DATA PROTECTION
Data Protection Declaration
Thank you for visiting the website hotel-am-ohewehr.de. This Data Protection Declaration is designed to inform you in detail about how your Personal Data is handled.
General information
The following provides you with initial and general information about Data collection and Data Processing when this website is accessed.
About this Data Protection Declaration
This Data Protection Declaration informs you about the scope and purpose of Processing Personal Data (hereinafter called “Data”) when this website is accessed. In the following passages, terms such as e.g. “Processing” or “Data Controller” are used in accordance with the definitions set out under Art. 4 of the General Data Protection Regulation (GDPR).
Data Controller
The following party is responsible for this website:
"Hotel Garni am Ohewehr" GmbH,
represented by the Managing Director, Mr Josef Franz Reps
Am Ohewehr 13
D-94491 Hengersberg
Tel. +49.9901.93510
Fax +49.9901.6762
e-mail Diese E-Mail-Adresse ist vor Spambots geschützt! Zur Anzeige muss JavaScript eingeschaltet sein!
Website https://www.hotel-am-ohewehr.de
Definitions
This Data Protection Declaration is based on the terminology of the General Data Protection Regulation (GDPR). Definitions of the individual terms are listed under Art. 4 GDPR.
Within the meaning of the GDPR and the present Data Protection Declaration, the term
1. “Personal Data” means all information relating to an identified or identifiable natural person (hereinafter called “the Data Subject”); a natural person is considered identifiable if they can be directly or indirectly identified, in particular through attribution to an identifier such as a name, a reference number, locational Data, an online reference identifier or one or more special characteristics that express the physical, physiological, genetic, psychological, economic, cultural or social identity of these natural persons;
2. “Data Subject” means any identified or identifiable or natural person whose Personal Data is processed by the Data Controller responsible for the Processing;
3. “Processing” means any procedure or series of procedures, such as collecting, gathering, organising, ordering, storing, altering or amending, reading out, retrieving, utilisation, disclosure through transmission or another form of provision, comparison or linking, restricting, deleting or destruction of Data in conjunction with Personal Data.
4. “Restricting Processing” means marking saved Personal Data for the purpose of restricting its future Processing;
5. “Profiling” means every type of automated Processing of Personal Data that entails using this Personal Data to evaluate specific personal aspects relating to a natural person, in particular to analyse or predict aspects relating to the work performance, economic circumstances, health, personal preferences, interests, reliability, behaviour, location or change of location of this natural person;
6. “Data Controller” means the natural person or legal entity, public authority, institution or other body that alone or jointly with others decides upon the purposes and means of the Processing of Personal Data; if the purposes and means of this Processing are stipulated by EU law or the law of member states, then the Data Controller or the specified criteria of his appointment may be established in accordance with EU law or the law of the member states;
7. “Recipient” means a natural person or legal entity, public authority, institution or other body to which Personal Data is disclosed, irrespective of whether this constitutes a Third Party or not. Public authorities that may possibly receive Personal Data within the context of a specific commissioned investigation in accordance with EU law or the law of member states are not, however, deemed to be Recipients; the Processing of this Data by the aforementioned authorities is performed in accordance with applicable data protection regulations in accordance with the purpose of the Processing;
8. “Third Party” means a natural person or legal entity, public authority, institution or other body, apart from the Data Subject, the Data Controller, the Processor and the persons who under the direct responsibility of the Data Controller or of the Processor are authorised to process the Personal Data;
9. “Consent” of the Data Subject means every declaration of intent or other unequivocal confirmation issued voluntarily and in an informed manner for the specific case with which the respective person indicates that he or she agrees with the Processing of the Personal Data relating to him or her.
Legal bases for the Data Processing
Insofar as the legal basis for the Data Processing is not specified in the following Data Protection Declaration, the following is applicable: The legal basis for obtaining Consent is Art. 6 Para. 1 lit. a and Art. 7 GDPR.
The legal basis for Processing to fulfil the performances of the Data Controller and to conduct contractual measures as well as to answer enquiries is Art. 6 Para. 1 lit. b GDPR.
The legal basis for Processing to fulfil the legal obligations of the Data Controller is Art. 6 Para. 1 lit. c GDPR. The legal basis for the Processing to safeguard the legitimate interests of the Data Controller is Art. 6 Para. 1 lit. f GDPR.
The legal basis in the event that vital interests of the respective person or of another natural person make the Processing of Personal Data necessary is Art. 6 Para. 1 lit. d GDPR.
Collecting and retaining server Data
Access Data is collected each time the server on which the Data of this website is saved is accessed (server logfiles).
