MEININGER Logo - Informativa dati personali

Informativa sulla privacy

Welcome to the website of the MEININGER Group. It goes without saying that the protection of your personal data, as well as fair and transparent data processing, are important to us. Below, we wish to provide you with the information which you require to check and claim your rights in relation to data processing.

 

The controller is:

MEININGER Shared Services GmbH

Obentrautstrasse 72, 10963 Berlin, Germany

Email: welcome[at]meininger-hotels.com

You can reach our data protection officer as follows:

MEININGER Shared Services GmbH

Data Protection Officer

Obentrautstrasse 72, 10963 Berlin, Germany

Email: dataprotection[at]meininger-hotels.com

Should you surf on our website, visit our hotels or otherwise get in touch with us, we receive personal data from you. We generally process data in accordance with the following legal provisions:

- If you issue us with your express consent (Article 6 Paragraph 1 a) GDPR), if you wish us to contact you directly, take part in competitions, subscribe to our newsletter and wish to receive advertising tailored to you personally. We also process data in order to fulfil our contractual obligations (Article 6 Paragraph 1 b) GDPR), for example should you book an overnight stay with us.

- As a company, we are subject to various legal obligations (Article 1 Paragraph 1 c) GDPR). For example, under tax and commercial laws, we are obliged to retain certain documents.

- We also process data in accordance with our legitimate interest or that of a third party (Article 6 Paragraph 1 f) GDPR). Amongst others, a legitimate interest includes data processing for purposes connected to direct advertising, sales generation, IT security and prevention of fraud, as well as the creation of use profiles in the form of pseudonyms in order to carry out analysis and design the website in line with requirements (tracking). You have the right to raise an objection to the data processing which takes place in accordance with the legitimate interest in accordance with Article 21 Paragraph 1 GDPR.

3.1.1 Hotel bookings

You can book a hotel room directly via our website. So that we can carry out your booking, we require your contact and address data, as well as information concerning the services which are being requested (travel dates, number of travellers, meal requests). The legal basis is Article 6 Paragraph 1 Letter b) GDPR.

3.1.2 Payment

In order to carry out payment transactions via our website, we use various payment service providers, which collect your information directly and are therefore recipients of your personal data which is gathered in connection with the payment process.

The payment service provider is responsible for your payment data. You can obtain information, in particular concerning the responsible body of the payment service provider, the contact details of the data protection officers of the payment service providers and the categories of personal data which are processed by the payment service providers from the following addresses:

SIX Payment Services (Europe) S.A.

10, rue Gabriel Lippmann, 5365 Munsbach, Luxembourg

Data privacy statement: www.six-payment-services.com/en/services/legal/privacy-statement.html

Adyen N.V.

Simon Carmiggeltstraat 6-50, 1011 DJ Amsterdam, The Netherlands

Data privacy statement: www.adyen.com/policies-and-disclaimer/privacy-policy

PayPal (Europe) S.à r.l. et Cie, S.C.A.

22-24 Boulevard Royal, 2449 Luxembourg, Luxembourg

Data privacy statement: www.paypal.com/de/webapps/mpp/ua/privacy-full

giropay GmbH

An der Welle 4, 60322 Frankfurt/Main, Germany

Data privacy statement: https://www.giropay.de/rechtliches/datenschutzerklaerung

3.1.3 Get in touch with MEININGER

You can address queries to us and send messages to us via the contact form, our email address or by telephone. We only process your data in order to get in touch with you by the means you requested and in order to handle your matter (the legal basis is Article 6 Paragraph 1 Letters a) or b) GDPR).

Freshworks

We use our processor Freshworks Inc (2950 S. Delaware Street, Suite 201, San Mateo, CA 94403, USA) for the presentation of our FAQ and the handling of queries regarding our FAQ. For this, cookies may be saved on your computer. These do not serve to identify you personally. If Freshworks also processes your name and e-mail address (so that we can respond to you by name), this is only done with your consent and the personal data will be encrypted.

3.1.4 Participation in competitions

Should you participate in competitions, we gather the data which is necessary to perform the competition. This is generally an individual contribution to the competition (for example a commentary or photo), as well as your name and contact details. It may be the case that we pass your data on to our competition partners, for example in order to send you the prize. The data processing and passing on of data can vary depending on the competition and is therefore described in concrete terms in the terms and conditions of participation of the respective competition. The participation in the competition and the associated gathering of data is of course voluntary (legal basis is Article 6 Paragraph 1 Letter a) GDPR).

 3.1.5 Sending of our newsletter

You can register for our newsletter in order to receive information concerning new hotels, current offers, events, travel tips and product news of the MEININGER Group and partner companies. Advertising information is only sent to your email address in connection with our newsletter if you have agreed to the use of your email address. It goes without saying that you can revoke your consent to the sending of newsletters at any time by clicking on the unsubscription link in the newsletter or notifying us of your wish to cancel the subscription by sending an email to newsletter[at]meininger-hotels.com.

