This translation is based on the original content in German.

Information on data processing pursuant to Art. 13, 14 GDPR

We are pleased that you are visiting our homepage and thank you for your interest. Dealing with our customers and interested parties is a matter of trust. The trust placed in us is very important to us and therefore the importance and obligation to handle your data with care and to protect it from misuse. To ensure that you feel safe and comfortable when visiting our website, we take the protection of your personal data and its confidential treatment very seriously. Therefore, we act in accordance with the applicable legal provisions on the protection of personal data and data security. With these notes on data protection, we would therefore like to inform you about when we store which data and how we use it - naturally in compliance with the applicable legislation. AHORN Hotels & Resorts specifically follows the EU General Data Protection Regulation and the current Federal Data Protection Act (BDSG). When using the internet, we follow the Telemedia Act (TMG) and the Telecommunications Telemedia Data Protection Act (TTDSG) of the Federal Republic of Germany to protect your personal data. In the following, we explain what information we collect during your visit to our websites and how it is used. .

name and address of the responsible

The responsible person within the meaning of the GDPR and other national data protection laws of the member states as well as other data protection regulations is:

AHORN Management GmbH Tauentzienstr. 11, D-10789 Berlin, Germany, Tel.: +49 (0) 30 315 950 73, Fax: +49 (0) 30 315 950 43, Mail: info@ahorn-hotels.de

name and address of the data protection officer

The data protection officer of the responsible in charge is:
Andreas Thurmann, DataSolution Thurmann GbR, Isarstr. 13, D-14974 Ludwigsfelde, Germany, Tel.: +49 (0) 3378 202513, Fax: +49 (0) 3378 202514, Mail: mail@hoteldatenschutz.de

general about data processing

1. Scope of the processing of personal data

As a matter of principle, we collect and use personal data of our users only insofar as this is necessary for the provision of a functional website as well as our contents and services. The collection and use of our users' personal data regularly only takes place with the user's consent. An exception applies in cases where it is not possible to obtain prior consent for actual reasons and the processing of the data is permitted by legal regulations.

2. Legal basis for the processing of personal data

Insofar as we obtain the consent of the data subject for processing operations of personal data, Art. 6 (1) lit. a GDPR serves as the legal basis. When processing personal data that is necessary for the performance of a contract to which the data subject is a party, Art. 6 (1) (b) GDPR serves as the legal basis. This also applies to processing operations that are necessary for the performance of pre-contractual measures. If processing of personal data is necessary for compliance with a legal obligation to which our company is subject (e.g. national registration laws), Art. 6 (1) c GDPR serves as the legal basis. If processing is necessary to protect a legitimate interest of our company or a third party and if the interests, fundamental rights and freedoms of the data subject do not outweigh the first-mentioned interest, Art. 6 (1) lit. f GDPR serves as the legal basis for the processing.

3. data deletion and storage period

The personal data of the data subject shall be deleted or blocked as soon as the purpose of the storage no longer applies. Storage may also take place if this has been provided for by the European or national legislator in Union regulations, laws or other provisions to which the person responsible is subject. The data will also be blocked or deleted if a storage period prescribed by the aforementioned standards expires, unless there is a necessity for the continued storage of the data for the conclusion or fulfilment of a contract.

provision of the website and creation of log files

1. description and scope of data processing

At each time our website is accessed, our system captures automates data and information from the computer system of the calling computer. The following data will be collected here:

  • information about the browser type and the version used

  • the operating system of the user

  • the IP address of the user

  • date and time of access

  • websites from which the user´s system reaches our website

  • web pages accessed by the user´s system through our website

The data will also be stored in the log files of our system. A storing of these data together with other personal data of the user does not take place. Personal user profiles cannot be created. The stored data will only evaluated for statistical purposes.

2. legal basis for data processing

Legal basis for the temporary storage of data and log files is art. 6 par. 1 lit. f GDPR.

3. purpose of data processing

The temporary storage of the IP address by the system is necessary to enable the delivery of the website to computer of the user. Therefor the users IP address must be saved during the session.

The storage is carried out in log files to ensure the functionality of the website. In addition the data is used to optimize the website and to ensure the security of our information technology system. An evaluation of the data for marketing purposes does not take place in this context.

In these purposes, our legitimate interest also lies in the processing of data according to art. 6 par. 1 lit. f GDPR.

4. duration of storage

The data will be deleted, as soon as they are no longer necessary for the purpose of their elicitation. In case of the collection of data for providing the website, this is the case when the respective session is over.

In case of storing the data in log files is this at latest after seven days the case. A storage beyond is possible. In this case the user IP addresses will be deleted or alienated, so that an assignment of the calling client is no longer possible.

contact form/e-mail contact

1. description and scope of data processing

Our website contains a contact form that can be used to contact us electronically. If you use this option, the data entered in the input mask will be transmitted to us and stored. These data are: Hotel, title, first and last name, e-mail address, the request as mandatory fields and the telephone number as voluntary information. Alternatively, it is possible to contact us via the e-mail address provided. In this case, the user's personal data transmitted with the e-mail will be stored.

2. legal basis for the data processing

The legal basis for the processing of the data is firstly our legitimate interest in the processing of the data within the framework of the establishment of contact on the part of the enquirer. If the contact is aimed at the conclusion of a contract, the additional legal basis for processing is in the context of a contract initiation relationship or contractual relationship.

3. purpose of data processing

The processing of the personal data from the input mask serves us solely to process the contact. In the case of contact by e-mail, this also constitutes the necessary legitimate interest in processing the data. The other personal data processed during the sending process serve to prevent misuse of the contact form and to ensure the security of our information technology systems.

4. duration of storage

The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. For personal data sent by e-mail, this is the case when the respective conversation with the user has ended. The conversation is ended when the circumstances indicate that the matter in question has been conclusively clarified. If the contact is a pre-contractual relationship (offer or reservation request), the transmitted data will also be stored in our hotel software and used to execute the contract. If there is no contractual relationship, we delete the data after one year at the end of the year.

5. Possibility of objection

You have the option to object to the processing of your data at any time. We have set up the e-mail address widerruf@ahorn-hotels.de for this purpose. We would like to point out that in the event of an objection, the conversation cannot be continued or we cannot create any offers etc.. All personal data stored in the course of contacting you will be deleted in this case.

