1. Privacy at a Glance
General Information
The following information provides a simple overview of what happens to your personal data when you visit this website. Personal data is any data that can be used to personally identify you. Detailed information on data protection can be found in our privacy policy listed below this text.
Data Collection on this Website
Who is responsible for data collection on this website?
The data processing on this website is carried out by the website operator. You can find their contact details in the section “Information on the responsible entity” in this privacy policy.
How do we collect your data?
Some of your data is collected when you provide it to us, for example by entering information into a contact form.
Other data is automatically collected by our IT systems when you visit the website, or after you give your consent. This mainly includes technical data (e.g., internet browser, operating system, or the time of your visit). The collection of this data occurs automatically as soon as you enter this website.
What do we use your data for?
Some of the data is collected to ensure the website is provided error-free. Other data may be used to analyze your user behavior.
What rights do you have regarding your data?
You have the right to obtain free information about the origin, recipients, and purpose of your stored personal data at any time. You also have the right to request the correction or deletion of this data. If you have given consent to data processing, you can revoke this consent at any time for the future. Additionally, under certain circumstances, you have the right to request the restriction of processing of your personal data. Furthermore, you have the right to lodge a complaint with the competent supervisory authority.
You can contact us at any time regarding these rights or any further questions about data protection.
Analysis Tools and Third-Party Tools
When visiting this website, your surfing behavior may be statistically analyzed. This primarily occurs with so-called analysis programs.
Detailed information about these analysis programs can be found in the following privacy policy.
2. Hosting
IONOS
We host our website with IONOS SE. Provider is IONOS SE, Elgendorfer Str. 57, 56410 Montabaur (hereinafter “IONOS”). When you visit our website, IONOS records various log files including your IP addresses. Details can be found in IONOS’s privacy policy: https://www.ionos.de/terms-gtc/terms-privacy.
The use of IONOS is based on Article 6(1)(f) GDPR. We have a legitimate interest in providing our website as reliably as possible. If consent has been requested, processing takes place solely on the basis of Article 6(1)(a) GDPR and §25(1) TTDSG, insofar as the consent covers the storage of cookies or access to information on the user’s device (e.g., device fingerprinting). Consent can be revoked at any time.
Order Processing
We have concluded a contract for order processing (AVV) with the above-mentioned provider. This is a legally required data protection contract ensuring that the provider processes the personal data of our website visitors only according to our instructions and in compliance with the GDPR.
3. General Information and Mandatory Information
Data Protection
The operators of this site take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with statutory data protection regulations and this privacy policy.
When you use this website, various personal data is collected. Personal data is data with which you can be personally identified. This privacy policy explains what data we collect and for what purposes. It also explains how and why this happens.
We note that data transmission over the Internet (e.g., communication by email) can have security vulnerabilities. Complete protection of data against third-party access is not possible.
Information on the Responsible Entity
The responsible entity for data processing on this website is:
Maier Hotels GmbH & Co. KG
Kranzhornstraße 6
85567 Grafing
www.hotel-praesident.de
Personally liable partner:
Maier Hotelverwaltungs GmbH
Management: Claudia Maier and Florian Maier
Phone: +49 89 24449990
Email: stay@maierprivathotels.de
The responsible entity is the natural or legal person who alone or jointly with others determines the purposes and means of processing personal data (e.g., names, email addresses, etc.).
Storage Duration
Unless a more specific storage period is mentioned in this privacy policy, your personal data will remain with us until the purpose for data processing no longer exists. If you assert a legitimate request for deletion or revoke consent for data processing, your data will be deleted unless we have other legally permissible reasons for storing your personal data (e.g., tax or commercial retention periods); in the latter case, deletion occurs after these reasons cease to apply.
General Information on the Legal Basis of Data Processing on this Website
If you have consented to data processing, we process your personal data based on Art. 6(1)(a) GDPR or Art. 9(2)(a) GDPR if special categories of data pursuant to Art. 9(1) GDPR are processed. In the case of an explicit consent for the transfer of personal data to third countries, data processing also takes place on the basis of Art. 49(1)(a) GDPR. If you consented to the storage of cookies or access to information on your device (e.g., device fingerprinting), processing also takes place based on §25(1) TTDSG. Consent can be revoked at any time. If your data is necessary for contract performance or the implementation of pre-contractual measures, we process your data based on Art. 6(1)(b) GDPR. Furthermore, we process your data if it is necessary to fulfill a legal obligation based on Art. 6(1)(c) GDPR. Data processing may also be based on our legitimate interest under Art. 6(1)(f) GDPR. The respective legal bases are explained in the following paragraphs of this privacy policy.
Data Protection Officer
We have appointed a data protection officer:
Maier Hotels GmbH & Co. KG
Nadine Maier
Kranzhornstraße 6
85567 Grafing
Phone: +49 89 24449990
Email: stay@maierprivathotels.de
Information on Data Transfer to the USA and Other Third Countries
We use tools from companies based in the USA or other countries that do not guarantee adequate data protection. If these tools are active, your personal data may be transferred to and processed in these countries. Please note that in these countries, no EU-comparable level of data protection can be guaranteed. For example, US companies may be required to provide personal data to security authorities without legal recourse for the data subject. Therefore, it cannot be ruled out that US authorities (e.g., intelligence services) process, analyze, and permanently store your data on US servers for surveillance purposes. We have no influence on these processing activities.
