Privacy policy

The protection of personal data and the responsible handling of the information that you entrust to us are important and special concerns for us. We respect and protect the personal rights of each individual.

It is important to us that you have a good feeling when dealing with our offers and therefore ask you to contact us at any time and in any way as soon as you have a have concerns about your stay or your dates. In the tourism industry, it is common practice for reservations with several travelers to be transmitted by a travel applicant to all the data of all travelers. Since we are obliged to make this information available to all fellow travelers, we would like to ask you as the traveler to pass this information on to your fellow travelers.

Our contact details are as follows:

Hotel Mühlenthal GmbH
Bachtalstraße 214
66773 Schwalbach

Our data protection officer Ursula Haas, who can be reached at the email address provided, not only ensures that our processes are in line with the law, but is also yours Contact person for data processing with us.

Our websites can usually be used for information purposes without providing personal data. Insofar as personal data is collected on our website, this is always done voluntarily and in connection with the use of one of our services (e.g. booking/reservation form, contact form).

We would like to point out that data transmission on the Internet (e.g. when communicating by e-mail) can have security gaps despite the precautions taken. A complete protection of the data against access by third parties is not possible. In principle, the scope of your recorded data is always limited to the necessary minimum, which is necessary for quick and problem-free processing of your request.

The entire website call / data transfer between your browser and our systems is encrypted. We use Secure Socket Layers (SSL) encryption technology. SSL technology protects and encrypts your data. It enables an extraordinarily high level of security for data transmissions.

We collect, process and use personal data only in accordance with the provisions of the European General Data Protection Regulation (GDPR), the Telemedia Act (TMG), the Federal Data Protection Act (BDSG) and the law against unfair competition (UWG).

Collection of data

The following categories show the processes and procedures in which data can be collected:

Contact us

  • Via the contact form on our website
  • By email
  • By phone
  • By post
  • Via Facebook
  • Per personal contact on site/at trade fairs


  • Email Newsletter

Agency & Consulting Services

  • Booking and quote requests
  • Information requests and additional services (e.g. rental of e-bikes)
  • Submission of payment processing information
  • Reservation Orders

When you contact us, you may be asked to provide personal data (e.g. name, postal address, telephone number, e-mail address, date of birth, etc.) that will be used to process your reservation request will. In some cases, payment-related information (credit card number, bank details, etc.) will also be requested if this is necessary to process your request.

In current practice, the data for reservations with several travelers is only transmitted by one travel applicant. We assume that the person registering the trip sends us the data of all participants with their consent and sends the data protection information to all fellow travelers affected.

We assure you that we treat all personal and payment-related data as strictly confidential.

We undertake to use the personal data collected, processed and stored when using the services offered solely for our own purposes and for the purpose of processing contracts that have come about with our cooperation with the relevant travel providers.

By our own purposes, we mean support purposes (e.g. information about the course of a stay, changes to reservations, information about the services used, etc.) and information purposes (e.g. Sending e-mail customer newsletters, discount campaigns for existing customers, etc.).

Your data will not be passed on to third parties. Excluded are the tour operators related to your stay and partner companies that are necessary to support our business processes. In these cases, however, the scope of the transmitted data is limited to the necessary minimum.

As a service-oriented tourism service provider, the high quality of our offers and the smooth and speedy processing of your concerns are important to us. We are characterized by a very high level of customer satisfaction, which is also reflected in a high rate of repeat and regular customers.

In order to do justice to the interests of a (regular) customer in the event of a renewed transmission of a reservation request, to be able to offer fast, uncomplicated and recurring services, we store your personal data for an indefinite period , but at the longest until your objection, revocation or request for deletion. We adhere to the minimum data required by law.

We would like to point out that your reservation requests can only be processed correctly with the necessary personal data. If we do not have these, we reserve the right to withdraw from our offer or the contract.

In accordance with the GDPR, we would like to inform you about your rights regarding your personal data.

