Moderner Eingangsbereich und Architektur des Hotels Vier Jahreszeiten am Schluchsee.

Vier Jahreszeiten am Schluchsee Data protection

(As of February 2026) Data protection


1. Responsible party


Responsible party within the meaning of the General Data Protection Regulation (GDPR):
Hetzel-Hotel-Hochschwarzwald GmbH & Co. KG
Am Riesenbühl 4
79859 Schluchsee, Germany
Phone: +49 7656-700
Email: info@vjz.de

Managing Director: Mr. Otto Lindner
Registry court: HRA Stuttgart
Registration number: 10.011
VAT ID number: DE147513573

 

2. Data protection officer


You can contact our data protection officer at:
TÜV Informationstechnik GmbH
TÜV NORD GROUP
Alexander P. Taubitz, Assessor jur.
Am TÜV 1
45307 Essen
E: a.taubitz@tuvit.de

 

3. General information on data processing


We only process the personal data of users of our website to the extent necessary to provide a functional website and our content and services.

Processing is generally only carried out with the user's consent (Art. 6 (1) (a) GDPR) or if processing is permitted by law (Art. 6 (1) (b), (c), (f) GDPR).

 

4. Hosting and server log files


Our website is hosted by HK-Net (Händle & Korte GmbH, Rathausufer 20, D-40213 Düsseldorf). When you visit our website, data is automatically collected (so-called log files):

  • IP address
  • Date and time
  • Referrer URL
  • Browser type and version
  • Operating system
  • Pages accessed

  • Legal basis: Art. 6 (1) (f) GDPR (legitimate interest in secure operation).

     

5. Cookies & consent management


We use the Cookiebot from
Cybot A/S
Havnegade 39
1058 Copenhagen
Denmark. 

We have concluded a data processing agreement (Art. 28 GDPR) with Cookiebot.

  • Purpose: Management and documentation of the consents given.
  • Data: IP address, consent status, date/time.
  • Legal basis: Art. 6 (1) (c) GDPR (legal obligation).

You can adjust your previous settings for the use of cookies with JavaScript enabled via the following link:

Change cookie settings

6. OnePageBooking booking system 


We use the booking system provided by:
HotelNetSolutions GmbH
Genthiner Straße 8
10785 Berlin

When using this system, personal data (name, address, payment details) is processed.
Legal basis: Art. 6 (1) (b) GDPR (performance of a contract). A data processing agreement
is in place with HNS.

 

7. Cendyn newsletter


We use the newsletter tool:
Cendyn Group LLC
301 East Pine Street, Suite 400
Orlando, FL 32801, USA

We have concluded a data processing agreement with Cendyn.

If personal data is transferred to a third country (e.g., the USA), this is done on the basis of the European Commission's standard contractual clauses in accordance with Art. 46 (2) (c) GDPR. These are intended to ensure an adequate level of data protection in the recipient country. 

  • Data: Email address, name, proof of consent (double opt-in).
  • Legal basis: Art. 6 (1) (a) GDPR.
  • Storage period: until unsubscribed.
  • Children: Registration only from the age of 16 or with parental consent.

Cendyn is certified under the EU-US Data Privacy Framework.

 

8. Contact (email, telephone)


If you contact us by email or phone, we will process your details (name, email, message) in order to handle your request. Legal basis: Art. 6 (1) (b) GDPR (performance of a contract) or (f) GDPR (general inquiries).

 

9. Google Tag Manager


We use Google Tag Manager from:
Google Ireland Limited
Gordon House
Barrow Street
Dublin 4, Ireland

Google Tag Manager itself does not store any personal data, but it does enable the loading of additional tracking services.
Legal basis: Art. 6 (1) (a) GDPR (consent via consent tool)
Data may be transferred to the USA. Google is certified under the EU-US Data Privacy Framework.

 

10. Google Analytics 4


We use Google Analytics 4, a web analytics service provided by: Google Ireland Limited, Ireland.

Google Analytics processes, among other things:

  • IP address (truncated/anonymized)
  • Device information
  • Usage behavior
  • Interactions on the website

- Purpose: Analysis of user behavior and optimization of our online offering. 
- Legal basis: Art. 6 (1) (a) GDPR (consent)
- IP anonymization is activated. 
- Storage period: max. 14 months (unless otherwise configured)
- Data may be transferred to the USA. Google is DPF-certified.

 

11. Google Ads & conversion tracking


We use Google Ads and the associated conversion tracking.

Provider: Google Ireland Limited A cookie
is set when you access our website via a Google ad.

Purpose:

  • To measure the success of advertising campaigns
  • Conversion tracking

Legal basis: Art. 6 (1) (a) GDPR
Storage period: up to 90 days.

 

11. Meta Pixel


We use the Meta Pixel from:
Meta Platforms Ireland Limited
4 Grand Canal Square
Dublin 2
Ireland

Processed data:

  • IP address
  • Device information
  • Website activities
  • Conversion data

Purpose:

  • Analysis of advertising impact
  • Remarketing
  • Target group formation

Legal basis: Art. 6 (1) (a) GDPR

Meta may transfer data to the United States.
Meta is certified under the EU-US Data Privacy Framework.

 


13. YouTube


We embed videos from YouTube.
Provider: Google Ireland Limited.

We use the extended data protection mode so that data is only transferred when the video is activated.
Legal basis: Art. 6 (1) (a) GDPR.

 

14. Transfer of data


Data is only disclosed to service providers who are obligated as processors under Art. 28 GDPR, or if there is a legal obligation to do so.

 

15. Storage period


Personal data is deleted as soon as the purpose of storage no longer applies or statutory retention periods have expired.

 

16. Your rights as a data subject


When we process your data, you have certain rights that you can exercise at any time. To do so, simply contact us (see above for contact details).

  • Information: You may inquire about what data we have stored about you and for what purpose.
  • Correction: If data is incorrect or incomplete, you can request that we correct it.
  • Deletion: You can request that we delete your data—for example, if it is no longer needed or you withdraw your consent.
  • Restriction of processing: You can request that we store your data but do not continue to use it—for example, while we check whether the data is correct.
  • Data portability: Upon request, we will provide you with your data in a common, machine-readable format so that you can pass it on to another provider.
  • Objection: If we process your data on the basis of a legitimate interest (e.g., for statistics or marketing), you can object to this at any time. We will then check whether our reasons outweigh yours or whether we will stop processing your data.

  • Withdrawal of consent: If you have given us consent to process your data (e.g., for sending our newsletter), you can withdraw this consent at any time with effect for the future. This means that we may no longer use your data for this purpose from the time of withdrawal. However, the processing that took place up to the time of your revocation remains lawful. Your revocation therefore has no effect on the past, but only on the future.

     

17. Right to lodge a complaint


You can lodge a complaint with any data protection supervisory authority. The competent authority is the authority in the federal state in which our hotel is based. 

 

18. Security


We use state-of-the-art SSL encryption.

 

19. Status and changes


Status: February 2026
We reserve the right to amend the privacy policy to adapt it to new legal situations or technical changes.

Sonnenuntergang über dem Waldmeer des Schwarzwalds vom Aussichtsturm.

Vacation by the Black Forest Sea Schluchsee
vacation region

Learn more