Privacy Statement

We are pleased that you are visiting our website. The protection and security of your personal information when using our website is very important to us. We would therefore like to take this opportunity to inform you which of your personal data we collect when you visit our website and for what purposes it is used.

This privacy policy applies to our website, which is available under this domain and the various subdomains (“our website”).

Objection to promotional emails

The use of contact details published on the website as part of the legal notice, the data protection notice and other contact details published on the website to send unexpressly requested advertising and information material is hereby rejected. The operators of the sites expressly reserve the right to take legal action in the event of unsolicited sending of advertising information, such as spam emails.

Who is responsible and how can I contact you?

person responsible

for the processing of personal data in accordance with the EU General Data Protection Regulation (GDPR)

“Tannerhof” Dr. von Mengershausen GmbH & Co KG
Tannerhofstrasse 32
83735 Bayrischzell

data protection officer

Stephan Krischke, datenschutz@tannerhof.de

What is it about?

This privacy policy meets the legal requirements for transparency in the processing of personal data. This is any information relating to an identified or identifiable natural person. This includes, for example, information such as your name, age, address, telephone number, date of birth, email address, IP address or user behavior when visiting a website. Information that we are unable to identify you personally (or only with disproportionate effort), e.g. through anonymization, is not personal data. The processing of personal data (e.g. collection, retrieval, use, storage or transmission) always requires a legal basis and a defined purpose.

Stored personal data will be deleted as soon as the purpose of processing has been achieved and there are no legitimate reasons for continuing to store the data. In the individual processing processes, we will inform you about the specific storage periods and criteria for storage. Irrespective of this, we store your personal data in individual cases to assert, exercise or defend legal claims and if there are legal storage obligations.

Who receives my data?

Your personal data will not be transferred to third parties for purposes other than those listed below.

We only share your personal data with third parties if:

you have given us your express consent to do so in accordance with Article 6 (1) (a) GDPR
the transfer is permitted in accordance with Article 6 (1) (f) GDPR to protect our legitimate interests and there is no reason to assume that you have an overriding legitimate interest in not sharing your data,
in the event that there is a legal obligation to transfer data in accordance with Article 6 (1) (c) GDPR, and
This is legally permitted and is required in accordance with Article 6 (1) (b) GDPR to process contractual relationships with you.

In order to protect your data and, if necessary, to enable us to transfer data to third countries (outside the EU/EEA), we have concluded order processing agreements based on the European Commission's standard contractual clauses. If the standard contractual clauses are not sufficient to establish an adequate level of security, your consent may serve as a legal basis for transfer to third countries in accordance with Art. 49 para. 1 lit. a) GDPR. This sometimes does not apply to a transfer of data to third countries for which the European Commission has issued an adequacy decision in accordance with Article 45 GDPR.

As part of the processing operations described in this privacy policy, personal data may be transferred to the USA. In particular, US investigative authorities may oblige US companies to surrender or disclose personal data without the data subjects being able to take effective legal action against this. In principle, this means that your personal data may be processed by US investigative authorities. We have no influence on these processing activities. Data is transferred to the USA in accordance with Article 45 (1) GDPR on the basis of the adequacy decision of the European Commission. The participating US companies and/or their US subcontractors are certified in accordance with the EU-U.S. Data Privacy Framework (EU-U.S. DPF). In cases where there is no adequacy decision by the European Commission (including US companies that are not certified under EU-U.S. DPF), we have agreed on other appropriate guarantees with the recipients of the data within the meaning of Art. 44 et seq. of the GDPR. Unless otherwise stated, these are standard contractual clauses issued by the EU Commission in accordance with Implementing Decision (EU) 2021/914 of June 4, 2021. A copy of these standard contractual clauses can be found at https://eur-lex.europa.eu/legal-content/DE/TXT/HTML/?uri=CELEX:32021D0914&from=DE view. If the standard contractual clauses are not sufficient to establish an adequate level of security or it is not possible to conclude the standard contractual clauses, your consent may serve as the legal basis for the transfer in accordance with Art. 49 para. 1 lit. a) GDPR.

Do you use cookies?

