We are very pleased about your interest in our company. Data protection is of particular importance to the management of the Hotel Imperials Düsseldorf. Use of the website of the Hotel Imperials Düsseldorf is in principle possible without any indication of personal data. However, if a data subject wishes to use our company’s special services through our website, personal data processing may be required. If the processing of personal data is required and there is no legal basis for such processing, we generally seek the consent of the data subject.
The processing of personal data, such as the name, address, e-mail address or telephone number of a data subject, is always in accordance with the General Data Protection Regulation. Responsible for data protection is Kedar Prasad Gajurel.
1. Collecting general data and information
The website of the Hotel Imperials Düsseldorf collects a series of general data and information each time the website is accessed by an affected person or an automated system. This general data and information is stored in the log files of the server. The (1) browser types and versions used, (2) the operating system used by the accessing system, (3) the website from which an accessing system accesses our website (so-called referrers), (4) the sub-web pages, which can be accessed via (5) the date and time of access to the website, (6) an Internet Protocol address (IP address), (7) the Internet service provider of the accessing system and (8) other similar data and information used in the event of attacks on our information technology systems.
When using this general data and information, the Hotel Imperial Düsseldorf does not draw any conclusions about the person concerned. Rather, this information is required to (1) correctly deliver the contents of our website, (2) to optimize the content of our website and to advertise it, (3) to ensure the continued functioning of our information technology systems and the technology of our website, and ( 4) to provide law enforcement authorities with the information necessary for law enforcement in the event of a cyberattack. This anonymously collected data and information are therefore statistically and further evaluated by the Hotel Imperial Düsseldorf on the one hand with the aim of increasing data protection and data security in our company in order to ultimately ensure an optimal level of protection for the personal data processed by us. The anonymous data of the server log files are stored separately from all personal data provided by an affected person.
2. Your rights
Hotel Imperial Düsseldorf stores personal data for a maximum of ten years. Affected persons have the following rights:
a) Right to confirmation
Each data subject has the right, as granted by the European Di- rective and Regulatory Authority, to require the controller to confirm whether personal data relating to him / her are being processed. If an affected person wishes to make use of this right of confirmation, they can contact an employee of the controller at any time.
b) Right to information
Any person affected by the processing of personal data shall have the right granted by the European Di- rective and Regulatory Authority to obtain free of charge any information about the personal data stored about him and a copy of such information from the controller at any time. Furthermore, the European legislator and regulator has provided the data subject with the following information:
- the processing purposes
- the categories of personal data being processed
- the recipients or categories of recipients to whom the personal data have been disclosed or are still being disclosed, in particular to recipients in third countries or to international organizations
- if possible, the planned duration for which the personal data will be stored or, if that is not possible, the criteria for determining that duration
- the existence of a right to rectification or erasure of the personal data concerning him or to a restriction of processing by the controller or a right to object to such processing
- the existence of a right of appeal to a supervisory authority
- if the personal data are not collected from the data subject: All available information on the source of the data
- the existence of automated decision-making including profiling under Article 22 (1) and (4) of the GDPR and – at least in these cases – meaningful information on the logic involved and the scope and intended impact of such processing on the data subject
In addition, the data subject has a right of access as to whether personal data has been transmitted to a third country or to an international organization. If that is the case, then the data subject has the right to obtain information about the appropriate guarantees in connection with the transfer.
If an interested party wishes to exercise this right to information, they may at any time contact an employee of the controller.
c) Right to rectification
Any person affected by the processing of personal data shall have the right, as granted by the European legislature and the legislature, to demand the immediate correction of any inaccurate personal data concerning them. Furthermore, the data subject has the right to request the completion of incomplete personal data, including by means of a supplementary declaration, taking into account the purposes of the processing.
If an affected person wishes to exercise this right of rectification, they may, at any time, contact an employee of the controller.
d) Right to cancellation (right to be forgotten)
Any person affected by the processing of personal data shall have the right granted by the European Directives and Regulators to require the controller to immediately delete the personal data concerning him, provided that one of the following reasons is satisfied and the processing is not required:
- The personal data has been collected for such purposes or otherwise processed for which they are no longer necessary.
- The person concerned revokes the consent on which the processing was based on Article 6 (1) (a) of the GDPR or Article 9 (2) (a) of the GDPR and lacks any other legal basis for the processing.
- The data subject objects to the processing in accordance with Art. 21 (1) DS-GVO, and there are no legitimate reasons for the processing, or the data subject objects according to Art. 21 (2) DS-GVO Processing.
- The personal data were processed unlawfully.
- The erasure of personal data is necessary to fulfill a legal obligation under Union or national law to which the controller is subject.
- The personal data were collected in relation to information society services offered pursuant to Art. 8 para. 1 DS-GVO.
If any of the above reasons are correct and a data subject wishes to arrange for the deletion of personal data stored at the Hotel Imperial Düsseldorf, they may, at any time, contact an employee of the data controller. The employee of the Hotel Imperial Düsseldorf will arrange that the deletion request be fulfilled immediately.
If the personal data have been made public by the website of the Hotel Imperial Düsseldorf and if our company is responsible for deleting personal data as the person responsible pursuant to Art. 17 para. 1 DS-GVO, the Hotel Imperial Düsseldorf shall take into account the available technology and the implementation costs appropriate measures, including technical means, to inform other data controllers processing the published personal data that the data subject has deleted from all other data controllers the removal of all links to such personal data or copies or Has requested replicas of this personal data, as far as the processing is not required. The staff of Hotel Imperial Düsseldorf will arrange the necessary in individual cases.
e) Right to restriction of processing
Any person affected by the processing of personal data has the right, granted by the European directive and regulatory authority, to require the controller to restrict the processing if one of the following conditions applies:
- The accuracy of the personal data is contested by the data subject for a period of time that enables the controller to verify the accuracy of the personal data.
