Data Privacy
§ 1 Information about the collection of personal data
(1) General information
We are pleased about your interest in our website. The protection of your personal data when you visit our homepage is particularly important to our management. With the following information we give you an overview of how we process your personal data and your data protection rights. Personal data is all data that can be personally related to you, e.g. E.g. name, address, email addresses, user behavior.
If a data subject wishes to use our company's special services via our website, such as: B. our contact form, processing of personal data could become necessary. If the processing of personal data is necessary and there is no legal basis for such processing, we generally obtain the consent of the data subject. Processing is always carried out in accordance with the EU General Data Protection Regulation (GDPR) and in accordance with the country-specific data protection regulations applicable to our company.
As the person responsible for processing, our company has implemented technical and organizational measures to ensure the most complete protection possible for the personal data processed via this website against loss, destruction, access, alteration or distribution of your data by unauthorized persons. This also includes the fact that your personal data is transmitted securely to us using encryption. We use the TSL (Transport Layer Security) coding system. You can recognize an encrypted connection by the browser address line changing from “http://” to “https://” and by the lock symbol in your browser line.
However, absolute protection cannot be guaranteed due to fundamental security gaps in internet-based data transmissions.
(2) Person responsible for data processing
The person responsible in accordance with Article 4 Paragraph 7 of the EU General Data Protection Regulation (GDPR) and the applicable country-specific data protection regulations is:
INA Hotel GmbH
Beim Strohhause 27
20097 Hamburg
E-Mail: info@ina-hotels.de
Please send general questions about data protection to our company to info@ina-hotels.de.
(3) General information on data processing
We only collect and use personal data from our users to the extent necessary to provide a functional website and to display our content and provide services. The collection and use of our users’ personal data regularly only takes place with the user’s consent. An exception applies in cases in which obtaining prior consent is not possible for actual reasons and the processing of the data is permitted by legal regulations.
The following legal bases for the processing of your personal data come into question:
- Processing based on your consent (Article 6 Para. 1 lit. a GDPR)
- VProcessing for the performance of a contract to which the data subject is a party. This also applies to processing operations that are necessary to carry out pre-contractual measures (Article 6 Paragraph 1 Letter b GDPR)
- Processing to fulfill a legal obligation to which our company is subject (Article 6 Para. 1 lit. c GDPR)
- Processing in the event that the vital interests of the data subject or another natural person require the processing of personal data (Article 6 Para. 1 lit. d GDPR)
- Processing to protect a legitimate interest of our company or a third party, unless the interests, fundamental rights and freedoms of the data subject outweigh the first-mentioned interest (Article 6 Para. 1 lit. f GDPR). Legitimate interests may in particular be:
- to deliver the content of our website correctly;
- statistische Auswertungen zur Prüfung und Optimierung der Webseite;
- to provide law enforcement authorities with the information necessary for criminal prosecution in the event of a cyber attack;
- responding to inquiries and providing services and/or information intended for you;
- the processing and transfer of personal data for internal or administrative purposes;
- the prevention and detection of fraud and criminal offenses;
- Ensuring the long-term functionality of our information technology systems and the technology of our website with the aim of increasing data protection and data security in our company.
§ 2 Your rights
(1) My rights as a data subject
You can do so under the above Address request information about the data stored about you (Article 15 GDPR). You can also request correction if we have stored incorrect personal data about you (Art. 16 GDPR). In addition, under certain conditions you can request the deletion of your data (Art. 17 GDPR) or assert the right to object (Art. 21 GDPR). You also have the right to restrict the processing of your personal data (Article 18 GDPR) and the right to release the data you have provided (Article 20 GDPR). The restrictions in accordance with Sections 34 and 35 BDSG apply to the right to information and the right to deletion.
If you believe that the processing of your personal data contradicts the requirements of the General Data Protection Regulation, you have the right to contact your respective supervisory authority for data protection (Article 77 GDPR in conjunction with Section 19 BDSG).
If the processing of data is based on your consent, you are entitled, in accordance with Art. 7 GDPR, to revoke your consent to the use of your personal data at any time. Please note that the revocation will only take effect in the future. Processing that took place before the revocation is not affected by this. Please also note that we may have to retain certain data for a certain period of time to comply with legal requirements.