Cookies are small text files that are sent by us to the browser of your device as part of your visit to our website and stored there. As an alternative to using cookies, information can also be stored in your browser's local storage. Some functions of our website cannot be offered without the use of cookies or local storage (technically necessary cookies). Other cookies, on the other hand, enable us to perform various analyses so that, for example, we are able to recognize the browser you are using when you visit our website again and to transmit various information to us (unnecessary cookies). With the help of cookies, we can, among other things, make our website more user-friendly and effective for you, for example, by tracking your use of our website and determining your preferred settings (such as country and language settings). If third parties process information via cookies, they collect the information directly via your browser. Cookies do not cause any damage to your device. They cannot run programs and do not contain viruses.

We provide information about the respective services for which we use cookies in the individual processing processes. Detailed information about the cookies used can be found in the cookie settings or in the consent manager of this website.

What rights do I have?

Under the requirements of the legal provisions of the General Data Protection Regulation (GDPR), you have the following rights as a data subject:

information in accordance with Art. 15 GDPR about the data stored about you in the form of meaningful information on the details of the processing and a copy of your data;
rectification in accordance with Art. 16 GDPR, from incorrect or incomplete data stored by us;
erasure in accordance with Article 17 GDPR, the data stored by us, unless processing is necessary to exercise the right to freedom of expression and information, to fulfill a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims;
constraint processing in accordance with Article 18 GDPR, insofar as the accuracy of the data is disputed, the processing is unlawful, we no longer need the data and you refuse to delete it because you need it to assert, exercise or defend legal claims or you have objected to processing in accordance with Article 21 GDPR.
data portability in accordance with Art. 20 GDPR, insofar as you have provided us with personal data as part of a consent in accordance with Art. 6 para. 1 lit. a DSGVO or on the basis of a contract in accordance with Art. 6 para. 1 lit. b GDPR and these have been processed by us using automated procedures. You will receive your data in a structured, common and machine-readable format or we will transfer the data directly to another person responsible, as far as this is technically feasible.
contradiction In accordance with Article 21 GDPR, against the processing of your personal data, insofar as this is based on Article 6 (1) (e, f) GDPR and there are reasons for this arising from your particular situation or the objection is directed against direct marketing. The right to object does not exist if overriding, compelling legitimate reasons for processing are proven or if processing is carried out to assert, exercise or defend legal claims. Insofar as the right to object to individual processing operations does not exist, this is stated there.
revocation In accordance with Art. 7 (3) GDPR, your consent has been given with effect for the future.
complaint in accordance with Art. 77 GDPR with a supervisory authority, if you believe that the processing of your personal data violates the GDPR. As a rule, you can contact the supervisory authority of your usual place of residence, your place of work or our company headquarters.

How is my data processed in detail?

Below, we will inform you about the individual processing operations, the scope and purpose of data processing, the legal basis, the obligation to provide your data and the respective storage period. An automated decision in individual cases, including profiling, does not take place.

Provision of the website

Nature and scope of processing

When you access and use our website, we collect the personal data that your browser automatically transmits to our server. The following information is temporarily stored in a so-called log file:

IP address of the requesting computer
date and time of access
Name and URL of the retrieved file
Website from which access is made (referrer URL)
Browser used and, if applicable, the operating system of your computer, as well as the name of your access provider

Our website is not hosted by ourselves, but by a service provider who processes the aforementioned data on our behalf in accordance with Art. 28 GDPR.

Purpose and legal basis

Processing is carried out to protect our overriding legitimate interest in viewing our website and ensuring security and stability on the basis of Art. 6 para. lit. f DSGVO. The collection of data and storage in log files is absolutely necessary for the operation of the website. There is no right to object to processing due to the exception under Article 21 (1) GDPR. Insofar as further storage of log files is required by law, processing is carried out on the basis of Art. 6 para. 1 lit. c DSGVO. There is no legal or contractual obligation to provide the data, but it is not technically possible to access our website without providing the data.

Storage period

The above data is stored for the duration of viewing the website and - for technical reasons - for a maximum of 7 days.

Contact forms (vouchers, booking/reserving, inquiries)

Nature and scope of processing

When you contact us (e.g. via contact form or email), personal data is collected. Which data is collected in the case of a contact form can be seen from the respective contact form. In addition, you can voluntarily provide additional information that, in your opinion, is necessary to process the contact request.

When you contact us, your personal data will not be passed on to third parties.

