We are pleased you are visiting our homepage, and thank you for your interest in LINDENBERG. Dealing with our customers and interested parties is a matter of trust. The trust placed in us is very important to us and therefore the importance and obligation to handle your data carefully and to protect it from misuse. So that you feel safe and comfortable when visiting our website, we take the protection of your personal data and their confidential treatment very seriously. Therefore we act in accordance with the applicable legislation on the protection of personal data and data security. With this information on data protection, we would like to inform you about when we store which data and how we use it – of course in compliance with the applicable German case law. Data protection at LINDENBERG Hospitality GmbH takes into account the European level of data protection and is based, in particular, on the current Federal Data Protection Act (BDSG) and data protection law (GDPR). When using the Internet, we orient ourselves to protecting your personal data on the Telemedia Act (TMG ) of the Federal Republic of Germany.
SCOPE OF COLLECTION AND PROCESSING OF PERSONAL DATA
In principle, you can visit our websites without telling us who you are. Our web servers automatically store information of a general nature. This includes the type of web browser, the operating system used, the domain name of your Internet service provider, the website from which you are visiting us, the websites you are visiting on our site and the date and duration of the visit. This is exclusively information that does not allow any conclusions to be drawn about your person. We only evaluate this data for statistical purposes and only in an anonymous form. Personal data is inventory data, such as your name, address, account number, ID number or telephone number, email address or IP number. We only collect, process or use personal data from you if you voluntarily provide it to us and it is also permitted by law, or you have given your consent. This usually happens when you enter into a business relationship with us or make an inquiry with us.
To the extent that your personal data is processed in our central guest database, the data will also be disclosed to the other companies that operate brands owned by Lindenberg Hospitality (Lindenberg, Libertine Lindenberg, Lindley). The respective operators of each of these hotels can be seen on the website under “Selection of hotels”.
Service providers used by us (e.g. as part of order processing in accordance with Art. 28 GDPR) and vicarious agents may also receive personal data for these purposes. These are companies in the categories of credit services and payment processing, IT services, cleaning services, logistics, printing services, telecommunications, debt collection, advice and consulting, as well as sales and marketing. The respective service providers can be seen from the list of service providers/processors, which is updated regularly.
PURPOSE OF USE OF DATA COLLECTED
We use the personal data you provide exclusively for the stated or agreed purposes, i.e., to process the contract concluded with you or to answer your enquiry.
If you use our services, as a rule, only data that we need to provide the services is collected. If we ask you for further data, this is voluntary information. The processing of personal data takes place exclusively to fulfil the requested service and to protect legitimate business interests.
ARE PERSONAL DATA FORWARDED TO THIRD PARTIES?
Your data will only be processed and used for consulting, advertising and market research purposes with your express consent. Your data will not be sold, rented or made available to third parties in any other way. Transfers of personal data to state institutions and authorities only take place within the framework of mandatory national legislation.
PERIOD OF STORAGE OF PERSONAL DATA AND CRITERIA FOR DETERMINING THIS PERIOD
We process and store your personal data for as long as it is necessary to fulfil our contractual and legal obligations. If the data is no longer required for the fulfilment of contractual obligations, they are regularly deleted unless their limited further processing is required due to commercial and tax law retention periods (including the Commercial Code (HGB) and the Fiscal Code (AO). The periods specified there for storage or documentation is two to ten years
STORAGE DURATION / NEWSLETTER
The data you have stored with us for the purpose of subscribing to the newsletter will be stored by us until you unsubscribe from the newsletter and will be deleted from our servers after you have cancelled the newsletter.
YOUR RIGHTS AS A DATA SUBJECT
According to Art. 15 DS-GVO, every data subject whose personal data is processed has the right to information from the person responsible about the personal data concerned; according to Art. 16 DS- GVO, the right to correction, according to Art. 17 DS-GVO, the right to deletion, according to Art. 18 DS- GVO the right to restriction of processing, according to Art. 21 DS-GVO the right to object to the processing as well as according to Art. 20 DS-GVO the right to data portability. The restrictions according to §§ 34 and 35 BDSG-new also apply to the right to information and the right to deletion.
