This English version of the legal notice is provided for convenience only. It has been automatically or manually translated from the original German version. Despite our efforts, translation inaccuracies may occur. For legally binding information, please refer exclusively to the original German version of this page. In case of discrepancies or uncertainties, the German version shall prevail.
As the operator of this website and as a company, we come into contact with your personal data. This means all data that says something about you and with which you can be identified. In this privacy policy, we would like to explain to you how, for what purpose and on which legal basis we process your data.
Responsible for data processing on this website and in our company is:
Hotel am Schlosspark zum Kurfürst GmbH
Kapellenweg 5
85764 Oberschleissheim
Germany
Telephone: 089315790
email: [email protected]
When you enter your data on websites, place online orders or send emails over the Internet, you must always expect unauthorised third parties to access your data. There is no complete protection against such access. However, we do everything we can to protect your data in the best possible way and to close the security gaps as far as possible.
An important protective mechanism is the SSL or TLS encryption of our website, which ensures that data that you transmit to us cannot be read by third parties. You can recognize the encryption by the lock icon in front of the entered Internet address in your browser and by the fact that our Internet address starts with https://and not with http://.
In some places in this privacy policy, we will inform you how long we or the companies that process your data on our behalf will store your data. If such information is missing, we will store your data until the purpose of data processing no longer applies, you object to data processing or you withdraw your consent to data processing.
However, in the event of an objection or revocation, we may continue to process your data if at least one of the following conditions is met:
In this case, we will delete your data as soon as the requirement (s) no longer apply or do not apply.
On our website, we also use tools from companies that transfer your data to the USA and store it there and, if necessary, further process it. The European Commission has adopted an adequacy decision for the EU-US data protection framework. This determines that the USA ensures an adequate level of protection for personal data from the EU that is transferred to US companies. This decision is based on new guarantees and measures introduced by the USA to meet data protection requirements. The adequacy decision includes, among other things, restrictions and guarantees with regard to US intelligence services' access to the data. Mandatory guarantees have been introduced to limit access by US intelligence services to what is necessary and proportionate to protect national security. In addition, increased oversight of the activities of US intelligence agencies has been established to ensure that restrictions on surveillance activities are met. An independent appeal process has also been set up to handle and resolve complaints from European citizens about access to their data. The EU-USA data protection framework thus enables European companies to transfer data to certified US companies without having to introduce additional data protection guarantees. A list of all certified companies can be found at the following link: https://www.dataprivacyframework.gov/s/participant-search
An amendment to the European Commission's decision cannot be ruled out.
We have appointed a data protection officer for our company.
AKWISO LTD | Data Protection and IT Security
Dieter Grohmann
Beethovenstrasse 23
87435Kempften
email address: [email protected]
IF YOU READ IN THIS PRIVACY POLICY THAT WE HAVE LEGITIMATE INTERESTS IN PROCESSING YOUR DATA AND THEREFORE DO SO IN ACCORDANCE WITH ART. 6 PARA. 1 SENTENCE 1 LIT. F) GDPR, YOU HAVE THE RIGHT TO FILE AN OBJECTION UNDER ARTICLE 21 GDPR. THIS ALSO APPLIES TO PROFILING BASED ON THE ABOVE PROVISION. THE PREREQUISITE IS THAT YOU GIVE REASONS FOR THE OBJECTION ARISING FROM YOUR PARTICULAR SITUATION. A JUSTIFICATION IS NOT REQUIRED IF THE OBJECTION IS DIRECTED AGAINST THE USE OF YOUR DATA FOR DIRECT MARKETING.
THE RESULT OF THE OBJECTION IS THAT WE ARE NO LONGER ALLOWED TO PROCESS YOUR DATA. THIS ONLY DOES NOT APPLY IF ONE OF THE FOLLOWING REQUIREMENTS IS MET:
THE EXCEPTIONS DO NOT APPLY IF YOUR OBJECTION IS DIRECTED AGAINST DIRECT ADVERTISING OR AGAINST PROFILING ASSOCIATED WITH IT.