Purpose and legal basis

Your data is processed for the purpose of communicating and processing your request on the basis of your consent in accordance with Art. 6 para. 1 lit. a GDPR. Insofar as your request relates to an existing contractual relationship with us, processing is carried out for the purpose of fulfilling the contract on the basis of Art. 6 para. 1 lit. b GDPR. There is no legal or contractual obligation to provide your data, but it is not possible to process your request without providing the information in the mandatory fields. If you do not wish to provide this data, please contact us by other means.

Storage period

If you contact us on the basis of your consent, we store the data collected for each request for a period of three years, starting with the processing of your request or until you withdraw your consent.

If you contact us as part of a contractual relationship, we store the data collected for each request for a period of three years from the end of the contractual relationship.

Contact form for applicants

Nature and scope of processing

We collect and process the personal data of applicants. Appropriate data processing can also be carried out electronically, for example when applicants submit application documents to us by e-mail or via a web form on our website. On our website, we offer you the opportunity to send us applications for advertised job offers by e-mail.

Your data will also only be stored in an applicant database beyond the current application process if you have given us your separate consent to do so.

Purpose and legal basis

The legal basis for processing your personal data in this application process is primarily Art. 6 para. 1 lit. b) GDPR. According to this, the processing of data necessary in connection with the decision to establish an employment relationship is permitted. This includes, if available, the use of the online applicant portal. If special types of personal data are processed within the meaning of Article 9 GDPR (e.g. health data), the legal basis is Section 26 (3) BDSG or Article 9 (2) lit. b) GDPR in conjunction with Article 6 (1) (b) GDPR. If your application documents are passed on to third parties, in particular to companies affiliated with us, and if your data is stored beyond the current application process, your data will be processed on the basis of Article 6 (1) sentence 1 lit. a GDPR in conjunction with Section 26 (2) BDSG. There is no legal or contractual obligation to provide your data, but it is not possible to process your application without providing the information.

Storage period

Applicants' data will be deleted after 6 months in the event of a rejection. If you have agreed to further storage of your personal data, we will add your data to our pool of applicants. There, the data is deleted after 24 months.

newsletters

Nature and scope of processing

Our website gives you the opportunity to subscribe to our company's newsletter. The input mask used for this purpose shows which personal data is transmitted to us when ordering the newsletter.

We inform our customers and business partners about our offers at regular intervals by means of a newsletter. In principle, you can only receive our company's newsletter if

you have a valid email address, and
You have signed up to receive the newsletter.

For legal reasons, a confirmation email will be sent to the e-mail address you entered for the first time for sending the newsletter using a double opt-in procedure. This confirmation email is used to check whether you, as the owner of the email address, have authorized receipt of the newsletter.

When you register for the newsletter, we also store the IP address of the IT system you were using at the time of registration, as well as the date and time of registration, as well as the date and time of registration. The collection of this data is necessary to be able to trace the (possible) misuse of your e-mail address at a later date and is therefore our legal protection.

The personal data collected as part of a subscription to the newsletter is used exclusively to send our newsletter. In addition, subscribers to the newsletter could be informed by e-mail if this is necessary to operate the newsletter service or to register in this regard, as could be the case in the event of changes to the newsletter offer or if technical conditions change. There is no transfer of personal data collected as part of the newsletter service to third parties. You can cancel your subscription to our newsletter at any time. The consent to the storage of personal data that you have given us for sending the newsletter can be withdrawn at any time. For the purpose of withdrawing consent, there is a corresponding link in every newsletter. It is also possible to unsubscribe from the newsletter at any time directly on our website or to inform us of this in another way.

Purpose and legal basis

We process your data for the purpose of sending you the newsletter on the basis of your consent in accordance with Art. 6 para. 1 lit. a DSGVO. By unsubscribing from the newsletter, you can declare your withdrawal at any time with effect for the future in accordance with Article 7 (3) GDPR. There is no legal or contractual obligation to provide your data, but it is not possible to send the newsletter without providing your data.

Storage period

The data you provide us with for the purpose of subscribing to the newsletter will be stored by us or the newsletter service provider until you unsubscribe from the newsletter and will be deleted from the newsletter distribution list after you unsubscribe from the newsletter. Data that we have stored for other purposes remains unaffected by this.

