Privacy policy

Cookie-Settings

Information on data processing
according to Art. 13 GDPR

We are pleased that you are visiting our homepage and thank you for your interest in our company. Dealing with our customers and interested parties is a matter of trust. The trust placed in us is very important to us and therefore the importance and obligation to handle your data carefully and to protect it from misuse.

The Estrel Berlin specifically follows the EU General Data Protection Regulation and the current Federal Data Protection Act (BDSG). When using the internet, we follow the Telemedia Act (TMG) and the Telecommunications Telemedia Data Protection Act (TTDSG) of the Federal Republic of Germany to protect your personal data. In the following, we explain what information we collect during your visit to our websites and how it is used.

Overview

Name and address of the person responsible

The person responsible within the meaning of the GDPR and other national data protection laws of the member states as well as other data protection regulations is

Estrel Hotel-Betriebs-GmbH
Sonnenallee 225
D-12057 Berlin
Deutschland
Tel.: +49 (0)30 68310
Telefax: +49 (0)30 68312345
Mail: Email address obfuscated. Please activate Javascript.

Name and address of the Data Protection Officer

The data protection officer of the person responsible is:

Andreas Thurmann
DataSolution LUD GmbH
Isarstr. 13
D-14974 Ludwigsfelde
Deutschland
Tel.: +49 (0) 3378 202513
Mail: Email address obfuscated. Please activate Javascript.

General information on data processing

Scope of the processing of personal data

As a matter of principle, we collect and use personal data of our users only to the extent necessary to provide a functional website and our contents and services. The collection and use of personal data of our users is regularly only carried out with the consent of the user. An exception is made in cases where prior consent cannot be obtained for factual reasons and the processing of the data is permitted by law.

Legal basis for the processing of personal data

Insofar as we obtain the consent of the data subject for processing of personal data, Art. 6 para. 1 lit. a GDPR serves as the legal basis. When processing personal data which is necessary for the performance of a contract to which the data subject is a party, Art. 6 para. 1 lit. b GDPR serves as the legal basis. This also applies to processing operations which are necessary for the implementation of pre-contractual measures. Insofar as processing of personal data is necessary to fulfil a legal obligation (statutory provisions) to which our company is subject (e.g. federal registration laws), Art. 6 para. 1 lit. c GDPR serves as the legal basis. If the processing is necessary to safeguard a legitimate interest of our company or a third party and if the interests, fundamental rights and freedoms of the person concerned do not outweigh the former interest, Art. 6 para. 1 lit. f GDPR serves as the legal basis for the processing.

Data deletion and storage duration

The personal data of the person concerned will be deleted or blocked as soon as the purpose of the storage no longer applies. Furthermore, data may be stored if this has been provided for by the European or national legislator in Union regulations, laws or other regulations to which the person responsible is subject. Blocking or erasure of data is also carried out when a storage period prescribed by the above-mentioned standards expires, unless there is a need to continue storing the data for the purpose of concluding or fulfilling a contract.

Contact form/e-mail contact

Description and scope of data processing

If there is a contact form on our website, it can be used for electronic contact. If you use this option, the data entered in the input mask will be transmitted to us and stored. These data are: Title, first name and surname, address, e-mail address, telephone number and the request.

Alternatively, it is possible to contact us via the e-mail address provided. In this case your personal data transmitted with the e-mail will be stored.

Legal basis for data processing

The legal basis for the processing of the data is first of all our legitimate interest in the data processing in the context of the establishment of contact by the inquirer. If the purpose of the contact is the conclusion of a contract, the additional legal basis for the processing is the processing within the framework of a business relationship or contractual relationship.

Purpose of the data processing

The data will be used exclusively for processing the conversation. The processing of the personal data from the input mask serves us solely to process the contact. In the case of contacting us by e-mail, this is also the necessary legitimate interest in the processing of the data.

The other personal data processed during the sending process serves to prevent misuse of the contact form and to ensure the security of our information technology systems.

Duration of storage

The data will be deleted as soon as they are no longer necessary for the purpose for which they were collected. For personal data sent by e-mail, this is the case when the respective conversation with the user has ended. The conversation is terminated when it is clear from the circumstances that the matter in question has been conclusively clarified.

If the contact is a pre-contractual relationship (offer or reservation request), the transmitted data will also be stored in our hotel or event software and used for the execution of the contract. If there is no contractual relationship, we delete the data after one year at the end of the year.

Possibility of appeal

You have the opportunity to object to the processing of your data at any time. For this purpose we have set up the e-mail address Email address obfuscated. Please activate Javascript..

We would like to point out that in the event of an objection, the conversation cannot be continued or we are unable to provide offers etc.

All personal data stored in the course of the contact will be deleted in this case.

Collection, processing and use of personal data in the Estrel Berlin

Description and scope of data processing

The object of data processing is the operation of a hotel, the organisation of events (Congress Centre) and our entertainment offer (Stars in Concert). The collection, processing and use of data is carried out in order to fulfil the stated purpose.

The Estrel Berlin is responsible for the execution of the reservations. To increase our services, we manage all data received in our central hotel software. The booking data can only be viewed by the responsible body; access to a guest's master data is used, for example, to make a reservation for another hotel at a later date, to rebook or to carry out marketing activities in a centralised manner. For this purpose, central services such as reservations and marketing access this data. The legal basis for the processing of the data is our legitimate interest in data processing within the framework of central administration and use of the data of our customers and business partners.

Contact details of guests can be used for promotional purposes at a later date. Promotional activities preferably include mailings. The use of the e-mail address requires the consent of the guest.

Your data will only be processed for purposes other than those mentioned above if such processing is permissible pursuant to Art. 6 (4) GDPR and is compatible with the original purposes of the contractual relationship. We will inform you about such processing prior to any such further processing of your data.

Legal basis for data processing

The legal basis for the processing of the data is the conclusion of an accommodation contract with the guest. The transmitted data is stored in our hotel software and used for the execution of the contract.

Groups of persons, data and categories of data concerned:

The following categories of personal data are collected, processed and used in order to fulfil the stated purpose:

  • Guest data (esp. first and last name, address data, contact data, reservation data, guest requests, billing data)
  • Other customer data (especially address data, billing and performance data)
  • Interested party data (esp. interest in accommodation, address data)

Recipients to whom the data may be disclosed:

Data may be communicated to the following recipients:

  • Internal units involved in the execution and fulfilment of the respective business processes (e.g. central reservations, accounting, sales & marketing, IT organisation)
  • Public bodies that receive data on the basis of statutory regulations (e.g. law enforcement agencies, authorities from the public sector)
  • External contractors according to Art. 28 GDPR (service companies)
  • Other external bodies (e.g. credit institutions, companies insofar as the persons concerned have declared their written consent or transmission is permissible for predominant legitimate interest)

Purpose of the data processing

The main purpose of the collection, processing or use of personal data is the management, care and hospitality of guests within the framework of the accommodation contract.

