Data protection

Data protection declaration Hotel Sonnenblick

We have written this data protection declaration (version 29.01.2020-311147803) to explain to you in accordance with the provisions of the General Data Protection Regulation (EU) 2016/679 what information we collect, how we use data and what choices you have as a visitor to this website.

As always with rules and regulations, these explanations sound very technical, but we have tried to describe the most important things as simply and clearly as possible.

Automatic data storage:

When you visit websites these days, certain information is automatically created and stored, including this website.

If you visit our website as it is now, our web server (computer on which this website is stored) automatically saves data such as

  • the address (URL) of the accessed website
  • Browser and browser version
  • the operating system used
  • the address (URL) of the previously visited page (referrer URL)
  • the host name and the IP address of the device from which access is mad
  • Date and Time

Web server log files

As a rule, web server log files are stored for two weeks and then automatically deleted. We do not pass on this data, but we cannot rule out that this data will be viewed in the event of illegal behavior.
According to Article 6 Paragraph 1 f GDPR (lawfulness of processing), the legal basis is that there is a legitimate interest in enabling the error-free operation of this website by recording web server log files.

Cookies

Our website uses HTTP cookies to save user-specific data.
In the following we explain what cookies are and why they are used so that you can understand the following data protection declaration.

What exactly are cookies?

Whenever you surf the Internet, you are using a browser. Well-known browsers are, for example, Chrome, Opera, Safari, Firefox, Internet Explorer and Microsoft Edge. Most websites save small text files in your browser. These files are called cookies.

One thing is very clear: Cookies are really useful little helpers. Almost all websites use cookies. More precisely, they are HTTP cookies, as there are also other cookies for other areas of application. HTTP cookies are small files that our website stores on your computer. These cookie files are automatically placed in the cookie folder, which is the “brain” of your browser. A cookie consists of a name and a value. When defining a cookie, one or more attributes must also be specified.

Cookies save certain user data about you, such as language or personal page settings. When you visit our website again, your browser sends the “user-related” information back to our site. Thanks to cookies, our website knows who you are and offers you your usual standard settings. In some browsers, each cookie has its own file, in others, such as Firefox, all cookies are stored in a single file.

There are both first-party cookies and third-party cookies. First-party cookies are created directly from our side, third-party cookies are created by partner websites (e.g. Google Analytics). Each cookie must be evaluated individually, as each cookie stores different data. The expiry time of a cookie also varies from a few minutes to a few years. Cookies are not software programs and do not contain viruses, Trojans or other “viruses”. Cookies cannot access information on your PC either.

For example, cookie data can look like this:

  • Name: _ga
  • Expiry time: 2 years
  • Use: Differentiation of website visitors
  • Exemplary value: GA1.2.1326744211.152311147803

A browser should support the following minimum sizes:

  • A cookie should be able to contain at least 4096 bytes
  • At least 50 cookies should be able to be saved per domain
  • A total of at least 3000 cookies should be able to be stored

What types of cookies are there?

The question of which cookies we use in particular depends on the services used and is clarified in the following sections of the data protection declaration. At this point we would like to briefly discuss the different types of HTTP cookies.

There are 4 types of cookies:

Absolutely necessary cookies
These cookies are necessary to ensure the basic functions of the website. For example, these cookies are needed when a user puts a product in the shopping cart, then continues surfing on other pages and only goes to checkout later. These cookies do not delete the shopping cart, even if the user closes his browser window.

Functional cookies
These cookies collect information about user behaviour and whether the user receives any error messages. In addition, these cookies are used to measure the loading time and the behaviour of the website with different browsers.

Goal-oriented cookies
These cookies ensure better user-friendliness. For example, entered locations, font sizes or form data are saved.

Advertising cookies
These cookies are also called targeting cookies. They serve to deliver customized advertising to the user. That can be very practical, but also very annoying.

Usually, when you visit a website for the first time, you will be asked which of these types of cookies you would like to allow. And of course this decision is also saved in a cookie.

How can I delete cookies?

You decide for yourself how and whether you want to use cookies. Regardless of which service or website the cookies originate from, you always have the option of deleting cookies, only partially allowing them or deactivating them. For example, you can block third-party cookies but allow all other cookies.

