Data protection

Data protection declaration Hotel Sonnenblick

We have written this data protection declaration (version 01/29/2020-311147803) to explain to you, in accordance with the requirements of the General Data Protection Regulation (EU) 2016/679, what information we collect, how we use data and what decision-making options you have as a visitor to this website.

Unfortunately, it is in the nature of things that these explanations sound very technical, but we have tried to describe the most important things as simply and clearly as possible when creating them.

Automatic data storage

Nowadays, when you visit websites, certain information is automatically created and stored, including on this website.

When you visit our website as you are doing right now, our web server (computer on which this website is stored) automatically stores data like

  • the address (URL) of the accessed web page
  • Browser and browser version
  • the operating system used
  • the address (URL) of the previously visited page (referrer URL)
  • the hostname and IP address of the device from which access is made
  • Date and time

in files (web server log files).

As a rule, web server log files are stored for two weeks and then automatically deleted. We do not pass on this data, but we cannot exclude the possibility that this data may be viewed in the event of unlawful conduct.
The legal basis, according to Article 6(1) f DSGVO (lawfulness of processing), is that there is legitimate interest in enabling the error-free operation of this website by collecting web server log files.

Cookies

Our website uses HTTP cookies to store user-specific data.
Below we explain what cookies are and why they are used so that you can better understand the following privacy policy.

What exactly are cookies?

Whenever you browse the Internet, you use a browser. Well-known browsers include Chrome, Safari, Firefox, Internet Explorer, and Microsoft Edge. Most web pages store small text files in your browser. These files are called cookies.

One thing cannot be denied: Cookies are really useful little helpers. Almost all websites use cookies. More precisely, they are HTTP cookies, as there are other cookies for other applications. HTTP cookies are small files that are stored on your computer by our website. These cookie files are automatically placed in the cookie folder, effectively the “brain” of your browser. A cookie consists of a name and a value. When defining a cookie, one or more attributes must also be specified.

Cookies store certain user data about you, such as language or personal page settings. When you return to our site, your browser transmits the “user-related” information back to our site. Thanks to cookies, our website knows who you are and offers you your usual default setting. In some browsers, each cookie has its own file; in others, such as Firefox, all cookies are stored in a single file.

There are both first-party cookies and third-party cookies. First-party cookies are created directly by our site, third-party cookies are created by partner websites (e.g. Google Analytics). Each cookie must be evaluated individually, as each cookie stores different data. The expiration time of a cookie also varies from a few minutes to a few years. Cookies are not software programs and do not contain viruses, Trojans or other “pests”. Cookies also cannot access information from your PC. For example, cookie data can look like this:

  • Name: _ga
  • Expiration time: 2 years
  • Usage: differentiation of website visitors
  • Example value: GA1.2.1326744211.152311147803

A browser should support the following minimum sizes:

  • A cookie should be able to contain at least 4096 bytes
  • At least 50 cookies should be able to be stored per domain
  • A total of at least 3000 cookies should be able to be stored

What are the types of cookies?

The question of which cookies we use in particular depends on the services used and is clarified in the following sections of the privacy policy. At this point, we would like to briefly discuss the different types of HTTP cookies.

We can distinguish 4 types of cookies:

Absolutely necessary cookies

These cookies are necessary to ensure basic functions of the website. For example, it needs these cookies when a user adds a product to the shopping cart, then continues surfing on other pages and only later goes to the checkout. These cookies do not delete the shopping cart even if the user closes his browser window.

Functional cookies

These cookies collect information about user behavior and whether the user receives any error messages. In addition, these cookies are also used to measure the loading time and the behavior of the website with different browsers.

Targeting cookies
These cookies provide a better user experience. For example, entered locations, font sizes or form data are saved.

Advertising cookies
These cookies are also called targeting cookies. They are used to deliver customized advertising to the user. This can be very convenient, but also very annoying.

Usually, when you visit a website for the first time, you are asked which of these cookie types you want to allow. And, of course, this decision is also stored in a cookie.

How can I delete cookies?

How and whether you want to use cookies, you decide. Regardless of which service or website the cookies come from, you always have the option to delete, only partially allow or disable cookies. For example, you can block third-party cookies, but allow all other cookies.

