Data protection provisions
for the websites the-cloud-one.com and motel-one.com, as well as the Motel One app
Thank you for your interest in our websites www.the-cloud-one.com and www.motel-one.com (‘websites’) and in our application software for mobile devices, the Motel One app (‘app’). The websites and the app are operated by Motel One GmbH (‘Motel One’) and offer you, the user (‘user’), the option of learning about the room offerings and the various hotel locations, booking a room if you are interested and there is a vacancy, and contacting us if you have any questions.
We take the protection of your personal data seriously and abide by the provisions of data protection laws and other relevant data protection requirements. In the sections below, we will explain to you, as a user of our website or our app, how we handle your data and provide you with an overview of the measures we implement to protect personal data.
You may revoke any consent you may have granted at any time with future effect. If you have any questions regarding our use of your personal data, please contact us.
- • Zásady ochrany osobních údajů (CZ)
- • Datenschutzhinweise (DE)
- • Databeskyttelse (DK)
- • Data protection information (EN)
- • Aviso de privacidad (ES)
- • Informations en matière de protection des données (FR)
- • Gegevensbeschermingsinstructies (NL)
- • Politykę prywatności (PL)
1. Controller and scope
The controller pursuant to the EU General Data Protection Regulation (‘GDPR’) and other national data protection laws of member states as well as other data protection provisions is:
Motel One GmbH
Tegernseer Landstrasse 165
Tel.: +49 (0) 089 665025-0
Fax: +49 (0) 089 665025-50
Website: www.motel-one.com or www.the-cloud-one.com
Email: firstname.lastname@example.org or email@example.com
2. Data protection officer
The controller’s external data protection officer is:
Dr Karsten Kinast, LL.M.
KINAST Rechtsanwaltsgesellschaft mbH
Tel.: +49 (0) 221 222 183-0
3. Principles of data processing
Personal data refers to all information related to an identified or identifiable natural person. This includes, for example, information such as your name, age, address, telephone number, date of birth, email address, IP address or user behaviour. Information that we cannot use to identify you personally (or that would involve a disproportionate effort to do so), for example, by anonymising the information, does not constitute personal data. The processing of personal data (e.g. collecting, accessing, using, storing or transmitting such data) always requires a legal basis or your consent. Processed personal data will be deleted as soon as the purpose of the processing has been achieved and there is no longer any statutory obligation to retain the data.
If we process your personal data in order to provide certain services, the sections below will inform you of the specific processes, the scope and the purpose of the data processing activity, the legal basis for the processing activity and the relevant storage period.
4. Individual processing steps
- a. Provision and use of the websites and the Motel One app
When you access and use our websites or the Motel One app, we collect personal data that your browser or the app automatically sends to our server. This information is temporarily saved in a log file. When you use our websites, we collect the following information, which we need for technical reasons in order to display our websites to you and ensure stability and security:
Every time a user accesses one of the websites or the app and every time a file is accessed, access data related to this action is stored in a log file on our server. This data includes:
- • Browser type/version
- • Operating system used
- • Referring URL (the site previously visited)
- • Host name of the accessing computer (IP address)
- • Time and date of the server request
- • Volume of data transmitted and access status (file transmitted, file not found, etc.).
This data is used to generate pseudonymised internal statistics that help us to analyse the use of the websites or the Motel One app, correct errors and improve our services. It is not used for any other purpose related to you individually. In particular, this data is not merged with other data sources. This data is automatically deleted after the statistical analysis. You can prevent your pseudonymised data from being used for statistical purposes at any time by adjusting your browser settings to prevent cookies from being stored on your computer (see section 7).
The legal basis for the specified data processing is Article 6(1)(f) GDPR. The processing of the specified personal data is necessary to provide the websites and the Motel One app and therefore serves to safeguard the legitimate interests of our company.
The temporary storage of the IP address by the system is necessary in order to display the website on the user’s computer. The user’s IP address has to be stored for the duration of the session.
