NOTE ON DATA PROTECTION
ACCORDING TO THE BASIC DATA PROTECTION REGULATION

Here you will find all information on the collection and processing of your personal data:
Data protection information according to Art. 13 para. 3 GDPR. (PDF approx. 180 KB)

Your personal rights are a top priority for us, and we endeavour to protect these rights to the best of our ability. We would like to inform you about the type, purpose and scope of the processing of personal data within our online offering (website and integrated services and functions).

We have implemented numerous technical and organisational measures to ensure that the personal data processed is protected as completely as possible. Our security measures are continuously improved in line with technological developments. Nevertheless, data transmission over the Internet may be subject to security vulnerabilities, meaning that absolute protection cannot be guaranteed. You are therefore free to transmit personal data to us by other means, e.g. by telephone.

English version with Google Translate
Version française avec Google Translate

Nature and purpose of the data processed

Type of data processed

Address data (first name and surname, address, telephone number, e-mail address)
Text entries (messages), photographs (uploads)
Usage data, websites visited, access times
IP addresses and metadata (device information)

Data subjects

Visitors and users of our online offering

Purpose of the processing

Provision of the online presence with content and functions
Processing of bookings and orders
Processing of contact enquiries and messages sent
Security measures
Statistical analyses

Controller responsible for the processing

The controller within the meaning of the General Data Protection Regulation is

Family Frank
Sachsenweg 11
87561 Oberstdorf
Oberstdorf Germany
Phone +49 8322 7060
Fax +49 8322 706286
info@hotel-franks.de

In this data protection information we inform you about the most important aspects of data processing in the context of our website.

General information
It is generally possible to use our website without providing personal data. Insofar as personal data (e.g. name, address or e-mail addresses) is collected on our website, this is always done on a voluntary basis as far as possible. This data will not be passed on to third parties without your express consent. We would like to point out that data transmission over the Internet (e.g. when communicating by e-mail) may be subject to security vulnerabilities. Complete protection of data against access by third parties is not possible.

Web server log
To ensure the smooth functioning of websites and, if necessary, to rectify errors, there are always logs on the web server where IP addresses are stored. Like many other companies, we also operate our website via the servers of a professional service provider. Although IP addresses alone do not constitute personal data, they could theoretically be assigned to individuals with the help of tracking tools. In addition, the time, browser type and page accessed are stored. These logs are deleted after one month.

Contact form
If you send us enquiries via the contact form, your details from the enquiry form, including the contact details you provide there, will be stored by us for the purpose of processing the enquiry and in the event of follow-up questions.

However, your accommodation enquiry can only be used by you and sent to us electronically if you expressly agree to this data protection and data use declaration by clicking on it.

We will not pass on this data without your consent. In this respect, please note our privacy policy.

Cookies
Our website uses so-called cookies. To protect your privacy on our website, we use the services of Cookiebot CMP - a brand of Cybot Denmark. Cookiebot CMP realises its ePrivacy vision with three fully automated main functions: Cookie Consent, Cookie Monitoring and Cookie Control. This ensures full compliance with data protection laws through a respectful and transparent data exchange based on the consent given between end users and our websites.

Cookies are small text files that are stored on your end device with the help of the browser. They do not cause any damage. We use cookies to make our website more user-friendly. Some cookies remain stored on your end device until you delete them. They enable us to recognise your browser on your next visit. If cookies are deactivated, the functionality of our website may be limited.

Web analysis
Our website uses functions of the web analysis services Google Analytics and Matomo. The provider of Google Analytics is Google Inc, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA. Matomo runs on the servers of Cookis GmbH, 6460 Imst, Franz Xaver Rennstraße 4 (Bakehouse customers). Cookies are used for this purpose, which enable your use of the website to be analysed. The information generated in this way is transferred to the server of the respective provider and stored there.

You can prevent this by setting up your browser so that no cookies are stored. Your IP address is recorded but immediately pseudonymised by deleting the last eight bits, which means that only a rough localisation is possible.

Data processing is carried out on the basis of the statutory provisions of Section 96 (3) TKG and Art. 6 (1) (a) (consent) and/or (f) (legitimate interest) of the GDPR.

Our concern within the meaning of the GDPR (legitimate interest) is the improvement of our offer and our website. As the privacy of our users is important to us, the user data is pseudonymised.

