Lounge of the Kranz Parkhotel – Photo Copyright: ©soenne.com

Kranz Parkhotel

Privacy Policy

1. DATA PRIVACY AT A GLANCE

GENERAL INFORMATION

The following tips provide a simple overview of what happens to your personal data when you visit this website. Personal data is any information that allows you to be personally identified. For more information on data privacy, please refer to our privacy policy below.

DATA COLLECTION ON THIS WEBSITE

Who is responsible for data collection on our website?

The website operator handles the processing of data on this site. Please refer to the “Information about the controller” section of this privacy policy for their contact details.

How do we collect your data?

Your data is collected when you give it to us. For example, this can be data you enter into a contact form.

Other data is collected by our IT systems automatically or subject to your consent when you visit the website. This is primarily technical data (e.g. internet browser, operating system, or the time at which the page is accessed). This data is collected automatically as soon as you access this website.

What do we use your data for?

Some of the data is collected to ensure that the website can function correctly. Other data can be used to analyse your user behaviour.

What are your rights with regard to your data?

You have the right to receive information free of charge about the origin, recipient and purpose of the personal data stored concerning you at any time. You also have the right to demand that this data be corrected or deleted. If you have given your consent to data processing, you can withdraw this consent at any time for the future. In addition, you have the right to request that the processing of your personal data be restricted in certain circumstances. You also have a right to lodge a complaint with the competent supervisory authority.

2. HOSTING

We host the contents of our website with the following provider:

MITTWALD

The provider is Mittwald CM Service GmbH & Co. KG, Königsberger Strasse 4-6, 32339 Espelkamp (hereinafter referred to as Mittwald).

You can find details in the Mittwald privacy policy: www.mittwald.de/datenschutz.

Mittwald is used on the basis of Art. 6 (1) f) GDPR. We have a legitimate interest in displaying our website as reliably as possible. If the corresponding consent has been requested, the data will be processed exclusively on the basis of Art. 6 (1) a) GDPR and Section 25 (1) German Telecommunications and Telemedia Data Protection Act (TTDSG), provided that the consent covers the storage of cookies or access to information on the user’s device (e.g. device fingerprinting) in terms of TTDSG. Consent can be revoked at any time.

Contract data processing

We have concluded a data processing agreement regarding the use of the aforementioned service. This is a contract required by data protection law that ensures that this service processes the personal data of the visitors to our website only in accordance with our instructions and in compliance with GDPR.

3. GENERAL INFORMATION AND MANDATORY INFORMATION

DATA PRIVACY

The operators of these pages take the protection of your personal data very seriously. We handle your personal data confidentially and in accordance with the statutory data protection regulations as well as this privacy policy.

When you use this website, various items of personal data are collected. Personal data is information that allows you to be personally identified. This privacy policy explains what data we collect and what we use it for. It also explains how and for what purpose this is done.

Please be aware that data transfer on the internet (for example when communicating via email) may be subject to security vulnerabilities. A complete protection of the data from third party access is not possible.

INFORMATION ABOUT THE CONTROLLER

The controller for the data processing on this website is

Kranz Parkhotel GmbH

Mühlenstrasse 32 - 44

53721 Siegburg

Tel.: +49 (0) 22 41 / 5 47-0

Email: info@kranzparkhotel.de

The controller is the natural person or legal entity which, alone or jointly with others, determines the purposes and means of the processing of personal data (e.g. names, email addresses etc.).

STORAGE PERIOD

Unless a more specific storage period is specified within this privacy policy, we retain your personal data until the purpose of the data processing no longer applies. If you make a legitimate request for erasure or withdraw your consent to data processing, your data will be deleted, unless we have other legally permissible reasons for storing your personal data (e.g. storage periods under tax or commercial law); in the latter case, the data will be deleted when these reasons come to an end.

GENERAL INFORMATION ABOUT THE LEGAL BASES OF DATA PROCESSING ON THIS WEBSTE

If you have consented to the data processing, we will process your personal data on the basis of Art. 6 (1) a) GDPR, or Art. 9 (2) a) GDPR if particular data categories in accordance with Art. 9 (1) are being processed. If you expressly consent to your personal data being transferred to third countries, the data will also be processed on the basis of Art. 49 (1) a) GDPR. If you have consented to cookies being stored or information on your device being accessed (e.g. via device fingerprinting), the data will additionally be processed on the basis of Section 25 (1) TTDSG. Consent can be revoked at any time. If your data is necessary for the execution of the contract or the performance of pre-contractual measures, we will process your data on the basis of Art. 6 (1) b) GDPR. If your data is required for the fulfilment of a legal obligation, we will also process it on the basis of Art. 6 (1) c) GDPR. Furthermore, your data may be processed on the basis of our legitimate interest in accordance with Art. 6 (1) f) GDPR. In the following paragraphs of this privacy policy, you will find information about the legal bases that are relevant in the individual case.

WHERE YOUR PERSONAL DATA IS PROCESSED FOR DIRECT MARKETING PURPOSES, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF PERSONAL DATA CONCERNING YOU FOR SUCH MARKETING, WHICH INCLUDES PROFILING TO THE EXTENT THAT IT IS RELATED TO SUCH DIRECT MARKETING. IF YOU DO SO, YOUR PERSONAL DATA WILL NO LONGER BE USED FOR THE PURPOSE OF DIRECT MARKETING (OBJECTION ACCORDING TO ART. 21 (2) GDPR).

