Data protection is very important to us!
The protection of your personal data is taken very seriously when using this website. In the following you will be informed about the collection, processing and use of your personal data when you visit this website and use the services offered there.
1. Information about personal data
(1) Personal data are such individual details that relate to a person or that are suitable to relate to a person, such as B. the name, the postal address, a telephone number, an e-mail address, the bank details etc. Under certain circumstances, personal data can be used to infer the identity of a person.
(2) Service provider acc. Section 13 of the Telemedia Act (TMG) and the responsible body in accordance with the Federal Data Protection Act (BDSG) and the General Data Protection Regulation (GDPR) is:
Strandhotel Glücksburg Untern. d. FIGARO Hotelbetrieb GmbH & Co KG
2. Rights of those affected
You have the following rights in connection with our processing of your data:
(1) Right to information according to Art. 15 GDPR about the processing of your personal data by us for processing purposes, categories of processed data, recipients or recipient categories, duration of storage or criteria for determining the duration, right to correction, deletion, restriction of processing or objection to processing, right to lodge a complaint with the supervisory authority, where applicable information about the origin of the data and the existence of automated decision-making and, if applicable, information about guarantees in accordance with Art. 46 GDPR when transmitted to a third country or international organizations;
(2) Right to immediate correction of incorrect or incomplete personal data in accordance with Art. 16 GDPR;
(3) Right to deletion of the stored personal data in accordance with Art. 17 GDPR if the data is no longer necessary for the purposes for which it was collected or otherwise processed, if a given consent has been revoked and it has been otherwise There is no legal basis if there is an objection to the processing and the data may no longer be processed in accordance with Art. 21 Para. 1 or 2 GDPR, if the data has been processed unlawfully, if the deletion is necessary to fulfill a legal obligation or if the data in relation to services offered by an information society in accordance with Art. 8 Para. 1 GDPR. This does not apply if the processing is necessary to exercise the right to freedom of expression and information, to fulfill a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims;
(4) Right to restriction of processing in accordance with Art. 18 GDPR if you contest the accuracy of the data (and for the duration that is necessary for a verification of the accuracy), if the processing is unlawful, but you refuse to delete it instead request a restriction of use if we no longer need the data for the purposes of processing, but you need the data to assert, exercise or defend legal claims, or if you object to the processing in accordance with Article 21 (1) GDPR have as long as it is not certain whether our legitimate reasons outweigh your legitimate reasons;
(5) Right to object to the processing of your personal data in accordance with Art. 21 Para. 2 GDPR (if the data are processed for the purpose of direct advertising) or in accordance with Art. 21 Para. 1 GDPR (if the processing in accordance with Art. 6 Para. 1 S 1 e) or f) GDPR takes place for reasons that arise from your particular situation, unless we have compelling reasons for processing worthy of protection that outweigh your interests, or the processing serves to assert, exercise or defend Legal claims). For more information on the right to object, please also see Section 23 below;
(6) Right to data portability according to Art. 20 GDPR, i.e. on receipt of the personal data relating to you that you have provided to us in a structured, common and machine-readable format or on transmission to another person responsible;
(7) Right to withdraw consent given at any time in accordance with Art. 7 Para. 3 GDPR. As a result of the revocation, we are no longer allowed to process the data for the future from the time of the revocation. See also section 24 below;
(8) Right to lodge a complaint with a supervisory authority in accordance with Art. 77 GDPR. The supervisory authority responsible for us can be found in section 4 above. The right to lodge a complaint is without prejudice to other administrative or judicial remedies.
(9) Please send all requests for information, requests for information or objections to data processing by e-mail to info (at) ap-hotel.de) or to the address given under point 1 (2).
3. Automated decision making
Automated decision making is not used here.
4. Supervisory authority
The address of the supervisory authority responsible for us is:
Independent State Center for Data Protection Schleswig-Holstein
Tel .: +49 431 988-1200
Fax: +49 431 988-1223
Email: mail (at) datenschutzzentrum.de
5. Storage of access data
(1) Each time our website is accessed, access data is stored in a log file on our provider’s server. Our web server is hosted, so it is operated in the data center (in Germany) of our service provider Mittwald CM Service GmbH & Co. KG (Königsberger Straße 6, 32339 Espelkamp). The web server stores your data for 7 days. We have committed the service provider as a processor in accordance with Art.28 GDPR.
(2) This data record consists e.g. from your IP address, the date and time of the request, the name of the requested file, the amount of files transferred and the access status, a description of the web browser and operating system used and the name of your Internet service provider.
(3) This data is collected for technical reasons. An evaluation takes place exclusively for statistical purposes and without personal reference (number of visitors and page popularity). Deletion takes place automatically after 7 days at the latest.
6. Collection of personal data when used for informational purposes
(1) If you only use the website for informational purposes, i.e. if you do not log in, register or otherwise provide us with information, we do not collect any personal data, with the exception of the data mentioned under 5.2, which your browser transmits to you to technically enable the visit to the website.
(2) When using the website, so-called cookies are stored on your computer. Cookies are small text files that are stored on your hard drive and assigned to the browser you are using, and through which certain information flows to the location that sets the cookie (in this case, us). Cookies cannot run programs or transmit viruses to your computer. They only serve to make the internet offer more user-friendly and effective overall. We use e.g. Cookies to identify you for subsequent visits if you have an account with us. Otherwise you would have to log in again for each visit.
– Transient cookies (temporary use)
– Persistent cookies (temporary use)
– Third-party cookies (from third-party providers)
– Flash cookies (permanent use)
b) Transient cookies are automatically deleted when you close the browser. These include session cookies in particular. These store a so-called session ID, with which various requests from your browser can be assigned to the joint session. This allows your computer to be recognized when you return to the website. The session cookies are deleted when you log out or close the browser.
c) Persistent cookies are automatically deleted after a specified period, which may differ depending on the cookie. You can delete the cookies in the security settings of your browser at any time.
d) You can configure your browser settings according to your wishes and e.g. B. refuse to accept third-party cookies or all cookies. However, we would like to point out that you may then not be able to use all functions of this website.
e) The flash cookies used are not recorded by your browser, but by your flash plug-in. These save the necessary data regardless of the browser you use and do not have an automatic expiry date. If you do not want Flash cookies to be processed, you must install an appropriate add-on. The legal basis for this data processing is Art. 6 Para. 1 S. 1 f) GDPR. Our legitimate interest is that we can carry out statistical evaluations regarding the use of our website through data processing and that we can optimize our Internet offers for users.
7. Google Analytics
This website uses Google Analytics, a web analytics service provided by Google Inc. (“Google”). Google Analytics uses so-called “cookies”, text files that are stored on your computer and that enable an analysis of your use of the website. This represents a legitimate interest within the meaning of Art. 6 Para. 1 lit. f GDPR. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there. If IP anonymization is activated on this website, your IP address will be shortened beforehand by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. The full IP address is only transferred to a Google server in the USA and abbreviated there in exceptional cases. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide the website operator with other services related to website activity and internet usage. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.
You can prevent the storage of cookies by setting your browser software accordingly; however, we would like to point out that in this case you may not be able to use all functions of this website to their full extent. You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by Google by downloading the browser plug-in available under the following link and install: https://tools.google.com/dlpage/gaoptout?hl=de.
You can find more information on the handling of user data at Google Analytics in Google’s data protection declaration: https://support.google.com/analytics/answer/6004245?hl=de. In the event that personal data is transferred to the USA, Google has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.
8. Ajax Google APIs
We use Ajax on these pages. Google AJAX Search API is a service of Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA. This tool optimizes the loading speeds. For this purpose, program libraries from Google servers are called up and the CDN (content delivery network) from Google is used. If you have previously used jQuery on another Google CDN page, your browser will use the cached copy. If this is not the case, this requires downloading, data from your browser being sent to Google Inc. (“Google”). Your data will be transferred to the USA. You can find out more in the provider’s data protection information here: http://www.google.de/intl/de/policies/privacy/
9. Integration / embedding of Google Maps
This site uses the Google Maps map service via an API. The provider is Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA. To use the functions of Google Maps, it is necessary to save your IP address. This information is usually transferred to a Google server in the USA and stored there. The provider of this page has no influence on this data transmission. The use of Google Maps is in the interest of an attractive presentation of our online offers and to make it easier to find the places we have indicated on the website. This represents a legitimate interest within the meaning of Art. 6 Para. 1 lit. f GDPR. More information on the handling of user data can be found in Google’s data protection declaration:
10. Google Webfonts
11. Use of functions of our website
(1) In addition to the purely informational use of our website, we offer various services that you can use if you are interested. To do this, you usually have to provide further personal data that we use to provide the respective service. If additional voluntary information is possible, it is marked accordingly.
(2) When you contact the service provider by e-mail or via the contact form, we will save your e-mail address and, if you specify this, your name and telephone number in order to answer your questions.
With the newsletter we inform you about us and our offers.
If you would like to receive the newsletter, we need a valid email address from you as well as information that allows us to verify that you are the owner of the email address provided or that the owner agrees to receive the newsletter . If available, the name and title can be entered voluntarily to personalize the newsletter dispatch. This data is only used for sending the newsletter and will not be passed on to third parties. In order to confirm ownership of the email address, an email is sent with a link to activate the subscription (double opt-in). When you register for the newsletter, we save your IP address and the date of registration for the statutory limitation period, starting with the date of cancellation. This storage serves solely as evidence in the event that a third party misuses an e-mail address and registers for receiving the newsletter without the knowledge of the authorized party. You can revoke your consent to the storage of the data, the email address and their use for sending the newsletter at any time. The revocation can be made via a link in the newsletter itself or by sending a message to the contact options above and below.
