Data protection policy

Data protection policy of the SI-SUITES

Thank you for your interest in our company and our website www.si-suites.de. The trust placed in us is very important to us. We take the protection of your personal data very seriously and strictly comply with data protection legislation. We would like to explain the details below:

1 Collection and storage of personal data, type and purpose of their use

Visiting our website

When you visit our website www.si-suites.de, the browser you use automatically sends information to our server. These are temporarily stored in a so-called log file. The following information is collected without your intervention and stored until automated deletion: IP address of the requesting computer, date and time of access, time zone difference to GMT, name and URL of the accessed file, access status, amount of data transferred, website from which the access is made (referrer URL), browser used including version and language and, if applicable, the operating system of your computer and the name of your access provider. This data may be processed by us to enable a smooth connection setup and a comfortable use of the website as well as to evaluate the system security and stability.

The legal basis for data processing is article 6 section 1 p. 1 lit. f GDPR. Our legitimate interest follows from the data collection purposes listed above. In no case do we use the collected data for the purpose of drawing conclusions about your person. The submission of the relevant personal data by you when visiting the website is not required by law or contract or necessary for the conclusion of a contract, it may be voluntary and serves only the aforementioned purposes. Wir setzen beim Besuch unserer Website Cookies sowie Analysedienste ein. You will also find more detailed explanations in this privacy policy.

Links to other sites

This privacy policy applies exclusively to this website. Other regulations may apply to other websites operated by third parties. therefore please check the respective data protection agreements We assume no responsibility or liability for the practices followed by third parties.

Use of our booking tool

You have the option to make reservations through a form provided on the website. In order for you to be able to book your stay with us comfortably online, we use the booking engine of HotelNetSolutions GmbH. The data that will be collected can be seen in the input mask. The processing of your data for the purpose of booking processing is carried out in accordance with article 6 section 1 p. 1 lit. b GDPRfor the implementation of pre-contractual/contractual measures. Data processing for the purpose of booking processing is carried out in accordance with article. 6 section 1 p. 1 lit. b GDPR for the fulfillment of a contract concluded with you or for the implementation of pre-contractual measures based on your request. The provision of the aforementioned personal data by you is not required by law or contract, but is required if you intend to enter into a contract with us, which is otherwise not possible. The personal data collected by us will be automatically deleted after the purpose for which it was collected has been fulfilled, taking into account any retention and storage periods under commercial/tax law.

In addition, your data will be used to provide you with essential and significant information regarding your current or future stay during and after your visit. This is done, for example, in the form of a pre-stay email or an invitation to an online evaluation of our company. The data processing is carried out according to article 6 section. 1 p. 1 lit. f GDPR. In no case do we use the collected data for the purpose of drawing conclusions about your person.

The underlying promotional purpose constitutes a legitimate interest within the meaning of the GDPR. The personal data collected by us will be automatically deleted after the purpose for which it was collected has been fulfilled, taking into account any statutory retention and storage periods.

The disclosure of preferences and other information, such as food intolerances or mobility restrictions, is voluntary. This information is used in accordance with article 6 section. 1 p. 1 lit. a GDPR until you revoke your consent and are used by us to provide you with a service tailored to your needs for your current or future visit.

Creation of a user account/user profile

You have the option to create a personal user account on our website, in which your data will be stored for future booking processes. The data that is collected can be seen in the corresponding input mask. Data processing for the purpose of setting up a user account is carried out in accordance with article 6 section. 1 p. 1 lit. b GDPR for the fulfillment of a contract concluded with you or for the implementation of pre-contractual measures based on your registration. The provision of personal data by you is not required by law or contract, but is required if you wish for us to create a user profile for you. We delete the personal data collected by us in this manner as soon as you inform us that you wish to do so (e.g. by sending an e-mail to info@si-suites.de).

