1. An overview of data protection
Data collection on our website
Who is responsible for the data collection on this website?
The data collected on this website are processed by the website operator. The operator's contact details can be found in the website's required legal notice.
How do we collect your data?
Some data are collected when you provide it to us. This could, for example, be data you enter on a contact form.
Other data are collected automatically by our IT systems when you visit the website. These data are primarily technical data such as the browser and operating system you are using or when you accessed the page. These data are collected automatically as soon as you enter our website.
What do we use your data for?
Part of the data is collected to ensure the proper functioning of the website. Other data can be used to analyze how visitors use the site.
What rights do you have regarding your data?
You always have the right to request information about your stored data, its origin, its recipients, and the purpose of its collection at no charge. You also have the right to request that it be corrected, blocked, or deleted. You can contact us at any time using the address given in the legal notice if you have further questions about the issue of privacy and data protection. You may also, of course, file a complaint with the competent regulatory authorities.
Analytics and third-party tools
2. General information and mandatory information
Please note that data transmitted via the internet (e.g. via email communication) may be subject to security breaches. Complete protection of your data from third-party access is not possible. Notice concerning the party responsible for this website The party responsible for processing data on this website is:
The Alex Hotel GmbH
Sitz der Gesellschaft: Freiburg im Breisgau
Amtsgericht Freiburg im Breisgau: HRB 709374
Geschäftsführer: Alexander Beinert
USt.-IdNr.: DE 286906103
Telephone: +49 761 296970
The responsible party is the natural or legal person who alone or jointly with others decides on the purposes and means of processing personal data (names, email addresses, etc.).
Revocation of your consent to the processing of your data
Many data processing operations are only possible with your express consent. You may revoke your consent at any time with future effect. An informal email making this request is sufficient. The data processed before we receive your request may still be legally processed.
Right to file complaints with regulatory authorities
If there has been a breach of data protection legislation, the person affected may file a complaint with the competent regulatory authorities. The competent regulatory authority for matters related to data protection legislation is the data protection officer of the German state in which our company is headquartered. A list of data protection officers and their contact details can be found at the following link: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.
Right to data portability
You have the right to have data which we process based on your consent or in fulfillment of a contract automatically delivered to yourself or to a third party in a standard, machine-readable format. If you require the direct transfer of data to another responsible party, this will only be done to the extent technically feasible. SSL or TLS encryption This site uses SSL or TLS encryption for security reasons and for the protection of the transmission of confidential content, such as the inquiries you send to us as the site operator. You can recognize an encrypted connection in your browser's address line when it changes from "http://" to "https://" and the lock icon is displayed in your browser's address bar.
If SSL or TLS encryption is activated, the data you transfer to us cannot be read by third parties.
Encrypted payments on this website
If you enter into a contract which requires you to send us your payment information (e.g. account number for direct debits), we will require this data to process your payment.
Payment transactions using common means of payment (Visa/MasterCard, direct debit) are only made via encrypted SSL or TLS connections. You can recognize an encrypted connection in your browser's address line when it changes from "http://" to "https://" and the lock icon in your browser line is visible.
In the case of encrypted communication, any payment details you submit to us cannot be read by third parties.
Information, blocking, deletion
As permitted by law, you have the right to be provided at any time with information free of charge about any of your personal data that is stored as well as its origin, the recipient and the purpose for which it has been processed. You also have the right to have this data corrected, blocked or deleted. You can contact us at any time using the address given in our legal notice if you have further questions on the topic of personal data.
Opposition to promotional emails
We hereby expressly prohibit the use of contact data published in the context of website legal notice requirements with regard to sending promotional and informational materials not expressly requested. The website operator reserves the right to take specific legal action if unsolicited advertising material, such as email spam, is received.
3. Data collection on our website
Server log files
The website provider automatically collects and stores information that your browser automatically transmits to us in "server log files".
• Browser type and browser version
• Operating system used
• Referrer URL
• Host name of the accessing computer (anonymized)
• Time of the server request
• IP address (anonymized)
Strato stores the IP adresses of visitors to our website for a maximum of seven days in ordert o detect and defend against attacks.
These data will not be combined with data from other sources.
The basis for data processing is Art. 6 (1) (f) DSGVO, which allows the processing of data to fulfill a contract or for measures preliminary to a contract.
Processing of data (customer and contract data)
We collect, process, and use personal data only insofar as it is necessary to establish, or modify legal relationships with us (master data). This is done based on Art. 6 (1) (b) DSGVO, which allows the processing of data to fulfill a contract or for measures preliminary to a contract. We collect, process and use your personal data when accessing our website (usage data) only to the extent required to enable you to access our service or to bill you for the same. Collected customer data shall be deleted after completion of the order or termination of the business relationship. Legal retention periods remain unaffected.
Data transferred when signing up for services and digital content
We transmit personally identifiable data to third parties only to the extent required to fulfill the terms of your contract with us, for example, to banks entrusted to process your payments. Your data will not be transmitted for any other purpose unless you have given your express permission to do so. Your data will not be disclosed to third parties for advertising purposes without your express consent. The basis for data processing is Art. 6 (1) (b) DSGVO, which allows the processing of data to fulfill a contract or for measures preliminary to a contract.
4. Social Media
Content on our website can be shared data protection compliantly on social networks such as Facebook, Twitter and Google+. By the help of social bookmarks their users are able to collect links and news items, which are integrated in our website just as links to the respective services. After clicking on the integrated graphic you will be redirected to the website of the respective service; only then your user information will be transferred to the service. There is no automatic transfer of user information to the operators of those platforms. If you are a registred member of one of the listed social networks and click onto a social media button, an information window will pop up where you are able to confirm your entry. So our website's content can be shared on social networks data protection compliantly whereas the operators of the social networks are unable to create an entire surfing profile. For more information to the handling of your personal data by using these websites please refer to the data protection regulations of their operators.