As soon as the specified data is no longer necessary to display the websites, it will be deleted. The collection of data to provide the websites and the storage of data in log files is necessary for the operation of the websites and the Motel One app. Consequently, the user does not have the right to object to such use. The data may be stored for longer periods in individual cases if required by law.
- b. Reservations, bookings and vouchers
You can make a reservation and/or booking on our websites and in the app. You can also buy vouchers. When you do this, the following personal data will be entered into a form and processed by us:
- • Name and surname
- • Address
- • Email address
- • Phone number (if provided)
- • Company name (if provided)
- • Tax number (if provided)
- • Bank details or credit card information (if provided)
In order to process payments, we share your payment details with the financial institution responsible for processing the payment and with any payment service providers commissioned by us or the payment service selected by you when you place the order. These companies may only use your personal data to process the order and not for any other purpose.
To process payments, it is also necessary for our payment service provider Computop Wirtschaftsinformatik GmbH to process personal data for the 3D Secure 2.0 protocol. 3D Secure 2.0 is a protocol for secure and enhanced customer authentication, carried out in accordance with Directive (EU) 2015/2366 (Payment Services Directive 2, PSD 2).
For this purpose, the following personal data, in particular, is also processed:
- • Transaction data
- • Browser information, e.g. IP address or browser language
- • Billing and shipping address
- • Customer account details (e.g. how long your account has been open)
Personal data is processed for the completion of a booking/reservation or the purchase of a voucher in order to fulfil a contract between you and Motel One in accordance with Article 6(1)(b) GDPR. This also applies to data processing required for the implementation of pre-contractual measures.
As soon as the processed personal data is no longer necessary for the execution of the contract, it will be deleted. Even after the conclusion of the contract, it may be necessary to store your personal data in order to comply with contractual or statutory obligations. The data may be stored for longer periods in individual cases if required by law.
- c. Contact form and email correspondence
Please feel free to contact us electronically via the form provided. The personal data you enter in the form will be transferred to us. If you use the contact form, the following personal data will be processed:
- • Email address
- • First name and surname
- • Any other personal data included in the message
Additionally, the following personal data will be stored when the message is sent:
- • IP address
- • Date and time of your message
Alternatively, you can contact us at the email address provided. In this case, the personal data transmitted with the email will also be stored. In this case, the personal data will not be shared with third parties. The personal data will only be used to process your enquiry.
The legal basis for the processing of personal data is Article 6(1)(f) GDPR. We have a legitimate interest in responding to enquiries that you send to us by email or via the contact form. Additionally, pursuant to Article 6(1)(f) GDPR, we have a legitimate interest in processing personal data during the sending process in order to prevent misuse of the contact form and protect our IT systems.
After we have processed your enquiry, the personal data will be deleted unless deletion is prevented by contractual or statutory retention periods. You have the right to withdraw your consent to the processing of personal data at any time. If you contact us by email, you can object to the processing of your personal data at any time. In this case, it will not be possible to process your enquiry any further. All personal data collected in the course of this correspondence will be deleted in this case unless deletion is prevented by contractual or statutory retention periods.
- d. Minors
Persons under the age of 18 should not provide us with any personal data without the consent of their parents or guardians. We do not request personal data from children and adolescents, nor do we collect such data or forward it to third parties.
- e. beOne membership
When you registered as a beOne member, you accepted the General Terms and Conditions of the beOne membership programme (https://www.motel-one.com/en/services/be-one-membership-programme/conditions-of-participation/ or https://www.the-cloud-one.com/en/services/be-one-membership-programme/conditions-of-participation/) and expressly accepted the following declaration of consent (https://www.motel-one.com/en/services/be-one-membership-programme/declaration-of-consent/ or https://www.the-cloud-one.com/en/services/be-one-membership-programme/declaration-of-consent/). We have logged this:
‘Declaration of consent to the use of my personal data
By registering for the BE ONE membership programme, I hereby consent to the collection, processing and use of my personal data as required for the execution of the BE ONE membership programme, as well as in the context of bookings and for the transmission of regular information about news, promotions and offers of Motel One related to hotels and travel via email, text, WhatsApp or other electronic media.
