Imprint
Diekhuus Büsum
Gülay und Matthias Modi
Ahornring 29
22941 Hammoor
04532 509 1000
fewo@diekhuus-buesum.de
Bildrechte
Mobbys Pics
Mobby Gehring
Sankt Peter Ording
mobbys-pics.com
Webseite
artfuleye.de
Datenschutz
Content of the Online Offer
The author makes no guarantees regarding the currentness, correctness, completeness, or quality of the information provided. Liability claims against the author, relating to material or immaterial damages caused by the use or non-use of the provided information or by the use of incorrect or incomplete information, are generally excluded, unless there is evidence of willful intent or gross negligence on the part of the author. All offers are non-binding and subject to change. The author expressly reserves the right to change, supplement, delete parts of the pages or the entire offer, or to temporarily or permanently discontinue publication without prior notice.
Liability for Links
Despite careful content control, we assume no liability for the content of external links. The content of the linked pages is the sole responsibility of their operators.
Data Protection
Your personal data will of course be treated confidentially and not shared with third parties.
Cookies
This website uses Google Analytics, a web analytics service provided by Google Inc. (“Google”). Google Analytics uses so-called “cookies,” text files that are stored on your computer and enable the analysis of your use of the website. The information generated by the cookie about your use of this website (including your IP address) is transmitted to a Google server in the USA and stored there. Google will use this information to evaluate your use of the website, to compile reports on website activity for the website operators, and to provide other services related to website usage and internet usage. Google may also transfer this information to third parties, as required by law or where third parties process this data on Google’s behalf. Google will not associate your IP address with other data held by Google. You can prevent the installation of cookies by adjusting your browser software accordingly; however, we point out that in this case, you may not be able to use all functions of this website to their full extent. By using this website, you consent to the processing of the data collected about you by Google in the manner and for the purposes described above.
The operators of these pages (hereinafter referred to as “Responsible” or “Operators”) take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the legal data protection regulations as well as this privacy policy.
Using our website is generally possible without providing personal data. If personal data (e.g., name, address, or email addresses) is collected on our pages, this is always done, where possible, on a voluntary basis. These data will not be passed on to third parties without your explicit consent.
The processing of your personal data, such as name, address, email address, or phone number, is always in accordance with national and European legal regulations, especially the General Data Protection Regulation (GDPR). With this privacy policy, we aim to inform you about the nature, scope, and purpose of the personal data we collect, use, and process. Furthermore, this privacy policy will inform you of your rights regarding your personal data.
We would like to point out that data transmission over the internet (e.g., when communicating via email) may have security vulnerabilities. A complete protection of data from third-party access is not possible.
1. Definition of Terms
The privacy policy of this website is based on the terminology used in Article 4 of the GDPR, as defined by the European Union when enacting the General Data Protection Regulation (GDPR). Our privacy policy is designed to be easy to read and understand for both the public and our customers and business partners. To ensure this, we would like to explain the terms used in advance.
In this privacy policy, we use the following terms:
a) Personal Data
Personal data is any information relating to an identified or identifiable natural person (hereinafter referred to as the “data subject” or “user”). A natural person is considered identifiable if they can be identified directly or indirectly, particularly by reference to an identifier such as a name, identification number, location data, an online identifier, or one or more specific factors related to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.
b) Data Subject
A data subject is any identified or identifiable natural person whose personal data is processed by the controller.
c) Processing
Processing refers to any operation or set of operations performed on personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction.
d) Restriction of Processing
Restriction of processing means marking stored personal data with the aim of limiting its future processing.
e) Profiling
Profiling is any form of automated processing of personal data that involves using personal data to evaluate certain personal aspects relating to a natural person, particularly to analyze or predict aspects regarding work performance, economic situation, health, personal preferences, interests, reliability, behavior, location, or movements of that natural person.
f) Pseudonymization
Pseudonymization is the processing of personal data in such a way that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and subject to technical and organizational measures to ensure that the personal data cannot be assigned to an identified or identifiable natural person.
