Terms & Conditions

General information about the processing of your data
We are legally obliged to inform you about the processing of your personal data (hereinafter referred to as “data”) when you use our website. We take the protection of your personal data very seriously. This data protection notice informs you about the details of the processing of your data and your legal rights in this regard. For terms such as “personal data” or “processing”, the legal definitions from Art. 4 GDPR are authoritative. We reserve the right to adapt the privacy policy with effect for the future, in particular in the event of further development of the website, the use of new technologies or changes to the legal basis or the corresponding case law. We recommend that you read the data protection declaration from time to time and take a printout or copy for your records.

Scope of application
The privacy policy applies to all pages of www.hotellamm.com. It does not extend to any linked websites or internet presences of other providers.

Responsible

is responsible for the processing of personal data within the scope of this privacy policy:

Best Western Hotel Lamm Singen

B.W. Hotel Lamm Singen GmbH
Alemannenstraße 42

78224 Singen

Phone : +49 7731- 4020
Fax : +49 7731- 402 200
E-Mail : Info@hotellammsinden.de
Internet : http://www.hotellamm.com

Questions about data protection
If you have any questions about data protection with regard to our company or our website, you can contact our data protection officer:

SPIRIT LEGAL Fuhrmann Hense Partnerschaft von Rechtsanwälten

Lawyer and data protection officer

Peter Hense

Postal address:

Data Protection Officer

c/o B.W. Hotel Lamm Singen GmbH / Alemannenstraße 42 / 78224 Singen

Contact via the encrypted online form:

Contact data protection officer

Security
We have taken comprehensive technical and organizational precautions to protect your personal data from unauthorized access, misuse, loss and other external interference. To this end, we regularly review our security measures and adapt them to the state of the art.

Your rights
You have the following rights with regard to the personal data concerning you, which you can assert against us:

Right to information: You can request information about your personal data that we process in accordance with Art. 15 GDPR.
Right to rectification: If the information concerning you is not (or no longer) accurate, you can request rectification in accordance with Art. 16 GDPR. If your data is incomplete, you can request that it be completed.
Right to erasure: You can request the erasure of your personal data in accordance with Art. 17 GDPR.
Right to restriction of processing: In accordance with Art. 18 GDPR, you have the right to request the restriction of your personal data.

Right to object to processing: You have the right to object, on grounds relating to your particular situation, at any time to processing of your personal data which is based on Art. 6 para. 1 sentence 1 lit. e) or lit. f) GDPR in accordance with Art. 21 para. 1 GDPR. In this case, we will no longer process your data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, including where the processing serves the establishment, exercise or defense of legal claims (Art. 21 (1) GDPR). You also have the right to object at any time to the processing of personal data concerning you for the purpose of direct marketing in accordance with Art. 21 para. 2 GDPR; this also applies to any profiling insofar as it is associated with such direct marketing. We draw your attention to the right to object in this privacy policy in connection with the respective processing.
Right to withdraw your consent: If you have given your consent for processing, you have the right to withdraw your consent in accordance with Art. 7 (3) GDPR.

Right to data portability: You have the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format (“data portability”) and the right to transmit those data to another controller where the requirements of Art. 20(1)(a), (b) GDPR are met (Art. 20 GDPR).
You can assert your rights by sending a message to the contact details specified in the “Controller” section or to the data protection officer appointed by us.

If you believe that the processing of your personal data violates data protection law, you also have the right to lodge a complaint with a data protection supervisory authority of your choice in accordance with Art. 77 GDPR. This also includes the data protection supervisory authority responsible for the controller: The State Commissioner for Data Protection of Lower Saxony, P.O. Box 221, 30002 Hanover, Tel.: 0511/120-4500, Fax: 0511 120-4599, e-mail: poststelle@lfd.niedersachsen.de.

Use of our website
In principle, you can use our website for purely informational purposes without disclosing your identity. When accessing the individual pages of the website in this sense, only access data is transmitted to our web space provider so that the website can be displayed to you. The following data is processed:

Browser type/browser version,
operating system used,
language and version of the browser software,
date and time of access,
host name of the accessing end device,
IP address,
content of the request (specific website),
access status/HTTP status code,
websites accessed via the website,
referrer URL (the previously visited website),
message as to whether the access was successful,
time zone difference to GMT and amount of data transferred

The temporary processing of this data is necessary to technically enable the course of a website visit and delivery of the website to your end device. The access data is not used to identify individual users and is not merged with other data sources. Further storage in log files takes place in order to ensure the functionality of the website and the security of the information technology systems. The legal basis for processing is Art. 6 para. 1 sentence 1 lit. f) GDPR. Our legitimate interests lie in ensuring the functionality of the website and the integrity and security of the website. Storing access data in log files, in particular the IP address, for a longer period of time enables us to detect and prevent misuse. This includes, for example, the defense against requests that overload the service or any bot usage. The access data is deleted as soon as it is no longer required to achieve the purpose for which it was processed. In the case of the collection of data for the provision of the website, this is the case when you end your visit to the website. The log data is always stored directly and only accessible to administrators and is deleted after seven days at the latest. After that, they are only available indirectly via the reconstruction of backup tapes and are deleted after a maximum of four weeks.
You can object to the processing. You have the right to object on grounds relating to your particular situation. You can send us your objection using the contact details provided in the “Controller” section.

