Privacy policy

Data protection at a glance

General information

The following information provides a simple overview of what happens to your personal data when you visit our website. Personal data is any data that can be used to identify you personally. Detailed information on the subject of data protection can be found in our privacy policy listed below this text.

Data collection on our website

Who is responsible for the data collection on this website?

Data processing on this website is carried out by the website operator. You can find his contact details in the imprint of this website.

How do we collect your information?

On the one hand, your data is collected when you provide it to us. This can be, for example, data that you enter into a contact form.

Other data is automatically collected by our IT systems when you visit the website. This is mainly technical data (e.g. Internet browser, operating system or time of page access). The collection of this data takes place automatically as soon as you enter our website.

What do we use your data for?

Part of the data is collected to ensure that the website is provided without errors. Other data may be used to analyze your user behavior.

What rights do you have regarding your data?

You have the right to receive information about the origin, recipient and purpose of your stored personal data at any time, free of charge. You also have the right to request the correction, blocking or deletion of this data. For this and other questions on the subject of data protection, you can contact us at any time at the address given in the imprint. Furthermore, you have the right to lodge a complaint with the competent supervisory authority.

Analytics and third-party tools

When you visit our website, your surfing behaviour can be statistically evaluated. This is mainly done with cookies and with so-called analysis programs. The analysis of your surfing behavior is usually anonymous; the surfing behavior cannot be traced back to you. You can object to this analysis or prevent it by not using certain tools. Detailed information can be found in the following privacy policy.

You can object to this analysis. We will inform you about the possibilities of objection in this privacy policy.

General information and mandatory information

Privacy

The operators of these pages take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this privacy policy.

When you use this website, various personal data is collected. Personal data is data that can be used to identify you personally. This privacy policy explains what data we collect and what we use it for. It also explains how and for what purpose this is done.

We would like to point out that data transmission on the Internet (e.g. when communicating by e-mail) may have security gaps. It is not possible to completely protect the data from access by third parties.

Note on the responsible body

The person responsible for data processing on this website is:

Hotel Vier Jahreszeiten Starnberg
Münchner Straße 17
82319 Starnberg

Telefon: 00 49 (0) 81 51/44 70- 0
E-Mail: info@vier-jahreszeiten-starnberg.de

The controller is the natural or legal person who, alone or jointly with others, decides on the purposes and means of the processing of personal data (e.g. names, e-mail addresses, etc.).

Withdrawal of your consent to data processing

Many data processing operations are only possible with your explicit consent. You can revoke any consent you have already given at any time. All you need to do is send us an informal message by e-mail. The lawfulness of the data processing carried out up to the time of revocation remains unaffected by the revocation.

Right to object to data collection in special cases as well as to direct marketing (Art. 21 GDPR)

If the data processing is carried out on the basis of Art. 6 (1) (e) or (f) GDPR, you have the right to object to the processing of your personal data at any time on grounds relating to your particular situation; this also applies to profiling based on these provisions. The respective legal basis on which processing is based can be found in this privacy policy. If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing that outweigh your consent, rights and freedoms, or the processing serves to assert, exercise or defend legal claims (objection pursuant to Art. 21 (1) GDPR).

If your personal data is processed for the purpose of direct marketing, you have the right to object at any time to the processing of personal data concerning you for the purpose of such advertising; this also applies to profiling, insofar as it is related to such direct advertising. If you object, your personal data will no longer be used for the purpose of direct marketing (objection pursuant to Art. 21 para. 2 GDPR).

Right to lodge a complaint with the competent supervisory authority

In the event of violations of the GDPR, the data subjects have the right to lodge a complaint with a supervisory authority, in particular in the Member State of their habitual residence, their place of work or the place of the alleged infringement. The right of appeal exists without prejudice to other administrative or judicial remedies.

Right to data portability

You have the right to have data that we process automatically on the basis of your consent or in fulfilment of a contract handed over to you or to a third party in a common, machine-readable format. If you request the direct transfer of the data to another controller, this will only be done to the extent that it is technically feasible.

SSL or TLS encryption

This site uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as orders or inquiries that you send to us as the site operator. You can recognize an encrypted connection by the fact that the address bar of the browser changes from “http://” to “https://” and by the lock symbol in your browser line.

If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.

Encrypted payment transactions on this website

If, after concluding a fee-based contract, there is an obligation to provide us with your payment data (e.g. account number in the case of direct debit authorisation), this data will be required for payment processing.

Payment transactions via the usual means of payment (Visa/MasterCard, direct debit) are carried out exclusively via an encrypted SSL or TLS connection. You can recognize an encrypted connection by the fact that the address bar of the browser changes from “http://” to “https://” and by the lock symbol in your browser line.

With encrypted communication, your payment data that you transmit to us cannot be read by third parties.

Information, blocking, deletion and correction

Within the framework of the applicable legal provisions, you have the right to free information about your stored personal data, its origin and recipients and the purpose of the data processing and, if necessary, a right to correction, blocking or deletion of this data. For this and other questions on the subject of personal data, you can contact us at any time at the address given in the imprint.

