Privacy Policy

Please note that the English translation is for convenience only. The legally binding version is the German one.

We take the protection of your data very seriously and operate this website www.hotel-clemens-august.de in accordance with the applicable legal provisions on data protection with the inclusion of the requirements of the EU General Data Protection Regulation (hereinafter: DSGVO). In the following, we inform you about the type and scope of the processing of your personal data, as well as the rights to which you are entitled.

1. contact details

The responsible party within the meaning of the General Data Protection Regulation (hereinafter: DSGVO) is:.

Hotel Restaurant Clemens August GmbH
Burgstr. 54
59387 Ascheberg-Davensberg
Germany

Phone: +49 (0)2593 604-0
E-mail: info[at]hotel-clemens-august.de
Fax: +49 (0)2593 604-178

The data protection officer of the responsible person is:
Andreas Kempa
E-mail: datenschutz[at]hotel-clemens-august.de

2. data processing when calling up our website

When you call up our website www.hotel-clemens-august.de, information is automatically sent to the server of our website by the browser used on your end device. This information is temporarily stored in a so-called log file. The following information is collected without your intervention and stored until automatic deletion:

IP address of the requesting computer,
Date and time of access,
name and URL of the file accessed,
the website from which the access was made (referrer URL),
the browser used by you and, if applicable, the operating system of your Internet-enabled computer.

The legal basis for the data processing is Art. 6 para. 1 letter f) DSGVO. In no case do we use the collected data for the purpose of drawing conclusions about your person. The legitimate interest is based on the following purposes:

Ensuring a smooth connection set-up of the website,
Ensuring and optimising the user-friendliness and handling of our website,
guaranteeing system security and stability
as well as to avert danger/prosecute in the event of a cyber attack.

In addition, we use cookies when you visit our website. You will find more detailed explanations in the section Cookies below.

3. data security

Appropriate technical and organisational measures are taken to protect your data against accidental or unlawful destruction, disclosure, access, manipulation or loss and against other misuse.

For your security, your data is encrypted using an SSL (Secure Socket Layer) website certificate. The certificate we use has an encryption depth of 256 bits, which can usually be processed by modern browsers without any problems. You can recognise a secure SSL connection, among other things, by the appended s at the http (i.e. http://...) in the address bar of your browser or by the lock symbol in the lower area of your browser.

Please bear in mind that security when using the Internet depends on various circumstances and cannot be completely guaranteed at all times.

4. data deletion and storage period

Data that we store will be blocked for further use once the corresponding authorisation no longer applies, in particular once the purpose has been achieved, and will be deleted once the retention periods under tax and commercial law have expired, unless you have expressly consented to the further use of your data or something else has been contractually agreed.

Data that you enter as part of an application process will be stored for a maximum of 6 months.

5. children and young people

Our services are generally aimed at adults. Persons under the age of 18 should not transmit any personal data to us without the consent of their parents or legal guardians.

6. third party websites

We have no control over the current content of third party websites linked through the Website and the way in which these websites are operated. We are not responsible for the privacy practices or the content of such websites.

7. transfer of data

Your personal data will not be passed on to third parties without good reason.

Possible reasons for passing on your personal data to third parties may be:

you have given your express consent to this in accordance with Art. 6 Para. 1 Letter a) DSGVO,
the disclosure is necessary for the assertion, exercise or defence of legal claims pursuant to Art. 6 (1) (f) DSGVO and there is no reason to assume that you have an overriding interest worthy of protection in the non-disclosure of your data,
in the event that there is a legal obligation for disclosure pursuant to Art. 6 (1) (c) DSGVO, as well as
this is legally permissible and necessary for the processing of contractual relationships with you in accordance with Art. 6 Para. 1 Letter b) DSGVO.

8. categories of recipients / external service providers

We also outsource various services to external service providers (hereinafter: recipients), which we carefully select and review. We list the categories of recipients below:

Contractors.
We pass on various personal data as data controllers to our contract processors as part of contract data processing. We have ensured the security of your data by entering into commissioned data processing agreements.

Our commissioned processors fall into the following categories:

Provision of services: This includes web hosting and programming of this website, newsletter delivery, payment service providers.
Operation of services, maintenance and care of hardware and software.

