Data controller within the scope of privacy law, specifically the EU General Data Protection Regulation (GDPR):
Hotel Landhaus am Stein
Im Sapplfeld 8
83707 Bad Wiessee
Phone: +49 (0)8022 98470 email@example.com
You can exercise the following rights:
information about any personal data we hold and process about you,
rectification of any inaccuracies within the personal data we hold about you,
erasure of your personal data from our systems,
restriction of data processing, in cases where we are not allowed to delete your data entirely due to applicable law,
revoke your consent to data storage and processing,
data transfer, in case you have agreed to data processing or have signed a contract with us.
Once you have given consent, you can revoke it for the future at any time.
You can file a complaint with your responsible regulatory authority, should you feel that we have violated your privacy rights.
Scope of Data Processing by Data Controller and Third Parties
you have expressly given consent,
it is required to fulfill our contract with you,
it is required to fulfill a legal requirement,
it ensures our legitimate interest and there is no reason to presume any predominant protectable interest from your side against disclosure.
In cases where data is transferred to third countries, this happens within the scope of legal or contractual permissions and if special prerequisites are met according to art. 44 GDPR and subsequent articles. Specifically, data is processed based on guarantees and official recognition of the applicable data protection level matching the EU (e.g. “Privacy Shield” for the USA).
Deletion and Suspension of Data
We uphold the principles of data reduction and data economy. Therefore, your personal information is stored only as long as it is required for achieving the purposes described herein or as is mandated by law. After the particular purpose ceases or the statutory terms expire, all date is routinely deleted or suspended according to regulations.
Acquisition of General Information During a Visit to our Website
When accessing our website, general information is recorded automatically. This information (server log files) contains, among others, your web browser type, the operating system in use, the domain name of your internet service provider and similar data. This is information does not enable us to make any conclusion about you personally.
This data is technically required, to deliver the requested content of websites correctly and are obligatory when using the internet. They are processed for the following purposes:
ensuring a working connection with the website is established,
ensuring proper use of our website,
analysis of system security and stability,
additional administrative purposes.
Processing of your personal information is based on our legitimate interest to achieve the aforementioned purpose. We do not use your personal information to reach any conclusions about you as a person. Recipients of the data are the data controller and our webhosting provider as a commissioned data processor.
Anonymized information of this kind may be used by us statistically, in order to optimize our website and the technology used.
Server log files are stored for security reasons (e.g. to resolve cases of abuse or fraud) for a max. of 7 days. They are deleted afterwards, unless they are required as proof until final resolution of specific cases.
Like many other websites we use so-called “cookies“. Cookies are small text files send to your local hard drive by a web server. This automatically provides us with certain data, like IP-address, browser, operating system used and your internet connection.
Cookies cannot be used to open programs or transfer viruses to another computer. Based on the information contained in the cookies however we can simplify navigation for you and ensure or website is correctly displayed. Mainly, this concerns so-called “session cookies”, which are solely used to facilitate the correct functionality of the website and are deleted once you leave our website or close the browser.
In no case will we disclose the data collected to third parties or, without your consent, create a connection to your personal information.
To ensure the safety of your information during transmission, we use common state of the art encryption methods via HTTPS (SSL/TLS).
Based on your explicit consent we will send you our periodic newsletter or comparable information via email to your provided email address.
To receive our newsletter, we only require your email address. For the purposes of addressing you personally within the newsletter, we optionally ask you to provide your name as well. When registering for our newsletter, the information provided will be solely used for this purpose. Subscribers may also be informed about certain circumstances relevant for the service or the registration (e.g. changes to the newsletter or technical issues).
We require a valid email address for an effective registration. In order to verify that a registration has been made by the legitimate holder of the email address, we use the so-called “double opt-in” method. For this purpose, we record the newsletter registration, sending of a confirmation email and the receipt of the hereby requested response. Additional data is not collected. The data is solely used for the purposes of sending the newsletter and is not disclosed to third parties.
The newsletter is dispatched by our newsletter service provider “MailChimp”. It is operated by Rocket Science Group LLC, 675 Ponce De Leon Ave NW #5000, Atlanta, GA 30308, USA. MailChimp is certified under the “Privacy Shield” treaty and therefore guarantees compliance with European data protection levels. The service is being used based on a data processing agreement according to art. 28 par. 3 p. 1 GDPR.