Tracking
In addition to the aforementioned access data, so-called cookies, pixels, browser fingerprinting or other tracking technologies are used when using the website. Cookies are small text files with a sequence of numbers that are stored locally in the cache of the browser used. Pixels are one-pixel images that are not transparent or are created in the background color of the website and are therefore not visible to the user. The pixel also records information about your user behavior on the website. Fingerprinting technologies generate a unique fingerprint based on the browser settings and thus identify an individual browser. Using a script that every Internet browser executes automatically, information such as the screen resolution, fonts used, operating system, hardware information and integrated browser plug-ins can be collected, which in their specific combination can ultimately be traced back to a specific user. Tracking technologies are used to make our website more user-friendly. The use of tracking technologies may be technically necessary or for other purposes (e.g. analysis/evaluation of website use).

Technically necessary elements
Some elements of our website require that the accessing browser can be identified even after a page change. The following data is processed in the technically necessary elements, in particular cookies or similar methods of terminal device access, for the purpose of carrying out or facilitating electronic communication and providing an information society service requested by the user:

Language settings,
Items in the shopping cart,

The user data collected by technically necessary elements are not processed to create user profiles. We also use so-called “session cookies”, which store a session ID that can be used to assign various requests from your browser to the joint session. “Session cookies” are necessary for the use of the website. In particular, they allow us to recognize the device you are using when you return to the website. We use this cookie to recognize you on subsequent visits to the website. The legal basis for this processing is Art. 6 para. 1 sentence 1 lit. f) GDPR. Our legitimate interests in the processing are to provide the aforementioned special functionalities and thereby make the use of the website more attractive and effective. The “session cookies” are deleted depending on which browser you use and which browser settings you have made when you close the browser.

You can object to the processing. You have the right to object on grounds relating to your particular situation. You can send us your objection using the contact details provided in the “Controller” section.

Technically unnecessary tracking
We also use cookies, pixels, browser fingerprinting and other tracking technologies on the website to enable an analysis of users' surfing behavior. For example, the following data is stored and processed:

Language settings,
items in the shopping cart,
log-in information.

The legal basis for this processing is your consent in accordance with Art. 6 para. 1 sentence 1 lit. a) GDPR. Cookies, pixels and other tracking technologies that are not technically necessary are automatically deleted after a specified period, which may vary depending on the tracking method. If we integrate third-party cookies or pixels and similar tracking technologies into our website, we will inform you of this separately below.

You can withdraw your consent to the processing of the respective provider at any time by moving back the slider in the “Individual data protection settings” of the consent tool. The legality of the processing remains unaffected until the revocation is exercised.

Cookies
Our Internet pages use so-called “cookies”. Cookies are small text files and do not cause any damage to your end device. They are stored on your device either temporarily for the duration of a session (session cookies) or permanently (permanent cookies). Session cookies are automatically deleted at the end of your visit. Permanent cookies remain stored on your end device until you delete them yourself or they are automatically deleted by your web browser. In some cases, cookies from third-party companies may also be stored on your device when you visit our website (third-party cookies). These enable us or you to use certain services of the third-party company (e.g. cookies for processing payment services).

Cookies have various functions. Many cookies are technically necessary, as certain website functions would not work without them (e.g. the shopping cart function or the display of videos). Other cookies are used to evaluate user behavior or display advertising. Cookies that are required to carry out the electronic communication process, to provide certain functions that you have requested (e.g. for the shopping cart function) or to optimize the website (e.g. cookies to measure the web audience) (necessary cookies) are stored on the basis of Art. 6 para. 1 lit. f GDPR, unless another legal basis is specified.

The website operator has a legitimate interest in the storage of necessary cookies for the technically error-free and optimized provision of its services. If consent to the storage of cookies and comparable recognition technologies has been requested, the processing is carried out exclusively on the basis of this consent (Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG); the consent can be revoked at any time.

You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general and activate the automatic deletion of cookies when closing the browser. If cookies are deactivated, the functionality of this website may be restricted.

If cookies are used by third-party companies or for analysis purposes, we will inform you about this separately in the context of this privacy policy and, if necessary, request your consent. You can object to the processing insofar as the processing is based on Art. 6 para. 1 sentence 1 lit. f) GDPR. You have the right to object on grounds relating to your particular situation. You can send us your objection using the contact details provided in the “Controller” section.

Google Ads Conversion
We use the “Google Ads” service from “Google” (Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, Ireland and Google, LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA; hereinafter: ‘Google’ and “Google Ads”) to draw attention to our attractive offers on external websites with the help of advertising media (formerly known as “Google AdWords”). We can determine how successful the individual advertising measures are in relation to the advertising campaign data. These advertising materials are delivered by “Google” via so-called “Ad Servers”. For this purpose, we use “Ad Server” cookies, through which certain parameters for measuring reach, such as the display of ads or clicks by users, can be measured. If you access our website via a “Google” ad, “Google Ads” will store a cookie on your end device. With the help of the cookies, “Google” processes the information generated by your device about interactions with our advertising media (accessing a specific website or clicking on an advertising medium), the data mentioned in the section “Use of our website”, in particular your IP address, browser information, the previously visited website and the date and time of the server request, for the purpose of analyzing and visualizing the reach measurement of our advertisements.For this purpose, it can also be determined whether different end devices belong to you or your household. Due to the marketing tools used, your browser automatically establishes a direct connection with the Google server. If you are registered with a “Google” service, “Google” can assign the visit to your account. Even if you are not registered with “Google” or have not logged in, it is possible that the provider will find out and process your IP address. We only receive statistical evaluations from “Google” to measure the success of our advertising material. With regard to the storage of and access to information in your terminal device, your consent is the legal basis in accordance with Section 25 (1) of the GDPR; for further processing, your consent is also the legal basis in accordance with Art. 6 (1) sentence 1 lit. a) GDPR. “Google” also processes some of the data in the USA. The EU Commission has issued an adequacy decision for data transfer to the USA. Google, LLC is certified under this. In addition, so-called standard contractual clauses have been concluded with Google, LLC in order to commit Google, LLC to an appropriate level of data protection. You can obtain a copy of the standard contractual clauses at https://cloud.google.com/terms/sccs.

