Data protection information for visitors to this website

This data protection information informs you about the type, scope and purpose of processing personal data in connection with your visit to our website (visit to our website “https://www.stmarienthal.de”). With regard to the terms used, such as “processing” or “person responsible”, we refer to the definitions in Art. 4 of the Basic Data Protection Regulation (DSGVO), or simply click here!

The responsible body within the meaning of the DSGVO is

2. Applicable legal basis

In accordance with Art. 13 DSGVO, we inform you of the legal basis of our data processing. If the legal basis is not stated in the data information, the following applies: The legal basis for obtaining consent is Art. 6 Para. 1 lit. a and Art. 7 DSGVO, the legal basis for processing for the purpose of fulfilling our services and implementing contractual measures and answering enquiries is Art. 6 Para. 1 lit. b DSGVO, the legal basis for processing for the purpose of fulfilling our legal obligations is Art. 6 Para. 1 lit. c DSGVO, and the legal basis for processing for the purpose of safeguarding our legitimate interests is Art. 6 Para. 1 lit. f DSGVO. In the event that vital interests of the data subject or another natural person require the processing of personal data, Art. 6 para. 1 lit. d DSGVO serves as the legal basis.

When visiting the website, each server automatically saves the accesses to Internet pages. Temporary storage of the IP address by the system is necessary to enable our website to be delivered to your computer. For this purpose, your IP address must remain stored for the duration of the session. For the purpose of system security, our web server temporarily records the IP address of the requesting computer, the browser you are using, the operating system you areusing, the date and time of access, the Internet pages you visit, the Uniform Resource Locators (URL) requested on our Internet pages and the Internet page previously visited (referrer URL).

Under no circumstances do we use the data collected for the purpose of drawing conclusions about you as a visitor to our website. This information is rather required to (1) deliver the contents of our website correctly, (2) optimise the contents of our website and the advertising for it, (3) ensure the permanent functionality of our information technology systems and the technology of our website and (4) to provide law enforcement authorities with the information necessary for criminal prosecution in case of a cyber attack. This anonymously collected data and information is therefore evaluated by us on the one hand statistically (for analysis services, please refer to 10.4. in this data protection information) and also with the aim of increasing data protection and data security in our company, in order to ultimatelyensure an optimum level of protection for the personal data processed by us. The anonymous data of the server log files are stored separately from all personal data provided by a person concerned.

The hosting services we use serve to provide the following services: Infrastructure and platform services, computing capacity, storage space and database services, security services and technical maintenance services that we use for the purpose of operating this online service.

For this purpose, we or our hosting provider process inventory data, contact data, content data, contract data, usage data, meta and communication data of customers, interested parties and visitors to this online service on the basis of our legitimate interests in the efficient and secure provision of this online service in accordance with Art. 6 Para. 1 letter f DSGVO in conjunction with Art. 6 Para. 1 letter f DSGVO. Art. 28 DSGVO (conclusion of contract processing agreement).

To protect the security of your data during transmission, we use state-of-the-art encryption procedures (e.g. SSL) via HTTPS.

We adhere to the principles of data avoidance and data economy. We therefore only store your personal data for as long as is necessary to achieve the purposes stated here or as required by the various storage periods provided for by law. After the respective purpose has ceased to exist or these periods have expired, the corresponding data is routinely blocked or deleted in accordance with the statutory provisions.

8. Transfer of data

If, in the course of our processing, we disclose data to other persons and companies (processors or third parties), transfer it to them or otherwise grant them access to the data, this will only be done on the basis of a legal authorisation (e.g. if the transfer of the data to third parties, such as payment service providers, is necessary for the performance of the contract in accordance with Art. 6 Para. 1 letter b DSGVO), if you have consented, if a legal obligation provides for this or on the basis of our legitimate interests (e.g. when using agents, web hosts, etc.).

If we process data in a third country (i.e. outside the European Union (EU), the European Economic Area (EEA) or theSwiss Confederation) or if this is done in the context of using the services of third parties or disclosure or transfer of data to other persons or companies, this will only take place if it is done to fulfil our (pre-)contractual obligations, on the basis of your consent, on the basis of a legal obligation or on the basis of our legitimate interests. Subject to express consent or contractually required  transfer,  we  will  only  process or allow the data to be processed in third countries with a recognised level of data protection, including the US processors certified under the “Privacy Shield” or on the basis of special guarantees, such as contractual obligations through so-called standard protection clauses of the EU Commission, the existence of certifications or binding internal data protection regulations (Art. 44 to 49 DSGVO).

9. Cookies

We use cookies on our site. These are small text files that are automatically created by your browser and saved by the browser of your end device (e.g. laptop, tablet, smartphone) when you visit our site. Cookies do not cause any damage to your terminal device, do not contain viruses, Trojans or other malicious software. Information is stored in the cookie that is related to the specific terminal device used. This does not mean, however, that we obtain direct knowledge of youridentity.

Your data collected in this way is pseudonymised by technical precautions. It is therefore no longer possible to assign thedata to you. The data is not stored together with other personal data of the users. When you call up our website, an info banner informs you about the use of cookies for analysis purposes and draws your attention to this data protectiondeclaration.

You can determine whether cookies are to be set and retrieved by the settings in your browser. You can, for example, completely deactivate the storage of cookies in your browser, restrict it to certain Internet pages or configure your browser so that it automatically informs you as soon as a cookie is to be set and asks you for feedback. However, for technical reasons, it is necessary to allow the above-mentioned session cookies in order to use the full range of functions of ourwebsite.

