DATA PROTECTION

1. Data pro­tec­tion at a glance

Gene­ral notes

The fol­lowing notes pro­vi­de a simp­le over­view of what hap­pens to your per­so­nal data when you visit our website.

Per­so­nal data are all data with which you can be per­so­nal­ly iden­ti­fied. You can find detail­ed infor­ma­ti­on on the sub­ject of data pro­tec­tion in our data pro­tec­tion decla­ra­ti­on lis­ted below this text.

Data collec­tion on our website

Who is respon­si­ble for data collec­tion on this website?

The data pro­ces­sing on this web­site is car­ri­ed out by the web­site ope­ra­tor. His con­ta­ct details can be found in the imprint of this website.

How do we coll­ect your data?

On the one hand, your data is collec­ted by pro­vi­ding us with this information.

This can be data that you enter into a con­ta­ct form, for examp­le.
Other data is auto­ma­ti­cal­ly collec­ted by our IT sys­tems when you visit the web­site. The­se are main­ly tech­ni­cal data (e.g. inter­net brow­ser, ope­ra­ting sys­tem or time of the page call). This data is collec­ted auto­ma­ti­cal­ly as soon as you enter our website.

What do we use your data for?

Part of the data is collec­ted to ensu­re that the web­site is pro­vi­ded wit­hout errors. Other data can be used to ana­ly­se your user behaviour.

What rights do you have regar­ding your data?

You have the right to recei­ve infor­ma­ti­on free of char­ge about the ori­gin, reci­pi­ent and pur­po­se of your stored per­so­nal data at any time. You also have the right to demand the cor­rec­tion, blo­cking or dele­ti­on of this data. For this pur­po­se, as well as for fur­ther ques­ti­ons regar­ding data pro­tec­tion, you can con­ta­ct us at any time at the address given in the imprint. Fur­ther­mo­re, you have a right of appeal to the respon­si­ble super­vi­so­ry authority.

Ana­ly­sis tools and third-party tools

When you visit our web­site, your sur­fing beha­viour can be sta­tis­ti­cal­ly eva­lua­ted. This is main­ly done with coo­kies and with so-called ana­ly­sis pro­grams. The ana­ly­sis of your sur­fing beha­viour is usual­ly anony­mous; the sur­fing beha­viour can­not be tra­ced back to you. You can object to this ana­ly­sis or pre­vent it by not using cer­tain tools. You will find detail­ed infor­ma­ti­on on this in the fol­lowing data pro­tec­tion declaration.

You can con­tra­dict this ana­ly­sis. We will inform you about the pos­si­bi­li­ties of objec­tion in this pri­va­cy policy.

2. gene­ral notes and com­pul­so­ry information

Data pro­tec­tion

The ope­ra­tors of the­se pages take the pro­tec­tion of your per­so­nal data very serious­ly. We tre­at your per­so­nal data con­fi­den­ti­al­ly and in accordance with the legal data pro­tec­tion regu­la­ti­ons and this data pro­tec­tion declaration.

When you use this web­site, various per­so­nal data is collec­ted. Per­so­nal data is data with which you can be per­so­nal­ly iden­ti­fied. This pri­va­cy poli­cy exp­lains what data we coll­ect and what we use it for. It also exp­lains how and for what pur­po­se this is done.
We would like to point out that data trans­mis­si­on over the Inter­net (e.g. com­mu­ni­ca­ti­on by e-mail) can have secu­ri­ty gaps. A com­ple­te pro­tec­tion of data against access by third par­ties is not possible.

Note on the respon­si­ble body

The per­son respon­si­ble for data pro­ces­sing on this web­site is

Gorgeous Smiling Hotels GmbH Süd­li­che Münch­ner Str. 8 | 82031 Grün­wald
Pho­ne: +49 89 588 0 558 0 | E-Mail: info@gsh-hotels.com

Respon­si­ble par­ty is the natu­ral or legal per­son who, alo­ne or joint­ly with others, deci­des on the pur­po­ses and means of pro­ces­sing per­so­nal data (e.g. names, e-mail addres­ses, etc.).

Revo­ca­ti­on of your con­sent to data processing

Many data pro­ces­sing ope­ra­ti­ons are only pos­si­ble with your express con­sent. You can revo­ke any con­sent alrea­dy given at any time. For this pur­po­se, an infor­mal noti­fi­ca­ti­on by e-mail to us is suf­fi­ci­ent. The lega­li­ty of the data pro­ces­sing car­ri­ed out up to the time of revo­ca­ti­on remains unaf­fec­ted by the revocation.