The storage period at “Google” is a maximum of 26 months. Further information on data protection and the storage period at “Google” can be found at: https://policies.google.com/privacy.

You can withdraw your consent to processing at any time by moving the slider back in the “Settings” of the consent tool. The legality of the processing remains unaffected until the revocation is exercised.

Contacting our company
When you contact our company, e.g. by email or via the contact form on the website, the personal data you provide will be processed by us in order to respond to your inquiry. It is mandatory to provide a first name and surname or a pseudonym and a valid email address in order to process inquiries via the contact form on the website. The legal basis for the processing is Art. 6 para. 1 sentence 1 lit. f) GDPR or Art. 6 para. 1 sentence 1 lit. b) GDPR if the contact is aimed at concluding a contract. If the request is aimed at concluding a contract, the provision of your data is necessary and mandatory for the conclusion of a contract. If the data is not provided, it will not be possible to conclude or execute a contract in the form of making contact or processing the inquiry. The processing of personal data from the input screen is solely for the purpose of processing the contact. In the case of contact by email, this also constitutes the necessary legitimate interest in the processing of the data. The other data processed during the sending process is used to prevent misuse of the contact form and to ensure the security of our information technology systems. No data is passed on to third parties in this context. We delete the data collected in this context after the processing is no longer necessary - usually two years after the end of the communication - or, if necessary, restrict the processing to compliance with existing statutory retention obligations.

Processing for contractual purposes
We process your personal data if and insofar as this is necessary for the initiation, establishment, execution and/or termination of a legal transaction with our company. The legal basis for this results from Art. 6 para. 1 sentence 1 lit. b) GDPR. The provision of your data is then necessary for the conclusion of the contract and you are contractually obliged to provide your data, e.g. if you wish to register as a guest or speaker for an event at our company. If you do not provide your data, it will not be possible to conclude and/or execute a contract. Once the purpose has been achieved (e.g. execution of the contract), the personal data will be blocked for further processing or deleted, unless we are authorized to further processing on the basis of consent given by you (e.g. consent to the processing of the e-mail address for the sending of electronic advertising mail), a contractual agreement, a legal authorization (e.g. authorization to send direct advertising) or on the basis of legitimate interests (e.g. retention for the enforcement of claims).

Your personal data will be passed on to third parties if

it is necessary for the establishment, execution or termination of legal transactions with our company (e.g. when passing on data to a payment service provider/shipping company to process a contract with you), (Art. 6 para. 1 sentence 1 lit. b) GDPR), or
a subcontractor or vicarious agent whom we use exclusively in the context of providing the offers or services requested by you requires this data (unless you are expressly informed otherwise, such auxiliary persons are only authorized to process the data to the extent that this is necessary for the provision of the offer or service) or
there is an enforceable official order (Art. 6 para. 1 sentence 1 lit. c) GDPR), or
there is an enforceable court order (Art. 6 para. 1 sentence 1 lit. c) GDPR), or
we are required to do so by law (Art. 6 para. 1 sentence 1 lit. c) GDPR), or
processing is necessary in order to protect the vital interests of the data subject or of another natural person (Art. 6 para. 1 sentence 1 lit. d) GDPR), or
it is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in us (Art. 6 para. 1 sentence 1 lit. e) GDPR), or
we can rely on our overriding legitimate interests or those of a third party for disclosure (Art. 6 para. 1 sentence 1 lit. f) GDPR).

Your personal data will not be disclosed to other persons, companies or bodies beyond this unless you have effectively consented to such disclosure. The legal basis for processing is then Art. 6 para. 1 sentence 1 lit. a) GDPR. We will inform you of the respective recipients in the context of this data protection information with regard to the respective processing operation.

Online booking
If you wish to book a hotel room on our website in our online booking system, we process your first and last name, your address, your e-mail address, your travel dates and the desired room category. In order to initiate and conclude the contract, it is necessary and mandatory for you to provide personal data such as your name, address, duration of the trip, payment details and e-mail address. The mandatory information required for booking and contract processing is marked separately; other information is provided voluntarily. We process your data to process the booking and will forward payment data in particular to the payment service provider you have chosen or to our house bank for this purpose. We use the booking system of BWH Hotel Group Central Europe GmbH (Frankfurter Straße 10 -14, 65760 Eschborn; hereinafter: Best Western). By using the online booking system on the website, “Best Western” receives the information required to process the booking (e.g. length of stay, reservation number, accommodation). The legal basis for the processing is Art. 6 para. 1 sentence 1 lit. b) GDPR.
The provision of your data is necessary and mandatory for the conclusion and/or execution of the contract. If you do not provide your data, it will not be possible to conclude and/or execute the contract. In order to prevent unauthorized third parties from accessing your personal data, the booking process on the website is encrypted using SSL technology. We delete the data collected in this context after storage is no longer required, or restrict processing if there are statutory retention obligations. Due to mandatory commercial and tax regulations, we are obliged to store your address, payment and booking data for a period of up to ten years. Two years after termination of the contract, we restrict processing and reduce processing to compliance with existing legal obligations. Further information on data processing at “Best Western” can be found at https://www.bestwestern.de/agb-datenschutz.html.