g) Controller or Responsible Party
The controller or responsible party is the natural or legal person, authority, agency, or other body that alone or jointly with others determines the purposes and means of the processing of personal data. If the purposes and means of such processing are determined by Union law or the law of member states, the controller or the criteria for its designation may be specified by Union law or the law of the member states.
h) Processor
A processor is a natural or legal person, authority, agency, or other body that processes personal data on behalf of the controller.
i) Recipient
A recipient is a natural or legal person, authority, agency, or other body to whom personal data is disclosed, whether a third party or not. However, authorities which may receive personal data in the course of a specific investigation under Union law or the law of member states are not considered recipients.
j) Third Party
A third party is a natural or legal person, authority, agency, or other body, other than the data subject, the controller, the processor, and the persons who, under the direct authority of the controller or the processor, are authorized to process personal data.
k) Consent
Consent is any freely given, informed, and unambiguous indication of the data subject’s wishes, expressed in the form of a statement or other clear affirmative action, by which the data subject signifies agreement to the processing of their personal data.
2. Rights of the User
It is also important for us to inform you about your rights under the GDPR concerning the processing of your data:
a) Right to Confirmation (Art. 15, Para. 1 GDPR)
Every data subject has the right to obtain confirmation from the controller as to whether or not personal data concerning them is being processed. If a data subject wishes to exercise this right of confirmation, they may contact the address provided in the imprint or this privacy policy at any time, or contact another employee of the controller.
b) Right to Information (Art. 15, Para. 1 and 3 GDPR)
Every person affected by the processing of personal data (user) has the right to obtain, at any time, free information from the controller about the personal data stored about them, and a copy of that information. Additionally, the controller must provide the following information:
- the purposes of processing
- the categories of personal data being processed
- the recipients or categories of recipients to whom the personal data has been or will be disclosed, particularly recipients in third countries or international organizations
- if possible, the planned duration for which the personal data will be stored, or if not possible, the criteria used to determine that duration
- the existence of a right to rectification or erasure of personal data concerning them, or to restriction of processing by the controller, or a right to object to such processing
- the existence of a right to lodge a complaint with a supervisory authority
- if the personal data was not collected from the data subject: all available information about the source of the data
- the existence of automated decision-making, including profiling as per Article 22, Para. 1 and 4 GDPR, and — at least in such cases — meaningful information about the logic involved, as well as the scope and intended consequences of such processing for the data subject.
The data subject also has the right to be informed whether personal data has been transferred to a third country or an international organization. If this is the case, the data subject also has the right to obtain information about the appropriate safeguards related to the transfer.
c) Right to Rectification (Art. 16 GDPR)
Every data subject has the right to request the immediate rectification of inaccurate personal data concerning them. Furthermore, the data subject has the right to request the completion of incomplete personal data — including by means of an additional statement — taking into account the purposes of the processing.
d) Right to Erasure (Right to be Forgotten) (Art. 17 GDPR)
Every data subject has the right to request from the controller the immediate erasure of personal data concerning them, if one of the following reasons applies and processing is not necessary:
- The personal data was collected or processed for purposes for which they are no longer necessary.
- The data subject withdraws their consent on which the processing is based according to Art. 6, Para. 1, letter a GDPR or Art. 9, Para. 2, letter a GDPR, and there is no other legal basis for processing.
- The data subject objects to the processing under Art. 21, Para. 1 GDPR, and there are no overriding legitimate grounds for processing, or the data subject objects to the processing under Art. 21, Para. 2 GDPR.
- The personal data has been processed unlawfully.
- Erasure of the personal data is necessary to comply with a legal obligation under Union law or the law of the member states to which the controller is subject.
- The personal data was collected in relation to the services of the information society offered according to Art. 8, Para. 1 GDPR.