In addition, we also use temporary cookies to optimise user-friendliness, which are stored on your end device for a certain defined period of time. If you visit our site again in order to use our services, it will be automatically recognised that you have already been with us and which entries and settings you have made so that you do not have to enter them again.

On the other hand, we use cookies to record the use of our website statistically and to evaluate it for the purpose of optimising our offer for you. These cookies enable us to automatically recognise that you have already been on ourwebsite when you visit it again. These cookies are automatically deleted after a defined time. The data processed by cookies is required for the above-mentioned purposes in order to safeguard our legitimate interests and those of third parties in accordance with Art. 6 Para. 1 letter f DSGVO.

The collection of data for the provision of the website and the storage of the data in log files is absolutely necessary for the operation of the website. There is therefore no possibility of objection on your part.

On our website we use active Java Script content from external providers, so-called web services. By calling up our website, these external providers may receive personal information about your visit to our website. It is possible that data may be processed outside the EU. You can prevent this by installing a Java-Script blocker such as the browser plug-in ‘NoScript’ (www.noscript.net) or by deactivating Java- Script in your browser. This can lead to functional restrictions on the websites you visit.

We use the following external web services:

This website uses jQuery or jQueryUI technologies, which optimises loading speeds. In this respect, programme libraries are called up by Google servers. The CDN (content delivery network) of Google is used. If you have previously used jQuery on another page of the Google CDN, your browser will fall back on the cached copy. If this is not the case, this requires a download, whereby data from your browser is sent to Google! Inc. (“Google”). Your data will be transferred to the USA. You can find out more details at: https://developers.google.com/speed/libraries/#jquery and under the data protection provisions of https://www.google.com/policies/privacy/.

This website uses web fonts provided by Fonticons, Inc. for the uniform display of fonts. When you call up a page, yourbrowser loads the required web fonts into your browser cache to display texts and fonts correctly.

For this purpose, the browser you use must connect to the servers of Fonticons, Inc. This allows Fonticons, Inc. to know that our website has been accessed via your IP address. The use of web fonts is in the interest of a uniform and attractivepresentation of our online offer. This represents a legitimate interest in the sense of Art. 6 Para. 1 lit. f DSGVO. If your browser does not support web fonts, your computer will use its own standard font.

Further information about Font Awesome can be found at https://fontawesome.com/help and in the data protection declaration of Fonticons, Inc.: https://fontawesome.com/privacy.

We integrate the maps of the “Google Maps” service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. If you use these services on our website, IP addresses and your location data (usually as part of your mobile device settings) may be collected with your consent. We cannot exclude the possibility that Google may process these data in the USA.

Zendesk is a certified participant of the so- called “Privacy Shield Framework” and thus fulfils the minimum requirements for processing order data in accordance with the law. Zendesk Chat shows the user whether one of our employees is currently online to provide an immediate response. For this purpose, all visitors to our pages are recorded with their IP address and the page they are currently visiting. The IP address is made anonymous.

Zendesk Chat uses cookies. The information generated by the cookie about your use of our website (including your anonymized IP address) is transferred to and stored on a Zendesk Chat server in the United States. The information is only visible for the moment you visit a particular page and is not stored.

Any chats that are conducted are logged and stored. You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of the website. For more information on data processing by Zendesk, please refer to Zendesk’s privacy policy at https://www.zendesk.com/company/privacy.

The VIOMA booking hotel booking system of the company vioma GmbH (VIOMA), Industriestrasse 27, 77656 Offenburg, Germany, which is used for electronic contact for online bookings, is integrated on our website. This hotel booking system also displays fonts from the VIOMA font library. Therefore, when calling up our site, a data transfer to VIOMA may occur. You can read more about VIOMA under 11.1. of this privacy statement.

This website uses Borlabs cookie that sets a technically necessary cookie (borlabs cookie) to store your cookie consent. Borlabs Cookie does not process any personal data. The borlabs cookie stores your consent that you gave when you entered the website. If you wish to revoke these consents, simply delete the cookie in your browser. When you re- enter/reload the website, you will be asked again for your cookie consent.

11. Collection, processing and use of personal data that you yourself have provided

The processing of data in the context of the booking process is carried out within the framework of the pre-contractual relationship. Reference is made to this data protection information as a visitor to this website and to our data protection information for our hotel customers.

No data will be passed on to third parties in connection with your booking. The data will be used exclusively for processing your booking/inquiry.

The legal basis for data processing is Art. 6 Para. 1 letter b DSGVO. The processing of the personal data from the input mask serves us solely to process the booking or enquiry. The other personal data processed during the sending process serves to prevent misuse of the system and to ensure the security of our information technology systems.

For more information on data protection by VIOMA, the data processor, please visit the following address:

https://www.vioma.de/de/service/datenschutzerklaerung/.

The legal basis for the processing of the data transmitted in the course of a conversation via e-mail is Art. 6 para. 1 lit. f DSGVO.

Your personal data will be deleted or blocked as soon as the purpose for which it was stored no longer applies. For the personal data from the input mask of the contact form and those sent by e-mail, this is the case when the respective conversation with the user has ended. The conversation is ended when it can be concluded from the circumstances that the matter in question has been conclusively clarified.

You have the right to complain about the processing of personal data by us to the competent supervisory authority for data protection. The supervisory authority responsible is the supervisory authority in which our company has its registered office:

We reserve the right to adapt this data protection information (as of January 2020) so that it always complies with current legal requirements or to implement changes to our services in the data protection information, e.g. when new services are introduced. The new data protection information then applies to your next visit.