Banner with the words "travel.work.live." in beige lettering and a grey background.

Data protection

Privacy policy

§ 1 Information on the collection of personal data

(1) In the following, we provide information about the collection of personal data when using our website. Personal data is all data that can be related to you personally, e.g. name, address, e-mail addresses, user behaviour.

(2) The contact details of the controller in accordance with Art. 4 (7) of the EU General Data Protection Regulation (GDPR) can be found in our legal notice.

(3) The data protection officer of the controller is:

Ricardo Graf
ACP IT Solutions GmbH
Schnorrstr. 70
01069 Dresden
Germany
Phone: 0351 6 46 39 - 100
datenschutz@primestar-hotels.com

(4) When you contact us by e-mail or via a contact form, the data you provide (your e-mail address, your name and telephone number if applicable) will be stored by us in order to answer your questions. We delete the data arising in this context after storage is no longer necessary, or restrict processing if there are statutory retention obligations.

(5) If we use contracted service providers for individual functions of our offer or would like to use your data for advertising purposes, we will inform you in detail below about the respective processes. We will also state the specified criteria for the storage period.

§ 2 Your rights

(1) You have the following rights vis-à-vis us with regard to your personal data:

- Right to information,

- Right to rectification or erasure,

- Right to restriction of processing,

- Right to object to the processing,

- Right to data portability.

Right of objection

 

You have the right to object to the processing of your personal data for direct marketing purposes without giving reasons. If we process your data to protect legitimate interests, you can object to this processing on grounds relating to your particular situation. We will then no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or the processing serves the establishment, exercise or defence of legal claims.

 

 (2) You also have the right to complain to a data protection supervisory authority about the processing of your personal data by us. You can find the contact details of the supervisory authorities responsible here:

Berlin               https://www.bfdi.bund.de/SharedDocs/Adressen/DE/LfD/Berlin.html?nn=304054

§ 3 Collection of personal data when visiting our website

(1) When using the website for information purposes only, i.e. if you do not register or otherwise provide us with information, we only collect the personal data that your browser transmits to our server. If you wish to view our website, we collect the following data, which is technically necessary for us to display our website to you and to ensure stability and security (legal basis is Art. 6 para. 1 sentence 1 lit. f GDPR):

- IP address

- Date and time of the enquiry

- Content of the request (specific page)

- Access status/HTTP status code

- Website from which the request comes

- Browser

- called domain

This data is automatically deleted after 90 days.

(2) Use of cookies:

This website uses cookies from various services. We use the Cookiebot service to obtain your consent. By giving your consent to the use of cookies, you also give your consent to the processing of your personal data by the relevant services.

For further explanations, please refer to the „Cookiebot“ section in §5 of this statement.

§ 4 Use of further functions of our website

(1) Contact form

If you use the contact form on our website, we collect the following personal data:

a) Mandatory fields:

  • Name
  • e-mail address

b) Optional fields:

  • Subject
  • Telephone number
  • Your message

This data is used by us to answer your enquiry. They remain stored in our system for as long as is necessary to answer the enquiry itself or for any resulting contractual obligations. If no contractual obligations arise from the enquiry, the data will be deleted from our system after three months at the latest. The legal basis is Art. 6 para. 1 sentence 1 lit. b GDPR.

(2) Online applications

If you use the application form on our website, we collect the following personal data:

a) Mandatory fields:

  • First name and surname
  • e-mail address
  • Telephone number
  • Address data: Street, postcode, city

b) Optional fields:

  • Your message
  • Your submitted application documents

We will use this data to process your application. The legal basis for this is Art. 6 para. 1 sentence 1 lit. f GDPR. Our legitimate interest here is the recruitment of qualified personnel.

If your application is successful, this data will be transferred to your personnel records for the purpose of implementing your employment relationship. The legal basis is § 26 para. 1 BDSG.

If your application is unsuccessful, this data will remain in our system for six months to defend against any legal claims and will then be deleted. The legal basis for this legitimate interest is Art. 6 para. 1 sentence 1 lit. f GDPR.