Right of appeal to the com­pe­tent super­vi­so­ry authority

In the event of vio­la­ti­ons of data pro­tec­tion law, the per­son con­cer­ned has a right of appeal to the com­pe­tent super­vi­so­ry aut­ho­ri­ty. The com­pe­tent super­vi­so­ry aut­ho­ri­ty in mat­ters of data pro­tec­tion law is the Sta­te Data Pro­tec­tion Com­mis­sio­ner of the fede­ral sta­te in which our com­pa­ny is based. A list of the data pro­tec­tion offi­cers and their con­ta­ct details can be found on the fol­lowing link:

https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.

Right to data transferability

You have the right to have data, which we pro­cess auto­ma­ti­cal­ly on the basis of your con­sent or in ful­film­ent of a con­tract, han­ded over to you or to a third par­ty in a com­mon, machine-readable for­mat. If you request the direct trans­fer of the data to ano­t­her respon­si­ble par­ty, this will only take place to the ext­ent that it is tech­ni­cal­ly feasible.

SSL or TLS encryp­ti­on

For secu­ri­ty rea­sons and to pro­tect the trans­mis­si­on of con­fi­den­ti­al con­tent, such as orders or inqui­ries that you send to us as the site ope­ra­tor, this site uses SSL or TLS encryp­ti­on. You can reco­gni­se an encryp­ted con­nec­tion by the fact that the address line of the brow­ser chan­ges from “http://” to “https://” and by the lock sym­bol in your brow­ser line.

If the SSL or TLS encryp­ti­on is acti­va­ted, the data you trans­mit to us can­not be read by third parties.

Encryp­ted pay­ment tran­sac­tions on this website

If the­re is an obli­ga­ti­on to pro­vi­de us with your pay­ment data (e.g. account num­ber for direct debit aut­ho­ri­sa­ti­on) after the con­clu­si­on of a con­tract with cos­ts, this data is requi­red for pay­ment processing.

Pay­ment tran­sac­tions via the usu­al means of pay­ment (Visa/MasterCard, direct debit) are car­ri­ed out exclu­si­ve­ly via an encryp­ted SSL or TLS con­nec­tion. You can reco­gni­se an encryp­ted con­nec­tion by the fact that the address line of the brow­ser chan­ges from “http://” to “https://” and by the lock sym­bol in your brow­ser line.

In the case of encryp­ted com­mu­ni­ca­ti­on, your pay­ment data that you trans­mit to us can­not be read by third parties.

Infor­ma­ti­on, blo­cking, deletion

Wit­hin the frame­work of the app­li­ca­ble legal pro­vi­si­ons, you have the right to obtain infor­ma­ti­on free of char­ge at any time about your stored per­so­nal data, its ori­gin and reci­pi­ents and the pur­po­se of the data pro­ces­sing and, if app­li­ca­ble, a right to cor­rect, block or dele­te this data. For this pur­po­se, as well as for fur­ther ques­ti­ons regar­ding per­so­nal data, you can con­ta­ct us at any time at the address given in the imprint.

Objec­tion to adver­ti­sing mails

We her­eby object to the use of con­ta­ct data publis­hed wit­hin the scope of the imprint obli­ga­ti­on to send adver­ti­sing and infor­ma­ti­on mate­ri­al not express­ly reques­ted. The ope­ra­tors of this web­site express­ly reser­ve the right to take legal action in the event that unso­li­ci­ted adver­ti­sing infor­ma­ti­on is sent, for examp­le by spam e-mails.

