Englisch: Privacy

Datenschutzerklärung

Understanding
Data protection is very important for the Schlosshotel Kassel-Wilhelmshöhe Betriebs GmbH. A use of our internet pages is basically possible without any indication of personal data.
However, personal data processing may be required if special services are accessed through our website.
We generally seek the consent of the data subject if there is no legal basis for such processing.
The processing of personal data (for example, the name, address, e-mail address or telephone number of a data subject) is always in accordance with the General Data Protection Regulation and in accordance with the applicable national data protection provisions. By means of this privacy policy, our company wishes to inform the public about the nature, extent and purpose of the personal data we process. Furthermore, data subjects are informed of their rights under this privacy policy.
We have implemented numerous technical and organizational measures to ensure the most complete protection of personal data. Nevertheless, Internet-based data transmissions can have security gaps so that absolute protection can not be guaranteed. For this reason, every person concerned is free to submit personal data to us by alternative means, for example by telephone.

Name and address of the controller
The person responsible within the meaning of the General Data Protection Regulation, other data protection laws in the Member States of the European Union and other provisions with a data protection character is:
Schlosshotel Kassel-Wilhelmshöhe Betriebs GmbH,
Establishment Hotel Schweizer Hof
Wilhelmshöher Allee 288
34131 Kassel
Telephone: +49 (0) 561/93690
Fax: +49 (0) 561/93699
E-Mail: info@hotel-schweizerhof-kassel.de

Contact details of the data protection officer
Contact person for the data protection is our external data protection officer.
For all questions on this topic, please contact:
DataCo GmbH
Dachauer Str. 65
80335 München
Tel.: +49 (89) 442 55062 - 000
E-Mail: kontakt@dataguard.de

Table of Contents

Name and address of the person responsible
Contact details of the data protection officer
General information on data processing
Rights of the data subject
Provision of the website and creation of the log files
Use of cookies
Newsletter
E-mail contact
contact form
Application by email
Hosting
Used plugins
Integration of plugins via external service providers
Name and address of the person responsible

General information on data processing

1. Scope of processing of personal data

In principle, we only process personal data of our users insofar as this is necessary for the provision of a functional website and our content and services. The processing of personal data of our users takes place regularly only with the consent of the user. An exception applies in those cases in which prior consent cannot be obtained for practical reasons and the processing of the data is required by law.

2. Legal basis for processing personal data

Insofar as we obtain the consent of the data subject for the processing of personal data, Art. 6 Para. 1 S. 1 lit. a EU General Data Protection Regulation (GDPR) serves as the legal basis. When processing personal data that is required to fulfill a contract to which the data subject is a party, Art. 6 Para. 1 S. 1 lit. b GDPR as the legal basis. This also applies to processing operations that are necessary to carry out pre-contractual measures.

3. Data deletion and storage duration

The personal data of the person concerned will be deleted or blocked as soon as the purpose of storage no longer applies. Storage can also take place if this has been provided for by the European or national legislator in Union regulations, laws or other provisions to which the person responsible is subject. The data will also be blocked or deleted if a storage period prescribed by the standards mentioned expires, unless there is a need for further storage of the data in order to conclude or fulfill a contract.

Rights of the data subject

If your personal data is processed, you are the person concerned within the meaning of the GDPR and you have the following rights vis-à-vis the person responsible:

1. Right to information

You can request confirmation from the person responsible as to whether personal data relating to you is being processed by him. If this is the case, you can request the following information from the person responsible:

the purposes for which the personal data are processed;
the categories of personal data that are processed;
the recipients or the categories of recipients to whom the personal data relating to you have been disclosed or are still being disclosed;
the planned duration of the storage of your personal data or, if specific information is not available, criteria for determining the duration of storage;
the existence of a right to correction or deletion of your personal data, a right to restrict processing by the controller or a right to object to this processing;
the existence of a right of appeal to a supervisory authority;
all available information about the origin of the data if the personal data are not collected from the data subject;
the existence of automated decision-making including profiling in accordance with Art. 22 Para. 1 and 4 GDPR and at least in these cases - meaningful information about the logic involved and the scope and intended effects of such processing for the person concerned.

You have the right to request information about whether your personal data is being transmitted to a third country or to an international organization. In this context, you can request to be informed about the appropriate guarantees in accordance with. Art. 46 GDPR to be informed in connection with the transfer.This right to information can be restricted to the extent that it is likely to make the realization of the research or statistical purposes impossible or seriously impaired and the restriction is necessary for the fulfillment of the research or statistical purposes.

2. Right to rectification

You have a right to correction and / or completion vis-à-vis the person responsible if the processed personal data concerning you is incorrect or incomplete. The person responsible must make the correction immediately. Your right to correction can be limited to the extent that it is likely to make the realization of the research or statistical purposes impossible or seriously impaired and the restriction is necessary for the fulfillment of the research or statistical purposes.

3. Right to restriction of processing

You can request the restriction of the processing of your personal data under the following conditions:

if you dispute the accuracy of the personal data concerning you for a period of time that enables the person responsible to check the accuracy of the personal data;
the processing is unlawful and you refuse to delete the personal data and instead request that the use of the personal data be restricted;
the controller no longer needs the personal data for processing purposes, but you need them to assert, exercise or defend legal claims, or
if you have lodged an objection to the processing in accordance with Art. 21 Paragraph 1 GDPR and it has not yet been determined whether the legitimate reasons of the person responsible outweigh your reasons.

If the processing of your personal data has been restricted, this data - apart from its storage - may only be used with your consent or for the purpose of asserting, exercising or defending legal claims or protecting the rights of another natural or legal person or for reasons of important public interest processed by the Union or a Member State.

Has the processing been restricted according to the above?

Restricted requirements, you will be informed by the person responsible before the restriction is lifted.Your right to restriction of processing can be restricted to the extent that it is likely to make the implementation of the research or statistical purposes impossible or seriously impaired and the restriction is necessary for the fulfillment of the research or statistical purposes.