Right to restriction of processing

You have the right to request the restriction of the processing of your personal data. You can contact us at any time at the address given in the imprint. The right to restriction of processing exists in the following cases:

• If you contest the accuracy of your personal data held by us, we will usually need time to verify this. For the duration of the audit, you have the right to request the restriction of the processing of your personal data.
• If the processing of your personal data was / is unlawful, you can request the restriction of data processing instead of deletion.
• If we no longer need your personal data, but you need it to exercise, defend or assert legal claims, you have the right to request the restriction of the processing of your personal data instead of erasure.
• If you have filed an objection in accordance with Art. 21 (1) GDPR, a balancing of your interests and ours must be carried out. As long as it has not yet been determined whose interests prevail, you have the right to request the restriction of the processing of your personal data.

If you have restricted the processing of your personal data, this data may only be processed with your consent or for the establishment, exercise or defence of legal claims, or for the protection of the rights of another natural or legal person, or for reasons of important public interest of the European Union or of a Member State.

Objection to advertising e-mails

The use of contact details published in the context of the imprint obligation for the sending of unsolicited advertising and information material is hereby contradicted. The operators of the pages expressly reserve the right to take legal action in the event of the unsolicited sending of advertising information, for example by spam e-mails.

Data protection supervisor

Legally required data protection officer

We have appointed a data protection officer for our company.

Data protection supervisor

Hotel Vier Jahreszeiten STA GmbH&Co.KG
Münchner Straße 17
82319 Starnberg
Deutschland

Telefon: 08807 / 928 171-0
E-Mail: dsb@vier-jahreszeiten-starnberg.de

Data collection on our website

Cookies

Some of the websites use so-called cookies. Cookies do not cause any damage to your computer and do not contain viruses. Cookies are used to make our offer more user-friendly, effective and secure. Cookies are small text files that are stored on your computer and stored by your browser.

Most of the cookies we use are so-called “session cookies”. They are automatically deleted at the end of your visit. Other cookies remain stored on your device until you delete them. These cookies enable us to recognise your browser the next time you visit.

You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies in certain cases or in general, and activate the automatic deletion of cookies when you close the browser. If you disable cookies, the functionality of this website may be limited.

Cookies that are necessary to carry out the electronic communication process or to provide certain functions desired by you (e.g. shopping cart function) are stored on the basis of Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in the storage of cookies for the technically error-free and optimised provision of its services. Insofar as other cookies (e.g. cookies for the analysis of your surfing behaviour) are stored, these are treated separately in this privacy policy.

Server log files

The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:

• Browser type and version
• operating system used
• Referrer URL
• Hostname of the accessing computer
• Time of the server request
• IP address

This data is not merged with other data sources.

This data is collected on the basis of Art. 6 (1) (f) GDPR. The website operator has a legitimate interest in the technically error-free presentation and optimisation of its website – for this purpose, the server log files must be recorded.

Contact

If you send us enquiries via the contact form, your details from the enquiry form, including the contact details you provide there, will be stored by us for the purpose of processing the enquiry and in the event of follow-up questions. We do not pass on this data without your consent.

The processing of the data entered into the contact form is therefore carried out exclusively on the basis of your consent (Art. 6 para. 1 lit. a GDPR). You can revoke this consent at any time. All you need to do is send us an informal message by e-mail. The lawfulness of the data processing operations carried out up to the revocation remains unaffected by the revocation.

The data you enter in the contact form will remain with us until you ask us to delete it, revoke your consent to its storage or the purpose for which it is stored no longer applies (e.g. after your request has been processed). Mandatory statutory provisions – in particular retention periods – remain unaffected.

Enquiry by e-mail, telephone or fax

If you contact us by e-mail, telephone or fax, your enquiry, including all personal data resulting from it (name, enquiry), will be stored and processed by us for the purpose of processing your request. We do not pass on this data without your consent.

The processing of this data is carried out on the basis of Art. 6 (1) (b) GDPR if your request is related to the performance of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on your consent (Art. 6 para. 1 lit. a GDPR) and/or on our legitimate interests (Art. 6 para. 1 lit. f GDPR), as we have a legitimate interest in the effective processing of the inquiries addressed to us.

The data you send to us via contact requests will remain with us until you ask us to delete it, revoke your consent to its storage or the purpose for which it is stored no longer applies (e.g. after your request has been processed). Mandatory statutory provisions – in particular statutory retention periods – remain unaffected.

Processing of data (customer and contract data)

We collect, process and use personal data only insofar as they are necessary for the establishment, content design or change of the legal relationship (inventory data). This is done on the basis of Art. 6 (1) (b) GDPR, which permits the processing of data for the performance of a contract or pre-contractual measures. We collect, process and use personal data about the use of our website (usage data) only to the extent necessary to enable the user to use the service or to bill for it.

The customer data collected will be deleted after completion of the order or termination of the business relationship. Statutory retention periods remain unaffected.

Registration on this website

You can register on our website to use additional features on the site. We use the data entered for this purpose only for the purpose of using the respective offer or service for which you have registered. The mandatory information requested during registration must be provided in full. Otherwise, we will refuse registration.

For important changes, such as in the scope of the offer or in the event of technically necessary changes, we will use the e-mail address provided during registration to inform you in this way.

The data entered during registration is processed on the basis of your consent (Art. 6 para. 1 lit. a GDPR). You can revoke any consent you have given at any time. All you need to do is send us an informal message by e-mail. The lawfulness of the data processing that has already been carried out remains unaffected by the revocation.

