Logo der Lodge54 in St. Peter-Ording an der Nordsee
Find a vacation

Privacy Policy

Lodge54 Privacy Policy

We are pleased that you are visiting our website and thank you for your interest in our hotel. The protection of personal data is a top priority for us. Therefore, the processing of personal data, such as the name, address, email address, or telephone number of a data subject, is carried out in accordance with applicable European and national legal regulations.

If the processing of personal data is necessary and there is no legal basis for such processing, we generally obtain the consent of the data subject.

You can, of course, revoke your declaration(s) of consent at any time with effect for the future. Please contact the controller for this. You can find the contact details at the bottom of this privacy policy.

In the following, Lodge 54 would like to inform the public about the nature, scope, and purpose of the personal data it processes. Furthermore, data subjects are informed about their rights by means of this privacy policy.

Definitions

The privacy policy of Lodge 54 is based on the terms used by the European legislator for directives and regulations when enacting the EU General Data Protection Regulation (hereinafter referred to as “EU GDPR”). Our privacy policy is intended to be easily readable and understandable for both the public and our guests and business partners. To ensure this, we would like to explain the terms used in advance.

In this privacy policy and on our website, we use the following terms, among others:

Personal data means any information relating to an identified or identifiable natural person (hereinafter referred to as “data subject”). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

Data subject is any identified or identifiable natural person whose personal data is processed by the controller responsible for the processing.

Processing is any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

Restriction of processing is the marking of stored personal data with the aim of limiting their processing in the future.

Profiling is any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location or movements.

Pseudonymization is the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organizational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.

Controller or person responsible for processing is the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data. Where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.

Processor is a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.

Recipient is a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients.

Third party is a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorized to process personal data.

Consent of the data subject is any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.

Registration

The data subject has the possibility to register on the website of the controller by providing personal data. The personal data transmitted to the controller is determined by the respective input mask used for registration. The personal data entered by the data subject is collected and stored exclusively for internal use by the controller and for their own purposes. The controller may arrange for the transfer to one or more processors (e.g., a parcel service provider) who also use the personal data exclusively for internal use attributable to the controller.

By registering on the controller’s website, the IP address assigned by the data subject’s Internet Service Provider (ISP), the date, and the time of registration are also stored. The storage of this data takes place because it is the only way to prevent the misuse of our services, and if necessary, this data enables the investigation of committed criminal offenses and copyright infringements. In this respect, the storage of this data is necessary to secure the controller. As a rule, this data is not passed on to third parties, unless there is a legal obligation to do so or the transfer serves criminal prosecution or legal enforcement.

The registration of the data subject by voluntarily providing personal data serves the controller to offer the data subject content or services that, by their nature, can only be offered to registered users. Registered persons are free to have the personal data provided during registration completely deleted from the controller’s database.

The controller shall at any time, upon request, provide any data subject with information about which personal data concerning the data subject is stored. Furthermore, the controller shall rectify or erase personal data at the request or instruction of the data subject, provided that no legal retention obligations prevent this.

Contact

Personal data is also processed by Lodge 54 if you provide it voluntarily. This happens, for example, every time you contact us. Of course, we will use the personal data transmitted in this way exclusively for the purpose for which you provide it to us when contacting us. The provision of this information is expressly on a voluntary basis and with your consent. Insofar as this concerns information about communication channels (e.g., email address, telephone number), you also agree that we may contact you via this communication channel to answer your request.

Security

Lodge 54 takes numerous technical and organizational measures to protect your personal data against accidental or unlawful deletion, alteration, or loss, and against unauthorized disclosure or unauthorized access.

Nevertheless, internet-based data transmissions can generally have security vulnerabilities, so absolute protection cannot be guaranteed. For this reason, every data subject is free to transmit personal data to us via alternative means, for example, by telephone.

Links to other Websites

This website contains links to other websites (so-called external links).

Lodge 54, as a provider of its own content, is responsible according to applicable European and national legal regulations. Links to content provided by other providers are to be distinguished from this own content. We have no influence on whether the operators of other websites comply with the applicable European and national legal provisions. Please inform yourself about the privacy policies provided on the respective website. For external content provided via links for use and specially marked, Lodge 54 assumes no responsibility and does not adopt their content as its own. For illegal, erroneous, or incomplete content, as well as for damages arising from the use or non-use of the information, only the provider of the website to which reference was made is liable.

