Privacy Policy

Website Privacy Statement and at the Same Time Information for Data Subjects According to Article 13 and Article 14 EU General Data Protection Regulation

General Information

Details of the Responsible Entity
Gastfreund GmbH
Managing Director: Daniel Schulze
Bahnhofstrasse 4
87435 Kempten
Germany

General Data Protection Regulation
IITR Data Protection GmbH
Dr. Sebastian Kraska
Marienplatz 2
80331 Munich
email@iitr.de

Data Processing Information

Personal data is only collected if you provide it to us of your own accord. No personal data is collected beyond this. Any processing of your personal data that goes beyond the scope of the legal permissions will only take place on the basis of your consent.

The following points first arrange themselves to the logic of our Cookie Consent Manager. With its help, you can make settings relating to data collection on our online presences. Under point 4 you will then find further details on data collection, which takes place without cookies.

1. Function

“Function” includes all applications that we use to provide you with basic functions of our website.

The use of these functions is therefore in the interest of an appealing presentation of our online offers. Legal basis: legitimate interest within the meaning of Art. 6. 1 f GDPR

Consent Manager

A Consent Management Platform (CMP for short) is software that website operators or providers of web apps use to obtain and store visitors’ consents under data protection law via a banner or pop-up before user data is collected via website scripts (tracking).

Address

consentmanager AB
Håltegelvägen 1b
72348 Västerås
SE

Privacy Policy

https://www.consentmanager.net/datenschutz/

Gastfreund GmbH

The applications and websites provided by Gastfreund require cookies to save your settings and provide basic functions.

Google General / Google functions / Youtube

Our online presence uses Google General. This provides functions that are offered by Google. Links and further information on collected data and offered services can be found below.

Google Firebase

We use the service Google Firebase for the analysis and categorization of user groups as well as for push notifications.

Google Fonts

Google Fonts are used on this website. Google Fonts is a service of Google Inc. (“Google”). The integration of these web fonts takes place through a server call, usually a Google server in the USA. This transmits to the server which of our Internet pages you have visited. The IP address of the visitor will be stored by Google.

Google Maps

This website uses the product Google Maps from Google Inc. By using this website, you consent to the collection, processing and use of automatically collected data by Google Inc, its representatives and third parties.

The terms of use of Google Maps can be found under “Terms of use of Google Maps”, see link further below.

YouTube

Here on this website we offer content from the video platform YouTube. If you visit one of our websites on which YouTube is embedded, a connection to the YouTube servers is established. In doing so, the YouTube server is informed which of our pages you have visited.

Furthermore, YouTube may store various cookies on your device or use comparable technologies for recognition (e.g. device fingerprinting). In this way, YouTube can obtain information about visitors to this website. This information is used, among other things, to collect video statistics, improve the user experience, and prevent fraud attempts.

If you are logged into your YouTube account, you allow YouTube to associate your browsing behavior directly with your personal profile. You can prevent this by logging out of your YouTube account.

Address

Google Ireland Limited
Gordon House
Barrow Street
Dublin 4
Ireland

Privacy Policy And More Info

policies.google.com/privacy

policies.google.com/technologies/partner-sites

www.google.com/fonts#AboutPlace:about

firebase.google.com

google.com/intl/de_de/help/terms_maps/

IAB Europe / CMP Domain

The IAB Transparency & Consent Framework regulates and simplifies the communication process in consent management between a publisher and advertiser. This also concerns the question of how to deal with so-called piggybacking. This refers to additional technologies that are called by technologies integrated on the page.

The framework supports the exchange of consent information between third-party providers, our website and the end user. Thus, it is clear whether there is consent or not.

Address

Company processing the data
IAB Europe A.I.S.B.L..
Rond-Point Robert Schumanplein 11
1040 Brussels
BE

Privacy Policy

https://iabeurope.eu/privacy-policy/

Personio GmbH.

This is the job application system on gastfreund.net and guestfriend.com. People interested in jobs at Gastfreund GmbH submit their documents through this system.

