Skip to main content

Privacy policy

 

1. Data protection at a glance

 

General notes

 

The following notes provide a simple overview of what happens to your personal data when you visit this website. Personal data is all data with which you can be personally identified. Detailed information on the subject of data protection can be found in our privacy policy below.

 

Data collection on this website

 

Who is responsible for data collection on this website?

 

Data processing on this website is carried out by the website operator. You can find the contact details of the website operator in the section "Information on the data controller" in this privacy policy.

 

How do we collect your data?

 

Firstly, we collect your data as a result of your sharing it with us. This may, for instance, be information you enter in our contact form.

 

Other data is collected automatically or with your consent by our IT systems when you visit the website. This data comprises mainly technical information (e.g. web browser, operating system or time the site was accessed). This information is recorded automatically when you access this website.

 

What do we use your data for?

Part of the data is collected to ensure error-free provision of the website. Other data may be used to analyse your user patterns.

 

What rights do you have as far as your information is concerned?

 

You have the right to receive information about the source, recipients and purposes of your archived personal data at any time without having to pay a fee for such disclosure.

 

 You also have the right to demand that your data are rectified or erased. If you have consented to your data being processed, you can withdraw this consent at any time with future effect. Moreover, you have the right to demand that the processing of your data be restricted under certain circumstances. Furthermore, you have the right of appeal to the competent supervisory authority.

 

You can contact us at any time if you have any further questions on the subject of data protection.

 

Analysis tools and tools provided by third parties

 

When visiting this website, your surfing behaviour may be statistically analysed. This is done mainly with what are known as analysis programs.

 

Detailed information on these analysis programs can be found in the following privacy policy, insofar as we currently use them.

 

2. General notes and mandatory information

 

Data protection

 

The operators of these pages take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this privacy policy.

 

When you use this website, various personal data is collected.

Personal data is data with which you can be personally identified. This privacy policy explains what data we collect, how and why we collect it, and what we do with it.

 

We would like to point out that no data transmission over the Internet (e.g. communication by e-mail) is 100% secure. The complete protection of data against access by third parties is not possible.

 

Information on the responsible body

 

The responsible body for data processing on this website is:

 

Sympathie Hotels GmbH

Kurhausstr. 20

55543 Bad Kreuznach

 

Phone: +49 (0)671 298467-0

E-mail: info[@]sympathie-hotel.de

 

The responsible body is the natural or legal person who alone or together with others decides on the purposes and means of processing personal data (e.g. names, e-mail addresses etc.).

 

Contact details of the data protection officer

 

Weißmann Datenschutz GmbH

-Data protection officer: P. Weißmann, lawyer

Bosenheimer Str. 10

55543 Bad Kreuznach

 

E-mail: datenschutz[@ich-will-keinen-spam]kanzlei-weissmann.de

 

Retention period

 

Unless a more specific retention period is stated within this privacy policy, your personal data will remain with us until the purpose for processing the data no longer applies. If you assert a justified request for erasure or withdraw consent to your data being processed, your data will be erased unless we have other legally permissible reasons for storing your personal data (e.g. retention periods under tax or commercial law); in the latter case, the data will be erased once these reasons no longer apply.

 

Withdrawal of your consent to the processing of your data

 

A large number of data processing operations may only be performed with your express consent. You are entitled withdraw any consent you have already given at any time. The legality of the data processing procedures carried out up to the time of withdrawal of consent remains unaffected.

 

Right to object to the collection of data in special cases and to direct marketing (Art. 21 GDPR)

 

IF DATA PROCESSING IS CARRIED OUT ON THE BASIS OF ART. 6(1) (E) OR (F) GDPR, YOU HAVE THE RIGHT TO OBJECT TO THE PROCESSING OF YOUR PERSONAL DATA AT ANY TIME FOR REASONS ARISING FROM YOUR SPECIFIC SITUATION; THIS ALSO APPLIES TO PROFILING BASED ON THESE PROVISIONS.