RIGHT TO LODGE A COMPLAINT WITH THE COMPETENT SUPERVISORY AUTHORITY

In the event of infringements of GDPR, the data subjects have the right to lodge a complaint with a supervisory authority, in particular in the member state of their habitual residence, their place of work or the place of the alleged infringement. The right to lodge a complaint exists without prejudice to other administrative or judicial remedies.

RIGHT TO DATA PORTABILITY

You have the right to have data that we process automatically on the basis of your consent or in fulfilment of a contract handed over to you or to a third party in a commonly used, machine-readable format. If you require the data to be transferred directly to another data controller, this will only be done to the extent that is technically feasible.

ACCESS, RECTIFICATION AND ERASURE

Within the framework of the statutory provisions, you have, at any time, the right to access your saved personal data, its origin and recipients and the purpose of the data processing free of charge as well as the right to have this data corrected or deleted if applicable. You can contact us at any time about this or if you have further questions on the subject of personal data.

RIGHT TO A RESTRICTION OF THE PROCESSING

You have the right to request that the processing of your personal information be restricted. You can contact us about this at any time. The right to a restriction of processing exists in the following cases:

If you contest the accuracy of your personal data stored by us, we usually need time to verify this. During the verification period, you have the right to request that the processing of your personal information be restricted.

If your personal data has been/is being processed unlawfully, you may request that the processing of your personal data be restricted instead of the data being deleted.

If we no longer need your personal data, but you need it to exercise, defend or establish legal claims, you have the right to request that the processing of your personal information be restricted instead of the data being deleted.

If you have made an objection under Art. 21 (1) GDPR, your interests must be weighed against our interests. You have the right to request that the processing of your personal data be restricted until it is determined whose interests prevail.

If you have restricted the processing of your personal information, such personal data may, with the exception of storage, only be processed with your consent or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the European Union or of a Member State.

SSL OR TLS ENCRYPTION

This page uses SSL or TLS encryption to protect the transmission of confidential content, such as orders or enquiries that you send to us as the website operator. You can recognise an encrypted connection by the address line of the browser changing from “http://” to “https://” and by the padlock symbol in your browser line.

If SSL or TLS encryption is enabled, the data you submit to us cannot be read by third parties.

OBJECTION TO ADVERTISING EMAILS

Use of contact details published as part of the obligatory legal notice is hereby prohibited for the purpose of sending advertisements and information materials that are not expressly requested. The website operators explicitly reserve the right to take legal action in the event of unsolicited advertising, such as spam emails.

4. DATA COLLECTION ON THIS WEBSITE

SERVER LOG FILES

The provider of the web pages automatically collects the information that your browser sends to us automatically and saves it in server log files. This includes:

The browser type and browser version

The operating system used

The referrer URL

The host name of the accessing computer

The time of the server request

The IP address

This data is not merged with other data sources.

This data is collected on the basis of Art. 6 (1) f) GDPR. The website operator has a legitimate interest in the technically flawless presentation and the optimisation of its website – the server log files must be collected for this.

CONTACT FORM

If you send us enquiries via the contact form, we will store your details on that form, including the contact details provided there, for the purpose of processing the enquiry and in case there are any follow-up questions. We will not pass on this data without your consent.

This data will be processed on the basis of Art. 6 (1) b) GDPR if your enquiry is related to the fulfilment of a contract or is required for the performance of pre-contractual actions. In all other cases, processing will be based on our legitimate interest in the effective handling of enquires directed to us (Art. 6 (1) f) GDPR) or your consent (Art. 6 (1) a) GDPR), where requested; you can withdraw your consent at any time.

We will retain the data that you enter in the contact form until you request us to delete it, you withdraw your consent to the storage of the data, or the purpose for the data storage no longer applies (e.g. after the we have finished processing your enquiry). Mandatory statutory provisions – especially storage periods – are not affected.

ENQUIRY BY EMAIL, TELEPHONE OR FAX

If you contact us by e-mail, telephone or fax, your enquiry, including all personal data (name, enquiry) resulting from the contact process, will be stored and processed by us for the purpose of handling your enquiry. We will not pass on this data without your consent.

This data will be processed on the basis of Art. 6 (1) b) GDPR if your enquiry is related to the fulfilment of a contract or is required for the performance of pre-contractual actions. In all other cases, processing will be based on our legitimate interest in the effective handling of enquires directed to us (Art. 6 (1) f) GDPR) or your consent (Art. 6 (1) a) GDPR), where requested; you can withdraw your consent at any time.

We will retain the data that you send us via contact enquiries until you request us to delete it, you withdraw your consent to the storage of the data, or the purpose for the data storage no longer applies (e.g. after we have finished processing your enquiry). Mandatory legal requirements – especially statutory storage periods – are not affected.

5. PLUG-INS AND TOOLS

GOOGLE FONTS (LOCAL HOSTING)

This page uses Google Fonts provided by Google for the uniform display of fonts. The Google Fonts are installed locally. There is no connection to Google servers.

You can find further information on Google Fonts at developers.google.com/fonts/faq and in Google’s privacy policy: policies.google.com/privacy.

FONT AWESOME (LOCAL HOSTING)

This page uses Font Awesome provided by Google for the uniform display of fonts. Font Awesome is installed locally. There is no connection to Fonticons, Inc. servers.

You can find further information on Font Awesome in the Font Awesome privacy policy at: fontawesome.com/privacy.