According to GDPR
data protection
data protection
Data protection declaration Neumühle Resort & SPA
We welcome you to visit our website and are pleased about your interest in our company. We take the protection of your personal data very seriously. We process your data in accordance with the applicable legal regulations for the protection of personal data, in particular the EU General Data Protection Regulation (EU-GDPR) and the country-specific implementing laws that apply to us. With the help of this data protection declaration, we will inform you comprehensively about the processing of your personal data by Neumühle Hotel- und Gaststättenbetriebs GmbH and the rights to which you are entitled.
Personal data is the information that makes it possible to identify a natural person. This includes in particular your name, date of birth, address, telephone number, email address but also your IP address.
Anonymous data exists when no personal connection to the user can be established.
Responsible body and data protection
Address: Neumühle Hotel- und Gaststättenbetriebs GmbH
Neumühle 54, 97797 Wartmannsroth
Contact information: www.neumuehle-resort.de
Telephone 0049 (0) 9732 8030
Fax 0049 (0) 9732 803-79
[email protected]
Contact data protection:
[email protected]
Your rights as a data subject
First of all, we would like to inform you at this point about your rights as a data subject. These rights are standardized in Articles 15 – 22 EU GDPR. This includes:
• The right to information (Article 15 EU GDPR),
• The right to deletion (Article 17 EU GDPR),
• The right to rectification (Article 16 EU GDPR),
• The right to data portability (Article 20 EU GDPR),
• The right to restrict data processing (Article 18 EU GDPR),
• The right to object to data processing (Article 21 EU GDPR).
To exercise these rights, please contact: info@neumuehle-resort.de. The same applies if you have questions about data processing in our company. You also have the right to lodge a complaint with a data protection supervisory authority.
Rights to object
Please note the following in connection with the right to object:
If we process your personal data for direct advertising purposes, you have the right to object to this data processing at any time without providing reasons. This also applies to profiling insofar as it is related to direct advertising.
If you object to processing for direct marketing purposes, we will no longer process your personal data for these purposes. The objection is free of charge and can be made informally, if possible to: [email protected].
If we process your data to protect legitimate interests, you can object to this processing at any time for reasons relating to your particular situation; This also applies to profiling based on these provisions.
We will then no longer process your personal data unless we can demonstrate compelling legitimate reasons for the processing that outweigh your interests, rights and freedoms or the processing serves to assert, exercise or defend legal claims.
Purposes and legal basis of data processing
When processing your personal data, the provisions of the EU GDPR and all other applicable data protection regulations are complied with. The legal basis for data processing arises in particular from Article 6 of the EU GDPR.
We use your data to initiate business, to fulfill contractual and legal obligations, to carry out the contractual relationship, to offer products and services and to strengthen customer relationships, which may also include analyzes for marketing purposes and direct advertising in connection with the operation of our hotel.
Your consent also represents a data protection permission requirement. We will inform you about the purposes of data processing and your right of withdrawal. If the consent also relates to the processing of special categories of personal data, we will expressly point this out to you in the consent.
Special categories of personal data within the meaning of Article 9 Paragraph 1 of the EU GDPR will only be processed if this is required by legal regulations and there is no reason to assume that your legitimate interest in excluding processing outweighs this.
Transfer to third parties
We will only pass on your data to third parties within the framework of the legal provisions or with the appropriate consent. Otherwise, your data will not be passed on to third parties unless we are obliged to do so due to mandatory legal regulations (transfer to external bodies such as supervisory authorities or law enforcement authorities).
Recipients of the data / categories of recipients
Within our company, we ensure that only those people who need it to fulfill their contractual and legal obligations receive their data.
In many cases, service providers support our specialist departments in fulfilling their tasks. The necessary data protection contracts have been concluded with all service providers. Our service providers support us in the following areas: accounts receivable accounting, IT services, booking services; Mailing service, customer satisfaction service provider.
Third country transfer / third country transfer intention
Data will only be transferred to third countries (outside the European Union or the European Economic Area) if this is necessary to carry out the contractual relationship, is required by law or you have given us your consent to do so.
