Please choose from the following languages:

Detail view of meeting room | Maritim Hotel München
Please choose a hotel

Data Security Information

Welcome to the Maritim Hotels Homepage!

We are very pleased that you have taken the time to visit our webpages and thank you for your interest in our company. The technological advances in our everyday lives open up a whole host of unimagined possibilities. This calls for a high level of responsibility among the companies with whom we share our personal data. We at Maritim Hotels are fully aware of this responsibility and protecting your privacy when you use our webpages is something that is particularly important to us. We comply with the applicable provisions for the protection of personal data, in particular the data protection provisions of the EU General Data Protection Regulation (GDPR).

This Data Security Policy (hereinafter referred to as the "Policy") applies solely to the webpages provided by Maritim Hotelgesellschaft mbH, its subsidiaries and all hotels within the Maritim portfolio (hereinafter referred to as "Maritim", "we" or "us").

The Controller pursuant to the General Data Protection Regulation and other national data protection laws of the Member States and other data protection provisions is:

Maritim Hotelgesellschaft mbH
Herforder Strasse 2
32105 Bad Salzuflen
Germany
Phone: +49 (0) 5222 953-0
info.vkd@maritim.de
www.maritim.com

The Controller's Data Protection Officer is:

Sebastian von der Au
EDV-Unternehmensberatung Floß GmbH 
Hopfengarten 10 
33775 Versmold 
Germany
Phone: +49 (0) 5423 964900 
datenschutz@maritim.de

Object of Data Security

The object of data protection is personal data.
Personal data pursuant to the German Federal Data Protection Act (BDSG) is any individual information relating to the personal or material circumstances of a specific or identifiable natural person. The GDPR further defines "personal data" as any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier, such as a name, an identification number, location data or an online identifier.

A Data Subject is any identified or identifiable natural person whose personal data is processed by the Controller responsible for processing.

Processing entails any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

Scope of personal data processing

In principle, we only gather and use the personal data of our users to the extent necessary to enable us to provide a functional website and our content and services. We only gather and use the personal data of our users regularly with the consent of the user. An exception applies to cases in which prior consent cannot be obtained for material reasons and the processing of the data is permitted by law.

Legal basis for personal data processing

If we obtain the consent of the data subject for the processing of personal data, Article 6 (1) a) EU General Data Protection Regulation (GDPR) shall serve as the legal basis.

When we process the personal data necessary for the fulfilment of a contract to which the data subject is a party, Article 6 (1) b) GDPR shall serve as the legal basis This also applies to processing operations necessary in order to implement pre-contractual measures.

Insofar as it is necessary to process personal data in order to fulfil a legal obligation pertaining to our company, Article 6 (1) c) GDPR shall serve as the legal basis.

In the event that the vital interests of the Data Subject or any other natural person require the processing of personal data, Article 6 (1) d) GDPR shall serve as the legal basis

If processing is necessary in order to safeguard the legitimate interests of our company or a third party, and if the interests, fundamental rights and freedoms of the Data Subject do not prevail over the primary interest, Article 6 (1) f) GDPR shall serve as the legal basis for processing.

Data deletion and storage period

The personal data belonging to the Data Subject will be deleted or blocked as soon as the reason for storage no longer applies. Further storage may be permitted if this is provided for by the European or national legislators in EU regulations, laws or other rules incumbent on the Controller. The data shall also be blocked or deleted when a storage period prescribed by the standards mentioned expires, unless it is necessary to continue to store the data for the purpose of concluding a contract or fulfilling a contract.

Description and scope of data processing

Each time our website is accessed, our system automatically gathers data and information from the computer system of the calling computer.

The following data is collected:

  • Information about the browser type and the version used
  • User's operating system
  • User's Internet service provider
  • User's anonymised IP address
  • Date and time of access
  • Websites from which the user's system accesses our website
  • Websites that the user's system accesses from our website
  • Keywords entered
  • Information about the device type used
  • Language settings
  • The frequency with which pages are called

The data is also stored in the log files of our system. This data is not stored together with other personal data belonging to the user.

Legal basis for data processing

The legal basis for the temporary storage of data and log files is Article 6 (1) f) GDPR.

Purpose of data processing

It is necessary for the IP address to be stored temporarily by the system in order to allow the website to be delivered to the user's computer. For this, the user's anonymised IP address must be stored for the duration of the session.

It is stored in log files to ensure the functionality of the website. In addition, the data is used to optimise the website and to ensure the security of our information technology systems. The data is not evaluated for marketing purposes in this context. For these purposes, our legitimate interest lies in the processing of data pursuant to Article 6 (1) f) GDPR.

Storage duration

The data will be deleted as soon as it is no longer required for the purpose for which it was gathered. If the data is gathered for the purpose of providing the website, this is the case when the respective session is terminated. When data is stored in log files, this is the case after a maximum of seven days. Longer storage is possible. In this case, the IP addresses of the users are deleted or anonymised, so that they can no longer be linked to the calling client.

Objections and remedies

The gathering of data for the provision of the website and the storage of the data in log files are essential for the operation of the website. There is consequently no possibility for the user to object.

Description and scope of data processing

Our website uses cookies. Cookies are small text files that are saved in the Internet browser or stored by the Internet browser on the user's computer system. When a user visits a website, a cookie can be stored on the user's operating system. This cookie contains a characteristic string that allows the browser to be uniquely identified when the website is next reopened.

We use cookies to make our website more user-friendly. Some elements of our website require that the calling browser should be identified even after a change of page.

The following data is stored and transmitted in the cookies:

  • Language settings
  • Information about the pull-down status of the quick booking screen
  • A session cookie (for the duration of the browser session) to temporarily save filter selections or completed forms

In addition, we also use cookies on our website to enable us to analyse our users' browsing behaviour.

The following data can be transmitted in this way:

  • Information about the browser type and the version used
  • User's operating system
  • User's Internet service provider
  • User's anonymised IP address
  • Date and time of access
  • Websites from which the user's system accesses our website
  • Websites that the user's system accesses from our website
  • Keywords entered
  • Information about the device type used
  • Language settings
  • The frequency with which pages are called

The data belonging to users collected in this way is pseudonymised using technical measures This means it is no longer possible to link data to the calling user. The data is not stored along with other personal data belonging to the user. When they access our website, users will see an info banner informing them of the use of cookies for analysis purposes and referring them to this Data Security Policy. In this context, there is also a note indicating how the user can prevent the storage of cookies in his/her browser settings. In the YourOnlineChoices preference management system you can decline usage-based online advertising from individual companies or all companies.

Legal basis for data processing

The legal basis for the processing of personal data using technically necessary cookies is Article 6 (1) f) GDPR.

The legal basis for the processing of personal data using cookies for analysis purposes is Article 6 (1) f) GDPR, provided the user has granted the appropriate consent.