Address

Personio GmbH
Rundfunkplatz 4
80335 Munich
DE

Privacy Policy

https://www.personio.de/datenschutzerklaerung/

Tawk.to

To handle user requests through our support channels or live chat systems, we use tawk.to. This tool provides an external platform for the Gastfreund staff to manage the chats. Via a script, the chat is integrated into the source code on gastfreund.net.

By using the chat, you automatically use the services of tawk.to, even if you do not have a profile on tawk.to or are not currently logged in to tawk.to. When you interact with the plugins, for example, when you activate the live chat of tawk.to, the corresponding information is transmitted directly to a server of tawk.to and stored there.

The collected data includes: Chat history, specified name, IP address at the time of the chat and (based on the IP) the country of origin. This data is not shared with third parties and is only used to improve our service and for internal statistics.

By using the chat, you agree to this condition.

Address

Tawk.to inc.
187 E Warm Springs Rd
SB298 Las Vegas, Nevada 89119

Privacy Policy

https://www.tawk.to/data-protection/gdpr-2/

2. Marketing

Gastfreund uses tools for marketing. This means that these functions are not fundamentally necessary to operate the website. However, they help us to offer our products to customers and potential customers.

Legal basis: Consent (GPDR 6.1.a)

Facebook

Gastfreund uses Facebook pages, groups and plugins offered by the social network facebook.com.

These pages, groups and plugins may contain interaction elements or content (e.g. videos, graphics or text posts). They can be identified by the white and/or blue Facebook logo. Alternatively, they are marked with the addition “Facebook Social Plugin”.

When users call up a function of our online offer that contains such a plugin, their device establishes a connection with Facebook’s servers.

Facebook transmits information to the corresponding user device. In the process, usage profiles can be created from the processed data.

By integrating the plugins, Facebook receives the information that users have accessed pages of our online offer. If users are logged into Facebook, Facebook can assign this visit to the corresponding user account.

If users interact with plugins, for example by clicking the Like button or commenting, this information is transmitted to Facebook. If users are not members of Facebook, there is still the possibility that Facebook identifies and stores their IP addresses. According to Facebook, only an anonymized IP address is stored in Europe.

Address

Facebook Ireland Ltd.

4 Grand Canal Square

Grand Canal Harbour

Dublin 2

Privacy Policy and Related Links

https://www.facebook.com/policy.php

https://www.facebook.com/legal/controller_addendum

https://www.facebook.com/legal/EU_data_transfer_addendum

https://www.facebook.com/help/566994660333381

Facebook Remarketing

Remarketing tags of the social network Facebook are integrated on our pages. When you visit our pages, the remarketing tags establish a direct connection between your browser and the Facebook server. Facebook thereby receives the information that you have visited our site with your IP address. This allows Facebook to associate the visit to our pages with your user account.

We can use the information obtained in this way to display Facebook Ads. We would like to point out that we, as the provider of the pages, have no knowledge of the content of the transmitted data or its use by Facebook.

If you do not wish to have data collected via the so-called “Custom Audience”, you can deactivate Custom Audiences here: https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen

Address

Facebook Ireland Ltd.
4 Grand Canal Square
Grand Canal Harbour
Dublin 2
IE

Privacy Policy and Further Information

https://www.facebook.com/about/privacy/

https://www.facebook.com/business/gdpr

Google Ads Conversion Tracking

Gastfreund uses Google Ads Conversion Tracking, a web analytics service provided by Google, Inc. (“Google”). Google Ads Conversion Tracking also uses “cookies”, which are stored on your computer and allow an analysis of your use of the website.

The information generated by the cookie about your use of this website will be transmitted to and stored by Google on servers in the United States. Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google’s behalf. Google will not associate the data with any other data held by Google. You can generally prevent the use of cookies if you prohibit the storage of cookies in your browser.

Address

Google Ireland Limited
Gordon House
Barrow Street
Dublin 4
Ireland

Privacy Policy

https://cloud.google.com/security/gdpr/

Leadpages

Gastfreund uses the provider Leadpages for pop-ups on its websites. The hosting of some of our pages, with which we advertise our products, is done by the provider Leadpages.net.