Use of the online and voucher store

Sie haben die Möglichkeit in unserem Online-/Gutscheinshop unterschiedliche Wertgutscheine oder Packages zu erwerben. The data that is collected can be seen in the corresponding input mask. The processing of your data for the purpose of handling your reservation or order is carried out in accordance with article 6 section 1 p. 1 lit. b GDPR for the implementation of pre-contractual/contractual measures. The provision of the aforementioned personal data by you is not required by law or contract, but is required if you intend to enter into a contract with us, which is otherwise not possible. The personal data collected by us will be automatically deleted after the purpose for which it was collected has been fulfilled, taking into account any retention and storage periods under commercial/tax law.

Registration form and (pre-)check-in

By virtue of legal obligation in § 29 section 2 – 4, § 30 section 2 German Federal Registration Act, we as an accommodation provider must collect the following data from our guests upon arrival:

Date of arrival and expected departure, surnames, first names, date of birth, nationalities, address, number of co-travelers and their nationalities (if required by law), serial number of the recognized and valid passport or passport replacement document for foreign individuals.

Additional information, such as your license plate number, can be provided by you voluntarily.

The data processing in this regard is carried out in accordance with Article 6 section 1 p. 1 lit. c) the GDPR for the fulfillment of the legal obligation incumbent upon us. The storage and deletion as well as the transfer of personal data collected by us in this manner to third parties (registration authorities) shall be carried out exclusively in compliance with the relevant provisions of the Federal Registration Act (Section 30 (4) BMG(Federal Registration Act). The disclosure of your vehicle registration number (obligatory if you use the underground car park), your telephone number, first name of fellow passengers, date of birth of fellow passengers as well as preferences and other information such as food intolerances or mobility restrictions is voluntary. This information is used in accordance with article 6 section. 1 p. 1 lit. a GDPR until you revoke your consent and are used by us to provide you with a service tailored to your needs for your current or future visit. Furthermore, we use your data for the purpose of booking processing. For this purpose, we additionally record the last names of the fellow travelers, the e-mail address as well as the arrival and departure time. The data processing is carried out according to article 6 section. 1 p. 1 lit. b GDPR for the fulfillment of a contract concluded with you or for the implementation of pre-contractual measures. The personal data collected by us will be automatically deleted after the purpose for which it was collected has been fulfilled, taking into account any statutory retention and storage periods. In addition, your data will be used to provide you with essential and significant information regarding your current or future stay during and after your visit. This is done, for example, in the form of a pre-stay email or an invitation to an online evaluation of our company. The data processing is carried out according to article 6 section. 1 p. 1 lit. f GDPR. In no case do we use the collected data for the purpose of drawing conclusions about your person. The underlying promotional purpose constitutes a legitimate interest within the meaning of the GDPR. The personal data collected by us will be automatically deleted after the purpose for which it was collected has been fulfilled, taking into account any statutory retention and storage periods.

Registration for our newsletter

To subscribe to the newsletter we use the double-opt-in method. Immediately after registration you will receive an e-mail to the specified e-mail address with the request to confirm the registration. We store your IP address and the time of registration to the newsletter and the time of confirmation. This is necessary to prove your registration.

Insofar as you have given your consent in accordance with article 6 section 1 p. 1 lit. a GDPR, we will use your email address and date of birth to send you our newsletter and birthday greetings from time to time. FFor the delivery of the newsletter, the voluntary submission of an e-mail address is necessary and sufficient. You can unsubscribe at any time, e.g. by sending an e-mail to info@si-suites.de. We will then immediately delete your e-mail address from our newsletter distribution list.

Use of our contact form, e-mail contact, telephone contact

We offer you the option of contacting us via a form provided on the website. The data that is collected can be seen in the corresponding input mask. Data processing in the context of contacting us is carried out in accordance with article 6 section 1 p. 1 lit. f GDPR on the basis of our legitimate interest in responding to your request. If your contact is aimed at entering into a contract, the legal basis according to article 6 section 1 p. 1 lit. b GDPR. The personal data collected by us for the use of the contact form will be automatically deleted after completion of your request, provided that there are no legal obligations to retain data.

The above applies accordingly if you send us personal data in the context of an inquiry by e-mail, telephone or other means.

