Data protection & cookies

The operators of these pages take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this data protection declaration.

When you use this website, various personal data are collected. Personal data is data with which you can be personally identified, e.g. your name and address, but also, for example, your Internet address (IP address) with which you are currently „surfing“ the web. This privacy policy explains what data we collect and what we use it for. It also explains how and for what purpose this is done.

RESPONSIBLE BODY (RESPONSIBLE PERSON)
The person responsible for data processing on this website and all websites integrated therein is:

Seehuus GmbH & Co. KG
Strandstraße 69
23669 Timmendorfer Strand/Niendorf

Phone: 04503 801260
Fax: 04503 801261
Enail: info@seehuus-hotel.de

Local Court Lübeck HRA 8495
VAT ID No.: DE 278801753

The controller is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data.

QUESTIONS ON DATA PROTECTION
If you have any questions about data protection with regard to our company or our websites, we will be happy to answer your questions at any time.

You can address your concerns to our data protection officer using the following contact details:

Data Protection Officer of Seehuus GmbH & Co. KG

c/o adasis GmbH

Am Kaiserkai 69

20457 Hamburg

Email: datenschutz@seehuus-hotel.de

YOUR RIGHTS
You have the following rights with regard to personal data concerning you:

Right to information (Art. 15 EU-DSGVO)
You have the right at any time to free information about your stored personal data, its origin and recipients and the purpose of the data processing, incl. the use of your personal data. including a copy of the personal data that is the subject of the processing.

Right of rectification (Art. 16 EU GDPR)
Sie haben jederzeit das Recht, sie betreffende unrichtige personenbezogenen Daten berichtigen bzw. unvollständige personenbezogene Daten vervollständigen zu lassen.

Right to erasure (Art. 17 EU-DSGVO)
We will delete your personal data immediately,
– if you withdraw your consent to lawful processing and there are no other legal grounds for storage.
– if you object to the processing. As long as the objection is maintained and the matter is not resolved, a blocking of their data occurs. You can withdraw your objection by giving your written consent.
– if they are no longer needed for the purposes for which they were collected or otherwise processed.
– if the processing is inadmissible for other legal reasons.

Right to restriction of processing (Art. 18 EU GDPR)
You have the right to have the processing of your personal data restricted, provided that
– you dispute the accuracy of your personal data for a period of time that allows us to verify the accuracy.
– the processing is unlawful, but you object to the erasure of your personal data and request restriction of use instead of erasure.
– we no longer require your personal data for the purposes but need it to assert, exercise or defend legal claims.
– you had objected to the processing but it has not yet been determined whether our legitimate grounds override your grounds.
You can remove the restriction by giving your written consent.

Right to data portability (Art. 20 EU GDPR)
You have the right to receive your personal data that you have provided to us or to transfer it to another controller if the requirements of Article 20 (1) (a) and (b) of the EU GDPR are met.

Right to object to processing (Art. 21 EU GDPR)
You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data relating to you which is carried out on the basis of Article 6(1)(e) or (f) of the EU GDPR; this also applies to profiling based on these provisions.

The controller shall no longer process the personal data concerning you unless it can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or for the establishment, exercise or defence of legal claims.

If the personal data concerning you is processed for the purpose of direct marketing, you have the right to object at any time to the processing of personal data concerning you for the purpose of such marketing; this also applies to profiling, insofar as it is related to such direct marketing.

If you object to processing for direct marketing purposes, the personal data concerning you will no longer be processed for these purposes.

You have the possibility, in connection with the use of information society services, notwithstanding Directive 2002/58/EC, to exercise your right to object by means of automated procedures using technical specifications.

Right to withdraw your consent (Art. 7 para. 3 EU-DSGVO)
You have the right to revoke your declaration of consent under data protection law at any time. The revocation of consent shall not affect the lawfulness of the processing carried out on the basis of the consent until revocation.

Automated decision-making in individual cases, including profiling (Art. 22 EU GDPR)
You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you.

This shall not apply if the decision

1. is necessary for the conclusion or performance of a contract between you and the responsible person,
2. is authorised by Union or Member State legislation to which the controller is subject and that legislation contains appropriate measures to safeguard your rights and freedoms and your legitimate interests; or
3. is done with your express consent.
However, these decisions must not be based on special categories of personal data pursuant to Art. 9(1) EU GDPR, unless Art. 9(2)(a) or (g) EU GDPR applies and appropriate measures have been taken to protect the rights and freedoms and your legitimate interests.