Cookies

To make our website user-friendly for you and to optimally adapt it to your needs, we use cookies. Cookies are small text files that, as soon as you visit a website, are sent by a web server to your browser and stored locally on your end device (PC, notebook, tablet, smartphone, etc.).
Numerous websites and servers use cookies. Many cookies contain a so-called cookie ID. A cookie ID is a unique identifier of the cookie. It consists of a string of characters by which websites and servers can be assigned to the specific web browser in which the cookie was stored. This allows visited websites and servers to distinguish the individual browser of the data subject from other web browsers that contain other cookies. A specific web browser can be recognized and identified via the unique cookie ID. This information serves to automatically recognize you and facilitate your navigation when you visit the website again with the same end device.
You can give or refuse consent for cookies – including for web tracking – via the settings of your web browser. You can configure your browser so that the acceptance of cookies is generally refused or that you are informed in advance when a cookie is to be stored. In this case, however, the functionality of the website may be impaired (e.g., for orders). Your browser also offers a function to delete cookies (e.g., via “Delete browser data”). This is possible in all common web browsers. Further information on this can be found in the operating manual or in the settings of your browser.

Collection of General Data and Information

With each call of the website by a data subject or an automated system, Lodge 54 collects a series of general data and information. This general data and information is stored in the server’s log files. The following can be collected:

  • the browser types and versions used
  • the operating system used by the accessing system
  • the website from which an accessing system reaches our website (so-called referrers)
  • the sub-websites that are accessed on our website via an accessing system
  • the date and time of an access to the website
  • a web protocol address (IP address)
  • the Internet Service Provider of the accessing system
  • other similar data and information that serve to avert danger in the event of attacks on our information technology systems

When using this general data and information, Lodge 54 does not draw any conclusions about the data subject. Rather, this information is needed to:

  • deliver the content of our website correctly
  • optimize the content of our website as well as the advertising for it
  • ensure the permanent functionality of our information technology systems and the technology of our website
  • provide law enforcement authorities with the necessary information for prosecution in the event of a cyber attack

These anonymously collected data and information are therefore evaluated by Lodge 54 statistically and furthermore with the aim of increasing data protection and data security in our company, ultimately to ensure an optimal level of protection for the personal data processed by us. The anonymous data of the server log files are stored separately from all personal data provided by a data subject.

Routine Erasure and Blocking of Personal Data

The controller processes (in this sense also: stores) personal data of the data subject only for the period necessary to achieve the purpose of storage or insofar as this has been provided for by the European legislator for directives and regulations or another legislator in laws or regulations to which the controller is subject.

If the storage purpose is not applicable, or if a storage period prescribed by the European legislator or another competent legislator expires, the personal data are routinely blocked or erased in accordance with legal requirements.

Rights of the Data Subject

Right to Confirmation: Every data subject has the right to obtain from the controller confirmation as to whether or not personal data concerning him or her are being processed. If a data subject wishes to exercise this right to confirmation, he or she may, at any time, contact the controller.

Right of Access: Every data subject affected by the processing of personal data has the right to obtain from the controller, at any time and free of charge, information about the personal data stored concerning him or her and a copy of this information. Furthermore, the European legislator for directives and regulations has granted the data subject access to the following information:

  • The purposes of processing
  • The categories of personal data being processed
  • The recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organizations
  • Where possible, the planned duration for which the personal data will be stored, or if this is not possible, the criteria for determining this duration
  • The existence of the right to request rectification or erasure of personal data or restriction of processing of personal data concerning the data subject or to object to such processing
  • The existence of the right to lodge a complaint with a supervisory authority
  • Where the personal data are not collected from the data subject: Any available information as to their source
  • the existence of automated decision-making, including profiling, referred to in Article 22(1) and (4) of the EU GDPR and, at least in those cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject

Furthermore, the data subject has a right to obtain information as to whether personal data are transferred to a third country or to an international organization. Where this is the case, the data subject shall have the right to be informed of the appropriate safeguards relating to the transfer.

If a data subject wishes to exercise this right of access, he or she may, at any time, contact the controller.

Right to Rectification: Every data subject affected by the processing of personal data has the right to demand the immediate rectification of inaccurate personal data concerning him or her. Furthermore, the data subject has the right, taking into account the purposes of the processing, to demand the completion of incomplete personal data — also by means of a supplementary declaration.

If a data subject wishes to exercise this right to rectification, he or she may, at any time, contact the controller.