Many data processing operations are based on your consent. You grant this, for example, by ticking online forms accordingly before you submit the form, or by allowing certain cookies when you visit our website. You can withdraw your consent at any time without giving reasons (Article 7 (3) GDPR). From the time of withdrawal, we may no longer process your data. The only exception: We are required by law to keep the data for a certain period of time. There are such retention periods in particular in tax and commercial law.
If you believe that we are violating the General Data Protection Regulation (GDPR), you have the right to complain to a supervisory authority under Article 77 GDPR. You can contact a supervisory authority in the Member State of your residence, place of work or the place where the alleged infringement took place. The right of appeal exists in addition to administrative or judicial remedies.
Data that we process automatically on the basis of your consent or in fulfilment of a contract must be handed over to you or to a third party in a standard machine-readable format if you request this. We can only transfer the data to another person responsible insofar as this is technically possible.
According to Article 15 GDPR, you have the right to receive information free of charge about what personal data we have stored about you, where the data comes from, to whom we transfer the data and for what purpose it is stored. If the data is incorrect, you have the right to rectification (Article 16 GDPR); under the conditions of Article 17 GDPR, you may request that we delete the data.
In certain situations, you can require us to restrict the processing of your data in accordance with Article 18 GDPR. Apart from storage, the data may then only be processed as follows:
The right to restrict processing exists in the following situations:
Our website is located on a server from the following provider of Internet services (hoster):
Webflow, Inc.
398 11th Street
2nd Floor
San Francisco, CA 94103, United States
yes
The host stores all data on our website. This includes all personal data that is collected automatically or through your input. In particular, this may include: your IP address, pages viewed, names, contact details and inquiries, as well as meta and communication data. When processing data, our host complies with our instructions and only ever processes the data to the extent necessary to fulfill the obligation to provide services to us.
Since we address potential customers via our website and maintain contacts with existing customers, data processing by our host serves to initiate and fulfill contracts and is therefore based on Art. 6 para. 1 lit. b) GDPR. In addition, it is our legitimate interest as a company to provide a professional Internet offering that meets the necessary requirements for security, speed and efficiency. In this respect, we also process your data on the basis of Art. 6 para. 1 lit. f) GDPR.
Content Delivery Network (CDN) with domain name system (DNS)
Cloudflare Inc., 101 Townsend St., San Francisco, CA 94107, United States of America
yes
https://www.cloudflare.com/privacypolicy/
Based on the adequacy decision of the European Commission and the corresponding certification of the company.
We use Cloudflare services for our website. The global content delivery network ensures that all content that we provide online reaches you quickly, even when large amounts of data have to be moved over long distances. This is made possible by Cloudflare, with all its technical capabilities and servers all over the world, being connected between our website and your browser, analyzing traffic and filtering out malicious data before it reaches our server. Cloudflare also comes into contact with personal data that is collected via our website. In addition, the company may use cookies or other technologies to recognize Internet users. Data processing by Cloudflare always serves the sole purpose of enabling fast data traffic.
We have a legitimate interest in providing visitors to our website with an online offer that is as fast and efficient as possible. Data processing is therefore carried out on the basis of Art. 6 para. 1 lit. f) GDPR.
Our website places cookies on your device. These are small text files that are used for different purposes. Some cookies are technically necessary for the website to function at all (necessary cookies). Others are needed to be able to perform certain actions or functions on the site (functional cookies). For example, without cookies, it would not be possible to take advantage of the benefits of a shopping cart in an online shop. Still other cookies are used to analyze user behavior or optimize advertising measures. If we use third-party services on our website, for example to process payment transactions, these companies may also leave cookies on your device when you visit the website (so-called third-party cookies).
Session cookies are only stored on your device for the duration of a session. As soon as you close the browser, they disappear by themselves. Permanent cookies, on the other hand, remain on your device unless you delete them yourself. For example, this can result in your user behavior being permanently analysed. You can use the settings in your browser to influence how it handles cookies:
If you disable or do not allow cookies, the functionality of the website may be limited.
If we use cookies from other companies or for analysis purposes, we will inform you about this as part of this privacy policy. We also ask for your consent when you visit our website.