MailChimp can use the subscription data in an anonymized form, meaning, that they cannot be allocated to an individual user, for the purpose of optimizing their own services (e.g. improving campaign transmissions, better newsletter rendering, or statistical purposes). The data of our subscribers is not used for contact purposes by MailChimp or for third-party disclosure.
Our newsletters contain a small file, which is retrieved from the MailChimp servers. This allows us to improve our service based on technical data, target audience analysis or access times. The data collected includes statistics on, if, and when newsletters are opened. Although it is possible to match this information to individual subscribers, the data collected is explicitly used solely for the purpose of adjusting our contents to our subscribers’ reading habits and interests. There is no surveillance of individual subscribers by either us or MailChimp.
Should you contact us via email or via the contact form for any reason, you give consent to us saving the information provided. The collected data is used to allocate and subsequently respond to your enquiry. Providing any additional data is optional. The data provided by you will be saved in order to handle your inquiry as well as any subsequent follow-up questions. After concluding your inquiry, your personal information will be automatically deleted.
Our booking system is provided by the third party provider hope (hope Software GmbH, Waldstr. 26, 74867 Neunkirchen, Germany), based on a data processing agreement according to art. 28 par. 3 p. 1 GDPR. hope’s place of business is located in the EU. They process the data of our guests based on contractual obligations, guaranteeing specific organizational and technical measures. The use of hope as a third party provider is based on our legitimate interest as well as the legitimate interest of our guests to use an efficient and reliable booking system.
Use of Google Analytics
This website uses Google Analytics, a web analytics service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”). Google Analytics uses “cookies”, which are text files placed on your computer, to help the website analyze how users use the site. The information generated by the cookie about your use of the website will be transmitted to and stored by Google on servers in the United States.
As IP anonymization is activated on this website, your IP-address will be truncated within the area of Member States of the European Union or other parties to the Agreement on the European Economic Area. Only in exceptional cases the whole IP-address will be first transferred to a Google server in the USA and truncated there.
Google will use this information on behalf of the operator of this website for the purpose of evaluating your use of the website, compiling reports on website activity for website operators and providing them with other services relating to website activity and internet usage. The IP-address, that your browser conveys within the scope of Google Analytics, will not be associated with any other data held by Google.
Additionally, within browsers on mobile devices or as an alternative to the browser add on, you can disable tracking by Google Analytics on our website by clicking this link. An opt-out cookie will be stored on your device. This will prevent tracking by Google Analytics for this website and this browser in the future, as long as the cookie remains installed in your browser. The opt-out applies only for this browser and within this domain only.
Google is certified under the “Privacy Shield” treaty and therefore guarantees compliance with European data protection levels.
Personal information of our website users is deleted or anonymized after 14 months.
For the purpose of an optimized rendering, our website utilizes third-party content (“Third Party Suppliers“), such as fonts, maps and videos. This entails that the provider(s) of such are capable of identifying an incoming IP-address, without which this content cannot be transmitted to the browser being used to visit the website. Identification of the IP-address is therefore a technical requirement for the provision of this content. We attempt to select and use only such content in which the respective Third-Party Suppliers are committed to registering the IP-address solely for the purpose of providing this content. Third Party Suppliers may furthermore save data for statistical purposes. Some browsers give you the possibility to limit or modify the type and amount of data transmitted to Third Party Suppliers, however, this depends on the browser you use.
You can find detailed instructions on managing your personal data in context with Google products here.
Embedded YouTube Videos
On some of our pages we provide embedded YouTube videos. The provider of the respective plugins is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. When you visit a page containing a YouTube plugin, a connection to the YouTube servers will be established. YouTube will gain knowledge on which pages you visit. Should you be logged into a YouTube account, YouTube can match your browsing behavior to you personally. You can prevent this by logging out of your YouTube account prior to visiting our website.
When a YouTube video is played, the provider will place a cookie and collect references to user behaviour.
Should you have deactivated cookies for the Google Ad Program, there will also be no cookies when watching YouTube videos in your case. However, YouTube does save non-personal usage information in other cookies. If you want to prevent this, you must disable cookies in your browsers.
Questions about Privacy
Should you have questions regarding the protection of your personal data, please send us an email or contact the person responsible for data protection in our organization directly: