CONTACT:

Corona news

Privacy policy

Basic
Schlosshotel Kassel-Wilhelmshöhe Betriebs GmbH attaches great importance to data protection. The use of our website is possible without any indication of personal data. However, processing of personal data could become necessary if special services are used via our website. We generally obtain the consent of the data subject if there is no legal basis for such processing.
The processing of personal data (for example, the name, address, e-mail address, or telephone number of a data subject) shall always be in line with the country-specific data protection regulations applicable. By means of this data protection declaration, our enterprise would like to inform the public about the nature, scope and purpose of the personal data we process. Furthermore, by means of this data protection declaration, data subjects are informed about the rights to which they are entitled.
We have implemented numerous technical and organizational measures to ensure the most complete protection of personal data. Nevertheless, Internet-based data transmissions can have security gaps, so that absolute protection cannot be guaranteed. For this reason, every data subject is free to transmit personal data to us by alternative means, for example by telephone.
Status November 2020

 

Table of Contents

    I. Name and address of the data controller
    II. contact details of the data protection officer
    III. general information on data processing
    IV. Rights of the data subject
    V. Provision of the website and creation of log files
    VI. use of cookies
    VII. Newsletter
    VIII. email contact
    IX. Contact form
    X. Application by Email
    XI. Hosting
    XII. Plugins used
    XIII. integration of plugins via external service providers



Name and address of the person responsible
The person responsible within the meaning of the General Data Protection Regulation and other national data protection laws of the member states as well as other data protection regulations is:

Schlosshotel Kassel-Wilhelmshöhe Betriebs GmbH
Schlosspark 8
34131 Kassel
Germany
+49 (0) 561/30 88-0
info@schlosshotel-kassel.de
www.schlosshotel-kassel.de

Contact details of the data protection officer
The controller's data protection officer is:
DataCo GmbH
Dachauer Strasse 65
80335 Munich
Germany
+49 89 7400 45840
www.dataguard.de

General information on data processing
1. Scope of processing of personal data
In principle, we only process personal data of our users insofar as this is necessary for the provision of a functional website and our content and services. The processing of personal data of our users takes place regularly only with the consent of the user. An exception applies in those cases in which prior consent cannot be obtained for practical reasons and the processing of the data is required by law.

2. Legal basis for processing personal data
Insofar as we obtain the consent of the data subject for the processing of personal data, Art. 6 Para. 1 S. 1 lit. a EU General Data Protection Regulation (GDPR) serves as the legal basis.

When processing personal data that is required to fulfill a contract to which the data subject is a party, Art. 6 Para. 1 S. 1 lit. b GDPR as the legal basis. This also applies to processing operations that are necessary to carry out pre-contractual measures.

Insofar as the processing of personal data is necessary to fulfill a legal obligation to which our company is subject, Art. 6 Paragraph 1 S. 1 lit. c GDPR as the legal basis.

In the event that vital interests of the data subject or another natural person require the processing of personal data, Art. 6 Para. 1 S. 1 lit. d GDPR as the legal basis.

If processing is necessary to safeguard a legitimate interest of our company or a third party and if the interests, fundamental rights and freedoms of the person concerned do not outweigh the first-mentioned interest, Art. 6 Para. 1 S. 1 lit. f GDPR as the legal basis for processing.

3. Data deletion and storage duration
The personal data of the person concerned will be deleted or blocked as soon as the purpose of storage no longer applies. Storage can also take place if this has been provided for by the European or national legislator in Union regulations, laws or other provisions to which the person responsible is subject. The data will also be blocked or deleted if a storage period prescribed by the standards mentioned expires, unless there is a need for further storage of the data in order to conclude or fulfill a contract.

Rights of the data subject
If your personal data is processed, you are the person concerned within the meaning of the GDPR and you have the following rights vis-à-vis the person responsible:

1. Right to information
You can request confirmation from the person responsible as to whether personal data relating to you is being processed by him. If this is the case, you can request the following information from the person responsible:

  • the purposes for which the personal data are processed;
  • the categories of personal data that are processed;
  • the recipients or the categories of recipients to whom the personal data relating to you have been disclosed or are still being disclosed;
  • the planned duration of the storage of your personal data or, if specific information is not available, criteria for determining the duration of storage;
  • the existence of a right to correction or deletion of your personal data, a right to restrict processing by the controller or a right to object to this processing;
  • the existence of a right of appeal to a supervisory authority;
  • all available information about the origin of the data if the personal data are not collected from the data subject;
  • the existence of automated decision-making including profiling in accordance with Art. 22 Para. 1 and 4 GDPR and at least in these cases - meaningful information about the logic involved and the scope and intended effects of such processing for the person concerned.


You have the right to request information about whether your personal data is being transmitted to a third country or to an international organization. In this context, you can request to be informed about the appropriate guarantees in accordance with. Art. 46 GDPR to be informed in connection with the transfer.

This right to information can be restricted to the extent that it is likely to make the realization of the research or statistical purposes impossible or seriously impaired and the restriction is necessary for the fulfillment of the research or statistical purposes.

2. Right to rectification
You have a right to correction and / or completion vis-à-vis the person responsible if the processed personal data concerning you is incorrect or incomplete. The person responsible must make the correction immediately.

Your right to correction can be limited to the extent that it is likely to make the realization of the research or statistical purposes impossible or seriously impaired and the restriction is necessary for the fulfillment of the research or statistical purposes.

3. Right to restriction of processing
You can request the restriction of the processing of your personal data under the following conditions:

  •  if you dispute the accuracy of the personal data concerning you for a period of time that enables the person responsible to check the accuracy of the personal data;
  • the processing is unlawful and you refuse to delete the personal data and instead request that the use of the personal data be restricted;
  • the controller no longer needs the personal data for processing purposes, but you need them to assert, exercise or defend legal claims, or
  • if you have lodged an objection to the processing in accordance with Art. 21 Paragraph 1 GDPR and it has not yet been determined whether the legitimate reasons of the person responsible outweigh your reasons.


If the processing of your personal data has been restricted, this data - apart from its storage - may only be used with your consent or for the purpose of asserting, exercising or defending legal claims or protecting the rights of another natural or legal person or for reasons of important public interest processed by the Union or a Member State.

Has the processing been restricted according to the above? Restricted requirements, you will be informed by the person responsible before the restriction is lifted.

Your right to restriction of processing can be restricted to the extent that it is likely to make the implementation of the research or statistical purposes impossible or seriously impaired and the restriction is necessary for the fulfillment of the research or statistical purposes.

4. Right to cancellation
a) Obligation to delete
You can demand that the person responsible delete the personal data concerning you immediately, and the person responsible is obliged to delete this data immediately if one of the following reasons applies:

  • The personal data relating to you are no longer necessary for the purposes for which they were collected or otherwise processed.
  • You revoke your consent on which the processing was based according to. Art. 6 para. 1 sentence 1 lit. a or Art. 9 Para. 2 lit. a GDPR, and there is no other legal basis for the processing.
  • According to Art. 21 Para. 1 GDPR objection to the processing and there are no overriding legitimate reasons for the processing, or you object acc. Art. 21 para. 2 GDPR objection to the processing.
  • The personal data concerning you have been processed unlawfully.
  • The deletion of your personal data is necessary to fulfill a legal obligation under Union law or the law of the member states to which the person responsible is subject.
  • The personal data relating to you was collected in relation to the information society services offered in accordance with Art. 8 Paragraph 1 GDPR.


b) Information to third parties
If the person responsible has made the personal data concerning you public and is acc. Art. 17 (1) GDPR is obliged to delete them, he shall take appropriate measures, including technical measures, taking into account the available technology and the implementation costs, to inform those responsible for data processing who process the personal data that you are the data subject You have requested that you delete all links to this personal data or copies or replications of this personal data.

c) Exceptions
The right to deletion does not exist if processing is necessary

  • to exercise the right to freedom of expression and information;
  • to fulfill a legal obligation that requires processing under the law of the Union or of the member states to which the person responsible is subject, or to perform a task that is in the public interest or in the exercise of official authority that has been transferred to the person responsible;
  • for reasons of public interest in the area of ??public health in accordance with Art. 9 Para. 2 lit. h and i as well as Art. 9 Para. 3 GDPR;
  • for archiving purposes in the public interest, scientific or historical research purposes or for statistical purposes acc. Art. 89 para. 1 GDPR, insofar as the right mentioned under section a) is likely to make the realization of the objectives of this processing impossible or seriously impair it, or
  • for the establishment, exercise or defense of legal claims.


5. Right to be informed
If you have asserted the right to correction, deletion or restriction of processing against the person responsible, the person responsible is obliged to inform all recipients to whom the personal data concerning you have been disclosed of this correction or deletion of the data or restriction of processing, unless this turns out to be impossible or involves a disproportionate effort.

You have the right to be informed about these recipients by the person responsible.   

6. Right to data portability
You have the right to receive the personal data concerning you, which you have provided to the person responsible, in a structured, common and machine-readable format. You also have the right to transfer this data to another person responsible without hindrance from the person responsible to whom the personal data was provided, provided that

  • the processing is based on consent in accordance with. Art. 6 para. 1 sentence 1 lit. a GDPR or Art. 9 Para. 2 lit. a GDPR or on a contract according to. Art. 6 para. 1 sentence 1 lit. b GDPR is based and
  • the processing is carried out using automated procedures.


In exercising this right, you also have the right to have the personal data relating to you transmitted directly from one person in charge to another person in charge, insofar as this is technically feasible. This must not impair the freedoms and rights of other people.

The right to data portability does not apply to the processing of personal data that is necessary for the performance of a task that is in the public interest or takes place in the exercise of official authority that has been transferred to the person responsible.

7. Right to Object
You have the right, for reasons that arise from your particular situation, to object at any time to the processing of your personal data, which is based on Art. 6 Para. 1 S. 1 lit. e or f DSGVO takes place to object; this also applies to profiling based on these provisions.

The person responsible will no longer process the personal data concerning you unless he can prove compelling legitimate reasons for the processing that outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.

If the personal data concerning you are processed in order to operate direct mail, you have the right to object at any time to the processing of the personal data concerning you for the purpose of such advertising; this also applies to profiling insofar as it is connected to such direct advertising.

If you object to processing for direct marketing purposes, your personal data will no longer be processed for these purposes.

In connection with the use of information society services - regardless of Directive 2002/58 / EC - you have the option of exercising your right of objection by means of automated procedures that use technical specifications.

You also have the right, for reasons arising from your particular situation, to object to the processing of personal data concerning you for scientific or historical research purposes or for statistical purposes in accordance with. Art. 89 Para. 1 GDPR to contradict this.

Your right of objection can be restricted to the extent that it is likely to make the realization of the research or statistical purposes impossible or seriously impair it and the restriction is necessary for the fulfillment of the research or statistical purposes.

