Privacy Policy

Elisenbrunnen Gastronomie GmbH & Co. KG
Friedrich-Wilhelm- Platz 14 / D - 52062 Aachen
Chief Executive Officer: Dipl. Kfm. Jochen Zimmermann, Armin Geiger
Tel. +49 (0) 0241 99700282
E-Mail: info@eb-aachen.de

We consider it our primary task to maintain the confidentiality of the personal data you provide and to protect it from unauthorised access. We therefore take the utmost care and apply the latest security standards to ensure maximum protection of your personal data.

As a company under private law, we are subject to the provisions of the European General Data Protection Regulation (GDPR) and the provisions of the German Federal Data Protection Act (BDSG). We have taken technical and organisational measures to ensure that the data protection regulations are observed both by us and by our external service providers.

1. data protection at a glance

General information
The following information provides a simple overview of what happens to your personal data when you visit this website. Personal data is any data that can be used to identify you personally. For detailed information on the subject of data protection, please refer to our data protection declaration listed below this text.

Data collection on this website
Who is responsible for data collection on this website?
Data processing on this website is carried out by the website operator. You can find the operator's contact details in the legal notice of this website.
How do we collect your data?
On the one hand, your data is collected when you provide it to us. This may, for example, be data that you enter in a contact form.
Other data is collected automatically by our IT systems when you visit the website. This is primarily technical data (e.g. internet browser, operating system or time of page view). This data is collected automatically as soon as you enter this website.

What do we use your data for?
Some of the data is collected to ensure that the website is provided without errors. Other data may be used to analyse your user behaviour.

What rights do you have with regard to your data?
You have the right to receive information about the origin, recipient and purpose of your stored personal data free of charge at any time. You also have the right to request the correction or deletion of this data. You can contact us at any time at the address given in the legal notice if you have any further questions on the subject of data protection. You also have the right to lodge a complaint with the competent supervisory authority.
You also have the right to request the restriction of the processing of your personal data under certain circumstances. For details, please refer to the privacy policy under ‘Right to restriction of processing’.

Analysis tools and tools from third-party providers
When you visit this website, your surfing behaviour may be statistically evaluated. This is primarily done using cookies and so-called analysis programmes. The analysis of your surfing behaviour is usually anonymous; the surfing behaviour cannot be traced back to you.
You can object to this analysis or prevent it by not using certain tools. You can find detailed information about these tools and your options for objecting in the following privacy policy.

2. hosting

External hosting
This website is hosted by an external service provider (hoster). Personal data collected on this website is stored on the hoster's servers. This may include IP addresses, contact requests, meta and communication data, contract data, contact details, names, website access and other data generated via a website.
The hoster is used for the purpose of fulfilling the contract with our potential and existing customers (Art. 6 para. 1 lit. b GDPR) and in the interest of a secure, fast and efficient provision of our online offer by a professional provider (Art. 6 para. 1 lit. f GDPR).
Our hoster will only process your data to the extent necessary to fulfil its performance obligations and follow our instructions with regard to this data.
Conclusion of a contract for order processing
In order to ensure data protection-compliant processing, we have concluded an order processing contract with our hoster.

3. general notes and mandatory information

Data protection
The operators of these pages take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this privacy policy.
When you use this website, various personal data is collected. Personal data is data that can be used to identify you personally. This privacy policy explains what data we collect and what we use it for. It also explains how and for what purpose this is done.

We would like to point out that data transmission over the Internet (e.g. when communicating by e-mail) may be subject to security vulnerabilities. Complete protection of data against access by third parties is not possible.
Note on the responsible body

The party responsible for data processing on this website is:

Elisenbrunnen Gastronomie GmbH & Co. KG
Friedrich-Wilhelm-Platz 14
D-52062 Aachen
Restaurant Elisenbrunnen
Tel. +49 (0)241 99700282
E-Mail info@eb-aachen.de
Homepage www.eb-aachen.de

Administration:
Tel. +49 (0) 241 55 92 18 – 0
Sitz Aachen | Registergericht AC
HRA 8482
Ust-ID: DE297341855
represented by:
Elisenbrunnen Beteiligungs GmbH
Peterstraße 44–46
D-52062 Aachen
Sitz Aachen | Registergericht AC
HRB 19119
Chief Executive Officer:
Dipl. Kfm. Jochen Zimmermann,
Armin Geiger
info@eb-aachen.de
www.eb-aachen.de

The controller is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data (e.g. names, e-mail addresses, etc.).
Withdrawal of your consent to data processing
Many data processing operations are only possible with your express consent. You can withdraw your consent at any time. All you need to do is send us an informal email. The legality of the data processing carried out until the revocation remains unaffected by the revocation.
Right to object to data collection in special cases and to direct advertising (Art. 21 GDPR)

