data protection
Data protection
1. Data protection - general information
As part of the introduction of the new General Data Protection Regulation (GDPR), we have updated our data protection declaration. All legally required changes regarding the obligation to provide information and the legal basis for the processing of personal data, which lead to the strengthening of your data protection rights, were taken into account. The security of your data and greater transparency are important to us. That’s why these changes are mandatory for us.
With this data protection declaration we inform you as a customer about the type, scope and purpose of the collection and use of your personal data. If you have any questions or suggestions regarding data protection, please feel free to contact us at info@hotelstannen.de.
2. Responsible body/contact
Data processing on this website is carried out by the website operator. You can find our contact details in the imprint of this website.
3. How do we collect your data?
The transmission of your data is generally on a voluntary basis. This is personal data that you transmit via our contact form, our online booking form (“Online Booking”, contractual partner C-Booking / Hotel Net Solutions, www.cbooking.de) or directly by email or telephone.
We neither collect nor process any further data beyond the personal data you have provided. We neither use cookies, Google Analytics, Google Remarketing, Google AdSense or Google Adwords. We do not collect IP addresses, do not conduct any profiling, collect any statistics and do not send any newsletters.
4. Types of data processed
- Inventory data (e.g. names, addresses)
- Contact details (e.g. email, telephone numbers)
5. Personal data - purpose, nature and scope of processing
You can visit our website without providing any personal data.
Personal data such as name, address, telephone number or email addresses are not collected unless you give us this information voluntarily, e.g. to process inquiries, process room bookings, or make comments. The data provided voluntarily will only be used for the purpose for which it was provided to us. It would also be appropriate to use the contact options provided by you (telephone/e-mail) if necessary to ensure the initiation and implementation (contract processing) of an accommodation contract.
No further processing of your personal data takes place.
6. Security
The Hotel St. Annen takes the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this data protection declaration.
We have taken various technical and organizational measures to protect your personal data against accidental or unlawful deletion or modification, loss or unauthorized disclosure or unauthorized access. Nevertheless, when data is transmitted over the Internet, security gaps can occur that do not guarantee 100% security. You are welcome to submit your request and details at any time by telephone or post.
7. Legal basis for processing
The legal basis for processing your personal data is based on the following points:
- based on consent, Article 6 GDPR paragraph 1 lit. a and Article 7 GDPR
- to fulfill a contract or to carry out pre-contractual measures as well as answering inquiries, Article 6 Paragraph 1 Letter b GDPR
- to fulfill our legal obligations, Article 6 Paragraph 1 Letter c GDPR
- to protect the legitimate interests of our company,
Article 6 Paragraph 1 Letter f GDPR
8. Collaboration with processors and third parties
If, as part of our processing, we disclose data to other people and companies (contract processors or third parties), transmit it to them or otherwise grant them access to the data, this only takes place on the basis of legal permission (e.g. if the data is transmitted to third parties, such as to payment service providers, in accordance with Art. 6 Para. 1 lit. b GDPR is necessary for the fulfillment of the contract), you have consented, a legal obligation provides for this or on the basis of our legitimate interests.
Processors include Paypal, credit card companies and C-Booking, our partner for processing online bookings to create the accommodation contract (= Hotel Net Solutions, www.cbooking.de). These are commissioned to process data on the basis of a so-called “order processing contract”, which happens on the basis of Article 28 GDPR.
No data is transferred to third countries.
9. Plugins and tools / use of third-party services and content
Google Maps
This site uses the map service Google Maps. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
In order to use the functions of Google Maps, it is necessary to save your IP address. This information is usually transferred to a Google server in the USA and stored there. The provider of this site has no influence on this data transfer. If Google Maps is activated, Google can use Google Fonts for the purpose of uniform font display. When you access Google Maps, your browser loads the required web fonts into your browser cache in order to display texts and fonts correctly.
The use of Google Maps is in the interest of an attractive presentation of our online offerings and to make it easy to find the places we indicate on the website. This represents a legitimate interest within the meaning of Art. 6 Para. 1 lit TTDSG, insofar as the consent includes the storage of cookies or access to information on the user's end device (e.g. device fingerprinting) within the meaning of the TTDSG. Consent can be revoked at any time.
Data transfer to the USA is based on the EU Commission's standard contractual clauses. Details can be found here:https://privacy.google.com/businesses/gdprcontrollerterms/ andhttps://privacy.google.com/businesses/gdprcontrollerterms/sccs/.
