Privacy policy
of the Hotel Louis C. Jacob GmbH

In this section of the privacy policy you will find information on the scope of application, the person responsible for data processing and their data protection officer.

Scope of application
On this page we inform you about the type, scope and purpose of the personal data collected by HOTEL LOUIS C. JACOB GMBH, which are processed both when you visit this website and in other processing operations under our responsibility that are not related to this website. This privacy policy applies to the following offers:
our online offer available at www.hotel-jacob.de; www.carls-brasserie.de; www.jacobs-restaurant.de

Controller
The controller in charge of data processing - i.e. the party that determines the purposes and means of the processing of personal data - in connection with processing operations is
HOTEL LOUIS C. JACOB GMBH
Bugenhagenstraße 21
20095 Hamburg
Phone: +49 40 300322-311
Email: jacob@hotel-jacob.de

Data protection officer
You can contact our data protection officer as follows:
Contact form: https://www.dsextern.de/anfragen
DS EXTERN GmbH
Dipl.-Kfm. Marc Althaus
Frapanweg 22
D-22589 Hamburg

In this section of the privacy policy, we inform you in detail about the processing of personal data. For the sake of clarity, we have organized this information according to specific functionalities.

Unless otherwise stated, the following applies to all processing described below:

No obligation to provide
There is neither a contractual nor a legal obligation to provide personal data. You are not obliged to provide data.

Consequences of non-provision
In the case of required data (data that is marked as mandatory when it is entered), non-provision means that the service in question cannot be provided. Otherwise, failure to provide the data may mean that our services cannot be provided in the same form and quality.

Consent
In various cases, you have the option of giving us your consent to further processing in connection with the processing described below (possibly for some of the data). In this case, we will inform you separately in connection with the submission of the respective declaration of consent about all modalities and the scope of the consent and about the purposes that we pursue with this processing.

Photography and filming
The events of the LOUIS C. JACOB brand events may be documented by photographs and film recordings. The use of photographs, such as team photos or event photos, takes place on the Internet on the respective event page. Selected images of the event may be used for impressions in social media in web resolution and in various print media. No other photo or film recordings will be passed on to third parties. The participant can object to the storage, use and distribution of the recordings made of him/her at any time with effect for the future. If the objection is made before the start of a LOUIS C. JACOB brand event, DSR Hotel Holding will delete all recordings of the participant immediately after the end of the event. The objection can be declared in writing (e.g. letter) or in text form (e.g. by fax or e-mail). Please state your surname and first name as well as the date and name of the event in your objection.

Transmission to state authorities
We only transmit personal data to state authorities (including law enforcement authorities) if this is necessary to fulfill a legal obligation to which we are subject (legal basis: Art. 6 para. 1 c) GDPR) or if it is necessary for the assertion, exercise or defense of legal claims (legal basis Art. 6 para. 1 f) GDPR).

Storage period
We do not store your data for longer than we need it for the respective processing purposes. If the data is no longer required, it will be deleted regularly, unless its temporary storage is still necessary. Reasons for this may include the following:
- Compliance with retention obligations under commercial and tax law
- Preservation of evidence for legal disputes within the scope of statutory limitation periods

Categories of recipients
In addition to the categories of recipients explicitly listed below, personal data is also transmitted to the following categories of recipients: Shipping service providers, telephone and fax providers.

Data categories
Personal master data: Title, form of address/gender, first name, surname, date of birth
Address data: street, house number, any address supplements, zip code, city, country
Contact data: Telephone number(s), fax number(s), e-mail address(es)
Registration data: Information about the service through which you have registered; times and technical information about registration, confirmation and deregistration; data provided by you during registration
Booking data: Bookings, prices, payment information
Payment data: Account data, credit card data, data on other payment services
Access data: Date and time of the visit to our service; the page from which the accessing system reached our site; pages accessed during use; session identification data (session ID); also the following information of the accessing computer system: internet protocol address (IP address) used, browser type and version, device type, operating system and similar technical information.

This section describes how we process your personal data when you visit the website.

Data category: Access data

Purpose: Establishing a connection, displaying the content of the service, detecting attacks on our site based on unusual activities, error diagnosis

Legal basis: Protection of legitimate interests (Art. 6 para. 1f GDPR)

Where applicable, legitimate interest: proper functioning of the services, security of data and business processes, prevention of misuse, prevention of damage caused by interference with information systems

Storage period: 7 days

Recipient: IT security service provider, hosting service provider, consent tool provider

Transfer to third countries: -

Tracking to analyze and optimize our services and their use as well as to measure the success of advertising campaigns and optimize the display of advertising

Information on the services used can be found under "Manage cookies" in the footer or in the consent tool.

What happens to your personal data in connection with a subscription to our newsletter is described here:

Data category: e-mail address, user profile data, newsletter, registration data

Purpose: Verification of registration (double opt-in procedure), newsletter delivery, interest-based design of the newsletter, traceability of successful newsletter registration/confirmation/unsubscription

Legal basis:
Consent (Art. 6 para. 1a GDPR)
Consent (Art. 6 para. 1a GDPR)
Protection of legitimate interests (Art. 6 para. 1f GDPR)

Legitimate interest, if applicable: Proof of successful newsletter registration/confirmation/unsubscription

Storage duration: Duration of the newsletter subscription, (unsubscription data, unlimited to fulfill accountability obligations)

Recipient: Service provider for newsletter dispatch

Transfer to third countries: -

How we process your personal data when you contact our customer service can be found here:

Data category: Personal master data, address data, contact data, content of enquiries/bookings/complaints, payment data

Purposes of processing: Processing of customer inquiries, bookings and complaints (all above-mentioned data categories), Automatic categorization and answering of mail inquiries using AI (all above-mentioned data categories), Anonymization of mail inquiries for service improvement and training (all above-mentioned data categories)

Legal basis: Contract (Art. 6 para. 1b GDPR), protection of legitimate interests (Art. 6 para. 1f GDPR)

Legitimate interest, if applicable: Customer loyalty, sales, improving customer satisfaction, service improvement and training, speeding up inquiry processing

Storage period: Processing of the inquiry, booking data in accordance with the relevant statutory retention period (10 years)

Recipients : Payment service providers, reservation system providers, hotel operating systems, customer management software; Reception: MSSNGR for digital registration form, processing of visitor's tax; Microsoft Operations Limited: Microsoft Azure provider with ChatGPT models

Transfer to third countries: In connection with this processing, our company does not transfer any personal data to recipients in third countries. Microsoft Azure and associated AI applications are hosted in Microsoft data centers in Europe.

You can find out how we process your personal data when you are at our resort here:

Data category: Personal master data, address data, contact data, booking data, payment data

Purpose: Fulfilment of the accommodation contract (all data categories mentioned above), anonymization for service improvement and training (all data categories mentioned above, except payment data)

Legal basis: Contract (Art. 6 para. 1b GDPR), protection of legitimate interests (Art. 6 para. 1f GDPR)

Legitimate interest, if applicable: Customer loyalty, improvement of customer satisfaction, service improvement and training

Storage period: Booking data in accordance with the statutory retention period (10 years)

Recipients: Payment service providers, reservation system providers, hotel operating systems, customer management software

Transfer to third countries: In connection with this processing, our company does not transfer any personal data to recipients in third countries.