With regard to the cases referred to in (1) and (3), the controller shall take reasonable steps to safeguard the rights and freedoms of, and your legitimate interests, including at least the right to obtain the intervention of a person on the part of the controller, to express his or her point of view and to contest the decision.

Right to complain to a data protection supervisory authority (Art. 77 EU-DSGVO)
You can contact the data protection supervisory authority responsible for you at any time with a complaint about the processing of your personal data carried out by us. A list of supervisory authorities (for the non-public sector) with address can be found at: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.

If you wish to exercise one or more of your rights against us, please let us know. To do so, use the contact details listed in the section „Responsible party (responsible person)“ or in the section „Questions about data protection“.

ENCRYPTION
This website uses TLS encryption for security reasons and to protect the transmission of confidential content, such as enquiries that you send to us as the site operator. You can recognise an encrypted connection by the fact that the address line of the browser changes from „http://“ to „https://“ and by the lock symbol in your browser line.

If TLS encryption is activated, the data you transmit to us cannot be read by third parties.

SERVER-LOG-FILES
Our web space provider automatically collects and stores information in so-called server log files. We collect and store the following data automatically transmitted to us by your browser:
– Browser type and version
– Operating system used
– Referrer URL (website through which you came to us)
– Host name of the accessing computer (IP address)
– Time of the server request

The temporary processing of the IP address by the system is necessary to technically enable delivery of the website to your computer. Processing of your IP address for the duration of the session is necessary for this. The legal basis is Art. 6 para. 1 sentence 1 lit. f EU-DSGVO.

This data is not merged with other data sources. The storage is limited in time and only takes place for optimisation and to ensure the security of our IT systems.

LINKS TO OTHER WEBSITES
Our website may contain links to the websites of other providers. We cannot influence their compliance with data protection regulations, which is why our data protection declaration does not extend to them.

CONTACT FORMS
You can send us enquiries via contact forms on our website. In addition to mandatory fields, the contact forms also contain voluntary information.

We process the information you provide in the form, including the contact details you enter there, for the purpose of processing the enquiry. This data will not be passed on to third parties or processed for other purposes without your express consent. As soon as you send your request, the person responsible will receive an email with all this information so that he or she can process your request immediately.

The legal basis for the processing is Art. 6 (1) sentence 1 lit. f EU-DSGVO or Art. 6 (1) sentence 1 lit. b EU-DSGVO if the contact is aimed at the conclusion of a contract or pre-contractual measures.

BOOKING REQUEST FOR SPECIAL ARRANGEMENTS
Especially on special days, such as Easter or other holidays, demand is particularly high for us. For this reason, we have activated a special page on our website for a booking request for these days.

We process your details from the form, including the contact details you provide there, for the purpose of processing the booking request. This data will not be passed on to third parties or processed for other purposes without your express consent. As soon as you send your request, the person responsible will receive an email with all this information so that he or she can process your request immediately.

The legal basis for the processing is Art. 6 (1) sentence 1 lit. b EU-DSGVO, as the request is aimed at the conclusion of a contract or pre-contractual measures.

VOUCHER ORDER
On our website we offer you the possibility to purchase various value vouchers.

We collect a wide range of data via the voucher order form, which we require for processing. This data will not be passed on to third parties or processed for other purposes without your express consent. As soon as you send your request, the person responsible will receive an email with all this information so that he or she can process your request immediately.

The legal basis for the processing is Art. 6 (1) sentence 1 lit. b EU-DSGVO, as the request is aimed at the conclusion of a contract or pre-contractual measures.

NEWSLETTER
If you would like to receive the newsletter offered on the website, we require an e-mail address from you. Registration for our e-mail newsletter is done using the double opt-in procedure. After you have entered the data marked as mandatory, we will send you an e-mail to the e-mail address you have provided in which we ask you to explicitly confirm your subscription to the newsletter. This is how we ensure that you actually wish to receive our e-mail newsletter. No other data is collected. We use this data exclusively for sending the requested information and do not pass it on to third parties.

We use the online platform „MailChimp“ of the company The Rocket Science Group LLC, 675 Ponce de Leon Ave NE, Suite 5000 Atlanta, GA 30308, USA (hereinafter „Rocket Science“) for the entire newsletter dispatch process. The data is usually transferred to the Rocket Science server in the USA and stored there. Rocket Science only processes your personal data on behalf of and on the instructions of the data controller.
You can revoke your consent to the storage of the data, the e-mail address and their use for sending the newsletter at any time in writing or by clicking on the unsubscribe link in the newsletter.

