Privacy Policy
1. Data Protection at a Glance
General Information
The following information provides a simple overview of what happens to your personal data when you visit our website.
Personal data refers to any information that can personally identify you.
Detailed information on data protection can be found in our full Privacy Policy below.
Data Collection on This Website
Who is responsible for data collection on this website?
Data processing on this website is carried out by the website operator.
You can find their contact details in the section “Information on the Responsible Party” below in this Privacy Policy.
How do we collect your data?
Your data is collected in part when you provide it to us — for example, by filling in a contact form.
Other data is collected automatically or after your consent when you visit the website.
This includes mainly technical data (e.g. browser type, operating system, or time of access).
These data are collected automatically as soon as you enter the website.
What do we use your data for?
Part of the data is collected to ensure the proper functioning of the website.
Other data may be used to analyze user behavior.
If the website allows for the conclusion or initiation of contracts, any data provided will also be processed for offers, bookings, or related requests.
What rights do you have regarding your data?
You have the right to receive, free of charge, information about the origin, recipient, and purpose of your stored personal data at any time.
You also have the right to request correction or deletion of this data.
If you have given consent for data processing, you may revoke it at any time with future effect.
You also have the right, under certain circumstances, to request restriction of processing of your personal data.
Furthermore, you have the right to lodge a complaint with the competent supervisory authority.
You can contact us at any time regarding these rights or any further questions concerning data protection.
Analytics Tools and Third-Party Tools
When you visit this website, your browsing behavior may be statistically analyzed.
This happens primarily with the help of analytics tools.
More detailed information about these tools can be found in the following sections of this Privacy Policy.
2. Hosting
We host our website content with the following external provider:
External Hosting
This website is hosted externally.
The personal data collected on this website is stored on the servers of the hosting provider(s).
This may include, in particular: IP addresses, contact requests, metadata and communication data, contract and contact details, names, website accesses, and other data generated through the website.
External hosting is carried out for the purpose of fulfilling contracts with our potential and existing customers (Art. 6 (1)(b) GDPR)
and in the interest of secure, fast, and efficient provision of our online services by a professional provider (Art. 6 (1)(f) GDPR).
If consent has been requested, processing takes place exclusively based on Art. 6 (1)(a) GDPR and § 25 (1) TDDDG,
insofar as this consent includes the storage of cookies or access to information on the user’s device (e.g. device fingerprinting) under the TDDDG.
Consent may be revoked at any time.
Our hosting provider processes your data only to the extent necessary to fulfill its service obligations and in accordance with our instructions.
Hosting provider:
profihost GmbH
Hildesheimer Straße 25
30880 Laatzen
Germany
Data Processing Agreement
We have concluded a data processing agreement (DPA) with the above provider.
This legally required agreement ensures that the provider processes the personal data of our website visitors only according to our instructions and in compliance with the GDPR.
3. General Information and Mandatory Disclosures
Data Protection
The operators of these pages take the protection of your personal data very seriously.
We handle your personal information confidentially and in accordance with statutory data protection regulations and this Privacy Policy.
When you use this website, various personal data are collected.
Personal data means any information that can personally identify you.
This Privacy Policy explains what data we collect, how we use it, and for what purpose.
Please note that data transmission over the internet (e.g. when communicating by e-mail) may have security gaps.
A complete protection of data from access by third parties is not possible.
Information on the Responsible Party
The responsible party for data processing on this website is:
KULT-Hotel Betriebs GmbH
Theodor-Heuss-Straße 25
85055 Ingolstadt
Phone: +49-841-95100
E-mail: +49-841-95100
The responsible party is the natural or legal person who, alone or jointly with others, decides on the purposes and means of processing personal data (e.g. names, e-mail addresses, etc.).
Storage Period
Unless a specific storage period is stated within this Privacy Policy, your personal data remain with us until the purpose for data processing no longer applies.
If you request deletion or revoke your consent to data processing, your data will be deleted unless we have other legally permissible reasons for retaining it (e.g. retention obligations under tax or commercial law).
In such cases, deletion will take place after these reasons no longer apply.
