Reisezeitraum:

Privacy Policy of the Hotel Fährhaus

Privacy Policy of the Hotel Fährhaus According to the GDPR

The protection of your personal data is our main concern! Therefore, the processing of personal data certainly happens in accordance with the applicable European and national legislation. The following privacy policy of the Hotel Fährhaus provides an overview of the collected data type, its use and disclosure. Furthermore, you find security measures taken to protect your data and how to obtain access to information provided to us.

Art. 1 | Name and Address of the Controller

The controller as defined by GDPR and other national privacy laws of the member states and other privacy regulations is:

Hotel Fährhaus
Hafenstr. 1
26506 Norden
Germany
Phone: +49-4931-973-1111
Email: sf(at)hotel-faehrhaus.de
Website: hotel-faehrhaus.de

In consequence of repeated false calls, the booking-hotline is: +49 4931 98877.
Please send booking requests via mail to info(at)hotel-faehrhaus.de

Art. 2 | Name and Address of the Data Protection Officer

We have appointed an external data protection officer.
If you have any questions regarding data protection, please contact:

Hotelsicherer - Potsdamer Platz 1 - 10785 Berlin
Ralph Griesz - E-Mail: datenschutz@hotelsicherer.de

Art. 3 | General Remarks to the Data Processing

1. Extent of the Personal Data Processing:

We principally process personal data of our users only if necessary to provide a functional website, our content and services. The personal data processing of our users regularly takes place only on consent of the user. An exception applies in cases where prior consent cannot be obtained for factual reasons and processing data is legally authorised.

Certainly, you are able to cancel your declaration(s) of consent anytime with effect for the future. For this purpose, please contact the controller according to Art. 1.

2. Legal Basis for the Processing of Personal Data:

Where we obtain consent of the affected person for processing personal data, article 6 section 1 a) EU-General Data Protection Regulation (hereinafter referred to as "GDPR") serves as legal basis.

At the processing of personal data, are required to fulfil the contract, of which the affected person is a signatory party, the article 6 section 1 b) GDPR serves as legal basis. The same applies to processing operations, are required to implement pre-contractual measures.

Insofar as the processing of personal data is required to fulfil a legal obligation, to which our company is subject, the article 6 section 1 c) GDPR serves as legal basis. In case that vital interests of the affected person or another natural person necessitate a processing of personal data, the article 6 section 1 d) GDPR serves as legal basis.

If the processing is necessary for the adherence of legitimate interests of the company or by a third party and the interests, fundamental rights and freedoms of the affected person does not override the former interest, then the article 6 section 1 f) GDPR serves as legal basis for the processing.

3. Data Erasure and Storage Period:

The personal data of the affected person will be erased or blocked, as soon as the purpose of storing is no longer required. Beyond this, storage may occur if provided by European or national legislators under EU regulations, laws or other regulations to which the controller is subject. Blocking or deletion of the data also takes place if a storage period prescribed by the aforementioned standards expires. Unless there is a need for further storage of the data for the conclusion or fulfilment of a contract.

Art. 4 | Definitions

The Hotel Fährhaus privacy policy is based on terms used by the European legislator to adopt the GDPR. The privacy policy of the Hotel Fährhaus is supposed to be easily readable and reasonable. In order to ensure this, the most important terms following behind are explained:

1. Personal Data

are all Information that refer to an identifiable or identifiable natural person (hereinafter referred to as „affected person“). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

2. Affected Person

is every identified or identifiable natural person, whose personal data is processed by the controller.

3. Processing

is any operation or set of operations performed on personal data, whether or not by automated means. This includes: collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

4. Profiling

is any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person. In particular, to analyse or predict aspects concerning work performance, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements of that natural person.

5. Pseudonymisation

is the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organisational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.

6. Controller

is the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data. When Union or Member State law determines the purposes and means of such processing, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.

7. Processor

is a natural or legal person, public authority, agency or other body processing personal data on behalf of the controller.

8. Recipient

is a natural or legal person, public authority, agency or another body receiving personal data, whether a third-party or not. However, public authorities receiving personal data in the framework of a particular enquiry in accordance with Union or Member State law shall not be regarded as recipients.

9. Third Party

is a natural or legal person, public authority, agency or body other than the affected person, controller, processor and persons who, under the direct authority of the controller or processor, are authorised to process personal data.