Duration of storage

The legislator has enacted a variety of retention obligations and periods. After these periods have expired, the corresponding data and data records are routinely deleted or anonymised if they are no longer required for the fulfilment of the contract. For example, the commercial or financial data of a completed business year are deleted in accordance with legal regulations after a further ten years, unless longer retention periods are prescribed or required for justified reasons. Reservation documents can be destroyed after 6 years, the special registration form after one year at the end of the year.

Possibility of objection

You have the option to object to the processing of your data at any time. We have set up the e-mail address Email address obfuscated. Please activate Javascript. for this purpose.

 

Your stay at the hotel

Description and scope of data processing

During the stay in our hotel, we collect and process information about guests in our hotel software. Data of the following groups of persons can be stored:

  • Guests, business partners, companies
  • Interested parties and potential interested parties (e.g. for requests for proposals)

The data stored may include:

  • First and last name
  • Date of birth
  • Contact details (telephone, e-mail address)
  • Address
  • Nationality
  • Company
  • Identity card and passport data
  • Service data
  • Accounting data
  • Data on payment processing (e.g. credit card data)
  • Video recordings for the collection of evidence in cases of vandalism, burglary, robbery or other criminal offences

If you have made the booking on a hotel portal, with a tour operator or in a travel agency, your data will be forwarded to us by these providers in order to fulfil the concluded contract.

Purposes and legal basis of data processing

We use the personal data provided by you exclusively for the fulfilment of the agreed contractual services, i.e. the management, care and hospitality of guests within the framework of the accommodation contract.

We store your data in our hotel software and in reservation, billing and payment applications. In addition to your personal data, this may include billing data about food and beverages, telephone calls made from the room and/or other hotel-specific services.

Due to the registration regulations (§ 29 ff. Bundesmeldegesetz), we are obliged to ask our guests to fill in a registration form on site or online. In addition to the first name, surname and address, this form also contains information about the guest's birthday, nationality and family members travelling with them. We must also ask foreign guests for their identity card number. All other information is voluntary.

If services are used, as a rule only such data is collected as is required for the provision of the services. If further data is collected, it is voluntary information. Personal data is processed exclusively to fulfil the requested services and to protect our own legitimate business interests in accordance with Art. 6 Para. 1 lit. f GDPR.

Data will be used for the following purposes:

  • Registration on arrival and departure incl. completion of the registration form
  • The handing out of the room card for yourself and fellow travellers
  • Implementation of requested services
  • Processing of the payment modalities
  • Storage of preferences for future hotel stays

Processing of data for purposes other than those mentioned will only take place insofar as such processing is permissible pursuant to Art. 6 (4) GDPR and is compatible with the original purposes of the contractual relationship. We will inform you about such processing prior to any such further processing of your data.

Recipients to whom the data may be disclosed

  • Public bodies that receive data on the basis of statutory regulations (e.g. law enforcement agencies, authorities from the public sector)
  • Internal units involved in the execution and fulfilment of the respective business processes (e.g. administration, accounting, sales & marketing, IT organisation)
  • External contractors according to Art. 28 GDPR (service companies)
  • Other external bodies (e.g. credit institutions)

Data deletion

The legislator has enacted a variety of retention obligations and periods. After these periods have expired, the corresponding data and data records are routinely deleted if they are no longer required for the fulfilment of the contract. For example, the commercial or financial data of a completed financial year are deleted in accordance with legal regulations after a further ten years, unless longer retention periods are prescribed or required for justified reasons. Reservation documents can be destroyed after 6 years, the registration form after one year at the end of the quarter. If data is not affected by this, it will be deleted without being requested if the aforementioned purposes cease to apply.

Video recordings are stored for 72 hours.

Online booking via the website

Description and scope of data processing

On our website you can book rooms and arrangements for the Estrel Berlin. If you take this opportunity, the data entered in the input mask will be transmitted to us and stored. These data are: First name, surname, e-mail address, telephone, e-mail, billing address and contact person for corporate clients, if applicable, number, names and contact details of fellow travellers, travel dates, requests, payment details, date, time.

When you make an online booking from our websites, it is done through the online reservation system of TravelClick, Inc. at 7 Times Square, 38th Floor, New York, USA. All booking data you enter is transmitted in encrypted form. Our contractual partner has committed itself to handling your transmitted data in a manner compatible with data protection. It takes all organisational and technical measures to protect your data.

In this context, the data will initially not be passed on to third parties. If there is a justified interest in receiving information about the availability of natural persons who are commercially active and legal entities, and information about their creditworthiness, we can carry out a request for information at IHD Gesellschaft für Kredit- und Forderungsmanagement mbH, Augustinusstr. 11 B, 50226 Frechen, Germany.

Legal basis for data processing

The legal basis for processing the data is the conclusion of an accommodation contract.

The transmitted data is stored in our hotel software and used for the execution of the contract. If there is no contractual relationship, we delete the data after one year at the end of the year.

Purpose of the data processing

The processing of the personal data from the input mask serves us solely to process the booking request and to handle payment transactions.

Duration of storage

The data will be deleted as soon as they are no longer necessary for the purpose for which they were collected. In the case of a contractual relationship, we will delete the data received as soon as national, commercial, statutory or contractual retention requirements are fulfilled.

Possibility of appeal

You have the opportunity to object to the processing of your data at any time. For this purpose we have set up the e-mail address Email address obfuscated. Please activate Javascript..

We would like to point out that in case of an objection the booking cannot be completed or the conversation cannot be continued.

Online booking via other websites

Description and scope of data processing

The Estrel Berlin gives interested parties the opportunity to book rooms and arrangements via hotel reservation portals (third-party providers). If you take advantage of this opportunity, the data entered in the input mask will be transmitted to us and stored to the extent permitted by the respective hotel reservation portal in accordance with its own data protection regulations. Data can be: first name, surname, e-mail address, telephone, address, number of fellow travellers, estimated time of arrival, requests, payment details (credit card).

In this context, the data will initially not be passed on to third parties. If there is a justified interest in receiving information about the availability of natural persons who are commercially active and legal entities, and information about their creditworthiness, we can carry out a request for information at IHD Gesellschaft für Kredit- und Forderungsmanagement mbH, Augustinusstr. 11 B, 50226 Frechen, Germany.

