imprint

Information according to Section 5 of the Digital Services Act

Holiday Inn Frankfurt • Alte Oper

Mainzer Landstraße Hotelbetriebs GmbH
Mainzer Landstraße 27
60329 Frankfurt am Main 

Represented by:

David Janz
+49 (0) 69 / 255 1565 150
+49 (0) 69 / 255 1565 555
David Janz

Entry in the commercial register

Register court: Munich
Register number: HRB 204087

VAT ID number according to §27a of the Sales Tax Act:

DE 288 496 028

1. General information

1.1 Objectives and responsibility

  1. This privacy policy informs you about the nature, scope, and purpose of the processing of personal data in relation to our online offering and the associated websites, functions, and content (hereinafter collectively referred to as the "online offering" or "website"). Details on these processing activities can be found in Section 2.

  2. Details on data processing for the purpose of carrying out our business processes are described in Section 3.

  3. The provider of the online service and responsible for data protection is Mainzer Landstraße Hotelbetriebs GmbH (Mainzer Landstraße 27, 60329 Frankfurt am Main, Germany) - hereinafter referred to as VIEHA, "provider", "we" or "us".

  4. Our online service is provided by ALL-INKL.COM (Hauptstraße 68, D-02742 Friedersdorf).

  5. Our data protection officer is: Sven Meyzis - IT.DS Consulting (Phone: 0049 40-21091514 / Email: s.meyzis@itdsb.de).

  6. The term “user” includes all customers and visitors to the online offering.

1.2 Legal basis

We collect and process personal data based on the following legal bases:

  1. Consent pursuant to Article 6 (1) (a) of the General Data Protection Regulation (GDPR). Consent is any voluntary, specific, informed, and unambiguous expression of will in the form of a statement or other unambiguous affirmative action by which the data subject indicates that they agree to the processing of personal data concerning them.

  2. Necessity for the performance of the contract or for carrying out preparatory measures in accordance with Article 6 (1) (b) GDPR, i.e. the data is necessary so that we can fulfil our contractual obligations towards you or we need the data to prepare for the conclusion of a contract with you.

  3. Processing to fulfill a legal obligation pursuant to Article 6 paragraph 1 letter c GDPR, i.e., for example, where processing of the data is required by law or other regulations.

  4. Processing to safeguard legitimate interests pursuant to Article 6 (1) (f) GDPR, i.e. that processing is necessary to safeguard our legitimate interests or those of third parties, unless your interests or fundamental rights and freedoms which require the protection of personal data prevail.

1.3 Rights of data subjects

You have the following rights with regard to data processing by us:

  1. Right to lodge a complaint with a supervisory authority pursuant to Article 13 (2) (d) GDPR and Article 14 (2) (e) GDPR.

  2. Right to information pursuant to Article 15 GDPR

  3. Right to rectification pursuant to Article 16 GDPR

  4. Right to erasure (“right to be forgotten”) pursuant to Article 17 GDPR

  5. Right to restriction of processing pursuant to Article 18 GDPR

  6. Right to data portability pursuant to Article 20 GDPR

  7. Right to object according to Article 21 GDPR

    Note: Users may object to the processing of their personal data at any time with future effect in accordance with the statutory provisions. In particular, the objection may be made against processing for direct marketing purposes.

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement if you consider that the processing of personal data concerning you infringes the GDPR.

1.4 Data deletion and storage period

The personal data of the data subject will be deleted or blocked as soon as the purpose for which they were stored no longer applies. Storage may also occur if this has been provided for by European or national legislators in EU regulations, laws, or other provisions to which the controller is subject. Data will also be blocked or deleted if a storage period prescribed by the aforementioned standards expires, unless there is a need to continue storing the data for the conclusion or fulfillment of a contract.

1.5 Security of processing

  1. We have implemented appropriate and state-of-the-art technical and organizational security measures (TOMs). This protects the data we process from accidental or intentional manipulation, loss, destruction, and unauthorized access.

  2. The security measures include, in particular, the encrypted transmission of data between your browser and our server.

1.6 Data transfer to third parties, subcontractors and third-party providers

  1. Personal data will only be transferred to third parties within the scope of legal requirements. We only share user data with third parties if this is necessary, for example, for billing purposes or for other purposes when the transfer is required to fulfill contractual obligations to users.

  2. If we use subcontractors for our online offering, we have taken appropriate contractual precautions and corresponding technical and organizational measures with these companies.