13. Contact form
On our website you can send us an encrypted email with your request using the “Contact” form. Here you can e.g. Ask questions about our company, our products or our services. In order to be able to process your request, we ask you to provide personal data in our input mask. This includes your name as well as your email address and other information such as the subject of your request and your message. In addition to the mandatory fields, you can also provide additional information. Address and / or telephone number can optionally be given. This requested information enables us to deal with your concerns comprehensively. The communication of the data you provide in this context is expressly on a voluntary basis. The personal data transmitted to us from your above Information and the time of contact will only be used for the purpose for which you provide us with this when contacting us – in particular to process your request. The information you provide will only be used to process your request. The data will not be used for other purposes or passed on to third parties without your express consent. This does not apply to partner companies of Figaro Hotelbetrieb GmbH & Co. KG, Kirstenstraße 6, 24960 Glücksburg, provided that your request is fulfilled. These can be, for example: Our suppliers, transport and logistics partners and our trading partners. If there are no statutory retention requirements, your personal data will be deleted after the request has been processed. The legal basis for data processing is Art. 6 Para. 1 S. 1 f) GDPR. Our legitimate interest is that we need your data in order to process or answer your message. Your data will be deleted 30 days after the answer to your request.
14. Online Shop
You can order vouchers online on our website. For this purpose, you will be forwarded to an order form from our service provider Concardis GmbH (Helfmann-Park 7, 65760 Eschborn) via an embedded page. This means that your personal data that we collect in the course of the ordering process will be transmitted to Concardis GmbH. The service provider handles the sale of the goods for us and takes care of the delivery. To place an order, you must separately declare your consent to the data transfer in the order form. The mandatory fields marked in the forms are information that we need to fulfill the contract. If you do not provide any information in the respective mandatory fields, it is not possible to conclude a contract via the online shop.
15. Social media and service integration
We use websites in social networks to communicate with the customers, interested parties and users active there and to be able to inform them about us. It is possible that user data is also processed outside of the European Union. This could result in risks for the user, because e.g. it may be difficult to enforce your own rights. With regard to US providers who are certified under the EU-US Privacy Shield, we would like to point out that they are committed to complying with EU data protection standards. Furthermore, the data of the users may be processed for analysis purposes. In this way, profiles can be created from the usage behavior and the derived interests of the users. These profiles can be used to e.g. Place advertisements inside and outside the platforms that are likely to serve the interests of users. For these purposes, cookies may be stored on the users’ computers in which the usage behavior, the interests of the users and / or the length of stay are stored. The processing of users’ personal data takes place on the basis of our legitimate interests in effective information for users and communication with users in accordance with. Art. 6 para. 1 lit. f.) GDPR. If the users of the respective network providers are asked for their consent to the data processing described above, the legal basis for the processing is Art. 6 Para. 1 lit. a.). We continue to use content or service offers from third parties within our online offer based on our legitimate interests (ie interest in the analysis, optimization and economic operation of our online offer within the meaning of Art. 6 Para. 1 lit. f) GDPR) their content and services, such as Embed videos. In the case of requests for information and the assertion of user rights, we would like to point out that these can be most effectively asserted by the respective providers. Only the providers have access to the relevant data of the users and can directly take appropriate measures and provide specific information. For a detailed description of the respective processing and the possibilities of objection (opt-out), we refer to the information provided below by the provider.
• Facebook (Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbor, Dublin 2, Ireland)
According to Facebook, only an anonymized IP address is saved in Germany. In addition to presenting information and news about our group of companies, we also use Facebook to evaluate the Insights service. This is based on a shared responsibility, for which further information is listed below: Shared responsibility: Agreement on joint processing of personal data
Data protection declaration: https://www.facebook.com/about/privacy/
Opt-out: https://www.facebook.com/settings?tab=ads and http://www.youronlinechoices.com
Facebook is certified under the EU-US Privacy Shield Agreement and is committed to complying with European data protection law. Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active
• Google / YouTube (Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA)
In our Youtube Channel linked on our website we present, among other things. own videos.
Google is certified under the EU-US Privacy Shield Agreement and is committed to complying with European data protection law. Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active
• Xing (XING AG, Dammtorstrasse 29-32, 20354 Hamburg, Germany)
We use Xing to provide information about our company and related events.
Data protection declaration / opt-out: https://privacy.xing.com/de/datenschutzerklaerung.
• Vimeo (Vimeo Inc., 555 West 18th Street, New York, New York 10011, USA)
In our Vimeo Channel linked on our website we present, among other things. own videos.