8. Right to revoke the declaration of consent under data protection law
You have the right to withdraw your declaration of consent under data protection law at any time. Withdrawing your consent does not affect the legality of the processing carried out on the basis of your consent up to the point of withdrawal.

9. Automated decision in individual cases including profiling
You have the right not to be subject to a decision based solely on automated processing - including profiling - which has legal effects on you or which significantly affects you in a similar manner. This does not apply if the decision

  • is necessary for the conclusion or performance of a contract between you and the person responsible,
  • is permissible on the basis of Union or Member State legislation to which the controller is subject and this legislation contains appropriate measures to safeguard your rights and freedoms and your legitimate interests, or
  • takes place with your express consent.


However, these decisions may not be based on special categories of personal data according to Art. 9 Para. 1 GDPR, unless Art. 9 Para. 2 lit. a or b GDPR applies and appropriate measures have been taken to protect your rights and freedoms and your legitimate interests.

With regard to the cases mentioned in 1 and 3, the person responsible shall take appropriate measures to safeguard the rights and freedoms as well as your legitimate interests, including at least the right to obtain intervention by a person on the part of the person responsible, to express their own point of view and to challenge belongs to the decision.
   
10. Right to complain to a supervisory authority
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the member state of your place of residence, your place of work or the place of the alleged infringement, if you are of the opinion that the processing of your personal data is against violates the GDPR.

The supervisory authority to which the complaint was submitted informs the complainant about the status and the results of the complaint, including the possibility of a judicial remedy according to Art. 78 GDPR.

Provision of the website and creation of the log files
1. Description and scope of data processing
Every time our website is accessed, our system automatically collects data and information from the computer system of the calling computer.
The following data is collected:

  •  
  • Information about the browser type and the version used
  • The user's operating system
  • The user's internet service provider
  • The user's IP address
  • Date and time of access
  • Websites from which the user's system reached our website
  • Websites that are accessed by the user's system via our website


This data is stored in the log files of our system. This data is not stored together with other personal data of the user.

2. Purpose of data processing
The temporary storage of the IP address by the system is necessary to enable the website to be delivered to the user's computer. To do this, the user's IP address must be saved for the duration of the session.           

The storage in log files takes place to ensure the functionality of the website. In addition, we use the data to optimize the website and to ensure the security of our information technology systems. An evaluation of the data for marketing purposes does not take place in this context.

Our legitimate interest in data processing in accordance with Art. 6 Paragraph 1 S. 1 lit. f GDPR.

3. Legal basis for data processing
The legal basis for the temporary storage of the data and the log files is Art. 6 Para. 1 S. 1 lit. f GDPR.

4. Duration of storage
The data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected. In the case of the collection of data for the provision of the website, this is the case when the respective session has ended.

If the data is stored in log files, this is the case after seven days at the latest. Any further storage is possible. In this case, the IP addresses of the users are deleted or alienated so that it is no longer possible to assign the accessing client.

5. Opposition and removal option
The collection of the data for the provision of the website and the storage of the data in log files is essential for the operation of the website. There is consequently no possibility of objection on the part of the user.

Use of cookies
1. Description and scope of data processing
Our website uses cookies. Cookies are text files that are stored in the internet browser or by the internet browser on the user's computer system. When a user calls up a website, a cookie can be stored on the user's operating system. This cookie contains a characteristic string of characters that enables the browser to be clearly identified when the website is accessed again.

We use cookies to make our website more user-friendly. Some elements of our website require that the calling browser can also be identified after changing pages.

The following data is stored and transmitted in the cookies:

  • language settings
  • Log-in information


We also use cookies on our website that enable an analysis of the surfing behavior of the users.

In this way, the following data can be transmitted:
The user data collected in this way is pseudonymised by technical precautions. It is therefore no longer possible to assign the data to the calling user. The data is not stored together with other personal data of the user.

2. Purpose of data processing
The purpose of using technically necessary cookies is to simplify the use of websites for users. Some functions of our website cannot be offered without the use of cookies. For this it is necessary that the browser is recognized even after changing pages.

We need cookies for the following applications:

  • Acceptance of language settings
  • Session cookies type3, confirmation of the cookie banner, booking via third party providers


The user data collected by technically necessary cookies are not used to create user profiles.

The analysis cookies are used for the purpose of improving the quality of our website and its content. The analysis cookies tell us how the website is used and so we can continuously optimize our offer.

PIWIK
3. Legal basis for data processing

The legal basis for the processing of personal data using cookies is Art. 6 Para. 1 S. 1 lit. a GDPR.

The legal basis for the processing of personal data using technically necessary cookies is Art. 6 Para. 1 S. 1 lit. f GDPR.

4. Duration of storage, possibility of objection and removal
Cookies are stored on the user's computer and transmitted to our website from there. As a user, you therefore have full control over the use of cookies. You can deactivate or restrict the transmission of cookies by changing the settings in your Internet browser. Cookies that have already been saved can be deleted at any time. This can also be done automatically. If cookies are deactivated for our website, it is possible that not all functions of the website can be used in full.

If you use a Safari browser version 12.1 or higher, cookies are automatically deleted after seven days. This also applies to opt-out cookies that are set to prevent tracking measures.

Newsletter
1. Description and scope of data processing

You can subscribe to a free newsletter on our website. When registering for the newsletter, the data from the input mask is transmitted to us.

 

  • E-mail address
  • Surname
  • First name
  • gender


In connection with data processing for sending newsletters, the data is not passed on to third parties. The data will only be used to send the newsletter.