3. data pro­tec­tion offi­cer
Data Pro­tec­tion Offi­cer requi­red by law

Sven Rei­nisch

Süd­li­che Münch­ner Str. 8

82031 Grün­wald

Pho­ne: +49 89 588 0 558 0 | E-Mail: privacy@gsh-hotels.com

4. data collec­tion on our website

Coo­kies

The Inter­net pages part­ly use so-called coo­kies. Coo­kies do not dama­ge your com­pu­ter and do not con­tain viru­ses. Coo­kies ser­ve to make our offer more user-friendly, effec­ti­ve and safer. Coo­kies are small text files that are stored on your com­pu­ter and saved by your brow­ser.
Most of the coo­kies we use are so-called “ses­si­on coo­kies”. They are auto­ma­ti­cal­ly dele­ted at the end of your visit. Other coo­kies remain stored on your end device until you dele­te them. The­se coo­kies enab­le us to reco­gni­ze your brow­ser the next time you visit us.
You can set your brow­ser to inform you about the set­ting of coo­kies and to allow coo­kies only in indi­vi­du­al cases, to exclu­de the accep­t­ance of coo­kies for cer­tain cases or in gene­ral, and to acti­va­te the auto­ma­tic dele­ti­on of coo­kies when clo­sing the brow­ser. If you deac­ti­va­te coo­kies, the func­tio­n­a­li­ty of this web­site may be limi­ted.
Coo­kies that are requi­red to car­ry out the elec­tro­nic com­mu­ni­ca­ti­on pro­cess or to pro­vi­de cer­tain func­tions that you have reques­ted (e.g. shop­ping bas­ket func­tion) are stored on the basis of Art. 6 para. 1 lit. f DSGVO. The web­site ope­ra­tor has a legi­ti­ma­te inte­rest in the sto­rage of coo­kies for the tech­ni­cal­ly error-free and opti­mi­sed pro­vi­si­on of his ser­vices. Inso­far as other coo­kies (e.g. coo­kies for ana­ly­sing your sur­fing beha­viour) are stored, the­se are trea­ted sepa­r­ate­ly in this data pro­tec­tion decla­ra­ti­on.
Ser­ver log files

The pro­vi­der of the pages auto­ma­ti­cal­ly coll­ects and stores infor­ma­ti­on in so-called ser­ver log files, which your brow­ser auto­ma­ti­cal­ly trans­mits to us. The­se are:
– Brow­ser type and brow­ser ver­si­on
– Ope­ra­ting sys­tem used
– Refer­rer URL
– Host name of the acces­sing com­pu­ter
– Time of the ser­ver request
 IP address

This data is not mer­ged with other data sources.
The basis for data pro­ces­sing is Art. 6 para. 1 let­ter f DSGVO, which per­mits the pro­ces­sing of data for the ful­film­ent of a con­tract or pre-contractual mea­su­res.
Con­ta­ct form

If you send us enqui­ries via the con­ta­ct form, your details from the enqui­ry form, inclu­ding the con­ta­ct data you pro­vi­de the­re, will be stored by us for the pur­po­se of pro­ces­sing the enqui­ry and in the event of follow-up ques­ti­ons. We will not pass on this data wit­hout your consent.

The pro­ces­sing of the data ent­e­red in the con­ta­ct form is thus exclu­si­ve­ly based on your con­sent (Art. 6 para. 1 lit. a DSGVO). You can revo­ke this con­sent at any time. For this pur­po­se, an infor­mal noti­fi­ca­ti­on by e-mail to us is suf­fi­ci­ent. The lega­li­ty of the data pro­ces­sing ope­ra­ti­ons car­ri­ed out up to the time of revo­ca­ti­on remains unaf­fec­ted by the revocation.

The data you enter in the con­ta­ct form will remain with us until you request us to dele­te it, revo­ke your con­sent for sto­rage or the pur­po­se for which the data was stored no lon­ger app­lies (e.g. after your request has been pro­ces­sed). Man­da­to­ry legal pro­vi­si­ons – in par­ti­cu­lar reten­ti­on peri­ods – remain unaffected.

Regis­tra­ti­on on this website

You can regis­ter on our web­site to use addi­tio­nal fea­tures on the site. We will only use the data ent­e­red for this pur­po­se for the pur­po­se of using the respec­ti­ve offer or ser­vice for which you have regis­tered. The man­da­to­ry data reques­ted during regis­tra­ti­on must be pro­vi­ded in full. Other­wi­se we will refu­se the regis­tra­ti­on.
In the event of important chan­ges, for examp­le in the scope of the offer or tech­ni­cal­ly necessa­ry chan­ges, we will use the e-mail address pro­vi­ded during regis­tra­ti­on to inform you in this way.

The data ent­e­red during regis­tra­ti­on is pro­ces­sed on the basis of your con­sent (Art. 6 para. 1 lit. a DSGVO). You can revo­ke any con­sent you have given at any time. All you need to do is send us an infor­mal noti­fi­ca­ti­on by e-mail. The lega­li­ty of the data pro­ces­sing alrea­dy car­ri­ed out remains unaf­fec­ted by the revo­ca­ti­on.
The data collec­ted during regis­tra­ti­on is stored by us for as long as you are regis­tered on our web­site and is then dele­ted. Legal reten­ti­on peri­ods remain unaffected.

