Responsibility for the Processing of Personal Data
HRS GmbH, domiciled at Breslauer Platz 4, 50668 Cologne, Germany (hereinafter referred as „HOTEL DE“) is responsible for the processing of your personal data on its web pages and mobile apps.
Responsibility for the collection, processing, and use of your personal data as defined by the General Data Protection Regulation rests with HRS GmbH, Breslauer Platz 4, 50668 Cologne, Germany.
If you wish to object to the collection, processing, or use of your data by HOTEL DE in accordance with these data privacy rules in general or for individual measures, you may send your objection via e-mail, fax, or mail to the following address:
Breslauer Platz 4
50668 Cologne, Germany
Telefax: +49 221 2077 666
Insofar as data privacy is concerned, we are always there for you.
You can reach our Data Protection Officer under firstname.lastname@example.org.
The most important issue first: data privacy is a matter of trust, and your trust is important to us. We respect your privacy and your personal sphere. Protection and legal processing of your personal data are therefore important issues to us. To ensure that you feel secure when visiting our web pages, whenever we process your personal data, we strictly comply with the legal provisions, and want to let you know how we process your personal data.
In case you have already used our service, you already know that HOTEL DE offers travel-related online services on its own web page and via mobile apps as well as other online platforms, such as partner websites. The data privacy notice below explains which data are collected on our platforms, which data are processed and used, and how.
You can print or store this document by using the usual functionality of your Internet service program (= browser: in most cases, “File“ ->“Save as“).
Our data privacy rules may change from time to time. As long as you care about your privacy, we recommend that you visit this page on a regular basis to ensure that you are always aware of the latest developments. We wish you a relaxing and nice trip!
Which types of personal data are collected by HOTEL DE, and on what kind of legal basis?
Without any information, we are unable to find the perfect accommodation for you. When you use our service, we ask you for specific information. This is basic information such as your name, your contact data, the name of guests traveling with you, and your payment information. This information is required to carry out the respective agency orders as defined by Article 6, Paragraph 1, letter b Alt. 1 of the General Data Protection Regulation. However, we herewith expressly inform you that you are not legally required to provide any personal data to us - if you refrain from doing so, however, this may impact the services we are able to offer to you. For example, you will certainly understand that, in case you do not specify any destination, we will be unable to make any hotel bookings.
In addition, we collect information regarding your computer. This may be your IP address, the browser you use, and your language settings. It is also possible that we receive information about you from third parties or automatically collect other kinds of information. As long as we have received your consent in this respect, data processing is based on Article 6, Paragraph 1, Letter a of the General Data Protection Regulation; as long as these measures are necessary for technical reasons to ensure the functionality of our web pages and services, this is covered by Article 6, Paragraph 1, letter f of the General Data Protection Regulation. Our interest in the security of our offers is essential considering that, in the case of insufficient IT security, its operation as such - just like your personal data - would be greatly jeopardized. We additionally ensure that your interests in this regard are protected through reasonable measures, e.g. data anonymization or pseudonymization. Finally, please note that there is no automatic decision-making process, e.g. within the scope of automatic profiling.
Personal information we receive from you
HOTEL DE collects and processes information, you provide to us. When you make a booking, you are asked to provide (at least) your name and your e-mail address. We may possibly ask you to indicate your residence, your phone number, payment information, the name of any guests traveling with you, and possible preferences you may have regarding your stay.
When you contact our Customer Service team or contact us in another manner (for example via social media or through communication with the accommodation booked by you via our website), we also collect information regarding these events about you. After a stay, you may receive a request to provide a guest rating to assist future guests to find the accommodation they are specifically looking for.
You also provide us with information in other ways. For example, when surfing with your mobile device, you may allow HOTEL DE to access your current location or your contact details - this helps us offer you the best possible service. You may also create a user account to store your personal settings, view prior bookings, or plan and manage future bookings.
You may possibly participate in referral programs or sweepstakes, which once again means that you provide us with personal information. In addition, you may send us feedback or ask us to assist you to use the HOTEL DE travel service.
Personal information we receive from you about others
Of course, you may possibly not just book for yourself, but rather travel with other guests about whom you provide information when making a booking, or you may possibly make a booking for someone else. In some cases, you can use HOTEL DE to share information with others, for example, when sharing the desired hotel or participating in a referral program. All these data, however, are only processed in the same manner as indicated there. In this respect, you can find additional information on the respective pages.
However, we must inform you that it is your responsibility to ensure that the persons about whom you provide personal information are aware of such action, and that they have accepted the way HOTEL DE will use such information.