Booking system
Our bookings are processed using software from HotelNetSolutions (registered office: Genthiner Straße 8, D 10785 Berlin, Germany, privacy policy). This service provider is used on the basis of our legitimate interests pursuant to Art. 6 para. 1 lit. f GDPR and an order processing contract pursuant to Art. 28 para. 3 sentence 1 GDPR and does not use the resulting personal data itself or pass it on to third parties.

Data collected during a booking (address data with address, communication data such as telephone number and e-mail address) as well as details of the accompanying persons (names, dates of birth) are stored in a customer relationship management system ("CRM system"). If you provide special personal data that is relevant to the fulfilment of our services, e.g. allergy-related intolerances, this will also be stored. We delete this data if it is no longer required to fulfil your request. We review the necessity every two years; the statutory archiving obligations also apply.

Newsletter
Our newsletters are sent using software from brandnamic (registered office: Luis-Zuegg-Str. 40 | 39012 Merano | Italy, privacy policy) The mailing service provider is used on the basis of our legitimate interests pursuant to Art. 6 para. 1 lit. f GDPR and an order processing contract pursuant to Art. 28 para. 3 sentence 1 GDPR. The mailing service provider may use the data of the recipients in anonymised form to optimise or improve its own software, to technically optimise the mailing, the presentation of the newsletter or for statistical purposes.

However, the mailing service provider does not use the data of our newsletter recipients to write to them itself or to pass the data on to third parties. Every newsletter we send contains a direct unsubscribe link.

Use of Google TagManager
This website uses Google Tag Manager, a web analytics service provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Google is certified under the Privacy Shield Agreement and thus offers a guarantee of compliance with European data protection law. Please also refer to Google's privacy policy.

Google Tag Manager is a solution that allows marketers to manage website tags via an interface. The Tag Manager tool itself (which implements the tags) is a cookie-free domain and does not collect any personal data. The tool triggers other tags, which in turn may collect data. Google Tag Manager does not access this data. If a deactivation has been made at domain or cookie level, this remains in place for all tracking tags that are implemented with Google Tag Manager.

Use of Google AdWords conversion tracking
We use the "Google Conversion Tracking" function of the "AdWords" service from the provider Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Google is certified under the Privacy Shield Agreement and thus offers a guarantee of compliance with European data protection law. Please also note Google's privacy policy.

If you have reached our website via an advert placed by Google, Google Adwords will set a cookie on your computer. The cookie for conversion tracking is set when a user clicks on an advert placed by Google. These cookies lose their validity after 30 days and are not used for personal identification. If the user visits certain pages of our website and the cookie has not yet expired, we and Google can recognise that the user clicked on the ad and was redirected to this page. Each Google AdWords customer receives a different cookie. Cookies can therefore not be tracked via the websites of AdWords customers. The information collected using the conversion cookie is used to generate conversion statistics for AdWords customers who have opted for conversion tracking. Customers find out the total number of users who clicked on their advert and were redirected to a page with a conversion tracking tag. However, they do not receive any information that can be used to personally identify users.

If you do not wish to participate in tracking, you can refuse the setting of a cookie required for this - for example, by changing your browser settings to generally deactivate the automatic setting of cookies or by setting your browser to block cookies from the domain "googleleadservices.com".

Use of Google Remarketing
We use the remarketing function of the provider Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Google is certified under the Privacy Shield Agreement and thus offers a guarantee of compliance with European data protection law. Please also refer to Google's privacy policy.

The function is used to present interest-based adverts to website visitors within the Google advertising network. A so-called "cookie" is stored in the website visitor's browser, which makes it possible to recognise the visitor when he or she visits websites that belong to the Google advertising network. On these pages, the visitor can be presented with adverts that relate to content that the visitor has previously accessed on websites that use Google's remarketing function.

According to its own information, Google does not collect any personal data during this process. However, if you do not wish to use Google's remarketing function, you can always deactivate it by making the appropriate settings. Alternatively, you can deactivate the use of cookies for interest-based advertising via the advertising network initiative by following these instructions.

Google Maps - Privacy policy for use
This website uses the Google Maps product from Google Analytics is Google Inc, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA. By using this website, you consent to the collection, processing and use of the automatically collected data by Google Inc, its representatives and third parties. The terms of use of Google Maps can be found under "Terms of use of Google Maps": https://policies.google.com/privacy.