If you want to determine which cookies have been stored in your browser, if you want to change or delete cookie settings, you can find this in your browser settings:

Chrome: Delete, enable and manage cookies in Chrome

Safari: Managing cookies and website data with Safari

Firefox: Delete cookies to remove data that websites have placed on your computer

Internet Explorer: Delete and manage cookies

Microsoft Edge: Delete and manage cookies

If you generally do not want cookies, you can set up your browser so that it always informs you when a cookie is to be set. Thus, for each individual cookie, you can decide whether to allow the cookie or not. The procedure varies depending on the browser. The best way is to search the instructions in Google with the search term “delete cookies Chrome” or “disable cookies Chrome” in case of Chrome browser or replace the word “Chrome” with the name of your browser, e.g. Edge, Firefox, Safari.

What about my privacy?

The so-called “Cookie Guidelines” have been in place since 2009. This states that the storage of cookies requires the consent of the website visitor (i.e. you). Within the EU countries, however, there are still very different reactions to these directives. In Germany, the Cookie Guidelines have not been implemented as national law. Instead, this directive was largely implemented in Section 15 (3) of the German Telemedia Act (TMG).

If you want to know more about cookies and are not afraid of technical documentation, we recommend https://tools.ietf.org/html/rfc6265, the Internet Engineering Task Force (IETF) Request for Comments called “HTTP State Management Mechanism”.

Storage of personal data

Personal data that you transmit to us electronically on this website, such as name, e-mail address, address or other personal information in the context of submitting a form or comments on the blog, will be used by us together with the time and IP address only for the purpose stated in each case, kept secure and not disclosed to third parties.

We thus use your personal data only for communication with those visitors who expressly request contact and for the processing of the services and products offered on this website. We do not disclose your personal data without your consent, but we cannot exclude the possibility that this data may be viewed in the event of unlawful conduct.

If you send us personal data by e-mail – thus away from this website – we cannot guarantee secure transmission and protection of your data. We recommend that you never send confidential data by e-mail without encryption.

According to Article 6(1)(a) DSGVO (lawfulness of processing), the legal basis is that you give us consent to process the data you have entered. You can revoke this consent at any time – an informal e-mail is sufficient, you will find our contact details in the imprint.

Rights under the General Data Protection Regulation

According to the provisions of the GDPR, you are generally entitled to the following rights:

  • Right of rectification (Article 16 GDPR)
  • Right to erasure (“right to be forgotten”) (Article 17 GDPR)
  • Right to restriction of processing (Article 18 DSGVO)
  • Right to notification – obligation to notify in connection with the rectification or erasure of personal data or the restriction of processing (Article 19 GDPR)
  • Right to data portability (Article 20 GDPR)
  • Right to object (Article 21 GDPR)
  • Right not to be subject to a decision based solely on automated processing, including profiling (Article 22 GDPR)

If you believe that the processing of your data violates data protection law or that your data protection rights have been violated in any other way, you can contact the Federal Commissioner for Data Protection and Freedom of Information (BfDI).

Evaluation of visitor behavior

In the following privacy policy, we inform you whether and how we evaluate data from your visit to this website. The evaluation of the collected data is usually anonymous and we cannot infer your person from your behavior on this website.

You can find out more about how to object to this analysis of visit data in the following data protection declaration.

TLS encryption with https

We use https to transmit data tap-proof on the Internet (data protection by design of technology Article 25(1) DSGVO). By using TLS (Transport Layer Security), an encryption protocol for secure data transmission on the Internet, we can ensure the protection of confidential data. You can recognize the use of this data transfer protection by the small lock symbol at the top left of the browser and the use of the https scheme (instead of http) as part of our Internet address.

Google Maps Privacy Policy

We use Google Maps of the company Google Inc. on our website. (1600 Amphitheatre Parkway Mountain View, CA 94043, USA). Google Maps allows us to better visualize locations and thus improve our service. By using Google Maps, data is transmitted to Google and stored on Google servers. Here we will now go into more detail about what Google Maps is, why we use this Google service, what data is stored and how you can prevent this.

What is Google Maps?