I furthermore consent to the use of my personal data for targeted advertising purposes on our[A1] websites as well as on social media platforms.’
If you have registered as a beOne member, you can terminate this registration at any time. You can revoke your beOne membership at any time with future effect via email (firstname.lastname@example.org or email@example.com ), which will terminate your membership. In addition, you can cancel the beOne membership with immediate future effect by clicking ‘Delete profile’ while logged into your beOne profile and confirming the choice by clicking ‘Delete profile’ again in response to the question ‘Do you really want to delete your profile?’. You can change the data stored about you in your profile at any time.
If you have any questions, please contact:
Motel One GmbH
Tegernseer Landstrasse 165
Tel.: +49 (0) 089 665025-0
Fax: +49 (0) 089 665025-50
Email: firstname.lastname@example.org or email@example.com
However, if the processed data is required for the execution of a contract or for the implementation of pre-contractual measures, the data can only be deleted early if doing so does not contradict a contractual or statutory obligation.
- f. beConnected
In collaboration with our partner m3 connect, we offer beOne members the opportunity to take advantage of the beConnected service, whereby you log into our hotel wifi once with a device (laptop, smartphone, tablet, etc.) and then have permanent wifi access (over multiple stays) with this device. Your MAC address is processed by m3 connect and can be assigned to your beOne account by us. The legal basis for the processing of personal data that is required for the fulfilment of a contract to which you are a party is Article 6(1)(b) GDPR. Your data will be stored for as long as you use the beConnected service.
5. Email correspondence
- a. Evaluation email following a stay
After staying at a Motel One or The Cloud One hotel, customers will receive an email asking them to rate their stay and suggest improvements.
The legal basis for the data processing activity carried out with respect to the use of your email address is Art. 6(1)(f) GDPR. The processing of email addresses and the collection of ratings is necessary to ensure the quality of the hotel and to optimise hotel services, and therefore helps to safeguard the legitimate interests of our company. This evaluation email is not used for any other purpose.
As soon as this data (email address and rating) is no longer required for the specified optimisation purposes, it will be deleted immediately.
- b. Motel One newsletter
When registering for the Motel One newsletter, the user declared their consent to regularly receive a newsletter email containing news, campaigns and offers from Motel One and The Cloud One hotels (as well as articles related to the topic of hotels, travel and overnight accommodation). The personal data processed by Motel One in order to send the newsletter is not shared with other companies. You can revoke your consent to the use of your email address at any time with future effect (firstname.lastname@example.org). You can also unsubscribe from the newsletter via a separate link located at the bottom of each newsletter email.
You, the user, expressly accepted the following declaration of consent when you subscribed to the newsletter on our website: www.motel-one.com/en/newsletter/ and we have logged this consent:
‘I would like to subscribe to the free Motel One newsletter and receive regular news and information about campaigns and offers from Motel One and The Cloud One hotels related to the topic of hotels and travel. My email address will not be disclosed to other companies. I can revoke my consent to receive the newsletter with future effect at any time via the websites https://www.motel-one.com/en/newsletter/’
- c. beOne newsletter
Users who have registered at Motel One as a beOne member on the website or via the app will automatically receive the beOne newsletter containing news and information about campaigns and offers from the membership programme. You can revoke your beOne membership, and thus your consent to the use of your email address, at any time with future effect via email (email@example.com or firstname.lastname@example.org), which will terminate your membership. In addition, you can cancel the beOne membership with immediate future effect by clicking ‘Delete profile’ while logged into your beOne profile and confirming the choice by clicking ‘Delete profile’ again in response to the question ‘Do you really want to delete your profile?’.
6. Push notification
In the app, you can sign up to receive push notifications. For this purpose, Motel One and The Cloud One hotels use the Firebase Cloud Messaging service, which is provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (‘Google’). For detailed information about how Google uses personal data, please visit https://policies.google.com/privacy and https://firebase.google.com/support/privacy.
The push notifications can provide you with information about your next booking, or news and offers from Motel One and The Cloud One hotels.