- The processing is unlawful, the data subject refuses to delete the personal data and instead requests the restriction of the use of personal data.
- The controller no longer needs the personal data for the purposes of processing, but the data subject requires them to assert, exercise or defend legal claims.
- The person concerned has objection to the processing acc. Art. 21 para. 1 DS-GVO and it is not yet clear whether the legitimate reasons of the person responsible outweigh those of the person concerned.
If one of the above conditions is met and a data subject wishes to request the restriction of personal data stored on the website of the Hotel Imperial Düsseldorf, they may at any time contact an employee of the data controller. The employee of Hotel Imperial Düsseldorf will cause the restriction of processing.
f) Data transferability
Any person affected by the processing of personal data shall have the right conferred by the European Directives and Regulations to obtain the personal data concerning him / her provided to a controller by the data subject in a structured, common and machine-readable format. It also has the right to transfer this data to another person responsible without hindrance by the controller to whom the personal data was provided, provided that the processing is based on the consent pursuant to Article 6 (1) (a) of the GDPR or Article 9 (1) (b) 2 (a) of the GDPR or on a contract pursuant to Article 6 (1) (b) of the GDPR and processing by means of automated processes, unless the processing is necessary for the performance of a task of public interest or in the exercise of official authority, which has been assigned to the responsible person.
Furthermore, in exercising their right to data portability under Article 20 (1) of the GDPR, the data subject has the right to obtain that the personal data are transmitted directly from one controller to another, insofar as this is technically feasible and if so this does not affect the rights and freedoms of others.
To assert the right to data portability, the data subject may at any time contact an employee of the Hotel Imperial Düsseldorf.
g) Right to object
Any person concerned by the processing of personal data shall have the right conferred by the European directive and regulatory authority at any time, for reasons arising from its particular situation, against the processing of personal data relating to it pursuant to Article 6 (1) (e) or f DS-GVO takes an objection. This also applies to profiling based on these provisions.
In the event of an objection, the Hotel Imperial Düsseldorf will no longer process personal data unless we can prove that there are compelling reasons for processing that outweigh the interests, rights and freedoms of the data subject, or the processing serves the purpose of asserting, exercising or Defense of legal claims.
If the Hotel Imperial Düsseldorf processes personal data in order to operate direct mail, the data subject has the right to object at any time to the processing of personal data for the purpose of such advertising. This also applies to the profiling, as far as it is associated with such direct mail. If the data subject objects to the Hotel Imperial Düsseldorf for the purposes of direct marketing, the Hotel Imperial Düsseldorf will no longer process the personal data for these purposes.
In addition, the data subject has the right, for reasons arising from his / her particular situation, against the processing of personal data relating to him or her, for scientific or historical research purposes or for statistical purposes pursuant to Art. 89 (1) DS- GMOs are invited to submit an objection unless such processing is necessary to fulfill a task of public interest.
In order to exercise the right of opposition, the data subject may directly contact any member of staff of Hotel Imperial Düsseldorf or any other employee. The data subject is also free, in the context of the use of information society services, notwithstanding Directive 2002/58 / EC, to exercise his right of opposition by means of automated procedures using technical specifications.
h) Right to revoke a data protection consent
Any person affected by the processing of personal data has the right, granted by the European directive and regulatory authority, to revoke consent to the processing of personal data at any time.
If the data subject wishes to assert their right to withdraw consent, they may, at any time, contact an employee of the controller.
The Hotel Imperial Düsseldorf also uses Facebook for the operation of Facebook on its websites for operational purposes, the respective provisions of Facebook apply. On the website components of the company Facebook are integrated.
A social network is an Internet-based social meeting place, an online community that typically allows users to communicate with each other and interact in virtual space. A social network can serve as a platform to exchange views and experiences, or allows the Internet community to provide personal or business information. Facebook allows social network users to create private profiles, upload photos and socialize via friend requests.
The operating company of Facebook is Facebook, Inc., 1 Hacker Way, Menlo Park, CA 94025, USA. Persons responsible for the processing of personal data, if an affected person lives outside the US or Canada, are Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbor, Dublin 2, Ireland.
Each visit to one of the individual pages of this website, which is operated by the controller and on which a Facebook component (Facebook plug-in) was integrated, the Internet browser on the information technology system of the person concerned automatically by the respective Facebook Component causes a representation of the corresponding Facebook component of Facebook to download. An overview of all Facebook plug-ins can be found at https://developers.facebook.com/docs/plugins/?locale=de_DE. As part of this technical process, Facebook receives information about which specific underside of our website is visited by the person concerned.
If the data subject is simultaneously logged into Facebook, Facebook recognizes with each visit to our website by the data subject and during the entire duration of the respective stay on our website, which specific underside of our website the data subject visits. This information is collected through the Facebook component and assigned by Facebook to the respective Facebook account of the data subject. If the person concerned activates one of the Facebook buttons integrated on our website, for example the “Like” button, or if the affected person makes a comment, Facebook assigns this information to the personal Facebook user account of the person concerned and saves this personal data.
Facebook always receives information via the Facebook component that the data subject has visited our website if the data subject is logged in to Facebook at the same time as accessing our website; this happens regardless of whether the person clicks on the Facebook component or not. If such a transfer of this information to Facebook is not wanted by the data subject, it can prevent the transfer by logging out of their Facebook account before calling our website.
The data policy published by Facebook, which is available at https://de-de.facebook.com/about/privacy/ , provides information on the collection, processing and use of personal data by Facebook. It also explains which options Facebook offers to protect the privacy of the data subject. In addition, different applications are available, which make it possible to suppress data transmission to Facebook. Such applications can be used by the data subject to suppress data transmission to Facebook.