Data protection declaration and consents
Data protection
Table of contents
1. Objective and responsible body
2. Basic information on data processing
3. Processing of personal data
4. Collection of access data
5. Cooperation with contract processors and third parties
6. Transfers to third countries
7. Cookies & range measurement
8. Google Analytics
9. Google Re / Marketing Services
10. Newsletter
11. Integration of services and content from third parties
12. Your rights as a data subject
13. Your right to object
14. Deletion of data
15. Changes to the privacy policy
1. Objective and responsible body
This data protection declaration clarifies the type, scope and purpose of the processing (including collection, processing and use as well as obtaining consent) of personal data (hereinafter referred to as "data") within our online offer and the websites, functions and content associated with it our social media profile (hereinafter collectively referred to as "online offer" or "website"). The data protection declaration applies regardless of the domains, systems, platforms and devices used (e.g. desktop or mobile) on which the online offer is carried out.
With regard to the terms used, such as "personal data" or their "processing", we refer to the definitions in Art. 4 of the General Data Protection Regulation (GDPR).
Responsible body:
Hotel & Restaurant Rückert
Owner: Patrick Rückert
Erbacher Strasse 8
57647 Nistertal
Phone: 02661-2424
Email: info@holtel-rueckert.de
(hereinafter referred to as "provider", "we" or "us"). For the contact options, we refer to our imprint.
The term "user" includes all customers and visitors to our online offer. The terms used, such as "user", are to be understood as gender-neutral.
2. Basic information on data processing
We process personal data of users only in compliance with the relevant data protection regulations in accordance with the principles of data economy and data avoidance. This means that user data is only processed if there is legal permission, in particular if the data is required or required by law to provide our contractual services and online services, or if consent has been given.
We take organizational, contractual and technical security measures in accordance with the state of the art to ensure that the provisions of data protection laws are complied with and to protect the data processed by us against accidental or deliberate manipulation, loss, destruction or access by unauthorized persons protection.
If content, tools or other means from other providers (hereinafter jointly referred to as "third-party providers") are used within the scope of this data protection declaration and their registered office is abroad, it can be assumed that data will be transferred to the countries in which the third-party providers are based . The transfer of data to third countries takes place either on the basis of legal permission, the consent of the user or special contractual clauses that guarantee the legally required security of the data.
3. Processing of personal data
In addition to the use expressly mentioned in this data protection declaration, the personal data are processed for the following purposes on the basis of legal permissions or user consent:
- The provision, execution, maintenance, optimization and securing of our services and user services;
- Ensuring effective customer service and technical support.
We only transmit user data to third parties if this is necessary for billing purposes (e.g. to a payment service provider) or for other purposes if these are necessary to fulfill our contractual obligations towards users (e.g. address notification to suppliers).
When contacting us (via the contact form or email), the information provided by the user is stored for the purpose of processing the request and in the event that follow-up questions arise.
Personal data will be deleted as long as they have fulfilled their intended purpose and the deletion does not conflict with any retention requirements.
4. Collection of access data
We collect data about every access to the server on which this service is located (so-called server log files). The access data includes the name of the accessed website, file, date and time of access, amount of data transferred, notification of successful access, browser type and version, the user's operating system, referrer URL (the previously visited page), IP address and the requesting provider .
We use the log data without assignment to the person of the user or other profile creation in accordance with the statutory provisions only for statistical evaluations for the purpose of operation, security and optimization of our online offer. However, we reserve the right to check the log data retrospectively if, based on specific indications, there is a legitimate suspicion of illegal use.
5. Cooperation with contract processors and third parties
5.1. If we disclose data to other persons and companies (contract processors or third parties) as part of our processing, transmit them to them or otherwise grant them access to the data, this is only done on the basis of legal permission (e.g. if the data is transmitted to third parties, such as to payment service providers, in accordance with Art. 6 Paragraph 1 lit.
5.2. If we commission third parties to process data on the basis of a so-called "order processing contract", this is done on the basis of Art. 28 GDPR.
6. Transfers to third countries
If we process data in a third country (i.e. outside the European Union (EU) or the European Economic Area (EEA)) or if this is done in the context of the use of third-party services or disclosure or transfer of data to third parties, this will only take place if it is done to fulfill our (pre) contractual obligations, on the basis of your consent, on the basis of a legal obligation or on the basis of our legitimate interests. Subject to legal or contractual permissions, we process or have the data processed in a third country only if the special requirements of Art. 44 ff. GDPR are met. This means that processing takes place, for example, on the basis of special guarantees, such as the officially recognized determination of a data protection level corresponding to the EU (e.g. for the USA through the "Privacy Shield") or compliance with officially recognized special contractual obligations (so-called "standard contractual clauses").
7. Cookies & range measurement
Cookies are information that is transferred from our web server or third party web servers to the user's web browser and stored there for later retrieval. In the context of this data protection declaration, users are informed about the use of cookies in the context of pseudonymous range measurement.
