Information on data protection

  • Privacy policy - Status: May 2018

  • We take the protection of your data very seriously and operate this website www.zum-storchennest.de in accordance with the applicable data protection legislation, including the provisions of the EU General Data Protection Regulation (hereinafter: GDPR). Below we inform you about the type and scope of the processing of your personal data and the rights to which you are entitled.


  •  
  • 1. Contact details
     

  • The controller within the meaning of the General Data Protection Regulation (hereinafter: GDPR) is
  • Martina Borst
  • Landhotel Zum Storchennest
  • Hauptstraße 127
  • 66851 Bann
  • Deutschland
  • Telefon: +49 (0)6371 9258-0
  • E-Mail: info@zum-storchennest.de
     
  • 2. Data processing when accessing our website
     

  • When you visit our website www.zum-storchennest.de, the browser used on your device automatically sends information to the server of our website. This information is temporarily stored in a so-called log file. The following information is collected without any action on your part and stored until it is automatically deleted
  • IP address of the requesting computer,
  • Date and time of access,
  • Name and URL of the accessed file,
  • the website from which the access was made (referrer URL)
  • the browser you are using and, if applicable, the operating system of your internet-enabled computer

The legal basis for data processing is Art. 6 (1) (f) GDPR. Under no circumstances do we use the data collected for the purpose of drawing conclusions about your person. The legitimate interest is based on the following purposes

  • Ensuring a smooth connection to the website,
  • Ensuring and optimizing the user-friendliness and handling of our website
  • Ensuring system security and stability
  • as well as for security/prosecution in the event of a cyber attack.
  • We also use cookies when you visit our website. You will find more detailed explanations in the Cookies section below.
     

3. Data security
 

Appropriate technical and organizational measures are taken to protect your data against unintentional or unlawful deletion, disclosure, access, manipulation, loss or other misuse.

For your security, your data is encrypted using an SSL (Secure Socket Layer) website certificate. The certificate we use has an encryption depth of 256 bits, which can generally be processed by modern browsers without any problems. You can recognize a secure SSL connection by the s appended to the http (i.e. http://...) in the address bar of your browser or by the lock symbol at the bottom of your browser.

Please bear in mind that security when using the Internet depends on various circumstances and cannot be completely guaranteed at all times.
 

4. Data erasure and storage duration
 

Data that we store will be blocked for further use when the corresponding authorization ceases to apply, in particular after the purpose has been achieved, and deleted after expiry of the retention periods under tax and commercial law, unless you have expressly consented to the further use of your data or something else has been contractually agreed.

Data that you enter as part of an application process will be stored for a maximum of 6 months.

 

5. Children and young adults

 

Our services are generally aimed at adults. Persons under the age of 18 should not transmit any personal data to us without the consent of their parents or legal guardians.
 

6. Third party websites

 

We have no influence on the current content of third-party websites linked via the website and the way in which these websites are operated. We are not responsible for data protection and are not responsible for the content of these websites.

 

7. Transfer of data

 

Your personal data will not be transferred to third parties without good reason.

Possible reasons for passing on your personal data to third parties may be

  • you have given your express consent in accordance with Art. 6 (1) (a) GDPR,
  • the disclosure pursuant to Art. 6 (1) (f) GDPR is necessary for the assertion, exercise or defense of legal claims and there is no reason to assume that you have an overriding interest worthy of protection in not disclosing your data
  • in the event that there is a legal obligation for the disclosure pursuant to Art. 6 para. 1 letter c) GDPR, and
  • this is legally permissible and necessary for the processing of contractual relationships with you in accordance with Art. 6 (1) (b) GDPR.

     

8. Categories of recipients / external service providers

 

We also outsource various services to external service providers (hereinafter: recipients), which we select and check carefully. We list the categories of recipients below:
 

Contract processor

We forward various personal data to our processors as the controller within the scope of commissioned data processing. We have ensured the security of your data by concluding agreements on commissioned data processing.

Our processors can be divided into the following categories:

  • Provision of services: This includes the web hosting and programming of this website, the operation of booking modules on this website, payment service providers

We only disclose data to authorities and third parties in accordance with statutory provisions or a court order. Information may be provided to authorities on the basis of a statutory provision for the prevention of danger or for criminal prosecution. Third parties will only receive information if this is required by law.
 

