Legal notice

FRITZ am Brunnen ****
Parkhotel I Bar I Lounge I Restaurant

Brunnenstraße 24-28
58332 Schwelm
Germany

Phone +49 (0) 2336 4008-0
Fax +49 (0) 2336 4008-150
Email kontakt@fritzambrunnen.de
Web www.fritzambrunnen.de

Parkhotel FRITZ am Brunnen is operated by Hotel Fritz Betriebs GmbH.

Hotel Fritz Betriebs GmbH
Head office: Cologne
HRB 86154; Cologne District Court
Business address:
Hauptstraße 184; 58332 Schwelm
VAT-ID: DE304705923 

Managing Directors:
Martina Spannagel
Till Mundorf

Data Protection

In accordance with Section 13.1 of the Telemedia Act, we give visitors to our website the possibility, at the start of a session, of obtaining information about the nature, scope and purpose of the collection and use of personal data. Under the General Data Protection Regulation (GDPR), which redefines data protection law in the EU from 25 May 2018, we are required in our privacy statement to fully inform you about data collection and processing on our website

1. Controller’s name and contact details

This privacy notice provides information about the processing of personal data on the website of:

ROMANTIK HOTEL FRITZ AM BRUNNEN
Parkhotel / Bar / Lounge / Restaurant

Brunnenstraße 24-28
58332 Schwelm

Tel. +49 (0) 2336 4008-0
Fax +49 (0) 2336 4008-150
E-mail kontakt@fritzambrunnen.de
Website www.fritzambrunnen.de

ROMANTIK HOTEL FRITZ AM BRUNNEN is operated by Hotel Fritz Betriebs GmbH; the controller of this website is:

Hotel Fritz Betriebs GmbH
Registered office: Cologne
HRB 86154; Cologne District Court
Business address:
Brunnenstraße 24-28; 58332 Schwelm
VAT ID: DE304705923

Managers:
Martina Spannagel
Till Mundorf

2. Scope and purpose of personal data processing

2.1 Website visits

When this website www.fritzambrunnen.de is visited, the visitor’s web browser automatically sends the website server data which are stored for a limited time in a log file. The following data are stored without any further input from the visitor until they are automatically erased:

  • IP address of the visitor’s terminal device,
  • date and time of the visitor‘s access,
  • name and URL of the pages accessed by the visitor,
  • website from which the visitor reached our website (referrer URL),
  • visitor’s browser and operating system and name of the access provider used by the visitor.

The processing of this personal data is justified under GDPR Article 6.1.1(f). The hotel has a legitimate interest in processing the data for the following purposes:

  • to establish a swift connection with the hotel website,
  • to enable a user-friendly website interface,
  • to monitor and ensure the security and stability of the system,
  • to streamline and improve website administration.

Data are expressly not processed in order to obtain information about the person visiting the website. No personal browsing profile or similar is either created or processed.

2.2 Contact / E-mail

Visitors can use an embedded e-mail address on the website to send a message to the hotel. At the minimum, a valid e-mail address must be provided in order to be able to receive an answer. The person sending the message may voluntarily provide any other information. By sending the message, the visitor agrees to the processing of the personal data provided. Data are processed solely in order to handle and answer enquiries. This takes place on the basis of consent freely given pursuant to GDPR Article 6.1.1(a). The personal data collected are automatically erased once the enquiry has been dealt with and if there is no reason to keep them any longer (e.g. subsequent booking).

3. Data disclosure

Personal data are disclosed to third parties if:

  • the data subject has given their express consent pursuant to GDPR Article 6.1.1(a),
  • disclosure pursuant to GDPR Article 6.1.1(f) is required for the establishment, exercise or defence of legal claims and there are no grounds to assume that the data subject has an overriding interest, meriting protection, in non-disclosure of their data,
  • there is a legal obligation to disclose data pursuant to GDPR Article 6.1.1(c),
  • disclosure is necessary pursuant to GDPR Article 6.1.1(b) for the performance of a contract with the data subject.

In other cases, personal data are not disclosed to third parties.