Purpose of data processing

The purpose of using technically necessary cookies is to simplify the use of websites for users. Some features of our website cannot be offered without the use of cookies. For these, it is necessary that the browser should be recognised, even after a new page is accessed.

We need cookies for the following applications:

  • Shopping basket
  • Language settings
  • Information about the pull-down status of the quick booking box
  • A session cookie (for the duration of the browser session) to temporarily save filter selections or completed forms

The user data collected by means of technically essential cookies will not be used to create user profiles.

Analysis cookies are used for the purpose of improving the quality of our website and its contents. Through the use of analysis cookies, we learn how the website is used and can optimise our offer continuously.
For these purposes, our legitimate interest also lies in the processing of personal data pursuant to Article 6 (1) f) GDPR.

Storage duration, objections and remedies

Cookies are stored on the user's computer and are transmitted by it to our site. This means that you, as a user, have full control over the use of cookies. By changing the settings in your Internet browser, you can disable or restrict the transfer of cookies. Already saved cookies can be deleted at any time. This process can also be automated. If cookies are deactivated for our website, it may not be possible to use all the functions of the website to the full extent.

You can subscribe to a free newsletter on our website. All data protection information can be found on our site "Newsletter data protection".

Description and scope of data processing

There is a booking engine on our website that allows our users to make online bookings with Maritim Hotels. If a user takes advantage of this option, the data entered in the input mask will be transmitted to us and saved.

This data includes:

  • User's correct form of address
  • User's first name and last name
  • User's e-mail address
  • User's phone number
  • User's booking data
  • User's full postal address
  • User's country
  • The booked guest's title
  • The booked guest's first name and last name
  • The purpose of the stay (business or personal)
  • Further information/messages for the hotel – if provided
  • User's payment method
  • User's credit card data

To simplify and speed up the processing of future bookings, the user can also register online with a profile and save a personal password. This password will not be sent to us.

This data includes:

  • User's correct form of address
  • User's first name and last name
  • User's e-mail address
  • User's phone number
  • User's booking data
  • User's full postal address
  • User's country
  • The booked guest's title
  • The booked guest's first name and last name
  • The purpose of the stay (business or personal)
  • Further information/messages for the hotel – if provided
  • User's payment method
  • User's credit card data

Legal basis for data processing

The legal basis for the processing of data is Article 6 (1) a) GDPR, provided the user has granted the appropriate consent.

Purpose of data processing

The personal data provided in the input mask will solely be processed by us to manage the online booking and the guest's stay at the hotel. When an online booking is made via our website, this also presupposes the necessary legitimate interest in the processing of the data. The other personal data processed during the submission process is intended to prevent misuse of the online booking and to ensure the security of our IT systems.

Recipients of the data

We use service providers for the registration and booking processes. These are:

TravelClick Inc. 
55 W 46th St 27th floor
New York, New York 10036 (USA)
Service: 
Provision of TravelClick software for reservation and booking management and marketing activities.

Mews Systems B.V.
Wibautstraat 137D
1097 DN Amsterdam, Netherlands
Service: 
Provision of property management software to manage the accommodation, hotels and buildings owned by Maritim Hotelgesellschaft mbH

We have concluded the necessary data protection agreements with all service providers used.

A third country transfer of the processed personal data especially to our service provider TravelClick in the USA cannot be excluded. We have therefore concluded all necessary data protection agreements with TravelClick within the framework of commissioned processing and using the EU standard contractual clauses (2021). Supplementary safeguards have been established to protect the data subjects. In this agreement, TravelClick commits to protecting the data of our users, processing said data in accordance with its data protection provisions on our behalf and, in particular, refraining from disclosing this data to third parties. You can review the data protection provisions of TravelClick here.

Furthermore, a transfer to third countries by Mews Systems B.V. cannot be ruled out, as the provider uses subcontractors with a US connection. Here too, we have ensured that all necessary data protection agreements and measures (EU standard contractual clauses, transfer impact assessment and additional guarantees) have been implemented to protect your data.

Storage duration

The data will be stored for the duration of the session and then deleted if the user does not complete the booking. When an online booking is made, all data entered by the user will be stored and transmitted to the hotel for reservation and billing purposes.

In general, personal data will only be stored by Maritim Hotelgesellschaft mbH and TravelClick, 55 W 46th St 27th floor, New York 10036, USA for the period required in order to achieve the purpose of storage, or insofar as required by European regulators or other legislators in laws or regulations incumbent on the Controller.

When the purpose of storage no longer applies or when a storage period prescribed by the European regulator or any other relevant legislator expires, the personal data will be routinely blocked or deleted in accordance with the statutory provisions.

Objections and remedies

The user can withdraw his consent to the processing of his personal data at any time. If the user contacts us by e-mail, he may decline the storage of his personal data at any time. In such a case he will no longer be able to make online bookings using the Maritim website.

In case you wish to decline the processing of your personal data by us, please send an e-mail to widerspruch@maritim.de.

All personal data stored as part of online reservations will be deleted in this case.

MyMaritim is the central loyalty programme of the Maritim Hotelgesellschaft mbH. All data protection information can be found in the MyMaritim data protection area.

For reasons of sustainability and environmental friendliness, we provide electric charging stations at many of our hotels in the respective hotel car parks or underground garages. Our hotel guests & visitors are welcome to use these e-charging stations.

For the purpose of providing the charging stations, we have employed a service provider. This service provider takes care of the planning and installation of charging stations and the technically secure operation of the charging points. Furthermore, our service provider enables authentication and billing between the users of the e-charging stations and their e-mobility electricity providers. This service provider is Team eMobility GmbH, Reuschstraße 61 in 73092 Heiningen. We have concluded a contract with this service provider for commissioned data processing.

If you use our e-charging stations, the following personal data will be processed:

  • E-charging station including the address
  • Your e-mobility electricity provider including address
  • Meter number of your grid operator 
  • Your E-Mobility Account Identifier (EMAID) 
  • User identification (via app or RFID card)
  • Start and end of charging
  • Charging amount in kWh

We receive this data directly from you when you use the e-charging station. Without this data, we cannot provide you with an electric charging service for your vehicle at our e-charging stations.

Your data will only be used by our service provider to authenticate the users of the e-charging stations, to carry out the charging of their vehicles and to enable the proper billing of the electricity with their e-mobility electricity providers.

We process the aforementioned personal data for our hotel guests on the legal basis of the accommodation contract concluded within the meaning of Art. 6 (1) lit. b) DSGVO. Insofar as our employees use the e-charging stations with company vehicles, the legal basis of our data processing is the implementation of the employment relationship on the basis of the employment contract pursuant to Art. 6 para. 1 lit. b) DSGVO. 

For employees with private vehicles and other guests, we process this data on the basis of our legitimate interest within the meaning of Art. 6 para. 1 lit. f) DSGVO in providing sustainable charging options at our guest car parks. 