You can find more information about how we handle user data in Google's privacy policy:https://policies.google.com/privacy?hl=de. The company is certified according to the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the USA that is intended to ensure compliance with European data protection standards when data is processed in the USA. Every DPF certified company undertakes to comply with these data protection standards. Further information can be obtained from the provider using the following link:https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt000000001L5AAI&status=Active
Google Analytics
This website uses the “Google Analytics” service, which is provided by Google Inc. (1600 Amphitheater Parkway Mountain View, CA 94043, USA) is offered to analyze website usage by users. The service uses “cookies” – text files that are stored on your device. The information collected by cookies is usually sent to a Google server in the USA and stored there.
IP anonymization applies on this website. The user's IP address is shortened within the member states of the EU and the European Economic Area. This shortening means that your IP address is no longer linked to a person. As part of the order data agreement that the website operators have concluded with Google Inc., Google Inc. uses the information collected to create an evaluation of website usage and website activity and provides services related to Internet usage.
You have the option of saving the Cookies on your device by making the appropriate settings in your browser. There is no guarantee that you will be able to access all functions of this website without restrictions if your browser does not allow cookies.
You can also use a browser plug-in to prevent the information collected by cookies (including your IP address) from being sent to Google Inc. and used by Google Inc. The following link will take you to the corresponding plugin: https://tools.google.com/dlpage/gaoptout?hl=de
You can find further information on data usage by Google Inc. here: https://support.google.com/analytics/answer/6004245?hl=de
Google Reviews / Elfsight App
We have embedded third-party content on our website to display Google reviews. This content is provided by Elfsight, LLC, 0015, Armenia, Yerevan, Paronyana, 19/3, 201. All information will be processed in accordance with their privacy policy - https://elfsight.com/privacy-policy/.
Elfsight Cookie:
elfsight_viewed_recently
domain: core.service.elfsight.com, path: /, type: Http Only, Secure, sameSite: none, expiration: 15000 (15 seconds)
description: Used for implementing social platforms on the website.
10. External links
This website contains links to third-party websites ("external links") or may have been linked or be linked from other websites via hyperlinks without the third party's knowledge. These websites are the responsibility of the respective operators. When the external links were first linked, the provider checked the external content to see whether there were any legal violations. At the time, no legal violations were apparent. The provider has no influence on the current and future design or content of the linked pages. Setting external links does not mean that the provider adopts the content behind the reference or link as its own. It is unreasonable for the provider to constantly monitor external links without concrete evidence of legal violations. However, if we become aware of legal violations, such external links will be deleted immediately.
11. Duration of storage of personal data / deletion of data
All personal data will only be stored for as long as is necessary for the stated purpose (processing your request or processing a contract = room booking). Tax and commercial law retention periods are taken into account. According to legal requirements in Germany, storage takes place for 6 years in accordance with Section 257 Paragraph 1 HGB (commercial books, inventories, opening balance sheets, annual financial statements, commercial letters, accounting documents, etc.) and for 10 years in accordance with Section 147 Paragraph 1 AO (books, records, Management reports, accounting documents, commercial and business letters, documents relevant to taxation, etc.). At the request of the responsible authorities, we may provide information about this data (inventory data) in individual cases to the extent that this is necessary for the purposes of criminal prosecution, to avert danger, to fulfill the statutory tasks of the constitutional protection authorities or the military counterintelligence service or to enforce intellectual property rights.
As part of a general contact request via email or contact form, we only store your data for as long as is necessary for the respective correspondence.
The data we process will be deleted or its processing restricted in accordance with Articles 17 and 18 of the GDPR. Unless expressly stated in this data protection declaration, the data stored by us will be deleted as soon as they are no longer required for their intended purpose and the deletion does not conflict with any legal retention obligations. Unless the data is deleted because it is required for other legally permissible purposes, its processing will be restricted. This means that the data will be blocked and not processed for other purposes. This applies, for example, to data that must be retained for commercial or tax reasons.
12. Contact form
If you send us inquiries using the contact form, your details from the inquiry form, including the contact details you provided there, will be stored by us in order to process the inquiry and in case of follow-up questions. We do not pass on this data.
The data entered into the contact form is therefore processed exclusively on the basis of your consent (Art. 6 Para. 1 lit. a GDPR). You can revoke this consent at any time. All you need to do is send us an informal email. The legality of the data processing operations carried out up to the time of revocation remains unaffected by the revocation.
The data you enter in the contact form will remain with us until you request us to delete it, revoke your consent to storage or the purpose for data storage no longer applies (e.g. after your request has been processed). Mandatory legal provisions – in particular retention periods – remain unaffected.
13. Rights of Users
13.1. RIGHT TO ACCESS AND CORRECTION
In accordance with Article 15 GDPR, you have the right to information about the data stored about you. According to Article 16 GDPR, you also have the right to correct incorrect data, block it and delete it. Please contact info@hotelstannen.de or by post to the address provided at the beginning.
