Thank you for your interest in TRIP INN Management & Service GmbH (hereinafter referred to as “TRIP INN” or “we”). Data protection is particularly important to us, and of course we observe the legal requirements of the General Data Protection Regulation (GDPR) and the Federal Data Protection Act (BDSG) when processing personal data.
By means of this data protection declaration, we would like to inform you about the type, scope and purpose of the personal data we collect, use and process, as well as your rights.
- Name and address of the person responsible for processing
The person responsible within the meaning of Art. 4 No. 7 GDPR is:
TRIP INN Management & Service GmbH
60326 Frankfurt am Main
Tel .: +496997944460
- Contact details of the data protection officer
You can contact our data protection officer using the following contact details:
The data protection officer of TRIP INN Management & Service GmbH
60326 Frankfurt am Main
Tel .: +496997944460
You can contact our data protection officer directly at any time with any questions or suggestions regarding data protection.
- Data processing principles by TRIP INN
You can use our website without providing your personal data. However, if you would like to use special services of our company either via our website or in other ways (such as booking a room in our hotels, registering for our newsletter, etc.), it may be necessary to process personal data. If the processing of personal data is necessary and there is no legal basis for the specific processing, the data processing will only take place with your consent.
Of course, we have taken numerous technical and organizational measures to ensure the most complete protection possible for the personal data we process. However, we would like to point out that Internet-based data transfers can generally have security gaps, so that absolute protection cannot be guaranteed. For this reason, every person is free to transmit their personal data to us in alternative ways, for example by telephone.
- Data collected when the website is accessed
When you visit our website, the web server we use automatically logs information that your browser transmits to us. The data collected in this way is stored in the so-called log files of the server. As a rule, the type of browser used and its version, the operating system used by the accessing system, the website from which the accessing system reaches our website (so-called referrer URL), the pages accessed, the date and time of access are recorded on our website, the IP address of the accessing computer, the internet service provider of the accessing system and, if necessary, other similar data and information that serve to avert danger in the event of attacks on our iIT systems.
The processing of this data, in particular the IP address of the accessing computer and the other aforementioned data, by us or our web space provider is absolutely necessary to enable delivery of our website at all. For this, your IP address must be stored for the duration of the session. When using this general data and information, we do not draw any conclusions about the person concerned. We also do not combine this data with other data from other sources. The legal basis for this data processing to enable the use of the website is Article 6 Paragraph 1 Sentence 1 Letter f) GDPR, whereby our legitimate interest is the provision of our website, i.e. the permanent functionality of our IT systems and the technology of our website.
In addition, we only save the aforementioned data, including the IP addresses, in anonymized form and only use them in this anonymized form to analyze the use of the offer and the further development and optimization of our Internet offer, also on the basis of Art. 6 Para. 1 S. 1 lit.f) GDPR. Our legitimate interest is the continuous improvement of our offer in order to offer you the greatest possible user comfort.
We reserve the right to check this data retrospectively if we become aware of specific indications of illegal use. We may also use this data to provide law enforcement authorities with the information necessary for law enforcement in the event of a cyber attack. This check is carried out exclusively to detect and prevent illegal use of our website on the basis of Art. 6 Para. 1 S. 1 f) GDPR. Our legitimate interest is to guarantee the security of our offer and the prevention of improper use, in order to ultimately ensure an optimal level of protection for the personal data we process.
- Collection and processing of the data you submit
So that we can actually provide our services, we may need your personal data. This applies both to the reservation of hotel rooms and to the sending of information material or answering individual inquiries. The basis of this storage and processing of your personal data, which you transmit to us for such purposes, is Art. 6 Para. 1 S. 1 lit. b) GDPR, insofar as you provide us with this personal data for the purpose of initiating a contract, e.g. inquiries for booking a hotel room for a certain period of time. Otherwise, this storage and use takes place on the basis of Art. 6 Para. 1 S. 1 lit.f) GDPR, whereby our legitimate interest is the processing of your request.
If you entrust us with the provision of a service, we collect, store and use your personal data only to the extent that it is necessary for the provision of the service or the execution of the contract (in particular for the reservation of hotel rooms). The legal basis for the associated data processing is Art. 6 Para. 1 S. 1 lit. b) GDPR. It may also be necessary to pass on your personal data to companies that we use to provide the service or to process contracts (service providers such as the booking functions of Availpro SAS). This transmission to the service providers we use then takes place on the basis of Art. 6 Para. 1 S. 1 lit. b) GDPR.