If you want to find out which cookies have been stored in your browser, if you want to change or delete cookie settings, you can find this in your browser settings:

Chrome: Delete, activate and manage cookies in Chrome

Safari: manage cookies and website data with Safari

Firefox: Delete cookies to remove data that websites have stored on your computer

Internet Explorer: deleting and managing cookies

Microsoft Edge: Deleting and managing cookies

If you generally do not want cookies, you can set up your browser so that it always informs you when a cookie is to be set. In this way, you can decide for each individual cookie whether or not to allow the cookie. The procedure is different depending on the browser. It is best to search for the instructions in Google with the search term “Delete cookies Chrome” or “Deactivate cookies Chrome” in the case of a Chrome browser or replace the word “Chrome” with the name of your browser, e.g. Edge, Firefox, Safari.

What about my data protection?

The so-called “cookie guidelines” have existed since 2009. It states that the storage of cookies requires the consent of the website visitor (i.e. you). Within the EU countries, however, there are still very different reactions to these guidelines. In Germany, the cookie guidelines have not been implemented as national law. Instead, this guideline was largely implemented in Section 15 (3) of the Telemedia Act (TMG).

If you want to know more about cookies and don’t shy away from technical documentation, we recommend https://tools.ietf.org/html/rfc6265, the Request for Comments of the Internet Engineering Task Force (IETF) called “HTTP State Management Mechanism”.

Storage of personal data

Personal data that you transmit to us electronically on this website, such as name, e-mail address, physical address or other personal information in the context of submitting a form or comments in the blog, are stored by us together with the time and the IP address. Address is only used for the specified purpose, stored securely and never passed on to third parties.

We therefore only use your personal data for communication with those visitors who expressly request contact and for processing the services and products offered on this website. We do not pass on your personal data without your consent, but we cannot rule out that this data will be viewed in the event of illegal behavior (hacking).

If you send us personal data by email – outside of this website – we cannot guarantee secure transmission and protection of your data. We recommend that you never send confidential data unencrypted by email.

According to Article 6 Paragraph 1 a GDPR (lawfulness of processing), the legal basis is that you give us your consent to process the data you have entered. You can revoke this consent at any time – an informal email is sufficient, you will find our contact details on our website.

Rights according to the General Data Protection Regulation

According to the provisions of the GDPR, you have the following rights:

  • Right to rectification (Article 16 GDPR)
  • Right to erasure (“right to be forgotten”) (Article 17 GDP
  • Right to restriction of processing (Article 18 GDPR)
  • Right to notification – obligation to notify in connection with the correction or deletion of personal data or the restriction of processing (Article 19 GDPR)
  • Right to data portability (Article 20 GDPR)
  • Right to object (Article 21 GDPR)
  • Right not to be subject to a decision based solely on automated processing – including profiling (Article 22 GDPR)

If you believe that the processing of your data violates any data protection law or that your data protection claims have been violated in any other way, you can contact the Federal Commissioner for Data Protection and Freedom of Information (BfDI).

Evaluation of visitor behaviour

In the following data protection declaration we inform you whether and how we evaluate data from your visit to this website. The evaluation of the collected data is usually anonymous and we cannot infer your person from your behavior on this website.

You can find out more about how to object to this analysis of the visit data in the following data protection declaration.

TLS encryption with https

We use https to transmit data securely on the Internet (data protection through technology design, Article 25 (1) GDPR). By using TLS (Transport Layer Security), an encryption protocol for secure data transmission on the Internet, we can ensure the protection of confidential data. You can recognize the use of this protection of data transmission by the small lock symbol in the top left of the browser and the use of the https (instead of http) scheme as part of our Internet address.

Google Maps privacy policy

Wir benĂŒtzen auf unserer Website Google Maps der Firma Google Inc. (1600 Amphitheatre Parkway Mountain View, CA 94043, USA). Mit Google Maps können wir Standorte visuell besser darstellen und damit unser Service verbessern. Durch die Verwendung von Google Maps werden Daten an Google ĂŒbertragen und auf den Google-Servern gespeichert. Hier wollen wir nun genauer darauf eingehen, was Google Maps ist, warum wir diesen Google-Dienst in Anspruch nehmen, welche Daten gespeichert werden und wie Sie dies unterbinden können.

What is Google Maps?