Chatbot

Description and scope of data processing

Our website offers the possibility to book rooms and arrangements for each AHORN hotel. If you take advantage of this option, the data entered in the input mask will be transmitted to us and stored. These data are: Salutation, first and last name, e-mail address, telephone, address, number of fellow travellers, expected time of arrival, wishes, method of payment, date and time of reservation. We use payment service providers to process the purchase. You can select the payment method yourself. We would like to point out that your payment data may be transmitted to servers of the payment service providers in the USA and processed there. If you make an online booking from our websites, this is done through the online reservation system fideliosuite8 of Oracle Deutschland B.V. & Co. KG, Riesstraße 25, D-80922 Munich, Germany. All booking data you enter is transmitted in encrypted form.

Legal basis for data processing

The legal basis for the processing of the data is the conclusion of an accommodation contract. To increase our services, we manage all data received in our central CRM software within AHORN Hotels & Resorts. The responsible body is the hotel in which the booking is made. The respective booking data can only be viewed by the responsible party. Access to a guest's master data is used together, e.g. to make a reservation for another hotel at a later date, to rebook or to carry out marketing activities in a centralised manner. For this purpose, central services such as reservation and marketing access this data. The legal basis for processing the data is our legitimate interest in data processing within the framework of central administration and use of the data of our customers and business partners within the hotel group. If there is a legitimate interest in obtaining information about the accessibility of natural persons who are commercially active and legal entities, and information about their creditworthiness, we may carry out an information request with IHD Gesellschaft für Kredit- und Forderungsmanagement mbH, Augustinusstr. 11 B, D-50226 Frechen, Germany.

Purpose of the data processing

The processing of the personal data from the input mask serves us solely to process the booking request and to handle the payment transaction. 

Duration of storage

The data will be deleted as soon as it is no longer required to achieve the purpose for which it was collected. In the case of a contractual relationship, we will delete the data received as soon as national, commercial law, statutory or contractual retention requirements have been fulfilled. The transmitted data will be stored in our hotel software and used for the execution of the contract. If there is no contractual relationship, we will delete the data after one year at the end of the year.

Possibility of objection

You have the option to object to the processing of your data at any time. We have set up the e-mail address widerruf@ahorn-hotels.de for this purpose. We would like to point out that in the event of an objection, the conversation cannot be continued or we cannot create any offers the booking cannot be completed or the conversation cannot be continued.

online booking through other websites

1. description and scope of data processing

AHORN Hotels & Resorts gives interested parties the option of booking rooms and arrangements for each AHORN hotel via hotel reservation portals (third-party providers). If you take advantage of this option, the data entered in the input mask will be transmitted to us and stored to the extent permitted by the respective hotel reservation portal in accordance with its own data protection regulations. Data can be: Salutation, first and last name, e-mail address, telephone, address, number of fellow travellers, estimated time of arrival, wishes, payment data (credit card).

2. legal basis for data processing

The legal basis for the processing of the data is the conclusion of an accommodation contract. To increase our services, we manage all data received in our central CRM software within AHORN Hotels & Resorts. The responsible body is the hotel in which the booking is made. The respective booking data can only be viewed by the responsible party. Access to a guest's master data is used together, e.g. to make a reservation for another hotel at a later date, to rebook or to carry out marketing activities in a centralised manner. For this purpose, central services such as reservation and marketing access this data. The legal basis for processing the data is our legitimate interest in data processing within the framework of central administration and use of the data of our customers and business partners within the hotel group. If there is a legitimate interest in obtaining information about the accessibility of natural persons who are commercially active and legal entities, and information about their creditworthiness, we may carry out an information request with IHD Gesellschaft für Kredit- und Forderungsmanagement mbH, Augustinusstr. 11 B, D-50226 Frechen, Germany.

3. purpose of data processing

The processing of the personal data from the input mask serves us solely to process the booking request and to handle the payment transaction.

4. duration of storage

The data will be deleted as soon as it is no longer required to achieve the purpose for which it was collected. In the case of a contractual relationship, we will delete the data received as soon as national, commercial law, statutory or contractual retention requirements have been fulfilled. The transmitted data will be stored in our hotel software and used for the execution of the contract. If there is no contractual relationship, we will delete the data after one year at the end of the year. AHORN Hotels & Resorts has no influence on the storage periods of the respective hotel reservation portal.

5. Possibility of objection

You have the option to object to the processing of your data at any time. We have set up the e-mail address widerruf@ahorn-hotels.de for this purpose. We would like to point out that in the event of an objection, the booking cannot be completed or the conversation cannot be continued.

online booking via the website

1. description and scope of data processing

Our website offers the possibility to book rooms and arrangements for each AHORN hotel. If you take advantage of this option, the data entered in the input mask will be transmitted to us and stored. These data are: Salutation, first and last name, e-mail address, telephone, address, number of fellow travellers, expected time of arrival, wishes, method of payment, date and time of reservation. We use payment service providers to process the purchase. You can select the payment method yourself. We would like to point out that your payment data may be transmitted to servers of the payment service providers in the USA and processed there. If you make an online booking from our websites, this is done through the online reservation system fideliosuite8 of Oracle Deutschland B.V. & Co. KG, Riesstraße 25, D-80922 Munich, Germany. All booking data you enter is transmitted in encrypted form.

2. legal basis for data processing

The legal basis for the processing of the data is the conclusion of an accommodation contract. To increase our services, we manage all data received in our central CRM software within AHORN Hotels & Resorts. The responsible body is the hotel in which the booking is made. The respective booking data can only be viewed by the responsible party. Access to a guest's master data is used together, e.g. to make a reservation for another hotel at a later date, to rebook or to carry out marketing activities in a centralised manner. For this purpose, central services such as reservation and marketing access this data. The legal basis for processing the data is our legitimate interest in data processing within the framework of central administration and use of the data of our customers and business partners within the hotel group. If there is a legitimate interest in obtaining information about the accessibility of natural persons who are commercially active and legal entities, and information about their creditworthiness, we may carry out an information request with IHD Gesellschaft für Kredit- und Forderungsmanagement mbH, Augustinusstr. 11 B, D-50226 Frechen, Germany.