To sign up for push notifications on iOS, you must opt in when your browser or device asks whether you would like to receive push notifications.
We evaluate anonymised push notifications for statistical purposes and can therefore determine whether and when push notifications have been displayed and clicked on. This enables us to determine which push notifications are of interest to recipients and tailor future notifications to the presumed interests of all recipients in order to increase the level of interest in our service.
You can revoke your consent to the storage and use of your personal data to receive our push notifications at any time with future effect in accordance with Art. 6(1)(a) GDPR. You can revoke your consent by adjusting the settings on your device.
Disabling push notifications on iOS:
- • Open the ‘Settings’ app.
- • Scroll down the list of apps until you see the name of the app for which you would like to turn off push notifications.
- • Tap the name of the app and then ‘Notifications’.
- • You can now turn off individual types of notification or disable push notifications completely.
Disabling push notifications on Android:
- • Open the notification panel at the top edge of your screen.
- • Long press a notification from the app for which you would like to disable push notifications until a menu opens.
- • Tap ‘App info’.
- • Untick the ‘Receive notifications’ box.
Your data will be erased as soon as it is no longer necessary for the purpose for which it was collected. As such, your data will be stored for as long as push notifications are enabled.
7. Processing and deletion
Motel One or The Cloud One hotels may, on their own initiative or at the request of the user, complete, correct or delete incomplete, erroneous or outdated personal data that Motel One or The Cloud One hotels have stored in connection with the operation of this website. If these processes are carried out at the request of the user, Motel One or The Cloud One hotels may only do so if the user has sufficiently identified themselves. Identity is verified using a copy of a photo ID – which will of course be deleted immediately after the authentication has been completed – or using criteria that can only be known by the user. Motel One or The Cloud One hotels cannot agree to the user’s request if they are not properly identified.
In line with statutory provisions, Motel One or The Cloud One hotels will delete personal data immediately on the user’s request, provided there are no mandatory retention obligations to the contrary.
8. Disclosure of personal data to third parties
a. Personal data is handled confidentially and in line with the statutory data protection regulations. Data is not disclosed to third parties without the user’s consent, unless this is required to carry out orders, process payments or process requests or it is permitted in accordance with the statutory provisions. External service providers are obliged to handle data confidentially and securely, and they may only use the data as required to carry out their duties.
b. This is particularly true for any payments processed by external service providers, as well as the exchange of data with SCHUFA Holding AG, Kormoranweg 5, 65201 Wiesbaden, Germany for the purpose of credit checks if there is a legitimate interest or in the event of non-contractual conduct. SCHUFA Holding AG, Kormoranweg 5, 65201 Wiesbaden, Germany stores and transmits data to its contractual partners for credit checks. The user’s legitimate concerns are taken into account in line with the statutory provisions.
c. Otherwise, personal data is only disclosed if the user has given their express prior consent or if doing so is necessary for the prosecution of criminal offences. Personal data is only transmitted to the authorities or government agencies with the right to information if there is a statutory obligation to provide information or there has been a court ruling to this effect. Your legitimate concerns are taken into account in line with the statutory data protection provisions. Where necessary, we may disclose your data to third parties on the basis of statutory requirements. We only comply with such requests if we are required to do so in line with statutory obligations.
- Any consent you may have given for us to disclose your data can be revoked at any time and without the need to provide us with a reason.
9. Protection of data
The protection of personal data is an important corporate principle at Motel One and The Cloud One hotels. This is achieved through, among other things, training, a company data protection officer and a written agreement with all employees and external service providers to maintain the confidentiality of data and comply with data protection requirements.
All technical and organisational, physical and computer systems and measures in the area of data protection, IT and information security help to protect stored data from damage, destruction and unauthorised access and to achieve the protection objectives of confidentiality, availability and integrity.
For the sake of security, personal data is collected using an encrypted secure socket layer (SSL) connection (recognisable by the use of ‘https://’ at the beginning of the website address in the address bar of the internet browser).
