+49 (0) 8221 2065 301 info@hotel-gc.de

Privacy Notice

In accordance with the legal requirements of the data protection law (in particular the BDSG n.F. and the European Data Protection Regulation ‘DS-GVO’), we would like to inform you about the type, scope and purpose of the processing of personal data by our company. This data protection declaration also applies to our websites and social media profiles. With regard to the definition of terms such as “personal data” or “processing”, we refer to Art. 4 DS-GVO.

Name and contact details of the person(s) in charge
Our responsible person(s) (hereinafter “responsible person”) within the meaning of Art. 4 no. 7 DS-GVO is:

Hotel Günzburg City
Dillinger Str. 10
89312 Günzburg
Managing Director: Eduart Müller
Fax: +49 (0)8221 206 5395
E-mail address: info@hotel-gc.de

types of data, purposes of processing and categories of data subjects

In the following, we inform you about the type, scope and purpose of the collection, processing and use of personal data.

1. types of data we process
Usage data (access times, websites visited, etc.), inventory data (name, address, etc.), contact data (telephone number, e-mail, fax, etc.), payment data (bank data, account data, payment history, etc.), contract data (subject of the contract, term, etc.), content data (text entries, videos, photos, etc.), communication data (IP address, etc.),

2. purposes of processing under Article 13(1)(c) DS-GVO
Processing of contracts, technical and economic optimization of the website, fulfillment of contractual obligations, contacting in case of legal complaints by third parties, fulfillment of legal storage obligations, optimization and statistical evaluation of our services, support of commercial use of the website, improvement of user experience, user-friendly website, creation of statistics, avoidance of SPAM and misuse, processing of application procedures, customer service and customer care, handling of contact requests, providing websites with functions and content, security measures, uninterrupted, secure operation of our website,

3. categories of affected persons according to Art. 13 para. 1 e) DS-GVO
Visitors/users of the website, customers, suppliers, interested parties, applicants, employees, employees of customers or suppliers,

The persons concerned are collectively referred to as “users”.

Legal basis for the processing of personal data

Below we inform you about the legal basis of the processing of personal data:

  1. If we have obtained your consent to process personal data, the legal basis is Art. 6 Paragraph 1 S. 1 lit. a) DS-GVO.
  2. If the processing is necessary for the performance of a contract or for the implementation of pre-contractual measures taken in response to your request, Article 6 (1) sentence 1 lit. b) DS-GVO is the legal basis.
  3. If the processing is necessary for the fulfilment of a legal obligation to which we are subject (e.g. statutory storage obligations), Art. 6 Para. 1 sentence 1 lit. c) DS-GVO is the legal basis.
  4. If the processing is necessary to protect the vital interests of the data subject or of another natural person, the legal basis is Article 6 (1) sentence 1 lit. d) DS-GMO.
  5. If the processing is necessary to safeguard our interests or the legitimate interests of a third party and your interests or fundamental rights and freedoms do not prevail in this respect, Article 6 (1) sentence 1 lit. f) of the DS-GVO is the legal basis.

Sharing of personal data with third parties and processors

Without your consent, we will not pass on any data to third parties. Should this be the case, however, the transfer of data will take place on the basis of the aforementioned legal bases, e.g. when data is passed on to online payment providers for the purpose of fulfilling a contract or due to a court order or due to a legal obligation to hand over the data for the purpose of criminal prosecution, danger prevention or the enforcement of intellectual property rights.
We also use contract processors (external service providers e.g. for web hosting of our websites and databases) to process your data. If data is passed on to the processors within the framework of an agreement for order processing, this is always done in accordance with Art. 28 DS-GVO. We select our processors carefully, check them regularly and have been granted the right to issue instructions regarding the data. In addition, the processors must have taken suitable technical and organisational measures and comply with the data protection regulations according to BDSG n.F. and DS-GVO

Data transfer to third countries

The adoption of the European Data Protection Basic Regulation (DS-GVO) has created a uniform basis for data protection in Europe. Your data is therefore processed primarily by companies to which the DS-GVO applies. If, however, processing is carried out by services of third parties outside the European Union or the European Economic Area, they must comply with the special requirements of Art. 44 et seq. DS-GVO. This means that the processing is carried out on the basis of special guarantees, such as the EU Commission’s officially recognised determination of a level of data protection corresponding to that of the EU or compliance with officially recognised special contractual obligations, the so-called “standard contractual clauses”. For US companies, submission to the so-called “Privacy Shield”, the data protection agreement between the EU and the USA, fulfils these requirements.

Deletion of data and storage duration

If not expressly stated in this data protection declaration, your personal data will be deleted or blocked as soon as the consent given for processing is revoked by you or the purpose for storing the data no longer applies or the data is no longer required for the purpose, unless its further storage is required for evidence purposes or this is opposed by statutory storage obligations. This includes, for example, commercial storage obligations for business letters according to § 257 para. 1 HGB (6 years) and tax storage obligations according to § 147 para. 1 AO of receipts (10 years). If the prescribed retention period expires, your data will be blocked or deleted, unless the storage is still necessary for the conclusion or fulfilment of a contract.
Existence of an automated decision making process

We do not use automatic decision making or profiling.

provision of our website and creation of log files

  1. If you use our website for informational purposes only (i.e. no registration and no other transmission of information), we only collect the personal data that your browser sends to our server. If you wish to view our website, we collect the following data:
    – IP address;
    – Internet service provider of the user;
    – Date and time of the retrieval;
    – Browser type;
    – Language and browser version;
    – Content of the call;
    – Time zone;
    – Access status/HTTP status code;
    – Data volume;
    – Websites from which the request comes;
    – Operating system.
    A storage of this data together with other personal data of you does not take place.
  2. This data serves the purpose of user-friendly, functional and secure delivery of our website to you with functions and contents as well as their optimization and statistical evaluation.
  3. The legal basis for this is our legitimate interest in data processing in accordance with Art. 6 Para. 1 S.1 lit. f) DS-GVO.
  4. For security reasons, we store this data in server log files for the storage period of 180 days. After this period has expired, they are automatically deleted, unless we need to keep them for evidence in case of attacks on the server infrastructure or other legal violations.