ADDITIONAL INFORMATION ABOUT YOUR RIGHT TO OBJECT IN ACCORDANCE WITH ART. 21 DS-GVO
You have the right, for reasons arising from your particular situation, to object at any time to the processing of personal data relating to you, which is based on Article 6 (1) sentence 1 lit. e) GDPR (data processing in the public interest). Or Art. 6 (1) sentence 1 lit. f) GDPR (data processing based on a balance of interests) to file an objection; this also applies to profiling based on this provision in accordance with Art. 4 Para. 4 DS-GVO.
If you file an objection, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for processing that outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims. If we process your personal data in order to operate direct advertising, you have the right to object at any time to the processing of your personal data for the purpose of such advertising; this also applies to profiling insofar as it is associated with such direct advertising. The objection is form-free and should be addressed to our data protection officer using the contact details given in Section 2.
THE RESPONSIBLE AUTHORITY FOR DATA PROCESSING ON THIS WEBSITE IS
LINDENBERG Hospitality GmbH Mainzer Landstrasse 86 60327 Frankfurt am Main
firstname.lastname@example.org T +49.69.430 591 530
The responsible body is the natural or legal person who, alone or together with others, decides on the purposes and means of processing personal data (e.g. names, email addresses, etc.).
LEGAL DATA PRIVACY OFFICER
We have a data protection officer in our company:
T +49 6074 30 40 6-81
WITHDRAWAL OF YOUR CONSENT TO DATA PROCESSING
You can revoke consent that you have already given at any time without giving reasons. An informal message by email to us is sufficient. If deletion is not possible due to legal requirements of tax and commercial law, your data will only be processed for the obligations arising for us from the law. Processing for commercial purposes will no longer take place after an objection.
RIGHT OF APPEAL TO THE RELEVANT SUPERVISORY AUTHORITY
In the event of violations of data protection law, the person concerned has the right to lodge a complaint with the competent supervisory authority. The competent supervisory authority for data protection issues is the state data protection officer of the federal state in which our company is based.
RIGHT TO DATA PORTABILITY
You have the right to have data that we process on the basis of your consent or in fulfilment of a contract handed over to you or a third party in a standard, machine-readable format. If you request the direct transfer of the data to another person responsible, this will only be done to the extent that it is technically feasible.
SSL – BZW. TLS-ENCRYPTION
For security reasons and to protect the transmission of confidential content, such as orders or inquiries that you send to us as the site operator, this site uses SSL or TLS encryption. You can recognize an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line. If SSL or TLS encryption is activated, the data that you transmit to us cannot be read by third parties.
LINDENBERG Hospitality GmbH stores information relevant to data protection exclusively on secure systems in Germany. Access to it is only possible for a few authorized persons and persons responsible for the technical, administrative or editorial support of data and who are responsible for special data protection.
Children and young people with limited legal capacity are not permitted to transmit any personal data to our website without the consent of their parents or guardian. Under no circumstances will LINDENBERG Hospitality GmbH knowingly collect personal data from children or adolescents with limited legal capacity, use it in any way or disclose it to third parties without authorization.
By using our website and the offers contained therein, you agree that the personal data you have voluntarily transmitted will be stored by us and processed and used in compliance with this data protection declaration.
RIGHT TO INFORMATION / PUBLIC PROCEDURE DIRECTORY
According to § 34 and § 6b BDSG, you have the unrestricted right to free information about your data stored by us and, according to § 35 BDSG, the right to delete or block inadmissible data or the right to correct incorrect data. Upon request, we are also willing to inform you in writing whether and which personal data we have stored about you. Where possible, we will take appropriate steps to update or correct the information we hold about you at short notice.
ANALYTICS TOOLS & ADVERTISING
GOOGLE (UNIVERSAL) ANALYTICS
Google will use this information on our behalf to evaluate the use of our online offer by users, to compile reports on the activities within this online offer and to provide us with other services related to the use of this online offer and internet usage. Pseudonymous user profiles can be created from the processed data.