Legal basis for data processing

The legal basis for processing the data is the conclusion of an accommodation contract.

The transmitted data is stored in our hotel software and used for the execution of the contract. If there is no contractual relationship, we delete the data after one year at the end of the year.

Purpose of the data processing

The processing of the personal data from the input mask serves us solely to process the booking request and to handle payment transactions.

Duration of storage

The data will be deleted as soon as they are no longer necessary for the purpose for which they were collected. In the case of a contractual relationship, we will delete the data received as soon as national, commercial, statutory or contractual retention requirements are fulfilled.

The Estrel Berlin has no influence on the storage periods of the respective hotel reservation portal.

Possibility of appeal

You have the opportunity to object to the processing of your data at any time. For this purpose we have set up the e-mail address Email address obfuscated. Please activate Javascript..

We would like to point out that in case of an objection the booking cannot be completed or the conversation cannot be continued.

Table reservation

Description and scope of data processing

On our website you can reserve a table for our restaurants. If you take this opportunity, the data entered in the input mask will be transmitted to us. These data are: First name, surname, e-mail address, telephone number, details of the table reservation (day, time, number of persons, restaurant) and optional details of special requests and occasion.

If you make a table reservation from our websites, this is done through the online reservation system of OpenTable GmbH, Schumannstr. 27, 70325 Frankfurt, Germany. All order data entered by you is transmitted in encrypted form. OpenTable has committed itself to handling the data you provide in a manner compatible with data protection. OpenTable takes all organisational and technical measures to protect your data.

Your data at OpenTable is stored in the United Kingdom. We would like to point out that in the context of making a reservation, your data may also be stored in third countries, such as the USA, by OpenTable. You can read more about this in OpenTable's privacy policy.

Legal basis for data processing

The legal basis for processing the data is first of all our legitimate interest in data processing and the existence of the user's consent by accepting our conditions for data processing.

Purpose of the data processing

The data will be used by us exclusively for table reservations. If you would like OpenTable to continue using your information, OpenTable will obtain a separate consent form.

Duration of storage

The data will be deleted as soon as they are no longer necessary for the purpose for which they were collected.

Possibility of appeal

You have the possibility to object to the publication of his comments for the future at any time. For this purpose we have set up the e-mail address Email address obfuscated. Please activate Javascript..

Purchase a voucher via the website

Description and scope of data processing

On our website there is the possibility to buy vouchers. If you take this opportunity, the data entered in the input mask will be transmitted to us and stored. These data are: Salutation/company, first name, surname, address, e-mail address, telephone, date of birth, voucher value, wishes, payment data, password for individual user account.

If you make a voucher purchase from our websites, this is done through the online ordering platform of INCERT eTourismus Gmbh & Co KG, Leonfeldner Straße 328, A-4040 Linz, Austria. All order data entered by you is transmitted in encrypted form. INCERT has committed itself to handling your transmitted data in accordance with data protection regulations. INCERT takes all organisational and technical measures to protect your data.

Initially, the data will not be passed on to third parties. If there is a justified interest in receiving information about the availability of natural persons who are commercially active and legal entities, and information about their creditworthiness, we can carry out a request for information at the IHD Gesellschaft für Kredit- und Forderungsmanagement mbH, Augustinusstr. 11 B, 50226 Frechen.

Legal basis for data processing

The legal basis for the processing of the data is the conclusion of a sales contract with the user in accordance with Art. 6 Paragraph 1 letter b GDPR.

Purpose of the data processing

The processing of the personal data from the input mask serves us solely for the processing of the voucher purchase and for the handling of payment transactions.

Duration of storage

The data will be deleted as soon as they are no longer necessary for the purpose for which they were collected. In the case of a contractual relationship, we will delete the data received as soon as national, commercial, statutory or contractual retention requirements are fulfilled.

Possibility of appeal

You have the opportunity to object to the processing of your data at any time. For this purpose we have set up the e-mail address Email address obfuscated. Please activate Javascript..

Online service for exhibitors

Description and scope of data processing

On our website, exhibitors at trade fairs etc. have the opportunity to register in the exhibitor shop in order to place orders within the framework of an event or for a trade fair stand. If you take advantage of this opportunity, the data entered in the input mask will be transmitted to us and stored. These data are: Salutation, first name, surname, e-mail address, telephone, mobile phone, company or invoice address, login data, requests, payment data, date, time.

If you place an online order, this is done through the online ordering system of Ungerboeck Systems International GmbH, Kaiserstrasse 72, 76133 Karlsruhe, Germany. All order data entered by you is transmitted in encrypted form. Our contractual partner has committed itself to handling your transmitted data in accordance with data protection laws.

In this context, the data will initially not be passed on to third parties. If there is a justified interest in receiving information about the availability of natural persons who are commercially active and legal entities, and information about their creditworthiness, we can carry out a request for information at IHD Gesellschaft für Kredit- und Forderungsmanagement mbH, Augustinusstr. 11 B, 50226 Frechen, Germany. More information can be found under this link.

Legal basis for data processing

The legal basis for processing the data is the conclusion of a sales contract with the user.

The transmitted data can be stored in our hotel software and used for the execution of the contract, for example when the user places an order for catering.

Purpose of the data processing

The processing of the personal data from the input mask for registration and the orders for an event carried out with the user account serves us solely to process the order and to handle payment transactions.

Duration of storage

The data will be deleted as soon as they are no longer necessary for the purpose for which they were collected. In the case of a contractual relationship, we will delete the data received as soon as national, commercial, statutory or contractual retention requirements are fulfilled.

Possibility of appeal

You have the opportunity to object to the processing of your data at any time. For this purpose we have set up the e-mail address Email address obfuscated. Please activate Javascript..

Sending e-mails before arrival

Description and scope of data processing

Before our guests arrive, we would like to send a welcome email to those from whom we have received an email address in the course of the booking. A few days before arrival, the guest will receive an e-mail with a reservation summary and information about the reservation and available additional services.

When we send these e-mails, we do so via the SerenataCRM platform of Serenata IntraWare GmbH, Neumarkter Str. 18, D-81637 Munich. Serenata has committed itself to handling your transmitted data in accordance with data protection laws. Serenata takes all organisational and technical measures to protect your data.

Legal basis for data processing

The legal basis for processing the data is first of all our justified interest in data processing within the framework of the booking, i.e. the contractual relationship.

Purpose of the data processing

By contacting us, we would like to give the guest the opportunity to book additional services quickly and conveniently.

