Information on data protection

1. What are the purposes for the use of your data? 

We collect personal data, if you provide it to us when you make a booking or request. For using our services we process your personal data on the basis of Art. 6 Paragraph 1 lit. (b) GDPR. The purpose of processing is primarily our hosting agreement (to provide our contractual services) and for fulfilling the legal requirements in Section 30 Paragraph 2 of German Federal Citizens´ Registration Act (processing is required by law). 

2. Who is our responsible person? 

Manuel Levinger e. K., Kur- und Sporthotel, Sanatorium Allgäu Sonne
Tel: +49 8386 7020, E-Mail: info@allgaeu-sonne.de

3. To reach our data protection officer

Jürgen Funke, #KOMM#IT, Salmas 52, 87534 Oberstaufen
phone: +49 8325 927050, fax: +49 8325 927050, e-mail address: dsb@komm-it.info

4. What kind of data do we collect? 

Our hotel collects your personal data:

  • date of arrival, date of expected departure
  • first and last name, date of birth, address
  • nationality
  • first and last name of fellow travelers, dates of birth of fellow travelers
  • passport number/number of ID, date of issue, authority
  • e-mail address, phone/mobile number, fax number
  • sex
  • company, payment modalities, license plate
  • allergies, culinary preferences
  • in case of cures and therapies: health informations 

5. How do we record your data? 

We collect your data as a result of your sharing of your data with us. This may, for instance be information you entered into our contact form. If you booked through a booking portal they shared your personal data with us. 

6. Do we transfer your data to third parties?

As a service and due to organisational reasons we provide for example lists of our guests to register on events or welcome informations with your name and room number on it (in the entrance area or restaurant). 
Data will only be passed on to third parties within the framework of legal requirements. We only pass on personal data (name, room number, duration of your stay) if it is based on your consent to connected partners in case you booked one of their services for instance our doctor´s surgery, hairdresser, boutique or golf club.

As a guest of the sanatorium, the recipients of your personal data may be, above all, other doctors/psychotherapists, associations of statutory health insurance physicians, health or pension insurance funds, the medical service of the health insurance company, medical associations and private medical clearinghouses. The transmission is mainly for the purpose of billing for the services provided for you, for clarifying medical and questions arising from your insurance relationship. Only in individual cases will data be transferred to other authorized recipients.

7. For how long will we store your data? 

We only store the data you provide to us for as long as it is necessary to fulfil the above-mentioned purpose or in accordance with the various storage periods stipulated by law. If the respective purpose ceases to apply or if the corresponding deadlines expire, your data will be routinely deleted. Just in case of your consent we store your personal data permanently in our guest databases to improve services for our returning guests. 

8. How do we handle payment transactions? 

If there are charges levied for services and carried out through card payments, we will store further data – for instance your card information – and transfer them to our payment service providers. They only store your data as long as necessary for the purpose of payment processing including return debit and for anti-abuse measures.
Your legal rights are not affected. 

9. What are your rights concerning your personal data?

According to GDPR you have the following rights: 

  • Right to information: You have the right to obtain free information about your stored personal data, Article 15 
  • Right to correction: You have the right to demand the correction of incorrect personal data or completion of personal data stored by us, Article 16
  • Right to deletion or restriction: You have the right to demand the deletion or restriction of your personal data as the legal requirements are fulfilled, Article 17 and 18
  • Right to data transferability: You are entitled to demand the transmission of personal data directly from one controller to another if the processing is based o consent and the processing is carried out by automated means, Article 20

In case you choose to exercise your rights, we are obliged to analyse if the legal requirements therefore are fulfilled.  

For exercising your rights or in case you have any questions regarding your personal data, please contact the responsible person or our data protection officer. 

You have the option to submit a complaint to the data protection supervisory authority:

Bayerisches Landesamt für Datenschutzaufsicht
Promenade 27 (Schloss)
D-91522 Ansbach
phone: +49 981 531300
e-mail address:: poststelle@lda.bayern.de

10. Is it possible to revoke your consent?

At any time you have the right to revoke the use of your data for internal purposes with effect for the future. 

11. What happens if you don´t provide your personal data?

In case you are not willing to transfer your personal data to us, we will not enter into an agreement. 

Information according to Article 12 and the following

1. What are the purposes for the use of your data? 

For using our Wi-Fi access we process your personal data on the basis of Art. 6 Paragraph 1 lit. (b) GDPR. The purpose of processing is primarily to get access to our in-house Wi-Fi. Once you use the access to our free Wi-Fi you agree to the processing of your data.

 2. Who is our responsible person? 

Manuel Levinger e. K., Kur- und Sporthotel, Sanatorium Allgäu Sonne
Tel: +49 8386 7020, Email: info@allgaeu-sonne.de

3. To reach our data protection officer

Jürgen Funke, #KOMM#IT, Salmas 52, 87534 Oberstaufen
Telefon: 08325/927050, Fax: 08325/9726, Email: dsb@komm-it.info

4. What kind of data do we collect? 

We collect your personal data:

  • MAC address of your device 
  • name of your device
  • time of usage, first and last access
  • assigned IP-address
  • logging entries for connection errors

5. How do we record your data? 

Your data is collected at Wi-Fi use. 

6. Do we transfer your data to third parties?

Your data collected by Wi-Fi use is not provided to anyone and is only used for anyonymous utilisation statistics. 

7. For how long will we store your data? 

We store your data for a period of six months. Afterwards your data will be routinely deleted 

8. What are your rights concerning your personal data?

You rights due to GDPR shall remain unaffected. 
In case you choose to exercise your rights, we are obliged to analyse if the legal requirements therefore are fulfilled.  
For exercising your rights or in case you have any questions regarding your personal data, please contact the responsible person or our data protection officer. 
You have the option to submit a complaint to the data protection supervisory authority:

Bayerisches Landesamt für Datenschutzaufsicht
Promenade 27 (Schloss), 
91522 Ansbach, 
phone: 0981/531300
e-mail address:: poststelle@lda.bayern.de