Legal Bases for Data Processing on This Website
If you have consented to data processing, we process your personal data on the basis of Art. 6 (1)(a) GDPR or, for special categories of data, Art. 9 (2)(a) GDPR.
If you have expressly consented to the transfer of personal data to third countries, processing also takes place under Art. 49 (1)(a) GDPR.
If you have consented to the storage of cookies or access to information on your device (e.g. through device fingerprinting), processing is also based on § 25 (1) TDDDG.
Consent can be withdrawn at any time.
Where your data are required for contract performance or pre-contractual measures, we process it on the basis of Art. 6 (1)(b) GDPR.
If processing is necessary to fulfill a legal obligation, we rely on Art. 6 (1)(c) GDPR.
Data processing may also occur on the basis of our legitimate interest pursuant to Art. 6 (1)(f) GDPR.
The specific legal basis applicable in each case is indicated in the relevant sections of this Privacy Policy.
Recipients of Personal Data
Within our business operations, we collaborate with various external parties.
This may include the transfer of personal data to such third parties.
We only share personal data when necessary for contract fulfillment, when required by law (e.g. to tax authorities),
when there is a legitimate interest under Art. 6 (1)(f) GDPR, or when another legal basis allows such transfer.
If we use data processors, we share customer data only under a valid Data Processing Agreement.
In cases of joint processing, a corresponding Joint-Controller Agreement is established.
Revocation of Your Consent to Data Processing
Many processing operations are only possible with your explicit consent.
You may revoke your consent at any time with effect for the future.
The lawfulness of processing carried out before the revocation remains unaffected.
Right to Object to Data Processing in Special Cases and to Direct Marketing (Art. 21 GDPR)
IF DATA PROCESSING IS CARRIED OUT ON THE BASIS OF ART. 6 (1)(E) OR (F) GDPR, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME, ON GROUNDS RELATING TO YOUR PARTICULAR SITUATION, TO THE PROCESSING OF YOUR PERSONAL DATA;
THIS ALSO APPLIES TO PROFILING BASED ON THESE PROVISIONS.
THE RELEVANT LEGAL BASIS FOR EACH PROCESSING OPERATION CAN BE FOUND IN THIS PRIVACY POLICY.
IF YOU OBJECT, WE WILL NO LONGER PROCESS YOUR PERSONAL DATA UNLESS WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS THAT OVERRIDE YOUR INTERESTS, RIGHTS, AND FREEDOMS
OR THE PROCESSING SERVES THE ESTABLISHMENT, EXERCISE, OR DEFENSE OF LEGAL CLAIMS (OBJECTION PURSUANT TO ART. 21 (1) GDPR).
IF YOUR PERSONAL DATA ARE PROCESSED FOR DIRECT MARKETING PURPOSES, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF YOUR PERSONAL DATA FOR SUCH ADVERTISING;
THIS ALSO APPLIES TO PROFILING IN CONNECTION WITH SUCH DIRECT MARKETING.
IF YOU OBJECT, YOUR PERSONAL DATA WILL NO LONGER BE USED FOR DIRECT MARKETING PURPOSES (OBJECTION PURSUANT TO ART. 21 (2) GDPR).
Right to Lodge a Complaint with a Supervisory Authority
In the event of a breach of the GDPR, data subjects have the right to lodge a complaint with a supervisory authority,
in particular in the Member State of their habitual residence, place of work, or place of the alleged infringement.
The right to lodge a complaint exists without prejudice to other administrative or judicial remedies.
Right to Data Portability
You have the right to receive data that we process automatically based on your consent or in performance of a contract,
in a commonly used, machine-readable format.
You also have the right to have this data transmitted directly to another controller, where technically feasible.
Access, Rectification, and Erasure
Within the framework of applicable legal provisions, you have the right at any time to obtain information free of charge about your stored personal data,
its origin and recipients, and the purpose of data processing, as well as the right to request rectification or erasure of this data.
You can contact us at any time regarding these rights or for further questions concerning personal data.
Right to Restrict Processing
You have the right to request the restriction of processing of your personal data.