In all cases in which the data processing serves to fulfill the contract as described above, the provision of your personal data is required for the conclusion of the contract (cf. Art. 13 Para. 2 lit. e) GDPR). It is not possible for us to execute the contract without your personal data.
- Contact option via the website
If you contact us by e-mail or using the contact form available on our website, your details from the contact form, including the contact details you provided there, will be used to fulfill the purpose associated with the transmission, e.g. to process your request and in the event of follow-up questions, stored and used by us. We do not pass this data on to third parties without your consent or a legal obligation or authorization.
The basis of this storage and use of this personal data is Article 6 Paragraph 1 Sentence 1 Letter b) GDPR, provided that you enter this personal data for the purpose of initiating a contractual relationship with us. Only in this case is the input of personal data required within the meaning of Art. 13 Para. 2 lit. e) GDPR. Otherwise, this storage and use takes place on the basis of Art. 6 Para. 1 S. 1 lit.f) GDPR, whereby our legitimate interest is the careful processing of your request.
- Subscription to our newsletter
You can subscribe to our newsletter on our TRIP INN Management & Service GmbH website. TRIP INN informs its customers and business partners about current offers at regular intervals by means of a newsletter. You can only receive this newsletter if (1) you provide a valid e-mail address and (2) you register for the newsletter. For legal reasons, a confirmation e-mail using the double opt-in procedure will be sent to the e-mail address you entered for the newsletter for the first time during registration. This confirmation email is used to check whether the owner of the email address, as the person concerned, has authorized receipt of the newsletter.
When you register for the newsletter, we also save the IP address assigned by the Internet service provider (ISP) of the computer system you were using at the time of registration, as well as the date and time of registration. The collection of this data is necessary to safeguard our legitimate interests in accordance with Art. 6 Para. 1 S. 1 lit.f) GDPR in order to be able to trace the (possible) misuse of the e-mail address of a data subject at a later point in time and therefore serves our legal protection.
The personal data collected when registering for the newsletter will only be used to send our newsletter. The personal data collected as part of the newsletter service will not be passed on to third parties. You can cancel your subscription to our newsletter at any time. You can revoke your consent to the storage of your email address and its use for sending the newsletter at any time. There is a corresponding link in every newsletter for the purpose of withdrawing consent. It is also possible to unsubscribe from the newsletter dispatch directly on our website at any time or to inform us of this in another way. The legal basis for data processing in connection with the newsletter is your consent (Art. 6 Para. 1 S. 1 a) GDPR).
- Transfer of personal data
Your personal data will only be passed on to third parties with your express consent (e.g. when you collect your guest feedback on our services via the TrustYou GmbH evaluation tools). The only exceptions to this are transmissions to our service providers or cooperation partners that we need to provide our services, including our website, and have commissioned accordingly (for example technical service providers, booking service providers, payment service providers). Accordingly, your data will be transmitted to such service providers and cooperation partners for the purpose of fulfilling the contract in accordance with Art. 6 Para. 1 S. 1 lit. b) GDPR. In these cases, like our partners, we strictly observe the requirements of the GDPR. Of course, before forwarding your personal data, we ensure that the service providers and cooperation partners have taken the necessary technical and organizational measures to ensure an appropriate level of protection. The scope of the data transfer is limited to the minimum required in each case.
The transmission to state institutions and authorities entitled to receive information only takes place within the framework of the statutory information obligations or if we are obliged to provide information by a court or official decision. In this case, the transfer of your data is required by Art. 6 Para. 1 S. 1 lit. c) GDPR to fulfill a legal obligation to which we are subject.
- Data processing for applications and in the application process
TRIP INN collects and processes the personal data of applicants for the purpose of handling the application process. The processing can also be done electronically. This is particularly the case if an applicant sends us the relevant application documents electronically, for example by email. Your personal data that you transmit to us as part of an application (usually contact details, cover letters and application documents, collectively “application data”) are only electronically stored and used for the purpose of processing your application. It will not be passed on to third parties outside of TRIP INN. Only the employees of the HR department and the responsible line manager have access to your data. If there is a personal second interview, future colleagues will receive your résumé so that they can prepare for the interview. All named persons have been obliged to maintain data secrecy and will treat your application with absolute confidentiality.
