KONTAKT

Relais & Châteaux Hotel

DIE SONNE FRANKENBERG

Marktplatz 2-4

D-35066 Frankenberg / Eder

+49 (0) 64 51 / 750-0 ZUM KONTAKTFORMULAR

Privacy

We, HBB Hotelbetriebsgesellschaft Battenberg GmbH, take the protection of your personal data very seriously and adhere strictly to the rules of data protection laws. They include, in particular, the General Data Protection Regulation (‘GDPR’, Regulation (EU) 2016/679 of the European Parliament and of the Council.

 

We only collect, process and use personal data of the users of our website if we have obtained legal permission to do so or if they have given us their consent. Under no circumstances will the data collected be sold. The legal basis for the processing of your data is based on your consent in accordance with Art. 6 (1) a GDPR in order to provide you with information or products requested in accordance with Article 6 (1) b of the GDPR or in our legitimate interests in accordance with Article 6 (1) f of the GDPR. Article 6 (1) f GDPR permits the processing of personal data within the framework of the “legitimate interest” of the controller, unless your fundamental rights, freedoms or interests prevail. You can object to this data processing at any time if there are reasons that exist in your particular situation and that speak against the processing of data. All you need to do is send an e-mail to the Data Protection Officer.

 

The following statement gives you an overview of how we ensure the protection of your personal data and what kind of personal data we collect and for what purpose. It is valid for all websites for which we are responsible. Our websites may contain links to websites of other providers, which are not covered by this data protection statement.

What are personal data?

The concept of personal data is defined in the General Data Protection Regulation (GDPR). Personal data are individual details of the personal or material circumstances of a specific or identifiable natural person or other data related to this person. Examples are your name, your address, your telephone number or your e-mail address.

 

  1. The use of personal data

(1) We will collect personal data if you provide us with them as part of your online booking, reservation inquiries, requests for further offers or your contact request. If the data processing is required for the performance of the contract with you, the legal basis is article 6 (1) b GDPR.

(2) Within the framework of your online booking, we require the following personal data from you: first and last name, address, e-mail address, telephone number and credit card details for verification purposes. Further details are voluntary; with your consent, we process these data in accordance with Article 6 (1) a GDPR. Your data will be deleted two years after completion of the booking and after expiry of the statutory retention periods, unless your consent is given to us for further use or we are required by law to store the data.

(3) Within the framework of your reservations for our restaurants, conferences, events or our SPA offers, we require the following personal data from you: first and last name, address, e-mail address, telephone number. If the data processing is required for the performance of the contract with you, the legal basis is Article 6 (1) b GDPR. Further details are voluntary; with your consent, we process these data in accordance with Article 6 (1) a GDPR. Two years after completion of the booking and after expiry of the statutory retention periods, your data will be deleted, unless your consent is given to us for further use or we are required by law to store the data.

 

(4) Within the framework of your request for vouchers or our hotel brochure, we require the following personal data from you: first and last name and your address. If the data processing is required for the performance of the contract with you, the legal basis is Article 6 (1) b GDPR. Further details are voluntary; with your consent, we process these data in accordance with Article 6 (1) a GDPR. Your data will be deleted two years after completion of the booking and after expiry of the statutory retention period, unless your consent is given to us for further use or we are required by law to store the data.

(5) Within the framework of your contact request, we need your first and last name as well as your e-mail address and, should you wish to receive information material, your postal address, too. If the data processing is required for the performance of the contract with you, the legal basis is Article 6 (1) b GDPR. Further details are voluntary; with your consent, we process these data in accordance with Article 6 (1) a GDPR. For example, you can tell us your phone number so that we can contact you. Your data will be deleted two years after completion of the booking and after expiry of the statutory retention periods.

(6) If you send us your application via e-mail, we collect, process and use your data exclusively for the purpose of the application and will delete your data after a reasonable period of time (no later than six months after receipt). If you explicitly allow us to use your application for future job offers, the data will not be deleted but will continue to be used with your consent in accordance with Art. 6 (1) a GDPR.

(7) We have set up a customer login in which we save your existing data, e.g. your bookings. If the data processing is required for the performance of the contract with you, the legal basis is Article 6 (1) b GDPR. In addition, you will receive offers exclusively designed for you. This will happen, of course, only with your prior consent; the legal basis is your consent in accordance with Article 6 (1) a GDPR.

 

  1. Newsletter

(1) If you order our e-mail newsletter, your e-mail address will be used for our promotional purposes until you unsubscribe from the newsletter. The legal basis for this is your consent, Art. 6 (1) a GDPR. Your subscription to the newsletter and your consent to the storage and use of your e-mail address can be revoked at any time. In the event that you wish to revoke your consent, please send your revocation to datenschutz@sonne-frankenberg.de.

