The protection of personal data and the responsible handling of the information that you entrust to us are important and special concerns for us. We respect and protect the personal rights of each individual.
It is important to us that you have a good feeling when dealing with our offers and therefore ask you to contact us at any time and in any way as soon as you have a have concerns about your stay or your dates. In the tourism industry, it is common practice for reservations with several travelers to be transmitted by a travel applicant to all the data of all travelers. Since we are obliged to make this information available to all fellow travelers, we would like to ask you as the traveler to pass this information on to your fellow travelers.
Our contact details are as follows:
Hotel Mühlenthal GmbH
Our data protection officer Ursula Haas, who can be reached at the email address provided, not only ensures that our processes are in line with the law, but is also yours Contact person for data processing with us.
Our websites can usually be used for information purposes without providing personal data. Insofar as personal data is collected on our website, this is always done voluntarily and in connection with the use of one of our services (e.g. booking/reservation form, contact form).
We would like to point out that data transmission on the Internet (e.g. when communicating by e-mail) can have security gaps despite the precautions taken. A complete protection of the data against access by third parties is not possible. In principle, the scope of your recorded data is always limited to the necessary minimum, which is necessary for quick and problem-free processing of your request.
The entire website call / data transfer between your browser and our systems is encrypted. We use Secure Socket Layers (SSL) encryption technology. SSL technology protects and encrypts your data. It enables an extraordinarily high level of security for data transmissions.
We collect, process and use personal data only in accordance with the provisions of the European General Data Protection Regulation (GDPR), the Telemedia Act (TMG), the Federal Data Protection Act (BDSG) and the law against unfair competition (UWG).
Collection of data
The following categories show the processes and procedures in which data can be collected:
- Via the contact form on our website
- By email
- By phone
- By post
- Via Facebook
- Per personal contact on site/at trade fairs
- Email Newsletter
Agency & Consulting Services
- Booking and quote requests
- Information requests and additional services (e.g. rental of e-bikes)
- Submission of payment processing information
- Reservation Orders
When you contact us, you may be asked to provide personal data (e.g. name, postal address, telephone number, e-mail address, date of birth, etc.) that will be used to process your reservation request will. In some cases, payment-related information (credit card number, bank details, etc.) will also be requested if this is necessary to process your request.
In current practice, the data for reservations with several travelers is only transmitted by one travel applicant. We assume that the person registering the trip sends us the data of all participants with their consent and sends the data protection information to all fellow travelers affected.
We assure you that we treat all personal and payment-related data as strictly confidential.
We undertake to use the personal data collected, processed and stored when using the services offered solely for our own purposes and for the purpose of processing contracts that have come about with our cooperation with the relevant travel providers.
By our own purposes, we mean support purposes (e.g. information about the course of a stay, changes to reservations, information about the services used, etc.) and information purposes (e.g. Sending e-mail customer newsletters, discount campaigns for existing customers, etc.).
Your data will not be passed on to third parties. Excluded are the tour operators related to your stay and partner companies that are necessary to support our business processes. In these cases, however, the scope of the transmitted data is limited to the necessary minimum.
As a service-oriented tourism service provider, the high quality of our offers and the smooth and speedy processing of your concerns are important to us. We are characterized by a very high level of customer satisfaction, which is also reflected in a high rate of repeat and regular customers.
In order to do justice to the interests of a (regular) customer in the event of a renewed transmission of a reservation request, to be able to offer fast, uncomplicated and recurring services, we store your personal data for an indefinite period , but at the longest until your objection, revocation or request for deletion. We adhere to the minimum data required by law.
We would like to point out that your reservation requests can only be processed correctly with the necessary personal data. If we do not have these, we reserve the right to withdraw from our offer or the contract.
In accordance with the GDPR, we would like to inform you about your rights regarding your personal data.
- Right to information: You can request confirmation from us as to whether personal data relating to you is being processed by us. If such processing is present, you can request various information from us, such as the purposes of the processing, the planned duration of storage, the existence of a right of appeal, etc.
- Right to rectification: You have the right to rectification and/or completion if the processed personal data concerning you is incorrect or incomplete. We have to make the correction immediately.
- Right to restriction of processing: Under various conditions, you can request the restriction of the processing of the data concerning you. This includes, for example, if there are doubts about the correctness, the processing is unlawful or we no longer need the data. We need to let you know when the restriction is lifted.
- Right to erasure: Based on certain reasons, you can request the erasure of your data. Reasons may be, for example, that the data is no longer necessary for the purposes for which it was collected, you have revoked your consent, you have lodged an objection, we have processed your data unlawfully, etc.
- Right to data transferability: You have the right to have your data made available to you in a structured, common and machine-readable format and to be transferred to third parties at your request.
- Right to object: You have the right, for reasons that arise from your particular situation, at any time against the processing of your personal data, which is based on Art. 6 Para. 1 lit. e or f GDPR to file an objection; this also applies to profiling based on these provisions.