 

 THE RESPECTIVE LEGAL BASIS ON WHICH PROCESSING IS PERFORMED CAN BE FOUND IN THIS PRIVACY POLICY. SHOULD YOU SUBMIT AN OBJECTION, WE SHALL NO LONGER PROCESS YOUR PERSONAL DATA UNLESS WE CAN PROVE THAT THERE ARE COMPELLING REASONS FOR PROCESSING WHICH ARE WORTHY OF PROTECTION AND WHICH OUTWEIGH YOUR INTERESTS, RIGHTS AND FREEDOMS, OR UNLESS THE PROCESSING SERVES TO ASSERT, EXERCISE OR DEFEND LEGAL CLAIMS (OBJECTION ACCORDING TO ART. 21(1) GDPR). IF YOUR PERSONAL DATA IS PROCESSED FOR THE PURPOSE OF DIRECT MARKETING, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF YOUR PERSONAL DATA FOR THE PURPOSE OF SUCH MARKETING; THIS ALSO APPLIES TO PROFILING, INSOFAR AS IT IS LINKED TO SUCH DIRECT MARKETING. IN THE EVENT THAT YOU OBJECT, YOUR PERSONAL DATA SHALL SUBSEQUENTLY NO LONGER BE USED FOR THE PURPOSE OF DIRECT MARKETING (OBJECTION ACCORDING TO ART. 21(2) GDPR).

 

Right of appeal to the competent supervisory authority

 

In the case of infringements of the GDPR, data subjects have a right of appeal to a supervisory authority, in particular in the Member State of their habitual residence, their place of work or the place of the suspected infringement.

 

This right of appeal is without prejudice to other administrative or judicial remedies.

 

Right to data portability

 

You are entitled to have data that we process automatically on the basis of your consent or in fulfilment of a contract handed over to you or to a third party in a commonly used machine-readable format. If you request the direct transfer of the data to another responsible party, this will only take place to the extent that it is technically feasible.

 

SSL or TLS encryption

 

This site uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as orders or enquiries you send to us as the site operator. You can recognise an encrypted connection by the fact that the address line in the browser changes from ‘http://’ to ‘https://’ and by the lock symbol in the browser address bar.

 

If SSL or TLS encryption is activated, third parties will not be able to read the data you share with us.

 

Encrypted payment transactions on this website

 

If you are under an obligation to share your payment information (e.g. account number if you give us the authority to debit your bank account) with us after you have entered into a fee-based contract with us, this information is required to process payments.

 

Payment transactions via the common means of payment (Visa/MasterCard, direct debit) are made exclusively via an encrypted SSL or TLS connection. You can recognise an encrypted connection by the fact that the address line in the browser changes from ‘http://’ to ‘https://’ and by the lock symbol in the browser address bar.

 

If communication with us is encrypted, third parties will not be able to read the payment information you share with us.

 

Information about, erasure and rectification of data

 

You have the right to information free of charge regarding the personal data stored about you, its origin and recipients, the purpose of data processing and, if necessary, a right to rectification or erasure of this data at any time in accordance with the applicable legal requirements.

 

You can contact us at any time if you have any further questions on the subject of personal data.

 

Right to restriction of processing

 

You have the right to demand that the processing of your data be restricted in certain circumstances. You can contact us at any time for this purpose. The right to demand restriction of processing applies in the following cases:

 

In the event that you should dispute the correctness of your data archived by us, we will usually need some time to verify this claim. During the time that this investigation is ongoing, you have the right to demand that we restrict the processing of your personal data.

If the processing of your personal data was/is conducted in an unlawful manner, you have the option to demand the restriction of the processing of your data in lieu of demanding the erasure of this data.

If we do not need your personal data any longer and you need it to exercise, defend or claim legal entitlements, you have the right to demand the restriction of the processing of your personal data instead of its erasure.

If you have raised an objection pursuant to Art. 21(1) GDPR, your rights and our rights will have to be weighed against each other. As long as it has not been determined whose interests prevail, you have the right to demand a restriction of the processing of your personal data.

If you have restricted the processing of your personal data, this data – with the exception of its archiving – may be processed only subject to your consent or to claim, exercise or defend legal entitlements or to protect the rights of other natural persons or legal entities or for reasons of important public interest cited by the European Union or a Member State.

 

Objection to advertising e-mails

 

We hereby object to the use of the contact details as published in our legal notice for the transmission of advertising and information material not expressly requested. The operators of these pages expressly reserve the right to take legal action against the unsolicited e-mailing of advertising materials such as spam e-mails.

 

3. Data collection on this website

 

Server log files

 

The provider of this website and its pages automatically collects and stores information in so-called server log files, which your browser communicates to us automatically. This information comprises:

 

Type and version of browser and the operating system used

Referrer URL

Host name of the accessing computer

Time of the server request IP address

This data is not merged with other data sources.

 

This data is recorded on the basis of Art. 6(1) (f) GDPR. The operator of this website has a legitimate interest in the technically error free depiction and optimisation of the operator’s website. To achieve this, server log files must be recorded.

