The hotel at the Stadthalle
Place of Friendship 3
+49 381 4445666
+49 381 4968850
Sales tax identification number:
Rostock Trade Supervisory Office
Responsible person / person in charge of journalistic and editorial texts:
Platform of the EU Commission for online dispute resolution:
We are aware that the protection of your privacy when using our website is an important concern. We take the protection of your personal data very seriously. Therefore, we would like you to know when we store which data and how we use it. We would like to inform you with this data protection declaration about our data protection measures.
Collection of personal data
In the following we inform about the collection of personal data when using our website. Personal data are all data that can be directly or indirectly related to you personally, e.g. name, address, e-mail addresses, user behaviour.
We process data in accordance with DS-GVO Art. 6 para. 1 lit. a) b) c) f). This means that we only process personal data if consent has been given (lit. a), if it is necessary to fulfil a contract or pre-contractual measures (lit. b), if we are legally obliged to do so (lit. c) or if we have a legitimate interest in processing it (lit. f). The appropriate legal basis will be specified in each individual case.
When you contact us by e-mail or via a contact form, the data you provide (your e-mail address, your name and your telephone number, if applicable) will be stored by us in order to answer your questions. We delete the data arising in this connection after the purpose of the inquiry has ceased to apply. Depending on the type of enquiry, we collect this data with your express consent in accordance with Art. 6 Para. 1 lit. a) DSGVO, for the processing and fulfilment of a contract or pre-contractual measures in accordance with Art. 6 Para. 1 lit. b) DS-GVO or in the case of a justified interest in accordance with Art. 6 Para. 1 lit. f) DSGVO. The legitimate interest lies in answering enquiries and providing information about our products and services.
If you use the website for informational purposes only, i.e. if you do not register or otherwise provide us with information, only the data that your browser sends to the server we use will be collected. If you wish to view our website, the following data is collected, which is technically necessary for us to display our website and to ensure its stability and security. The forwarding is automated by your browser and is inherent in the use of the Internet. (The legal basis is Art. 6 para. 1 lit. f DS-GVO):
Date and time of the request
Time zone difference to Greenwich Mean Time (GMT)
Content of the request (concrete page)
Access status/HTTP status code
Amount of data transferred in each case
Website from which the request comes
Operating system and its interface
Language and version of the browser software.
The persons responsible in accordance with Art. 4 No. 7 EU Data Protection Basic Regulation (DS-GVO) can be found in the imprint.
The personal data collected from you will only be used to provide you with the requested products or services or for other purposes for which you have given your consent, unless otherwise required by law.
Rights of data subjects
You have the following rights in relation to the personal data concerning you:
Right to information,
Right of correction or deletion,
Right to restrict processing,
Right to object to the processing,
Right to data portability.
You also have the right to complain to a data protection supervisory authority about the processing of your personal data by us.
Right to withdraw or object to the processing of your data
If you have given your consent to process your data, you can revoke it at any time. Such a revocation influences the permissibility of processing your personal data after you have given it to us.
Storage of data
We store personal data for as long as this is necessary to fulfil our contractual as well as pre- and post-contractual obligations. This does not affect your right to delete or restrict processing. Furthermore, this does not affect our right to continue to store the data for legally compelling reasons (Art. 6 Paragraph 1 lit. c) DS-GVO) or if there is a legitimate interest (Art. 6 Paragraph 1 lit. b) DS-GVO). A legitimate interest is in particular the examination and enforcement of claims for damages and other claims.
Log files which are necessary for the stability and security of the system are automatically deleted after four days.
In addition to the data mentioned above, cookies are stored on your computer when you use our website. Cookies are small text files that are stored on your hard drive in accordance with the browser you are using and through which certain information is transmitted to the site that sets the cookie (in this case, by us). Cookies cannot execute programs or transfer viruses to your computer. They are used to make the Internet offer as a whole more user-friendly and effective.
This website uses the following types of cookies, the scope and function of which are explained below:
Transient cookies (in addition b)
Persistent cookies (see c).
