Apply now

Principles of Data Processing

You came to this page via a link, because you want to inform yourself about our handling of (your) personal data. In order to fulfill our information requirements according to Art. 12 et seq. of the General Data Protection Regulation (DSGVO), we would like to present our information on data protection below:

1. Who is responsible for data processing? 

Responsible in terms of data protection law is the 

Cosmopolitan Hotelbetriebs GmbH
Schützenstraße 11
80335 München 

Hotel Excelsior München GmbH & Co. KG
Schützenstraße 11
80335 München 

All About Wine Handels GmbH
Geisels Weingalerie
Herzog-Wilhelm-Straße 4
80331 München 

You will find more information about our company, information on the persons authorized to represent and also further contact options in our imprint of our website: 

https://www.excelsior-hotel.de/impressum
https://www.schwabinger-wahrheit.de/impressum
https://www.geiselsweingalerie.de/ 

 

2. Welche Daten von Ihnen werden von uns verarbeitet? Und zu welchen Zwecken?

If we have received data from you, we will only process it for the purposes for which we received or collected it. 

Data processing for other purposes can only be considered if the legal requirements to that extent required under Article 6 (4) GDPR are met. In the case, of course, we will observe any information requirements under Art. 13 para. 3 DSGVO and Art. 14 para. 4 DSGVO. 

3. On what legal basis is this based? 

The legal basis for the processing of personal data is in principle – as far as there are no specific legal provisions – Art. 6 GDPR. Here are the following options in particular: 

  • Consent (Article 6 (1) (a) GDPR) 
  • Data processing for the fulfillment of contracts (Article 6 (1) (b) DSGVO) 
  • Data processing based on a balance of interests (Article 6 (1) (f) GDPR) 
  • Data processing to fulfill a legal obligation (Article 6 (1) (c) GDPR) 

If personal information is processed by you on the basis of your consent, you have the right to revoke your consent to us at any time with future effect. 

If we process data on the basis of a balance of interests, you, as the person concerned, have the right to object to the processing of your personal data, taking into account the requirements of Art. 21 DSGVO. 

4. How long is the data stored? 

We process the data as long as this is necessary for the purpose. 

As far as statutory storage obligations exist – e.g. in commercial or tax law – the personal data concerned are stored for the duration of the retention obligation. After expiry of the retention obligation, it is checked whether there is a further need for processing. If a requirement no longer exists, the data is deleted. 

Basically, towards the end of a calendar year, we are reviewing data for further processing. Due to the amount of data, this check is done for specific types of data or purposes of processing. 

Of course, you can at any time (see above) request information about the stored personal information about us and require in case of non-existent necessity, a deletion of the data or restriction of processing. 

5. To which recipients will the data be passed on? 

A disclosure of your personal data to third parties will only take place, if this is necessary for the execution of the contract with you, the disclosure on the basis of a balance of interests 

i.S.d. Art. 6 para. 1 lit. f) DSGVO is permitted, we are legally obliged to passing on or you have given consent to this extent. However, we use service providers for billing purposes or for other products or services. Here it may happen that a service provider receives knowledge of personal data. We carefully select our service providers – in particular with regard to data protection and data security – and take all data protection measures necessary for permissible data processing. 

6. Where is the data processed? 

Your personal data will be processed by us exclusively in data centers of the Federal Republic of Germany. 

7. Your rights as “concerned” 

You have the right to information about the personal data we process about you. 

In the case of a request for information that is not made in writing, we ask for your understanding that we may then request proof from you that you prove that you are the person for whom you are claiming to be. 

Furthermore, you have the right to rectification or deletion or restriction of processing, as far as you are legally entitled. 

Furthermore, you have the right to object to the processing within the scope of the legal requirements. The same applies to a right to data portability. 

In particular, you have the right to object to the processing of your data in connection with direct advertising, if this is done on the basis of a balance of interests, in accordance with Art. 21 (1) and (2) DSGVO 

8. Our data protection officer 

We have appointed a data protection officer in our company. You can reach them under the following contact options: 

Franziska Rosin 
Blombergstraße 4 
86938 Schondorf 
E-Mail: datenschutz@geisel-privathotels.de 

9. Right of appeal 

You have the right to complain to us about the processing of personal data by us at a data protection supervisory authority. 