Cookies,

  1. We use so-called cookies when you visit our website. Cookies are small text files that your internet browser places and stores on your computer. When you visit our website again, these cookies provide information to recognize you automatically. Cookies also include the so-called “user IDs”, where user information is stored using pseudonymised profiles. When you call up our website, we inform you about the use of cookies for the aforementioned purposes and how you can object to or prevent their storage (“opt-out”) by referring to our data protection declaration.The following cookie types are distinguished:Necessary, essential cookies:– Essential cookies are cookies that are absolutely necessary for the operation of the website, in order to save certain functions of the website such as logins, shopping cart or user entries, e.g. regarding the language of the website.• Session-Cookies: Session-Cookies are needed to recognize multiple use of an offer by the same user (e.g. if you have logged in to determine your login status). When you visit our site again, these cookies provide information to automatically recognize you. The information obtained in this way serves to optimise our offers and make it easier for you to access our site. When you close the browser or log out, the session cookies are deleted.• Persistent Cookies: These cookies remain stored even after closing the browser. They are used to save the login, to measure the reach and for marketing purposes. They are automatically deleted after a preset period of time, which can vary depending on the cookie. You can delete the cookies at any time in the security settings of your browser. • Third-party cookies (third-party cookies, especially from advertisers): According to your wishes, you can configure your browser settings and, for example, refuse to accept third-party cookies or all cookies. However, we would like to point out at this point that you may then not be able to use all functions of this website. Read more about these cookies in the respective third-party privacy statements.
  2. Data categories: User data, cookie, user ID (esp. the pages visited, device information, access times and IP addresses).
  3. purposes of processing: The information obtained in this way serves the purpose of optimising our web offers technically and economically and to enable you to access our website more easily and securely.
  4. Legal basis: If we process your personal data with the aid of cookies on the basis of your consent (“opt-in”), then Art. 6 Para. 1 S. 1 lit. a) DSGVO is the legal basis. Otherwise we have a legitimate interest in the effective functionality, improvement and economic operation of the website, so that in this case Art. 6 para. 1 sentence 1 lit. f) DS-GVO is the legal basis. In addition, the legal basis is Art. 6 Paragraph 1 S. 1 lit. b) DS-GVO, if the cookies are set to initiate a contract, e.g. when orders are placed.
  5. The data will be deleted as soon as they are no longer required for the purpose for which they were collected. In the case of the collection of data for the provision of the website, this is the case when the relevant session is ended.Cookies are otherwise stored on your computer and transmitted from there to our site. Therefore, you as a user also have full control over the use of cookies. By changing the settings in your Internet browser, you can deactivate or restrict the transmission of cookies. Cookies already stored can be deleted at any time. This can also be done automatically. If cookies are deactivated for our website, it may not be possible to use all the functions of the website to their full extent.Here you will find information on the L&oumlung of cookies by browser:Chrome: https://support.google.com/chrome/answer/95647Safari: https://support.apple.com/de-at/guide/safari/sfri11471/mac Firefox: https://support.mozilla.org/de/kb/cookies-und-website-daten-in-firefox-loschen Internet Explorer: https://support.microsoft.com/de-at/help/17442/windows-internet-explorer-delete-manage-cookies Microsoft Edge: https://support.microsoft.com/de-at/help/4027947/windows-delete-cookies
  6. Contradiction and “Opt-Out”: You can generally prevent the storage of cookies on your hard drive, regardless of consent or legal permission, by selecting “do not accept cookies” in your browser settings. However, this may result in a functional restriction of our offers. You can object to the use of third-party cookies for advertising purposes by means of a so-called “opt-out” via this American website (https://optout.aboutads.info) or this European website (http://www.youronlinechoices.com/de/praferenzmanagement/). Edit or contradict cookie settings:Lorem ipsum

Cookie Consent solutions
Borlabs cookie.

  1. We have on our website the Borlabs Cookie Consent Plugin for WordPress (service provider: Borlabs – Benjamin A. Bornschein, Georg-Wilhelm-Str. 17, 21107 Hamburg) as a consent management service.
  2. Data categories and description of data processing: cookies, date and time of visit, device information, browser information, anonymized IP address, opt-in and opt-out data. Through this service we can obtain your consent to the storage of cookies and also document this. In addition, a cookie is stored in your browser in order to be able to assign the consent you have given or to revoke it. Below you will find further information in the Borlabs privacy policy here: https://de.borlabs.io/kb/welche-daten-speichert-borlabs-cookie/.
  3. The purposes of data processing: compliance with legal obligations, storage of consent
  4. The legal basis for the processing of personal data is our legitimate interest in the above-mentioned purposes in accordance with Art. 6 Para. 1 S. 1 lit. f) DS-GVO and the fulfilment of legal obligations in accordance with Art. 6 Para. 1 S. 1 lit. c) DS-GVO.
  5. Storage period: Storage of the data until you delete the Borlabs cookie in your browser yourself or the purpose for the data storage is no longer applicable. The proof of revocation of a previously given consent will be kept for a period of three years. The retention is based on our accountability in accordance with Art. 5 Para. 2 DSGVO and the standard limitation period.