The access Data includes
- the name of the accessed website,
- file,
- date and time of the accessing,
- transferred Data volume,
- report of successful retrieval,
- browser type and version,
- operating system of the user,
- referrer URL (the previously visited site),
- IP address of the website visitor,
- enquiring provider.
For security reasons, such as for example to clarify cases of misuse or fraud, server logfiles are retained for a maximum period of 7 days and are then erased. Data that needs to be retained for evidential purposes is excluded from the erasure until the respective case has been definitively clarified.
This Data Processing is performed in accordance with Art. 6 Para. 1 lit. f GDPR in order to safeguard legitimate interests.
Cookies
Cookies are used on this website. Cookies support the depiction of this website and make it possible to use certain functions. These are small text files that are saved on your device. Cookies collect Data about your IP address, your browser, your operating system and your internet connection.
Some of the cookies used on this website are erased at the end of the browser session, i.e. when you close your browser (so-called session cookies). Other cookies remain on your device and enable us to recognise your browser the next time you visit (persistent cookies). You can set your browser to be informed about the placement of cookies, enabling you to decide on their acceptance on a case-by-case basis or to exclude the acceptance of cookies in specific cases or in general. If cookies are not accepted, the functions of this website may be restricted.
This Data Processing is performed in accordance with Art. 6 Para. 1 lit. f GDPR in order to safeguard legitimate interests.
The duration of the retention is set out in the cookie settings overview of your web browser. You can set your browser to be informed about the placement of cookies, enabling you to decide on their acceptance on a case-by-case basis or to exclude the acceptance of cookies in specific cases or in general.
Cookie settings are managed in different ways by various browsers. The help menu of your browser contains more information about how to alter your cookie settings.
Information about cookie settings for the Internet Explorer™ are to be found under the following link:
http://windows.microsoft.com/de-DE/windows-vista/Block-or-allow-cookies
Information about cookie settings for Safari™ are to be found under the following link:
https://support.apple.com/kb/ph21411?locale=de_DE
Information about cookie settings for Chrome™ are to be found under the following link:
http://support.google.com/chrome/bin/answer.py?hl=de&hlrm=en&answer=95647
Information about cookie settings for Firefox™ are to be found under the following link:
https://support.mozilla.org/de/kb/cookies-erlauben-und-ablehnen
Information about cookie settings for Opera™ are to be found under the following link:
http://help.opera.com/Windows/10.20/de/cookies.html
While you can also use our website without deploying cookies, this may limit certain depictions and functions of our service.
You can manage online ad cookies via the following links:
http://www.aboutads.info/choices for the USA;
http://www.youronlinechoices.com/uk/your-ad-choices for Europe.
Data erasure / Data blocking after the purpose of the collection or retention has expired.
Data retained and Processed by “Hotel am Ohewehr” H & R GmbH is erased or subjected to limited utilisation pursuant to Art. 17 and 18 GDPR. Unless expressly specified within the context of this Data Protection Declaration, the saved Data will be deleted as soon as this is no longer required for its original purpose and this is compatible with statutory retention obligations. Insofar as Data is not erased because it is required for other purposes permitted by law, its Processing shall be limited. In this event, Data will be blocked and not processed for other purposes. This applies, e.g. to Data that needs to be retained for statutory commercial or tax reasons.
In accordance with statutory regulations in Germany, storage periods are 6 years pursuant to § 257 Para. 1 of the German Commercial Code (“HGB”) for commercial records, inventories, opening balance sheets, annual financial statements, commercial letters, booking records etc. and 10 years pursuant to § 147 Para. 1 of the German Tax Code (“AO”) for accounts, records, management reports, accounting records, commercial and business correspondence, as well as documents of relevance for taxation, etc.
Rights of the Data Subject
Data protection law provides you with many rights vis-à-vis the Data Controller who operates this website. Your rights are set out in the following.
Right to access
Pursuant to Art. 15 GDPR you have the right to demand confirmation about whether Data relating to you is processed, to be informed about this Data as well as to receive all further information as well as a copy of the Personal Data that is the object of the Processing.
Right to correction
Pursuant to Art. 16 GDPR you have the right to demand the completion of the Data relating to you or the correction of incorrect information relating to you.
Right to erasure Data or restrict Processing
Pursuant to Art. 17 GDPR, you have the right to demand that the respective Data is erased without delay. Alternatively, pursuant to Art. 18 GDPR you have the right to demand that the Processing of the Data is restricted.