4. Right to cancellation

a) Obligation to delete

You can demand that the person responsible delete the personal data concerning you immediately, and the person responsible is obliged to delete this data immediately if one of the following reasons applies:

The personal data relating to you are no longer necessary for the purposes for which they were collected or otherwise processed.
You revoke your consent on which the processing was based according to. Art. 6 para. 1 sentence 1 lit. a or Art. 9 Para. 2 lit. a GDPR, and there is no other legal basis for the processing.
According to Art. 21 Para. 1 GDPR objection to the processing and there are no overriding legitimate reasons for the processing, or you object acc. Art. 21 para. 2 GDPR objection to the processing.
The personal data concerning you have been processed unlawfully.
The deletion of your personal data is necessary to fulfill a legal obligation under Union law or the law of the member states to which the person responsible is subject.
The personal data relating to you was collected in relation to the information society services offered in accordance with Art. 8 Paragraph 1 GDPR.

b) Information to third parties

If the person responsible has made the personal data concerning you public and is acc. Art. 17 (1) GDPR is obliged to delete them, he shall take appropriate measures, including technical measures, taking into account the available technology and the implementation costs, to inform those responsible for data processing who process the personal data that you are the data subject You have requested that you delete all links to this personal data or copies or replications of this personal data.

c) Exceptions

The right to deletion does not exist if processing is necessary

to exercise the right to freedom of expression and information;
to fulfill a legal obligation that requires processing under the law of the Union or of the member states to which the person responsible is subject, or to perform a task that is in the public interest or in the exercise of official authority that has been transferred to the person responsible;
for reasons of public interest in the area of public health in accordance with Art. 9 Para. 2 lit. h and i as well as Art. 9 Para. 3 GDPR;
for archiving purposes in the public interest, scientific or historical research purposes or for statistical purposes acc. Art. 89 para. 1 GDPR, insofar as the right mentioned under section a) is likely to make the realization of the objectives of this processing impossible or seriously impair it, or for the establishment, exercise or defense of legal claims.

5. Right to be informed

If you have asserted the right to correction, deletion or restriction of processing against the person responsible, the person responsible is obliged to inform all recipients to whom the personal data concerning you have been disclosed of this correction or deletion of the data or restriction of processing, unless this turns out to be impossible or involves a disproportionate effort.You have the right to be informed about these recipients by the person responsible.

6. Right to data portability

You have the right to receive the personal data concerning you, which you have provided to the person responsible, in a structured, common and machine-readable format. You also have the right to transfer this data to another person responsible without hindrance from the person responsible to whom the personal data was provided, provided that the processing is based on consent in accordance with. Art. 6 para. 1 sentence 1 lit. a GDPR or Art. 9 Para. 2 lit. a GDPR or on a contract according to. Art. 6 para. 1 sentence 1 lit. b GDPR is based and the processing is carried out using automated procedures.

In exercising this right, you also have the right to have the personal data relating to you transmitted directly from one person in charge to another person in charge, insofar as this is technically feasible. This must not impair the freedoms and rights of other people.

The right to data portability does not apply to the processing of personal data that is necessary for the performance of a task that is in the public interest or takes place in the exercise of official authority that has been transferred to the person responsible.

7. Right to Object

You have the right, for reasons that arise from your particular situation, to object at any time to the processing of your personal data, which is based on Art. 6 Para. 1 S. 1 lit. e or f DSGVO takes place to object; this also applies to profiling based on these provisions.The person responsible will no longer process the personal data concerning you unless he can prove compelling legitimate reasons for the processing that outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.

If the personal data concerning you are processed in order to operate direct mail, you have the right to object at any time to the processing of the personal data concerning you for the purpose of such advertising; this also applies to profiling insofar as it is connected to such direct advertising. If you object to processing for direct marketing purposes, your personal data will no longer be processed for these purposes.In connection with the use of information society services - regardless of Directive 2002/58 / EC - you have the option of exercising your right of objection by means of automated procedures that use technical specifications.You also have the right, for reasons arising from your particular situation, to object to the processing of personal data concerning you for scientific or historical research purposes or for statistical purposes in accordance with. Art. 89 Para. 1 GDPR to contradict this.Your right of objection can be restricted to the extent that it is likely to make the realization of the research or statistical purposes impossible or seriously impair it and the restriction is necessary for the fulfillment of the research or statistical purposes.

8. Right to revoke the declaration of consent under data protection law

9. Automated decision in individual cases including profiling

You have the right not to be subject to a decision based solely on automated processing - including profiling - which has legal effects on you or which significantly affects you in a similar manner. This does not apply if the decisionis necessary for the conclusion or performance of a contract between you and the person responsible, is permissible on the basis of Union or Member State legislation to which the controller is subject and this legislation contains appropriate measures to safeguard your rights and freedoms and your legitimate interests, or takes place with your express consent.However, these decisions may not be based on special categories of personal data according to Art. 9 Para. 1 GDPR, unless Art. 9 Para. 2 lit. a or b GDPR applies and appropriate measures have been taken to protect your rights and freedoms and your legitimate interests.With regard to the cases mentioned in 1 and 3, the person responsible shall take appropriate measures to safeguard the rights and freedoms as well as your legitimate interests, including at least the right to obtain intervention by a person on the part of the person responsible, to express their own point of view and to challenge belongs to the decision.

10. Right to complain to a supervisory authority

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the member state of your place of residence, your place of work or the place of the alleged infringement, if you are of the opinion that the processing of your personal data is against violates the GDPR.The supervisory authority to which the complaint was submitted informs the complainant about the status and the results of the complaint, including the possibility of a judicial remedy according to Art. 78 GDPR.

Provision of the website and creation of the log files

1. Description and scope of data processing

Every time our website is accessed, our system automatically collects data and information from the computer system of the calling computer.The following data is collected:

Information about the browser type and the version used
The user's operating system
The user's internet service provider
The user's IP address
Date and time of access
Websites from which the user's system reached our website
Websites that are accessed by the user's system via our website
This data is stored in the log files of our system. This data is not stored together with other personal data of the user.

