Privacy Policy

1. Privacy at a Glance

General Information

The following notes provide a simple overview of what happens to your personal data when you visit this website. Personal data is any data that can be used to identify you personally.

Data collection on this website

The party responsible for data collection on this website is the website operator. Contact details: see Imprint.

How do we collect your data?

Some of your data is collected when you provide it to us (e.g. via booking form or email). Other data is collected automatically or with your consent by our IT systems when you visit the website (browser, OS, timestamp).

What do we use your data for?

Some of the data is collected to ensure the website functions correctly. Other data is used to process your booking and fulfil the contract.

What are your rights?

You have the right to free information about your stored data at any time. You also have the right to correction, deletion, withdrawal of consent and the right to lodge a complaint with the supervisory authority.

2. Hosting

We host the contents of our website at:

Hetzner Online GmbH
Industriestr. 25, 91710 Gunzenhausen, Germany
Privacy: hetzner.com/de/rechtliches/datenschutz

When you visit our website, Hetzner collects various log files (IP address, browser type, timestamp). Legal basis: Art. 6 (1) (f) GDPR (legitimate interest in reliable and secure website delivery). A Data Processing Agreement (DPA) under Art. 28 GDPR has been concluded with Hetzner.

Self-Hosted Fonts

We use locally hosted fonts (Inter, Playfair Display) — no data is transferred to Google Fonts. The fonts are served directly from our server (Hetzner).

3. General Notes and Mandatory Information

Data Protection

We treat your personal data confidentially and in accordance with statutory data protection regulations.

Responsible Party

Wiebke Hocke
Stresemannstraße 23
40210 Düsseldorf, Germany
Phone: +49 (0) 2162 9199737
Email: info@duelkener-hof.de

Retention Period

Personal data is retained until the purpose of data processing no longer applies or you request deletion — subject to statutory retention periods (tax and commercial law, typically 10 years for booking records).

Legal Basis

• Consent: Art. 6 (1) (a) GDPR
• Contract performance: Art. 6 (1) (b) GDPR (bookings)
• Legal obligation: Art. 6 (1) (c) GDPR
• Legitimate interest: Art. 6 (1) (f) GDPR

4. Recipients of Personal Data

Smoobu (booking management)

Smoobu GmbH, Pappelallee 78/79, 10437 Berlin, Germany
Channel manager / booking management. Privacy: smoobu.com/de/datenschutz

To process bookings, your data (name, address, email, travel dates) is transferred to Smoobu. Legal basis: Art. 6 (1) (b) GDPR. DPA concluded.

Stripe (payment processing)

Stripe Payments Europe Ltd., 1 Grand Canal Street Lower, Dublin 2, Ireland
Privacy: stripe.com/de/privacy

Payment processing is handled by Stripe via the Smoobu interface. Stripe collects the data necessary for payment directly — we ourselves do not store any credit card data. Legal basis: Art. 6 (1) (b) GDPR.

5. Your Rights

• Withdrawal of consent: Possible at any time.
• Right to object (Art. 21 GDPR): For processing based on Art. 6 (1) (e/f) GDPR and against direct marketing.
• Right to complain to a supervisory authority: LDI North Rhine-Westphalia
• Data portability, access, correction, deletion, restriction of processing

6. SSL/TLS Encryption

This site uses SSL/TLS encryption to protect confidential transmissions.

7. Objection to Marketing Emails

The use of contact details published in the Imprint for sending unsolicited marketing is hereby expressly prohibited.