Data Privacy

Privacy policy
This website (hereinafter referred to as the “Website”) is provided by the company Hotel Flörke (hereinafter referred to as “us” or “we”). Further information on the provider of the website can be found in our imprint.

A. Handling of personal data
In the following, we would like to inform you about our handling of personal data when using this website. Unless otherwise described in the following sections, the legal basis for the treatment of your personal data follows from the necessity of dealing with the provision of the functionalities requested by you on this website (Article 6 (1) (b) General Data Protection Regulation).

I. Use of the Website
1. Access to the website
When you access our website, your browser transmits certain data to our web server for technical reasons in order to provide you with the information you have accessed. In order to enable you to visit the website, the following data is collected, stored and used at short notice:

•IP address
• Date and time of the request
• Time zone difference to Greenwich Mean Time (GMT)
• Content of the request (concrete page)
• Operating system and its access status / HTTP status code
• Amount of data transferred
• Website from which the request comes
• Browser, language and version of the browser software

In addition, in order to safeguard our legitimate interests, we store this data for a limited period of time in order to initiate a derivation of personal data in the event of unauthorized access or attempted access to local servers (Art. 6(1)(f) General Data Protection Regulation).

2. Use of contact forms
You can contact us directly via contact forms provided on the website. In particular, you have the option of providing us with the following information:

• Name and surname,
• Contact details (e.g. email address, phone number)
•Message

We collect, process and use the information you provide via contact forms exclusively for the purpose of processing your specific request.

3. External services and content on our website
We integrate external services or content on our website.
If you use such a service or if third-party content is displayed to you, communication data is exchanged between you and the respective provider for technical reasons.
In addition, the provider of the respective services or content may process your data for other, own purposes. To the best of our knowledge and belief, we have configured services or content from providers who are known to process data for their own purposes in such a way that either communication for purposes other than the presentation of the content or services on our website is omitted, or communication only takes place when you actively decide to use the service. However, since we have no influence on the data collected by third parties and their processing by them, we cannot provide any binding information on the purpose and scope of the processing of your data.
For further information on the purpose and scope of the collection and processing of your data, please refer to the data protection information of the providers of the services or content integrated by us who are responsible for data protection:

• Hanse Merkur Versicherungs AG
• DIRS 21 by TourOnline AG
• Google Maps
• Facebook
• Instagram

II. Disclosure of data for processing on our behalf
In some cases, we use specialized service providers to process your data. Our service providers are carefully selected by us and regularly inspected. They process personal data only on our behalf and strictly in accordance with our instructions on the basis of corresponding contracts for order processing.
1. Scope of the processing of personal data
On our website, we offer users the opportunity to take out travel cancellation insurance and/or make a booking via a booking system by providing personal data. The data is entered into an input mask and transmitted to the respective third-party company and stored. A general disclosure of the data to third parties does not take place. The following data is collected as part of the disclosure of personal data to third parties.

(1) First and last name
(2) Contact details (e.g. e-mail address, telephone number)
(3) Payment method/type

2. Legal Basis for Disclosure of Personal Data to Third Parties
The legal basis for the transfer of data to third parties that is transmitted in the course of taking out travel cancellation insurance and/or booking via a booking system is Art. 6 para. 1 lit. f GDPR. If the disclosure of personal data to third parties is aimed at concluding a contract, the additional legal basis for the processing/disclosure is Art. 6 para. 1 lit. b GDPR.
3. Purpose of data processing/disclosure of personal data to third parties
The purpose of processing/disclosing personal data to third parties is necessary for the performance of a contract with the user or with the third party or for the implementation of pre-contractual measures.
The collection and disclosure of personal data to third parties serves to prevent misuse of the services.
4. Duration of storage
The data will be deleted as soon as it is no longer necessary to achieve the purpose for which it was collected.
If you want to make use of travel cancellation insurance, please contact the contractual partner.
5. Possibility of objection and removal
The user has the option to revoke his consent to the disclosure of personal data to third parties at any time. To delete the data, the user must contact the respective contractual partner.

III. Information about your rights
The following rights are available to you under applicable data protection laws:
Right to information about the data we have stored about you;
Right to rectification, erasure or restriction of processing of your personal data;
Right to object to processing that serves our legitimate interest, a public interest or profiling, unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves to establish, exercise or defend legal claims;
Right to data portability;
the right to complain to a supervisory authority;
You can revoke any consent you have given to the collection, processing and use of your personal data at any time with effect for the future.
You can find more information about this in the respective sections above, where data processing based on your consent is described.
If you would like to exercise your rights, please direct your request to the contact person listed below.

IV. Contact
For your data protection concerns, please contact the following address:
Hotel Flörke
Hauptstraße 17-19
26465 Langeoog
Germany
Phone: +49(0) 49 72 / 92 20-0
E-Mail: Send your inquiries to info(at)hotel-floerke.de

V. Use of cookies
When you visit the website, cookies may be stored on your device.
Cookies are small text files that are stored by the browser you use.
Cookies cannot run programs or transmit viruses to your device.
However, the entity that sets the cookie may receive certain information about it.
In particular, cookies can be used to recognise the device used to access this website when it is accessed again.
The setting of cookies can be restricted or prevented by the browser settings.
For example, only the acceptance of cookies from third parties can be blocked, or the acceptance of all cookies.
However, if you block it, you may not be able to use all of the features of this website.
In the further text of this privacy policy, we inform you specifically where and for what purposes cookies are used on the pages.