Processing of personal data in accordance with Section 30 of the Federal Registration Act (BMG)
Accommodation facilities such as hotels in particular are obliged under Section 30 of the Federal Registration Act (BMG) to collect the following data from the guest on the day of arrival and to have the guest sign the registration form by hand or, if applicable, to have the electronically collected data confirmed by special authentication procedures within the meaning of Section 29 (5) BMG:

Date of arrival and expected departure,
surnames,
first names,
date of birth,
nationalities,
address,
number of fellow travelers and their nationality in the cases of Section 29 (2) sentences 2 and 3 BMG,
serial number of the recognized and valid passport or passport replacement document for foreign persons,
data for the collection of tourist and spa taxes.

For tour groups of more than 10 people, however, only the personal data of the tour guide is required. The tour guide must state the number of fellow travelers and their nationality. We are obliged to collect, process and pass on this data in accordance with the BMG. The legal basis for the processing results from Art. 6 para. 1 sentence 1 lit. c) GDPR in conjunction with. § 30 para. 1, para. 4, § 29 para. 2 to 5 BMG. As our guest, you are legally obliged to provide your data. If you do not provide your data, the conclusion or execution of the contract in the form of accommodation is impossible. The completed registration forms must be kept by us as an accommodation facility for submission to the responsible local regulatory authorities in order to fulfill their duties. We delete the data processed by you 1 year and 3 months after the day of your arrival or restrict the processing as soon as it is permitted under the provisions of the BMG and provided that there is no consent on your part pursuant to Art. 6 para. 1 sentence 1 lit. a) GDPR and no other legitimate interest on our part in the continued processing.

Voucher store
If you would like to purchase a voucher in our voucher store on the website, it is necessary and mandatory for the initiation and conclusion of the contract that you provide personal data such as your first and last name, your address and your e-mail address. The mandatory information required for order and contract processing is marked separately, other information is provided voluntarily. If you do not provide this information, it will not be possible to conclude a contract in the form of purchasing a voucher via the voucher store. In addition, we also process the message you may have noted as part of the voucher purchase as well as any data you may have provided in order to display it on the voucher. We process the data you provide in this context for order processing and fulfillment. For this purpose, we will in particular forward payment data to the payment service provider you have chosen or to our house bank. We use the “VoucherBooking” ordering system of the provider HotelNetSolutions (Hotel Net Solutions GmbH, Genthiner Str. 8, 10785 Berlin; hereinafter referred to as “VoucherBooking”) for the voucher store: VoucherBooking) in order to provide you with an optimal ordering process. Your order data is processed on the VoucherBooking servers. The legal basis for the processing is Art. 6 para. 1 sentence 1 lit. b) GDPR. To prevent unauthorized third parties from accessing your personal data, the ordering process on the website is encrypted using SSL technology. We delete the data collected in this context after storage is no longer necessary or restrict processing if there are statutory retention obligations. Due to mandatory commercial and tax regulations, we are obliged to store your address, payment and order data for a period of up to ten years. Two years after termination of the contract, we restrict processing and reduce processing to compliance with existing legal obligations.

Email marketing
Advertising to existing customers
We reserve the right to use the email address provided by you when booking a hotel room or registering for an event in accordance with the statutory provisions to send you the following content by email during or following your booking, provided you have not already objected to this processing of your email address:

Information about your stay and other travel-related offers from our hotel,
Information about current special offers,
Information about our hotel and services,
Individual guest advice and support,
Guest satisfaction inquiries following your stay / event visit,
Overview of possible leisure activities and events at our hotel,
Information about arrival and departure in preparation for your stay,
Invitations to events organized by our company.

If the sending of electronic information is necessary for the execution of the contract, the processing is based on the legal basis of Art. 6 para. 1 sentence 1 lit. b) GDPR. In these cases, you are contractually obliged to provide your data. If you do not provide your data, it will not be possible to send you electronic information by email as part of the execution of the contract.
If the sending of electronic information via email is not necessary for the execution or implementation of the contract (e.g. email for information purposes), the processing of your data is based on the legal basis of Art. 6 para. 1 sentence 1 lit. f) GDPR. Our legitimate interests in the aforementioned processing lie in the improvement and optimization of our services, the sending of direct advertising and ensuring guest satisfaction. We delete your data when you end the usage process, but no later than three years after the end of the contract.
We use the services of BWH Hotel Group Central Europe GmbH (Frankfurter Straße 10 -14, 65760 Eschborn, Germany; hereinafter: Best Western) to send e-mails, in particular guest satisfaction surveys by e-mail. If you have made a booking via the online booking system, the personal data you provide, in particular your name, the duration of your stay, the name of the hotel and your e-mail address, will be processed by Best Western in order to send you a guest satisfaction survey following your stay. The legal basis for the processing is Art. 6 para. 1 sentence 1 lit. f) GDPR. Our legitimate interest lies in the use of a service provider for the optimization and targeted sending and management of guest feedback. Further information, including on the storage period, can be found in Best Western's privacy policy at https://www.bestwestern.de/agb-datenschutz.html.
We would like to point out that you can object to the receipt of direct advertising and processing for the purpose of direct advertising at any time without incurring any costs other than the transmission costs according to the basic rates. You have a general right to object without giving reasons (Art. 21 (2) GDPR). To do this, click on the unsubscribe link in the respective email or send us your objection to the contact details given in the “Controller” section.