The data collection and processing in the context of the application for a vacancy at TRIP INN takes place in accordance with Art. 88 GDPR in connection with § 26 Abs. 1 S. 1 BDSG. If an employment contract is concluded with you after the application process has been completed, the data transmitted will be stored for the purpose of implementing and processing the employment relationship in compliance with the statutory provisions. Otherwise, your data (application data and interview results) will be completely deleted no later than six months after the end of the application process, t, provided that the deletion does not conflict with any other legitimate interests on the part of TRIP INN. Another legitimate interest in this sense is, for example, a burden of proof in proceedings under the General Equal Treatment Act (AGG).
- Routine deletion and blocking of personal data
We process and store personal data only as long as it is necessary to provide our services or to achieve the processing purposes or justified by legitimate reasons on our part, including a legal obligation to store the data.
The personal data concerning you will be deleted as soon as the purpose of the data processing no longer applies. If there are legitimate reasons for deletion within the meaning of Art. 17 Paragraph 3 GDPR, such as statutory storage or retention obligations, the processing of this data will be restricted. In this case, the data will be deleted if the reason for further storage no longer applies, e.g. the legally prescribed storage period has expired.
Cookies are used on our website. Cookies are small text files that are stored and stored on a computer system via an internet browser. Cookies usually contain a so-called cookie ID. A cookie ID is a unique identifier for the cookie. It consists of a string of characters through which websites and servers can be assigned to the specific Internet browser in which the cookie was stored. This enables the websites and servers you visit to distinguish your individual browser from other Internet browsers that contain other cookies. A specific internet browser can be recognized and identified via the unique cookie ID. By using cookies, TRIP INN can provide the users of this website with more user-friendly services that would not be possible without the cookie setting.
- Use of the Triptease analysis service
We use third-party analysis services to understand how our website visitors use our website. In particular, we can send a limited part of your information (such as room search, e-mail address and name, if you provide this) to the Triptease Group with European headquarters at 15 Bishopsgate, London, EC2N 3AR, United Kingdom (“Triptease” ) pass on. Triptease will collect this data for analysis purposes when you visit our website to book a stay with us. Triptease then analyzes your use of our website and tracks this using cookies and similar technologies so that we can improve our service for you. We can also use triptease as a medium for communication via live chat or automated messages on our website. In addition, we can accept payments through Triptease’s live chat widget. Triptease does not store any payment information and uses the third-party service PCI-Booking for such payments. You can find further information on PCI booking of data in the data protection declaration <https://www.pcibooking.net/privacy-policy>.
We use the services of Triptease in order to be able to adapt our website and our services to your preferences based on the analyzes carried out. The basis for the use of triptease is therefore Article 6, Paragraph 1, Sentence 1, Letter f) GDPR. Our legitimate interest is the constant improvement of our services based on your preferences and preferences when visiting our website.
- Data protection provisions for the use of Google Analytics (with anonymization function)
This website uses the web analysis service Google Analytics (with anonymization function), which is offered by Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043-1351, USA (“Google”). Web analysis is the Collection, collection and evaluation of data on the behavior of visitors to websites.
Google Analytics is used to analyze the flow of visitors to our website. Google uses the data and information obtained, among other things, to evaluate the use of our website, to compile online reports for us that show the activities on our website, and to provide other services related to the use of our website.
For this purpose, Google Analytics places a cookie on your IT system. By setting the cookie, Google is able to analyze the use of our website by giving Google knowledge of personal data, in particular the IP address of the person concerned, which Google uses, among other things, to trace the origin of visitors and clicks and subsequently Enable commission statements.
The cookie is used to store personal information, such as the access time, the location from which access was made and the frequency of your visits to our website. Each time you visit our website, this personal data, including the IP address of the Internet connection you are using, is transferred to Google in the USA and stored there. Google may pass this personal data collected through the technical process on to third parties. We use the extension “_gat._anonymizeIp”. By means of this addition, the IP address of your Internet connection is shortened and anonymized by Google before it is transmitted to a Google server in the USA, if our website is accessed from a member state of the European Union or from another state party to the Agreement on the European Economic Area he follows.
You can prevent the setting of cookies by our website, as already shown above, at any time by means of a corresponding setting in the Internet browser used and thus permanently object to the setting of cookies. Such a setting of the internet browser used would also prevent Google from setting a cookie on the information technology system of the person concerned. In addition, a cookie already set by Google Analytics can be deleted at any time via the Internet browser or other software programs.
You can prevent the future use of Google Analytics, especially when accessing our website from browsers on mobile devices, by clicking on the following link: [Link to Google Analytics deactivation]. By clicking on the link, a so-called opt-out cookie is saved on your device. Please do not delete this cookie as long as you want to maintain your objection. If you delete this cookie on your device, you must save such a cookie again by clicking on the link if you want to continue to object to the collection of your data by Google.
