Data protection
I. General information on data processing
1. Scope of processing of personal data
As a general rule, we only collect and use personal data from our users to the extent that this is necessary to provide a functional website and our content and services. The collection and use of our users’ personal data regularly only takes place with the user’s consent. An exception applies in cases in which obtaining prior consent is not possible for actual reasons and the processing of the data is permitted by legal regulations.
2. Legal basis for processing personal data
To the extent that we obtain the consent of the data subject for processing personal data, Article 6 (1) (a) of the EU General Data Protection Regulation (GDPR) serves as the legal basis for the processing of personal data. When processing personal data that is necessary to fulfill a contract to which the data subject is a party, Art. 6 Para. 1 lit. b GDPR serves as the legal basis. This also applies to processing operations that are necessary to carry out pre-contractual measures. If the processing of personal data is necessary to fulfill a legal obligation to which our company is subject, Article 6 Paragraph 1 Letter c GDPR serves as the legal basis. In the event that the vital interests of the data subject or another natural person require the processing of personal data, Article 6 (1) (d) GDPR serves as the legal basis. If the processing is necessary to protect a legitimate interest of our company or a third party and the interests, fundamental rights and freedoms of the data subject do not outweigh the first-mentioned interest, Art. 6 Para. 1 lit. f GDPR serves as the legal basis for the processing.
3. Data deletion and storage period
The personal data of the data subject will be deleted or blocked as soon as the purpose of storage no longer applies. Storage can also take place if this has been provided for by the European or national legislator in EU regulations, laws or other regulations to which the person responsible is subject. The data will also be blocked or deleted if a storage period prescribed by the standards mentioned expires, unless there is a need for further storage of the data to conclude or fulfill a contract.
II. Name and address of the person responsible
The person responsible within the meaning of the EU General Data Protection Regulation (GDPR) and other national data protection laws of the member states as well as other data protection regulations is:
Gasthof Engel
Werderstr. 63
79379 Müllheim / DE
Tel.: 49 7631 22 28
Email: info@hotel-engel-muellheim.de.de
Website: www.hotel-engel-muellheim.de
Responsible for web content:
Aidonis Vasileiou
Tel.: 49 7631 22 228
Email: info@hotel-engel-muellheim.de
III. Contact form and email contact
1. Description and scope of data processing
There is a contact form on our website that can be used to contact us electronically. If a user takes advantage of this option, the data entered in the input mask will be transmitted to us and stored.
This data is:
· Salutation
· Surname
· E-mail address
· Telephone number
At the time the message is sent, the following data is also stored:
· The user's IP address
· Date and time of registration
Your consent will be obtained for the processing of the data as part of the sending process and reference will be made to this data protection declaration. Alternatively, you can contact us using the email address provided. In this case, the user's personal data transmitted with the email will be stored. In this context, the data is not passed on to third parties. The data is used exclusively for processing the conversation.
2.Legal basis for data processing
The legal basis for the processing of the data, if the user has given his consent, is Article 6 (1) (a) GDPR. The legal basis for the processing of data transmitted in the course of sending an email is Article 6 (1) (f) GDPR. If the email contact is aimed at concluding a contract, the additional legal basis for the processing is Article 6 Paragraph 1 Letter b GDPR.
3.Purpose of data processing
We process the personal data from the input mask solely to process the contact. If you contact us via email, this also represents the necessary legitimate interest in processing the data. The other personal data processed during the sending process serves to prevent misuse of the contact form and to ensure the security of our information technology systems.
4.Duration of storage
The data will be deleted as soon as it is no longer required to achieve the purpose for which it was collected. For the personal data from the input mask of the contact form and those that were sent by email, this is the case when the respective conversation with the user has ended. The conversation ends when it can be seen from the circumstances that the matter in question has been finally clarified. The additional personal data collected during the sending process will be deleted after a period of seven days at the latest.
5.Possibility of objection and removal
The user has the option to revoke his consent to the processing of personal data at any time. If the user contacts us by email, they can object to the storage of their personal data at any time. In such a case, the conversation cannot continue. You can revoke your consent and object to storage at any time by emailinfo@hotel-engel-muellheim.detake place. In this case, all personal data that was stored in the course of contacting us will be deleted.
VI. Reservations
The data that you enter for the purpose of making a hotel or restaurant reservation on our website will be transmitted to us unencrypted (via https). This data, the type and scope of which can be found in the corresponding input mask of the online booking engine we use, is collected, processed and used exclusively to establish, implement and process the contractual relationship established by the reservation.
We process the following data in accordance with. Art. 6 Paragraph 1 Letter b GDPR for the purpose of fulfilling the contract:
· Salutation (of all travelers)
· First name, last name (of all travelers)
· Address details (sending of invoices and travel documents)
· Date of birth/age of all travelers
Telephone number of the main traveler/contact person (for short-term contact in the event of changes)
· Email address (sending summary of booking data)
· Credit card details if paying by credit card
· Bank details in the case of payment by SEPA direct debit
As part of the online reservation, you will automatically be redirected to the online booking system of our carefully selected cooperation partner TourOnline AG, which will carry out the reservation for us. This person is obliged to comply with data protection regulations. We will send you your booking confirmation to the email address you provided. In addition to the booking confirmation, you will also receive additional emails from us tailored to your trip with advertising content for your own, similar goods in connection with your booking. You can object to this sending at any time by sending an email to info@hotel-engel-muellheim.de, without incurring any costs other than the transmission costs according to the basic tariffs. After receiving your objection, we will stop sending you immediately. If necessary, personal data will be passed on to the companies involved in the processing of this contract, e.g. credit institutions for payment processing. The data required to fulfill the contract will be deleted no later than six months after termination of the contract and will only be kept available for any queries. The data will not be deleted if there are still outstanding claims after the contract has ended and should be collected. If there are statutory retention periods, the data concerned will be archived for the duration of these periods.
VII. Other information
If parts of the website are offered in languages other than German, this is exclusively a service for our customers, interested parties and employees who do not speak German.
Status of our data protection declaration: July 2018