Privacy Policy

Stadl-Appartements GmbH

Last updated: June 2026

We are pleased that you are visiting our website stadl-appartements.de. Protecting your personal data is important to us. In accordance with Articles 13 and 14 of the General Data Protection Regulation (GDPR) and the German Telecommunications and Digital Services Data Protection Act (TDDDG), we inform you below about which personal data we collect when you use our website, for what purpose and on what legal basis we process it, and what rights you have.

1. Controller

The controller within the meaning of the GDPR is:

Stadl-Appartements GmbH
Represented by Managing Director Erwin Schwarzfischer
Friedhofweg 2a
86842 Türkheim
Germany

Contact:

Commercial register: Local Court of Memmingen (Amtsgericht Memmingen), HRB 22057
VAT ID: DE459972741

A data protection officer has not been appointed, as this is not legally required.

2. Overview of Data Processing

Personal data is any information relating to an identified or identifiable natural person. We process personal data exclusively in accordance with the statutory requirements.

2.1 Categories of Data and Purposes of Processing

Data category Purpose Legal basis
Master data (name, address) Booking handling, customer support Art. 6(1)(b) GDPR
Communication data (email, phone, message) Responding to enquiries, booking communication Art. 6(1)(b) and (f) GDPR
Booking and guest data (stay period, number of guests, payment/invoice data) Performance of the accommodation contract, legal obligations Art. 6(1)(b) and (c) GDPR
Usage data (IP address, browser, device) Provision and security of the website Art. 6(1)(f) GDPR
Consent-based data (statistics/cookies) Reach measurement, optimisation Art. 6(1)(a) GDPR in conjunction with Sec. 25(1) TDDDG

2.2 Recipients of the Data

  • ALL-INKL.COM – Neue Medien Münnich (web hosting, Germany)
  • easybooking GmbH (booking request/booking system, Austria)
  • Google Ireland Limited (web analytics – only with consent)
  • Booking.com and Airbnb (booking platforms, where a booking is made via these channels)

2.3 Transfer to Third Countries

A transfer of personal data to countries outside the EU/EEA only takes place in connection with the use of Google Analytics (see Section 6). Where a transfer to the USA occurs, it is based on the recipient’s certification under the EU-US Data Privacy Framework and, additionally, on the EU Commission’s Standard Contractual Clauses.

3. Data Collection When Accessing the Website

3.1 Server Log Files

When you access our website, information is automatically transmitted to the server and temporarily stored in so-called server log files:

  • IP address of the requesting device
  • date and time of access
  • name and URL of the file retrieved
  • website from which access was made (referrer URL)
  • browser used and, where applicable, the operating system

Purpose: ensuring a smooth connection, guaranteeing system security and stability.
Legal basis: Art. 6(1)(f) GDPR (legitimate interest in the secure operation of the website).
Storage period: the log files are stored for a maximum of 7 days and then automatically deleted.

3.2 Web Hosting

Our website is hosted by:

ALL-INKL.COM – Neue Medien Münnich
Owner René Münnich
Hauptstraße 68, 02742 Friedersdorf, Germany
Privacy: https://all-inkl.com/datenschutzinformationen/

The provider processes the data generated via the website (in particular access data) on our behalf. The server is located in Germany. A data processing agreement pursuant to Art. 28 GDPR has been concluded with the provider.
Legal basis: Art. 6(1)(f) GDPR (legitimate interest in a secure and efficient provision of the website).

3.3 WordPress

Our website is based on the WordPress content management system. When the pages are accessed, technically necessary data (in particular IP address and browser information) is processed in order to deliver the content.
Legal basis: Art. 6(1)(f) GDPR (operation of the website).

4. Cookies and Consent Management

4.1 General

We use cookies and similar technologies on our website. Cookies are small text files stored on your device. Some serve the technical operation of the website, others serve reach measurement.

The storage of information on your device or access to information already stored takes place – unless strictly technically necessary – only with your consent pursuant to Sec. 25(1) TDDDG in conjunction with Art. 6(1)(a) GDPR.

4.2 Consent Management with Borlabs Cookie

To obtain and manage your consent, we use the consent management tool Borlabs Cookie from Borlabs GmbH, Rentzelstraße 10b, 20146 Hamburg, Germany.

When you first access the website, Borlabs Cookie displays a cookie notice (consent banner) through which you can actively select individual cookie categories and grant or refuse your consent. The relevant services (e.g. Google Analytics) are only loaded after you have given your consent.

To document your consent, Borlabs stores a technically necessary cookie on your device. In doing so, your cookie selection and a timestamp are processed. This data is not transferred to third parties.

Purpose: obtaining, managing and documenting consent (statutory obligation to provide evidence).
Legal basis: Art. 6(1)(c) GDPR and Art. 6(1)(f) GDPR (legitimate interest in legally compliant consent management).

4.3 Withdrawal of Consent

You may withdraw or adjust your consent at any time with effect for the future. To do so, open the cookie settings via the corresponding link or the cookie icon on our website. The lawfulness of the processing carried out up to the point of withdrawal remains unaffected.