Duration of storage

The data will be deleted as soon as they are no longer required for the purpose for which they were collected.

Possibility of appeal

You have the opportunity to object to the processing of your data at any time. For this purpose we have set up the e-mail address Email address obfuscated. Please activate Javascript..

Support, advice and advertising for corporate clients

Description and scope of data processing

For the support, advice and advertising of corporate customers, we collect and use the contact person, telephone number and postal address in addition to the business partner or potential business partner. We obtain the information from various sources, either through an enquiry (e-mail or telephone), but also through events, trade fairs, business cards received by our sales staff, etc.

In this context, the data will not be passed on to third parties.

Legal basis for data processing

The legal basis for processing the data is our legitimate interest in data processing. If the purpose of the contact is to conclude a contract, the additional legal basis for processing is the business relationship or contractual relationship. To increase our services, we manage all data received in the CRM module of our central hotel software within the Estrel Hotel.

Purpose of the data processing

We use these contact details exclusively for our own purposes and for the needs-based design of our own sales activities.

Duration of storage

In principle, no deletion period is provided for. However, if our sales department has not had contact with the company contact within 3 years, the sales department will decide whether the contact person of the company contact will be deleted.

If the contact is a pre-contractual relationship (offer, booking or reservation request), the transmitted data will also be stored in our hotel software and used for the execution of the contract. If there is no contractual relationship, we delete the data after one year at the end of the year.

Possibility of appeal

As a company contact, you have the opportunity to object to the processing of your data at any time. For this purpose we have set up the e-mail address Email address obfuscated. Please activate Javascript..

In this case, all personal data of the contact person that has been saved for the business partner will be deleted.

Online evaluation

Description and scope of data processing

Former guests can give a rating to our hotel after check-out. For this purpose we would like to send you an e-mail within 14 days after departure to ask you to submit a hotel evaluation. Each rating can be published anonymously on request. Should you not feel comfortable in our hotel, we would like to take the opportunity to contact you.

When we send these e-mails, this is done via the platform dailypoint of Toedt, Dr. Selk & Coll. GmbH, Augustenstr. 79, D-80333 Munich. The service provider has committed itself to handling your transmitted data in accordance with data protection laws. Toedt, Dr. Selk & Coll. GmbH takes all organisational and technical measures to protect your data.

If you would like to take advantage of this possibility of online evaluation, your data can be saved in the evaluation mask. These data are: e-mail address as well as voluntary details such as first name, surname, language and the details of the evaluation.

In this context, the data will not be passed on to third parties.

Legal basis for data processing

The legal basis for the processing of the data is our legitimate interest in data processing.

Purpose of the data processing

The purpose of the hotel evaluation is to communicate and summarise the opinions of hotel guests via our website so that interested parties can form their own opinion about our services and performance. In addition, the results serve our internal quality management.

The data will be used exclusively for the publication of the evaluation and for arbitration in case of bad evaluations.

Duration of storage

The data will not be deleted.

Possibility of appeal

There is always the possibility to have the publication of the rating deleted (right to forget). For this purpose we have set up the e-mail address Email address obfuscated. Please activate Javascript.. Please let us know which rating is concerned.

Newsletter service

Description and scope of data processing

On our website you have the possibility to register for our newsletter service in different ways. If you take this opportunity, the data entered in the input mask will be transmitted to us and stored. These data are: e-mail address, title, first name, surname, company, address and the type of newsletter.

If you register for a newsletter from our website, the data will be saved in our newsletter tool: dailypoint der Toedt, Dr. Selk & Coll. GmbH, Augustenstr. 79, D-80333 Munich, Germany. The provider has committed itself to handling your transmitted data in accordance with data protection laws. It takes all organisational and technical measures to protect your data.

If we receive an e-mail address elsewhere where the recipient clearly informs us that he/she wishes to receive our newsletter, we will collect his/her data via the input mask on our website.

In this context, the data will not be passed on to third parties.

Legal basis for data processing

The legal basis for processing the data is the existence of the consent of the recipient. This is ensured by a double opt-in procedure.

Purpose of the data processing

The processing of personal data serves us solely to send individual newsletters.

Duration of storage

The data is deleted as soon as the newsletter service is cancelled.

Possibility of appeal

As the recipient, you have the opportunity to object to the processing of your data at any time. With every newsletter you can unsubscribe from the newsletter service. In addition, we have set up the e-mail address Email address obfuscated. Please activate Javascript.. Please provide us with the e-mail address here.

Your application for a job advertisement

Description and scope of data processing

On our website and via internet portals you have the possibility to apply for advertised positions. If you take advantage of this opportunity as an applicant, the data transmitted to us can be stored and used. These data are:

  • Salutations, first name, surname
  • Address
  • Contact details (e-mail address, telephone)
  • cover letter
  • File attachment with the detailed application

When you make an online application from our websites, it is done through the online application system of Workday Limited, The King's Building, May Lane, 152-155 Church Street, Dublin 7, D07 A0TN, Ireland. All booking information you enter is transmitted in encrypted form. For more information, please see Workday's privacy policy.

We use the personal data you provide exclusively for processing your application for the advertised position. Your personal data will only be disclosed to persons involved in the application process. All employees entrusted with data processing are obliged to maintain the confidentiality of your data. We do not pass on your personal data to third parties unless you have consented to the passing on of data or we are obliged to pass on data due to legal provisions and/or official or court orders.

If your application fits the profile of another job advertisement, we will be happy to forward the application documents. We will obtain your consent before doing so. In this case, your application will be stored in the application pool.

Legal basis for data processing

The legal basis for processing the data is the contract initiation relationship or the conclusion of a contract with the applicant. We will obtain consent before forwarding the application documents.

Purpose of the data processing

The data transmitted to us will be used exclusively for processing the application by the specialist department and for communication.

Duration of storage

The data will be deleted as soon as it is no longer required to achieve the purpose for which it was collected, at the latest 6 months after rejection. Should we wish to retain your application documents for longer than this period, we will first ask for and obtain your consent for longer storage.

In the case of a contractual relationship, we will delete the data received as soon as national, commercial law, statutory or contractual retention requirements have been fulfilled.

Possibility of objection

You have the option to object to the processing of your data at any time. To do so, please send an e-mail to the office where you sent the application (the job advertiser).

Provision of the website and creation of log files

Description and scope of data processing

Whenever our website is called up, our system automatically collects data and information from the computer system of the calling computer. The following data is collected:

  • Information about the browser type and version used
  • The user's operating system
  • The IP address of the user
  • Date and time of access
  • Websites from which the user's system accesses our website
  • web pages that are called up by the user's system via our website

The data is also stored in the log files of our system. These data are not stored together with other personal data of the user. Personal user profiles cannot be created. The stored data is only evaluated for statistical purposes.