Data storage period
We store your data as long as it is needed for the respective processing purpose. Please note that numerous retention periods mean that data (must) continue to be stored. This applies in particular to commercial or tax law retention obligations (e.g. Commercial Code, Tax Code, etc.). Unless there are further retention obligations, the data will be routinely deleted after the purpose has been achieved.
In addition, we may retain data if you have given us permission to do so or if legal disputes arise and we use evidence within the statutory limitation periods, which can be up to thirty years; the regular limitation period is three years.
Secure transmission of your data
In order to best protect the data we store against accidental or intentional manipulation, loss, destruction or access by unauthorized persons, we use appropriate technical and organizational security measures. The security levels are continually checked in collaboration with security experts and adapted to new security standards.
The data exchange to and from our website is encrypted. We offer HTTPS as the transmission protocol for our website, each using the current encryption protocols.
Obligation to provide the data
Various personal data are necessary for the establishment, implementation and termination of the contractual relationship and the fulfillment of the associated contractual and legal obligations. The same applies to the use of our website and the various functions it provides.
We have summarized details for you in the point above. In certain cases, data must also be collected or made available due to legal regulations. Please note that it is not possible to process your request or carry out the underlying obligation without providing this data.
Categories, sources and origin of data
The respective context determines which data we process: This depends on whether you place an order online or enter an inquiry into our contact form, whether you send us an application or submit a complaint.
Please note that we may also provide information for special processing situations separately in an appropriate place, for example when uploading application documents or when making a contact request.
As part of a contact request, we collect and process the following data:
• Name first Name
• Contact details
• Questions
If applicable: For newsletters we collect and process the following data:
• E-mail address
Contact form / contact via email (Art. 6 para. 1 lit. a, b EU GDPR)
There is a contact form on our website that can be used to contact us electronically. If you write to us using the contact form, we will process the data you provided in the contact form to contact us and answer your questions and requests.
The principle of data economy and data avoidance is observed here, in that you only have to provide the data that we absolutely need to contact you. These are your name, your email address and the message field itself. In addition, your IP address is processed for technical reasons and for legal protection. All other data are voluntary fields and can be provided optionally (e.g. to answer your questions more individually).
If you contact us by email, we will process the personal data provided in the email solely for the purpose of processing your request. If you do not use the forms provided to contact you, no further data collection will take place.
Newsletter (Art. 6 Para. 1 lit. a EU GDPR)
You can subscribe to a free newsletter on our website. The email address provided when registering for the newsletter will be used to send the newsletter.
The principle of data economy and data avoidance is observed here, as only the email address is requested. For technical reasons and for legal protection, your IP address will also be processed when you order the newsletter
You can of course end your subscription at any time using the unsubscribe option provided in the newsletter and thus revoke your consent. It is also possible to unsubscribe from the newsletter at any time directly via our website.
In addition, as part of your visit, you can voluntarily give us your consent to participate in customer satisfaction surveys by email.
Advertising purposes for existing customers (Art. 6 Para. 1 lit. f EU GDPR)
Neumühle Hotel- und Gaststättenbetriebs GmbH is interested in maintaining the customer relationship with you and in providing you with information and offers about our products/services such as offers for wellness treatments or hotel bookings. We therefore process your data in order to send you relevant information and offers by email and post.
If you do not wish this, you can object to the use of your personal data for direct marketing purposes at any time; This also applies to profiling insofar as it is related to direct advertising. If you object, we will no longer process your data for this purpose.
The objection can be made free of charge and without giving reasons and should be sent, if possible, to 0049 (0) 9732 8030, by email to [email protected] or by post to Neumühle Hotel- und Gaststättenbetriebs GmbH, Neumühle 54, 97797 Wartmannsroth.
Regular guest club (guest club)
This website uses KunLeiSys guest club software (regular guest area). The provider is GASTROpoint GmbH, Pommernstraße 17, 83395 Freilassing, Germany. KunLeiSys Guest Club Software is a service with which the guest club, offers, loyalty points, emails about events and newsletter dispatch are organized and managed. You can register for the guest club on our website. We only use the data entered for the purpose of using the respective offer or service. The mandatory information requested during registration must be provided in full. Otherwise we will reject the registration. The data entered during registration is processed based on your consent (Art. 6 Para. 1 lit. a GDPR). You can revoke your consent at any time free of charge. You can do this using the unsubscribe link in the email or by unsubscribing in the guest club.
