Privacy Policy
Responsible body in the sense of the data protection laws, in particular the EU data protection basic regulation (DSGVO), is:
City Hotel Mark Michelstadt

Daniela Peter
Friedrich-Ebert-Str. 83 - 85
6472 Michelstadt
Tel.: 0 60 61 - 700 40
Email: hotel_mark_michelstadt(at)web.de
Privacy Policy as PDF
§1 Your rights as a data subject
You can exercise the following rights at any time using the contact details provided by the controller:
Information about your data stored by us and its processing,
Correction of inaccurate personal data,
Deletion of your data stored by us,
Restriction of data processing if we are not yet permitted to delete your data due to legal obligations,
Objection to the processing of your data by us, and
Data portability.
If you have given us your consent, you can revoke it at any time with effect for the future.
§2 Purposes of data processing by the controller and third parties
We process your personal data only for the purposes stated in this privacy policy. Your personal data will not be transferred to third parties for purposes other than those stated. We will only disclose your personal data to third parties if:
You have given your express consent,
the processing is necessary to perform a contract with you,
the processing is necessary to fulfill a legal obligation,
the processing is necessary to protect legitimate interests, and there is no reason to assume that you have an overriding legitimate interest in not disclosing your data.
§3 Deletion or Blocking of Data
We adhere to the principles of data avoidance and data economy. We therefore only store your personal data for as long as necessary to achieve the purposes stated here or as required by the various retention periods stipulated by law. Once the respective purpose no longer applies or these periods have expired, the corresponding data will be routinely deleted in accordance with legal requirements.
§4 Collection of general information when visiting our website
Each time a user accesses our website and each time a file is retrieved, data about this process is temporarily stored in a log file. Specifically, the following data is stored for each access/retrieval:
Date and time of retrieval (time stamp), as well as the IP address of the accessing device or server,
Request details and destination address (protocol version, HTTP method, referrer, user agent string),
Name of the retrieved file and transferred data volume (requested URL including query string, size in bytes), as well as a
message indicating whether the retrieval was successful (HTTP status code).
Based on Article 6 (1) (e) GDPR in conjunction with Section 5 of the BSI Act, we are obligated to store this data beyond the time of your visit to protect against attacks on our internet infrastructure and the server's communications technology. This data is analyzed and, in the event of attacks on the communications technology, is required to initiate legal proceedings and criminal prosecution. The data will be deleted as soon as it is no longer required to perform the task.
Data logged when accessing the website will only be transmitted to third parties if we are legally obligated to do so or if the transmission is necessary for legal or criminal prosecution in the event of attacks on the server's communications technology. Data will not be transmitted in other cases. We does not combine this data with other data sources.
§5 SSL Encryption
To protect the security of your data during transmission, we use state-of-the-art encryption methods (TLS 1.2) over HTTPS.
§6 Newsletter
If a newsletter is offered on this website, the following applies:
Based on your express consent, we will regularly send you our newsletter or similar information by email to the email address you provided.
To receive the newsletter, providing your email address is sufficient. When registering to receive our newsletter, the data you provide will be used exclusively for this purpose. Subscribers may also be informed by email about circumstances relevant to the service or registration (for example, changes to the newsletter offering or technical conditions).
For effective registration, we require a valid email address. To verify that registration was actually made by the owner of an email address, we use the "double opt-in" process. For this purpose, we log the newsletter subscription, the sending of a confirmation email, and the receipt of the response requested. No further data is collected. The data is used exclusively for newsletter distribution and is not passed on to third parties.

You can revoke your consent to the storage of your personal data and its use for sending the newsletter at any time. A corresponding link is included in every newsletter. You can also unsubscribe directly on this website at any time or inform us of your request using the contact option provided at the end of this privacy policy.
You can also unsubscribe directly on this website at any time or inform us of your request using the contact option provided at the end of this privacy policy.
§7 Contact Form
If you contact us with any questions via email or contact form, you give us your voluntary consent to contact you. You must provide a valid email address. This will be used to assign your inquiry and subsequently respond to it. Providing additional data is optional. The information you provide will be stored for the purpose of processing your inquiry and for possible follow-up questions. Once your inquiry has been processed, your personal data will be automatically deleted.
§8 Booking Request
When you start a booking request, you consent to the storage and processing of your personal data for the purpose of reserving a hotel room.
The additional specification of your address is necessary to clearly assign your person to your request. Your email address is necessary to answer your request. Optional information is optional and will be stored with your other data entries. The storage is done exclusively to be able to process your request.