Leadpages collects personal data when users voluntarily submit it when using the service, such as when filling in forms.

Address

Avenue 81, Inc. d/b/a Leadpages
251 N. 1st Avenue
Minneapolis, USA.

Privacy Policy

https://www.leadpages.net/legal

Wisepops

Gastfreund GmbH uses the service of the company Wisepops to provide pop-ups on the website. These pop-ups contain, for example, contact forms, links to landing pages or offers. Wisepops uses cookies to determine whether and how users interact with the pop-ups, so that a pop-up does not appear more than once per user.

Address

WisePops SAS
49 rue Jean De La Fontaine
75016 Paris

Privacy Policy

https://support.wisepops.com/more-info/gdpr-compliance

3. Analytics

In order to further optimize our services, we use various measurement tools, such as website traffic analysis. These are not per se necessary to offer the central functions of our pages, but help us to improve our services.

Legal basis: Consent (DSGVO 6.1.a)

Google Analytics

This website uses functions of the web analysis service Google Analytics. The provider is Google Ireland Limited (“Google”).

Google Analytics enables the website operator to analyze the behavior of website visitors. In doing so, the website operator receives various usage data, such as page views, length of stay, operating systems used and origin of the user. This data may be summarized by Google in a profile that is assigned to the user or his device.

Google Analytics uses technologies that enable the recognition of the user for the purpose of analyzing user behavior (e.g. cookies or device fingerprinting). The information collected by Google about the use of this website is usually transferred to a Google server in the USA and stored there.

IP Anonymization

We have activated the IP anonymization function on this website. This means that your IP address will be shortened by Google within member states of the European Union or in other states party to the Agreement on the European Economic Area before being transmitted to the USA. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there.

On behalf of the operator of this website, Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage to the website operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with other data from Google.

Demographic Characteristics with Google Analytics

This website uses the “demographic characteristics” function of Google Analytics in order to display to the website visitors suitable advertisements within the Google advertising network.

This allows reports to be generated that include statements about the age, gender, and interests of site visitors. This data comes from interest-based advertising from Google as well as from visitor data from third-party providers. This data cannot be assigned to a specific person. You can deactivate this function at any time via the ad settings in your Google account or generally prohibit the collection of your data by Google Analytics as shown under “Browser Plugin” further below.

Google Analytics E-Commerce Tracking

This website uses the “e-commerce tracking” function of Google Analytics. With the help of e-commerce tracking, the website operator can analyze the purchasing behavior of website visitors in order to improve its online marketing campaigns. This involves recording information such as orders placed, average order values, shipping costs and the time from viewing to purchasing a product. This data can be summarized by Google under a transaction ID, which is assigned to the user or his device.

Address

Google Ireland Limited
Gordon House
Barrow Street
Dublin 4
Ireland

Privacy Policy and Further Links

https://policies.google.com/privacy?hl=en

Browser Plugin

You can prevent the collection and processing of your data by Google by downloading and installing the browser plugin available at the following link:

https://tools.google.com/dlpage/gaoptout?hl=de

Google Tag Manager

We use the Google Tag Manager. Google Tag Manager is a tool that allows us to embed tracking or statistical tools and other technologies on our website.

The Google Tag Manager itself does not create user profiles, does not store cookies and does not perform any independent analyses. It only serves to manage and play out the tools integrated via it. However, the Google Tag Manager records your IP address, which may also be transmitted to Google’s parent company in the United States.

Address

Google Ireland Limited
Gordon House
Barrow Street
Dublin 4
Ireland

Privacy Policy

https://policies.google.com/privacy?hl=en

SalesViewer Ltd.

SalesViewer identifies website visitors and creates profiles about them. The focus is on business customers. Information provided in the process relates to company name, location, industry, website and other contact details.