§ 5 Use of external functions

(1) Google

a)Google Fonts

We use Google Fonts (formerly Google Web Fonts) on our website, a service provided by Google Ireland Limited, Google Building Gordon House, Barrow St, Dublin 4, Ireland (hereinafter referred to as „Google“). Google Fonts enables us to use external fonts, which are loaded into the browser cache by your web browser when you access our website. This is necessary to give your browser a visually improved display of our texts. If your browser does not support this function, a standard font will be used by your computer for display.

These fonts are integrated by a server call, usually to a Google server in the USA. This tells the server which of our web pages you have visited. Google also stores the IP address of your browser device. We have no influence on the scope and further use of the data collected and processed by Google through the use of Google Web Fonts.

We use Google Fonts for optimisation purposes, in particular to improve the use of our website for you and to make its design more user-friendly. This also constitutes our legitimate interest in the processing of the aforementioned data by the third-party provider. The legal basis is Art. 6 para. 1 sentence 1 lit. f GDPR.

b) Google Maps

We use the Google Maps service on this website. This allows us to show you interactive maps directly on the website and enables you to use the map function conveniently. The legal basis is Art. 6 para. 1 sentence 1 lit. f GDPR.

When you call up the corresponding subpage of one of our hotels, Google receives the information mentioned under §3 para. 1 from you, whereby the IP address is not transmitted anonymously. This information is transmitted independently of any user account you may have with Google. If you are logged in to Google, this data will be linked to your user account. If you do not wish this to happen, you must log out of Google before accessing the relevant page.

Google stores your data as usage profiles and uses them for the purposes of advertising, market research and/or the customised design of its website. Such an evaluation is carried out in particular (even for users who are not logged in) to provide customised advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles, whereby you must contact Google to exercise this right.

c) Google Analytics

This website uses the „Google Analytics“ service to analyse website usage by users. The service uses „cookies“ - text files that are stored on your end device. The information collected by the cookies is generally sent to a Google server in the USA and stored there.

You can agree or object to the use of the corresponding cookies, and thus the above-mentioned service, in the Cookiebot consent tool. In this respect, your personal data is processed on the basis of your consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR.

IP anonymisation is used on this website. The IP address of users is truncated within the member states of the EU and the European Economic Area. This truncation eliminates the personal reference to your IP address. As part of the contract data agreement that the website operators have concluded with the third-party provider, the latter uses the information collected to analyse website usage and website activity and provides services related to internet usage. d) Google Conversion Tracking

This website uses Google Conversion Tracking. With the help of this tool, we can recognise and analyse certain user actions. For example, we can see through which channels users come to this website, how long they stay here and which landing pages they visit. With Google Ads booking tracking, we can see how our Google Ads campaigns are performing and how many bookings and to what value have been made via our adverts.
We only learn the total number of users who have clicked on our adverts and what actions they have carried out. We do not receive any information that allows us to personally identify individual users.
Google uses cookies for identification purposes, the use of which you can consent to or object to in the Cookiebot consent tool. In this respect, the use of this service is based on your consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR.

e) Information on the third-party provider Google:

Google Ireland Limited, Google Building Gordon House, Barrow St, Dublin 4, Ireland

Further information on data protection can be found in Google's privacy policy:

https://policies.google.com/privacy?hl=de&gl=de

(2) Mailchimp

We use Mailchimp to send our newsletter. This enables us to contact you directly. In addition, we analyse your usage behaviour of our newsletter in order to optimise our offer.

We pass on the following personal data to Mailchimp for this purpose:

E-mail address
[First name]
[Surname]

Our e-mail mailings contain a link with which you can update your personal data.

Mailchimp is the recipient of your personal data and acts as a processor for us as far as the dispatch of our newsletter is concerned. The processing of the data specified in this section is not required by law or contract. Without your consent and the transmission of your personal data, we cannot send you a newsletter.