For subscription / unsubscription to our newsletter, we use the so-called double opt in / double opt out procedure. This means that following your registration / cancellation, we send an email to the email address which has been provided, in which we request confirmation that you wish to receive / cancel the newsletter. In addition, we save your respective IP addresses which have been used and the time of registration / cancellation and confirmation. By means of this, we can prove your registration / cancellation and, if applicable, clarify any possible misuse of your personal data by a third party.

3.1.6 Newsletter tracking

Based on your consent, we evaluate your user behaviour when the newsletter is sent in order to be able to improve the tracking of how our newsletter is used. For this evaluation, the emails which are sent contain so-called web beacons, also called tracking pixels. These are one-pixel image files which provide a link to our website and which enable us to evaluate your user behaviour. This takes place by means of the use of the web beacons, which are assigned to your email address and are mapped to your own ID. The links in the newsletter also contain these. With the data which is gathered in this way, we create a user profile, in order to tailor the newsletter to your individual interests. During this process, we record the time when you read our newsletters and which links you click in these, and are able to determine your personal interests from this information. We combine this data with the actions you carry out on our website.

You can object to this tracking at any time by unsubscribing from the newsletter. The information will be saved for as long as you remain subscribed to the newsletter. Following an unsubscription, we save the data in a purely statistical and anonymous form. Should you have de-activated the display of pictures in your email program in a standard form, such tracking is also not possible. In such a case, the newsletter will not be displayed to you in full and you may not be able to use all of the functions. Should you have the pictures displayed manually, the tracking referred to above takes place. 

 3.1.7 Other advertising by MEININGER

Should we receive your email address, mobile number and postal address in connection with a stay in our hotels, we can use this data in order to inform you from then on of similar products and services offered by us. Should you prefer not to receive advertising information by post, by SMS or email, you can object to the use of your contact data for advertising purposes at any time with effect for the future, without any costs being incurred apart from the transmission costs under the basic tariffs. You should send your objection to the following contact address:

MEININGER Shared Services GmbH

Obentrautstrasse 72, 10963 Berlin, Germany

Email: newsletter[at]meininger-hotels.com

3.1.8 Career

You can apply to the companies of the MEININGER Group electronically, via the application form on our website or via email to jobs[at]meininger-hotels.com. It goes without saying that we will only use your information in order to process the application and we will not pass this on to third parties. Please bear in mind that emails which are sent in non-encrypted form cannot be protected against unauthorised access. More information about how we process your personal data can be found in our information sheet for the application process, which you receive from our Human Resources Department or can download here.

3.1.9 Use of social plugins

This website uses social plugins of the provider:

- Facebook (Operator: Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA)

- Twitter (Operator: Twitter Inc., 795 Folsom St., Suite 600, San Francisco, CA 94107, USA)

- LinkedIn (Operator: LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland)

- Pinterest: (Operator: Pinterest Inc., 651 Brannan Street, San Francisco, CA 94103, USA)

- Instagram (Operator: Instagram LLC, 1601 Willow Rd, Menlo Park CA 94025, USA)

These plugins normally record standard data relating to you and transfer this to the server of the respective provider. In order to guarantee the protection of your private sphere, we have taken technical measures which ensure that your data cannot be recorded by the providers of the respective plugin without your agreement. When a page is accessed in which the plugins are integrated, these are initially de-activated. Only when you click on the respective symbol are the plugins activated and you are then issuing your agreement to your data being transferred to the respective provider. The legal basis for the use of the plugins is Article 6 Paragraph 1 a) and f) GDPR.

Once activation has taken place, the plugins also record personal data such as your IP address, and send this to the servers of the respective provider, where it is then saved. When the website concerned is called up, activated plugins also use a cookie with an unambiguous code. By means of this, the providers can also create profiles concerning your use behaviour. This also takes place if you are not a member of the social network of the respective provider. Should you be a member of the social network of the provider and should you be logged in to the social network during your visit to this website, your data and information concerning the visit to this website can be connected to your profile on the social network. We have no control over the precise scope of the data relating to you which is gathered by the respective provider. You can find more detailed information concerning the scope, type and purpose of the data processing and your rights and settings options in order to protect your private sphere in the data protection notices of the respective provider. This can be accessed via the following addresses:

- Facebook: www.facebook.com/privacy/explanation

- Twitter: twitter.com/en/privacy

- LinkedIn: www.linkedin.com/legal/privacy-policy/

- Google+: policies.google.com/privacy

- Pinterest: policy.pinterest.com/en-gb/privacy-policy

- Instagram: help.instagram.com/155833707900388

3.1.10 YouTube

Videos of YouTube are integrated into the website in the extended data protection mode. When the video is viewed, the following data will be transferred to Google as the operator of YouTube:

- The IP address

- The specific address of our page which has been accessed

- The transmitted name of the browser

- The system date and time of the access

- Cookies which are already present by means of which your browser can be clearly identified.