Automated decision-making does not take place. There is also no third country transfer of your data outside the EU/EEA. In addition, the following bodies may receive your data:

  • Relevant e-mobility electricity provider

Subject to any applicable statutory retention periods, we store your personal data for as long as it is required for the fulfilment of our contractual relationship.

Forms

Description and scope of data processing

Our website contains a contact form that can be used for online contacts. If a user takes advantage of this option, the data entered in the input mask will be transmitted to us and saved.

This data includes:

  • User's correct form of address
  • Subject
  • User's first name and last name
  • User's full postal address
  • User's e-mail address
  • User's country
  • User's message
  • User's title
  • User's phone number
  • User's company

At the time the message is sent, the following data is also stored:

  • User's IP address
  • Date and time of registration
  • User's correct form of address
  • Subject
  • User's first name and last name
  • User's full postal address
  • User's e-mail address
  • User's country
  • User's message
  • User's title – if provided
  • User's phone number – if provided
  • User's company – if provided

To enable data to be processed, you will be asked for your consent as part of the submission process and referred to the Data Security Policy. Alternatively, it is possible to make contact using the e-mail address provided. In this case, the user's personal data transmitted with the e-mail will be stored. Data stored in this context will not be disclosed to third parties. The data will solely be used to process the conversation.

Legal basis for data processing

The legal basis for the processing of data is Article 6 (1) a) GDPR, provided the user has granted the appropriate consent.

The legal basis for the processing of the data transmitted when an e-mail is sent is Article 6 (1) f) GDPR. If the intention behind the e-mail contact is to conclude a contract, the additional legal basis for the processing of the data is Article 6 (1) b) GDPR.

Purpose of data processing

The personal data provided in the input mask will solely be processed by us to manage contact. When contact is made by e-mail, this also presupposes the necessary legitimate interest in the processing of the data. The other personal data processed during the submission process is intended to prevent misuse of the contact form and to ensure the security of our IT systems.

Storage duration

The data will be deleted as soon as it is no longer required for the purpose for which it was gathered. In the case of the personal data entered in the input screen of the contact form and sent by e-mail, this is when the respective conversation with the user has ended. The conversation is ended when it can be inferred from the circumstances that the relevant matter has been finally clarified.

The additional personal data collected as part of the submission process will be deleted after a period of seven days at the latest.

Objections and remedies

The user can withdraw his consent to the processing of his personal data at any time. If the user contacts us by e-mail, he may decline the storage of his personal data at any time. In such cases, we will not be able to continue the conversation.

In case you wish to decline the processing of your personal data by us, please send an e-mail to widerspruch@maritim.de.

All personal data stored when contact is established will be deleted in this case.

Description and scope of data processing

Our website contains a form that can be used to request an online quote. If a user takes advantage of this option, the data entered in the input mask will be transmitted to us and saved.

This data includes:

  • User's correct form of address
  • User's first name and last name
  • User's e-mail address
  • User's message
  • User's full postal address
  • User's phone number
  • User's company

At the time the message is sent, the following data is also stored:

  • User's IP address
  • Date and time of registration
  • User's correct form of address
  • User's first name and last name
  • User's e-mail address
  • User's message
  • User's full postal address – if provided
  • User's phone number – if provided
  • User's company – if provided

To enable data to be processed, you will be asked for your consent as part of the submission process and referred to the Data Security Policy. Alternatively, it is possible to make contact using the e-mail address provided. In this case, the user's personal data transmitted with the e-mail will be stored. Data stored in this context will not be disclosed to third parties. The data will solely be used to process requests for a quote.

Legal basis for data processing

The legal basis for the processing of data is Article 6 (1) a) GDPR, provided the user has granted the appropriate consent.

The legal basis for the processing of the data transmitted when an e-mail is sent is Article 6 (1) f) GDPR. If the intention behind the e-mail contact is to conclude a contract, the additional legal basis for the processing of the data is Article 6 (1) b) GDPR.

Purpose of data processing

The personal data provided in the input mask will solely be processed by us to manage the request for a quote. When contact is made by e-mail, this also presupposes the necessary legitimate interest in the processing of the data. The other personal data processed during the submission process is intended to prevent misuse of the enquiry form and to ensure the security of our IT systems.

Storage duration

The data will be deleted as soon as it is no longer required for the purpose for which it was gathered. In the case of the personal data entered in the input screen of the enquiry form and sent by e-mail, this is when the respective conversation with the user has ended. The conversation is ended when it can be inferred from the circumstances that the relevant matter has been finally clarified.

The additional personal data collected as part of the submission process will be deleted after a period of seven days at the latest.

Objections and remedies

The user can withdraw his consent to the processing of his personal data at any time. If the user contacts us by e-mail, he may decline the storage of his personal data at any time. In such cases, we will not be able to continue the conversation.

In case you wish to decline the processing of your personal data by us, please send an e-mail to widerspruch@maritim.de.

All personal data stored as part of offer enquiries will be deleted in this case.

Description and scope of data processing

Our website contains a request form that can be used to request an electronic copy of our brochures. If a user takes advantage of this option, the data entered in the input mask will be transmitted to us and saved.

This data includes:

  • User's first name and last name
  • User's full postal address
  • User's e-mail address
  • User's country
  • User's company

At the time the message is sent, the following data is also stored:

  • User's IP address
  • Date and time of registration
  • User's first name and last name
  • User's full postal address
  • User's e-mail address
  • User's country – if provided
  • User's company – if provided

To enable data to be processed, you will be asked for your consent as part of the submission process and referred to the Data Security Policy. Alternatively, it is possible to make contact using the e-mail address provided. In this case, the user's personal data transmitted with the e-mail will be stored. Data stored in this context will not be disclosed to third parties. The data will solely be used to process brochure orders.

Legal basis for data processing

The legal basis for the processing of data is Article 6 (1) a) GDPR, provided the user has granted the appropriate consent.

The legal basis for the processing of the data transmitted when an e-mail is sent is Article 6 (1) f) GDPR. If the intention behind the e-mail contact is to conclude a contract, the additional legal basis for the processing of the data is Article 6 (1) b) GDPR.

Purpose of data processing

The personal data provided in the input mask will solely be processed by us to manage the request for a brochure. When contact is made by e-mail, this also presupposes the necessary legitimate interest in the processing of the data. The other personal data processed during the submission process is intended to prevent misuse of the brochure request form and to ensure the security of our IT systems.

Storage duration

The data will be deleted as soon as it is no longer required for the purpose for which it was gathered. In the case of the personal data entered in the input screen of the brochure request form and sent by e-mail, this is when the respective brochure request has been processed. Processing is complete when the ordered brochures have been posted or sent as a PDF by e-mail or, in the case of regular mailings, when the guest declines to receive further brochures.

The additional personal data collected as part of the submission process will be deleted after a period of seven days at the latest.

