Privacy Statement

Privacy Statement Best Western Hotel Halle Merseburg

Information on data processing according to Artt. 13, 14 GDPR  

We are pleased that you are visiting our homepage and thank you for your interest. Dealing with our customers and interested parties is a matter of trust. The trust placed in us has a very high value and therefore the importance and obligation to handle your data carefully and to protect it from misuse.

To ensure that you feel safe and comfortable when visiting our website, we take the protection of your personal data and its confidential treatment very seriously. Therefore, we act in accordance with the applicable legislation on the protection of personal data and data security. With these notes on data protection, we would therefore like to inform you about when we store which data and how we use it – naturally in compliance with the applicable legislation.

Data protection at the Best Western Hotel Halle-Merseburg is based in particular on the EU General Data Protection Regulation (GDPR) and the Federal Data Protection Act (BDSG). When using the Internet, we are guided by the Telemedia Act (TMG) and the Telecommunications Telemedia Data Protection Act (TTDSG) of the Federal Republic of Germany to protect your personal data. In the following, we explain what information we collect during your visit to our websites and how it is used.

Name and address of the responsible person

The responsible person in the sense of the GDPR and other national data protection laws of the member states as well as other data protection regulations is:

BHMC Berlin Hotel Management Consulting GmbH, Best Western Hotel Halle-Merseburg, Christianenstr. 25, D-06217 Merseburg,
Tel.: +49 3461-350-0,
Mail: info@bestwestern-merseburg.de

Name and address of the data protection officer

Mr. Kay Kühnel
DataSolution LUD GmbH
Isarstr. 13 D-14974 Ludwigsfelde

Mail: mail@hoteldatenschutz.de

General information on data processing

Scope of the processing of personal data

We collect and use personal data of our users only to the extent necessary to provide a functional website and our content and services. The collection and use of personal data of our users is regularly only carried out with the consent of the user. An exception applies in those cases where it is not possible to obtain prior consent for factual reasons and the processing of the data is permitted by legal regulations.

Legal basis for the processing of personal data

Insofar as we obtain the consent of the data subject for processing operations of personal data, Art. 6 (1) lit. a GDPR serves as the legal basis. When processing personal data that is necessary for the performance of a contract to which the data subject is a party, Art. 6 (1) lit. b GDPR serves as the legal basis. This also applies to processing operations that are necessary for the performance of pre-contractual measures. If processing of personal data is necessary for compliance with a legal obligation to which our company is subject (e.g. national registration laws), Art. 6 (1) lit. c GDPR serves as the legal basis. If processing is necessary to protect a legitimate interest of our company or a third party and if the interests, fundamental rights and freedoms of the data subject do not override the first-mentioned interest, Art. 6 (1) f GDPR serves as the legal basis for the processing.

Data deletion and storage period

The personal data of the data subject shall be deleted or blocked as soon as the purpose of storage ceases to apply. Storage may also take place if this has been provided for by the European or national legislator in Union regulations, laws or other provisions to which the controller is subject. Data will also be blocked or deleted if a storage period prescribed by the aforementioned standards expires, unless there is a need to continue storing the data for the conclusion or performance of a contract.

E-mail contact

Description and scope of data processing

If you contact us by e-mail to request information about our products or services, we process this data electronically in order to respond to your request. The data includes, among others, e-mail address, name and request.

Legal basis for data processing

The legal basis for the processing of the data is first of all our legitimate interest in the processing of data in the context of contacting the inquirer. If the contact is aimed at the conclusion of a contract, the additional legal basis for processing is in the context of a contract initiation relationship or contractual relationship.

Purpose of data processing

The processing of personal data from the input mask serves us solely to process the contact. In the case of contact by e-mail, this also constitutes the necessary legitimate interest in processing the data.

The other personal data processed during the submission process are used to prevent misuse of the contact form and to ensure the security of our information technology systems.

Duration of storage

The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. For personal data sent by e-mail, this is the case when the respective conversation with the user has ended. The conversation is ended when it is clear from the circumstances that the matter in question has been conclusively clarified.

If the contact is a pre-contractual relationship (offer or reservation request), the transmitted data will also be stored in our hotel software and used for contract execution. If there is no contractual relationship, we delete the data after one year at the end of the year.