10. Data processing in the specific case 

Data of the hotel guests 

In the following paragraph you will gain insight into the use of your data (the listing does not claim to be exhaustive) 

Storage of your data acc. Art. 6 para. 1 lit. b) GDPR and legitimate interest (Article 6 (1) (f) DSGVO): In order to fulfill our contractual obligations we store your data in our PMS Property Management System. There we keep your data until you object to the further use of data. This is necessary to maintain our usual high standard, as we can create such a guest history for you. So, we can meet your wishes and preferences even with a new visit. In addition, we use your email address to ask you about your satisfaction with the stay. You can also contradict this usage, as already mentioned above. 

Joint processing of guest data: Geisel Privathotels act as joint controllers (Art. 26 DSGVO) when processing their data and process them in the legitimate interest. This serves to improve our services. Your data will be used exclusively for hotel booking or re-booking. This ensures that, for example, we can offer you a different room at one of our partner hotels without having to re-enter your details. 

We only collect and process some of your data if you have given us your consent to do so. As described above, you can object to this consent at any time. This in, for example, the case if you have agreed that we may save their allergies and / or food intolerances or in the consent to our newsletter shipping. 

Data of the restaurant guests 

In the following paragraph you will gain insight into the use of your data (the listing does not claim to be exhaustive) 

Storage of your data acc. Art. 6 para. 1 lit. b) GDPR and legitimate interest (Article 6 (1) (f) DSGVO): In order to fulfill our contractual obligations we store your data in our booking tool. There we keep your data until you object to the further use of data. This is necessary to maintain our usual high standard, as we can create such a guest history for you. So we can meet your wishes and preferences even with a new visit. 

We only collect and process some of your data if you have given us your consent to do so. As described above, you can object to this consent at any time. This in, for example, the case if you have agreed that we may save their allergies and / or food intolerances or in the consent to our newsletter shipping.
 

Privacy Policy for Applicants 

We are pleased that you are interested in us and have applied or applied for a position in our company. We would like to provide you below with information on the processing of your personal data in connection with the application. 

Who is responsible for data processing? 

Responsible in terms of data protection law is the 

Hotel Excelsior München GmbH & Co.KG 
Schützenstraße 11 
80335 München 

You will find more information about our company, information on the persons authorized to represent and also further contact options in our imprint of our website: 
https://www.geisel-privathotels.de. 

Which data from you are processed by us? And for what purposes? 

We process the information you have provided to us in connection with your application in order to assess your suitability for the position (or, if applicable, other open positions in our companies) and to carry out the application process. 

On what legal basis is that based?

The legal basis for the processing of your personal data in this application process is primarily § 26 BDSG in the version valid from 25.05.2018. Thereafter, the processing of the data required in connection with the decision to establish an employment relationship is permitted. 

If the data may be required for legal prosecution after completing the application process, data processing based on the requirements of Art. 6 GDPR, in particular for the exercise of legitimate interests pursuant to Art. 6 para. 1 lit. f) GDPR. Our interest then lies in the assertion or defense against claims. 

How long is the data stored? 

Data of applicants will be deleted in case of cancellation after 6 months. 

If you have consented to the further storage of your personal data, we will transfer your data to our applicant pool. There, the data will be deleted after two years. 

If you have been awarded the contract as part of the application process, the data from the applicant data system will be transferred to our personnel information system. 

To which recipients will the data be passed on? 

We use a specialized software provider for the application process. This person acts as a service provider for us and may also be aware of your personal data in connection with the maintenance and care of the systems. We have concluded a so-called order processing contract with this provider, which ensures that the data processing takes place in a permissible manner. 

Your application data will be viewed by the Human Resources department upon receipt of your application. Suitable applications are then forwarded internally to the department heads for the respective open position. Then the further procedure is tuned. In principle, only those persons in the company have access to your data, who need this for the proper execution of our application process. 

Where is the data processed? 

The data are processed exclusively in data centers of the Federal Republic of Germany. 

Your rights as “concerned” 

You have the right to information about the personal data we process about you. In the case of a request for information that is not made in writing, we ask for your understanding that we may then request proof from you that you prove that you are the person for whom you are claiming to be. 

Furthermore, you have the right to rectification or deletion or restriction of processing, as far as you are legally entitled. Furthermore, you have the right to object to the processing within the scope of the legal requirements. The same applies to a right to data portability. 

Our data protection officer 

We have appointed a data protection officer in our company. You can reach them under the following contact options: 

Data Protection Officer 

Franziska Rosin
Blombergstraße 4 
86938 Schondorf 
E-Mail: datenschutz@geisel-privathotels.de 

Right of appeal 

You have the right to complain to us about the processing of personal data by us at a data protection supervisory authority.