We use Google Maps from Google Inc. (1600 Amphitheater Parkway Mountain View, CA 94043, USA) on our website. With Google Maps, we can better visualize locations and thus improve our service. By using Google Maps, data is transmitted to Google and stored on Google’s servers. Here we would like to go into more detail about what Google Maps is, why we use this Google service, which data is stored and how you can prevent this.

Warum verwenden wir Google Maps auf unserer Website?

Google Maps is an online map service from Google Inc. With Google Maps you can use a PC or an app to search the Internet for the exact locations of cities, sights, accommodations or companies. If companies are represented on Google My Business, additional information about the company is displayed in addition to the location. In order to show how to get there, map sections of a location can be integrated into a website using HTML code. Google Maps shows the earth’s surface as a road map or as an aerial or satellite image. Thanks to the Street View images and the high-quality satellite images, very precise representations are possible.

Why do we use Google Maps on our website?

All of our efforts on this page are aimed at providing you with a useful and meaningful time on our website. By integrating Google Maps, we can provide you with the most important information on various locations. Thanks to Google Maps, you can see at a glance where we are based. The route description always shows you the best or fastest way to us. You can find the route for routes by car, public transport, on foot or by bike. For us, the provision of Google Maps is part of our customer service.

Which data is saved by Google Maps?

  • Name:NID
  • Expiry time: after 6 months
  • Usage:NID is used by Google to tailor advertisements to your Google searches. With the help of the cookie, Google “remembers” your most frequently entered search queries or your previous interaction with advertisements. So you always get customized advertisements. The cookie contains a unique ID that Google uses to collect personal settings from the user for advertising purposes.
  • Example value: 188 = h26c1Ktha7fCQTx8rXgLyATyITJ311147803

Please note: We cannot guarantee that the information stored is complete. Changes at Google can never be ruled out, especially when using cookies. In order to identify the NID cookie, a separate test page was created, which only includes Google Maps.

How long and where will the data be stored?

The Google servers are located in data centers all over the world. Most of the servers are located in America, however. For this reason, your data is also increasingly stored in the USA. Here you can read exactly where the Google data centers are located: https://www.google.com/about/datacenters/inside/locations/?hl=de

Google distributes the data on various data carriers. This means that the data can be accessed more quickly and is better protected against any attempt at manipulation. Each data center also has special emergency programs. For example, if there are problems with the Google hardware or a natural disaster affects the servers, the data is still very likely to be protected.

Google stores some data for a specified period of time. For other data, Google only offers the option of manually deleting them. The company also anonymizes information (such as advertising data) in server logs by deleting part of the IP address and cookie information after 9 and 18 months, respectively.

How can I delete my data or prevent data storage?

With the automatic deletion function of location and activity data introduced in 2019, information on location determination and web / app activity – depending on your decision – is stored for either 3 or 18 months and then deleted. In addition, you can manually delete this data from the history at any time via the Google account. If you want to completely prevent your location from being recorded, you must pause the “Web and app activity” section in your Google account. Click Data & Personalization, then click the Activity Settings option. Here you can switch the activities on or off.

You can also deactivate, delete or manage individual cookies in your browser. Depending on which browser you are using, this works in different ways. The following instructions show how to manage cookies in your browser:

Chrome: Delete, activate and manage cookies in Chrome

Safari: manage cookies and website data with Safari

Firefox: Delete cookies to remove data that websites have stored on your computer

Internet Explorer: deleting and managing cookies

Microsoft Edge: Deleting and managing cookies

If you generally do not want cookies, you can set up your browser so that it always informs you when a cookie is to be set. In this way, you can decide for each individual cookie whether or not to allow it.

Google is an active participant in the EU-U.S. Privacy Shield Framework, which regulates the correct and secure transfer of personal data. You can find more information on this at https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI. If you want to find out more about data processing by Google, we recommend the company’s own data protection declaration at https://policies.google.com/privacy?hl=de.

Google Analytics privacy policy

We use the Google Analytics (GA) analysis tracking tool from the American company Google LLC (1600 Amphitheater Parkway Mountain View, CA 94043, USA) on our website. Google Analytics collects data about your actions on our website. For example, if you click on a link, this action is saved in a cookie and sent to Google Analytics. With the help of the reports we receive from Google Analytics, we can better tailor our website and our service to your needs. In the following, we will go into more detail about the tracking tool and, above all, inform you about which data is stored and how you can prevent this.