The data collected during registration will be stored by us for as long as you are registered on our website and will then be deleted. Statutory retention periods remain unaffected.

Analytics Tools and Advertising

Use of external tracking services

This website uses the following external tracking services:

• Google Optimize
• Google Adwords Conversion
• Facebook Pixel Tracking
• Google Adwords Remarketing
• Google Analytics Universal Tracking
• Sojern Tracking
• Google Tag Manager
• The Hotels Network

Google Analytics

This website uses functions of the web analysis service Google Analytics. The provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

Google Analytics uses so-called “cookies”. These are text files that are stored on your computer and enable an analysis of your use of the website. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there.

Google Analytics cookies are stored on the basis of Art. 6 (1) (f) GDPR. The website operator has a legitimate interest in the analysis of user behaviour in order to optimise both its website and its advertising.

IP anonymization

We have activated the IP anonymization function on this website. As a result, your IP address will be shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area before it is transmitted to the USA. Only in exceptional cases is the full IP address transmitted to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide other services related to website activity and internet use to the website operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with other data held by Google.

Browser Plugin

You can prevent the storage of cookies by setting your browser software accordingly; however, we would like to point out that in this case you may not be able to use all the functions of this website to their full extent. You can also prevent the collection of the data generated by the cookie and related to your use of the website (including your IP address) by Google and the processing of this data by Google by downloading and installing the browser plug-in available at the following link: https://tools.google.com/dlpage/gaoptout?hl=de.

Objection to data collection

You can prevent the collection of your data by Google Analytics by clicking on the following link. An opt-out cookie will be set to prevent the collection of your data on future visits to this website: Google Analytics deaktivieren.

You can find more information about the handling of user data by Google Analytics in Google’s privacy policy: https://support.google.com/analytics/answer/6004245?hl=de.

Commissioned data processing

We have concluded a contract data processing agreement with Google and fully implement the strict requirements of the German data protection authorities when using Google Analytics.

Demographics on Google Analytics

This website uses the “demographic characteristics” function of Google Analytics. This allows reports to be generated that contain statements about the age, gender and interests of the site visitors. This data comes from interest-based advertising from Google as well as visitor data from third-party providers. This data cannot be assigned to a specific person. You can deactivate this function at any time via the ad settings in your Google account or generally prohibit the collection of your data by Google Analytics as described in the section “Objection to data collection”.

Google Analytics Remarketing

Our websites use the functions of Google Analytics Remarketing in conjunction with the cross-device functions of Google AdWords and Google DoubleClick. The provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

This feature makes it possible to link the advertising audiences created with Google Analytics Remarketing to the cross-device features of Google AdWords and Google DoubleClick. In this way, interest-based, personalized advertising messages that have been adapted to you depending on your previous usage and surfing behavior on one device (e.g. mobile phone) can also be displayed on another of your devices (e.g. tablet or PC).

If you have given your consent, Google will link your web and app browsing history to your Google Account for this purpose. This way, the same personalized advertising messages can be displayed on every device where you sign in with your Google Account.

To support this feature, Google Analytics collects Google-authenticated IDs of users, which are temporarily linked to our Google Analytics data to define and create audiences for cross-device advertising.

You can permanently opt out of cross-device remarketing/targeting by opting out of personalized advertising in your Google Account; follow this link: https://www.google.com/settings/ads/onweb/.

The aggregation of the collected data in your Google account is carried out exclusively on the basis of your consent, which you can give or revoke to Google (Art. 6 para. 1 lit. a GDPR). In the case of data collection operations that are not merged into your Google account (e.g. because you do not have a Google account or have objected to the merge), the collection of data is based on Art. 6 (1) (f) GDPR. The legitimate interest arises from the fact that the website operator has an interest in the anonymised analysis of website visitors for advertising purposes.

Further information and the privacy policy can be found in Google’s privacy policy at: https://www.google.com/policies/technologies/ads/.

Google AdWords and Google Conversion-Tracking

This website uses Google AdWords. AdWords is an online advertising program of Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States (“Google”).

As part of Google AdWords, we use so-called conversion tracking. When you click on an ad served by Google, a cookie is set for conversion tracking. Cookies are small text files that the Internet browser stores on the user’s computer. These cookies expire after 30 days and are not used to personally identify users. If the user visits certain pages of this website and the cookie has not yet expired, Google and we can recognize that the user has clicked on the ad and has been redirected to that page.

Each Google AdWords customer receives a different cookie. The cookies cannot be tracked through the websites of AdWords customers. The information collected using the conversion cookie is used to compile conversion statistics for AdWords customers who have opted for conversion tracking. Customers will see the total number of users who clicked on their ad and were redirected to a page with a conversion tracking tag. However, they do not receive any information that can be used to personally identify users. If you do not wish to participate in tracking, you can object to this use by slightly deactivating the Google Conversion Tracking cookie via your Internet browser under User Settings. They will then not be included in the conversion tracking statistics.

The storage of “conversion cookies” is based on Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in the analysis of user behaviour in order to optimise both its website and its advertising.

You can find more information about Google AdWords and Google Conversion Tracking in Google’s privacy policy: https://www.google.de/policies/privacy/.

You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies in certain cases or in general, and activate the automatic deletion of cookies when you close the browser. If you disable cookies, the functionality of this website may be limited.