Personal information automatically collected by us
When you visit our websites or use our apps, and even if you do not make any booking, we automatically process the following data: IP address, date and time of your access to our services, hardware, software or browser type, operating system of your computer, application version, and language settings, as well as information regarding clicks and the pages accessed by you.
When using a mobile device, the following data may be collected: type of mobile device and its device-specific settings and properties as well as your geographical location, information regarding app crashes, as well as other system activities. Whenever you complete a hotel booking, our system records which website and/or apps carried out this booking or via which other web pages you made your hotel booking on HOTEL DE.
Personal information we receive from other sources
However, we not only receive the data you provide to us - we may possibly also receive information about you from other sources. This includes business partners such as our affiliate partners and other independent third parties, and all information we receive from them may be compiled with the information you provide to us. Perhaps you do think that it is strange that we receive information about you from our business partners. No worries, everything is OK, and this is easy to explain.
The hotel booking service of HOTEL DE is not only available to you on HOTEL DE and via the HOTEL DE apps, but it is also offered on partner sites as an integrated part of their online service. Whenever you use them, you provide your booking details to our business partners who, in turn, provide this information to us. We also integrate the services of other providers to process payment between the booking party and the accommodation. Providers share payment information to allow us to process your booking and ensure that the payment process is as smooth as possible for you.
Another example would be that we possibly integrate calling services on our platforms which allow you to contact the accommodation booked by you about your stay. In this case, we receive metadata regarding the call (for example place of the call, your identity, and the date as well as length of the call).
Accommodation partners may also share information about you with HOTEL DE. For example, this may be the case if you have any questions about your pending booking, whenever there are disputes regarding a booking, or in the case of other communications about your booking via HOTEL DE.
Why does HOTEL DE collect and use your personal data?
We ask you to provide personal data for practical reasons, for administration and processing of your bookings, to ensure that you receive the best possible service and protect your data. We use your personal data to contact you or inform you about the latest offers.
We use the information collected about you for different purposes. Your personal data may be used as follows:
Processing of your data as described is supported by the following legal bases:
How long does HOTEL DE keep your personal data on file?
We only keep your data if the data privacy-related purpose for their maintenance continues to exist. For example, for the performance of hotel bookings, this means that your data are deleted after completion of the booking process and/or your stay - of course, only if these data are not subject to longer compulsory retention periods by law (for example, for tax purposes). If this is the case, we keep the data on file until the end of the pertinent retention periods.
In all cases, information regarding your computer, which is necessary to ensure IT security (compare above), is also only kept on file if this is required for the above-mentioned purpose - meaning that, if data of use are only required for the respective session, they are automatically deleted as soon as you close your browser and/or leave our web pages.
In case you granted your consent to any more comprehensive data processing (compare above), we will basically only store your data until you withdraw them. The e-mail address email@example.com may also be used for such purpose.
How does HOTEL DE share your data with third parties?
The HOTEL DE services integrate different third parties in different manners and for different reasons. The main purpose is to forward your booking data to the accommodation booked by you to complete your booking. There are other parties which may receive a part of your data. They are parties, which assist HOTEL DE with different tasks, financial institutions, advertising companies, or authorities, in some cases. Your personal data will not be transferred to areas outside of the European Union and/or the European Economic Area. Click the link below to find out more about how this information that we receive from you is used and shared with these parties.
The accommodation booked by you
This issue is indispensable for our work. To complete your booking, we forward the relevant booking data to the accommodation booked by you. This may be information such as your name, your contact data, your payment information, your special requests regarding the booking, as well as the name of guests traveling with you. In case you have any question regarding your booking, we may contact the operator of your accommodation and ask him or her to address this question. In case you provide no payment during the booking process via the HOTEL DE web pages and apps, we will forward your credit card details to the booked accommodation for further processing (if you have provided us with these data during the booking process). In the case of booking-related disputes, we may provide the operator of your accommodation with data regarding the booking process, as required. This may contain a copy of your booking confirmation, which serves as a receipt for actual completion of the booking.
Third-Party Service Providers
We may use service providers to process your personal data on our behalf. This may serve different purposes, such as, for example, the sending of promotional contents. All third-party service providers are bound by order data processing agreements and are only authorized to process your personal data exclusively for the aforementioned purposes.
Payment Providers and (Other) Financial Institutions
In case a chargeback is requested for your booking either by yourself or by the holder of the credit card that was used for the booking, we may need to share certain booking details with the payment provider and the respective financial institution to process the chargeback. These details may include a copy of your booking conformation or the IP address which was used for your booking. In addition, we may share information with the respective financial institutions if, in our opinion, this is indispensable to detect or prevent fraudulent activities.