Newsletter tracking

Our newsletters contain so-called tracking pixels. A tracking pixel is a miniature graphic that is embedded in such emails, which are sent in HTML format to enable log file recording and log file analysis. As a result, a statistical evaluation of the success or failure of online marketing campaigns can be carried out. Based on the embedded tracking pixel, the company can recognize whether and when an email was opened by you and which links in the email were accessed by you.

Purpose and legal basis

Such personal data collected via the tracking pixels contained in the newsletters is stored and evaluated by us in order to optimize newsletter delivery and to adapt the content of future newsletters even better to your interests. This personal data will not be passed on to third parties. Data subjects are entitled at any time to withdraw the relevant separate declaration of consent submitted via the double opt-in procedure. After a revocation, this personal data will be deleted by us. We automatically interpret a cancellation from receiving the newsletter as a revocation.

Such an evaluation is carried out in particular in accordance with Article 6 (1) (f) GDPR on the basis of our legitimate interests in displaying personalized advertising, market research and/or designing our website in line with needs.

Campaign Monitor

We use the “Campaign Monitor” service from Campaign Monitor Pty Ltd., 631 Howard Street, Suite 100, San Francisco, CA 94105, USA to send newsletters.

Campaign Monitor is an all-in-one platform for automating marketing and sales processes. The platform makes it possible, among other things, to create emails and automated workflows to attract potential customers and maintain customer relationships.

When using Campaign Monitor, various personal data may be collected, including:

email address
Time of retrieval
IP address
browser type
operating system

Further information about the Campaign Monitor service and the privacy policy can be found at: https://www.campaignmonitor.com/policies/#privacy-policy?tid=134283177.

Order/booking processing

Nature and scope of processing

As part of order or booking processing, we collect your personal data.

As part of payment processing, we will pass on your payment details to the contracted bank, if this is necessary for payment processing. If payment service providers are used, we will provide you with explicit information about this below.

Purpose and legal basis

We process your personal data for the purpose of booking/ordering or reserving to fulfill a contract with you in accordance with Art. 6 para. 1 lit. b DSGVO. There is a contractual obligation to provide your data insofar as this relates to the mandatory fields, as this information is necessary to identify you and to fulfill the contract on our part. There is no legal obligation to provide the data. Without providing this information, the booking/ordering and thus the conclusion of a contract is not possible. There is no obligation to provide the additional information provided voluntarily. Booking/ordering is also possible without providing voluntary information.

Storage period

Your data will be stored if there are legal storage obligations (such as tax and commercial law).

booking software

For our online bookings, we use the booking software from vioma GmbH, Industriestrasse 27, 77656 Offenburg. Further information about the vioma service and the privacy policy can be found at: https://www.vioma.de/de/datenschutz/.

Payment provider

We use the services of hobex AG, Josef-Brandstätter-Straße 2b, 5020 Salzburg, Austria to process payments for our online bookings. For more information about payment processing by hobex AG, please visit https://www.hobex.at/de/service/datenschutz/.

Presences on social media platforms

We maintain so-called fan pages or accounts or channels on the networks listed below in order to also provide you with information and offers within social networks and to offer you further ways to contact us and find out about our offers. In the following, we will inform you which data we or the respective social network process about you in connection with accessing and using our fan pages/accounts.

Data that we process from you

If you would like to contact us via messenger or via direct message via the respective social network, we usually process your user name, which you use to contact us and may store further data provided by you to the extent necessary to process/answer your request.

The legal basis is Article 6 (1) sentence 1 f) GDPR (processing is necessary to protect the legitimate interests of the person responsible).

(Static) usage data that we receive from social networks

Insights functionalities provide us with automated statistics about our accounts. The statistics include the total number of page views, likes, page activity and post interactions, reach, video views/views and the proportion of men/women among our fans/followers.

The statistics only contain aggregated data that cannot be related to individual persons. This does not identify you to us.

Using the statistical information provided, it is not possible for us to draw conclusions about individual users. We only use these to be able to respond to the interests of our users and to continuously improve our online presence and ensure the quality of it.

What data do social networks process about you

In order to be able to view the content of our fan pages or accounts, you do not have to be a member of the respective social network and therefore no user account is required for the respective social network.