  1. Right to information: You can request confirmation from us as to whether personal data relating to you is being processed by us. If such processing is present, you can request various information from us, such as the purposes of the processing, the planned duration of storage, the existence of a right of appeal, etc.
  2. Right to rectification: You have the right to rectification and/or completion if the processed personal data concerning you is incorrect or incomplete. We have to make the correction immediately.
  3. Right to restriction of processing: Under various conditions, you can request the restriction of the processing of the data concerning you. This includes, for example, if there are doubts about the correctness, the processing is unlawful or we no longer need the data. We need to let you know when the restriction is lifted.
  4. Right to erasure: Based on certain reasons, you can request the erasure of your data. Reasons may be, for example, that the data is no longer necessary for the purposes for which it was collected, you have revoked your consent, you have lodged an objection, we have processed your data unlawfully, etc.
  5. Right to data transferability: You have the right to have your data made available to you in a structured, common and machine-readable format and to be transferred to third parties at your request.
  6. Right to object: You have the right, for reasons that arise from your particular situation, at any time against the processing of your personal data, which is based on Art. 6 Para. 1 lit. e or f GDPR to file an objection; this also applies to profiling based on these provisions.
  7. Right to lodge a complaint with a supervisory authority: Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the member state of your place of residence, your place of work or the location of the alleged violation, if you believe that the processing of your personal data violates the GDPR.

Users who no longer wish to receive our newsletter can use a link at the bottom of the newsletter to object to the use of their data for advertising purposes at any time. An informal e-mail to with the appropriate content is also sufficient.

We use the MailChimp software from the US provider Rocket Science Group, LLC, 675 Ponce De Leon Ave NE #5000, Atlanta, GA 30308, USA to send the newsletter.</ p>

The e-mail addresses of our newsletter recipients, as well as their other data described in this notice, are stored on the MailChimp servers in the USA. MailChimp uses this information to send and evaluate the newsletter on our behalf. According to its own information, MailChimp can also use this data to optimize or improve its own services, e.g. for the technical optimization of the dispatch and the presentation of the newsletter. MailChimp does not use the data of our newsletter recipients to write to them ourselves or to pass them on to third parties.

We are convinced of MailChimp's reliability and IT and data security. MailChimp is certified under the US-EU data protection agreement "Privacy Shield" and is therefore committed to complying with EU data protection regulations. Furthermore, we have concluded a "Data Processing Agreement" with MailChimp. This is a contract in which MailChimp undertakes to protect the data of our users, to comply with the relevant data protection regulations and, in particular, not to pass data on to third parties.

We have taken the necessary technical and organizational measures to protect the personal data you have provided against loss, destruction, manipulation and unauthorized access. All our employees and all persons involved in data processing are bound to secrecy and confidential handling of personal data.

Our website uses cookies to improve the user experience. Cookies are small text files which are filed and saved on your computer system via an Internet browser.

Many websites and servers use cookies. Many cookies contain a so-called cookie ID. A cookie ID is a unique identifier of the cookie. It consists of a character string through which websites and servers can be assigned to the specific internet browser in which the cookie was stored. By using cookies, we can provide you with more user-friendly services that would not be possible without the cookie setting.

The person concerned can prevent the setting of cookies by our website through the settings offered on the website or by means of a corresponding setting in the Internet browser used and thus permanently object to the setting of cookies. Furthermore, cookies that have already been set can be deleted at any time via an Internet browser or other software programs. This is possible in all common internet browsers. If the person concerned deactivates the setting of cookies in the Internet browser used, not all functions of our website may be fully usable.

We would like to point out that full use of all our offers is not possible without cookies. Cookies are required for a successful reservation via the HRS website. In particular, checking the booking data and allocating Mühlenthal reservations would otherwise not be possible.

Our websites use so-called web fonts provided by Google for the uniform display of fonts. When you call up a page, your browser loads the required web fonts into your browser cache in order to display text and fonts correctly. If your browser does not support web fonts, a standard font will be used by your computer.

