1.General data protection information
The following regulations give you an overview of how and why your personal data is used by us, the StayAwesome GmbH. We process your personal data when you visit our website stayawesome.de or book our accommodation. In addition, we will inform you about the rights you have under current data protection law and who to contact if you have any questions.
2. Who is responsible for your data processing?
2.1 Responsible party
The responsible party, within the meaning of the General Data Protection Regulation (DSGVO), national data protection laws of the Member States of the European Union and other data protection regulations, is:
Stay Awesome GmbH
Wilhelmshöher Allee 169
Where “we”, “us” or “our” are used in the following, this refers to Stay Awesome GmbH as a legal entity.
2.2 Data Protection Officer
The data protection officer is responsible for ensuring that our company complies with the current requirements of data protection laws and for checking their implementation. The contact detail of our data protection officer is:
Mario von Gemünden
The Freedom 11
He can be reached at the email address: Mario.firstname.lastname@example.org.
3. What data do we process for what purposes?
3.1 Personal data
During the use of our website or other contacts with us, personal data that can be directly or indirectly associated with you will be collected and processed. These include the data listed in 3.2.
3.2 List of data collected and processed
3.3 Legal basis for data processing
|Legitimate purpose||Legal basis||Data category||Our process|
|Data processing for the performance of the contract, or pre-contractual measures.||Art. 6 para. 1 b) DSGVO||Contact data, location data and payment data||By booking, you enter into an accommodation contract with us. In order to fulfil the obligations of this contract and to provide you with a great stay in our accommodation we need to process the mentioned data.|
|Data processing for the performance of the contract, or pre-contractual measures with legitimate interest of the controller.||Art. 6 para. 1 b) and f) DSGVO||Contact and communication data||The data is used in direct contact with you via contact forms, e-mail, postal or telephone contact in the initiation of a booking or other contractual relationship with us.|
|Data processing to protect the legitimate interest of the data controller in disseminating direct advertising.||Art. 6 para. 1 f) DSGVO, § 7 para. 3 UWG||Contact and communication data||Direct advertising enables us to provide you – independently of our newsletter – with current and attractive offers that are similar to the service you have booked. If you do not wish to receive these product recommendations, you can inform us informally.|
|Data processing with the consent of the data subject, in order to protect the legitimate interests of the data controller.||Art. 6 para. 1 a) and f) DSGVO||Contact and communication data||With the personalisation of our advertising and our digital customer service, we would like to achieve a closer dialogue with you and constantly improve this in order to be able to make suitable and attractive offers.|
|Data processing for the protection of legitimate interests, taking into account the fundamental rights and freedoms of the data subject.||Art. 6 para. 1 f) DSGVO||Contact and communication data||We conduct satisfaction surveys, using automated survey forms and contact via email or telephone. We pursue the legitimate purpose of constantly developing ourselves further in order to be able to offer you an ever better stay.|
|Data processing for the protection of legitimate interests, taking into account the fundamental rights and freedoms of the data subject.||Art. 6 para. 1 f) DSGVO||Contact data, communication data and technical data||In order to create a safe and trustworthy environment for you, data on web server protocols and on IT systems are processed.|
|Data processing for the performance of the work and service contract, or pre-contractual measures.||Art. 6 para. 1 b) DSGVO, § 26 para. 1 p. 1 BDSG||Application data and personal data of employees and service providers||The processing of this data is necessary in the application process, for the maintenance of employee relationships and the organisation of contractual relationships with third parties.|
|Data processing for the fulfilment of legal obligations under national and EU law||Art. 6 para. 1 c) DSGVO||All personal data||In individual cases, it may be necessary to process or pass on your data due to legal obligations, e.g. upon request by law enforcement or government authorities.|
4. Who processes your data?
4.1 StayAwesome GmbHInternally, only the people who need it have access to your personal data to carry out tasks assigned to them. This includes a variety of tasks from marketing to booking processing and customer service to quality surveys.
4.2 Service providers
Selected service providers are given access to data necessary for them to complete their orders. These include hosting providers, development service providers, payment service providers, collection agencies and legal firms, communication service providers, survey tool providers, analysis service providers and law enforcement agencies. We have used criteria of security and confidentiality in the selection of these service providers. Only the data required for the service in question will be transmitted for the period in which it is needed. The data provided may not be used for purposes other than the fulfillment of the order.