Please note, however, that when you access the respective social network, the social networks also collect and store data from website visitors without a user account (e.g. technical data so that they can display the website to you) and use cookies and similar technologies over which we have no influence. Details can be found in the privacy policy of the respective social network (see the corresponding links above)

If you want to interact with the content on our fan pages/accounts, e.g. comment on, share or like our postings/contributions and/or contact us via messenger functions, prior registration with the respective social network and the provision of personal data is required.

We have no influence on data processing by social networks as part of your use. To the best of our knowledge, your data is stored and processed in particular in connection with the provision of the services of the respective social network, and also to analyze usage behavior (using cookies, pixel/web beacons and similar technologies) on the basis of which advertising based on your interests is displayed both within and outside the respective social network. It cannot be ruled out that social networks may also store your data outside the EU/EEA and share it with third parties.

Due to the fact that the actual data processing is carried out by the social network provider, our access options to your data are limited. Only the provider of the social network is authorized to have full access to your data. As a result, only the provider can directly take and implement appropriate measures to fulfill your user rights (request for information, request for deletion, objection, etc.). Appropriate rights are therefore most effectively asserted directly against the respective provider.

Purpose and legal basis

We only collect your data via our profile to make it possible to communicate and interact with us. This collection usually includes your name, message content, comment content and the profile information you provide “publicly”.

Your personal data is processed for our purposes mentioned above on the basis of our legitimate business and communication interest in offering an information and communication channel in accordance with Art. 6 para. 1 f) GDPR. Should you, as a user, have given the respective social network provider consent to data processing, the legal basis for processing extends to Art. 6 para. 1 a), Art. 7 GDPR.

Facebook page

When you visit our Facebook page, Facebook (Meta) collects, among other things, your IP address and other information that is available on your PC in the form of cookies. This information is used to provide us, as the operator of the Facebook pages, with statistical information about the use of the Facebook page. Facebook provides more information about this under the following link: https://facebook.com/help/pages/insights.

We only collect your data via our fan page to make it possible to communicate and interact with us. This collection usually includes your name, message content, comment content and the profile information you provide “publicly”.

Together with Facebook, we are responsible for the personal content of the fan page. Data subject rights can be asserted with Meta Platforms Ireland Ltd. and with us.

According to the GDPR, Facebook has primary responsibility for processing insights data and Facebook fulfills all obligations under the GDPR with regard to the processing of insights data, Meta Platforms Ireland Ltd. makes the essence of the page insights supplement available to data subjects.

We do not make any decisions regarding the processing of insights data and the storage period of cookies on user devices.

Further information can be found directly on Facebook (supplementary agreement with Facebook): https://www.facebook.com/legal/terms/page_controller_addendum.

For more information on, among other things, the exact scope and purposes of processing your personal data, the storage period/deletion and guidelines on the use of cookies and similar technologies in the context of registration and use, please see Facebook's privacy policy/cookie policy:
https://www.facebook.com/privacy/policy/?entry_point=data_policy_redirect&entry=0
https://www.facebook.com/policies/cookies

YouTube channel

When you visit our YouTube channel, Google collects, among other things, your IP address and other information that is available on your PC in the form of cookies. This information is used to provide us, as the operator of the YouTube channel, with statistical information about the use of the YouTube channel.

Together with Google, we are responsible for the channel's personal content. Data subject rights can be asserted with Google Ireland Limited and with us.

We do not make any decisions regarding the processing of personal data and the storage period of cookies on user devices.

You can find further information directly on Google: https://cloud.google.com/terms/data-processing-addendum

For more information on, among other things, the exact scope and purposes of processing your personal data, the storage period/deletion and guidelines on the use of cookies and similar technologies in the context of registration and use, please see Google's privacy policy/cookie policy: https://policies.google.com/privacy.

The company is certified in accordance with the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the USA, which is intended to ensure compliance with European data protection standards when processing data in the USA. Every company certified under the DPF undertakes to comply with these data protection standards. For more information, please contact the provider at the following link: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt000000001L5AAI&status=Active

Instagram page

When you visit our Instagram page, Instagram (Meta) collects, among other things, your IP address and other information that is available on your PC in the form of cookies. This information is used to provide us, as the operator of the Instagram pages, with statistical information about the use of the Instagram page. Instagram provides more detailed information on this under the following link (Note: by clicking on the following link, you will be taken to the website of the social network Facebook, also part of the Meta Group. However, the information provided via the link applies equally to the Instagram social network): https://facebook.com/help/pages/insights.

