What data we collect and why we collect it
Below are the areas where you may end up giving us your personal information.
When you make a booking, we will need to record your name, address, email, telephone number as well as the length of stay. We do not process payments on our site. Instead, our website directs you to Paypal where you will make the payment transfer to us or you are asked to make a direct bank transfer through your bank to us. These external sites may collect information about your usage of their site. We are not given access to nor do we store any account name, account number or passwords in our database.
Registration upon checkin
According to the German Federal Registration Law (Bundesmeldegesezt) §29 BMG, we are required to collect guest information upon checkin. We will ask for verification of your details given during reservation and obtain your signature. Furthermore, we are required to make a photocopy of your passport or personal identification card. Your information is only collected to comply with the law and is not sold to third parties. It is required that this information be kept for 1 year from your date of departure and will be destroyed within 3 months of this date.
For return visitors, we will need to recollect the data as we do not have a processing system to detect that you have visited us before.
When guests leave a review, we only collect the data shown in the review form. The information is retained indefinitely in our database so that it can be made available on our website. If you have provided us your full name in the review, we will edit it to show only your first name. Your email is not included in the published review.
If you make an enquiry using the Contact Form, we collect the data shown in the form so that we can respond to your query and have a record of who we have communicated with and the purpose of the communication. We do not carry out any marketing nor send out newsletters with this data.
Data processing for the purpose of contacting us is carried out in accordance with Art. 6 Para. 1 S. 1 lit. a GDPR based on your voluntarily given consent.
Comments under the blog articles have been disabled so no personal information is collected.
Embedded content from other websites
Text on our site and articles in the blog section may include embedded content (e.g. maps, videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
We collect data about the behavior of visitors to this website. This is used to improve our website. We do not share this information with anyone. IP addresses are used to aggregate information, however, the IP address is anonymised before storage which makes it impossible to trace its origin.
Transfer of data to third parties
Your personal data is safe with us. In some cases, it is necessary to forward your data to third parties eg. you have instructed us to carry out something on your behalf or for legal/security reasons. This will be done in compliance with Article 6 (1) GDPR.
- the data subject has given consent to the processing of his or her personal data for one or more specific purposes;
- processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract;
- processing is necessary for compliance with a legal obligation to which the controller is subject;
- processing is necessary in order to protect the vital interests of the data subject or of another natural person;
What rights you have over your data
If you have left comments, you can request to receive a copy of the personal data we hold about you, including any other data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
Stand: February 2020