You have reached this page via a link or want to find out about our handling of your personal data directly. In order to meet our information obligations in accordance with Art. 12 ff. of the General Data Protection Regulation (GDPR), we are happy to outline our privacy information for you below: Personal data is all data with which you can be personally identified. When you use this website, various personal data is collected. This privacy statement explains what data we collect and what we use it for. It also explains how and for what purpose this is done.
1. General notes and required information
1.1. Data collection
1.1.1. Who is responsible for data collection on this website?
The data controller is the natural or legal entity who decides on the purpose and means of processing of personal data (e.g. names, email addresses, etc.) alone or together with someone else. The data controller within the meaning of data protection law is:
Travel Charme Hotel GmbH & Co. KG
You can find more information about our company, information about the authorised representative and other ways to get in touch in the legal notice on our website https://www.bistro-patio.de/en/legal-notice
1.1.2. What data do we process? And for what purposes?
If we receive data from you, then this is, in principle, only processed for the purpose for which we have received or collected it. Some data is collected for the purposes of fulfilment of a contract or for advertising purposes, or in order to ensure correct provision of the website. Other data may be used for analysis of your visit to the website.
Data processing for other purposes is only considered if the necessary legal requirements in accordance with Art. 6 Para. 4 of the GDPR are met. We will of course observe any information obligations in accordance with Art. 13 Para. 3 of the GDPR and Art. 14 Para. 4 of the GDPR in that case.
1.1.3. What is the legal basis for this?
The legal basis for the processing of personal data is always Art. 6 of the GDPR – in the absence of specific legal provisions. In particular, the following options are considered here:
- Consent (Art. 6 Para. 1 point a) of the GDPR)
- Data processing for the fulfilment of contracts (Art. 6 Para. 1 point b) of the GDPR)
- Data processing on the basis of balancing of interests (Art. 6 Para. 1 point f) of the GDPR)
- Data processing for the fulfilment of a legal obligation (Art. 6 Para. 1 point c) of the GDPR)
If personal data is processed on the basis of your consent, then you have the right to withdraw your consent at any times with effect for the future.
If we process data on the basis of balancing of interests, you as the data subject have the right, taking the provisions of Art. 21 of the GDPR into consideration, to object to the processing of personal data.
1.1.4. How do we collect your data?
On the one hand, data is collected when you communicate it to us. This may be data that you enter in a contact form, for example. Other data is automatically collected by our IT systems when you visit our website. This is predominantly technical data (e.g. web browser, operating system or time at which the page was accessed). This data is collected automatically as soon as you access our website.
1.1.5. How long is the data stored?
We process the data for as long as this is required for the appropriate purpose.
If there are legal retention obligations – e.g. in reporting law or tax law – then the relevant personal data is stored for the duration of the retention obligation. Upon expiry of the retention obligation, we check whether there is still a requirement for processing. If there is no longer a requirement, then the data is erased.
1.1.6. 1.1.6. What rights do you have in relation to your data?
Information, restriction, erasure
You have the right to receive information, free of charge, regarding the origin, recipients and purpose of stored personal data concerning you at any time. You also have a right to request the rectification, restriction of processing or erasure of this data. You can contact us for this and any other questions on the topic of privacy at any time using the address indicated in the legal notice.
In particular, you have a right to object to the processing of your data in accordance with Art. 21 Para. 1 and 2 of the GDPR. Many data processing operations are only possible with your express consent. You can withdraw consent which you have already granted at any time. Informal notice by email to email@example.com is sufficient for this. The legality of the data processing carried out before withdrawal of consent remains unaffected by withdrawal.
Right of recourse
Furthermore, you have a right of recourse to the responsible supervisory authorities in the event of violations of data protection law. The responsible supervisory authority on data protection issues is the state data protection commissioner for the Federal state in which our company has its registered office. A list of the data protection commissioners and their contact details can be found via the following link: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html
1.1.7. What recipients is the data shared with?
In principle, your personal data is only ever shared with third parties if this is necessary for execution of the contract with you, sharing is permitted on the basis of balancing of interests within the meaning of Art. 6 Para. 1 point f) of the GDPR, we are legally obliged to share the data or you have given consent in this respect.
Your surfing behaviour may be statistically analysed during your visit to our website. This is predominantly done with cookies and with so-called analysis programs. Analysis of your surfing behaviour is generally done anonymously; the surfing behaviour cannot be traced back to you. You can object to this analysis or prevent it through the non-use of certain tools. You can also object to this analysis. You can find detailed information about this in the privacy statement below.
The operator of this website takes the protection of your personal data very seriously. We keep your personal data confidential and handle it in accordance with the statutory data protection regulations and this privacy statement.