Google Maps is an online map service provided by Google Inc. Google Maps lets you find exact locations of cities, landmarks, accommodations, or businesses on the Internet using a PC or an app. When companies are represented on Google My Business, other information about the company is displayed in addition to the location. To display directions, map sections of a location can be embedded into a website using HTML code. Google Maps displays the earth’s surface as a street map or as an aerial or satellite image. Thanks to the Street View images and the high-quality satellite images, very accurate representations are possible.

Why do we use Google Maps on our website?

All of our efforts on this site are aimed at providing you with a useful and meaningful time on our site. By integrating Google Maps, we can provide you with the most important information about various locations. Thanks to Google Maps you can see at a glance where we are located. The directions will always show you the best or fastest way to get to us. You can access the route for routes by car, public transport, on foot or by bike. For us, providing Google Maps is part of our customer service.

What data is stored by Google Maps?

In order for Google Maps to fully provide their service, the company must collect and store data from you. These include the search terms entered, your IP address and the latitude or longitude coordinates. If you use the route planner function, the entered start address is also saved. However, this data storage happens on Google Maps websites. We can only inform you about this, but cannot influence it. Since we have integrated Google Maps into our website, Google sets at least one cookie (name: NID) in your browser. This cookie stores data about your user behavior. Google uses this data primarily to optimize its own services and to provide individual, personalized advertising for you.

The following cookie is set in your browser due to the integration of Google Maps:

  • Name:NID
  • Expiry time:after 6 months
  • Usage:NID is used by Google to customize ads to your Google search. With the help of the cookie, Google “remembers” your most frequently entered search queries or your previous interaction with ads. This way you will always get customized ads. The cookie contains a unique ID that Google uses to collect personal settings of the user for advertising purposes.
  • Beispielwert:188=h26c1Ktha7fCQTx8rXgLyATyITJ311147803

Note: We can not guarantee completeness in the information of the stored data. Especially when using cookies, changes at Google can never be ruled out. In order to identify the cookie NID, a separate test page was created, where only Google Maps was integrated.

How long and where is the data stored?

Google servers are located in data centers around the world. However, most of the servers are located in America. For this reason, your data is also increasingly stored in the USA. You can find out exactly where Google’s data centers are located here: https://www.google.com/about/datacenters/inside/locations/?hl=de

Google distributes the data on various data carriers. This means that the data can be retrieved more quickly and is better protected against any attempts at manipulation. Each data center also has special emergency programs. For example, if there are problems with Google’s hardware or a natural disaster affects the servers, the data is still very likely to remain protected.

Google stores some data for a set period of time. For other data, Google only offers the option to delete it manually. Furthermore, the company also anonymizes information (such as advertising data) in server logs by removing a portion of the IP address and cookie information after 9 and18 Delete months.

How can I delete my data or prevent data storage?

With the automatic deletion of location and activity data introduced in 2019, location and web/app activity information will be stored for either 3 or 18 months, depending on your decision, and then deleted. Moreover, you can also delete this data from the history manually at any time via the Google account. If you want to completely prevent your location tracking, you need to pause the “Web and App Activity” section in Google Account. Click “Data and personalization” and then click the “Activity setting” option. Here you can switch the activities on or off.

In your browser, you can also deactivate, delete or manage individual cookies. Depending on which browser you use, this works in different ways. The following instructions show how to manage cookies in your browser:

Chrome: Delete, enable and manage cookies in Chrome

Safari: Managing cookies and website data with Safari

Firefox: Delete cookies to remove data that websites have placed on your computer

Internet Explorer: Delete and manage cookies

Microsoft Edge: Delete and manage cookies

If you generally do not want cookies, you can set up your browser so that it always informs you when a cookie is to be set. Thus, for each individual cookie, you can decide whether to allow it or not.

Google is an active participant in the EU-U.S. Privacy Shield Framework, which governs the accurate and secure transfer of personal data. For more information, visit https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI. If you would like to learn more about Google’s data processing, we recommend that you read the company’s in-house privacy policy at https://policies.google.com/privacy?hl=de.

Google Analytics Privacy Policy

We use the analysis tracking tool Google Analytics (GA) of the American company Google LLC (1600 Amphitheatre Parkway Mountain View, CA 94043, USA) on our website. Google Analytics collects data about your actions on our website. For example, when you click on a link, this action is stored in a cookie and sent to Google Analytics. With the help of the reports we receive from Google Analytics, we can better customize our website and service to meet your needs. In the following, we will go into more detail about the tracking tool and, in particular, inform you about what data is stored and how you can prevent it.