Right to Erasure (Right to be Forgotten): Every data subject affected by the processing of personal data has the right to obtain from the controller the immediate erasure of personal data concerning him or her, provided that one of the following grounds applies and insofar as the processing is not necessary:

  • The personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed.
  • The data subject withdraws consent on which the processing is based according to Art. 6(1)(a) EU GDPR or Art. 9(2)(a) EU GDPR, and there is no other legal ground for the processing.
  • The data subject objects to the processing pursuant to Art. 21(1) EU GDPR, and there are no overriding legitimate grounds for the processing, or the data subject objects to the processing pursuant to Art. 21(2) EU GDPR.
  • The personal data have been unlawfully processed.
  • The personal data must be erased for compliance with a legal obligation in Union or Member State law to which the controller is subject.
  • The personal data has been collected in relation to information society services offered pursuant to Art. 8(1) EU GDPR.

If one of the aforementioned reasons applies and a data subject wishes to arrange for the erasure of personal data stored by Lodge54, he or she may, at any time, contact the controller. The data subject’s request for erasure will then be complied with without delay.

If Lodge54 has made the personal data public and our company, as the controller, is obliged to erase the personal data pursuant to Art. 17(1) EU GDPR, Lodge54 shall, taking into account available technology and the costs of implementation, take reasonable steps, including technical measures, to inform other controllers who are processing the published personal data that the data subject has requested the erasure by such other controllers of any links to, or copy or replication of, those personal data, insofar as processing is not required. The controller will then take the necessary steps in individual cases.

Right to Restriction of Processing: Every data subject affected by the processing of personal data has the right to obtain from the controller restriction of processing where one of the following applies:

The accuracy of the personal data is contested by the data subject, for a period enabling the controller to verify the accuracy of the personal data.

The processing is unlawful and the data subject opposes the erasure of the personal data and requests the restriction of their use instead.

The controller no longer needs the personal data for the purposes of the processing, but they are required by the data subject for the establishment, exercise or defense of legal claims.

The data subject has objected to processing pursuant to Art. 21(1) EU GDPR, and it has not yet been determined whether the legitimate grounds of the controller override those of the data subject.

If one of the aforementioned conditions applies and a data subject wishes to request the restriction of personal data stored by Lodge54, he or she may, at any time, contact the controller. The restriction of processing will then be initiated without delay.

Right to Data Portability: Every data subject affected by the processing of personal data has the right to receive the personal data concerning him or her, which he or she has provided to a controller, in a structured, commonly used and machine-readable format. He or she also has the right to transmit those data to another controller without hindrance from the controller to which the personal data have been provided, where the processing is based on consent pursuant to Art. 6(1)(a) EU GDPR or Art. 9(2)(a) EU GDPR or on a contract pursuant to Art. 6(1)(b) EU GDPR and the processing is carried out by automated means, provided that the processing is not necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.

Furthermore, in exercising his or her right to data portability pursuant to Art. 20(1) EU GDPR, the data subject has the right to have the personal data transmitted directly from one controller to another, where technically feasible and where this does not adversely affect the rights and freedoms of others.

To assert the right to data portability, the data subject may, at any time, contact the controller.

Right to Object: Every data subject affected by the processing of personal data has the right to object, on grounds relating to his or her particular situation, at any time to processing of personal data concerning him or her which is based on Art. 6(1)(e) or (f) EU GDPR. This also applies to profiling based on these provisions.

Lodge54 will no longer process personal data in the event of an objection, unless we can demonstrate compelling legitimate grounds for the processing that override the interests, rights, and freedoms of the data subject, or the processing serves the establishment, exercise, or defense of legal claims.

If Lodge54 processes personal data for direct marketing purposes, the data subject has the right to object at any time to the processing of personal data for such marketing. This also applies to profiling, to the extent that it is related to such direct marketing. If the data subject objects to Lodge54 processing for direct marketing purposes, Lodge54 will no longer process the personal data for these purposes.

Furthermore, the data subject has the right to object, on grounds relating to their particular situation, to the processing of personal data concerning them which is carried out by Lodge54 for scientific or historical research purposes or for statistical purposes pursuant to Art. 89 (1) of the EU GDPR, unless such processing is necessary for the performance of a task carried out for reasons of public interest.

To exercise the right to object, the data subject can contact the controller directly. The data subject is also free, in connection with the use of information society services, notwithstanding Directive 2002/58/EC, to exercise their right to object by automated means using technical specifications.

