Privacy Notice

Online BookingContact Us

Introduction and general information

Thank you for your interest in our website. The protection of your personal data is very important to us. Below you will find information on how we handle your data that is collected through your use of our website. Your data will be processed in accordance with the legal regulations on data protection.

Responsible body within the meaning of data protection law

Name and contact details of the person responsible
and, if applicable, his representative:
GSB Betriebs- und Beteiligungs GmbH | Hotel Theresientor
Geiselhöringer Str. 63 | 94315 Straubing
E-Mail: straubing@hotel-theresientor.de

Contact details of the data protection officer:
Tobias Zimmermann | Datenschutz | Beratung
E-Mail: info@zimmermann-datenschutz.de

Storage duration or criteria for determining the duration:
The data will be deleted immediately if they are no longer required to achieve the purpose.

Definitions

Our data protection declaration should be simple and understandable for everyone. In this data protection declaration, the official terms of the General Data Protection Regulation (GDPR) are generally used. The official definitions are explained in Art. 4 GDPR.

Data processing by visiting our website

When you visit our website, it is technically necessary for data to be transmitted to our web server via your internet browser. The following data is recorded during an ongoing connection for communication between your internet browser and our web server:

  • Date and time of the request
  • Name of the requested file
  • Page from which the file was requested
  • access status
  • Web browser and operating system used
  • (Full) IP address of the requesting computer
  • Amount of data transferred

We collect the listed data in order to ensure a smooth connection to the website and to enable users to use our website comfortably. In addition, the log file is used to evaluate system security and stability as well as for administrative purposes. The legal basis for the temporary storage of the data or the log files is Article 6 (1) (f) GDPR.

For reasons of technical security, in particular to prevent attempts to attack our web server, we store this data for a short time. Based on this data, it is not possible for us to draw conclusions about individual persons. After 7 days at the latest, the data is anonymized by shortening the IP address at domain level, so that it is no longer possible to establish a reference to the individual user.

The data may also be processed anonymously for statistical purposes. A storage of this data together with other personal data of the user, a comparison with other databases or a transfer to third parties does not take place at any time.

Contact form and contact via email

If you send us inquiries via the contact form or e-mail, your details from the inquiry form or your e-mail, including the first and last name you entered there, will be stored by us for the purpose of processing the inquiry and in the event of follow-up questions. Providing an e-mail address is required for contact information, providing your name and telephone number is voluntary. Under no circumstances will we pass on this data without your consent. The legal basis for processing the data is our legitimate interest in answering your request in accordance with Article 6 Paragraph 1 Letter f GDPR and, if applicable, Article 6 Paragraph 1 Letter b GDPR, if your request is aimed at concluding a contract. Your data will be deleted after your request has been processed, provided there are no legal storage requirements to the contrary. In the case of Art. 6 Para. 1 lit. f GDPR, you can object to the processing of your personal data at any time.

Google Web Fonts

This site uses so-called web fonts provided by Google for the uniform display of fonts. When you call up a page, your browser loads the required web fonts into your browser cache in order to display text and fonts correctly.

For this purpose, the browser you are using must connect to the Google servers. This gives Google knowledge that our website was accessed via your IP address. Google Web Fonts are used in the interest of a uniform and appealing presentation of our online offering. This represents a legitimate interest within the meaning of Article 6 (1) (f) GDPR.

If your browser does not support web fonts, a standard font will be used by your computer.

For more information about Google Web Fonts, see developers.google.com/fonts/faq and in Google’s privacy policy: policies.google.com/privacy?hl=de&gl=de.

Customer Alliance Widget

Our website uses widgets from the site operated by CA Customer Alliance GmbH www.customer-alliance.com/de/.

The site operator is CA Customer Alliance GmbH, Ullsteinstraße 130, 12109 Berlin.

If you visit one of our pages equipped with a Customer Alliance widget, a connection to the servers of CA Customer Alliance GmbH will be established. The Customer Alliance server is informed which of our pages you have visited.

Customer Alliance is used in the interest of an attractive presentation of our online offers. This represents a legitimate interest within the meaning of Article 6 (1) (f) GDPR.

Further information on handling user data can be found in the data protection declaration of CA Customer Alliance GmbH at: www.customer-alliance.com/de/data-processing-agreement/.

Hotels Online Booking

Our website uses the script of the site operated by SoftTec GmbH www.softtec.de.