  3. If we use content, tools, or other resources from other companies (hereinafter collectively referred to as "third-party providers") and their stated headquarters are located in a third country, it can be assumed that data will be transferred to the third-party providers' countries of residence. We only transfer personal data to third countries if an appropriate level of data protection is in place, user consent is obtained, or there is other legal permission.

Processing within the scope of our online offering

2.1 Collection of information on the use of the online service

  1. When using the online service, information is automatically transmitted to us from the user's browser; this includes the name of the accessed website, file, date and time of access, amount of data transferred, notification of successful access, browser type and version, the user's operating system, referrer URL (the previously visited page), IP address and the requesting provider.

  2. This information is processed on the basis of legitimate interests in accordance with Article 6 (1) (f) GDPR (e.g. optimization of the online offering) and to ensure the security of processing in accordance with Article 5 (1) (f) GDPR (e.g. to prevent and investigate cyberattacks).

  3. The information will be automatically deleted no later than 30 days after the end of the connection – i.e. use of the online service – unless there are other retention periods that conflict with this.

  4. The collection of data and its storage in log files is mandatory for the provision of the online service. Therefore, the user has no option to delete, object to, or correct the data.

2.2 Contact form and contact via email

  1. When you contact us (via online form or email), the data provided by the user will be processed exclusively to process the request and its handling.

  2. Any other use of the data will only occur with the consent of the user.

  3. User data from the contact form is stored in our content management system. The statutory retention periods for business correspondence apply.

  4. The data provided by users when registering for the newsletter (see below) is stored in the newsletter sending system (“Evalanche”).

2.3 Information about Google services

  1. We use various services on our website from Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

    Further information on the specific Google services we use on this website can be found in the additional privacy policy.

  2. By integrating Google services, Google may collect and process information (including personal data). It cannot be ruled out that Google may also transmit this information to a server in a third country.

    The transfer to the USA depends on the function in which the personal data is transmitted. As the controller, we ourselves may transfer data to Google in the USA for further processing.

    Currently, there is no adequacy decision pursuant to Art. 45 GDPR. However, the transfer can be based on standard contractual clauses. Google has committed to complying with the standard contractual clauses (SCCs) for the transfer of personal data to third countries.

    Further information on the standard contractual clauses can be found at

    https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/standard-contractuals-clauses-scc_de

    as well as under

    https://policies.google.com/privacy/frameworks?hl=de

  3. We cannot influence which data Google actually collects and processes. However, Google states that, in principle, the following information (including personal data) may be processed:

    • Protocol data (especially the IP address)

    • Location-based information

    • Unique application numbers

    • Cookies and similar technologies

    Information about the types of cookies used by Google can be found at https://policies.google.com/technologies/types .

  4. If you are signed in to your Google Account, Google may add the processed information to your account and treat it as personal data, depending on your account settings.

  5. Google states the following, among other things:

    "If you aren't signed in to a Google Account, we store the data we collect with unique identifiers associated with the browser, app, or device you use. This allows us, for example, to ensure that your language preferences are retained across browsing sessions.

    If you are signed in to a Google Account, we also collect data that we store in your Google Account and consider to be personal data." ( https://privacy.google.com/take-control.html )

  6. You can prevent this data from being added directly by logging out of your Google Account or by making the appropriate account settings in your Google Account. You can also change your cookie settings (e.g., delete cookies, block them, etc.).

  7. For more information, please see Google's privacy policy, which you can access here: https://www.google.com/policies/privacy

  8. Information about Google's privacy settings can be found at https://privacy.google.com/take-control.html

2.4 Google Analytics

  1. We use "Google Analytics" on our website, a web analysis service provided by Google Ireland Limited, Google Building Gordon House, Barrow St, Dublin 4, Ireland (hereinafter referred to as "Google"). Google uses cookies, i.e. small text files that are stored on your device and that enable an analysis of your use of our website. The information generated by the cookie about your use of the website is usually transferred to a Google server and stored there. If anonymization of the IP address to be transmitted by the cookie is activated on the website ("IP anonymization"), your IP address will be shortened beforehand by Google within member states of the European Union or in other contracting states to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server outside the EU and shortened there. Google will use this information to evaluate your use of our website on our behalf, to compile reports on website usage and to provide us with other services related to website usage and internet usage. Pseudonymous user profiles can be created from the processed data. The IP address transmitted when using Google Analytics will not be merged with other Google data.

