Privacy Policy Hotel Gasthof Goldener Ochsen Goeppingen Hohenstaufen

Privacy Policy:

Data processing on this website is carried out by the website operator. The contact details can be found in the section "Name and Address of the Controller" in this privacy policy.

Overview of the Legal Basis for Data Processing:

The processing of your personal data on this website is carried out in compliance with the applicable data protection regulations, in particular the GDPR (General Data Protection Regulation).

Consent:

If you have consented to the processing, it is based on Article 6(1)(a) GDPR or, for special categories of data, pursuant to Article 9(2)(a) GDPR. In the case of explicit consent to the transfer of data to third countries, the processing is additionally based on Article 49(1)(a) GDPR.

Cookies:

Our website does not use cookies.

Contract-Related Data:

If processing is necessary for the performance of a contract or for the implementation of pre-contractual measures, it is based on Article 6(1)(b) GDPR.

Legal Obligation:

Processing required by law is carried out in accordance with Article 6(1)(c) GDPR.

Legitimate Interest:

In certain cases, we base the processing on our legitimate interest in accordance with Article 6(1)(f) GDPR. Further details on the respective legal basis can be found in the following sections of this privacy policy.

Name and Address of the Controller:

Web Hosting:

This website is hosted by an external service provider (Hoster). The personal data collected on this website is stored on the hoster's servers. This may include IP addresses, contact requests, meta and communication data, contract data, contact details, names, website access, and other data generated via the website. Hosting takes place to fulfill contracts with our potential and existing customers (Art. 6(1)(b) GDPR) and in the interest of a secure, fast, and efficient provision of our online offer by a professional provider (Art. 6(1)(f) GDPR).

Our hoster will only process your data to the extent necessary to fulfill its performance obligations and to follow our instructions regarding such data.

We host the content of our website with the following provider: Strato. Provider is Strato AG, Otto-Ostrowski-Straße 7, 10249 Berlin (hereinafter "Strato"). When you visit our website, Strato collects various log files including your IP addresses. For further information, please refer to Strato's privacy policy: https://www.strato.de/datenschutz/.

Data Processing Agreement: We have concluded a Data Processing Agreement (AVV) with Strato. This is a contract required by data protection law, which ensures that Strato processes the personal data of our website visitors only in accordance with our instructions and in compliance with the GDPR.

Email Hosting and Communication:

For sending and receiving emails, we use the services of our hoster Strato AG. When you send us an email, the email addresses, content, and metadata are stored on Strato's servers. This processing is based on Art. 6(1)(b) GDPR (contract performance) or Art. 6(1)(f) GDPR (legitimate interest in efficient communication). We have concluded a Data Processing Agreement with Strato.

Server Log Files:

We (or our web service provider) collect data about every access to the website (so-called server log files). Access data includes: name of the retrieved website, file, date and time of retrieval, transferred data volume, notification of successful retrieval, browser type and version, user's operating system, referrer URL (previously visited page), IP address, and the requesting provider. The log data is used only for statistical evaluations for the purpose of operation, security, and optimization of the offer. The basis for data processing is Art. 6(1)(f) GDPR (legitimate interest in technically error-free presentation). Server log files are stored for 3 months and then automatically deleted.

Internet Security:

Our web and mail servers are located in Germany. However, data traffic routing via transit routes outside Germany and the EU cannot be excluded. We expressly point out that data transmission over the Internet (e.g., when communicating by email) may have security gaps. Complete protection of data against access by third parties is not possible.

SSL Encryption:

This site uses SSL encryption for security reasons and to protect the transmission of confidential content, such as inquiries you send to us. You can recognize an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in your browser line.

Contact:

When contacting us (e.g., via contact form, letter, telephone, or email), the user's details are processed for the purpose of handling the contact request and its processing pursuant to Art. 6(1)(b) GDPR (contractual/pre-contractual measures) or Art. 6(1)(f) GDPR (legitimate interest). Your data will remain with us until you request us to delete it, revoke your consent to storage, or the purpose for data storage no longer applies. Mandatory statutory provisions – in particular statutory retention periods – remain unaffected.

Objection to Promotional Emails:

We hereby object to the use of contact data published in the context of the imprint obligation for sending unsolicited advertising and information materials. The operators of the pages expressly reserve the right to take legal action in the event of the unsolicited sending of advertising information, such as spam emails.

Information, Deletion, Blocking:

You have the right to free information about your stored personal data, its origin and recipient and the purpose of the data processing at any time. You also have a right to correction, blocking, or deletion of this data. For this purpose, as well as for further questions regarding personal data, you can contact us at any time at the address given in the imprint.

Disclosure to Third Parties:

Your data will not be sold, rented, or otherwise made available to third parties. Transmission to state institutions and authorities only occurs within the framework of mandatory national legal provisions.

Your Rights as a Data Subject:

As a data subject, you have various rights under the GDPR. You can assert these rights against the controller at any time.

Right to Rectification (Art. 16 GDPR):

You have the right to request the immediate correction of incorrect personal data concerning you.

Right to Restriction of Processing (Art. 18 GDPR):

You have the right to request the restriction of processing under certain conditions (e.g., if you contest the accuracy of the data).

Right to Data Portability (Art. 20 GDPR):

You have the right to receive the data you have provided to us in a structured, common, and machine-readable format.

Right to Object (Art. 21 GDPR):

You have the right to object at any time to the processing of your personal data based on Art. 6(1)(e) or (f) GDPR for reasons arising from your particular situation.

Right to Lodge a Complaint (Art. 77 GDPR):

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority if you consider that the processing of personal data relating to you infringes the GDPR.

Competent Supervisory Authority for Baden-Wuerttemberg:

Protection of Minors:

Children and persons under 18 years of age should not transmit any personal data to us without the consent of their parents or guardians.