Data transmission/recipient category: the data is not forwarded to Borlabs.

processing of contracts

  1. We process inventory data (e.g. company, title/academic degree, names and addresses as well as contact data of users, e-mail), contract data (e.g. services used, names of contact persons) and payment data (e.g. bank details, payment history) for the purpose of fulfilling our contractual obligations (knowledge of who the contractual partner is; justification, content and processing of the contract; checking the plausibility of the data) and services (e.g. contacting customer service) in accordance with Art. 6 Paragraph 1 S. 1 lit b) DS-GVO. The entries marked as obligatory in online forms are required for the conclusion of the contract.
  2. In principle, this data is not passed on to third parties unless it is necessary to pursue our claims (e.g. transfer to a lawyer for collection) or to fulfil the contract (e.g. transfer of data to payment providers) or if there is a legal obligation to do so in accordance with Art. 6 Para. 1 S. 1 lit. c) DS-GVO.
  3. We may also process the data you provide in order to inform you about other interesting products from our portfolio or to send you e-mails with technical information.
  4. The data will be deleted as soon as they are no longer necessary for the purpose of their collection. This is the case for the inventory and contract data when the data is no longer necessary for the execution of the contract and no more claims can be asserted from the contract because they are statute-barred (warranty: two years / standard limitation period: three years). We are obliged by commercial and tax law to store your address, payment and order data for a period of ten years. However, if the contract is terminated after three years, we will restrict processing, i.e. your data will only be used to comply with legal obligations. Details in the user account remain until its deletion.

Contact us via contact form / e-mail / fax / mail

  1. When you contact us via contact form, fax, post or e-mail, your data will be processed for the purpose of handling your contact request.
  2. The legal basis for the processing of the data is Art. 6 Paragraph 1 S. 1 lit. a) DS-GVO if you have given your consent. The legal basis for the processing of data transmitted in the course of a contact enquiry or e-mail, letter or fax is Art. 6 Paragraph 1 S. 1 lit. f) DS-GVO. The person responsible has a legitimate interest in the processing and storage of the data in order to be able to respond to user enquiries, to preserve evidence for reasons of liability and, where appropriate, to be able to comply with his or her legal obligations to retain business letters. If the contact is aimed at the conclusion of a contract, an additional legal basis for the processing is Art. 6 Paragraph 1 S. 1 lit. b) DS-GVO.
  3. We may store your details and contact request in our Customer Relationship Management System (“CRM System”) or a comparable system.
  4. The data will be deleted as soon as they are no longer necessary for the purpose of their collection. For the personal data from the input mask of the contact form and those sent by e-mail, this is the case when the respective conversation with you has ended. The conversation is finished when it can be concluded from the circumstances that the matter in question has been finally clarified. Inquiries from users who have an account or contract with us will be stored for a period of two years after termination of the contract. In the case of legal archiving obligations, the deletion is carried out after the expiry of these obligations: end of the obligation to retain records under commercial law (6 years) and tax law (10 years).
  5. You have the possibility at any time to revoke your consent under Art. 6 Paragraph 1 S. 1 lit. a) DS-GVO to the processing of personal data. If you contact us by e-mail, you can object to the storage of personal data at any time.

Contact me by phone>/strong>

  1. When contacting us by phone, your phone number will be processed and temporarily stored or displayed in the RAM / cache of the phone device / display for the purpose of processing the contact request and its handling. The storage is done for liability and security reasons to be able to prove the call and for economic reasons to enable a call back. In case of unauthorized advertising calls, we block the phone numbers.
  2. The legal basis for the processing of the telephone number is Article 6(1) sentence 1(f) of the DS-GVO. If the aim of the contact is to conclude a contract, the additional legal basis for processing is Art. 6 (1) lit. b) DS-GVO.
  3. The device cache stores the calls for 30 days and successively overwrites or deletes old data; when the device is disposed of, all data is deleted and the memory destroyed if necessary. Blocked phone numbers are checked annually to see if they need to be blocked.
  4. You can prevent the display of the phone number by calling with the phone number suppressed.