2. Purpose of data processing
The collection of the user's email address is used to deliver the newsletter.

The collection of other personal data during the registration process serves to prevent misuse of the services or the email address used.

3. Legal basis for data processing
The legal basis for processing the data after the user has registered for the newsletter is Art. 6 Para. 1 S. 1 lit. a GDPR.

4. Duration of storage
The data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected. The user's email address is therefore stored as long as the subscription to the newsletter is active.

The other personal data collected during the registration process are usually deleted after a period of seven days.

5. Opposition and removal option
The user concerned can cancel the subscription to the newsletter at any time. There is a corresponding link in every newsletter for this purpose.

This also enables you to revoke your consent to the storage of the personal data collected during the registration process.

E-mail contact
1. Description and scope of data processing

You can contact us via the email address provided on our website. In this case, the user's personal data transmitted with the email will be saved. The data will only be used to process the conversation.

2. Purpose of data processing
In the event of contact being made by email, there is also the necessary legitimate interest in processing the data.

3. Legal basis for data processing
The legal basis for processing the data is Art. 6 Para. 1 lit. a GDPR.

The legal basis for the processing of the data that is transmitted in the course of sending an email is Art. 6 Para. 1 lit. f GDPR. If the aim of the email contact is to conclude a contract, the additional legal basis for processing is Art. 6 Para. 1 lit. b GDPR.

4. Duration of storage
The data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected. For the personal data sent by email, this is the case when the respective conversation with the user has ended. The conversation is ended when it can be inferred from the circumstances that the matter in question has been finally clarified.

The additional personal data collected during the sending process will be deleted after a period of seven days at the latest.

5. Opposition and removal option
The user has the option of revoking his consent to the processing of personal data at any time. If the user contacts us by email, he can object to the storage of his personal data at any time. In such a case, the conversation cannot be continued.

If you no longer want to receive this email, you can unsubscribe in the newsletter.

In this case, all personal data stored in the course of contacting us will be deleted.

contact form
1. Description and scope of data processing
A contact form is available on our website that can be used to contact us electronically. If a user makes use of this option, the data entered in the input mask will be transmitted to us and saved.

When the message is sent, the following data is saved:

  • E-mail address
  • Surname
  • First name
  • IP address of the calling computer
  • Date and time of contact
  • gender


Your consent is obtained for the processing of the data during the sending process and reference is made to this data protection declaration.

Alternatively, you can contact us using the email address provided. In this case, the user's personal data transmitted with the email will be saved.

The data will only be used to process the conversation.

2. Purpose of data processing
We only process the personal data from the input mask to process the contact. In the event of contact being made by email, there is also the necessary legitimate interest in processing the data.

The other personal data processed during the sending process serve to prevent misuse of the contact form and to ensure the security of our information technology systems.

3. Legal basis for data processing
If the user has given his / her consent, the legal basis for processing the data is Art. 6 Para. 1 S. 1 lit. a GDPR.

The legal basis for the processing of the data that is transmitted in the course of sending an email is Art. 6 Para. 1 S. 1 lit. f GDPR. If the aim of the email contact is to conclude a contract, the additional legal basis for processing is Art. 6 Para. 1 S. 1 lit. b GDPR.

4. Duration of storage
The data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected. For the personal data from the input mask of the contact form and those that were sent by email, this is the case when the respective conversation with the user has ended. The conversation is ended when it can be inferred from the circumstances that the matter in question has been finally clarified.

The additional personal data collected during the sending process will be deleted after a period of seven days at the latest.

5. Opposition and removal option
The user has the option to revoke his consent to the processing of personal data at any time. If the user contacts us by email, he can object to the storage of his personal data at any time. In such a case, the conversation cannot be continued.

If you no longer want to receive this e-mail, you can unsubscribe in the newsletter.

In this case, all personal data stored in the course of contacting us will be deleted.

Application by email
1. Scope of processing of personal data
You can send us your application by email. We record your email address and the data you provided in the email.

2. Purpose of data processing
The processing of the personal data from your application email serves us only to process your application.

3. Legal basis for data processing
The legal basis for the processing of your data is the contract initiation which takes place at the request of the data subject, Art. 6 Para. 1 S.1 lit. b alt. 1 GDPR and Section 26 Paragraph 1 Sentence 1 BDSG.

4. Duration of storage
After the application process has been completed, the data will be stored for up to two months. Your data will be deleted at the latest after the two months have elapsed. In the event of a legal obligation, the data will be stored in accordance with the applicable provisions.

5. Opposition and removal option
The applicant has the option to object to the processing of personal data at any time. In such a case, the application can no longer be considered.

If you want to change / delete your data after an application process, please send us your message to info@schlosshotel-kassel.de

In this case, all personal data saved in the course of the electronic application will be deleted.

Hosting
The website is hosted on servers by a service provider commissioned by us.

Our service provider is:
Host Europe GmbH, Hansestraße 111, 51149 Cologne, Germany

The servers automatically collect and save information in so-called server log files, which your browser automatically transmits when you visit the website. The information stored is:

  • Browser type and browser version
  • Operating system used
  • Referrer URL
  • Host name of the accessing computer
  • Date and time of the server request
  • IP address


This data will not be merged with other data sources. This data is collected on the basis of Art. 6 Para. 1 lit. f GDPR. The website operator has a legitimate interest in the technically error-free presentation and optimization of his website - the server log files must be recorded for this.

The geographical location of the server of the website is in Germany.