Only once the video is played are cookies and pixel tags set by YouTube in order to personalise advertising and search results. No information concerning the visitors to the website is saved by Google, unless they are watching the video.

We wish to point out that Google may receive additional data via cookies which have already been saved. We have no influence over the extent to which this data is used by Google. Google Inc is responsible for this data gathering and processing.

 3.1.11 Google Maps

The website uses Google Maps API, in order to visually display geographical information. When Google Maps is used, data concerning visitors to the website is also gathered, processed and used by Google by means of the use of the map function. More detailed information concerning the data processing by Google can be found in the Google Privacy Policy.

 3.1.12 How are cookies used on this website?

When you use our website, cookies are saved on your computer. Cookies are small text files which, assigned to the browser you used, are saved on your hard drive and by means of which the party which sets the cookie can receive certain information. Cookies cannot run any programs or place viruses on your computer. The purpose of cookies is to make the Internet service more user friendly and more effective as a whole. We also use cookies in order to be able to identify you during subsequent visits, should you hold an account with us. Otherwise, you would need to log in each time you visit. This website uses the following types of cookies, the scope and functions of which will be explained below.

Transient cookies

These cookies are automatically deleted once you close the browser. These include the session cookies in particular. These save a so-called session ID, by means of which various requests of your browser can be assigned to the session. By means of this process, your computer can be recognised once again if you return to our website. The session cookies are deleted when you log out or close the browser.

Persistent cookies

These cookies are automatically deleted after a prescribed period of time, which can vary depending on the cookie. You can delete the cookies in the security settings of your browser at any time.

Flash cookies

The flash cookies which are used are not recorded by your browser, rather by your flash plugin. We also use HTML 5 storage objects, which are deposited on your end device. These objects save the necessary data regardless of the browser which you use and do not have an automatic expiry date. Should you not wish the processing of the flash cookies to take place, you need to install a corresponding add on, for example "Better Privacy" for Mozilla Firefox or the Adobe Flash Killer cookie for Google Chrome. The use of HTML 1 storage objects can be prevented by using the private mode in your browser. We would also recommend that you regularly delete your cookies and browser history manually.

Prevention of cookies

You can configure your browser setting in accordance with your wishes and you can, for example, reject the acceptance of third party cookies or all cookies. However, we wish to point out that in such a case, you may not be able to use all functions of this website.

3.1.13 Analysis of websites

For the analysis and optimisation of our websites, we use various services which are set out below. For example, by means of these we can analyse how many users are visiting our website, what information is the most popular or how users find the service. Amongst other things, we record the website where a data subject came across a website (so-called referrer), which sub-pages of the website are accessed or how often and for how long a sub-page was viewed. This helps us make our services user friendly and helps us to improve them. The data which is gathered during this process is not used to personally identify individual users. Anonymous data or data with the highest level of pseudonymisation is gathered. The legal basis for this is your consent, Art. 6 para. 1 a DSGVO. You can revoke your consent at any time via the data protection settings.

Google Analytics

This website uses Google Analytics, a web analysis service of Google Inc (1600 Amphitheatre Parkway Mountain View, CA 94043, USA). The use includes the Universal Analytics operating type. By means of this, it is possible to assign data, sessions and interactions via more than one device to a pseudonymous user ID and thus to analyse the activities of a user across several devices.

Google Analytics uses cookies, which enable an analysis of the use of the website by you. The information concerning your use of this website which is generated by the cookie is, as a rule, transferred to a Google server in the USA and saved there. In case of the activation of the IP anonymisation on this website, your IP address is, however shortened in advance by Google within Member States of the European Union or other Member States of the European Economic Area Treaty. Only in exceptional cases is the full IP address transferred to a Google server in the USA and shortened there. The IP address transferred by your browser within the framework of Google Analytics not combined with other data by Google. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports about the website activities and to provide further services to the website operator connected to the use of the website and the use of the Internet. These purposes also represent our legitimate interest in the data processing. The legal basis for the use of Google Analytics is § 15 Paragraph 3 of the German Telemedia Act (TMG) and Article 6 Paragraph 1 f) GDPR. The data sent by us which is combined with cookies, user recognitions (for example user IDs) or advertising IDs is automatically deleted after 14 months. The deletion of the data whose retention period has expired takes place automatically once a month. You can find more detailed information concerning the terms and conditions of use and data protection at www.google.com/analytics/terms/gb.html and policies.google.com. 

We use the "Google Optimize" service on our website, which allows us to show different variations of our site to users and analyse users' activities to determine which variant is better accepted by users. This also allows us to customise the contents of websites. For example, we can use Google Optimize to make different versions of the site available to different audiences. User behaviour analytics is provided by Google Analytics or Google Ads within the scope of the use of Google Optimize. Google Optimize uses Google Analytics cookies for alignment and stability purposes. Further information about the cookies used in Google Analytics is available here.