The Rocket Science Group has submitted to the EU-U.S. Privacy Shield. You can find more information at the following link: https://www.privacyshield.gov/welcome. In order to protect your data in the USA, we have concluded a data processing agreement („Data Processing Agreement“) with Rocket Science based on the standard contractual clauses of the European Commission to enable the transfer of your personal data to Rocket Science. Further information on data protection and this data processing agreement can be viewed at the following Internet address if interested: https://mailchimp.com/legal/data-processing-addendum/

The legal basis is Art. 6 (1) sentence 1 lit. a EU-DSGVO.

DIRECT BOOKING AND AVAILABILITY QUERY
On our website you have the possibility to book rooms and other additional services in our hotel directly or to enquire about availability. We collect, process and use your personal data within the scope of the booking process exclusively for the establishment, implementation and processing of the contractual relationship established with the booking and on the basis of provisions of the Federal Registration Act (BMG). In addition, you can provide us with further information. These are based on a purely voluntary basis.

The hotel uses the direct booking system OnePageBooking of the company HotelNetSolutions GmbH, Genthiner Str. 8, 10785 Berlin. HotelNetSolutions GmbH acts in compliance with data protection regulations, which have been contractually agreed between the responsible party and the processor.

The legal basis is Art. 6 (1) sentence 1 lit. b EU-DSGVO.

AVAILABILITY REQUEST AND BOOKING
When checking availability or making a booking, you will automatically be redirected to our externally operated booking system OnePageBooking. At this stage, it is not necessary to provide any information about yourself.

Only when you wish to make a binding booking of a room, personal data is required from you for the booking. This data is stored in the HotelNetSolutions GmbH system. You will receive an automatic booking confirmation with a unique booking number to the email address provided during the booking process. The data is then transferred to the system of the person responsible.

All booking data will be deleted from the OnePageBooking system three days after departure or in case of cancellation. We delete the data accruing in this context from our system after the storage is no longer required or restrict the processing if there are statutory retention obligations.

PAYMENT
You have the option to pay either by providing your credit card details or by SofortÜberweisung.

For payment processing via the payment method „SofortÜberweisung“ we use the payment service provider Klarna GmbH, Theresienhöhe 12, 80339 Munich. Your payment data is transmitted directly to the payment service provider for secure processing of the payment by the user and is not stored on our server. Your personal data will only be passed on to the extent necessary for the processing of the contract.

If you choose the payment method „credit card“, your credit card details will be stored on the OnePageBooking system. Your credit card will not be charged at this stage of the booking, but your details will be stored in the hotel system for later payment and will only be charged accordingly on departure.

APPLICATION
The controller collects and processes the personal data of applicants for the purpose of handling the application procedure. The processing may also be carried out electronically. This is particularly the case if an applicant sends the relevant application documents to the controller electronically, for example by e-mail or via a contact form on the website.
If the data controller concludes an employment contract with an applicant, the transmitted data will be stored for the purpose of processing the employment relationship in compliance with the statutory provisions. If the controller does not conclude an employment contract with the applicant, the application files shall be deleted six months after the notification of the rejection decision, unless otherwise justified by the legitimate interests of the controller. Other legitimate interest in this sense is, for example, a duty to provide evidence in proceedings under the General Equal Treatment Act (AGG).
The legal basis for the processing is Art. 6 para. 1 lit. a EU-DSGVO.

COOKIES

Our website uses cookies. Cookies are small text files that are stored in the internet browser or by the internet browser on a user’s computer system. When a user accesses a website, a cookie may be stored on the user’s operating system. This cookie contains a characteristic string of characters that enables the browser to be uniquely identified when the website is called up again.

Cookies are stored on your computer. Therefore, you have full control over the use of cookies. By selecting the appropriate technical settings in your internet browser, you can be notified before cookies are set and decide individually whether to accept them, as well as prevent the storage of cookies and transmission of the data they contain. Cookies that have already been saved can be deleted at any time. However, we would like to point out that you may then not be able to use all the functions of this website to their full extent.

You can find out how to manage (including disabling) cookies in the main browsers by following the links below:
Chrome: https://support.google.com/accounts/answer/61416?hl=de

Internet Explorer: https://support.microsoft.com/de-de/help/17442/windows-internet-explorer-delete-manage-cookies

Mozilla Firefox: https://support.mozilla.org/de/kb/cookies-erlauben-und-ablehnen

Safari: https://support.apple.com/de-de/guide/safari/manage-cookies-and-website-data-sfri11471/mac

TECNICALLY NECESSARY COOKIES
Unless otherwise stated in the privacy policy below, we only use these technically necessary cookies for the purpose of making our service more user-friendly, effective and secure. Furthermore, cookies enable our systems to recognise your browser even after a page change and to offer you services. Some functions of our website cannot be offered without the use of cookies. For these, it is necessary that the browser is recognised even after a page change.

