The data controller’s data protection officer is:

Andreas Thurmann
DataSolution Thurmann GbR
Isarstr. 13
14974 Ludwigsfelde
Germany

Phone: +49 (0) 3378 202513
Fax: +49 (0) 3378 202514
E-mail: mail@hoteldatenschutz.de

1. Scope of processing personal data

In principle, we collect and use the personal data of our users only insofar as is necessary for the provision of a functional website and for our content and services. Collection and use of personal data takes place regularly only after consent from the relevant user. An exception is made in cases where it is not possible to obtain consent in advance for objective reasons and where processing of the data is permitted by statutory regulations.

2. Legal basis for processing personal data

Insofar as we obtain consent from the data subject for personal data processing operations, Art. 6 (1) a General Data Protection Regulation (GDPR) shall serve as the legal basis. Where the processing of personal data is required for the fulfilment of a contract to which the data subject is party, Art. 6 (1) b GDPR shall serve as the legal basis. This shall also apply to all processing operations required for the execution of pre-contractual measures. Insofar as the processing of personal data is required for the fulfilment of a legal obligation (statutory conditions) to which our company is bound (e.g. Federal Registration Act), Art 6 (1) c GDPR shall serve as the legal basis. However, if processing is necessary to safeguard a legitimate interest of our company or of a third party and the interests, basic rights and fundamental freedoms of the data subject do not outweigh the aforementioned legitimate interest, Art. 6 (1) f GDPR shall serve as the legal basis for processing.

3. Deletion of data and storage duration

Personal data of the data subject is deleted or blocked as soon as the purpose for storage no longer applies. Storage beyond this may take place if this is provided for by the European or national legislator in EU regulations, laws or other provisions to which the data controller is subject. Data shall also be blocked or deleted once the storage period prescribed by the aforementioned standards expires, unless further storage of the data is necessary for the conclusion or fulfilment of a contract.

1. Description and scope of data processing

Each time this website is accessed, our system records data and information from the computer system of the inquiring computer by means of an automated system. The following data is collected as part of this process:

• Information about the browser type and version used
• The user’s operating system
• The user’s IP address
• Time and date of access
• Websites from which the user’s system has come to our website
• Websites accessed by the user’s system via our website

This data is also stored in our system’s log files. This data is not stored together with other personal data of the user. It is therefore not possible to create personal user profiles. The stored data shall only be evaluated for statistical purposes.

2. Legal basis for data processing

The legal basis for the temporary storage of data and log files is to safeguard the legitimate interests of our company, Akademie Berlin-Schmöckwitz.

3. Purpose of data processing

The system temporarily stores the user’s IP address in order to make the website available on the user’s computer. To do this, the user’s IP address must be stored for the duration of the session.

The storage in log files is carried out to ensure the functional capability of the website. The data also helps us to optimise the website and ensure the security of our IT systems. No data is evaluated for marketing purposes in this context.

This is also the reasoning behind our legitimate interest in data processing.

4. Storage duration

The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. When data is collected in order to make the website available, this is the case when the respective session ends.

When data is stored in log files, this is the case after seven days at the latest. Storage beyond this is possible. In this case, the IP addresses of users are deleted or scrambled so that assignment to the inquiring client (data subject) is no longer possible.

5. Option for objection and elimination

The collection of data in order to make the website available and the storage of data in log files is necessary for operating the website. Therefore, the user has no right of objection.

1. Description and scope of data processing

It is possible to contact us on our website using the e-mail address provided. In this case, personal data of the user which is transmitted along with the e-mail shall be stored.

No data shall be disclosed to third parties in this context. Data shall be used exclusively for the purposes of correspondence.

2. Legal basis for data processing

Our legitimate interest in data processing within the context of making contact with the inquirer constitutes the initial legal basis for data processing. If the purpose of making contact is to conclude a contract, the initiation of a business relationship or of a contractual relationship shall constitute the additional legal basis for data processing.

3. Purpose of data processing

If we are contacted by e-mail, we have a necessary legitimate interest to process data for the purposes of making contact.

4. Storage duration

Data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. For personal data sent by e-mail, data is deleted when the respective correspondence with the user has ended. Correspondence concludes when it can be inferred from the circumstances that the matter in question has been conclusively resolved.

If contact is made based on a pre-contractual relationship (offer or reservation request), the transmitted data shall be additionally stored in our hotel and/or event software and used for executing contracts. Should no contractual relationship arise, we shall delete the data after a period of one year from the year end.