10. Consent

of the affected person means any freely given, specific, informed and unambiguous indication of the affected person’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.

Art. 5 | SSL or TLS Encryption

This website uses SSL or TLS encryption for security reasons and for protection of the transmission of confidential content. This includes, among other things, orders or enquiries that you send to us as the website operator. You recognise an encrypted connection by the lock displayed in the browser line and when "http://" changes to "https://".

If SSL or TLS encryption is activated, data you transmit to us will be unreadable to any third party.

Art. 6 | Provision of the Website and Generation of Logfiles

1. Description and Extent of the Data Processing:

With every mere informative use of the website, if and when you did not transmit any other information, we gather – more precisely the website provider – with every call-up of the website automated merely following data and information of the computer system of the recursive computer:

  1. IP address of the user
  2. Information about browser type and used version
  3. The operating system of the user
  4. The internet service provider of the user
  5. Date and time of the access
  6. Websites, of these the system of the user get to the website
  7. Websites, which the System of the user via our website calls up
  8. Content of the call-ups (specific sites)
  9. Language and version of the browser software
  10. Used search engines
  11. Names of downloaded files

The data will be stored as server logfiles. Storage of these data in connection with other personal data of the user does not take place.

2. Legal Basis for the Data Processing

i.e. for the temporary storage of the logfiles is article 6 section 1 f) GDPR.

3. Purpose of the Data Processing:

The temporary storage of the IP address by the system is necessary to enable the website to be delivered to the user's computer. For this purpose, it is necessary to store the IP address for the period of the session. The storage in logfiles takes place to steady the functionality of the website. Moreover, the data is used for the optimisation of the website and securing the safety of our information technology systems. In this context, an interpretation of the data for marketing purposes does not take place. These arguments also prove our legitimate interest in data processing according to article 6 section 1 f) GDPR.

4. Duration of the Storage:

The data will be deleted as soon as they are not necessary for the attainment of the purpose. A further storing is possible. In this case, IP addresses are anonymised so that it is no longer possible to identify the calling client. In practice, the IP address of the client is anonymised with an 'x' in the logfiles after 7 days.

5. Objection and Erasure Possibility:

The data collection to provide the website and the storage of the data in Logfiles is absolutely necessary for the operation of the website. As a result, there exists no objection possibility on the side of the user.

Art. 7 | The Use of Cookies

1. Description and Extent of the Data Processing:

Our website uses cookies. Cookies are text files, which the web browser stores locally on your terminal device (PC, notebook, tablet, smartphone etc.) If a user views a website, a cookie can be stored on the operating system of the user. These cookies contain a specific character string enabling the browser to be uniquely identified next time the website is accessed.

They are harmless (virus-free) and enable us to get specific, but no personal data, which we need for improvements of our offers and for adaptations of your needs. Cookies remain stored even if the browser session is closed and will be called up again with a renewed page view.

If you prefer no data collection via cookies, then you are able to use your “browser settings” to be informed on set cookies, to exclude cookie setting generally or to delete single cookies. You are able to modify your corresponding browser settings whenever you want.

Please remember that some pages can be restricted in their functionality. As far as session cookies are concerned, they anyway will be automatically deleted as soon as the website is closed. Since it concerns in particular the cookies setting in the context of web analysis by Google-Analytics, we refer to “Article 13 | Web Analysis by Google-Analytics” for better information.

2. Legal Basis for the Data Processing:

The legal basis for the use of personal data applying cookies generally is article 6 section 1 a) GDPR and article 6 section 1 f) GDPR.

3. Duration of the Storage, Objection and Erasure Possibility:

Cookies are stored on the computer of the user and transmitted from there to our web page. Hence, you as user have the use of cookies under your control. By modification of your web browser settings, you are able to deactivate or restrict the transmitting of cookies. You can delete already existing cookies anytime. In fact, this can also take place automatically. If cookies for our website are deactivated, it is possible that some functions of the website are not fully available.