The data you provide to us for the purpose of the guest club will be stored by us until you log out and will be deleted from both our servers and the servers of GASTROpoint GmbH after you log out and delete your guest club account. For important changes, such as the scope of the offer or technically necessary changes, we use the email address specified/stored during registration or in your profile to inform you in this way. Statutory retention periods remain unaffected. We have concluded a contract for data processing with GASTROpoint GmbH and fully implement the strict requirements of the data protection authorities when using KunLeiSys Guest Club software.
Applicant portal (Art. 6 para. 1 lit. a, b EU GDPR
We do not use an applicant portal.
Automated individual case decisions
We do not use purely automated processing processes to make a decision.
Cookies (Art. 6 Para. 1 lit. f EU GDPR
Our website uses at several locations so-called cookies. They serve to make our offering more user-friendly, effective and secure. Cookies are small text files that are stored on your computer and which your browser stores (locally on your hard drive).
These cookies enable us to analyze how users use our websites. This allows us to design the website content according to visitor needs. Cookies also give us the opportunity to measure the effectiveness of a specific ad and, for example, to place it depending on the user's thematic interests.
Most of the cookies we use are so-called “session cookies”. These will be automatically deleted after your visit. Permanent cookies are automatically deleted from your computer when their period of validity (usually six months) has been reached or you delete them yourself before the period of validity expires.
Most web browsers automatically accept cookies. You can usually change your browser settings if you prefer not to send the information. You can then still use the offers on our website without restrictions (exception: configurators).
We use cookies to make our offering more user-friendly, effective and secure. We also use cookies that enable us to analyze how users use our websites. This allows us to design the content according to visitor needs. Cookies also give us the opportunity to measure the effectiveness of a specific ad and, for example, to place it depending on the user's thematic interests.
Cookies are stored on the user's computer and transmitted to our site by the user. Therefore, as a user, you also have full control over the use of cookies. By changing the settings in your internet browser, you can deactivate or restrict the transmission of cookies. Furthermore, cookies that have already been set can be deleted at any time via an Internet browser or other software programs. This is possible in all common internet browsers.
Please note: If you deactivate the setting of cookies, not all functions of our website may be fully usable.
User profiles / web tracking procedures
1. Google Tag Manager (GTM):
This website uses Google Tag Manager. This service allows website tags to be managed via an interface. Google Tag Manager only implements tags. This means: No cookies are used and no personal data is collected. Google Tag Manager triggers other tags, which in turn may collect data. However, Google Tag Manager does not access this data. If a deactivation has been made at the domain or cookie level, it remains in effect for all tracking tags if they are implemented with the Google Tag Manager.
2. Google Analytics
This website uses Google Analytics, a web analysis service provided by Google Inc. (“Google”). Google Analytics uses so-called “cookies”, text files that are stored on your computer and that enable your use of the website to be analyzed.
The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there. However, since this website has activated IP anonymization on this website, your IP address will be shortened beforehand by Google within member states of the European Union or in other contracting states to the Agreement on the European Economic Area. You can prevent collection by Google Analytics by clicking on the following link. An opt-out cookie will be set to prevent future collection of your data when you visit this website: Deactivate Google Analytics
Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide other services related to website activity and internet usage to the website operator. The IP address transmitted by your browser as part of Google Analytics is not combined with other Google data. You can prevent the storage of cookies by setting your browser software accordingly; However, we would like to point out that in this case you may not be able to use all functions of this website to their full extent.