(2) Information about your right to object in accordance with Article 21 GDPR
1. INDIVIDUAL RIGHT TO OBJECT
You have the right, for reasons arising from your particular situation, to object at any time to the processing of personal data concerning you based on Art. 6 Para. 1 lit. e GDPR (data processing in the public interest) and Art. 6 Para. 1 lit. f GDPR (data processing based on a balance of interests) to lodge an objection; This also applies to profiling based on this provision within the meaning of Article 4 No. 4 GDPR.
If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing that outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims ( Objection according to Art. 21 Para. 1 GDPR).
2. RIGHT TO OBJECT TO PROCESSING OF DATA FOR DIRECT ADVERTISING PURPOSE
you object to processing for direct marketing purposes, we will no longer process your personal data for these purposes. The objection can be made informally and should, if possible, be addressed to the contact details given under §1 No. (2) (objection according to Art. 21 Para. 2 GDPR).
(3) Who gets my data?
Unless otherwise stipulated in the detailed descriptions of the offers, those departments within our company will have access to your data that need it to fulfill our contractual and legal obligations or to implement our legitimate interest. We will only pass on information about you outside the company if legal or official notification obligations permit or require this, if the transfer is necessary for the processing and thus the fulfillment of the contract or, at your request, to carry out pre-contractual measures, we will give you your consent exists or we are authorized to provide information.
If we use contracted service providers for individual functions of our offering, they have been carefully selected and commissioned by us, are bound to our instructions and are checked regularly. Your personal data will then be processed on the basis of order processing contracts in accordance with Art. 28 GDPR and we ensure that the processing of personal data is carried out in accordance with the provisions of the GDPR.
If we would like to use your data for advertising purposes, we will inform you in detail about the relevant processes below.
(4) How long will my data be stored?
Unless this is regulated differently in the detailed descriptions of the offers, we process and store your personal data for as long as it is necessary to fulfill our contractual and legal obligations.
Your personal data will be regularly deleted or blocked if it is no longer required to fulfill contractual or legal obligations, you have exercised your right to deletion, all mutual claims have been met and there are no other legal retention obligations or legal justifications for storage.
§ 3 Collection of personal data when you visit our website
(1) Use of server log files
Every time the website is accessed by a data subject or an automated system, a series of general data and information is recorded in log files. This includes an Internet protocol address (IP address), the browser types and versions used, the website from which an accessing system accesses our website (so-called referrer), the sub-websites which are accessed via an accessing system on our website , the date and time of access to the website and other similar data and information that serves to avert danger in the event of attacks on our information technology systems.
The legal basis for the temporary storage of data and log files is based on Art. 6 Para. 1 lit. f GDPR with the above. legitimate interests.
Temporary storage of the IP address by the system is necessary to ensure delivery of the website to the user's computer. To do this, the user's IP address must remain stored for the duration of the session.
The data is stored in log files to ensure the functionality of the website. The data also serves us to optimize the website and to ensure the security of our information technology systems. This is also based on our legitimate interest in data processing in accordance with Article 6 Paragraph 1 Letter f of the GDPR. The data will be deleted as soon as it is no longer required to achieve the purpose for which it was collected. If the data is collected to provide the website, this is the case when the respective session has ended. The collection of data to provide the website and the storage of the data in log files is necessary for the operation of the website. Another option for checking the log files is if, based on concrete evidence, there is a justified suspicion of unlawful use or a specific attack on our website. Our legitimate interest in processing here lies in the purpose of investigating and prosecuting such attacks and unlawful uses.
(2) Use of cookies
“Cookies” are small files that are stored on users’ devices. They are stored on your device either temporarily for the duration of a session (session cookies) or permanently (persistent cookies). Session cookies are automatically deleted at the end of your visit. Permanent cookies remain stored on your device until you delete them yourself or your web browser automatically deletes them. Different information can be stored using cookies. The information can e.g. This includes, for example, the language settings on a website or the location where a video was watched.
Cookies are usually also used when a user's interests or behavior (e.g. viewing certain content, using functions, etc.) are stored in a user profile on individual websites. Such profiles serve to provide users with e.g. B. Show content that matches their potential interests. This procedure is also known as “tracking”, i.e. i.e., tracking the potential interests of users. The term “cookies” also includes other technologies that perform the same functions as cookies (e.g. when user information is stored using pseudonymous online identifiers, also known as “user IDs”).