Address

SalesViewer GmbH
Bongardstrasse 29
44787
Bochum

Privacy Policy

https://www.salesviewer.com/en/privacy-policy

4. Tools and Functions that Are Used and Do Not Set Cookies

In addition to the tools mentioned above, Gastfreund uses other functions to provide its services. If personal data flows through them, these are listed below.

Hosting

Amazon Web Services, Inc.
P.O. Box 81226
Seattle, WA 98108-1226

http://aws.amazon.com

Hosting Provided By

Amazon Web Services (server rooms)

AWS Ireland Region

Privacy Policy

https://aws.amazon.com/de/compliance/gdpr-center/

Data Transfer

Zapier Inc.
A Delaware corporation
538 Market St #62411

Privacy Policy And More Info

https://zapier.com/help/account/data-management/gdpr-compliance-at-zapier

https://zapier.com/privacy

Customer data storage

Close.io (Elastic Inc.).
PO Box 1145 Jackson
WY 83001 USA

Privacy Policy

https://close.io/gdpr/

Management Of Customer Projects

Targetprocess Cyprus Limited

28 Oktovriou 2
1st Floor, Flat/Office 101 Egkomi Makedonitissa
2414, Nicosia, Cyprus

Privacy Policy

https://www.targetprocess.com/privacy-policy/

Invoice dispatch

Bilendo GmbH
Sendlinger Str. 27
D-80331 Munich

Privacy Policy

https://www.bilendo.de/datenschutz

Functions for Communication between Gastfreund Customers and Guests

Gastfreund GmbH provides software products for its customers in the hotel and tourism industry. These serve the communication between Gastfreund customers with their guests.

Partially – depending on the modification solution booked by the client – personal data of the guest may be collected and transmitted by Gastfreund to the client.

Purpose of Data Processing

Gastfreund services: digital guest communication between Gastfreund client and its guests.

Type and Scope of Data Collection, Processing and Use:

Personal data by guests if transmitted via the Gastfreund interface in App or Web. Forwarding of this data via AWS mail client to email address specified by customer. After sending the message by guest/AWS: deletion of the sent message and thus of the personal data depending on the applicable legal situation by the Gastfreund customer.

Data may be:

Name
Address
Telephone number
E-mail
Number and age of children (if relevant for booking a room)
Time and duration of stay
Date and place of birth

If users of the services enter personal data of third parties, this must be done with their consent.

Entry in Contact Forms

Gastfreund offers customers and interested parties the opportunity to contact Gastfreund using the contact form. In the course of this you provide Gastfreund with your contact data.

We use this information to send you the requested information and, if necessary, to provide you with selected information on the subject at a later date. Gastfreund GmbH stores your data within the scope of the legal obligations to delete data. In addition, you can of course ask us to delete your stored data at any time.

Use of Newsletter

Gastfreund GmbH only sends newsletters to its customers. In each of the newsletters sent out, you have the opportunity to object to the use of your e-mail address for the newsletter mailing.

Your objection (and thus the unsubscription from our newsletter) can be exercised by sending us a message or via a link that is included in every newsletter.

For the newsletter dispatch we use:

Brevo (ehemals Sendinblue) – Sendinblue GmbH

Köpenicker Straße 126
10179 Berlin
Deutschland

https://www.brevo.com/de/datenschutz-uebersicht/
https://www.brevo.com/de/dsgvo/

Panoramic Cameras and Weather Reports

Thanks to Feratel, we can present you live streams from panoramic cameras and weather reports.

Address

feratel media technologies AG
Maria-Theresien-Str. 8
6020 Innsbruck
AT

Privacy Policy

https://www.feratel.com/en/privacy-policy.html

LinkedIn

The LinkedIn Insight tag enables the collection of data about visits to your website, including URL, referrer URL, IP address, device and browser properties (user agent), and timestamp. This data is encrypted, IP addresses are shortened, and members’ direct IDs are removed within seven days to pseudonymize the data. This remaining pseudonymized data is then deleted within 90 days.