Objections and remedies
The user can withdraw his consent to the processing of his personal data at any time. If the user contacts us by e-mail, he may decline the storage of his personal data at any time. In such cases, we will not be able to process the request for a brochure.

In case you wish to decline the processing of your personal data by us, please send an e-mail to widerspruch@maritim.de.

All personal data stored when a brochure is requested will be deleted in this case.

Description and scope of data processing

Our website contains a form that can be used to make online enquiries about conferences. If a user takes advantage of this option, the data entered in the input mask will be transmitted to us and saved.

This data includes:

  • User's company
  • User's first name and last name
  • User's full postal address
  • User's phone number
  • User's e-mail address
  • User's message
  • User's mobile phone number
  • User's fax number

At the time the message is sent, the following data is also stored:

  • User's IP address
  • Date and time of registration
  • User's company
  • User's first name and last name
  • User's full postal address
  • User's phone number
  • User's e-mail address
  • User's message
  • User's mobile phone number – if provided
  • User's fax number – if provided

To enable data to be processed, you will be asked for your consent as part of the submission process and referred to the Data Security Policy. Alternatively, it is possible to make contact using the e-mail address provided. In this case, the user's personal data transmitted with the e-mail will be stored. Data stored in this context will not be disclosed to third parties. The data will solely be used to process the conference enquiry.

Legal basis for data processing

The legal basis for the processing of data is Article 6 (1) a) GDPR, provided the user has granted the appropriate consent.

The legal basis for the processing of the data transmitted when an e-mail is sent is Article 6 (1) f) GDPR. If the intention behind the e-mail contact is to conclude a contract, the additional legal basis for the processing of the data is Article 6 (1) b) GDPR.

Purpose of data processing

The personal data provided in the input mask will solely be processed by us to manage the conference enquiry. When contact is made by e-mail, this also presupposes the necessary legitimate interest in the processing of the data. The other personal data processed during the submission process is intended to prevent misuse of the conference enquiry form and to ensure the security of our IT systems.

Storage duration

The data will be deleted as soon as it is no longer required for the purpose for which it was gathered. In the case of the personal data entered in the input screen of the conference enquiry and sent by e-mail, this is when the user has received a quote or a contract has been concluded. The conference enquiry is ended when it can be inferred from the circumstances that the relevant matter has been finally clarified.

The additional personal data collected as part of the submission process will be deleted after a period of seven days at the latest.

Objections and remedies

The user can withdraw his consent to the processing of his personal data at any time. If the user contacts us by e-mail, he may decline the storage of his personal data at any time. In such cases, we will not be able to process the conference enquiry.

In case you wish to decline the processing of your personal data by us, please send an e-mail to widerspruch@maritim.de.

All personal data stored when a conference inquiry is received will be deleted in this case.

Description and scope of data processing

Our website contains a form that can be used to make an online catering enquiry. If a user takes advantage of this option, the data entered in the input mask will be transmitted to us and saved.

This data includes:

  • User's first name and last name
  • User's full postal address
  • User's phone number
  • User's e-mail address
  • User's message
  • User's company
  • User's mobile phone number
  • User's fax number

At the time the message is sent, the following data is also stored:

  • User's IP address
  • Date and time of registration
  • User's first name and last name
  • User's full postal address
  • User's phone number
  • User's e-mail address
  • User's message
  • User's company – if provided
  • User's mobile phone number – if provided
  • User's fax number – if provided

To enable data to be processed, you will be asked for your consent as part of the submission process and referred to the Data Security Policy. Alternatively, it is possible to make contact using the e-mail address provided. In this case, the user's personal data transmitted with the e-mail will be stored. Data stored in this context will not be disclosed to third parties. The data will solely be used to process catering enquiries.

Legal basis for data processing

The legal basis for the processing of data is Article 6 (1) a) GDPR, provided the user has granted the appropriate consent.

The legal basis for the processing of the data transmitted when an e-mail is sent is Article 6 (1) f) GDPR. If the intention behind the e-mail contact is to conclude a contract, the additional legal basis for the processing of the data is Article 6 (1) b) GDPR.

Purpose of data processing

The personal data provided in the input mask will solely be processed by us to manage the catering enquiry. When contact is made by e-mail, this also presupposes the necessary legitimate interest in the processing of the data. The other personal data processed during the submission process is intended to prevent misuse of the catering enquiry form and to ensure the security of our IT systems.

Storage duration

The data will be deleted as soon as it is no longer required for the purpose for which it was gathered. In the case of the personal data entered in the input screen of the catering enquiry and sent by e-mail, this is when the user has received a quote or a contract has been concluded. The catering enquiry is ended when it can be inferred from the circumstances that the relevant matter has been finally clarified.

The additional personal data collected as part of the submission process will be deleted after a period of seven days at the latest.

Objections and remedies

The user can withdraw his consent to the processing of his personal data at any time. If the user contacts us by e-mail, he may decline the storage of his personal data at any time. In such cases, we will not be able to process the catering enquiry.

In case you wish to decline the processing of your personal data by us, please send an e-mail to widerspruch@maritim.de.

All personal data stored when a catering enquiry is received will be deleted in this case.

Description and scope of data processing

Our website contains a form that can be used to make an SME contract enquiry. If a user takes advantage of this option, the data entered in the input mask will be transmitted to us and saved.

This data includes:

  • User's correct form of address
  • User's company
  • User's first name and last name
  • User's full postal address
  • User's phone number
  • User's e-mail address
  • User's country
  • User's message
  • User's title

At the time the message is sent, the following data is also stored:

  • User's IP address
  • Date and time of registration
  • User's correct form of address
  • User's company
  • User's first name and last name
  • User's full postal address
  • User's phone number
  • User's e-mail address
  • User's country
  • User's message
  • User's title

To enable data to be processed, you will be asked for your consent as part of the submission process and referred to the Data Security Policy. Alternatively, it is possible to make contact using the e-mail address provided. In this case, the user's personal data transmitted with the e-mail will be stored. Data stored in this context will not be disclosed to third parties. The data will solely be used to process SME contract enquiries.

Legal basis for data processing

The legal basis for the processing of data is Article 6 (1) a) GDPR, provided the user has granted the appropriate consent.

The legal basis for the processing of the data transmitted when an e-mail is sent is Article 6 (1) f) GDPR. If the intention behind the e-mail contact is to conclude a contract, the additional legal basis for the processing of the data is Article 6 (1) b) GDPR.

Purpose of data processing

The personal data provided in the input mask will solely be processed by us to manage the SME contract enquiry. When contact is made by e-mail, this also presupposes the necessary legitimate interest in the processing of the data. The other personal data processed during the submission process is intended to prevent misuse of the SME contract enquiry form and to ensure the security of our IT systems.

Storage duration

The data will be deleted as soon as it is no longer required for the purpose for which it was gathered. In the case of the personal data entered in the input screen of the SME contract enquiry and sent by e-mail, this is when the user has received the offer of a contract or a contract has been concluded. The SME contract enquiry is ended when it can be inferred from the circumstances that the relevant matter has been finally clarified.

