Privacy policy
I. Name and address of the Controller
The Controller within the meaning of the General Data Protection Regulation (GDPR) is:
kommod AG
Industriering 14
9491 Ruggell
Principality of Liechtenstein
+423 377 37 77 hotel@kommod.li
II. General information on data processing
1. Scope of personal data processing
Our processing of the personal data of our users is restricted to the data necessary for the provision of a functioning website as well as of our content and services, The personal data of our users is only processed for the purposes agreed with them or if there are other legal grounds (within the meaning of the GDPR). The collection of personal data is restricted to the data which is actually needed for the performance and execution of our tasks and services, or which you have voluntarily made available to us.
2. Your rights (rights of the data subject)
You have the right to request information about your personal data that we process. In particular, you have the right to request information about the purposes of the processing, the categories of personal data, the categories of recipients to whom the personal data has been or will be disclosed, the planned period for which the personal data will be retained, the existence of a right to rectification, erasure, restriction of or objection to processing, data portability (provided that in the event of data transfer a disproportionate amount of effort or expense is not incurred), the origin of your data if we did not collect this data, as well as information about automated decision-making including profiling.
You also have the right at any time to withdraw the consent you have given to the use of your personal data,
If you are of the opinion that we are processing your personal data in breach of the applicable provisions of data protection legislation, you may lodge a complaint with the Data Protection Office.
III. Description and scope of the data processing
1. Provision of the website
Every time our website is accessed our web-server automatically captures data and information from the computer system making contact with us, and places this data in what are called “log files”. The following data is collected in this process:
- Date and time of access
- The user’s IP address
- Information about the browser type and the version used
We store this information for a maximum period of 30 days. The data is stored for reasons of data security in order to ensure the stability and operational reliability of our system.
2. Cookies
We use cookies on our website to make our offering more user-friendly. Cookies are small files which your browser automatically creates and which are stored on your terminal (lap top, tablet, smartphone etc.) when you visit our site. The cookies are stored until you delete them They enable us to recognize your browser the next time you visit us.
If you do not wish this to happen, you can set up your browser in such a way that it informs you when cookies are installed and you permit this installation in this particular case. However, we wish to point out that if you deactivate these cookies you will be unable to use all the functions of our website.
The legal basis for data processing by these cookies is Article 6(1), sentence 1 (f) of the GDPR.
The cookies remain active for an indefinite period and are subsequently deleted by your browser.
Our Cookies Information lists all cookies; these are sorted by function and explained in detail. You can customize your settings and thereby allow or decline only the necessary cookies or all cookies (including statistical and marketing cookies etc.)
3. Web analysis
We use “Google Analytics”, a web analysis service of Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94.043 USA, on our website to evaluate website use. Google Analytics uses cookies which are saved on your computer. The information on the website and Internet use obtained from the cookies can be processed and evaluated by Google. The information collected by Google is sometimes transferred to countries outside the EU and EEA, particularly to the USA.
We have activated the IP anonymisation function on this website so that your IP address is anonymised before transfer to Google.
You can prevent the use of your data by Google Analytics also with the browser add-on for the deactivation of Google Analytics.
You can also prevent the use of Google Analytics’ cookies by selecting the button “Only necessary cookies” in the “Cookie information” pop-up that appears when you access the website, This prohibits the use of cookies by Google Analytics.
The legal basis for data processing by Google Analytics cookies is Article 6(1), sentence 1, letter (a) of the GDPR (“Consent”).
4. Form and email contact
If you complete a contact form or send us an email or any other electronic message, your data is only saved and used within the framework of the inquiry for processing the inquiry and possible associated additional questions.
The legal basis for processing your inquiry is Article 6(1), sentence 1, letter (b) of the GDPR.
We will delete your email address after your inquiry has been settled.
5. Newsletter
If you register for our newsletter, we immediately send an email to the email address you have indicated. This email contains a hyperlink. By clicking on this link you confirm your registration for a newsletter (double opt-in process). If the registration is not confirmed within 30 days, we delete the email address from our temporary list and no registration is recorded.
If you confirm your registration for the newsletter, you are giving your consent to the saving of your email address including the date of the registration, your IP address and the name of the newsletter you wish to read. We use your email address and the data we have collected at the same time, such as your given name and family name, only for the administration and forwarding of the newsletter at the frequency indicated at the time you register.
Our newsletters contain no obvious or concealed counters, third party advertising or links to third party sites which have no direct connection with the content of our newsletter.
The legal basis for sending a newsletter to you is Article 6(1), letter (a) of the GDPR.
Every newsletter informs you how you can unsubscribe from the newsletter.
The newsletter is sent by the distribution service-provider “MailChimp”, a newsletter transmission platform of the American service-provider Rocket Science Group, LLC, 675 Ponce De Leon Ave NE #5000, Atlanta, GA 30308, USA. You can see the privacy policy of the distribution service-provider here. The Rocket Science Group LLC d/b/a MailChimp is certified according to the Privacy Shield Agreement and so guarantees that it complies with the European level of data privacy protection (PrivacyShield). The distribution service-provider is employed on the basis of our legitimate interest pursuant to Article 6(1), letter (f) of the GDPR and a processing contract in accordance with Article 23(3), sentence 1 of the GDPR.
The distribution service-provider can use the recipients’ data in a pseudonymised form, i.e. assignment to a user is impossible, to optimise or improve its own services, for example the technical optimisation of the distribution process and the presentation of the newsletter, or for statistical purposes. However, the distribution service-provider does not use the data of our newsletter recipients to contact the recipients directly or to pass the data to third parties.
6. Booking tool
We use the HotelNetSolutions (HNS) booking system. The provider is HotelNetSolutions GmbH, Genthiner Str. 8, 10785 Berlin, Germany.
When you access the booking system, you will be redirected to the HNS website. As part of the online booking process, HNS processes the data as the controller. The information and provisions on data protection can be found in the HNS data protection declaration for the OBT, which you can access at any time from the OBT or at https://hotelnetsolutions.de/en/privacy-policy/.
7. Heatmap Tool
We use the Plerdy Heatmap tool to analyse user behaviour on a website. It provides insights into how visitors use the site by showing which areas are clicked on most frequently or which elements receive the most attention. This data helps to improve the user-friendliness of the website without storing or processing personal information.
Plerdy attaches great importance to protecting the privacy of users and does not store any personal data entered in the fields on the website. Plerdy’s commitment to the integrity and protection of data is supported by the fact that all servers are located in Germany, a country known for its strict data protection laws. Plerdy strictly adheres to its security and privacy policies to ensure the highest standards of data protection and security. Detailed information can be found in Plerdy’s security and privacy policy: https://www.plerdy.com/faq/; https://www.plerdy.com/privacy-policy/
IV. Data security
1. SSL encryption
During a visit to the website we use the widespread TSL process in conjunction with the highest encryption level supported by your browser. You can see whether the specific page of our website is being transmitted in an encrypted form by the closed representation of the key or lock symbol in your browser’s address bar.
We also use further appropriate technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or unauthorized third party access. Our security measures are continuously updated as technology progresses.
2. Emails sent to us
We wish to make you aware that, subject to an explicit agreement and configuration, emails are sent to us without encryption.