We point out that data transmission over the Internet (egwhen communicating by e-mail) can have security gaps. A complete protection of data against third party access is not possible.
Nature and purpose of the processed data
Type of processed data
- Address data (first and last name, address, telephone number, e-mail)
- Text inputs (messages)
- Usage data, visited websites, access times
- IP addresses and metadata (device information)
- Visitors and users of our online offer
Purpose of processing
- Providing the online presence with content and functions
- Processing of bookings, orders, contact requests and messages
- Safety measures
- Statistical evaluations
Responsible for the processing
The person responsible within the meaning of the General Data Protection Regulation is:
Phone +49 8324 9730
Definition of Terms
- “Personal data” is any information that identifies persons known to us or by means of data stored with us.
- “Processing” is any process performed manually or automatically that loads, associates, stores or changes personal information.
- We refer to persons, authorities or institutions who decide on the purposes and means of processing personal data as “responsible persons”.
- You have the right to confirm whether your data is processed by us, to provide information about this information and to provide a copy of the data (Article 15 DSGVO)
- You have the right to correct or complete the data concerning you (Art. 16 DSGVO)
- You have the right to have your data deleted immediately (Article 17 DSGVO) or to require a restriction on their processing (Article 18 DSGVO).
- You have the right to receive your personal data as a file or to request a transfer to other persons responsible (Art. 20 DSGVO)
- You have the right to object to any future processing of your data (Art. 21 DSGVO)
- You have the right to grant consent in accordance with. Art. 7 para. 3 DSGVO with effect for the future
- You have gem. Art. 77 DSGVO the right to file a complaint with the competent supervisory authority.
Legal basis of processing
Article 6 of the DSGVO serves our company as the legal basis for all processing operations. We process your data only if:
- You have given your consent to the processing of your personal information for one or more specific purposes
- the processing is necessary for the performance of a contract or for the performance of pre-contractual actions, which are at your request
- the processing is necessary to fulfill a legal obligation to which you are subject
- Processing is necessary to protect your vital interests or that of another person
- the processing is necessary for the performance of a task that is in the public interest or in the exercise of public authority that has been delegated to us (Registration Act)
- processing is necessary to safeguard our legitimate interests or that of a third party, unless the interests or fundamental rights and freedoms of the data subject requiring the protection of personal data prevail, in particular if the person concerned is a child.
Duration of storage
At the maximum duration of storage of your personal data, we comply with the respective statutory retention period. After this period, the corresponding data will be routinely deleted, if they are no longer required to fulfill the contract or to initiate a contract.
All personal data processed by us will be deleted or restricted for further processing in accordance with Articles 17 & 18 DSGVO. Specifically, this means: Personal data will be deleted if they are no longer required for the fulfillment of the desired purposes or the legal storage obligation has expired. This applies in particular to invoices, accounting documents and business records.
Collaboration with contract processors
If a transmission of the data to third parties is necessary for the fulfillment of the contract, this only takes place:
- on the basis of the legal permission gem. Art. 6 para. 1 lit. b DSGVO
- on the basis of your consent
- if a legal obligation so provides
- based on our legitimate interests (such as the use of agents, web hosts, etc.)
- If we entrust third parties with processing on the basis of a so-called “contract processing contract”, this is done on the basis of Art. 28 DSGVO.
Contact / booking and voucher form
If you send us inquiries via the contact form, your details from the inquiry form, including the contact details you provided there, will be stored in order to process the request and in case of follow-up questions. We will not share this information without your consent.
In the case of a binding reservation confirmation, we ask you to provide your name and address as well as the date of birth of all fellow travelers. These data are the basis for the creation of the registration form and the personal guest card Bad Hindelang PLUS and serve as preparation for the journey.
The dispatch of our newsletter is done directly by us and not by a service provider. Each newsletter sent by us contains a direct unsubscribe link. You can also unsubscribe here by giving your e-mail address.
Our presence in social networks
Using Google Maps
The websites make use of so-called cookies. Cookies on your computer no harm and do not contain viruses. Cookies are used to make our offer more user-friendly, effective and safer. Cookies are small text files that are stored on your computer and saved by your browser.
Most of the cookies we use are so-called “session cookies”. They are automatically deleted after your visit. Other cookies remain on your device memory until you delete them. These cookies allow us to recognize your browser the next time you visit.
Online Dispute Resolution
Since 9.1.2016, the EU Regulation on Online Dispute Resolution in Consumer Affairs (No. 524/2013) applies. Disputes between consumers and merchants in connection with online sales contracts or online service contracts can be resolved through the following online platform. http://ec.europa.eu/consumers/odr/