You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by Google by downloading the browser plug-in available under the following link and install https://tools.google.com/dlpage/gaoptout?hl=de. In view of the discussion about the use of analysis tools with full IP addresses, we would like to point out that this website uses Google Analytics with the extension “_anonymizeIp()” and therefore IP addresses are only processed in shortened form in order to exclude any direct personal reference. We also use Google Analytics to evaluate data from AdWords and the double-click cookie for statistical purposes. If you don't want this, you can do so via the Ad Preferences Manager (https://www.google.com/settings/ads/onweb/?hl=de) deactivate. Furthermore, this site uses Google Analytics reports on performance by demographic characteristics and interests, which store demographic characteristics such as age and gender in a cookie. This data cannot be traced back to a specific individual and can be accessed at any time via the ad settings (https://www.google.com/settings/u/0/ads/authenticated) can be deactivated.
The legal basis for processing is legitimate interests in accordance with Article 6 (1) (f) of the EU GDPR.
3. Matomo (formerly Piwik)
This website uses the open source web analysis service Matomo (formerly known as Piwik). Matomo allows you to analyze the flow of visitors to this website. Matomo helps to understand how a visitor came to this website (e.g. via the so-called referrer), which pages are accessed, how often and for how long, or which browser was used to view them. This data helps to improve the offering on this website. This allows us to see which offers are most interesting, where navigation can be improved or whether technical requirements need to be created so that this website can be displayed error-free.
IP addresses are automatically anonymized before the analysis data is saved. Matomo was also configured so that only the anonymized IP address is used to process the data. Matomo also respects the “do-not-track” setting of your browser.
Matomo uses so-called “cookies”. What a cookie is has already been explained. For this purpose, the information generated by the cookie about the use of this website is stored on our server.
The information generated by the cookie about the use of this website will not be passed on to third parties. The data collected by Matomo will not be merged with other services either.
Visitors to this website can prevent the storage of cookies by setting their browser software accordingly; However, we would like to point out that in this case not all functions of this website may be able to be used to their full extent.
If you do not agree to the storage and use of your data, you can deactivate the storage and use here. In this case, an opt-out cookie will be stored in your browser which prevents Matomo from storing usage data. If you delete your cookies, the Matomo opt-out cookie will also be deleted. The opt-out must be reactivated when you visit this page again.
You can decide here whether a unique web analysis cookie may be stored in your browser to enable the website operator to collect and analyze various statistical data.
If you would like to opt out, click the following link to store the Matomo deactivation cookie in your browser.
4. MyFonts Counter
On this website we use MyFonts Counter, a web analysis service from MyFonts Inc., 500 Unicorn Park Drive, Woburn, MA 01801, USA. Due to the license terms, page view tracking is carried out by counting the number of visits to the website for statistical purposes and transmitting it to MyFonts. MyFonts only collects anonymized data. The data may be passed on by activating Java script code in your browser. To prevent MyFonts from executing Java Script code altogether, you can install a Java Script blocker (e.g. www.noscript.net). Further information about MyFonts Counter can be found in the MyFonts data protection information at http://www.myfonts.com/info/terms-and-conditions/#Privacy.
5. Double click
On this website we use Doubleclick from Google. Doubleclick is a service provided by Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA (“Google”). Doubleclick uses cookies to display advertisements tailored to you. Your browser is assigned a pseudonymized identification number, which is used to check which advertisements were displayed and/or accessed. Doubleclick cookies enable Google and its partners to display ads based on previous visits to websites on the Internet. The information obtained in this way is transferred to Google servers in the USA and stored there in order to carry out an evaluation. However, if IP anonymization is activated on this website, your IP address will be shortened beforehand by Google within member states of the European Union or in other contracting states to the Agreement on the European Economic Area. A transfer to third parties only takes place due to legal regulations or as part of an order data processing relationship. The data is never merged with other data collected by Google. When using our websites, you will be asked for your consent to set Doubleclick cookies. This includes the manner of data processing just described and its purpose. You can subsequently prevent the storage of cookies by making the appropriate settings in your browser. We would like to point out that in this case you may not be able to use all functions of our website to their full extent. It is also possible to permanently deactivate the Doubleclick cookie by using the deactivation plugin at the following link: https://www.google.com/settings/ads/plugin?hl=de download and install. Alternatively, you can deactivate the use of cookies by third parties by visiting the Network Advertising Initiative deactivation page at the following link: http://www.networkadvertising.org/choices/ and implement the further information about the opt-out mentioned there. For more information about Doubleclick, see the following
Link: http://www.google.de/intl/de/policies/technologies/ads/
The legal basis for processing is legitimate interests in accordance with Article 6 (1) (f) of the EU GDPR.
