Data Collection on Our Website
CookiesOur websites use so-called “cookies.” Cookies are small text files that do not harm your device. They are either stored temporarily for the duration of a session (session cookies) or permanently (persistent cookies) on your device. Session cookies are automatically deleted at the end of your visit. Persistent cookies remain on your device until you delete them yourself or your web browser does so automatically.
In some cases, cookies from third-party companies may also be stored on your device when you visit our site (third-party cookies). These enable us or you to use certain services provided by the third party (e.g., cookies for processing payment services).
Cookies serve different functions. Many cookies are technically necessary because certain website functions would not work without them (e.g., shopping cart functionality or video display). Other cookies are used to analyze user behavior or display advertising.
Cookies that are necessary for carrying out electronic communication (necessary cookies), providing certain functions you request (functional cookies, e.g., for shopping cart functionality), or optimizing the website (e.g., cookies to measure web traffic) are stored based on Art. 6 para. 1 lit. f GDPR, unless another legal basis is specified. The website operator has a legitimate interest in storing cookies to provide its services in a technically error-free and optimized manner. If consent for cookie storage has been obtained, the storage of the respective cookies is based exclusively on this consent (Art. 6 para. 1 lit. a GDPR); consent can be withdrawn at any time.
You can configure your browser to be informed about the setting of cookies and to allow cookies only on a case-by-case basis, block cookies for certain cases or in general, and enable automatic deletion of cookies when closing the browser. Disabling cookies may limit the functionality of this website.
To the extent that cookies from third parties or for analytical purposes are used, we will inform you separately within this privacy policy and, if applicable, request your consent.
Server Log Files
The provider of this website automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These include:
- Browser type and browser version
- Operating system used
- Referrer URL
- Hostname of the accessing computer
- Time of the server request
- IP address
These data are not merged with other data sources.
Collection of this data is based on Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in the technically error-free presentation and optimization of its website – for this purpose, server log files must be recorded.
Contact Form
If you send us inquiries via the contact form, the information you provide, including the contact details entered, will be stored for the purpose of processing your request and in case of follow-up questions. We will not share this data without your consent.
The processing of this data is based on Art. 6 para. 1 lit. b GDPR if your inquiry is related to the performance of a contract or necessary for pre-contractual measures. In all other cases, processing is based on our legitimate interest in efficiently handling inquiries directed to us (Art. 6 para. 1 lit. f GDPR) or on your consent (Art. 6 para. 1 lit. a GDPR) if such consent has been obtained.
The data you enter in the contact form will remain with us until you request deletion, withdraw your consent to storage, or the purpose for storing the data no longer applies (e.g., after your inquiry has been fully processed). Mandatory legal provisions – in particular retention periods – remain unaffected.
Inquiries via Email, Phone, or Fax
If you contact us by email, phone, or fax, your inquiry, including all resulting personal data (e.g., name, message), will be stored and processed for the purpose of handling your request. We will not share this data without your consent.
The processing of these data is based on Art. 6 para. 1 lit. b GDPR if your inquiry is related to the performance of a contract or necessary for pre-contractual measures. In all other cases, processing is based on our legitimate interest in efficiently handling inquiries (Art. 6 para. 1 lit. f GDPR) or on your consent (Art. 6 para. 1 lit. a GDPR) if such consent has been obtained.
The data you provide to us via contact inquiries will remain stored until you request deletion, withdraw your consent, or the purpose for storage no longer applies (e.g., after your request has been fully processed). Mandatory legal provisions – particularly statutory retention periods – remain unaffected.
Newsletter Data
If you wish to subscribe to the newsletter offered on the website, we require your email address and information that allows us to verify that you are the owner of the given email address and consent to receive the newsletter. No additional data will be collected unless voluntarily provided. These data are used exclusively for sending the requested information and are not shared with third parties.
The processing of data entered in the newsletter subscription form is based solely on your consent (Art. 6 para. 1 lit. a GDPR). The consent given for storing your data, email address, and its use for sending the newsletter can be withdrawn at any time, for example via the "unsubscribe" link in the newsletter. The legality of data processing carried out prior to withdrawal remains unaffected.
The data stored by us for the purpose of sending the newsletter will be retained until you unsubscribe from the newsletter and deleted after unsubscription. Data stored for other purposes (e.g., email addresses for member areas) remain unaffected.