5. Option for objection and elimination

The inquirer (data subject) can revoke his/her consent to the processing of personal data at any time. We have set up the e-mail address widerruf@das-schmoeckwitz.de for this purpose.

Please note that in the case of an objection, correspondence cannot be continued, and we cannot continue to make offers, etc.

In this case, all personal data stored at the time of making contact shall be deleted.

1. Description and scope of data processing

Our website provides users with the opportunity to book rooms or make arrangements for the Akademie Berlin-Schmöckwitz. If a user makes use of this option, the booker will be redirected to the third-party provider www.hrs.com.

The online reservation system HotelNetSolutions GmbH carries out online bookings for events made via our website. The company is located at: Genthiner Str. 8, 10785 Berlin, Germany. All booking details provided by you shall be transferred in encrypted form. Our contracting partner has agreed to handle your transmitted data in a manner compliant with data protection, and takes all organisational and technical measures to protect your data.

No data shall be disclosed to third parties in this context. Data is used exclusively for processing bookings and for the purposes of correspondence.

2. Legal basis for data processing

The conclusion of an accommodation contract with the user shall constitute the legal basis for data processing.

The transmitted data shall be stored in our hotel software and used for executing contracts. Should no contractual relationship arise, we shall delete the data after a period of one year from the year end.

3. Purpose of data processing

We only process personal data taken from the input template of the contact form for the purposes of processing booking inquiries and completing payment transactions.

4. Storage duration

The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. In the case of a contractual relationship, we will delete the data received as soon as national, commercial, statutory or contractual retention requirements are met.

5. Option for objection and elimination

The user can revoke his/her consent to the processing of personal data at any time. We have set up the e-mail address widerruf@das-schmoeckwitz.de for this purpose.

Please note that in the case of an objection, we cannot complete the booking or continue to carry out correspondence.

1. Description and scope of data processing

The Akademie Berlin-Schmöckwitz provides interested parties with the opportunity to book rooms and make arrangements via hotel reservation portals (third-party providers). If a user makes use of this opportunity, the data entered in the input template will be transmitted to us and stored to the extent permitted by the respective hotel reservation portal in accordance with its own privacy policy. Data may include the following: first name, surname, e-mail address, telephone, address, number of guests, expected time of arrival, requests/wishes, payment information (credit card).

No data shall be disclosed to third parties in this context. Data is used exclusively for processing the booking and for the purposes of correspondence, where appropriate.

2. Legal basis for data processing

The conclusion of an accommodation contract with the user shall constitute the legal basis for data processing.

The transmitted data shall be stored in our hotel software and used for executing contracts. Should no contractual relationship arise, we shall delete the data after a period of one year from the year end.

3. Purpose of data processing

We only process personal data taken from the input template of the contact form for the purposes of processing booking inquiries and completing payment transactions.

4. Storage duration

The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. In the case of a contractual relationship, we will delete the data received as soon as national, commercial, statutory or contractual retention requirements are met.

The Akademie Berlin-Schmöckwitz has no control over how long the respective hotel reservation portal stores data.

5. Option for objection and elimination

The user can revoke his/her consent to the processing of personal data at any time. We have set up the e-mail address widerruf@das-schmoeckwitz.de for this purpose.

Please note that in the case of an objection, we cannot complete the booking or continue to carry out correspondence.

1. Description and scope of data processing

In order to provide support, advice and advertising to corporate clients, in addition to information about the business partner or potential business partner, we also collect and use information about the contact person, telephone number and postal address. The information is taken from a variety of sources, either by requesting it (e-mail or by phone) or at events, fairs, from business cards received by our sales staff, etc.

No data shall be disclosed to third parties in this context. Data is used exclusively for the aforementioned purposes.

2. Legal basis for data processing

Our legitimate interest in data processing shall otherwise constitute the legal basis for data processing. If the purpose of making contact is to conclude a contract, the initiation of a business relationship or of a contractual relationship shall constitute the additional legal basis for data processing. In order to improve our services, we manage all data received in the CRM module of our central hotel software within the Akademie Berlin-Schmöckwitz.

3. Purpose of data processing

We use contact information exclusively for our own purposes and for designing our own sales activities based on demand.

4. Storage duration

No specific deadline has been set with regard to deletion. However, in the event that our Sales department has had no contact with a corporate contact for a period of three years, the Sales department shall decide whether the data of the corporate contact person can be deleted.

If contact is made based on a pre-contractual relationship (offer, booking or reservation request), the transmitted data shall be additionally stored in our hotel software and used for executing contracts. Should no contractual relationship arise, we shall delete the data after a period of one year from the year end.

