Privacy policy

With this privacy policy, we inform you about which personal data we collect from you via our website and how we process it. In addition, you will learn what rights you have with regard to data protection.

Person responsible for data protection

Responsible for data processing on this website is.

Project M GmbH & Co. KG

Augustaplatz 8

76530 Baden-Baden

E-Mail: info@filios-badenbaden.de

Phone: +49 (0)7221 18 58 001

Overview of purposes and legal basis of data processing.

We process your data in aggregate for the following purposes:

• To be able to process your request with you in case of contact inquiries (e.g. e-mail address, first name, last name);
• To process your reservation request;
• For the technical realization of our website and to be able to provide you with our information on this website (e.g. IP address, cookies, browser information).

The details and purposes of the specific data processing when using certain functions of our website can be found at the respective place in this privacy policy.

Regarding the legal basis for the processing of your data applies:

• We process data that is required for the justification, implementation or processing of our service offer (contract processing) on the legal basis of Art. 6 (1) lit. b DSGVO.
• Insofar as we obtain consent from you for the processing of your data, the consent forms the legal basis for data processing in accordance with Art. 6 (1) lit. a DSGVO.
• Data processing is also permissible if we process your data to protect our legitimate interests and your interests or fundamental rights and freedoms with regard to the processing of your data are not overridden.
• Insofar as we use external service providers in the context of commissioned data processing, the processing is carried out on the legal basis of Art. 28 DSGVO.
• If we are jointly responsible for data processing with an external service provider, we have concluded the relevant contracts in accordance with Art. 26 DSGVO.

Which data we process from you depends on the respective function and use of this website. Therefore, you will always find this information at the specific place in this privacy policy.

Recipients or categories of recipients

We host our website with an external service provider within the European Union or the European Economic Area. In this way, we ensure that data processing is carried out solely under the strict provisions of the General Data Protection Regulation (DSGVO).

If we are entitled or obliged to disclose data due to legal provisions and/or official or court orders, we must also disclose your data to the requesting bodies. This may involve, in particular, the provision of information for the purposes of law enforcement, the prevention of danger or the enforcement of intellectual property rights.

In order to be able to integrate certain functions on our website, we use the services of various service providers. Insofar as we pass on your data to service providers to the extent necessary, they will only have access to your data to the extent that this is necessary for the fulfillment of the service providers' tasks. These service providers are obliged to treat your data in accordance with the applicable data protection laws, in particular the DSGVO. We always make sure to use all possibilities of pseudonymization and anonymization where this is possible for processing. Translated with www.DeepL.com/Translator (free version)

Detailed information on the transfer of your data or its processing by third parties can be found in the details on data processing.

Your rights

You have the right

• In accordance with Art. 15 DSGVO, to request information about your personal data processed by us. In particular, you can request information about the processing purposes, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to rectification, erasure, restriction of processing or objection, the existence of a right of complaint, the origin of your data if it has not been collected by us, as well as the existence of automated decision-making including profiling and, if applicable, meaningful information about its details;
• pursuant to Art. 16 DSGVO, to request the correction of incorrect or incomplete personal data stored by us without undue delay;
• pursuant to Art. 17 DSGVO, to request the erasure of your personal data stored by us, unless the processing is necessary for the exercise of the right to freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the establishment, exercise or defense of legal claims;
• pursuant to Art. 18 DSGVO, to request the restriction of the processing of your personal data, insofar as the accuracy of the data is disputed by you, the processing is unlawful, but you object to its erasure and we no longer require the data, but you need it for the assertion, exercise or defense of legal claims or you have objected to the processing pursuant to Art. 21 DSGVO;
• pursuant to Art. 20 DSGVO, to receive your personal data that you have provided to us in a structured, common and machine-readable format or to request the transfer to another controller (data portability);
• in accordance with Art. 7 (3) DSGVO, to revoke your consent once given to us at any time (right of revocation). This has the consequence that we may no longer continue the data processing, which was based on this consent, for the future; and
• to complain to a supervisory authority in accordance with Art. 77 DSGVO. As a rule, you can contact the supervisory authority of your usual place of residence or workplace or our registered office for this purpose (right to complain).

If your personal data is processed on the basis of legitimate interests pursuant to Art. 6 (1) p. 1 lit. f DSGVO, you have the right to object to the processing of your personal data pursuant to Art. 21 DSGVO, provided that there are grounds for doing so that arise from your particular situation or the objection is directed against direct advertising. In the latter case, you have a general right to object, which will be implemented by us without specifying a particular situation.

Duration of storage and deletion of data

We would like to point out that the data processed by us will be deleted or restricted in its processing in accordance with Articles 17 and 18 DSGVO (for more details, see Data Subject Rights). Unless expressly stated by us within the scope of this data protection declaration, the data stored by us will be deleted as soon as it is no longer required for its intended purpose and the deletion does not conflict with any statutory retention obligations.