 

Enquiry by e-mail, telephone or fax

 

If you contact us by e-mail, telephone or fax, your enquiry, including all resulting personal data (name, request) will be stored and processed by us for the purpose of processing your enquiry. We will not pass on this data without your consent.

 

This data is processed on the basis of Art. 6(1) (b) GDPR if your enquiry is related to the fulfilment of a contract or is required for the performance of pre-contractual measures. In all other cases, the data is processed on the basis of our legitimate interest in the effective handling of enquiries submitted to us (Art. 6(1) (f) GDPR) or on the basis of your consent (Art. 6(1) (a) GDPR) insofar as it has been obtained.

 

The data you send us via contact enquiries remains with us until you request us to erase it, you withdraw your consent to storage, or the purpose for the data storage lapses (e.g. after your request has been processed). Mandatory statutory provisions – in particular legal retention periods – remain unaffected.

 

Contact form

If you send us enquiries via the contact form, we will store your details, including the contact data you have provided, for the purpose of processing the enquiry and in the event of follow-up questions. We will not pass on this data without your consent.

 

This data is processed on the basis of Art. 6(1) (b) GDPR if your enquiry is related to the fulfilment of a contract or is required for the performance of pre-contractual measures. In all other cases, the data is processed on the basis of our legitimate interest in the effective handling of enquiries submitted to us (Art. 6(1) (f) GDPR) or on the basis of your consent (Art. 6(1) (a) GDPR) insofar as it has been obtained.

 

The data you enter in the contact form will remain with us until you request us to erase it, you withdraw your consent to storage, or the purpose for data storage no longer applies (e.g. after your enquiry has been processed). Mandatory statutory provisions – in particular retention periods – remain unaffected.

 

Handling of applicant data

 

We offer you the opportunity to submit your application to us (e.g. by e-mail, post or via online application form). Below, we inform you about the scope, purpose, and manner in which we use the personal data we collect from you as part of the application process. We assure you that the collection, processing and use of your data will be carried out in accordance with applicable data protection law and all other legal provisions and that your data will be treated as strictly confidential.

 

If you send us an application, we process the corresponding personal data (e.g. your contact and communication data, application documents, notes during interviews, etc.) to the extent that this is necessary to decide on the establishment of an employment relationship. The legal basis for this is Art. 26 Federal Data Protection Act (BDSG new) under German law (initiation of an employment relationship), Art. 6(1) (b) GDPR (general contract initiation) and – if you have given your consent – Art. 6(1) (a) GDPR. Consent can be withdrawn at any time. Your personal data is only disclosed within our company to persons who are involved in processing your application.

 

If your application is successful, the data you have submitted will be stored in our data processing systems on the basis of Art. 26 Federal Data Proctection Act and Art. 6(1) (b) GDPR for purposes of carrying out the employment relationship.

 

Data retention period

 

If we are unable to make you a job offer of if you reject a job offer or withdraw your application, we reserve the right to retain the data you have provided on the basis of our legitimate interests (Art. 6(1) (f) GDPR) for up to 6 months from the end of the application process (rejection or withdrawal of the application).

 

The data will then be erased and the physical application documents destroyed. The retention serves in particular for purposes as evidence in the event of a legal dispute. If it is apparent that the data will be required after expiry of the 6-month period (e.g. due to an imminent or pending legal dispute), it will only be erased once the purpose for further retention no longer applies.

 

Date may be retained longer if you have given your consent (Art. 6(1) (a) GDPR) or if statutory retention obligations prevent erasure.

 

Admission to the applicant pool

 

If we do not make you a job offer, there may be the possibility of including you in our pool of applicants. If you are accepted, all documents and details from your application will be transferred to the applicant pool so that we can contact you in the event of suitable vacancies.

 

Admission to the applicant pool is based solely on your express consent (Art. 6(1) (a) GDPR). This consent is voluntary and has no relation to the current application procedure.

 

The person concerned may revoke their consent at any time. In this case, the data will be irrevocably deleted from the pool of applicants, unless there are legal reasons for retention.

 

4. Our social media presence

 

Our social media presence

 

Data processing by social networks

 

We maintain publicly accessible profiles on social networks. The individual social networks we use are listed below.