Viewing this online offer is also possible with the exclusion of cookies. If users do not want cookies to be stored on their computer, they are asked to deactivate the corresponding option in the system settings of their browser. Saved cookies can be deleted in the system settings of the browser. The exclusion of cookies can lead to functional restrictions of this online offer.
It is possible to use many online advertising cookies from companies via the US website http://www.aboutads.info/choices or the EU website http://www.youronlinechoices.com/uk/your-ad -choices / manage.
8. Google Analytics
We use Google Analytics, a web analysis service from Google Inc. ("Google"). Google uses cookies. The information generated by the cookie about the use of the online offer by the user is usually transmitted to a Google server in the USA and stored there.
Google will use this information on our behalf to evaluate the use of our online offer by users, to compile reports on the activities within this online offer and to provide us with other services related to the use of this online offer and the internet. In doing so, pseudonymous user profiles can be created from the processed data.
We only use Google Analytics with activated IP anonymization. This means that the IP address of the user is shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. The full IP address will only be transmitted to a Google server in the USA and shortened there in exceptional cases.
The IP address transmitted by the user's browser will not be merged with other Google data. Users can prevent the storage of cookies by setting their browser software accordingly; Users can also prevent Google from collecting the data generated by the cookie and relating to their use of the online offer and from processing this data by downloading and installing the browser plug-in available under the following link: http://tools.google.com/dlpage/gaoptout?hl=de.
Further information on the use of data for advertising purposes by Google, setting and objection options can be found on the Google website: https://www.google.com/intl/de/policies/privacy/partners ("Use of data by Google when you use websites or apps from our partners "), http://www.google.com/policies/technologies/ads (" Use of data for advertising purposes "), http://www.google.de/settings/ads (" Manage information that Google used to show you advertisements ") and http://www.google.com/ads/preferences (" Determine which advertisements Google shows you ").
9. Google Re / Marketing Services
We use the marketing and remarketing services ("Google Marketing Services" for short) from Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA, ("Google").
The Google Marketing Services allow us to display advertisements for and on our website in a more targeted manner in order to only present users with advertisements that potentially correspond to their interests. If, for example, users are shown advertisements for products that they were interested in on other websites, this is referred to as "remarketing". For these purposes, when our and other websites on which Google Marketing Services are active are called up, Google immediately executes a code from Google and so-called (re) marketing tags (invisible graphics or code, too referred to as "web beacons") integrated into the website. With their help, an individual cookie, i.e. a small file, is saved on the user's device (comparable technologies can also be used instead of cookies). The cookies can be set by various domains, including google.com, doubleclick.net, invitemedia.com, admeld.com, googlesyndication.com or googleadservices.com. This file records which websites the user has visited, which content he is interested in and which offers he has clicked, as well as technical information on the browser and operating system, referring websites, visiting time and other information on the use of the online offer. The IP address of the user is also recorded, whereby we inform you within the framework of Google Analytics that the IP address is shortened within member states of the European Union or in other contracting states of the Agreement on the European Economic Area and only in exceptional cases completely to one Is transferred to a Google server in the USA and shortened there. The IP address is not merged with the user's data within other Google offers. The aforementioned information can also be combined with information from other sources. If the user then visits other websites, the advertisements tailored to him can be displayed according to his interests.
The user data is processed pseudonymously as part of the Google Marketing Services. This means that Google does not store and process e.g. the name or email address of the user, but processes the relevant data cookie-related within pseudonymous user profiles. This means that from Google's point of view, the ads are not managed and displayed for a specifically identified person, but for the cookie owner, regardless of who this cookie owner is. This does not apply if a user has expressly allowed Google to process the data without this pseudonymisation. The information collected about the user by "DoubleClick" is transmitted to Google and stored on Google's servers in the USA.
The Google marketing services we use include the online advertising program "Google AdWords". In the case of Google AdWords, each AdWords customer receives a different "conversion cookie". Cookies cannot therefore be tracked via the websites of AdWords customers. The information obtained with the help of the cookie is used to create conversion statistics for AdWords customers who have opted for conversion tracking. The AdWords customers find out the total number of users who clicked on their ad and were redirected to a page with a conversion tracking tag. However, they do not receive any information with which users can be personally identified.
We incorporate third-party advertisements on the basis of Google's "DoubleClick" marketing service. DoubleClick uses cookies with which Google and its partner websites are able to place advertisements based on users' visits to this website or other websites on the Internet.
We also incorporate third-party advertisements based on the Google "AdSense" marketing service. AdSense uses cookies that enable Google and its partner websites to display ads based on users' visits to this website or other websites on the Internet.
Another Google marketing service we use is the "Google Tag Manager", with the help of which further Google analysis and marketing services can be integrated into our website (eg "AdWords", "DoubleClick" or "Google Analytics") .