Payment Service Provider (PSP)/ Payment service provider

PayPal
On our website we offer you payment via “PayPal”. The provider of this payment service is PayPal (Europe) S.à.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter: “PayPal”). You must log into your PayPal account to pay. The payment data you provide to PayPal will be processed by PayPal for the purpose of payment processing. Further information on data processing by PayPal can be found here: https://www.paypal.com/de/webapps/mpp/ua/privacy-full. In order to assign your payment, we process your delivery/billing address, e-mail address and the selected payment method. We delete the data arising in this context after storage is no longer required, or restrict processing if there are statutory retention obligations. Due to mandatory commercial and tax regulations, we are obliged to store your address, payment and order data for a period of up to ten years. Two years after termination of the contract, we restrict processing and reduce processing to compliance with existing legal obligations.
The legal basis is Art. 6 para. 1 sentence 1 lit. b) GDPR. The provision of your payment data is necessary and mandatory for the conclusion and performance of the contract. If the payment data is not provided, it will not be possible to conclude and/or execute a contract using the “PayPal” payment method.

PayPal Plus Services without your own PayPal account
If you select the PayPal service "SEPA direct debit", "credit card" or "purchase on account" as part of your payment, PayPal (Europe) S.àr.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter "PayPal") processes the personal data collected for the purpose of payment processing. You do not need a PayPal account for this service. Further information about data processing at PayPal can be found here: https://www.paypal.com/de/webapps/mpp/ua/legalhub-full?locale.x=de_DE or https://www.paypal.com/de/webapps/mpp/ua/privacy-full?locale.x=de_DE

We process the payment method specified in this context for your booking. We delete the data arising in this context after storage is no longer required, or restrict processing if there are statutory retention obligations. Due to mandatory commercial and tax regulations, we are obliged to store your address, payment and order data for a period of up to ten years. Two years after termination of the contract, we restrict the processing and reduce the processing to compliance with existing legal obligations.

The legal basis for processing is Art. 6 para. 1 sentence 1 lit. b) GDPR. The provision of your payment data is necessary and mandatory for the conclusion and performance of the contract. If you do not provide the payment data, it will not be possible to conclude and/or execute a contract with the PayPal service you have selected.

Credit card payment
For the purpose of payment processing, we pass on the payment data required for the credit card payment to the credit institution commissioned with the payment or to the payment and invoicing service provider commissioned by us, if applicable. The processing takes place on the basis of Art. 6 para. 1 sentence 1 lit. b) GDPR. The provision of your payment data is necessary and mandatory for the conclusion or execution of the contract. If the payment data is not provided, it will not be possible to conclude and/or execute the contract by means of a credit card payment. The data required for payment processing is transmitted securely via the "SSL" procedure and processed exclusively for payment processing. We delete the data arising in this context after storage is no longer required, or restrict processing if there are statutory retention obligations. Due to mandatory commercial and tax regulations, we are obliged to store your address, payment and order data for a period of up to ten years. Two years after termination of the contract, we restrict the processing and reduce the processing to compliance with existing legal obligations.

Purchase on account
In the case of “purchase on account”, we reserve the right to forward the data you provide when ordering to external companies (e.g. Verband der Vereine Creditreform e.V., Hellersbergstraße 12, D-41460 Neuss) for the purpose of carrying out a credit check. The legal basis for the processing is Art. 6 para. 1 sentence 1 lit. f) GDPR. Our legitimate interests lie in the prevention of fraud and the avoidance of default risks, because we make advance payments for “purchase on account”.
We process the data transmitted to us by your bank as part of the “purchase on account” payment process for the purpose of invoice verification. The legal basis for this processing is Art. 6 para. 1 sentence 1 lit. b) GDPR. The provision of your payment data is necessary and mandatory for the conclusion and performance of the contract. If the payment data is not provided, it is not possible to conclude and/or execute a contract by means of a “purchase on account”. We delete the data arising in this context after storage is no longer required, or restrict processing if there are statutory retention obligations. Due to mandatory commercial and tax regulations, we are obliged to store your address, payment and order data for a period of up to ten years. Two years after termination of the contract, we will restrict processing and reduce processing to compliance with existing legal obligations.
You can object to the processing insofar as the processing is based on the legal basis of Art. 6 para. 1 sentence 1 lit. f) GDPR. You have the right to object on grounds relating to your particular situation. You can send us your objection using the contact details provided in the “Controller” section.

Legal enforcement / address investigation / debt collection
In the event of non-payment, we reserve the right to forward the data provided when placing the order to a lawyer and/or external companies (e.g. Verband der Vereine Creditreform e.V., Hellersbergstraße 12, D-41460 Neuss) for the purposes of address investigation and/or legal enforcement. The legal basis for processing is Art. 6 para. 1 sentence 1 lit. f) GDPR. Our legitimate interests lie in the prevention of fraud and the avoidance of default risks. In addition, we may pass on your data to ensure the exercise of our rights, as well as the rights of our affiliated companies, our cooperation partners, our employees and/or the users of our website and the processing is necessary in this respect. Under no circumstances will we sell or rent your data to third parties. The legal basis for processing is Art. 6 para. 1 sentence 1 lit. f) GDPR. We have a legitimate interest in processing for law enforcement purposes. We delete the data once it no longer needs to be stored or restrict processing if there are statutory retention obligations.
You can object to the processing. You have the right to object on grounds relating to your particular situation. You can send us your objection using the contact details provided in the “Controller” section.