Application for an advertised position or initial application

If you send us your application for an advertised position, your application documents will be processed in accordance with article 88 GDPR in conjunction with § 26 BDSG (Federal Data Protection Act). § 26 BDSG (Federal Data Protection Act). If you send us an application photo, you do so voluntarily and thus give your consent to the collection and storage of your application photo in accordance with article 88 in conjunction with § 26 section 2 Federal Data Protection Act We possess a very strong interest in conducting and completing a proper application process. Your application documents will be deleted 6 months after rejection. Your application documents will only be stored for a longer period of time with your express consent. In the case of unsolicited applications, deletion will take place, even without rejection, after receipt of your application documents within a maximum of 6 months.

2 Cookies us other services

For our internet presence we use the technology of cookies. Cookies are small text files that are sent to your browser by our web servers when you visit our websites and are stored by them on your computer for later retrieval. You can determine whether cookies are set and retrieved yourself through the settings in your browser. You can, for example, completely deactivate the storage of cookies in your browser, restrict it to certain websites or configure your browser so that it automatically notifies you as soon as a cookie is to be set and asks you for feedback on this.

We use so-called session cookies and permanent cookies on our websites. Session cookies are only cached for the duration of your use of one of our websites. The purpose of these cookies is to identify your computer during a visit to our websites and to be able to determine the end of your visit. In order to use the full functionality of our website, it is necessary for technical reasons to allow session cookies. Session cookies are deleted as soon as you leave our websites or end your browser session.
In addition, we also use permanent cookies to recognize returning visitors even after a longer period of time and to be able to offer demand-oriented information about our products and services. Persistent cookies are permanently stored on the visitor’s computer and are not deleted when the web page is left or the browser is closed. If permanently set cookies are to be removed, they must be deleted manually. In terms of their function, cookies are again distinguished between:

Essential cookies: Essential cookies help make a website usable by enabling basic functions such as page navigation and access to secure areas of the website. The website cannot function properly without these cookies.

Statistics: Statistics cookies help website owners understand how visitors interact with websites by collecting and reporting information anonymously.

Marketing: Marketing cookies are used to follow visitors on websites. The intent is to show ads that are relevant and engaging to the individual user, and therefore more valuable to publishers and third-party advertisers.

External media: These are used to improve the interactivity of our website with other services (e.g. social networks); sharing cookies are stored for a maximum of 13 months.

The data processed by essential cookies are necessary for the aforementioned purposes to protect our legitimate interests as well as those of third parties pursuant to article 6 section. 1 p. 1 lit. f GDPR required. Any use of cookies that is not strictly necessary from a technical point of view constitutes data processing that can only be carried out with your explicit and active consent in accordance with Article 6 section 1 p. 1 lit. a GDPR

The following essential cookies are used by us:

Borlabs Cookie: Stores the settings of the visitors selected in the cookie box of Borlabs Cookie.

Convert Plus: These cookies control the repetition rate of various pop-ups and slide-ins.

PHPSESSID: Retains the user’s states for all page requests.

WPML Cookie: Stores the current language and the current language of the WordPress admin area.

Google reCAPTCHA

Google Analytics und Google Search Console

For the purpose of demand-oriented design and continuous optimization of our pages, we use on the basis of article 6 section. 1 p. 1 lit. f DSGVO Google Analytics und Google Search Console, ein Webanalysedienst der Google LLC, Amphitheatre Parkway, Mountain View, CA 94043, USA. In this context, pseudonymized usage profiles are created and cookies are used. The information generated by the cookie about your use of this website, such as browser type/version, operating system used, referrer URL (the previously visited page), host name of the accessing computer (IP address), time of server request, is transmitted to a Google server in the USA and stored there. The IP addresses are anonymized so that an assignment is not possible (IP masking). The IP addresses of users are truncated by Google within member states of the European Union or in other states party to the Agreement on the European Economic Area. Google is a registered member of the EU-US Privacy Shield. Only in some exceptional cases will the full IP address be transferred to a Google server in the USA and shortened there. The information is used to evaluate the use of the website, to compile reports on website activity and to provide other services related to the use of the website and the Internet for the purposes of market research and demand-oriented design of these Internet pages. This information may also be transferred to third parties if this is required by law or if third parties process this data on our behalf. In no case will your IP address be merged with other data from Google. In the Search Console, various reports can be viewed and configurations of a website can be made.