We only use Google Analytics with activated IP anonymization. This means that the IP address of the user is shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be sent to a Google server in the USA and shortened there.
The IP address transmitted by the user’s browser is not merged with other Google data. Users can prevent the storage of cookies by setting their browser software accordingly; In addition, users can prevent the data generated by the cookie and related to their use of the online offer from being collected and processed by Google by downloading and installing the browser plugin available under the following link.
You can find more information on data used by Google, setting and objection options in Google’s data protection declaration and in the settings for the display of advertisements by Google.
Further information on Google (Universal) Analytics can be found here.
GOOGLE ADS CONVERSION TRACKING
This website uses the online advertising program “Google Ads” and, as part of Google Ads, conversion tracking by Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”). We use Google Ads to draw attention to our attractive offers with the help of advertising material (so-called Google Adwords) on external websites. In relation to the data of the advertising campaigns, we can determine how successful the individual advertising measures are. We are pursuing the goal of showing you advertising that is of interest to you, making our website more interesting for you and achieving a fair calculation of the advertising costs incurred.
The conversion tracking cookie is set when a user clicks on a Google-served ads ad. Cookies are small text files that are stored on your device. These cookies usually lose their validity after 30 days and are not used for personal identification. If the user visits certain pages on this website and the cookie has not yet expired, Google and we can recognize that the user clicked on the ad and was redirected to this page. Each Google Ads customer receives a different cookie. Cookies cannot be tracked through Google Ads customer sites. The information gathered using the conversion cookie is used to generate conversion statistics for Google Ads customers who have opted for conversion tracking. Customers are told the total number of users who clicked on their ad and were redirected to a conversion tracking tag page. However, they do not receive any information that personally identifies users. If you do not want to participate in tracking, you can block this usage by disabling the Google Conversion Tracking cookie through its Internet browser under the keyword “User Preferences.” You will not be included in the conversion tracking statistics. We use Google Ads based on our legitimate interest in a targeted advertising gem. Art. 6 para. 1 lit. f DSGVO. As part of the use of Google Ads, it may also lead to a transfer of personal information to the servers of Google LLC. come in the US.
You can permanently object to the setting of cookies by Google Ads Conversion Tracking by downloading and installing the browser plug-in from Google available under the following link.
Insofar as this is legally required, we have obtained your consent in accordance with Art. 6 (1) (a) GDPR to process your data as described above. You can revoke your consent at any time with effect for the future. To exercise your revocation, deactivate this service in the “Cookie-Consent-Tool” provided on the website or alternatively follow the option described above to make an objection.
GOOGLE ADWORDS REMARKETING
In addition to Google Adwords Conversion, we use the Google Adwords Remarketing application. This application allows you to see our advertisements in your subsequent internet use after you have visited our website. This is done using cookies stored in your browser, which are used by Google to record and evaluate your usage behavior when you visit various websites. In this way, Google can determine your previous visit to our website. Google does not, according to its own statements, combine the data collected as part of Google Remarketing with your personal data that may be stored by Google (e.g. because you have registered for a Google service such as GMail). According to Google, pseudonymization is used for remarketing.
Our website measures conversions using visitor action pixels from Facebook, Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA (“Facebook”).
These allow the behavior of site visitors to be tracked after they click on a Facebook ad to reach the provider’s website. This allows an analysis of the effectiveness of Facebook advertisements for statistical and market research purposes and their future optimization.
The use of Facebook pixels is based on Art. 6 para. 1 lit. f DSGVO. The website operator has a legitimate interest in effective advertising including social media.
You can also deactivate the custom audiences remarketing feature in the Ads Settings section. You will first need to log into Facebook.
If you do not have a Facebook account and are living in the EU, you can opt out of usage-based advertising from Facebook on the website of the European Interactive Digital Advertising Alliance.
On this website we use the HubSpot service for various purposes. HubSpot is a US based software company with offices in Ireland. Contact: HubSpot, 2nd Floor 30 North Wall Quay, Dublin 1, Ireland, Telephone: +353 1 5187500.