2. Purpose of data processing

The temporary storage of the IP address by the system is necessary to enable the website to be delivered to the user's computer. To do this, the user's IP address must be saved for the duration of the session.

The storage in log files takes place to ensure the functionality of the website. In addition, we use the data to optimize the website and to ensure the security of our information technology systems. An evaluation of the data for marketing purposes does not take place in this context.Our legitimate interest in data processing in accordance with Art. 6 Paragraph 1 S. 1 lit. f GDPR.

3. Legal basis for data processing

The legal basis for the temporary storage of the data and the log files is Art. 6 Para. 1 S. 1 lit. f GDPR.

4. Duration of storage

The data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected. In the case of the collection of data for the provision of the website, this is the case when the respective session has ended.If the data is stored in log files, this is the case after seven days at the latest. Any further storage is possible. In this case, the IP addresses of the users are deleted or alienated so that it is no longer possible to assign the accessing client.

5. Opposition and removal option

The collection of the data for the provision of the website and the storage of the data in log files is essential for the operation of the website. There is consequently no possibility of objection on the part of the user.

Use of cookies

1. Description and scope of data processing

Our website uses cookies. Cookies are text files that are stored in the internet browser or by the internet browser on the user's computer system. When a user calls up a website, a cookie can be stored on the user's operating system. This cookie contains a characteristic string of characters that enables the browser to be clearly identified when the website is accessed again. We use cookies to make our website more user-friendly. Some elements of our website require that the calling browser can also be identified after changing pages.The following data is stored and transmitted in the cookies:

language settings
Log-in information

We also use cookies on our website that enable an analysis of the surfing behavior of the users. In this way, the following data can be transmitted: The user data collected in this way is pseudonymised by technical precautions. It is therefore no longer possible to assign the data to the calling user. The data is not stored together with other personal data of the user.

2. Purpose of data processing

The purpose of using technically necessary cookies is to simplify the use of websites for users. Some functions of our website cannot be offered without the use of cookies. For this it is necessary that the browser is recognized even after changing pages.We need cookies for the following applications:

Acceptance of language settings
Session cookies type3, confirmation of the cookie banner, booking via third party providers
The user data collected by technically necessary cookies are not used to create user profiles.The analysis cookies are used for the purpose of improving the quality of our website and its content. The analysis cookies tell us how the website is used and so we can continuously optimize our offer.PIWIK

3. Legal basis for data processing

The legal basis for the processing of personal data using cookies is Art. 6 Para. 1 S. 1 lit. a GDPR.The legal basis for the processing of personal data using technically necessary cookies is Art. 6 Para. 1 S. 1 lit. f GDPR.

4. Duration of storage, possibility of objection and removal

Cookies are stored on the user's computer and transmitted to our website from there. As a user, you therefore have full control over the use of cookies. You can deactivate or restrict the transmission of cookies by changing the settings in your Internet browser. Cookies that have already been saved can be deleted at any time. This can also be done automatically. If cookies are deactivated for our website, it is possible that not all functions of the website can be used in full.If you use a Safari browser version 12.1 or higher, cookies are automatically deleted after seven days. This also applies to opt-out cookies that are set to prevent tracking measures.

Newsletter

1. Description and scope of data processing

You can subscribe to a free newsletter on our website. When registering for the newsletter, the data from the input mask is transmitted to us.

E-mail address
Surname
First name
gender

In connection with data processing for sending newsletters, the data is not passed on to third parties. The data will only be used to send the newsletter.

2. Purpose of data processing

The collection of the user's email address is used to deliver the newsletter.The collection of other personal data during the registration process serves to prevent misuse of the services or the email address used.

3. Legal basis for data processing

The legal basis for processing the data after the user has registered for the newsletter is Art. 6 Para. 1 S. 1 lit. a GDPR.

4. Duration of storage

The data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected. The user's email address is therefore stored as long as the subscription to the newsletter is active.The other personal data collected during the registration process are usually deleted after a period of seven days.

5. Opposition and removal optionThe user concerned can cancel the subscription to the newsletter at any time. There is a corresponding link in every newsletter for this purpose.This also enables you to revoke your consent to the storage of the personal data collected during the registration process.

E-mail contact

1. Description and scope of data processing

You can contact us via the email address provided on our website. In this case, the user's personal data transmitted with the email will be saved. The data will only be used to process the conversation.

2. Purpose of data processing

In the event of contact being made by email, there is also the necessary legitimate interest in processing the data.

3. Legal basis for data processing

The legal basis for processing the data is Art. 6 Para. 1 lit. a GDPR.The legal basis for the processing of the data that is transmitted in the course of sending an email is Art. 6 Para. 1 lit. f GDPR. If the aim of the email contact is to conclude a contract, the additional legal basis for processing is Art. 6 Para. 1 lit. b GDPR.

4. Duration of storage

The data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected. For the personal data sent by email, this is the case when the respective conversation with the user has ended. The conversation is ended when it can be inferred from the circumstances that the matter in question has been finally clarified.The additional personal data collected during the sending process will be deleted after a period of seven days at the latest.

5. Opposition and removal option

The user has the option of revoking his consent to the processing of personal data at any time. If the user contacts us by email, he can object to the storage of his personal data at any time. In such a case, the conversation cannot be continued.If you no longer want to receive this email, you can unsubscribe in the newsletter.In this case, all personal data stored in the course of contacting us will be deleted.

contact form

1. Description and scope of data processingA contact form is available on our website that can be used to contact us electronically. If a user makes use of this option, the data entered in the input mask will be transmitted to us and saved.When the message is sent, the following data is saved:

E-mail address
Surname
First name
IP address of the calling computer
Date and time of contact
gender

Your consent is obtained for the processing of the data during the sending process and reference is made to this data protection declaration.Alternatively, you can contact us using the email address provided. In this case, the user's personal data transmitted with the email will be saved.The data will only be used to process the conversation.

2. Purpose of data processing

We only process the personal data from the input mask to process the contact. In the event of contact being made by email, there is also the necessary legitimate interest in processing the data.The other personal data processed during the sending process serve to prevent misuse of the contact form and to ensure the security of our information technology systems.