We only disclose data to authorities and third parties in accordance with legal regulations or a court order. Information to authorities may be provided on the basis of a legal provision for the prevention of danger or for criminal prosecution. Third parties will only receive information if a legal regulation provides for this.

9. data processing through explicit contact

Data is recorded and collected that you explicitly provide to us yourself. For example, in the case of individual customer contact by e-mail, telephone or on our website when you use the option to enter data (by using forms). The data intended to be collected will be communicated to you according to their nature before the respective operation, if they do not result from the nature of the operation in question.

10. data processing when using the contact form

If you have any questions, we offer you the possibility of contacting us via a form provided on the website. In doing so, it is necessary to provide a valid e-mail address so that we know who the enquiry is from and so that we can answer it. We also collect additional mandatory information in order to simplify communication with you and to avoid queries. The mandatory fields are marked in bold or by a (*) symbol. Further information can be provided voluntarily.

Data processing for the purpose of contacting us is carried out in accordance with Art. 6 Para. 1 Letter a) DSGVO on the basis of your voluntarily given consent.

11. data processing when using our booking forms

When you submit a booking or enquiry, it is necessary for the process that you provide your personal data, which we need to process your enquiry. Necessary mandatory information is marked in bold or by a (*) symbol in each case. Further information can be provided voluntarily. We process the data you provide only for the purpose of processing your enquiry or booking.

Data processing for the purpose of booking or enquiries with us is carried out in accordance with Art. 6 Para. 1 Letter a) DSGVO on the basis of your voluntarily given consent.

12. data processing for advertising purposes

Data processing for advertising purposes generally constitutes a legitimate interest pursuant to Article 6 (1) (f) DSGVO.

Furthermore, data processing is carried out under the conditions of Section 7 (3) UWG.

If you are registered or listed as a customer with us, we process your contact data and inform you about products and services as well as relevant news independently of the newsletter subscription.

You have a separate right to object to data processing for advertising purposes at any time and free of charge for the respective communication channel with effect for the future. By objecting, the contact address concerned will be blocked for the respective communication channel for further data processing for advertising purposes. You can lodge the objection by e-mail or by post to the contact details given.

13. Data processing in e-mail campaigns / newsletters

We only send e-mail campaigns (e.g. newsletters) with the consent of the recipient pursuant to Art. 6(1)(a) DSGVO. The data entered when registering for the information service is used exclusively for this purpose. By registering, you will receive information on new or interesting products or services, competitions and events via various e-mail campaigns. We thereby pursue our own advertising and information purposes.

The subscription to the newsletter is carried out in the so-called double opt-in procedure. By entering your e-mail address, you will receive an e-mail after registration asking you to confirm your registration. In this way, we ensure that no one can register with a foreign identity. We log the receipt of the registration for the newsletter by storing the IP address of the calling computer as well as the date and time of registration.

The data is used exclusively for sending the newsletter and is not passed on to third parties.

Consent to receive e-mail campaigns can be revoked at any time for the respective e-mail campaign. The link for revocation can be found at the end of each e-mail.

You can also conveniently unsubscribe online at any time using the unsubscribe form at http://www.hotel-clemens-august.de/newsletter.

14. cookies

We use cookies on our website. These are small files that are automatically created by your browser and stored on your end device (laptop, tablet, smartphone or similar) when you visit our site. Cookies do not cause any damage to your end device and do not contain any viruses, Trojans or other malware.

Information is stored in a cookie that is related to the specific end device used. However, this does not mean that we gain direct knowledge of your identity.

The data processed by cookies is necessary for the aforementioned purposes to protect our legitimate interests pursuant to Art. 6 (1) (f) DSGVO.

Most browsers accept cookies automatically. However, you can configure your browser so that no cookies are stored on your computer or a notice always appears before a new cookie is created. However, a complete deactivation of cookies may mean that you cannot use all the functions of our website.

The storage period of cookies depends on their purpose and is not the same for all.

We use the following types of cookies:

Session cookies.
The use of cookies serves, on the one hand, to make the use of our offer more pleasant for you. We use so-called session cookies to recognise that you have already visited individual pages of our website. These are automatically deleted after you leave our site.