Brevo
This website uses Brevo for sending newsletters. The provider is Sendinblue GmbH, Köpenicker Straße 126, 10179 Berlin, Germany. Brevo is a service that allows, among other things, the organization and analysis of newsletter campaigns. The data you provide for newsletter subscription is stored on the servers of Sendinblue GmbH in Germany.
Data Analysis via Brevo
Brevo enables us to analyze our newsletter campaigns. For example, we can see whether a newsletter message was opened and which links were clicked. This allows us to determine which links are particularly popular. We can also track whether certain predefined actions were carried out after opening or clicking the newsletter (conversion rate). Additionally, Brevo allows us to categorize newsletter recipients (“clustering”), for example by age, gender, or location, so that newsletters can be better tailored to target groups.
If you do not want Brevo to analyze your data, you must unsubscribe from the newsletter. Each newsletter contains an unsubscribe link. More information on Brevo’s features can be found here: https://www.brevo.com/de/newsletter-software/.
Legal Basis
Data processing is based on your consent (Art. 6 para. 1 lit. a GDPR). You can withdraw your consent at any time. The legality of data processing carried out before withdrawal remains unaffected.
Storage Duration
Data provided for newsletter subscription is stored until you unsubscribe and is deleted from the newsletter list after unsubscription. Data stored for other purposes (e.g., email addresses for the member area) remain unaffected. After unsubscribing, your email address may be stored on a blacklist by us or the newsletter service provider if necessary to prevent future mailings. Blacklist data is used solely for this purpose and is not merged with other data. Storage in the blacklist is indefinite. You may object to this storage if your interests outweigh our legitimate interest. For more details, see Brevo’s privacy policy: https://www.brevo.com/de/datenschutz-uebersicht/ and https://www.brevo.com/de/legal/privacypolicy/.
Google Web Fonts
This site uses so-called web fonts provided by Google to ensure uniform font display. When you access a page, your browser loads the required web fonts into its cache to display text and fonts correctly.
To do this, your browser must connect to Google servers, which informs Google that your IP address accessed this website. The use of Google Web Fonts is based on Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in uniform font display. If consent for cookies has been obtained, processing occurs solely based on your consent (Art. 6 para. 1 lit. a GDPR), which can be withdrawn at any time.
If your browser does not support web fonts, a standard font from your computer is used. More information on Google Web Fonts can be found at https://developers.google.com/fonts/faq and Google’s privacy policy: https://policies.google.com/privacy?hl=de.
Google Analytics
This website uses functions of the web analytics service Google Analytics. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
Google Analytics allows the website operator to analyze visitor behavior. The operator receives various usage data, such as page views, time spent on pages, operating systems, and user location. This data is assigned to the user’s device, without assigning a user ID.
Additionally, Google Analytics can track mouse movements, scrolling, and clicks. Google Analytics uses modeling approaches to supplement the data and applies machine-learning technologies in data analysis.
Google Analytics uses technologies that allow the user to be recognized for the purpose of analyzing user behavior (e.g., cookies or device fingerprinting). Information collected by Google about the use of this website is generally transmitted to and stored on a Google server in the USA.
The use of this service is based on your consent under Art. 6 para. 1 lit. a GDPR and §25 para. 1 TDDDG. Consent can be withdrawn at any time.
The data transfer to the USA is based on the EU Commission’s standard contractual clauses. Details can be found here: https://business.safety.google/adscontrollerterms/sccs/.
IP Anonymization
We have enabled IP anonymization on this website. This means your IP address will be shortened by Google within EU member states or other parties to the European Economic Area before being transmitted to the USA. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. On behalf of the website operator, Google uses this information to evaluate your use of the website, compile reports on website activity, and provide other services related to website and internet usage. The IP address transmitted by your browser to Google Analytics will not be merged with other Google data.
Browser Plugin
You can prevent Google from collecting and processing your data by downloading and installing the browser plugin available here: https://tools.google.com/dlpage/gaoptout?hl=de.
More information on handling user data in Google Analytics can be found in Google’s privacy policy: https://support.google.com/analytics/answer/6004245?hl=de.
Google Analytics E-Commerce Tracking
This website uses Google Analytics E-Commerce tracking. E-Commerce tracking allows the website operator to analyze visitors’ purchasing behavior to improve online marketing campaigns. Information collected may include orders placed, average order values, shipping costs, and the time from viewing to purchase. Google may aggregate this data under a transaction ID assigned to the respective user or their device.