In addition, Mailchimp collects the following personal data using cookies and other tracking methods: Information about your end device (IP address, device information, operating system, browser ID, information about the application you use to read your emails and other information about hardware and internet connection. In addition, usage data such as date and time, when you opened the email / campaign and browser activities (e.g. which emails / websites were opened) are collected. Mailchimp requires this data to ensure the security and reliability of the systems, compliance with the terms of use and the prevention of misuse. This corresponds to the legitimate interest of the provider (pursuant to Art. 6 para. 1 lit. f GDPR) and serves the fulfilment of the contract (pursuant to Art. 6 para. 1 lit. b GDPR). Mailchimp also analyses performance data, such as email delivery statistics and other communication data. This information is used to compile usage and performance statistics for the services.

Mailchimp also collects information about you from other sources. In an unspecified period and scope, personal data is collected via social media and other third-party data providers. We have no influence on this process.

The legal basis for this processing is your consent in accordance with Art. 6 para. 1 lit. a GDPR. You can withdraw your consent to the processing of your personal data at any time. There is a corresponding link in all mailings. You can also revoke your consent using the contact options provided. The declaration of revocation does not affect the legality of the processing carried out so far.

Your data will be processed for as long as you have given your consent. Apart from this, it will be deleted after the contract between us and Mailchimp has ended, unless legal requirements make further storage necessary.

Mailchimp has implemented compliance measures for international data transfers. These apply to all global activities where Mailchimp processes personal data of natural persons in the EU. These measures are based on the EU Standard Contractual Clauses (SCCs).

Information from the third-party provider

The Rocket Science Group, LLC, 675 Ponce de Leon Ave NE Suite 5000, Atlanta, GA 30308 USA

Further information on data protection can be found in the following statements from the provider:

https://mailchimp.com/de/help/mailchimp-intuit-privacy-faq/

(3) Cookiebot

We use the Cookiebot consent management service to obtain your consent to the setting of cookies for various services. Please refer to the corresponding Cookiebot dialogue on your first visit to our website to find out which services these are specifically.

We are legally obliged to obtain your consent. Accordingly, the legal basis for this is Art. 6 para. 1 sentence 1 lit. c GDPR.

The following data is processed:

  • Anonymised IP address
  • Date & time of your consent
  • User agent of the browser
  • URL from which the consent was sent
  • Randomly generated, anonymous and encrypted key
  • Your consent status

The above-mentioned key and your consent status are stored in the „CookieConsent“ cookie in your browser for 12 months. This cookie can be used to track your consent. If you delete this cookie, the cookiebot dialogue will reappear the next time you visit our website.

Information from the third-party provider

Cybot A/S, Havnegade 39, 1058 Copenhagen, Denmark

https://www.cookiebot.com/de/privacy-policy/

(4) Online room bookings
This website uses the online service OnePageBooking from HotelNetSolutions GmbH.
If you book one of our rooms via this service, the following data will be collected from you:

  • Number of guests
  • Date of arrival and departure
  • selected room category
  • Selected extras (optional)
  • First name and surname of the invoice recipient
  • First name and surname of the guest
  • Contact details: e-mail address, telephone number
  • Billing address
  • If applicable, your consent to be informed about offers (optional)
  • Your login data (optional)
  • Your credit card details
  • If applicable, information about our gift to you (optional)

We require the data specified above as part of the conclusion of a contract to fulfil your booking. The legal basis here is Art. 6 para. 1 sentence 1 lit. b GDPR
The data is collected by the third-party provider and then transmitted to us. When selecting a saver price/prepaid tariff, the credit card data is passed on to the payment service provider for immediate debiting of the selected payment method. The third-party provider is bound to us by an order processing contract.
Optional data is only stored and processed by us if you enter it.
Your data will be stored by us for as long as it is necessary for the fulfilment of our contract. Longer-term storage takes place if this is required by law. If you create an account, your data will be stored in this account until the account is deleted by you.

