Privacy policy

The following information provides a simple overview of what happens to your personal data when you visit our website. Personal data is any data that can be used to identify you personally. Detailed information on the subject of data protection can be found in the following privacy policy.

1. data protection at a glance

General notes and mandatory information

We take the protection of your personal data very seriously. We therefore act in accordance with the applicable legislation on the protection of personal data and data security. Information on when we store which data and how we use it can be found in this privacy policy, which complies with the applicable German legislation.
When you visit and use this website, various personal data is collected. Personal data is data that can be used to identify you personally. This privacy policy explains what data we collect and what we use it for. It also explains how and for what purpose this is done.
We would like to point out that data transmission over the Internet (e.g. when communicating by email) may be subject to security vulnerabilities. Complete protection of the data against access by third parties is not possible.

Note on the responsible body

The controller responsible for data processing on this website is:

Hotel Restaurant Ennen
Uwe Ennen
Luisenstraße 16
26548 Norderney
Telephone: +49 (0) 4932 / 9150
Fax: +49 (0) 4932 / 82110
E-Mail: info@hotel-ennen.de

The controller decides alone or jointly with others on the purposes and means of processing personal data (e.g. names, contact details, etc.).

Basics for data processing

We only process personal data in compliance with the relevant data protection regulations. This means that user data will only be processed if we have legal permission to do so, i.e,
– in order to provide our contractual services (e.g. processing orders) and online services, or where this is required by law (Art. 6 para. 1 lit. b. and c. GDPR)
– your consent has been obtained (Art. 6 para. 1 lit. a. and Art. 7 GDPR), as well as
– on the basis of our legitimate interests (i.e. interest in the analysis, optimization and economic operation and security of our online offer within the meaning of Art. 6 para. 1 lit. f. GDPR, in particular when measuring reach, creating profiles for advertising and marketing purposes and collecting access data and using the services of third-party providers).

Data transmission to third parties

Data is only passed on to third parties within the framework of legal requirements. We only pass on user data to third parties if this is necessary, for example, for contractual purposes or on the basis of legitimate interests in the economic and effective operation of our business.
If we use subcontractors to provide our services, we take suitable legal precautions and appropriate technical and organizational measures to ensure the protection of personal data in accordance with the relevant statutory provisions.

Data transfer to a third country or an international organization

Third countries are countries in which the GDPR is not directly applicable law. In principle, this includes all countries outside the EU or the European Economic Area.
No data will be transferred to a third country or an international organization without your consent or without a legal basis.

Storage duration

Unless a more specific storage period has been specified in this privacy policy, your personal data will remain with us until the purpose for data processing no longer applies. If you assert a justified request for deletion or revoke your consent to data processing, your data will be deleted unless we have other legally permissible reasons for storing your personal data (e.g. retention periods under tax or commercial law); in the latter case, the deletion will take place after these reasons no longer apply.

Revocation of your consent to data processing

Some data processing operations are only possible with your express consent. You can withdraw your consent at any time. An informal notification by e-mail is sufficient for the revocation. The legality of the data processing carried out until the revocation remains unaffected by the revocation.

Right to lodge a complaint with the competent supervisory authority

As a data subject, you have the right to lodge a complaint with the competent supervisory authority in the event of a breach of data protection law. The competent supervisory authority for data protection issues is the state data protection officer of the federal state in which our company is based. The following link provides a list of data protection officers and their contact details: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.

Right to data portability

Ihnen steht das Recht zu, Daten, die wir auf Grundlage Ihrer Einwilligung oder in Erfüllung eines Vertrags automatisiert verarbeiten, an sich oder an Dritte aushändigen zu lassen. Die Bereitstellung erfolgt in einem maschinenlesbaren Format. Sofern Sie die direkte Übertragung der Daten an einen anderen Verantwortlichen verlangen, erfolgt dies nur, soweit es technisch machbar ist.

Right to information, correction, blocking, deletion

You have the right to free information about your stored personal data, the origin of the data, its recipients and the purpose of the data processing and, if necessary, a right to correction, blocking or deletion of this data at any time within the framework of the applicable legal provisions. You can contact us at any time using the contact options listed in the legal notice if you have any further questions on the subject of personal data.

SSL or TLS encryption

For security reasons and to protect the transmission of confidential content that you send to us as the site operator, our website uses SSL or TLS encryption. This means that data that you transmit via this website cannot be read by third parties. You can recognize an encrypted connection by the “https://” address line of your browser and the lock symbol in the browser line.