13.2. RIGHT TO REVOKE CONSENT
In accordance with Article 7 GDPR, you have the right to revoke your consent to the processing of your personal data at any time and with effect for the future.
13.3. RIGHT TO OBJECTION
In accordance with Article 21 GDPR, you can object to the future processing of your data at any time.
13.4. DELETION OF YOUR DATA / RESTRICTION OF PROCESSING
In accordance with Article 17 GDPR, you have the right to demand that the relevant data be deleted immediately, or alternatively, in accordance with Article 18 GDPR, to request a restriction on the processing of the data.
You can also request the deletion of personal data if you exercise the right under 13.2. and 13.3. have made use of.
13.5. RIGHT TO DATA PORTABILITY
In accordance with Article 20 GDPR, you have the right to receive data provided by you in a structured, common and machine-readable format.
13.6. RIGHT TO COMPLAINT
In accordance with Article 77 of the GDPR, you have the right to lodge a complaint with the responsible supervisory authority.
14. Legal Notice
The Hotel St. Annen constantly checks and updates the information on its website. Despite all care, the data may have changed in the meantime. No liability or guarantee can therefore be assumed for the topicality, correctness and completeness of the information provided. The same applies to all other websites that are referred to via hyperlink. The Hotel St. Annen is not responsible for the content of websites accessed through such a connection.
Furthermore, the Hotel St. Annen reserves the right to make changes or additions to the information provided.
The use of the contact details in the imprint for commercial advertising is expressly not desired unless the provider has previously given its written consent or a business relationship already exists. The provider and all persons named on this website hereby object to any commercial use and disclosure of their data.
15. Consumer Dispute Participation
The Hotel St. Annen takes part in dispute resolution proceedings before a consumer arbitration board.
General consumer arbitration board of the Center for Arbitration e.V. www.verbraucher-schlichter.de
DEU online dispute resolution platform: http://ec.europa.eu/consumers/odr/
16. Copyright and ancillary copyright law
The contents of this website are subject to the copyright of the domain owner. Copyright protection applies in particular to the content and structure of this website as well as to all images, videos, logos, graphics, texts, animations, brand names and their arrangement on this website. Any use is prohibited without the express written consent of the domain owner. This applies in particular to reproductions, translations and any form of electronic processing. This website and its contents have been compiled with the greatest possible care. However, no liability is assumed for the accuracy of the texts and representations on this website. If you are of the opinion that the content or design of this site violates third-party rights or legal provisions, we ask that you notify us accordingly without involving a lawyer. We promise to examine the complaint immediately and, in the event of a legal violation, to eliminate it immediately without you having to involve a lawyer.
17. Legal validity of this disclaimer
This disclaimer of liability is to be viewed as part of the Internet offering from which reference was made to this page. If parts or individual formulations of this text do not, no longer or do not completely correspond to the applicable legal situation, the remaining parts of the document remain unaffected in their content and validity.
18. Special Terms of Use
If special conditions for individual uses of this website differ from the numbers mentioned above, this will be expressly pointed out at the appropriate point. In this case, the special terms of use apply in each individual case.
19. Changes to this Privacy Policy
The Hotel St.Annen reserves the right to change this data protection declaration. The current version of the data protection declaration is always available on the website www.hotelstannen.de.
20. Hosting
We host our website at Wix.com Ltd., 40 Namal Tel Aviv St., Tel Aviv 6350671, Israel (hereinafter
“WIX”).
WIX a tool for creating and hosting websites. When you visit our website, you will
With the help of WIX, user behavior, traffic sources, the region of website visitors and the
Visitor numbers analyzed. WIX stores cookies on your browser that are used to display the website
and are necessary to ensure security (necessary cookies).
The data collected through WIX may be stored on various servers worldwide.
The WIX servers are available, among other things: in the USA.
Details can be found in the WIX data protection declaration:
https://de.wix.com/about/privacy.
According to WIX, data transfer to the USA and other third countries is based on the standard contractual clauses
of the EU Commission or comparable guarantees in accordance with Art. 46 GDPR. Details can be found here:
https://de.wix.com/about/privacy-dpa-users.
The use of WIX is based on Article 6 Paragraph 1 Letter f GDPR. We have a legitimate one
Interested in making our website as reliable as possible. If there is an appropriate one
If consent has been requested, processing is carried out exclusively on the basis of Article 6 Paragraph 1 Letter a
GDPR and Section 25 Paragraph 1 TTDSG, insofar as consent requires the storage of cookies or access to them
Information in the user's end device (e.g. device fingerprinting) within the meaning of the TTDSG. The
Consent can be revoked at any time.