If the personal data has been made public by the controller and the controller is obliged to erase the personal data according to Art. 17, Para. 1 GDPR, the controller, considering the available technology and the cost of implementation, will take reasonable steps, including technical measures, to inform other controllers who process the published personal data that the data subject has requested the deletion of all links to, or copies or replications of, that personal data, unless processing is necessary.
e) Right to Restriction of Processing (Art. 18 GDPR)
Every data subject has the right to request the restriction of processing from the controller if one of the following conditions is met:
- The accuracy of the personal data is disputed by the data subject for a period that allows the controller to verify the accuracy of the personal data.
- The processing is unlawful, the data subject objects to the deletion of the personal data and instead requests the restriction of the use of the personal data.
- The controller no longer needs the personal data for the purposes of processing, but the data subject requires them for the establishment, exercise, or defense of legal claims.
- The data subject has objected to processing under Art. 21, Para. 1 GDPR, and it has not yet been determined whether the legitimate grounds of the controller override those of the data subject.
f) Right to Data Portability (Art. 20 GDPR)
Every data subject has the right to receive the personal data concerning them, which has been provided to the controller, in a structured, commonly used, and machine-readable format. They also have the right to transmit these data to another controller without hindrance from the controller to whom the personal data was provided, if the processing is based on consent under Art. 6, Para. 1, letter a GDPR or Art. 9, Para. 2, letter a GDPR, or on a contract under Art. 6, Para. 1, letter b GDPR, and the processing is carried out by automated means, provided that the processing is not necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.
Furthermore, the data subject has the right, when exercising their right to data portability under Art. 20, Para. 1 GDPR, to have the personal data transmitted directly from one controller to another, where technically feasible, and provided that the rights and freedoms of others are not affected.
g) Right to Object (Art. 21 GDPR)
Every data subject has the right to object, on grounds relating to their particular situation, at any time to the processing of personal data concerning them, which is based on Art. 6, Para. 1, letters e or f GDPR. This also applies to profiling based on these provisions.
The controller will no longer process the personal data in the event of an objection, unless the controller demonstrates compelling legitimate grounds for the processing that override the interests, rights, and freedoms of the data subject, or the processing is necessary for the establishment, exercise, or defense of legal claims.
If the controller processes personal data for direct marketing purposes, the data subject has the right to object at any time to the processing of personal data for such marketing purposes. This also applies to profiling to the extent that it is related to such direct marketing. If the data subject objects to the processing for direct marketing purposes, the controller will no longer process the personal data for those purposes.
Additionally, the data subject has the right, for reasons related to their particular situation, to object to the processing of personal data concerning them for scientific or historical research purposes or for statistical purposes under Art. 89, Para. 1 GDPR, unless such processing is necessary for the performance of a task carried out in the public interest.
The data subject is also free to exercise their right to object in the context of the use of information society services, notwithstanding Directive 2002/58/EC, through automated means using technical specifications.
h) Automated Decisions in Individual Cases, including Profiling (Art. 22 GDPR)
Every data subject has the right not to be subject to a decision based solely on automated processing — including profiling — that has legal effects concerning them or similarly significantly affects them, unless the decision is (1) necessary for the entering into or performance of a contract between the data subject and the controller, or (2) authorized by Union or Member State law to which the controller is subject, and such law contains appropriate measures to safeguard the data subject’s rights, freedoms, and legitimate interests, or (3) based on the explicit consent of the data subject.
If the decision is (1) necessary for the conclusion or performance of a contract between the data subject and the controller or (2) made with the explicit consent of the data subject, the controller will take appropriate measures to safeguard the rights, freedoms, and legitimate interests of the data subject, including at least the right to obtain human intervention on the part of the controller, to express their point of view, and to contest the decision.
i) Right to Withdraw Consent to Data Processing
Every data subject has the right to withdraw their consent to the processing of personal data at any time.
3. Cookies
The websites use so-called cookies. Cookies do not harm your computer and do not contain viruses. Cookies are used to make our services more user-friendly, efficient, and secure. Cookies are small text files that are stored on your computer and saved by your browser.
Most of the cookies we use are so-called “session cookies.” They are automatically deleted at the end of your visit. Other cookies remain stored on your device until you delete them. These cookies allow us to recognize your browser on your next visit.