In addition, Motel One and The Cloud One hotels take all reasonable precautions to prevent unauthorised access to users' personal data as well as the unauthorised use or falsification of this data and to minimise the corresponding risks. However, the provision of personal data, whether this is done in person, on the phone or online, always involves risks, and there is no technical system that is completely impervious to manipulation or sabotage.
We use SurveySparrow to compile online questionnaires. With SurveySparrow, we collect, analyze, compile, compare and review data from survey respondents to produce insights and make sense out of the responses. SurveySparrow is a survey software tool that strictly adheres to the GDPR. SurveySparrow process the data responses only as part of the provision of services to Motel One and in accordance with our sole written instructions. It acts as an intermediary platform to collect the responses that you submit to us via an online questionnaire.
The SurveySparrow product is designed in such a way that they adhere to the principle, Privacy by design and default in all circumstances respecting the privacy of individuals as guaranteed under the GDPR. Therefore, they do not have access to the survey responses directly or indirectly and all survey responses and results generated within the said platform are securely stored on their servers in the EU. SurveySparrow does not sell, misuse or share your responses to third party advertisers or marketers. Further the data submitted by the survey respondents are not scanned or shared by SurveySparrow for any purpose. The results generated on the SurveySparrow platform can only be exported by Motel One for analysis and review.
Motel One use your answers to improve our services, and your personally identifying information will not be used unless expressly requested in a particular question. Motel One never use your information to build an identifiable profile of you. Your data is never sold, monetised, or shared beyond the reasonable remit of carrying out brand, design, and user experience research.
Data Processing Addendum
We have concluded a Data Processing Addendum (DPA) with the above-mentioned service provider, SurveySparrow. This is a contract required by data protection law, which ensures that this provider only processes the personal data of our survey respondents in accordance with our instructions and in compliance with the GDPR. The contract is based on standard contractual clauses of the EU and can be viewed at the following link: https://surveysparrow.com/legal/dpa/
With the help of Cookies used by SurveySparrow, we process the following personal data of our users:
- • Click-Through-Rates
- • IP-address
- • location data
- • operating system
- • Device type
- • Survey responses
Purpose of Data Processing
The processing of your personal data with the help of SurveySparrow serves the purpose of
Improving our website/improving our offer/making our website more customer-friendly.
Legal basis for data processing
We process your personal data on the following legal basis: Your consent according to Art. 6 (1) lit. a GDPR. We require your consent for processing for this purpose. You can revoke your consent at any time via the cookie banner on our website. Please note that the revocation of consent does not affect the lawfulness of the processing carried out on the basis of the consent until the revocation. If you set your browser software accordingly, you can generally prevent the storage of cookies. Please note, however, that in this case not all functions on our website will be available to you.
We only store your personal data for as long as the purpose requires. If you withdraw your declaration of consent, we will delete your personal data. We can view your personal data for maximum 12 months.
Disclosure to Third Parties
SurveySparrow is our data processor. For this purpose, we have concluded a data processing agreement with the service provider SurveySparrow Inc. in accordance with Art. 28 GDPR. SurveySparrow processes your personal data only on our instructions.
Data transfer to Third Countries
We transfer your personal data to SurveySparrow Inc., USA. For the transfer of your personal data to a third country, we have provided appropriate safeguards in the form of Standard Contractual Clauses pursuant to Art. 46(2)(d) GDPR, which have been adopted by a supervisory authority and approved by the European Commission in a review procedure pursuant to Art. 93(2) GDPR.
Most browsers are configured to accept cookies by default. However, you can configure your browser so that it only accepts certain cookies or no cookies at all. Please note, however, that you may not be able to use all of the functions of our websites if you deactivate cookies on our websites through your browser settings. You can also adjust your browser settings to delete cookies already stored in your browser or to display the storage period. In addition, you can configure your browser to notify you before cookies are stored. Since different browsers can vary in terms of their functionality, please see your browser’s help menu for the configuration options.
If you would like a comprehensive overview of all third parties that have access to your internet browser, we recommend installing a plug-in specially developed for this purpose.