You can prevent the installation of cookies by selecting the appropriate settings on your browser software. You can object to the collection and use of your IP address by Google Analytics at any time with effect for the future. For more information, please visit:

http://tools.google.com/dlpage/gaoptout?hl=de.

Further information on data protection in connection with Google Analytics can be found, for example, in the Google Analytics Help:

https://support.google.com/analytics/answer/6004245?hl=de

Facebook Pixel

We use Facebook Pixel, a service of Facebook Inc., 1601 S California Ave, Palo Alto, California 94304, USA, on our website for marketing and optimization purposes, in particular to place relevant and interesting ads for you on Facebook and thus improve our offer, make it more interesting for you as a user and avoid annoying ads on the basis of Art. 6 (1) p. 1 lit. f GDPR. Facebook Pixel enables Facebook to display our ads on Facebook, so-called “Facebook Ads”,they are only displayed to Facebook users who have been visitors to our website, especially those who have shown interest in our online offering or in specific topics or products. Facebook Pixel enables verification of whether a user was redirected to our website after clicking on our Facebook Ads. Facebook Pixel uses, among other things, cookies that are stored locally in the cache of your web browser on your end device. If you are logged in to Facebook with your user account, the visit to our online offer is noted in your user account. The data collected about you is anonymous for us, so it does not offer us any conclusions about the identity of the user. However, this data can be linked by Facebook with your user account there. We have no influence on the scope and further use of data collected by Facebook through the use of Facebook Pixel. According to our knowledge, Facebook receives the information that you have called up the relevant part of our website or clicked on an ad from us. If you have a user account with Facebook and are registered, Facebook can assign the visit to your user account. Even if you are not registered with Facebook or have not logged in, there is a possibility that Facebook learns and stores your IP address and possibly other identifiers.

Hotelchamp

In order to improve our online booking process and to personalize and optimize our interaction with you, we use the following data on the basis of article 6 section 1 p. 1 lit. f GDPR the services of Hotelchamp B.V., Johan Huizingalaan 763, 1066 VH Amsterdam, Holland, a professional provider of online software and services. In providing this service, Hotelchamp may process some of your personal data on our behalf. Both Hotelchamp and we value and respect your privacy. We process and protect your personal data in accordance with all applicable laws and regulations. We and Hotelchamp may process data such as your email address, IP address or browser fingerprint in combination with your booking data and other interactions on our website to prepare content and offers that we think may be relevant and appealing to you. Hotelchamp services may involve the use of cookies on our website. If you continue to visit our website, you agree to our use of cookies to help us personalize and improve our interaction with you. Only your interactions with us and our website are used to personalize our content and offers to you, not your behavior on other websites or elsewhere.

Google Maps

For the display of interactive maps we use on the basis of article 6 section 1 p. 1 lit. f GDPR Google Maps, a service of Google LLC, Amphitheatre Parkway, Mountain View, CA 94043, USA. By using Google Maps, information about the use of the website, including the user’s IP address, may be transmitted to Google servers in the USA. If the user calls up content on the website that contains Google Maps, his browser establishes a direct connection with Google’s servers. The map content is transmitted by Google directly to the user’s browser, which then integrates it into the website. Google is a registered member of the EU-US Privacy Shield.

Google Tag Manager

This website uses Google Tag Manager. Through this service, website tags can be managed through a single interface. The Google Tool Manager only implements tags. This means that no cookies are used and no personal data is collected. The Google Tool Manager triggers other tags, which in turn may collect data. However, Google Tag Manager does not access this data. If a deactivation has been made at domain or cookie level, it remains in place for all tracking tags, insofar as these are implemented with Google Tag Manager.