Data protection declaration: https://vimeo.com/privacy
Opt-out: optout.networkadvertising.org Vimeo
Vimeo is certified under the EU-US Privacy Shield Agreement and is committed to complying with European data protection law. Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt00000008V77AAE&status=Active
16. LinkedIn Plugin
Our website uses or may use functions of the LinkedIn network. The provider is LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA. Every time one of our pages containing LinkedIn functions is accessed, a connection to LinkedIn servers is established. LinkedIn is informed that you have visited our website with your IP address. If you click on the “Recommend” button from LinkedIn and are logged into your LinkedIn account, LinkedIn is able to assign your visit to our website to you and your user account. We would like to point out that, as the provider of the website, we have no knowledge of the content of the transmitted data or its use by LinkedIn. Further information can be found in LinkedIn’s data protection declaration at: https://www.linkedin.com/legal/privacy-policy.
17. Instagram Plugin
18. Liability for content
The contents of our pages were created with great care. However, we cannot guarantee that the content is correct, complete and up to date. As a service provider, we are responsible for our own content on these pages in accordance with general laws in accordance with Section 7 (1) TMG. According to §§ 8 to 10 TMG, we as a service provider are not obliged to monitor transmitted or stored third-party information or to search for circumstances that indicate illegal activity. Obligations to remove or block the use of information according to general laws remain unaffected. However, liability in this regard is only possible from the time we become aware of a specific legal violation. As soon as we become aware of such violations, we will remove this content immediately.
19. Liability for links
Our pages may contain links to external third-party websites, the content of which we have no influence over. For this reason, we cannot accept any liability for this external content. The respective provider or operator of the pages is always responsible for the content of the linked pages. The linked pages were checked for possible legal violations at the time of linking. No illegal content was discernible at the time the link was created. A permanent control of the content of the linked pages is not reasonable without concrete evidence of an infringement. As soon as we become aware of legal violations, we will remove such links immediately.
20. Data security
We secure our website and other systems by appropriate technical and organizational measures against loss, destruction, access, modification or distribution of your data by unauthorized persons. Despite regular checks, complete protection against all dangers is not possible. Our website uses the industry standard SSL (Secure Sockets Layer) for encryption. This ensures the confidentiality of your personal information over the Internet. You can tell whether an encrypted transmission is taking place by the closed key or. Lock symbol in the display of your browser.
21. Disclosure of data
Your personal data will only be passed on to third parties if
– if you have given your express consent in accordance with Art. 6 Para. 1 Clause 1 a) GDPR;
– if the disclosure is necessary to fulfill contractual obligations in accordance with Art. 6 Para. 1 Clause 1 b) GDPR;
– if we are legally obliged to pass on the data i.S.d. 6 para. 1 sentence 1 c) GDPR;
– if the disclosure of the data in the public interest i.S.d. Art. 6 para. 1 e) GDPR lies or;
– if the disclosure of the data is required in accordance with Art. 6 Para. 1 S. 1 f) GDPR to protect our legitimate interests or the legitimate interests of a third party, unless your interests in protecting your data outweigh them.
22. Data categories
We process the following categories of data: master data (such as company, possibly contact person, address), communication data, contract data, claim data, payment and default information, if applicable. See the information above.
23. Third party recipient
In order to be able to process your concerns satisfactorily, we may have to pass on your personal data to third-party recipients. In the event of capacity bottlenecks, for example, this can be our sister hotel Figaro Hotel Alte Post GmbH & Co. KG, Rathausstrasse 2, 24937 Flensburg.
24. Duration of storage of personal data
Your data will be stored by us for as long as it is required for the respective purposes on which the processing is based. In addition, we only save data if we are legally obliged to do so, e.g. due to statutory retention requirements.
25. Information about the right to object
An objection to the processing of your personal data, based on Article 6 Paragraph 1 e) (data processing in the public interest) or f) (data processing to protect legitimate interests based on a balance of interests) is possible at any time in accordance with Article 21 GDPR. In the event of an objection, the personal data will no longer be processed, unless there are compelling legitimate grounds for the processing that outweigh the interests, rights and freedoms of the data subject, or the processing serves to assert, exercise or defend legal claims. Please send your objection to the email address datenschutz (at) strandhotel-gluecksburg.de.
26. Information on the right of withdrawal
If you have given us your consent to the processing of personal data, you can revoke this at any time. Of course, this also applies to declarations of consent given to us before May 25, 2018 (before the GDPR came into force). The revocation of consent can only apply in the future. The legality of the processing is not retroactively removed by a revocation. Please send your revocation by email to datenschutz (at) strandhotel-gluecksburg.de.
This data protection declaration was last updated on July 15, 2019. It is the current and valid version of our data protection declaration. However, we would like to point out that from time to time it may be necessary to revise this data protection declaration due to actual or legal changes.
28. Data protection officer
If you have any questions about data protection, please contact our data protection officer at:
Vater Solution GmbH
or by email at .