You can contact us at any time to do so.
This right applies in the following cases:
-
If you contest the accuracy of your personal data, we will need time to verify this. During the verification period, you have the right to restrict processing.
-
If processing is unlawful, you may request restriction instead of deletion.
-
If we no longer need your data, but you require it to exercise, defend, or establish legal claims.
-
If you have objected under Art. 21 (1) GDPR, and it has not yet been determined whose interests prevail.
If processing is restricted, such data — apart from storage — may only be processed with your consent
or for the establishment, exercise, or defense of legal claims,
or to protect the rights of another natural or legal person,
or for important public interests of the European Union or a Member State.
SSL or TLS Encryption
For security reasons and to protect the transmission of confidential content,
such as orders or inquiries you send to us as the site operator, this page uses SSL or TLS encryption.
You can recognize an encrypted connection by the browser address bar changing from “http://” to “https://”
and by the lock icon in your browser line.
When SSL or TLS encryption is active, the data you transmit to us cannot be read by third parties.
4. Data Collection on This Website
Cookies
Our websites use so-called “cookies.” Cookies are small data files that do not cause any harm to your device.
They are either stored temporarily for the duration of a session (session cookies) or permanently (persistent cookies) on your device.
Session cookies are automatically deleted after your visit.
Persistent cookies remain stored until you delete them yourself or automatic deletion takes place via your web browser.
In some cases, third-party cookies may also be stored on your device when you enter our site (third-party cookies).
These enable us or you to use certain services of the third-party company (e.g. cookies for payment services or analytics tools).
Cookies have various functions. Many cookies are technically necessary, as certain website features would not function without them (e.g. the shopping cart or language settings).
Other cookies are used to analyze user behavior or display advertising.
Cookies that are necessary to carry out electronic communication processes or to provide certain functions you have requested (e.g. the contact form)
are stored on the basis of Art. 6 (1)(f) GDPR, unless another legal basis is specified.
The website operator has a legitimate interest in the storage of cookies for the technically error-free and optimized provision of its services.
If consent for the storage of cookies has been requested, cookies are stored exclusively on the basis of Art. 6 (1)(a) GDPR and § 25 (1) TDDDG,
insofar as the consent also includes the storage of cookies or access to information on the user’s device (e.g. via device fingerprinting).
Consent can be revoked at any time.
You can configure your browser to inform you about the setting of cookies and to allow cookies only in individual cases,
to exclude the acceptance of cookies for specific cases, or to generally exclude them, and to activate the automatic deletion of cookies when closing the browser.
Disabling cookies may limit the functionality of this website.
Where third-party cookies or cookies for analytical purposes are used, we will inform you separately in this Privacy Policy and, if necessary, request your consent.
Server Log Files
The provider of this website automatically collects and stores information in so-called server log files,
which your browser automatically transmits to us. These include:
-
Browser type and version
-
Operating system used
-
Referrer URL
-
Host name of the accessing computer
-
Time of the server request
-
IP address
These data are not merged with other data sources.
Data collection is based on Art. 6 (1)(f) GDPR.
The website operator has a legitimate interest in the technically error-free presentation and optimization of the website —
for this purpose, server log files must be recorded.
Contact Form
If you send us inquiries via the contact form, the information you provide — including your contact details —
will be stored for the purpose of processing the inquiry and for any follow-up questions.
We will not share this data without your consent.
The processing of this data is based on Art. 6 (1)(b) GDPR,
if your request relates to the performance of a contract or is necessary for pre-contractual measures.
In all other cases, processing is based on our legitimate interest in effectively handling inquiries (Art. 6 (1)(f) GDPR)
or on your consent (Art. 6 (1)(a) GDPR), if this has been requested.
You may revoke your consent at any time.
The data you enter in the contact form will remain with us until you request deletion, revoke your consent to storage,
or the purpose for data storage no longer applies (e.g. after your inquiry has been processed).
Mandatory legal provisions — in particular retention periods — remain unaffected.