Facebook Pixel

Our website uses the visitor action pixel of Facebook, Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA (“Facebook”) for conversion measurement.

For example, the behavior of site visitors can be tracked after they have been redirected to the provider’s website by clicking on a Facebook ad. This allows the effectiveness of Facebook ads to be evaluated for statistical and market research purposes and future advertising measures to be optimized.

The data collected is anonymous for us as the operator of this website, we cannot draw any conclusions about the identity of the users. However, the data is stored and processed by Facebook so that a connection to the respective user profile is possible and Facebook can use the data for its own advertising purposes, in accordance with the Facebook Data Use Policy. This allows Facebook to enable the placement of advertisements on and off Facebook pages. This use of the data cannot be influenced by us as the site operator.

In Facebook’s privacy policy you will find further information on how to protect your privacy: https://www.facebook.com/about/privacy/.

You can also turn off the Custom Audiences remarketing feature in the Ads Settings section under https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen disable. To do this, you must be logged in to Facebook.

If you do not have a Facebook account, you can opt out of Facebook’s behavioral advertising on the European Interactive Digital Advertising Alliance website: http://www.youronlinechoices.com/de/praferenzmanagement/.

The Hotels Network

To optimize the user experience on our website, we use software from THE HOTELS NETWORK (www.thehotelsnetwork.com, Muntaner 262, 3º, 08021 Barcelona, Spain). The software enables us to evaluate user behavior in an anonymized manner in order to better understand how users interact with our website and to provide a more relevant user experience. To make this possible, The Hotels Network uses cookies that collect user data such as browser information, page visits, scrolls, etc. save. Since all analysis and processing is always anonymized, it is impossible to personally identify the user.

TAO

This website uses functions of the web analysis service TAO. The provider is vioma GmbH (“vioma”), Industriestr. 27, 77656 Offenburg, Germany.

TAO uses “cookies”, which are text files placed on your computer, to help the website analyze how users use the site. The information generated by the cookie about your use of this website (including your IP address) will be transmitted to and stored by a server of vioma in Germany. vioma will use this information to evaluate your use of the website, to compile reports on website activity for website operators and to provide other services related to website and internet usage.

vioma may also transfer this information to third parties if this is required by law or if third parties process this data on behalf of vioma. You can prevent the installation of cookies by setting your browser software accordingly; however, we would like to point out that in this case you may not be able to use all the functions of this website to their full extent. By using this website, you agree to the processing of the data collected about you by vioma in the manner and for the purpose described above.

Interactive browsing with chat support

In order to be able to offer you optimal advice during your visit to our site, a chat function is available. If a chat connection is established with the consultant, you will be redirected to the consultant’s system so that the consultant can help you find the information you need by browsing together in order to provide you with the best possible service. At no time is your browser accessed. As part of the chat, you have the option of choosing different communication channels by pressing the corresponding buttons. If you have chosen a consultation via voice or video communication, this communication will not be recorded at any time. You have the option to end the chat at any time.

By using the live chat, information is transmitted to the chat server. This data is information that is required for the technical processing of the chat. The standardised data collection is carried out solely for the purpose of online counselling. We store the data required for the above-mentioned functions exclusively for these purposes.

Chat logs are logged for evidentiary purposes only. Further evaluations are carried out at best in anonymous form for statistical purposes. The stored chat logs are not forwarded to third parties.

This website uses Userlike, a live chat software from Userlike UG. Userlike uses “cookies”, which are text files that are stored on your computer and allow you to conduct real-time personal chats on your website. The collected data is neither used to personally identify the visitor nor merged with personal data about the bearer of the pseudonym.

OpenTable

Online table reservation with OpenTable:
For online reservations, we use the service of OpenTable GmbH, Schumannstrasse 27, 60325 Frankfurt (hereinafter referred to as “OpenTable”).
The processing of the data required in the reservation form (first name, last name, telephone number, e-mail address, credit card details) is carried out on the basis of Art. 6 (1) (b) GDPR, insofar as your request is related to the performance of a contract or is necessary for the implementation of pre-contractual measures, or on our legitimate interests (Art. 6 (1) (f) GDPR), as we have a legitimate interest in the effective processing of table reservations made to us. have.
The data you send to us via table reservation will remain with us until the purpose for which the data is stored no longer applies (e.g. after processing has been completed) or you ask us to delete it. Mandatory statutory provisions – in particular statutory retention periods – remain unaffected. If you inform us of the occasion and special requests as part of your reservation, this is done on the basis of your consent (Art. 6 para. 1 lit. a, Art. 9 para. 2 lit. a GDPR), this information will be deleted immediately after your stay with us.
Conclusion of a contract for order processing:
We have concluded a contract processing agreement with OpenTable and implement the requirements of the German data protection authorities when using OpenTable. The data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: http://www.opentable.de/RestaurantTermsModelClausesDE

Newsletter

Newsletter data

With your consent, you can subscribe to our newsletter, which we use to inform you about our current interesting offers. The advertised goods and services are named in the declaration of consent.