For more information about Google Web Fonts, visit com/fonts/faq and in Google's privacy policy: //

Our websites use functions of the web analysis service Google Analytics. The provider is Google Inc., 1600 Amphitheater Parkway Mountain View, CA 94043, USA.

Google Analytics uses so-called "cookies". These are text files that are stored on your computer and that enable an analysis of your use of the website. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there.

More information on how Google Analytics handles user data can be found in Google's privacy policy:

Browser Plugin

You can prevent the storage of cookies by setting your browser software accordingly; we would like to point out to you however that in this case you will if applicable not be able to use all functions of this website in full. You can also prevent Google from collecting the data generated by the cookie and related to your use of the website (including your IP address) and from processing this data by Google by downloading the browser plug-in available under the following link and install: ?hl=de

Objection to data collection

You can prevent Google Analytics from collecting your data for some of our websites by clicking on one of the following links. There you have the option of setting a so-called opt-out cookie, which prevents the collection of your data on future visits to the respective website

Disable Google Analytics on

IP anonymization

We use the "Activation of IP anonymization" function on our websites. As a result, your IP address will be shortened beforehand by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be sent to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide other services related to website activity and internet usage to the website operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.

We use “Google reCAPTCHA” (hereafter “reCAPTCHA”) on our websites. The provider is Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA ("Google"). The purpose of reCAPTCHA is to check whether data is entered on our website (e.g. in a contact form) by a human or by an automated program. To do this, reCAPTCHA analyzes the behavior of the website visitor based on various characteristics. This analysis starts automatically as soon as the website visitor enters the website. For the analysis, reCAPTCHA evaluates various information (e.g. IP address, how long the website visitor spends on the website or mouse movements made by the user). The data collected during the analysis is forwarded to Google. The reCAPTCHA analyzes run completely in the background. Website visitors are not informed that an analysis is taking place.

Further information about Google reCAPTCHA and Google's privacy policy can be found at the following link:


Soweit nachstehend keine anderen Angaben gemacht werden, ist die Bereitstellung Ihrer personenbezogenen Daten weder gesetzlich oder vertraglich vorgeschrieben, noch für einen Vertragsabschluss erforderlich. Sie sind zur Bereitstellung der Daten nicht verpflichtet. Eine Nichtbereitstellung hat keine Folgen. Dies gilt nur soweit bei den nachfolgenden Verarbeitungsvorgängen keine anderweitige Angabe gemacht wird.

"Personenbezogene Daten" sind alle Informationen, die sich auf eine identifizierte oder identifizierbare natürliche Person beziehen.


Kontaktieren Sie uns auf Wunsch. Verantwortlicher für die Datenverarbeitung ist: Michael Haas, Bachtalstraße 214, 66773 Schwalbach, Deutschland, 06834/95590,

Nutzung von Social Media Präsenzen

Wir sind mit Onlinepräsenzen in den unten genannten sozialen Netzwerken und Plattformen vertreten. Diese Präsenzen dienen dazu mit Kunden, Interessenten und Nutzern unmittelbar zu kommunizieren. Des Weiteren dienen die Auftritte dem Zweck der Werbung für unsere Produkte und Leistungen.

Beim Aufruf unserer Social Media Präsenzen können Ihre Daten zum Zwecke der Werbung und Marktforschung automatisiert erfasst und gespeichert werden. Aus diesen Daten werden Nutzungsprofile unter der Verwendung von Pseudonymen erstellt. Diese können beispielsweise dazu genutzt werden, Ihnen interessenbezogene Werbung innerhalb und außerhalb der Plattformen anzuzeigen. Zu diesem Zweck werden regelmäßig Cookies eingesetzt, die die Wiedererkennung eines Internet Browsers ermöglichen und in denen Ihre Interessen und Ihr Nutzungsverhalten gespeichert werden.