Inquiry by E-mail, Telephone, or Fax
If you contact us by e-mail, telephone, or fax, your inquiry, including all personal data (such as name, inquiry details),
is stored and processed for the purpose of handling your request.
We do not share this data without your consent.
Processing of this data is based on Art. 6 (1)(b) GDPR if your request relates to the fulfillment of a contract or pre-contractual actions.
In all other cases, processing is based on our legitimate interest in effectively communicating with customers and guests (Art. 6 (1)(f) GDPR)
or on your consent (Art. 6 (1)(a) GDPR), if applicable.
The data you send to us via contact requests will remain with us until you request deletion, revoke your consent,
or the purpose for data processing no longer applies.
Mandatory legal provisions — in particular statutory retention obligations — remain unaffected.
Registration on This Website
You may register on this website to use additional features.
The data entered during registration is used only for the purpose of using the respective service or offer you registered for.
The mandatory information requested during registration must be provided in full.
Otherwise, registration will be refused.
For important changes, such as scope modifications of our services or technically necessary adjustments,
we use the e-mail address provided at registration to inform you.
The processing of data entered during registration is based on your consent (Art. 6 (1)(a) GDPR).
You may revoke your consent at any time.
Data collected during registration will be stored as long as you remain registered and will be deleted thereafter.
Statutory retention periods remain unaffected.
5. Analytics Tools and Advertising
Google Analytics
This website uses features of the web analytics service Google Analytics.
The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
Google Analytics enables the website operator to analyze the behavior of website visitors.
In doing so, the website operator receives various usage data such as page views, time spent on pages, operating systems used, and the user’s origin.
This data may be compiled by Google into a profile that is assigned to the respective user or their device.
Google Analytics uses technologies that enable the recognition of the user for the purpose of analyzing user behavior (e.g. cookies or device fingerprinting).
The information collected by Google about the use of this website is usually transmitted to a Google server in the USA and stored there.
The use of this service is based on your consent under Art. 6 (1)(a) GDPR and § 25 (1) TDDDG.
Consent can be withdrawn at any time.
Data transfer to the USA is based on the EU Commission’s adequacy decision and the EU-U.S. Data Privacy Framework (DPF).
More information can be found here:
https://policies.google.com/privacy/frameworks
6. Liability and Legal Information
Liability for Content
As a service provider, we are responsible for our own content on these pages in accordance with general laws pursuant to § 7 (1) TMG.
However, under §§ 8 to 10 TMG, we are not obliged to monitor transmitted or stored third-party information or to investigate circumstances indicating illegal activity.
Obligations to remove or block the use of information under general law remain unaffected.
Liability in this respect is only possible from the time we become aware of a specific infringement.
Upon becoming aware of such violations, we will remove the content immediately.
Liability for Links
Our website contains links to external third-party websites, over whose content we have no control.
Therefore, we cannot assume any liability for these external contents.
The respective provider or operator of the linked pages is always responsible for their content.
Linked pages were checked for possible legal violations at the time of linking.
No unlawful content was identifiable at that moment.
Permanent monitoring of the linked pages is, however, not reasonable without specific indications of a violation.
Should any infringements become known, we will remove such links immediately.
Copyright
The content and works created by the site operators on these pages are subject to German copyright law.
Reproduction, editing, distribution, or any kind of use beyond the limits of copyright law require the written consent of the respective author or creator.
Downloads and copies of this site are permitted only for private, non-commercial use.
If content on this site was not created by the operator, the copyrights of third parties are respected.
Third-party content is marked as such.
Should you nevertheless become aware of a copyright infringement, please notify us accordingly.
Upon notification of violations, we will remove such content immediately.
Changes to This Privacy Policy
We reserve the right to adapt this Privacy Policy so that it always complies with the current legal requirements
or to reflect changes to our services, e.g. the introduction of new features on the website.
The new Privacy Policy will then apply to your next visit.
Last updated: November 2025
Contact
KULT-Hotel Betriebs GmbH
Theodor-Heuss-Straße 25
85055 Ingolstadt
Germany
Phone: +49-841-95100
Fax: +49-841-9510100
E-mail: info@kult-hotel.de