Pro­ces­sing of data (cus­to­mer and con­tract data)

We coll­ect, pro­cess and use per­so­nal data only to the ext­ent that they are necessa­ry for the estab­lish­ment, con­tent or modi­fi­ca­ti­on of the legal rela­ti­ons­hip (inven­to­ry data). This is done on the basis of Art. 6 para. 1 lit. b DSGVO, which per­mits the pro­ces­sing of data for the ful­film­ent of a con­tract or pre-contractual mea­su­res. We coll­ect, pro­cess and use per­so­nal data on the use of our Inter­net pages (usa­ge data) only to the ext­ent necessa­ry to enab­le or char­ge the user for the use of the ser­vice.
The collec­ted cus­to­mer data will be dele­ted after com­ple­ti­on of the order or ter­mi­na­ti­on of the busi­ness rela­ti­ons­hip. Legal reten­ti­on peri­ods remain unaf­fec­ted.
Data trans­mis­si­on upon con­clu­si­on of con­tract for ser­vices and digi­tal con­tents
We only trans­fer per­so­nal data to third par­ties if this is necessa­ry for the exe­cu­ti­on of the con­tract, for examp­le to the cre­dit insti­tu­ti­on com­mis­sio­ned with the pay­ment processing.

A fur­ther trans­mis­si­on of the data does not take place or only if you have express­ly agreed to the trans­mis­si­on. Your data will not be pas­sed on to third par­ties wit­hout your express con­sent, for examp­le for adver­ti­sing pur­po­ses.
The basis for data pro­ces­sing is Art. 6 para. 1 lit. b DSGVO, which per­mits the pro­ces­sing of data for the ful­film­ent of a con­tract or pre-contractual measures.

5. ana­ly­sis tools and advertising

Wor­d­Press Stats
This web­site uses the Wor­d­Press tool Stats to sta­tis­ti­cal­ly eva­lua­te visi­tor access. The pro­vi­der is Auto­mat­tic Inc, 60 29th Street #343, San Fran­cis­co, CA 94110-4929, USA.
Wor­d­Press Stats uses coo­kies, which are stored on your com­pu­ter and allow an ana­ly­sis of the use of the web­site. The infor­ma­ti­on gene­ra­ted by the coo­kies about the use of our web­site is stored on ser­vers in the USA. Your IP address is anony­mi­zed after pro­ces­sing and befo­re saving.

WordPress-Stats” coo­kies remain on your device until you dele­te them.
The sto­rage of “Wor­d­Press Stats” coo­kies is based on Art. 6 para. 1 lit. f DSGVO. The web­site ope­ra­tor has a legi­ti­ma­te inte­rest in the anony­mi­sed ana­ly­sis of user beha­viour in order to opti­mi­se both his web­site and his adver­ti­sing.
You can set your brow­ser to inform you about the set­ting of coo­kies and to allow coo­kies only in indi­vi­du­al cases, to exclu­de the accep­t­ance of coo­kies for cer­tain cases or in gene­ral, and to acti­va­te the auto­ma­tic dele­ti­on of coo­kies when clo­sing the brow­ser. If you deac­ti­va­te coo­kies, the func­tio­n­a­li­ty of our web­site may be limited.

You can object to the collec­tion and use of your data for the future by set­ting an opt-out coo­kie in your brow­ser by cli­cking on this link: https://www.quantcast.com/opt-out/.

If you dele­te the coo­kies on your com­pu­ter, you will have to set the opt-out coo­kie again.

Goog­le reCAP­T­CHA
We use “Goog­le reCAP­T­CHA” (her­ein­af­ter “reCAP­T­CHA”) on our web­sites. The pro­vi­der is Goog­le Inc, 1600 Amphi­theat­re Park­way, Moun­tain View, CA 94043, USA (“Goog­le”).