The use of cookies or comparable technologies is based on § 25 para. 2 TTDSG. The processing of your personal data is based on Art. 6 para. 1 lit. f DSGVO due to our overriding legitimate interest in ensuring the optimal functionality of the website and a user-friendly and effective design of our offer. You have the right to object to the processing of your personal data at any time on grounds relating to your particular situation.

GOOGLE ANALYTICS
We use the web analytics service Google Analytics from Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA („Google“) for the purpose of increasing the user-friendliness and optimising our website.

Google Analytics uses so-called „cookies“, which are stored on your computer and which enable an analysis of your use of the website.

The information generated about your use of this website is transferred to a Google server in the USA and processed there.

In the event that IP anonymisation is activated on this website, your IP address will be truncated beforehand by Google within member states of the European Union or in other contracting states to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. On our behalf, Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity for website operators and providing us with other services relating to website activity and internet usage.

The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data. This website uses Google Analytics with the extension „_anonymizeIp()“. This means that IP addresses are processed in abbreviated form, which means that they cannot be traced back to a specific person. Insofar as the data collected about you has a personal reference, this is therefore immediately excluded and the personal data is thus immediately deleted.

Google Inc. has submitted to the EU-U.S. Privacy Shield. You can find more information at the following link: https://www.privacyshield.gov/welcome. To protect your data in the USA, we have concluded a data processing agreement with Google based on the standard contractual clauses of the European Commission to enable the transfer of your personal data to Google. Further information on data protection and this data processing agreement can be viewed at the following Internet address: https://privacy.google.com/businesses/processorterms/mccs/.

You have the right to object. You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. You can also prevent the collection of data generated by the cookie and related to your use of the website (incl. your IP address) by Google and the processing of this data by Google by downloading and installing the browser plug-in available at the following link: https://tools.google.com/dlpage/gaoptout?hl=de.

You can find more information from the third-party provider Google at:
https://www.google.com/analytics/terms/de.html
https://support.google.com/analytics/answer/6004245?hl=de
https://policies.google.com/privacy?hl=de&gl=de

The legal basis for the processing is Art. 6 (1) sentence 1 lit. a EU-DSGVO.

PRIVACY POLICY ON THE USE AND APPLICATION OF YOUTUBE
The controller has integrated YouTube components on this website. YouTube is an Internet video portal that allows video publishers to post video clips free of charge and other users to view, rate and comment on them, also free of charge. YouTube allows the publication of all kinds of videos, which is why complete film and television programmes, but also music videos, trailers or videos made by users themselves can be accessed via the Internet portal. The operating company of YouTube is YouTube, LLC, 901 Cherry Ave, San Bruno, CA 94066, USA. YouTube, LLC is a subsidiary of Google Inc, 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA. Each time a data subject accesses one of the individual pages of this website operated by the data controller on which a YouTube component (YouTube video) has been integrated, the internet browser on the data subject’s information technology system is automatically prompted by the respective YouTube component to download a representation of the corresponding YouTube component from YouTube. Further information on YouTube can be found at https://www.youtube.com/yt/about/de/. Within the scope of this technical procedure, YouTube and Google receive information about which specific sub-page of our website is visited by the data subject. If the data subject is logged into YouTube at the same time, YouTube recognises which specific sub-page of our website the data subject is visiting when a sub-page containing a YouTube video is called up. This information is collected by YouTube and Google and assigned to the respective YouTube account of the data subject. YouTube and Google always receive information via the YouTube component that the data subject has visited our website if the data subject is logged into YouTube at the same time as calling up our website; this takes place regardless of whether the data subject clicks on a YouTube video or not. If the data subject does not want this information to be transmitted to YouTube and Google, he or she can prevent the transmission by logging out of his or her YouTube account before accessing our website. The data protection provisions published by YouTube, which can be found at https://www.google.de/intl/de/policies/privacy/ provide information about the collection, processing and use of personal data by YouTube and Google.

ONLINE EVALUATION TOOL CUSTOMER ALLIANCE
For the purpose of quality management, we use the e-mail address you voluntarily provide from your booking for our online evaluation tool Customer-Alliance. For this purpose, you will be invited by e-mail to evaluate your stay and thus our performance following your stay with us at the hotel. To do this, you will be redirected via a link to the Customer Allaince homepage, where you can then fill in an evaluation form. In addition, Customer Alliance also offers the function of forwarding to other public rating portals. At random, you will be offered either a Customer Alliance or a forwarding. You have the option to object to the use of your e-mail address for quality management purposes at any time.