3. purpose of data processing

The processing of the personal data from the input mask serves us solely to process the booking request and to handle the payment transaction.

4. duration of storage

The data will be deleted as soon as it is no longer required to achieve the purpose for which it was collected. In the case of a contractual relationship, we will delete the data received as soon as national, commercial law, statutory or contractual retention requirements have been fulfilled. The transmitted data will be stored in our hotel software and used for the execution of the contract. If there is no contractual relationship, we will delete the data after one year at the end of the year.

5. possibility of objection

You have the option to object to the processing of your data at any time. We have set up the e-mail address widerruf@ahorn-hotels.de for this purpose. We would like to point out that in the event of an objection, the booking cannot be completed or the conversation cannot be continued.

sending of e-mails before arrival

1. description and scope of data processing

Before the arrival of our guests, we would like to send a welcome email to those from whom we have received an email address as part of the booking. A few days before arrival, the guest will receive a reservation overview and information about the reservation and available additional services by email. When we send these e-mails, we do so via the RIMS platform of MP-Network GmbH, Anemonenweg 5, D-85586 Poing, Germany.

2. legal basis for data processing

The legal basis for the processing of the data is our legitimate interest in the processing of data within the framework of the booking, i.e. the contract initiation relationship.

3. purpose of data processing

By contacting us, we would like to give the guest important information about their stay in advance and give them the opportunity to book additional services quickly and conveniently.

4. duration of storage

The data will be deleted as soon as they are no longer necessary for the achievement of the purpose.

5. possibility of objection

The enquirer has the possibility to object to the processing of his/her personal data at any time. We have set up the e-mail address widerruf@ahorn-hotels.de for this purpose.

table reservation

1. description and scope of data processing

On our website there is the possibility to reserve a table for our restaurants in selected hotels. If you take advantage of this option, the data entered in the input mask will be transmitted to us. These data are: First and last name, e-mail address, table reservation details (day, time, number of people, restaurant), remarks. When you make table reservations from our websites, this is done through the online reservation system of resmio GmbH, Gneisenaustr. 66 - 67, D-10961 Berlin, Germany. All order data entered by you is transmitted in encrypted form. You can find more information in the data protection information of the system provider.

2. legal basis for data processing

The legal basis for the processing of the data is firstly our legitimate interest in the processing of data as well as the consent of the user by recognition of our conditions for data processing.

3. purpose of data processing

The processing of personal data is solely for table reservation.

4. duration of storage

The data will be deleted as soon as it is no longer necessary for the purpose of its collection.

5. opposition and removal possibility

The user has at any time the opportunity to object to the publication of his comments for the future. For this purpose, we have set up the e-mail address: widerruf@ahorn-hotels.de.

booking of wellness offers

1. description and scope of data processing

On our website there is the possibility to reserve our wellness offers. If you take advantage of this option, the data entered in the input mask will be transmitted to us. These data are: Salutation, first and last name, e-mail address, telephone number, booking details (day, time, application, price). If you make bookings for our wellness offers from our websites, this is done through the online booking system Termin2go of Schiela Web Development, Schöneggstrasse 13, 8004 Zurich. Switzerland. All order data entered by you will be transmitted in encrypted form. You can find more information about "Termin2go" in the data protection information of the system provider.

2. legal basis for data processing

The legal basis for processing the data is our legitimate interest in processing the data.

3. purpose of data processing

The processing of personal data is solely for the purpose of booking massage treatments.

4. duration of storage

The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected.

5. possibility of objection

You have the option to object to the processing of your data at any time. For this purpose, we have set up the e-mail address widerruf@ahorn-hotels.de.

acquisition of a voucher via the website

1. description and scope of data processing

On our website there is the possibility to buy vouchers. If you take advantage of this option, the data entered in the input mask will be transmitted to us and stored. These data are: Salutation/company, first and last name, date of birth, e-mail address, address, telephone/fax, voucher value, personalisation of the voucher (personal details for the recipient), shipping options, payment data via third-party providers. If you make a voucher purchase from our websites, this is done through the online ordering platform of FIRMEDIA®.com - Webservices, Zum Ritzhagen 5, D-34508 Willingen, Germany. All order data entered by you will be transmitted in encrypted form. You can find more information in the data protection information of the system provider. We use payment service providers to process the purchase. You can select the payment method yourself. We would like to point out that your payment data may be transmitted to servers of the payment service providers in the USA and processed there.

2. legal basis for data processing

The legal basis for the processing of the data is the conclusion of a purchase contract.

3. purpose of data processing

The processing of the personal data from the input mask serves us solely to process the voucher purchase and to handle the payment transaction.

4. duration of storage

The data will be deleted as soon as it is no longer required to achieve the purpose for which it was collected. In the case of a contractual relationship, we will delete the data received as soon as national, commercial law, statutory or contractual retention requirements have been fulfilled.

5. opposition and removal possibility

The requester has the possibility to contradict to the processing of his personal data at any time. Therefor we have set up the e-mail address: widerruf@ahorn-hotels.de.

online advent calendar

voucher system: SOFORT-Gutschein

We are using the widget of our partner SOFORT-Gutschein on our website. Provider's name is FIRMEDIA® GmbH & Co. KG, Zum Ritzhagen 5, 34508 Willingen. With this widget, your IP-adress is transferred, but it won't be analyzed or captured by SOFORT-Gutschein. Your personal data will just be captured and processed when you order a voucher or ticket directly in the SOFORT-Gutschein-shop. Personal data which have been specified in the context of the online advent calender of SOFORT-Gutschein, will just be used in the terms of the competition. At the latest 30 days from the expiration of the calendar, your data will be erased completely. We have an order-processing contract with FIRMEDIA® GmbH & Co.KG.

newsletter service

1. description and scope of data processing

On our website, you have the option of registering for our newsletter service in various ways. If you take advantage of this option, the data entered in the input mask (e-mail address) will be transmitted to us and stored. If we otherwise receive an email address where the recipient clearly tells us that they would like to receive our newsletter, we will collect their details via the input mask on our website.