Transient cookies are automatically deleted when you close the browser. This includes in particular session cookies. These store a so-called session ID, with which various requests from your browser can be assigned to the shared session. This enables your computer to be recognised when you return to our website. The session cookies are deleted when you log out or close the browser.
Persistent cookies are automatically deleted after a specified period of time, which may vary depending on the cookie. You can delete the cookies in the security settings of your browser at any time.
You can configure your browser settings according to your preferences and, for example, refuse to accept third-party cookies or all cookies. Please note that you may not be able to use all functions of this website.
We use technical and organizational security measures to protect your data from accidental or intentional manipulation, loss, destruction or access by unauthorized persons. In the case of the collection and processing of personal data, the information is transmitted in encrypted form to prevent misuse of the data by third parties. Our security measures are continuously revised in line with technological developments.
The constant development of the Internet makes it necessary to adapt our data protection declaration from time to time. We reserve the right to make appropriate changes at any time.
When you visit our site, we record anonymously how visitors came to our website and how many users called up the site. (search engine, links, direct input or advertising measures) The data is not used to identify individual visitors, but only to transmit quantitative data. The statistics cannot be used to track their behaviour on other websites. The data is not linked to other services. If you have deactivated the setting of cookies in your browser, your visits will not be recorded. Otherwise, these cookies are automatically deleted after seven days.
Third party content on the website
Our Internet presence integrates content from other providers. These can be pure content elements (e.g. news, updates), but also widgets (functions such as booking systems) or e.g. fonts and technical libraries. Google Fonts are also included. For technical reasons, this is done by loading this content from other servers by the browser. In this context, the IP currently used by your browser and the browser used by the requesting system are transmitted. Please note the respective data protection declarations of the third-party providers in this regard.
With the following information, we would like to give you an overview of the processing of your personal data in connection with the use of our websites or our app, as well as during a stay in one of our hotels, and inform you about your rights under data protection law.
I. Information when processing personal data
We would like to introduce you to our extensive information on the creation of transparency in accordance with Articles 13 and 14 of the DS-GVO.
1. person responsible for data processing
The person responsible for data processing on this website in accordance with Art. 4 No. 7 DS-GVO and provider of the website (service provider) in terms of the Telemedia Act (TMG) is
The hotel at the Stadthalle
Place of friendship 3
Phone:+49 381 4445666
fax: +49 381 4968850
Complete information according to § 5 TMG in the (Imprint)
2. data protection contact details
The hotel at the Stadthalle
Place of friendship 3
Phone:+49 381 4445666
fax: +49 381 4968850
3. purposes and legal basis for the processing of personal data
We process your personal data in accordance with the provisions of the EU Data Protection Basic Regulation (DS-GVO), the new Federal Data Protection Act (BDSG-neu) and all other relevant laws for the following purposes and based on the following legal bases:
(a) To process and manage reservation enquiries and reservations and to provide our services under the accommodation contract, including the handling of your hotel stay and the handling of payments (in particular also to track your use of our services (telephone, parking, etc.), to carry out check-in and manage access to the rooms) - the legal basis for this is Art. 6 para. 1 sentence 1 lit. b) DS-GVO.
(b) To fulfil a legal obligation to which our company is subject as the person responsible (e.g. due to registration laws, tax laws, bookkeeping obligations, etc.) - the legal basis for this is Art. 6 para. 1 sentence 1 lit. c) DS-GVO.
(c) Transmission of our e-mail newsletter including the management of your subscription to the newsletter - the legal basis for this is your consent pursuant to Art. 6 Para. 1 sentence 1 lit. a) DS-GVO.
(d) To maintain, guarantee and improve the quality of our products and services, in particular by conducting and analysing satisfaction surveys and guest comments, by processing your personal data in our central guest database, which enables us to recognise you as a returning guest, to better assess your needs and wishes, to improve the quality and individuality of our communication with you and to create offers tailored to your needs - the legal basis for this is Art. 6 Paragraph 1 Sentence 1
lit. f) DS-GVO. Our overriding legitimate interests result from the accommodation contract we have with you, which constitutes a significant and appropriate relationship within the meaning of Recital 47 of the DS-GVO, and from the fact that this type of data processing is customary in the hotel industry and corresponds to the reasonable expectations of the overwhelming majority of guests.