Google AdWords with conversion tracking

  1. We use the service „Google Ads with conversion tracking“ ( service provider: Google Ireland Limited, Register No.: 368047, Gordon House, Barrow Street, Dublin 4, Ireland) to draw attention to third-party websites by displaying ads on our website.
  2. Categories of data and description of data processing:
    usage data/ communication data. When you click on a Google ad from us, a cookie is stored in your browser, which is valid for about 30 days. If you then visit our website, we and also Google can use the cookie to evaluate whether you have visited our website and which of our pages you have visited. Google creates statistics about this. The data is also transferred to the USA and analysed there. If you are logged in with a Google account, the data can be assigned to your account by AdWords. If you do not wish this, you must log out before visiting our website.
  3. The purpose of data processing: This conversion tracking serves the purpose of analysis/success measurement, optimization and the economic operation of our advertising and website.
  4. If you have given your consent (“opt-in”) to the processing of your personal data using “Google Ads with conversion tracking”, then Art. 6 (1) sentence 1 lit. a) DS-GVO is the legal basis. The legal basis for the processing of your data is otherwise our legitimate interest in the analysis, optimisation and efficient economic operation of our advertising and website in accordance with Art. 6 Paragraph 1 Sentence 1 lit. f) DS-GVO.
  5. Data transmission/recipient category: Google Ireland, USA; Google USA is certified according to the EU-US Privacy Shield: https://www.privacyshield.gov/EU-US-Framework.
  6. Storage period: up to 540 days. br />
  7. Opt-out options: You can object to or prevent the installation of cookies by Google in various ways:• you can disable cookies in your browser by using the setting “do not accept cookies”, which includes third-party cookies;• you can deactivate conversion tracking directly at Google via the link https://adssettings.google.com, whereby this setting only lasts until you delete your cookies.• you can view the personalized ads of the third party providers who participate in the advertising self-regulation initiative “About Ads” via the link https://optout.aboutads.disable info for US sites or for EU sites under http://www.youronlinechoices.com/de/praferenzmanagement/, this setting will only last until you delete all your cookies;• you can permanently disable cookies by using a browser plug-in for Chrome, Firefox or Internet Explorer under the link https://support.google.com/ads/answer/7395996. This deactivation may mean that you can no longer use all the functions of our website to their full extent.  
  8. For further information please refer to the Google privacy policy at https://policies.google.com/privacy?hl=de&gl=de and https://services.google.com/sitestats/de.html.

Google Analytics

  1. We have integrated the website analysis tool “Google Analytics” ( service provider: Google Ireland Limited, Register No.: 368047, Gordon House, Barrow Street, Dublin 4, Ireland) on our website.
  2. Data categories and description of data processing: User ID, IP address (anonymised). When you visit our website, Google places a cookie on your computer in order to be able to analyse your use of our website. We have activated IP anonymisation, which means that the IP addresses are only processed in a shortened form. On this website, your IP address will therefore be shortened by Google within member states of the European Union or in other states which are parties to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transferred to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on the website activities and to provide further services to the person responsible in connection with the use of the website and the Internet. In addition, we have also activated a comprehensive analysis of website visitors, which is carried out via a so-called user ID. The IP address transmitted by your browser within the framework of Google Analytics is not merged with other Google data. You can find further information on data use at Google Analytics here: https://www.google.com/analytics/terms/de.html (Analytics terms of use), https://support.google.com/analytics/answer/6004245?hl=de (Analytics privacy policy) and Google’s privacy policy https://policies.google.com/privacy.
  3. The use of Google Analytics serves the purpose of analysis, optimization and improvement of our website.
  4. If you have given your consent (“opt-in”) for the processing of your personal data by means of “Google Analytics” from the third party provider, then Art. 6 (1) sentence 1 lit. a) DS-GVO is the legal basis. The legal basis is also our legitimate interest in the above purposes (the analysis, optimisation and improvement of our website) in data processing in accordance with Art. 6 Paragraph 1 S.1 lit. f) DS-GVO. In the case of services provided in connection with a contract, tracking and analysis of user behaviour is carried out in accordance with Art. 6 Para. 1 S. 1 lit. b) DS-GVO in order to be able to use the information thus obtained to offer optimised services to fulfil the purpose of the contract.
  5. The data sent by us and linked to cookies, user IDs (e.g. user ID) or advertising IDs are automatically deleted after months. The deletion of data whose retention period has been reached is automatically carried out once a month.
  6. Data transmission/recipient category: Google, Ireland and USA. The collected data is transferred to the USA and stored there. If personal data is transferred to the USA, the certification of Google’s Privacy Shield Agreement ( https://www.privacyshield.gov/EU-US-Framework) provides a guarantee that European data protection law is complied with. We have also concluded an agreement with Google for order processing in accordance with Art. 28 DS-GVO.
  7. Contradiction and elimination possibilities (“Opt-Out”):
    You can generally prevent the storage of cookies on your hard disk by selecting the option in your browser settings not to accept cookies. However, this can result in a functional restriction of our offers. You can also prevent the collection of data generated by the cookie and related to your use of the website and the processing of this data by Google by downloading and installing the browser plugin available under the following link: http://tools.google.com/dlpage/gaoptout?hl=de•As an alternative to the above browser plugin, you can prevent Google Analytics from collecting data by clicking [__here please__insert the Analytics Opt-Out link of your website]. The click will set an “opt-out” cookie that will prevent the collection of your data when visiting this website in the future. This cookie is only valid for our website and your current browser and only lasts until you delete your cookies. In this case you would have to set the cookie again.You can deactivate the cross-device user analysis in your Google account under “My data > personal data”.