Together with Instagram, we are responsible for the personal content of the fan page. Data subject rights can be asserted with Meta Platforms Ireland Ltd. and with us.

According to the GDPR, Instagram has primary responsibility for processing insights data and Instagram fulfills all obligations under the GDPR with regard to the processing of insights data, Meta Platforms Ireland Ltd. makes the essence of the page insights supplement available to data subjects.

We do not make any decisions regarding the processing of insights data and the storage period of cookies on user devices.

Further information can be found directly on Instagram (supplementary agreement with Facebook): https://www.facebook.com/legal/terms/page_controller_addendum.

For more information, including the exact scope and purposes of processing your personal data, the storage period/deletion and guidelines on the use of cookies and similar technologies in the context of registration and use, please see Instagram's privacy policy/cookie policy (note: by clicking on the following link, you can access the website of the social network Facebook):
https://help.instagram.com/519522125107875/?helpref=uf_share
This information can also be found in the help section of the Instagram website via the following link:
https://help.instagram.com/581066165581870

technique

SSL/TLS encryption

This site is used for warrant the security of data processing and to protect the transmission of confidential content, such as orders, login data or contact requests that you send to us as the operator, SSL or TLS encryption. You can recognize an encrypted connection by the fact that the browser's address line contains “https://” instead of “http://” and by the lock icon in your browser line.

If SSL or TLS encryption is activated, the data that you submit to us cannot be read by third parties.

Adobe Analytics[EACH1]

Nature and scope of processing

Adobe Audience Manager collects and processes data about companies, such as company name, phone number, address, web address, industry, company profile, revenue, and key people.

We use Adobe Analytics from Adobe Inc., San Jose, California, USA, as an analysis service for the statistical evaluation of our online offering. This includes, for example, the number of times our online offer has been accessed, sub-pages visited and the length of time visitors spend.

Adobe Analytics uses cookies and other browser technologies to evaluate user behavior and recognize users.

This information is used, among other things, to compile reports on website activity.

Purpose and legal basis

Adobe Analytics is used on the basis of your consent in accordance with Art. 6 para. 1 lit. a. GDPR and § 25 para. 1 TDDDG.

Storage period

The specific storage period of the processed data cannot be influenced by us, but is determined by Adobe Inc. For more information, please see the Adobe Analytics privacy policy: https://experienceleague.adobe.com/de/docs/analytics/technotes/privacy-overview

CDNJS

Nature and scope of processing

We use CDNJS to properly deliver the content of our website. CDNJS is a service provided by Cloudflare, Inc., which acts as a content delivery network (CDN) on our website.

A CDN helps to deliver content from our online offering, in particular files such as graphics or scripts, more quickly using regionally or internationally distributed servers. When you access this content, you connect to Cloudflare, Inc. servers, which transmits your IP address and, if applicable, browser data such as your user agent. This data is processed exclusively for the purposes set out above and to maintain the security and functionality of CDNJS.

Purpose and legal basis

The use of the content delivery network is based on our legitimate interests, i.e. interest in secure and efficient provision and optimization of our online offering in accordance with Art. 6 para. 1 lit. f. GDPR.

Storage period

The specific storage period of the processed data cannot be influenced by us, but is determined by Cloudflare, Inc. For more information, please see the CDNJS privacy policy: https://www.cloudflare.com/privacypolicy/.

Clarity

Nature and scope of processing

We have integrated Clarity on our website. Clarity is a service provided by Microsoft Corporation and provides optimization tools that analyze behavior and feedback from users of our website through analysis and feedback tools.

Clarity uses cookies and other browser technologies to evaluate user behavior and recognize users.

This information is used, among other things, to compile reports on website activity and to statistically evaluate visitor data. Clarity also records clicks, mouse movements, and scroll heights to create so-called heat maps and session replays.

In this case, your data will be passed on to the operator of Clarity, Microsoft Corporation, One Microsoft Way Redmond, WA 98052-6399, United States.

Purpose and legal basis

Clarity is used on the basis of your consent in accordance with Art. 6 para. 1 lit. a. GDPR and § 25 para. 1 TDDDG.