2. legal basis for data processing

The legal basis for the processing of the data is the existence of the recipient's consent. This is ensured by a double-opt-in procedure.

3. purpose of data processing

The processing of personal data serves us only to send individual newsletters.

4. duration of storage

The data will be deleted as soon as the newsletter service is cancelled.

5. opposition and removal possibility

As a recipient of a newsletter, you have the option of objecting to the processing of your data or revoking your consent at any time. You can unsubscribe from the newsletter service with each newsletter. In addition, we have set up the e-mail address here: abmelden@ahorn-hotels.de

support, advice and advertising for corporate clients

1. description and scope of data processing

For the support, advice and advertising of corporate customers, we collect and use the contact person, telephone number and postal address in addition to the business partner or potential business partner. We obtain the information from various sources, either through an enquiry (e-mail or telephone), but also via events, trade fairs, business cards that our sales staff receive, etc.

2. legal basis for data processing

The legal basis for the processing of the data is firstly our legitimate interest in the processing of the data within the framework of the establishment of contact on the part of the enquirer. If the contact is aimed at the conclusion of a contract, the additional legal basis for processing is in the context of a contract initiation relationship or contractual relationship. To increase our services, we manage all data received in the central CRM module within AHORN Hotels & Resorts. The responsible entity is the hotel with which a business contact exists. Central services such as sales, banqueting, reservations and marketing access this data. The legal basis for processing the data is our legitimate interest in data processing within the framework of central administration and use of the data of our customers and business partners within the hotel group.

3. purpose of data processing

We use this contact data exclusively for our own purposes and for the needs-based design of our own sales activities within the framework of the statutory provisions.

4. duration of storage

In principle, no deletion period is foreseen. However, if our sales department has not had any contact with the company contact within 3 years, the sales department will decide whether the contact person of the company contact will be deleted. If the contact is a pre-contractual relationship (offer or reservation request), the transmitted data will also be stored in our hotel software and used to execute the contract. If there is no contractual relationship, we delete the data after one year at the end of the year.

5. possibility of objection

As a company contact, you have the option to object to the processing of your data at any time. We have set up the e-mail address widerruf@ahorn-hotels.de for this purpose. All personal data of the contact person that has been stored for the business partner will be deleted in this case.

online evalution

1. description and scope of data processing

Former guests can leave a review at our hotel after check-out. For this purpose, we would like to send you an email within 14 days after departure to ask you to submit a hotel review on HolidayCheck. Each review can be published anonymously if you wish. If you did not feel comfortable in one of our hotels, we would like to take the opportunity to contact you. If you, as a former guest, take advantage of this online evaluation option, your data will be stored in the evaluation mask. These data are: E-mail address as well as voluntary details such as first name, last name, language and the details of the rating.

2. legal basis for data processing

The legal basis for processing the data is our legitimate interest.

3. purpose of data processing

The purpose of the hotel evaluation is to communicate and summarise opinions of hotel guests via our website, so that interested parties can form their own opinion about our services. In addition, the results serve our internal quality management.

4. duration of storage

The data will not be deleted.

5. possibility of objection and removal

It is possible to have the publication of the review deleted at any time (right to be forgotten). To do this, please contact HolidayCheck. You can find more information in the data protection information.

use of cookies

1. description and scope of data processing

Cookies are small files that enable us to store specific information related to you, the user, on your computer while you are visiting one of our websites. Cookies help us to determine the frequency of use and the number of users of our website, as well as to make our offers as convenient and efficient as possible for you. We also use cookies on our website that enable an analysis of the user's surfing behaviour. The following data can be transmitted in this way: Search terms entered, frequency of page views, use of website functions. The user data collected in this way is pseudonymised by technical precautions. Therefore, it is no longer possible to assign the data to the calling user. The data is not stored together with other personal data of the user. When calling up our website, the user is informed about the use of cookies for analysis purposes and his or her consent to the processing of the personal data used in this context is obtained. In this context, a reference to this data protection declaration is also made.

2. legal basis for data processing

The legal basis for the processing of personal data using technically necessary cookies is our legitimate interest in data processing. The legal basis for the processing of personal data using cookies for analysis purposes is the existence of a relevant consent of the user.

3. purpose of data processing

The purpose of using technically necessary cookies is to simplify the use of websites for users. Some functions of our website cannot be offered without the use of cookies. For these, it is necessary that the browser is recognised even after a page change. The user data collected through technically necessary cookies are not used to create user profiles. Analysis cookies are used to improve the quality of our website and its content. Through the analysis cookies, we learn how the website is used and can thus constantly optimise our offer.

4. duration of storage, objection and disposal options

Cookies are stored on the user's computer and transmitted to our site by the user. Therefore, you as a user also have full control over the use of cookies. By changing the settings in your internet browser, you can deactivate or restrict the transmission of cookies. Cookies that have already been stored can be deleted at any time. This can also be done automatically. If cookies are deactivated for our website, it may no longer be possible to use all functions of the website to their full extent. Below we describe in more detail which cookies we use on the site. These cookies allow us to tailor the features and content of the site to you by storing your preferences. For example, these cookies can be used to store your user data in our forum or to make a language selection. Furthermore, they may be used to offer interactive information, such as viewing our virtual catalogues or videos.

5. Overview of the cookies used

When operating this website, we use various cookies as described above. The following table lists the cookies that are used:

Domain Name Description Storage period

ahorn-hotels.com

_ga This cookie name is linked to Google Universal Analytics - an important update to Google's more commonly used analytics service. This cookie is used to distinguish unique users by assigning a randomly generated number as a client ID. It is included in every page request in a web page and used to calculate visitor, session and campaign data for web page analytics reports. By default it expires after 2 years, although this can be adjusted by website owners. 2 Years

ahorn-hotels.com

_gat_UA-26593074-1

This is a sample type cookie set by Google Analytics, where the sample element in the name contains the unique identity number of the account or webpage it refers to. It appears to be a variation of the _gat cookie, which is used to limit the amount of data recorded by Google on high traffic websites. Session

ahorn-hotels.com

_gcl_au Used by Google AdSense for experimenting with the efficiency of advertising on websites that use their services 3 Month

ahorn-hotels.com

_gid This cookie name is associated with Google Universal Analytics. This appears to be a new cookie and as of spring 2017 no information is available from Google. It appears to store and update a unique value for each page visited. 1 Day

ahorn-hotels.com

ahorn_cookieconsent         Consent Manager Tarte Au Citron 1 Year
doubleclick.net     IDE This domain is owned by DoubleClick (Google). The main business activity is: DoubleClick is Google's real-time bidding advertising exchange 1 Year

Use of social media plugins

The use of social media plugins is in the interest of an appealing presentation and expansion of our online offers. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR.