Art. 8 | The Use of Google Fonts

1. Description and Extent of the Data Processing:

This page uses for a homogeneous display of fonts so-called web fonts, which Google provides. With the view of a page, your browser downloads all needed web fonts in your browser cache to view texts and fonts accurately. Thus, with the visit of our webseite, your browser sends a query to the Google server. While doing so, Google logs the following data:

  1. IP address
  2. Browser information
  3. Website
  4. Operating system of the user
  5. Screen resolution of the user
  6. Language settings of the browser or more precisely of the operating system of the user
  7. Font data file

This takes independently place, whether you have a Google user account, in which you may logged in, or not. If you are logged in in Google, your data will be directly matched to your account. The use of Google web fonts takes places in the interest of a homogenous and agreeable display of our online services. This represents a legitimate interest in terms of article 6 section 1 subparagraph 1 f) GDPR.

2. Legal Basis for the Data Processing:

The legal basis for the use of personal data is article 6 section 1 f) GDPR.

3. Duration of the Storage, Objection and Erasure Possibility:

Google stores your data as user profile and uses them for the purpose of advertisement, market investigation and/or adequate design of its website. Such an evaluation particularly takes place to generate an adequate advertisement (even for users logged out) and to be informed on your activities on our website. You have the right to object to the user profiling, whereas you have to address Google in the exercise of such liberty. Further information to purpose and extent of the data collection and their processing by the plug-in-provider, you receive in the privacy policy of the provider. Moreover, you also obtain there further information referring to your right and your setting opportunities for the protection of your privacy: https://policies.google.com/privacy?hl=de.

Art. 9 | Newsletter

1. Description and Extent of the Data Processing:

There exists the option on our web page to subscribe to our costless newsletter. With this newsletter, we would like to inform you about upcoming events and/or outing tips in the surrounding area as well as about our current and interesting offers in German language. The content is also named in the declaration of consent. With the registration for the newsletter, the respective data of the input form will be transmitted to our newsletter tool CleverReach. An appropriate contract for commissioned data processing exists.

For the registration to our newsletter, the so-called “double-opt-in”-procedure is used, which means that an email will be send to the given email address after your registration. In this mail, you will be asked to confirm your registration. If the registration is not confirmed within the next 48 hours, your information will be blocked and automatically deleted within 90 days. Generally, your used IP address and the times of registration and confirmation will be stored. The intention of this procedure is, to prove your registration and if necessary to support the solving of an eventual abuse of your data via a third party.

Only your e-mail address is mandatory for sending the newsletter. Providing further data such as title, surname and first name is voluntary and will be used by us to address you personally.

2. Description of the Google Service reCaptcha Use by CleverReach:

CleverReach uses this service to ascertain if a human or a computer makes a specific request in our newsletter form. Google verifies on the basis of the following data if you are human or computer: IP address of the used terminal device, the viewed website on which the captcha is integrated, date and duration of the web page visit, the identifying code of the used browser and operating system, Google account if you are logged in, computer mouse movements on the reCaptcha surfaces as well as tasks, in which you have to identify pictures. Legal basis for the described data processing is article 6 section 1 f) GDPR. There is a legitimate interest at our side on this data processing to ensure the safety of our website and to protect us from automatic inputs (cyber-attacks).

3. Legal Basis for the Data Processing:

The legal basis for the data processing after the registration to the newsletter with the consent in hand by the user is article 6 section 1 subparagraph 1 a) GDPR.

4. Purpose of the Data Collection:

The collection of the user email address serves to deliver the newsletter. The collection of other personal data within the registration procedure serves to prevent an abuse of the services or the used email address.

5. Duration of the Storage:

As soon as the data is needless for the attainability of the purpose, they will be deleted. Therefore, your newsletter-registration information will be stored as long as your newsletter subscription is activated. Other within the context of the registration procedure collected personal data normally will be deleted after a period of seven days.

6. Objection and Erasure Possibility:

You are able to cancel our newsletter subscription and recall your consent anytime. The cancelation takes place by clicking on the field “hier abmelden” in the email boilerplate of our newsletter (last row) or by sending an email to [bounce(at)hotel-faehrhaus.de]. Thus, an objection to the consent of the storage of personal data during the registration procedure is enabled.