Automated individual decision-making, including profiling: Every person affected by the processing of personal data has the right not to be subject to a decision based solely on automated processing—including profiling—which produces legal effects concerning him or her or similarly significantly affects him or her, provided that the decision:

  • is not necessary for entering into, or performance of, a contract between the data subject and the controller, or
  • is authorized by Union or Member State law to which the controller is subject and which also lays down suitable measures to safeguard the data subject’s rights and freedoms and legitimate interests, or
  • is based on the data subject’s explicit consent.

If the decision is necessary for entering into, or performance of, a contract between the data subject and the controller, or is based on the data subject’s explicit consent, Lodge54 shall implement suitable measures to safeguard the data subject’s rights and freedoms and legitimate interests, at least the right to obtain human intervention on the part of the controller, to express his or her point of view and to contest the decision.

If the data subject wishes to assert rights relating to automated decisions, they can contact the controller at any time.

Right to withdraw data protection consent: Every person affected by the processing of personal data has the right to withdraw consent to the processing of personal data at any time.

If the data subject wishes to exercise their right to withdraw consent, they can contact the controller at any time.

Data Protection for Applications and in the Application Process

The controller collects and processes the personal data of applicants for the purpose of handling the application process. The processing can also be done electronically. This is particularly the case if an applicant submits corresponding application documents electronically, for example, via email, to the controller. If the controller concludes an employment contract with an applicant, the transmitted data will be stored for the purpose of processing the employment relationship in compliance with legal regulations. If no employment contract is concluded with the applicant by the controller, the application documents will be automatically deleted six months after notification of the rejection decision, provided that no other legitimate interests of the controller prevent deletion. Another legitimate interest in this sense is, for example, a burden of proof in a procedure under the General Equal Treatment Act (AGG).

Use of Google Analytics (with Anonymization Function)

This website uses Google Analytics, a web analytics service provided by Google Inc. (“Google”). Google Analytics uses so-called “cookies”, which are text files placed on your computer, to help the website analyze how users use the site. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there. However, if IP anonymization is activated on this website, your IP address will be truncated by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area before transmission. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and truncated there. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activity, and to provide other services relating to website activity and internet usage to the website operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data. You can prevent the storage of cookies by setting your browser software accordingly; however, please note that if you do this, you may not be able to use all the functions of this website to their full extent. You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by Google by downloading and installing the browser plug-in available under the following link (http://tools.google.com/dlpage/gaoptout?hl=en).

You can prevent Google Analytics from collecting data by clicking on the link below. This will install an “opt-out cookie” in your browser, which will prevent your data from being collected when you visit this website in the future.

For more information on terms of use and data protection, please visit http://www.google.com/analytics/terms/en.html or https://www.google.de/intl/en/policies/

In view of the discussion about the use of analytics tools with full IP addresses, companies would like to point out that, to exclude the identification or identifiability of a natural person, IP addresses are only processed to a limited extent on this website, as we use Google Analytics with the extension “_anonymizelp()”.

Social Plugins

Our website offers you so-called social plugins as an additional service, which enable interaction with the social services Facebook and (X) Twitter. To prevent unwanted transmission of your usage data, please log out of these services beforehand.

Use of Facebook Social Plugins

Our website uses so-called social plugins (“plugins”) from the social network Facebook, which is operated by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA (“Facebook”). The plugins are marked with a Facebook logo or the addition “Social Plugin from Facebook” or “Facebook Social Plugin”. An overview of the Facebook plugins and their appearance can be found here: https://developers.facebook.com/docs/plugins

When you access a page of our website that contains such a plugin, your browser establishes a direct connection to the Facebook servers. The content of the plugin is transmitted by Facebook directly to your browser and integrated into the page. Through this integration, Facebook receives the information that your browser has accessed the corresponding page of our website, even if you do not have a Facebook profile or are not currently logged in to Facebook. This information (including your IP address) is transmitted by your browser directly to a Facebook server in the USA and stored there.

If you are logged in to Facebook, Facebook can directly associate your visit to our website with your Facebook profile. If you interact with the plugins, for example, by clicking the “Like” button or leaving a comment, this information is also transmitted directly to a Facebook server and stored there. The information will also be published on your Facebook profile and shown to your Facebook friends.

For the purpose and scope of data collection and the further processing and use of data by Facebook, as well as your related rights and settings options for protecting your privacy, please refer to Facebook’s data protection policy: http://www.facebook.com/policy.php

If you do not want Facebook to directly associate the data collected via our website with your Facebook profile, you must log out of Facebook before visiting our website. You can also completely prevent the loading of Facebook plugins with add-ons for your browser, e.g., with the “Facebook Blocker” (http://webgraph.com/resources/facebookblocker/).

Select adults
Select children