Legal basis for data processing

The legal basis for the temporary storage of data and log files is the processing to protect our legitimate interest, i.e. the Estrel Berlin.

Purpose of the data processing

Temporary storage of the IP address by the system is necessary to enable the website to be delivered to the user's computer. For this purpose, the user's IP address must remain stored for the duration of the session.

Storage in log files is done to ensure the functionality of the website. In addition, the data serves us to optimise the website and to ensure the security of our information technology systems. An evaluation of the data for marketing purposes does not take place in this context.

These purposes also constitute our legitimate interest in data processing.

Duration of storage

The data will be deleted as soon as they are no longer necessary for the purpose for which they were collected. In the case of the collection of data for the purpose of providing the website, this is the case when the relevant session has ended.

If the data is stored in log files, this is the case after seven days at the latest. Storage beyond this period is possible. In this case, the IP addresses of the users are deleted or alienated so that an allocation of the calling client is no longer possible.

Possibility of objection and removal

The collection of data for the provision of the website and the storage of the data in log files is mandatory for the operation of the website. Consequently, there is no possibility of objection on the part of the user.

Use of cookies and scripts

Description and scope of data processing

Cookies are small files that enable us to store specific information on your computer that relates to you, the user, while you are visiting one of our websites. Cookies help us to determine the frequency of use and the number of users of our website, as well as to make our services as convenient and efficient as possible for you. You can find more information on the cookies used in our cookie policy.

We also use cookies on our website, which enable an analysis of the surfing behaviour of the users. In this way the following data can be transmitted: Entered search terms, frequency of page views, use of website functions. The user data collected in this way is pseudonymised by technical precautions. It is therefore no longer possible to assign the data to the calling user. The data is not stored together with other personal data of the users. When accessing our website, the user is informed about the use of cookies for analysis purposes and his consent to the processing of the personal data used in this context is obtained. In this context, reference is also made to this data protection declaration.

Legal basis for data processing

The legal basis for processing personal data using technically necessary cookies is our legitimate interest in data processing.

The legal basis for the processing of personal data using cookies for analysis purposes is if the user has given his consent to this.

Purpose of the data processing

The purpose of using technically necessary cookies is to simplify the use of websites for users. Some functions of our website cannot be offered without the use of cookies. For these it is necessary that the browser is recognised even after a change of page. The user data collected through technically necessary cookies is not used to create user profiles.

The analysis cookies are used to improve the quality of our website and its contents. The analysis cookies tell us how the website is used and enable us to constantly optimise our offer.

Duration of storage, possibility of objection and removal

Cookies are stored on the user's computer and transmitted by the user to our site. Therefore you as a user have full control over the use of cookies. By changing the settings in your internet browser, you can deactivate or restrict the transmission of cookies. Cookies already stored can be deleted at any time. This can also be done automatically. If cookies for our website are deactivated, it may not be possible to use all the functions of the website to their full extent.

Script blocker in your browser

A use of our offers is also possible without cookies and scripts. You can deactivate the storage of cookies and scripts in your browser, restrict it to certain websites or set your browser to notify you as soon as a cookie is sent. You can also delete cookies from your computer's hard drive at any time.

You can install browser add-ons to block scripts. NoScript for Firefox and ScriptSafe for Google Chrome are such browser add-ons. These not only block any kind of JavaScript, they also block selected trackers, Java, Flash and other plugins on web pages.

If you are concerned about third-party cookies, you can only reject them and still receive the cookies that make our site work properly.

This allows you to refuse cookies in any of the main browsers:

Mozilla Firefox: Link
Google Chrome: Link
Internet Explorer: Link
Safari: Link

Please note, however, that in these cases you must reckon with a restricted display of the page and limited user guidance.

Use of a cookie banner

Description and scope of data processing

Auf unserer Webseite wird der Consent-Manager des Unternehmens Cybot A/S, Havnegade 39, 1058 Kopenhagen (nachfolgend: cookiebot.com) geladen. Wir nutzen diesen Service, um einerseits die volle Funktionalität unserer Webseite und andererseits den datenschutzkonformen Einsatz von Marketing- und Trackingtools auf unserer Webseite zu gewährleisten. In diesem Zusammenhang wird Ihr Browser ggf. personenbezogene Daten an cookiebot.com übermitteln.

Legal basis and purpose of the data processing

The legal basis for data processing is Art. 6 Para. 1 letter f GDPR. The legitimate interest lies in the faultless functioning of the website. The data will be deleted as soon as the purpose for which they were collected has been fulfilled. Further information on the handling of the transferred data can be found in the data protection declaration of cookiebot.com. You can prevent the collection and processing of your data by cookiebot.com by deactivating the execution of script code in your browser or by installing a script blocker in your browser.

The following information is stored in our cookiebot account:

  • The IP address of the user in anonymous form (the last three digits are set to "0").
  • Date and time of consent.
  • Browser of the user.
  • The URL from which the consent was sent.
  • An anonymous, random and encrypted key value.
  • The state of consent of the user, which serves as proof of consent.

The key and consent status are also stored in the user's browser in the cookie "CookieConsent", so that the website can automatically read and respect the user's consent in all subsequent page requests and future user sessions for up to 12 months. You can view and change your level of consent at any time. You will find this further down on this page.

By law, we may store cookies on your device if they are absolutely necessary for the operation of this site. For all other types of cookies we need your permission. This site uses different types of cookies. Some cookies are placed by third parties that appear on our pages. You can change or withdraw your consent at any time from the cookie declaration on our website.

[CHANGE CONSENT HERE]

Use of analysis and tracking tools

Google Analytics 4

Our website uses Google Analytics 4, a web analytics service provided by Google LLC. The responsible entity for users in the EU/EEA and Switzerland is Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland ("Google").

Google Analytics uses cookies that enable an analysis of your use of our website. The information collected by means of the cookies about your use of this website is usually transferred to a Google server in the USA and stored there.

We use the User ID function. The User ID allows us to assign a unique, persistent ID to one or more sessions (and the activities within those sessions) and to analyse user behaviour across devices.

We continue to use Google Signals. This captures additional information in Google Analytics about users who have activated personalised ads (interests and demographics) and ads can be delivered to these users in cross-device remarketing campaigns.

In Google Analytics 4, the anonymisation of IP addresses is activated by default. Due to IP anonymisation, your IP address will be shortened by Google within member states of the European Union or in other contracting states to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. According to Google, the IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.