Art. 10 | Online Booking Tool

1. Description and Extent of the Data Processing:

To use our online booking tool for enquiries or reservations of hotel rooms, it is necessary for the contract conclusion to enter your personal data, required for processing your enquiry or reservation. Mandatory information required for the processing of contracts is marked separately, further information is voluntary. The data is entered into an input mask and transmitted to our service provider and stored. The following data is collected as part of the booking process:

  1. Salutation
  2. First name
  3. Surname
  4. Phone number
  5. Email address
  6. Fax number
  7. Address (company or address affix, street, postcode, town, country)
  8. Payment method (for booking guarantee by credit card: credit card number, expiry date)
  9. Age (if booked for children)
  10. Data of fellow travellers (salutation, first name, surname)

Data will only be passed on to third parties if this is necessary for the purpose of processing the contract or for billing purposes or to collect payment or if you have expressly consented to this. In this respect, we only pass on the data required in each case. These data recipients are, for example

  1. Our staff at the reservations department of our hotels, which is newly in written form obliged for attention to the data privacy especially to the protection of confidentiality according to § 53 Federal Data Protection Act.
  2. The service provider that provides our online booking tool and guarantees full data protection as part of an order data processing declaration in accordance with Art. 28 GDPR.
  3. The service provider that operates and hosts our hotel software and guarantees full data protection as part of its contract data processing declaration in accordance with Art. 28 GDPR.
  4. The service provider handling our credit card billing who guarantees full data protection as part of its order data processing declaration in accordance with Art. 28 GDPR.

2. Legal Basis for the Data Processing:

The legal basis for the processing of your data is article 6 section 1 b) GDPR. In respect to further voluntarily provided data, the legal basis for data processing is article 6 section 1 a) GDPR.

3. Purpose of the Data Processing:

The collected mandatory information is necessary to the fulfilment of the contract with the user (with a view to offer, conclusion and/or confirmation of the contens of contract). As the result, we will use the data for answering your requests, processing your booking and also for the purpose of technical administration of the websites. The voluntary information took place to prevent a missuse and if necessary to solve criminal acts. Moreover, we are able to process your given data to inform you on further interesting products of our portfolio or to send you emails with arrival, location or other information.

4. Duration of the Storage:

The data will be deleted as soon as the data is no longer required for the attainability of their collected purpose. In terms of commercial and tax law, we are obliged to store your address, payment and order data for a period of ten years after the completion of the contract. Regarding further voluntarily given data, we will delete those at the end of three years after the completion of the contract, unless we contracted any other agreement with the user on the data use.

5. Objection and Erasure Possibility:

If the data is required to fulfill a contract or to carry out pre-contractual measures, premature deletion of the data is only possible insofar as contractual or legal obligations do not prevent deletion. Otherwise, you are free to have the personal data provided during registration completely deleted from the controller's database. The controller will provide you with information about which personal data about you is stored at any time upon request. Furthermore, the controller shall correct or delete personal data at the request or notice of the affected person, provided that this does not conflict with any statutory retention obligations. You can write to the controller or the data protection officer in accordance with Art. 1 or Art. 2 at any time by email or post and request the deletion/amendment of the data.

Art. 11 | Links to External Websites

To optimize data security, we are currently deliberately avoiding insecure or secure but inappropriate social media plugins for Facebook, Google+, Flickr, Instagram or similar sites and only link to our presence there. This website therefore only contains links to external sites.

We are responsible for the content of our website and our own posts on our social media accounts. We have no influence on the further content of the websites of external links. Therefore, we are also not responsible for this, in particular we do not adopt their content as our own. If you are directed to an external site, the privacy policy provided there applies.

If you notice any illegal activities or content on this site, you are welcome to notify us. In this case, we will check the content and react accordingly (according to the so-called notice-and-take-down procedure).

Art. 12 | Contact Form and Email Contact

1. Description and Extent of the Data Processing:

On our website there is a contact form which can be used for electronic contact. If you use this option, the data entered in the input mask will be transmitted to us and stored. These data are:

  1. Surname
  2. Email address
  3. Subject
  4. Message

Additionally, the following data is stored at the time the message is sent:

  1. IP address of the user
  2. Date and time of the transmission

For the processing of the data, your consent is obtained during the sending process and reference is made to this privacy policy of the Hotel Regina Maris. Alternatively, contact can be made via the e-mail address provided. In this case, the personal data transmitted with the e-mail will be stored. If this involves information on communication channels (e.g. e-mail address, telephone number), you also consent to us contacting you via this communication channel in order to respond to your enquiry. No data will be passed on to unauthorised third parties in this context. The data will be used exclusively for processing the conversation.

