Privacy Policy

Data Privacy Policy for the Website of Hecker’s Hotel

The following Data Privacy Policy applies to use of the website (hereinafter the “Website”) and is valid from May 2018:

1. Information about the collection of personal data

1.1 In what follows we will inform you of the collection of personal data when you use our Website. Personal data are any data that can be correlated with you personally, e.g., your name, address, email addresses, telephone numbers, and user behavior.

1.2 The controller within the meaning of Art. 4 para. 7 of the EU General Data Protection Regulation (hereinafter “GDPR”) is Heinrich Hecker Hotel GmbH & Co. KG, Lise-Meitner-Straße 1c, 33104 Paderborn, represented by Weber-Hecker GmbH, managing director: Thomas Weber, phone: +49 30 88 90 – 0, fax: +49 30 88 90 – 260, email:

1.3 When you contact us by email or through our contact form, we will store the data you provide (your email address and, if you so choose, your name and telephone number) to answer your questions. When data we collect in this connection are no longer needed, we will erase such data or, if we have legal recordkeeping obligations, restrict the processing of such data.

1.4 Should we use third-party service providers for certain features of our Website or use your data for advertising purposes, we have informed you of such processes below. We have also specified the criteria that are used to determine how long your data will be stored.

2. Your rights

2.1 You have the following rights against us with respect to your personal data:

  • a right to information,
  • a right to rectification or erasure,
  • a right to restricted processing,
  • a right to object to processing, and
  • a right to data portability.

2.2 In addition, you have a right to lodge a complaint with a data protection supervisory authority with regard to our processing of your personal data.

2.3 Information about your right of revocation/objection under the General Data Protection Regulation:

a) If you have consented to processing of your personal data, you may revoke your consent at any time. Such revocation will impact the lawfulness of our processing of your personal data after the date of revocation.

b) To the extent that our processing of your personal data is based on legitimate interests, you may object to such data processing. This is the case, in particular, if processing your data is not necessary for performance of a contract with you, as we have explained below when describing the various features of our Website. If you exercise your right to object, please state the reasons why we should no longer process your personal data as we have done. If your objection is valid, we will review the facts and either stop processing your data or make changes to the way we process your data or provide you with compelling legitimate reason for continuing to process your data.

c) Of course, you may at any time object to the processing of your personal data for advertising or data analysis purposes. To exercise your right to object to the processing of your data for advertising purposes, please contact us at the contact information shown below.

Your right of revocation/objection may be exercised informally and, if possible, should be addressed as follows:
Heinrich Hecker Hotel GmbH & Co. KG
Lise-Meitner-Straße 1c
33104 Paderborn
represented by Weber-Hecker GmbH
managing director: Thomas Weber
phone: +49 30 88 90 – 0
fax: +49 30 88 90 – 260

3. Collection of personal data when you visit our Website

3.1 If you use our Website for information purposes only, i.e., if you do not register, reserve a room, or otherwise transmit information to us, we will collect no data that will be stored in log files of our web server.

3.2 If you visit our Website not only for information purposes, but also to reserve a room online, you will be transferred to our reservation page with an input screen that was created for us by HotelNetSolutions GmbH. HotelNetSolutions GmbH is located at Genthiner Str. 8, 10785 Berlin, email:, and may process the following data on our behalf that are technically necessary to display the reservation page and to ensure stability and security (the legal basis is Art. 6 para. 1 sent. 1 let. f) GDPR):

  • IP address,
  • date and time of request,
  • time zone difference relative to Greenwich mean time (GMT),
  • content of requested (specific page),
  • access status/http status code,
  • transferred data volume,
  • website from which request is made,
  • browser,
  • operating system and graphic user interface, and
  • language and version of browser software.

3.3 We process personal data of visitors to our Website for the following purposes: to respond to inquiries from users, to accept and process reservation requests, to make available services in connection with hotel/room reservations through this Website; for the technical administration of the Website and its operational features, including the resolution of technical problems, statistical analysis, tests to prevent fraudulent activities or misuse of the Website or in connection with the Website; for compliance with applicable laws, to protect the security of each individual and our rights and property, and to prevent deceptions or security problems or technical problems.

4. Use of Cookies

In addition to collecting the aforementioned data, we will store cookies on your computer when you use our Website. Cookies are small text files which are stored on your hard drive by your browser and which provide the party that places the cookie (in this case, us), with certain information. Cookies can run no programs and transmit no viruses to your computer. Their purpose is to make our Website as a whole more user-friendly and effective.

a) This Website uses the following types of cookies, whose scope and functions are explained below:

  • Transient cookies (see section b))
  • Persistent cookies (see section c))

b) Transient cookies will be automatically deleted when you close your browser. Such cookies include, in particular, session cookies. Session cookies store a so-called session ID that allows different requests from your browser to be associated with one and the same session. This allows us to recognize your computer the next time you visit our Website. Session cookies will be deleted when you log out or close your browser.

c) Persistent cookies will be automatically deleted after a specified time period, which varies from cookie to cookie. You can delete cookies at any time by selecting the appropriate security settings in your browser.

d) You can configure your browser settings as desired and, for example, block third-party cookies or all cookies. We advise you however that if you do so, you may no longer be able to use all features of this Website.

e) We hereby inform users that cookies can be blocked or removed from their browsers, for example in accordance with the instructions provided on the following pages:
Internet Explorer
Mozilla Firefox

TypeCookiePurposeStorage period
Google Analytics_gaUsed to distinguish users2 years
Google Analytics_gatUsed to throttle request rate1 minute
Google Analytics_gidUsed to distinguish users1 day
Google Analyticsga-disable-UA-…Google Analytics Opt-out1. January 2100
TechnicalphpsessidSession identifierUntil you close the browser
Technicalpll_languageUser language (pre-)selection1 year
Technicalcookieconsent_statusUser selection1 year