(f) As regards direct advertising for our offers and services - the legal basis for this is Article 6 (1) sentence 1 lit. f) DS-GVO. Our overriding legitimate interest follows from Recital 47 to the DS-GVO.
(g) To safeguard domestic authority, to prevent and resolve criminal offences (in particular also by means of video surveillance), to assert and defend legal claims and to safeguard interests in legal disputes, to ensure IT security and IT operation, to identify credit risks - the legal basis for this is Article 6 (1) sentence 1 lit. f) DS-GVO. Our overriding legitimate interests result from our obligation to ensure a safe stay of our guests in the hotel as well as from our interest in enforcing our material and immaterial claims and safeguarding our rights and in defending against unjustified claims. Furthermore, the processing of personal data to the extent absolutely necessary for the prevention of fraud also constitutes a legitimate interest of our company in accordance with recital 47 of the DS-GVO.
Minors may not transmit any personal data to us without the consent of a parent or guardian. Within the framework of our Internet presence, we do not process any personal data of minors that we knowingly obtain.
4. categories of recipients of personal data
If and to the extent necessary for the purposes set out in Section 3 above, we will also disclose your personal data to the following recipients or categories of recipients in accordance with Art. 4 No. 9 DS-GVO
Within our company, only those entities will be granted access to your data (to the extent necessary in each case) that need it to fulfil our contractual and statutory obligations.
Service providers employed by us (e.g. within the scope of order processing in accordance with Art. 28 DS-GVO) and vicarious agents may also receive personal data for these purposes. These are companies in the following categories: credit services and payment processing, IT services, cleaning services, logistics, printing services, telecommunications, debt collection, consulting and advisory services, and sales and marketing. The respective service providers are from the
Annex: List of service providers/processors, which is updated regularly.
Furthermore, data can be passed on to public bodies and institutions if there is a legal obligation to do so (e.g. financial authorities, law enforcement agencies).
Other data recipients may be those entities for which you have given us your consent to transfer data.
5. transfer of personal data to a third country
A transfer of personal data to bodies in states outside the European Union (so-called third countries) takes place insofar as
(a) it is necessary for the execution of your reservations and handling of your hotel stay
(b) it is required by law; or
(c) you have given us your consent
As can be seen in detail in the Appendix: List of service providers/processors, our company uses service providers for certain tasks who have their registered office in a third country or who belong to an international group with companies in third countries or who in turn cooperate with service providers based in a third country. Personal data may be transferred to such service providers if the European Commission has decided that an adequate level of protection exists in the third country in question (in accordance with Art. 45 DS-GVO). If the Commission has not made such a decision, our company or the service provider may only transfer personal data to a third country or to an international organisation if appropriate safeguards are in place and enforceable rights and effective legal remedies are available (Art. 46 (1) DS-GVO).
Beyond the cases mentioned above, our company does not transfer personal data to bodies in third countries or to international organisations.
6. duration of storage of personal data and criteria for determining this duration
We process and store your personal data as long as it is necessary for the fulfilment of our contractual and legal obligations. If the data is no longer necessary for the fulfilment of contractual obligations, it is regularly deleted, unless its temporary further processing is necessary due to storage periods under commercial and tax law (including the German Commercial Code (HGB), the German Fiscal Code (AO). The periods of retention or documentation specified there are two to ten years.
7. your rights as a data subject
Every data subject whose personal data are processed has the right of access by the controller to the personal data concerned in accordance with Art. 15 DS-GVO, the right of rectification in accordance with Art. 16 DS-GVO, the right of deletion in accordance with Art. 17 DS-GVO, the right to limit processing in accordance with Art. 18 DS-GVO, the right to object to processing in accordance with Art. 21 DS-GVO and the right of transferability in accordance with Art. 20 DS-GVO. The right of information and the right of deletion are also subject to the restrictions pursuant to Articles 34 and 35 of the new Federal Data Protection Act.