Possibility of objection

You have the option to object to the processing of your data at any time. For this purpose, we have set up the e-mail address datenschutz@bestwestern-merseburg.de. We would like to point out that in the event of an objection, the conversation cannot be continued or we cannot create any offers, etc. All personal data stored in the course of contacting you will be deleted in this case.

Online booking through the website

Description and scope of data processing

On our website there is the possibility to book stays and arrangements. If you take advantage of this option, the data entered in the input mask will be transmitted to us and stored. These data are: Salutation, first and last name, e-mail address, telephone, address, number of fellow travelers, estimated time of arrival, wishes, method of payment, date and time of reservation.

We use payment service providers to process the purchase. You can select the payment method yourself. We would like to point out that your payment data may be transmitted to servers of the payment service providers in the USA according to your selection and processed there.

If you make an online booking from our websites, this is done through the online reservation system of Best Western Hotels Central Europe GmbH, based in Eschborn, Germany. All booking data you enter is transmitted in encrypted form. IHG is committed to handling your transmitted data in accordance with data protection regulations. It takes all organizational and technical measures to protect your data. The data is used exclusively for processing the booking and for communication.

Legal basis for data processing

The legal basis for the processing of data is the conclusion of an accommodation contract.

In order to increase our services, the reservation data is passed on to central offices of the franchisor Best Western Hotels Central Europe GmbH as well as to central offices of the hotel group. The responsible entity is the hotel in which the booking is made. The respective booking data can only be viewed by the responsible entity, together access to the master data of a guest is used, for example, to make a reservation for another hotel at a later date, to rebook or to carry out marketing activities in a centralized manner. For this purpose, central services such as reservations and marketing access this data. The legal basis for processing the data is our legitimate interest in data processing within the framework of centralized management and use of the data of our customers and business partners within the hotel group.

If there is a legitimate interest, we may conduct an information request with IHD Gesellschaft für Kredit- und Forderungsmanagement mbH, Augustinusstr. 11 B, D-50226 Frechen, Germany, in order to obtain information about the accessibility and creditworthiness of natural persons who are commercially active and legal entities.

Purpose of data processing

The processing of personal data from the input mask serves us solely for the processing of the booking request and the handling of payment transactions.

Duration of storage

The data will be deleted as soon as it is no longer required to achieve the purpose for which it was collected. In the case of a contractual relationship, we will delete the data received as soon as national, commercial law, statutory or contractual retention requirements have been fulfilled. The transmitted data will be stored in our hotel software and used for the execution of the contract. If there is no contractual relationship, we will delete the data after one year at the end of the year.

Possibility of objection

You have the option to object to the processing of your data at any time. For this purpose, we have set up the e-mail address datenschutz@bestwestern-merseburg.de. We would like to point out that in the event of an objection, the booking cannot be completed or the conversation cannot be continued.

Online booking via other websites

 Description and scope of data processing

The Best Western Hotel Halle-Merseburg gives interested parties the opportunity to book rooms and arrangements via hotel reservation portals (third-party providers). If you take advantage of this option, the data entered in the input mask will be transmitted to us and stored to the extent permitted by the respective hotel reservation portal in accordance with its own data protection provisions. Data can be: Salutation, first and last name, e-mail address, telephone, address, number of fellow travelers, estimated time of arrival, wishes, payment data (credit card).

Legal basis for data processing

The legal basis for the processing of data is the conclusion of an accommodation contract.

In order to increase our services, the reservation data is passed on to central offices of the franchisor Best Western Hotels Central Europe GmbH as well as to central offices of the hotel group. The responsible entity is the hotel in which the booking is made. The respective booking data can only be viewed by the responsible entity, together access to the master data of a guest is used, for example, to make a reservation for another hotel at a later date, to rebook or to carry out marketing activities in a centralized manner. For this purpose, central services such as reservations and marketing access this data. The legal basis for processing the data is our legitimate interest in data processing within the framework of centralized management and use of the data of our customers and business partners within the hotel group.

The data provided is transferred to our hotel software via a so-called channel manager. All received booking data is transmitted in encrypted form. Best Western Hotels Central Europe GmbH, as the provider of the Channel Manager, has committed itself to handling the transmitted personal data in accordance with data protection regulations. It takes all organizational and technical measures to protect your data.