6. Google AdWords and Google Conversion Tracking
This website uses Google AdWords. AdWords is an online advertising program from Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, United States (“Google”). As part of Google AdWords, we use so-called conversion tracking. If you click on an ad placed by Google, a cookie is set for conversion tracking. Cookies are small text files that the Internet browser stores on the user's computer. These cookies expire after 30 days and are not used to personally identify users. If the user visits certain pages on this website and the cookie has not yet expired, Google and we can recognize that the user clicked on the ad and was redirected to this page. Each Google AdWords customer receives a different cookie. The cookies cannot be tracked across the websites of AdWords customers. The information collected using the conversion cookie is used to create conversion statistics for AdWords customers who have opted for conversion tracking. Customers learn the total number of users who clicked on their ad and were redirected to a page with a conversion tracking tag. However, you will not receive any information that can be used to personally identify users. If you do not want to participate in tracking, you can object to this use by easily deactivating the Google Conversion Tracking cookie via your Internet browser under user settings. You will then not be included in the conversion tracking statistics.
The storage of “conversion cookies” is based on Art. 6 Para. 1 lit. f GDPR. The website operator has a legitimate interest in analyzing user behavior in order to optimize both its website and its advertising.
You can find more information about Google AdWords and Google Conversion Tracking in Google's data protection regulations: https://www.google.de/policies/privacy/.
You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general, and activate the automatic deletion of cookies when closing the browser. If cookies are deactivated, the functionality of this website may be restricted.
7. “Google AdWords User Lists” / “Google Dynamic Remarketing”
“Google AdWords User Lists” and “Google Dynamic Remarketing” are products of Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4. Ireland (“Google”) Our website uses a pixel provided by Google, which is a direct connection to Google servers. It is transmitted to the Google server that you have visited our website. Google links this information with a unique ID that is stored on your device in the form of a cookie or provided by your device (“advertising ID” for smartphones). If you visit other websites that also use “Google AdWords User Lists” / “Google Dynamic Remarketing”, this information will also be linked to your unique ID. However, Mindlab cannot see which other websites you visit.
8. Google reCAPTCHA
We use “Google reCAPTCHA” (hereinafter “reCAPTCHA”) on our websites. The provider is Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA (“Google”).
reCAPTCHA is intended to check whether data is entered on our websites (e.g. in a contact form) by a human or by an automated program. To do this, reCAPTCHA analyzes the behavior of the website visitor based on various characteristics. This analysis begins automatically as soon as the website visitor enters the website. For analysis, reCAPTCHA evaluates various information (e.g. IP address, length of time the website visitor stays on the website or mouse movements made by the user). The data collected during the analysis is forwarded to Google.
The reCAPTCHA analyzes run completely in the background. Website visitors are not informed that an analysis is taking place.
Data processing is carried out on the basis of Article 6 Paragraph 1 Letter f GDPR. The website operator has a legitimate interest in protecting its web offerings from abusive automated spying and SPAM.
Further information about Google reCAPTCHA and Google's privacy policy can be found at the following links: https://www.google.com/intl/de/policies/privacy/ and https://www.google.com/recaptcha/intro/android.html.
Online offers for children
Persons under the age of 16 are not permitted to transmit any personal data to us or submit a declaration of consent without the consent of their legal guardian. We encourage parents and guardians to actively participate in their children's online activities and interests.
Links to other providers
Our website also contains – clearly visible – links to the websites of other companies. If there are links to websites of other providers, we have no influence on their content. Therefore, no guarantee or liability can be assumed for this content. The respective provider or operator of the pages is always responsible for the content of these pages.
The linked pages were checked for possible legal violations and recognizable legal violations at the time of linking. Illegal content was not apparent at the time of linking. However, permanent control of the content of the linked pages is unreasonable without concrete evidence of a legal violation. Upon notification of rights violations, such links will be removed promptly.