(2) Online subscription to the newsletter is done by a double opt-in. To subscribe, enter your e-mail address to which the newsletter should be sent. After sending off the subscription form via e-mail, you will receive a confirmation e-mail. This e-mail will contain a confirmation link in addition to the complete copy of the declaration of consent. Only when you click on this link will the registration process be completed. Your subscription for the newsletter will be logged in order to prove that the subscription process was carried out in accordance with the legal requirements. This includes the storage of the login and the confirmation time, as well as the IP address. The legal basis for this is Article 6 (1) f GDPR. Our legal interest lies in being able to prove the existence of consent. You can object to this data processing at any time if there are reasons that exist in your particular situation and that speak against the processing of data. All you need to do is send an e-mail todatenschutz@sonne-frankenberg.de.

(3) You can revoke your consent to the storage of your e-mail address and its use for the dispatch of the newsletter at any time. You can do this by using the unsubscribe link within the newsletter e-mail or by clicking on the unsubscribe function on the website.

 

  1. Data transfers to third parties

(1) Any transfer of your data to third parties will not take place, unless we are legally obliged to do so or it is necessary in order to fulfil our contractual obligations or perform your chosen services.

(2) You can use our website to make room reservation inquiries for our hotel. For this purpose, we use the service of Saber GLBL, the program SynXis (https://www.sabrehospitality.com/solutions/hotel-central-reservation-systems). Your data will be collected, processed and used in our Property Management System Ophelia Suite 8 for reservations and guest administration. Your details will be used by us before your stay for a pre-stay e-mail. The legal basis for this is Article 6 (1) b GDPR. After your stay, the data will be used to invite you to you rate your stay online if you have agreed to do that on departure. The legal basis for this is your consent in accordance with Article 6 (1) a GDPR.

(3) You can use the inquiry form “Table reservation” on our website to make inquiries for our restaurants. You have two options. On the one hand, you can make a reservation request by sending an e-mail to our table reservation department. Your data will be used in our Property Management System Ophelia Suite 8 for reservations and guest management. If the data processing is required for the performance of the contract with you, the legal basis is Article 6 (1) b GDPR.

(4) On the other hand, you can make the reservation request for a table reservation through the portal of our service provider Book A Table. Your data will then be forwarded to Book A Table. Book A Table also uses your data for its own purposes. For further information, please refer directly to the data protection statement and terms of use of Use of Book A Table GmbH & Co. KG at https://www.bookatable.com/de/datenschutz. The legal basis for this is your consent in accordance with Art. 6 (1) a GDPR.

(05) You can use our website to order vouchers online and have them e-mailed to you as a PDF file so you can then print them off or have them posted to you. This is done via the portal of our service provider Idea Creation GmbH (“E-GUMA”). Your data will then be forwarded to Idea Creation. Idea Creation also uses your data for its own purposes. For more information, please refer directly to the data protection statement and terms of use of Idea Creation GmbH at https://www.e-guma.ch/datenschutz. The legal basis for this is your consent in accordance with Art. 6 (1) a GDPR.

 

  1. E-mail communication

If you wish to contact us by e-mail, you are welcome to do so using the addresses provided. Please note, however, that unencrypted e-mails sent via the Internet are not adequately protected against unauthorised third-party access during their transmission.

 

  1. Access data/log files

HBB Hotelbetriebsgesellschaft Battenberg GmbH automatically collects and stores information in so-called server log files, which your browser automatically transmits to us.

 

They are:

  • browser type/version
  • the operating system used
  • referrer URL (the page previously visited)
  • the host name of the accessing computer (IP address)
  • time of server request.

 

This data will likewise not be merged with other data sources.

 

The personal data of the server log files are processed on the basis of on Art. 6 (1) f GDPR. This statutory permission allows the processing of personal data in the context of the “legitimate interest” of the controller, unless your fundamental rights, freedoms or interests prevail. Our legitimate interest lies in facilitating administration and the chance to detect and pursue cases of hacking. You can object to this data processing at any time if there are reasons that exist in your particular situation that speak against the processing of data. All you need to do is send an e-mail to the Data Protection Officer. Our legitimate interest follows from the data collection purposes listed above. In no event do we use the data collected for the purpose of drawing conclusions about you.

The server log files with the above-mentioned data are automatically deleted after 30 days or, if used for statistical purposes, anonymised. We reserve the right to store the server log files for longer if there are facts that suggest the assumption of unauthorised access (such as the attempt of a case of hacking or a so-called DDoS attack).

 

  1. Cookies

(1) Our website uses cookies. They serve to make our offer more user-friendly, effective and secure. Cookies are text files that are stored on your hard drive so that they can identify you when you visit the website repeatedly. The cookie, therefore, processes information about your user behaviour. You may refuse the installation of cookies by selecting the appropriate settings on your browser.