If there is a legitimate interest, we may conduct an information request with IHD Gesellschaft für Kredit- und Forderungsmanagement mbH, Augustinusstr. 11 B, D-50226 Frechen, Germany, in order to obtain information about the accessibility and creditworthiness of natural persons who are commercially active and legal entities.

Purpose of data processing

The processing of personal data from the input mask serves us solely for the processing of the booking request and the handling of payment transactions.

Duration of storage

The data will be deleted as soon as it is no longer required to achieve the purpose for which it was collected. In the case of a contractual relationship, we will delete the data received as soon as national, commercial law, statutory or contractual retention requirements have been fulfilled. The transmitted data will be stored in our hotel software and used for the execution of the contract. If there is no contractual relationship, we will delete the data after one year at the end of the year.

The Best Western Hotel Halle-Merseburg has no influence on the storage periods of the respective hotel reservation portal.

Possibility of objection

You have the option to object to the processing of your data at any time. For this purpose, we have set up the e-mail address datenschutz@bestwestern-merseburg.de. We would like to point out that in the event of an objection, the booking cannot be completed or the conversation cannot be continued.

Support, consulting and advertising for corporate clients

Description and scope of data processing

For the support, consulting and advertising of corporate customers, we collect and use, in addition to the business partner or even potential business partner, the contact person, phone number and postal address. We obtain the information from various sources, either through an inquiry (e-mail or telephone), but also through events, trade fairs, business cards received by our sales staff, etc.

Legal basis for data processing

The legal basis for the processing of the data is first of all our legitimate interest in the processing of data in the context of contacting the inquirer. If the contact is aimed at the conclusion of a contract, the additional legal basis for processing is in the context of a contract initiation relationship or contractual relationship.

To increase our services, we manage all data received in the central CRM module of the Best Western Hotel Halle-Merseburg. The responsible entity is the hotel with which a business contact exists. Central services such as sales, banquet, reservation and marketing access this data. The legal basis for the processing of the data is our legitimate interest in data processing in the context of central management and use of the data of our customers and business partners within the hotel group.

Purpose of data processing

We use this contact data exclusively for our own purposes and for the needs-based design of our own sales activities.

Duration of storage

In principle, no deletion period is provided for. However, if our sales department has not had any contact with the company contact within 3 years, the sales department will decide whether the contact person of the company contact will be deleted.

If the contact is a pre-contractual relationship (offer or reservation request), the transmitted data will also be stored in our hotel software and used for contract execution. If there is no contractual relationship, we delete the data after one year at the end of the year.

Possibility of objection

As a company contact, you have the option to object to the processing of your data at any time. For this purpose, we have set up the e-mail address datenschutz@bestwestern-merseburg.de. All personal data of the contact person that has been stored for the business partner will be deleted in this case.

Newsletter service

Description and scope of data processing

On our website there is the possibility to register for our newsletter service in different ways. If a user takes advantage of this option, the data entered in the input mask is transmitted to us and stored. These data are: First name, last name*, company, e-mail address*, date of birth, zip code/city, language* (*mandatory data).

If you register for a newsletter from our websites, the data will be stored in our newsletter tool of Artegic AG, based in Bonn, Germany. Artegic AG is committed to handling your transmitted data in accordance with data protection regulations. It takes all organizational and technical measures to protect your data.

If we otherwise receive an email address where the recipient clearly tells us that they would like to receive our newsletter, we will collect their data via the input mask on our website.

Legal basis for data processing

The legal basis for the processing of the data is the existence of a consent of the recipient. This is ensured by a double-opt-in procedure.

Purpose of data processing

The processing of personal data serves us solely to send individual newsletters.

Duration of storage

The data will be deleted as soon as the newsletter service is unsubscribed.

Possibility of objection

As a recipient of a newsletter, you have the option to object to the processing of your data or revoke your consent at any time. With each newsletter, the newsletter service can be unsubscribed. In addition, we have set up the e-mail address datenschutz@bestwestern-merseburg.de. Please let us know the e-mail address here.

Best Western Rewards

BWH Hotel Group Central Europe GmbH offers the possibility of membership in the Best Western Rewards® program (program for short). Through a link on our website, the guest can register for this program himself on the website of BWH Hotel Group Central Europe GmbH or fill out a form at our hotel.

