Data protection information for visitors to this website
This data protection information informs you about the type, scope and purpose of processing personal data in connection with your visit to our website (visit to our website “https://www.stmarienthal.de”). With regard to the terms used, such as “processing” or “person responsible”, we refer to the definitions in Art. 4 of the Basic Data Protection Regulation (DSGVO), or simply click here
1. Responsible person
The responsible body within the meaning of the DSGVO is
IBZ ST. MARIENTHAL Betriebs-GmbH
St. Marienthal 10
You can reach our contact person for data protection at our postal address or at our e- mail address firstname.lastname@example.org.
2. Applicable legal basis
In accordance with Art. 13 DSGVO, we inform you of the legal basis of our data processing. If the legal basis is not stated in the data information, the following applies: The legal basis for obtaining consent is Art. 6 Para. 1 lit. a and Art. 7 DSGVO, the legal basis for processing for the purpose of fulfilling our services and implementing contractual measures and answering enquiries is Art. 6 Para. 1 lit. b DSGVO, the legal basis for processing for the purpose of fulfilling our legal obligations is Art. 6 Para. 1 lit. c DSGVO, and the legal basis for processing for the purpose of safeguarding our legitimate interests is Art. 6 Para. 1 lit. f DSGVO. In the event that vital interests of the data subject or another natural person require the processing of personal data, Art. 6 para. 1 lit. d DSGVO serves as the legal basis.
3. Security measures
In accordance with Art. 32 DSGVO, we take appropriate technical and organisational measures to ensure a level of protection appropriate to the risk, taking into account the state of the art, the implementation costs and the nature, scope, circumstances and purposes of the processing as well as the varying degrees of probability and severity of the risk to the rights and freedoms of natural persons.
These measures include, in particular, safeguarding the confidentiality, integrity and availability of data by controlling physical access to the data, as well as access, input, disclosure, safeguarding of availability and separation of data relating to them. Furthermore, procedures have been put in place to ensure that data subjects’ rights are exercised, that data are deleted, and that data is responded to threats to it. Furthermore, we take the protection of personal data into account as early as the development or selection of hardware, software and procedures in accordance with the principle of data protection through the design of technology and through data protection- friendly presettings (Art. 25 DSGVO).
4. Automatic collection, processing and use of personal data when visiting the website
When visiting the website, each server automatically saves the accesses to Internet pages. Temporary storage of the IP address by the system is necessary to enable our website to be delivered to your computer. For this purpose, your IP address must remain stored for the duration of the session. For the purpose of system security, our web server temporarily records the IP address of the requesting computer, the browser you are using, the operating system you areusing, the date and time of access, the Internet pages you visit, the Uniform Resource Locators (URL) requested on our Internet pages and the Internet page previously visited (referrer URL).
Under no circumstances do we use the data collected for the purpose of drawing conclusions about you as a visitor to our website. This information is rather required to (1) deliver the contents of our website correctly, (2) optimise the contents of our website and the advertising for it, (3) ensure the permanent functionality of our information technology systems and the technology of our website and (4) to provide law enforcement authorities with the information necessary for criminal prosecution in case of a cyber attack. This anonymously collected data and information is therefore evaluated by us on the one hand statistically (for analysis services, please refer to 10.4. in this data protection information) and also with the aim of increasing data protection and data security in our company, in order to ultimatelyensure an optimum level of protection for the personal data processed by us. The anonymous data of the server log files are stored separately from all personal data provided by a person concerned.
The legal basis for data processing is Art. 6 Para. 1 letter f DSGVO.
The hosting services we use serve to provide the following services: Infrastructure and platform services, computing capacity, storage space and database services, security services and technical maintenance services that we use for the purpose of operating this online service.
For this purpose, we or our hosting provider process inventory data, contact data, content data, contract data, usage data, meta and communication data of customers, interested parties and visitors to this online service on the basis of our legitimate interests in the efficient and secure provision of this online service in accordance with Art. 6 Para. 1 letter f DSGVO in conjunction with Art. 6 Para. 1 letter f DSGVO. Art. 28 DSGVO (conclusion of contract processing agreement).
6. SSL encryption
To protect the security of your data during transmission, we use state-of-the-art encryption procedures (e.g. SSL) via HTTPS.
You can tell whether an individual page of our website is being transmitted in encrypted form by the closed display of the key or lock symbol in the status bar of your browser.
7. Deletion or blocking of data
We adhere to the principles of data avoidance and data economy. We therefore only store your personal data for as long as is necessary to achieve the purposes stated here or as required by the various storage periods provided for by law. After the respective purpose has ceased to exist or these periods have expired, the corresponding data is routinely blocked or deleted in accordance with the statutory provisions.