(2) In this case, however, you may not be able to use the full functionality of this website. By using the website without previously refusing cookies by changing your browser settings, you agree to the use of cookies and the information obtained being used for the purpose described. The legal basis for this is your consent in accordance with Article 6 (1) a GDPR. Your consent can be revoked at any time by changing your browser settings; if you change the browser settings, cookies will no longer be placed on your device.

  1. Google Analytics

Our website uses Google Analytics, a web analytics service provided by Google LLC (“Google”). Google Analytics uses so-called “cookies”, which are text files stored on your computer and which enable the website analyse how users use the site. The legal basis for this is Article 6 (1) f GDPR. This statutory permission allows the processing of personal data in the context of the controller’s “legitimate interest”, unless your fundamental rights, freedoms or interests prevail. Our legitimate interest lies in the analysis of the use of our website. You can object to this data processing at any time if there are reasons that exist in your particular situation that speak against the processing of data. All you need to do is send an e-mail to the Data Protection Officer.

The information generated by the cookie about your use of the website is, as a rule, transmitted to and stored by Google on servers in the United States. If IP anonymization is activated on this website, however, Google will first truncate your IP address within Member States of the European Union as well as for other parties to the Agreement on the European Economic Area.

Only in exceptional cases is the full IP address transferred to a Google server in the US and truncated there. Google participates in the Privacy Shield; for more information see https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI. On behalf of the website provider, Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and Internet usage to the website provider. Google will not associate your IP address transmitted within the framework of Google Analytics from your browser with any other data held by Google. You may refuse the use of cookies by selecting the appropriate settings on your browser. However, please note that if you do this, you may not be able to use the full functionality of this website. Furthermore, you can prevent Google’s collection and use of data relating to your use of the website (incl. your IP address) by downloading and installing the browser plug-in available under the following link (https://tools.google.com/dlpage/gaoptout?hl=en-GB). You can also prevent the collection of data by Google Analytics by clicking on the link entitled “Deactivate Google Analytics”. An opt-out cookie will be placed on the computer that will prevent the future collection of your data when visiting this website: Deactivate Google Analytics. We would like to point out that, on this website, Google Analytics has been extended by the code “anonymizeIp” in order to ensure the anonymous detection of IP addresses (so-called IP masking).

For more information about our terms of use and data protection, please see and https://www.google.de/intl/de/policies/.

For more information on Google’s use of your data for promotional purposes, and for possible inconsistencies and opportunities, please visit the Google website: https://www.google.com/intl/en/policies/privacy/partners (“How Google uses information from sites or apps that use our services”), http://www.google.com/policies/technologies/ads (“Data usage for advertising purposes”), http://www.google.com/settings/ads (“Control the information Google uses to show you ads”), and http://www.google.com/ads/preferences (“Control the ads that Google shows you”).

 

  1. Google Maps

(1) This website uses Google Maps API, a map service of Google LLC (“Google”), to display an interactive map. By using Google Maps, information about your use of this website (including your IP address) may be transmitted to and stored by Google on servers in the United States. Google may transfer the information obtained from Google Maps to third parties if required by law or if third parties process this data on behalf of Google. Google participates in the Privacy Shield; for more information see https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI

(2) You have the option to deactivate the service of Google Maps and thus prevent data being transferred to Google: disable JavaScript in your browser. We wish to point out, however, that if you do this, you may not be able to use all the features of the maps displayed to the fullest extent possible.

 

  1. Facebook, Twitter, Instagram, Pinterest, YouTube

(1) Links to these services are provided on our website. Any transfer of your personal data by us does not take place. Social plugins are not used on our site, i.e. if you do not explicitly follow the relevant links, no data will be transmitted to the said services.

(2) If you follow these links, your browser will connect to the chosen social network or service. In this case, when you visit our website, data, such as your IP address, are transferred so that they can be assigned to any existing user account you may have. You can prevent this assignment from taking place by logging out of your corresponding user account.

 

  1. Rating portals

You can rate us on various rating portals. We provide links from various suppliers of rating portals so you can do this. By clicking on the corresponding links, you will be redirected to the pages of these rating portals. Any transmission of your personal data to these review portals (e.g. TripAdvisor) by us does not take place.