What is Google Analytics?

Google Analytics is a tracking tool used for traffic analysis of our website. In order for Google Analytics to work, a tracking code is built into the code of our website. When you visit our website, this code records various actions that you perform on our website. As soon as you leave our website, this data is sent to the Google Analytics servers and stored there.

Google processes the data and we get reports about your user behavior. These may include, but are not limited to, the following reports:

  • Target group reports: Through target group reports, we get to know our users better and know more precisely who is interested in our service.
  • Ad reports: Ad reports make it easier for us to analyze and improve our online advertising.
  • Acquisition reports: Acquisition reports give us helpful information on how to get more people interested in our service.
  • Behavioral reports: This is where we learn how you interact with our website. We can track which path you take on our site and which links you click on.
  • Conversion reports: Conversion is the name given to a process in which you take a desired action as a result of a marketing message. For example, if you go from being just a website visitor to a buyer or newsletter subscriber. These reports help us learn more about how our marketing efforts are resonating with you. This is how we want to increase our conversion rate.
  • Real-time reports: Here we always find out immediately what is happening on our website. For example, we can see how many users are currently reading this text.

Why do we use Google Analytics on our website?

Our goal with this website is clear: we want to provide you with the best possible service. Google Analytics statistics and data help us achieve this goal.

The statistically evaluated data gives us a clear picture of the strengths and weaknesses of our website. On the one hand, we can optimize our site to make it easier for interested people to find it on Google. On the other hand, the data helps us to better understand you as a visitor. Thus, we know very well what we need to improve on our website in order to provide you with the best possible service. The data also serve us to carry out our advertising and marketing measures in a more individual and cost-effective manner. After all, it only makes sense to show our products and services to people who are interested in them.

What data is stored by Google Analytics?

Google Analytics uses a tracking code to create a random, unique ID associated with your browser cookie. This is how Google Analytics recognizes you as a new user. The next time you visit our site, you will be recognized as a “returning” user. All collected data is stored together with this user ID. This is what makes it possible to evaluate pseudonymous user profiles in the first place.

Identifiers such as cookies and app instance IDs measure your interactions on our website. Interactions are all types of actions you take on our website. If you also use other Google systems (such as a Google account), data generated via Google Analytics may be linked to third-party cookies. Google does not share Google Analytics data unless we, as the website owner, authorize it. Exceptions may occur when required by law.

The following cookies are used by Google Analytics:

Name: _ga
Wert:2.1326744211.152311147803-5
Purpose: By default, analytics.js uses the _ga cookie to store the user ID. Basically, it is used to distinguish the website visitors.
Expiration date: after 2 years

Name: _gid
Wert:2.1687193234.152311147803-1
Purpose: The cookie is also used to distinguish the website visitors
Expiration date: after 24 hours

Name: _gat_gtag_UA_<property-id>
Value: 1
Intended use: Used to lower the request rate. When Google Analytics is deployed via Google Tag Manager, this cookie is named _dc_gtm_ <property-id>.
Expiration date: after 1 minute

Name: AMP_TOKEN
Value: no data
Purpose: The cookie has a token that can be used to retrieve a user ID from the AMP client ID service. Other possible values indicate a logout, a request, or an error.
Expiration date: after 30 seconds up to one year

Name: __utma
Wert:1564498958.1564498958.1564498958.1
Purpose: This cookie is used to track your behavior on the website and measure its performance. The cookie is updated every time information is sent to Google Analytics.
Expiration date: after 2 years

Name: __utmt
Value: 1
Purpose: The cookie is used like _gat_gtag_UA_<property-id> to throttle the request rate.
Expiration date: after 10 minutes

Name: __utmb
Value:3.10.1564498958
Purpose: This cookie is used to determine new sessions. It is updated every time new data or info is sent to Google Analytics.
Expiration date: after 30 minutes

Name: __utmc
Value: 167421564
Purpose: This cookie is used to set new sessions for returning visitors. This is a session cookie and is only stored until you close the browser again.
Expiration date: After closing the browser

Name: __utmz
Value: m|utmccn=(referral)|utmcmd=referral|utmcct=/
Purpose: The cookie is used to identify the source of traffic to our website. That is, the cookie stores from where you came to our website. This may have been another site or an advertisement.
Expiration date: after 6 months

Name: __utmv
Value: not specified
Purpose: The cookie is used to store custom user data. It is updated whenever information is sent to Google Analytics.
Expiration date: after 2 years

Note: This list cannot claim to be complete, as Google also changes the choice of its cookies again and again.