Used plugins
We use plugins for various purposes. The plugins used are listed below:

Use of Matomo
1. Scope of processing of personal data
We use the open source tracking tool Matomo (https://matomo.org/) to analyze the surfing behavior of our users. Matomo places a cookie on your computer. This allows personal data to be saved and evaluated, especially the activity of the user (in particular which pages have been visited and which elements have been clicked on), device and browser information (in particular the IP address and the operating system), data about the displayed advertisements (in particular which advertisements were displayed and whether the user clicked on them) and also data from advertising partners (in particular pseudonymised user IDs).
The software is set in such a way that the IP addresses are not completely saved, but 2 bytes of the IP address are masked for anonymization (e.g. 192.168.xxx.xxx). In this way, it is no longer possible to assign the shortened IP address to the calling computer. The data is stored in our MySQL database, logs or report data are not sent to Matomo servers.
Further information on the processing of data by Matomo is available here: matomo.org/privacy-policy/

2. Purpose of data processing
The processing of the personal data of the users enables us to analyze the surfing behavior of our users. By evaluating the data obtained, we are able to compile information about the use of the individual components of our online presence. This helps us to continuously improve our online presence and its user-friendliness.

3. Legal basis for the processing of personal data
The legal basis for the processing of the personal data of the users is the consent of the user according to Art. 6 Para. 1 S.1 lit. a GDPR.

4. Duration of storage
Your personal information will be stored for as long as it is necessary to fulfill the purposes described in this data protection declaration or as required by law, e.g. for tax and accounting purposes.

5. Possibility of revocation and removal
You have the right to withdraw your declaration of consent under data protection law at any time. Withdrawing your consent does not affect the legality of the processing carried out on the basis of your consent up to the point of withdrawal.
You can prevent Matomo from collecting and processing your personal data by preventing third-party cookies from being stored on your computer, using the "Do Not Track" function of a supporting browser, and deactivating the execution of script code in your browser or a script blocker such as Install NoScript (https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.
With the following link you can deactivate the processing of your personal data by Matomo: matomo.org/privacy-policy/
You can find more information on options for objection and removal from Matomo at: matomo.org/privacy-policy/

Integration of plugins via external service providers
1. Description and scope of data processing
We integrate certain plugins on our website via external service providers in the form of content delivery networks. When you visit our website, a connection is established to the servers of the providers we use to retrieve content and store it in the user's browser's cache. This allows personal data to be saved and evaluated in server log files, especially device and browser information (in particular the IP address and the operating system). We use the following services: Booking Viactors

2. Purpose of data processing
The use of the functions of these services serves to deliver and accelerate online applications and content.

3. Legal basis for data processing
This data is collected on the basis of Art. 6 Paragraph 1 lit. f GDPR. The website operator has a legitimate interest in the technically error-free presentation and optimization of his website.

4. Duration of storage
Your personal information will be stored for as long as is necessary to fulfill the purposes described in this data protection declaration or as required by law.

5. Opposition and removal option

This data protection declaration was created with the support of DataGuard.

HOTELCLASS / DEHOGA German hotel classification
This page integrates a HOTELCLASS widget for displaying the current star category of a hotel. The provider is DEHOGA Deutsche Hotelklassifikation GmbH, Am Weidendamm 1A, 10117 Berlin, Germany (https://hotelclass.info/imprint.php). Guests can see at first glance that a hotel has been classified in a binding manner and complies with the official guidelines of the German hotel classification. The widget automatically pulls the current data from the classification database and thus provides reliable information about the current star category of a hotel. To use the functions of the HOTELCLASS widget, your IP address, the time, the specific page and the user are necessary Save agent. This information is usually transmitted to a server operated by MINDSTREAM - Christian Klar, Maria-Theresien-Straße 21, 6020 Innsbruck at the Data Center Park Falkenstein location and stored there. The provider of this site has no influence on this data transfer. The HOTELCLASS widget is used in the interest of presenting the stars of the German hotel classification awarded on HOTELCLASS. This represents a legitimate interest within the meaning of Art. 6 Para. 1 lit. f GDPR. You can find more information on handling user data at HOTELCLASS / DEHOGA Deutsche Hotelklassifikation GmbH in the HOTELCLASS data protection declaration: hotelclass.info/privacyPolicy.php


Privacy policy Facebook fan page


I. PRINCIPLES

1. Joint controllers for the processing of personal data
The purposes and means of processing personal data when you visit our Facebook page www.facebook.com/schlosshotelkassel ("Facebook page") are operated by Schlosshotel Kassel-Wilhelmshöhe Betriebs GmbH, Am Schlosspark 8, 34131 Kassel, Germany ("Schlosshotel Kassel-Wilhelmshöhe Betriebs GmbH")
and Facebook Ireland Ltd. ("Facebook") jointly defined within the meaning of Art. 26 EU General Data Protection Regulation (GDPR). This results from the fact that Schlosshotel Kassel-Wilhelmshöhe Betriebs GmbH, as the operator of the Facebook page, by setting up such a page gives Facebook the opportunity to use the computer or any other device of the person who visits the Facebook page ("visitor"), To place cookies, regardless of whether the visitor has a Facebook account.

