Zimmer buchen Zimmer buchen

Datenschutz - Deutsch Privacy policy

Privacy policy of Parkhotel Schmid GmbH for direct collection (Art. 13 GDPR)

Scope of application

This privacy policy applies to the website of Parkhotel Schmid GmbH (parkhotel-schmid.de). In this policy, we would like to explain to you in an understandable, transparent and clear manner how your personal data is processed in connection with your visit to our website and its use.

The following descriptions of data processing, the associated rights and obligations and, in particular, the restrictions on the scope of data processing each represent what applies within the scope of the GDPR.

Name and address of the person responsible

We, Parkhotel Schmid GmbH, are to be designated as the controller within the meaning of Article 4(7) of the EU General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG) as well as other data protection regulations for our website (parkhotel-schmid.de) and the associated data processing. Comprehensive information about our company can be found in the legal notice.

Parkhotel Schmid GmbH
Managing Director Mrs. Emmi Schmid
Augsburger Straße 28
86477 Adelsried

E-Mail:info@parkhotel-schmid.de
Internet: parkhotel-schmid.de

(hereinafter referred to as “Parkhotel Schmid GmbH”)

 

Hosting

The web server for the operation of our website is technically operated by the IT service company Hetzner Online GmbH:

Mittwald CM Service GmbH & Co. KG
Königsberger Straße 4-6
32339 Espelkamp
Germany

Provision of the website and log files

Description and scope of data processing

Each time you visit our website, you transmit data to our web server via your Internet browser (for technical reasons). During an ongoing connection to the communication, our system automatically records information from the system of the calling computer or end device of the user.

We collect the following data:

  • Information about the web browser and the version used
  • the operating system of the user’s end device
  • the Internet service provider of the user
  • the IP address of the user
  • the previous website from which the user reaches our website (so-called referrer URL)
  • Date and time of the access request
  • Name of the requested file
  • Amount of data transferred

Legal basis for data processing

The legal basis for the temporary storage of this data and the log files is Art. 6 para. 1 lit. f) GDPR (legitimate interests of us as the responsible website operator).

Purpose of the data processing

The temporary storage of the user’s IP address by our system is necessary to enable delivery of the website to the user’s computer. For this purpose, the user’s IP address must necessarily remain stored for the duration of the session. The above-mentioned data is stored in the log files in order to ensure the functionality of our website. We also use this data to optimize the website and to ensure the security of our information technology systems (e.g. to detect attacks). The data is not analyzed for marketing purposes in this context.

Duration of storage

The above-mentioned data is deleted as soon as it is no longer required for the purpose for which it was collected. In the case of the collection of data for the provision of the website, this is the case when the respective session has ended. If the data is stored in log files, this is the case after 60 days at the latest. Storage beyond this period is possible. In this case, the user’s IP address is deleted or anonymized by us so that it is no longer possible to identify the accessing client and the data contained can no longer be linked to a specific person.

Contact form and e-mail contact

Description and scope of data processing

You can contact us via our contact form and the e-mail address provided info@parkhotel-schmid.de. In this case, the personal data of the sender, i.e. the user, transmitted with the inquiry will be stored. The sender’s first name, surname and email address are defined as mandatory fields. Other form fields are optional.

Legal basis for data processing

The legal basis for the processing of this data, which is transmitted in the course of sending an inquiry, is Art. 6 para. 1 lit. f) GDPR (legitimate interests of us as the controller). If the request is aimed at the conclusion of a contract, the additional legal basis for the processing is Art. 6 para. 1 lit. b) GDPR (fulfillment of a contract).

Purpose of the data processing

The processing of this personal data serves us exclusively to process your contact.

Duration of storage

The above-mentioned data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. For personal data sent by email or via the contact form, this is the case when the respective conversation with the user has ended. The conversation is ended when it can be inferred from the circumstances that the matter in question has been conclusively clarified.

Possibility of objection

The user has the option to object to data processing at any time. The objection should be sent to the following e-mail address: datenschutz@parkhotel-schmid.de. All personal data stored in the course of making contact will be deleted in this case.

VII Use of cookies

Our website uses cookies.

Description and scope of data processing

When individual pages of our website are accessed, so-called “session cookies” are used to facilitate navigation.

Cookies are small text files that are stored in the browser directory of your computer and enable recognition, but do not allow you to be personally identified. They are used to make our website more user-friendly, effective and secure.

Example:

  • Tracking your movements on the website
  • help you pick up where you left off on a page
  • remember your entered login data
  • Setting your preferences and other personalization functions

“Session cookies” therefore do not contain any personal data.

Legal basis

The legal basis for this data processing is Art. 6 para. 1 lit. f) GDPR.

Purpose of the data processing

The purpose is to carry out the electronic communication process or to provide certain functions requested by you (e.g. shopping cart function).

