Factory Hotel, Münster: Legal notices

Privacy policy

When you access this website or contact us, personal data is collected and processed with due regard to German data protection law, specifically the Federal Data Protection Act (Bundesdatenschutzgesetz – BDSG), the German Telemedia Act (Telemediengesetz – TMG) and the European General Data Protection Regulation (GDPR). This privacy policy aims to inform you of the nature, scope and purpose of the collection, use and processing of personal data by Factory Hotel GmbH & Co. KG.

I. Controller

The controller (verantwortliche Stelle) within the meaning of the BDSG is Factory Hotel GmbH & Co. KG, represented by its managing partner D-Yard GmbH, which in turn is represented by its managing partner David Deilmann. Please feel free to contact us at the following address:

Factory Hotel GmbH & Co. KG
An der Germania Brauerei 5
48159 Münster
Germany

T: +49 (0) 251-4188-0
F: + 49 (0) 251-4188-999
mail(at)factoryhotel.de

II. Collection of personal data

“Personal data” refers to all data that is relatable to you personally – as a natural person – such as your name, address, email addresses and user behaviour.

The collection and storage of your personal data serves fundamentally to initiate, execute and process a contractual relationship; to process potential warranty claims; to respond to your enquiries; to ensure proper accounting; to measure reach; and for our own marketing purposes. Depending on the method of payment (e.g. advance payment, credit card, Giropay or Sofortüberweisung), it may be necessary to transmit data to payment service providers or to the bank tasked with handling the transaction to perform the contract.

For the aforementioned purposes, we record personal data such as your name, date of birth, sex or gender, nationality, passport and visa data (if applicable), address, telephone number, email address, credit card number and employer information (if applicable).

When sharing personal data for other persons (e.g. when ordering or making reservations for other persons), please expressly assure that you have shared this personal data with the consent of said persons and that you allow us to use this data with due regard to this privacy policy.

Personal data is collected, stored and processed solely within the framework stipulated by the statutory provisions of the TMG, the BDSG and Article 6 (1) GDPR.

III. Collection and storage of personal data, as well as the nature and purpose of its use

1. Data processing associated with the viewing of our website
When you use our website to obtain information, the browser used on your device automatically sends information to our website’s server. This information is temporarily stored in a log file. In the process, the following information is recorded without your active involvement and stored until it is automatically erased:

IP address of the computer making the enquiry
Date and time of access
Name and URL of the file accessed
Website visited prior to access (referrer URL)
Browser used and, if necessary, your computer’s
operating system as well as the name of your access provider

We process the aforementioned data for the following purposes:

To ensure a smooth connection with our website
To ensure the convenient use of our website
To analyse the security and stability of the system
For other administrative purposes

The legal basis for data processing is Article 6 (1) sentence 1 (f) GDPR. Our legitimate interest is derived from the aforementioned purposes of data collection. Under no circumstances do we use the data collected for the purpose of drawing conclusions about your person. Your personal data is not transferred to third parties for purposes other than those stated below. We pass on your personal data to third parties only if:

You have given your explicit consent for us to do so in accordance with Article 6 (1) sentence 1 (a) GDPR
It is necessary to pass on your data in accordance with Article 6 (1) sentence 1 (f) GDPR for the establishment, exercise or defence of legal claims and there is no reason to assume that you have a compelling, legitimate interest that would prevent us from passing on your data
There is a legal obligation to pass on data in accordance with Article 6 (1) sentence 1 (c) GDPR
Doing so is legally permissible and necessary to process a contractual relationship with you in accordance with Article 6 (1) sentence 1 (b) GDPR

2. Email contact
In accordance with Article 6 (1) sentence 1 (b) GDPR, we save the data you share with us (your email address, name, telephone number, etc.) when you contact us by email via mail@factoryhotel.de in order to answer your questions. We erase the data produced in this context once it is no longer necessary to store it or limit its processing if it may not be erased due to statutory provisions.

3. Hotel reservations
You can use our website to book a hotel room through our reservation portal SynXis.com, which is operated by the service provider Sabre GLBL Inc., 3150 Sabre Drive, Southlake, TX 76092 USA (https://www.sabre.com/about/privacy/). To process your reservation, we require your contact and address data, as well as information about the services you wish to book (including dates of travel, number of guests and any special requests related to meals or amenities). The legal basis for this is Article 6 (1) (b) GDPR. This data will be erased once it is no longer needed for the purpose of its collection. Even after the conclusion and performance of the contractual relationship, it may be necessary to store data in order to meet contractual and legal obligations such as statutory guidelines on retention.