Please note that data transmission on the internet (e.g. in communication via email) may have security vulnerabilities. Complete protection of the data against access by third parties is not possible.
1.2.1. SSL or TLS encryption
This website uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content such as the orders or enquiries which you send to us as the website operator.
You can recognise an encrypted connection because the address bar in your browser displays “https://” and by the lock symbol in your browser line. When SSL and TLS encryption is activated, the data which you communicate to us cannot be read by third parties.
1.2.2. Encrypted transactions on this website
If you are required, after concluding a contract against payment, to communicate your payment details (e.g. account number for direct debit authorisation) to us, then this data is only required for payment processing.
The transaction using a standard means of payment (Visa, Mastercard, direct debit) is only ever done via an encrypted SSL or TLS connection. During encrypted communication, the payment details which you communicate to us cannot be read by third parties. See also point 1.2.1 here.
2. Data protection officer
Statutory data protection officer
We have appointed a data protection officer for our company.
Mr Johannes Baeck
2B Advice GmbH
Joseph-Schumpeter Allee 25
Telefon: +49 (0) 228 / 926165120
3. Data collection on our website
The website uses so-called cookies to some extent. Cookies do not do any damage to your computer and do not contain viruses. They used to make our offering more user-friendly, effective and secure. Cookies are small text files which are stored on your computer and saved in your browser.
Some of these cookies are essential for the operation of our website, others will only be used with your explicit consent. You can find an overview of all providers and all cookies used by the providers, as well as your current settings, here: https://www.bistro-patio.de/en/privacy-policy#cmpcookieinfo
Most of the cookies we use are so-called “session cookies”. They are automatically deleted at the end of your visit. Other cookies remain saved on your device until you delete them. These cookies allow us to recognise your browser again on your next visit.
Cookies which are required for implementation of the electronic communication process or for the provision of specific functions that you want (e.g. shopping cart function) are stored on the basis of Art. 6 Para. 1 point f of the GDPR. The website operator has a legitimate interest in the storage of cookies for technically fault-free and optimised provision of its services. If other cookies (e.g. cookies for the analysis of your surfing behaviour) are stored, then these are dealt with separately in this privacy statement.
3.2. Server log files
The website provider automatically collects and saves information in so-called server log files which your browser automatically communicates to us. This is
- Browser type and browser version
- Operating system used
- Referrer URL
- Hostname of the accessing computers
- Time of server request
- IP adress
This data is not aggregated with other data sources.
The basis for data processing is Art. 6 Para. 1 point b of the GDPR, which permits the processing of data for the fulfilment of a contract or pre-contractual measures.
3.3. Contact form
If you submit an enquiry to us using the contact form, then we will store your information from the enquiry form, including the contact details you entered there, for the purposes of handling of the enquiry and in case of follow-up questions. We will not share this information without your consent.
Processing of the data entered in the contact form is therefore done exclusively on the basis of your consent (Art. 6 Para. 1 point a of the GDPR). You can withdraw this consent at any time. Informal notice by email to us is sufficient for this. The legality of the data processing operations carried out before withdrawal of consent remains unaffected by withdrawal.
We retain the data which you have entered in the contact form until you request its erasure, you withdraw your consent for storage or the purpose for data storage ceases to apply (e.g. after your enquiry has been handled). Mandatory legal provisions – in particular retention periods – remain unaffected.
3.4. Processing of data (customer and contract data)
We only collect, process and use personal data if this is required for the establishment, shaping of the content or amendment of the legal relationship (existing data). This is done on the basis of Art. 6 Para. 1 point b of the GDPR, which permits the processing of data for the fulfilment of a contract or pre-contractual measures. We collect, process and use personal data concerning the use of our website (usage data) insofar as this is requited in order to make the use of the services possible for users or invoice them for it.
The customer data is erased following completion of the order or termination of the business relationship. Statutory retention periods remain unaffected.
4. Analysis Tools and advertising
With the help of “Consentmanager”, you can grant or refuse your consent for specific functions on our website, e.g. for the purposes of integration of external elements, integration of streaming content, statistical analysis, reach measurements and personalised advertising. You can grant or refuse your consent for all functions for a specific purpose or individual functions with the help of “Consentmanager”. You can also subsequently change the settings you have made. The purpose of the integration of “Consentmanager” is to leave the decision regarding the things mentioned above to the users of our website and offer the option of changing settings which have already been made during the course of further use of our website. Personal data and information concerning the devices used, such as IP address, are collecting during the course of use of “Consentmanager”.
“Consentmanager” stores your data as long as your user settings are active. Consent is requested again after two years as from making the user settings. The user settings made are then stored again for this period.