LinkedIn does not share personally identifiable information with the website owner, but only provides aggregate reports on website audience and ad performance. LinkedIn also provides retargeting for website visitors so that the website owner can use this data to display targeted ads outside of their website without identifying the member. LinkedIn members can control the use of their personal data for advertising purposes in their account settings.

Address

LinkedIn Ireland Unlimited Company

Wilton Place,

Dublin 2, Ireland

Privacy Policy and More Info

https://www.linkedin.com/help/lms/answer/a427660/linkedin-insight-tag-haufig-gestellte-fragen?lang=en

https://www.linkedin.com/legal/privacy-policy?trk=hb_ft_priv

https://www.linkedin.com/psettings/advertising/actions-that-showed-interest

Additional Information Beyond All of the Above

In addition, you may at any time exercise your rights of access, rectification, erasure or to restrict processing or exercise your right to object to processing, as well as the right to data portability. Here you will find the possibility to contact us by e-mail at info@gastfreund.net.

You also have the right to contact the data protection supervisory authority in case of complaints.

1. Data protection declaration and consent to data use within the Gastfreund apps

Gastfreund GmbH takes the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this data protection declaration.

This data protection declaration applies to our iPhone and Android mobile apps (hereinafter “app”). It explains the type, purpose and scope of data collection in the context of app use.

We would like to point out that data transmission on the Internet can have security gaps. Complete protection of the data against access by third parties is not possible.

The following declaration informs you which personal and general data we collect and how we process and use it.

2. Responsible entity

“Responsible entity” means the entity that collects, processes or uses personal data (e.g. names, email addresses or similar).

The responsible entity for data processing within the scope of this app is Gastfreund GmbH, Bahnhofstraße 4, D-87435 Kempten (hereinafter: Gastfreund).

If you wish to object to the collection, processing or use of your data by Gastfreund in accordance with these data protection provisions, either in whole or in respect of individual measures, you may send your objection by e-mail or letter to the following contact details:

Resonsible entity	Gastfreund GmbH Managing Director: Daniel Schulze Bahnhofstraße 4 87435 Kempten Germany info@hotelcore.io
Data Protection Officer	IITR Datenschutz GmbH Dr. Sebastian Kraska Marienplatz 2 80331 München Germany email@iitr.de

3. Collection, processing and use of personal data

In principle, you can download and use our app without being personally identifiable. You also do not have to disclose any personal information. We only know the push ID of the app installation. These data are anonymised and do not allow any conclusions to be drawn about your person. This information is only evaluated for statistical purposes. You remain anonymous as an individual user.

The collection of further personal data through this app will only take place if we are legally entitled to do so or you have expressly consented to the data collection in question.

4. Data collection in the context of app use

Personal data may be collected in the context of app use in the following ways in particular:

(1) Your data is collected on the basis of the access rights that this app requires and that you have granted us (e.g. location data), see point 6

(2) Data you enter in the app

Purpose of data processing	Provision of the Gastfreund services: digital guest communication between the Gastfreund client and guests.
Type and scope of data collection, processing and use	Entry of personal data by guests in the Gastfreund interface in the app or web. Forwarding of this data via AWS Mailclient to e-mail address specified by the customer. After the message has been sent by Gastfreund/AWS: deletion of the message sent and thus of the personal data depending on the applicable legal situation by Gastfreund customers. Amazon Web Services, Inc. P.O. Box 81226 Seattle, WA 98108-1226 http://aws.amazon.com Hosting is provided by: Amazon Web Services (server rooms) AWS Region Frankfurt
Possible personal data of the guest	Contact details of the guest: Name Address Phone number E-mail Number and age of children (if relevant for booking a room) Time and duration of stay Date and place of birth
Note	Should users of the services enter personal data of third parties, this must be done with their consent.
Persons affected	Users of the services offered by Gastfreund clients (guests)

5. Analytical tools

When you access our app, your behaviour may be statistically evaluated using certain analytics tools and analysed for market research purposes or to improve our offerings.

Firebase
Firebase is a real-time database. It can be used to embed real-time information. User data is transmitted anonymously to Firebase. Firebase is owned by Google and is based in San Francisco (CA), USA. The privacy policy of Firebase can be found at https://www.firebase.com/terms/privacy-policy.html .