Google reCAPTCHA

This website uses “Google reCAPTCHA” (hereinafter “reCAPTCHA”). The provider is Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”). The purpose of reCAPTCHA is to verify whether the data entry on our website is made by a human or by an automated program. For this purpose, reCAPTCHA analyzes the behavior of the website visitor based on various characteristics. This analysis begins automatically as soon as the website visitor enters the website. For the analysis, reCAPTCHA evaluates various information (e.g. IP address, time spent by the website visitor on the website or mouse movements made by the user). The data collected during the analysis is forwarded to Google. The reCAPTCHA analyses run entirely in the background. Website visitors are not made aware that an analysis is taking place. The data processing is based on Art. 6 para. 1 lit. f DSGVO. The website operator has a legitimate interest in protecting its web offers from abusive automated spying and from SPAM.

3 Data security

Within the website visit, we use the widespread SSL procedure (Secure Socket Layer) in connection with the highest encryption level supported by your browser. As a rule, this is a 256-bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead. You can tell whether an individual page of our website is transmitted in encrypted form by the closed display of the key or lock symbol in the status bar of your browser. We also use appropriate technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or against unauthorized access by third parties. Our security measures are continuously improved in line with technological developments. Any person acting in our name or on our behalf who is granted access to your personal information may only use it in accordance with our instructions. No other processing is permitted unless required by law. The basic rule is the “need-to-know basis”, i.e. only authorized personnel have access to your personal data.

4 Disclosure of data to third parties

Your personal data will not be transferred to third parties for purposes other than those listed above. We will only pass on your personal data to third parties if they are required to do so in accordance with Article 6 section 1 p. 1 lit. a GDPR if you have explicitly given your consent to the transfer of data in accordance with article 6 section 1 p. 1 lit. f GDPR is necessary for the assertion, exercise or defense of legal claims and there is no reason to assume that you have an overriding interest worthy of protection in the non-disclosure of your data, in the event that the disclosure is necessary pursuant to article 6 section 1 p. 1 lit. c GDPR a legal obligation exists, as well as this is legally permissible and in accordance with article 6 section 1 p. 1 lit. b GDPR is necessary for the processing of contractual relationships with you.

If we outsource any processing of personal data, we use specialized service providers. Our service providers are carefully selected and regularly checked by us. They process personal data only on our behalf and strictly in accordance with our instructions on the basis of corresponding contracts for commissioned processing within the meaning of article 28 GDPR. For the processing of personal data that we carry out on behalf of a controller, we provide sufficient guarantees that we implement appropriate technical and organizational measures so that the processing is in compliance with the law and ensures the protection of the rights of data subjects.

If we transfer personal data to countries outside the EU that do not offer an equivalent level of data protection, we rely on an adequacy decision of the Commission within the meaning of Article 45 GDPR or on appropriate safeguards within the meaning of Article 46 GDPR or, pursuant to Article 49 GDPR, on the exemptions for a third country transfer.

Among other things, tools from companies based in the USA are integrated on our website. When these tools are active, your personal data may be transferred to the US servers of the respective companies. We would like to point out that the USA is not a safe third country in the sense of EU data protection law. U.S. companies are obliged to hand over personal data to security authorities without you, as the data subject, being able to take legal action against this. It can therefore not be ruled out that US authorities (e.g. intelligence services) process, evaluate and permanently store your data located on US servers for surveillance purposes. We have no influence on these processing activities.

5 Social Media

We use on our website on the basis of article 6 section. 1 p. 1 lit. f GDPR uses so-called social plug-ins of the social networks Facebook, XING, Instagram and Google+ as well as the rating platform Customer Alliance. The underlying promotional purpose constitutes a legitimate interest within the meaning of the GDPR.