You can prevent the saving of cookies by setting your browser software accordingly. However, we wish to point out that in such a case, you may not be able to fully use all functions of this website. In addition, you can prevent the recording of the data which is generated by the cookie and which relates to your use of the website (including your IP address) by Google, as well as the processing of this data by Google by downloading and installing the browser plugin which is available via the following link: tools.google.com/dlpage/gaoptout. Opt out cookies prevent the future recording of your data when you visit this website. In order to prevent the recording by Universal Analytics via various devices, you need to carry out the opt out on all systems which you are using. 

3.1.14 Cookies for marketing purposes

We use cookies for marketing purposes, in order to target our users with advertising which is tailored to their interests. In addition, we use cookies in order to restrict the likelihood that an advert will be displayed and in order to measure the effectiveness of our advertising measures. This information can also be shared with third parties, such as ad-networks. The legal basis for this is your consent, Art. 6 para. 1 a DSGVO. You can revoke your consent at any time via the data protection settings.

DoubleClick by Google

We use the online marketing tool DoubleClick by Google LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA on our website. The responsible entity for users in the EU/EEA and Switzerland is Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland. DoubleClick uses cookies to display ads that are relevant to users, to improve campaign performance reports, or to prevent users from seeing the same ads more than once. Google records which ads are displayed in which browser via a cookie ID. This prevents the same ad from being displayed more than once. In addition, DoubleClick can use cookie IDs to record so-called conversions with reference to ads. This is the case, for example, when a user sees a DoubleClick ad and later calls up the advertiser's website with the same browser and makes a purchase there.

When you call up a page that uses Google DoubleClick and for which the DoubleClick script is permitted, your browser automatically establishes a direct connection with Google's server. We as the website operator have no influence on the scope and further use of the data collected by Google through the use of this tool. We inform you according to our state of knowledge: Through the integration of DoubleClick, Google receives the information that you have called up the corresponding part of our website or clicked on an advertisement from us. If you are registered with a Google service, Google can assign the visit to your account. Even if you are not registered with Google or have not logged in, there is a possibility that the provider may find out and store your IP address.

Insofar as data is processed outside the EEA, where there is no level of data protection corresponding to the European standard, we have concluded EU standard contractual clauses with the service provider to establish a secure level of data protection.

For more information on DoubleClick by Google, please visit www.google.de/doubleclick and on data protection at Google in general: www.google.de/intl/de/policies/privacy. Alternatively, you can visit the website of the Network Advertising Initiative (NAI) at www.networkadvertising.org.

The collection and storage of data only takes place after explicit consent according to Art. 6 para. 1 p. 1 lit. a) DSGVO. This can be revoked at any time with effect for the future.

Google Ads and conversion tracking

We use the service Google Ads. Google Ads is an online advertising program of Google LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA. The responsible party for users in the EU/EEA and Switzerland is Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland.

This means that we place Google Ads and also use Google Remarketing and Conversion Tracking as part of this. The ads are displayed after search queries on websites of the Google advertising network. In addition, we use Ads remarketing lists for search ads. This allows us to customize search ad campaigns for users who have visited our website before. Through the services, we have the possibility to combine our ads with certain search terms or to display ads for previous visitors in which, for example, services are advertised that the visitors have viewed on our website. We can thus display interest-based advertising to users of our website on other websites within the Google advertising network (as a "Google ad" within Google Search or on other websites).

For interest-based offers, an analysis of online user behavior is necessary. Google uses cookies to perform this analysis. When clicking on an advertisement or visiting our website, a cookie is set on the user's computer by Google. These cookies have a duration of 90 days. The information collected by means of the respective cookie is used to target the visitor in a subsequent search query. Further information on the cookie technology used can also be found in Google's notes on website statistics and in the privacy policy. With the help of this technology, Google and we as a customer receive information about the fact that a user has clicked on an advertisement and has been redirected to our web pages. The information obtained in this way is used exclusively for statistical evaluation for ad optimization. We do not receive any information with which visitors can be personally identified. Your IP address is transmitted to Google, but since we use Google Analytics IP masking on this website, your IP address is anonymized. The statistics provided to us by Google include the total number of users who clicked on one of our ads and, if applicable, whether they were redirected to a page of our website that is tagged with a conversion tag. Based on these statistics, we can track which search terms were clicked on our ad particularly often and which ads lead to the user contacting us via the contact form.

Insofar as data is processed outside the EEA, where there is no level of data protection corresponding to the European standard, we have concluded EU standard contractual clauses with the service provider to establish a secure level of data protection.

You can find more detailed information on data protection in the context of Google Ads at: policies.google.com/technologies/ads.

The collection and storage of data only takes place after explicit consent according to Art. 6 para. 1 p. 1 lit. a) DSGVO. This can be revoked at any time with effect for the future.

If you do not want your visit to be included in the user statistics, you can prevent this by preventing the storage of the cookie required for these technologies, for example, via your browser settings.

You also have the option of selecting the types of Google ads or deactivating interest-based ads on Google via the add setting. Alternatively, you can disable the use of cookies by third parties by calling the Deactivation help of the network advertising initiative.