3. Legal basis for data processing

If the user has given his / her consent, the legal basis for processing the data is Art. 6 Para. 1 S. 1 lit. a GDPR.The legal basis for the processing of the data that is transmitted in the course of sending an email is Art. 6 Para. 1 S. 1 lit. f GDPR. If the aim of the email contact is to conclude a contract, the additional legal basis for processing is Art. 6 Para. 1 S. 1 lit. b GDPR.

4. Duration of storage

The data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected. For the personal data from the input mask of the contact form and those that were sent by email, this is the case when the respective conversation with the user has ended. The conversation is ended when it can be inferred from the circumstances that the matter in question has been finally clarified.The additional personal data collected during the sending process will be deleted after a period of seven days at the latest.

5. Opposition and removal option

The user has the option to revoke his consent to the processing of personal data at any time. If the user contacts us by email, he can object to the storage of his personal data at any time. In such a case, the conversation cannot be continued.If you no longer want to receive this e-mail, you can unsubscribe in the newsletter.In this case, all personal data stored in the course of contacting us will be deleted.

Application by email

1. Scope of processing of personal dataYou can send us your application by email. We record your email address and the data you provided in the email.

2. Purpose of data processing

The processing of the personal data from your application email serves us only to process your application.

3. Legal basis for data processing

The legal basis for the processing of your data is the contract initiation which takes place at the request of the data subject, Art. 6 Para. 1 S.1 lit. b alt. 1 GDPR and Section 26 Paragraph 1 Sentence 1 BDSG.

4. Duration of storage

After the application process has been completed, the data will be stored for up to two months. Your data will be deleted at the latest after the two months have elapsed. In the event of a legal obligation, the data will be stored in accordance with the applicable provisions.

5. Opposition and removal option

The applicant has the option to object to the processing of personal data at any time. In such a case, the application can no longer be considered.If you want to change / delete your data after an application process, please send us your message to info@schlosshotel-kassel.de

In this case, all personal data saved in the course of the electronic application will be deleted.

Hosting

The website is hosted on servers by a service provider commissioned by us.Our service provider is:Host Europe GmbH, Hansestraße 111, 51149 Cologne, Germany

The servers automatically collect and save information in so-called server log files, which your browser automatically transmits when you visit the website. The information stored is:

Browser type and browser version
Operating system used
Referrer URL
Host name of the accessing computer
Date and time of the server request
IP address

This data will not be merged with other data sources. This data is collected on the basis of Art. 6 Para. 1 lit. f GDPR. The website operator has a legitimate interest in the technically error-free presentation and optimization of his website - the server log files must be recorded for this.The geographical location of the server of the website is in Germany.

Used plugins

We use plugins for various purposes. The plugins used are listed below:

Use of Matomo

1. Scope of processing of personal data

We use the open source tracking tool Matomo (https://matomo.org/) to analyze the surfing behavior of our users. Matomo places a cookie on your computer. This allows personal data to be saved and evaluated, especially the activity of the user (in particular which pages have been visited and which elements have been clicked on), device and browser information (in particular the IP address and the operating system), data about the displayed advertisements (in particular which advertisements were displayed and whether the user clicked on them) and also data from advertising partners (in particular pseudonymised user IDs).The software is set in such a way that the IP addresses are not completely saved, but 2 bytes of the IP address are masked for anonymization (e.g. 192.168.xxx.xxx). In this way, it is no longer possible to assign the shortened IP address to the calling computer. The data is stored in our MySQL database, logs or report data are not sent to Matomo servers.Further information on the processing of data by Matomo is available here: matomo.org/privacy-policy/

2. Purpose of data processing

The processing of the personal data of the users enables us to analyze the surfing behavior of our users. By evaluating the data obtained, we are able to compile information about the use of the individual components of our online presence. This helps us to continuously improve our online presence and its user-friendliness.

3. Legal basis for the processing of personal data

The legal basis for the processing of the personal data of the users is the consent of the user according to Art. 6 Para. 1 S.1 lit. a GDPR.

4. Duration of storage

Your personal information will be stored for as long as it is necessary to fulfill the purposes described in this data protection declaration or as required by law, e.g. for tax and accounting purposes.

5. Possibility of revocation and removal

You have the right to withdraw your declaration of consent under data protection law at any time. Withdrawing your consent does not affect the legality of the processing carried out on the basis of your consent up to the point of withdrawal.You can prevent Matomo from collecting and processing your personal data by preventing third-party cookies from being stored on your computer, using the "Do Not Track" function of a supporting browser, and deactivating the execution of script code in your browser or a script blocker such as Install NoScript (https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.

With the following link you can deactivate the processing of your personal data by Matomo: matomo.org/privacy-policy/You can find more information on options for objection and removal from Matomo at: matomo.org/privacy-policy/Integration of plugins via external service providers

1. Description and scope of data processing

We integrate certain plugins on our website via external service providers in the form of content delivery networks. When you visit our website, a connection is established to the servers of the providers we use to retrieve content and store it in the user's browser's cache. This allows personal data to be saved and evaluated in server log files, especially device and browser information (in particular the IP address and the operating system). We use the following services: Booking Viactors

2.. Purpose of data processing

The use of the functions of these services serves to deliver and accelerate online applications and content.

3. Legal basis for data processing

This data is collected on the basis of Art. 6 Paragraph 1 lit. f GDPR. The website operator has a legitimate interest in the technically error-free presentation and optimization of his website.

4. Duration of storage

Your personal information will be stored for as long as is necessary to fulfill the purposes described in this data protection declaration or as required by law.