Members are offered the opportunity to participate in the newsletter service as well as to submit a review about their stay at a Best Western hotel.

Responsible for the Best Western Rewards® program is BWH Hotel Group Central Europe GmbH, Frankfurter Str. 10-14, 65760 Eschborn, Germany. We have no influence on the processing of your personal data in this context.

The legal basis for the processing of the data is the fulfillment of a contract pursuant to Art. 6 para. 1 lit. b GDPR in the form of membership in the program, the parties to which are the data subject and BWH Hotel Group Central Europe GmbH.

For more information on the Best Western Rewards® program, visit https://www.bestwestern.de/bwr-registrierung.html?rewardsDuringLogin=false.

Provision of the website and creation of log files

Description and scope of data processing

Each time our website is accessed, our system automatically collects data and information from the computer system of the accessing computer. The following data is collected:

  • Information about the browser type and version used
  • The operating system of the user
  • The IP address of the user
  • Date and time of access
  • Websites from which the user’s system accesses our website
  • Web pages that are called up by the user’s system via our website

The data is also stored in the log files of our system. A storage of this data together with other personal data of the user does not take place. Personal user profiles cannot be formed. The stored data is only evaluated for statistical purposes.

Legal basis for data processing

The legal basis for the temporary storage of the data and the log files is our legitimate interest in data processing in the context of the provision of our Internet pages.

Purpose of data processing

The temporary storage of the IP address by the system is necessary to enable delivery of the website to the user’s computer. For this purpose, the user’s IP address must remain stored for the duration of the session.

The storage in log files is done to ensure the functionality of the website. In addition, we use the data to optimize the website and to ensure the security of our information technology systems. An evaluation of the data for marketing purposes does not take place in this context.

These purposes are also our legitimate interest in the data processing for the provision of our Internet pages.

Duration of storage

The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. In the case of the collection of data for the provision of the website, this is the case when the respective session has ended.

In the case of storage of data in log files, this is the case after seven days at the latest. Storage beyond this period is possible. In this case, the IP addresses of the users are deleted or alienated, so that an assignment of the calling client is no longer possible.

Possibility of objection and removal

The collection of data for the provision of the website and the storage of the data in log files is mandatory for the operation of the website. Consequently, there is no possibility of objection on the part of the user.

 

Cookies use

Description and scope of data processing

Cookies are small files that allow us to store specific information related to you, the user, on your computer while you visit one of our websites. Cookies help us to determine the frequency of use and the number of users of our website, as well as to make our offers as convenient and efficient as possible for you.

We also use cookies on our website, which enable an analysis of the user’s surfing behavior. In this way, the following data can be transmitted: Search terms entered, frequency of page views, use of website functions. The user data collected in this way is pseudonymized by technical precautions. Therefore, an assignment of the data to the calling user is no longer possible. The data is not stored together with other personal data of the user. When calling up our website, the user is informed about the use of cookies for analysis purposes and his consent to the processing of personal data used in this context is obtained. In this context, a reference to this privacy policy is also made.

Legal basis for data processing

The legal basis for the processing of personal data using technically necessary cookies is our legitimate interest in data processing.

The legal basis for the processing of personal data using cookies for analysis purposes is in the presence of a relevant consent of the user.

Purpose of data processing

The purpose of using technically necessary cookies is to simplify the use of websites for users. Some functions of our website cannot be offered without the use of cookies. For these, it is necessary that the browser is recognized even after a page change. The user data collected through technically necessary cookies are not used to create user profiles.

The analysis cookies are used for the purpose of improving the quality of our website and its content. Through the analysis cookies, we learn how the website is used and can thus constantly optimize our offer.

Duration of storage, possibility of objection and elimination

Cookies are stored on the user’s computer and transmitted from it to our site. Therefore, you as a user also have full control over the use of cookies. By changing the settings in your Internet browser, you can disable or restrict the transmission of cookies. Cookies that have already been stored can be deleted at any time. This can also be done automatically. If cookies are deactivated for our website, it may no longer be possible to use all functions of the website in full.

Below we describe in more detail which cookies we use on the site.

These cookies allow us to tailor the site’s features and content to you by storing your preferences. For example, these cookies can be used to store your user data in our forum or to make a language selection. In addition, they may be used to offer interactive information, such as viewing our virtual catalogs or videos.