More information on your right to object to processing under Art. 21 DS-GVO.
If the processing of your personal data is based on a consent granted to us, you have the right to revoke your consent at any time without affecting the lawfulness of the processing carried out on the basis of the consent until revocation.
Furthermore, you have the right of appeal to the competent data protection supervisory authority in accordance with Art. 77 DS-GVO in conjunction with § 19 BDSG-neu.
8. obligation to provide data
Within the framework of our contractual relationship, you must provide us with the personal data required for the establishment and execution of the accommodation contract or which we are legally obliged to collect. Without this data, we will generally not be able to conclude the contract with you or execute it. In particular, we are obliged under § 30 para. 2 of the Federal Registration Act to collect certain personal data about you in the registration form. If you do not provide us with the necessary information, we may not be able to provide the services you have requested or may not be able to provide them in full.
9. automated decision making and profiling
In establishing and implementing our contractual relationship, you will not be exposed to any decision based solely on automated processing - including profiling - pursuant to Art. 22 DS-GVO which has legal effect vis-à-vis you or which significantly affects you in a similar manner.
10. additional information on your right of objection under Art. 21 DS-GVO
You have the right to object at any time, for reasons arising from your particular situation, to the processing of personal data concerning you that is carried out on the basis of Article 6(1)(e) DPA (processing in the public interest) or Article 6(1)(f) DPA (processing based on a balancing of interests); this also applies to profiling based on this provision in accordance with Article 4(4) DPA.
If you lodge an objection, we will no longer process your personal data unless we can demonstrate compelling reasons for processing that are worthy of protection and outweigh your interests, rights and freedoms, or unless the processing serves to assert, exercise or defend legal claims.
If your personal data are processed by us for the purpose of direct marketing, you have the right to object at any time to the processing of personal data concerning you for the purpose of such marketing, including profiling, insofar as it relates to such direct marketing.
The objection can be made in any form and should be addressed to our data protection officer at the contact details mentioned in point 2.
5. integration of services and content from third party providers (e.g. YouTube and Google Maps)
Within the Internet presence, third-party content, such as videos from YouTube and map material from Google Maps (hereinafter referred to as "third-party provider") are integrated. For the use of such content, the transmission of the user's IP address to the respective third-party provider is technically necessary. This is because without the IP address, the third-party providers would not be able to send the content integrated into the website to the browser of the respective user. We have no influence on whether a third party provider saves the IP address, e.g. for statistical purposes, or uses it in any other way.
6. social media plug-ins
The plug-in provider stores the data collected about you as user profiles and uses them for the purposes of advertising, market research and/or demand-oriented design of its website. Such an evaluation is carried out in particular (also for users who are not logged in) for the purpose of presenting need-based advertising and to inform other users of the social network about your activities on our website. You have a right of objection to the creation of these user profiles, whereby you must contact the respective plug-in provider to exercise this right as listed below. Via the plug-ins we offer you the possibility to interact with the social networks and other users, so that we can improve our offer and make it more interesting for you as a user. The legal basis for the use of the plug-ins is Art. 6 para. 1 sentence 1 lit. f DS-GVO.
Data is passed on regardless of whether you have an account with the plug-in provider and are logged in there. If you are logged in with the plug-in provider, the data we collect from you will be assigned directly to your existing account with the plug-in provider. If you click the activated button and, for example, link the page, the plug-in provider will also save this information in your user account and publicly share it with your contacts. We recommend that you log out regularly after using a social network, but especially before activating the button, as you can then avoid being assigned to your profile with the plug-in provider.
The website uses social plugins (hereinafter referred to as "plugins") of the social network facebook.com, which is operated by Facebook Inc, 1601 S. California Ave, Palo Alto, CA 94304, USA (hereinafter referred to as "Facebook"). The plugins can be recognized by one of the Facebook logos (white "f" on blue tile or a "thumbs up" sign) or are marked with the addition "Facebook Social Plugin". The list and appearance of the Facebook social plugins can be viewed here https://developers.facebook.com/docs/plugins/.