We disclose personal data to enforce the law if this is required by law or urgently necessary for the prevention, detection, or legal prosecution of criminal acts or fraud. In addition, we may share personal data with the competent authorities under certain circumstances to protect our rights and accommodations or the rights and accommodations of our business partners.
We cooperate with business partners throughout the entire world. Some of these business partners have been retained to market and/or promote our services and assist our business partners during the marketing and promotion of their travel service. Business partners may also include the HOTEL DE Group, of which HOTEL DE is a part. This may mean that its services are integrated in our website and apps, that it has the option to display an individual offer on our page, or that the online booking service of HOTEL DE is integrated on its website and/or apps.
Whenever you make a booking via the web pages or apps of our business partners, certain personal data provided to them by you are forwarded to us. As long as the business partner provides customer service, HOTEL DE will share booking-relevant data with the business partners (as needed) to offer you the best possible and most appropriate service. Whenever you make a booking via the web pages of our business partners, the business partners may receive certain elements of your personal data, which are relevant for the respective booking. This serves their internal purposes (including analytic purposes) and, whenever you request this, the implementation of marketing actions.
Whenever you make a booking on the website of a business partner, please familiarize yourself with the data privacy rules of such business partner to find out how business partners may process your personal data. Whenever we offer you other travel-related products and/or services, your data will be shared with the business partners offering such products and/or services under certain circumstances to process or carry out your order. To detect and prevent fraud, we may share information regarding our users with business partners, if this is indispensable for such purpose.
How does HOTEL DE use mobile devices?
We offer free apps through which we also collect and process personal data. Such collection and processing are similar to the manner in which personal data are collected and processed on our web pages, and these apps also make it possible to determine your location.
We offer free apps for different mobile devices and versions of our normal web pages adapted for mobile devices. These apps and mobile web pages collect and process your personal data in a manner which is very similar to our web pages. They furthermore make it possible to determine your location to find nearby accommodations. With your consent, we will send you push messages with information regarding your booking. You may grant us access to your location data to allow us to provide the desired services to you. Please read the instructions of your mobile device to find out how settings can be modified and how the transfer of data as well as the receipt of push messages can be activated.
To optimize the contents of the HOTEL DE newsletter, HOTEL DE collects information regarding searches and bookings which are carried out from different computers and devices while, in your user account, you are logged in on each and every one of these computers or devices. If you do not want HOTEL DE to use such data for the preparation of newsletters or optimization of the contents of our web pages and/or apps, you can log off from your device or computer or unsubscribe from the HOTEL DE newsletter.
How does HOTEL DE use social media?
The use of social media has been integrated in the services of HOTEL DE in different ways as a result of which we participate in the collection of your personal data, or the social media provider directly receives some of your information. To obtain more information on how this information is used and exchanged, please continue reading.
Our website uses social plugins ("plugins") of different social networks. Use of such plugins makes it possible, for example, to share contents or recommend products to others. Once these plugins are activated, your browser establishes a direct connection with the servers of the respective social network as soon as you access a web page of our web site. The content of the plugin is directly transferred to your browser by the social network and integrated by the same on the website.
Through integration of the plugin, the social network receives information that you accessed the corresponding page of our website. As long as you are logged in at the social network, it can associate the visit with your account. Once you interact with the plugins, for example by pressing the Facebook "Like" button or providing a comment, the corresponding information is transmitted directly by your browser to the social network, where it is stored.
Regarding the purpose and scope of data collection and further processing and use of the data by social networks as well as your rights in this respect and the setting options to protect your privacy, please consult the data privacy notices of the respective networks and/or web pages. You will also find the respective links below.
Even if you are not logged into the social networks, web pages with active social plugins can send data to the networks. Whenever a website is accessed, an active plugin creates a cookie with an identifier. Considering that your browser automatically sends the cookie during any connection with a network server, the network might use it to basically create a profile based on the web pages which were accessed by the user associated with the identifier. Then, it would also be quite possible to later once again associate this identifier - during subsequent login at the social network - with a specific person.
On our web pages and/or apps, we use the following plugins:
Facebook, Twitter, Google+ & YouTube
If you do not want social networks to use active plugins to collect data about you, you can either simply select the social plugins by clicking the "Block Third-Party Cookies" function in your browser settings. Then, in the case of embedded contents of other providers, the browser will not send cookies to the server. With this setting, however, except for the plugins, other functions across multiple pages may also no longer work under certain circumstances.
What security measures does HOTEL DE take to protect your personal data?
According to the European data protection laws, we engage in reasonable measures to ensure protection of your personal data against abuse and unauthorized access. Your credit card data are not stored completely and are only stored in encrypted form and no longer than 90 days.