4. Table reservations
On our website, we offer the option of reserving a table at the restaurants operated by Factory Hotel GmbH & Co. KG. To do so, you enter the necessary data yourself, which is then transmitted to us for storage. This service is provided by Bookatable GmbH & Co. KG, Deichstraße 48, 20459 Hamburg, Germany. Provided you have given consent, the legal basis for data processing in this instance is Article 6 (1) (a) GDPR. If registration is necessary for the performance of a contract or in order to take steps prior to entering into a contract, this processing is subject to Article 6 (1) (b) GDPR. This data will be erased once it is no longer needed to fulfil the purpose of its collection. Even after the conclusion and performance of the contract, there may be a need to meet contractual or legal obligations such as statutory guidelines on retention.

5. Credit checks
Factory Hotel GmbH & Co. KG may obtain credit reports on the basis of mathematical and statistical methods from mediafinanz AG, Weiße Breite 5, 49084 Osnabrück, Germany, for the purposes of its legitimate interests in accordance with Article 6 (1) (f) GDPR. To do so, we transmit the personal data required for a credit check to mediafinanz AG, Weiße Breite 5, 49084 Osnabrück, Germany, and use the information received pertaining to the statistical probability of a payment default to make an informed decision regarding the establishment, performance or termination of the contractual relationship. The credit report may contain probability values (scores) that have been calculated on the basis of scientifically valid mathematical and statistical methods as well as information such as address-related data. Your legitimate interests will be taken into account in accordance with the statutory provisions.

6. Hotel reviews
Former guests may review our hotel after checking out. To do so, we intend to send you an email asking you to review our hotel. All reviews may be published anonymously on request. In the event that you did not enjoy your stay at our hotel, we would like to take the opportunity to contact you personally.

Any data pertaining to online reviews submitted on our website will be stored using the review tool provided by CA Customer Alliance GmbH, Ullsteinstr. 118, Tower B, 12109 Berlin, Germany. CA Customer Alliance GmbH has agreed to handle your transmitted data in accordance with data protection guidelines.

Data from any former guests who take advantage of the opportunity to submit an online review will be stored in the review form. This data includes your email address, as well as voluntary information such as your first and last name, language and information about your review.

No further data will be passed on to third parties in this context. The data will be used solely to publish your review and for any conflict resolution measures in the event of poor reviews.

The legal basis for processing is our legitimate interest in accordance with Article 6 (1) (f). The purpose of any hotel review is to communicate and summarize any opinions voiced by hotel guests through our website so as to allow potential guests to inform themselves about our amenities and services. The findings are also used for our own internal quality management purposes. In most cases, the data is not erased.

7. Newsletter
Our website also offers you the opportunity to subscribe to our newsletter. To do so, you need to enter your email address. We will pass on your information to our newsletter service provider XQueue GmbH, Christian-Pleß-Str. 11-13, 63069 Offenbach am Main, Germany, which is responsible for the technical realisation of our newsletter.

Records will be kept of your registration for our newsletter so as to allow us to meet our obligation under data protection law to present evidence of your registration. To do so, we will store your IP address, the time of your registration and the time at which you click on the link in the confirmation email that you receive from us (metadata).The legal basis for the storage of your personal data as stated during registration for the newsletter is your consent in accordance with Article 6 (1) sentence 1 (a) GDPR.

The legal basis for the storage of the aforementioned metadata is Article 6 (1) sentence 1 (c) GDPR, as we are obliged under competition law to be able to present evidence that you have given your consent to receive our newsletter.We will store all personal data generated or gathered in connection with your registration for our newsletter until such time as you cancel your subscription to our newsletter or withdraw your consent to the processing of your personal data. We will store the aforementioned metadata and your email address as evidence that you have given your consent to receive newsletters. This data is processed solely to potentially defend ourselves against any claims. You may obtain the immediate erasure of your data if you immediately confirm the original existence of consent.

You may cancel your subscription to our newsletter or withdraw your consent to the processing of your data at any time. Each newsletter contains notification of your option to cancel your subscription. You may cancel your subscription by clicking on a link in the email. For more information about objecting to the processing of your personal data, please refer to the section of this privacy policy entitled “Right to object and right to withdraw consent”.

8. Job application portal
Our website uses software provided by softgarden e-Recruiting GmbH, Tauentzienstr. 14, 10789 Berlin, Germany, to process data related to job applications.We will use the personal data transmitted by you solely for the purpose of processing your application for the advertised position. Only relevant persons who are involved in the application process will be privy to your personal data. All staff members responsible for data processing are obliged to maintain the confidentiality of your data. We will not pass on your personal data to third parties unless you have consented to the forwarding of your data or we are obliged to forward your data due to statutory provisions and/or official or court orders. By submitting your application, you create an account on our careers website where you can view and manage your application.Your data will be stored for up to six (6) months after completion of the application process unless statutory provisions exist that require the further storage of your data for the purpose of presenting evidence or you have expressly consented to a longer period of storage.