Social networks such as Facebook, Instagram, etc. generally have the ability to analyse your user behaviour comprehensively when you visit their websites or sites with integrated social media content (e.g. like buttons or banner advertisements). Visiting our social media presences will trigger a number of processes which are relevant to data privacy. In detail:

 

When you log in to your social media account and visit our presence on this social media platform, the operator of this social media portal is able to associate this visit with your user account. However, in certain circumstances your personal data can also be acquired even if you are not logged in or do not possess an account with the social media portal in question. In such cases this data can be collected for example via cookies which are stored on your device, or by acquiring your IP address.

 

With the aid of data acquired in this way, the social media portal operator can create user profiles in which your preferences and interests are stored. In this way, advertising tailored to your interests can be displayed to you both within and outside of the respective social media presence, If you have an account with the social network in question, advertisements tailored to your interests can be displayed on all devices to which you are or have been logged in.

 

Please also note that we are unable to track all data processing activities on social media portals. Depending on the provider, it may be that other processes are performed by social media portal operators. For details, please refer to the terms of use and privacy policies of the respective social media portals.

 

Legal basis

 

Our social media presences are intended to guarantee an Internet presence which is as comprehensive as possible. This constitutes a legitimate interest as defined in Art. 6(1) (f) GDPR. The analytical processes initiated by the social networks may have deviating legal bases which must be specified by the social network operators (e.g. consent as defined in Article 6(1) (a) GDPR).

 

Controllers and the assertion of rights

 

When you visit one of our social media appearances (e.g. Facebook), we are jointly responsible as controllers together with the operator of the social media platform for the data processing activities triggered by your visit. You can always assert your rights (to information, rectification, erasure, restricted processing, data portability and objection) both against us and against the operator of the social media portal (e.g. against Facebook).

 

Please note that despite sharing joint responsibility with the social media portal operators, we do not have full influence on the data processing activities conducted by social media portals. Our options are largely determined by the corporate policy of the respective provider.

 

Retention period

 

Data acquired directly by us via our social media presence is erased from our systems as soon as the purpose for which it is stored ceases to apply, or if you demand that we erase it, or if you withdraw your consent to such storage or the purpose for storage ceases to apply. Cookies will remain stored on your device until you delete them. Mandatory statutory provisions – in particular retention periods – remain unaffected.

 

We have no influence over the duration for which data held by social network operators is stored for their own purposes. For details please refer directly to the social network operators (for example, you may consult their privacy policies, see below).

 

Individual social networks

 

Facebook

 

We have a Facebook profile. The provider of this platform is Facebook Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. According to Facebook, the data collected is also transmitted to the USA and other third countries.

 

We have entered into an agreement with Facebook regarding joint responsibility for the processing of data (Controller Addendum). This agreement determines which data processing activities we are each respectively responsible for when you visit our Facebook fanpage. You can view the agreement by following this link: https://www.facebook.com/legal/terms/page_controller_addendum

 

You can set your advertising preferences independently via your user account. To do this, click on this link and log in: https://www.facebook.com/settings?tab=ads

 

The transmission of data to the USA is based on the standard contractual clauses of the EU Commission.

 

Information on this is available here:

 

https://www.facebook.com/legal/EU_data_transfer_addendum and https://de-de.facebook.com/help/566994660333381

 

For details, please refer to Facebook’s privacy policy: https://www.facebook.com/about/privacy/.

 

Instagram

 

We have an Instagram profile. The provider is Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA.

 

The transmission of data to the USA is based on the standard contractual clauses of the EU Commission.

 

Information on this is available here:

 

https://www.facebook.com/legal/EU_data_transfer_addendum, https://help.instagram.com/519522125107875 and https://de-de.facebook.com/help/566994660333381

 

For details of how your personal data is processed, please refer to Instagram’s privacy policy: https://help.instagram.com/519522125107875

 

5. Further applications

 

Dirs21 SDK

 

Nature and scope of processing

 

We use the online booking tool DIRS21 (operated by TourOnline AG, Borsigstraße 26, 73249 Wernau, Germany (www.dirs21.de)) to enable online bookings of accommodation and other travel services, as well as to process enquiries.

 

Purpose and legal basis

 

Use of the tool is based on our legitimate interests, i.e. interest in the secure and efficient provision as well as optimisation of our online services in accordance with Art. 6(1) (f) GDPR.

 

Retention period

 

We have no influence on how long the processed data is stored, as this is determined by TourOnline AG. For further information, please refer to the privacy policy of Dirs21 SDK: https://www.dirs21.de/en/disclaimer/

 

Fast fonts

 

Nature and scope of processing

 

We use fast fonts from Monotype Imaging Inc., 600 Unicorn Park Drive, Woburn, Massachusetts 01801 USA, as a service to provide fonts for our online offer. To obtain these fonts, you connect to Monotype Imaging Inc. servers and your IP address is transmitted.