We have a legitimate interest in ensuring that our online offerings can be used by visitors without technical problems and that all desired functions are available to them. Necessary and functional cookies are therefore stored on your device on the basis of Art. 6 para. 1 lit. f) GDPR. We use all other cookies on the basis of Art. 6 para. 1 lit. a) GDPR, provided that you give us appropriate consent. You can cancel this at any time with effect for the future. If you have consented to the placement of necessary and functional cookies when requesting consent, these cookies will also be stored exclusively on the basis of your consent.
Server log files log all requests and accesses to our website and record error messages. They also include personal data, in particular your IP address. However, this is anonymized by the provider after just a short period of time, so that we cannot assign the data to you personally. The data is automatically transmitted from your browser to our provider.
Our provider stores the server log files in order to be able to track the activity on our website and to identify errors. The files contain the following data:
We do not combine this data with other data, but only use it for statistical evaluation and to improve our website.
We have a legitimate interest in ensuring that our website runs error-free. It is also our legitimate interest to obtain an anonymous overview of access to our website. Data processing is therefore lawful in accordance with Article 6 (1) (f) GDPR.
You can send us a message by e-mail or fax or give us a call.
We save your message as well as the contact details you have provided yourself and the telephone number you have provided so that we can process your request, including follow-up questions. We will not share the data with other people without your consent.
We delete your data as soon as one of the following occurs:
This only does not apply if we are required by law to store the data.
If your request is related to our contractual relationship or serves to carry out pre-contractual measures, we process your data on the basis of Art. 6 para. 1 lit. b) GDPR. In all other cases, it is our legitimate interest to effectively process inquiries addressed to us. The legal basis for data processing is therefore Art. 6 para. 1 lit. f) GDPR. If you have consented to the storage of your data, Art. 6 para. 1 lit. a) GDPR is the legal basis. In this case, you can withdraw your consent at any time with effect for the future.
We use the following tools to analyze the behavior of our website visitors and show you advertising.
Tag management system for integrating tracking codes and conversion pixels from Google Ireland. Ltd.
Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland
https://policies.google.com/privacy
Based on the adequacy decision of the European Commission and the corresponding certification of the company.
We use Google Tag Manager. The tool helps us to integrate tracking codes and conversion pixels into our website, manage and play them out. Google Tag Manager does not create any user profiles itself, does not place cookies on your device and does not analyze your behavior as a user. However, it collects your IP address and transmits it to Google servers in the USA.
We have a legitimate interest in quickly and easily integrating and managing various tools on our website. The use of Google Tag Manager is therefore lawful under Art. 6 para. 1 lit. f) GDPR. If you have consented to the transfer of your IP address, we process your data exclusively on the basis of Art. 6 para. 1 lit. a) GDPR. You can withdraw your consent at any time with effect for the future.
Tool for analyzing user behavior from Google Ireland Ltd.
Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland
yes
https://support.google.com/analytics/answer/6004245?hl=de
Based on the adequacy decision of the European Commission and the corresponding certification of the company.
With a browser plug-in, among other things: https://tools.google.com/dlpage/gaoptout?hl=de
We are always interested in optimising our website for visitors to our website and placing advertising optimally. Google Analytics, a tool that analyses user behavior and thus provides us with the necessary database for adjustments, helps us with this. The tool provides us with information about the origin of our visitors, their page views and their time spent on the pages, as well as the operating system they use.
To collect the data, Google Analytics uses cookies, device fingerprinting, or other technologies to recognize users. The data is transmitted to Google servers in the USA and, using the IP address also collected, is summarized in a profile that can be assigned to you or your device.
You can prevent Google from processing your data by installing a browser plug-in that Google itself provides: https://tools.google.com/dlpage/gaoptout?hl=de
We have activated the “IP anonymization” function within Google Analytics. For you, this means that Google abbreviates your IP address (from the EU or the EEA) before transmission to the USA. Only in exceptional cases does Google transmit the full IP address to servers in the USA and abbreviate it there.
We use the “demographic characteristics” feature of Google Analytics to be able to show visitors to our website suitable advertisements within the Google advertising network. As a result, reports can be created that contain statements about the age, gender and interests of our site visitors. This data comes from interest-based advertising from Google and from visitor data from third parties. It is not possible to assign the collected data to specific persons.
