PRIVACY POLICY

We are pleased that you are visiting our website and thank you for your interest in our company. Handling our customers’ and prospective customers’ data is a matter of trust. The trust you place in us is of great importance, and we are therefore committed to handling your data carefully and protecting it from misuse.

With this privacy policy, we would like to inform you about when we store which data and how we use it – of course in compliance with applicable laws. Data protection at Holiday Inn Berlin City Center East is based in particular on the European General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG).

Overview

Controller
Data Protection Officer
Legal basis for data processing
Provision of the website
Contact / Email contact
Online booking via the website
Online booking via other websites
Business customers
Cookies
Web analytics
Use of Facebook and Instagram
Integration of third-party services and content
Purposes of processing personal data
Voluntary information
Recipients / transfer of data
Data processing outside the European Union
Protection of minors
Rights of the data subject
Deletion of data
Security
Right to lodge a complaint with a supervisory authority
Amendments to this privacy policy

Name and address of the controller

The controller within the meaning of the GDPR and other national data protection laws of the member states as well as other data protection regulations is:

Circle Hotels Hotelbetriebsgesellschaft mbH, Holiday Inn City Center East Prenzlauer Berg, Prenzlauer Allee 169, 10409 Berlin, Tel.: +49 (0) 30 44661-0, Email: info@hi-berlin.com

Name and address of the Data Protection Officer

The Data Protection Officer of the controller is:

Berit Schubert, DataSolution LUD GmbH, Isarstr. 13, D-14974 Ludwigsfelde, Germany, Email: mail@ds-lud.de.de

What is this about?

This privacy policy fulfills the legal requirements for transparency in the processing of personal data. Personal data is any information relating to an identified or identifiable natural person. This includes, for example, information such as your name, age, address, telephone number, date of birth, email address, IP address, or user behavior when visiting a website. Information that cannot be linked to your person (or only with disproportionate effort), for example through anonymization, is not personal data. The processing of personal data (e.g., collection, retrieval, use, storage, or transfer) always requires a legal basis and a defined purpose.

Stored personal data will be deleted as soon as the purpose of processing has been fulfilled and there are no legitimate reasons for further storage. We inform you about specific storage periods or criteria for storage in the individual processing operations. Regardless of this, we store your personal data in individual cases for the assertion, exercise, or defense of legal claims and in the case of statutory retention obligations.

Who receives my data?

We only pass on your personal data processed on our website to third parties if this is necessary for fulfilling the purposes and is covered by the legal basis (e.g., consent or legitimate interest). In individual cases, we may also transfer personal data to third parties if this serves the assertion, exercise, or defense of legal claims. Possible recipients may include law enforcement authorities, lawyers, auditors, courts, etc.

If we use service providers for the operation of our website who process personal data on our behalf in accordance with Art. 28 GDPR, they may also be recipients of your personal data. Further information on the use of processors and web services can be found in the overview of the individual processing activities.

Online booking via the website

When making an inquiry/booking and during your stay at the hotel, we process master data required for the proper execution of the contract. This includes: title, first and last name, address, street and city, date of birth, telephone numbers and/or email addresses, payment data (credit card), and service-related data.

If you make an online booking via our website, this is done through the online reservation system of InterContinental Hotels Group (IHG), Atlanta, USA. All booking data you enter is transmitted in encrypted form. IHG is committed to handling your data in compliance with data protection regulations and takes all necessary organizational and technical measures to protect your data. The data is used exclusively for processing the booking and for communication.

To improve our services, reservation data is shared with central entities of the franchisor InterContinental Hotels Group (IHG), Atlanta, USA. The responsible entity is the hotel where the booking is made. Booking data is only accessible by the responsible entity; shared access is limited to guest master data to enable future bookings, modifications, or centralized marketing activities. The legal basis is our legitimate interest pursuant to Art. 6 (1) lit. f GDPR.

Online booking via other websites

Holiday Inn Berlin City Center East offers the option to book rooms and packages via third-party hotel booking platforms. If you use this option, the data entered will be transmitted to us to the extent permitted by the respective platform. Data may include: first name, last name, email address, phone number, address, number of guests, estimated arrival time, preferences, and payment data.

The data is transferred to our hotel software via a channel manager. All data is transmitted in encrypted form. InterContinental Hotels Group (IHG) ensures appropriate data protection measures. The data is used solely for booking processing and communication.

Business customers

For the support, consultation, and marketing of corporate clients, we collect and use contact details such as contact persons, phone numbers, and postal addresses. This information may come from inquiries, events, trade fairs, business cards, etc. These data are used exclusively for our own sales activities.

Protection of minors

This service is primarily intended for adults. We do not knowingly collect personal data from children under the age of 16. If we become aware that such data has been provided, it will be deleted immediately where technically possible.

What rights do I have?

Under the GDPR, you have the following rights:

• Access (Art. 15 GDPR)
• Rectification (Art. 16 GDPR)
• Erasure (Art. 17 GDPR)
• Restriction of processing (Art. 18 GDPR)
• Data portability (Art. 20 GDPR)
• Objection (Art. 21 GDPR)
• Withdrawal of consent (Art. 7 (3) GDPR)
• Right to lodge a complaint (Art. 77 GDPR)

Security

We implement technical and organizational measures in accordance with Art. 32 GDPR to protect your data against manipulation, loss, destruction, or unauthorized access. Our website uses SSL/TLS encryption to protect data transmission.

Updates and changes

We reserve the right to amend this privacy policy at any time. Updated information applies only to data collected after the update.

Provision of the website

When you access our website, your browser automatically transmits data such as IP address, date and time, URL, browser type, and operating system. These are stored temporarily in log files for technical reasons.

Contact form

If you contact us via a form, your data will be processed solely to handle your request. Data will not be shared with third parties.

Newsletter

You may subscribe to our newsletter by providing your name and email address. We use Mailjet (Mailgun Technologies, Inc., USA) as a service provider under GDPR-compliant contracts.

Social media presence

We maintain profiles on social media platforms such as Facebook and Instagram. Data processing on these platforms is primarily carried out by the respective providers.

Cookies

We use cookies to improve user experience and analyze website usage. You can manage your cookie preferences via the consent manager.

Google Analytics

We use Google Analytics 4 to analyze website usage. Data processing is based on your consent. IP anonymization is enabled.

Version: 08/2023