What is google analytics

Google Analytics is a tracking tool that is used to analyze the traffic on our website. In order for Google Analytics to work, a tracking code is built into the code of our website. When you visit our website, this code records various actions that you carry out on our website. As soon as you leave our website, this data is sent to the Google Analytics server and stored there.

Google processes the data and we receive reports on your user behaviour. These reports can include the following:

  • Target group reports: With target group reports, we get to know our users better and know more precisely who is interested in our service.
  • Ad reports: Ad reports make it easier for us to analyze and improve our online advertising.
  • Acquisition Reports: Acquisition reports give us helpful information on how we can get more people excited about our service.
  • Behavioral Reports: This is where we learn how you interact with our website. We can understand which path you take on our site and which links you click..
  • Conversion reports: Conversion is a process in which you carry out a desired action based on a marketing message. For example, when you go from being a pure website visitor to being a buyer or newsletter subscriber. With the help of these reports, we can find out more about how our marketing measures are received by you. This is how we want to increase our conversion rate.
  • Real-time reports: Here we always find out immediately what is happening on our website. For example, we can see how many users are reading this text.

Which data is saved by Google Analytics?

Our goal with this website is clear: We want to offer you the best possible service. The statistics and data from Google Analytics help us to achieve this goal.

The statistically evaluated data show us a clear picture of the strengths and weaknesses of our website. On the one hand, we can optimize our site so that interested people can find it more easily on Google. On the other hand, the data helps us to better understand you as a visitor. We therefore know very well what we need to improve on our website in order to offer you the best possible service. The data also help us to carry out our advertising and marketing measures in a more individual and cost-effective manner. After all, it only makes sense to show our products and services to people who are interested in them.

Which data is saved by Google Analytics?

Google Analytics uses a tracking code to create a random, unique ID that is linked to your browser cookie. This is how Google Analytics recognizes you as a new user. The next time you visit our site, you will be recognized as a “returning” user. All collected data is saved together with this user ID. This is how it is possible to evaluate pseudonymous user profiles in the first place.

Tags such as cookies and app instance IDs measure your interactions on our website. Interactions are all types of actions that you carry out on our website. If you also use other Google systems (such as a Google account), data generated by Google Analytics can be linked to third-party cookies. Google does not pass on any Google Analytics data unless we, as the website operator, approve it. Exceptions may be made if required by law.

The following cookies are used by Google Analytics:

Name: _ga
Value: 2.1326744211.152311147803-5
Purpose: By default, analytics.js uses the _ga cookie to save the user ID. Basically, it is used to differentiate between website visitors.
Expiry date: after 2 years

Name: _gid
Value: 2.1687193234.152311147803-1
Purpose: The cookie is also used to differentiate between website visitors
Expiry date: after 24 hours

Name: _gat_gtag_UA_ <property-id>
Value: 1
Purpose: Used to lower the request rate. If Google Analytics is provided via the Google Tag Manager, this cookie is named _dc_gtm_ <property-id>.
Expiry date: after 1 minute

Name: AMP_TOKEN
Value: no information
Purpose: The cookie has a token with which a user ID can be retrieved from the AMP client ID service. Other possible values indicate a logout, a request, or an error.
Expiry date: after 30 seconds up to a year

Name: __utma
Value: 1564498958.1564498958.1564498958.1
Purpose: This cookie can be used to track your behavior on the website and measure its performance. The cookie is updated every time information is sent to Google Analytics.
Expiry date: after 2 years

Name: __utmt
Value: 1
Purpose: The cookie is used like _gat_gtag_UA_ <property-id> to throttle the request rate.
Expiry date: after 10 minutes

Name: __utmb
Value: 3.10.1564498958
Purpose: This cookie is used to determine new sessions. It is updated every time new data or information is sent to Google Analytics.
Expiry date: after 30 minutes

Name: __utmc
Value: 167421564
Purpose: This cookie is used to set new sessions for returning visitors. This is a session cookie and is only saved until you close the browser again.
Expiration date: after closing the browser

Name: __utmz
Value: m | utmccn = (referral) | utmcmd = referral | utmcct = /
Purpose: The cookie is used to identify the source of the traffic on our website. This means that the cookie stores where you came to our website from. That could have been another page or an advertisement.
Expiry date: after 6 months

Name: __utmv
Value: not specified
Purpose: The cookie is used to save custom user data. It is always updated when information is sent to Google Analytics.
Expiry date: after 2 years

Note: This list cannot claim to be complete, as Google changes the choice of their cookies again and again.