IF THE DATA PROCESSING IS BASED ON ART. 6 ABS. 1 LIT. E OR F GDPR, YOU HAVE THE RIGHT TO OBJECT TO THE PROCESSING OF YOUR PERSONAL DATA AT ANY TIME ON GROUNDS RELATING TO YOUR PARTICULAR SITUATION; THIS ALSO APPLIES TO PROFILING BASED ON THESE PROVISIONS. THE RESPECTIVE LEGAL BASIS ON WHICH PROCESSING IS BASED CAN BE FOUND IN THIS PRIVACY POLICY. IF YOU OBJECT, WE WILL NO LONGER PROCESS YOUR PERSONAL DATA CONCERNED UNLESS WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR THE PROCESSING WHICH OVERRIDE YOUR INTERESTS, RIGHTS AND FREEDOMS OR THE PROCESSING SERVES THE ESTABLISHMENT, EXERCISE OR DEFENCE OF LEGAL CLAIMS (OBJECTION PURSUANT TO ART. 21 PARA. 1 GDPR).
IF YOUR PERSONAL DATA ARE PROCESSED FOR THE PURPOSE OF DIRECT MARKETING, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF PERSONAL DATA CONCERNING YOU FOR THE PURPOSE OF SUCH MARKETING; THIS ALSO APPLIES TO PROFILING INSOFAR AS IT IS RELATED TO SUCH DIRECT MARKETING. IF YOU OBJECT, YOUR PERSONAL DATA WILL SUBSEQUENTLY NO LONGER BE USED FOR THE PURPOSE OF DIRECT MARKETING (OBJECTION PURSUANT TO ART. 21 PARA. 2 GDPR).

Right to lodge a complaint with the competent supervisory authority
In the event of violations of the GDPR, data subjects have the right to lodge a complaint with a supervisory authority, in particular in the Member State of their habitual residence, place of work or place of the alleged violation. The right to lodge a complaint is without prejudice to any other administrative or judicial remedy.
Right to data portability
You have the right to have data that we process automatically on the basis of your consent or in fulfilment of a contract handed over to you or to a third party in a commonly used, machine-readable format. If you request the direct transfer of the data to another controller, this will only be done insofar as it is technically feasible.

SSL and TLS encryption
This site uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as orders or enquiries that you send to us as the site operator. You can recognise an encrypted connection by the fact that the address line of the browser changes from ‘https://’ to ‘https://’ and by the lock symbol in your browser line.
If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.

Information, erasure and rectification
Within the framework of the applicable legal provisions, you have the right to free information about your stored personal data, its origin and recipients and the purpose of the data processing and, if necessary, a right to correction or deletion of this data at any time. You can contact us at any time at the address given in the legal notice if you have any further questions on the subject of personal data.

Right to restriction of processing
You have the right to request the restriction of the processing of your personal data. To do so, you can contact us at any time at the address given in the legal notice. The right to restriction of processing exists in the following cases:

• If you dispute the accuracy of your personal data stored by us, we generally need time to check this. For the duration of the review, you have the right to request the restriction of the processing of your personal data.
• If the processing of your personal data was/is unlawful, you can request the restriction of data processing instead of erasure.
• If we no longer need your personal data, but you need it for the exercise, defence or assertion of legal claims, you have the right to request the restriction of the processing of your personal data instead of its erasure.
• If you have lodged an objection in accordance with Art. 21 para. 1 GDPR, a balance must be struck between your interests and ours. As long as it has not yet been determined whose interests prevail, you have the right to request the restriction of the processing of your personal data.

If you have restricted the processing of your personal data, this data - apart from its storage - may only be processed with your consent or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the European Union or of a Member State.

4. data collection on this website

Cookies
Some of the Internet pages use so-called cookies. Cookies do not damage your computer and do not contain viruses. Cookies are used to make our website more user-friendly, effective and secure. Cookies are small text files that are stored on your computer and saved by your browser.
Most of the cookies we use are so-called ‘session cookies’. They are automatically deleted at the end of your visit. Other cookies remain stored on your end device until you delete them. These cookies enable us to recognise your browser on your next visit.

You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general and activate the automatic deletion of cookies when closing the browser. If cookies are deactivated, the functionality of this website may be restricted.
Cookies that are required to carry out the electronic communication process or to provide certain functions that you have requested (e.g. shopping basket function) are stored on the basis of Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in the storage of cookies for the technically error-free and optimised provision of its services. If a corresponding consent has been requested (e.g. consent to the storage of cookies), the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR; the consent can be revoked at any time.
Insofar as other cookies (e.g. cookies for analysing your surfing behaviour) are stored, these are treated separately in this privacy policy.

Server log files
The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are
• Browser type and browser version
• Operating system used
• Referrer URL
• Host name of the accessing computer
• Time of the server enquiry
• IP address

This data is not merged with other data sources.
This data is collected on the basis of Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in the technically error-free presentation and optimisation of its website - the server log files must be recorded for this purpose.