Overview of the cookies used

When operating this website, we use various cookies as described above. The following table lists the cookies used again clearly:

Domian Name Purpose Storage duration
.bestwestern-hall-merseburg.com __utma This is one of the four main cookies set by the Google Analytics service, which allows website owners to track visitor behavior and measure website performance. This cookie lasts for 2 years by default and distinguishes between users and sessions. It used to calculate new and recurring visitor statistics. The cookie is updated every time data is sent to Google Analytics. The lifetime of the cookie can be customized by website owners. 2 years
.bestwestern-hall-merseburg.com __utmb This is one of the four main cookies set by the Google Analytics service, which allows website owners to track visitor behavior and measure website performance. This cookie determines new sessions and visits and expires after 30 minutes. The cookie is updated every time data is sent to Google Analytics. Any activity by a user within the 30-minute lifetime counts as a single visit, even if the user leaves and then returns to the site. A return after 30 minutes counts as a new visit, but a returning visitor. 30 minutes
.bestwestern-hall-merseburg.com __utmc This is one of the four main cookies set by the Google Analytics service, which allows website owners to track visitor behavior and measure website performance. It is not used on most websites, but is set to enable interoperability with the older version of Google Analytics code known as Urchin.  In this older version, this was used in combination with the __utmb cookie to identify new sessions/visits for returning visitors. When used by Google Analytics, it is always a session cookie that is destroyed when the user closes their browser. Therefore, if it is considered a persistent cookie, it is probably another technology that sets the cookie. Session
.bestwestern-hall-merseburg.com __utmt This cookie is set by Google Analytics.  According to their documentation, it is used to throttle the request rate for the service – to limit the collection of data on websites with high traffic. 10 minutes
.bestwestern-hall-merseburg.com __utmz This is one of the four main cookies set by the Google Analytics service, which allows website owners to track visitor behavior as measured by website performance. This cookie identifies the source of traffic to the website – so Google Analytics can tell website owners where visitors are coming from when they arrive on the website. It is updated every time data is sent to Google Analytics. 6 months
.bestwestern-hall-merseburg.com _icl_current_language This cookie name is associated with a multilingual WordPress plug-in from WPML. It stores a language value for the website.  If the cookie is set in response to a user action or request, and as long as it has a short lifetime, it can be treated as strictly necessary. 1 day
www.bestwestern-halle-merseburg.de CookieConsent This cookie stores the user’s cookie consent status for the current domain. 1 year

Use of Google services

Google Analytics

Our offer uses Google Analytics, a web analytics service provided by Google Inc (“Google”). Google Analytics uses “cookies”, which are text files placed on your computer, to help the website analyze how users use the site. The information generated by the cookies about the use of this website by the users is usually transmitted to a Google server in the USA and stored there. In the event that IP anonymization is activated on this website, however, Google will truncate the user’s IP address beforehand within member states of the European Union or in other contracting states to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. IP anonymization is active on this website.

We process your data using Google Analytics for the purpose of optimizing our website based on your consent. Your consent. You give your consent by setting the use of cookies (cookie banner / Consent Manager), with which you can also declare your revocation at any time with effect for the future in accordance with Art. 7 (3) GDPR.

The concrete storage period of the processed data cannot be influenced by us, but is determined by Google Ireland Limited. You can find further information in the privacy policy.

On behalf of the operator of this website, Google will use this information for the purpose of evaluating the use of the website by users, compiling reports on website activity and providing other services relating to website activity and internet usage to the website operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with other data from Google.

Users may refuse the use of cookies by selecting the appropriate settings on their browser, however please note that if you do this you may not be able to use the full functionality of this website. Users can also prevent the collection of data generated by the cookie and related to their use of the website (including your IP address) to Google and the processing of this data by Google by downloading and installing the browser plugin available at the following link: http://tools.google.com/dlpage/gaoptout?hl=de. As an alternative to the browser add-on or within browsers on mobile devices, please click this link to prevent the collection by Google Analytics within this website in the future. This will place an opt-out cookie on your device.