4. Cookies

The website uses cookies (pieces of data exchanged between the website server and the visitor’s browser) which are stored on the device used to visit the website (PC, notebook, tablet, smartphone, etc.). Cookies as such cannot do any harm to the device. In particular, they do not contain any viruses or malware. Cookies contain information that arises on each connection with a specific terminal. The hotel cannot gain any direct knowledge of the website visitor‘s identity from them.
For the most part, cookies are accepted under the browser’s default settings. It is possible to define default settings so that cookies are either not accepted on the device or a specific alert is given before a new cookie is created. It should be noted that disabling cookies can mean that not all the website functions can be used to the best possible extent.
Cookies help to make use of the hotel’s web content more convenient. For example, session cookies can indicate whether the visitor has already visited particular pages of the website. These session cookies are automatically erased on leaving the website.
Temporary cookies are used to make the experience more user-friendly. They are stored temporarily on the visitor’s device. If the website is visited again, it automatically recognises that the visitor has already accessed the site at a previous point in time and which inputs and settings were made so that they do not have to be repeated.
Cookies are also used to analyse website hits for statistical purposes and to improve the content. They make it possible, if the website is visited again, to automatically recognise that the visitor has already accessed the website. Cookies are automatically erased after a predetermined time.
The data processing performed by cookies is justified for the above-mentioned purposes to protect the legitimate interests of the hotel pursuant to GDPR Article 6.1.1(f).

5. Your rights as a data subject

Insofar as your personal data are processed on the occasion of a visit to our website, as a “data subject” within the meaning of the GDPR you have the following rights.

5.1 Information

You have a right to ask us whether we process your personal data, except where the provision of such information must be kept confidential on account of a third party’s overriding legitimate interest. Exceptionally, an obligation to provide information may exist, in particular where a threat of damage means that your interests prevail over the confidentiality interest. A right to information is also excluded where data are stored only because they may not be erased because of legal retention periods or are used exclusively for the purposes of data security or data protection control, insofar as the provision of information would involve a disproportionate effort and processing for other purposes is excluded by appropriate technical and organisational measures. Where the right to information is not excluded in your case and we process your personal data, you may ask us to provide the following information:

  • the purposes of the processing,
  • the categories of your personal data concerned,
  • the recipients or categories of recipient to whom your personal data is disclosed, in particular recipients in third countries,
  • where possible, the envisaged period for which your personal data will be stored or, if not possible, the criteria used to determine that period,
  • the existence of the right to rectification or erasure or restriction of processing of personal data concerning the data subject or to object to such processing,
  • the right to lodge a complaint with a data protection authority,
  • where the personal data have not been collected from you as a data subject, any available information as to their source,
  • where relevant, the existence of automated decision-making, including profiling, and meaningful information about the logic involved, as well as the significance and the envisaged consequences of such automated decision-making,
  • in the event of transfer to recipients in third countries, and insofar as the European Commission has not taken a decision on the adequacy of the level of protection under GDPR Article 45.3, information about what provision has been made for appropriate safeguards for the protection of personal data under GDPR Article 46.2.

5.2 Rectification and completion

Where you find that personal data concerning you are inaccurate, you can ask us to rectify the inaccurate data without undue delay. Likewise, you can ask us to complete incomplete personal data concerning you.

5.3 Erasure

You have a right to erasure (the “right to be forgotten”) where the processing is not necessary for exercising the right of freedom of expression and information or for compliance with a legal obligation or for the performance of a task carried out in the public interest and one of the following grounds applies:

  • the personal data are no longer necessary for the purposes for which they were processed,
  • the legal ground for the processing was solely your consent, which you have withdrawn,
  • you have objected to the processing of your personal data that we have made public,
  • you have objected to the processing of personal data that we have not made public and there are no overriding legitimate grounds for the processing,
  • your personal data have been unlawfully processed,
  • the personal data have to be erased for compliance with a legal obligation to which we are subject.

There is no right to erasure where, in the case of lawful, non-automated data processing, erasure is not possible on account of the particular type of storage or would involve disproportionate effort and your interest in erasure is small. In this case, a restriction of processing replaces erasure.

5.4 Restriction of processing

You can ask us to restrict processing where one of the following grounds applies:

  • you contest the accuracy of the personal data, in which case restriction can be requested for a period that enables us to verify the accuracy of the data;
  • the processing is unlawful and you request restriction of use of your personal data instead of erasure;
  • we no longer need your personal data for the purposes of the processing but you need them for the establishment, exercise or defence of legal claims;
  • you have lodged an objection pursuant to GDPR Article 21.1; restriction of the processing may be requested for as long as it is not established whether our legitimate grounds override yours.