You can configure your browser to notify you when cookies are being set and to allow cookies only on a case-by-case basis, to exclude the acceptance of cookies for certain cases or generally, and to activate the automatic deletion of cookies when closing the browser. Disabling cookies may limit the functionality of this website.
4. Data processing when using booking systems
Widgets from a booking system may be implemented on these pages.
The providers are a booking route and a booking system, which are the providers of the controller’s hotel software. The widgets may be the following:
- Request form
- Booking mask
- Small search (request, booking)
- Category view
- Room view
- Package widget
- Price overview
- Price comparison
- Availability calendar
- Online check-in
a) General
In order to process your inquiry or booking, it is necessary that the data you provide to the controller is processed.
The aforementioned controller and Swoppen Systems GmbH are in a contractual business relationship. The controller acquires its hotel management and booking software from zadego GmbH.
There is a transfer of the personal data you provide to the management system and to companies that are in business relationships with the management system. This transfer is made particularly to the aforementioned lessors, and possibly also to tourism associations, registration service providers, payment providers, and other companies that are connected to the management system and/or lessors and are required to fulfill contractual obligations.
The use of personal data by the providers is governed by the applicable legal provisions as well as by the consent you have given for the use of your data.
b) Collection of Data
As part of an inquiry or booking with the tourism business, you will provide relevant data for the purpose of processing your request. These typically include the following:
- First and last name
- Email address
- Address
- Phone number
- Payment details (bank account, credit card details)
- Date of birth (for the identification of children)
These data are collected only to the extent that it is legally permitted, and only with your consent and active participation. If the consent is given electronically as part of the services, the legal requirements are met, and this consent is logged through appropriate technical systems.
c) Purpose of Data Processing
The controller will process your personal data for the following purposes in this context:
- Submission of offers
- Online check-in
- Fulfillment of reporting obligations
- Payment processing
- Invoicing
If personal data (contact details, email, desired stay data) is entered in one of these widgets, it is always done on a voluntary basis and solely for the purpose of providing you with an appropriate offer for your stay.
If no contractual relationship is established between the parties (i.e., if no stay at the controller’s establishment takes place), the data of the affected person will be immediately and automatically deleted from the systems. In individual cases, legal retention and deletion periods must be observed.
5. Reporting Obligation
The controller is obligated under the applicable registration law to register all guests staying with the controller with the data specified in the registration law. This includes, among other things, the following data:
- Name
- Name of accompanying persons
- Date of birth
- Gender
- Nationality
- Country of origin
- Address
- Travel document (type, number, date of issue, issuing authority, country)
- Travel period dates
a) Guest Register
The controller is required by law to maintain a guest register for all guest data transmitted to him in relation to a booking. This guest register is subject to automatic deletion and anonymization periods stored in the system. The providers implement appropriate technical and organizational measures to ensure that personal data is stored in the system in compliance with the law. In individual cases, legally prescribed storage and retention periods must be observed. The storage periods apply unless the data in question is processed for other purposes mentioned in this privacy policy for a longer period.
The guest register is maintained electronically by the controller, with the data being forwarded to zadego GmbH. In this case, zadego GmbH acts as a processor, as it stores the data on its servers. Data transmission to a third country will not occur without prior information to the affected individuals.
6. SSL Encryption
This website uses SSL encryption for security reasons and to protect the transmission of confidential content, such as the inquiries you send to us as the website operator. You can recognize an encrypted connection by the change in the browser address bar from “http://” to “https://” and by the lock symbol in your browser’s address bar.
When SSL encryption is enabled, the data you transmit to us cannot be read by third parties.
7. Privacy Policy for Google Maps
This website uses the Google Maps product from Google Inc. By using this website, you agree to the collection, processing, and use of the automatically collected data by Google Inc., its representatives, and third parties.
The terms of use for Google Maps can be found under “Google Maps Terms of Service.”