5. Google Maps

This Website uses the map service Google Maps through an API. The provider is Google Inc., 1600 Amphitheater Pkwy., Mountain View, CA 94043, U.S.A. To use features of Google Maps, your IP address must be stored. This information will generally be transferred to a Google server in the United States and stored there. The provider of this Website has no influence on this data transfer. We use Google Maps to make our Website more attractive and to make it easier to find locations named on our Website. This is a legitimate interests within the meaning of Art. 6 para. 1 let. f) GDPR. You will find more information about the handling of user data in the data privacy policy of Google:

6. Use of Google Analytics

6.1 This Website uses Google Analytics, a web analysis service of Google Inc. (hereinafter “Google”). Google Analytics uses so-called “cookies,” text files that are stored on your computer and allow an analysis of how you use our Website. Information about your use of this Website generated by the cookie will generally be transferred to a Google server in the United States and stored there. If IP anonymization is activated on this Website, your IP address will however first be masked by Google in member states of the European Union or other signatory states to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transferred to a Google server in the United States and masked there. On behalf of the operator of this Website Google will use such information to analyze your use of the Website, to compile reports about website activity, and to provide the Website operator with additional services related to website use and Internet use. These purposes are also why we have a legitimate interest in processing your data. The legal basis for using Google Analytics is § 15 para. 3 German Telemedia Act (TMG) and Art. 6 para. 1 let. f) GDPR. The data sent by us and linked to cookies, user IDs, or advertising IDs will be automatically deleted after 14 months. Data which are no longer required to be stored by law will be automatically erased once a month. Additional information about the terms of use and data privacy is available at:

6.2 The IP address transmitted by your browser in connection with Google Analytics will not be merged with any other data of Google.

6.3 You may block cookies by selecting the appropriate settings in your browser; we advise you however that if you do so, you may no longer be able to use all features of this Website to the full extent. Moreover, you may prevent Google from collecting data related to your use of the Website and generated by the cookie (including your IP address) and from processing such data by downloading and installing the browser plugin available at the following link:

Opt-out cookies will prevent that your data will be collected the next time you visit this Website. To prevent tracking by Universal Analytics across multiple devices, you must opt out separately for each device you use.

Disable Google Analytics,

6.4 This Website uses Google Analytics with the extension “_anonymize Ip().” As a result, IP addresses are masked before being processed, thereby ruling out that an IP address can be correlated with any particular individual. To the extent that data about you relate to your personally, such correlation will therefore be immediately prevented and such personal data will be promptly deleted.

6.5 We use Google Analytics to be able to analyze and continuously improve use of our Website. Statistical data from Google Analytics allow us to improve our products and services and make them more interesting to you, the user. In exceptional cases where personal data are transferred to the United States, Google has committed to comply with the EU-US Privacy Shield, The legal basis for using Google Analytics is Art. 6 para. 1 sent. 1 let. f) GDPR.

6.6 Information about this third-party provider: Google Dublin, Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland, Fax: +353 (1) 436 1001. Terms of use:, overview of data privacy:, and data privacy policy:

7. Use of Google web fonts (local embedding)

This website uses so-called Web Fonts provided by Google to ensure the uniform use of fonts on this site. These Google fonts are locally installed so that a connection to Google’s servers will not be established in conjunction with this application.

For more information on Google Web Fonts, please follow this link: and consult Google’s Data Privacy Declaration under:

8. Online-Booking and Room Reserations

8.1 On our Website you can reserve rooms on a reservation page that was created for us by HotelNetSolutions GmbH. If you do so, the following personal data you enter into the input screen will be transmitted to and stored by us: your first name and last name, email address, telephone number, and billing address, the names of contact persons if you are a corporate customer, the number, names, and contact information of any additional travelers, your arrival and departure dates, any special requests, your payment data (payment method – such as credit card – and amount of payment – total price), and the date and time of your reservation. HotelNetSolutions GmbH is located at Genthiner Str. 8, 10785 Berlin, Germany. All reservation data entered by you will be transferred in encrypted form. As our contract partner, HotelNetSolutions GmbH has agreed to handle all of your data in compliance with applicable data privacy laws. The company will take all organizational and technical measures to protect your data. In this connection your data will not be transferred to any third parties by us. Your data will be used exclusively to process the booking/room reservation and to communicate with you.

8.2 The legal basis for processing your data is the conclusion of a lodging contract with you, Art. 6 para. 1a), b) GDPR. If the aforementioned data are not provided, we will be unable to enter into or manage a contract with you. Data you provide will be stored in our hotel software on an in-house server and used to perform our contract with you. Personal data entered into the input screen will be processed exclusively to process your reservation request and payment.

8.3 Data will be erased as soon as they are no longer needed for the purpose for which they were collected. If we have entered into a contract with you, we will erase data we have received from you as soon as we have complied with our legal recordkeeping obligations.

8.4 Even in the course of an online reservation you may at any time object to the processing of your personal data by sending an email to Please note that if you object to the processing of your personal data, your reservation cannot be completed and we can no longer communicate with you.

9. Transfer of data to non-EEA countries

We generally transmit no personal data to non-EEA countries. Our servers are located in the European Union. In cases in which personal data are transferred to countries that do not offer the same level of data protection as the European Union and in which you have not expressly consented to the transfer of your data to third countries, we will ensure that the contract with the third-party provider includes certain contractual obligations required under applicable data protection law (including standard contractual clauses approved by the European Commission), unless we can rely on different legal bases for transferring your personal data.