The additional personal data collected as part of the submission process will be deleted after a period of seven days at the latest.

Objections and remedies

The user can withdraw his consent to the processing of his personal data at any time. If the user contacts us by e-mail, he may decline the storage of his personal data at any time. In such cases, we will not be able to process the SME contract enquiry.

In case you wish to decline the processing of your personal data by us, please send an e-mail to widerspruch@maritim.de.

All personal data stored when an SME contract inquiry is received will be deleted in this case.

Description and scope of data processing

Our website contains an order form that can be used to place online orders for geese or other catering services. If a user takes advantage of this option, the data entered in the input mask will be transmitted to us and saved.

This data includes:

  • User's correct form of address
  • User's first name and last name
  • User's full postal address
  • User's e-mail address
  • User's message
  • User's company
  • User's phone number

At the time the message is sent, the following data is also stored:

  • User's IP address
  • Date and time of registration
  • User's correct form of address
  • User's first name and last name
  • User's full postal address
  • User's e-mail address
  • User's message
  • User's company
  • User's phone number

To enable data to be processed, you will be asked for your consent as part of the submission process and referred to the Data Security Policy. Alternatively, it is possible to make contact using the e-mail address provided. In this case, the user's personal data transmitted with the e-mail will be stored. Data stored in this context will not be disclosed to third parties. The data will solely be used to process orders.

Legal basis for data processing

The legal basis for the processing of data is Article 6 (1) a) GDPR, provided the user has granted the appropriate consent.

The legal basis for the processing of the data transmitted when an e-mail is sent is Article 6 (1) f) GDPR. If the intention behind the e-mail contact is to conclude a contract, the additional legal basis for the processing of the data is Article 6 (1) b) GDPR.

Purpose of data processing

The personal data provided in the input mask will solely be processed by us to manage the order. When contact is made by e-mail, this also presupposes the necessary legitimate interest in the processing of the data. The other personal data processed during the submission process is intended to prevent misuse of the order form and to ensure the security of our IT systems.

Storage duration

The data will be deleted as soon as it is no longer required for the purpose for which it was gathered. In the case of the personal data entered in the input screen of the order form and sent by e-mail, this is when the user has received an order confirmation and/or the order has been collected from the hotel or delivered to the user. The order for geese and/or other catering services is ended when it can be inferred from the circumstances that the relevant matter has been finally clarified.

The additional personal data collected as part of the submission process will be deleted after a period of seven days at the latest.

Objections and remedies

The user can withdraw his consent to the processing of his personal data at any time. If the user contacts us by e-mail, he may decline the storage of his personal data at any time. In such cases, we will not be able to process the order.

In case you wish to decline the processing of your personal data by us, please send an e-mail to widerspruch@maritim.de.

All personal data stored when we receive an order for geese and/or other catering services will be deleted in this case.

Description and scope of data processing

Our website contains a form for the Maritim Hotel Travel Service, Kuelpstrasse 2, 64293 Darmstadt, Germany, that can be used to request an online quote. If a user takes advantage of this option, the data entered in the input mask will be transmitted to us and saved.

This data includes:

  • User's correct form of address
  • User's name
  • User's e-mail address
  • User's message
  • User's travel date
  • User's full postal address
  • User's phone number

At the time the message is sent, the following data is also stored:

  • User's IP address
  • Date and time of registration
  • User's correct form of address
  • User's name
  • User's e-mail address
  • User's message
  • User's travel date
  • User's full postal address – if provided
  • User's phone number – if provided

To enable data to be processed, you will be asked for your consent as part of the submission process and referred to the Data Security Policy. Alternatively, it is possible to make contact using the e-mail address provided. In this case, the user's personal data transmitted with the e-mail will be stored. Data stored in this context will not be disclosed to third parties. The data will solely be used to process requests for a quote.

Legal basis for data processing

The legal basis for the processing of data is Article 6 (1) a) GDPR, provided the user has granted the appropriate consent.

The legal basis for the processing of the data transmitted when an e-mail is sent is Article 6 (1) f) GDPR. If the intention behind the e-mail contact is to conclude a contract, the additional legal basis for the processing of the data is Article 6 (1) b) GDPR.

Purpose of data processing

The personal data provided in the input mask will solely be processed by us to manage the request for a quote. When contact is made by e-mail, this also presupposes the necessary legitimate interest in the processing of the data. The other personal data processed during the submission process is intended to prevent misuse of the enquiry form and to ensure the security of our IT systems.

Storage duration

The data will be deleted as soon as it is no longer required for the purpose for which it was gathered. In the case of the personal data entered in the input screen of the enquiry form and sent by e-mail, this is when the respective conversation with the user has ended. The conversation is ended when it can be inferred from the circumstances that the relevant matter has been finally clarified.

The additional personal data collected as part of the submission process will be deleted after a period of seven days at the latest.

Objections and remedies

The user can withdraw his consent to the processing of his personal data at any time. If the user contacts us by e-mail, he may decline the storage of his personal data at any time. In such cases, we will not be able to continue the conversation.

In case you wish to decline the processing of your personal data by us, please send an e-mail to widerspruch@maritim.de.

All personal data stored as part of offer enquiries will be deleted in this case.

Statistical Evaluations and Plug-Ins

We gather additional data relating to individual services from our Company for statistical purposes, for example. In order to establish a basis for our media data, we determine, for example, how often pages are accessed or which of our online offers are particularly popular. Some of our sites also have integrated plug-ins or add-ons, such as Facebook for example.

This website uses Google Analytics Universal, web analysis service of Google Inc. ("Google"). Google Analytics uses "cookies", which are text files placed on your computer, to help the website analyse how you use the site. The information generated by the cookie concerning your use of this website generally will be passed on to a Google server in the USA and saved there. We wish to expressly point out that the website uses Google Analytics with the "anonymizeIp" add-on, which means that IP addresses are only processed in truncated form to prevent any direct reference to a particular person. The full IP address will only be transmitted to a Google server in the US and truncated there in exceptional cases. Acting on behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide other services related to website activity and Internet usage to the website operator. The IP address provided by your browser as part of Google Analytics will not be merged with other Google data. You may refuse to allow the storage of cookies by selecting the appropriate settings in your browser software, however please note that if you do this you may not be able to use the full functionality of this website. In addition, you may prevent the collection of the data generated by the cookie and related to your use of the website (including your IP address) by Google as well as the processing of this data by Google by downloading and installing the browser plug-in available under the following Link. As an alternative to the browser add-on or within browsers on mobile devices, please click this link to prevent the gathering of data by Google Analytics within this website in the future (the opt-out only applies in the particular browser and only for this domain). This involves placing an opt-out cookie on your device. To delete cookies in the respective browser, you must click this link again.