Hosting
We use external hosting services from the provider Selbstdenker AG (Gesandtenstraße 10, 93047 Regensburg, Germany), which serve to provide the following services: Infrastructure and platform services, computing capacity, storage resources and database services, security and technical maintenance services. For these purposes, all data - including the access data mentioned under “Use of our website” - that is required for the operation and use of our website is processed. The legal basis for the processing is Art. 6 para. 1 sentence 1 lit. f) GDPR. We use external hosting services to ensure the efficient and secure provision of our website.

Integration of third-party content
Third-party content such as videos, maps or graphics from other websites are integrated on the website. This integration always presupposes that the providers of this content (“third-party providers”) are aware of the IP addresses of the users. Without the IP address, they cannot send the content to the respective user's browser. The IP address is therefore required to display this content. We will inform you below about the services of external providers currently used on our website as well as about the respective processing in individual cases and about your existing options for objection or revocation.

Google Maps
This website uses the “Google Maps” service from “Google” (Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland and Google, LLC 1600 Amphitheatre Parkway Mountain View, CA 94043, USA) for the purpose of displaying maps or map sections and thus enables you to conveniently use the map function on the website. When you visit the website, “Google” receives the information that you have accessed the corresponding subpage of our website. In addition, some of the data mentioned in the section “Use of our website” and ‘Cookies’ is transmitted to “Google”. This takes place regardless of whether “Google” provides a user account that you are logged in to or whether no user account exists. If you are logged in to “Google”, your data will be assigned directly to your account. If you do not wish your data to be associated with your Google profile, you must log out before activating the button. "Google stores your data as a user profile and processes it for the purposes of advertising, market research and/or the needs-based design of its website, regardless of whether you have a user account with Google. The legal basis for the processing is your consent in accordance with Art. 6 para. 1 sentence 1 lit. a) GDPR.

“Google” also processes your data on servers in the USA. There is no adequacy decision by the EU Commission for the transfer of data to the USA. The legal basis is your consent in accordance with Art. 49 para. 1 lit. a) GDPR. Your data in connection with “Google Maps” will be deleted after thirty days at the latest. Further information on the purpose and scope of processing by “Google Maps” can be found at https://policies.google.com/privacy?hl=de.

You can withdraw your consent to the processing of the respective provider at any time by moving the slider back in the “Individual data protection settings” of the consent tool. The legality of the processing remains unaffected until the revocation is exercised.

Google Tag Manager
We use the “Google Tag Manager” from “Google” (Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland and Google, LLC 1600 Amphitheatre Parkway Mountain View, CA 94043, USA) on our website. “Google Tag Manager” is a solution with which website tags and other elements from third-party providers can be managed via an interface. On the one hand, an http request is sent to Google when you access the website with Google Tag Manager. This transmits end device information and personal data such as your IP address and information about your browser settings to Google. We use Google Tag Manager for the purpose of facilitating electronic communication by transferring information to third-party providers via programming interfaces, among other things. The respective tracking codes of the third-party providers are implemented in the Google Tag Manager without us having to change the source code of the website ourselves. Instead, the integration takes place via a container that places a so-called “placeholder” code in the source code. In addition, Google Tag Manager allows the data parameters of users to be exchanged in a specific order, in particular by ordering and systematizing the data packets. In some cases, your data is also transmitted to the USA. So-called “standard contractual clauses” have been concluded with Google to ensure compliance with an appropriate level of data protection. We will provide you with a copy of the standard contractual clauses on request. The legal basis for the processing is Art. 6 para. 1 sentence 1 lit. f) GDPR. Our legitimate interests in the processing lie in the facilitation and execution of electronic communication by identifying communication endpoints, control options, exchanging data elements in a defined sequence and identifying transmission errors. The Google Tag Manager does not initiate any data storage. Further information on data protection at “Google” can be found at: http://www.google.de/intl/de/policies/privacy.

You can object to the processing insofar as the processing is based on the legal basis of Art. 6 para. 1 sentence 1 lit. f) GDPR. You have the right to object on grounds relating to your particular situation. You can send us your objection using the contact details provided in the “Controller” section.
On the other hand, Google Tag Manager integrates third-party tags such as tracking codes or counting pixels on our website. The tool triggers other tags, which in turn collect your data; we will inform you about this separately in this privacy policy. The Google Tag Manager itself does not evaluate the end device information and personal data of users collected by the tags. Instead, your data is forwarded to the respective third-party service for the purposes specified in our consent management tool. We have adapted the Google Tag Manager to our consent management tool in such a way that the triggering of certain third-party services in the Google Tag Manager is made dependent on your selection in our consent management tool, so that only those third-party tags trigger data processing for which you have given your consent. The use of Google Tag Manager is covered by the consent for the respective third-party service. The legal basis for the processing is your consent in accordance with Art. 6 para. 1 sentence 1 lit. a) GDPR.

In some cases, your data will also be transferred to the USA. The legal basis for the transfer to the USA is your consent in accordance with Art. 49 para. 1 sentence 1 lit. a) GDPR. The storage duration of your data can be found in the following descriptions of the individual third-party services. Further information on data protection at “Google” can be found at: http://www.google.de/intl/de/policies/privacy.