12. Tracking and analysis tools
We using tracking and analysis tools to ensure ongoing optimisation and needs-based design of our websites. Tracking also enables us to collect statistics regarding the use of our websites, which helps us to enhance our online presence using the resulting findings. The legal basis for the use of tracking and analysis tools is the consent you provided in the cookie banner or in the cookie and tracking tool settings pursuant to Art. 6(1)(a) GDPR.
The following description of tracking and analysis tools also outlines the respective processing purposes and the data processed.
a. Google Analytics and Google Firebase
The Motel One app uses Google Analytics via the Google Firebase service. In this case, personal data is collected via Google Firebase and then displayed and processed further in Google Analytics.
On behalf of Motel One and The Cloud One hotels, Google uses this information to assess your use of our websites, to compile reports about website activity and to provide other services related to use of the website and the internet to the website operator. The abbreviated IP address transmitted from your browser as part of the Google Analytics service will not be merged with other Google data. You can prevent cookies from being stored on your device by adjusting your browser settings accordingly; however, if you do this, you may not be able to fully use all of the website’s functions.
You can also prevent the collection of the information generated by the cookie related to your use of the website or app (including your IP address) and the processing of this data by Google by downloading and installing the browser add-on available at the following link: https://tools.google.com/dlpage/gaoptout?hl=en-GB.
Further information about Google Analytics can be found here: http://www.google.com/intl/en/policies/privacy/partners/
More information about Google Firebase can be found here: https://firebase.google.com/
b. Google Data Studio
We use Google Data Studio, an analytics service provided by Google LLC / Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA (‘Google’). It is an additional management tool from Google Analytics. This analytics service uses the personal data collected by Google Analytics. Google Data Studio visually represents user-defined reports. If you deactivate Google Analytics with future effect here, your data will not be used by Google Data Studio.
In accordance with Article 6(1)(a) GDPR, this data processing is based on your consent, which you have granted us by ticking a box in the cookie banner. You can withdraw your consent at any time by unticking the box.
c. Google BigQuery
For data retention, we use Google BigQuery, a service operated by Google Cloud EMEA Ltd., 70 Sir John Rogerson’s Quay, Dublin, D02 R296, Ireland. Through the use of the Google Cloud infrastructure, this enables the data collected to be stored and managed. Data collected through our web analysis is exported in the form of tables that contain user IDs, which are assigned by Google Analytics and Google Firebase. This involves only data retention, meaning no additional data is added to the data already present from GA4 tracking during the export. The data is stored by Google BigQuery for 36 months. The data storage location is Frankfurt am Main, Germany.
Our websites use the web analysis and online marketing controlling system by Hurra Communications GmbH (‘hurra.com’) for web analysis and the optimisation of online marketing.
The provider of OWAPro is Hurra Communications GmbH, Wollgrasweg 27, 70599 Stuttgart, Germany.
You can prevent the collection and processing of data by hurra.com services for our websites at any time by opting out (http://ssl.hurra.com/opt-out?cid=600&ln=en).
13. Social plug-ins
We use the following plug-ins from Facebook, Instagram, Pinterest and Twitter on our websites.
- a. Facebook social plug-ins
Our websites contain ‘social plug-ins’ (‘plug-ins’) from the social network www.facebook.com, which is operated by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA (‘Facebook’). The plug-ins are marked with a Facebook logo or the appendix ‘Facebook Social Plug-in’ (http://developers.facebook.com/). The websites contain plug-ins that establish a direct connection between the user’s browser and Facebook’s servers as soon as the user accesses the websites. The content of the plug-ins is transmitted directly from Facebook to the user’s browser and integrated into the respective website by the browser. Motel One and The Cloud One hotels have no influence over the scope of the data that Facebook collects using these plug-ins.
As a result of this integration of the plug-ins, Facebook is informed that the user has accessed the respective website. If the user is logged into Facebook, Facebook can assign the user to their Facebook account. If the user clicks the ‘Like’ button or writes a comment, the corresponding information is transmitted directly from their browser to Facebook and stored there.