Revocation of Consent to Data Processing
Many data processing operations are only possible with your express consent. You may revoke consent at any time. The legality of data processing carried out until the revocation remains unaffected.
Right to Object to Data Collection in Certain Cases and to Direct Advertising (Art. 21 GDPR)
If data processing is based on Art. 6(1)(e) or (f) GDPR, you have the right to object to the processing of your personal data at any time based on your particular situation; this also applies to profiling based on these provisions. The legal basis for processing can be found in this privacy policy. If you object, your personal data will no longer be processed unless we can demonstrate compelling legitimate grounds for processing that override your interests, rights, and freedoms, or the processing serves the assertion, exercise, or defense of legal claims (objection under Art. 21(1) GDPR).
If your personal data is processed for direct advertising, you have the right to object at any time to the processing of your personal data for the purpose of such advertising; this also applies to profiling, as far as it is related to direct advertising. If you object, your personal data will no longer be used for direct advertising (objection under Art. 21(2) GDPR).
Right to Lodge a Complaint with the Supervisory Authority
In case of violations of the GDPR, data subjects have the right to lodge a complaint with a supervisory authority, particularly in the member state of their habitual residence, place of work, or place of the alleged infringement. This right exists without prejudice to other administrative or judicial remedies.
Right to Data Portability
You have the right to receive data we process automatically on the basis of your consent or in the fulfillment of a contract in a structured, commonly used, and machine-readable format and to transmit it to another controller, as far as technically feasible.
Access, Correction, and Deletion
You have the right at any time under the applicable statutory provisions to receive free information about your stored personal data, its origin and recipients, and the purpose of processing, as well as the right to correct or delete this data. For this and further questions on personal data, you can contact us at any time.
Right to Restrict Processing
You have the right to request the restriction of processing of your personal data. You can contact us at any time for this purpose. The right to restrict processing exists in the following cases:
• If you dispute the accuracy of your personal data stored with us, we generally need time to verify this. During the verification period, you have the right to request the restriction of processing of your personal data.
• If the processing of your personal data is unlawful, you may request restriction instead of deletion.
• If we no longer need your personal data, but you need it for the assertion, exercise, or defense of legal claims, you have the right to request restriction instead of deletion.
• If you have objected under Art. 21(1) GDPR, a balance must be made between your interests and ours. As long as it is not yet determined whose interests prevail, you have the right to request restriction of processing.
If you have restricted processing, these data may only be processed with your consent or for the assertion, exercise, or defense of legal claims, to protect the rights of another natural or legal person, or for important public interest reasons of the EU or a member state.
SSL/TLS Encryption
This site uses SSL/TLS encryption for security reasons and to protect the transmission of confidential content, such as orders or inquiries you send to us. You can recognize an encrypted connection when the browser address line changes from “http://” to “https://” and by the lock symbol in the browser line.
When SSL/TLS encryption is enabled, the data you transmit to us cannot be read by third parties.
Objection to Advertising Emails
The use of contact data published as part of the imprint obligation for sending unsolicited advertising and information materials is hereby objected to. The operators of the site expressly reserve the right to take legal action in the case of unsolicited sending of advertising information, such as spam emails.
4. Data Collection on This Website
Cookies
Our websites use so-called “cookies.” Cookies are small data packages and do not harm your device. They are stored either temporarily for the duration of a session (session cookies) or permanently (persistent cookies). Session cookies are automatically deleted at the end of your visit. Persistent cookies remain on your device until you delete them or your browser automatically deletes them.
Cookies can come from us (first-party cookies) or third-party companies (third-party cookies). Third-party cookies allow integration of services from third parties within websites (e.g., cookies for payment processing).
Cookies serve different functions. Many cookies are technically necessary because certain website functions would not work without them (e.g., shopping cart or video display). Other cookies may be used to analyze user behavior or for advertising purposes.
Cookies necessary for electronic communication, to provide desired functions (e.g., shopping cart), or to optimize the website (e.g., audience measurement) are stored based on Art. 6 para. 1 lit. f GDPR, unless another legal basis is provided. The website operator has a legitimate interest in storing necessary cookies for technically error-free and optimized provision of services. If consent for cookies and similar recognition technologies is requested, processing occurs exclusively based on this consent (Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG). Consent can be revoked at any time.
You can configure your browser to be informed about cookie placement, allow cookies only in individual cases, exclude cookies generally, or delete cookies automatically when closing the browser. Disabling cookies may limit website functionality.
Consent with Osano
Our website uses Osano consent technology to obtain your consent for storing certain cookies or using specific technologies. Provider: Osano, Inc., 3800 North Lamar Blvd, Suite 200, Austin, Texas 78756, USA.
