Privacy Policy

General note and mandatory information

Designation of the responsible body

The controller responsible for data processing on this website is

Spa & Golf Resort Weimarer Land Betriebsgesellschaft mbH
Lindenallee 1
99444 Blankenhain, Deutschland
Phone +49 (0) 36459 6164-0
Fax +49 (0) 36459 6164-4009
E-Mail info (at) spahotel-weimar.de

The controller decides alone or jointly with others on the purposes and means of processing personal data (e.g. names, contact details, etc.).

Server log files

The provider of the website (domainfactory GmbH, Oskar-Messter-Str. 33, 85737 Ismaning, Germany) automatically collects and stores information that your browser automatically transmits to us in server log files. These are

  • Name of the website accessed
  • File, date and time of retrieval
  • Amount of data transferred
  • Notification of successful retrieval
  • Browser type and browser version
  • the user’s operating system
  • Referrer URL (the previously visited page)
  • Your IP address

This data is not merged with other data sources. The basis for data processing is Art. 6 para. 1 lit. b GDPR, which permits the processing of data for the fulfilment of a contract or pre-contractual measures.

SSL or TLS encryption

For security reasons and to protect the transmission of confidential content that you send to us as the site operator, our website uses SSL or TLS encryption. This means that data that you transmit via this website cannot be read by third parties. You can recognise an encrypted connection by the ‘https://’ address line of your browser and the lock symbol in the browser line.

Right to data portability

You have the right to have data that we process automatically on the basis of your consent or in fulfilment of a contract handed over to you or to third parties. The data will be provided in a machine-readable format. If you request the direct transfer of the data to another controller, this will only take place if it is technically feasible.

E-mail communication

E-mail communication takes place via an open network that is accessible to everyone and crosses borders. It is not encrypted. It can therefore not be ruled out that data sent in this way can be viewed by third parties and that contact with us can therefore be traced.

Enquiry form

Data submitted via the enquiry form, including your contact details, will be stored in order to process your enquiry or to be available for follow-up questions. This data will not be passed on without your consent.

The data entered in the enquiry form is processed exclusively on the basis of your consent (Art. 6 para. 1 lit. a GDPR). You can withdraw your consent at any time. An informal notification by email to info (at) spahotel-weimar.de is sufficient to revoke your consent. The legality of the data processing operations carried out until the revocation remains unaffected by the revocation.

Data transmitted via the enquiry form will remain with us until you ask us to delete it, revoke your consent to storage or there is no longer any need to store the data. Mandatory statutory provisions – in particular retention periods – remain unaffected.

Newsletter data

To send our newsletter, we need an e-mail address from you. Additional data is not collected or is voluntary. The data is used exclusively for sending the newsletter.

The data provided when registering for the newsletter will be processed exclusively on the basis of your consent (Art. 6 para. 1 lit. a GDPR). You can withdraw your consent at any time. To withdraw your consent, simply send an informal email to marketing (at) spahotel-weimar.de or use the unsubscribe function in the newsletter itself. The legality of the data processing operations that have already taken place remains unaffected by the cancellation.

Data entered to set up the subscription will be deleted in the event of cancellation. If this data has been transmitted to us for other purposes and elsewhere, it will remain with us.

Use of PC CADDIE://online services

We use the services of PC CADDIE to enable you to register for tournaments online. These services are provided by ‘PC CADDIE://online GmbH & Co. KG’, Stubber Weg 39, 23847 Pölitz, Germany. When you call up a web page on our website with an embedded tournament calendar, tournament registration, tournament start lists, tournament results, start time reservation or scorecards, a connection to PC CADDIE servers is established in order to display the corresponding element. For technical reasons, data is transferred from your browser to PC CADDIE. If you are logged in as a member in order to use other functions such as tournament registrations, start time reservations, etc., the data required to process your tournament registration/reservation/etc. will be transmitted to PC CADDIE as a technical service provider via a secure connection. The data will not be passed on to other third parties.

PC CADDIE uses so-called cookies to save your login status. If you have deactivated the storage of cookies in your Internet browser, this can lead to a restriction of the functions and user-friendliness of PC CADDIE. Further information on cookies can be found in the ‘Cookies’ section of this privacy policy.

Further information on data processing and notes on data protection by PC CADDIE can be found at https://www.pccaddie.net/clubs/0491627/app.php?cat=policy

Integration of TrustYou

Functions of the TrustYou service are integrated on this website. The provider of these functions is TrustYou GmbH, Steinerstraße 15, 81369 Munich, Germany. TrustYou collects and analyses guest reviews, questionnaires and social media posts. Your reviews are the ideal and most efficient way for us to improve our service.

Data processing is carried out on the basis of Art. 6 para. 1 lit. f GDPR. Reviews that you voluntarily submit to TrustYou are received, stored and processed there.

Further information on this can be found in TrustYou’s privacy policy. https://www.trustyou.com/privacy-policy/

Use of the Issuu platform

We use the services of the electronic publishing platform Issuu on our website. The provider of the platform is Issuu Inc, 131 Lytton Ave, Palo Alto, CA 94301, USA. Cookies may be set by Issuu Inc. and browser data may be transferred to Issuu Inc. in the USA.

The use of Issuu is in the interest of an appealing presentation of our online offers. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR.