 

Purpose and legal basis

 

Use of fast fonts is based on our legitimate interests, i.e. interest in a uniform provision as well as optimisation of our online services in accordance with Art. 6(1) (f) GDPR.

 

Retention period

 

We have no influence on how long the processed data is stored, as this is determined by Monotype Imaging Inc. For further information, please refer to the privacy policy of fast fonts: www.monotype.com/legal/privacy-policy

 

Google fonts

 

For the uniform display of fonts, this site uses what are known as web fonts, which are provided by Google. When you call up a page, your browser loads the required web fonts into your browser cache in order to display texts and fonts correctly.

 

For this purpose, the browser you are using must connect to the Google servers. This gives Google knowledge that our website has been accessed via your IP address. The use of Google web fonts is based on Art. 6(1) (f) GDPR. The website operator has a legitimate interest in the uniform presentation of the typeface on this website. If corresponding consent has been requested (e.g. consent to the storage of cookies), data will be processed out exclusively on the basis of Art. 6(1) (a) GDPR. Consent can be withdrawn at any time. If your browser does not support web fonts, a standard font will be used by your computer.

 

Further information on Google web fonts can be found at https://developers.google.com/fonts/faq and in Google’s privacy policy: https://policies.google.com/?hl=en-GB

 

Google Maps

 

Nature and scope of processing

 

We use Google Maps to display an interactive map and to create directions. Google Maps is a service operated by Google Ireland Limited.

 

When you access this content on our website, you are connecting to servers operated by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, where your IP address and possibly browser data such as your user agent are transmitted. This data is processed exclusively for the above-mentioned purposes and to maintain the security and functionality of Google Maps.

 

Purpose and legal basis

 

The use of Google Maps is based on our legitimate interests pursuant to Art. 6 (1) (f) GDPR, i.e. our interest in making it easier for you to find the locations mentioned on the website.

 

Retention period

 

We have no influence on how long the processed data is stored, as this is determined by Google Ireland Limited. For further information, please refer to the privacy policy of Google Maps: https://policies.google.com/privacy?hl=en-GB

Google Tag Manager

 

This website uses the Google Tag Manager. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

 

Google Tag Manager is a tool that allows us to embed tracking or statistical tools and other technologies on our website. Google Tag Manager itself does not create user profiles, does not store cookies and does not perform any independent analyses. It is only used to manage and run the tools integrated via the manager. However, Google Tag Manager does record your IP address which can then be transmitted to Google’s parent company in the United States.

 

The use of Google Tag Manager is based on Art. 6(1) (f) GDPR. The website operator has a legitimate interest in the fast and uncomplicated integration and management of various tools on its website. If corresponding consent has been requested, data will be processed out exclusively on the basis of Art. 6(1) (a) GDPR. Consent can be withdrawn at any time.

 

HolidayCheck

 

When using our online rating facility via Holidaycheck, personal data may be collected, such as name, address, contact and communication data such as telephone number and e-mail address. The responsible party for processing this data is HolidayCheck Group AG, Neumarkter Str. 61, 80796 Munich, Germany. This company collects and uses your personal data exclusively in accordance with the provisions of the data protection laws of the Federal Republic of Germany. The submission of a rating is voluntary. Your data will only be collected, processed and used for the purpose of processing the rating. The data will be deleted six months after the rating process has been completed. Insofar as there are no legal obligations to retain data, HolidayCheck will also correct or erase this data beforehand at your request. Please contact HolidayCheck directly to do this.

 

HolidayCheck’s privacy policy can be found at: https://www.holidaycheckgroup.com/privacy/?lang=en

 

 General Terms and Conditions

Here you can find our General Terms and Conditions in German and English.

 

GENERAL TERMS AND CONDITIONS FOR TOUR OPERATORS (SINGLE TRAVELLERS – LAST REVISED: NOVEMBER 2014)

GENERAL TERMS AND CONDITIONS FOR TOUR OPERATORS (SINGLE TRAVELLERS AND GROUPS – LAST REVISED: NOVEMBER 2014)

GENERAL TERMS AND CONDITIONS FOR TOUR OPERATORS (GROUPS – LAST REVISED: NOVEMBER 2014)

GENERAL TERMS AND CONDITIONS FOR EVENTS (LAST REVISED: NOVEMBER 2014)