 

  1. Revinate

In order to continually improve our offerings and communication with you, we also use the “Revinate” analysis tool from Revinate Inc.,1 Letterman Drive, Building C. Suite CM 100, San Francisco, CA 94129. http://www.revinate.com/privacy. The personal data of the server log files is processed on the basis of Art. 6 (1) f GDPR. This statutory permission allows the processing of personal data in the context of the “legitimate interest” of the controller, unless your fundamental rights, freedoms or interests prevail. Our legitimate interest lies in the analysis of the use of our apps. You can object to this data processing at any time if there are reasons that exist in your particular situation that speak against the processing of data. All you need to do is send an e-mail to the Data Protection Officer. The cloud servers are located in the US, where the data is transferred via Amazon web services. https://www.revinate.com/subprocessors/. Amazon Web Services, Inc. participates in the Privacy Shield; for more information visit https://www.privacyshield.gov/list.

 

  1. Changes to the data protection statement

We reserve the right to change the data protection statement in order to adapt it to altered legal situations or to changes in the service and data processing.

However, this only applies to declarations of data processing. If the consent of users is required or elements of the data protection statement contain provisions regarding the contractual relationship with the users, the changes will only be made with the consent of the users.

 

Deletion of data

The deletion of the personal data stored shall take place if you revoke your consent for the storage, if the data for fulfilling the purpose pursued with the storage is no longer required or if their storage is inadmissible for other legal reasons. Insofar as this is stipulated by a statutory retention period, data will not be deleted, but stored for the retention period and blocked for other uses. Anonymised data is not necessarily deleted.

Information about the rights of data subjects

This part of the data protection statement provides additional information on the exercise of your rights as a data subject vis-à-vis HBB.

Your identity

In order to comply with the rights of data subjects affected by the GDPR, it may be necessary for Viessmann to request random information or, in the case of justified doubt, further information to prove your identity in cases of personal data collected on the basis of contractual relationships. This is particularly the case if a request for information is in electronic form, but the sender data does not provide any indication of any natural person (data subject).

You have the right

  • in accordance with Art. 15 GDPR, to request information about your personal data processed by us. In particular, you can provide information on the processing purposes, the category of personal data, the categories of recipients to whom your data has been disclosed, the planned retention period, the right to rectification, deletion, limitation of processing or opposition, the existence of the right of appeal, the source of your data, if not collected by us, and the existence of automated decision-making, including profiling, and, where appropriate, meaningful information about their details;
  • in accordance with Article 16 GDPR, to demand the correction of incorrect or the completion of incomplete personal data stored by us immediately;
  • in accordance with Article 17 GDPR, to demand the deletion of your personal data stored by us, except where the processing is required for exercising the right of freedom of expression and information, for complying with a legal obligation, for reasons of public interest or for the establishment, exercise or defence of legal claims;
  • in accordance with Article 18 GDPR, to demand the restriction of the processing of your personal data, insofar as the accuracy of the data is contested by you, the processing is unlawful, but you oppose the erasure of the personal data, and we no longer need the data, but you require them for the establishment, exercise or defence of legal claims or you have objected to the processing in accordance with Article 21 GDPR;
  • in accordance with Article 20 GDPR, to obtain your personal data that you have provided to us in a structured, commonly used and machine-readable format and you have the right to transmit those data to another controller;
  • if the legal basis of use is your consent, to object to any further use at any time

 

To exercise these rights, please contact the Data Protection Officer at this address:

 

Datenschutzbeauftragter der HBB Hotelbetriebsgesellschaft Battenberg GmbH
Hotel Die Sonne Frankenberg
Marktplatz 2-4
D-35066 Frankenberg/Eder
Tel.: +49 6451 750-0
Fax: +49 6451 750-505
E-mail: datenschutz@sonne-frankenberg.de

  • In accordance with Article 77 GDPR, you have the right to complain to a data protection supervisory authority. Generally, in order to do so, you can contact the supervisory authority of your usual place of residence or our registered office.

The address of the relevant supervisory authority is as follows:

Zuständige Aufsichtsbehörde
Der Hessische Datenschutzbeauftragte
Postfach 3163
D-65021 Wiesbaden
Tel.: +49 611 1408-0
Fax: +49 611 1408-900
E-mail: poststelle@datenschutz.hessen.de

 

Contact details of the Data Protection Officer:

 

Datenschutzbeauftragter der HBB Hotelbetriebsgesellschaft Battenberg GmbH
Hotel Die Sonne Frankenberg
Marktplatz 2-4
D-35066 Frankenberg/Eder
Tel.: +49 6451 750-0
Fax: +49 6451 750-505
E-mail: datenschutz@sonne-frankenberg.de

 

Controller in terms of data protection law:

HBB Hotelbetriebsgesellschaft Battenberg GmbH
Im Birkenried 1
D-35088 Battenberg

 

Seat of the administrative centre of HBB and the Data Protection Officer:

Hotel Die Sonne Frankenberg
Marktplatz 2 – 4
D-35066 Frankenberg/Eder
Tel.: +49 64 51 / 75 00
Fax: +49 64 51 / 75 05 00
E-mail: datenschutz@sonne-frankenberg.de