Use of Facebook plugins

Plugins of the social network Facebook, 1601 South California Avenue, Palo Alto, CA 94304, USA are integrated on our pages. You can recognise the plugins by the logo on our page. You can find an overview of the plugins here. We have no influence on the data collection and further processing by Facebook. Furthermore, it is not apparent to us to what extent, where and for how long the data is stored, to what extent Facebook complies with existing deletion obligations, what evaluations and links are made with the data and to whom the data is passed on. If you would like to avoid Facebook processing personal data that you have transmitted to us, please contact us by other means. You can find more information on this in Facebook's privacy policy. If you do not want Facebook to be able to assign your visit to our pages to your user account, please log out of your respective user account!

Facebook fan page

On our Facebook fan page at: https://de-de.facebook.com/AHORNhotels/ we use plugins from the provider Facebook.com, which are provided by the company Facebook Inc., 1601 S. California Avenue, Palo Alto, CA 94304 in the USA. By using the fan page, data is forwarded to the Facebook servers, which contain information about your visits to our fan page. For logged-in users, this results in the usage data being assigned to their personal Facebook account. As soon as you actively use the Facebook plugin as a logged-in Facebook user, e.g. by clicking on the "Facebook" logo or using the comment function, this data is transferred to your Facebook account and published. You can only avoid this by logging out of your Facebook account first. We do not know exactly what data Facebook stores and uses. As a user of the fan page, you must therefore expect that Facebook also stores your actions on the fan page without gaps. In all other respects, the General Terms of Use of Facebook Ireland Limited, Hanover Reach, 5-7 Hanover Quay, Dublin 2, Ireland apply. The legal basis for this data processing is Art. 6 para. 1 lit. a, f) GDPR. Every person depicted as well as other third parties have the possibility to object to the publication of their personal data (photos) at any time. We have set up the e-mail address widerruf@ahorn-hotels.de for this purpose. The right to object applies in particular to the publication of images for the future. It can always happen that we accidentally publish pictures of people where no consent has been given. If publication is not desired, we will immediately do everything possible to comply with your right. In the case of group pictures, we reserve the right to distort faces.

Instagram fan page

Our Instagram fan page https://www.instagram.com/ahornhotels/ is a service of the social network Facebook, 1601 South California Avenue, Palo Alto, CA 94304, USA. On Instagram, we like to publish photos and information of our events and activities as well as of selected people. The photos may include staff, guests, photo models but also third parties. By using the fan page, data is forwarded to the Instagram servers, which contain information about your visits to our fan page. For logged-in users, this results in the usage data being assigned to their personal Instagram account. As soon as you actively use the Instagram plugin as a logged-in Instagram user, e.g. by clicking on the "Instagram" logo, this data is transferred to your Instagram account. You can only avoid this by logging out of your Instagram account first. When you visit the Instagram page, Facebook records your IP address, among other things. Together with other information that Facebook receives through cookies, Facebook, as the operator of the Instagram page, provides statistical information about the use of this Instagram page (so-called page insights). These are aggregated data that show how users interact with the page. These page insights may be based on personal data collected by Facebook in connection with a user's visit to or interaction with our Instagram page and its content. We can use Page Insights to anonymously evaluate reach, page views, time spent on video posts, actions (likes, comments, sharing of posts), as well as by age, gender and location (as indicated by users in their respective Instagram profiles). In doing so, settings can be made for the evaluation of the reach or corresponding filters can be set with regard to the selection of a time period, the viewing of a specific post as well as demographic groupings (e.g. female, 20-30 years old). This data is anonymised, aggregated and abstracted. These settings therefore do not allow us to draw any conclusions about individuals. The evaluation serves to optimally design the offer on the Instagram page for the purpose of public relations. The legal basis for this data processing is Art. 6 para. 1 lit. a, f) GDPR. We expressly point out that Facebook stores the data of the users of its services (e.g. personal information, IP address, etc.) and may also use this data for business purposes. You can find more information about Facebook's data processing on Instagram in Instagram's privacy policy. Every person depicted as well as other third parties have the possibility to object to the publication of their personal data (photos) at any time. We have set up the e-mail address widerruf@ahorn-hotels.de for this purpose. The right to object applies in particular to the publication of images for the future. It can always happen that we accidentally publish pictures of people where no consent has been given. If publication is not desired, we will immediately do everything possible to comply with your right. In the case of group pictures, we reserve the right to distort faces.

Twitter

Our website uses social plugins ("plugins") of the social network Twitter, offered by Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA. By using the fan page, data is forwarded to the Twitter server, which contains information about your visits to our fan page. For logged-in users, this means that the usage data is assigned to their personal Twitter account. As soon as you actively use the Twitter plugin as a logged-in Twitter user, e.g. by clicking on the "Twitter" logo, this data is transferred to your Twitter account. You can only avoid this by logging out of your Twittr account first. Content such as images, videos or texts and buttons belong to the plugins with which you can announce your liking of content, subscribe to the authors of the content or our posts. If you are a member of the Twitter platform, Twitter can assign the call-up of the above-mentioned content and functions to your profile. We can also integrate scipts and measures that allow us to use marketing and statistical functions in Twitter. The legal basis for this data processing is Art. 6 para. 1 lit. a, f) GDPR. Every person depicted as well as other third parties have the possibility to object to the publication of their personal data (photos) at any time. We have set up the e-mail address widerruf@ahorn-hotels.de for this purpose. The right to object applies in particular to the publication of images for the future. It can always happen that we accidentally publish pictures of people where no consent has been given. If publication is not desired, we will immediately do everything possible to comply with your right. In the case of group pictures, we reserve the right to distort faces. If you do not want Twitter to collect information about you via our website, you must log out of Twitter before visiting our website or activate the opt-out on Twitter. You can find more information on how Twitter handles user data in Twitter's privacy policy.