If no booking is made, the data you entered will be deleted immediately.
§9 Using Google Maps
This website uses Google Maps API to visually display geographic information. When using Google Maps, Google also collects, processes and uses data about the use of map features by visitors. For more information about Google's data processing, please refer to the Google Privacy Policy http://www.google.com/intl/en/policies/privacy/ _blank. There you can also change your personal privacy settings in the privacy center.
§10 Embedded YouTube Videos
If Youtube videos are embedded on this website, the following applies:
The corresponding plug-ins are operated by YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. When you visit a page with the YouTube plug-in, it will connect to Youtube's servers. Youtube will be informed which pages you visit. If you are logged into your Youtube account, Youtube can assign your surfing behavior to you personally. This can be prevented by logging out of your Youtube account beforehand.
If a Youtube video is started, the provider uses cookies that collect information about user behavior.
Anyone who has disabled the storage of cookies for the Google Ad program will not have to expect any such cookies when watching YouTube videos. Youtube also stores non-personal usage information in other cookies. If you want to prevent this, you must block the storage of cookies in the browser.
You can find more information on data protection at "Youtube" in the provider's privacy policy at: Youtube Policy https://www.google.com/intl/en/policies/privacy/ "target =" _blank "rel =" noopener " _ blank
§ 11 Using Facebook Links
If this offer uses links to the social network facebook.com operated by Facebook Inc., 1601 S. California Ave., Palo Alto, CA 94304, USA ("Facebook"), the following applies:
The links are visible on one of the Facebook logos, which has been modified to suit this website.
If the site user clicks on such a link, it will be redirected to the corresponding website in a new browser instance.
The purpose and scope of the data collection and the further processing and use of the data by Facebook, as well as the related rights and settings options for protecting the privacy of visitors, they can the privacy policy of Facebook under Facebook Policy https: //www.facebook .com / policy.php _ blank look up.
§12 Right of appeal
You have the following rights vis-à-vis the website operator regarding your personal data:
Right to information, Art. 15 GDPR. With the right to information, the data subject receives comprehensive insight into the data concerning them and certain other important criteria, such as the purposes of processing or the duration of storage. The exceptions to this right regulated in Section 34 of the Federal Data Protection Act (BDSG) apply.
Right to rectification, Art. 16 GDPR. The right to rectification includes the possibility for the data subject to have inaccurate personal data concerning them corrected.
Right to erasure, Art. 17 GDPR. The right to erasure includes the possibility for the data subject to have data erased by the controller. However, this is only possible if the personal data concerning them is no longer necessary, is being processed unlawfully, or consent to this has been withdrawn. The exceptions to this right regulated in Section 35 of the Federal Data Protection Act (BDSG) apply.
Right to restriction of processing, Art. 18 GDPR. The right to restriction of processing provides the data subject with the option to temporarily prevent further processing of personal data concerning him or her. A restriction applies primarily during the review phase of the data subject's exercise of other rights.
Right to object to the collection, processing, and/or use, Art. 21 GDPR. The right to object includes the possibility for data subjects in a particular situation to object to the further processing of their personal data, insofar as this is justified by the performance of public tasks or public and private interests. The exceptions to this right regulated in Section 36 of the Federal Data Protection Act (BDSG) apply.
Right to data portability, Art. 20 GDPR. The right to data portability includes the possibility for the data subject to receive the personal data concerning them from the controller in a common, machine-readable format in order to have it forwarded to another controller if necessary. According to Art. 20 (3) Sentence 2 GDPR, however, this right is not available if the data processing serves the performance of public tasks.
Right to withdraw consent, Articles 13 and 14 GDPR. If the processing of personal data is based on consent, the data subject may withdraw this consent at any time for the corresponding purpose with future effect. The legality of the processing based on the consent given remains unaffected until the withdrawal of consent is received.
You can assert the aforementioned rights in writing using the contact details specified in Section 1.1.
Furthermore, pursuant to Article 77 GDPR, you have the right to lodge a complaint with the data protection supervisory authority, the Federal Commissioner for Data Protection and Freedom of Information.
§13 Changes to our Privacy Policy
We reserve the right to amend this privacy policy to always comply with the current legal requirements or to implement changes to our services in the Privacy Policy, e.g. when introducing new services. Your new visit will be subject to the new privacy policy.
Questions to the Data Protection Officer
If you have questions about privacy, please email us or contact the person responsible for the privacy of your hotel.