Temporary cookies
In order to optimise user-friendliness, we also use temporary cookies that are stored on your terminal device for a certain fixed period of time. If you visit our site again to use our services, it is automatically recognised that you have already been with us and which entries and settings you have made so that you do not have to enter them again.

15. analysis and tracking tools

We do not use any analysis or tracking tools on our website. -

16. social media plugins and tools

We use social media plugins on our website pursuant to Art. 6(1)(a), (f) DSGVO in order to make us better known or to offer you an additional benefit. The advertising purposes therein constitute a legitimate interest for us. The responsibility for data protection-compliant operation is to be ensured by their respective providers.

Google Maps
This site uses the mapping service Google Maps via an API. The provider is Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

To use the functions of Google Maps, it is necessary to store your IP address. This information is usually transferred to a Google server in the USA and stored there. The provider of this site has no influence on this data transmission.

Google Maps is used in the interest of an attractive presentation of our online offers and to make it easy to find the places we indicate on the website.

More information on the handling of user data can be found in Google's privacy policy: http://www.google.de/intl/de/policies/privacy/.

Chatbot "Clementine"
We use a chatbot on our website (we call it "Clementine"), provided by GPT-Trainer. GPT-Trainer is a Software-as-a-Service provider, offering its services online. The systems of the provider undergo regular testing, and in the process of securing ISO 27001 certification, industry-leading standards are followed. This ensures a high level of security and data protection for the data transmitted when using the chatbot.

The data you provide us through the chatbot is stored on servers hosted by Amazon Web Services (AWS) in Oregon, USA. When using the chatbot, only your IP address and the chat history are stored. No further information is required from you for its use.

Chat histories are typically retained for a maximum of 30 days. If you wish for your chat history to be deleted before this period elapses, please send the exact time (start and end of the chat) to the email address datenschutz[at]hotel-clemens-august.de. We will promptly process your request and remove the corresponding chat history from the server side.

17. your rights

Right of access
You can request information about the purposes of processing, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the origin of your data if it has not been collected directly from you.

Right of rectification
You may request that inaccurate data be corrected or that correct data be completed.

Right to erasure
You may request the erasure of your personal data if one of the following reasons applies and to the extent that the processing is not necessary:

The personal data was collected or otherwise processed for such purposes for which it is no longer necessary.
You withdraw your consent on which the processing was based and there is no other legal basis for the processing.
You object to the processing pursuant to Article 21(1) of the GDPR and there are no overriding legitimate grounds for the processing, or you object to the processing pursuant to Article 21(2) of the GDPR.
The personal data have been processed unlawfully.
The erasure of the personal data is necessary for compliance with a legal obligation under Union or Member State law to which we are subject.
The personal data has been collected in relation to information society services offered in accordance with Article 8(1) of the GDPR.

Right to data portability
You may have the data you have provided transferred to you in a commonly used, machine-readable format or request that it be transferred to another controller.

Right to complain.
To do this, you can contact the supervisory authority in the member state of your usual place of residence or our competent supervisory authority.

Right to restriction
You may assert the right to restriction of data processing if the accuracy of the personal data is contested, processing is unlawful and the data subject refuses to erase the personal data and instead requests restriction of the use of the personal data, the controller no longer needs the personal data for the purposes of processing but the data subject needs it to assert, exercise or defend legal claims, or the data subject objects to the processing pursuant to Article 21 DSGVO. Article 21 of the GDPR, as long as it has not yet been determined whether the legitimate grounds of the controller override those of the data subject.

Right of objection
The general right to object applies to all processing purposes described here, which are processed on the legal basis of Art. 6(1)(f) DSGVO. Unlike the data processing described under the item "Data processing for advertising purposes", we are only obliged to implement the objection if you provide reasons of overriding importance arising from a specific situation.

18. up-to-dateness and amendment of this data protection declaration

This data protection declaration is currently valid and has the status February 2024.

Due to the further development of our website and offers on it or due to changed legal or official requirements, it may become necessary to change this data protection declaration. You can access and print out the current data protection declaration at any time on the website at https://www.hotel-clemens-august.de/datenschutz.