9. Links to other websites
Our website contains links to other websites. The operators of those websites are responsible for their content and for the processing of data on said websites. Please refer to the privacy policies contained on those websites for more information.

10. Cookies
In addition to the aforementioned data, cookies are stored on your computer when you use our website. Cookies are small text files that are stored on your hard drive and classified as belonging to the browser you use. They also allow the communication of certain information. Cookies do not cause damage to your computer. We use cookies to store information such as login status or user interests. They serve to make our website and our services more user-friendly, to measure reach or to conduct marketing analysis. These purposes also constitute our legitimate interest in processing personal data in accordance with Article 6 (1) (f) GDPR.This website uses the following types of cookies, the scope and functioning of which are explained below:

Transient cookies
Persistent cookies
Third-party cookies

Transient cookies are automatically erased when you close your browser. In particular, this kind of cookie includes session cookies, which store a session ID that can be used to attribute various enquiries by your browser to the particular session. This allows our website to recognise your computer when you return to our website. Session cookies are erased when you log out or close your browser.

Persistent cookies are automatically erased after a given period of time that may differ from cookie to cookie. You can erase cookies at any time in your browser’s security settings.

Third-party cookies are cookies that are used by other providers than the operator responsible for the website.You can change the cookie settings in your browser and refuse certain cookies or all cookies, for example. Cookies already stored can be deleted. You may not be able to use all features of the website if you do not allow cookies.

11. Google Maps
On this website, we use the Google Maps plug-in to display interactive maps and make it easier to find our hotel. This use constitutes a legitimate interest within the meaning of Article 6 (1) (f) GDPR. Google Maps is a mapping service provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, California 94043, USA. Information on the use of our website, including your IP address and the addresses entered as part of the search and directions function, may be transmitted to Google Inc. in the US when you use the plug-in. To do so, your browser connects directly to Google Inc.’s servers. Google Inc. transfers the map content directly to your browser and embeds it into the website. Because we are not responsible for the transmission of this data, we do not have any influence on the scope of data collected by Google Inc. We therefore have no influence on the processing and use of data by Google Inc. and are unable to assume any responsibility for such processing and use. Please refer to Google Inc.’s privacy policy for more information about the purpose and scope of data collection and the further processing and use of data by Google Inc., as well as your rights and settings options to protect your privacy (https://policies.google.com/privacy?hl=de). By using our website, you consent to the processing of your personal data by Google Inc.

12. Google Analytics
This website also uses Google Analytics, a web analysis service provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Google Analytics uses cookies, which are small text files that are stored on your hard drive and classified as belonging to the browser you use. They also allow the communication of certain information. Cookies do not cause damage to your computer. The information on your use of our website that is generated by the cookie is usually transmitted to a Google Inc. server in the US, where it is stored. If IP anonymisation is activated on our website, Google will shorten your IP address within the member states of the European Union or in another contracting party to the European Economic Area Agreement prior to transmission. Only under exceptional circumstances will your full IP address be transmitted to a Google Inc. server in the US and shortened there. On behalf of the operator of this website, Google Inc. will use this information to analyse your use of the website, compile reports on website activity and provide the operator of the website with additional services associated with the use of this website and the use of the Internet. You can change the cookie settings in your browser and refuse certain cookies or all cookies, for example. Cookies already stored can be deleted. You may not be able to use all features of the website if you do not allow cookies. You can also prevent the recording and transmission of the data generated by the cookie and related to your use of the website (including your IP address) as well as the processing of this data by Google Inc. by downloading and installing the browser plug-in from the following link: https://tools.google.com/dlpage/gaoptout?hl=de.For the terms of use and privacy policy, please visit https://www.google.com/analytics/terms/de.html and https://www.google.de/intl/de/policies/.

13. Google Dynamic Remarketing
On our website, we use the dynamic remarketing function of Google AdWords, a service of Google Inc (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; “Google”). This technology enables us to show you automatically generated, targeted advertisements following your visit to our website. The advertisements relate to products and services that you clicked on during your most recent visit to our website. To create interest-based advertisements, Google uses cookies, which aresmall text files that are stored on your hard drive and classified as belonging to the browser you use. They also allow the communication of certain information. Cookies do not cause damage to your computer. Google normally stores information such as your web request, IP address, browser type, browser language, and the date and time of your request. This information is used only to match the web browser with a certain computer. It cannot be used to identify a person.You can use Google’s advertising settings to deactivate the display of advertisements if you do not want to receive user-based advertising from Google. Please refer to the Google Inc. privacy policy (https://policies.google.com/privacy?gl=de) for more information about how Google uses cookies.