Hubspot is an integrated software solution that we use to cover various aspects of our online marketing. These include, among other things:
Email marketing, social media publishing and reporting, reporting, contact management (e.g. user segmentation and CRM), landing pages and contact forms.
You can find more information about the cookies used by HubSpot here and here
As part of the optimization of our marketing measures, the following data can be collected and processed via Hubspot:
- Geographical position
- Browser type
- Navigation information
- Referral URL
- performance data
- Information about how often the application is used
- Mobile apps data
- Credentials for the HubSpot subscription service
- Files displayed on site
- domain names
- Pages viewed
- Aggregate Usage
- Version of the operating system
- Internet Service Provider
- IP address
- device identifier
- Duration of the visit
- Where the application was downloaded from
- operating system
- Events that occur within the application
- access times
- Clickstream data
- Device model and version
In addition, we also use Hubspot to provide contact forms. Further information on this can be found in the Forms section of this data protection declaration.
The legal basis for the processing is your consent in accordance with Article 6 (1) (a) GDPR. If you do not want Hubspot to collect and process the data mentioned, you can refuse your consent or revoke it at any time with effect for the future.
The personal data are kept for as long as they are necessary to fulfill the processing purpose. The data will be deleted as soon as they are no longer required to achieve the purpose.
Data can be transmitted to the USA as part of processing via HubSpot. The security of the transmission is secured by so-called standard contractual clauses, which ensure that the processing of personal data is subject to a security level that corresponds to that of the GDPR. If the standard contractual clauses are not sufficient to create an adequate level of security, your consent can serve as the legal basis for transmission to third countries in accordance with Article 49 (1) (a) GDPR. Please note the sub-item “Forms”.
Our website uses conversion tracking technology from the Pinterest social network (Pinterest Europe Ltd., Palmerston House, 2nd Floor, Fenian Street, Dublin 2, Ireland), which enables us to offer our website visitors who have already registered for our website and our content /offers and are Pinterest members to display advertisements and offers relevant to them on Pinterest. For this purpose, a so-called conversion tracking pixel from Pinterest is integrated on our pages, via which Pinterest is informed when you visit our website that you have accessed our website and which parts of our offer you are interested in. For example, if you were interested in our subscriptions on our website, you may see an ad about our subscriptions on Pinterest.
You can opt out of collecting data to display interest-based advertising on Pinterest at any time in your Pinterest account settings there under “Individual adjustment” deactivate the button “Use information from our partners to better tailor the recommendations and ads on Pinterest to you”) or under the Personalization and Data area (there uncheck the box under “Disable customization”).
MICROSOFT BING ADS
On our website we use conversion tracking from Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA. Microsoft Bing Ads stores a cookie on your computer if you have accessed our website via a Microsoft Bing ad. In this way, Microsoft Bing and we can recognize that someone has clicked on an ad, was redirected to our website and has reached a predetermined target page (conversion page). We only learn the total number of users who clicked on a Bing ad and were then forwarded to the conversion page. No personal information on the identity of the user is communicated.
If you do not want information about your behavior to be used by Microsoft as explained above, you can refuse the setting of a cookie required for this – for example via a browser setting that generally deactivates the automatic setting of cookies. You can also prevent the collection of the data generated by the cookie and related to your use of the website and the processing of this data by Microsoft by clicking on the following link to explain your objection. Further information on data protection and the cookies used by Microsoft and Bing Ads can be found on the Microsoft website.
BING UNIVERSAL EVENT TRACKING (UET)
On our website, Bing Ads technologies are used to collect and store data from which user profiles are created using pseudonyms. This is a service provided by Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA. This service enables us to track the activities of users on our website when they have reached our website via ads from Bing Ads. If you reach our website via such an advertisement, a cookie will be placed on your computer. A Bing UET tag is integrated on our website. This is a piece of code that, in conjunction with the cookie, is used to store some non-personal information about how the website is used. This includes, among other things, the length of stay on the website, which areas of the website were accessed and which advertisement the user used to access the website. Information about your identity is not recorded.
The information collected is transferred to Microsoft servers in the USA and stored there for a maximum of 180 days. You can prevent the collection of the data generated by the cookie and related to your use of the website and the processing of this data by deactivating the setting of cookies. This may limit the functionality of the website.