You can deactivate the function in your Google account settings.
According to its own information, Google deletes or anonymizes data stored at user and event level that is linked to cookies, user IDs (e.g. user IDs) or advertising IDs (cf. https://support.google.com/analytics/answer/7667196?hl=de).
As a website operator, we have a legitimate interest in analyzing user behavior for the purpose of optimizing our website and the advertising placed there. Data processing is therefore lawful under Article 6 (1) (f) GDPR. If, for example, you have consented to the storage of cookies or otherwise consented to data processing by Google Analytics, the legal basis is only Article 6 (1) (a) GDPR. You can withdraw your consent at any time with effect for the future.
Tool for analyzing user behavior from Google Ireland Ltd.
Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland
https://www.google.de/intl/de/policies/privacy/
Based on the adequacy decision of the European Commission and the corresponding certification of the company.
We are always interested in optimising our website for users and placing advertising optimally. For this purpose, we also use Google's conversion tracking. With its help, we can record whether and how often visitors clicked on certain buttons on our website and which products were viewed and purchased particularly frequently (conversion statistics). In the course of data collection and storage, we do not receive any information with which we can personally identify individual visitors. Google itself uses cookies or comparable recognition technologies for identification.
As a website operator, we have a legitimate interest in analyzing user behavior for the purpose of optimizing our website and the advertising placed there. Data processing is therefore lawful under Article 6 (1) (f) GDPR. If, for example, you have consented to the storage of cookies or otherwise consented to data processing by Google Conversion Tracking, the legal basis is only Art. 6 para. 1 lit. a) GDPR. You can withdraw your consent at any time with effect for the future.
We use fonts from the US company Google on our website. We have installed the fonts locally so that there is no connection to Google's servers when you visit our website.
You can find more information about Google Fonts at https://developers.google.com/fonts/faq and in Google's privacy policy: https://policies.google.com/privacy?hl=de
Service that allows access to a JavaScript library for use on this website
The OpenJS Foundation, 548 Market St, PMB 57274, San Francisco, California, United States of America
jQuery complies with the European Commission's standard contractual clauses (cf. https://openjsf.org/privacy)
We use jQuery services on our website. jQuery is a Javascript library. It simplifies Javascript programming by providing an easy-to-use interface for many common tasks. With jQuery, users can make their web pages faster and more interactive. When you visit our website, a direct connection is established between your browser and the jQuery servers. This is how jQuery learns that our website was accessed via your IP address.
The jQuery fonts ensure a uniform typeface on our websites. As a company, we have a legitimate interest in this. Data processing is therefore lawful under Article 6 (1) (f) GDPR.
If you have consented to data processing, we process your data exclusively on the basis of Art. 6 para. 1 lit. a) GDPR. You can withdraw your consent at any time. From the time of withdrawal, we may no longer process your data.
If you would like to work for us, we would be happy to receive your application. We treat all submitted personal data strictly confidentially. This also applies to data that we only collect later in the course of the application process.
We store and use all data that we collect as part of the application process to the extent necessary to decide whether to establish an employment relationship. In addition to contact and communication data and application documents, this also includes notes that we make during job interviews. Within our company, we will only share your data with people who are involved in processing your application.
If the application is successful, we store the data required to carry out the employment relationship in our data processing systems.
If we are unable to make you a job offer, you reject a job offer or withdraw your application, we reserve the right to keep your documents and other application data for up to 6 months after the application process has ended. The reason is that in the event of a legal dispute, we may need the data for evidence purposes. After the deadline, we delete the data and destroy the documents. If a legal dispute is actually imminent or is it already pending, we delete the data and documents when they are no longer required for evidentiary purposes.
Deleting your data always requires that we are not legally obliged to keep it for longer.
We process your applicant data on the basis of § 26 BDSG-neu (initiation of an employment relationship) and Art. 6 para. 1 lit. b) GDPR (general contract initiation).
The same applies if your application is successful.
If we are unable to make you a job offer, you reject a job offer, or withdraw your application, we have a legitimate interest in using your information for evidentiary purposes in a potential legal dispute. Data processing is therefore based on Art. 6 para. 1 lit. f) GDPR.