YouTube videos

  1. We have embedded YouTube videos from youtube.com on our website using the embedded function, so that they can be accessed directly on our website. YouTube belongs to Google Ireland Limited, Register No.: 368047, Gordon House, Barrow Street, Dublin 4, Ireland.
  2. Data category and description of data processing: Usage data (e.g. web page accessed, contents and access times). We have integrated the videos in the so-called “extended data protection mode” without using cookies to record usage behaviour in order to personalise video playback. Instead, the video recommendations are based on the video currently playing. Videos played in enhanced privacy mode in an embedded player do not affect which videos are recommended to you on YouTube. When you start a video (click on the video), you agree that YouTube will track the information that you accessed the corresponding subpage or video on our website and use this data for advertising purposes.
  3. purpose of the processing: Provision of a user-friendly offer, optimization and improvement of our content.
  4. If you have given your consent (“opt-in”) for the processing of your personal data by means of an “etracker” from the third party provider, then Art. 6 (1) sentence 1 lit. a) DS-GVO is the legal basis. The legal basis is also our legitimate interest in data processing for the above purposes in accordance with Art. 6 Paragraph 1 S.1 lit. f) DS-GVO. In the case of services provided in connection with a contract, tracking and analysis of user behaviour is carried out in accordance with Art. 6 Para. 1 sentence 1 lit. b) DS-GVO in order to be able to use the information thus obtained to offer optimised services for the fulfilment of the purpose of the contract.
  5. Data transmission/recipient category: Third party providers in the USA. The data obtained is transferred to the USA and stored there. This is also done without a user account at Google. If you are logged in to your Google account, Google can assign the above data to your account. If you do not wish this, you must log out of your Google account. Google creates user profiles from such data and uses these data for the purpose of advertising, market research or optimization of its websites. Google is certified in accordance with the EU-US Privacy Shield (https://www.privacyshield.gov/EU-US-Framework) and is therefore obliged to comply with European data protection law.
  6. storage duration: cookies up to 2 years or until the cookies are deleted by you as a user.
  7. You have a right of objection to the creation of user profiles via Google. Therefore, please contact Google directly via the privacy statement below. You can make an opt-out objection regarding the advertising cookies here in your Google account:
    https://adssettings.google.com/authenticated.
  8. In the YouTube terms of use at https://www.youtube.com/t/terms” target=”_blank” rel=”nofollow”>
    https://www.youtube.com/t/terms and in the Google privacy policy for advertising at https://policies.google.com/technologies/ads” target=”_blank” rel=”nofollow”>https://policies.google.com/technologies/ads you will find further information on the >br />
  9. Use of Google cookies and their advertising technologies, storage duration, anonymization, location data, functionality and your rights. General privacy policy of Google: https://policies.google.com/privacy.

Google ReCAPTCHA

  1. We have integrated the anti-spam function “reCAPTCHA” from “Google” (provider: Google Ireland Limited, Register No.: 368047, Gordon House, Barrow Street, Dublin 4, Ireland) on our website.
  2. Data category and description of the data processing: Usage data (e.g. website accessed, IP). By using “reCAPTCHA” in our forms we can determine whether the input was made by a machine (robot) or a human being. When using the service, your IP address and any other data required for this purpose may be transmitted to Google servers in the USA.
  3. purpose of the processing: avoidance of spam and abuse as well as our economic interest in the optimization of our website.
  4. Legal base: If you have given your consent (“opt-in”) for the processing of your personal data by means of “reCaptcha” from the third party provider, then Art. 6 (1) sentence 1 lit. a) DS-GVO is the legal basis. The legal basis is also our legitimate interest in the above-mentioned purposes in data processing in accordance with Art. 6 Paragraph 1 S.1 lit. f) DS-GVO.
  5. Data transmission/recipient category: Third party providers in the USA. Google is certified under the Privacy Shield Agreement (https://www.privacyshield.gov/EU-US-Framework). This ensures that the European data protection law is complied with.
  6. storage period: until the cookies are deleted by you as a user.
  7. Further information on Google ReCAPTCHA can be found at https://www.google.com/recaptcha/ and in the Google privacy policy at: https://policies.google.com/privacy.

Google Fonts

  1. We have integrated fonts from “Google” (provider: Google Ireland Limited, Reg. No.: 368047, Gordon House, Barrow Street, Dublin 4, Ireland).
  2. Data category and description of the data processing: Usage data (e.g. website accessed, IP). By using Google Fonts on our website, we can ensure that the readability and quality of our offer can be optimized for users. When using the service, your IP address and any other data required for this purpose may be transmitted to Google servers in the USA.
  3. purpose of the processing: For the purpose of a technically secure, maintenance-free and efficient use of fonts and symbols with regard to up-to-dateness and loading times, their uniform presentation and consideration of possible restrictions under licensing law.
  4. Legal base: Legitimate interests (Art. 6 para. 1 p. 1 lit. f) DSGVO)
  5. Data transmission/recipient category: Third party providers in the USA. Google is certified under the Privacy Shield Agreement (https://www.privacyshield.gov/EU-US-Framework). This ensures that the European data protection law is complied with.
  6. storage period: According to the information from Google – none.
  7. For more information about Google Fonts, please visit https://fonts.google.com/ and Google’s privacy policy at: https://policies.google.com/privacy.

Google Maps

  1. We have integrated maps from “Google Maps” (provider: Google Ireland Limited, Register No.: 368047, Gordon House, Barrow Street, Dublin 4, Ireland) on our website.
  2. data category and description of data processing: usage data (e.g. IP, location, page accessed). With Google Maps, we can display the location of addresses and directions directly on our website in interactive maps and enable you to use this tool. When you call up our website, where Google Maps is integrated, a connection to the Google servers in the USA is established. Your IP and location can be transmitted to Google. Google also receives information that you have called up the corresponding page. This is also done without a user account at Google. If you are logged into your Google account, Google can assign the above data to your account. If you do not wish to do so, you must log out of your Google account. Google creates user profiles from such data and uses this data for the purpose of advertising, market research or optimization of its websites.
  3. purpose of processing: Provision of a user-friendly, economical and optimized website.
  4. If you have given your consent (“opt-in”) for the processing of your personal data using “Google Maps” from the third party provider, then Art. 6 (1) sentence 1 lit. a) DS-GVO is the legal basis. The legal basis is also our legitimate interest in the above-mentioned purposes in data processing in accordance with Art. 6 Paragraph 1 S.1 lit. f) DS-GVO.
  5. Data transmission/recipient category: Third party providers in the USA. Google is certified under the Privacy Shield Agreement (https://www.privacyshield.gov/EU-US-Framework). This ensures that the European data protection law is complied with.
  6. storage duration: Cookies up to 6 months or until you delete them. Otherwise as soon as they are no longer needed for processing purposes.
  7. Possibility of objection and removal: You have the right to object to the creation of user profiles via Google. Therefore, please contact Google directly via the privacy statement below. You can make an opt-out objection regarding the advertising cookies here in your Google account:
    https://adssettings.google.com/authenticated.
  8. In the terms of use of Google Maps under https://www.google.com/intl/de_de/help/terms_maps.html and in the privacy policy for advertising by Google under https://policies.google.com/technologies/ads you will find further information on the use of Google cookies and their advertising technologies, storage period, anonymization, location data, functionality and your rights. General data protection declaration of Google: https://policies.google.com/privacy.

