1. Name and Contact Details of the Controller This privacy information applies to data processing by: Controller: Lorenzen u. A. GbR (hereinafter: Hotel26-Berlin), represented by Managing Director Stefan Lorenzen, Grünberger Str. 26, 10245 Berlin, Germany. Email: info@hotel26-berlin.de | Phone: +49 30 29 77 78 0 | Fax: +49 30 29 77 78 79 2. Collection and Storage of Personal Data, and the Nature and Purpose of Its Use a) When Visiting the Website When you access our website at http://www.hotel26-berlin.de, the browser used on your device automatically sends information to our website's server. This information is temporarily stored in what is known as a log file. The following information is collected without any action on your part and stored until automatically deleted: the IP address of the requesting device, the date and time of access, the name and URL of the file accessed, the website from which access was made (referrer URL), the browser used and, where applicable, your computer's operating system, as well as the name of your access provider. We process the aforementioned data for the following purposes: to ensure a smooth connection to the website, to ensure comfortable use of our website, to evaluate system security and stability, and for further administrative purposes. The legal basis for this data processing is Art. 6(1)(1)(f) GDPR. Our legitimate interest follows from the purposes for data collection listed above. Under no circumstances do we use the collected data to draw conclusions about your identity. In addition, we use cookies and analytics services when you visit our website. Further details can be found under sections 4 and 5 of this Privacy Policy. b) When Subscribing to Our Newsletter Provided that you have expressly consented in accordance with Art. 6(1)(1)(a) GDPR, we use your email address to send you our newsletter on a regular basis. An email address is sufficient to receive the newsletter. You may unsubscribe at any time, for example via a link at the end of each newsletter. Alternatively, you are welcome to send your unsubscribe request at any time to info@hotel26-berlin.de by email. c) When Using Our Contact Form For any questions you may have, we offer you the option of contacting us via a form provided on the website. This requires a valid email address so that we know who the inquiry is from and are able to respond to it. Any further details may be provided voluntarily. Data processing for the purpose of contacting us is carried out in accordance with Art. 6(1)(1)(a) GDPR on the basis of your voluntarily granted consent. The personal data we collect through the use of the contact form is automatically deleted once your inquiry has been resolved. 3. Disclosure of Data Your personal data will not be transferred to third parties for purposes other than those listed below. We only disclose your personal data to third parties if: you have given your express consent in accordance with Art. 6(1)(1)(a) GDPR, disclosure is necessary in accordance with Art. 6(1)(1)(f) GDPR for the establishment, exercise, or defense of legal claims, and there is no reason to assume that you have an overriding legitimate interest in your data not being disclosed, in the event that there is a legal obligation to disclose in accordance with Art. 6(1)(1)(c) GDPR, and this is legally permissible and necessary in accordance with Art. 6(1)(1)(b) GDPR for the performance of contractual relationships with you. 4. Cookies We use cookies on our site. These are small files that your browser automatically creates and that are stored on your device (laptop, tablet, smartphone, or similar) when you visit our site. Cookies do not cause any damage to your device and contain no viruses, trojans, or other malware. Information is stored in the cookie that arises in connection with the specific device used. However, this does not mean that we thereby gain direct knowledge of your identity. On the one hand, the use of cookies serves to make using our offering more pleasant for you. For instance, we use so-called session cookies to recognize that you have already visited individual pages of our website. These are automatically deleted after you leave our site. In addition, we also use temporary cookies to optimize user-friendliness; these are stored on your device for a defined period of time. If you visit our site again to use our services, it is automatically recognized that you have already been with us, along with the entries and settings you made, so that you do not have to enter these again. On the other hand, we use cookies to record the use of our website statistically and to evaluate it for the purpose of optimizing our offering for you (see section 5). These cookies enable us to automatically recognize, upon a renewed visit to our site, that you have already been with us. These cookies are automatically deleted after a defined period in each case. The data processed by cookies is necessary for the aforementioned purposes to safeguard our legitimate interests as well as those of third parties in accordance with Art. 6(1)(1)(f) GDPR. Most browsers accept cookies automatically. However, you can configure your browser so that no cookies are stored on your computer, or so that a notice always appears before a new cookie is created. However, fully disabling cookies may mean that you cannot use all the functions of our website. 5. Analytics Tools a) Tracking Tools The tracking measures listed below and used by us are carried out on the basis of Art. 6(1)(1)(f) GDPR. With the tracking measures employed, we aim to ensure a needs-based design and the continuous optimization of our website. On the other hand, we use the tracking measures to record the use of our website statistically and to evaluate it for the purpose of optimizing our offering for you. These interests are to be regarded as legitimate within the meaning of the aforementioned provision. The respective data processing purposes and data categories can be found in the corresponding tracking tools below. i) Google Analytics For the purpose of needs-based design and continuous optimization of our pages, we use Google Analytics, a web analytics service provided by Google Inc. (https://www.google.de/intl/de/about/) (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; hereinafter "Google"). In this context, pseudonymized usage profiles are created and cookies (see section 4) are used. The information generated by the cookie about your use of this website, such as browser type/version, operating system used, referrer URL (the previously visited page), host name of the accessing device (IP address), time of the server request, is transmitted to a Google server in the USA and stored there. The information is used to evaluate use of the website, to compile reports on website activity, and to provide further services associated with website use and internet use for the purposes of market research and needs-based design of these web pages. This information may also be transferred to third parties where required by law or where third parties process this data on our behalf. Under no circumstances will your IP address be merged with other Google data. The IP addresses are anonymized so that attribution is not possible (IP masking). You can prevent the installation of cookies by configuring your browser software accordingly; however, please note that in this case you may not be able to use all functions of this website to their full extent. You can also prevent the collection of the data generated by the cookie and relating to your use of the website (including your IP address) as well as the processing of this data by Google by downloading and installing a browser add-on (https://tools.google.com/dlpage/gaoptout?hl=de). As an alternative to the browser add-on, particularly for browsers on mobile devices, you can also prevent collection by Google Analytics by clicking on this link. An opt-out cookie will be set that prevents the future collection of your data when visiting this website. The opt-out cookie applies only in this browser and only for our website and is stored on your device. If you delete the cookies in this browser, you will need to set the opt-out cookie again. Further information on data protection in connection with Google Analytics can be found, for example, in the Google Analytics Help (https://support.google.com/analytics/answer/6004245?hl=de). ii) Google AdWords Conversion Tracking In order to record the use of our website statistically and to evaluate it for the purpose of optimizing our website for you, we also use Google Conversion Tracking. In this process, Google AdWords places a cookie (see section 4) on your computer if you have reached our website via a Google ad. These cookies lose their validity after 30 days and do not serve to identify you personally. If the user visits certain pages of the AdWords customer's website and the cookie has not yet expired, Google and the customer can recognize that the user clicked on the ad and was directed to that page. Each AdWords customer receives a different cookie. Cookies can therefore not be tracked across the websites of AdWords customers. The information obtained with the help of the conversion cookie is used to create conversion statistics for AdWords customers who have opted for conversion tracking. The AdWords customers learn the total number of users who clicked on their ad and were directed to a page bearing a conversion tracking tag. However, they receive no information that can be used to personally identify users. If you do not wish to take part in the tracking process, you can also refuse the setting of a cookie required for this — for instance, via a browser setting that generally disables the automatic setting of cookies. You can also disable cookies for conversion tracking by setting your browser to block cookies from the domain "www.googleadservices.com". You can find Google's privacy notice on conversion tracking here (https://services.google.com/sitestats/de.html). 6. Social Media Plug-ins On our website, on the basis of Art. 6(1)(1)(f) GDPR, we use social plug-ins from the social networks Facebook, Twitter, and Instagram in order to raise awareness of our hotel. The underlying advertising purpose is to be regarded as a legitimate interest within the meaning of the GDPR. Responsibility for data-protection-compliant operation lies with the respective provider. We integrate these plug-ins using the so-called two-click method in order to protect visitors to our website as effectively as possible. a) Facebook Social media plug-ins from Facebook are used on our website in order to make its use more personal. For this, we use the "LIKE" or "SHARE" button. This is an offering provided by Facebook. When you access a page of our website that contains such a plug-in, your browser establishes a direct connection with Facebook's servers. The content of the plug-in is transmitted by Facebook directly to your browser and integrated into the web page by it. Through the integration of the plug-ins, Facebook receives the information that your browser has accessed the corresponding page of our website, even if you do not have a Facebook account or are not currently logged in to Facebook. This information (including your IP address) is transmitted by your browser directly to a Facebook server in the USA and stored there. If you are logged in to Facebook, Facebook can directly attribute your visit to our website to your Facebook account. If you interact with the plug-ins, for example by clicking the "LIKE" or "SHARE" button, the corresponding information is likewise transmitted directly to a Facebook server and stored there. The information is also published on Facebook and displayed to your Facebook friends. Facebook may use this information for the purposes of advertising, market research, and needs-based design of its Facebook pages. To this end, Facebook creates usage, interest, and relationship profiles, e.g. to evaluate your use of our website with regard to the advertisements displayed to you on Facebook, to inform other Facebook users about your activities on our website, and to provide further services associated with the use of Facebook. If you do not want Facebook to attribute the data collected via our website to your Facebook account, you must log out of Facebook before visiting our website. For the purpose and scope of data collection and the further processing and use of the data by Facebook, as well as your related rights and the settings available to protect your privacy, please refer to Facebook's privacy notices (https://www.facebook.com/about/privacy/). b) Twitter Plug-ins from the short-message network of Twitter Inc. (Twitter) are integrated into our web pages. The Twitter plug-ins (tweet button) can be recognized by the Twitter logo on our site. An overview of tweet buttons can be found here (https://about.twitter.com/resources/buttons). When you access a page of our website that contains such a plug-in, a direct connection is established between your browser and the Twitter server. Twitter thereby receives the information that you have visited our site with your IP address. If you click the Twitter "tweet button" while logged in to your Twitter account, you can link the content of our pages to your Twitter profile. This allows Twitter to attribute your visit to our pages to your user account. We point out that, as the provider of the pages, we receive no knowledge of the content of the transmitted data or its use by Twitter. If you do not wish Twitter to be able to attribute your visit to our pages, please log out of your Twitter user account. Further information on this can be found in Twitter's privacy policy (https://twitter.com/privacy). c) Instagram So-called social plug-ins ("plug-ins") from Instagram are also used on our website. Instagram is operated by Instagram LLC., 1601 Willow Road, Menlo Park, CA 94025, USA ("Instagram"). The plug-ins are marked with an Instagram logo, for example in the form of an "Instagram camera." When you access a page of our website that contains such a plug-in, your browser establishes a direct connection to Instagram's servers. The content of the plug-in is transmitted by Instagram directly to your browser and integrated into the page. Through this integration, Instagram receives the information that your browser has accessed the corresponding page of our website, even if you do not have an Instagram profile or are not currently logged in to Instagram. This information (including your IP address) is transmitted by your browser directly to an Instagram server in the USA and stored there. If you are logged in to Instagram, Instagram can directly attribute your visit to our website to your Instagram account. If you interact with the plug-ins, for example by clicking the "Instagram" button, this information is likewise transmitted directly to an Instagram server and stored there. The information is also published on your Instagram account and displayed there to your contacts. If you do not want Instagram to directly attribute the data collected via our website to your Instagram account, you must log out of Instagram before visiting our website. Further information on this can be found in Instagram's privacy policy (https://help.instagram.com/155833707900388). 7. Data Subject Rights You have the right: in accordance with Art. 15 GDPR, to request information about your personal data processed by us. In particular, you may request information about the purposes of processing, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to rectification, erasure, restriction of processing, or objection, the existence of a right to lodge a complaint, the origin of your data where it was not collected by us, as well as the existence of automated decision-making, including profiling, and, where applicable, meaningful information about its details; in accordance with Art. 16 GDPR, to request without delay the rectification of inaccurate personal data or the completion of your personal data stored by us; in accordance with Art. 17 GDPR, to request the erasure of your personal data stored by us, insofar as the processing is not necessary for exercising the right to freedom of expression and information, for compliance with a legal obligation, for reasons of public interest, or for the establishment, exercise, or defense of legal claims; in accordance with Art. 18 GDPR, to request the restriction of the processing of your personal data, insofar as the accuracy of the data is contested by you, the processing is unlawful but you object to its erasure and we no longer need the data, while you require it for the establishment, exercise, or defense of legal claims, or you have objected to the processing in accordance with Art. 21 GDPR; in accordance with Art. 20 GDPR, to receive your personal data that you have provided to us in a structured, commonly used, and machine-readable format, or to request its transmission to another controller; in accordance with Art. 7(3) GDPR, to revoke your consent once granted at any time vis-à-vis us. The consequence of this is that we may no longer continue the data processing based on this consent in the future, and in accordance with Art. 77 GDPR, to lodge a complaint with a supervisory authority. As a rule, you may contact the supervisory authority of your usual place of residence or workplace, or that of our company headquarters, for this purpose. 8. Right to Object Insofar as your personal data is processed on the basis of legitimate interests in accordance with Art. 6(1)(1)(f) GDPR, you have the right, in accordance with Art. 21 GDPR, to object to the processing of your personal data, provided that there are grounds arising from your particular situation or that the objection is directed against direct marketing. In the latter case, you have a general right to object, which we will implement without you having to specify a particular situation. If you wish to exercise your right of revocation or objection, an email to info@hotel26-berlin.de is sufficient. 9. Data Security During your visit to the website, we use the widely adopted SSL (Secure Socket Layer) method in conjunction with the highest level of encryption supported by your browser. As a rule, this is 256-bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead. You can tell whether an individual page of our website is transmitted in encrypted form by the closed display of the key or padlock symbol in the lower status bar of your browser. We also use suitable technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction, or against unauthorized access by third parties. Our security measures are continuously improved in line with technological developments. 10. Currency and Amendment of This Privacy Policy This Privacy Policy is currently valid and was last updated in May 2018. As our website and the offerings on it are developed further, or due to changed legal or regulatory requirements, it may become necessary to amend this Privacy Policy. The current Privacy Policy can be accessed and printed by you at any time on the website at http://www.hotel26-berlin.de/datenschutz.