General analysis with Google Analytics and complementary services
In order to be able to comprehensively optimise our offers beyond these analyses, we use the web analysis service Google Analytics, which uses cookies to scan usage both in real time and in the long term. The data is usually transferred to US servers and stored there; however, because we have activated IP anonymisation, Google must first shorten your IP address in EU and EEA countries (only in the event of technical failures in Europe, for example, is it possible that the IP address will be only shortened in the USA). You can object to the data collection and processing described in apps by deactivating them in the settings (on Android and iOS directly in the app menu under Privacy).

6. Access rights of the app

In order to provide our services via the app, we require the access rights listed below, which allow us to access certain features of your device.

6.1. Location

The app accesses your exact GPS location. The GPS data is required for the display of your location on the map of the surroundings, as well as for the calculation of the distance. If access to the exact data is not possible, the application accesses the approximate network-based location.

6.2. Photos, media, files

The app requires access rights to be able to change or delete SD card contents. This right is required for downloading app photos and uploading feedback photos and basic entry photos. The protected memory must be tested to check whether a file is saved in the SD card memory or in the internal memory of the phone.

6.3. Camera

The access right to the camera of your device allows you to upload a photo for the feedback function or when suggesting a basic entry. In addition, you can scan QR codes via the camera and thus go directly to the presence of your host.

6.4. WLAN connection information

The Wi-Fi connection is retrieved to allow you to access the app via Wi-Fi.

6.5. Other

Furthermore, the application requires access to the internet to download app content from the backend so that you can access the app via your mobile phone.
The app needs to detect if your device’s sleep mode is disabled in order to send push messages via the news function.

7. Storage of data

GPS data is kept in the app’s cache until it is replaced by an updated location. This position data is not personalised and does not allow any conclusions to be drawn about persons or devices. Images of the device or camera will only be processed in the context of feedback requests, sent by e-mail and not stored at Gastfreund. The push ID of the respective app installation is saved by default. This data is anonymised and does not allow any conclusions to be drawn about persons or devices. All data is stored until the app is deleted.

8. Links

In our app you will find links to other websites, such as to customers, websites relevant to tourism and to journals/magazines. While we strive to maintain links only to those sites that share our high standards and respect for privacy, we are not responsible for the content or security of those other sites, nor for their handling of personal information. Therefore, if you have left our website, we cannot take responsibility for the protection of the data you subsequently provide. In any case, you should exercise care and read the privacy statements of the websites concerned carefully.

9. Encryption

This app uses SSL encryption for security reasons and to protect the transmission of confidential content, such as enquiries that you send to us as the app operator. This encryption prevents the data you transmit from being read by unauthorised third parties.

10. Information rights of the data subject

According to the Bundesdatenschutzgesetz (Data Protection Act), our users have, among other things, a right to free information about their stored data, as well as, if applicable, a right to correction, blocking or deletion of data.
We take the protection of your data very seriously. To ensure that personal data is not disclosed to third parties, please send your request by e-mail or by post, clearly identifying yourself, to:

Gastfreund GmbH
Bahnhofstr. 4
87435 Kempten
Germany
Phone: +49 831 930 657-0
E-mail: info@hotelcore.io

11. Right of appeal to the competent supervisory authority

We would like to point out that you have the right to file a complaint with the competent supervisory authority in the event of a breach of data protection law. As a rule, the competent supervisory authority for data protection issues is the State Data Protection Commissioner of the federal state in which our company has its headquarters. A list of the data protection officers and their contact details can be found at the following link:
https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html

12. Objection to advertising mails

The use of contact data published within the framework of the legal notice obligation for the transmission of advertising and information material not expressly requested is herewith objected to. The operators of the app expressly reserve the right to take legal action in the event of the unsolicited sending of advertising information, such as spam e-mails.

13. Amendments of this privacy policy

We reserve the right to change this privacy policy at any time in compliance with the law.