Google Maps

This website uses Google Maps API, a mapping service provided by Google Inc (“Google”), to display an interactive map and to create directions. Google Maps is operated by Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

By using Google Maps, information about your use of this website (including your IP address) may be transmitted to and stored by Google on servers in the United States. Google may transfer the information obtained through Maps to third parties where required to do so by law, or where such third parties process the information on Google’s behalf.

Google will not associate your IP address with any other data held by Google. It is nevertheless technically possible that Google could identify at least individual users on the basis of the data received. It would be possible that personal data and personality profiles of users of the website could be processed by Google for other purposes over which we have and can have no influence.

The legal basis for the use of Google Maps is your consent. You give your consent by setting the use of cookies (cookie banner / Consent Manager) and / or in the Google Maps display (Double Click), with which you can also declare your revocation at any time with effect for the future in accordance with Art. 7 para. 3 GDPR.

The purpose of using Google Maps is to show the user our location on the website and to give him the possibility to determine different directions via the services of Google Maps.

You have the option of deactivating the Google Maps service and thus preventing the transfer of data to Google by deactivating JavaScript in your browser. However, we would like to point out that in this case you will not be able to use the map display on our website.

The concrete storage period of the processed data cannot be influenced by us, but is determined by Google Ireland Limited. You can find further information in the privacy policy.

Google reCAPTCHA

We have integrated components of Google reCAPTCHA on our website. Google reCAPTCHA is a service of Google Ireland Limited and enables us to distinguish whether a contact request originates from a natural person or is automated by means of a program. When you access this content, you establish a connection to servers of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, whereby your IP address and possibly browser data such as your user agent are transmitted. Furthermore, Google reCAPTCHA records the user’s browsing time and mouse movements in order to distinguish automated requests from human ones. This data is processed exclusively for the purposes mentioned above and to maintain the security and functionality of Google reCAPTCHA.

The use of the service is based on our legitimate interests, i.e. for protection when submitting forms.

The concrete storage period of the processed data cannot be influenced by us, but is determined by Google Ireland Limited. Further information can be found in the privacy policy for Google reCAPTCHA.

Use of social media plugins

The use of social media plugins is in the interest of an appealing presentation and expansion of our online offers. This represents a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR.

Use of Facebook plugins

Plugins of the social network Facebook, 1601 South California Avenue, Palo Alto, CA 94304, USA are integrated on our pages. You can recognize the plugins by the logo on our page. You can find an overview of the plugins here.

We have no influence on the data collection and further processing by Facebook. Furthermore, it is not apparent to us to what extent, where and for how long the data is stored, to what extent Facebook complies with existing deletion obligations, what evaluations and links are made with the data and to whom the data is passed on. If you would like to avoid Facebook processing personal data that you have transmitted to us, please contact us by other means.

You can find more information on this in Facebook’s privacy policy. If you do not want Facebook to associate your visit to our pages with your user account, please log out of your respective user account!

Facebook fan page

On our Facebook fan page at: https://www.facebook.com/BestWesternMerseburg we use plugins of the provider Facebook.com, which are provided by the company Facebook Inc., 1601 S. California Avenue, Palo Alto, CA 94304 in the USA.

By using the fan page, data is forwarded to the Facebook servers, which contain information about your visits to our fan page. For logged-in users, this results in the usage data being assigned to their personal Facebook account. As soon as you actively use the Facebook plugin as a logged-in Facebook user, e.g. by clicking on the “Facebook” logo or using the comment function, this data is transferred to your Facebook account and published. You can only avoid this by logging out of your Facebook account beforehand.

We do not know exactly what data Facebook stores and uses. As a user of the fan page, you must therefore expect that Facebook also stores your actions on the fan page without gaps.

Otherwise, the General Terms of Use of Facebook Ireland Limited, Hanover Reach, 5-7 Hanover Quay, Dublin 2, Ireland shall apply.

The legal basis for this data processing is Art. 6 para. 1 lit. a, f) GDPR.

Every person depicted as well as other third parties have the possibility to object to the publication of their personal data (photos) at any time. We have set up the e-mail address datenschutz@bestwestern-merseburg.de for this purpose. The right to object applies in particular to the publication of images for the future.

It can always happen that we accidentally publish pictures of people where no consent has been given. If publication is not desired, we will immediately do everything possible to comply with your right. In the case of group pictures, we reserve the right to distort faces.

