We are pleased that you are visiting our homepage and thank you for your interest in our company. Dealing with our customers and interested parties is a matter of trust. We greatly value the trust placed in us and therefore the importance and obligation to handle your data carefully and to protect it from misuse.
To make you feel safe and comfortable when visiting our website, we take the protection of your personal data and its confidential treatment very seriously. Therefore, we act in accordance with applicable laws on the protection of personal data and data security.
With this information on data protection, we would therefore like to inform you when we store which data and how we use it – naturally in compliance with the applicable German law. The data protection at the Parkhotel Heilbronn takes the European data protection level (DSGVO) into account and is based in particular on the current Federal Data Protection Act (BDSG). When using the internet, we comply with the Telemedia Act (TMG) of the Federal Republic of Germany to protect your personal data.
Collection and Processing of Personal Data
In principle, you can visit our websites without telling us who you are. Our web servers automatically store information of a general nature. This includes the type of web browser, the operating system used, the domain name of your internet service provider, the website from which you are visiting us, the websites you visit on our site and the date and duration of your visit. This is only information which does not allow any conclusions to be drawn about your person. We evaluate this data only for statistical purposes and only in anonymous form.
Privacy at Google Analytics and Google Remarketing
This website uses Google Analytics and Google Remarketing. These are services of Google Inc. ("Google"). Google uses "cookies", which are text files placed on your computer, to help the website analyze how users use the site. The information generated by the cookie about your use of the website (including your IP address) will be transmitted to and stored by Google on servers in the United States. Google then shortens the IP address by the last three digits, a clear allocation of the IP address is therefore no longer possible. Google complies with the data protection provisions of the "US Safe Harbor" agreement and is registered with the "Safe Harbor" program of the US Department of Commerce.
Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google's behalf. Third parties, including Google, place advertisements on websites online. Third parties, including Google, use stored cookies to serve ads based on previous visits by a user to this website. Google will in no case associate your IP address with any other data held by Google.
However, we would like to point out that in this case you may not be able to use all the functions of this website to their full extent. By using this website, you consent to the processing of data about you by Google in the manner and for the purposes set out above. The collection and storage of data may be revoked at any time with effect for the future. You will find further information on Google's terms and conditions here. You can object to the storage of cookies: you can set your browser to only accept the storage of cookies if you agree to this. As a rule, the Help function in the menu bar of your web browser shows you how to reject new cookies and how to deactivate cookies that have already been received. Flash cookies, which are used by browser add-ons, can be deactivated or deleted by changing the settings of the browser add-on or via the manufacturer website of the browser add-on. We recommend that you always completely log out of shared computers that are set to accept cookies and flash cookies.
Use and Passing On of the Collected Data
We use the personal data provided by you exclusively for the purposes communicated or agreed upon – so as a rule to process the contract concluded with you or to respond to your enquiry. If you make use of services, as a rule only the data which we require to provide the services is collected. If we ask you for further data, it is voluntary information. The processing of personal data takes place exclusively for the fulfilment of the requested service and for the protection of our own justified business interests. Personal data is only collected or processed if you provide this information voluntarily, e.g. as part of an enquiry. If there are no necessary reasons in connection with a business transaction, you can revoke the previously granted approval of your personal data storage at any time with immediate effect in writing (e.g. by e-mail or fax). Your data will not be passed on to third parties unless this is required by law.
Is Personal Data passed on to Third Parties?
A processing and use of your data for purposes of consultation, advertising and market research will only take place with your express consent. Your data will not be sold, rented or otherwise made available to third parties. Personal data will only be transferred to state institutions and authorities within the framework of mandatory national legal provisions.
So-called cookies are used in some areas of our pages. A cookie is a small text file that a website stores on your hard drive. Cookies do not damage your computer and do not contain viruses. The cookies on our website do not collect any personal data. We use the information contained in cookies to make it easier for you to use our pages and to adapt them to your needs. Of course, you can also view our website without cookies. If you do not want cookies to be stored on your computer, you can deactivate the corresponding option in the system settings of your browser. You can delete stored cookies at any time in the system settings of your browser. If you do not accept cookies, however, this may lead to functional limitations of our offers.
Use of Google Maps
Data Protection when using Partner Portals
Our website may use techniques from our partner companies Expedia Inc. and meetago GmbH in order to efficiently implement your enquiries/bookings.
By using this website, you consent to the collection, processing and use of automatically collected and entered data by our partner companies, one of their representatives, or third parties. Our partner companies ensure that the processing and use of your data for the purpose of consulting, advertising and market research only takes place with your express consent. Your data will not be sold, rented or otherwise made available to third parties. You can object to the use of your data by our partner companies at any time.
Details on the meeting portal tagungshotel.com can be found in the imprint of meetago GmbH.