Restriction of the processing means that personal data are processed only with your consent or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest. We are required to inform you before we lift the restriction.

5.5 Data portability

You have a right to data portability insofar as the processing is based on your consent (GDPR Article 6.1(a) or Article 9.2(a)) or on a contract to which you are a party and the processing is carried out by automated means. In this case the right to data portability includes the following rights, insofar as they are not affected by the rights and freedoms of other persons. You can ask us to provide the personal data that you have provided to us in a structured, commonly used and machine-readable format. You have the right to transmit those data to another controller without hindrance from us. Where technically feasible, you can ask us to transmit the personal data directly to another controller.

5.6 Objection

Where the processing is based on GDPR Article 6.1.1(e) (performance of a task carried out in the public interest or in the exercise of official authority) or Article 6.1.1(f) (legitimate interests pursued by the controller or by a third party), you have the right to object, on grounds relating to your particular situation, at any time to the processing of personal data concerning you. The same applies to profiling based on GDPR Article 6.1.1(e) or (f). After the right to object has been exercised, we no longer process the personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims.

You can at any time object to the processing of personal data concerning you where it is used for direct marketing purposes. The same applies to profiling to the extent that it is related to such direct marketing. After exercise of this right to object we will no longer use the personal data concerned for direct marketing purposes.

You may lodge your objection informally by phone, e-mail or fax or at our postal address given at the head of this privacy notice.

5.7 Withdrawal of consent

You have the right to withdraw your consent at any time with future effect. Withdrawal of consent can be communicated informally by phone, email or fax or at our postal address given at the head of this privacy notice.

Withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal. Processing based exclusively on your consent will be discontinued on receipt of withdrawal.

5.8 Complaints

If you consider that the processing of personal data concerning you is unlawful, you can lodge a complaint with a data protection authority competent for your place of residence or work or for the place of the presumed infringement.

6. Use of social media (Facebook) / Links

We maintain online-presence within social networks and platforms in order to communicate and inform customers, interested parties and users about our services.

Our website does not use so called „Facebook-Social-Plugins“, but includes a link to Facebook. Our visitors data will therefore not be read out automatically by Facebook-Plugins. When clicking integrated images you will however be forwarded to other providers, which means that the terms of use will be forwarded to the respective provider. Please note that in this process the users data may be processed outside the European Union. Hereby risks may arise for the user, because the enforcement of users rights could for instance be made difficult. Concerning US-providers who are certified under the „Privacy-Shield“, we would like you to note that you commit yourself to meeting the data protection standards of the European Union. Furthermore the users data will in a normal case be used for market research and advertising purposes. Usage profiles could for example be created based on the users behaviour and interest. These usage profiles could be used to place advertising whithin and outside the platforms, that presumably mirror the interests of the user. For these purposes cookies are being stored on the users device to keep track of the usage behaviour and interests. Furthermore these user profiles can contain saved data regardless of the used devices (especially if the user is a member of the respective platform and is logged in). The processing of the users personal data is taking place on the basis of our legitemate interest in information and communication about and with the users according to Art. 6 Abs. 1 lit. f. DSGVO. In case the user is being asked by the provider for permission to process the data (i.e. the declaration of consent, for example by marking checkboxes or selecting a „confirm“ button) the legal basis for the processing will be Art. 6 Abs. 1 lit. a., Art. 7 DSGVO. For a detailed description of the respective processing and the option to object (Opt-out), we recommend the links to the providers statements as listed below. We would also like to point out that the most effective way for inquiries on information and the inforcement of users rights is to claim the provider directly. Only the providers have access to the data of the users and can directly pass on information or take action. Should you still be in need of help, please do not hesitate to contact us. Facebook (Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Irland) – Datenschutzerklärung: https://www.facebook.com/about/privacy/,Opt-Out: https://www.facebook.com/settings?tab=ads und http://www.youronlinechoices.com, Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active

7. Disclaimer

The services presented on our website do not constitute a binding contractual offer on our part but are subject to change according to availability. We are happy to make you an offer based on your specific request and will then accept binding reservations and bookings.

8. Status and updating of this privacy notice

This privacy notice is issued as at 25 May 2018. We reserve the right to update it in due course in order to improve data protection or adapt to any change in administrative practice or jurisprudence.

9. Our data protection officer is

Katharina Milano

datenschutz@fritzambrunnen.de