On this page, we inform you about the type, scope and purpose of the personal data collected by a-ja Resort und Hotel GmbH, which is processed both when you visit this website and in other processing operations that are not related to this website and are our responsibility.

The data controller – i.e. the person who decides on the purposes and means of processing personal data – in connection with the processing is:

Travel Charme Hotel GmbH & Co. KG
Kurfürstenstr. 112
10787 Berlin
Phone: +49 (0) 30 / 42 43 96 - 50
Fax: +49 (0) 30 / 42 43 96 - 96
Mail: info(at)travelcharme.com

2B Advice GmbH
Joseph-Schumpeter-Allee 25
53227 Bonn
Phone: +49 (0) 228 / 92 61 65 120
Mail: travelcharme(at)2b-advice.com

Unless otherwise stated, the following applies to all processing operations:

No obligation to provide
There is no contractual or legal obligation to provide personal data. You are under no obligation to provide data.

Consequences of non-provision
In the case of necessary data (data marked as mandatory data at the time of entry), failure to provide such data will result in the relevant service being unable to be provided. Otherwise, non-provision may result in our services being unable to be provided in the same form and quality.

Consent
In various cases, you have the option of giving us your consent to further processing in connection with the processing described below (if applicable, for some of the data). In such cases, we will inform you separately, in conjunction with the submission of the respective declaration of consent, about all the technicalities and scope of consent and about the purposes we pursue with such processing.

Photographs and video recordings
Events by the Travel Charme Hotels & Resorts brand may be documented by means of photographs and video recordings. Photographs, such as team photos or event photos, are used online on the respective event page. Selected image material from the event may be used for social media photographs in Web resolution as well as in various print media. Photographs and film recordings are not passed on to third parties in any other way.

A participant may object to the storage, use and distribution of the recordings that have been made of him or her at any time with effect for the future. If the objection is made before the start of an event of the A-JA Resorts brand, DSR Hotel Holding will delete all recordings made of the participant immediately after the end of the event. The objection may be made in writing (e.g. by letter) or in text form (e.g. by fax or email). If you object, please include your surname and first name as well as the date and name of the event.

Transmission to government agencies
We only transfer personal data to government agencies (including law enforcement agencies) when it is necessary to comply with a legal obligation to which we are subject (legal grounds: GDPR Article 6(1)(c)) or is necessary for the establishment, exercise or defence of legal claims (legal grounds: GDPR Article 6(1)(f)).

Duration of storage
We do not store your data for longer than we need it for the respective purposes of the processing. If the data is no longer required, it will be erased on a regular basis unless it remains necessary to retain it for a limited period of time. Reasons for this may include, for example, the following:

• Compliance with retention obligations under commercial and tax laws
• Preservation of evidence for legal disputes within the framework of statutory limitation periods

Categories of recipients
In addition to the categories of recipients explicitly listed below, personal data is also transmitted to the following categories of recipients: delivery contractors and telephone and fax companies.

This section describes how we process your personal data when you visit the website:

Information on processing

• Data category: Access data;
• Purpose: Connection establishment, presentation of the contents of the service, detection of attacks on our site based on unusual activities, error diagnosis:
• Legal basis: Protection of legitimate interests (Art. 6 para. 1 lit. f GDPR);
• Legitimate interest, if applicable: Proper functioning of services, security of data and business processes, prevention of misuse, prevention of damage caused by interference with information systems;
• Storage period: 7 days;
• Recipient: IT security service provider, hosting service provider, consent tool provider.

Tracking to analyse and optimise our services and their use and to measure the success of advertising campaigns and optimise the display of advertising

Information on the services used can be found under ‘Manage cookies’ in the footer or in the consent tool.