The pur­po­se of reCAP­T­CHA is to check whe­ther the data input on our web­sites (e.g. in a con­ta­ct form) is done by a human being or by an auto­ma­ted pro­gram. For this pur­po­se, reCAP­T­CHA ana­ly­ses the beha­viour of the web­site visi­tor on the basis of various cha­rac­te­ris­tics. This ana­ly­sis starts auto­ma­ti­cal­ly as soon as the web­site visi­tor enters the web­site. For ana­ly­sis pur­po­ses, reCAP­T­CHA eva­lua­tes various infor­ma­ti­on (e.g. IP address, time spent on the web­site or mou­se move­ments made by the user). The data collec­ted during the ana­ly­sis is for­war­ded to Goog­le.
The reCAP­T­CHA ana­ly­ses run com­ple­te­ly in the back­ground. Web­site visi­tors are not infor­med that an ana­ly­sis is taking place.
The data pro­ces­sing is based on Art. 6 para. 1 lit. f DSGVO. The web­site ope­ra­tor has a legi­ti­ma­te inte­rest in pro­tec­ting his web offers from abu­si­ve auto­ma­ted spy­ing and from SPAM.
Fur­ther infor­ma­ti­on on Goog­le reCAP­T­CHA and the Goog­le pri­va­cy poli­cy can be found in the fol­lowing links:
https://www.google.com/intl/de/policies/privacy/ and https://www.google.com/recaptcha/intro/android.html.

6th News­let­ter

News­let­ter data

If you would like to recei­ve the news­let­ter offe­red on the web­site, we need an e-mail address from you as well as infor­ma­ti­on that allows us to veri­fy that you are the owner of the e-mail address pro­vi­ded and that you agree to recei­ve the news­let­ter. Fur­ther data will not be collec­ted or only on a vol­un­ta­ry basis. We use the­se data exclu­si­ve­ly for sen­ding the reques­ted infor­ma­ti­on and do not pass them on to third par­ties.
The pro­ces­sing of the data ent­e­red in the news­let­ter regis­tra­ti­on form is based exclu­si­ve­ly on your con­sent (Art. 6 para. 1 lit. a DSGVO). You can revo­ke your con­sent to the sto­rage of the data, the e-mail address as well as its use for sen­ding the news­let­ter at any time, for examp­le by using the “unsub­scri­be” link in the news­let­ter. The lega­li­ty of the data pro­ces­sing ope­ra­ti­ons alrea­dy car­ri­ed out remains unaf­fec­ted by the revo­ca­ti­on.
The data you have pro­vi­ded us with for the pur­po­se of sub­scrib­ing to the news­let­ter will be stored by us until you unsub­scri­be from the news­let­ter and dele­ted after you have can­cel­led your sub­scrip­ti­on. Data that has been stored by us for other pur­po­ses (e.g. e-mail addres­ses for the mem­ber area) remains unaf­fec­ted by this.

7. plug­ins and tools

Goog­le Web Fonts
This site uses so-called web fonts, which are pro­vi­ded by Goog­le, for the uni­form dis­play of fonts. When you call up a page, your brow­ser loads the requi­red web fonts into its brow­ser cache in order to dis­play texts and fonts cor­rect­ly.
To do this, the brow­ser you are using must con­nect to Google’s ser­vers. This enab­les Goog­le to know that our web­site has been acces­sed via your IP address. The use of Goog­le Web Fonts is in the inte­rest of a uni­form and attrac­ti­ve pre­sen­ta­ti­on of our online offers. This repres­ents a legi­ti­ma­te inte­rest wit­hin the mea­ning of Art. 6 para. 1 lit. f DSGVO.
If your brow­ser does not sup­port Web Fonts, a stan­dard font from your com­pu­ter will be used. Fur­ther infor­ma­ti­on on Goog­le Web Fonts can be found at https://developers.google.com/fonts/faq and in the Goog­le data pro­tec­tion decla­ra­ti­on: https://www.google.com/policies/privacy/.

This site uses the map ser­vice Goog­le Maps via an API. The pro­vi­der is Goog­le Inc, 1600 Amphi­theat­re Park­way, Moun­tain View, CA 94043, USA.
To use the func­tions of Goog­le Maps it is necessa­ry to store your IP address. This infor­ma­ti­on is usual­ly trans­fer­red to a Goog­le ser­ver in the USA and stored the­re. The pro­vi­der of this site has no influ­ence on this data transfer.

The use of Goog­le Maps is in the inte­rest of an attrac­ti­ve pre­sen­ta­ti­on of our online offers and easy finda­bi­li­ty of the loca­ti­ons we have indi­ca­ted on the web­site. This repres­ents a legi­ti­ma­te inte­rest in the sen­se of Art. 6 Para. 1 lit. f DSGVO.

For more infor­ma­ti­on on how we hand­le user data, plea­se refer to Google’s pri­va­cy poli­cy: https://www.google.de/intl/de/policies/privacy/.