YouTube

We have integrated YouTube NoCookie on our website. YouTube NoCookie is a component of the video platform of YouTube, LLC, on which users can upload content, share it over the internet and receive detailed statistics. YouTube NoCookie allows us to integrate content from the platform into our website. YouTube NoCookie uses cookies and other browser technologies to analyse user behaviour, recognise users and create user profiles. This information is used, among other things, to analyse the activity of the content listened to and to create reports. If a user is registered with YouTube, LLC, YouTube NoCookie can associate the videos played with the profile. When you access this content, you connect to servers of YouTube, LLC, Google Ireland Limited, Gordon House, Barrow Street Dublin 4 Ireland, where your IP address and, if applicable, browser data such as your user agent are transmitted. The use of the service is based on your consent. You give your consent by setting the use of cookies (cookie banner / Consent Manager), with which you can also declare your revocation at any time with effect for the future in accordance with Art. 7 para. 3 GDPR. The concrete storage period of the processed data cannot be influenced by us, but is determined by YouTube, LLC. Further information can be found in the privacy policy for YouTube NoCookie.

LinkedIn

The "LinkedIn button" is used on this website. When you access this website, your browser establishes a connection to servers of LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA (hereinafter referred to as "LinkedIn"). When you visit our pages, a direct connection is established between your browser and the LinkedIn server via the plugin. LinkedIn thereby receives the information that you have visited our site with your IP address. If you click the LinkedIn button while you are logged into your LinkedIn account, you can link the content of our pages on your LinkedIn profile. This enables LinkedIn to assign the visit to our pages to your user account. We would like to point out that we, as the provider of the pages, have no knowledge of the content of the transmitted data or its use by LinkedIn. You can find more information on this in LinkedIn's privacy policy.

Xing

The "XING Button" is used on this website. When you access this website, your browser establishes a connection to servers of XING SE, Dammtorstraße 30, 20354 Hamburg, Germany ("XING"). When you visit our pages, a direct connection is established between your browser and the XING server via the plugin. LinkedIn thereby receives the information that you have visited our site with your IP address. If you click on the XING button while logged into your XING account, you can link the content of our pages on your XING profile. This enables XING to assign the visit to our pages to your user account. We would like to point out that we, as the provider of the pages, have no knowledge of the content of the transmitted data or its use by LinkedIn. You can find more information on this in XING's privacy policy.

Your Online Application

1. Description and scope of data processing

Description and scope of data processing If you provide us with personal data as part of the application process, this data is divided into the following data types and data categories for collection, processing and / or use:

• Personal data (first and last name, date of birth, address, school-leaving qualification)

• Communication data (telephone, mobile, fax, e-mail address)

• Information (from third parties, e.g. credit agencies or public directories)

• Data on assessment and evaluation in the application procedure

• Data on education (school, vocational training, civilian/ military service, studies, doctorate)

• Data on your professional career to date, training and work references

• Information on other qualifications (e.g. language skills, PC skills, voluntary activities)

• Application photo • Details of the desired salary

• Application history

If you make an online application from our websites, this is done through the softgarden online application system of softgarden e-recruiting GmbH, Tauentzienstraße 14, D- 10789 Berlin, Germany. All booking data entered by you is transmitted in encrypted form. softgarden has undertaken to handle your transmitted data in accordance with data protection regulations. It takes all organisational and technical measures to protect your data. We use the personal data you provide exclusively for processing your application for the advertised position. Your personal data will only be disclosed to persons involved in the application process. All employees entrusted with data processing are obliged to maintain the confidentiality of your data. We do not pass on your personal data to third parties unless you have consented to the passing on of data or we are obliged to pass on data due to legal provisions and/or official or court orders. If an applicant fits the profile of another job advertisement published by a company affiliated with us, we will be happy to forward the application documents. For this purpose, we will obtain the applicant's consent beforehand. The data will otherwise be used exclusively for processing the application by the specialist department and for communication.

2. Legal basis for data processing

The legal basis for processing the data is the contract initiation relationship or the conclusion of a contract with the user. For the forwarding of the application documents to an affiliated company, we will obtain consent beforehand.

3. Purpose of the data processing

The processing of the personal data from the input mask serves us solely to process the application.

4. Duration of storage

Your data will be automatically deleted within six months after completion of the specific application procedure. This does not apply insofar as legal provisions oppose deletion, which require further storage for the purpose of evidence or you have expressly consented to longer storage. There will be no notification of the deletion of the data.

5. possibility of objection

The user has the option to object to the processing of his or her personal data at any time. We have set up the e-mail address widerruf@ahorn-hotels.de for this purpose. We would like to point out that in the event of an objection, the application cannot be completed or the conversation cannot be continued.

use of Google services

GoogleTagManager

We use GoogleTagManager provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. GoogleTagManager is used to manage website tags through one interface and allows us to control the exact integration of services on our website This allows us to flexibly integrate additional services to evaluate user access to our website. The use of GoogleTagManager is initially based on our legitimate interests, i.e. interest in optimising our services. If services are started from the Google Tag Manager that require consent, you grant us this by setting the use of cookies (cookie banner / Consent Manager), with which you can also declare your revocation at any time with effect for the future in accordance with Art. 7 (3) GDPR. The concrete storage period of the processed data cannot be influenced by us, but is determined by Google Ireland Limited. Further information can be found in Google's privacy policy.