The links and functions of our social media buttons are made in cooperation with Shariff.
With Shariff, website operators are protecting the privacy of their visitors against the excessive curiosity of social networks such as Facebook, Google+ and Twitter. Visitors can share a page with friends instantly with just one click.
With Shariff you can use social media without the risk of disclosing your privacy. The c't project Shariff replaces the default share buttons of social networks and protects your surfing behavior against prying eyes. Still, you are able to share information with others instantly. You don't need to do anything else - the site author took care of everything.
Default social media buttons transfer your user information and surfing profile to social media platforms at each site view (user tracking). You neither have to be logged in nor be a registred member. By contrast, a Shariff button only connects to a social network after clicking a sharing button actively. Shariff prevents you to leave digital marks and improves data privacy. So you can like, tweet and share as desired - social networks won't get any more information.
Additional information about Shariff can be found at //www.heise.de/ct/artikel/Shariff-Social-Media-Buttons-mit-Datenschutz-2467514.html
5. Analytics and advertising
This website uses Google Analytics, a web analytics service. It is operated by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
Google Analytics uses so-called "cookies". These are text files that are stored on your computer and that allow an analysis of the use of the website by you. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there.
Google Analytics cookies are stored based on Art. 6 (1) (f) DSGVO. The website operator has a legitimate interest in analyzing user behavior to optimize both its website and its advertising.
We have activated the IP anonymization feature on this website. Your IP address will be shortened by Google within the European Union or other parties to the Agreement on the European Economic Area prior to transmission to the United States. Only in exceptional cases is the full IP address sent to a Google server in the US and shortened there. Google will use this information on behalf of the operator of this website to evaluate your use of the website, to compile reports on website activity, and to provide other services regarding website activity and Internet usage for the website operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with any other data held by Google.
You can prevent these cookies being stored by selecting the appropriate settings in your browser. However, we wish to point out that doing so may mean you will not be able to enjoy the full functionality of this website. You can also prevent the data generated by cookies about your use of the website (incl. your IP address) from being passed to Google, and the processing of these data by Google, by downloading and installing the browser plugin available at the following link: https://tools.google.com/dlpage/gaoptout?hl=en.
Objecting to the collection of data
You can prevent the collection of your data by Google Analytics by clicking on the following link. An opt-out cookie will be set to prevent your data from being collected on future visits to this site: Disable Google Analytics.
Outsourced data processing
We have entered into an agreement with Google for the outsourcing of our data processing and fully implement the strict requirements of the German data protection authorities when using Google Analytics.
Demographic data collection by Google Analytics
This website uses Google Analytics' demographic features. This allows reports to be generated containing statements about the age, gender, and interests of site visitors. This data comes from interest-based advertising from Google and third-party visitor data. This collected data cannot be attributed to any specific individual person. You can disable this feature at any time by adjusting the ads settings in your Google account or you can forbid the collection of your data by Google Analytics as described in the section "Refusal of data collection".
Each Google AdWords advertiser has a different cookie. Thus, cookies cannot be tracked using the website of an AdWords advertiser. The information obtained using the conversion cookie is used to create conversion statistics for the AdWords advertisers who have opted for conversion tracking. Customers are told the total number of users who clicked on their ad and were redirected to a conversion tracking tag page. However, advertisers do not obtain any information that can be used to personally identify users. If you do not want to participate in tracking, you can opt-out of this by easily disabling the Google Conversion Tracking cookie by changing your browser settings. In doing so, you will not be included in the conversion tracking statistics.
6. Plugins and tools
Google Web Fonts
This site uses the Google Maps map service via an API. It is operated by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. To use Google Maps, it is necessary to save your IP address. This information is generally transmitted to a Google server in the USA and stored there. The provider of this site has no influence on this data transfer. The use of Google Maps is in the interest of making our website appealing and to facilitate the location of places specified by us on the website. This constitutes a justified interest pursuant to Art. 6 (1) (f) DSGVO. Further information about handling user data, can be found in the data protection declaration of Google at https://www.google.de/intl/de/policies/privacy/.
This site uses the holidaycheck rating widget via an API. Provider is: HolidayCheck AG, Bahnweg 8, CH-8598 Bottighofen When you view a page, your browser loads the scripts you need into your browser cache to display the rating widget correctly. For this purpose, the browser you are using must connect to the servers of HolidayCheck AG. As a result, HolidayCheck AG gains knowledge that your website was accessed via your IP address. We point out that we as the provider of the pages do not receive knowledge of the content of the transmitted data and their use by HolidayCheck AG. The use of HolidayCheck is in the interest of informing our guests. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f DSGVO. Further information about HolidayCheck can be found at https://www.holidaycheck.de
This site uses the Tripadvisor widget via an API. Provider is: Tripadvisor LLC, 400 1st Avenue, Needham, MA 02494 When a page is called, your browser loads the required scripts into your browser cache to display the rating widget correctly. To do this, the browser you are using must connect to the Tripadvisor LLC servers. As a result, Tripadvisor LLC learns that our website has been accessed through your IP address. We point out that we as the provider of the pages do not receive knowledge of the content of the transmitted data and their use by the Tripadvisor LLC. The use of Tripadvisor takes place in the interest of informing our guests. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f DSGVO. Further information about Tripadvisor can be found at https://www.tripadvisor.de/