  2. We only use Google Analytics with the IP anonymization enabled as described above. This means that your IP address will only be processed in a shortened form by Google. This prevents any personal identification.

  3. We use Google Analytics to analyze the use of our website and to continuously improve individual functions and offers, as well as the user experience. Through the statistical evaluation of user behavior, we can improve our offering and make it more interesting for you as a user. The legal basis is Art. 6 (1) (a) GDPR (consent).

  4. You can also prevent the storage of cookies generated by Google Analytics by making the appropriate settings in your web browser. Please note that if you do this, you may not be able to use all of the features of our website. If you want to prevent the collection of data generated by the cookie and related to your user behavior (including your IP address) as well as the processing of this data by Google, you can also download and install the web browser plug-in available under the following link: https://tools.google.com/dlpage/gaoptout?hl=de.

  5. In order to oblige Google to process the transmitted data only in accordance with our instructions and to comply with the applicable data protection regulations, we have concluded a data processing agreement with Google.

  6. Third-party information: Google Ireland Limited, Google Building Gordon House, Barrow St, Dublin 4, Ireland

  7. Further information on data usage by Google, setting and objection options as well as data protection can be found on the following Google websites:

    Data protection overview: https://support.google.com/analytics/answer/6004245?hl=de&ref_topic=2919631

    Privacy Policy: https://policies.google.com/privacy?hl=de&gl=de

    Google's use of data when you use our partners' websites or apps: https://policies.google.com/technologies/partner-sites?hl=de

    Use of data for advertising purposes: https://policies.google.com/technologies/ads?hl=de

    Settings for personalized advertising by Google: https://adssettings.google.de

  8. The data will be deleted as soon as it is no longer required to achieve the purpose for which it was collected.

  9. User and event-level data linked to cookies, user identifiers (e.g., user ID) and advertising IDs (e.g., DoubleClick cookies, Android advertising ID, IDFA [Apple identifier for advertisers]) will be deleted no later than 50 weeks after they were collected.

2.5 Google Tag Manager

  1. We use Google Tag Manager on our website. Google Tag Manager is a service provided by Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.

  2. Google Tag Manager allows us to integrate various codes and services into our website in an organized and simplified manner. Google Tag Manager implements the tags or "triggers" the embedded tags. When a tag is triggered, Google may process information (including personal data) and process it. It cannot be ruled out that Google may also transmit this information to a server in a third country.

  3. Information on the standard contractual clauses and the transmission to the USA from us to Google and other relevant data on data processing by Google in the context of the use of Google services can be found in this privacy policy under the section Information about Google services “Information about Google services”.

  4. In particular, the following personal data is processed by Google Tag Manager:

    • Online identifiers (including cookie identifiers)

    • IP address

  5. 5. You can also find further detailed information about the Google Tag Manager on the website https://www.google.de/tagmanager/use-policy.html

    as well as under

    https://www.google.com/intl/de/policies/privacy/index.html (section “Data we receive as a result of your use of our services”).

  6. Furthermore, we have concluded a data processing agreement with Google for the use of Google Tag Manager (Art. 28 GDPR). Google processes the data on our behalf to trigger the stored tags and display the services on our website. Google may transfer this information to third parties if required by law, or if third parties process this data on Google's behalf.

  7. If you have deactivated individual tracking services (e.g. by setting an opt-out cookie), the deactivation will remain in effect for all affected tracking tags that are integrated by the Google Tag Manager.

  8. By integrating Google Tag Manager, we aim to simplify and clearly integrate various services. Furthermore, the integration of Google Tag Manager optimizes the loading times of the various services.

  9. The legal basis for the processing of personal data described here within the scope of the measurement procedure is your express consent in accordance with Art. 6 (1) (a) GDPR.

  10. The legal basis for processing the data processed in the context of obtaining consent is our legitimate interest pursuant to Art. 6 (1) (f) GDPR. We have a legitimate interest in being able to prove that you have given your consent to the measurement procedure (Art. 7 (1) GDPR).

2.6 Menu

  1. When you use the "Menu" service, Google's "Google Drive" service is accessed. In this context, a cookie is stored on your device.

  2. The legal basis for processing is our legitimate interest pursuant to Art. 6 (1) (f) GDPR. We have a legitimate interest in providing the menus quickly and efficiently.