If the data is not deleted because it is required for other and legally permissible purposes, its processing will be restricted. This means that the data is blocked and not processed for other purposes.This applies, for example, to data that must be retained for reasons of commercial or tax law. reasons. According to legal requirements, the storage takes place in particular for 6 years in accordance with § 257 Para. 1 HGB (German Commercial Code)(commercial books, inventories, opening balances, annual financial statements, commercial letters, accounting vouchers, etc.) as well as for 10 years in accordance with § 147 para. 1 AO (books, records, management reports, accounting vouchers, commercial and business letters, documents relevant for taxation, etc.).

References and links

Our website may contain links to the websites of other companies. We have included these for information about additional offers, benefits or services. We are not responsible for the content of other websites and their data processing. For information on data processing, please refer to the data protection statements of the specific website.

Data security

Within the website visit, we use the established TLS procedure (Transport Layer Security, formerly SSL) in conjunction with the highest encryption level supported by your browser. As a rule, this is 256-bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead. You can tell whether an individual page of our website is transmitted in encrypted form by the closed display of the key or lock symbol in the status bar of your browser, provided your browser supports the display of a symbol.

We use appropriate technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or against unauthorized access by third parties. We have implemented security standards to protect the personal information you provide to us using industry-accepted standards and technologies. We regularly review our system for potential vulnerabilities and attacks. Because communications over the Internet are not 100% secure, we cannot guarantee or be liable for the security of any data you transmit to us over the Internet.

There is no guarantee that information will not be accessed or that information will not be disclosed, altered or destroyed as a result of a breach of our physical, technical and organizational security measures.

Details on data processing

In the following, we inform you in detail about the data processing for individual functions of our website and their use by you.

Calling up the website (general log files)

When you call up our website, information is sent to the server of our website automatically by your browser, i.e. without your intervention. This is temporarily stored in a so-called log file until automated deletion. Sent information:

• IP address
• Date and time of the request
• Time zone difference to Greenwich Mean Time (GMT)
• Content of the request (specific page)
• Access status/HTTP status code
• Amount of data transferred in each case
• Website from which the request comes
• Browser
• Operating system and its interface
• Language and version of the browser software.

The aforementioned data is processed by us for the following purposes:

• Ensuring a smooth connection setup of the website
• Ensuring a comfortable use of our website
• Evaluation of system security and stability

The legal basis for this data processing is Art. 6 para. 1 p. 1 lit. f DSGVO. Our legitimate interest follows from the aforementioned purposes for data collection. We do not use the collected data for the purpose of drawing conclusions about your person.

Kontaktaufnahme

You can contact us by phone, e-mail or via our contact forms, e.g. to clarify general questions about our offer or to request our documents with further information. We store the data you provide in order to process your request and to contact you to handle your request.

If you contact us by e-mail, telephone or fax, your inquiry including all resulting personal data (name, inquiry) will be stored and processed by us for the purpose of processing your request.

If we request information about you via our contact form, we have marked the mandatory fields required for contacting you accordingly (asterisk). The provision of a valid e-mail address and your name is necessary for us to know from whom the request originates and to be able to respond appropriately (e.g. specific address). The voluntary information helps us to better classify your request and to improve the processing of your request.

If you provide us with your address or telephone number, we assume that we may also respond to your inquiry by mail or telephone.

Depending on the type of request, the legal basis for data processing is Art. 6 para. 1 lit. b DSGVO for requests that you yourself make in the context of a (pre-)contractual measure or Art. 6 para. 1 p. 1 lit. f DSGVO if your request is of a different nature. Our legitimate interest in data processing according to Art. 6 para. 1 p.1 lit. f DSGVO follows from the previously mentioned purposes.

If personal data is requested that we do not need for the fulfillment of a contract or for the protection of legitimate interests, the transfer to us will be based on your consent pursuant to Art. 6 para. 1 lit. a DSGVO.

Reservation

If you want to make a reservation on our website, we collect the following personal data from you: name, address, date of arrival, date of departure

We need this data to be able to assign the reservation to you when you arrive.

We have marked the mandatory fields required for a reservation accordingly (asterisk). The legal basis for this data processing is Art. 6 para. 1 lit. b DSGVO, as your booking represents a pre-contractual measure.

In order to provide you with a comfortable reservation we use the booking system of the service provider:

eatapp, Office 2401, Platinum Tower, Cluster I, Jumeirah Lake Towers, Dubai, UAE

Cookies

We do not use cookies on our website.

Subject to change

This privacy policy complies with the currently applicable legal provisions on data protection. We reserve the right to adapt and change them if necessary. Insofar as there are differences between the English and German versions of this data protection declaration, the German version of this data protection declaration shall apply.

The legally valid privacy policy is the german privacy policy.