To subscribe to our newsletter, we use the so-called double opt-in procedure. This means that after you have registered, we will send you an e-mail to the e-mail address provided, in which we ask you to confirm that you wish to receive the newsletter. If you do not confirm your registration within [24 hours], your information will be blocked and automatically deleted after one month. In addition, we store your IP addresses and times of registration and confirmation. The purpose of the procedure is to be able to prove your registration and, if necessary, to clarify any possible misuse of your personal data.The only mandatory information for sending the newsletter is your e-mail address. [The provision of further, separately marked data is voluntary and will be used to address you personally.] After your confirmation, we will store your e-mail address for the purpose of sending the newsletter. The legal basis is Art. 6 para. 1 sentence 1 lit. a GDPR.

You can revoke your consent to the sending of the newsletter at any time and unsubscribe from the newsletter. You can declare your revocation by clicking on the link provided in each newsletter e-mail, by e-mail to info@vier-jahreszeiten-starnberg.de or by sending a message to the contact details given in the imprint.

We would like to point out that we will evaluate your user behaviour when sending the newsletter, provided that you have given us your consent to newsletter tracking.

For newsletter tracking, the e-mails sent contain so-called web beacons or tracking pixels, which are single-pixel image files that are stored on our website. For the evaluations, we link the data mentioned under server log files and the web beacons with your e-mail address and an individual ID. Links received in the newsletter also contain this ID.
We use the data obtained in this way to create a user profile in order to tailor the newsletter to your individual interests. In doing so, we record when you read our newsletters, which links you click on in them and infer your personal interests from this. We link this data to actions you take on our website.

To send the newsletter, we use the e–mail marketing suite of the service provider ONLINE BIRDS GmbH. The service provider meets the requirements of data protection and ensures the protection of your data. Your data will not be passed on by the service provider either. You can find more information in the privacy policy of our service provider: https://www.online-birds.com/datenschutz/

Online booking tool

Our homepage allows you to book rooms and arrangements for the hotel via the hotel reservation portal onepagebooking of HotelNetSolutions GmbH.

If a user makes use of this option, the data entered in the input mask will be transmitted to us and stored to the extent permitted by the hotel reservation portal. Data can be: first name, surname, e-mail address, telephone, address, number of fellow travellers, estimated time of arrival, wishes, payment data (credit card).

The data provided is transferred to our hotel software via a so-called channel manager. All received booking data is transmitted in encrypted form. HotelNetSolutions GmbH, Genthiner Str. 8, D-10785 Berlin, Germany, as the provider of the Channel Manager, has committed itself to handling the transmitted personal data in accordance with data protection regulations. It takes all organisational and technical measures to protect your data.

In this context, the data will not be passed on to third parties. The data will be used exclusively for the processing of the booking and, if necessary, for communication.

We have concluded a data processing agreement with HotelNETSolutions GmbH.

The provision of the online booking portal is in our legitimate interest in accordance with Art. 6 (1) (f) GDPR. If an online booking is made, the legal basis for the processing is Art. 6 (1) (b) GDPR in conjunction with Art. 28 GDPR.

Plug In & Tool – Google Maps

This site uses the Google Maps map service via an API. The provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

In order to use the functions of Google Maps, it is necessary to store your IP address. This information is usually transmitted to a Google server in the USA and stored there. The provider of this site has no influence on this data transfer.

The use of Google Maps is in the interest of an appealing presentation of our online offers and to make it easy to find the places we indicate on the website. This constitutes a legitimate interest within the meaning of Art. 6 (1) (f) GDPR.

More information on the handling of user data can be found in Google’s privacy policy:  https://www.google.de/intl/de/policies/privacy/.

Sign up with Facebook Connect

Instead of registering directly on our website, you can register with Facebook Connect. The provider of this service is Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland.

If you choose to register with Facebook Connect and click on the “Login with Facebook” / “Connect with Facebook” button, you will be automatically redirected to Facebook’s platform. There you can log in with your usage data. This links your Facebook profile to our website or services. This link gives us access to your data stored with Facebook. These are mainly:

• Facebook Name
• Facebook profile and cover photo
• Facebook cover photo
• Email address stored with Facebook
• Facebook ID
• Facebook Friend Lists
• Facebook Likes
• Birthday
• Sex
• Land
• Language

The data is used to set up, provide and personalize your account.

For more information, see Facebook’s Terms of Service and Facebook Privacy Policy. These can be found at: https://de-de.facebook.com/about/privacy/ and https://www.facebook.com/legal/terms/.

Interest-Based Advertising

We work with Sojern to track your activity on our website and to provide you with relevant advertisements from us and other advertisers on unrelated websites. This advertising service uses pixel tags (web beacons), cookies, and other tracking technologies to collect and store non-personal information about your visit to our website. If you visit our website using your mobile device, an advertising service may also collect your device’s unique identifier or location and attempt to synchronize your visit to a mobile website with other website visits.

If you are shown a relevant ad on another website based on the information collected on our site, it is called an “interest-based” ad and has a blue “Adchoices” icon in the top right corner. By clicking on this icon, you will learn more about the interest-based advertising service and your ability to opt out of interest-based ads.

We have no access to these advertising services and no control over how cookies are used when serving interest-based ads. However, you may opt-out of the use of this information by clicking here: https://www.aboutads.info/choices

Please note that if you opt out, you will still see ads, but they may not be targeted to your travel interests.

Payment provider PayPal

On our website, we offer, among other things, payment via PayPal. The provider of this payment service is PayPal (Europe) S.à.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter referred to as “PayPal”).