5. Contact (Contact Form and Email)

We offer a contact form on our website based on Contact Form 7. When you use the form or contact us by email, we process the data you provide:

  • name
  • email address
  • phone number, where applicable
  • content of your message
  • technical data (e.g. IP address) for abuse and spam prevention

Purpose: handling and responding to your enquiry; for booking-related enquiries, the performance of pre-contractual measures.
Legal basis: Art. 6(1)(b) GDPR (for contract- or booking-related enquiries) and Art. 6(1)(f) GDPR (legitimate interest in responding to general enquiries).
Storage period: we store the data until your enquiry has been conclusively dealt with. Where statutory retention obligations exist (e.g. for contract initiation), we delete the data after these have expired.

6. Google Analytics 4

Only after you have given your consent, we use Google Analytics 4, a web analytics service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”). The measurement ID is G-PWV2WKJYPC.

Google Analytics uses cookies and similar technologies that enable an analysis of the use of our website. The information obtained is used to evaluate the use of the website and to compile reports on website activity.

Data processed:

  • pseudonymised user ID
  • page views and usage behaviour
  • device and browser information
  • truncated (anonymised) IP address

IP anonymisation: the IP address is truncated before further processing; Google does not store the full IP address.

Transfer to the USA: in connection with the use of Google Analytics, personal data may be transferred to Google servers in the USA. Google is certified under the EU-US Data Privacy Framework; Standard Contractual Clauses additionally apply.

Legal basis: Art. 6(1)(a) GDPR in conjunction with Sec. 25(1) TDDDG (consent via the consent banner). Processing only takes place after you have consented via the cookie banner.

Withdrawal: you can withdraw your consent at any time via the cookie settings (see Section 4.3). In addition, you can prevent collection by Google Analytics using the following browser add-on: https://tools.google.com/dlpage/gaoptout

Google’s privacy policy: https://policies.google.com/privacy

7. Booking Requests and Booking Handling (easybooking)

For online booking requests and the management of bookings, we use the booking system easybooking provided by easybooking GmbH, Austria (https://www.easy-booking.at).

When you submit a booking request or make a booking via our website, we process the data you enter, in particular:

  • name and address
  • email address and phone number
  • stay period (arrival/departure), number of guests
  • messages and special requests, where applicable
  • payment and invoice data within the scope of booking handling

Purpose: processing your booking request as well as initiating and performing the accommodation contract.
Legal basis: Art. 6(1)(b) GDPR (performance of a contract or pre-contractual measures); where statutory registration and retention obligations exist, additionally Art. 6(1)(c) GDPR.

easybooking GmbH processes the booking and guest data as a processor on our behalf. A data processing agreement pursuant to Art. 28 GDPR has been concluded with the provider. The provider is based in Austria (EU).

easybooking’s privacy policy: https://www.easy-booking.at/datenschutz/

8. Booking Platforms (Booking.com, Airbnb)

If you make a booking not directly with us but via a booking platform, we receive your booking and contact data from the relevant platform in order to carry out the booking and communicate with you (e.g. sending access information).

The recipients or sources of the data may be:

Purpose: carrying out the booking arranged via the platform.
Legal basis: Art. 6(1)(b) GDPR (performance of a contract).

The respective platform operator is responsible for the data processing on the platforms themselves; their privacy policy applies.

9. Social Media Presence

We may link to our social media profiles on our website:

The links on our website are purely links to the respective profiles. Social plugins or tracking pixels (e.g. Facebook Pixel) are not integrated via these links; merely displaying the linked page does not transfer any data to Meta.

Only when you click on such a link and switch to the respective platform does the platform operator process your data under its own responsibility in accordance with its privacy policy.

10. Your Rights

You have the following rights with regard to the personal data concerning you:

  • Access (Art. 15 GDPR): you may request information about the data we process about you.
  • Rectification (Art. 16 GDPR): you may request the correction of inaccurate or incomplete data.
  • Erasure (Art. 17 GDPR): you may request the deletion of your data, unless statutory retention obligations apply.
  • Restriction of processing (Art. 18 GDPR): you may request the restriction of processing.
  • Data portability (Art. 20 GDPR): you may request the release of your data in a structured, commonly used and machine-readable format.
  • Objection (Art. 21 GDPR): you may object to the processing of your data where this is based on Art. 6(1)(f) GDPR.
  • Withdrawal of consent (Art. 7(3) GDPR): you may withdraw any consent given at any time with effect for the future.

To exercise your rights, an informal message to the contact details listed in Section 1 is sufficient.

Right to Lodge a Complaint with a Supervisory Authority

Without prejudice to any other remedy, you have the right to lodge a complaint with a data protection supervisory authority if you believe that the processing of your data violates the GDPR. The supervisory authority responsible for us is:

Bavarian State Office for Data Protection Supervision (BayLDA)
Promenade 18, 91522 Ansbach, Germany
https://www.lda.bayern.de

11. Storage Period

We store your personal data only for as long as is necessary for the respective purpose or as required by statutory retention obligations (in particular commercial and tax law obligations under Sec. 257 of the German Commercial Code (HGB) and Sec. 147 of the German Fiscal Code (AO)). After the respective period has expired, the data is routinely deleted.

12. Data Security

We take appropriate technical and organisational measures to protect your data against loss, manipulation and unauthorised access. Data entered via our website is transmitted in encrypted form via a TLS/SSL connection.

13. Changes to this Privacy Policy

We reserve the right to amend this privacy policy in order to adapt it to changes in the legal situation or to changes in our services or data processing. The current version published on this website applies in each case.

Last updated: June 2026