When you visit our website, the buttons of these social plug-ins are deactivated by default, i.e. we do not send any data to the respective social networks without your authorization. Before you can use the buttons, you must activate them with your by clicking on them. The button remains activated until you deactivate it again or delete your cookies. For more information about cookies, please see our Cookie Notice. If you share or recommend content from our website via social networks, this is always done voluntarily. This can lead to the fact that in particular the IP address used by you and / or personal data are transmitted to the providers of these services or to third parties and stored there. This may also take place on servers outside the European Union. After activation of the button, the respective social network may already collect data, regardless of an interaction with the button. Sind Sie bei einem sozialen Netzwerk eingeloggt, kann dieses Ihren Besuch If you are logged into a social network, it can assign your visit to our website to your user account. If you are a member of a social network and do not want it to link the data collected during your visit to our website with your stored membership data, you must log out of the respective social network before activating the buttons. We have no influence on the scope of the data collected by the social networks with their buttons. The purpose and scope of the data collection and the further processing and use of the data by the respective social networks, as well as your rights in this regard and setting options for protecting your privacy, can be found in the privacy notices of the respective social networks linked below.

Facebook (Provider: Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Irland)

Google+ (Provider: Google LLC, Amphitheatre Parkway, Mountain View, CA 94043, USA

Instagram (Provider: Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Irland)

XING (Provider: XING SE, Dammtorstr. 30, 20354 Hamburg, Deutschland)

Customer Alliance (Provider: CA Customer Alliance GmbH, Ullsteinstr. 130, Tower B
12109 Berlin, Deutschland)

6 Your rights as a data subject

In accordance with article 15 of the GDPR, you can request information about your personal data processed by us. In particular, you can request information about the processing purposes, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to rectification, erasure, restriction of processing or objection, the existence of a right of complaint, the origin of your data if it has not been collected by us, as well as the existence of automated decision-making including profiling and, if applicable, meaningful information about its details. In accordance with Art. 16 of the GDPR, you can request the immediate correction of incorrect or the immediate completion of your personal data stored by us. Pursuant to article 17 GDPR, you may request the erasure of your personal data stored by us, unless the processing is necessary for the exercise of the right to freedom of expression and information, for compliance with a legal obligation, for reasons of public interest, or for the establishment, exercise or defense of legal claims. Pursuant to Art. 18 GDPR, you may request the restriction of the processing of your personal data insofar as the accuracy of the data is disputed by you, the processing is unlawful, but you object to its erasure and we no longer require the data, but you need it for the assertion, exercise or defense of legal claims or you have objected to the processing pursuant to Art. 21 GDPR. Pursuant to Art. 20 GDPR, you may receive your personal data that you have provided to us in a structured, commonly used and machine-readable format or request that it be transferred to another controller. According to article 7 section 3 GDPR, you can revoke your consent at any time. This has the consequence that we may no longer continue the data processing based on this consent for the future. In accordance with article 77 GDPR, you may lodge a complaint with a supervisory authority. As a rule, you can contact the supervisory authority of your usual place of residence or our company headquarters for this purpose.

7 Right of objection

If your personal data is collected on the basis of legitimate interests pursuant to article 6 section. 1 p. 1 lit. f GDPR, you have the right to object to the processing of your personal data pursuant to Article 21 GDPR, provided that there are grounds for doing so that arise from your particular situation or the objection is directed against direct marketing. In the latter case, you have a general right to object, which will be implemented by us without specifying a particular situation. If you wish to exercise your right of revocation or objection, simply send an e-mail to info@si-suites.de.

8 Data of the data controller and the data protection officer

This data protection information applies to data processing by:

Company responsible: Appartment House SI Betriebs GmbH, Plieninger Str. 101-107, D-70567Stuttgart

E-mail: info@si-suites.de; Phone: +49 (0) 711/72 78 50

You can reach our company data protection officer by e-mail at dsb@si-suites.de or by mail at SI Betriebs GmbH – Datenschutzbeauftragter, Plieninger Str. 101-107, D-70567 Stuttgart.

We reserve the right to adapt this data protection declaration to current factual and legal requirements. You can access and print the current data protection declaration at any time on our website at https://www.si-suites.de/datenschutzerklaerung/.

Your compare list