About Ads” self-regulation campaign, via the link http://www.aboutads.info/choices, in regard to which this setting is deleted once you delete your cookies.

Data is passed on irrespective of whether or not you have an account with the plug-in provider or are logged in there. If you are logged into the plug-in provider, your data gathered on our website will be directly assigned to your account kept with the plug-in provider. If you press the activated button and link the page, for example, the plug-in provider also stores this information in your user account and notifies your contacts about it publicly.

We recommend you to regularly log out after using a social network, in particular, however, prior to activating the button, as in this way you can avoid any of your user activities being assigned to your profile kept with the plug-in provider.

Copyright by Spirit Legal LLP

Enjoy our winter special. Stay 2 nights and save 10 % of the regular rate.

Stay cozy with us Stay 2 nights & save 10 %

  • Special rate of 10 % on logis with breakfast
  • Minimum stay of 2 nights
  • Bookable in November, December & January (except New Year's Eve & Fashion Week)
  • Non-refundable & non-changeable
  • 5 days advanced booking time & 100 % credit card pre-payment
BOOK NOW