If you choose to pay via PayPal, the payment details you enter will be transmitted to PayPal.

The transfer of your data to PayPal takes place on the basis of Art. 6 (1) (a) GDPR (consent) and Art. 6 (1) (b) GDPR (processing for the performance of a contract). You have the option of withdrawing your consent to data processing at any time. A revocation does not affect the effectiveness of data processing operations carried out in the past.

Adaptations

The constant development of the Internet and the progress in technical organizational measures make it necessary to adapt our privacy policy from time to time. We reserve the right to make changes at any time.

Our social media presences

We maintain publicly accessible profiles on social networks. The social networks we use in detail can be found below. Social networks such as Facebook, Twitter, etc. can usually analyze your user behavior comprehensively when you visit their website or a website with integrated social media content (e.g. like buttons or advertising banners). Visiting our social media presences triggers numerous data protection-relevant processing operations. In detail: If you are logged into your social media account and visit our social media presence, the operator of the social media portal can assign this visit to your user account. However, your personal data may also be collected if you are not logged in or do not have an account with the respective social media portal. In this case, this data collection is carried out, for example, via cookies that are stored on your device or by recording your IP address. With the help of the data collected in this way, the operators of the social media portals can create user profiles in which your preferences and interests are stored. In this way, interest–based advertising can be shown to you on and off the respective social media presence. If you have an account with the respective social network, interest–based advertising can be displayed on all devices on which you are logged in or were logged in. Please also note that we cannot track all processing processes on the social media portals. Depending on the provider, further processing operations may therefore be carried out by the operators of the social media portals. Details can be found in the terms of use and privacy policy of the respective Social-Media-Portale.

Legal basis

Our social media presences are intended to ensure the widest possible presence on the Internet. This is a legitimate interest within the meaning of Art. 6 (1) (f) GDPR. The analysis processes initiated by the social networks may be based on different legal bases, which must be indicated by the operators of the social networks (e.g. consent within the meaning of Art. 6 para. 1 lit. a GDPR).

Controller and exercise of rights

If you visit one of our social media presences (e.g. Facebook), we are jointly responsible with the operator of the social media platform for the data processing operations triggered during this visit. In principle, you can assert your rights (information, correction, deletion, restriction of processing, data portability and complaint) against us as well as against the operator of the respective social media portal (e.g. against Facebook). Please note that despite the joint responsibility with the social media portal operators, we do not have full influence on the data processing processes of the social media portals. Our options are largely based on the corporate policy of the respective provider.

Storage period

The data collected directly by us via the social media presence will be deleted from our systems as soon as you ask us to delete it, revoke your consent to its storage or the purpose for which it was stored no longer applies. Stored cookies remain on your device until you delete them. Mandatory legal provisions – esp. retention periods – remain unaffected. We have no influence on the storage period of your data, which is stored by the operators of the social networks for their own purposes. For details, please contact the operators of the social networks directly (e.g. in their privacy policy, see below).

1. Facebook

We have a profile on Facebook. The provider of this service is Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (hereinafter referred to as Meta). According to Meta, the data collected will also be transferred to the USA and other third countries. We have concluded a joint processing agreement (Controller Addendum) with Meta. This Agreement sets out which data processing operations we or Meta are responsible for when you visit our Facebook page. You can view this agreement at the following link: https://www.facebook.com/legal/terms/page_controller_addendum. You can adjust your advertising settings independently in your user account. To do this, click on the following link and log in: https://www.facebook.com/settings?tab=ads. The data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://www.facebook.com/legal/EU_data_transfer_addendum and https://de-de.facebook.com/help/566994660333381.Details can be found in Facebook’s privacy policy: https://www.facebook.com/about/privacy/.

2. Instagram

We have a profile on Instagram. The provider of this service is Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. The data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://www.facebook.com/legal/EU_data_transfer_addendum, https://help.instagram.com/519522125107875 and https://de-de.facebook.com/help/566994660333381. Details zu deren Umgang mit Ihren personenbezogenen Daten entnehmen Sie der Datenschutzerklärung von Instagram: https://help.instagram.com/519522125107875.

3. LinkedIn

We have a profile on LinkedIn. The provider is LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland. LinkedIn uses advertising cookies. If you wish to disable LinkedIn advertising cookies, please use the following link: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.The data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://www.linkedin.com/legal/l/dpa and https://www.linkedin.com/legal/l/eu-sccs. Details on their handling of your personal data can be found in LinkedIn’s privacy policy: https://www.linkedin.com/legal/privacy-policy.

4. Xing

We have a profile on XING. The provider is New Work SE, Dammtorstraße 30, 20354 Hamburg, Germany. Details on how they handle your personal data can be found in XING’s privacy policy: https://privacy.xing.com/de/datenschutzerklaerung.

5. YouTube

We have a profile on YouTube. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Details on their handling of your personal data can be found in YouTube’s privacy policy: https://policies.google.com/privacy?hl=de.

6. WhatsApp newsletter

Data processing

WhatsApp independently collects user data when it is used; this is regulated by the consent in WhatsApp’s terms of use. This data collected by WhatsApp is not processed by us or the WhatsApp Business API.

The controller for the WhatsApp messenger service within the meaning of the GDPR is WhatsApp Ireland; the competent supervisory authority under the GDPR is the Irish Data Protection Authority.

What is special about the WhatsApp Business API?