5. Option for objection and elimination

The corporate contact person can revoke his/her consent to the processing of personal data at any time. We have set up the e-mail address widerruf@das-schmoeckwitz.de for this purpose.

In such cases, all personal data of the contact which is stored in relation to the business partner shall be deleted.

1. Description and scope of data processing

Past guests may review the hotel after checking out. In this connection, we would like to send you an e-mail within 14 days of departure to ask you to submit a hotel review. Reviews can be published anonymously upon request. If you did not enjoy your stay at our hotel, we would like the opportunity to contact you.

If you submit an online rating, the data will store in the rating tool of the CA Customer Alliance GmbH, Ullsteinstr. 118, Tower B, 12109 Berlin, Germany. The CA Customer Alliance GmbH has committed itself to the privacy-compliant handling of your transmitted data. It takes all organizational and technical measures to protect your data.

If a past guests take the opportunity to submit an online review, the data entered in the review template by the past guest shall be stored. This data includes: e-mail address and voluntary information such as first name, surname, language as well as the review statements.

No data shall be disclosed to third parties in this context. Data shall be used exclusively for the purposes of publishing the review and to reconcile poor reviews.

2. Legal basis for data processing

Our legitimate interest in data processing shall otherwise constitute the legal basis for data processing.

3. Purpose of data processing

The hotel review is intended to communicate and summarise hotel guest opinions on our website so that interested parties can gain an impression of our services. The results are also used for our internal quality management.

4. Storage duration

Data shall not be deleted.

5. Option for objection and elimination

It is possible to have the published review deleted at any time (right to be forgotten). We have set up the e-mail address widerruf@das-schmoeckwitz.de for this purpose. Simply let us know to which review your request relates.

1. Description and scope of data processing

Cookies are small files that enable us to store specific user-related information on your computer when visiting our website. Cookies help us to determine the number of users who have used our website and the usage frequency, and they allow us to organise our products and services in the most convenient and effective way possible for you.

We use ‘session cookies’, which are stored temporarily on your computer for the period in which you use our website. Session cookies are stored on your data carrier and are used to ensure specific settings and functionalities on our website through your browser. The cookies we use will be deleted at the end of the browser session, i.e. when you close your browser.

We don’t use cookies on our website that allow for the analysis of user browsing habits.

2. Legal basis for data processing

Our legitimate interest in data processing shall constitute the legal basis for the processing of personal data using cookies that are technically necessary.

3. Purpose of data processing

Cookies which are technically necessary are used to simplify website use for users. Some of our website’s functions cannot be offered without the use of cookies. These services require the browser to be recognised again following a page change. The user data collected by technically necessary cookies will not be used to create user profiles.

4. Storage duration, Option for objection and elimination

Cookies are stored on the user’s computer, which will transmit them to our website. This will grant you as the user complete control over the usage of cookies. You can deactivate or restrict the transmission of cookies by changing your Internet browser’s settings. Previously stored cookies can be deleted at any time. Cookies can also be deleted automatically. In the event that cookies are deactivated for our website, certain features of our website may no longer be available.

It is also possible to use our offers without any cookies or scripts. You may deactivate the storage of cookies and scripts in your browser, you may restrict cookies and script on certain websites, or you may set up your browser in such a way that you are notified whenever a cookie is activated. You can delete cookies from your computer’s hard drive at any time.

You can install a browser add-on to block scripts. NoScript for Firefox and ScriptSafe for Google Chrome are examples of such browser add-ons. These not only block every type of Javascript, they also block selected trackers, Java, Flash and other plug-ins on websites.

If you are concerned about third-party cookies, you can disable just these cookies and still enable the cookies which allow our website to function properly.

Here are some instructions on how to disable cookies:

• Mozilla Firefox
• Google Chrome
• Internet Explorer
• Safari

Please note, however, that these changes may affect the way in which the website is displayed or limit its functionality.

5. Supplementary information

In the following, we provide further information about the cookies used on our website.

Use of Facebook Plug-ins (Like button)

Plugins of the social network Facebook, operated by Facebook Inc., 1601 South California Avenue, Palo Alto, CA 94304, USA, are integrated on our website pages. You can recognise Facebook plug-ins by the Facebook logo or the ‘Like’ button on our pages. You can find an overview of Facebook plug-ins here: developers.facebook.com/docs/plugins/.

When you visit our pages, the plug-in establishes a direct connection between your browser and the Facebook server. Facebook thereby receives the information that you have visited our site from your IP address. If you click the Facebook ‘Like’ button while you are logged into your Facebook account, you can link the contents of our pages to your Facebook profile. In this way, Facebook can attribute the visit on our webpages to your user account. Please note that we, as the provider of the webpages, do not receive any notification of the content of transmitted data from Facebook, nor do we receive any notification of its usage.

