General notice and mandatory information
Designation of the responsible body
The responsible body for data processing on this website is:
The responsible body decides alone or jointly with others on the purposes and means of the processing of personal data (e.g. names, contact details or similar).
Server log files
In server log files, the provider of the website automatically collects and stores information that your browser automatically transmits to us. These are:
- name of the accessed website
- file, date and time of the retrieval
- amount of data transferred
- message about successful retrieval
- browser type and browser version
- the user's operating system
- referrer URL (the previously visited page)
- your IP address
There is no merging of this data with other data sources. The data processing is based on Art. 6 (1) lit. b DSGVO, which permits the processing of data for the fulfillment of a contract or pre-contractual measures.
SSL or TLS encryption
For security reasons and to protect the transmission of confidential content that you send to us as site operator, our website uses SSL or TLS encryption. This means that data you transmit via this website cannot be read by third parties. You can recognize an encrypted connection by the "https://" address line of your browser and the lock symbol in the browser line.
Right to data portability
You have the right to have data that we process automatically on the basis of your consent or in fulfillment of a contract handed over to you or to third parties. The data will be provided in a machine-readable format. If you request the direct transfer of the data to another responsible party, this will only be done insofar as it is technically feasible.
Data transmitted via inquiry form, including your contact data, will be stored in order to process your inquiry or to be available for follow-up questions. This data will not be passed on without your consent.
The processing of the data entered in the inquiry form is based exclusively on your consent (Art. 6 para. 1 lit. a DSGVO). A revocation of your already given consent is possible at any time. For the revocation, an informal communication by e-mail to info (at) spahotel-weimar.de is sufficient. The legality of the data processing operations carried out until the revocation remains unaffected by the revocation.
Data transmitted via the inquiry form will remain with us until you request us to delete it, revoke your consent to store it, or there is no longer any need to store the data. Mandatory legal provisions - in particular retention periods - remain unaffected.
To send our newsletter, we need an e-mail address from you. Additional data is not collected or is voluntary. The data is used exclusively for sending the newsletter.
The data provided during the newsletter registration will be processed exclusively on the basis of your consent (Art. 6 para. 1 lit. a DSGVO). A revocation of your already given consent is possible at any time. For the revocation, an informal message by e-mail to marketing (at) spahotel-weimar.de or use our "unsubscribe newsletter" page is sufficient. The legality of the data processing operations already carried out remains unaffected by the revocation.
Data entered to set up the subscription will be deleted in the event of unsubscription. If this data has been transmitted to us for other purposes and elsewhere, it will remain with us.
When you choose to make an online reservation on our website, you will be connected to a booking system provided by our partner Bookassist. The provider of the booking system is Automatic Netware Limited, acting as Bookassist, 1st Floor South Block, Rockfield Central, Dublin D16 R6V0, Ireland. All information is transmitted securely using SSL or TLS encryption and is protected against disclosure to third parties. Bookassist is certified according to PCI DSS (Payment Card Industry Data Security Standards). The use of the services of Bookassist is based on Art. 6 para. 1 lit. f DSGVO.
Integration of TrustYou
On this website, functions of the service TrustYou are integrated. The provider of these functions is TrustYou GmbH, Steinerstraße 15, 81369 Munich, Germany. TrustYou collects and analyzes guest reviews, questionnaires and social media posts. Your reviews are the ideal and most efficient way for us to improve our service.
The data processing is based on Art. 6 (1) lit. f DSGVO. Reviews that you voluntarily provide to TrustYou are received, stored and processed there.
Use of the Issuu platform
On our website, we use the services of the electronic publishing platform Issuu. The provider of the platform is Issuu Inc, 131 Lytton Ave, Palo Alto, CA 94301, USA. Issuu Inc. may set cookies and transfer browser data to Issuu Inc. in the USA.
Issuu is used in the interest of an appealing presentation of our online offers. This represents a legitimate interest within the meaning of Art. 6 (1) lit. f DSGVO.
Information on the data protection provisions of Issuu Inc. can be viewed at the following link: https://issuu.com/legal/privacy
Registration on this website
To use certain functions, you can register via our website. The data processing is carried out by our partner PC CADDIE://online. The provider of the club portal is PC CADDIE://online GmbH & Co. KG, Stubber Weg 39, 23847 Pölitz, Germany. All information is transmitted securely using SSL or TLS encryption and is protected against disclosure to third parties.
The use of PCCADDIE://online services is in the interest of an appealing presentation of our online offers. This represents a legitimate interest within the meaning of Art. 6 Para. 1 lit. f DSGVO.
For integration and display of video content, our website uses plugins from YouTube. The provider of the video portal is YouTube LLC, 901 Cherry Ave, San Bruno, CA 94066, USA.
When a page with an integrated YouTube plugin is called up, a connection to the YouTube servers is established. YouTube thereby learns which of our pages you have accessed. YouTube can assign your surfing behavior directly to your personal profile if you are logged into your YouTube account. By logging out beforehand, you have the option to prevent this.
YouTube is used in the interest of an appealing presentation of our online offers. This represents a legitimate interest within the meaning of Art. 6 para. 1 lit. f DSGVO.
Revocation of your consent to data processing
Some data processing operations are only possible with your express consent. A revocation of your already given consent is possible at any time. For the revocation, an informal communication by e-mail to info (at) spahotel-weimar.de is sufficient. The legality of the data processing carried out until the revocation remains unaffected by the revocation.
Right to complain to the competent supervisory authority
As a data subject, you have the right to complain to the competent supervisory authority in the event of a data protection violation. The competent supervisory authority regarding data protection issues is the State Data Protection Commissioner of Thuringia.
The following link refers to its contact details: https://www.tlfdi.de
We reserve the right to adapt this data protection statement so that it always complies with the current legal requirements or to implement changes to our services in the data protection statement, e.g. when introducing new services. The new data protection statement will then apply to your next visit.
Questions to the data protection officer
If you have any questions about data protection, please email us at info (at) spahotel-weimar.de or contact the person responsible for data protection in our organization directly. The contact details of our data protection officer can be found in our imprint.