Die Verarbeitung erfolgt auf Grundlage des Art. 6 Abs. 1 lit. f DSGVO aus dem berechtigten Interesse an einer direkten Kommunikation mit den Nutzern und der Optimierung der Gestaltung unserer Onlineauftritte. Falls Sie gegenüber den Betreibern der jeweiligen Social Media Plattformen Ihre Einwilligung in die Verarbeitung Ihrer Daten gegeben haben, z.B. durch Abhaken einer Checkbox, erfolgt die Verarbeitung auf Grundlage des Art. 6 Abs. 1 lit. a DSGVO. Sie können Ihre Einwilligung jederzeit gegenüber dem Betreiber der jeweiligen Plattform widerrufen, ohne dass die Rechtmäßigkeit der aufgrund der Einwilligung bis zum Widerruf erfolgten Verarbeitung berührt wird.

Die Geltendmachung von Betroffenenrechten sowie Auskunftsanfragen können am effektivsten direkt an die Anbieter der Plattformen gerichtet werden, da ausschließlich diese Zugriff auf Ihre Daten haben, unmittelbar Maßnahmen ergreifen sowie Auskünfte erteilen können. Selbstverständlich unterstützen wir Sie bei Bedarf dabei. Nähere Informationen zu Nutzungsbedingungen und Datenschutz der jeweiligen Plattform sowie eine ausführliche Darstellung der weiteren Datenverarbeitung und der jeweiligen Widerspruchsmöglichkeiten finden Sie auf den Seiten der Anbieter unter: Instagram der Meta Platforms Ireland Limited (4 Grand Canal Square, Dublin 2, Ireland): Ihre Daten werden gegebenenfalls in die USA übermittelt. Für die USA ist ein Angemessenheitsbeschluss der EU-Kommission vorhanden, das Trans-Atlantic Data Privacy Framework (TADPF). Meta hat sich nach dem TADPF zertifiziert und damit verpflichtet, europäische Datenschutzgrundsätze einzuhalten.

Rechte der betroffenen Person

Ihnen stehen bei Vorliegen der gesetzlichen Voraussetzungen folgende Rechte nach Art. 15 bis 20 DSGVO zu: Recht auf Auskunft, auf Berichtigung, auf Löschung, auf Einschränkung der Verarbeitung, auf Datenübertragbarkeit. Außerdem steht Ihnen nach Art. 21 Abs. 1 DSGVO ein Widerspruchsrecht gegen die Verarbeitungen zu, die auf Art. 6 Abs. 1 f DSGVO beruhen, sowie gegen die Verarbeitung zum Zwecke von Direktwerbung.

Beschwerderecht bei der Aufsichtsbehörde

Sie haben gemäß Art. 77 DSGVO das Recht, sich bei der Aufsichtsbehörde zu beschweren, wenn Sie der Ansicht sind, dass die Verarbeitung Ihrer personenbezogenen Daten nicht rechtmäßig erfolgt.

Eine Beschwerde können Sie unter anderem bei der für uns zuständigen Aufsichtsbehörde einlegen, die Sie unter folgenden Kontaktdaten erreichen:

Unabhängiges Datenschutzzentrum Saarland Fritz-Dobisch-Str. 12

66111 Saarbrücken

Tel.: +49 681 947810

Fax: +49 681 9478129


Individual tabs on our website may use social plugins ("plugins") from the social network, which is operated by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA ("Facebook"). These plugins are marked with a Facebook logo or the addition "Facebook Social Plugin". A general overview of all Facebook plug-ins can be found at ?locale=de_DE.

If you visit a website on our website that contains such a plugin, your browser establishes a direct connection to the Facebook servers. The content of the plugin is transmitted directly from Facebook to your browser, which integrates it into the website. By integrating the plugin, Facebook receives the information that you have accessed the corresponding page of our website. If you are logged in to Facebook, Facebook can assign your visit to your Facebook account. If you interact with the plugins, for example by clicking the "Like" button or making a comment, the corresponding information is transmitted directly from your browser to Facebook and stored there. The purpose and scope of the data collection and the further processing and use of the data by Facebook as well as your rights in this regard and setting options for protecting your privacy can be found in Facebook's data protection information. To ensure that Facebook does not collect any data about you via our website, you must log out of Facebook before visiting our website.