During your visit to the website, your user behaviour is recorded in the form of "events". Events can be:

  • Page impressions
  • First visit to the website
  • Start of the session
  • Your "click path", interaction with the website
  • Scrolls (whenever a user scrolls to the end of the page (90%))
  • Clicks on external links
  • internal queries
  • Interaction with videos
  • File downloads
  • Ads seen / clicked
  • Language setting

Also recorded:

  • Your approximate location (region)
  • Your IP address (in shortened form)
  • Technical information about your browser and the end devices you use (e.g. language setting, screen resolution)
  • Your internet provider
  • the referrer URL (via which website/advertising medium you came to this website

On our behalf, Google will process the information transmitted in order to evaluate the use of the website by website visitors and to compile reports on website activities. The reports provided by Google Analytics are used by us to analyse the performance of the website.

Receiver

Recipients of the data are/could be

  • Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (as processor according to Art. 28 GDPR)
  • Google LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA
  • Alphabet Inc., 1600 Amphitheatre Parkway Mountain View, CA 94043, USA

It cannot be ruled out that US authorities will access the data stored by Google.

Third-country transfer

Insofar as data is processed outside the EU/EEA and there is no level of data protection corresponding to the European standard, we have concluded EU standard contractual clauses with the service provider to establish an appropriate level of data protection. The parent company of Google Ireland, Google LLC, is based in California, USA. A transfer of data to the USA and access by US authorities to the data stored by Google cannot be ruled out. The USA is currently considered a third country from a data protection perspective. You do not have the same rights there as within the EU/EEA. You may not have any legal remedies against access by authorities.

Storage period

The data sent by us and linked to cookies are automatically deleted after 14 months. The deletion of data whose retention period has been reached takes place automatically once a month.

Legal basis and revocation

We process your data with the help of Google Analytics 4 on the basis of your consent pursuant to Art. 6 para. 1 lit a GDPR in conjunction with. § 25 TTDSG. Your consent. You give your consent by setting the use of cookies (cookie banner / Consent Manager), with which you can also declare your revocation at any time with effect for the future in accordance with Art. 7 Para. 3 GDPR.

You can also prevent the storage of cookies from the outset by configuring your browser software accordingly. However, if you configure your browser to reject all cookies, this may restrict functionalities on this and other websites. Furthermore, you can prevent the collection of the data generated by the cookie and related to your use of the website (incl. your IP address) to Google as well as the processing of this data by Google by (I) not giving your consent to the setting of the cookie or (II) downloading and installing the browser add-on to deactivate Google Analytics HERE.

For more information, please see the Google Terms of Use and Privacy Policy.

 

Use of Google services

We would like to point out that when using the service, personal data may be transferred to third countries outside the European Economic Area, in particular the USA. The transfer of data to the U.S. takes place in accordance with Art. 45 (1) GDPR on the basis of the adequacy decision of the European Commission. The US companies involved and/or their US subcontractors are certified in accordance with the EU-U.S. Data Privacy Framework (EU-U.S. DPF).

In cases where no European Commission adequacy decision exists (including U.S. companies that are not certified under EU-U.S. DPF), we have agreed with the recipients of the data on other appropriate safeguards in accordance with Art. 44 et seq. GDPR. These are - unless otherwise stated - standard contractual clauses of the EU Commission pursuant to Implementing Decision (EU) 2021/914 of 4 June 2021. You can view a copy of these standard contractual clauses at https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32021D0914&from=EN.

In addition, before such a third country transfer, we obtain your consent in accordance with Art. 49 Para. 1 Sentence 1 lit. a. GDPR, which you give via the consent in the Consent Manager (or other forms, registrations, etc.). We would like to point out that in the case of third country transfers, there may be unknown risks in detail (e.g. data processing by security authorities of the third country, the exact scope of which and its consequences for you we do not know, over which we have no influence and of which you may not become aware).

Google Tag Manager

We use Google Tag Manager provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Google Tag Manager is used to manage website tags through one interface and allows us to control the exact integration of services on our website

This allows us to flexibly integrate additional services to evaluate user access to our website.

The use of Google Tag Manager is based on your consent in accordance with Art. 6 para. 1 lit. a. GDPR and § 25 para. 1 TTDSG.

The concrete storage period of the processed data cannot be influenced by us, but is determined by Google Ireland Limited. Further information can be found in the privacy policy for Google Tag Manager.

Google DoubleClick

We have integrated components of DoubleClick by Google on our website. DoubleClick is a brand of Google, under which mainly special online marketing solutions are marketed to advertising agencies and publishers. DoubleClick by Google transfers data to the DoubleClick server with each impression as well as with clicks or other activities.

Each of these data transfers triggers a cookie request to the browser of the data subject. If the browser accepts this request, DoubleClick sets a cookie in your browser.

DoubleClick uses a cookie ID, which is required to process the technical procedure. The cookie ID is required, for example, to display an advertisement in a browser. DoubleClick can also use the cookie ID to record which advertisements have already been displayed in a browser in order to avoid duplicate placements. Furthermore, the cookie ID enables DoubleClick to record conversions. Conversions are recorded, for example, if a DoubleClick advertisement has previously been displayed to a user and the user subsequently makes a purchase on the advertiser's website using the same internet browser.

A DoubleClick cookie does not contain any personal data, but may contain additional campaign identifiers. A campaign identifier serves to identify the campaigns with which you have already been in contact on other websites. As part of this service, Google obtains knowledge of data that Google also uses to generate commission statements. Among other things, Google can track that you have clicked on certain links on our website. In this case, your data will be passed on to the operator of DoubleClick, Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Further information and the applicable data protection provisions of DoubleClick by Google can be found at https://policies.google.com/privacy.

We process your data with the help of the DoubleClick cookie for the purpose of optimising and displaying advertising on the basis of your consent pursuant to Art. 6 para. 1 lit. a. GDPR and § 25 para. 1 TTDSG. The cookie is used, among other things, to place and display user-relevant advertising and to create reports on advertising campaigns or to improve them. Furthermore, the cookie is used to avoid multiple displays of the same advertisement. Each time you call up one of the individual pages of our website on which a DoubleClick component has been integrated, your browser is automatically prompted by the respective DoubleClick component to transmit data to Google for the purpose of online advertising and the settlement of commissions. There is no legal or contractual obligation to provide your data. If you do not give us your consent, it will be possible to visit our website without restriction, but not all functions may be fully available.

The concrete storage period of the processed data cannot be influenced by us, but is determined by Google Ireland Limited. Further information can be found in the privacy policy for Google DoubleClick.