In addition, Microsoft may be able to track your usage behavior across several of your electronic devices through so-called cross-device tracking and is thus able to display personalized advertising on or in Microsoft websites and apps. You can see this behavior and deactivate here.
For more information about Bing’s analytics services, visit the Bing Ads website. You can find more information on data protection at Microsoft and Bing in the data protection regulations of Microsoft.
StackAdapt 500 – 210 King St. East Toronto, ON, Canada M5A 1J7, a demand-side platform, uses technology to collect and process data for the following purposes: optimization, retargeting, marketing, analytics. In addition, it collects personal data such as: IP address, cookie ID, user agent URL and referring page. Consent is only valid for the stated purposes.
Further information and details on the right to object can be found here.
We use the TikTok Pixel on our website. The TikTok Pixel is a TikTok advertiser tool from the two providers
- TikTok Technology Limited, 10 Earlsfort Terrace, Dublin, D02 T380, Ireland, and
- TikTok Information Technologies UK Limited, WeWork, 125 Kingsway, London, WC2B 6NH, United Kingdom (both hereinafter collectively referred to as “TikTok”).
The event data collected via the TikTok Pixel is used to target our ads and to improve ad delivery and personalized advertising. For this purpose, the event data collected on our website using the TikTok pixel is transmitted to Facebook TikTok.
Some of this event data is information that is stored in the device you are using. In addition, cookies are also used via the TikTok Pixel, via which information is stored on the device you are using. Such storage of information by the TikTok pixel or access to information that is already stored in your end device only takes place with your consent. The legal basis for the collection and transmission of personal data by us to TikTok is therefore Article 6 (1) (a) GDPR. You can revoke your consent at any time via our consent management tool.
This collection and transmission of the event data is carried out by us and TikTok as joint controllers. We have entered into a processing agreement with TikTok as joint controllers, which sets out the distribution of data protection obligations between us and TikTok. In this Agreement, we and TikTok have agreed, among other things,
- that we are responsible for providing you with all information pursuant to Art. 13, 14 GDPR on the joint processing of personal data;
- that TikTok is responsible for enabling the rights of data subjects in accordance with Art. 15 to 20 GDPR with regard to the personal data stored by Facebook Ireland after joint processing.
You can read the agreement between us and TikTok here.
TikTok is solely responsible for the processing of the transmitted event data that follows the transmission. For more information on how TikTok processes personal data, including the legal basis on which TikTok relies and how you can exercise your rights against TikTok, see TikTok’s data policy.
If you have any problems or questions, contact us directly. We’re here to help.
OUR SERVICE PROVIDERS/CONTRACTORS
Protel Air – Hotelsoftware GmbH,/ Dortmund / Hotel software for bookings and reservations
C.L.E.A.N Frankfurt Reinigung GmbH & Co. KG / Frankfurt / Room and hotel cleaning Ebuero AG – Das Büro der Zukunft / Hamburg / Telephone Support
Booking.com – Booking Holding Inc. / Frankfurt / Online Travel Agent HRS GROUP / Köln / Online Travel Agent
Expedia Inc. / Washington / Online Travel Agent Secret Escapes / London / Online Travel Agent Travelzoo / New York / Online Travel Agent HotelTonight / San Francisco / Online Travel Agent Tablet Hotels / New York / Online Travel Agent
HotelNet Solutions GmbH / Berlin / Homepage Provider/Channel Manager Datev eG / Nürnberg / data processing v. Accounting and tax records
Stefert, Sättele & Partner GmbH / Kelheim / data processing v. wages and taxes BFS Bader, Forster, Schubert / Offenbach / declarations and financial statements ICO Innovative Computer GmbH / Dietz / IT Support
Dataworxx / Bruchköbel / IT Support
Ariane Systems Group / Paris / Check In Kiosk
Cocardis GmbH / Eschborn / Provision of KK readers / billing turnover Orderbird AG / Berlin /Bereitstellung KK-Lesegeräte / Billing and cash bookings