Use of Google Fonts
We use Google Fonts on our website. This allows us to integrate certain fonts into our website. These fonts are provided by Google via servers in the USA. When accessing our website, the visitor's web browser establishes a direct connection to these servers. Among other things, the visitor's IP address is transmitted to Google and stored there. Google participates in the EU-US Privacy Shield: www.privacyshield.gov/EU-US-Framework

Further information about Google: Google Inc, 1600 Amphitheater Parkway, Mountainview, California 94043, USA. Further information on data protection at Google: https://www.google.com/policies/privacy/

SSL encryption
This site uses SSL encryption for security reasons and to protect the transmission of confidential content, such as the enquiries you send to us as the site operator. You can recognise an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in your browser line. If SSL encryption is activated, the data you send to us cannot be read by third parties.

Meta plugins (Like button) - privacy policy for use
Plugins from the social network Meta Platforms Ireland Limited, Merrion Road Dublin 4, D04 X2K5, Ireland are integrated on our website. You can recognise the Meta plugins by the Meta logo or the "Like" button on our site. You can find an overview of the Meta plugins here: http://developers.facebook.com/docs/plugins/ When you visit our website, a direct connection is established between your browser and the Meta server via the plugin. Meta receives the information that you have visited our site with your IP address. If you click on the Meta "Like" button while you are logged into your Meta account, you can link the content of our pages to your Meta profile. This allows Meta to associate your visit to our pages with your user account. We would like to point out that, as the provider of the pages, we have no knowledge of the content of the transmitted data or its use by Meta. You can find further information on this in Meta's privacy policy at https://de-de.facebook.com/policy.php

If you do not want Meta to be able to associate your visit to our pages with your Meta user account, please log out of your Meta user account.

Instagram - privacy policy for use
Functions of the Instagram service are integrated on our pages. These functions are offered by Meta Platforms Ireland Limited, 1 Hacker Way, Menlo Park, CA, 94025, USA. If you are logged into your Instagram account, you can link the content of our pages to your Instagram profile by clicking on the Instagram button. This allows Instagram to associate your visit to our pages with your user account. We would like to point out that, as the provider of the pages, we have no knowledge of the content of the transmitted data or its use by Instagram.

Further information on this can be found in Instagram's privacy policy: https://instagram.com/about/legal/privacy/.

YouTube - Privacy policy for use
Our website uses plugins from the YouTube site operated by Google. The operator of the pages is YouTube, LLC, 901 Cherry Ave, San Bruno, CA 94066, USA. When you visit one of our pages equipped with a YouTube plugin, a connection to the YouTube servers is established. The YouTube server is informed which of our pages you have visited.

If you are logged into your YouTube account, you enable YouTube to assign your surfing behaviour directly to your personal profile. You can prevent this by logging out of your YouTube account.

Further information on the handling of user data can be found in YouTube's privacy policy at https://www.google.de/intl/de/policies/privacy.

Data protection for children
Our Website is not directed to children and we do not intentionally solicit or collect personal information from anyone under the age of 18. If we are notified or otherwise become aware that personal information about a minor has been improperly collected, we will use commercially reasonable efforts to delete that information.

Your rights
In principle, you have the rights to information, rectification, erasure, restriction, data portability, cancellation and objection. If you believe that the processing of your data violates data protection law or your data protection rights have been violated in any other way, you can lodge a complaint with the supervisory authority. In Bavaria, this is the Bavarian State Office for Data Protection Supervision in Ansbach.

Validity of the privacy policy
By using our website, you consent to the use of data as described above. It may become necessary to amend this privacy policy due to the further development of our website or the implementation of new technologies. We reserve the right to amend the privacy policy at any time with effect for the future. We therefore recommend that you read the data protection declaration again regularly.

OUR SOCIAL MEDIA PRESENCE

Data processing by social networks

We maintain publicly accessible profiles on social networks. The individual social networks we use are listed below.

Social networks such as Meta, Twitter etc. can generally analyse your user behaviour comprehensively when you visit their website or a website with integrated social media content (e.g. like buttons or advertising banners). Visiting our social media presences triggers numerous data protection-relevant processing operations. In detail:

If you are logged into your social media account and visit our social media presence, the operator of the social media portal can assign this visit to your user account. However, your personal data may also be collected if you are not logged in or do not have an account with the respective social media portal. In this case, this data collection takes place, for example, via cookies that are stored on your end device or by recording your IP address.

With the help of the data collected in this way, the operators of the social media portals can create user profiles in which your preferences and interests are stored. In this way, interest-based advertising can be displayed to you inside and outside the respective social media presence. If you have an account with the respective social network, the interest-based advertising can be displayed on all devices on which you are logged in or have been logged in.