8. Privacy Policy for the Use of Google Analytics (with Anonymization Function)
The controller has integrated the Google Analytics component (with anonymization function) on this website. Google Analytics is a web analytics service. Web analytics is the collection, compilation, and evaluation of data about the behavior of visitors to websites. A web analytics service collects data about, for example, from which website an affected person came to a website (so-called referrers), which subpages of the website were accessed, and how often and for how long a particular subpage was viewed.
The operating company of the Google Analytics component is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043-1351, USA.
The controller uses the addition “_gat._anonymizeIp” for web analysis via Google Analytics. Through this addition, the IP address of the internet connection of the affected person is shortened and anonymized by Google when accessing our websites from a member state of the European Union or from another contracting state of the agreement on the European Economic Area.
The purpose of the Google Analytics component is to analyze the flow of visitors to our website.
Google uses the collected data and information, among other things, to evaluate the use of our website, to compile online reports showing activities on our websites, and to provide further services related to the use of our website.
Google Analytics places a cookie on the information technology system of the affected person. What cookies are was explained earlier. By setting the cookie, Google enables an analysis of the use of our website. With each visit to one of the individual pages of this website operated by the controller and on which a Google Analytics component is integrated, the internet browser on the information technology system of the affected person is automatically prompted by the respective Google Analytics component to transmit data for online analysis to Google. Within the scope of this technical procedure, Google learns personal data, such as the IP address of the affected person, which Google uses to trace the origin of visitors and clicks and to enable commission billing.
Through the cookie, personal information such as the time of access, the location from which the access originated, and the frequency of visits to our website by the affected person are stored. With each visit to our website, this personal data, including the IP address of the internet connection used by the affected person, is transferred to Google in the United States of America. These personal data are stored by Google in the United States of America. Google may transmit this personal data collected through the technical procedure to third parties.
The affected person can prevent the setting of cookies by our website, as described above, at any time by adjusting the settings of the used internet browser, thereby permanently objecting to the setting of cookies. Such an adjustment to the internet browser would also prevent Google from setting a cookie on the information technology system of the affected person. Furthermore, a cookie already set by Google Analytics can be deleted at any time via the internet browser or other software programs.
Additionally, the affected person has the option to object to the collection of data generated by Google Analytics, related to the use of this website, and the processing of these data by Google, and to prevent such processing. To do this, the affected person must download and install a browser add-on via the link https://tools.google.com/dlpage/gaoptout. This browser add-on informs Google Analytics via JavaScript that no data and information on the visits to websites may be transmitted to Google Analytics. The installation of the browser add-on will be considered by Google as an objection. If the information technology system of the affected person is deleted, formatted, or reinstalled at a later time, the affected person must reinstall the browser add-on to deactivate Google Analytics. If the browser add-on is uninstalled or deactivated by the affected person or by another person within their sphere of control, the possibility of reinstalling or reactivating the browser add-on exists.
9. Server Log Files
The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:
- Browser type and version
- Used operating system
- Referrer URL
- Hostname of the accessing computer
- Time of the server request
This data cannot be assigned to specific individuals. A merger of this data with other data sources is not performed. We reserve the right to check this data retrospectively if we become aware of concrete indications of illegal use.
10. Absence of Automated Decision-Making
As a responsible company, we refrain from automated decision-making or profiling.
11. Notice on Online Dispute Resolution
Online dispute resolution according to Article 14 (1) ODR-Regulation: The European Commission provides a platform for online dispute resolution (OS), which you can find at http://ec.europa.eu/consumers/odr/.
12. Objection to Promotional Emails
The use of contact data published as part of the imprint obligation for the purpose of sending unsolicited advertising and information materials is hereby objected to. The operators of the pages expressly reserve the right to take legal action in the event of the unsolicited sending of promotional information, such as spam emails.
13. Changes to This Privacy Policy
We may update our privacy policy from time to time. Therefore, it is recommended to check this page regularly for changes. We will inform you about changes by publishing the new privacy policy on this page. These changes will be effective immediately after being published on this page.
14. How to Contact Us
If you have any questions, suggestions, or concerns regarding this policy or the use of your data, please contact us at the address provided in the imprint or this privacy policy.