Storage period

The specific storage period of the processed data cannot be influenced by us, but is determined by Microsoft Corporation. For more information, please see the Clarity Privacy Policy: https://privacy.microsoft.com/en-us/privacystatement.

Facebook Pixel

Nature and scope of processing

We use meta pixels from Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland to create so-called custom audiences, i.e. to segment groups of visitors to our online offering, to determine conversion rates and then optimize them. This happens in particular when you interact with advertisements that we have placed with Meta Platforms Ireland Limited.

Purpose and legal basis

Meta-pixels are used on the basis of your consent in accordance with Art. 6 para. 1 lit. a. GDPR and § 25 para. 1 TDDDG.

Storage period

The specific storage period of the processed data cannot be influenced by us, but is determined by Meta Platforms Ireland Limited. For more information, please see the Meta-Pixel Privacy Policy: https://www.facebook.com/privacy/explanation.

Google Analytics

Nature and scope of processing

We use Google Analytics from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, as an analysis service to statistically evaluate our online offering. This includes, for example, the number of times our online offer has been accessed, sub-pages visited and the length of time visitors spend.

Google Analytics uses cookies and other browser technologies to evaluate user behavior and recognize users.

This information is used, among other things, to compile reports on website activity.

Purpose and legal basis

The use of Google Analytics is based on your consent in accordance with Art. 6 para. 1 lit. a. GDPR and § 25 para. 1 TDDDG.

Storage period

The specific storage period of the processed data cannot be influenced by us, but is determined by Google Ireland Limited. For more information, please see the Google Analytics privacy policy: https://policies.google.com/privacy.

Google Tag Manager

Nature and scope of processing

We use Google Tag Manager from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Google Tag Manager is used to manage website tags via an interface and allows us to control the exact integration of services on our website.

This allows us to flexibly integrate additional services to evaluate user access to our website.

Purpose and legal basis

Google Tag Manager is used on the basis of your consent in accordance with Art. 6 para. 1 lit. a. GDPR and § 25 para. 1 TDDDG.

Storage period

The specific storage period of the processed data cannot be influenced by us, but is determined by Google Ireland Limited. For more information, please see the Google Tag Manager privacy policy: https://marketingplatform.google.com/about/analytics/tag-manager/use-policy/.

jsDelivr CDN

Nature and scope of processing

We use jsDelivr CDN to properly deliver the content of our website. jsDelivr CDN is a Prospect One service, which acts as a content delivery network (CDN) on our website.

A CDN helps to deliver content from our online offering, in particular files such as graphics or scripts, more quickly using regionally or internationally distributed servers. When you access this content, you connect to servers at Prospect One, Krolewska 65a, Krakow, Malopolskie 30-081, Poland, which transmits your IP address and, if applicable, browser data such as your user agent. This data is processed exclusively for the purposes set out above and to maintain the security and functionality of jsDelivr CDN.

Purpose and legal basis

Storage period

The specific storage period of the processed data cannot be influenced by us, but is determined by Prospect One. For more information, see the jsDelivr CDN privacy policy: https://www.jsdelivr.com/privacy-policy-jsdelivr-net.

jQuery CDN

Nature and scope of processing

We use jQuery CDN to properly deliver the content of our website. jQuery CDN is a jQuery service, which acts as a content delivery network (CDN) on our website.

A CDN helps to deliver content from our online offering, in particular files such as graphics or scripts, more quickly using regionally or internationally distributed servers. When you access this content, you connect to jQuery servers, which transmits your IP address and, if applicable, browser data such as your user agent. This data is processed exclusively for the purposes set out above and to maintain the security and functionality of jQuery CDN.

Purpose and legal basis

Storage period

The specific storage period of the processed data cannot be influenced by us, but is determined by jQuery. For more information, see the jQuery CDN privacy statement: https://www.stackpath.com/legal/privacy-statement/.

Re:Guest Messenger

Nature and scope of processing

We have integrated components of the customer communication platform Re:Guest on our website. The messenger is a service provided by ReGuest AG and offers us the opportunity to communicate with visitors to our website via chat and to provide targeted help with questions. The messenger uses cookies and other browser technologies to evaluate user behavior and recognize users. The messenger is also used to store and transfer data entered in chats using cookies, including your IP address. In this case, your data will be passed on to the operator, ReGuest AG, Kuperionstr. 34, 39012 Merano, Italy.

