Data protection
The responsible party as defined by the Data Protection Acts, in particular the EU Basic Data Protection Regulation (DSGVO), shall be:
Hotel Drei Raben Garni GmbH
Königstrasse 63
90402 Nuremberg
Germany
Telephone: 049 (0) 911 27 43 80?
Telefax: 049 (0) 911 23 26 11
E-mail: info@hoteldreiraben.de
Managing Director: Dr. Daniela Hüttinger
Purpose for the collection, storage and processing of your personal data
We (the responsible party) collect, store and process your personal data exclusively for the purposes specified in this Basic Data Protection Declaration and on the basis of Article 6 of the Basic Data Protection Regulation (DSGVO).
These purposes are as follows:
- for the execution of an agreement with you (e.g. a reservation requested by you)
- for the fulfillment of a legal obligation (e.g. pursuant to Sec. 29 ff. of the Federal Registration Act (BMG), we are obliged to collect the data required in the registration form
- for the protection of legitimate entrepreneurial interests, provided that there is no reason to assume that you have an overriding interest in the storage and processing of your data that is worth to be protected.
Personal data (name, address, e-mail address, etc.) that you communicate to us via the website (e.g. in connection with the reservation of a room), shall only be collected, processed and/or used for the purpose for which you have placed them at our disposal (Sec. 6 of the Basic Data Protection Regulation (DSGVO). This shall be done within the scope of the legal provisions in force in each individual case or exclusively with your prior consent. As a result of a reservation made with our hotel or a reservation requested by e-mail, via an internet portal, in a telephone call made by you or made by you in person, we shall proceed from the assumption that we are allowed to store and use your personal data, provided that the latter are, in the interest of data minimization, required for the reservation a room.
The processing of your personal data is based on our legitimate interest in connection with the above-mentioned purposes for collecting the data. We shall not use your data to draw conclusions with regard to you as a person. Recipients of the data shall exclusively be the responsible party and, where applicable, those in charge of order processing.
As a rule, your personal data will not be transferred to a third party. In exceptional cases, we will transfer your personal data to a third party only on condition that:
- you have given your express prior consent for this purpose,
- the processing of the data is necessary for the fulfilment of a legal obligation,
- the processing of the data is required for the protection of legitimate interests and if there is no reason to assume that you have an overriding interest in the non-disclosure of sensitive personal data.
As a matter of principle, your data will not be passed on to any third country.
Deletion or blocking of data
We shall adhere to the principles of data reduction and minimization.?Therefore, we will store your personal data only to the extent as this is necessary for achieving the purposes mentioned in this Agreement or for fulfilling the various data retention periods, required by the law. When the respective purposes have ceased to apply or the retention periods have expired, the corresponding data shall be blocked or deleted as a matter of routine or in compliance with the statutory requirements.
Your Rights concerning the protection of your personal data
Under current law, you have various rights regarding the collection, storage and processing of your personal data. We wish to inform you of these rights as follows:
- You are entitled to demand confirmation as to whether any personal data are to be processed and to demand information regarding this data as well as further information and a copy of this data pursuant to Sec. 15 of the Basic Data Protection Regulation (DSGVO).
- Pursuant to Sec. 16 of the Basic Data Protection Regulation (DSGVO), you are entitled to demand that any personal data be supplemented or to demand that any incorrect personal data be corrected.
- Pursuant to Sec. 17 of the Basic Data Protection Regulation (DSGVO), you are entitled to claim that your personal data be deleted forthwith, provided there is a legal provision to the contrary or, alternatively, to demand that processing of the data be restricted pursuant to Sec. 18 of the Basic Data Protection Regulation (DSGVO).
- You are entitled to demand receipt of the personal data that you have placed at our disposal pursuant to Sec. 20 of the Basic Data Protection Regulation (DSGVO) and to demand the communication of this data to other responsible parties.
- Pursuant to Sec. 77 of the Basic Data Protection Regulation (DSGVO), you are also entitled to lodge a complaint with the competent regulatory authority. You will find a list of the regulatory authorities (for the non-public sector) with the corresponding addresses at: https://www.bfdi.bund.de/DE/.
General information recorded when you visit our website
When you access our website, information of a general nature is automatically recorded with the aid of a cookie. This information (server logfiles) concerns, for instance, the type of web browser and operating system used, the domain name of your internet service provider and so forth. In this case, we are exclusively referring to information that does not permit that any conclusions may be drawn as to your person.
This information is technically necessary to correctly deliver content of websites requested by you and is the inevitable result of using the internet. This information shall be processed for the following purposes in particular:
- to ensure a reliable link is established to our website,
- to ensure the trouble-free use of our website,
- to evaluate system security and stability as well as
for other administrative purposes.
Links to other providers
Our website also contains recognizable links to the websites of other companies. We do not have any influence on the content of the website of these websites and, therefore, cannot accept any responsibility or liability in this respect. The responsibility for the content of these sites shall always rest with the respective provider or the company operating these sites. At the time the link was created, the linked sites were checked for possible breaches and discernible violations of the law. No unlawful contents were detected at that time. Without any clear indications of a violation of the law, it is unreasonable to expect a constant control of the content of linked sites. Should any such violations of the law become known, the links shall be removed forthwith.
Security measures
We have taken technical as well as organizational measures to protect the personal data of our clients, employees and suppliers against unauthorized access, damage, loss, destruction and/or manipulations. In order to protect the security of your data during the transfer of input data to our site, we shall use state-of-the-art encryption methods (e.g. SSL) via HTTPS.
If, for example, you want to send us sensitive data by e-mail, we recommend that you encrypt and, prefarably, electronically sign the e-mail to prevent unauthorized perusal or tampering during transmission or that you send the data to us by conventional mail. Please note, in general, that any information you send us by unencrypted e-mail, might possibly be read by third parties while it is being transmitted.
Changes in our Data Protection Declaration
We reserve the right to adapt this Data Protection Declaration so that it always meets the current legal requirements or that any changes in our services are reflected in our Data Protection Declaration, such as regarding the introduction of new services. This new Data Protection Declaration shall apply the next time you visit our site.