What happens to your personal data in connection with a subscription to our newsletter is described here:

Information on processing

• Data category:
  • Contact and identification data; 
  • Newsletter user profile data; 
  • Registration data. 
• Intended purpose:
  • Verification of registration (double opt-in procedure), newsletter dispatch; interest-based design of the newsletter; traceability of newsletter registration/confirmation/cancellation. 
• Legal basis:
  • Consent (Art. 6 para. 1 lit. a GDPR)
  • Protection of legitimate interests (Art. 6 para. 1 lit. f GDPR). 
  • Legitimate interest, if applicable: Proof of successful newsletter registration/confirmation/unsubscription
• Storage period: Duration of the newsletter subscription (unsubscription data, unlimited to fulfil accountability obligations)
• Recipient: Service provider for newsletter dispatch
• Transfer to third countries: -

How we process your personal data when you contact our customer service can be found here:

Information on processing

• Data category:
  • Personal master data;
    • Contact details;
    • Content of enquiries/bookings/complaints;
    • Payment data. 
• Purpose: Processing of customer enquiries, bookings and complaints
• Legal basis: Contract (Art. 6 para. 1 lit. b GDPR), protection of legitimate interests (Art. 6 para. 1 lit. f GDPR) Legitimate interest, if applicable: Customer loyalty, sales, improvement of customer satisfaction
• Storage period: Processing of the enquiry, booking data in accordance with the statutory retention period (10 years)
• Recipient: Payment service provider
• Transfer to third countries: -

You can find out how we process your personal data when you are at our resort here:

Information on processing

• Data category:
  • Personal master data;
    • Address data;
    • Contact details;
    • Booking data;
    • payment data;
• Purpose: fulfilment of the accommodation contract
• Legal basis: Contract (Art. 6 para. 1 lit. b GDPR)
• Storage period: Booking data in accordance with the statutory retention period (10 years)
• Recipient: Payment service provider, reservation system provider
• Transfer to third countries: -

You can find out how we process your personal data when you contact us here:

Information on processing

• Data category:
  • Personal master data;
  • Contact details;
  • Content of the message; 
• Purpose: Processing and answering your enquiry
• Legal basis: Contract (Art. 6 para. 1 f GDPR)
• Storage period: Until the purpose for data storage no longer applies (e.g. after your enquiry has been processed) 
• Recipients: -
• Transfer to third countries: -

You can find out how we process your personal data when you apply to us here:

Information on processing

• Data category:
  • Personal master data;
  • Contact details;
  • Application documents;
  • photo
• Purpose: Processing of the application procedure
• Legal basis:
  • Consent (Art. 6 para. 1 lit. a GDPR: further storage of data after rejection) fulfilment of a contract or for the implementation of pre-contractual measures (Art. 6 para. 1 lit. b GDPR). 
• Storage period: 6 months after completion of the application process 
• Recipient: Recruitee B.V, Keizersgracht 313, 1016 EE Amsterdam, Netherlands (provider of the application portal) as processor. 
• Transfer to third countries: No

You can find out how we process your personal data when you create an account here:

Information on processing

• Data category:
  • Personal master data;
  • Contact details;
• Purpose: Creation of an account 
• Legal basis: 
  • Consent (Art. 6 para. 1 lit. a GDPR)
• Storage period: Until the account is deleted 
• Recipient: -
• Transfer to third countries: -

The events of the Travel Charme Hotels & Resorts brand can be documented by photo and film recordings. The use of photographs, such as team photos or event photos, takes place on the Internet on the respective event page. Selected images of an event can be used for presentation in social media, in web resolution and in various print media. No other photo or film recordings will be passed on to third parties.

The participant can object to the storage, use and distribution of the recordings made of him/her at any time with effect for the future. If the objection is made before the start of an event of the Travel Charme Hotels & Resorts brand, DSR Hotel Holding GmbH will delete all recordings of the participant immediately after the end of the event. The objection can be declared in writing (e.g. letter) or in text form (e.g. by fax or e-mail). Please state your surname and first name as well as the date and name of the event in your objection.