9. Data processing through explicit contact
 

Data that you explicitly provide to us yourself is recorded and collected. For example, during individual customer contact by e-mail, telephone or on our website, if you use the option to enter data (by using forms). The data that is intended for collection will be communicated to you according to its nature before the respective process, if this does not result from the nature of the upcoming process.
 

10. Data processing when using the contact form
 

For questions of any kind, we offer you the opportunity to contact us via a form provided on the website. It is necessary to provide a valid e-mail address so that we know who sent the request and can respond to it. We also collect additional mandatory information in order to simplify communication with you and avoid queries. The mandatory fields are marked in bold or with an (*) symbol. Further information can be provided voluntarily.

Data processing for the purpose of contacting us is carried out in accordance with Art. 6 (1) (a) GDPR on the basis of your voluntary consent.
 

11. Data processing when using our booking forms
 

When you send a booking or request, it is necessary for the process that you provide your personal data, which we need to process your request. Required information is marked in bold or with an (*) symbol. Further information can be provided voluntarily. We will only process the data you provide to process your inquiry or booking.

The data processing for the purpose of the booking or inquiry with us is carried out in accordance with Art. 6 para. 1 letter a) GDPR on the basis of your voluntarily given consent.
 

12. Data processing for advertising purposes
 

Data processing for advertising purposes generally constitutes a legitimate interest in accordance with Article 6(1)(f) GDPR.

Furthermore, data processing is carried out under the conditions of Section 7 (3) UWG.

If you are registered or listed as a customer with us, we process your contact data and inform you about products and services as well as relevant news independently of the newsletter subscription.

You have the right to object to data processing for advertising purposes at any time and free of charge for the respective communication channel with effect for the future. By objecting, the relevant contact address for the respective communication channel will be blocked for further advertising data processing. You can submit your objection by e-mail or by post to the contact details provided.
 

13. Data processing in third-party booking modules
 

In order to provide you with a convenient and easy booking experience, we use booking modules and free/occupied ads from third-party providers on our website.

This always presupposes that these third-party providers are aware of the user's IP address. Without the IP address, they would not be able to send the content to the respective user's browser. However, we have no influence on this if the third-party providers store the IP address, e.g. for statistical purposes.

Responsibility for data protection-compliant operation must be guaranteed by the respective third-party provider.

Data processing is carried out in accordance with Art. 6 (1) (a) GDPR on the basis of your voluntary consent.

You can find more information on this below.
 

[caesar-data]
 

We would like to strengthen your trust in the caesar-data booking system integrated on this website from the operator “caesar-data & software GmbH” for booking hotels, hosts and package deals and make the booking process and the handling of the data recorded in the booking process transparent to you . For this reason, you can find out here what information is requested from you and how this information is processed.

Booking via the caesar-data booking system

If you would like to book a free room or a package, your personal data is required for the booking, in particular your name, address, telephone number and your email address. This data is stored in the system for each booking under a booking number and is communicated to the booked host by fax. The booked host can view this data again at any time in a protected customer area that is only accessible to them. Export or automatic further processing is not possible. We would like to expressly point out that your email address in particular will not be used for advertising or mass mailing purposes.
Anonymized data is further processed for statistical purposes. We may use third-party service providers to process your personal data on our behalf for the purposes set out above. For example, we may share some information about you with these third parties so that they can contact you directly by email (for example, to subsequently receive a review of your travel experience).
 

Cookies through the booking system caesar-data
 

The caesar-data booking system uses “cookies”, details of which can be found in the Cookies/caesar-data section.
 

Right to information about the caesar-data booking system
 

As a user of the caesar-data booking system integrated on this website, you will receive information from the operator “caesar data & software GmbH” about what information has been recorded about you in the system. This service is free of charge. If necessary, please contact us by email at info@caesar-data.de or the caesar-data customer hotline on 02102 - 8896988.
 

Deleting your personal data from the caesar-data booking system
 

If you wish, the operator “caesar data & software GmbH” will delete the personal data recorded in the caesar-data booking system as soon as the arrival date advised by the booking has been reached. This service is free of charge. If necessary, please contact us by email at info@caesar-data.de or the caesar-data customer hotline on 02102 - 8896988. You will then receive a confirmation that your data has been deleted.
 