Services for statistical, analytical and marketing purposes
We also use third-party services for statistical, analytical and marketing purposes. This enables us to provide you with a user-friendly, optimized use of the website. The third-party providers use cookies, pixels, browser fingerprinting or other tracking technologies to control their services. We will inform you below about the services of external providers currently used on our website as well as about the respective processing in individual cases and about your existing revocation options.

Google Analytics
We use “Google Analytics”, a web analysis service from “Google” (Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland and Google, LLC 1600 Amphitheatre Parkway Mountain View, CA 94043, USA) in order to be able to tailor our website optimally to user interests. When using “Google Analytics”, technologies such as ‘cookies’, “tracking pixels” and “device fingerprinting” are used to track specific user behavior on websites. Information stored on users' end devices is also processed. With the help of the “tracking pixels” integrated into websites and the ‘cookies’ stored on users' end devices, “Google” processes the information generated about the use of our website by users' end devices and access data for the purpose of statistical analysis - e.g. that a certain website has been accessed, which website areas users are particularly interested in or whether a newsletter registration has taken place. For this purpose, it can also be determined whether different end devices belong to you or your household. The access data includes, in particular, the IP address, browser information, the previously visited website and the date and time of the server request. “Google Analytics” is used with the extension “anonymizeIp()”. As a result, IP addresses are further processed in abbreviated form to make it more difficult to identify individuals. According to Google, IP addresses are truncated within the member states of the European Union. Due to the “Google Analytics” tool used, the user's browser automatically establishes a direct connection with the Google server. If users are registered with a Google service, Google can assign the visit to the user account and create and evaluate cross-application user profiles. The legal basis for the processing is your consent in accordance with Art. 6 para. 1 sentence 1 lit. a) GDPR. “Google” also processes some of the data in the USA. There is no adequacy decision by the EU Commission for the transfer of data to the USA. The legal basis for the transfer to the USA is your consent in accordance with Art. 49 para. 1 sentence 1 lit. a) GDPR. Your data in connection with “Google Analytics” will be deleted after 30 days at the latest. Further information on data protection at “Google” can be found at: http://www.google.de/intl/de/policies/privacy. You can withdraw your consent to the processing of the respective provider at any time by moving the slider back in the “Individual data protection settings” of the consent tool. The legality of the processing remains unaffected until the revocation is exercised.

Google Analytics Advertising
We also use the web analysis service “Google Analytics” with the remarketing function “Google Analytics Advertising” from Google (Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland and Google, LLC 1600 Amphitheatre Parkway Mountain View, CA 94043, USA). Google Analytics uses advertising technologies such as “cookies”, “tracking pixels” and “device fingerprinting” to track specific user behavior on websites. This also involves processing information that is stored on users' end devices. With the help of the “tracking pixels” integrated into websites and the “cookies” stored on users' end devices, Google processes the information generated about the use of our website by users' end devices and access data for the purpose of statistical analysis - e.g. that a certain website has been accessed or newsletter registration has taken place - and for the purpose of displaying individualized advertisements based on this. For these purposes, it can also be determined whether different end devices belong to you or your household. The additional function “Google Analytics Advertising” makes it possible to create target groups for certain cookies or mobile advertising IDs and to use them later for the renewed individualized advertising approach. Target group criteria include, for example: Users who have viewed products but not added them to a shopping cart or added them to a shopping cart but not completed the purchase, users who have purchased certain items. A target group comprises at least 100 users. The “Google Ads” tool can then be used to display interest-based advertisements in search results. In this way, users of websites can be recognized on other websites within the Google advertising network (in Google Search or on “YouTube”, so-called “Google Ads” or on other websites) and presented with tailored advertisements based on the defined target group criteria. The advertisements may also relate to products and services that users have already viewed on our website. The access data includes, in particular, the IP address, browser information, the previously visited website and the date and time of the server request.

“Google Analytics” is used with the extension “anonymizeIp()”. This means that IP addresses are further processed in abbreviated form to make it more difficult to identify individuals. Due to the Google Analytics Advertising tool used, the user's browser automatically establishes a direct connection with the Google server. If users are registered with a Google service, Google can assign the visit to the user account and create and evaluate cross-application user profiles. The legal basis for the processing is your consent in accordance with Art. 6 para. 1 sentence 1 lit. a) GDPR. “Google” also processes some of the data in the USA. There is no adequacy decision by the EU Commission for the transfer of data to the USA. The legal basis for the transfer to the USA is your consent in accordance with Art. 49 para. 1 sentence 1 lit. a) GDPR. Your data in connection with “Google Analytics” will be deleted after 30 days at the latest. Further information on data protection at “Google” can be found at: http://www.google.de/intl/de/policies/privacy.