Further information and the applicable data protection provisions of Google can be found at https://www.google.de/intl/de/policies/privacy/ and at http://www.google.com/analytics/terms/de.html. Google Analytics is explained in more detail under this link https://www.google.com/intl/de_de/analytics/.
There is an adequacy decision by the EU Commission (No. 2016/1250) for transmission to the USA, according to which companies that meet certain criteria guarantee an appropriate level of protection, also known as the “EU-US Privacy Shield”. These companies are listed in the so-called “Privacy Shield List” or “Data Protection Shield List”. Google is one of the companies listed there. The transmission to Google in connection with Google Analytics is based on Art. 45 and 28 GDPR.
We use Google Analytics to analyze the use of our website and services and to continuously develop our website and services in the interests of user-friendliness. The basis for the use of Google Analytics is Article 6 Paragraph 1 Sentence 1 Letter f) GDPR. Our legitimate interest is the continuous alignment of our offer based on user interests in order to continuously improve and optimize the user experience of our customers and other users of our offer.
- No automated decision making
As a responsible company, we do not use automatic decision-making or profiling.
- Your rights as a data subject
At any time you have the right to confirmation and information about the personal data we have stored about you, the processing purposes, their origin, which disclosure to which recipients or categories of recipients, the storage period and the data subject rights available to you to us free of charge in writing or electronically, including a copy of this information.
In addition, you have the right at any time to correct incorrect data, to delete the personal data stored about you, provided there are no legitimate reasons to the contrary, or to request the restriction of processing under the legal requirements. Insofar as this affects personal data that is required for the provision of services to you, the deletion or restriction of the processing of this data can only take place when you no longer use our services and our offer.
If the personal data has been made public by TRIP INN and TRIP INN is obliged to delete the personal data in accordance with Art. 17 Para. 1 GDPR, we take appropriate measures, including technical measures, taking into account the available technology and the implementation costs, to prevent others for the To inform those responsible for data processing who process the published personal data that you have requested the deletion of all links to this personal data or of copies or replications of this personal data from these other data controllers, insofar as the processing is not necessary .
If you provide data that concerns you and we process this data on the basis of your consent or to fulfill the contract, you can request that you receive this data from us in a structured, common and machine-readable format or that we transfer this data to another person responsible, as far as this is technically possible (so-called right to data portability).
If the basis for the data processing is Art. 6 Para. 1 S. 1 f) GDPR (protection of legitimate interests), you have the right to object to the processing of your personal data at any time in accordance with Art. 21 GDPR, provided there are reasons for doing so which arise from your particular situation, or if the objection is directed against data processing for the purposes of direct advertising. In the latter case, you have a general right of objection, which we will implement without giving reasons arising from your particular situation (Art. 21 Paragraph 2 GDPR). If you file an objection for reasons that arise from your particular situation, we will no longer process your personal data, unless we can prove compelling legitimate reasons for the processing that outweigh your interests, rights and freedoms, or that Processing serves to assert, exercise or defend legal claims (Art. 21 Paragraph 1 GDPR).
If you provide us with personal data and we process this data on the basis of your consent, you can freely revoke the corresponding consent at any time with effect for the future.
You also have the right to lodge a complaint with a competent supervisory authority if you are of the opinion that the data processing by us violates the statutory provisions.
In order to assert your rights listed here and if you have further questions on the subject of processing your personal data, you can contact us at any time using the contact details given above.
- Scope of this data protection declaration
This data protection declaration only applies to the content on the TRIP INN websites and the data processing on the servers we use. It does not include content and third-party websites to which our offer merely links. This applies, for example, to social networks such as Facebook, Twitter, Google+ and Instagram. The processing of your personal data via these social networks is carried out by the respective operator of the network without us having any influence on this processing. This also applies to your personal data that you provide to us via such a platform, for example by writing to our profile in the respective social network. Information on how your personal data is handled and how it is protected on these platforms can be found in the data protection declaration of the respective platform.
- Revision of the data protection declaration
We reserve the right to check this data protection declaration and to revise it within the framework of the existing legal regulations, as far as this is indicated e.g. due to new technical developments or changes in case law or in our business operations. It is therefore advisable to read the provisions of this data protection declaration from time to time to ensure that you know how TRIP INN collects, processes and uses your personal data.