GDPR

Data Protection Declaration according to Art. 13 GDPR

Hotel MORGENROTH
Rodvi GmbH
Gustav-Töpfer-Straße 4
07422 Bad Blankenburg
Germany

Managing Director: Jan Vaněček
Phone: +49 1525 9165684
E-Mail: vanecek.jan@rodvi-group.cz
Web: www.hotel-morgenroth.de

1. Controller for Data Processing

The controller for data processing within the meaning of the General Data Protection Regulation (GDPR) is: Rodvi GmbH
Gustav-Töpfer-Straße 4
07422 Bad Blankenburg
Germany
E-Mail: info@hotel-morgenroth.de

2. Purpose of Processing Personal Data

We process personal data of our guests, employees, suppliers and partners exclusively for the following purposes:

  • Processing reservations and accommodation contracts
  • Providing gastronomic services
  • Billing and payment processing
  • Communication (e.g. via e-mail, contact form)
  • Fulfilling legal obligations (e.g. reporting obligation according to the Federal Registration Act)
  • Direct advertising for our own similar offers

3. Legal Basis for Data Processing

The processing of personal data is based on the following legal bases:

  • Art. 6 para. 1 lit. b GDPR (performance of a contract)
  • Art. 6 para. 1 lit. c GDPR (legal obligation)
  • Art. 6 para. 1 lit. f GDPR (legitimate interest)
  • Art. 6 para. 1 lit. a GDPR (consent, if required)

4. Categories of Data Processed

  • Master data (name, address, date of birth)
  • Contact details (e-mail, telephone number)
  • Payment data (bank details, invoice data)
  • Stay data (arrival, departure, room category)
  • Correspondence data (e-mails, correspondence)

5. Data Transfer to Third Parties

Data will only be passed on to the following recipients within the framework of legal requirements:

  • Tax consultants, lawyers and supervisory authorities
  • IT and booking system service providers
  • Payment service providers
  • Public authorities in the event of legal reporting obligations. Data will not be transferred to third countries without express consent.

6. Duration of Storage

Personal data will only be stored for as long as it is necessary for the purposes of processing or as long as statutory retention periods exist (e.g. 10 years in accordance with § 147 AO).

7. Rights of Data Subjects

Data subjects have the following rights:

  • Right to information (Art. 15 GDPR)
  • Right to rectification (Art. 16 GDPR)
  • Right to erasure (Art. 17 GDPR)
  • Right to restriction of processing (Art. 18 GDPR)
  • Right to data portability (Art. 20 GDPR)
  • Right to object (Art. 21 GDPR)
  • Right to withdraw consent (Art. 7 para. 3 GDPR)
  • Right to lodge a complaint with a supervisory authority (Art. 77 GDPR)

Responsible data protection supervisory authority:
Thuringian State Commissioner for Data Protection and Freedom of Information (TLfDI)
Härdelsteinstraße 8, 99099 Erfurt
Web: www.tlfdi.de

8. SSL Encryption / IT Security

Our website uses SSL encryption. We use technical and organizational security measures to protect stored data against loss, destruction, manipulation and unauthorized access.

9. Use of Cookies and Analysis Tools

We use cookies to make the website user-friendly and tools such as Google Analytics only with consent. Further information can be found in the cookie policy.

10. Updating the Privacy Policy

This privacy policy will be updated as needed. Last updated: 01.05.2025