Information from the third-party provider

HotelNetSolutions GmbH, Genthiner Str. 8, 10785 Berlin,
www.hotelnetsolutions.de

Information from the payment service provider:
Adyen N.V. German Branch, Friedrichstraße 63, 10117 Berlin
https://www.adyen.com/de_DE/

§ 6 Use of social media links

We use links on our website to our company's presence on various social media platforms. If you use these links, you leave our website and thus the scope of this privacy policy.

If you visit one of our social media sites, the respective platform operator will process your personal data. In this case, we are jointly responsible with this operator for the data processing operations within the meaning of Art. 26 GDPR, provided that we actually make a joint decision with the operator of the social network about the data processing and we also have an influence on the data processing. Where possible, we have concluded joint controllership agreements with the platform operators in accordance with Art. Art. 26 GDPR.

We would like to point out that, despite our joint responsibility in accordance with Art. 26 GDPR, we have no full influence on the data processing of the individual providers. Our options here are significantly influenced by the company policy of the respective platform operators.

In principle, you can assert your rights both against us and against the respective platform operator. If you assert them against us, we only have the option of forwarding them to the operator. We have no influence whatsoever on the further procedures of the operator.

ADDITIVE+ LANDINGPAGE - Online marketing and landing pages

In addition to our website, we also operate Online Hotel Marketing additionally optimised sales landing pages. To process your enquiry, booking, order, activation, registration or other transmission of a form on such a landing page and to store and save your data, we use common cloud services and CRM systems as well as software from ADDITIVE GmbH, 39011 Lana (BZ), Italy („ADDITIVE“), our supporting provider. Hotel Marketing Agency. The appropriate level of data protection is determined by the data processing agreements concluded with the respective companies.

Our landing pages use functions of the web analysis service Google Analytics from Google Inc („Google“). Google Analytics makes it possible to analyse the use of the website by its users. The information generated about your user behaviour is transferred to the provider's server and stored there.

Your IP address is recorded but immediately anonymised (e.g. by deleting the last 8 bits). This means that only a rough localisation is possible.
You can prevent the transfer of data relating to your use of the online offer to Google and the processing of this data by Google by downloading and installing the browser plug-in available under the following link:
https://chrome.google.com/webstore/detail/google-analytics-opt-out/fllaojicojecljbmefodhfapmkghcbnh

ADDITIVE has insight into the data collected by Google Analytics. This data is not used for purposes other than analysing the use of our websites and evaluating our marketing and sales measures.

Our websites and landing pages also use ADDITIVE functions for cross-channel recording of the use of our websites as well as marketing and sales measures such as landing pages, newsletters and social media presences. Information about your visits and submitted forms on our websites is also transmitted to ADDITIVE in order to evaluate and optimise our marketing and sales measures.

Data processing is carried out on the basis of the legal provisions of Art. 6 para. 1 lit f (legitimate interest) of the GDPR.

Our concern within the meaning of the GDPR (legitimate interest) is the improvement of our offer and our website by analysing the use of our website as well as sales and marketing measures.
In addition, our landing pages and our website use remarketing functions of Google Inc („Google“) and Meta Platforms Inc („Meta“). The fact that you have visited this website is transmitted to Meta and Google. These functions are used to present interest-based adverts to visitors to the landing pages in Google's advertising network or on the social network Facebook and Instagram.

Data processing in connection with these remarketing functions is carried out on the basis of the legal provisions of Art. 6 para. 1 lit a (consent) of the GDPR.

When you visit our landing pages, a banner will inform you about the use of cookies for these remarketing functions. By continuing to use the website or by clicking on the corresponding button, you consent to its use. You can revoke your consent at any time by calling up the page with the cookie information on the respective landing page and rejecting the use of cookies in the banner that appears.