You can file an objection against processing. Your right to object exists on grounds which result from your particular situation. To file an objection, please email firstname.lastname@example.org
4.2.1. Google Analytics
This website uses functions from the Google Analytics web analysis service. The provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
Google Analytics uses so-called “cookies”. These are text files which are stored on your computer and which allow for analysis of your use of the website. The information regarding your use of this website generated by the cookies is generally communicated to a Google server in the USA and stored there. The storage of Google Analytics cookies is done on the basis of Art. 6 Para. 1 point f of the GDPR.
We have activated the IP anonymisation function on this website. As a result, Google will shorten your IP address within member states of the European Union or in other states which are party to the Agreement on the European Economic Area before communication to the USA. In exceptional cases only, the full IP address will only be communicated to a Google server in the USA and shortened there. Google will use this information on behalf of the operator of this website to analyse your use of the website, to compile reports on website activities and to provide other services associated with use of the website and use of the internet for the website operator. The IP address communicated by your browser within the context of Google Analytics is not aggregated with other Google data.
You can prevent the storage cookies using an appropriate setting in your browser software; however, please note that you may not be able to make full use of all of the functions of this website in this case. You can also prevent the collection of the data generated by the cookies and relating to your use of the website (incl. your IP address) at Google and the processing of this data by Google by downloading and installing the browser plugin which is available at the following link: https://tools.google.com/dlpage/gaoptout?hl=de
Objection to data collection
You can prevent the collection of your data by Google Analytics by clicking on the following link: deactivate Google Analytics. An opt-out cookie which prevents the collection of your data during future visits to this website will be stored.
You can find more information about Google Analytics’ handling of user data in the Google privacy statement: https://support.google.com/analytics/answer/6004245?hl=de
Contract data processing
We have concluded a contract regarding contract data processing with Google and implement the strict requirements of the German data protection authorities during the use of Google Analytics.
Demographic characteristics with Google Analytics
This website uses the “demographic characteristics” function of Google Analytics. As a result, reports which contain statements regarding the age, gender and interests of visitors to the website are generated. This data originates from interest-based advertising from Google and visitor data from third-party providers. This data cannot be associated with a specific person. You can deactivate this function at any time via the display settings in your Google account or generally prohibit the collection of your data by Google Analytics as set out in the “Objection to data collection” point.
4.2.2. Google Tag Manager
This website uses Google Tag Manager. It is used for the collection of data on a website which will be communicated to the appropriate analysis tool. The data is only communicated here, not collected or stored. For its part, this tool can trigger other tags which may be recorded under some circumstances. Google Tag Manager does not access this data. If you have deactivated something at a domain or cookie level, then this is maintained for all tracking tags which are implemented with Google Tag Manager.
4.2.3. Google Ads and Google Conversion Tracking
This website uses Google Ads. Google Ads is an online advertising program from Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States (“Google”).
We also use so-called conversion tracking within the context of Google Ads. If you click on an advertisement provided by Google, a cookie is stored for conversion tracking. Cookies are small text files which the internet browser stored on your computer. These cookies become invalid after 30 days and are not used to identify you personally. If you visit specific pages of this website and the cookie has not yet expired, then we and Google known that you clicked on the advertisement and were forwarded to this page.
The information collected with the help of conversion cookies is used to generate conversion statistics for Google Ads customers who have opted in to conversion tracking. The customers get information concerning the total number of users who clicked on their advertisement and were forwarded to a page with a conversion tracking tag. However, they do not receive any information which can be used to personally identify users. If you do not want to participate in tracking, you can object to this use by deactivating cookies for Google Conversion Tracking via your internet browser under user settings. You will then not be included in the conversion tracking statistics.
The storage of “conversion cookies” is done on the basis of Art. 6 Para. 1 point f of the GDPR. The website operator has a legitimate interest in the analysis of user behaviour in order to optimise both their website and their advertising.
4.2.4. Google Remarketing
Our website uses Google remarketing functions in conjunction with the cross-device functions of Google Ads and Google DoubleClick. The provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
This function makes it possible to link the advertising target audiences generated with Google remarketing with the cross-device functions of Google Ads and Google DoubleClick. In doing so, interest-related, personalised advertising messages which have been customised for you depending on your previous usage and surfing behaviour on a device (e.g. mobile) can also be displayed on another one of your devices (e.g. tablet or PC).
If you have granted the appropriate consent, then Google links your web and app browser history with your Google account to this end. In this way, the same personalised advertising messages can be displayed on every device on which you log in to your Google account.
To support this function, Google Analytics collects users’ Google-authenticated IDs which are temporarily linked with our Google Analytics data in order to define and create target audiences for cross-device advertising.