In contrast to WhatsApp Business, address book data is never automatically synchronised when using the WhatsApp Business API and is therefore not sent to WhatsApp.

We do not use an app from WhatsApp. Instead, the infrastructure is set up by a ‘Business Solution Provider’, which is certified by WhatsApp to ensure responsible handling of the API. With our interface, you then have the interface to communicate with your customers via WhatsApp. The messages between WhatsApp and the 360dialogue API are end-to-end encrypted.

Data protection information for applicants

We are pleased that you are interested in us and that you are applying or have applied for a position in our company. The protection of the privacy and personal rights of our applicants is of crucial importance to us. We would like to use this data protection information to explain to you how we use your personal data.

Who is responsible for data processing?

The controller within the meaning of data protection law is the

Hotel Vier Jahreszeiten Starnberg GmbH & Co. KG
Münchner Straße 17
82319 Starnberg

We have appointed a data protection officer for our company. You can reach him personally at the above address with the addition to the attention of the data protection officer or by e-mail: dsb@vier-jahreszeiten-starnberg.de.

Processing purposes and legal basis

We process your personal data to the extent necessary to verify the establishment of an employment relationship. The legal basis for this is basically Art. 6 (1) (b) GDPR in conjunction with Section 26 of the Federal Data Protection Act (BDSG).
We only collect the personal data (in particular first name, surname, address, e-mail, applied position, information from the application) from you that is necessary for the application process. In order to fully review your application, it is necessary that you also provide us with information about your previous professional career.
In the context of your application, we only use data that originates directly from you or a person authorized by you. In the course of the application process, further personal data may be collected from you personally or from generally accessible sources. This may also include data that you make available online for the purpose of professional representation (e.g. in business networks). We do not carry out any further research on your person, e.g. by means of online search engines.
If we ask you about your gender in the form of the desired salutation during the application process, this is solely due to the fact that we want to write to you or speak to you in the right way. The reason for stating your age or entering your date of birth is that a minimum age is required by law for some of our activities.
If and to the extent that you have given us consent to data processing for specific purposes, for example to actively contact you on our part in order to offer you further vacancies with us, the processing results from the purpose of the consent given.
In addition, we process your personal data insofar as this is legally necessary to fulfil retention obligations under commercial and tax law or otherwise due to legal norms. (e.g. under the Money Laundering Act).
We process your personal data insofar as this is necessary to defend against legal claims asserted against us from the application process. The legitimate interest is, for example, a burden of proof in proceedings under the General Equal Treatment Act (AGG).

Categories of personal data processed by us and where they come from

We process the personal data that we receive from you as part of your application. This is the data that you provide to us as part of your application, in particular by submitting the application documents and the information you provide in job interviews. We also visit profiles of applicants on XING and LinkedIn or other professionally oriented social networks, if any. We do not visit profiles in private social networks.
We may also receive data from recruiters to whom you have provided your application documents and whom you propose to us as candidates for a job.

Who receives your data?

Of course, your data will be treated confidentially and will only be made available to the people in the company who are involved in the recruitment decision-making process (e.g. HR department, specialist department).
Your applicant data will be reviewed by the HR department after receipt of your application. Suitable applications are then forwarded internally to the department managers for the respective open position. Then the further procedure will be coordinated. In principle, only those persons in the company have access to your data who need it for the proper running of our application process.
Furthermore, processors, such as software providers, IT service providers, document shredders, etc. may be recipients of the data. We have concluded a so-called order processing agreement with these providers, which ensures that data processing is carried out in a permissible manner.

Transfer of your data to a recipient in a third country or to an international organisation

If we transfer personal data to service providers outside the European Economic Area (EEA), the transfer will only take place if the third country has been confirmed by the EU Commission to have an adequate level of data protection or other appropriate data protection guarantees (e.g. binding corporate data protection regulations or EU standard contractual clauses) or if there is another legal exception to compliance with the level of data protection (Art. 49 GDPR).

How long do we store your data?

We store your personal data for as long as it is necessary to achieve the processing purposes and/or to comply with statutory retention obligations.
If you have not been selected for the position for which you have applied, we will delete your data if you withdraw your application, six months after the withdrawal of your application and, if we reject you, after six months from the date of rejection.
If you have been awarded a position during the application process, the data from your application will be transferred to the personnel file.

To what extent is there automated decision-making in individual cases (including profiling)?

We do not use purely automated decision-making procedures in accordance with Article 22 GDPR. If we use these procedures in individual cases, we will inform you separately

Scope of your obligations to provide us with your data

Applying to us is voluntary. The provision of your personal data regarding your previous professional and/or educational career, your qualifications, your skills and information about yourself and how you can be reached is necessary so that we can find out whether you as an applicant and the position to be filled are a match and we can make a personnel selection. Without the provision of personal data by you as an applicant, no personnel selection and no application process can be carried out.
Consequently, failure to provide personal data simply means that you cannot be considered as a candidate when filling the vacancy.