If you have expressly consented to the storage of your data, we process your data on the basis of Art. 6 para. 1 lit. a) GDPR. You can withdraw your consent at any time with effect for the future.
By social media, we mean the social networks on which we have created publicly available profiles. You can read below which social networks these actually are.
The respective operators of the social networks. The individual operators can be found below in the respective networks.
Social network operators are usually able to collect and evaluate comprehensive data about the behavior of visitors and users of the network. It is not possible for us to understand all processing operations in the social networks we use, which is why further processing operations that are not listed here may be carried out by the operators of the social networks. You can find more information about this in the terms of use and privacy policies of the respective social networks.
The processing of your data can be triggered by visiting the social network website or our profile page there. Even if you visit a website that uses certain content from the network, e.g. like or share buttons, data can already be transferred to the operators of the social network. If you yourself are a user of the social network and are logged into your user account, your visit to our profile page can be assigned to your account by the operator of the social network. Even if you have not registered a user account yourself or are not logged in, the network operator may still collect your personal data, e.g. by collecting your IP address or setting cookies. With this data, operators can create user profiles tailored to your behavior and interests and show you interest-based advertising within and outside the network. If you are a registered user of the network, interest-based advertising can also be displayed on all devices on which you are or were logged in.
Our profiles on social networks should ensure that our company has as extensive an online presence as possible. As a company, we have a legitimate interest in this. Data processing is therefore lawful under Article 6 (1) (f) GDPR.
The data processing and analyses carried out by social network operators themselves may be based on other legal bases. These must be provided by the operators of the social networks.
If you visit one of our profiles on social networks, we, together with the operator of the respective network, are responsible for the data processing processes triggered during this visit. In principle, you can assert your rights against both us and the operator of the respective network.
Despite joint responsibility with the operators of social networks, our influence on the data processing processes of the respective operator is limited and is primarily based on the operator's requirements.
When we collect data via our profiles on social networks, it is deleted from our systems as soon as the purpose for storing it no longer applies, you ask us to delete it or you withdraw your consent to storage. Saved cookies remain on your device until you delete them. Mandatory legal provisions — in particular retention periods — remain unaffected.
We have no influence on how long social network operators store your data, which the operators collect for their own purposes. You can obtain information about this directly from the operator of the respective social network, e.g. in the respective privacy policy.
What is Facebook?
A social network
Who processes your data?
Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland
Is your data transferred to third countries?
Yes, to the USA and also to other third countries
Where can you find more information about data protection on Facebook?
https://www.facebook.com/about/privacy/
As a Facebook user, where can you adjust your advertising settings?
As a registered Facebook user, you can adjust your advertising settings in your user account. To do so, click on the following link and log in:
https://www.facebook.com/settings?tab=ads
What is Instagram?
A social network specialized in photos and videos
Who processes your data?
Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland
Is your data transferred to third countries?
yes
Where can you find more information about privacy on Instagram?
https://help.instagram.com/519522125107875/?helpref=hc_fnav&bc[0]=Instagram-Hilfebereich&bc[1]=Richtlinien%20und%20Meldungen
Where can you, as a user, adjust your privacy settings?
As a registered Instagram user, you can adjust your privacy settings in your user account. To do so, click on the following link and log in:
https://www.instagram.com/accounts/privacy_and_security/
A social network for business contacts
LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland
yes
https://de.linkedin.com/legal/privacy-policy?trk=homepage-basic_footer-privacy-policy
As a registered LinkedIn user, you can adjust your privacy settings in your user account. To do so, click on the following link and log in:
https://www.linkedin.com/psettings/
What is TikTok?
A social network specialized in photos and videos
Who processes your data?
TikTok Technology Limited, 10 Earlsfort Terrace, Dublin, D02 T380, Ireland
Is your data transferred to third countries?
yes
Where can you find more information about privacy on TikTok?
https://www.tiktok.com/legal/privacy-policy-eea?lang=de
Where can you, as a user, adjust your privacy settings?
https://www.tiktok.com/legal/tiktok-website-cookies-policy?lang=de