  3. 3. When you use this service, data is transmitted to Google. The following domains are accessed:

    • google.com (Google)

    • gstatic.com (Google Static)

    • apis.google.com (Google APIs)

2.7 Google Fonts

  1. To make visiting our website more attractive, we use fonts from Google, the so-called Google Fonts.

  2. We have embedded the Google fonts locally, i.e., on our web server. This means there is no connection to Google servers and therefore no transfer of your data to Google.

2.8 Formitable (formitable.com)

  1. On our website, you have the option to schedule appointments with us. We use the "formitable" tool for booking appointments. The provider is Formitable BV, Elandsstraat 44, 1016 SG Amsterdam, Netherlands (hereinafter "formitable").

  2. To book an appointment, please enter the requested information and your desired date in the form provided. The data you enter will be used for planning, executing, and, if necessary, for follow-up. The appointment data will be stored for us on the formitable servers. You can view their privacy policy here: https://formitable.com/de/privacy-cookie-statement/.

  3. The data you enter will remain with us until you request its deletion, revoke your consent to storage, or the purpose for storing the data no longer applies. Mandatory legal provisions—in particular, retention periods—remain unaffected.

  4. The legal basis for data processing is Art. 6 (1) (f) GDPR. The website operator has a legitimate interest in scheduling appointments with interested parties and customers as easily as possible. If consent has been requested, Art. 6 (1) (a) GDPR is the legal basis for data processing; consent can be revoked at any time.

2.9 Newsletter by email

You cannot currently register for our email newsletter via the website.

2.10 Links to other websites

  1. While using some of our services, you will automatically be redirected to other websites.

  2. Please note that this privacy policy does not apply there. The privacy policy of the linked website may differ significantly from this one.

2.11 Cookie consent with CookieFirst

  1. This website uses CookieFirst's cookie consent technology to obtain your consent to the storage of certain cookies on your device and to document this consent in compliance with data protection regulations. The provider of this technology is Digital Data Solutions BV, Plantage Middenln 42a, 1018 DH Amsterdam, website: https://cookiefirst.com/ (hereinafter "CookieFirst").

  2. When you enter our website, the following personal data is transferred to CookieFirst:

    • Your consent(s) or the revocation of your consent(s)

    • Your IP address

    • Information about your browser

    • Information about your device

    • Time of your visit to the website

  3. Furthermore, CookieFirst stores a cookie in your browser to assign the consent you have granted or revoked to you. The data collected in this way will be stored until you request deletion, delete the CookieFirst cookie yourself, or the purpose for storing the data no longer applies. Mandatory statutory retention periods remain unaffected.

  4. CookieFirst is used to obtain the legally required consent for the use of cookies. The legal basis for this is Art. 6 (1) (c) GDPR.

  5. We have concluded a data processing agreement with CookieFirst. This agreement is required by data protection law and ensures that CookieFirst processes the personal data of our website visitors only in accordance with our instructions and in compliance with the GDPR.

3 Processing for the purpose of carrying out our business processes

3.1 Video surveillance

Below you will find our data protection notice within the meaning of Article 13 GDPR regarding the processing of personal data within the scope of our video surveillance.

  1. The processing of video recordings is based on Article 6 (1) (f) GDPR; the so-called legitimate interest.

  2. Our legitimate interests are:

    • Protection of house rules

    • Protection against theft, protection of property

    • Investigation of burglary and theft

    • Protection of guests and employees

  3. The video recordings are processed exclusively for the purposes stated.

  4. Any further use or disclosure of the video recordings will only occur if necessary for potential criminal prosecution. In this case, the recipients will be the relevant law enforcement authorities.

  5. We use external service providers to maintain the video surveillance system, although access to the video surveillance system or stored video recordings cannot be ruled out.

  6. Video recordings will be deleted no later than 10 days after recording, unless special incidents have occurred that justify or require further storage.

3.2 Registration form

  1. We are legally obliged to collect the following data from you in accordance with the Federal Registration Act (BMG) (§ 29 BMG, § 30 BMG):

    • Date of arrival and expected departure

    • surname

    • First names

    • birth date

    • nationality

    • Address

    • Serial numbers of the passport or passport replacement document (only for foreign guests)

    • If you have relatives traveling with you (e.g., spouses, children), you do not need to complete a separate registration form. It is sufficient to state the number of people traveling with you and their nationality.

    • For travel groups of more than ten people, only the tour guide must complete the registration form and otherwise state the number of fellow travelers and their nationality.