Google Analytics

Our website uses Google Analytics, a web analytics service provided by Google, Inc. ("Google"). Google Analytics uses "cookies", which are text files placed on your computer, to help the website analyse how users use the site. The information generated by the cookies about the use of this website by the users is usually transmitted to a Google server in the USA and stored there. In the event that IP anonymisation is activated on this website, however, Google will truncate the user's IP address beforehand within member states of the European Union or in other contracting states to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. IP anonymisation is active on this website. We process your data with the help of Google Analytics for the purpose of optimising our website based on your consent. Your consent. You give your consent by setting the use of cookies (cookie banner / Consent Manager), with which you can also declare your revocation at any time with effect for the future in accordance with Art. 7 (3) GDPR. The concrete storage period of the processed data cannot be influenced by us, but is determined by Google Ireland Limited. Further information can be found in Google's privacy policy. On behalf of the operator of this website, Google will use this information for the purpose of evaluating the use of the website by users, compiling reports on website activity and providing other services relating to website activity and internet usage to the website operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data. Users may refuse the use of cookies by selecting the appropriate settings on their browser, however please note that if you do this you may not be able to use the full functionality of this website. Users may also prevent the collection of data generated by the cookie and relating to their use of the website (including their IP address) by Google and the processing of this data by Google by downloading and installing the browser plug-in available at the following link: https://tools.google.com/dlpage/gaoptout?hl=de

Google DoubleClick

We have integrated components of DoubleClick by Google on our website. DoubleClick is a brand of Google, under which mainly special online marketing solutions are marketed to advertising agencies and publishers. DoubleClick by Google transfers data to the DoubleClick server with each impression as well as with clicks or other activities. Each of these data transfers triggers a cookie request to the browser of the data subject. If the browser accepts this request, DoubleClick sets a cookie in your browser. DoubleClick uses a cookie ID, which is required to process the technical procedure. The cookie ID is required, for example, to display an advertisement in a browser. DoubleClick can also use the cookie ID to record which advertisements have already been displayed in a browser in order to avoid duplicate placements. Furthermore, the cookie ID enables DoubleClick to record conversions. Conversions are recorded, for example, if a DoubleClick advertisement has previously been displayed to a user and the user subsequently makes a purchase on the advertiser's website using the same internet browser. A DoubleClick cookie does not contain any personal data, but may contain additional campaign identifiers. A campaign identifier serves to identify the campaigns with which you have already been in contact on other websites. As part of this service, Google obtains knowledge of data that Google also uses to generate commission statements. Among other things, Google can track that you have clicked on certain links on our website. In this case, your data will be passed on to the operator of DoubleClick, Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. We process your data with the help of the Double-Click cookie for the purpose of optimising and displaying advertising based on your consent. You give your consent by setting the use of cookies (cookie banner / Consent Manager), with which you can also declare your revocation at any time with effect for the future in accordance with Art. 7 (3) GDPR. The cookie is used, among other things, to place and display user-relevant advertising and to create reports on advertising campaigns or to improve them. Furthermore, the cookie is used to avoid multiple displays of the same advertisement. Each time you call up one of the individual pages of our website on which a DoubleClick component has been integrated, your browser is automatically prompted by the respective DoubleClick component to transmit data to Google for the purpose of online advertising and the settlement of commissions. There is no legal or contractual obligation to provide your data. If you do not give us your consent, it will be possible to visit our website without restriction, but not all functions may be fully available. The concrete storage period of the processed data cannot be influenced by us, but is determined by Google Ireland Limited. Further information can be found in the privacy policy for Google DoubleClick.

Google Ads

We have integrated Google Ads on our website. Google Ads is a service provided by Google Ireland Limited to display targeted advertising to users. Google Ads uses cookies and other browser technologies to analyse user behaviour and recognise users. Google Ads collects information about visitor behaviour on various websites. This information is used to optimise the relevance of advertising. Furthermore, Google Ads delivers targeted advertising based on behavioural profiles and geographical location. Your IP address and other identifiers such as your user agent are transmitted to the provider. If you are registered with a Google Ireland Limited service, Google Ads can associate the visit with your account. Even if you are not registered with Google Ireland Limited or have not logged in, it is possible that the provider will find out and store your IP address and other identifying features. In this case, your data will be passed on to the operator of Google Ads, Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. We process your data with the help of Google Ads for the purpose of optimising our website and for marketing purposes based on your consent. You give your consent by setting the use of cookies (cookie banner / Consent Manager), with which you can also declare your revocation at any time with effect for the future in accordance with Art. 7 (3) GDPR. The concrete storage period of the processed data cannot be influenced by us, but is determined by Google Ireland Limited. Further information can be found in the privacy policy for Google Ads.

Google CDN

We use Google CDN to properly deliver the content of our website. Google CDN is a service of Google Ireland Limited, which acts as a content delivery network (CDN) on our website. A CDN helps to provide content of our online offer, in particular files such as graphics or scripts, more quickly with the help of regionally or internationally distributed servers. When you access this content, you establish a connection to servers of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, whereby your IP address and possibly browser data such as your user agent are transmitted. This data is processed exclusively for the above-mentioned purposes and to maintain the security and functionality of Google CDN. The Content Delivery Network is used for the purpose of optimising our website on the basis of your consent. You give your consent by setting the use of cookies (cookie banner / Consent Manager), with which you can also declare your revocation at any time with effect for the future in accordance with Art. 7 Para. 3 GDPR. The concrete storage period of the processed data cannot be influenced by us, but is determined by Google Ireland Limited. Further information can be found in the privacy policy for Google CDN.

Google Fonts

We use Google Fonts from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, as a service to provide fonts for our online offer. To obtain these fonts, you establish a connection to servers of Google Ireland Limited, whereby your IP address is transmitted. The use of Google Fonts is based on our legitimate interests, i.e. interest in a uniform provision and optimisation of our online offer. The concrete storage period of the processed data cannot be influenced by us, but is determined by Google Ireland Limited. Further information can be found in the privacy policy for Google Fonts.

Google reCAPTCHA

We have integrated components of Google reCAPTCHA on our website. Google reCAPTCHA is a service of Google Ireland Limited and enables us to distinguish whether a contact request originates from a natural person or is automated by means of a program. When you access this content, you establish a connection to servers of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, whereby your IP address and possibly browser data such as your user agent are transmitted. Furthermore, Google reCAPTCHA records the user's browsing time and mouse movements in order to distinguish automated requests from human ones. This data is processed exclusively for the above-mentioned purposes and to maintain the security and functionality of Google reCAPTCHA. The service is used on the basis of our legitimate interests, i.e. for protection when submitting forms. The concrete storage period of the processed data cannot be influenced by us, but is determined by Google Ireland Limited. Further information can be found in the privacy policy for Google reCAPTCHA.