Server log files

The website provider automatically collects and stores information that your browser automatically transmits to us in server log files. These are
– Visited page on our domain
– Date and time of the server request
– Browser type and browser version
– Operating system used
– Referrer URL
– Host name of the accessing computer
– IP address
This data is not merged with other data sources. The basis for data processing is Art. 6 para. 1 lit. b GDPR, which permits the processing of data for the performance of a contract or pre-contractual measures.

2. data collection / cookies

Cookies

We use cookies on our website. Cookies do not damage your computer and do not contain viruses. Cookies are used to make our website more user-friendly, effective and secure. Cookies are small text files. They are either stored temporarily for the duration of a session (session cookies) or permanently (permanent cookies) on your end device. Session cookies are automatically deleted at the end of your visit. Permanent cookies remain stored on your end device until you delete them yourself or they are automatically deleted by your web browser.
Cookies have various functions. Many cookies are technically necessary, as certain website functions would not work without them (e.g. the shopping cart function or the display of videos). Other cookies are used to evaluate user behavior or display advertising.
Cookies that are required to carry out the electronic communication process (necessary cookies) or to provide certain functions that you have requested (functional cookies, e.g. for the shopping cart function) or to optimize the website (e.g. cookies to measure the web audience) are stored on the basis of Art. 6 para. 1 lit. f GDPR. 1 lit. f GDPR, unless another legal basis is specified. The website operator has a legitimate interest in the storage of cookies for the technically error-free and optimized provision of its services. If consent to the storage of cookies has been requested, the cookies in question are stored exclusively on the basis of this consent (Art. 6 para. 1 lit. a GDPR); consent can be revoked at any time.

Borlabs Cookies

This website uses Borlabs Cookie, which sets a technically necessary cookie (borlabs-cookie) to store your cookie consent.
Borlabs Cookie does not process any personal data.
The borlabs cookie stores the consent you gave when you entered the website. If you wish to revoke these consents, simply delete the cookie in your browser. When you re-enter/reload the website, you will be asked again for your cookie consent.

Contact form

Data transmitted via the contact form, including your contact details, will be stored in order to process your request or to be available for follow-up questions. This data will not be passed on without your consent.
The data entered in the contact form will be processed exclusively on the basis of your consent (Art. 6 para. 1 lit. a GDPR). You can withdraw your consent at any time. An informal notification by e-mail is sufficient for revocation. The legality of the data processing operations carried out until the revocation remains unaffected by the revocation.
Data transmitted via the contact form will remain with us until you ask us to delete it, revoke your consent to storage or there is no longer any need to store the data. Mandatory statutory provisions – in particular retention periods – remain unaffected.

3. plug-ins / tools / external links

Unabhängige Analytik

We use the WordPress plugin “Independent Analytics” on this website to optimize, improve quality and monitor reach. This collects and analyzes various data. However, this data cannot be assigned to specific persons. It is not merged with other data sources. The statistics are stored and analyzed locally.

External content

We use widgets, plugins or content from third parties on our website. The use of the service is based on your consent in accordance with Art. 6 para. 1 lit. a. GDPR and § 25 para. 1 TDDDG. This external content will only be loaded and displayed if you accept all cookies or actively consent to the third-party content. In this case, the responsibility for data protection-compliant operation must continue to be guaranteed by the respective provider. Details on data collection as well as your rights and setting options can be found in the respective data protection notices.

4. google services

Google Web Fonts

This site uses so-called web fonts provided by Google for the uniform display of fonts. The Google fonts are installed locally. There is no connection to Google servers.

Google Maps

This site uses the map service Google Maps via an API. The provider is Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. To use the functions of Google Maps, it is necessary to save your IP address. This information is usually transmitted to a Google server in the USA and stored there. The provider of this site has no influence on this data transfer. The IP address is only transmitted to Google if the website visitor consents to the transmission.
The use of Google Maps is in the interest of an appealing presentation of our online offers and to make it easy to find the places indicated by us on the website. The use of Google Maps is based on your consent in accordance with Art. 6 para. 1 lit. a. GDPR and § 25 para. 1 TDDDG.
You can find more information on the handling of user data in the privacy policy of Google: https://policies.google.com/privacy.

We reserve the right to amend the privacy policy in order to adapt it to changed legal situations or in the event of changes to the service and data processing. However, this only applies with regard to declarations on data processing. If user consent is required or components of the privacy policy contain provisions of the contractual relationship with the users, the changes will only be made with the consent of the users.