Information on the privacy policy of Issuu Inc. can be found at the following link: https://issuu.com/legal/privacy

YouTube

Our website uses plugins from YouTube to integrate and display video content. The provider of the video portal is YouTube LLC, 901 Cherry Ave, San Bruno, CA 94066, USA.

When a page with an integrated YouTube plugin is accessed, a connection to the YouTube servers is established. This tells YouTube which of our pages you have visited. YouTube can assign your surfing behaviour directly to your personal profile if you are logged into your YouTube account. You can prevent this by logging out beforehand.

The use of YouTube is in the interest of an appealing presentation of our online offers. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR.

Details on the handling of user data can be found in YouTube’s privacy policy at: https://policies.google.com/privacy/update?hl=de&gl=de

Secure reservations

If you decide to make an online reservation on our website, you will be connected to a booking system provided by our partner Bookassist. The provider of the booking system is Automatic Netware Limited, trading as Bookassist, 1st Floor South Block, Rockfield Central, Dublin D16 R6V0, Ireland. All information is transmitted securely using SSL or TLS encryption and is protected against disclosure to third parties. Bookassist is certified in accordance with PCI DSS (Payment Card Industry Data Security Standards). The use of Bookassist’s services is based on Art. 6 para. 1 lit. f GDPR.

You can read Bookassist’s security, cookie and data protection policy and cancellation policy here: https://www.bookassist.com/global/security.jsp (English)

Online payments

If you make an online payment, secure payment processing takes place via a paylink from the payment provider Concardis GmbH, Helfmann-Park 7, 65760 Eschborn, Germany.

The credit card data required for this purpose (card number, validity and verification number) are recorded and processed in encrypted form exclusively by the payment provider and not by the responsible body, are not forwarded and cannot be viewed by the hotel. Concardis GmbH is certified in accordance with PCI DSS (Payment Card Industry Data Security Standards). The payment provider is used on the basis of Art. 6 para. 1 lit. f GDPR.

You can read Concardis’ security, cookie and data protection policy and cancellation policy here https://www.concardis.com/datenschutz

CCM19

Our website uses CCM19 to obtain your consent to the storage of certain cookies on your end device or to the use of certain technologies and to document these in compliance with data protection regulations. The provider of this technology is Papoo Software & Media GmbH, Auguststr. 4, 53229 Bonn (hereinafter referred to as ‘CCM19’).

When you enter our website, a connection is established to the CCM19 servers in order to obtain your consent and other declarations regarding the use of cookies. CCM19 then stores a cookie in your browser in order to be able to assign the consents you have given or revoke them. The data collected in this way is stored until you ask us to delete it, delete the CCM19 cookie yourself or the purpose for data storage no longer applies. Mandatory statutory retention obligations remain unaffected. CCM19 is used to obtain the legally required consent for the use of cookies. The legal basis for this is Art. 6 para. 1 sentence 1 lit. c GDPR.

Order processing

We have concluded a data processing agreement (DPA) for the use of the above-mentioned service. This is a contract prescribed by data protection law, which guarantees that it processes the personal data of our website visitors only in accordance with our instructions and in compliance with the GDPR.

Revocation of your consent to data processing

Some data processing operations are only possible with your express consent. You can withdraw your consent at any time. To withdraw your consent, simply send an informal e-mail to
info (at) spahotel-weimar.de. The legality of the data processing carried out until the revocation remains unaffected by the revocation.

Right to lodge a complaint with the competent supervisory authority

As a data subject, you have the right to lodge a complaint with the competent supervisory authority in the event of a breach of data protection law. The competent supervisory authority for data protection issues is the State Data Protection Officer of Thuringia.

The following link refers to its contact details: https://www.tlfdi.de

Questions for the data protection officer

If you have any questions about data protection, please send us an email to info (at) spahotel-weimar.de or contact the person responsible for data protection in our organisation directly. You can find the contact details of our data protection officer in our legal notice.

Changes to our privacy policy

We reserve the right to amend this privacy policy so that it always complies with current legal requirements or to implement changes to our services in the privacy policy, e.g. when introducing new services. The new privacy policy will then apply to your next visit.

Cookies

This website uses cookies and similar functions to process end device information and personal data. The processing serves the integration of content, external services and elements of third parties, statistical analysis/measurement, personalised advertising and the integration of social media. Depending on the function, data is passed on to third parties and to third parties in countries that do not have an adequate level of data protection and is processed by them, e.g. the USA. Your consent is always voluntary, is not required for the use of our website and can be refused or revoked at any time on our website.
Your current status: individually selected
Your consent ID: b826c8356378924c
Consent date: 4.10.2024, 13:29:50

Change consent

Technically necessary

Popup

Publisher

golfresort-weimarerland.de

Cookies:

Name Service life Description
popup 1 day Retains the state of the pop-up for all page requests.

Cookie Consent Manager CCM19

Publisher

Spa & Golf Resort Weimarer Land Betriebsgesellschaft mbH

Description

Used to save the cookie consent – which cookies may be set. The status of the cookie settings can be set for you. The data is stored in categories.

Link to the privacy policy

Privacy policy

Local Storage:

Name Service life Description
ccm_consent 1 day Used to store the cookie consent agreement, which specifies which cookies can be set.

Legal basis

EU: Art. 6 para. 1 s. 1 lit. c GDPR, § 25 (2.2) TDDDG
Switzerland: Art. 17 sentence 1 b.2) DSG

Place of processing

Blankenhain