presence in social media

  1. We maintain profiles or fan pages in social media. When you use and access our profile in the respective network, the respective data protection notices and terms of use of the respective network apply.
  2. data categories and description of data processing: usage data, contact data, content data, inventory data. Furthermore, user data within social networks is usually processed for market research and advertising purposes. Thus, for example, user profiles can be created on the basis of usage behaviour and the resulting interests of the users. The usage profiles can in turn be used, for example, to place advertisements within and outside the networks that presumably correspond to the interests of the users. For these purposes, cookies are usually stored on the users’ computers, in which the usage behaviour and interests of the users are stored. Furthermore, data may also be stored in the user profiles independently of the devices used by the users (especially if the users are members of the respective platforms and are logged in to these). For a detailed description of the respective forms of processing and the possibilities of objection (opt-out), please refer to the data protection declarations and information provided by the operators of the respective networks. Also in the case of requests for information and the assertion of data subject rights, we would like to point out that these can most effectively be asserted with the providers. Only the providers have access to the data of the users and can take appropriate measures and provide information directly. Should you nevertheless need help, please contact us.
  3. purpose of the processing: Communication with the users connected and registered on the social networks; information and advertising for our products, offers and services; presentation and image cultivation; evaluation and analysis of the users and contents of our presence in the social media.
  4. The legal basis for the processing of personal data is our legitimate interest in the above-mentioned purposes in accordance with Art. 6 Paragraph 1 S. 1 lit. f) DS-GVO. Insofar as you have given your consent to us or the person responsible for the social network to process your personal data, the legal basis is Art. 6 para. 1 sentence 1 lit. a) in conjunction with Art. 7 DS-GVO.
  5. data transmission/recipient category: social network. Insofar as US providers are certified under the Privacy Shield Agreement (https://www.privacyshield.gov/EU-US-Framework), it is ensured that European data protection law is complied with.
  6. The data protection notices, information and opt-out possibilities of the respective networks / service providers can be found here:- Strong>Facebook>/strong> – Service provider: Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland); Website: www.facebook.com; privacy statement: https://www.facebook.com/about/privacy/, opt-out: https://www.facebook.com/settings?tab=ads and http://www.youronlinechoices.com; Opposition: https://www.facebook.com/help/contact/2061665240770586; Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active;Agreement on joint processing of personal data on Facebook pages (Art. 26 DS-GVO): https://www.facebook.com/legal/terms/page_controller_addendum, Privacy policy for Facebook pages: https://www.facebook.com/legal/terms/information_about_page_insights_data.- Strong>Instagram>/strong> – Service provider: Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland) – Privacy Policy rung/ Opt-Out:  https://help.instagram.com/519522125107875, Opposition: https://help.instagram.com/contact/186020218683230; Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active; Agreement on joint processing of personal data on Instagram pages (Art. 26 DS-GVO): https://www.facebook.com/legal/terms/page_controller_addendum.- Strong>Twitter>/strong> – Service provider: Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA) – Privacy Statement: https://twitter.com/de/privacy, Opt-Out: https://twitter.com/personalization, Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt0000000TORzAAO&status=Active.- XING – service provider: XING AG, Dammtorstra?e 29-32, 20354 Hamburg, Germany) – Privacy Policy/ Opt-Out: https://privacy.xing.com/de/datenschutzerklaerung. • Pinterest>/strong> – Service provider: Pinterest Europe Ltd, Palmerston House, 2nd Floor, Fenian Street, Dublin 2, Ireland) – privacy policy: https://policy.pinterest.com/de/privacy-policy, Opt-Out: https://help.pinterest.com/de/articles/personalized-ads-pinterest, Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt00000008VVzAAM&status=ActiveLinkedIn – service provider: LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland) – privacy policy: https://www.linkedin.com/legal/privacy-policy, cookie policy and opt-out: https://www.linkedin.com/legal/cookie-policy, Privacy Shield of the US company LinkedIn Inc.: https://www.privacyshield.gov/participant?id=a2zt0000000L0UZAA0&status=Active.