According to the European Data Protection Act, we implement reasonable procedures to ensure the protection of your personal data against abuse and unauthorized access.
To protect your personal data, we use the respective business systems and processes. Additionally, we use security procedures as well as technical and access restrictions whenever our servers access and use your personal data. Only authorized employees have access to your personal data for proper performance of their tasks.
Whenever your credit card details must be transmitted within the scope of a booking, they are stored for a maximum of 90 days after completion of your booking. At the end of this period, they are either (completely or partially) deleted in an irrevocable manner or stored in our system for fraud detection subject to restricted access. You may also store you credit card details in your user account. Whenever you decide to do so, credit card details are stored as a hash code, except for the last four digits of your credit card number. That way, you know which card you are currently using for payment.
How does HOTEL DE handle personal data of children?
HOTEL DE is a service whose use is permitted for people at least 18 years of age. We exclusively process information about children based on the consent of their parents or legal representatives.
The services of HOTEL DE are not intended for children less than 18 years of age. Our services may only be used with the valid consent of one parent or a legal representative. If data of children less than 18 years of age are transmitted to us, we reserve the right to delete such data. In certain cases, in connection with a booking or the purchase of other travel-related services or under exceptional circumstances (e.g. functions intended for families), HOTEL DE is entitled to collect and use data of children exclusively with the consent of the parent.
Which rights do you have regarding personal data transmitted to HOTEL DE by you?
You are always entitled to demand information regarding the personal data which we have collected about you. You may request a summary of your personal data by sending such a request to the Website. Please fill in all information requested in the form so that we can process your request.
Please note that - in case you do use contact forms - we collect, handle and store the personal information that you provide via such contact form for processing your request.
Under special circumstances, e.g. in the case of a dispute regarding the legality of processing, you have an additional right regarding restricted data processing. Furthermore, you are entitled to demand the disclosure of your personal data in a structured, common, and machine-readable format. Furthermore, under certain circumstances, you may be entitled to object to any data processing based on Article 6, Paragraph 1, letters e, f as well as for purposes of direct advertising at any time. As long as you have granted your consent to us insofar as more comprehensive processing is concerned (compare above), you may basically withdraw this consent at any time - e.g. by sending a message to the above-specified e-mail address.
Finally, you are entitled to file a complaint with the competent Data Privacy Supervisory Agency in case of any disagreements.
You are always entitled to view your personal data which are stored by us. To receive an overview of your personal data, please request a summary of your personal data by sending such a request to the Website. Please fill in all information requested in the form so that we can process your request.
You may also contact us if you believe that your personal data stored by us are incorrect or if you believe that we are no longer entitled to have your personal information or the present data privacy rules. Please send request a summary of your personal data by sending such a request to the Website. Please fill in all information requested in the form so that we can process your request. We will process your request according to the applicable European Data Protection laws.
Rules Regarding Cookies
Cookies and other tracking technologies may be used on our web pages and in our apps in many ways. For example, they ensure that the HOTEL DE web pages are operational, they analyze traffic, or they are used for advertising purposes. These technologies are either used directly by us or by our business partners, including third-party service providers and advertisers who work with us. For more information regarding cookies, their use, and your options in this respect, please click here.
We include a map into our website for visualization provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA via the Google Maps API. If you have the map displayed, a connection to the Google Servers is being made under which the IP-Address is transferred to Google. Google can analyze the use of the Google Maps functionality by the visitor. In addition, Google can write and read Cookies. These Cookies can be Google User Cookies which are directly connected to your identity. We are using these based on our legitimate interest according to Art. 6 Abs. 1 lit. GDPR. Further information can be found in the Google privacy documents which can be found here: Data Privacy Notices Google.
Whenever you access the HOTEL DE web pages or apps, user data are transmitted by the respective Internet browser and stored in log files, the so-called server log files. The datasets which are stored in the process contain the following data: date and time of the visit, name of the page visited, IP address, referrer URL (original URL from which you accessed the website), data volume transmitted, as well as product and information on the browser version used.
The IP addresses of users are deleted or anonymized after completion of use. In the case of anonymization, IP addresses are modified in such a manner that individual information regarding personal or factual circumstances can no longer be associated with a specific natural person or a natural person which can be determined or where such an association would require an unreasonable amount of time, costs, and effort.
We analyze these logfile data sets in an anonymized manner to further improve our offering and the web pages and apps, and make them more user-friendly, to find and correct errors more quickly, as well as manage server capacities. For example, we may determine at what time use of the HOTEL DE web pages and apps is particularly popular and provide a data volume to ensure the fastest possible booking process for you. In addition, by analyzing the log files, we can also speed up the detection and correction of any errors of the web pages or apps.
Status: September 2018