If the user is a member of Facebook and does not want Facebook to collect data about them via Motel One or The Cloud One hotels and link it with their stored membership data, they must log out of Facebook before visiting the website. However, even if the user is not logged into Facebook, it is possible that Facebook may learn about and save certain data.
If users wants to block Facebook social plug-ins in general, they can install and activate a corresponding extension on their browser.
- b. Instagram social plug-ins
Our websites use social plug-ins (‘plug-ins’) from Instagram, which is operated by Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. The plug-ins are marked with an Instagram logo, e.g. in the form of an ‘Instagram camera’. When the user accesses our websites containing these plug-ins, the browser establishes a direct connection to Instagram’s servers. The content of the plug-ins is transmitted directly from Instagram to the user’s browser and integrated into the page. As a result of this integration, Instagram is informed when the user has accessed the corresponding page on our website, even if you do not have an Instagram profile or are not logged into Instagram. This information (including your IP address) is transmitted directly from your browser to an Instagram server in the USA and stored there. If the user is logged into Instagram, Instagram can assign the visit to our website to the user’s Instagram account. If the user interacts with the plug-ins, for example by clicking on the Instagram button, this information will also be transmitted directly to an Instagram server and stored there. The information will also be published on your Instagram account and displayed to your contacts there. Motel One and The Cloud One hotels have no influence over the scope of the data that Instagram collects using these plug-ins.
- c. Pinterest social plug-ins
Our websites use social plug-ins (‘plug-ins’) from the social network Pinterest, which is operated by Pinterest Inc., 808 Brannan Street, San Francisco, CA 94103, USA (‘Pinterest’). The plug-ins can be identified, for example, on buttons with the ‘Pin it’ icon on a white or red background. When the user accesses our website containing these plug-ins, the browser establishes a direct connection to Pinterest’s servers. The content of the plug-ins is transmitted directly from Pinterest to the user’s browser and integrated into the page. As a result of this integration, Pinterest is informed when the user has accessed the corresponding page on our website, even if you do not have a Pinterest profile or are not logged into Pinterest.
- d. Twitter buttons
Our websites also enable users to post articles and other content on Twitter. This service and a configured plug-in are provided by Twitter, Inc., 795 Folsom St., Suite 600, San Francisco, CA 94107, USA. The ‘tweet’ button allows users to share blog articles on Twitter. This button also shows the number of tweets a blog entry has received.
When the website is accessed, the code for the tweet button is requested directly from a Twitter server by the user’s browser and integrated into the website. Motel One and The Cloud One hotels therefore have no influence over the scope of the data accessed by Twitter. According to its own information (https://twitter.com/privacy), Twitter stores the message transmitted in the tweet as well as the meta data. According to the operator, this includes: the date and time of the tweet, the exact internet address (abbreviated, if necessary) where the tweet button is located and other technical data, such as IP address, browser type and operating system. Twitter does not indicate how long the information is stored. Further information from Twitter can be found here (https://twitter.com/privacy)
14. Retargeting/interest-based advertising
Our websites use the Criteo service offered by Criteo GmbH, Gewürzmühlstrasse 11, 80538, Munich, Germany. With the help of this service, users who have visited our websites and expressed interest in our products and services are offered targeted advertising on our websites and on other websites that also use the Criteo service. The advertising shown is based on information about the visit to the respective websites, which is stored in cookies on the user’s computer, among other ways. These text files are then scanned during subsequent visits to the website to produce targeted product recommendations. To this end, a randomly generated ID number is stored in the cookies. Neither this number nor the information about your visits to the websites can be assigned to you personally. In no case will the data be used to identify you personally as a visitor to our websites.
You can prevent the storage and use of information by the Criteo service by clicking on the following link (https://www.criteo.com/privacy/) and sliding the ruler there next to ‘Opt out’ to ‘ON’. If you select ‘ON’, a new cookie (opt-out cookie) will be saved in your browser. This cookie tells the Criteo service that Criteo may no longer collect and process data about your usage behaviour. You can reactivate this function by sliding the rule to ‘OFF’. Please note that you must change this setting for every browser that you use. If you delete all of the cookies in your browser, the opt-out cookie will be deleted as well.