Google Ads

We have integrated Google Ads on our website. Google Ads is a service provided by Google Ireland Limited to display targeted advertising to users. Google Ads uses cookies and other browser technologies to analyse user behaviour and recognise users.

Google Ads collects information about visitor behaviour on various websites. This information is used to optimise the relevance of advertising. Furthermore, Google Ads delivers targeted advertising based on behavioural profiles and geographical location. Your IP address and other identifiers such as your user agent are transmitted to the provider.

If you are registered with a Google Ireland Limited service, Google Ads can associate the visit with your account. Even if you are not registered with Google Ireland Limited or have not logged in, it is possible that the provider will find out and store your IP address and other identifying features.

In this case, your data will be passed on to the operator of Google Ads, Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

The use of Google Ads is based on your consent pursuant to Art. 6 para. 1 lit. a. GDPR and § 25 para. 1 TTDSG

The concrete storage period of the processed data cannot be influenced by us, but is determined by Google Ireland Limited. Further information can be found in the privacy policy for Google Ads.

Google CDN

We use Google CDN to properly deliver the content of our website. Google CDN is a service of Google Ireland Limited, which acts as a content delivery network (CDN) on our website.

A CDN helps to provide content of our online offer, in particular files such as graphics or scripts, more quickly with the help of regionally or internationally distributed servers. When you access this content, you establish a connection to servers of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, whereby your IP address and possibly browser data such as your user agent are transmitted. This data is processed exclusively for the above-mentioned purposes and to maintain the security and functionality of Google CDN.

The use of the Content Delivery Network is initially based on our legitimate interests, i.e. interest in a secure and efficient provision and optimisation of our online offer.

The concrete storage period of the processed data cannot be influenced by us, but is determined by Google Ireland Limited. Further information can be found in the privacy policy for Google CDN.

Google Fonts

We use Google Fonts from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, as a service to provide fonts for our online offer. To obtain these fonts, you establish a connection to servers of Google Ireland Limited, whereby your IP address is transmitted.

The use of Google Fonts is based on your consent in accordance with Art. 6 para. 1 lit. a. GDPR and § 25 para. 1 TTDSG.

The concrete storage period of the processed data cannot be influenced by us, but is determined by Google Ireland Limited. Further information can be found in the privacy policy for Google Fonts.

Google reCAPTCHA

We have integrated components of Google reCAPTCHA on our website. Google reCAPTCHA is a service of Google Ireland Limited and enables us to distinguish whether a contact request originates from a natural person or is automated by means of a program. When you access this content, you establish a connection to servers of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, whereby your IP address and possibly browser data such as your user agent are transmitted. Furthermore, Google reCAPTCHA records the user's browsing time and mouse movements in order to distinguish automated requests from human ones. This data is processed exclusively for the above-mentioned purposes and to maintain the security and functionality of Google reCAPTCHA.

The use of Google reCAPTCHA is based on your consent pursuant to Art. 6 para. 1 lit. a. GDPR and § 25 para. 1 TTDSG.

The specific storage period of the processed data cannot be influenced by us, but is determined by Google Ireland Limited. Further information can be found in the privacy policy for Google reCAPTCHA.

Google APIs

We use Google APIs from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, to access additional services and data from Google Ireland Limited. This involves a transfer of your IP address to Google Ireland Limited. Please note that there is a separate section in this privacy policy for each additional service we use from Google Ireland Limited.

The use of Google APIs is based on our legitimate interests, i.e. interest in optimising our online offer in accordance with Art. 6 para. 1 lit. f. GDPR.

The concrete storage period of the processed data cannot be influenced by us, but is determined by Google Ireland Limited. Further information can be found in the privacy policy for Google APIs.

Google Maps

We use the map service Google Maps to create directions. Google Maps is a service of Google Ireland Limited, which displays a map on our website.

When you access this content on our website, you establish a connection to servers of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, whereby your IP address and possibly browser data such as your user agent are transmitted. This data is processed exclusively for the above-mentioned purposes and to maintain the security and functionality of Google Maps.

The use of Google Maps is based on your consent in accordance with Art. 6 para. 1 lit. a. GDPR and § 25 para. 1 TTDSG.

The concrete storage period of the processed data cannot be influenced by us, but is determined by Google Ireland Limited. Further information can be found in the privacy policy for Google Maps.

Use of YouTube

We have integrated YouTube Video on our website. YouTube Video is a component of the video platform of YouTube, LLC, on which users can upload content, share it over the internet and receive detailed statistics.

YouTube Video allows us to integrate content from the platform into our website.

We have also integrated YouTube NoCookie on our website. YouTube NoCookie is a component of the video platform of YouTube, LLC, on which users can upload content, share it over the internet and receive detailed statistics.

YouTube NoCookie allows us to integrate content from the platform into our website.

YouTube Video and YouTube NoCookie use cookies and other browser technologies to analyse user behaviour, recognise users and create user profiles. This information is used, among other things, to analyse the activity of the content listened to and to generate reports. If a user is registered with YouTube, LLC, YouTube NoCookie can associate the videos played with the profile.

When you access this content, you connect to servers of YouTube, LLC, Google Ireland Limited, Gordon House, Barrow Street Dublin 4 Ireland, where your IP address and, if applicable, browser data such as your user agent are transmitted.

The use of the service is based on your consent in accordance with Art. 6 para. 1 lit. a. GDPR and § 25 para. 1 TTDSG.

The concrete storage period of the processed data cannot be influenced by us, but is determined by YouTube, LLC. Further information can be found in the privacy policy for YouTube.

Use of Social Media Plugins

The use of social media plugins is in the interest of an attractive presentation and expansion of our online offers. This represents a legitimate interest in the sense of Art. 6 Para. 1 letter f GDPR.

Use of Facebook plugins

On our pages are integrated plugins of the social network Facebook, 1601 South California Avenue, Palo Alto, CA 94304, USA You can recognise the plugins by the logo on our site. You can find an overview of the plugins here.

We have no influence on data collection and further processing by Facebook. Furthermore, it is not apparent to us to what extent, where and for how long the data will be stored, to what extent Facebook will comply with existing deletion obligations, what evaluations and links will be made with the data and to whom the data will be passed on. If you would like to avoid Facebook processing personal data that you have sent to us, please contact us by other means.

For more information, please refer to the Facebook privacy policy. If you do not want Facebook to be able to assign visits to our pages to your user account, please log out of your respective user account!