2. Legal Basis for the Data Processing:

Legal basis for the processing of the data is article 6 section 1 a) GDPR if the user has given consent. Legal basis for the processing of data transmitted in the course of sending an e-mail is article 6 section 1 f) GDPR. If the e-mail contact is aimed at the conclusion of a contract, the additional legal basis for the processing is article 6 section 1 b) GDPR.

3. Purpose of the Data Processing:

The processing of the personal data from the input mask serves us solely to process the contact. Of course, we will only use the data from your e-mail enquiry for the purpose you provided it for when contacting us. If you contacted us by e-mail, we also have the necessary legitimate interest in processing the data in order to reply. Any other personal data collected during the sending process is used to prevent misuse of the contact form and to ensure the security of our information technology systems.

4. Duration of the Storage:

The data is deleted as soon as it is no longer required to fulfil its intended purpose. For personal data from the input mask of the contact form and data sent by e-mail, this is the case when the respective conversation with the user has ended. The conversation is finished when it can be inferred that the matter in question has been conclusively clarified. The additional personal data collected during the sending process will be deleted after a period of 180 days at the latest, unless a further agreement on data use is concluded with the user.

5. Objection and Erasure Possibility:

You always have the option of revoking your consent to the processing of your personal data. You can object to the storage of your personal data at any time if you contact us by e-mail. We explicitly point out that in such a case the conversation cannot be continued. Regarding the revocation of consent/objection to storage, we ask you to contact the controller or the data protection officer in accordance with Art. 1 or Art. 2 by e-mail or post. Any personal data stored in the course of making contact will be deleted in this case.

Art. 13 | Making Contact via WhatsApp Business

1. Description and Extent of the Data Processing:

We provide the opportunity to contact us via the WhatsApp messenger service of WhatsApp Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

For this purpose, we use the so-called ‘business version’ of WhatsApp.

If you contact us via WhatsApp, we will store and use the mobile phone number you use on WhatsApp and - if provided - your first name and surname to process and respond to your request. If necessary, we will ask you to provide further data (such as address or e-mail address) via WhatsApp in order to be able to assign your enquiry to a specific process.

2. Legal Basis for the Data Processing:

The legal basis for the processing of the data transmitted in the course of sending a WhatsApp message is article 6 section 1b GDPR.

3. Purpose of the Data Processing:

If you use our WhatsApp contact for general enquiries (e.g. about the range of services, availability or our website), we store and use the mobile phone number you use on WhatsApp and - if provided - your first and last name in accordance with article 6 section 1f GDPR on the basis of our legitimate interest in the efficient and timely provision of the requested information.

Your data will exclusively be used to respond to your request via WhatsApp. Your data will not be passed on to third parties.

4. Advanced Information on Data Collection via Whatsapp:

Please remember that WhatsApp business has access to the directory of the for this purpose used mobile device. As a result, phone numbers stored to the directory will automatically be transferred to the server of the parent company Meta Platforms Inc. in the US. For the usage of our WhatsApp business account, we use a mobile device whose directory has only stored WhatsApp contact details of such users, who got in touch with us via WhatsApp.

Hereby, it is ensured that each person, whose WhatsApp contact details stored in our directory, has already agreed to the transmission of their WhatsApp phone number from the directories of their WhatsApp contacts according to article 6 section 1a GDPR. This happened during the first-time use of this application on their own mobile device by accepting the terms of use of WhatsApp. In this respect, a transmission of data of user, who does not use WhatsApp or had not contacted us via WhatsApp, is excluded. Purpose and extent of the collection of data and the further processing and usage of data by WhatsApp as well as your rights and setting options concerning the protection of your privacy, you take out of the privacy policy of WhatsApp: https://www.whatsapp.com/legal/privacy-policy-eea

Art. 14 | Web Analysis by Google Analytics

1. Description and Extent of the Data Processing:

We use the service of Google Inc. (1600 Amphitheatre Parkway Monutain View, CA 94043, USA) on our website to analyse the surf behaviour of our website visitor and user. The software places a cookie on your device (on the subject of cookies see also article 7). If individual pages of our website are accessed, the following data is stored:

  1. Two bytes of the anonymised IP address of the user's accessing system
  2. The website accessed
  3. Entry pages and exit pages
  4. Length of stay on the website and dropout rate
  5. Frequency of visits to the website
  6. Country and regional origin, language, browser, operating system, hardware, screen resolution
  7. Use of flash or java
  8. Search engines and search keywords used

The information generated by cookies about the use of this website by users is generally transmitted to a Google server in the USA and stored there.