    • Foreign guests who are required to complete a registration form must present a passport or passport substitute upon check-in. The hotelier is obligated to verify the information provided on the registration form. Any discrepancies, or if a passport is missing, must be noted on the registration form.

  2. Storage period

    According to the Federal Ministry of Health, completed registration forms must be kept for one year from the date of arrival and then destroyed within three months.

3.3 Hotel stay

  1. When you stay with us, we strive to make your stay as pleasant as possible. This requires the processing of your personal data to provide specific services during your stay.

    These services include

    1. housekeeping and maintenance;

    2. the return of lost or forgotten items to you; and

    3. managing your preferences and those of your companions, such as dietary requirements and pillow preferences,

    to provide you with better service during your stay with us.

  2. For these purposes, we process the following data in particular: first and last name, postal address, consumption habits, arrival and departure dates, dietary requirements, email address, first and last name of adult roommates, other personal preferences, payment information (for the return of lost or forgotten items), telephone number

  3. This data is usually collected directly from you during your stay at the hotel or reaches us via your travel agency or, for example, through the booking system you use.

  4. The legal basis for processing this data is the balancing of interests pursuant to Art. 6 (1) (f) GDPR. Our legitimate interest lies in organizing our hotel maintenance activities, personalizing the services offered, and being able to identify the owner of a lost or forgotten item.

  5. Possible recipients of the data are hotel staff (including housekeeping, maintenance, reception and other hotel staff), IT service providers and delivery or courier service providers (for the return of lost or forgotten items).

  6. You can object to the use of your data at any time with future effect. An objection may lead to a significant restriction of our services.

4 Cookie Policy

4.1 General information

  1. Cookies are pieces of information that are transferred from our web server or third-party web servers to users' web browsers and stored there for later retrieval. Cookies can be small files or other types of information storage.

  2. If users do not wish cookies to be stored on their computer, they are asked to deactivate the corresponding option in their browser's system settings. Stored cookies can be deleted in the browser's system settings. Excluding cookies may result in functional limitations of this online service.

4.2 Cookie overview, objection

  1. 1. A current overview of the cookies used on this website can be found in the consent management platform "CookieFirst" (see section 2.7 "Cookie consent with CookieFirst").

  2. There you can also manage your individual consents and preferences.

5 Changes to the Privacy Policy

  1. We reserve the right to amend this privacy policy with regard to data processing in order to adapt it to changed legal situations, changes to the online offering or data processing.

  2. If user consent is required or if parts of the privacy policy contain provisions of the contractual relationship with the users, the changes will only be made with the consent of the users.

  3. Users are asked to regularly inform themselves about the content of this privacy policy.

As of September 2023

Legal Notice

Disclaimer

Liability for content
The content of our pages was created with the greatest care. However, we cannot accept any liability for the accuracy, completeness, or timeliness of the content. As a service provider, we are liable for our own content on these pages in accordance with Section 7 (1) DDG (German Data Protection Act). However, according to Sections 8 to 10 DDG, as a service provider, we are not obligated to monitor transmitted or stored third-party information or to search for evidence that indicates illegal activity. Obligations to remove information or to block the use of information in accordance with general laws remain unaffected. In this case, liability is only possible at the time of knowledge about a specific violation of law. Upon knowledge of such violations, we will remove this content immediately.

Liability for links
Our offer contains links to external third-party websites over whose content we have no influence. Therefore, we cannot accept any liability for this external content. The respective provider or operator of the pages is always responsible for the content of the linked pages. The linked pages were checked for possible legal violations at the time the link was created. Illegal content was not recognizable at the time the link was created. However, permanent monitoring of the content of the linked pages is not reasonable without concrete evidence of a legal violation. Upon notification of any legal violations, we will remove such links immediately.

Copyright
The content and works on these pages created by the site operators are subject to German copyright law. Reproduction, processing, distribution, and any type of exploitation outside the limits of copyright law require the written consent of the respective author or creator. Downloads and copies of this site are permitted for private, non-commercial use only. To the extent that the content on this site was not created by the operator, the copyrights of third parties are respected. In particular, third-party content is marked as such. Should you nevertheless become aware of a copyright infringement, we ask you to notify us accordingly. Upon notification of any violations, we will remove such content immediately.

Photo credits

All photos used are copyrighted property of the Holiday Inn Frankfurt - Alte Oper.