However, we and Google still receive statistical information about how many users have visited this site and when. If you do not wish to be included in these statistics either, you can prevent this by using additional programs for your browser (for example, the Add-on Ghostery).

Google Analytics

If you have given your consent, this website uses Google Analytics, a web analytics service provided by Google LLC. The responsible party for users in the EU/EEA and Switzerland is Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland ("Google").

Scope of processing

Google Analytics uses cookies that enable an analysis of your use of our websites. The information collected by means of the cookies about your use of this website is usually transferred to a Google server in the USA and stored there.

We use Google Signals. This allows Google Analytics to collect additional information about users who have activated personalized ads (interests and demographics) and ads can be delivered to these users in cross-device remarketing campaigns.

Google Analytics 4 has IP address anonymization enabled by default. Due to IP anonymization, your IP address will be truncated by Google within member states of the European Union or in other states party to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transferred to a Google server in the USA and shortened there. The IP address transmitted by your browser as part of Google Analytics will not be merged with other data from Google.

During your website visit, your user behavior is recorded in the form of "events". Events can be:

- Page views

- First visit to the website

- Start of session

- Your "click path", interaction with the website

- Scrolls (whenever a user scrolls to the bottom of the page (90%))

- clicks on external links

- internal search queries

- interaction with videos

- seen / clicked ads

Also recorded:

- Your approximate location (region)

- your IP address (in shortened form)

- technical information about your browser and the end devices you use (e.g. language setting, screen resolution)

- your internet service provider

- the referrer URL (via which website/ via which advertising medium you came to this website)

Purposes of the processing

On behalf of the operator of this website, Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity. The reports provided by Google Analytics are used to analyze the performance of our website and the success of our marketing campaigns.

Recipients

Recipients of the data are/may be

Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (as processor according to Art. 28 DSGVO).

Google LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA

Alphabet Inc, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA

It cannot be ruled out that US authorities may access the data stored by Google.

Third country transfer

Insofar as data is processed outside the EU/EEA and there is no level of data protection corresponding to the European standard, we have concluded EU standard contractual clauses with the service provider to establish an appropriate level of data protection. The parent company of Google Ireland, Google LLC, is based in California, USA. A transfer of data to the USA and access by US authorities to the data stored by Google cannot be ruled out. The USA is currently considered a third country from a data protection perspective. You do not have the same rights there as within the EU/EEA. You may not be entitled to any legal remedies against access by authorities.

Storage period

The data sent by us and linked to cookies are automatically deleted after 2 OR 14 months. Data whose retention period has been reached is automatically deleted once a month.

Legal basis

The legal basis for this data processing is your consent pursuant to Art.6 para.1 p.1 lit.a DSGVO.

Revocation

You can revoke your consent at any time with effect for the future by clicking on the fingerprint at the left bottom of the screen and changing your selection there. The lawfulness of the processing carried out on the basis of the consent until the revocation remains unaffected.

Alternatively, you can prevent the storage of cookies from the outset by setting your browser software accordingly. However, if you configure your browser to refuse all cookies, you may experience limitations in functionality on this and other websites. In addition, you can prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) to Google and the processing of this data by Google, by

a. Not giving your consent to the setting of the cookie or

b. downloading and installing the browser add-on to disable Google Analytics HERE.

For more information on Google Analytics' terms of use and Google's privacy policy, please visit marketingplatform.google.com/about/analytics/terms/us/

and at policies.google.com.

Google Re/Marketing Services

We use the marketing and remarketing services (in short "Google marketing services") of the provider Google LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA, to optimize and economically operate our online offer. The responsible party for users in the EU/EEA and Switzerland is Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland.

Google's marketing services allow us to display advertisements for our website in a more targeted manner in order to present you only with ads that potentially match your interests. For example, if you are shown ads for our services on other websites, this is referred to as "remarketing". For these purposes, when you call up our website and other websites on which Google marketing services are active, a code is executed directly by Google and so-called (re)marketing tags (invisible graphics or code, also known as "web beacons") are integrated into the website. With their help, an individual cookie, i.e. a small file, is stored on your device (comparable technologies can also be used instead of cookies).

The cookies can be set by various domains, including google.com, doubleclick.net, invitemedia.com, admeld.com, googlesyndication.com or googleadservices.com. This file records which websites you visited, which content you were interested in and which offers you clicked on, as well as technical information on the browser and operating system, referring websites, time of visit and other information on the use of the online offer. Your IP address is also recorded, whereby we inform you within the scope of Google Analytics that the IP address is shortened within member states of the European Union or in other contracting states to the Agreement on the European Economic Area and only in exceptional cases is transferred in full to a Google server in the USA and shortened there.

The IP address will not be merged with your data within other Google offers. The aforementioned information may also be combined on the part of Google with such information from other sources. If you subsequently visit other websites, you can be shown ads tailored to your interests.