You can find more information on the use of data by Google for marketing purposes on the overview page: https://www.google.com/policies/technologies/ads, Google's data protection declaration is available at https://www.google.com/policies/privacy retrievable.
If you would like to object to the collection by Google Marketing Services, you can use the setting and opt-out options provided by Google: http://www.google.com/ads/preferences.
10. Newsletter
We do not offer a newsletter function and we also do not send third-party newsletters.
11. Integration of services and content from third parties
It can happen that content or services from third-party providers, such as city maps or fonts from other websites, are integrated into our online offer. The integration of content from third-party providers always requires that the third-party providers perceive the IP address of the user, since they would not be able to send the content to the user's browser without the IP address. The IP address is therefore required to display this content. Furthermore, the providers of third-party content can set their own cookies and process user data for their own purposes. In doing so, user profiles can be created from the processed data. We will use this content as sparingly and avoiding data as possible and choose reliable third-party providers with regard to data security.
The following illustration provides an overview of third-party providers and their content, along with links to their data protection declarations, which contain further information on the processing of data and, in some cases already mentioned here, options for objection (so-called opt-out):
- External fonts from Google, Inc., https://www.google.com/fonts ("Google Fonts"). The integration of Google Fonts takes place by calling up a server on Google (usually in the USA). Data protection declaration: https://www.google.com/policies/privacy/, Opt-Out: https://www.google.com/settings/ads/.
- Maps of the "Google Maps" service provided by the third-party provider Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA. Data protection declaration: https://www.google.com/policies/privacy/, Opt-Out: https://www.google.com/settings/ads/.
- Videos from the "YouTube" platform of the third-party provider Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA. Data protection declaration: https://www.google.com/policies/privacy/, Opt-Out: https://www.google.com/settings/ads/.
12. Your rights as a data subject
As the person affected by the data processing, you have various rights:
Right of revocation: You can revoke your consent and powers of attorney to us at any time. The data processing based on the revoked consent may then no longer be continued in the future.
Right to information: You can request information about your personal data processed by us. This applies in particular to the purposes of data processing, the categories of personal data, possibly the categories of recipients, the storage period, possibly the origin of your data and, if necessary, the existence of automated decision-making including profiling and possibly meaningful information on their details .
Right of correction: You can request the correction of incorrect or the completion of your personal data stored by us.
Right to erasure: You can request the erasure of your personal data stored by us, insofar as their processing is not necessary to exercise the right to freedom of expression and information, to fulfill a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims . The details are listed in point 14. Deletion of data.
Right to restriction of processing: You can request that the processing of your personal data be restricted if you dispute the accuracy of the data, the processing is unlawful, but you refuse to delete it. You also have this right if we no longer need the data, but you need them to assert, exercise or defend legal claims. You also have this right if you have objected to the processing of your personal data;
Right to data portability: You can request that we transmit the personal data you have provided to us in a structured, common and machine-readable format. Alternatively, you can request the direct transmission of the personal data you have provided to another person responsible, as far as this is possible.
Right to lodge a complaint: You can lodge a complaint with the supervisory authority responsible for us, e.g. if you are of the opinion that we are processing your personal data in an unlawful manner. The authority responsible for us is: The State Commissioner for Data Protection and Freedom of Information Rhineland-Palatinate, Hintere Bleiche 34, 55116 Mainz.
13. Your right to object
If we process your personal data on the basis of a legitimate interest, you have the right to object to this processing. If you would like to make use of your right of objection, a message in text form is sufficient. So you are welcome to write to us, send a fax or contact us by e-mail. You can find our contact details under point 1 of this data protection notice.
14. Deletion of data
14.1. The data processed by us will be deleted or restricted in their processing in accordance with Art. 17 and 18 GDPR. Unless expressly stated in this data protection declaration, the data stored by us will be deleted as soon as it is no longer required for its intended purpose and the deletion does not conflict with any statutory retention requirements. If the data is not deleted because it is required for other and legally permissible purposes, its processing will be restricted. This means that the data is blocked and not processed for other purposes. This applies, for example, to data that must be kept for commercial or tax reasons.
14.2. Germany: According to legal requirements, the storage takes place in particular for 6 years in accordance with § 257 Paragraph 1 HGB (trading books, inventories, opening balances, annual financial statements, commercial letters, accounting documents, etc.) and for 10 years in accordance with § 147 Paragraph 1 AO (books, records , Management reports, accounting documents, commercial and business letters, documents relevant for taxation, etc.).
15. Changes to the privacy policy
We reserve the right to change the data protection declaration in order to adapt it to changed legal situations or to changes in the service and data processing. However, this only applies to declarations on data processing. If the consent of the user is required or components of the data protection declaration contain provisions of the contractual relationship with the users, the changes will only be made with the consent of the users.
The users are asked to inform themselves regularly about the content of the data protection declaration.
Status: May 16, 2018