This website uses Google Analytics with the extension „_anonymizeIp()“. The software is set so that the IP addresses are not completely stored, but only in abbreviated form. In this way, it is no longer possible to assign the abbreviated IP address to the acessing device.

Only in exceptional cases is the full IP address first transmitted to a Google server in the USA and only abbreviated there. However, the IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.

2. Legal Basis for the Data Processing:

Legal basis for the processing of personal data is article 6 section 1 a) GDPR.

3. Purpose of the Data Processing:

On our order, Google will use this information to analyse the website use by our website visitors and users and to compile reports on website activities. By analysing the data obtained, we are able to compile information about the use of individual components of our website. This helps us to constantly improve our website and its user-friendliness.

4. Duration of the Storage:

The data is deleted as soon as it is no longer required for our recording purposes. In our case, user and event data is stored for 14 months and then deleted.

5. Objection and Erasure Possibility:

The cookies used are stored on your device and transmitted from it to our website. If you disagree with the collection and analysis of usage data, you can prevent this using the appropriate settings in your browser software by deactivating or restricting the use of cookies. Cookies that have already been saved can be deleted at any time. However, in this case you may not be able to use all the functions of this website to their full extent.

Moreover, you can prevent the collection of data generated by the cookie and related to your use of the website (including your abbreviated IP address) and the processing of this data by Google by downloading and installing the browser plugin available at the following link. The current link is "https://tools.google.com/dlpage/gaoptout/?hl=en". You have the option to withdraw your consent to the processing of personal data at any time. If you contact us by e-mail, you can object to the storage of your personal data at any time. With regard to the revocation of consent/objection to storage, we ask you to contact the controller in accordance with § 1 by e-mail or post.

If you visit our website with your mobile device, you can also object to its use by deactivating Google Analytics. To do so, click on the following link: Deactivate Google Analytics. In this case, your browser sets a cookie that tells Google to prevent tracking.

6. Advanced Information:

The responsible organisation is Google Ireland Ltd., Gordon House, 4 Barrow Street, Dublin, Ireland, Fax: +353 (1) 436 1001. Further information can be found in the terms of use at https://marketingplatform.google.com/about/analytics/terms/us/, in the overview of the data protection https://support.google.com/analytics/answer/6004245?hl=en and in the privacy policy https://policies.google.com/privacy?hl=en.

Art. 15 | Analysis by Google Ads and Conversion Tracking

1. Description and Extent of the Data Processing:

This website uses Google Ads. Ads is an online advertising programme of Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States ('Google'). In the context of Google Ads, we use the so-called conversion tracking. When you click on an advertisement placed by Google, a cookie is set for the conversion tracking (for cookies, see also article 7). These cookies loose their validity after 30 days and are not used to personally identify users. If the user visits certain pages of this website and the cookie has not yet expired, Google and we recognise that the user clicked on the advertisement and was redirected to this page.

Each Google Ads customer receives a different cookie. The cookies cannot be tracked via the websites of Ads customers. The information collected using the conversion cookie is used to generate conversion statistics for Ads customers who have opted for conversion tracking. Customers are told the total number of users who clicked on their advertisement and were redirected to a page with a conversion tracking tag. However, they do not receive any information that can be used to personally identifies users. If you do not wish to participate in tracking, you can object to this use by easily deactivating the Google Conversion Tracking cookie via your Internet browser under user settings. As a result, you will not be included in the conversion tracking statistics.

2. Purpose of the Data Processing:

The storage of 'conversion cookies' is based on article 6 section 1 f) GDPR. The website operator has a legitimate interest in analysing user behaviour in order to optimise both its website and advertising.

Further information on Google Ads and Google Conversion-Tracking, can be found in Google's privacy policy: https://policies.google.com/privacy?hl=en.

Set your browser so that you are informed about the setting of cookies. You can allow cookies only in individual cases, exclude the acceptance of cookies for certain cases or in general and activate the automatic deletion of cookies when closing the browser. If cookies are deactivated, the functionality of this website may be restricted.