We process your data as part of the Google marketing services pseudonymously. This means that Google does not store and process your name or e-mail address, for example, but processes the relevant data on a cookie basis within pseudonymous user profiles. The information collected by Google marketing services about users is transmitted to Google and stored on Google's servers in the USA.

The Google marketing services we use include the online advertising program "Google Ads" (formerly: "Google AdWords"). In the case of Google Ads, each Ads customer receives a different "conversion cookie". Cookies can therefore not be tracked across Ads customers' websites. The information obtained using the cookie is used to create conversion statistics for Ads customers who have opted in to conversion tracking. Ads customers learn the total number of users who clicked on their ad and were redirected to a page tagged with a conversion tracking tag. However, they do not receive any information that can be used to personally identify users.

Furthermore, we may use the "Google Tag Manager" to integrate and manage Google analytics and marketing services on our website.

To the extent that data is processed outside the EEA, where there is no level of data protection equivalent to the European standard, we have concluded EU standard contractual clauses with the service provider to establish a secure level of data protection.

For more information on the use of data for marketing purposes by Google, please refer to the overview page: www.google.com/policies/technologies/ads , Google's privacy policy is available at www.google.com/policies/privacy.

The collection and storage of data only takes place after explicit consent according to Art. 6 para. 1 p. 1 lit. a) DSGVO. This can be revoked at any time with effect for the future.

Bing Ads

This website uses Bing Ads, a service of Microsoft (Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA). A cookie is set by Microsoft Bing Ads if you have come across our website via a Microsoft Bing advert. In this way, it can be shown that a person has clicked on an advert, was redirected to our website and has reached a pre-determined target page (conversion page). We are only informed of the total number of users who have clicked on a Bing advert and were then redirected to the conversion page. No personal information concerning the identity of the user is disclosed. Further information concerning data protection and the cookies used by Microsoft Bing can be found on the website of Microsoft.

THN

We work together with THN (The Hotels Network), Muntaner 262, 3º, 08021 Barcelona, Spain as our processor.

When you visit our website, THN stores a cookie on your computer. Your IP address is also processed. The cookie does not store your IP address, but a string of characters (cookie ID). This cookie ID is also stored on THN's servers. The next time you visit THN, only this ID is read, enabling identification of the Internet browser you are using in the THN network. This does not allow THN to identify you personally. If THN also processes your e-mail address (so that you can complete your booking at a later date if necessary), this will only be done with your consent. ID and e-mail are not merged by THN.

The purpose of this data processing is to be able to show you widgets and notifications that are automatically selected based on your surfing behaviour in order to optimise the relevance of these ads for you (so-called "personalised" or "behaviour-based advertising delivery" or "behavioural targeting"). The aim is to present you only those ads that might be of interest to you.

The THN cookies have an expiration date and expire automatically after a maximum of two years. Without a valid cookie file, the character string stored on THN's servers can no longer be assigned by the provider.

If you do not want the processing operations described above to take place, you can prevent the cookies required for these technologies from being saved, for example, by changing your browser settings. You can also prevent your data from being processed by THN's scripts with the help of additional programs for your browser (e.g. with the add-on Ghostery or NoScript).

Facebook Custom Audiences

Custom Audience Pixel, a service of Facebook Inc., (1601 S. California Ave, Palo Alto, CA 94304, USA), is a small piece of Java script code which we have integrated into all of our websites. This piece of code provides a number of functions for the sending of application specific events and user defined data to Facebook. We use Custom Audience pixels in order to record information concerning the way in which visitors use our website. This pixel records and provides Facebook with information concerning the browser setting of the user, a hashed version of the Facebook ID and the URL which is being visited. Each Facebook user thus possesses a clear and device-independent Facebook ID, whereby it is possible to address the user via more than one device on the social network Facebook and to recognise him or her, so that we can target our visitors again for advertising purposes by means of Facebook adverts. After 180 days, the user information is deleted until the visitor accesses our website again. Therefore, no personal information is disclosed to MEININGER in relation to the individual website visitors and we can only solicit website customer target groups once the target customer group has reached a critical mass in terms of numbers. Further information concerning Facebook and its private sphere settings above and beyond the details set out can be found in the Data Policy and the Terms of Service of Facebook Inc.

Facebook Fanpage

1. General information

Social media have become an integral part of the Internet and modern communication. In order to stay in contact with our customers and interested parties, we have also set up our own fan page on Facebook. Facebook is a service of Facebook Inc, 1601 S. California Ave, Palo Alto, CA 94304, USA.

We expressly draw attention to the fact that Facebook stores data (e.g. IP address, preferences and personal interests, behavior on Facebook pages, any personal information stored on Facebook, etc.) of users and uses it for business purposes.

We have no influence on the processing and further use of this data, as Facebook alone determines the processing. To what extent, where and for how long the data is stored, to what extent the data is linked and evaluated and to whom the data is passed on is currently not comprehensible to us. Also with regard to deletion periods, i.e. whether and to what extent deletion periods are observed, we have no insight and no influence.