8. Transfer of data
If, in the course of our processing, we disclose data to other persons and companies (processors or third parties), transfer it to them or otherwise grant them access to the data, this will only be done on the basis of a legal authorisation (e.g. if the transfer of the data to third parties, such as payment service providers, is necessary for the performance of the contract in accordance with Art. 6 Para. 1 letter b DSGVO), if you have consented, if a legal obligation provides for this or on the basis of our legitimate interests (e.g. when using agents, web hosts, etc.).
If we commission third parties to process data on the basis of a so-called “contract processing agreement”, this is done on the basis of Art. 28 DSGVO.
If we process data in a third country (i.e. outside the European Union (EU), the European Economic Area (EEA) or theSwiss Confederation) or if this is done in the context of using the services of third parties or disclosure or transfer of data to other persons or companies, this will only take place if it is done to fulfil our (pre-)contractual obligations, on the basis of your consent, on the basis of a legal obligation or on the basis of our legitimate interests. Subject to express consent or contractually required transfer, we will only process or allow the data to be processed in third countries with a recognised level of data protection, including the US processors certified under the “Privacy Shield” or on the basis of special guarantees, such as contractual obligations through so-called standard protection clauses of the EU Commission, the existence of certifications or binding internal data protection regulations (Art. 44 to 49 DSGVO).
Cookies serve to make our offer more user- friendly, effective and safer. This is also our legitimate interest in the processing of personal data in accordance with Art. 6 para. 1 lit. f DSGVO. Most of the cookies we use on this website are so-called session cookies which are automatically deleted after you have finished your visit to the website. In this way the following data can be transmitted: Entered search terms, frequency of page calls, use of Internet site functions.
You can determine whether cookies are to be set and retrieved by the settings in your browser. You can, for example, completely deactivate the storage of cookies in your browser, restrict it to certain Internet pages or configure your browser so that it automatically informs you as soon as a cookie is to be set and asks you for feedback. However, for technical reasons, it is necessary to allow the above-mentioned session cookies in order to use the full range of functions of ourwebsite.
In addition, we also use temporary cookies to optimise user-friendliness, which are stored on your end device for a certain defined period of time. If you visit our site again in order to use our services, it will be automatically recognised that you have already been with us and which entries and settings you have made so that you do not have to enter them again.
Most browsers automatically accept cookies. However, you can configure your browser so that no cookies are stored on your computer or so that a message always appears before a new cookie is created. However, completely deactivating cookies may mean that you cannot use all the functions of our website.
The data will be deleted as soon as they are no longer required for the purpose for which they were collected. In the case of the collection of data for the provision of the website, this is the case when the respective session is ended. IP addresses are generally deleted at the latest seven days after they have been collected. Storage beyond this period is possible. In this case, the IP addresses of the users are deleted or alienated so that an allocation of the calling client is no longer possible.
The collection of data for the provision of the website and the storage of the data in log files is absolutely necessary for the operation of the website. There is therefore no possibility of objection on your part.
10. Integration of external web services and processing of data outside the EU
On our website we use active Java Script content from external providers, so-called web services. By calling up our website, these external providers may receive personal information about your visit to our website. It is possible that data may be processed outside the EU. You can prevent this by installing a Java-Script blocker such as the browser plug-in ‘NoScript’ (www.noscript.net) or by deactivating Java- Script in your browser. This can lead to functional restrictions on the websites you visit.
We use the following external web services:
This website uses jQuery or jQueryUI technologies, which optimises loading speeds. In this respect, programme libraries are called up by Google servers. The CDN (content delivery network) of Google is used. If you have previously used jQuery on another page of the Google CDN, your browser will fall back on the cached copy. If this is not the case, this requires a download, whereby data from your browser is sent to Google! Inc. (“Google”). Your data will be transferred to the USA. You can find out more details at: https://developers.google.com/speed/libraries/#jquery and under the data protection provisions of https://www.google.com/policies/privacy/
10.2. Font Awesome
This website uses web fonts provided by Fonticons, Inc. for the uniform display of fonts. When you call up a page, yourbrowser loads the required web fonts into your browser cache to display texts and fonts correctly.
For this purpose, the browser you use must connect to the servers of Fonticons, Inc. This allows Fonticons, Inc. to know that our website has been accessed via your IP address. The use of web fonts is in the interest of a uniform and attractivepresentation of our online offer. This represents a legitimate interest in the sense of Art. 6 Para. 1 lit. f DSGVO. If your browser does not support web fonts, your computer will use its own standard font.
10.3. Google Maps
We integrate the maps of the “Google Maps” service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. If you use these services on our website, IP addresses and your location data (usually as part of your mobile device settings) may be collected with your consent. We cannot exclude the possibility that Google may process these data in the USA.
10.4. LiveChat Zendesk Zopim (Zendesk Web Widget)
In order to answer enquiries as quickly as possible, we offer you, as a visitor to our website, the opportunity to contact usvia chat software. This software is operated via an external system by Zendesk, Inc., 989 Market Street #300, San Francisco, CA 94102, USA. The use of the chat is optional. Alternative, direct contact options via e-mail, telephone and post are available under the Contact Us menu item.