Notes on legal bases: The legal basis on which we process your personal data using cookies depends on whether we ask you for consent. If this applies and you consent to the use of cookies, the legal basis for processing your data is the declared consent (Art. 6 Para. 1 lit. a GDPR). Otherwise, the data processed using cookies will be processed based on our legitimate interests (Art. 6 Para. 1 lit. f GDPR), e.g. B. in a business operation of our online offering and its improvement) or if the use of cookies is necessary to fulfill our contractual obligations (Art. 6 Para. 1 lit. b GDPR).
General information on revocation and objection (opt-out): Regardless of whether the processing is based on consent or legal permission, you have the option at any time to revoke your consent or to object to the processing of your data using cookie technologies . to revoke your consent (collectively referred to as “opt-out”).
You can first declare your objection using your browser settings, e.g. B. by deactivating the use of cookies (which may also limit the functionality of our online offering).
Processing of cookie data based on consent: Before we process or have data processed as part of the use of cookies, we ask users for their consent, which can be revoked at any time. Before consent has been given, cookies may be used that are necessary for the operation of our online offering. Their use is based on our interest and the interest of the users in the expected functionality of our online offering.
Cookie settings/objection option:
You can prevent the installation of cookies by deleting existing cookies and deactivating the storage of cookies in the settings of your web browser. We would like to point out that in this case you may not be able to fully use all of the functions of our website. You can also prevent the above-mentioned information from being collected by setting an opt-out cookie on one of the websites linked below:
- https://optout.networkadvertising.org/#!/
- http://www.aboutads.info/choices
- https://www.youronlinechoices.com/de/praferenzmanagement/
Please note that this setting will be deleted if you delete your cookies. You can object to the collection and forwarding of personal data or prevent the processing of this data by deactivating the execution of JavaScript in your browser. You can also prevent the execution of JavaScript code altogether by installing a JavaScript blocker (e.g. https://noscript.net/ or https://www.ghostery.com). We would like to point out that in this case you may not be able to fully use all of the functions of our website.
§ 4 Other functions and offers on our website
In addition to the purely informational use of our website, we offer various services that you can use if you are interested. To do this, you will usually have to provide additional personal data that we use to provide the respective service and to which the aforementioned data processing principles apply.
(1) Inquiries by email, telephone or fax
We offer you the option of contacting us by email, telephone or fax. When you use this, the user's personal data transmitted (e.g. name, request) is stored and processed. The data is used exclusively for further conversation and the purpose of processing your request and will not be passed on to third parties without your consent. For the processing of data that is transmitted in the course of contacting us, there is a legitimate interest in the effective processing of the inquiries addressed to us in accordance with Art. 6 Para. 1 lit. f GDPR.
If the purpose of contacting you is to conclude a contract, the legal basis for processing in accordance with Article 6 (1) (b) of the GDPR must also be included with the implementation of pre-contractual measures and, if necessary, subsequent processing to fulfill a contract.
We only store personal data that we process as part of a general contact request by email, telephone or fax until the respective correspondence has ended. The conversation ends when it can be seen from the circumstances that the matter in question has been finally clarified. Mandatory legal provisions – in particular retention periods – remain unaffected.
If you contact us by email, you can of course object to the storage of your personal data at any time. In such a case, the conversation cannot be continued.
(2) Use of the contact forms
There are also contact forms available on our website that can be used to contact us electronically. The data entered by the user is transmitted to us and stored. The legal basis for the processing of data when using the contact form is Art. 6 Para. 1 lit. f GDPR. Our legitimate interest is to effectively process user inquiries received via the contact form.
If the purpose of contacting you is to conclude a contract, the legal basis for processing in accordance with Article 6 (1) (b) of the GDPR must also be included with the implementation of pre-contractual measures and, if necessary, subsequent processing to fulfill a contract.
We only store personal data that we process as part of a general contact request via the contact form until the respective correspondence has ended. The conversation ends when it can be seen from the circumstances that the matter in question has been finally clarified. Mandatory legal provisions – in particular retention periods – remain unaffected.
If you contact us, you can of course object to the storage of your personal data at any time. In such a case, the conversation cannot be continued.
§5 Change to our data protection regulations
We reserve the right to adapt this data protection declaration so that it always complies with current legal requirements or to implement changes to our services in the data protection declaration, e.g. B. when introducing new services. The new data protection declaration will then apply to your next visit.
Contact details of the data protection officer
@-yet GmbH
Schloß Eicherhof
42799 Leichlingen
E-Mail: datenschutz@add-yet.de