Please also note that we cannot track all processing operations on the social media portals. Depending on the provider, further processing operations may therefore be carried out by the operators of the social media portals. For details, please refer to the terms of use and data protection provisions of the respective social media portals.

Legal basis

Our social media presence is intended to ensure the widest possible presence on the Internet. This is a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR. The analysis processes initiated by the social networks may be based on different legal bases, which must be specified by the operators of the social networks (e.g. consent within the meaning of Art. 6 para. 1 lit. a GDPR).

Controller and assertion of rights

If you visit one of our social media sites (e.g. Meta), we are jointly responsible with the operator of the social media platform for the data processing operations triggered during this visit. You can assert your rights (information, rectification, erasure, restriction of processing, data portability and complaint) both against us and against the operator of the respective social media portal (e.g. against Meta).

Please note that, despite our joint responsibility with the social media portal operators, we do not have full control over the data processing operations of the social media portals. Our options are largely determined by the company policy of the respective provider.

Storage period

The data collected directly by us via the social media presence will be deleted from our systems as soon as you ask us to delete it, revoke your consent to storage or the purpose for data storage no longer applies. Stored cookies remain on your end device until you delete them. Mandatory statutory provisions - in particular retention periods - remain unaffected.

We have no influence on the storage period of your data that is stored by the operators of social networks for their own purposes. For details, please contact the operators of the social networks directly (e.g. in their privacy policy, see below).

Social networks in detail

Instagram

We have a profile on Instagram. The provider of this service is Meta Platforms Ireland Limited, 1 Hacker Way, Menlo Park, CA, 94025, USA

Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://www.facebook.com/legal/EU_data_transfer_addendum, https://help.instagram.com/519522125107875 und https://de-de.facebook.com/help/566994660333381.

Details on how they handle your personal data can be found in Instagram's privacy policy: https://help.instagram.com/519522125107875.

XING

We have a profile on XING. The provider is New Work SE, Dammtorstraße 30, 20354 Hamburg, Germany. Details on how they handle your personal data can be found in XING's privacy policy: https://privacy.xing.com/de/datenschutzerklaerung.

We have a profile on LinkedIn. The provider is LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland. LinkedIn uses advertising cookies.

If you wish to deactivate LinkedIn advertising cookies, please use the following link: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.

Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://www.linkedin.com/legal/l/dpa und https://www.linkedin.com/legal/l/eu-sccs.

Details on how they handle your personal data can be found in LinkedIn's privacy policy: https://www.linkedin.com/legal/privacy-policy.

YouTube

We have a profile on YouTube. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. For details on how they handle your personal data, please refer to YouTube's privacy policy: https://policies.google.com/privacy?hl=de.

ADDITIVE+ LANDINGPAGE - Online Marketing and Landing Pages

Beside our website we do also operate optimized landing pages for means of hotel online marketing. To process your request, reservation, order, activation, registration or the transmission of other contact forms on our website as well as to save and store your data we use cloud services, CRM systems and software provided by ADDITIVE Srl, 39011 Lana (BZ), Italy (“ADDITIVE”), our partner in the field of hotel digital marketing. The adequate level of data protection is based on data processing agreements with the respective company.

Our landing pages use Google Analytics, a web analytics service provided by Google Inc. (“Google”). Google Analytics enables website operators to analyse the user behavior of the visitors. The information about the user behavior is transmitted to and stored by Google on its servers.

Your IP address is collected but immediately anonymised (for example by deleting the last 8 bits). As a result the geolocation data is less accurate.

You can prevent the data collection connected to your use of our online services through cookies and the processing of this data by Google, by installing the browser-plugin available at the following link:

https://chrome.google.com/webstore/detail/google-analytics-opt-out/fllaojicojecljbmefodhfapmkghcbnh

ADDITIVE has an insight into data gathered through Google Analytics. This data will be used only to analyse the use of our websites and to evaluate our marketing and distribution strategies.

Our website and landing pages also use functions provided by ADDITIVE for the multi-channel monitoring of the use of our websites as well as marketing and distribution strategies like landing pages, newsletter and social media presence. Information about your visits and submitted forms on our websites are also transmitted to ADDITIVE in order to evaluate and optimize our marketing and sales measures.

The data processing takes place in accordance with the requirements of art. 6 para. 1 lit f (legitimate interests) of the GDPR.

