- 1 Information about the collection of personal data
(1) Below, we provide you with information about the collection of personal data when using our website. Personal data means all data that relate directly to you, for example, your name, address, email addresses and user behaviour.
(2) The controller according to Art. 4 (7) EU General Data Protection Regulation (GDPR) is
Waldhotel Stuttgart GmbH
Telefon +49 711 185 72 0
Fax +49 711 185 72 400
Executive Management: John Sorensen, Sean Kevin Sorensen, Jörg Grede
Registered Office of the Company: Stuttgart
District Court of Stuttgart HRB 64 58
VAT ID no. DE 147 836 814
(see our Legal Notice).
You can contact our Data Protection Officer at
Am Wolfsberg 18
or by sending a letter to the above address and adding “Data Protection Officer”.
(3) When you contact us by e-mail or using a contact form, we will store the data notified by you (your e-mail address, your name and your telephone number, if applicable) to answer your questions. We will delete the data that arise in this context after its storage is no longer required, or limit the processing if there are statutory storage obligations.
(4) If we rely on commissioned service providers for individual functions of our offer or would like to use your data for advertising purposes, we will inform you in detail below about the respective transactions. In doing so, we will also state the specified criteria for the duration of storage.
(1) With regard to your personal data, you have the following rights towards us:
– right of access;
– right to rectification or erasure;
– right to restriction of processing;
– right to objection to processing;
– right to data portability.
(2) You also have the right to lodge a complaint before data protection supervisory authorities concerning the processing of your personal data by us.
- 3 Collection of personal data when visiting our website
(1) In the case of merely informative use of the website, i.e. if you do not register or otherwise provide us with information, we will only collect the personal data that your browser transmits to our server. If you wish to view our website we will collect the following data, which is technically necessary for us so that we are able to display our website and ensure its stability and security (legal basis is art. 6, subsection 1, s. 1 (f), GDPR):
– IP address;
– date and time of the request;
– time zone difference to Greenwich Mean Time (GMT);
– contents of the request (specific page);
– access status/HTTP status code;
– the transferred data volume;
– website from which the request originates;
– operating system and its interface;
– language and version of the browser software.
(2) In addition to the aforementioned data, cookies will be saved on your computer when you use our website.
- a) Cookies
Cookies may contain data which enable the recognition of the device used. In some cases however, cookies only contain information on certain settings that cannot be related to individuals. However, cookies cannot directly identify a user.
A distinction is made between session cookies, which are deleted as soon as you close your browser and permanent cookies, which will be retained even after the session has ended. In terms of their function, cookies can be distinguished between:
- Essential cookies: These are strictly necessary in order to move around the website, use basic functions and guarantee the security of the website; they neither collect information about you for marketing purposes nor do they save which websites you have visited;
- Statistics: These collect information about how you use our website, which sites you visit and, e.g., whether errors occur when using the website; they do not collect any information which could identify you – all collected information is anonymous and is used exclusively to improve our website and to find out what interests our users;
- Marketing: These serve to offer the website user tailored advertising on the website or third-party offers and to measure the effectiveness of these offers;
- External media: These serve to improve the interactivity of our website with other services (e.g. social networks);
- b) Cookie details
Further information about which cookies we use and how you can manage your cookie settings and deactivate certain types of tracking can be found in our cookie details [at the end of every page].
- 4 More functions and offers of our website
(1) Besides the use of our website for mere information purposes, we offer different services that you can use in case of interest. To do so, you usually have to specify more personal data that we will use to render the relevant service and to which the data processing principles specified above apply.
(2) To process your data, we sometimes make use of external service providers. These service providers have been carefully selected and commissioned by us, are bound by our instructions, and are checked at regular intervals.
(3) Apart from that, we may forward your personal data to third parties if we offer the participation in campaigns, competitions, contract conclusions or similar services together with partners. More detailed information will be provided when you specify your personal data or at the bottom, in the description of the offer.
(4) If our service providers or partners have their registered office in a state outside the European Economic Area (EEA), we will inform you on the consequences thereof in the description of the offer.
(5) Tools from companies based in the USA are integrated on our website. When these tools are active, your personal data can be passed on to the US servers of the respective companies. We would like to point out that the USA is not a safe third country within the meaning of EU data protection law. US companies are obliged to surrender personal data to security authorities without you as the person concerned being able to take legal action against this. It cannot therefore be ruled out that US authorities (e.g. secret services) process, evaluate and permanently store your data on US servers for monitoring purposes. We have no influence on these processing activities.
- 5 Objection to or Withdrawal of Your Consent to the Processing of Your Data
(1) If you have provided us with a consent to the processing of your data, you may withdraw that consent at any time. Such a withdrawal affects the legitimacy of the processing of your personal data following your declaration of such a withdrawal.
(2) Where we justify the processing of your personal data on the basis of a weighing of interests, you may submit an objection to the processing. This is particularly relevant to cases in which the processing is not necessary for fulfilling a contract with you, which we will clarify in each case in the following description of the functions. When exerting such right to objection, we ask you to explain the reasons why we should not process your personal data as it is done by us. In case of your justified objection, we will check the facts and either discontinue the data processing and/or adjust it or give you our compelling legitimate grounds based on which we will continue the processing.