14. MyFonts Counter web analysis service
On our website, we use MyFonts Counter, a web analysis service provided by MyFonts Inc., 500 Unicorn Park Drive, Woburn, MA 01801, USA. Under the terms of the licensing agreement, the number of visits to the website is counted for statistical purposes and transmitted to MyFonts to provide page view tracking. MyFonts anonymises your data.The data is forwarded by activating the JavaScript code in the user’s browser. Users can install a JavaScript blocker (e.g. www.noscript.net) to prevent MyFonts from running JavaScript code.More information on data protection and the cookies used can be found online at http://www.myfonts.com/info/terms-and-conditions/#Privacy.

15. Social plug-ins
In addition, our website uses social plug-ins provided by various social networks. Your browser therefore connects directly to the servers of the respective social networks as soon as you visit our website. The social network transfers the plug-in’s content directly to your browser and embeds it into the website. By embedding the plug-ins, the social networks are notified that you have accessed our website using the plug-ins. The social network can link the visit to your social media account if you are logged in. We use the following social networks:

Facebook
On this website, we use plug-ins provided by the social network Facebook (Facebook Inc., 1 Hacker Way, Menlo Park, California 94025, USA). The Facebook plug-in can be identified by the Facebook logo on our website. An overview of Facebook plug-ins is available at http://developers.facebook.com/docs/plugins/.

When you visit our website, the plug-in connects your browser directly to the Facebook server, notifying Facebook Inc. that you have visited our website with the plug-in from your IP address. We wish to point out that we, as the provider of the website, have no knowledge of the content of the data transferred or its use by Facebook Inc. For more information, please refer to the Facebook Inc. privacy policy at http://de-de.facebook.com/policy.php.

Please log out of Facebook prior to visiting our website if you do not want Facebook Inc. to attribute the data collected via our website directly to your Facebook profile.

Instagram
Furthermore, we use a plug-in provided by the social network instagram.com (Instagram LLC, 1601 Willow Rd., Menlo Park, California 94025, USA; “Instagram”). The plug-in is indicated by the Instagram logo in the shape of a camera. An overview of Instagram plug-ins and their appearance is available at http://blog.instagram.com/post/36222022872/introducing-instagram-badges

When you visit our website, which features a plug-in of this nature, your browser connects directly to Instagram’s servers. Instagram transfers the plug-in’s content directly to your browser and embeds it into the website. By doing so, Instagram is notified that your browser has accessed our website with the plug-in even if you do not have an Instagram profile or are currently not logged in to Instagram.

We wish to point out that we, as the provider, have no knowledge of the content of the data transferred or its use by Instagram LLC. Please refer to Instagram’s privacy policy at https://help.instagram.com/155833707900388/ for more information about the purpose and scope of data collection and the further processing and use of data by Instagram, as well as your rights and settings options to protect your privacy.

Please log out of Instagram prior to visiting our website if you do not want Instagram to attribute the data collected via our website directly to your Instagram account.An active plug-in stores a cookie with an identifier every time you access the corresponding website. For the sake of completeness, we therefore wish to point out once again that websites with active social plug-ins may send data to social networks even if you are not logged in to the social networks in question. This cookie is sent without being asked every time you connect to a network server. As a result, user data may be collected, analysed and attributed to a natural person.

You can deactivate the social plug-ins with a single click on our website if you would like to prevent social networks from collecting data about you via active plug-ins, or you can block cookies by changing your browser’s settings. However, doing so may prevent you from using all of our website’s features.

16. DialogShift chat application on our website
Our website uses the chat application of DialogShift GmbH, Rheinsberger Str. 76/77, 10115 Berlin. This application processes and stores data for the purpose of web analysis, to operate the chat application and to answer queries.

For the operation of the chat function, the chat texts are stored and a cookie with a unique ID is set - this is used to recognise you as a customer.
A cookie is a small text file that is stored locally in the cache on your device. Using this cookie, our application recognises the device and can retrieve past chat logs. This cookie is stored for 90 days since last use. You can disable the storage of cookies in your browser settings. However, without the use of cookies, the chat function cannot be performed.

The possible disclosure of e.g. name, e-mail address or a telephone number is voluntary and with the consent to temporarily use and store this data for the purpose of contacting you until the end of the contact. This personal data is deleted after 90 days.