The operator of the pages is SoftTec GmbH, Hindelanger Str. 35, 87527 Sonthofen.

If you visit one of our pages equipped with an online booking script, a connection to the SoftTec GmbH servers will be established. The SoftTec server is informed which of our pages you have visited.

SoftTec is used in the interest of an attractive presentation of our online offers. This represents a legitimate interest within the meaning of Article 6 (1) (f) GDPR.

Further information on handling user data can be found in the data protection declaration of SoftTec GmbH: www.softtec.de/datenschutz/.

Use of cookies

Our website uses so-called “cookies”. Cookies are small text files that are stored on your end device either temporarily for the duration of a session (session cookies) or permanently (permanent cookies). Session cookies are automatically deleted after your visit. Permanent cookies remain stored on your end device until you delete them yourself or your web browser automatically deletes them. Our website uses so-called “cookies”. Cookies are small text files that are stored on your end device either temporarily for the duration of a session (session cookies) or permanently (permanent cookies). Session cookies are automatically deleted after your visit. Permanent cookies remain stored on your end device until you delete them yourself or your web browser automatically deletes them.

Cookies have different functions. Numerous cookies are technically necessary because certain website functions would not work without them (e.g. the shopping cart function or language settings). Other cookies are used to evaluate user behavior or to display advertising.

Technically necessary cookies are stored on the basis of Art. 6 Para. 1 lit. f GDPR. We have a legitimate interest in the storage of cookies for the technically error-free and optimized provision of our services. Other cookies are only stored with your consent on the basis of Article 6 (1) (a) GDPR. The consent can be revoked at any time for the future. The legal basis can also result from Article 6 (1) (b) GDPR if the processing is necessary for the performance of a contract to which the data subject is a party or for the implementation of pre-contractual measures that are carried out at the request of the data subject. If cookies are used for analysis purposes, we will inform you of this separately in this data protection declaration and obtain your consent.

You can set your browser so that you are informed about the setting of cookies, allow cookies only in individual cases, exclude the acceptance of cookies for certain cases or in general, activate the automatic deletion of cookies when closing the browser.
The cookie settings can be managed under the following links for the respective browser.

You can also individually manage the cookies used for advertising by many companies and features. To do this, use the appropriate user tools, available at www.aboutads.info/choices or www.youronlinechoices.com/uk/your-ad-choices Most browsers also offer a so-called “Do Not Track” function, which you can use to indicate that you do not wish to be “tracked” by websites. When this feature is turned on, the browser tells ad networks, websites, and applications that you do not want to be tracked for behavioral advertising and the like. Information and instructions on how to edit this function can be found under the following links, depending on the provider of your browser:

In addition, you can prevent the loading of so-called scripts by default. NoScript only allows JavaScripts, Java and other plugins to run on trusted domains of your choice. Information and instructions on how to edit this function can be obtained from the provider of your browser (e.g. for Mozilla Firefox at: addons.mozilla.org/de/firefox/addon/noscript). Please note that disabling cookies may limit the functionality of this website.

Data transfer and recipients

A transfer of your personal data to third parties does not take place, except

  • if we have explicitly pointed this out in the description of the respective data processing.
  • if you have given your express consent in accordance with Article 6 Paragraph 1 Clause 1 Letter a GDPR,
  • the transfer according to Article 6 paragraph 1 sentence 1 lit. f GDPR is necessary to assert, exercise or defend legal claims and there is no reason to assume that you have an overriding legitimate interest in not disclosing your data,
  • in the event that there is a legal obligation for the transfer according to Art. 6 Para. 1 S. 1 lit. c DSGVO and
  • insofar as this is necessary for the processing of contractual relationships with you in accordance with Article 6 (1) sentence 1 lit. b GDPR.

We also use external service providers for the processing of our services, which we have carefully selected and commissioned in writing. You are bound by our instructions and are regularly checked by us. With whom we may have concluded order processing contracts in accordance with Art. 28 GDPR. These are service providers for web hosting, the sending of e-mails and maintenance and care of our IT systems, etc. The service providers will not pass this data on to third parties.

Data security

In accordance with Art. 32 GDPR, we take appropriate technical measures, taking into account the state of the art, the implementation costs and the type, scope, circumstances and purposes of the processing as well as the different probability of occurrence and severity of the risk for the rights and freedoms of natural persons and organizational measures to ensure a level of protection appropriate to the risk. This website uses SSL encryption for security reasons and to protect the transmission of confidential content.