Social media plug-ins

  1. We use social media plug-ins from social networks on our website In doing so, we use the so-called two-click Lösung“-Shariff from c’t or heise.de: https://www.heise.de/ct/artikel/Shariff-Social-Media-Buttons-mit-Datenschutz-2467514.html; service providers: Heise Medien GmbH & Co. KG, Karl-Wiechert-Allee 10, 30625 Hanover, Germany; Privacy Policy: https://www.heise.de/Datenschutzerklaerung-der-Heise-Medien-GmbH-Co-KG-4860.html.
  2. Data category and description of the data processing: Usage data, content data, inventory data. When our website is called up, no personal data is transmitted by Shariff“  to the third-party providers of the social plug-ins. Next to the logo or brand of the social network you will find a slider with which you can activate the plug-in with a click. This activation represents your consent in the form that the respective social network provider receives the information that you have called up our website and your personal data is transmitted to the provider of the plug-in and stored there. These are so-called Thirdparty Cookies. With some providers such as Facebook and XING, your IP address is anonymized immediately after the collection. The data collected about the user is stored by the plug-in provider as user profiles. You can revoke your consent at any time by deactivating the slider.
  3. purpose of data processing: improvement and optimization of our website; increase of our awareness through social networks; possibility of interaction with you and the users among each other through social networks; advertising, analysis and/or demand-oriented design of the website.
  4. The legal basis for the processing of personal data is our legitimate interest in the above-mentioned purposes in accordance with Art. 6 Paragraph 1 S. 1 lit. f) DS-GVO. Insofar as you have given your consent to us or the person responsible for the social network to process your personal data, the legal basis is Art. 6 para. 1 sentence 1 lit. a) in conjunction with Art. 7 DS-GVO. In the case of pre-contractual enquiries or the use of your personal data for the performance of a contract, the legal basis is Art. 6 Paragraph 1 S. 1 lit. b) DS-GVO.
  5. data transmission/recipient category: social network; to the extent that the US providers are certified under the Privacy Shield Agreement (https://www.privacyshield.gov/EU-US-Framework), it is ensured that European data protection law is complied with.
  6. Used social networks and contradiction: We refer to the respective data protection declarations of the social networks regarding the purpose and scope of data collection and processing. In addition, you will also find information on your rights and setting options for the protection of your personal data. You have the right to object to the creation of these user profiles, whereby you can contact the respective plug-in provider directly to exercise these rights.

Facebook

  1. We have integrated plug-ins from the social network Facebook.com (company headquarters in the EU: Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland) on our website as part of the so-called “two-click solution” from Shariff.You can recognize them by the Facebook logo “f” or the addition “Like”, “Like” or “Share”.
  2. As soon as you activate the Facebook plug-in, a connection is established from your browser to the Facebook servers. During this process, Facebook receives information, including your IP address, that you have accessed our website and transfers this information to Facebook servers in the USA, where this information is stored. If you are logged into your account on Facebook, Facebook can associate this information with your account. When using the functions of the plug-in, e.g. pressing the “Like” button, this information is also transferred from your browser to Facebook’s servers in the USA and stored there and displayed in your Facebook profile and, if applicable, with your friends.
  3. For the purpose and scope of data collection and its further processing and use by Facebook, as well as your rights and options to protect your privacy, please refer to Facebook’s privacy policy: https://www.facebook.com/about/privacy/. Data collection from the „I like“-button: https://www.facebook.com/help/186325668085084. You can manage and object to your settings regarding the use of your profile data for advertising purposes on Facebook here: https://www.facebook.com/ads/preferences/.
    .
  4. If you log out of Facebook before visiting our website and delete your cookies, no data about your visit to our website will be assigned to your profile on Facebook when the plug-in is activated.
  5. Facebook has submitted to the Privacy Shield and thus ensures that European data protection law is observed: https://www.privacyshield.gov/EU-US-Framework.
  6. Agreement on the joint processing of personal data on Facebook pages (Art. 26 DS-GVO): https://www.facebook.com/legal/terms/page_controller_addendum, Privacy Policy for Facebook pages: https://www.facebook.com/legal/terms/information_about_page_insights_data.

Twitter

  1. We have integrated plug-ins of the social network Twitter.com (Twitter Inc., 1355 Market St., Suite 900, San Francisco, California 94103, USA) on our website as part of the so-called „Two-Click-Lösung“ by Shariff. These plug-ins can be recognized by the Twitter logo with a white bird on a blue background. An overview of Twitter buttons and tweets can be found at: https://developer.twitter.com/en/docs/twitter-for-websites/overview.
  2. If you are logged in to your Twitter account while you are voluntarily activating the Twitter plug-ins, Twitter can associate the call to our website with your Twitter profile.
  3. If you want to exclude data transmission when activating the plug-in to Twitter, then log out of Twitter before visiting our website and delete your cookies.
  4. For the purpose and scope of data collection, further processing and use of the data by Twitter and your rights and options to protect your privacy, please refer to the Twitter privacy policy: https://twitter.com/de/privacy. Opposition (Opt-Out): https://twitter.com/personalization.
  5. Twitter has submitted to the Privacy Shield and thus ensures that European data protection law is observed: https://www.privacyshield.gov/EU-US-Framework.

XING

  1. We have integrated plug-ins from the social network XING (XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany) on our website as part of the so-called “two-click solution” from Shariff. You can recognize this by the Share button with the white XING logo and the “X” symbol on a green background.
  2. If you deliberately activate the Share Button of XING on our website, this will cause your browser to connect to the XING server when you access the respective website. According to XING, no data about the call is stored from which XING could derive a direct personal reference. In particular, XING does not store any IP addresses of yours, nor does it use cookies. When you click the Share button, you will be redirected to the XING homepage, where – if you are logged in – you can recommend our site, which serves the purpose of increasing our awareness and reach. With regard to these activities on the XING platform, the XING privacy policy stated below applies.
  3. If you log out of XING before visiting our website and delete your cookies, no data about your visit to our website will be assigned to your profile on XING when the plug-in is activated.
  4. For the purpose and scope of data collection and its further processing and use by XING, as well as your rights and settings options to protect your privacy, please refer to XING’s privacy policy on the Share button at https://www.xing.com/app/share%3Fop%3Ddata_protection” target=”_blank” rel=”nofollow”>https://www.xing.com/app/share%3Fop%3Ddata_protection as well as XING’s general privacy policy at https://privacy.xing.com/de/datenschutzerklaerung.