4.2.1 Hosting providers are responsible for the operation of the servers through which our website, your booking and other of our services run.
4.2.2 Development service providers are responsible for creating, maintaining and optimising the programming of our technical services and offerings. In the case of our website, this service provider is Boostly, Po Box 1046, Stockton On Tees, TS19 1XL, United Kingdom.
4.2.3 Payment service providers process your payment for your booking with us. Your payment details will not be stored by us in the course of this, but will be forwarded directly to the payment service provider in encrypted form. In order to prevent or detect fraud, we also transmit your IP address. Our payment processing partner is Stripe, Inc, 354 Oyster Point Boulevard South San Francisco, California, 94080, USA.
4.2.4 In individual cases, we make personal and booking data available to collection agencies in order to effectively collect outstanding debts.
4.2.5 Legal firms receive personal and booking data in individual cases in order to be able to effectively assist us and you in legal matters and, if necessary, to assert claims and demands.
4.2.6 Communication service providers create the communication channels between us and you. For example, they make it possible to send the booking confirmation by e-mail or access codes by SMS.
4.2.7 Survey tool providers enable us to easily generate feedback and help us to continually improve your experience. We use Google, Gordon House, Barrow Street, Dublin 4, Ireland, forms for this purpose.
4.2.8 Analysis service providers process collected data and enable us to statistically measure our performance and your satisfaction and identify opportunities to optimise both. For this purpose, both personal and technical data generated with the help of server log files and cookies are analysed and processed. We use, among others, Adobe Analytics, 4-6 Riverwalk, Citywest Business Campus, Dublin 24, Ireland and Google Analytics, Gordon House, Barrow Street, Dublin 4, Ireland.
4.2.9 Law enforcement authorities, such as public prosecutors and police, investigate suspected criminal offences. In individual cases, we may pass on your personal and booking data for the purpose of investigations.
4.3 Service providers in third countries
Some service providers are located in third countries outside the European Union. As a result, other data protection regulations apply, which may entail a lower or inappropriate level of protection. In order to achieve secure processing and transfer, we conclude order processing contracts with these service providers. These contracts comply with the standard data protection clauses recommended by the EU for processing personal data in Non- EU countries.
5. In what way will your data be processed?
5.1 Data generated by you
Your personal data is automatically fed into our internal software systems to fulfill various purposes, such as processing bookings, guaranteeing customer service and doing marketing activities. For this purpose we use, among others, Google Workspace, Gordon House, Barrow Street, Dublin 4, Ireland and Smoobu GmbH, Flackensteinstr. 48, 10997 Berlin.
5.2 Server log files
Server log files are collected and stored by the website provider after your browser has transmitted this automatic information. This includes: pages visited on our domain, date and time of access, type and version of the browser used, type of operating system used, host name and IP address of the accessing computer and source from which you accessed our website. This data is not merged with other cookie or personal data. The log-files are usually deleted automatically after 7 days.
5.3.2 There are different types of cookies which are necessary according to their nature. The technical cookies are absolutely necessary for the basic functioning of the website. The functional cookies facilitate individual use of the site and control, for example, the language settings. Cookies from third parties, such as social media networks, enable the integration of content for and communication with you onto our website. And analytical cookies help track your user behaviour and enable us to make our website ever more user-friendly. The analytical cookies record your surfing behaviour pseudonymously, which enables us to constantly improve the quality of our website and content for you. In addition, the pseudonymised data is stored separately and completely independently of your personal and booking data, which means that it is not possible to identify you using the analysis cookies.
5.4 Storage period
In principle, we only store personal data for as long as necessary. This is limited by our legal, commercial and tax retention obligations.
Booking data can be stored for up to 10 years. We store booking enquiries and similar pre-contractual communication for at least 3 months after the interaction has been completed. We store submitted application data for 6 months after the end of the application process.
5.5 External accounts
On our website we provide social media plug-ins from Facebook, Instagram and Linkedin. With these you can further interact with us and follow our activities. In the cooperation with and use of these platforms, the privacy policies of the companies themselves each apply.
6. What rights do you have?
7. How can we stay in contact with you? Newsletter and contact forms!
The use of contact forms, in the form of surveys and independent dialogue fields, on our website, in our webapp or in other ways constitutes by its nature implied/incidental consent. The personal contact data is used to fulfil our legitimate interest in customer service, to fulfil our contractual obligations and to optimise our online offer.