Information from Facebook itself about what information is collected can be found in Facebook's privacy policy, which can be viewed here: www.facebook.com/about/privacy/

If you are a Facebook member and logged into your Facebook user account, Facebook can associate your visit to our site with your user account. If you would like to prevent Facebook from linking data about your visit to our Fanpage with your membership data stored on Facebook, you must

- log out of Facebook before each visit to our fan page

- delete the cookies stored on your device

- and close and restart your browser.

In this way, according to Facebook, all information by which you can be identified by Facebook will be deleted.

2. Scope of data collection and storage

You do not need to be a Facebook member to view the content on our Facebook Fanpage. However, data is collected, stored and used by Facebook every time you visit our page. ln the moment you call up our fan page, your browser establishes a connection with a Facebook server. In the process, data may be transferred to countries outside the European Union. In any case, regardless of whether you are registered with Facebook or not, your IP address will be transmitted and cookies will be set. If you are a Facebook member and logged into your Facebook user account, Facebook can associate your visit to our site with your user account.

Cookies used include session cookies, which are deleted when the browser is closed, and persistent cookies, which remain on the terminal device until they expire or are deleted by the user. A cookie is a tiny text file that allows a website to recognize a browser. Cookies are stored on the computer when a website is called up and are retrieved and read the next time the web server is called up. You can decide yourself via your browser settings whether and which cookies you want to allow, block or delete. You can find instructions for various browsers here: Internet ExplorerFirefoxGoogle ChromeGoogle Chrome mobileMicrosoft EdgeSafariSafari mobile. Alternatively, you can also install so-called ad blockers, such as Ghostery.

According to Facebook, the cookies used by Facebook are for authentication, security, website and product integrity, advertising and measurement, website features and services, performance, and analytics and research. Details about the cookies used by Facebook (e.g., cookie names, function duration, content collected, and purpose) can be viewed here: www.facebook.com/policies/cookies/ by following the links there. You can make settings regarding which advertisements are to be displayed or no longer displayed to you by Facebook at www.facebook.com/about/basics/advertisingand at www.youronlinechoices.com.

Under the aforementioned link, you can manage your preferences regarding usage-based online advertising. If you object to usage-based online advertising with a particular provider using the preference manager, this will only apply to the particular business data collection via the web browser you are currently using. The preference management is cookie-based. Deleting all browser cookies will also remove the preferences you have set using the preference manager.

Automated decision-making including profiling according to Art. 22 DSGVO does not take place.

In principle, we store personal data only until the respective purpose for which the data was collected has been achieved. In the context of a business relationship with you, we store your personal data as long as the business relationship lasts, this also includes the initiation and the execution of a contract as well as the regular limitation period. In addition, we store the data if and to the extent that we are subject to statutory retention obligations. Such obligations may arise, for example, from the German Commercial Code (HGB) or the German Fiscal Code (AO).

If you have given us consent for a processing operation, the data related to the granting of consent will be stored until revoked or, at the latest, for the duration of the processing operation and after its termination within the scope of the statute of limitations.

3 Facebook Insights

For statistical evaluation purposes, we use the Facebook Insights function. In this context, we receive anonymized data on the users of our Facebook fan page. It is not possible for us to draw any conclusions about your person. For further information, please refer to Facebook's cookie policy. 

4. Disclosure and use of personal data

Insofar as you interact within the framework of Facebook, Facebook naturally also has access to your data. Facebook is located here in an insecure third country, in which the level of data protection is lower. The data transfer is based on the so-called standard data protection clauses. You can find more information about this HERE.

5. Legal bases

If the processing is necessary to protect a legitimate interest of our company or a third party and the interests, fundamental rights and freedoms of the data subject do not outweigh the former interest, Art. 6 (1) lit. f DSGVO is the legal basis for the processing. We see our legitimate interest for data processing in the presentation of our company and our products as well as services for your information and in particular in the provision of up-to-date communication options for and with you.

6. Jointly responsible for the processing

MEININGER Shared Services GmbH

Obentrautstrasse 72,

10963 Berlin

Germany

and

Facebook Ireland Ltd.

4 Grand Canal Square, Grand Canal Harbour,

D2 Dublin

Ireland

According to the European Court of Justice (ECJ), we are jointly responsible with Facebook for the processing of your personal data. The ECJ's decision of 05.06.2018 can be found here.

Through the joint responsibility, we inform you in view of Art. 26 DS-GVO about the following about the essence of the joint responsibility agreement existing between us and Facebook: www.facebook.com/legal/terms/page_controller_addendum 

When you stay with us, we gather personal data about you. More information about how we process your personal data can be found in our information sheet for customers and guests, which you receive from the Reception or can download here.

If you contact us by telephone or in writing with support issues or reservation requests, we record your name, company name, query and, if applicable contact details for a response or return call, should the gathering of this information be necessary in order to carry out the processing. Your data is used to process your query. The legal basis is Article 6 Paragraph 1 b) and f) GDPR. A phone call is only recorded if you have issued your express agreement to this (§ 6 Paragraph 1 a) GDPR). The recording takes place in order to check the quality of our customer support and to improve it. 