Purpose and legal basis

The messenger is used on the basis of your consent in accordance with Art. 6 para. 1 lit. a. GDPR and § 25 para. 1 TDDDG.

Storage period

The specific storage period of the processed data cannot be influenced by us, but is determined by ReGuest. For more information, please see the privacy policy: https://www.reguest.io/de/information/datenschutzerkl%C3%A4rung/5-0.html.

Termly

Nature and scope of processing

We have integrated Termly on our website. Termly is a consent solution from Termly Inc., 906 W 2nd Ave, Spokane, WA 99201, USA, with which consent to the storage of cookies can be obtained and documented. Termly uses cookies or other web technologies to recognize users and save the consent given or withdrawn.

Purpose and legal basis

The use of the service is based on the legally required consent to the use of cookies in accordance with Art. 6 para. 1 lit. c. GDPR and § 25 para. 2 no. 2 TDDDG.

Storage period

The specific storage period of the processed data cannot be influenced by us, but is determined by Termly Inc. For more information, please see the Termly privacy policy: https://termly.io/de/unsere-datenschutzpolitik/.

Vioma CDN

Nature and scope of processing

We use vioma CDN to properly deliver the content of our website. vioma CDN is a service provided by vioma GmbH, which acts as a content delivery network (CDN) on our website.

A CDN helps to deliver content from our online offering, in particular files such as graphics or scripts, more quickly using regionally or internationally distributed servers. When you access this content, you connect to servers of vioma GmbH, Industriestrasse 27, 77656 Offenburg, Germany, which transmits your IP address and, if applicable, browser data such as your user agent. This data is processed exclusively for the purposes mentioned above and to maintain the security and functionality of vioma CDN.

Purpose and legal basis

Storage period

The specific storage period of the processed data cannot be influenced by us, but is determined by vioma GmbH. For more information, please see the vioma CDN privacy policy: https://www.vioma.de/(cms)/module/pass/90/redir-legal/privacy/de?cms_redir_fragment=module-legal-privacy-start.

YouTube video

Nature and scope of processing

We have integrated YouTube video on our website. YouTube Video is a component of YouTube, LLC's video platform, on which users can upload content, share it over the Internet, and obtain detailed statistics.

YouTube video allows us to integrate platform content into our website.

YouTube Video uses cookies and other browser technologies to evaluate user behavior, recognize users and create user profiles. This information is used, among other things, to analyze the activity of the content listened to and to create reports. If a user is registered with YouTube, LLC, YouTube Video can associate the videos played with the profile.

When you access this content, you connect to servers of YouTube, LLC, Google Ireland Limited, Gordon House, Barrow Street Dublin 4 Ireland, which transmits your IP address and, if applicable, browser data such as your user agent.

Purpose and legal basis

The use of the service is based on your consent in accordance with Art. 6 para. 1 lit. a. GDPR and § 25 para. 1 TDDDG.

Storage period

The specific storage period of the processed data cannot be influenced by us, but is determined by YouTube, LLC. For more information, please see the YouTube Video privacy policy: https://policies.google.com/privacy.

Regular guest club (guest club)

This website uses KunLeiSys guest club software (regular guest area). The provider is GASTROpoint GmbH, Pommernstraße 17, 83395 Freilassing, Germany. KunleiSYS Guest Club Software is a service that organizes and manages the guest club, offers, loyalty points, emails about events and newsletter delivery. You can register for the guest club on our website. We only use the data entered for this purpose for the purpose of using the respective offer or service. The mandatory information requested during registration must be provided in full. Otherwise, we will refuse to register. The data entered during registration is processed on the basis of your consent (Art. 6 para. 1 lit. a GDPR). You can withdraw your consent free of charge at any time. You can do this via the unsubscribe link in the email or by unsubscribing from the guest club.

The data you have provided to us for the purpose of the guest club will be stored by us until you unsubscribe and delete the guest club account both from our servers and from the servers of GASTROpoint GmbH. For important changes, such as the scope of services or technical changes, we use the email address specified/stored in your profile during registration or in order to inform you in this way. Statutory storage periods remain unaffected. We have concluded a contract with GastroPoint GmbH for order data processing and fully implement the strict requirements of the data protection authorities when using KunLeiSys Guest Club software.

Abril 2025