As part of its joint responsibility, Facebook assumes primary responsibility for processing Insights data in accordance with the GDPR and fulfills all of the obligations under the GDPR with regard to processing Insights data (including Articles 12 and 13 GDPR, Articles 15 to 22 GDPR and Article 32 to 34 GDPR). In addition, Facebook makes the essentials of this page insights supplement available to the persons concerned (the corresponding “Page Insights Controller Addendum” can be found here: www.facebook.com/legal/terms/page_controller_addendum).
Below you will find a description of the handling of personal data by Schlosshotel Kassel-Wilhelmshöhe Betriebs GmbH and Facebook when you visit the Facebook page. Since Schlosshotel Kassel-Wilhelmshöhe Betriebs GmbH has generally or largely no influence on the data collected by Facebook and its processing by Facebook, we are currently unable to provide any final information on the purpose and scope of the processing of your data by Facebook. However, we will monitor further developments in this regard and adjust this data protection declaration accordingly if necessary.

We would like to point out that you use this Facebook page and its functions at your own risk. This applies in particular to the use of the interactive functions (especially commenting, sharing, rating).

2. Name and address of those jointly responsible

a) The primary responsible person is:

Facebook
Facebook Ireland Ltd.
4 Grand Canal Square
Grand Canal Harbor
Dublin 2 Ireland

b) Another person responsible is:


Schlosshotel Kassel-Wilhelmshöhe Betriebs GmbH
Am Schlosspark 8
34131 Kassel
Germany
Tel .: +49 (0) 561/30 88-0
Email: info@schlosshotel-kassel.de
Website: www.schlosshotel-kassel.de

3. Contact options for the data protection officer of the primarily responsible Facebook
You can contact the data protection officer of the primarily responsible Facebook under the following link:
www.facebook.com/help/contact/540977946302970

4. Name and address of the data protection officer of the further responsible person
You can contact the data protection officer of the further responsible Schlosshotel Kassel-Wilhelmshöhe Betriebs GmbH to 2.b) at:

DataCo GmbH
Dachauer Str. 65
80335 München
Deutschland
+49 89 7400 45840

 5. Legal basis for processing personal data
Insofar as the consent of the data subject is obtained for the processing of personal data, Art. 6 Para. 1 S.1 lit. a (GDPR) as the legal basis for the processing of personal data.
When processing personal data that is necessary for the performance of a contract to which the data subject is a party, Article 6 (1) sentence 1 lit. b GDPR as the legal basis. This also applies to processing operations that are necessary to carry out pre-contractual measures.
Insofar as the processing of personal data is necessary to fulfill a legal obligation to which Schlosshotel Kassel-Wilhelmshöhe Betriebs GmbH or Facebook is subject, Art. 6 Paragraph 1 Clause 1 lit. c GDPR as the legal basis.

In the event that vital interests of the data subject or another natural person require the processing of personal data, Art. 6 Para. 1 S.1 lit. d GDPR as the legal basis.
If processing is necessary to safeguard a legitimate interest of Schlosshotel Kassel-Wilhelmshöhe Betriebs GmbH, Facebook or a third party and if the interests, fundamental rights and freedoms of the person concerned do not outweigh the first-mentioned interest, Article 6 (1) sentence 1 lit. f GDPR as the legal basis for processing.

6. Opposition and removal option
The visitor has the option to revoke his consent to the processing of personal data at any time (see also rights of data subjects). If the visitor contacts us by e-mail, he can object to the storage of his personal data at any time.

The collection of the data for the provision of the Facebook page and the storage of the data in log files is essential for the operation of the Facebook page. There is consequently no possibility of objection on the part of the visitor.

7. Data Subject Rights
If your personal data is processed, you are the person concerned within the meaning of the GDPR and you have the following rights vis-à-vis those responsible:
Right to information about the personal data stored by Schlosshotel Kassel-Wilhelmshöhe Betriebs GmbH or Facebook;

Right to correction, deletion or restriction of the processing of your personal data;
Right to object to processing that serves the legitimate interest of Schlosshotel Kassel-Wilhelmshöhe Betriebs GmbH or Facebook, a public interest or profiling, unless Schlosshotel Kassel-Wilhelmshöhe Betriebs GmbH or Facebook can prove compelling legitimate reasons for processing, which outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims;
Right to data portability;
Right to complain to a supervisory authority;
Right to revoke your consent to the collection, processing and use of your personal data at any time with effect for the future.
If you would like to make use of your rights, you can address your request to Schlosshotel Kassel-Wilhelmshöhe Betriebs GmbH as well as Facebook. You can use the contact options listed above, for example. If you contact us, we will forward your request to Facebook if it concerns questions regarding the processing of Insights data. Facebook will answer inquiries in accordance with the obligations incumbent on us according to the Page Insights supplement.
 
II. PROCESSING OF PERSONAL DATA BY Schlosshotel Kassel-Wilhelmshöhe Betriebs GmbH

1. Purpose of data processing
Schlosshotel Kassel-Wilhelmshöhe Betriebs GmbH maintains an online presence within social networks in order to communicate with interested parties and users active there and to inform them about our products, events and news.
When you visit our Facebook page (regardless of whether you are logged into your Facebook account or not), your browser transmits certain data for technical reasons to the web server for which Facebook is responsible. In addition, so-called “cookies” are used by Facebook. Cookies are small text files that are stored in the memory of your device via your browser. Cookies set by Facebook are intended, among other things, to enable Schlosshotel Kassel-Wilhelmshöhe Betriebs GmbH, as the operator of the Facebook page, to receive statistics that Facebook creates based on visits to this page for the purpose of controlling the marketing of our activities.