Art. 16 | Rights of the Affected Person

If we process your personal data, then you are a person affected in the sense of the GDPR. You have the following rights towards the controller:

  1. Right to Information
  2. Right to Rectification
  3. Right to Restriction of Processing
  4. Right to Erasure
  5. Right to Briefing
  6. Right to Data Portability
  7. Right to Object to the Processing
  8. Right to Object to Assentation in Terms of Data Protection Law
  9. Right to Non-Application of an Automated Decision-Making
  10. Right to Complaint at a Supervisory Authority

1. Right to Information:

You are entitled to obtain confirmation from the controller if personal data concerning your person is being processed by us. If such processing exists, the controller is obliged to provide you with free information about the personal data stored at any time. In addition, the following information will be disclosed:

  1. the purposes of the processing;
  2. the categories of personal data being processed;
  3. the recipients or categories of recipients to whom the personal data have been or will be disclosed;
  4. the intended retention period of the personal data concerning you or, if specific information is not available, criteria for determining the retention period;
  5. the existence of a right to rectify or erase personal data concerning you, a right to restrict processing by the controller or a right to object to such processing;
  6. the existence of a right of appeal to a supervisory authority;
  7. all available information about the origin of the data if the personal data was not collected from the affected person;

You are entitled to obtain information if your personal data is transferred to a third country or an international organisation. In this context, you can obtain information on appropriate safeguards in accordance with article 46 GDPR relating to the transfer.

2. Right to Rectification:

You are entitled to obtain from the controller without undue delay the rectification and/or completion of inaccurate or incomplete personal data concerning you.

3. Right to Restriction of Processing:

Under the following conditions, you can demand that the controller immediately restricts the processing of your personal data:

  1. if you dispute the accuracy of the personal data concerning you for a period of time to allow the controller to verify the accuracy of the personal data;
  2. the processing is unlawful and you object to erasing the personal data and instead request to restrict its use;
  3. the controller no longer needs the personal data for the purposes of the processing, but they are required by you for the establishment, exercise or defence of legal claims, or
  4. if you have objected to the processing under article 21 section 1 GDPR and it is not yet certain whether the controller's legitimate reasons outweigh your reasons.

If the processing of personal data concerning you is restricted, those data may be processed - except for their storage - only with your consent or for the purposes of establishing, exercising or defending legal claims or for the purposes of protecting the rights of another natural or legal person or for reasons of important public interest of the Union or of a Member State. If processing has been restricted based on the above conditions, the controller will inform you before the restriction is lifted.

4. Right to Erasure

a. Erasure Obligation:

You are entitled to request the controller to delete your personal data immediately if one of the following grounds applies:

  1. the personal data concerning you are no longer necessary for the purposes for which they were collected or otherwise processed.
  2. you withdraw your consent on which the processing was based pursuant to article 6 section 1 a) or article 9 section 2 a) GDPR and there is no other legal basis for the processing.
  3. you object to the processing pursuant to article 21 section 1 GDPR and there are no overriding legitimate grounds for the processing, or you object to the processing pursuant to article 21 section 2 GDPR.
  4. the personal data concerning you has been processed unlawfully.
  5. the personal data concerning your person have to be erased for compliance with a legal obligation in Union or Member State law to which the controller is subject.
  6. the personal data concerning your person have been collected in relation to the offer of information society services referred to in article 8 section 1 GDPR.

b. Information to Third Parties:

Where the controller has made public personal data concerning you and is obliged pursuant to article 17 section 1 GDPR to erase the personal data, the controller shall take reasonable steps, including technical measures, having regard to the available technology and the cost of implementation. The controller for data processing will inform those responsible for data processing who process the personal data that you as the affected person have requested the deletion of all links to this personal data or of copies or replications of this personal data.

c. Exceptions:

The right to erasure shall not apply to the extent that processing is necessary

  1. for compliance with a legal obligation which requires processing by Union or Member State law to which the controller is subject or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
  2. for reasons of public interest in the area of public health in accordance with article 9 section 2 h and as well as article 9 section 3 GDPR;
  3. for archiving purposes in the public interest , scientific or historical research purposes or statistical purposes in accordance with article 89 section 1 GDPR, in so far as the right referred to in paragraph a. is likely to render impossible or seriously impair the achievement of the objectives of that processing; or
  4. for the establishment, exercise of defence of legal claims.