Duration of storage of personal data

The duration of the storage of personal data is based on the relevant statutory retention periods (e.g. from commercial law and tax law). After the respective period has expired, the corresponding data is routinely deleted. If data is required to fulfill or initiate a contract or if we have a legitimate interest in further storage, the data will be deleted if they are no longer required for these purposes or if you exercise your right of revocation or objection.

Your rights

In the following you will find information on which data subject rights the applicable data protection law grants you in relation to the person responsible with regard to the processing of your personal data:

The right to request information about your personal data processed by us in accordance with Art. 15 GDPR. In particular, you can request information about the processing purposes, the category of personal data, the categories of recipients to whom your data was or will be disclosed, the planned storage period, the existence of a right to rectification, deletion, restriction of processing or objection, the existence of a right to lodge a complaint, the origin of your data if it was not collected from us, and the existence of automated decision-making including profiling and, if applicable, meaningful request information about their details.

The right, in accordance with Art. 16 GDPR, to immediately request the correction of incorrect or incomplete personal data stored by us.

The right, in accordance with Art. 17 GDPR, to request the deletion of your personal data stored by us, unless the processing is necessary to exercise the right to freedom of expression and information, to fulfill a legal obligation, for reasons of public interest or to assert, exercise or Defense of legal claims is required.

The right, in accordance with Art. 18 GDPR, to request the restriction of the processing of your personal data, insofar as you dispute the accuracy of the data, the processing is unlawful, but you refuse to delete it and we no longer need the data, but you use them for you need to assert, exercise or defend legal claims or you have objected to processing in accordance with Art. 21 GDPR.

You have the right to be informed in accordance with Art. 19 GDPR if you have asserted the right to correction, deletion or restriction of processing to the person responsible. This obliges you to notify all recipients to whom your personal data has been disclosed of this correction or deletion of the data or restriction of processing, unless this proves impossible or involves a disproportionate effort. You have the right to be informed about these recipients.

The right, in accordance with Art. 20 GDPR, to receive your personal data that you have provided to us in a structured, common and machine-readable format or to request transmission to another person responsible.

The right to complain to a supervisory authority in accordance with Art. 77 GDPR. As a rule, you can contact the supervisory authority of the federal state of our registered office specified above or, if applicable, that of your usual place of residence or work.

Right to revoke granted consent in accordance with Art. 7 Para. 3 GDPR: You have the right to revoke your consent to the processing of data at any time with effect for the future. In the event of revocation, we will delete the data concerned immediately, unless further processing can be based on a legal basis for processing without consent. The revocation of the consent does not affect the legality of the processing carried out on the basis of the consent up to the point of revocation.

Right to object

If your personal data is processed by us on the basis of legitimate interests in accordance with Article 6 Paragraph 1 Sentence 1 lit. f GDPR, you have the right under Article 21 GDPR to object to the processing of your personal data, insofar as this
reasons arising from your particular situation. Insofar as the objection is directed against the processing of personal data for the purpose of direct advertising, you have a general right of objection without the need to state a particular situation.
If you would like to make use of your right of revocation or objection, an e-mail is sufficient info@zimmermann-datenschutz.de.

External links

Social networks (Facebook, Twitter, Xing, etc.) are only included on our website as links to the corresponding services. After clicking on the integrated text/image link, you will be forwarded to the website of the respective provider. User information is only transferred to the respective provider after forwarding. Information on the handling of your personal data when using this website can be found in the respective data protection regulations of the providers you use.

Insofar as there are links to other websites, we have neither influence nor control over the linked content and the data protection regulations there. We recommend checking the data protection declarations of these websites when accessing linked websites in order to be able to determine whether and to what extent personal data is collected, processed, used or made accessible to third parties.

Legal Obligations

The provision of personal data for the decision on the conclusion of a contract, the fulfillment of the contract or the implementation of pre-contractual measures is voluntary. However, we can only make the decision within the framework of contractual measures if you provide such personal data that is necessary for the conclusion of the contract, the fulfillment of the contract or pre-contractual measures.

Automated Decision Making

Automated decision-making or profiling according to Art. 22 GDPR does not take place.

Subject to change

We reserve the right to adapt or update this data protection declaration if necessary, taking into account the applicable data protection regulations. In this way, we can adapt them to current legal requirements and take changes to our services into account, e.g. when introducing new services. The most current version applies to your visit.

Status of this data protection declaration: Jul 2022