You can permanently object to cross-device remarketing/retargeting by deactivating personalised advertising in your Google account at this link: https://www.google.com/settings/ads/onweb/
The aggregation of the data collected in your Google account is done exclusively on the basis of your consent, which you can grant to or withdraw from Google at any time (Art. 6 Para. 1 point a of the GDPR). For data collection operations which are not aggregated in your Google account (e.g. because you do not have a Google account or have objected to aggregation), the collection of data is based on Art. 6 Para. 1 point f of the GDPR.
4.3. Microsoft Bing
4.3.1. Microsoft Bing Ads and Conversion Tracking
We use conversion tracking from Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA on our website.
Under some circumstances, Microsoft can also track your usage behaviour across multiple of your electronic devices using so-called cross-device tracking and is therefore able to show personalised advertising on or in Microsoft websites and apps. You can deactivate this behaviour under: http://choice.microsoft.com/de-de/opt-out
You can find more information about the Bing analysis services on the Bing Ads website: https://help.bingads.microsoft.com/#apex/3/de/53056/2
You can find more information concerning privacy and the cookies used by Microsoft and Bing Ads on the Microsoft website at: https://privacy.microsoft.com/de-de/privacystatement
4.3.2. Bing Ads Remarketing
We also use Bing Ads remarketing. Using this application, we can show our advertisements during your continued internet usage after visiting our website.
In this way, we want to show you advertising which is of interest to you. This is done using a cookie which is stored in your browser, through which your usage behaviour is collected and analysed. No personal information concerning individual users is disclosed to us.
You can prevent tracking by turning off the storage of cookies in your browser settings. However, this will then limit the extent to which our online offering functions for you. You can also prevent the collection of data by Microsoft by clicking here: http://choice.microsoft.com/de-de/opt-out
An opt-out cookie which prevents the future recording of your visit to our website will be stored. Please note that this opt-out cookie will be erased if you delete all cookies on your device. If you still want to object, then you must reinstate the cookie using the button above.
The legal basis for processing is Art. 6 Para. 1 point f of the GDPR.
5. Adobe Fonts
We use Adobe Fonts on our website. The provider of this service is Adobe Systems Incorporated: 345 Park Avenue, San Jose, California 95110-2704, USA Adobe Systems Software Ireland Limited: 4-6 Riverwalk, City West Business Campus, Saggart, Dublin 24, Ireland.
5.1. Adobe TypeKit Fonts
We use so-called web fonts, which are provided by Adobe, to consistently display fonts. When accessing a page, your browser downloads the necessary web fonts into your browser cache in order to display text and fonts correctly. The browser you are using must connect to the Adobe servers for this purpose. As a result, Adobe learns that our website was accessed by your IP address.
Adobe TypeKit fonts are used in the interests of the consistent and appealing presentation of our online offerings. The legal basis is Art. 6 Para. 1 point f of the GDPR. You can find more information about Adobe TypeKit fonts in the Adobe privacy statement at: https://www.adobe.com/de/privacy/policies/typekit.html
You can set your browser such that the fonts are not loaded from the Adobe servers (e.g. by installing add-ons such as NoScript or Ghostery). If your browser does not
support Adobe Fonts or if you prevent access to the Adobe servers, then the text will be displayed in the standard system font.
If you would like to receive the newsletter offered on the website, we will require an email address from you as well as information which confirms to us that you are the owner of the email address provided and consent to the receipt of our newsletter. Other data is not collected or is only collected on a voluntary basis. We use this data solely to send the requested information and do not share it with third parties.
Processing of the data entered in the newsletter subscription form is done exclusively on the basis of your consent (Art. 6 Para. 1 point a of the GDPR). You can withdraw your consent to the storage of data, the email address and their use to send the newsletter at any time, using the unsubscribe link in the newsletter for example. The legality of the data processing operations which have already been carried out remains unaffected by withdrawal.
We will store the data we have stored for the purposes of the newsletter subscription until you unsubscribe from the newsletter and will erase it after unsubscription from the newsletter. Data which we have stored for other purposes (e.g. email addresses for a table reservation) remains unaffected by this.
7. Table reservation
This website uses the “OpenTable” booking service for the reservation of tables in our restaurant. The provider is OpenTable GmbH, Zeil 109, Frankfurt 60313 Germany.
OpenTable is used in the interests of appealing presentation and ease of booking for the online offerings indicated by us on the website. This constitutes a legitimate interest within the meaning of Art. 6 Para. 1 point f of the GDPR.
You can find more information about the handling of user data in the OpenTable privacy statement: https://www.opentable.de/legal/privacy-policy
You can find the cookie and personalised advertising policy here: https://www.opentable.de/legal/cookie-policy
8. Here Maps