(3) It goes without saying that you can object to the processing of your personal data for marketing and data analysis purposes at any time. You can notify us of your objection to processing for advertising purposes via the following contact details: firstname.lastname@example.org.
(1) You can consent to subscribe to our newsletter, which will provide you with information about our current interesting offers. The advertised products and services are named in the declaration of consent.
(2) For the registration for our newsletter, we use the so-called double opt-in procedure. This means that after your registration, we will send an e-mail to the specified e-mail address in which we ask you to confirm that you want to receive the newsletter. Furthermore, we will always store the IP addresses used and the time of the registration and confirmation. This serves as a means of proof of your subscription and, if applicable, to solve any potential misuse of your personal data.
(3) The only information required for sending the newsletter is your email address. More, separately marked data can be specified voluntarily and will only be used to address you personally. After your confirmation, we will store your email address for the purpose of sending the newsletter. The legal basis is Article 6(1) clause 1 point a) of GDPR.
(4) You can withdraw your consent to receive the newsletter and unsubscribe at any time. You can withdraw your consent by clicking on the link provided in newsletter emails, by sending an email to email@example.com or by sending a message to the contact data stated in the legal notice.
(5) We point out that when dispatching the newsletter, we will analyse your user behaviour. For these analyses, emails contain so-called web beacons and/or tracking pixels creating one-pixel image files which are stored on our website. In this regard, we also connect data indicated under art. 3 and web beacon data to your email address and an individual ID to create user profiles and to tailor newsletters to your individual interests. In this context, we collect data about when you read the newsletter and which links to click on and to make assumptions as to your personal interests. We then connect this data to your activities on our website.
- 7 Facebook, Sofort-Gutschein
(1) Our website includes links to the above services. We will not transfer your personal data for these purposes. Our website does not use social plug-ins which means that no data will be transferred to these services, unless you expressly follow the links.
(2) If you do follow the links, your browser establishes a connection to the relevant social network or service transmitting data, such as your IP address, so that your visit to your website can be allocated to your user account. You can prevent these allocations by simply logging off of the relevant user account.
(1) For you to be able to easily make online bookings, we use the Hotelnetsolutions booking system.
Your data will be collected, processed and used only
- for establishing, performing and processing the contract relationship based on the reservation, and
- for possible pre- and post-stay mailing
In certain cases, our website also uses technologies from our partnering companies, Expedia, Inc. and meetago GmbH, to efficiently process your queries/bookings.
These companies ensure that your data is processed and used for consultancy, advertising and market research purposes only if you expressly consented to this. You may object to our partnering companies using your data any time.
(2) If you would like to book an overnight stay on-line, it is absolutely necessary for contract conclusion that you provide us with the personal data we require to process your order. When processing the contracts, the necessary mandatory fields are marked to indicate this, other information can be given voluntarily. We use the data provided by you to process your order. We can also pass on your payment data to our bank. The legal basis here is art. 6(1) sent. 1 lit. b of the GDPR.
(3) Due to stipulations under commercial and tax law, we are obliged to retain your address, payment and order data for ten years. Nevertheless, we restrict processing after two years, i.e. your data will be used only for compliance with the legal obligations.
- 9 Video Surveillance Scope and Purpose
(1) On the WALDHOTEL STUTTGART premises, we have video surveillance pursuant to the law, in particular the German Federal Data Protection Act [Bundesdatenschutzgesetz] (BDSG new version) and the EU General Data Protection Regulation (GDPR).
(2) Video surveillance is admissible to the extent this is required for the interests of WALDHOTEL STUTTGART and no legitimate interests of the guests are contrary to this.
(3) Data subjects will always be informed about existing video surveillance and they will see which camera is operating.
(4) There is also a clearly visible information sign attached in a way that it is visible to the data subjects prior to entering the video surveillance area. This information sign also indicates the name of the person overseeing video surveillance activities and his contact data to obtain information about video surveillance cameras.
(5) Compliance with the data subjects’ rights in terms of art. 14 through 21 of the GDPR is guaranteed.
(6) The legal basis of processing your data is art. 6(1) sent. 1 lit. f) of the GDPR (art. 13(1) lit. d) of the GDPR).
(1) You have the possibility to contact us via the contact form. Personal Data is expressly provided on a strictly voluntary basis and will be processed on a confidential basis and for purposes pursuant to valid data protection provisions. We will not transfer the data to third parties outside our company.
(2) Due to stipulations under commercial and tax law, we are obliged to retain your address, payment and order data for ten years. Nevertheless, we restrict processing after two years, i.e. your data will be used only for compliance with the legal obligations.
WALDHOTEL STUTTGART applies technical and organisational security measures to protect your data from accidental or intentional manipulation, loss, destruction and access by unauthorised individuals. These security measures are subject to continuous improvement according to technological developments. Also, all our employees and vicarious agents are subject to data secrecy in terms of the German Data Protection Act [Datenschutzgesetz].
Last update: September 2020
Copyright by Kanzlei Anna Maria Miller