Google Ads
The website operator uses Google Ads, an online advertising service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
Google Ads allows us to display advertisements in Google search results or on third-party websites when users enter specific search terms (keyword targeting). Additionally, targeted ads may be displayed based on user data available to Google (e.g., location data and interests – audience targeting). As website operators, we can quantitatively evaluate this data, for example, by analyzing which search terms led to ad displays and how many clicks occurred.
The use of Google Ads is based on Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in effective marketing of its services and products.
Google DoubleClick
This website uses Google DoubleClick, provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“DoubleClick”).
DoubleClick is used to show you interest-based advertising across the Google advertising network. Ads can be tailored to the interests of the viewer using DoubleClick, for example in Google search results or banner ads linked to DoubleClick.
To display interest-based ads, DoubleClick must recognize the viewer and assign their visited websites, clicks, and other behavioral information. DoubleClick uses cookies or comparable recognition technologies (e.g., device fingerprinting). The information collected is compiled into a pseudonymous user profile to deliver relevant ads to the user.
The use of Google DoubleClick is in the interest of targeted advertising, which constitutes a legitimate interest under Art. 6 para. 1 lit. f GDPR. If consent has been obtained (e.g., consent to store cookies), processing is carried out solely on the basis of Art. 6 para. 1 lit. a GDPR; consent can be withdrawn at any time.
For more information on how to object to ads displayed by Google, please see the following links: https://policies.google.com/technologies/ads and https://myadcenter.google.com/home?sasb=true&ref=ad-settings.
Adobe DTM
This website uses functions of the web analytics service Adobe Experience Cloud. The provider is Adobe Systems Software Ireland Limited, 4-6 Riverwalk, Citywest Business Campus, Dublin 24, Ireland.
When Adobe provides software and services for a company, Adobe acts as a data processor for all personal data processed and stored as part of providing these services. Adobe processes personal data according to the permissions and instructions of your company (e.g., as per your agreement with Adobe).
If you use Adobe Experience Cloud solutions, Adobe may host personal data for you, depending on the solutions you use and the information you send to your Adobe Experience Cloud account. A detailed list of examples can be found in Adobe Experience Cloud Privacy.
Adobe Experience Cloud is used based on Art. 6(1)(f) GDPR. The website operator has a legitimate interest in analyzing user behavior to optimize both its website and its advertising.
More information on Adobe Experience Cloud can be found in Adobe’s privacy policy: https://www.adobe.com/de/privacy/policy.html.
Google Tag Manager
For transparency, please note that we use Google Tag Manager. Google Tag Manager itself does not collect personal data. It facilitates the integration and management of our tags. Tags are small code elements used to measure traffic and visitor behavior, detect the impact of online advertising, or test and optimize our websites. More information on Google Tag Manager can be found here: https://marketingplatform.google.com/intl/de/about/analytics/tag-manager/use-policy/.
Google Conversion Tracking
This website uses Google Conversion Tracking. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
Google Conversion Tracking allows Google and us to determine whether users have completed specific actions. For example, we can see which buttons were clicked, which products were viewed or purchased, and generate conversion statistics. We only receive aggregated data, not personally identifiable information. Google itself uses cookies or comparable recognition technologies to identify users.
Use of Google Conversion Tracking is based on Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in analyzing user behavior to optimize the website and advertising. If consent has been obtained (e.g., consent to store cookies), processing occurs solely on the basis of Art. 6 para. 1 lit. a GDPR; consent can be withdrawn at any time.
More information on Google Conversion Tracking can be found in Google’s privacy policy: https://policies.google.com/privacy?hl=de.
Payment Providers
Processing of customer and contract data
We collect, process, and use personal data only to the extent necessary for establishing, designing, or changing the legal relationship (customer data). This is based on Art. 6 para. 1 lit. b GDPR, which permits processing for contract fulfillment or pre-contractual measures. Usage data on our website is collected only as needed to enable or bill for the service.
Customer data is deleted after the completion of the order or termination of the business relationship. Statutory retention periods remain unaffected.
Data Transfer When Concluding Contracts for Services and Digital Content
We only transmit personal data to third parties if necessary for contract processing, e.g., to the bank responsible for payment processing. Further data transfer only occurs with your explicit consent. Your data is not shared with third parties for advertising purposes without explicit consent.