Zendesk is a certified participant of the so- called “Privacy Shield Framework” and thus fulfils the minimum requirements for processing order data in accordance with the law. Zendesk Chat shows the user whether one of our employees is currently online to provide an immediate response. For this purpose, all visitors to our pages are recorded with their IP address and the page they are currently visiting. The IP address is made anonymous.
If you have any questions, you can also contact the Zendesk data protection officer directly at email@example.com
10.5. VIOMA Hotel Booking System
The VIOMA booking hotel booking system of the company vioma GmbH (VIOMA), Industriestrasse 27, 77656 Offenburg, Germany, which is used for electronic contact for online bookings, is integrated on our website. This hotel booking system also displays fonts from the VIOMA font library. Therefore, when calling up our site, a data transfer to VIOMA may occur. You can read more about VIOMA under 11.1. of this privacy statement.
10.6. Borlabs Cookie
This website uses Borlabs cookie that sets a technically necessary cookie (borlabs cookie) to store your cookie consent. Borlabs Cookie does not process any personal data. The borlabs cookie stores your consent that you gave when you entered the website. If you wish to revoke these consents, simply delete the cookie in your browser. When you re- enter/reload the website, you will be asked again for your cookie consent.
11. Collection, processing and use of personal data that you yourself have provided
11.1. Contacting us via our reservation form
The VIOMA booking hotel booking system of the company vioma GmbH (VIOMA), Industriestrasse 27, 77656 Offenburg, Germany, which is used for electronic contact for online bookings, is integrated on our website. If you, as a visitor to our website, use this service to book one of our rooms, the data entered in the input mask will be transmitted to VIOMA and stored.
At the time of sending the booking or request, the following data will be stored in addition to your details:
The processing of data in the context of the booking process is carried out within the framework of the pre-contractual relationship. Reference is made to this data protection information as a visitor to this website and to our data protection information for our hotel customers.
No data will be passed on to third parties in connection with your booking. The data will be used exclusively for processing your booking/inquiry.
The legal basis for data processing is Art. 6 Para. 1 letter b DSGVO. The processing of the personal data from the input mask serves us solely to process the booking or enquiry. The other personal data processed during the sending process serves to prevent misuse of the system and to ensure the security of our information technology systems.
The data will be deleted as soon as they are no longer required for the purpose of their collection. Any additional personal data collected during the sending process will be deleted after a period of seven days at the latest.
11.2. Contact by e-mail
Alternatively, it is possible to contact us using the e-mail addresses provided. In this case your personal data transmitted with the e-mail will be stored. Your data will not be passed on to third parties in this context. The data will be used exclusively for processing the conversation.
The legal basis for the processing of the data transmitted in the course of a conversation via e-mail is Art. 6 para. 1 lit. f DSGVO.
The other personal data processed during the sending process are used to prevent misuse of the reservation form and to ensure the security of our information technology systems.
Your personal data will be deleted or blocked as soon as the purpose for which it was stored no longer applies. For the personal data from the input mask of the contact form and those sent by e-mail, this is the case when the respective conversation with the user has ended. The conversation is ended when it can be concluded from the circumstances that the matter in question has been conclusively clarified.
The additional personal data collected during the sending process will be deleted after a period of seven days at the latest. If you contact us by e-mail, you can object to the storage of your personal data for the future at any time. In such a case the conversation cannot be continued.
Furthermore, storage may take place if this has been provided for by the European or national legislator in EU regulations, laws or other regulations to which we are subject. Data will also be blocked or deleted if a storage period prescribed by the aforementioned standards expires, unless there is a need to continue storing the data for the purpose of concluding or fulfilling a contract.
For the sake of good order, we would like to point out that data transmission over the Internet (e.g. when communicating by e- mail) can generally have security gaps; complete protection of data against access by third parties is not possible.
12. Your rights
You have the right to receive information about your personal data stored by us at any time. You also have the right to have your personal data corrected, completed, deleted or the processing restricted, insofar as you are legally entitled to doso.
Finally, you have the right to object to the processing of your personal data within the framework of the legal requirements. Since we process data within the scope of our website offer on the basis of a carefully performed balancing of interests, we would examine an objection very carefully and reserve the right to make enquiries regarding the “special situation” in the sense of Art. 21 Para. 1 DSGVO.
13. Right of appeal
You have the right to complain about the processing of personal data by us to the competent supervisory authority for data protection. The supervisory authority responsible is the supervisory authority in which our company has its registered office:
The Saxon data protection commissioner
Devrientstraße 1, 01067 Dresden.
14. Change of our data protection information
We reserve the right to adapt this data protection information (as of January 2020) so that it always complies with current legal requirements or to implement changes to our services in the data protection information, e.g. when new services are introduced. The new data protection information then applies to your next visit.
Development & Implementation
This website was developed by:
Weehouse Media – marketing, website design, multimedia, graphics
Altstädter Weg 1, 02899 Ostritz