The legal basis for data processing is Article 6 (1) lit. F DS-GVO based on our legitimate interest in effective customer support, for statistical analysis of user behaviour and for optimisation purposes of our offers.
DialogShift offers at
https://www.dialogshift.com/de/dsvgo
for further information on the collection and use of data and on your rights and options for protecting your privacy.

IV. Right to object and right to withdraw consent

In accordance with Article 21 GDPR, you have the right to object to the processing of your personal data on grounds relating to your personal situation, or if your objection is related to direct marketing, provided that your personal data is processed on the basis of legitimate interests in accordance with Article 6 (1) sentence 1 (f) GDPR. In the case of direct marketing, you have a general right to object with which we will comply without the need for you to state grounds relating to your personal situation.

You may withdraw your data protection declaration of consent at any time. However, the lawfulness of the processing of data on account of the declaration of consent completed prior to the withdrawal will not be affected by the withdrawal of consent.

You may exercise your right to object or your right to withdraw consent by sending an email to mail(at)factoryhotel.de.

V. Further data subject rights

In addition, you have the right:

To obtain information about your personal data processed by us, in accordance with Article 15 GDPR. In particular, you may obtain information about the purposes of the processing; the category of personal data; the categories of recipients to whom your personal data has been or will be disclosed; the envisaged period for which the data will be stored; the existence of the right to rectification, erasure, restriction of processing or to object to processing; the right to lodge a complaint; information as to the source of your data if such data is not collected by us; and the existence of automated decision-making, including profiling, and meaningful information about the details (if applicable).
To obtain the rectification of inaccurate personal data or to have incomplete personal data completed, in accordance with Article 16 GDPR.
To obtain the erasure of your personal data stored by us to the extent that processing is not necessary for exercising the right of freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the establishment, exercise or defence of legal claims, in accordance with Article 17 GDPR.
To obtain restriction of processing of your personal data if you contest the accuracy of the data; the processing is unlawful but you oppose its erasure and we no longer need the data for the purposes of the processing, but they are required by you for the establishment, exercise or defence of legal claims; or you have objected to processing pursuant to Article 21 GDPR, in accordance with Article 18 GDPR.
To receive the personal data that you have provided to us in a structured, commonly used and machine-readable format or to transmit those data to another controller, in accordance with Article 20 GDPR.
To withdraw your consent at any time, in accordance with Article 7 (3) GDPR. As a result, we will no longer be permitted to continue the data processing based on this consent in the future.
To lodge a complaint with a supervisory authority, in accordance with Article 77 GDPR. In most cases, you may do so by contacting the supervisory authority in the place of your habitual residence, place of work or our registered office (see above).

VI. Up-to-date nature of this privacy policy and changes

This privacy policy is currently applicable and was last updated in October 2018.

The further development of this website or changes to legal and/or official provisions may necessitate changes to this privacy policy. You can access and print out the respectively applicable privacy policy at any time at www.factoryhotel.de.

VII. Data protection and privacy contact

Please feel free to contact our data protection officer at the following address, telephone number or email address if you have any further questions about data protection at Factory Hotel GmbH & Co. KG:

bits + bytes it-solutions GmbH & Co. KG
Bahnhof Weidenau 6
57076 Siegen
Germany

T: +49 (0) 700 / 2030 1030
E: datenschutz(at)bits-bytes.de

The supervisory authority responsible for us is:

Landesbeauftragte für Datenschutz und Informationsfreiheit Nordrhein-Westfalen
Kavalleriestrasse 2-4
40213 Düsseldorf
Germany

Name	Info
thn_id	Duration : 2 years Purpose : This cookie is created to identify the users with an unique ID formed by a hexadecimal carriage of characters. This cookie is used to be able to identify the users in their next visit to the hotels websites in the network. This cookie allows to personalize the user experience.
__thn_ss	Duration : 1 year Purpose : This cookie is created to manage server session. It is a PHP session that creates it. This cookie allows to personalize the user experience.
visid_incap_XXXXX	Duration : 364 days, 20 hours Purpose : Incapsula DDoS Protection and Web Application Firewall: cookie for linking certain sessions to a specific visitor (visitor representing a specific computer). In order to identify clients that have already visited Incapsula. The only cookie that is persistent for the duration of 12 months.
nlbi_XXXXX	Duration : Session Purpose : Incapsula DDoS Protection and Web Application Firewall: load-balancing cookie to ensure that requests by a client are sent to the same origin server.
incap_ses_YYY_XXXXX	Duration : Session Purpose : Incapsula DDoS Protection and Web Application Firewall: cookie for linking HTTP requests to a certain session (AKA visit). Re-opening the browser and accessing the same site are registered as different visits. In order to maintain existing sessions (ie, session cookie)