2. Description and scope of data processing
As the operator of the Facebook page, Schlosshotel Kassel-Wilhelmshöhe Betriebs GmbH can use the Facebook Page Insights function, which Facebook makes available to us free of charge as an indispensable part of the user relationship, to receive anonymized statistical data on the visitors to our Facebook page. This data is collected with the help of the cookies set by Facebook, which each contain a unique user code and which Facebook stores on the visitor's device. The user code, which can be linked to the login data of those users who are registered with Facebook, is collected and processed when the Facebook page is accessed.

In particular, the fan page operator can receive demographic data provided by Facebook about his target group - and thus the processing of this data - so u. a. Trends in the areas of age, gender, relationship status and professional situation, information about the lifestyle and interests of his target group and information about the purchases and online buying behavior of visitors to his site, the categories of goods or services that interest them most, as well as geographical data that informs him where special promotions are to be carried out or events to be organized and, in general, enable him to make his information offer as targeted as possible.
Although the visitor statistics created by Facebook are only transmitted in anonymised form to Schlosshotel Kassel-Wilhelmshöhe Betriebs GmbH as the operator of the Facebook page, the creation of these statistics is based on the previous survey - through the cookies placed by Facebook on the visitor's device - and the processing of the personal data of these visitors for these statistical purposes. For more information on Facebook Page Insights, visit:
www.facebook.com/legal/terms/information_about_page_insights_data
de-de.facebook.com/help/pages/insights
Data on the Facebook groups linked to our Facebook page are also provided in this way. Due to the constant development of Facebook, the availability and the preparation of the data changes, so that we refer to the corresponding data protection information from Facebook mentioned in the previous paragraph and below under "PROCESSING OF PERSONAL DATA BY FACEBOOK" for further details.
We use this data, available in aggregated form, to make our posts and activities on our Facebook page more attractive for users. For example, we use the distribution by age and gender for an adapted approach and the preferred visiting times of the users for a time-optimized planning of our contributions. Information about the type of end devices used by visitors helps us to adapt the posts to them in terms of visual design. In accordance with the Facebook terms of use, which each user has agreed to when creating a Facebook profile, we can identify the subscribers and fans of the site and view their profiles and other information shared by them.
In addition to this automatically collected anonymized data, we also process the data that you voluntarily provide us with, e.g. B. have provided comments on posts or contacts.
If you click on the link www.schlosshotel-kassel.de/top/datenschutz/ (you are currently on this page), which is set on the Facebook fan page of Schlosshotel Kassel-Wilhelmshöhe Betriebs GmbH, you will reach a Sub-page of the Schlosshotel Kassel-Wilhelmshöhe Betriebs GmbH website. Personal data is also processed on this page. You can find the data protection declaration relevant for these pages here: www.schlosshotel-kassel.de/top/datenschutz/

3. Data deletion and storage duration
Personal data will be deleted or blocked as soon as the purpose of storage no longer applies. Storage may also be necessary if this has been provided for by the European or national legislator in Union regulations, laws or other provisions to which Schlosshotel Kassel-Wilhelmshöhe Betriebs GmbH is subject. The data will also be blocked or deleted if a storage period prescribed by the standards mentioned expires, unless there is a need for further storage of the data in order to conclude or fulfill a contract.

III. PROCESSING OF PERSONAL DATA BY FACEBOOK

How Facebook uses the data from visiting Facebook pages for its own purposes, to what extent activities on the Facebook page are assigned to individual users, how long Facebook stores this data and whether data from a visit to the Facebook page is passed on to third parties are passed on is not named conclusively and clearly by Facebook and is not fully known to us. However, we will monitor further developments in this regard and adjust this data protection declaration accordingly if necessary. The following information is based on information publicly provided by Facebook regarding the processing of personal data when using Facebook products.

1. Purpose of data processing

Facebook processes personal data of visitors according to its own information for the following purposes:

For more information on Facebook's data processing purposes, please see Facebook's data policy: en-de.facebook.com/policy.php
Further information on the purposes of data processing by Facebook can be found in the Facebook data policy: de-de.facebook.com/policy.php
Further information on the legitimate interests of Facebook with regard to the processing of personal data can be found here: www.facebook.com/about/privacy/legal_bases
When you visit our Facebook page (regardless of whether you are logged into your Facebook account or not), your browser transmits certain data for technical reasons to the web server for which Facebook is responsible. In addition, “cookies” are used by Facebook. Among other things, Facebook uses cookies to provide Schlosshotel Kassel-Wilhelmshöhe Betriebs GmbH, as the operator of the Facebook page, with statistics for the purpose of controlling the marketing of our activities. Further information on the use of cookies by Facebook can be found in the Facebook cookie policy: de-de.facebook.com/policies/cookies/