5. Opposition and removal option

This data protection declaration was created with the support of DataGuard.HOTELCLASS / DEHOGA German hotel classification

This page integrates a HOTELCLASS widget for displaying the current star category of a hotel. The provider is DEHOGA Deutsche Hotelklassifikation GmbH, Am Weidendamm 1A, 10117 Berlin, Germany (https://hotelclass.info/imprint.php). Guests can see at first glance that a hotel has been classified in a binding manner and complies with the official guidelines of the German hotel classification. The widget automatically pulls the current data from the classification database and thus provides reliable information about the current star category of a hotel. To use the functions of the HOTELCLASS widget, your IP address, the time, the specific page and the user are necessary Save agent. This information is usually transmitted to a server operated by MINDSTREAM - Christian Klar, Maria-Theresien-Straße 21, 6020 Innsbruck at the Data Center Park Falkenstein location and stored there. The provider of this site has no influence on this data transfer. The HOTELCLASS widget is used in the interest of presenting the stars of the German hotel classification awarded on HOTELCLASS. This represents a legitimate interest within the meaning of Art. 6 Para. 1 lit. f GDPR. You can find more information on handling user data at HOTELCLASS / DEHOGA Deutsche Hotelklassifikation GmbH in the HOTELCLASS data protection declaration: hotelclass.info/privacyPolicy.phpPrivacy policy

Facebook fan page

I. PRINCIPLES

1. Joint controllers for the processing of personal data

The purposes and means of processing personal data when you visit our Facebook page www.facebook.com/hotelschweizerhofkassel ("Facebook page") are operated by Schlosshotel Kassel-Wilhelmshöhe Betriebs GmbH, Am Schlosspark 8, 34131 Kassel, Germany ("Schlosshotel Kassel-Wilhelmshöhe Betriebs GmbH") and Facebook Ireland Ltd. ("Facebook") jointly defined within the meaning of Art. 26 EU General Data Protection Regulation (GDPR). This results from the fact that Schlosshotel Kassel-Wilhelmshöhe Betriebs GmbH, as the operator of the Facebook page, by setting up such a page gives Facebook the opportunity to use the computer or any other device of the person who visits the Facebook page ("visitor"), To place cookies, regardless of whether the visitor has a Facebook account. As part of its joint responsibility, Facebook assumes primary responsibility for processing Insights data in accordance with the GDPR and fulfills all of the obligations under the GDPR with regard to processing Insights data (including Articles 12 and 13 GDPR, Articles 15 to 22 GDPR and Article 32 to 34 GDPR). In addition, Facebook makes the essentials of this page insights supplement available to the persons concerned (the corresponding “Page Insights Controller Addendum” can be found here: www.facebook.com/legal/terms/page_controller_addendum).   Below you will find a description of the handling of personal data by Schlosshotel Kassel-Wilhelmshöhe Betriebs GmbH and Facebook when you visit the Facebook page. Since Schlosshotel Kassel-Wilhelmshöhe Betriebs GmbH has generally or largely no influence on the data collected by Facebook and its processing by Facebook, we are currently unable to provide any final information on the purpose and scope of the processing of your data by Facebook. However, we will monitor further developments in this regard and adjust this data protection declaration accordingly if necessary. We would like to point out that you use this Facebook page and its functions at your own risk. This applies in particular to the use of the interactive functions (especially commenting, sharing, rating).

2. Name and address of those jointly responsible

a) The primary responsible person is:

Facebook

Facebook Ireland Ltd.

4 Grand Canal Square

Grand Canal Harbor

Dublin 2 Ireland

b) Another person responsible is:

Schlosshotel Kassel-Wilhelmshöhe Betriebs GmbH

Am Schlosspark 8

34131 Kassel

Germany

Tel .: +49 (0) 561/30 88-0

Email: info@schlosshotel-kassel.de

Website: www.schlosshotel-kassel.de/

3. Contact options for the data protection officer of the primarily responsible Facebook

You can contact the data protection officer of the primarily responsible Facebook under the following link: www.facebook.com/help/contact/540977946302970  

4. Name and address of the data protection officer of the further responsible person

You can contact the data protection officer of the further responsible Schlosshotel Kassel-Wilhelmshöhe Betriebs GmbH to 2.b) at:

DataCo GmbH

Dachauer Str. 65

80335 München

Deutschland

+49 89 7400 45840 5

Legal basis for processing personal data

Insofar as the consent of the data subject is obtained for the processing of personal data, Art. 6 Para. 1 S.1 lit. a (GDPR) as the legal basis for the processing of personal data. When processing personal data that is necessary for the performance of a contract to which the data subject is a party, Article 6 (1) sentence 1 lit. b GDPR as the legal basis. This also applies to processing operations that are necessary to carry out pre-contractual measures.

Insofar as the processing of personal data is necessary to fulfill a legal obligation to which Schlosshotel Kassel-Wilhelmshöhe Betriebs GmbH or Facebook is subject, Art. 6 Paragraph 1 Clause 1 lit. c GDPR as the legal basis.

In the event that vital interests of the data subject or another natural person require the processing of personal data, Art. 6 Para. 1 S.1 lit. d GDPR as the legal basis. If processing is necessary to safeguard a legitimate interest of Schlosshotel Kassel-Wilhelmshöhe Betriebs GmbH, Facebook or a third party and if the interests, fundamental rights and freedoms of the person concerned do not outweigh the first-mentioned interest, Article 6 (1) sentence 1 lit. f GDPR as the legal basis for processing.