PRIVACY POLICY ON THE USE AND APPLICATION OF FACEBOOK
The controller has integrated components of the company Facebook on this website. Facebook is a social network. A social network is a social meeting place operated on the Internet, an online community that usually enables users to communicate and interact with each other in virtual space. A social network can serve as a platform for exchanging opinions and experiences or enables the internet community to provide personal or company-related information. Facebook allows users of the social network, among other things, to create private profiles, upload photos and network via friend requests. Facebook’s operating company is Facebook, Inc, 1 Hacker Way, Menlo Park, CA 94025, USA. If a data subject lives outside the USA or Canada, the controller of personal data is Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.Each time a data subject accesses one of the individual pages of this website operated by the controller and on which a Facebook component (Facebook plug-in) has been integrated, the Internet browser on the data subject’s information technology system is automatically triggered by the respective Facebook component to display a picture of the corresponding Facebook component.
Facebook component from Facebook. A complete overview of all Facebook plug-ins can be found at https://developers.facebook.com/docs/plugins/?locale=de_DE. Within the scope of this technical procedure, Facebook receives information about which specific sub-page of our website is visited by the data subject. If the data subject is logged in to Facebook at the same time, Facebook recognises which specific sub-page of our website the data subject is visiting each time the data subject calls up our website and for the entire duration of the respective stay on our website. This information is collected by the Facebook component and assigned by Facebook to the respective Facebook account of the person concerned. If the data subject activates one of the Facebook buttons integrated on our website, for example the „Like“ button, or if the data subject posts a comment, Facebook assigns this information to the data subject’s personal Facebook user account and stores this personal data. Facebook always receives information via the Facebook component that the data subject has visited our website if the data subject is logged into Facebook at the same time as calling up our website; this takes place regardless of whether the data subject clicks on the Facebook component or not. If the data subject does not want this information to be transmitted to Facebook, he or she can prevent the transmission by logging out of his or her Facebook account before accessing our website. The data policy published by Facebook, which is available at https://de-de.facebook.com/about/privacy/, provides information on the collection, processing and use of personal data by Facebook. Außerdem wird erläutert, welche Einstellungsmöglichkeiten Facebook zum Schutz der Privatsphäre der betroffenen Person bietet. In addition, various applications are available that make it possible to suppress data transmission to Facebook. Such applications can be used by the data subject to suppress data transmission to Facebook.

PRIVACY POLICY ON THE USE AND APPLICATION OF INSTAGRAM
The controller has integrated components of the Instagram service on this website. Instagram is a service that qualifies as an audiovisual platform and allows users to share photos and videos and also to redistribute such data on other social networks. The operating company of the Instagram services is Instagram LLC, 1 Hacker Way, Building 14 First Floor, Menlo Park, CA, USA. Each time one of the individual pages of this website operated by the data controller is called up and on which an Instagram component (Insta button) has been integrated, the internet browser on the information technology system of the data subject is automatically caused by the respective Instagram component to download a representation of the corresponding component from Instagram. As part of this technical procedure, Instagram receives information about which specific sub-page of our website is visited by the data subject. If the data subject is logged in to Instagram at the same time, Instagram recognises which specific sub-page the data subject is visiting each time the data subject calls up our website and for the entire duration of the respective stay on our website. This information is collected by the Instagram component and assigned by Instagram to the respective Instagram account of the person concerned. If the data subject activates one of the Instagram buttons integrated on our website, the data and information thus transmitted will be assigned to the personal Instagram user account of the data subject and stored and processed by Instagram. Instagram always receives information via the Instagram component that the data subject has visited our website if the data subject is simultaneously logged into Instagram at the time of calling up our website; this takes place regardless of whether the data subject clicks on the Instagram component or not. If the data subject does not want this information to be transmitted to Instagram, he or she can prevent the transmission by logging out of his or her Instagram account before accessing our website. Further information and Instagram’s applicable privacy policy can be found at https://help.instagram.com/155833707900388 and https://www.instagram.com/about/legal/privacy/.

CHANGES TO THE DATA PROTECTION DECLARATION
We reserve the right to update the data protection declaration from time to time with effect for the future, in particular in the event of further development of the website, the use of new technologies or changes to the legal basis or the relevant case law.

Status: October 2022