When a user calls up a page of this website that contains such a plugin, his browser establishes a direct connection with the Facebook servers. The content of the plugin is transmitted by Facebook directly to the user's browser and integrated into the website by the user. The provider therefore has no influence on the scope of the data that Facebook collects using this plugin. According to the current state of knowledge of the provider, Facebook proceeds as follows:
By integrating the plugins, Facebook receives the information that a user has called up the corresponding page of the provider's website. If the user is logged in to Facebook, Facebook can assign the visit to his or her Facebook account. If users interact with the plugins, e.g. if they press the so-called Like button or make a comment, the corresponding information is transmitted directly from the user's browser to Facebook and stored there. If a user is not a member of Facebook, it is still possible for Facebook to find out his or her IP address and store it. According to Facebook, only an anonymized IP address is stored in Germany.
If a user is a member of Facebook and does not want Facebook to collect data about him or her via the provider's website and link it to his or her membership data stored on Facebook, the user must log out of Facebook before visiting the website.
It is also possible to block Facebook social plug-ins with add-ons for the user's browser, e.g. with the "Facebook Blocker".
The Site uses plug-ins from Instagram, which is operated by Instagram LLC, 1601 Willow Road, Menlo Park, CA 94025, USA ("Instagram"). The plug-ins are marked with an Instagram logo, for example in the form of an "Instagram Camera".
When you access a page on this site that contains such a plugin, your browser establishes a direct connection to Instagram's servers. The content of the plugin is transmitted by Instagram directly to your browser and integrated into the page. This integration informs Instagram that your browser has called up the corresponding page on our website, even if you do not have an Instagram profile or are not currently logged in to Instagram. This information (including your IP address) is transmitted by your browser directly to an Instagram server in the USA and stored there.
If you are logged in to Instagram, Instagram can immediately associate your visit to our website with your Instagram account. When you interact with the plug-ins, for example by clicking the "Instagram" button, this information is also transmitted directly to an Instagram server and stored there. The information is also published to your Instagram account and displayed to your contacts.
If you do not want Instagram to use data collected through our web site
directly to your Instagram account, you must log out of Instagram before visiting our site. You can also completely prevent the Instagram plugins from loading by using add-ons for your browser, e.g. the script blocker "NoScript" (http://noscript.net/).
AD ticket Reservix GmbH
The website uses an integration of the website AD Ticket,Reservix GmbH
Kaiserstraße 69, 60329 Frankfurt am Main . Callable under the link
The data protection information can be found under:
Status and update of the data protection information
This data protection information applies from 20.05.2018.
We will update this Privacy Notice from time to time in the event of relevant changes to our website, the processing of personal data or changes in legal requirements. The revised version will apply from the published date of entry into force. In the event of significant changes to this data protection notice, we will inform you in good time before the changes come into force by posting a notice on our website. If necessary, we will also inform our guests about the changes by e-mail or in another way.
Attachment: List of contract processors:
Our service providers/processors
American Express Payment Services Ltd.
Processing of credit card payments
PayPal (Europe) S.a.r.l. & Cie., SCA
Payment processing on the websites
Germany , Collection agency
Dr Marx, Knobloch and colleagues
Attorney at law GmbH
Germany , Financial accounting
Germany, processing of credit card payments
SIX Payment Services
Germany , Processing of credit card payments
Germany , Processing of credit card payments
HS/3 Hotelsoftware GmbH & Co. KG
Software-Family: HS3 Hotelsoftware PMS (Property Management System) - Software for recording, administration and processing of reservations and hotel stays SFA (Sales Force Application) - Software for recording, administration of corporate customers and their contact persons, the data is stored on the hotel's own server and does not leave the house!
Germany, booking mask / channel manager / entering and processing of direct bookings
Customer Alliance GmbH
Germany Monitoring, evaluation and analysis of online guest ratings of hotel stays and restaurant visits
web4business - Digital Service Agency GmbH
Germany observation, ISP, website operator
Variomedia - Digital Service Agency GmbH
Germany observation, ISP, website operator