Processing is based on Art. 6 para. 1 lit. b GDPR, which allows data processing to fulfill a contract or pre-contractual measures.
Review Tools
HolidayCheck
This site embeds a widget from HolidayCheck to display reviews. The provider is HolidayCheck AG, Bahnweg 8, CH-8598 Bottighofen, Switzerland (https://www.holidaycheck.de/impressum).
To use the widget, your IP address, browser information (name, version), website, operating system, screen resolution, and browser or OS language settings must be stored. Clicking the “Write a Review” button opens a popup, and submitted data is generally sent to a HolidayCheck server in Switzerland. The website operator has no control over this data transfer.
Use of the HolidayCheck widget serves to display reviews of our hotel and to offer the possibility to submit a review. This is a legitimate interest under Art. 6 para. 1 lit. f GDPR.
More information on HolidayCheck data handling: https://www.holidaycheck.de/datenschutz.
Wellness Heaven
This site embeds a widget from Wellness Heaven to display reviews. The provider is Wellness Heaven® Hotel Guide, Klosterweg 41, D-82335 Berg am Starnberger See.
To use the widget, your IP address, browser information, website, operating system, screen resolution, and browser/OS language settings are stored. Data is generally sent to a Wellness Heaven server. The website operator has no control over this data transfer.
Use of the Wellness Heaven widget serves to display reviews of our hotel. This constitutes a legitimate interest under Art. 6 para. 1 lit. f GDPR.
More information on Wellness Heaven data handling: https://www.wellness-heaven.de/wellness/datenschutz/.
Content Delivery Network (CDN)
Google CDN
This site delivers content via a Content Delivery Network (CDN) provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
To use the content, your IP address, browser information, website, operating system, screen resolution, and browser/OS language settings must be stored. Data is generally sent to a Google server. The website operator has no influence on this data transfer.
Content use serves the interest of providing content efficiently, which is a legitimate interest under Art. 6 para. 1 lit. f GDPR.
More information on Google data handling: https://www.google.com/policies/technologies/ads/.
Online Booking
Hotelnetsolutions
Insurance
Ergo Travel Insurance ERV
To offer services from Ergo Travel Insurance ERV, a widget from ERV (Europäische Reiseversicherung AG), Rosenheimer Straße 116, 81669 Munich, Germany, is embedded on this site.
To use the ERV widget, your IP address, browser information, website, operating system, screen resolution, and browser/OS language settings must be stored. When you use ERV, these data are generally transmitted to an ERV server. The website operator has no influence over this data transfer.
Use of ERV serves the legitimate interest of offering a simple and convenient insurance option (Art. 6 para. 1 lit. f GDPR).
More information on ERV data handling: https://www.reiseversicherung.de/de/datenschutz.html.
Widgets
Giggle Events
This site embeds a Giggle widget to display events. The provider is Giggle GmbH, Müllerstraße 1, 6020 Innsbruck, Austria.
To use the Giggle widget, your IP address, browser information, website, operating system, screen resolution, and browser/OS language settings are stored. Data is generally transmitted to a Giggle server. The website operator has no control over this data transfer.
Use of Giggle serves the legitimate interest of presenting events simply and conveniently (Art. 6 para. 1 lit. f GDPR).
More information on Giggle data handling: https://www.giggle.tips/privacy.
Forms
Handling of Applicant Data
We provide the option to apply to us (e.g., via email, post, or online application form). We inform you below about the scope, purpose, and use of your personal data collected during the application process. We ensure that data collection, processing, and use are carried out in accordance with applicable data protection law and other legal requirements, and your data is treated confidentially.
Push Notifications
PushPanda
We use web push notifications from PushPanda.io. Web push notifications are messages that can appear on your device without opening the website or app.
No personally identifiable information, such as IP addresses, is stored that could directly identify the user. When subscribing (opt-in), only an identification key and the user’s geographical IP information (country and state) are transmitted and stored in PushPanda.io’s database. This key is issued by the browser (Google, Mozilla, Apple, etc.) and allows notifications to be sent to the respective browser later. Notifications are sent directly via the browser provider.
If opt-in for push notifications is withdrawn (opt-out), all data stored by PushPanda.io is deleted, and the identification key becomes invalid. PushPanda.io is a service of Project K GmbH, Innsbruck, Austria.