Sessions generally end after 30 minutes of inactivity, while campaigns end after six months. The time limit for campaigns can be a maximum of two years. For more information on Terms of Use and Data Security see: https://www.google.com/analytics/terms/de.html

Google Tag Manager is used on our websites to manage our website tags by means of an interface. The Tag Manager itself is a cookie-free domain that does not gather personal data. The task of the tool is to trigger other tags, which in turn may capture data under certain circumstances. However, Google Tag Manager does not access this data. Of course it is possible to obtain additional information about this and to disable the service if necessary. Click here to opt-out of tracking by Google Tag Manager.

We use maps from Google Maps on the website to help you find your way around. Google Maps is a service of Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA ("Google"). When you call the contact pages, your web browser will be instructed to load the necessary functions and map data directly from the Google server. These servers can be located in the US or other countries around the world. We have no control over this and do not receive information from Google indicating whether you have exchanged map information when visiting our site. We do not know whether Google only provides you with the technically necessary information or whether it stores and evaluates other information about you or your system, such as IP addresses, information about your browser, etc. Google publishes a Data Security Policy that also applies to Google Maps. In particular, we would point out that Google handles the following categories of data: device-based information, IP address, hardware settings, browser type, browser language, date and time of your request and referral URL, cookies (can be blocked by you in the browser settings, see also above), location-related information. Google may link the data with other information about you and use the data collected through the services to provide, maintain, protect and improve Google services, to develop new services, and to protect Google and its users. Google also uses this information to provide you with tailored content - for example, to deliver more relevant search results and advertising. By using data collected through cookies and other technologies, such as pixel tags, Google improves your overall experience and the quality of Google's services. For example, Google allows you to save your preferred language setting in order to display services in your preferred language. Google will ask for your consent before it uses information for purposes other than those listed in Google's Data Security Policy. With your consent, Google will also share information with third parties for order data processing and for legal reasons. You can also change your privacy settings on Google when you log in. Google also adheres to several self-regulatory commitments and also deals with complaints.

Conversion Tracking is used as part of the Google AdWords ("AdWords") advertising program of Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA ("Google") in order to analyse campaign performance on this website. The information gathered using the conversion cookie is used to generate conversion statistics for AdWords customers who have opted for Conversion Tracking. Customers are told the total number of users who clicked on their ad and were redirected to a page with a conversion tracking tag. However, they do not receive information can be used to identify specific users.

If you click on an ad displayed by Google, a cookie will be placed on your computer. The information gathered by the AdWords cookie is used to generate conversion statistics. The cookies used in the context of conversion tracking lose their validity after 30 days, contain no personal data and are therefore cannot be used for personal identification. If our website is accessed before the deadline expires, both we and Google can use the cookie to see that the user clicked on the ad and was redirected to this page. Each Google AdWords customer is given a different cookie. Thus, there is no way that cookies can be tracked through the websites of AdWords customers.

If you do not wish to participate in the tracking process, you can also refuse to allow the necessary cookie to be set- for example, via a browser setting that generally disables the automatic setting of cookies.
You may permanently deactivate the use of cookies by Google by modifying the following link and the settings for managing cookies:

https://www.google.com/policies/technologies/managing/

https://www.google.com/policies/technologies/ads/

On this website, we also use the Remarketing function of Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA ("Google"). This function makes it possible to target visitors to the website with personalised, interest-based advertising. Interest-based advertising is seen to the visitor as soon as he searches for something on Google or on websites operated by search network partners.

In order to analyse website use, Google uses cookies that form the basis for the creation of interest-based advertisements. The cookie records website visits as well as anonymised data on the use of the website. However, personal data is not saved. Subsequent visits to other sites in the Google Search Network will then display ads that are likely to reflect the product and information areas previously accessed by the site visitor.

However, if you do not wish to use Google Remarketing, you can always disable it by making the appropriate settings in the link below.

The website uses social plug-ins (hereafter referred to as "plug-ins") of the facebook.com social network, which is operated by Facebook Inc., 1601 S. California Ave., Palo Alto, CA 94304, USA (hereinafter referred to as "Facebook"). The plug-ins can be identified by one of the Facebook logos (a white letter "f" on a blue tile or a "thumbs up" symbol) or are marked with the "Facebook Social Plug-in" add-on. The list of Facebook Social Plug-ins and what they look like can be seen here.

When a user visits a page of this website that contains such a plug-in, his browser will make a direct connection to the Facebook servers. The content of the plug-in will be transmitted by Facebook directly to the user's browser, which will incorporate this into the webpage. This means that the provider has no influence on the amount of data that Facebook collects using this plug-in. According to the provider's current knowledge, Facebook operates as follows:

The incorporation of the plug-ins, tells Facebook that a user has accessed the relevant page of the provider's website. If the user is logged into Facebook, Facebook can link the visit to his Facebook account. When users interact with the plug-ins, e.g. by using the "Like" or by leaving a comment, the relevant information is transmitted directly from the user's browser to Facebook and stored there. If a user is not a member of Facebook, it is still possible for Facebook to identify and save his IP address. According to Facebook, only an anonymised IP address is stored in Germany.

The purpose and scope of data gathering and further processing and use of the data by Facebook, as well as the rights and setting options to protect users' privacy, can be found in Facebook's Data Security Policy.

Users who are also Facebook user and who do not want Facebook to collect data about them via the provider's website and link it with their user data stored at Facebook must log out of Facebook before visiting the website. It is also possible to block Facebook social plug-ins with add-ons for the user's browser, for example with the "Facebook Blocker".

At this point we would like to inform you about the processing of personal data through the XING Share button function.

The "XING Share button" is used on this website. When you access this website, your browser will briefly connect to XING SE ("XING") servers which are used to provide the "XING Share Button" functions (in particular the calculation/display of the counter value). XING does not store personal data about you when this website is called. In particular, XING does not store IP addresses Likewise, there is no evaluation of your usage behaviour through the use of cookies in connection with the "XING Share button". The current data protection information relating to the "XING Share button" and additional information can be found on the website.

Our site uses provider YouTube LLC, 901 Cherry Avenue, San Bruno, CA 94066, USA, represented by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA for the integration of videos.
Usually, when you visit an embedded video page, your IP address will be sent to YouTube and cookies will be installed on your machine. However, we have incorporated our YouTube videos with enhanced data protection mode. In this case, YouTube will still contact the Google DoubleClick service, however, in line with Google's Data Security Policy, personal information will not be evaluated.

According to YouTube, in "enhanced data protection mode", data, in particular details of which of our webpages you have visited, is only transmitted to the YouTube server if you watch the video. If you click the video, your IP address will be sent to YouTube, and YouTube will know that you have watched the video. If you are logged into YouTube at the same time, this information will be linked to your user account on YouTube. You can prevent this by logging out of your user account before visiting our website.