When you visit our website, a connection is established with Osano servers to obtain your consent statements regarding cookie usage. Osano then stores a cookie in your browser to assign the given consent or withdrawal. Data is stored until you request deletion, delete the Osano cookie, or the storage purpose ceases. Data from European users remains in the EU, processed on regional servers.
We have an order processing contract (AVV) with Osano.
Contact Form
When you contact us via the contact form, the data you provide (including contact details) is stored for processing the inquiry and follow-up questions. These data are not shared without your consent.
Processing is based on Art. 6 para. 1 lit. b GDPR if related to contract fulfillment or pre-contractual measures; otherwise, on our legitimate interest (Art. 6 para. 1 lit. f GDPR) or your consent (Art. 6 para. 1 lit. a GDPR). Consent can be revoked anytime.
Requests via Email, Phone, or Fax
Data from email, phone, or fax inquiries are stored for handling your request and are not shared without consent.
Use of Chatbots
We use chatbots to communicate with users. Chatbots may process input data (name, email, contact data, customer numbers, orders, chat history) and metadata (IP address, log files, location) to provide responses. Profiles may be created for targeted advertising or improving chatbot performance. Data is stored until deletion request, consent withdrawal, or purpose fulfillment.
Legal basis: Art. 6 para. 1 lit. b GDPR for contract-related use; otherwise, consent (Art. 6 para. 1 lit. a GDPR) or legitimate interest (Art. 6 para. 1 lit. f GDPR).
5. Analytics Tools and Advertising
Google Tag Manager
We use Google Tag Manager (Google Ireland Limited). It helps integrate and manage tracking, analytics, and other tools. It does not create user profiles, store cookies, or perform independent analysis. Google Tag Manager may record your IP, which can be transferred to Google in the USA.
Legal basis: Art. 6 para. 1 lit. f GDPR; with consent, Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG. Consent revocable at any time.
Google Analytics
We use Google Analytics (Google Ireland Limited) to analyze visitor behavior (page views, duration, operating system, origin). Mouse movements, clicks, and scrolls may be tracked. Google Analytics uses cookies and device fingerprinting to recognize users. Data is generally transferred to a Google server in the USA.
Consent: Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG. IP anonymization is enabled.
Google Ads
We use Google Ads to display advertisements based on search queries or user data (location, interests). Data transfer to the USA is based on EU standard contractual clauses. Consent: Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG.
6. Newsletter
Newsletter Data
To receive newsletters, we need your email and verification information. Additional data is voluntary. We use Brevo (Sendinblue GmbH, Berlin, Germany) to manage newsletter campaigns. Data is stored on Brevo servers in Germany.
Analysis via Brevo
Brevo allows tracking of newsletter opens, clicks, conversions, and clustering recipients by age, gender, or location.
Legal basis: consent (Art. 6 para. 1 lit. a GDPR). Consent can be revoked anytime.
Storage Duration
Data is stored until newsletter unsubscription. Emails may remain in a blacklist to prevent future mailings.
Order Processing
We have an AVV contract with Brevo.
7. Plugins and Tools
YouTube (Enhanced Privacy Mode)
Embedded YouTube videos use the enhanced privacy mode. YouTube (Google Ireland Limited) may receive data when you play videos. Logging in to YouTube can link viewing behavior to your profile.
Google Fonts (Local Hosting)
Google Fonts are hosted locally; no data is transferred to Google servers.
Google Maps
Using Google Maps requires storing your IP address, which may be transferred to Google servers in the USA. Legal basis: Art. 6 para. 1 lit. f GDPR, or Art. 6 para. 1 lit. a GDPR with consent.
Google reCAPTCHA
Used to verify human input. Data analyzed: IP, time on site, mouse movement, etc. Legal basis: Art. 6 para. 1 lit. f GDPR; with consent, Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG.
Wordfence
Wordfence (Defiant, Inc., USA) protects the website from cyberattacks. Legal basis: Art. 6 para. 1 lit. f GDPR; with consent, Art. 6 para. 1 lit. a GDPR. Data may be transferred to the USA under EU standard contractual clauses.
Order Processing
We have an AVV with Wordfence.
8. eCommerce and Payment Providers
Processing Customer and Contract Data
We collect, process, and use personal data to establish and manage contractual relationships. Usage data is processed only as needed for service use or billing. Legal basis: Art. 6 para. 1 lit. b GDPR.
Customer data is deleted after the order or business relationship ends and statutory retention periods expire.
9. Own Services
Handling Applicant Data
You may apply via email, mail, or online form. Personal data collected is processed according to applicable data protection law.
Scope and Purpose of Data Collection
We process personal data (contact info, application documents, notes) necessary for hiring decisions. Legal basis: §26 BDSG, Art. 6 para. 1 lit. b GDPR, or Art. 6 para. 1 lit. a GDPR with consent.
Data Retention
If no job offer is made, or you reject/withdraw your application, data may be stored for up to 6 months (legitimate interest, Art. 6 para. 1 lit. f GDPR). Afterward, data is deleted. Longer storage is possible if consent is given or legally required.
Applicant Pool
With consent, applicant data may be stored in a pool for future job openings. Consent is voluntary and revocable. Data is deleted at the latest 2 years after consent.