- Right to lodge a complaint with a supervisory authority: Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the member state of your place of residence, your place of work or the location of the alleged violation, if you believe that the processing of your personal data violates the GDPR.
Users who no longer wish to receive our newsletter can use a link at the bottom of the newsletter to object to the use of their data for advertising purposes at any time. An informal e-mail to email@example.com with the appropriate content is also sufficient.
We use the MailChimp software from the US provider Rocket Science Group, LLC, 675 Ponce De Leon Ave NE #5000, Atlanta, GA 30308, USA to send the newsletter.</ p>
The e-mail addresses of our newsletter recipients, as well as their other data described in this notice, are stored on the MailChimp servers in the USA. MailChimp uses this information to send and evaluate the newsletter on our behalf. According to its own information, MailChimp can also use this data to optimize or improve its own services, e.g. for the technical optimization of the dispatch and the presentation of the newsletter. MailChimp does not use the data of our newsletter recipients to write to them ourselves or to pass them on to third parties.
We are convinced of MailChimp's reliability and IT and data security. MailChimp is certified under the US-EU data protection agreement "Privacy Shield" and is therefore committed to complying with EU data protection regulations. Furthermore, we have concluded a "Data Processing Agreement" with MailChimp. This is a contract in which MailChimp undertakes to protect the data of our users, to comply with the relevant data protection regulations and, in particular, not to pass data on to third parties.
We have taken the necessary technical and organizational measures to protect the personal data you have provided against loss, destruction, manipulation and unauthorized access. All our employees and all persons involved in data processing are bound to secrecy and confidential handling of personal data.
The person concerned can prevent the setting of cookies by our website through the settings offered on the website or by means of a corresponding setting in the Internet browser used and thus permanently object to the setting of cookies. Furthermore, cookies that have already been set can be deleted at any time via an Internet browser or other software programs. This is possible in all common internet browsers. If the person concerned deactivates the setting of cookies in the Internet browser used, not all functions of our website may be fully usable.
We would like to point out that full use of all our offers is not possible without cookies. Cookies are required for a successful reservation via the HRS website. In particular, checking the booking data and allocating Mühlenthal reservations would otherwise not be possible.
Our websites use so-called web fonts provided by Google for the uniform display of fonts. When you call up a page, your browser loads the required web fonts into your browser cache in order to display text and fonts correctly. If your browser does not support web fonts, a standard font will be used by your computer.
Our websites use functions of the web analysis service Google Analytics. The provider is Google Inc., 1600 Amphitheater Parkway Mountain View, CA 94043, USA.
Google Analytics uses so-called "cookies". These are text files that are stored on your computer and that enable an analysis of your use of the website. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there.
You can prevent the storage of cookies by setting your browser software accordingly; we would like to point out to you however that in this case you will if applicable not be able to use all functions of this website in full. You can also prevent Google from collecting the data generated by the cookie and related to your use of the website (including your IP address) and from processing this data by Google by downloading the browser plug-in available under the following link and install:
Objection to data collection
You can prevent Google Analytics from collecting your data for some of our websites by clicking on one of the following links. There you have the option of setting a so-called opt-out cookie, which prevents the collection of your data on future visits to the respective website
We use the "Activation of IP anonymization" function on our websites. As a result, your IP address will be shortened beforehand by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be sent to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide other services related to website activity and internet usage to the website operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.
Individual tabs on our website may use social plugins ("plugins") from the social network facebook.com, which is operated by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA ("Facebook"). These plugins are marked with a Facebook logo or the addition "Facebook Social Plugin". A general overview of all Facebook plug-ins can be found at https://developers.facebook.com/docs/plugins/ ?locale=de_DE.
If you visit a website on our website that contains such a plugin, your browser establishes a direct connection to the Facebook servers. The content of the plugin is transmitted directly from Facebook to your browser, which integrates it into the website. By integrating the plugin, Facebook receives the information that you have accessed the corresponding page of our website. If you are logged in to Facebook, Facebook can assign your visit to your Facebook account. If you interact with the plugins, for example by clicking the "Like" button or making a comment, the corresponding information is transmitted directly from your browser to Facebook and stored there. The purpose and scope of the data collection and the further processing and use of the data by Facebook as well as your rights in this regard and setting options for protecting your privacy can be found in Facebook's data protection information. To ensure that Facebook does not collect any data about you via our website, you must log out of Facebook before visiting our website.
We use “Google reCAPTCHA” (hereafter “reCAPTCHA”) on our websites. The provider is Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA ("Google"). The purpose of reCAPTCHA is to check whether data is entered on our website (e.g. in a contact form) by a human or by an automated program. To do this, reCAPTCHA analyzes the behavior of the website visitor based on various characteristics. This analysis starts automatically as soon as the website visitor enters the website. For the analysis, reCAPTCHA evaluates various information (e.g. IP address, how long the website visitor spends on the website or mouse movements made by the user). The data collected during the analysis is forwarded to Google. The reCAPTCHA analyzes run completely in the background. Website visitors are not informed that an analysis is taking place.