Our objective in accordance with the GDPR (legitimate interests) is the improvement of our products and services and our web presence through the analysis of the use of our website as well as marketing and distribution strategies.

Our website and our landing pages also use remarketing functions provided by Google Inc. (“Google”) and by Meta Platforms Inc. (“Meta”). Therefore, Meta and Google will know that you have visited our website. This way visitors of our website and of our landing pages will find ads adapted to their interests on Google’s advertising platforms and on the social media platforms Facebook and Instagram.

The data processing takes place in accordance with the requirements of art. 6 para. 1 lit a (consent) of the GDPR.

When you visit our landing pages a banner will inform you about the use of cookies for remarketing functions. Only by clicking on the corresponding button you consent to the use of these cookies. You can deny your consent anytime, by visiting the page containing the cookie information and denying the use in the banner that will be displayed.

ADDITIVE+ MARKETING AUTOMATION - Direct Marketing

In order to increase customer loyalty and to sell our services and additional services we use hotel online marketing software provided by ADDITIVE Srl, 39011 Lana (BZ), Italy (“ADDITIVE”) within the field of hotel marketing automation.

Therefore your data, which we gather and process in connection with your request, reservation, order, activation, registration or the transmission of other contact forms on our website, will be analysed and used to provide you with automatically generated offers for our services and additional services. Through the use of these services and systems your data will be processed and stored, at least in part, also outside of the EU or the EEC. The adequate level of data protection is based on data processing agreements.

You can deny the use of your data for this purpose anytime by clicking on the “unsubscribe” link in the respective message.

The data processing takes place in accordance with the requirements of art. 6 para. 1 lit f (legitimate interests) of the GDPR.

Our objective in accordance with the GDPR (legitimate interests) is the prevention of competitive disadvantages, the increase in brand awareness and the maximisation of our economic success through an optimal use of the acquired contacts.

ADDITIVE+ VOUCHERS

On our website you have the possibility to buy vouchers by using the integrated voucher software. To process your purchase and to save and store your data we use software provided by ADDITIVE Srl, 39011 Lana (BZ), Italy (“ADDITIVE”) in the context of voucher marketing. Through the use of these services and systems your data will be processed and stored in the EU.

The data you provide is required to fulfil the contract or to carry out pre-contractual measures. Without this data we cannot conclude a contract with you. The data will not be transferred to an outside third party, except for your credit card data which will be transferred to the payment provider and to our tax accountant to fulfil our tax obligations.

The data processing takes place in accordance with the requirements of art. 6 para. 1 lit b (processing necessary for the performance of a contract) of the GDPR.

ADDITIVE+ NEWSLETTER

On our website you have the possibility to subscribe to our newsletter. For the subscription we need your email address and your consent to receive our newsletter through ADDITIVE, our provider for hotel e mail marketing. To provide you with relevant information we also gather and process voluntary information concerning interests, name, date of birth and country/region of origin in our hotel newsletter tool.

After signing up for our newsletter you will receive an email containing a link to confirm the subscription.

Your subscription can be cancelled any time by clicking on the cancellation link in the respective newsletter.

To process your subscription, to send our newsletter and to determine openings and clicks we use software provided by ADDITIVE Srl, 39011 Lana (BZ), Italy (“ADDITIVE”). ADDITIVE uses the mailing service provider “Sinch Mailjet”, Paris, France to handle the secure delivery of the newsletter. Through the use of these services and systems your data will be processed and stored, at least in part, also outside of the EU or the EEC. The adequate level of data protection is based on data processing agreements.

ADDITIVE+ NEWSLETTER

After signing up for our newsletter you will receive an email containing a link to confirm the subscription.

Your subscription can be cancelled any time by clicking on the cancellation link in the respective newsletter.

Midweek-Deal

4 Nächte bleiben - nur 3 bezahlen

(Nicht kombinierbar mit anderen Arrangements.)

OUR SOCIAL MEDIA PRESENCE

Data processing by social networks

Legal basis

Controller and assertion of rights

Storage period

Social networks in detail

Meta

Instagram

XING

LinkedIn

YouTube

ADDITIVE+ LANDINGPAGE - Online Marketing and Landing Pages

ADDITIVE+ MARKETING AUTOMATION - Direct Marketing

ADDITIVE+ VOUCHERS

ADDITIVE+ NEWSLETTER

ADDITIVE+ NEWSLETTER