6. Opposition and removal option

The visitor has the option to revoke his consent to the processing of personal data at any time (see also rights of data subjects). If the visitor contacts us by e-mail, he can object to the storage of his personal data at any time. The collection of the data for the provision of the Facebook page and the storage of the data in log files is essential for the operation of the Facebook page. There is consequently no possibility of objection on the part of the visitor. 7. Data Subject RightsIf your personal data is processed, you are the person concerned within the meaning of the GDPR and you have the following rights vis-à-vis those responsible: Right to information about the personal data stored by Schlosshotel Kassel-Wilhelmshöhe Betriebs GmbH or Facebook; Right to correction, deletion or restriction of the processing of your personal data; Right to object to processing that serves the legitimate interest of Schlosshotel Kassel-Wilhelmshöhe Betriebs GmbH or Facebook, a public interest or profiling, unless Schlosshotel Kassel-Wilhelmshöhe Betriebs GmbH or Facebook can prove compelling legitimate reasons for processing, which outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims; Right to data portability; Right to complain to a supervisory authority; Right to revoke your consent to the collection, processing and use of your personal data at any time with effect for the future. If you would like to make use of your rights, you can address your request to Schlosshotel Kassel-Wilhelmshöhe Betriebs GmbH as well as Facebook. You can use the contact options listed above, for example. If you contact us, we will forward your request to Facebook if it concerns questions regarding the processing of Insights data. Facebook will answer inquiries in accordance with the obligations incumbent on us according to the Page Insights supplement. II. PROCESSING OF PERSONAL DATA BY Schlosshotel Kassel-Wilhelmshöhe Betriebs GmbH 1. Purpose of data processing Schlosshotel Kassel-Wilhelmshöhe Betriebs GmbH maintains an online presence within social networks in order to communicate with interested parties and users active there and to inform them about our products, events and news. When you visit our Facebook page (regardless of whether you are logged into your Facebook account or not), your browser transmits certain data for technical reasons to the web server for which Facebook is responsible. In addition, so-called “cookies” are used by Facebook. Cookies are small text files that are stored in the memory of your device via your browser. Cookies set by Facebook are intended, among other things, to enable Schlosshotel Kassel-Wilhelmshöhe Betriebs GmbH, as the operator of the Facebook page, to receive statistics that Facebook creates based on visits to this page for the purpose of controlling the marketing of our activities. 2. Description and scope of data processing As the operator of the Facebook page, Schlosshotel Kassel-Wilhelmshöhe Betriebs GmbH can use the Facebook Page Insights function, which Facebook makes available to us free of charge as an indispensable part of the user relationship, to receive anonymized statistical data on the visitors to our Facebook page. This data is collected with the help of the cookies set by Facebook, which each contain a unique user code and which Facebook stores on the visitor's device. The user code, which can be linked to the login data of those users who are registered with Facebook, is collected and processed when the Facebook page is accessed.In particular, the fan page operator can receive demographic data provided by Facebook about his target group - and thus the processing of this data - so u. a. Trends in the areas of age, gender, relationship status and professional situation, information about the lifestyle and interests of his target group and information about the purchases and online buying behavior of visitors to his site, the categories of goods or services that interest them most, as well as geographical data that informs him where special promotions are to be carried out or events to be organized and, in general, enable him to make his information offer as targeted as possible. Although the visitor statistics created by Facebook are only transmitted in anonymised form to Schlosshotel Kassel-Wilhelmshöhe Betriebs GmbH as the operator of the Facebook page, the creation of these statistics is based on the previous survey - through the cookies placed by Facebook on the visitor's device - and the processing of the personal data of these visitors for these statistical purposes. For more information on Facebook Page Insights, visit: www.facebook.com/legal/terms/information_about_page_insights_data   de-de.facebook.com/help/pages/insightsData on the Facebook groups linked to our Facebook page are also provided in this way. Due to the constant development of Facebook, the availability and the preparation of the data changes, so that we refer to the corresponding data protection information from Facebook mentioned in the previous paragraph and below under "PROCESSING OF PERSONAL DATA BY FACEBOOK" for further details. We use this data, available in aggregated form, to make our posts and activities on our Facebook page more attractive for users. For example, we use the distribution by age and gender for an adapted approach and the preferred visiting times of the users for a time-optimized planning of our contributions. Information about the type of end devices used by visitors helps us to adapt the posts to them in terms of visual design. In accordance with the Facebook terms of use, which each user has agreed to when creating a Facebook profile, we can identify the subscribers and fans of the site and view their profiles and other information shared by them. In addition to this automatically collected anonymized data, we also process the data that you voluntarily provide us with, e.g. B. have provided comments on posts or contacts. If you click on the link www.schlosshotel-kassel.de/top/datenschutz/ (you are currently on this page), which is set on the Facebook fan page of Schlosshotel Kassel-Wilhelmshöhe Betriebs GmbH, you will reach a Sub-page of the Schlosshotel Kassel-Wilhelmshöhe Betriebs GmbH website. Personal data is also processed on this page. You can find the data protection declaration relevant for these pages here: www.schlosshotel-kassel.de/top/datenschutz/3. Data deletion and storage duration Personal data will be deleted or blocked as soon as the purpose of storage no longer applies. Storage may also be necessary if this has been provided for by the European or national legislator in Union regulations, laws or other provisions to which Schlosshotel Kassel-Wilhelmshöhe Betriebs GmbH is subject. The data will also be blocked or deleted if a storage period prescribed by the standards mentioned expires, unless there is a need for further storage of the data in order to conclude or fulfill a contract. III. PROCESSING OF PERSONAL DATA BY FACEBOOK How Facebook uses the data from visiting Facebook pages for its own purposes, to what extent activities on the Facebook page are assigned to individual users, how long Facebook stores this data and whether data from a visit to the Facebook page is passed on to third parties are passed on is not named conclusively and clearly by Facebook and is not fully known to us. However, we will monitor further developments in this regard and adjust this data protection declaration accordingly if necessary. The following information is based on information publicly provided by Facebook regarding the processing of personal data when using Facebook products. 1. Purpose of data processingAccording to its own information, Facebook processes personal data of visitors for the following purposes: Providing, personalizing and improving Facebook products; Provision of measurements, analyzes and other Facebook services; Promoting protection, integrity and security; Communication with Facebook users; Research and innovation for social purposes. Further information on the purposes of data processing by Facebook can be found in the Facebook data policy: de-de.facebook.com/policy.phpFurther information on the legitimate interests of Facebook with regard to the processing of personal data can be found here: www.facebook.com/about/privacy/legal_bases   When you visit our Facebook page (regardless of whether you are logged into your Facebook account or not), your browser transmits certain data for technical reasons to the web server for which Facebook is responsible. In addition, “cookies” are used by Facebook. Among other things, Facebook uses cookies to provide Schlosshotel Kassel-Wilhelmshöhe Betriebs GmbH, as the operator of the Facebook page, with statistics for the purpose of controlling the marketing of our activities. Further information on the use of cookies by Facebook can be found in the Facebook cookie policy: de-de.facebook.com/policies/cookies/  

2. Description and scope of data processing

a) What types of information does Facebook process?

