Privacy Policy
With this information, we explain which personal data we process when this website is used and in connection with inquiries about our holiday apartments. The relevant factor is always which functions are actually used on our website.
1. Controller
Lisa Kiefer & Silvan Conle
Achweg 12
D-87645 Schwangau
Phone: +49 151 41893285
WhatsApp: +41 78 250 78 73
Email: info@ferienwohnung-muehlbergerhof.de
2. Purposes and legal bases of processing
We process personal data to technically provide this website, handle inquiries about Ludwigs Lodge and Säuling Stay, communicate with you, prevent misuse and ensure the security of our systems.
- Art. 6 (1) lit. b GDPR for processing inquiries and preparing a possible rental or booking relationship.
- Art. 6 (1) lit. c GDPR where statutory retention or documentation obligations apply.
- Art. 6 (1) lit. f GDPR for secure, stable and misuse-free operation of our website and for orderly handling of inquiries.
3. Website access and technical connection data
When our website is accessed, the technically necessary connection data is processed on the server side. This is required to deliver the website and to ensure stability, security and error analysis. The specific details depend on the respective server and browser configuration.
This data is used to deliver the website, ensure stability, analyze errors and defend against misuse and attacks. We do not use it for advertising purposes or to create personal usage profiles.
4. Contact form and inquiry processing
If you contact us through the inquiry form, we process the information you enter. Depending on your input, this may include in particular your name, email address, telephone number, preferred holiday apartment, arrival and departure dates, number of guests and your message.
In addition, we store technical accompanying data of the inquiry, in particular the time of transmission, the page accessed, your IP address and the transmitted user agent. This is necessary to technically allocate the inquiry, detect misuse and secure our systems.
Form inquiries are stored in our administration area and used to process your inquiry, check availability and prepare a possible rental relationship.
5. Communication by email and telephone
If you contact us by email or telephone, we process the data you provide exclusively to handle your request. For form inquiries, the content is also sent by email to our stored recipient address. If sending a copy to the sender is activated in a form, we also send a confirmation to the email address provided.
6. Spam protection and protection against misuse
Our forms use several protection mechanisms against automated entries and misuse. These include a honeypot field, CSRF protection, session-related protection mechanisms and ALTCHA.
The ALTCHA challenge is generated on our website itself and checked server-side. No external captcha service is currently integrated for this. In addition, our administration area stores failed login attempts with hashed identifiers for IP address and email address for a limited time in order to defend against brute-force attacks.
7. Cookies and sessions
Our website currently uses only first-party cookies that are required for operation, security and convenience.
- PHPSESSID: session cookie for session management, CSRF protection, form protection and flash messages. Storage duration: until the end of the session.
- cookie_consent: stores your selection in the cookie dialog. Storage duration: 1 year.
The cookie dialog also shows optional categories for analytics and marketing cookies. These categories are currently not connected to active services. We currently do not set analytics or marketing cookies.
8. Embedded third-party content
We currently do not embed active analytics, marketing, map or video services from third-party providers on this website.
9. Recipients of the data
Recipients of your data are ourselves and the technical service providers we use for hosting, email delivery and operation of this website, insofar as this is necessary to provide the website or process your inquiry. Data is not passed on to other third parties unless this is required by law or necessary for legal enforcement.
10. Storage period
We store personal data only as long as required for the respective purposes.
- Server and security data is retained only for technical operation and securing the website.
- Form inquiries are stored in our administration area. A fixed automatic deletion period is currently not technically stored for this.
- If an inquiry leads to a rental or booking relationship, we additionally store the data required for this within the framework of statutory retention obligations.
- Failed login attempts in the administration area are automatically cleaned up; older entries are deleted no later than after one day.
11. Obligation to provide data
For simply visiting our website, you only need to provide data to the technically necessary extent. If you want to send us an inquiry, the information marked as required fields is necessary. Without this information, we may not be able to process your inquiry meaningfully.
12. Your rights
Within the framework of the statutory requirements, you have the right to information about the data stored about you, correction of inaccurate data, deletion, restriction of processing, data portability and objection to processing based on Art. 6 (1) lit. f GDPR.
If processing is based on consent, you can withdraw this consent at any time with effect for the future. To exercise your rights, a message to the contact details above is sufficient.
13. Right to lodge a complaint with a supervisory authority
You have the right to lodge a complaint with a data protection supervisory authority. For private companies in Bavaria, this is in particular the Bavarian State Office for Data Protection Supervision (BayLDA), Promenade 18, 91522 Ansbach.
14. No automated decision-making
Automated decision-making including profiling within the meaning of Art. 22 GDPR does not take place.