We have no knowledge of the possible collection and use of your data by YouTube at this point and have no influence over this. You will find more information in the YouTube Data Security Policy. In addition, we would also refer you to our general presentation in this Data Security Policy in relation to the general handling and deactivation of cookies.

This website uses X buttons. These buttons are provided by Twitter Inc. 415 Mission Street Floor 10 San Francisco, CA 94105 USA (hereinafter referred to as "X"). These can be recognised by terms such as "X" or "Follow", linked to a stylised blue bird. Using the X buttons, it is possible to share a post or page of this website on X or follow the provider on X.

When a user visits a page of this website that contains such a X button, his browser will make a direct connection to the X servers. The content of the X buttons will be transmitted by X directly to the user's browser. This means that the provider has no influence on the amount of data that X collects using this plug-in. According to X, only the IP address of the user and the URL of the respective website are transmitted when the X button is used; this data is only used to display the X button.

Further information about the X service and the X buttons can be found in X's Data Security Policy.

We link from our site to the social media network Pinterest, of the company Pinterest Inc, 808 Brannan Street, San Francisco, CA 94103, USA. For the European area, the Irish company Pinterest Europe Ltd. (Palmerston House, 2nd Floor, Fenian Street, Dublin 2, Ireland) is responsible for all data protection-relevant aspects.

No data is collected from our side and given to Pinterest. The data protection relevant part only takes place on the Pinterest site and can be checked here: https://policy.pinterest.com/de/privacy-policy

Our websites and online services use also Sojern (Sojern INTL Limited, 7-8 Mount Street Upper, Dublin 2, D02FT59, Ireland) to evaluate fully anonymised information about the browsing habits of visitors to our websites for internal marketing purposes. This technology enables the recommendations and ads that match our users' interests to be displayed when they visit thirdparty websites. Pixel-Tags (Web Beacons), Cookies and other tracking technologies are used for this purpose. It is impossible to identify the user in person from this data. The data gathered by Sojern is used for the sole purpose of providing relevant content and online offers to users of our websites. Users of our website can prevent the use of cookies by our website, as described above, at any time by making an appropriate setting in their Internet browser, thus permanently preventing the setting of cookies.

Should you visit our website using your mobile device, an advertising service may also collect your device's unique identifier, or location, and attempt to synchronize your mobile website visit with other website visits.

When a relevant advertisement is served to you on another website that uses data collected from this website, it's referred to as an "Interest-Based" Ad and the advertisement should include a blue "Adchoices" icon in the upper-right hand corner. If you click on the Adchoices icon, you can learn more about the facilitating advertising service, and your opportunity to opt-out of Interest-Based ads from that service. We do not have access to, nor control over, these advertising services use of cookies when Interest-Based ads are served to you. However, you may choose to opt-out of the use of this information by clicking here.

Please note that by opting out, you will continue to see ads, but they may not be as relevant based on your travel interests.

We use Google Fonts on our website. This enables us to integrate certain fonts into our website. Google Fonts is a service of Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA ("Google"). The fonts are not loaded from Google, but are installed locally on our web server.

For more information on Terms of Use and Data Protection see: https://www.google.com/policies/privacy/

Personal data will be transferred to locations in third countries if

  • this is necessary in order to complete the website user's booking and manage the guest's stay at the hotel
  • it is required by law
  • or it has been approved by the user

As already mentioned elsewhere in this Privacy Policy, for certain tasks our company cooperates with service providers whose corporate headquarters are located in third countries, whose parent company is located in third countries or which themselves cooperate with companies located in third countries. Such cooperation is permissible if it has been determined by the European Commission that an adequate level of protection exists in the third countries in question (called an Adequacy Decision in Art. 45 GDPR). If this is not the case, it is ensured at all times that, in the case of service providers with a third-country connection without an adequacy decision, the special requirements of the General Data Protection Regulation for third-country transfers (Art. 44 and 46 et seqq. GDPR) are met.

The standard case here is the conclusion of EU standard contractual clauses as part of commissioned data processing (Art. 46 (2) (c) GDPR) in order to contractually bind the respective service providers. In such clauses, the service providers commit to protectingg the data of our users, processing said data in accordance with its data protection provisions on our behalf and, in particular, refraining from disclosing this data to third parties. To minimise the risks for data subjects, supplementary safeguards are established, such as encryption or other contractual, technical or organisational safeguards. We will not perform any further transfer of personal data beyond the described type of cooperation.

Personal data will only be stored by Maritim Hotelgesellschaft mbH for the period required in order to achieve the purpose of storage, or insofar as required by European regulators or other legislators in laws or regulations incumbent on the Controller.

When the purpose of storage no longer applies or when a storage period prescribed by the European regulator or any other relevant legislator expires, the personal data will be routinely blocked or deleted in accordance with the statutory provisions.

External service providers, such as the mail service or mailing companies that process personal data on behalf of Maritim Hotelgesellschaft mbH are subject to the statutory data protection regulations and may only process the data provided for the specific purpose in hand.

External links

To offer you the best possible information, you will find links on our pages that refer to third-party websites. If such links are not obviously apparent, we point out that these are external links. Maritim Hotelgesellschaft mbH has no influence on the content and design of these websites and the data protection practices of third parties. We cannot accept any responsibility for this. The details of our Data Security Policy do not apply there. Thus, if you click on an advertisement or a third-party link, you should be aware that you are leaving the Maritim Hotelgesellschaft mbH service and that any personal data you provide will no longer be covered by this Data Security Policy. Please read the data protection statements of the other website owners to find out how your personal information is gathered and processed on these websites.

Declaration of consent by the user

By using our websites and online offers, you agree that the data voluntarily provided and transmitted by you may be stored by us and used and processed in compliance with this Data Security Policy.

If you process personal data, you are a Data Subject under the terms of the GDPR and you have the following rights in relation to the Controller:

1. Right to information

You may ask the Controller to confirm whether personal data relating to you is processed by us.

If such processing is taking place, you can request information from the Controller about the following:

  1. the purposes for which personal data is being processed;
  2. the categories of personal data being processed;
  3. the recipients or categories of recipients to whom the personal data relating to you has been disclosed or is still being disclosed;
  4. the planned duration of the storage of your personal data or, if specific information is not available, criteria for determining the duration of storage;
  5. the existence of a right to the correction or deletion of personal data concerning you, a right to restrict processing by the Controller or a right to object to such processing;
  6. the existence of a right of appeal to a supervisory authority;
  7. all available information on the origin of the data if the personal data is not gathered from the Data Subject;
  8. the existence of automated decision-making, including profiling, under Article 22 (1) and (4) GDPR and, at least in these cases, meaningful information about the logic involved, and the scope and intended impact of such processing on the Data Subject.

You have the right to request information about whether your personal data is transferred to a third country or an international organisation. In this context, you can request the appropriate guarantees pursuant to Article 46 GDPR in connection with the transfer.