In order to better understand how our necessary emails (booking confirmation, etc.) are used, we evaluate your user behavior after dispatch. For this evaluation, the e-mails sent contain so-called web beacons, also known as tracking pixels. These are one-pixel image files that link to our website and thus enable us to evaluate your user behavior. Links contained in the mails themselves also contain these.

The data is collected exclusively under pseudonyms, so the IDs are not linked to your other personal data, and there is no possibility of direct personal reference.

More information about how we process your personal data can be found in our information sheet for customers and guests, which you receive from our Service Center or can download here.

Should you provide us with your contact data at a trade fair, for example by handing your visitor card to us, participating in a competition (see 3.1.2) or subscribing to our newsletter (see 3.1.3), we record this data in our CRM system. We use this data to get in touch with you as requested, to enter into a business relationship and to provide you with information material.

So that MEININGER can process your data for the purposes described above, it may be necessary for other recipients also to view and process your data.

4.1 Recipients within the MEININGER Group

In certain cases, it may be necessary for us to distribute your data across the Group. However, data processing within the MEININGER Group only takes place if this is permitted by law. For example, this is the case if other companies of the MEININGER Group work for us in connection with the processing of an order or if a legitimate interest under Article 6 Paragraph1 f) GDPR is present. You can find a list of other companies of the MEININGER Group here.

4.2 External service providers (processors)

Your data will be passed on to service partners, should these work on our behalf and support MEININGER in the provision of its services. For example, should you subscribe to our newsletter, we have engaged a service provider in relation to the sending of the newsletter. Processing of your personal data by commissioned service providers takes place within the framework of order processing in accordance with Article 28 GDPR.

Our mail communication is managed on our behalf by a service provider based in Germany. This service provider performs the technical dispatch and administration of the mail communication for us and also processes personal data in this context. A transfer of your data to third parties does not take place unless we are legally obliged to do so or the data transfer is necessary for the execution of the contractual relationship. We ensure by legal, technical and organizational measures as well as by regular controls that personal data are processed on the basis of our instructions, in agreement with these data protection references and thus according to GDPR.

4.3 Other service providers, partners and third parties

MEININGER can co-operate with other partners, should this be necessary in order to fulfil the services which we offer or should we be legally obliged to hand over data. This can include the following partners or third parties:

- Banks and payment providers

- Public sector entities / authorities or by court order

- Police / customs authorities 

We prefer to process your data within the EU / EEA. However, it may be the case that we use service providers which are located outside of the EU / EEA. In such cases, we ensure that prior to the transfer of your personal data, a reasonable level of data protection is guaranteed. This means that by means of EU standard contracts or adequacy resolutions a data protection level which is comparable to the standards within the EU is attained.

We delete personal data of the data subject once the purpose of the storage no longer applies and provided that statutory retention obligations do not prevent a deletion.

You have the following rights in relation to us concerning your personal data:

7.1 General rights

You have the right of access, correction, erasure, restriction of processing, objection to the processing and of data portability. Should processing take place with your consent, you have the right to revoke this in relation to us with effect for the future.

7.2 Rights in the case of data processing based on a legitimate interest

In accordance with Article 21 Paragraph 1 GDPR, you have the right at any time, for reasons connected to your specific situation, to raise an objection to the processing of personal data relating to you, which takes place under Article 6 Paragraph 1 e) GDPR (data processing in the public interest), or under Article 6 Paragraph 1 f) GDPR (data processing in order to safeguard a legitimate interest). This also applies to profiling which is based on this regulation. In the event that you raise an objection, we will no longer process your personal data, unless we can provide proof of mandatory protectable reasons for the processing which take priority over your interests, rights and freedoms or the processing takes place in order to assert, exercise or defend legal claims. 

7.3 Rights in the case of direct advertising

Should we process your personal data in order to carry out direct advertising, then in accordance with Article 21 Paragraph 2 GDPR you have the right to raise an objection at any time to the processing of the personal data relating to you for the purpose of such advertising. This also applies to the profiling, should it be connected with such direct advertising.

Should you raise an objection against the processing for the purpose of direct advertising, we will no longer process your personal data for these purposes.

7.4 Right to complain to a supervisory authority

You also have the right to complain to a competent data protection supervisory authority in relation to the processing of your personal data by us.

8.1 Changes to the data protection declaration

This data protection declaration which has been issued is continually adjusted in the course of further developments related to the Internet or the services we offer. We will provide timely notification of such changes on this page. In order to remain up-to-date concerning the current status of our data protection provisions, please visit this page regularly.

8.2 Links to other websites

Our websites may contain links to websites of other providers. We wish to point out that this data protection declaration only applies to the websites of MEININGER. We have no influence over whether other providers comply with the applicable data protection provisions and do not monitor this.