In order to provide Facebook products, it is necessary for Facebook to process information about visitors. The types of information Facebook collects depends on how the visitor uses Facebook products. The following information can be processed by Facebook:Things made and provided by visitors and others such as Information about how the visitor uses the Facebook products, information about transactions carried out on Facebook products or information about the people, pages, accounts, hashtags and groups with which the visitor is connected. Device information such as Device attributes, identifiers, network and connections as well as cookie data. Information from partners, according to which advertisers, app developers and publishers Facebook about the Facebook business tools they use, etc. a. the social plugins (such as the "Like" button), Facebook login or the Facebook pixel can send information. These partners provide Facebook with information about the visitor's activities outside of Facebook. In addition, Facebook uses cookies that are set on the visitor's device when the Facebook page is called up, regardless of whether the visitor is logged into their Facebook account or not. In addition, Facebook also processes the information stored in the cookies when a person visits the Facebook services, services that are provided by other members of the Facebook group of companies, and services that are provided by other companies that use the Facebook services . In addition, other bodies such as Facebook partners and other third parties on Facebook services can use cookies to provide services to Facebook or the companies advertising on Facebook. Further information on the use of cookies by Facebook can be found in the Facebook cookie policy: de-de.facebook.com/policies/cookies/When you access a Facebook page, the IP address assigned to your device is transmitted to Facebook. According to information from Facebook, this IP address is anonymized (for "German" IP addresses) and deleted after 90 days. In addition, Facebook saves information about its users' end devices (in particular within the scope of the “registration notification” function); If necessary, Facebook is able to assign IP addresses to individual users. If you want to avoid this, you should log out of Facebook or deactivate the "stay logged in" function, delete the cookies on your device and close and restart your browser This allows you to use our Facebook page without revealing your Facebook ID. When you access interactive functions of the page (like, comment, share, news, etc.), a Facebook login screen appears. After you have logged in, you are again recognizable for Facebook as a specific user. Information on how to manage or delete existing information about you can be found on the following Facebook support pages: de-de.facebook.com/about/privacy.   For more information on the types of information that Facebook processes, see the Facebook data policy: de-de.facebook.com/policy.phpb)

How is the information processed by Facebook shared with others?

Facebook works with third party partners who help Facebook provide and improve its products, or who use Facebook business tools to grow their business. Facebook can share information with the following third-party partners:

Partners who use Facebook analytics services;
Advertisers;
Partner for measurements;
Partners who offer goods and services in Facebook products;
Providers and service providers;
Researchers and scientists;
Law enforcement agencies or legal inquiries.

Further information on the data that Facebook may share with third parties can be found in the Facebook data policy: de-de.facebook.com/policy.php  

c) How does Facebook process and transmit data as part of its global services?

Facebook shares information worldwide, both internally between the Facebook companies and externally with its partners as well as with those persons or organizations with which the visitor connects around the world and with whom the visitor shares something. Data can also be transmitted to the USA or other third countries that do not have an adequate level of data protection and processed there. In this regard, Facebook uses standard contractual clauses approved by the European Commission or is based on the adequacy decisions issued by the European Commission with regard to certain countries. Facebook Inc., the US parent company of Facebook, operates under the EU-U.S. Privacy Shield certified and thus gives the promise to adhere to European data protection guidelines. Further information on Facebook's Privacy Shield status is available here: www.privacyshield.gov/participant; Further information on data transfers by Facebook can be found in the Facebook data policy: de-de.facebook.com/policy.php3. Data deletion and storage duration

Facebook stores data until it is no longer needed to provide its services and Facebook products, or until the user's Facebook account is deleted, whichever comes first. This is a case-by-case determination and depends on things like the type of data, why it is being collected and processed, and the relevant legal or operational storage needs.

Further information on data deletion and storage duration can be found in the Facebook data policy: de-de.facebook.com/policy.php   With regard to the storage duration of cookies set by Facebook, you can find further information in the Facebook cookie policy: de-de.facebook.com/policies/cookies/

This data protection declaration was created with the support of DataGuard.

HOTELCLASS / DEHOGA German hotel classificationThis page integrates a HOTELCLASS widget for displaying the current star category of a hotel. The provider is DEHOGA Deutsche Hotelklassifikation GmbH, Am Weidendamm 1A, 10117 Berlin, Germany (https://hotelclass.info/imprint.php). Guests can see at first glance that a hotel has been classified as binding and that it complies with the official guidelines of the German hotel classification. The widget automatically pulls the current data from the classification database and thus provides reliable information about the current star category of a hotel. To use the functions of the HOTELCLASS widget, it is necessary to provide your IP address, the time, the specific page and the user Save agent. This information is usually transferred to a server operated by MINDSTREAM - Christian Klar, Maria-Theresien-Straße 21, 6020 Innsbruck at the Data Center Park Falkenstein location and stored there. The provider of this site has no influence on this data transfer. The HOTELCLASS widget is used in the interest of presenting the stars of the German hotel classification assigned on HOTELCLASS. This represents a legitimate interest within the meaning of Art. 6 Para. 1 lit. f GDPR. You can find more information on how user data is handled at HOTELCLASS / DEHOGA Deutsche Hotelklassifikation GmbH in the HOTELCLASS data protection declaration: hotelclass.info/privacyPolicy.php 

PDF-Datei zur Informationspflicht nach Art. 13 DSGVO

Diese Cookie-Richtlinie wurde von CookieFirst.com erstellt und aktualisiert.

Aktualisiert: 15.7.2020, 12:08

Was sind Cookies?

Cookies und ähnliche Technologien sind sehr kleine Textdokumente oder Codeteile, die oft einen eindeutigen Identifikationscode enthalten. Wenn Sie eine Website besuchen oder eine mobile Anwendung verwenden, bittet ein Computer Ihren Computer oder Ihr mobiles Gerät um die Erlaubnis, diese Datei auf Ihrem Computer oder mobilen Gerät zu speichern und Zugang zu Informationen zu erhalten. Informationen, die durch Cookies und ähnliche Technologien gesammelt werden, können das Datum und die Uhrzeit des Besuchs sowie die Art und Weise, wie Sie eine bestimmte Website oder mobile Anwendung nutzen, beinhalten.