5. Right to Briefing:

Once you have asserted the right to rectification, erasure or restriction of processing against the controller, the latter is obliged to notify all recipients to whom the personal data concerning you have been disclosed of this rectification, erasure or restriction of processing. Unless this proves impossible or involves a disproportionate effort. You have the right to be informed by the controller about those recipients.

6. Right to Data Portability:

You have the right to receive the personal data concerning you, which you have provided to the controller, in a structured, commonly used and machine-readable format. Moreover, you have the right to transmit those data to another controller without hindrance from the controller to which the personal data have been provided, where:

  1. the processing is based on consent pursuant to article 6 section 1 a GDPR or article 9 section 2 a GDPR or on a contract pursuant to article 6 section 1 b GDPR and
  2. the processing is carried out by automated means.

In exercising this right, you also have the right to have personal data concerning your person transmitted directly from one controller to another, where technically feasible. Thus, freedoms and rights of others shall not be adversely affected.

That right to data portability shall not apply to processing necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller. To exercise the right to data portability, the affected person can contact the controller for processing at any time.

7. Right to Object to the Processing:

You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning your person which is based on article 6 section 1 e or f GDPR.

The controller no longer processes the personal data concerning your person. Unless, the controller demonstrates compelling legitimate grounds for the processing, which override your interests, rights and freedoms, or for the establishment, exercise or defence of legal claims.

Where personal data concerning your person are processed for direct marketing purposes, you have the right to object at any time to processing of personal data concerning your person for such marketing. If you object to processing for direct marketing purposes, your personal data will no longer be processed for these purposes.

In the context of the use of information society services, and notwithstanding Directive 2002/58/EG, you may exercise your right to object by automated means using technical specifications. To exercise the right to object, the affected person can contact the controller directly.

8. Right to object to Assentation in Terms of Data Protection Law:

You have the right to object to your consent in terms of data protection law. With the withdrawal of the consent, the legitimacy of processing remains unaffected in consequence of the consent before the withdrawal. Concerning this, you shall contact the controller.

9. Right to Non-Application of an Automated Decision-Making:

You have the right not to be subject to a decision based solely on automated processing. This includes profiling, which produces legal effects concerning you or similarly significantly affects you. This applies not if the decision:

  1. is necessary for entering into, or performance of, a contract between you and the controller,
  2. is authorised by Union or Member State law to the controller is subject and which also lays down suitable measures to safeguard your rights and freedoms and legitimate interests; or
  3. is based on your explicit consent.

However, these decisions may not be based on special categories of personal data pursuant to Art. 9 para. 1 GDPR, unless Art. 9 para. 2 lit. a or g GDPR applies. Appropriate measures have been taken to protect the rights and freedoms as well as your legitimate interests.

In the cases referred to in a) and c), the controller shall take appropriate measures to safeguard the rights and freedoms and your legitimate interests. Nevertheless, this entails the right to request intervention from the controller, to present one's viewpoint and to challenge the decision. If the affected person wishes to assert rights relating to automated decisions, they can contact the controller at any time.

10. Right to Complaint at a Supervisory Authority:

However, these decisions may not be based on special categories of personal data pursuant to Art. 9 para. 1 GDPR, unless Art. 9 para. 2 lit. a or g GDPR applies. Appropriate measures have been taken to protect the rights and freedoms as well as your legitimate interests.

In the cases referred to in a) and c), the controller shall take appropriate measures to safeguard the rights and freedoms and your legitimate interests. Nevertheless, this entails the right to request intervention from the controller, to present one's viewpoint and to challenge the decision. If the affected person wishes to assert rights relating to automated decisions, they can contact the controller at any time.

Art. 17 | Changes to the Privacy Policy of the Hotel Fährhaus

We reserve the right to change our data protection practices and the privacy policy of the Hotel Fährhaus to align it should the occasion arise with amendments to relevant laws and regulations, respectively or to meet your needs. Accordingly, we will announce possible changes to our privacy policy at this point. For this purpose, please take account of the actual version date of the privacy policy of the Hotel Fährhaus.

Vers. 20230102/FH

Change Cookie Settings

Discover our further hotels in Norddeich


© 2019 Norddeicher Gastfreunde GmbH
CallseasideJetzt anrufen
MailseasideJetzt Mail schreiben
BookseasideJetzt buchen
Jetzt anrufen Jetzt Mail schreiben BookseasideJetzt buchen