We use cookies on our website. Cookies are small text files that are assigned to the browser you are using and stored on your hard drive by means of a characteristic character string and through which certain information flows to the location that sets the cookie. Cookies cannot execute programmes or transfer viruses to your computer and therefore cannot cause any damage. They are used to make the website more user-friendly and effective overall, i.e. more convenient for you.
Cookies may contain data that makes it possible to recognise the device used. In some cases, however, cookies only contain information on certain settings that are not personally identifiable. However, cookies cannot directly identify a user. 
A distinction is made between session cookies, which are deleted as soon as you close your browser, and permanent cookies, which are stored beyond the individual session. In terms of their function, a distinction is made between cookies: 
Technical cookies (essential): These are strictly necessary to move around the website, use basic functions and ensure the security of the website; they do not collect information about you for marketing purposes, nor do they store which web pages you have visited;
Performance cookies: These collect information about how you use our website, which pages you visit and, for example, whether errors occur during website use; they do not collect any information that could identify you - all information collected is anonymous and is only used to improve our website and to find out what interests our users;
Advertising cookies, targeting cookies: These are used to provide the website user with customised advertising on the website or offers from third parties and to measure the effectiveness of these offers; advertising and targeting cookies are stored for a maximum of 13 months. The legal basis for cookies that are absolutely necessary to provide you with the expressly requested service is § 25 para. 2 no. 2 TTDSG (our legitimate interest). Any use of cookies that is not absolutely technically necessary for this purpose constitutes data processing that is only permitted with your express and active consent in accordance with Section 25 (1) TTDSG in conjunction with Art. 6 (1) sentence 1 lit. a GDPR. This applies in particular to the use of performance, advertising, targeting or sharing cookies. In addition, we only pass on your personal data processed by cookies to third parties if you have given your express consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR.
For more information about the cookies used, please click on ‘Manage cookies’ in the footer. 

You have the right to object, on grounds relating to your particular situation, at any time with future effect to processing of personal data concerning you which is based on point (e) or (f) of Article 6(1) GDPR. You can exercise your right to object free of charge.

You have the right to request confirmation from us as to whether we are processing personal data concerning you. If this is the case, you have the right to receive the following information:

• Information about the categories of personal data that we process, the purposes for which we process your personal data and information about how we determine the applicable retention periods;
• information about the categories of recipients to whom we may disclose your personal data and to request a copy of the personal data we hold about you. 

You have the right to obtain from us without undue delay the rectification of inaccurate personal data concerning you (Art. 16 GDPR). Taking into account the purposes of the processing, you have the right to request the completion of incomplete personal data - also by means of a supplementary declaration.

In the following circumstances, you can request the immediate deletion of your personal data:

• If your personal data is no longer needed for the purposes for which it was collected;
• If you have withdrawn your consent and there is no other legal basis for data processing;
• If you object to the processing and there are no overriding legitimate grounds for data processing;
• If your data is processed unlawfully;
• If your personal data must be deleted to fulfil legal obligations.

Please note that before deleting your data, we must check that there is no legitimate reason for processing your personal data.

You can request that we restrict the processing of your personal data for one of the following reasons:

• If you contest the accuracy of the data until we have had the opportunity to verify the accuracy of the data;
• If the data is processed unlawfully, but instead of deletion you only request the restriction of the use of the personal data;
• If we no longer need the personal data for the purposes of the processing, but you still need it for the establishment, exercise or defence of legal claims;
• If you have objected to the processing and it is not yet certain whether your legitimate interests outweigh ours.

You have the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format. You also have the right to transmit this data to another controller without hindrance from us or to have it transmitted directly by us, where technically feasible. This should always apply if the basis for data processing is consent or a contract and the data is processed automatically. This therefore does not apply to data held only in paper form.

If the processing is based on your consent, you have the right to withdraw your consent at any time. This does not affect the lawfulness of the processing carried out on the basis of the consent until revocation.

If you are not satisfied with our responses and reactions or believe that we are in breach of applicable data protection law, you are free to lodge a complaint both with our data protection officer (travelcharme@2b-advice.com) and with the competent supervisory authority. The supervisory authority primarily responsible for us is

Berliner Beauftragte für Datenschutz und Informationssicherheit
Alt-Moabit 59-61
10555 Berlin
www.datenschutz-berlin.de

We reserve the right to amend this privacy policy at any time in compliance with legal requirements. We therefore recommend that you visit the website at regular intervals to find out about our current data protection practices

(May 2024).