ADDITIVE+ MARKETING AUTOMATION - Direct marketing

To increase customer loyalty and to sell services and additional services, we use Hotel Marketing Automation Software of ADDITIVE GmbH, 39011 Lana (BZ), Italy („ADDITIVE“) in the area of Marketing and sales automation for hotels. Data that we collect and process in connection with your enquiry, booking, order, activation, registration or other transmission of a form on the website is analysed and used to automatically provide you with offers for services and additional services via ADDITIVE+ MARKETING AUTOMATION. The appropriate level of data protection is determined by the concluded order processing agreement.

You can object to the use of your data for this purpose at any time via the unsubscribe link in the respective message.

Data processing is carried out on the basis of the legal provisions of Art. 6 para. 1 lit f (legitimate interest) of the GDPR.

Our concern within the meaning of the GDPR (legitimate interest) is to avoid disadvantages compared to our competitors, to improve our brand awareness and to maximise our economic success by making the best possible sales use of the contacts gained.

ADDITIVE+ VOUCHERS

You have the option of ordering vouchers via our website using a online voucher system to buy. To process your purchase and to store and save your data, we use the following services Voucher Marketing Tourism the voucher software from ADDITIVE GmbH, 39011 Lana (BZ), Italy („ADDITIVE“). Your data will be processed and stored within the EU/EEA.

The data you provide is required to fulfil the contract or to carry out pre-contractual measures. We cannot conclude the contract with you without this data. Data is not transferred to third parties, with the exception of the transfer of credit card data to the payment service provider for the purpose of debiting the purchase price and to our tax advisor to fulfil our tax obligations.

Data processing is carried out on the basis of the legal provisions of Art. 6 para. 1 lit a (consent) and/or lit b (necessary for contract fulfilment) of the GDPR.

ADDITIVE+ NEWSLETTER

You have the option of subscribing to our newsletter via our website. For this we need your e-mail address and your declaration that you agree to receive the newsletter. Hotel Newsletter via ADDITIVE GmbH, our provider in the field of Email Marketing Hotel are in agreement.

In order to provide you with targeted information, we collect and process data with our Newsletter system also voluntarily provided information on areas of interest, name, date of birth and region/country of origin.

As soon as you have registered for the newsletter, we will send you a confirmation e-mail with a link to confirm your registration.

You can cancel your subscription to the newsletter at any time via the unsubscribe link in the respective newsletter.

We use software from ADDITIVE OHG, 39011 Lana (BZ), Italy („ADDITIVE“) to process your subscription and to deliver the newsletter to your e-mail address. These services and systems are used to process and store your data, at least in part, outside the EU or EEA. The appropriate level of data protection results from the concluded order processing agreement.

PROTECTION OF YOUR PERSONAL DATA FROM FRAUDSTERS PERSONALLY

Important information: Protect your personal data from fraudsters

Dear guests,
The security and protection of your data is a top priority for our hotels. We would therefore like to inform you that the hotel industry is increasingly becoming the target of fraudulent cyber attacks. These attacks are designed to specifically target you as a guest. Perpetrators often use channels such as emails, social media or messenger services (e.g. WhatsApp) and pretend to be employees of our hotels.

How fraudsters operate:

  • You are contacted under false pretences (e.g. alleged payment problems).
  • They threaten to cancel your booking if you do not act immediately.
  • You are asked to enter your payment information (e.g. credit card details) via a link.

Important: These messages are fakes!

What we do to protect you:

  • Our hotels are never Request payment details from you by email, WhatsApp or other messenger services.
  • Any uncertainties with regard to payments are always personally on your arrival clarified.
  • If you have booked via a booking platform, payment problems will be exclusively directly via this platform We do not contact you directly for this purpose.

 

Tips: How to react correctly to suspicious messages

  1. Enter your credit card details or payment information never on an unknown website or to third parties.
  2. Ignore threats or requests to act immediately.
  3. Contact us directly: Use the official contact details provided on the Website of the respective hotel to clarify the facts of the case.

Your safety is important to us and we thank you for your trust in our hotels. We look forward to welcoming you to our hotels!