Data protection
DATA PROTECTION INFORMATION FOR GUESTS AND PROSPECTS Information on data protection regarding the processing of personal data in the context of a contract relationship or contract negotiations in accordance with Art. 12, 13 and 14 of the EU-GDPR at the Dom Hotel Limburg. In the course of business relationships, personal data will inevitably be exchanged and must therefore be processed in accordance with the European General Data Protection Regulation (EU-GDPR). With this, we meet the requirements of Art. 12, 13 and 14 of the EU-GDPR and inform you transparently about the processing of the personal data transmitted by you in the course of communication and contract relationships and, if applicable, collected by us, as well as your related rights.
1. RESPONSIBLE PARTY IN TERMS OF DATA PROTECTION
Dom Hotel Betriebs GmbH
Albert-Weil-Straße 1
65555 Limburg-Offheim
Germany
Phone: +49 6431 9010
E-mail: info(at)domhotellimburg.de
2. CONTACT INFORMATION OF OUR DATA PROTECTION OFFICER
IT Process & Audit GmbH
Bruder-Kremer-Straße 6
65549 Limburg an der Lahn
E-mail: datenschutz(at)it-processaudit.de
The (possibly updated) contact details of the data protection officer are also available at any time on our previously mentioned website in the "Data Protection" section.
3. CATEGORIES AND TYPES OF PERSONAL DATA
We process our personal data exclusively to the extent necessary to ensure the contract-accompanying and pre-contractual business communication, to process orders, to provide you with information about services and offers, and to maintain customer loyalty. We transfer your personal data to the ERP system we use. These data typically include your name, possibly the company you work for, your telephone number, your email address, your address, your salutation, and your academic degree. We also document when and in what context we received your personal data in order to comply with data protection reporting and deletion obligations.
4. PURPOSES AND LEGAL BASES FOR PROCESSING
The processing of your personal data is for the purpose of contract processing and contract initiation. Other purposes may include acquiring new business relationships and direct marketing.
If the processing is necessary for the fulfillment of a contract of which you are a party or for the performance of pre-contractual measures taken at your request, the legal basis for the processing is Art. 6 (1) (1) lit. b) GDPR. If your personal data is used to provide you with information about products and offers, the processing is based on Art. 6 (1) (1) lit. f) GDPR.
5. DATA SOURCES
We process your personal data that we receive as part of your request or that you provide to us as part of a contractual relationship. It is also possible that our sales department independently obtains your contact information as part of the acquisition activity.
6. RECIPIENTS OF DATA
Internally, employees responsible for carrying out contractual or pre-contractual measures from the relevant departments will have access to your data to the extent necessary. Your data may be transmitted to other companies in our corporate group. If this is allowed taking into account the stated purposes and legal bases, we may transmit your personal data to affiliated companies. In our mandate, your data is processed based on an outsourcing agreement in accordance with Art 28 EU GDPR. We ensure that the processing is in compliance with the EU GDPR. The recipients of your personal data in this context are service providers commissioned by us. If necessary, the software provider of our ERP system and our IT service provider may have access to your data to the extent necessary to operate and maintain the computer system used by us. In connection with postal mailings, we may provide the information required for postal delivery (name, address) to a service provider. This provider uses the information to carry out the process, in particular envelope and shipping. If tax-related issues arise from the business relationship with you, we may have to transmit data to the tax authorities and our tax advisor may receive access if necessary. Recipients outside the company will receive your personal data only if legal provisions allow or require this, if the disclosure is necessary to fulfill legal obligations, or if your consent is available.
7. TRANSFER TO A THIRD COUNTRY
Third countries are countries outside the European Union or the European Economic Area. A transfer to a third country is not planned. If it is necessary for an important reason nonetheless, you will of course be informed about this beforehand and we will agree on the appropriate measures to protect your data together.
8. DURATION OF DATA STORAGE
Your personal data will be stored until it is no longer expected to establish further or new business relationships. In the case of already concluded business or pre-contractual transactions, the storage will take place for tax reasons until 10 years after the last business or pre-contractual communication. This duration then depends on the valid statutory storage periods, such as § 147 Abs. 1 Nr. 3 i.V.m. Abs. 3 AO, § 257 Abs. 1 Nr. 4 i.V.m. Abs 4 HGB.
9. REQUIREMENT FOR THE PROVISION OF PERSONAL DATA
The provision of personal data is not legally or contractually required and is usually not necessary for concluding a contract, as long as all the information required for contract performance by a legal person is available. You are not obligated to provide your personal data. If you do not provide your personal data to us, it may not be possible for us to contact you and send you information. If the necessary minimum information is not available, a contract cannot be concluded. This is particularly the case if we do not receive payment information.
10. AUTOMATED DECISION MAKING
No automated decision making as defined by Art. 22 of the EU GDPR takes place.
11. YOUR RIGHTS
You have the following data subject rights under the EU GDPR, which you can assert when we process your data:
• the right to information Art. 15 EU GDPR
• the right to correction Art. 16 EU GDPR
• the right to deletion Art. 17 EU GDPR
• the right to restrict processing Art. 18 EU GDPR
• the right to data portability Art. 20 EU GDPR
• the right to object to processing Art. 21 EU GDPR Additionally, you also have the right to file a complaint with a supervisory authority
The supervisory authority responsible for us is: The Hessian Commissioner for Data Protection and Freedom of Information Post Office Box 3163 65021 Wiesbaden Phone: +49 611 1408 - 0 Fax: +49 611 1408 - 900 / 901 Email: poststelle(at)datenschutz.hessen.de
If the processing is based on your consent according to Art. 6 para. 1 lit. a. EU GDPR, you have the right to revoke your consent at any time without affecting the legality of the processing carried out up to the revocation. Right to object Art. 21 EU GDPR If the processing of your personal data is based on our legitimate interests (Art. 6 para. 1 lit. f. EU GDPR), you have the right to object to the processing of your personal data on grounds arising from your particular situation pursuant to Art. 21 EU GDPR. If we cannot demonstrate compelling legitimate grounds for the processing that override your rights, freedoms, and interests, we will no longer process your personal data. To assert your rights, please feel free to contact us (see contact details responsible party).