Here we show you an overview of the most important data that is collected with Google Analytics

Heatmaps: Google creates so-called heatmaps. Heatmaps show exactly those areas that you click on. In this way we get information about where you are on our site.

Session duration: Google defines the session duration as the time that you spend on our site without leaving the site. If you have been inactive for 20 minutes, the session ends automatically.

Bounce rate: We are talking about a bounce if you only view one page on our website and then exit our website again.

Account creation: When you create an account or place an order on our website, Google Analytics collects this data.

IP address: The IP address is only shown in abbreviated form so that it cannot be clearly assigned.

Location: The country and your approximate location can be determined via the IP address. This process is also known as IP location determination.

Technical information: The technical information includes, among other things, your browser type, your Internet provider or your screen resolution.

Source of origin: Google Analytics or us are of course also interested in which website or which advertising you came to our site.

Further data are contact details, any ratings, the playing of media (e.g. when you play a video on our site), sharing content via social media or adding it to your favorites. The list does not claim to be complete and only serves as a general guide to data storage by Google Analytics.

How long and where will the data be stored?

Google has distributed your servers all over the world. Most of the servers are located in America and consequently your data is mostly stored on American servers. Here you can read exactly where the Google data centers are located: https://www.google.com/about/datacenters/inside/locations/?hl=de

Your data is distributed on various physical data carriers. This has the advantage that the data can be accessed more quickly and is better protected against manipulation. Every Google data center has appropriate emergency programs for your data. If, for example, the hardware at Google fails or natural disasters paralyze servers, the risk of service interruption at Google remains low.

A standard storage period for your user data of 26 months is set for Google Analytics. Then your user data will be deleted. However, we have the option of choosing the retention period for user data ourselves. We have five variants available for this:

  • Deletion after 14 months
  • Deletion after 26 months
  • Deletion after 38 months
  • Deletion after 50 months
  • No automatic deletion

When the specified period has expired, the data is deleted once a month. This retention period applies to your data linked to cookies, user identification and advertising IDs (e.g. cookies from the DoubleClick domain). Report results are based on aggregated data and are stored independently of user data. Aggregated data is a merging of individual data into a larger unit.

How can I delete my data or prevent data storage?

According to the data protection law of the European Union, you have the right to receive information about your data, to update it, to delete it or to restrict it. Use the browser add-on to deactivate Google Analytics JavaScript (ga.js, analytics.js, dc.js) to prevent Google Analytics from using your data. You can download and install the browser add-on at https://tools.google.com/dlpage/gaoptout?hl=de Please note that this add-on only deactivates data collection by Google Analytics.

According to the data protection law of the European Union, you have the right to receive information about your data, to update it, to delete it or to restrict it. Use the browser add-on to deactivate Google Analytics JavaScript (ga.js, analytics.js, dc.js) to prevent Google Analytics from using your data. You can download and install the browser add-on at https://tools.google.com/dlpage/gaoptout?hl=de. Please note that this add-on only deactivates data collection by Google Analytics.

If you generally want to deactivate, delete or manage cookies (independent of Google Analytics), there are separate instructions for each browser:

Chrome: Delete, activate and manage cookies in Chrome

Safari: manage cookies and website data with Safari

Firefox: Delete cookies to remove data that websites have stored on your computer

Internet Explorer: deleting and managing cookies

Microsoft Edge: Deleting and managing cookies

Google Analytics is an active participant in the EU-U.S. Privacy Shield Framework, which regulates the correct and secure transfer of personal data. You can find more information on this at https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&tid=311147803. We hope we were able to provide you with the most important information about data processing by Google Analytics. If you want to find out more about the tracking service, we recommend these two links: http://www.google.com/analytics/terms/de.html und https://support.google.com/analytics/answer/6004245?hl=de.

Newsletter data protection declaration:

If you subscribe to our newsletter, you transmit the personal data mentioned above and give us the right to contact you by email. We use the data stored when registering for the newsletter only for our newsletter and do not pass it on to any third parties.

If you unsubscribe from the newsletter – you will find the link for this at the bottom of every newsletter – then we will delete all data that was saved when you registered for the newsletter.

Source: Created with the  data protection generator from AdSimple in cooperation with fashiongott.de