15. Links to other websites
Our websites occasionally provide links (interactive references) to third-party websites for which Motel One and The Cloud One hotels are not responsible. Motel One and The Cloud One hotels have no influence over the content and design of the linked external sites or the websites that the user accesses via these links. The respective providers are solely responsible for the content and design of these websites as well as for compliance with data protection regulations.
16. Rights of data subjects
The GDPR provides you, as the data subject of personal data processing, with the following rights:
- • According to Art. 15 GDPR, you can request information about your personal data processed by us. In particular, you can request information about the purposes of processing, the categories of personal data, the categories of recipients to whom the personal data has been or will be disclosed, the planned storage period, the existence of the right to request correction or deletion of personal data or restriction of processing of personal data or to object to such processing, the right to lodge a complaint, any available information as to its source when personal data is not collected by us, transmission to a third country or to an international organisation, and about the existence of automated decision-making, including profiling and, in such cases, meaningful information about the logic involved.
- • According to Art. 16 GDPR, you have the right to request the immediate rectification of inaccurate personal data or to have incomplete personal data completed.
- • According to Art. 17 GDPR, you can request the erasure of your personal data we have stored if the processing is no longer necessary to exercise the right to freedom of opinion and information, to fulfil a legal obligation, for reasons of public interest or to assert, exercise or defend against legal claims.
- • According to Art. 18 GDPR, you can request the restriction of the processing of your personal data if the accuracy of the personal data is contested by you, the processing is unlawful, we no longer need the data and you oppose the erasure of the personal data because you need them to assert, exercise or defend against legal claims. You also have the right under Art. 18 GDPR if you have objected to the processing in accordance with Art. 21 GDPR.
- • According to Art. 20 GDPR, you can request to receive your personal data that you have provided to us in a structured, commonly used and machine-readable format or to have your personal data transmitted to another controller.
- • According to Art. 7(3) GDPR, you can revoke the consent you have granted us at any time. If you do so, we will no longer be able to continue the data processing based on this consent in future.
- • According to Art. 77 GDPR, you have the right to lodge a complaint with a supervisory authority. In general, you can contact the supervisory authority in your usual place of residence, your place of work or our corporate domicile for this purpose.
17. Right to object
In the case of the processing of your personal data on the basis of a legitimate interest pursuant to Art. 6(1)(f) GDPR, you have the right pursuant to Art. 21 GDPR to object to the processing of your personal data if there are grounds for doing so based on your personal situation or if you object to direct advertising. In the case of direct advertising, you have a general right to object that must be adhered to by us without the need to specify a particular situation.
18. Data security and security measures
We undertake to protect your privacy and to treat your personal data as confidential. In order to prevent the manipulation, loss or misuse of your data stored by us, we implement comprehensive technical and organisational security measures, which are reviewed regularly and adapted in line with technical improvements. These include, among other things, the use of recognised encryption methods (SSL or TLS). Please note, however, that due to the structure of the Internet it is possible that the data protection regulations and the above-mentioned security measures may not be observed by persons or institutions that are not within our area of responsibility. In particular, data disclosed in an unencrypted manner – e.g. data disclosed by email – may be read by third parties. We have no technical control over this. It is the user’s responsibility to prevent the misuse of the data they provide through encryption or another method.
Motel One or The Cloud One hotels may change these data protection provisions or the content of the websites at any time without prior notice, or change or block access to their websites.
20. Questions about data protection and contact
Users can contact Motel One or The Cloud One hotels at any time if they would like their personal data corrected, blocked or deleted. In addition, Motel One and The Cloud One hotels share information about the user data stored as well as the origin and recipients of such data and the purpose for which it has been stored.
For questions about data protection, please contact:
Motel One GmbH
Tegernseer Landstrasse 165
Tel.: +49 (0) 089 665025-0
Fax: +49 (0) 089 665025-50
Website: www.motel-one.com or www.the-cloud-one.com
Email: email@example.com or firstname.lastname@example.org