Google Ads Remarketing
We use the “Google Ads” tool with the “Dynamic Remarketing” function from “Google” (Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, Ireland and Google, LLC 1600 Amphitheatre Parkway Mountain View, CA 94043, USA). This is a procedure with which we would like to address you again. With the “Dynamic Remarketing” function, we can recognize users of our website on other websites within the “Google” advertising network (in the “Google” search or on ‘YouTube’, so-called “Google ads” or on other websites) and present advertisements tailored to their interests. The advertisements may also relate to products and services that you have already viewed on our website. For this purpose, the interaction of users on our website is analyzed, e.g. which offers the user was interested in, in order to be able to display targeted advertising to users on other sites even after they have visited our website. If you visit our website, “Google Ads” will store a cookie on your end device. With the help of cookies, “Google” processes the information generated by your end device about the use of our website and interactions with our website as well as the data mentioned in the section “Use of our website”, in particular your IP address, browser information, the previously visited website and the date and time of the server request, for the purpose of displaying personalized advertisements. For this purpose, it can also be determined whether different end devices belong to you or your household. The data collected in the context of “Google Ads” is not merged with data from other “Google” products. The legal basis for the processing of your data is your consent in accordance with Art. 6 para. 1 sentence 1 lit. a) GDPR. “Google” also processes some of the data in the USA. There is no adequacy decision by the EU Commission for data transfer to the USA. The legal basis for the transfer to the USA is your consent in accordance with Art. 49 para. 1 sentence 1 lit. a) GDPR. Your data in connection with “Google Ads Remarketing” will be deleted after 30 days at the latest. Further information on data protection and the storage period at “Google” can be found at: https://policies.google.com/privacy.
You can withdraw your consent to the processing of the respective provider at any time by moving the slider back in the “Individual data protection settings” of the consent tool. The legality of the processing remains unaffected until the revocation is exercised.

Google Ads Conversion
We use the “Google Ads” service from ‘Google’ (Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland and Google, LLC 1600 Amphitheatre Parkway Mountain View, CA 94043, USA) to draw attention to our attractive offers on external websites with the help of advertising material (formerly known as “Google AdWords”). We can determine how successful the individual advertising measures are in relation to the advertising campaign data. These advertising materials are delivered by “Google” via so-called “Ad Servers”. For this purpose, we use “Ad Server” cookies, through which certain parameters for measuring reach, such as the display of ads or clicks by users, can be measured. If you access our website via a “Google” ad, “Google Ads” will store a cookie on your end device. With the help of the cookies, “Google” processes the information generated by your device about interactions with our advertising material (calling up a specific website or clicking on an advertising material), the data mentioned in the section “Use of our website”, in particular your IP address, browser information, the previously visited website and the date and time of the server request, for the purpose of analyzing and visualizing the reach measurement of our advertisements. For this purpose, it can also be determined whether different end devices belong to you or your household. Due to the marketing tools used, your browser automatically establishes a direct connection with the Google server. If you are registered with a “Google” service, “Google” can assign the visit to your account. Even if you are not registered with “Google” or have not logged in, there is a possibility that the provider will find out your IP address and process it. We only receive statistical evaluations from “Google” to measure the success of our advertising material. The legal basis for the processing of your data is your consent in accordance with Art. 6 para. 1 sentence 1 lit. a) GDPR. “Google” also processes some of the data in the USA. There is no adequacy decision by the EU Commission for data transfer to the USA. The legal basis for the transfer to the USA is your consent in accordance with Art. 49 para. 1 sentence 1 lit. a) GDPR. The storage period of your data at “Google” is 30 days. Further information on data protection and the storage period at “Google” can be found at: https://policies.google.com/privacy.
You can withdraw your consent to the processing of the respective provider at any time by moving the slider back in the “Individual data protection settings” of the consent tool. The legality of the processing remains unaffected until the revocation is exercised.

Google AdSense
On our website, we also use the “GoogleAdSense” tool, an advertising service provided by “Google” (Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland and Google, LLC 1600 Amphitheatre Parkway Mountain View, CA 94043, USA) to market advertisements. When using “Google AdSense”, technologies such as ‘cookies’, “tracking pixels” and “device fingerprinting” are used to track visitor traffic and user behavior on our website and to show you topic-specific advertisements on our website that match our content and your interests. Information stored on users' end devices is also processed for this purpose. With the help of the “tracking pixels” integrated into websites and the ‘cookies’ stored on users' end devices, “Google” processes the information generated about the use of our website by users' end devices as well as access data after each impression (i.e. whenever you see or click on an advertisement, for example) for the purpose of statistical analysis across all end devices, the display of individualized advertisements and to measure the effectiveness of an advertisement. For example, “Google” can use this to determine that a particular website has been accessed and how often, in order to understand the quality of the advertising space on our website and to select the appropriate type of ad. For this purpose, it can also be determined whether different end devices belong to you or your household. The access data includes, in particular, the IP address, browser information, the previously visited website and the date and time of the server request. When using “Google AdSense”, your browser automatically establishes a direct connection with the “Google” server. If users are registered with a Google service, Google can assign the visit to the user account and create and evaluate cross-application user profiles. The legal basis for the processing is your consent in accordance with Art. 6 para. 1 sentence 1 lit. a) GDPR. “Google” also processes some of the data in the USA. There is no adequacy decision by the EU Commission for the transfer of data to the USA. The legal basis for the transfer to the USA is your consent in accordance with Art. 49 para. 1 sentence 1 lit. a) GDPR. Google stores your data in connection with “Google AdSense” for a maximum of 24 months. Further information on data protection at “Google” can be found at: http://www.google.de/intl/de/policies/privacy.

You can withdraw your consent to the processing of the respective provider at any time by moving the slider back in the “Individual data protection settings” of the consent tool. The lawfulness of the processing remains unaffected until the revocation is exercised.

imprint
terms and conditions

Best Western Central Europe | Best Western Rewards

Hotel Lamm

Neighbourhood

Become a Rewards member and book for less