Contact form
If you send us enquiries via the contact form, your details from the enquiry form, including the contact details you provide there, will be stored by us for the purpose of processing the enquiry and in the event of follow-up questions. We will not pass on this data without your consent.

This data is processed on the basis of Art. 6 para. 1 lit. b GDPR if your enquiry is related to the fulfilment of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective processing of the enquiries addressed to us (Art. 6 para. 1 lit. f GDPR) or on your consent (Art. 6 para. 1 lit. a GDPR) if this has been requested.

We will retain the data you provide on the contact form until you request its deletion, revoke your consent for its storage, or the purpose for its storage no longer pertains (e.g. after fulfilling your request). Mandatory statutory provisions - in particular retention periods - remain unaffected.

Enquiry by e-mail, telephone or fax
If you contact us by e-mail, telephone or fax, your enquiry including all personal data (name, enquiry) will be stored and processed by us for the purpose of processing your request. We will not pass on this data without your consent.

This data is processed on the basis of Art. 6 para. 1 lit. b GDPR if your enquiry is related to the fulfilment of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on your consent (Art. 6 para. 1 lit. a GDPR) and/or on our legitimate interests (Art. 6 para. 1 lit. f GDPR), as we have a legitimate interest in the effective processing of the enquiries addressed to us.

The data you send to us via contact requests will remain with us until you ask us to delete it, revoke your consent to storage or the purpose for data storage no longer applies (e.g. after your request has been processed). Mandatory statutory provisions - in particular statutory retention periods - remain unaffected.

Comment function on this website
For the comment function on this page, in addition to your comment, information about the time the comment was created, your e-mail address and, if you are not posting anonymously, the user name you have chosen will be saved.

Storage of the IP address
Our comment function stores the IP addresses of users who post comments. As we do not check comments on this website before they are activated, we need this data in order to be able to take action against the author in the event of legal violations such as insults or propaganda.

Subscribing to comments
As a user of the site, you can subscribe to comments after registering. You will receive a confirmation e-mail to check whether you are the owner of the e-mail address provided. You can unsubscribe from this function at any time via a link in the info mails. In this case, the data entered when subscribing to comments will be deleted; however, if you have transmitted this data to us for other purposes and elsewhere (e.g. newsletter subscription), it will remain with us.

Storage duration of comments
The comments and the associated data (e.g. IP address) are stored and remain on this website until the commented content has been completely deleted or the comments must be deleted for legal reasons (e.g. offensive comments).

Legal basis
The comments are stored on the basis of your consent (Art. 6 para. 1 lit. a GDPR). You can revoke your consent at any time. All you need to do is send us an informal email. The legality of the data processing operations that have already taken place remains unaffected by the cancellation.

5. social media

Social media plugins with Shariff
Plugins from social media are used on this website (e.g. Facebook, Twitter, Google+, Instagram, Pinterest, XING, LinkedIn, Tumblr).
You can usually recognise the plugins by the respective social media logos. To ensure data protection on this website, we only use these plugins together with the so-called ‘Shariff’ solution. This application prevents the plugins integrated on this website from transferring data to the respective provider the first time you visit the site.
Only when you activate the respective plugin by clicking the corresponding button will a direct connection to the provider's server be established (consent). As soon as you activate the plugin, the respective provider receives the information that you have visited this website with your IP address.

Wenn Sie gleichzeitig in Ihrem jeweiligen Social-Media-Account (z. B. Facebook) eingeloggt sind, kann der jeweilige Anbieter den Besuch dieser Website Ihrem Benutzerkonto zuordnen.
Das Aktivieren des Plugins stellt eine Einwilligung im Sinne des Art. 6 Abs. 1 lit. a DSGVO dar. Diese Einwilligung können Sie jederzeit mit Wirkung für die Zukunft widerrufen.

Facebook plugins (Like & Share button)
Plugins of the social network Facebook, provider Facebook Inc, 1 Hacker Way, Menlo Park, California 94025, USA, are integrated on this website. You can recognise the Facebook plugins by the Facebook logo or the ‘Like’ button on this website. You can find an overview of the Facebook plugins here: https://developers.facebook.com/docs/plugins/?locale=de_DE.
When you visit this website, a direct connection is established between your browser and the Facebook server via the plugin. Facebook receives the information that you have visited this website with your IP address. If you click on the Facebook ‘Like’ button while you are logged into your Facebook account, you can link the content of this website to your Facebook profile. This allows Facebook to associate your visit to this website with your user account. We would like to point out that, as the provider of the pages, we have no knowledge of the content of the transmitted data or its use by Facebook. Further information on this can be found in Facebook's privacy policy at: https://de-de.facebook.com/privacy/explanation.
If you do not want Facebook to be able to associate your visit to this website with your Facebook user account, please log out of your Facebook user account.
The Facebook plugins are used on the basis of Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in the widest possible visibility in social media.