Right to Data portability
Pursuant to Art. 20 GDPR you have the right to receive the Data relating to you that you made available in a structured, accessible and machine-readable format, and to demand the transfer thereof to other data controllers.
Right to appeal
Pursuant to Art. 77 GDPR you have the right to appeal before the competent supervisory authority.
Right to withdraw consent
Pursuant to Art. 7 Para. 3 GDPR you have the right to revoke already issued consent with effect for the future.
Right to appeal
Pursuant to Art. 21 GDPR, you have the right to object at any time to the future Processing of Data relating to you. The objection can in particular relate to Processing for direct marketing purposes. If you object to Processing for direct marketing purposes, your Personal Data will no longer be processed for these purposes.
Further functions on the website
Encryption and Data security
The widely-used SSL (secure socket layer) process in conjunction with the respective highest encryption level that is supported by your browser is used when this website is accessed. As a rule, this involves 256 bit encryption. If your browser does not support 256 bit encryption, we use 128 bit v3 technology instead. You can identify whether an individual section of this website is being transmitted in encrypted format by the key or closed padlock symbol in the lower menu bar of your browser.
We also use appropriate technical and organisational security measures to protect your Data from accidental or wilful manipulation, partial or complete loss, destruction or from being accessed by unauthorised Third Parties. Our security measures continue to be improved on an ongoing basis in accordance with technological developments.
Contact form
When visiting this website, you have the opportunity to contact "Hotel Garni am Ohewehr" GmbH using a contact form. In this case the information you provide will be retained for the purpose of Processing your contact. The information will not be transferred to any Third Party. The Data collected in this manner will furthermore not be compared with Data that may possibly be collected by other components of this website.
This Data will therefore be processed with your consent in accordance with Art. 6 Para. 1 lit. a) GDPR.
Opportunity to comment
When visiting this website you have the opportunity to leave comments on the individual contributions. In this conjunction, the IP address you use to access this website will be saved.
This Data Processing will be performed in accordance with Art. 6 Para. 1 lit. a) GDPR on the basis of your consent.
In other respects, the IP address will be retained in order to protect "Hotel Garni am Ohewehr" GmbH if comments made by the author breach third-party rights and/or contain unlawful content, raising the possibility that lawsuits are brought against "Hotel Garni am Ohewehr" GmbH on the grounds of these breaches of rights.
This retention therefore serves to safeguard legitimate interests pursuant to Art. 6 Para. 1 lit. f) GDPR. The Processing of this Data will be limited to the possible purpose of defending against such claims.
Data Processing for in-house advertising
This website gives you to the opportunity to obtain advertising and information beyond the actual visit, as described below.
The purpose of this Data Processing is to remain in contact with you.
Data used for postal advertising
"Hotel Garni am Ohewehr" GmbH reserves the right to use your first name and last name as well as your address to send in-house advertising by post, e.g. to send interesting offers and information about our products. You can block the retention and use of your Data for these purposes at any time by contacting the “Data Controller” specified above.
This Data Processing is consequently performed in accordance with Art. 6 Para. 1 lit. f) GDPR to protect legitimate interests.
Integration of Third Party service providers: Google functions
The below-specified Google services are integrated in this website.
The provider of the respective service is the company Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
This provider is certified in accordance with the EU-US Privacy Shield Treaty:
https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active
The purpose of the Data Processing is to enable this website to be found using the Google search engine and further Google online services.
This Data Processing is consequently performed in accordance with Art. 6 Para. 1 lit. f) GDPR to protect legitimate interests.
The associated data protection declaration of the provider is available under the following link:
https://www.google.com/policies/privacy/.
Information about opting out is available under the following link:
https://adssettings.google.com/authenticated
Google Maps
The “Google Maps” service is integrated in this website.
Each time “Google Maps” is accessed, Google places a cookie in order to process the user settings and data integrated in the “Google Maps” component. As a rule, this cookie is not erased when the internet browser is closed, but instead continues to run for a specific period of time, unless it is first erased manually.
If you do not agree to this Processing of your Data, you can deactivate the “Google Maps” service to prevent the transmission of Data to Google. For this purpose, you must deactivate the Java Script function in your browser. In this event, however, you may not be able to use the “Google Maps” service, or only in part.
Use of “Google Maps” and the information obtained via “Google Maps” is in accordance with the Google user terms and conditions, which you can access under the following link:
http://www.google.de/intl/de/policies/terms/regional.html
In addition, the additional terms and conditions of business for “Google Maps”, which you can access under the following link, are also applicable:
https://www.google.com/intl/de_de/help/terms_maps.html
Status: 31.12.2020