Warum verwenden wir Cookies?

Cookies sorgen dafür, dass Sie während Ihres Besuchs in unserem Online-Shop eingeloggt bleiben, alle Artikel in Ihrem Warenkorb gespeichert bleiben, Sie sicher einkaufen können und die Website weiterhin reibungslos funktioniert. Die Cookies stellen auch sicher, dass wir sehen können, wie unsere Website genutzt wird und wie wir sie verbessern können. Darüber hinaus können je nach Ihren Präferenzen unsere eigenen Cookies verwendet werden, um Ihnen gezielte Werbung zu präsentieren, die Ihren persönlichen Interessen entspricht.

Welche Art von Cookies verwenden wir?

NOTWENDIGE COOKIES

Diese Cookies sind notwendig, damit die Website ordnungsgemäß funktioniert. Einige der folgenden Aktionen können mit diesen Cookies durchgeführt werden.- Speichern Sie Artikel in einem Warenkorb für Online-Käufe - Speichern Sie Ihre Cookie-Einstellungen für diese Website - Speichern von Spracheinstellungen - Melden Sie sich bei unserem Portal an. Wir müssen überprüfen, ob du eingeloggt bist.

Wie kann ich Cookies ausschalten oder entfernen?

Sie können sich für alle außer den notwendigen Cookies entscheiden. In den Einstellungen des Browsers können Sie die Einstellungen so ändern, dass Cookies blockiert werden. In den meisten Browsern finden Sie in der sogenannten "Hilfe-Funktion" eine Erklärung, wie Sie dies tun können. Wenn Sie die Cookies jedoch blockieren, ist es möglich, dass Sie nicht alle technischen Funktionen unserer Website nutzen können und dass dies negative Auswirkungen auf Ihr Nutzererlebnis haben kann.

Wir haben es Ihnen leicht gemacht, Ihre Einwilligungen zu verwalten.

Ihre Einwilligung ändernWiderruf Ihrer Einwilligung

Dies ist Ihre eindeutige ID:

aa512aab-0414-48df-9cae-7e40cfa78c8d

Wenn Sie Ihre Einwilligungsprüfung einsehen möchten, wenden Sie sich bitte an den Administrator der Website.

Ihre letzte Einwilligungsänderung wurde am registriert:

21.9.2021, 12:11

Die von uns auf unserer Website verwendeten Cookies sind

Notwendig

NameZweckDomainnameAblaufAnbieterfe_typo_userDieser Cookie-Name ist dem Typo3-Webinhaltsverwaltungssystem zugeordnet. Es wird als Benutzersitzungskennung verwendet, damit Benutzereinstellungen gespeichert werden können. Es soll am Ende einer Browsersitzung zerstört werden. Es enthält eine zufällige Kennung und keine spezifischen Benutzerdaten.www.hotel-schweizerhof-kassel.deSession
mobile_detectedDieses Cookie ist erforderlich, damit unsere Navigationssteuerung ordnungsgemäß funktioniert.holidaycheck.deSession
cookiefirst-consentDieses Cookie speichert Ihre Cookie-Einstellungen für diese Website. Diese können Sie jederzeit ändern oder Ihre Einwilligung widerrufen.https://www.hotel-schweizerhof-kassel.deein JahrCookie Firstcookiefirst-idDieses Cookie enthält Ihre eindeutige ID, damit CookieFirst eindeutige Besucher auf dieser Website identifizieren kann.api.cookiefirst.comein JahrCookie First

Performance

NameZweckDomainnameAblaufAnbieter_pk_ses****Matomo / Piwik-Cookie, kurzlebige Cookies, mit denen Daten für den Besuch zwischengespeichert werden.www.hotel-schweizerhof-kassel.de30 Minuten
_pk_id*****Matomo / Piwik-Cookie, in dem einige Details über den Benutzer gespeichert werden, z. B. die eindeutige Besucher-ID.www.hotel-schweizerhof-kassel.deein Jahr
PIWIK_SESSIDDieser Cookie-Name ist mit der Open Source-Webanalysesoftware Piwik verknüpft.www.hotel-schweizerhof-kassel.deSession
internal_trafficDieses Cookie wird in Bezug auf die Buchungsstatistik gesetzt.holidaycheck.de18 Jahre
hcweb_wwwDieses Cookie wird von HolidayCheck zu Leistungszwecken gesetztwww.holidaycheck.deSessionHolidayCheck

Werbung / Tracking

NameZweckDomainnameAblaufAnbietertt-domain-user-idDieses Cookie sammelt Informationen zum Besucherverhalten auf mehreren Websites. Diese Informationen werden auf der Website verwendet, um die Relevanz der Werbung zu optimieren.www.hotel-schweizerhof-kassel.de5 Jahre
triptease-user-idDiese Cookies werden vom Buchungsanbieter "Triptease" verwendet, um Sie angemeldet zu halten und Ihren Fortschritt während des Buchungsvorgangs zu verfolgen.triptease.io5 JahreTripteasetriptease-session-idDiese Cookies werden vom Buchungsanbieter "Triptease" verwendet, um Sie angemeldet zu halten und Ihren Fortschritt während des Buchungsvorgangs zu verfolgen.triptease.io8 Stunden
triptease-identity-dataDiese Cookies werden vom Buchungsanbieter "Triptease" verwendet, um Sie angemeldet zu halten und Ihren Fortschritt während des Buchungsvorgangs zu verfolgenwww.hotel-schweizerhof-kassel.de7 StundenTripteasehcweb_branchDieser Cookie wird von HolidayCheck zu Werbezwecken gesetzt.holidaycheck.de14 TageHolidayCheck

Diese Cookie-Richtlinie wurde erstellt und aktualisiert von der Firma CookieFirst.com.

This cookie policy has been created and updated by CookieFirst.com.