Google Maps

This website uses Google Maps API, a mapping service provided by Google Inc. ("Google"), to display an interactive map and to create directions. Google Maps is operated by Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. By using Google Maps, information about your use of this website (including your IP address) may be transmitted to a Google server in the USA and stored there. Google may transfer the information obtained through Maps to third parties where required to do so by law, or where such third parties process the information on Google's behalf. Google will not associate your IP address with any other data held by Google. It is nevertheless technically possible that Google could identify at least individual users on the basis of the data received. It is possible that personal data and personality profiles of users of the website could be processed by Google for other purposes over which we have and can have no control. The legal basis for the use of Google Maps is your consent. You give your consent by setting the use of cookies (Cookie Banner / Consent Manager) and/or in the Google Maps display (Double Click), with which you can also declare your revocation at any time with effect for the future in accordance with Art. 7 para. 3 GDPR. The purpose of using Google Maps is to show the user our location on the website and to give him the possibility to determine different directions via the services of Google Maps. You have the option of deactivating the Google Maps service and thus preventing the transfer of data to Google by deactivating JavaScript in your browser. However, we would like to point out that in this case you will not be able to use the map display on our website. The concrete storage period of the processed data cannot be influenced by us, but is determined by Google Ireland Limited. Further information can be found in the privacy policy for Google Maps.

protection of minors

This service is mainly aimed at adults. We do not currently market any specific areas for children. Accordingly, we do not knowingly collect age-identifying information, nor do we knowingly collect personal information from children under the age of 16. However, we caution all visitors to our website under the age of 16 not to disclose or provide any personally identifiable information through our service. In the event that we discover that a child under the age of 16 has provided us with personal information, we will delete the child's personal information from our files to the extent technically feasible.

rights of the data subject

If your personal data is processed, you are a data subject within the meaning of the GDPR and you have the following rights vis-à-vis the controller: • You have a right to information about the personal data stored about you, about the purposes of processing, about any transfers to other bodies and about the duration of storage. • If data is inaccurate or no longer necessary for the purposes for which it was collected, you may request that it be corrected, erased or restricted from processing. Where provided for in the processing procedures, you may also consult your data yourself and correct them if necessary. • Should grounds against the processing of your personal data arise from your particular personal situation, you may, insofar as the processing is based on a legitimate interest, object to it. The controller shall no longer process the personal data concerning you unless it can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves the purpose of asserting, exercising or defending legal claims. • If the personal data concerning you is processed for the purpose of direct marketing, you have the right to object at any time to the processing of personal data concerning you for the purpose of such marketing; this also applies to profiling insofar as it is related to such direct marketing. If you object to the processing for direct marketing or profiling purposes, the personal data concerning you will no longer be processed for these purposes. You have the right to revoke your declaration of consent under data protection law at any time. The revocation of consent does not affect the lawfulness of the processing carried out on the basis of the consent until the revocation. If you have any questions about your rights and how to exercise them, please contact: AHORN Head Office Data Protection Officer AHORN Management GmbH Tauentzienstr. 11 D-10789 Berlin Germany Mail: info@ahorn-hotels.de DataSolution LUD GmbH Isarstr. 13 D-14974 Ludwigsfelde Germany Mail: mail@hoteldatenschutz.de

AHORN Headquarter

AHORN Management GmbH
Tauentzienstr. 11
D-10789 Berlin
Germany

Tel: +49 (0) 30 315 950 73
Fax: +49 (0) 30 315 950 43
Mail: info@ahorn-hotels.de

data protection commissioner

DataSolution Thurmann GbR
Mr. Andreas Thurmann
Isarstr. 13
D-14974 Ludwigsfelde
Germany

Tel.: +49 (0) 3378 202513
Fax: (0) 3378 202514
Mail: mail@hoteldatenschutz.de

right to appeal to a supervisory authority

As the person concerned, you have unscathed of another administrative or judicial remedy the right to complain to a data protection supervisory authority, in particular in the Member State of their place of residence or the place of the alleged infringement, if you consider that the processing of your personal data is against the data protection privacy policy.

The supervisory authority that files the complaint will notify you of the status and outcome of your complaint, including the possibility of a judicial remedy.

More information can be found on the website of the Federal Commissioner for Data Protection and Freedom of Information. Follow the link: www.bfdi.bund.de/DE/Datenschutz/Ueberblick/MeineRechte/Artikel/BeschwerdeBeiDatenschutzbehoereden.html

security

AHORN Hotels & Resorts uses technical and organisational security measures in accordance with Art. 32 GDPR to protect your data managed by us against accidental or intentional manipulation, loss, destruction or against access by unauthorised persons. Our security measures are continuously improved in line with technological developments. Access is only possible for a few authorised persons and persons who are obliged to provide special data protection and who are involved in the technical, administrative or editorial care of data.

Updating and modification

We reserve the right to change, update or amend this privacy notice at any time. Any revised information on data processing will only apply to personal data collected or modified after the effective date. Status | January 2022

AHORN Berghotel Friedrichroda

Zum Panoramablick 1
99894 Luftkurort Friedrichroda

Hotline: +49 (0)3623-3540
Reservation: +49 (0)3623-3545454


AHORN Panorama Hotel Oberhof

Theo-Neubauer-Straße 29
98559 Oberhof

Hotline: +49 (0)36842-500
Reservation: +49 (0)36842-5050


AHORN Seehotel Templin

Am Lübbesee 1
17268 Templin

Hotline: +49 (0)3987-4900
Reservation: +49 (0)3987-491216


AHORN Waldhotel Altenberg

Hauptstraße 83
01773 Altenberg OT Schellerhau

Hotline: +49 (0)35052-600
Reservation: +49 (0)35052-60500


AHORN Hotel Am Fichtelberg

Karlsbader Straße 40
09484 Kurort Oberwiesenthal

Hotline: +49 (0)37348-170
Reservation: +49 (0)37348-17830


Best Western Ahorn Hotel Oberwiesenthal

Vierenstraße 18
09484 Kurort Oberwiesenthal

Hotline: +49 (0)37348-140
Reservation: +49 (0)37348-14380

Online Buchung