Rights of data subjects

You can use the following at the above address and under certain conditions:
• Request information about your personal data processed by us in accordance with Art. 15 GDPR. In particular, you can obtain information about the purposes of processing, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to rectification, erasure, restriction of processing or objection, the existence of a right to lodge a complaint, the origin of your data, if it has not been collected by us, and the existence of automated decision-making including profiling and, where applicable, meaningful information on its details;
• request the rectification of inaccurate or complete your personal data stored by us without undue delay in accordance with Art. 16 GDPR;
• request the deletion of your personal data stored by us in accordance with Art. 17 GDPR, unless the processing is necessary for the exercise of the right to freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the establishment, exercise or defence of legal claims;
• request the restriction of the processing of your personal data in accordance with Art. 18 GDPR, insofar as the accuracy of the data is disputed by you, the processing is unlawful, but you reject its deletion and we no longer need the data, but you need it to assert, exercise or defend legal claims, or you have objected to the processing in accordance with Art. 21 GDPR;
• in accordance with Art. 20 GDPR, to receive your personal data that you have provided to us in a structured, commonly used and machine-readable format or to request that it be transmitted to another controller;
• in accordance with Art. 7 para. 3 GDPR, to revoke your consent to us at any time. As a result, we are no longer allowed to continue the data processing that was based on this consent for the future.

If you wish to exercise any of these rights, please contact us or, if applicable, our Data Protection Officer. We recommend that you choose content encryption (e.g. encrypted pdf document or similar) when communicating particularly sensitive data by email.

Information about your right to object according to Art. 21 GDPR
You have the right to object to the processing of personal data concerning you that is carried out on the basis of Art. 6 (1) (f) GDPR (data processing for the purpose of safeguarding legitimate interests) or Art. 6 (1) (e) GDPR (data processing for tasks carried out in the public interest).
If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing that outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.
Information about your right of revocation in accordance with Art. 7 (3) GDPR
Insofar as we carry out the processing for certain purposes of your personal data on the basis of your consent, you have the right to withdraw your consent at any time in accordance with Art. 7 (3) GDPR. Upon receipt of your revocation, we will stop processing data for the purposes for which you have given us consent. The lawfulness of the processing prior to receipt of your revocation remains unaffected.

Please note that the revocation only takes effect for the future. Processing that took place before the revocation is not affected.

The objection can be made in any form and should be addressed to: bewerbung@vier-jahreszeiten-starnberg.de

Your right to lodge a complaint with the competent supervisory authority

You have the right to lodge a complaint with the data protection supervisory authority if you believe that the processing of your data violates the GDPR (Art. 77 GDPR). The supervisory authority responsible for us is: Bavarian State Office for Data Protection Supervision.

Changes to our Privacy Policy

We reserve the right to change our security and data protection measures if this becomes necessary due to technical developments. In these cases, we will also adjust our privacy policy accordingly. Therefore, please note the current version of our privacy policy. This information is as of 9/2023.

Conditions of participation Food Festival

All information at a glance

The minimum age to participate in the food festival is 18 years. For participants who have not yet reached the age of 18, explicit consent is required and, for those under 16 years of age, the participation of their legal guardians is also required. Otherwise, participation is not possible.

By participating in the Food Festival, the participant or, in the case of participants under the age of 14, the legal guardian consents to the fact that the photos taken in connection with participation in the “Food Festival” event (individual and group photos) in flyers, brochures, print media, the homepage and the online presences such as Facebook/Instagram of the organizer may be processed, distributed and published without any claim to remuneration. We would like to point out that photos can be accessed worldwide when they are published on the Internet. A further use of these photos by third parties cannot therefore be generally ruled out. If you do not wish to publish it, please contact our photographers or our staff directly on site on the day of the event.

In particular, you have the right to withdraw your consent at any time with effect for the future marketing@vier-jahreszeiten-starnberg.de to revoke.The revocation has the effect that published photographs will be removed from the above-mentioned website(s) and online presences of the organizer and that no further photographs will be uploaded. In the case of publication in print media, the later revocation does not generally lead to the removal of the image(s) from already existing printed matter. However, the photographs will be excluded from further use in the aforementioned printed matter from the time of revocation. The recordings will be deleted if their knowledge is no longer necessary to fulfil the purpose pursued by the storage and there are no statutory retention periods to the contrary. Further information on data protection can be found at https://www.vier-jahreszeiten-starnberg.de/de/service/datenschutz/

Terms and conditions:

The Best Price Guarantee applies to all available offers within 24 hours of booking with identical booking conditions (arrival and departure date, number of rooms, length of stay, booked room category, cancellation conditions, as well as deposit and advance payment), as confirmed by us to you with a price difference of at least EUR 2.00. The comparative offer must be publicly viewable and bookable online.

Excluded from the Best Price Guarantee are price offers from hidden providers on internet or auction sites where the name of the hotel booked is only disclosed after a reservation has been made. Also excluded are price offers in which the hotel room is combined with other services such as air travel, car hire etc. as part of a complete offer. Also excluded are price offers that are not publicly bookable or are reserved for members of certain groups or individuals only, as well as prepaid offers where a voucher is redeemed at the hotel. The same applies in countries where it contravenes applicable law. Once the room has been occupied in accordance with the confirmed conditions, the Best Price Guarantee can no longer be utilised.

If the comparative offer is in a different currency than the offer from the Hotel Vier Jahreszeiten Starnberg, the comparative offer will be converted into EURO at the exchange rate valid on the day of the check.

The Hotel Vier Jahreszeiten Starnberg reserves the right to change the Best Price Guarantee at any time or to remove it completely from the programme.