The Parkhotel Heilbronn uses technical and organizational security measures according to § 64 BDSG to protect your data managed by us against accidental or intentional manipulation, loss, destruction or against access by unauthorized persons. Our security measures are continuously improved in line with technological developments. The Parkhotel Heilbronn stores information relevant to data protection exclusively on secure systems in Germany. Access to it is only possible for a few authorized people and people obliged to special data protection who are involved in the technical, administrative or editorial support of data.
Children and young people with limited legal capacity may not transmit any personal data to our websites without the consent of their parents or guardian. Under no circumstances will the Parkhotel Heilbronn knowingly collect personal data obtained from children or young people of limited legal capacity or use them in any way or disclose them to third parties without authorization.
Declaration of Consent of the User
By using our web pages and the offers contained therein, you agree that the personal data voluntarily transmitted by you will be stored by us and processed and used in compliance with this data protection declaration.
Purpose of Data Collection, Processing and Use
• Operation of hotels and related businesses, as well as all related businesses
• Operation of a Customer Service Center for the purpose of taking up and carrying out reservations
• Carrying out passenger transport services or operating a rental car company
• Secondary purposes are accompanying or supporting functions in the personnel, agent, supplier and service provider administration.
• At the hotel locations, video surveillance is used exclusively to collect evidence of vandalism, burglary, robbery or other criminal acts. The presence and use of video cameras shall be indicated by appropriate warnings. Digitized recordings of booking conversations for documentation, evidence and training purposes will only be made with the express permission of the other party to the conversation.
• Execution of the storage and data processing of personal data for own purposes, as well as on behalf and in the name of individual companies in accordance with the present service agreements within the group of companies
• The collection, processing and use of data is carried out for the purposes listed above.
Description of Data Subjects and Related Data/Data Categories
Essentially, personal data is collected, processed and used for the following groups of persons:
• Guest data (esp. address data, reservation data, guest wishes, billing data, contact data)
• Customer data (esp. address data, contract data, billing and performance data, contact data)
• Data of interested parties (esp. accommodation interest, room and room rental interest, address data, contact data)
• Employee data, applicant data, pension fund data, personnel and wage data
• Agent / broker / agency data (esp. address, billing and performance data)
• Business partners, external service providers (esp. address, billing and performance data)
• Supplier data (esp. address, billing, service and functional data)
• Non-assignable group of persons: Video recordings insofar as these are necessary for the fulfilment of the purposes mentioned under point 5.
(1) You have the following rights against us with regard to the personal data concerning you:
- Right of access,
- Right to rectification or deletion,
- Right to limit the processing,
- Right to object to the processing,
- Right to data transferability.
(2) You also have the right to complain to a data protection supervisory authority about the processing of your personal data by us.
Categories of Recipients to whom Data may be communicated
Hotels, guesthouses and other accommodation facilities may collect personal data of their guests and store it in automated procedures, as far as this is necessary within the scope of the accommodation contract. As a rule, this also includes billing data for food and beverages, telephone calls made from the room and/or other hotel-specific services. Hotels and accommodation establishments are obliged by registration law to request information on the place of residence, date of birth and nationality of their guests and their family members.
Furthermore, Data can be communicated to Subsequent Recipients:
• Public authorities that receive data due to legal requirements (e.g. social insurance institutions)
• Internal departments that are involved in the execution and fulfilment of the respective business processes (e.g. personnel administration/controlling, accounting, marketing, sales, IT organization and the central reservation service (Customer Service Center))
• External contractors (service providers) in accordance with Art. 28 GDPR
• Other external bodies (e.g. credit institutions, broker agencies in the context of intermediary activity, companies belonging to a group of companies as far as affected parties have given their written consent or a transfer is permissible for predominantly justified reasons), as well as partner companies in the context of the order activity issued by the customer.
Standard Periods for the Deletion of Data
The legislator has enacted a variety of storage obligations and periods. After these periods have expired, the corresponding data and data records are routinely deleted if they are no longer required for contract fulfilment (guest, rental and service contracts). Thus, the commercial or financial data of a completed fiscal year is deleted after a further ten years in accordance with legal regulations, unless longer retention periods are prescribed or necessary for legitimate reasons. In the area of personnel administration and personnel controlling, shorter deletion periods are used in special areas. This applies in particular to rejected applications or warnings. Insofar as data is not affected by this, it will be deleted unsolicited if the purposes mentioned under point 5 no longer apply. Registration forms are stored in accordance with the valid registration law in the individual hotel and accommodation establishments in accordance with the legally prescribed minimum duration and are then destroyed in accordance with data protection regulations under special precautionary measures.
Planned Transfer of Data to Third Countries
Data transfers to third countries only occur within the framework of contract fulfilment, necessary communication and other exceptions expressly provided for in the Federal Data Protection Act (BDSG). A data transfer to other third countries, especially those whose data protection level is assessed as low or to countries outside the EU is currently not taking place; such a transfer is also not planned.