Instagram plugin
Functions of the Instagram service are integrated on this website. These functions are offered by Instagram Inc, 1601 Willow Road, Menlo Park, CA 94025, USA.
If you are logged into your Instagram account, you can link the content of this website to your Instagram profile by clicking on the Instagram button. This allows Instagram to associate your visit to this website with your user account. We would like to point out that, as the provider of the pages, we have no knowledge of the content of the transmitted data or its use by Instagram.

The Instagram plugin is used on the basis of Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in the widest possible visibility in social media.
Further information on this can be found in Instagram's privacy policy: https://instagram.com/about/legal/privacy/.

6. Plugins und Tools

Google Web Fonts
This site uses so-called web fonts provided by Google for the standardised display of fonts. When you access a page, your browser loads the required web fonts into your browser cache in order to display texts and fonts correctly.
For this purpose, the browser you are using must connect to Google's servers. This informs Google that this website has been accessed via your IP address. The use of Google Web Fonts is in the interest of a uniform and appealing presentation of our online offers. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR.
If your browser does not support web fonts, a standard font will be used by your computer.
More about Google Web Fonts: https://developers.google.com/fonts/faq and the Privacy policy by Google: https://policies.google.com/privacy?hl=de.

Google Maps
This site uses the map service Google Maps via an API. The provider is Google Ireland Limited (‘Google’), Gordon House, Barrow Street, Dublin 4, Ireland.
To use the functions of Google Maps, it is necessary to save your IP address. This information is usually transmitted to a Google server in the USA and stored there. The provider of this site has no influence on this data transfer.
The use of Google Maps is in the interest of an appealing presentation of our online offers and to make it easy to find the places we have indicated on the website. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR.
You can find more information on the handling of user data in Google's privacy policy: https://policies.google.com/privacy?hl=de.

Google reCAPTCHA
We use ‘Google reCAPTCHA’ (hereinafter ‘reCAPTCHA’) on this website. The provider is Google Ireland Limited (‘Google’), Gordon House, Barrow Street, Dublin 4, Ireland.
The purpose of reCAPTCHA is to check whether data is entered on this website (e.g. in a contact form) by a human or by an automated programme. For this purpose, reCAPTCHA analyses the behaviour of the website visitor based on various characteristics. This analysis begins automatically as soon as the website visitor enters the website. For the analysis, reCAPTCHA evaluates various information (e.g. IP address, time spent on the website by the website visitor or mouse movements made by the user). The data collected during the analysis is forwarded to Google.
The reCAPTCHA analyses run completely in the background. Website visitors are not informed that an analysis is taking place.
Data processing is carried out on the basis of Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in protecting its website from abusive automated spying and SPAM.
For more information about Google reCAPTCHA, please refer to the Google Privacy Policy and the Google Terms of Use at the following links: https://policies.google.com/privacy?hl=de and https://policies.google.com/terms?hl=de.

Source: eRecht24
Integration of CentralPlanner / reservation form
This website uses the CentralPlanner reservation system to store and process your contact details for reservation enquiries. The provider is 42he GmbH, Marktstraße 10 - Building E8, 50968 Cologne, Germany (hereinafter referred to as ‘42he’). CentralPlanner is a service with which reservations can be organised and customers can be looked after. The data you enter for the purpose of contacting us is stored on CentralPlanner's servers in Germany.
Data analysis by CentralPlanner
With the help of CentralPlanner, we are able to better organise enquiries via our website and respond to them more quickly.
Legal basis
Data processing is based on your consent (Article 6(1)(a) GDPR).

Your rights
You have the following rights vis-à-vis us with regard to your personal data: - Right of access - Right to rectification or erasure - Right to restriction of processing - Right to object to processing - Right to data portability You also have the right to complain to a data protection supervisory authority about the processing of your personal data by us.
Objection to data processing
Of course, you can object to the processing of your personal data at any time. You can inform us of your objection using the following contact details:

Elisenbrunnen Gastronomie GmbH & Co. KG
Friedrich-Wilhelm- Platz 14 / D – 52062 Aachen
Chief Executive Officer: Dipl. Kfm. Jochen Zimmermann, Armin Geiger
Tel.: +49 (0) 241 99700282
E-Mail: info@eb-aachen.de

Storage period
The data you provide to 42he for the purpose of contacting us will be stored by 42he until it is deleted by us. For more information, please refer to CentralPlanner's privacy policy at: https://centralplanner.net/www/privacy.
Conclusion of a contract for commissioned data processing
We have concluded a contract with CentralPlanner in which we oblige CentralPlanner to protect our customers' data and not to pass it on to third parties. This contract can be viewed at the following link: https://centralplanner.de/avv