2. Right of correction

You have a right to correction and/or completion in relation to the Controller, if the processed personal data relating to you is incorrect or incomplete. The Controller must carry out the correction without delay.

3. Right to restrict processing

You may demand that the processing of your personal data should be restricted under the following conditions:

  1. if you contest the accuracy of the personal data relating to you for a period of time that enables the Controller to verify the accuracy of your personal data;
  2. processing is unlawful and you refuse to allow the personal data to be deleted and instead request restriction of the use of the personal data;
  3. the Controller no longer requires personal data for the purposes of processing, but you need this data to assert, exercise or defend legal claims, or
  4. if you objected to processing pursuant to Article 21 (1) GDPR and it is not yet certain whether the justified grounds of the Controller take precedence over your grounds.

If the processing of personal data relating to you has been restricted, apart from storage this data may only be used with your consent or for the purpose of asserting, exercising or defending legal claims or protecting the rights of another natural or legal person or on grounds of important public interest for the European Union or a Member State.

If the restriction on processing is limited according to the aforementioned conditions, you will be informed by the Controller before the restriction is lifted.

4. Right of deletion

a) Duty of deletion
You may require the Controller to delete your personal data without delay, and the Controller is required to delete that information immediately if one of the following grounds applies:

  1. Your personal data is no longer necessary for the purposes for which it was collected or otherwise processed.
  2. You revoke your consent to processing pursuant to Article 6 (1) a) or Article 9 (2) a) GDPR and there is no other legal basis for processing.
  3. You object to processing pursuant to Article 21 (1) GDPR and there are no overriding justifiable reasons for processing, or you object to processing pursuant to Article 21 (2) GDPR.
  4. The personal data relating to you has been processed illegally.
  5. It is necessary to delete personal data relating to you in order to fulfil a legal obligation under European Union law or the law of the Member States incumbent on the Controller.
  6. The personal data relating to you was gathered in relation to an information society service pursuant to Article 8 (1) GDPR.

b) Information to third parties

If the Controller has made the personal data relating to you public and if he is obliged to delete it pursuant to Article 17 (1) of the GDPR, it shall take the appropriate steps, including technical measures, taking into account available technology and implementation costs, to inform Controllers responsible for data processing who process the personal data that you, as a Data Subject, have demanded the deletion of all links to such personal data or copies or duplicates of such personal data.

c) Exceptions

The right of deletion does not exist if processing is necessary

  1. in order to exercise the right to freedom of expression and information;
  2. to fulfil a legal obligation required by the law of the European Union or of the Member States incumbent on the Controller, or to implement a task in the public interest or in the exercise of the official authority conferred on the Controller;
  3. for reasons of public interest in the area of public health pursuant to Article 9 (2) h) and Article 9 (3) GDPR;
  4. for archival purposes of public interest, scientific or historical research purposes or for statistical purposes pursuant to Article 89 (1) GDPR, to the extent that the law referred to in subparagraph (a) is likely to render impossible or seriously impair the achievement of the objectives of this processing, or
  5. to assert, exercise or defend legal claims.

Right to information

If you have the right of correction, deletion or restriction of processing in relation to the Controller, the latter is obliged to notify all recipients to whom your personal data has been disclosed of this correction or deletion of data or restriction of processing, unless this proves to be impossible or requires disproportionate effort.

You are entitled to require the Controller to reveal the identity of these recipients to you.

Right to data transferability

You have the right to receive the personal data that you have supplied to the Controller in a structured, current, machine-readable format. In addition, you have the right to transfer this data to another Controller without hindrance from the Controller to whom the personal data was supplied, provided that

  1. processing is based on consent pursuant to Article 6 (1) a) GDPR or Article 9 (2) a) GDPR or on a contract pursuant to Article 6 (1) b) GDPR and
  2. processing involves an automated procedure.

In exercising this right, you are also entitled to require that the personal data relating to you should be transmitted directly from one Controller to another Controller, insofar as this is technically feasible. This must not impair the freedoms and rights of other persons.

The right to data portability does not apply to the processing of personal data necessary for to implement a task in the public interest or in the exercise of the official authority conferred on the Controller.

Right of objection

You have the right to object to processing of your personal data at any time, for reasons that arise from your particular situation pursuant to Article 6 (1) e) or f) GDPR; this also applies to profiling based on these provisions.

The Controller will no longer process personal data relating to you unless he can demonstrate compelling legitimate grounds for processing that outweigh your interests, rights and freedoms, or processing is for the purpose of enforcing, exercising or defending legal claims.

If the personal data relating to you is processed for direct marketing purposes, you have the right to object at any time to the processing of your personal data for the purpose of such advertising; this also applies to profiling insofar as it is associated with such direct marketing.

If you object to processing for direct marketing purposes, your personal data will no longer be processed for these purposes.

Directive 2002/58/EC notwithstanding, you have the option, in the context of the use of information society services, of exercising your right to object through automated procedures that use technical specifications.

Questions/right of appeal to a supervisory authority

If you have further questions regarding the protection of your personal data, this Data Security Policy, declarations of consent and the processing of your personal data or complaints about data protection, you can contact our Data Protection Officer at the following e-mail address: datenschutz@maritim.de

Without prejudice to other administrative or judicial remedies, you shall have the right of appeal to a supervisory authority, in particular in the Member State of your place of residence, employment or the place of the alleged breach, if you believe that the processing of your personal data violates the GDPR.

The supervisory authority is the Data Protection Authority for North Rhine-Westphalia in Dusseldorf.

We take corporate data protection very seriously. We use modern data storage and security techniques to ensure your data gets the best possible protection. Naturally, our security measures are constantly being improved in line with technological developments. Our employees and subcontractors engaged by us (service providers) have been contractually bound by us to confidentiality and compliance with the IT/security regulations and the applicable data protection regulations.

Both we and our contracting partners protect your personal data from unauthorised access, loss, use or disclosure, and ensure that your personal data is kept in a controlled secure environment that complies with legal requirements and that prevents unauthorised access, loss or disclosure.

Technical and organisational measures have been taken in our company to meet the legal requirements of the BDSG and the GDPR and to protect your data against damage, destruction, falsification, manipulation and unauthorised access. Your data is transferred in encrypted form and then stored in a database. All systems in which your personal data is stored are protected against access and are only accessible to a specific group of persons responsible for personnel.

In order to avoid unnecessary amounts of data, we only gather, process and use your personal data insofar as this is necessary within the scope of our service offer.

Data is collected by Maritim Hotelgesellschaft mbH as well as by subcontractors engaged by it.

Amendments to the Data Security Policy

Please note that data protection regulations and data protection practices are subject to constant change and the contents of this Data Security Policy may need to be amended. If so, we will explain the changes to you in a transparent manner. It is also advisable to familiarise yourself with any changes in the legal provisions and practices of our company.

Date 24th of August 2023

 

Book online
Close

Online booking

Please choose a hotel