Ensuring Data Processing Security
The Parkhotel Heilbronn uses technical and organizational security measures according to § 64 BDSG to protect the data managed by us against accidental or intentional manipulation, loss, destruction or against access by unauthorized persons. The security measures used are continuously improved in line with technological developments. This means that the Parkhotel Heilbronn stores its data protection information exclusively on secure systems in Germany. Access to it is only possible for a few authorized persons who are obliged to special data protection and who are concerned with technical, administrative or editorial support.
Name of the Responsible Body:
Responsible Head of Data Processing:
Director Parkhotel Heilbronn
Address of the Responsible Body:
Parkhotel Heilbronn GmbH & Co.KG
Phone: +49 711 633 44 0
Fax: +49 711 633 44 100
Name and Address of the Data Protection Officer:
VdE Service GmbH Baden-Württemberg
Phone: +49 711 22 333 26
Information on Data Protection according to EU-GDPR
Our company regularly checks your creditworthiness when concluding new contracts and, in certain cases where there is a justified interest, also for existing customers. For this purpose, we cooperate with Creditreform Boniversum GmbH, Hellersbergstraße 11, 41460 Neuss, from which we receive the necessary data. On behalf of Creditreform Boniversum, we will provide you with the following information in advance in accordance with Art. 14 EU-GDPR:
Creditreform Boniversum GmbH is a consumer information agency. It operates a database in which creditworthiness information on private individuals is stored. On this basis, Creditreform Boniversum provides credit information to its customers. Customers include credit institutions, leasing companies, insurance companies, telecommunications companies, receivables management companies, mail order, wholesale and retail companies as well as other companies that supply goods or services. Within the framework of the statutory provisions, part of the data available in the information database is also used to supply other company databases, including for address trading purposes.
In the Creditreform Boniversum database, information is stored in particular on the name, address, date of birth, e-mail address if applicable, payment behavior and shareholdings of persons. The purpose of processing the stored data is to provide information on the creditworthiness of the person inquired about. The legal basis for the processing is Art. 6 para. 1f EU-GDPR. Information about this data may be given thereafter only if a customer credibly demonstrates a legitimate interest in the knowledge of this information. If data is transferred to countries outside the EU, this is done on the basis of the so-called "standard contract clauses", which you can see and have sent to you from the following link:
The data is stored as long as its knowledge is necessary for the fulfilment of the purpose of storage. As a rule, knowledge is required for an initial storage period of three years. After expiry, it is checked whether storage is still necessary, otherwise the data will be deleted to the day. If a case is settled, the data is deleted to the day three years after settlement. According to § 882e ZPO, entries in the debtor register are deleted to the day after three years have elapsed since the day of the registration order. Legitimate interests within the meaning of Art. 6 para. 1f EU-GDPR can be: credit decision, business initiation, shareholding, claim, credit assessment, insurance contract, enforcement information.
Creditreform Boniversum GmbH grants you the right to obtain information about the personal data stored about you. If the data stored about you is incorrect, you have a right to correction or deletion. If it cannot be determined immediately whether the data is incorrect or correct, you have a right to block the respective data until clarification. If your data is incomplete, you can demand their completion. If you have given your consent to the processing of the data stored at Creditreform Boniversum, you have the right to revoke this consent at any time. By page 2 of 2 | Status April 2018 | © 2018 Boniversum
Revocation does not affect the legality of the processing of your data on the basis of your consent up to a possible revocation. If you have any objections, requests or complaints regarding data protection, you can contact the data protection officer at Creditreform Boniversum at any time. He or she will help you quickly and confidentially with all questions relating to data protection. You can also complain about the processing of data by Boniversum to the State Data Protection Officer responsible for your federal state. The data that Creditreform Boniversum has stored on you comes from publicly accessible sources, from debt collection agencies and from their clients. To describe your creditworthiness, Creditreform Boniversum creates a score for your data. The score value includes data on age and gender, address data and, in some cases, payment experience data. This data flows into the score value calculation with different weightings. Creditreform Boniversum customers use the scores as a tool for making their own credit decisions.
Right of Objection:
The processing of the data stored at Creditreform Boniversum GmbH is carried out for compelling, protection worthy reasons of creditor and creditor protection, which regularly outweigh your interests, rights and freedoms or serves the assertion, exercise or defense of legal claims. You can only object to the processing of your data in the case of reasons which result from a special situation and which must be proven. If such special reasons can be proven to exist, the data will no longer be processed. If you object to the processing of your data for advertising and marketing purposes, the data will no longer be processed for these purposes. Creditreform Boniversum GmbH, Hellersbergstr. 11, 41460 Neuss, Germany, is responsible according to Art. 4 No. 7 EU Data Protection Act. Your contact person in our company is the Consumer Service, Tel.: 02131 36845560, Fax: 02131 36845570, E-Mail: email@example.com.
You can reach the responsible Data Protection Officer via the following contact details: Creditreform Boniversum GmbH, Data Protection Officer, Hellersbergstr. 11, 41460 Neuss, Germany, e-mail: firstname.lastname@example.org.
© Parkhotel Heilbronn