VII. Meta (Facebook/Instagram)
This website uses social media integrations from Meta Platforms Ireland Ltd., 4 Grand Canal Square Grand Canal Harbour, Dublin 2, Ireland, which operates the Facebook platform. Using the integrated Facebook/Instagram Like buttons – Facebook/Instagram Like button – you can share content on the Facebook/Instagram social network. When a page with an integrated Facebook/Instagram Like button is accessed, a connection is established between the browser used and the Facebook/Instagram servers. If you have a Facebook/Instagram account, this data can also be linked to it. If you do not want this data to be assigned to your Facebook/Instagram account, please log out of Facebook/Instagram before visiting our site and delete the cookies in your browser. Meta has submitted to the EU US Data Privacy Framework. In addition, joint responsibility has been agreed with Meta.
The legal basis for the processing of the data is consent in accordance with Art. 6 para. 1 lit. a) GDPR.
You can revoke your consent by clicking on the link to access the cookie banner on the website.
Alternatively, you can delete the cookies in your device to revoke your consent.
The European Interactive Digital Advertising Alliance enables an opt-out at: http://www.youronlinechoices.com/de/praferenzmanagement
You can find out more about Facebook/Instagram data protection at: https://www.facebook.com/privacy/center/
https://privacycenter.instagram.com/

VIII. Processing for the operation of a web application firewall and malware protection

When you visit our website, we analyze the traffic generated by your device to detect unauthorized access and certain malware attacks.
After you have given us your consent via the cookie banner, we transmit the traffic to the WordFence digital service.

WordFence is provided by the provider Defiant, Inc., 1700 Westlake Ave N Ste 200, Seattle, WA 98109, USA, (hereinafter “Defiant”).

Data characteristics (traffic data)

– Browser type and version,
– operating system used,
– Referrer URL,
– Host name of the accessing computer,
– Time of the server request,
-IP address
– Data Content.

Data segregation

We do not merge this data with other data sources.

Legal bases

– Your consent (regarding a data transfer to WordFence),
– our legitimate interests (protection of our IT systems),
– Interference control and abuse prevention.

Right to object
Since we process your data on the basis of our legitimate interests, you have the right to object.
The collection of data for the provision of the digital service and the storage of the data in log files is absolutely necessary for the operation of the digital service and may also be justified for other legal reasons.
However, you can exercise your right to object by means of automated procedures in which technical specifications are used, such as in the case of the anonymization of your IP address by VPN providers.

Storage period
If your data is stored, the data will be deleted after 12 months at the latest.
Storage beyond this is possible in accordance with data protection permissions.

Order processing
Defiant is our processor in accordance with Art. 28 GDPR.
We have concluded the EU Standard Contractual Clauses with Defiant.
Defiant Privacy Policy: https://www.wordfence.com/privacy-policy/.

Storage of information on your device
WordFence stores information on your device if you have given us consent.
For more information, see the overview of how information is stored on your device section above.

Borlabs Cookie

– Name: Borlabs Cookie,
– Category: Necessary,
– Provider: Hotel Flörke
– Purpose: Storage of consent,
– Expiry: 60 days,
– Type: Cookie

This website uses Borlabs Cookie, which sets a technically necessary cookie (borlabs cookie) to store your cookie consents.

Borlabs Cookie does not process any personal data.

The borlabs-cookie cookie stores your consents that you gave when you entered the website.
If you want to revoke these consents, simply delete the cookie in your browser.
When you re-enter/reload the website, you will be asked for your cookie consent again.

IX. Copyrights
Unless otherwise noted, the copyright for texts is held by Hotel Flörke.
Unless otherwise noted, the copyright for images is held by Hotel Flörke.
Unless the company Hotel Flörke acts as operator or creator of the content, the copyrights of third parties are observed.
Texts, parts of texts, graphics, tables or images made available on the websites may not be copied, downloaded, reproduced, distributed or exhibited without the prior consent of Hotel Flörke.

X. Legal Notices
We may update this Privacy Policy from time to time. Updates to this Privacy Policy will be posted on our website. Changes will be effective from the moment they are published on our website. We therefore recommend that you visit this page regularly to be informed of any updates that may have been made.
All information on our website has been carefully checked. We make every effort to provide this information in an up-to-date and correct and complete manner. Nevertheless, the occurrence of errors cannot be completely ruled out. Therefore, no guarantee can be given for the completeness, correctness and up-to-dateness of the information. The prices quoted are incl. value added tax. All prices are subject to change.

XI. Data Security
We use the common SSL procedure (Secure Socket Layer) in conjunction with the highest level of encryption supported by your browser during your visit to the website. As a rule, this is a 256-bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead. You can tell whether an individual page of our website is transmitted encrypted by the closed display of the key or lock symbol in the lower status bar of your browser.
We also use appropriate technical and organisational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or unauthorised access by third parties.
Our security measures are continuously improved in line with technological developments.
As of: June 2024