Cookiebot

We have integrated Cookiebot on our website. Cookiebot is a consent solution from Cybot A/S, Havnegade 39, 1058 Copenhagen, Denmark, which can be used to obtain and document consent to store cookies. Cookiebot uses cookies or other web technologies to recognize users and store consent given or revoked.

The use of the service is based on the legally required consent to the use of cookies for preservation pursuant to Art. 6 para. 1 lit. c. GDPR.

The specific storage period of the processed data cannot be influenced by us, but is determined by Cybot A/S. You can find further information in the privacy policy for Cookiebot.

Cookiebot CDN

We use Cookiebot CDN to properly deliver the content of our website. Cookiebot CDN is a service of Cybot A/S, which operates on our website as a Content Delivery Network (CDN) to ensure the functionality of Cybot A/S services. For said services, you can find a separate section in this Privacy Policy. This section is only about the use of the CDN.

A CDN helps to provide content of our online offer, especially files such as graphics or scripts, faster with the help of regionally or internationally distributed servers. When you access this content, you connect to servers of Cybot A/S, Havnegade 39, 1058 Copenhagen, Denmark, where your IP address and possibly browser data such as your user agent are transmitted. This data is processed solely for the purposes mentioned above and to support the security and functionality of Cookiebot CDN.

The use of the Content Delivery Network is based on our legitimate interests, i.e. interest in a secure and efficient provision and optimization of our online offer pursuant to Art. 6 para. 1 lit. f. GDPR.

The specific storage period of the processed data cannot be influenced by us, but is determined by Cybot A/S. For more information, please see the privacy policy for Cookiebot CDN.

Protection of minors

This service is mainly aimed at adults. We do not currently market any specific areas for children. Accordingly, we do not knowingly collect age-identifying information, nor do we knowingly collect personally identifiable information from children under the age of 16. However, we caution all visitors to our website under the age of 16 not to disclose or provide any personally identifiable information through our Service. In the event that we determine that a child under the age of 16 has provided us with personal information, we will delete the child’s personal information from our files to the extent technically feasible.

Rights of the data subject

If your personal data is processed, you are a data subject within the meaning of the GDPR and you have the following rights vis-à-vis the controller:

  • You have a right to information about the personal data stored about you, about the purposes of processing, about any transfers to other bodies and about the duration of storage.
  • If data is inaccurate or no longer necessary for the purposes for which it was collected, you may request that it be corrected, deleted or restricted from Where provided for in the processing procedures, you may also inspect your data yourself and correct it if necessary.
  • Should grounds against the processing of your personal data arise from your particular personal situation, you may, insofar as the processing is based on a legitimate interest, object to The controller will no longer process the personal data concerning you unless it can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves the purpose of asserting, exercising or defending legal claims.
  • If the personal data concerning you is processed for the purpose of direct marketing, you have the right to object at any time to processing of the personal data concerning you for the purpose of such marketing; this also applies to profiling, insofar as it is related to such direct marketing. If you object to the processing for direct marketing or profiling purposes, the personal data concerning you will no longer be processed for these purposes.

You have the right to revoke your declaration of consent under data protection law at any time. The revocation of consent does not affect the lawfulness of the processing carried out on the basis of the consent until the revocation.

If you have any questions about your rights and how to exercise them, please contact the data controller or our data protection officer.

Security

The Best Western Hotel Halle-Merseburg uses technical and organizational security measures in accordance with Art. 32 GDPR  to protect the data we have under our control against accidental or intentional manipulation, loss, destruction or against access by unauthorized persons. Our security measures are continuously improved in line with technological developments. Access is only possible for a few authorized persons and persons obligated to special data protection who are involved in the technical, administrative or editorial care of data.

Right to complain to a supervisory authority

As a data subject, without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a data protection supervisory authority, in particular in the Member State of your residence or of the place of the alleged infringement, if you consider that the processing of personal data relating to you infringes data protection.

The supervisory authority to which the complaint is submitted will inform you of the status and outcome of your complaint, including the possibility of a judicial remedy.

More information can be found on the website of the Federal Commissioner for Data Protection and Freedom of Information. Follow the link.

Update and modification

We reserve the right to change, update or amend this Privacy Notice at any time. Any revised information on data processing will only apply to personal data collected or modified after the effective date.

Status I January 2023