Facebook fan page

On our Facebook fan page at: https://www.facebook.com/estrelberlin we use plugins of the provider Facebook.com, which are provided by the company Facebook Inc., 1601 S. California Avenue, Palo Alto, CA 94304 in the USA.

By using the fan page, data is forwarded to the Facebook servers, which contain information about your visits to our fan page. For logged-in users, this means that the usage data is assigned to their personal Facebook account. As soon as you as a logged in Facebook user actively use the Facebook plug-in, e.g. by clicking on the "Facebook" logo or using the comment function, this data is transferred to your Facebook account and published. You can only avoid this by logging out of your Facebook account first.

We do not know exactly what data Facebook stores and uses. As a user of the fan page, you must therefore expect that Facebook will also store your actions on the fan page without any gaps.

In all other respects the terms and conditions of use of Facebook Ireland Limited, Hanover Reach, 5-7 Hanover Quay, Dublin 2, Ireland apply.

The legal basis for this data processing is Art. 6 para. 1 lit. a, f) GDPR.

Every person depicted as well as other third parties have the possibility to object to the publication of their personal data (photos) at any time. For this purpose we have set up the e-mail address Email address obfuscated. Please activate Javascript.. The right of objection applies in particular to the publication of pictures for the future.

It can always happen that we inadvertently publish pictures of people where there is no consent. If publication is not desired, we will immediately do everything possible to comply with your right. For group pictures we reserve the right to falsify faces.

Use of X-Plugins (formerly Twitter)

Our website uses social plugins ("plugins") of the social network of X, formerly Twitter Inc., 795 Folsom St., Suite 600, San Francisco, CA 94107, USA. The button leads the user via a link to our X, formerly Twitter page. Initially, no data is transferred from our website to X, formerly Twitter, when you visit our website as a user.

The plugin is marked with an X logo or Twitter logo and can be activated directly by the user. If you activate it and are logged into your X account, you can link the content of our pages on your X profile. This allows the visit to our pages to be assigned to your user account if the plugin is activated. We would like to point out that we, as the provider of the pages, have no knowledge of the content of the transmitted data or its use by Twitter.

Further information on this can be found in Twitter's privacy policy.

Use of Instagram Plugins

Auf dieser Webseite wird der „Instagram Button“ eingesetzt. Beim Aufruf dieser Internetseite wird über Ihren Browser eine Verbindung zu Servern des sozialen Netzwerkes Instagram, angeboten durch die Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA, aufgebaut.

Wenn Sie unsere Seiten besuchen, wird über das Plugin eine direkte Verbindung zwischen Ihrem Browser und dem Instagram-Server hergestellt. Instagram erhält dadurch die Information, dass Sie mit Ihrer IP-Adresse unsere Seite besucht haben. Wenn Sie den Instagram -Button anklicken während Sie in Ihrem Instagram -Account eingeloggt sind, können Sie die Inhalte unserer Seiten auf Ihrem Instagram -Profil verlinken. Dadurch kann Instagram den Besuch unserer Seiten Ihrem Benutzerkonto zuordnen. Wir weisen darauf hin, dass wir als Anbieter der Seiten keine Kenntnis vom Inhalt der übermittelten Daten sowie deren Nutzung durch Instagram erhalten.

On this website the "Instagram Button" is used. When you access this website, your browser will connect to servers of the Instagram social network, offered by Instagram Inc, 1601 Willow Road, Menlo Park, CA, 94025, USA.

When you visit our pages, the plugin establishes a direct connection between your browser and the Instagram server. This tells Instagram that you have used your IP address to visit our site. If you click the Instagram button while logged into your Instagram account, you can link the contents of our pages to your Instagram profile. This allows Instagram to associate your visit to our sites with your account. We would like to point out that we, as the provider of the pages, have no knowledge of the content of the transmitted data or its use by Instagram.

Please refer to Instagram's privacy policy for more information.

Protection of minors

This service is mainly aimed at adults. We do not currently market special areas for children. Accordingly, we do not knowingly collect age verification information, nor do we knowingly collect personal information from children under the age of 16. However, we remind all visitors to our website under the age of 16 not to disclose or provide any personal information through our service. In the event that we discover that a child under the age of 16 has provided us with personal information, we will delete the child's personal information from our files to the extent technically possible.

Rights of the data subject

If your personal data is processed, you are a data subject within the meaning of the GDPR and you are entitled to the following rights in relation to the person responsible:

  • You have a right to information about the personal data stored about you, about the purposes of processing, about possible transmissions to other bodies and about the duration of storage.
  • If data is incorrect or no longer necessary for the purposes for which it was collected, you can request that it be corrected, deleted or If provided for in the processing procedures, you can also inspect your data yourself and correct them if necessary.
  • Should your particular personal situation give grounds against processing of your personal data, you can object to this if the processing is based on a legitimate interest. The controller will no longer process the personal data concerning you unless he can demonstrate compelling reasons for processing which are justified on grounds of legitimate interest outweighing your interests, rights and freedoms, or unless the processing is carried out for the purpose of asserting, exercising or defending legal claims.
  • If the personal data concerning you are processed for the purpose of direct marketing, you have the right to object at any time to the processing of personal data concerning you for the purpose of such marketing, including profiling, insofar as it relates to such direct marketing. If you object to processing for the purposes of direct marketing or profiling, the personal data concerning you will no longer be processed for those purposes.

You have the right to revoke your data protection declaration of consent at any time. Revocation of your consent does not affect the lawfulness of the processing that has taken place on the basis of your consent until revocation.

If you have any questions regarding your rights and the exercise of your rights, please contact the responsible office or the data protection officer.

Right of appeal to a supervisory authority

As a data subject, and without prejudice to any other administrative or judicial remedy, you have the right to complain to a data protection supervisory authority, in particular in the Member State in which you are resident or in which the alleged breach occurred, if you consider that the processing of personal data concerning you is being carried out in breach of data protection legislation.

The supervisory authority with which the complaint is lodged will keep you informed of the status and outcome of your complaint, including the possibility of judicial redress.

You can find more information on the website of the Federal Commissioner for Data Protection and Freedom of Information.

Security

The Estrel Berlin uses technical and organisational security measures in accordance with Art. 32 GDPR to protect your data managed by us against accidental or deliberate manipulation, loss, destruction or access by unauthorised persons. Our security measures are continuously improved in line with technological developments. Access to this data is only possible for a small number of authorised persons who are responsible for the technical, administrative or editorial management of the data.

Change Service

We reserve the right to change, update or amend this privacy policy at any time. Any revised Privacy Policy will only apply to personal data collected or modified after the revised Policy comes into force.

Status | September 2023