Here we show you an overview of the most important data collected with Google Analytics:

Heatmaps: Google creates so-called heatmaps. Via heatmaps you can see exactly those areas you click on. This way we get information where you are “traveling” on our site.

Session duration: Google refers to the time you spend on our site without leaving the site as session duration. If you have been inactive for 20 minutes, the session will end automatically.

Bounce rate: A bounce rate is when you view only one page on our website and then leave our website again.

Account creation: When you create an account or place an order on our website, Google Analytics collects this data.

IP address: The IP address is only shown in abbreviated form so that no clear assignment is possible.

Location: The IP address can be used to determine the country and your approximate location. This process is also referred to as IP location determination.

Technical information: Technical information may include your browser type, Internet service provider, or screen resolution.

Source of origin: Google Analytics or, of course, we are also interested in which website or which advertisement you came to our site from.

Other data includes contact information, any ratings, playing media (for example, if you play a video through our site), sharing content through social media, or adding to your favorites. The list does not claim to be complete and only serves as a general orientation of the data storage by Google Analytics.

How long and where is the data stored?

Google has your servers spread all over the world. Most servers are located in America and consequently your data is mostly stored on American servers. You can find out exactly where Google’s data centers are located here: https://www.google.com/about/datacenters/inside/locations/?hl=de

Your data is distributed on different physical media. This has the advantage that the data can be retrieved more quickly and is better protected against manipulation. There are appropriate emergency programs for your data in every Google data center. For example, if Google’s hardware fails or natural disasters cripple servers, the risk of service interruption at Google still remains low.

Google Analytics defaults to a retention period of 26 months for your user data. Then your user data will be deleted. However, we have the option to choose the retention period of user data. We have five variants available for this purpose:

  • Deletion after 14 months
  • Deletion after 26 months
  • Deletion after 38 months
  • Deletion after 50 months
  • No automatic deletion

Once the specified period has expired, the data is deleted once a month. This retention period applies to your data associated with cookies, user recognition and advertising IDs (e.g. DoubleClick domain cookies). Reporting results are based on aggregated data and are stored independently of user data. Aggregated data is a merging of individual data into a larger unit.

How can I delete my data or prevent data storage?

Under European Union data protection law, you have the right to access, update, delete or restrict your data. Using the browser add-on to disable Google Analytics JavaScript (ga.js, analytics.js, dc.js) you prevent Google Analytics from using your data. You can download and install the browser add-on at https://tools.google.com/dlpage/gaoptout?hl=de. Please note that this add-on only disables data collection by Google Analytics.

If you generally want to disable, delete or manage cookies (independently of Google Analytics), there are separate instructions for each browser:

Chrome: Delete, enable and manage cookies in Chrome

Safari: Managing cookies and website data with Safari

Firefox: Delete cookies to remove data that websites have placed on your computer

Internet Explorer: Delete and manage cookies

Microsoft Edge: Delete and manage cookies

Google Analytics is an active participant in the EU-U.S. Privacy Shield Framework, which governs the accurate and secure transfer of personal data. For more information, visit https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&tid=311147803. We hope we have been able to provide you with the most important information about the data processing of Google Analytics. If you want to learn more about the tracking service, we recommend these two links: http://www.google.com/analytics/terms/de.html and https://support.google.com/analytics/answer/6004245?hl=de.

Newsletter Privacy Policy

When you sign up for our newsletter, you submit the above personal information and give us the right to contact you by email. We use the data stored as part of the registration for the newsletter exclusively for our newsletter and do not pass them on.

If you unsubscribe from the newsletter – you will find the link for this at the bottom of each newsletter – we will delete all data that was stored with the subscription to the newsletter.

Source: Created with the privacy generator of AdSimple in cooperation with fashiongott.de