Furthermore, a cookie is required for web analysis (using previously anonymized IP addresses). This means that the cookie file enables us as the operator to track your movements on our website and obtain information that you may have voluntarily provided during your visit. The use of cookies is necessary to achieve our legitimate interests in the technically error-free and optimized provision of our services.

Insofar as other cookies (e.g. cookies to analyze your surfing behavior) are stored, these are treated separately in this privacy policy

Preventing storage

You can generally prevent the storage of cookies on your hard disk by selecting “Do not accept cookies” in your browser settings. You can also set your browser so that it asks you whether you agree before setting cookies. Finally, you can also delete cookies once they have been set at any time.

For implementation, please refer to the documentation of your browser manufacturer or the following instructions: www.meine-cookies.org/cookies_verwalten/index.html

If you do not accept cookies, this may lead to functional limitations of the website in individual cases.

Runtime

“Session cookies” expire at the end of the session, i.e. they are automatically deleted at the end of your visit.

Other cookies, known as persistent cookies, remain stored on your device until you delete them. These cookies enable us to recognize your browser the next time you visit our website. They remain valid for our website for 12 months and are automatically deleted after expiry.

 

VIII. Data security

We use technical and organizational measures to secure our website and other systems against loss, destruction, access, modification or dissemination of your data by unauthorized persons. In particular, your personal data is transmitted in encrypted form. We use the widespread SSL (Secure Socket Layer) method when you visit our website. Unfortunately, however, the transmission of information via the Internet is not completely secure, which is why we cannot guarantee the security of data transmitted to our website via the Internet.

No automated decision-making (including profiling)

We do not use fully automated decision-making pursuant to Art. 22 GDPR to establish and conduct our business relationship with you, which produces legal effects concerning you or significantly affects you in a similar way.

No data transfer

We do not pass on your personal data to third parties unless you have consented to the data being passed on or we are entitled or obliged to pass on data on the basis of statutory provisions and/or official or court orders. In particular, this may involve providing information for the purposes of criminal prosecution, averting danger or enforcing intellectual property rights.

XII Rights of the data subject

As a user of our website, you have various rights under the GDPR:

  • Right to information
    You can request information (Art. 15 GDPR) about your personal data processed by us (Art. 15 GDPR). In your request for information, you should specify your request in order to make it easier for us to compile the necessary data. Please note that your right to information may be restricted under certain circumstances in accordance with the statutory provisions (in particular Section 34 BDSG and Art. 10 BayDSG).
  • Right to rectification
    If the information concerning you is not (or no longer) accurate, you can request rectification in accordance with Art. 16 GDPR. If your data is incomplete, you can request that it be completed.
  • Right to erasure
    You can request the erasure of your personal data under the conditions of Art. 17 GDPR. Your right to erasure depends, among other things, on whether the data concerning you is still required by us to fulfill our legal obligations.
  • Right to restriction of processing
    Within the framework of the provisions of Art. 18 GDPR, you have the right to request that the processing of data concerning you be restricted.
  • Right to data portability (Art. 20 GDPR)
  • Right to object
    In accordance with Art. 21 GDPR, you have the right to object to the processing of data concerning you at any time for reasons arising from your particular situation. However, we are not always able to comply with this, e.g. if we are required by law to process data as part of our official duties.
  • Right to revoke a given declaration of consent at any time with effect for the future (Art. 7 para. 3 GDPR);

Note on the revocation of consent

A data subject has the right to withdraw their declaration of consent under data protection law at any time. However, this does not affect the lawfulness of the processing carried out on the basis of the consent until revocation.

  • Right to lodge a complaint with a data protection supervisory authority (Art. 77 GDPR)

Note on complaints to a Supervisory Authority

Without prejudice to any other administrative or judicial remedy, a data subject shall have the right to lodge a complaint with a supervisory authority – in particular in the Member State of the user’s habitual residence, place of work or place of the alleged infringement – if the user considers that the processing of his or her personal data by us infringes the GDPR.

The competent supervisory authority is the Bavarian State Office for Data Protection Supervision. www.lda.bayern.de

However, you can also contact the competent supervisory authority in your place of residence if you have any complaints. Current addresses and contact options can be found under the following link list:  www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html

XIII Definitions

If a user’s personal data is processed, the user is a data subject within the meaning of the GDPR.

Personal data according to Art. 4 GDPR is any information relating to an identified or identifiable natural person.

Someone is identifiable if they can be identified directly or indirectly. This can be done by assigning an identifier such as a name, an identification number, location data or an online identifier. Or by association with one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

The data subject is the person whose personal data is processed, e.g. the user of the website or the e-mail sender.

XIV Status and amendment of this data protection information

This data protection information was last updated on May 1, 2020.

Due to technical developments and/or changes in legal and/or regulatory requirements, it may be necessary to adapt this data protection information.

The current data protection information can be viewed at any time at parkhotel-schmid.de/data-protection.