You can find more information about this in the data privacy policy of Facebook at de-de.facebook.com/policy.php. If you do not wish for Facebook to attribute the visit to your Facebook user account, please log out of your Facebook user account.

1. Description and scope of data processing

This website uses Google Maps API for the purpose of visually displaying geographical information. Google Maps is operated by Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland.

To use the functions of Google Maps storage of your IP address is required. This information will usually be transferred to, and stored on, a server in the USA. Google may transfer this information to third parties provided this is required by law or such third parties process these data on behalf of Google.

Google will not link your IP address with other Google data under any circumstances. Nevertheless, it is technically possible that Google may identify at least some users on the basis of the data received. In addition, it would be technically possible for Google to process personal data and personal profiles of website users for other purposes over which we do not have, and cannot have, any control. This, and the fact that data are being transmitted to the USA, is problematic from a data protection perspective.

2. Legal basis for data processing

The using of Google Maps with the user shall constitute the legal basis for data processing.

3. Purpose of data processing

The purpose of using Google Maps is to allow the user to see our location on the website and to give them the ability to identify different directions through the services of Google Maps.

4. Storage duration, Option for objection and elimination

You have the option of deactivating the Google Map service and thereby prevent the transfer of data to Google: Simply deactivate JavaScript in your browser. However, we would like to point out that, in this case, you will be unable to use the map display.

This service is directedly mainly at adults. We do not currently market any services specifically aimed at children. As a result, we do not knowingly collect age rating information, nor do we knowingly collect personal information from children under the age of 16.

We do, however, advise all visitors to our website who are under the age of 16 to avoid disclosing or providing any personal information to our service. In the event that we discover that a child under the age of 16 has provided personal information to us, we shall delete the child’s personal information from our files, insofar as this is technically possible.

When your personal data is processed, you become the data subject within the meaning of the GDPR and you shall have the following rights in relation to us (‘the data controller’):

You have a right to information about the personal data stored about you, including the purpose of processing, as well as about any transfer of data to third parties and the duration of data storage.

Should the data be incorrect or no longer required for the original purpose for which it was collected, you can request that the data be corrected, deleted or the processing of data restricted. Insofar as provided for in the processing procedures, you can also view and correct your data yourself as necessary. You shall have the right to object at any time, on compelling legitimate grounds relating to your particular situation, to the processing of your personal data, insofar as the processing is based on a legitimate interest. Following an objection, the data controller shall no longer process the personal data relating to you unless the data controller can prove compelling reasons for processing which warrant protection and which outweigh your interests, rights and freedoms, or can prove that the processing serves the purpose of asserting, exercising or defending legal claims. If the personal data relating to you is processed for the purpose of direct advertising, you have the right to object at any time to the processing of the personal data relating to you for the purpose of such advertising; this also applies to profiling insofar as it is directly connected with such direct advertising. If you object to processing for the purposes of direct advertising or profiling, the personal data relating to you shall no longer be used for these purposes.

You have the right to revoke your declaration of consent under data protection law at any time. Revocation of consent does not affect the legality of processing carried out on the basis of consent up to the time of revocation.

Should you have any questions relating to your rights and how to exercise your rights, please contact:

Without prejudice to any other administrative or judicial remedy, you (the data subject) have the right to lodge a complaint with a regulatory authority for data protection, in particular in the member state of your habitual residence, place of work or the place of the alleged infringement if you believe that the processing of personal data relating to you infringes data protection.

The regulatory authority with which the complaint has been lodged shall inform the complainant about the progress and the outcome of the complaint including the possibility of judicial remedy.

Further information can be found on the website of the Federal Commissioner for Data Protection and Freedom of Information by clicking this link.

In line with Article 32 GDPR, Akademie Berlin-Schmöckwitz uses technical and organisational security measures to protect the data which we manage against accidental or deliberate manipulation, loss, destruction or access by unauthorised persons. Our security measures are subject to constant improvement to match the pace of technological developments. Access to this data is permitted only to a few authorised individuals and those persons concerned with the relevant technical, commercial and editorial support of these servers.

By using our websites and the offers contained therein, you agree that we can store the personal data you have voluntarily submitted to us and process and use this data in compliance with the data privacy policy.

We reserve the right to change, update or supplement these data protection guidelines at any time. Any revised data protection guidelines shall apply only to personal data that has been collected or changed since the revised guideline entered into force.