Pinterest

  1. We have integrated on our website plug-ins from the social network Pinterest (Pinterest Europe Ltd., Palmerston House, 2nd Floor, Fenian Street, Dublin 2, Ireland) as part of Shariff’s so-called “two-click solution”. You can recognise these by buttons with the white “P” sign on a red background.
  2. If you deliberately activate the plug-in, a connection from your browser to Pinterest’s servers will be established. Pinterest receives information, including your IP address, that you have visited our site and transmits this information to Pinterest’s servers in the USA, where this information is stored. If you are logged into your account with Pinterest, Pinterest can associate this information with your account and you can click on the Pinterest button to share and store the content of our sites on your Pinterest account and, if necessary, show it to your friends there.
  3. If you log out of Pinterest before visiting our website and delete your cookies, no data about your visit to our website will be assigned to your profile on Pinterest when the plug-in is activated.
  4. For further information, please consult the Pinterest privacy policy https://policy.pinterest.com/de/privacy-policy, Opt-Out: https://help.pinterest.com/en/articles/personalized-ads-pinterest, Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt00000008VVzAAM&status=Active

Data protection for applications and in the application process

  1. Applications sent by electronic means or by post to the person in charge will be processed electronically or manually for the purpose of handling the application procedure.
  2. We expressly point out that application documents with “special categories of personal data” in accordance with Art. 9 DS-GVO (e.g. a photograph which allows conclusions to be drawn about your ethnic origin, religion or marital status) are undesirable, with the exception of any severe disability which you may wish to disclose of your own free will. You should submit your application without these data. This has no effect on your chances of applying.
  3. The legal basis for the processing is Art. 6 Para. 1 S.1 lit. b) DS-GVO as well as Art. 26 BDSG n.F.
  4. If an employment relationship is entered into with the applicant after completion of the application procedure, the applicant’s data will be stored in compliance with the relevant data protection regulations. If you are not offered a position after the conclusion of the application procedure, your submitted letter of application including documents will be deleted 6 months after the rejection has been sent, in order to be able to meet any requirements and obligations of proof according to AGG.

Rights of the person concerned

  1. Objection or revocation of the processing of your dataInsofar as the processing is based on your consent pursuant to Art. 6 Para. 1 S. 1 lit. a), Art. 7 DS-GVO, you have the right to revoke your consent at any time. This does not affect the lawfulness of the processing carried out on the basis of the consent until the revocation.Insofar as we base the processing of your personal data on the balancing of interests in accordance with Art. 6 Paragraph 1 S. 1 lit. f) DS-GVO, you may object to the processing. This is the case if the processing is not necessary, in particular, for the performance of a contract with you, which is described by us in the following description of the functions. In the event of such an objection, we request that you explain the reasons why we should not process your personal data as we have done. In the event of your justified objection, we will examine the situation and either stop or adapt the data processing or show you our compelling reasons worthy of protection on the basis of which we will continue the processing.You can object to the processing of your personal data for the purposes of advertising and data analysis at any time. You can exercise the right to object free of charge. You can inform us about your objection to advertising by sending us the following contact details:Hotel Günzburg City
    Dillinger Str. 10
    89312 Günzburg
    Managing Director Eduart Müller
    Fax: +49 (0)8221 206 5395
    E-mail address: info@hotel-gc.de
  2. Right to information
    You have the right to request confirmation from us as to whether personal data concerning you is being processed. If this is the case, you have the right to information about your personal data stored with us in accordance with Art. 15 DS-GVO. This includes, in particular, information about the purposes of processing, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the origin of your data, unless it was collected directly from you.
  3. Right of rectification
    You have a right to correct incorrect data or to complete correct data in accordance with Art. 16 DS-GVO.
  4. Right to delete
    You have the right to delete your data stored with us in accordance with Art. 17 DS-GVO, unless legal or contractual retention periods or other legal obligations or rights to further storage conflict with this.
  5. right to restriction
    You have the right to request a restriction on the processing of your personal data if one of the conditions in Art. 18 Paragraph 1 lit. a) to d) DS-GVO is fulfilled:
    – If you dispute the accuracy of the personal data concerning you for a period of time that allows the person responsible to verify the accuracy of the personal data;• the processing is unlawful and you object to the deletion of the personal data and instead request the restriction of the use of the personal data;• the controller no longer needs the personal data for the purposes of the processing, but you need it for the assertion, exercise or defence of legal claims, or• if you have lodged an objection to the processing pursuant to Art. 21 (1) DPA and it is not yet clear whether the legitimate reasons of the controller outweigh your reasons.
  6. right to data transferability
    You have a right to data transferability in accordance with Art. 20 DS-GVO, which means that you can receive the personal data stored by us about you in a structured, common and machine-readable format or request that it be transferred to another responsible party.
  7. Right of appeal
    You have a right to complain to a supervisory authority. As a general rule, you may do so by contacting the supervisory authority, in particular in the Member State in which you are domiciled, your place of work or the place where the alleged infringement is committed.

data security

To protect all personal data transmitted to us and to ensure that the data protection regulations are observed by us and our external service providers, we have taken suitable technical and organisational security measures. Therefore, among other things, all data between your browser and our server is transmitted encrypted via a secure SSL connection.

Stand: 09.01.2020

Source: Privacy policy of Juraforum.de