2. Description and scope of data processing
a) What types of information does Facebook process?
In order to provide Facebook products, it is necessary for Facebook to process information about visitors. The types of information Facebook collects depends on how the visitor uses Facebook products. The following information can be processed by Facebook:
Things made and provided by visitors and others such as Information about how the visitor uses the Facebook products, information about transactions carried out on Facebook products or information about the people, pages, accounts, hashtags and groups with which the visitor is connected.
Device information such as Device attributes, identifiers, network and connections as well as cookie data.
Information from partners, according to which advertisers, app developers and publishers Facebook about the Facebook business tools they use, etc. a. the social plugins (such as the "Like" button), Facebook login or the Facebook pixel can send information. These partners provide Facebook with information about the visitor's activities outside of Facebook.
In addition, Facebook uses cookies that are set on the visitor's device when the Facebook page is called up, regardless of whether the visitor is logged into their Facebook account or not. In addition, Facebook also processes the information stored in the cookies when a person visits the Facebook services, services that are provided by other members of the Facebook group of companies, and services that are provided by other companies that use the Facebook services . In addition, other bodies such as Facebook partners and other third parties on Facebook services can use cookies to provide services to Facebook or the companies advertising on Facebook. Further information on the use of cookies by Facebook can be found in the Facebook cookie policy: de-de.facebook.com/policies/cookies/
When you access a Facebook page, the IP address assigned to your device is transmitted to Facebook. According to information from Facebook, this IP address is anonymized (for "German" IP addresses) and deleted after 90 days. In addition, Facebook saves information about its users' end devices (in particular within the scope of the “registration notification” function); If necessary, Facebook is able to assign IP addresses to individual users.
If you want to avoid this, you should log out of Facebook or deactivate the "stay logged in" function, delete the cookies on your device and close and restart your browser This allows you to use our Facebook page without revealing your Facebook ID. When you access interactive functions of the page (like, comment, share, news, etc.), a Facebook login screen appears. After you have logged in, you are again recognizable for Facebook as a specific user.
Information on how to manage or delete existing information about you can be found on the following Facebook support pages: de-de.facebook.com/about/privacy.
For more information on the types of information that Facebook processes, see the Facebook data policy: de-de.facebook.com/policy.php

b)

How is the information Facebook processes shared with others?

Facebook works with third-party partners who help Facebook provide and improve its products or who use Facebook business tools to help Facebook grow its business. In doing so, information may be shared by Facebook with the following third party partners:

For more information about the data Facebook may share with third party partners, please see the Facebook Data Policy: en-en.facebook.com/policy.php.
 

c) How does Facebook process and transfer data as part of its global services?

Facebook shares information globally, both internally between Facebook companies and externally with its partners, as well as with those individuals or organizations that the visitor connects with and shares with around the world. In the process, data may also be transferred to and processed in the United States or other third countries that do not have an adequate level of data protection. In this regard, Facebook uses standard contractual clauses approved by the European Commission or relies on adequacy decisions issued by the European Commission regarding certain countries.

Facebook Inc, the U.S. parent company of Facebook is certified under the EU-U.S. Privacy Shield, providing a commitment to adhere to European data protection guidelines. More information on Facebook's Privacy Shield status is available here: www.privacyshield.gov/participant

Further information on data transfers by Facebook can be found in the Facebook Data Policy: de-de.facebook.com/policy.php

3. Data deletion and storage duration
Facebook stores data until it is no longer needed to provide its services and Facebook products, or until the user's Facebook account is deleted, whichever comes first. This is a case-by-case determination and depends on things like the type of data, why it is being collected and processed, and the relevant legal or operational storage needs.
Further information on data deletion and storage duration can be found in the Facebook data policy: de-de.facebook.com/policy.php
With regard to the storage duration of cookies set by Facebook, you can find further information in the Facebook cookie policy: de-de.facebook.com/policies/cookies/
This data protection declaration was created with the support of DataGuard.

PDF-Datei zur Informationspflicht nach Art. 13 DSGVO

 

  • Bereitstellung, Personalisierung und Verbesserung der Facebook-Produkte;
  • Bereitstellung von Messungen, Analysen und sonstigen Facebook-Services;
  • Förderung von Schutz, Integrität und Sicherheit;
  • Kommunikation mit Facebook-Nutzern;
  • Forschung und Innovation für soziale Zwecke.
  • Partner, die Facebook Analysedienste nutzen;
  • Werbetreibende;
  • Partner für Messungen;
  • Partner, die Waren und Dienstleistungen in Facebook-Produkten anbieten;
  • Anbieter und Dienstleister;
  • Forscher und Wissenschaftler;
  • Strafverfolgungs - bzw. Vollstreckungsbehörden oder rechtliche Anfragen.Providing measurement, analytics, and other Facebook services;
  • Promoting privacy, integrity and security;
  • Communicating with Facebook users;
  • Research and innovation for social good.
  • Partners using Facebook analytics services;
  • Advertisers;
  • Measurement partners;
  • Partners offering goods and services in Facebook products;
  • Vendors and service providers;
  • Researchers and scientists;
  • Law enforcement or enforcement agencies or legal inquiries.
     

This cookie policy was created and updated by CookieFirst.com.

Updated: 22/07/2020 04:25

 

Was sind Cookies?

Cookies and similar technologies are very small text documents or pieces of code that often contain a unique identification code. When you visit a website or use a mobile application, a computer asks your computer or mobile device for permission to store this file on your computer or mobile device and access information. Information collected through cookies and similar technologies may include the date and time of your visit and how you use a particular website or mobile application.
 

Why do we use cookies?

Cookies ensure that you remain logged in during your visit to our online store, all items in your shopping cart remain saved, you can shop safely and the website continues to function smoothly. The cookies also ensure that we can see how our website is used and how we can improve it. In addition, depending on your preferences, our own cookies may be used to present you with targeted advertising that matches your personal interests.
 

What kind of cookies do we use?

Necessary cookies

These cookies are necessary for the website to function properly. Some of the following actions can be performed with these cookies:- Save items in a shopping cart for online purchases - Save your cookie preferences for this website - Save language preferences - Log in to our portal. We need to verify that you are logged in.

 



This cookie policy has been created and updated by CookieFirst.com.

© Schlosshotel Bad Wilhelmshöhe Conference & SPA 2023 | Webdesign by 3-iQ Werbeagentur