14. Cookies
 

We use cookies on our site. These are small files that your browser creates automatically and that are stored on your device (laptop, tablet, smartphone, etc.) when you visit our site. Cookies do not cause any damage to your device and do not contain viruses, Trojans or other malware.

A cookie stores information that arises in connection with the specific end device used. However, this does not mean that we receive direct knowledge of your identity.

The data processed by cookies is necessary for the purposes mentioned to protect our legitimate interests in accordance with Art. 6 Para. 1 Letter f) GDPR.

Most browsers automatically accept cookies. However, you can configure your browser so that no cookies are stored on your computer or that a message always appears before a new cookie is created. However, completely deactivating cookies may mean that you cannot use all functions of our website.

The storage period of cookies depends on their purpose and is not the same for everyone.

We use the following types of cookies:

Session cookies

On the one hand, the use of cookies serves to make the use of our offer more pleasant for you. We use so-called session cookies to recognize that you have already visited individual pages on our website. These are automatically deleted after you leave our site.

Temporary cookies

To optimize user-friendliness, we also use temporary cookies, which are stored on your device for a specific period of time. If you visit our site again to use our services, it will automatically be recognized that you have already been with us and what entries and settings you have made so that you do not have to enter them again.

Third-party cookies caeser-data

These are used to optimize the booking process and for statistical analysis.
 

15. Social Media Plugins and Tools
 

On our website we use social media plug-ins in accordance with Article 6 Paragraph 1 Letter a), Letter f) GDPR to make ourselves better known or to offer you additional benefits. The advertising purposes involved represent a legitimate interest for us. The responsibility for data protection-compliant operation must be guaranteed by the respective provider.
 

Google Maps
 

This site uses the Google Maps map service via an API. The provider is Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA.

In order to use the functions of Google Maps, it is necessary to save your IP address. This information is usually transferred to a Google server in the USA and stored there. The provider of this site has no influence on this data transfer.

The use of Google Maps is in the interest of an attractive presentation of our online offerings and to make it easy to find the places we indicate on the website.

You can find more information about the handling of user data in the data protection declaration

Google: http://www.google.de/intl/de/policies/privacy/.
 

16. Your rights
 

Right to information
 

You can request information about the purposes of processing, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the origin of your data, if it was not collected directly from you.
 

Right to rectification
 

You can request the correction of incorrect data or the completion of correct data.
 

Right to deletion
 

You can request the deletion of your personal data if one of the following reasons applies and the processing is not necessary:

  • The personal data was collected or otherwise processed for purposes for which it is no longer necessary.
    You withdraw your consent on which the processing was based and there is no other legal basis for the processing.
  • You object to the processing in accordance with Art. 21 Para. 1 GDPR and there are no overriding legitimate reasons for the processing, or you object to the processing in accordance with Art. 21 Para. 2 GDPR.
  • The personal data was processed unlawfully.
  • The deletion of personal data is necessary to comply with a legal obligation under Union or Member State law to which we are subject.
  • The personal data was collected in relation to information society services offered in accordance with Article 8 (1) GDPR.
     

Right to data portability
 

You can have the data you provided transmitted in a common, machine-readable format or request that it be transmitted to another person responsible.
 

Right to complain
 

To do this, you can contact the supervisory authority in the member state of your usual place of residence or our responsible supervisory authority.
 

Right to restriction
 

You can exercise the right to restriction of data processing if the accuracy of the personal data is contested, processing is unlawful and the data subject refuses the deletion of the personal data and instead requests the restriction of the use of the personal data, the controller the personal data for the purposes of the processing are no longer needed, but the data subject needs it to assert, exercise or defend legal claims, or the data subject has objected to the processing in accordance with Article 21 GDPR, as long as It is not yet clear whether the legitimate reasons of the person responsible outweigh those of the data subject.
 

Right to object
 

The general right of objection applies to all processing purposes described here, which are processed on the legal basis of Article 6 Paragraph 1 Letter f) GDPR. Unlike the data processing described under “Data processing for advertising purposes”, we are only obliged to implement the objection if you give reasons of overriding importance that arise from a special situation.
 

17. Currentness and changes to this data protection declaration
 

This data protection declaration is currently valid and is dated May 2018.
 

Due to the further development of our website and offers on it or due to changed legal or official requirements, it may become necessary to change this data protection declaration. You can access and print out the current data protection declaration at any time on the website at http://www.zum-storchennest.de/datenschutz.