Privacy Policy
As a general rule, we do not collect any personal data such as name, address or e-mail address via our website unless you voluntarily provide such data to us, for example in connection with an enquiry, booking or order. However, each time a user accesses a page from the website of Hotel Victoria Theodor Schuler GmbH & Co. KG and each time a file is retrieved, data relating to this process is stored in a log file. In the following, we explain transparently what happens to the data collected and which security measures we have taken.
(The term guests refers to all accommodated persons, regardless of gender or sexual orientation.)
The following data record is stored for each access:
- name of the retrieved file
- date and time of access
- amount of data transferred
- page from which the file was requested (referrer URL)
- pages that you access on our website
- access status (file transferred, file not found, etc.)
- web browser and operating system used
- name of the service provider
- full IP address of the requesting computer
For reasons of technical security, in particular to protect our web servers against attempted attacks, we store this data. This data is not combined with other data sources. All data is finally and completely deleted after 180 days.
Further information can be found in the imprint.
1.1 Our website also serves as an information platform through which we would like to answer your enquiries. In order to make personal contact easier, you have the option of providing us with your name and e-mail address via our various contact forms.
1.2 If you place orders or bookings via our website or by other means, for example by telephone or e-mail, we generally process the personal data required to carry out the order or booking. This may include, in particular, name, address, requested delivery address, e-mail address, telephone number, booking data, order data, payment method and the data required for payment processing.
We make every effort to provide all purchasers and visitors to our website with excellent service. This also includes protecting your data. If you make an online booking via our websites, this is processed via the Internet Booking Engine / OnePageBooking of HotelNetSolutions GmbH, Genthiner Straße 8, 10785 Berlin, whose provider is our contractual partner. The payment methods available in each case are displayed during the booking process.
If you order a voucher via the voucher shop linked on our website, the contract for the voucher is concluded with Hotel Victoria Theodor Schuler GmbH & Co. KG. The technical provision and processing of the voucher shop is carried out via the voucher and webshop platform of Jolioo Technologies GmbH, FN 516119Z, Geidorfplatz 1, 8010 Graz, Austria. Jolioo processes the personal data required for the voucher order and fulfilment of the contract as part of the technical processing. This may include, in particular, name, address, e-mail address, telephone number, voucher and order data as well as the data required for payment processing. Depending on the selected payment method, you will be redirected to the respective payment service provider, in particular Nexi or PayPal, during the payment process.
All data entered by you is generally transmitted in encrypted form. The service providers used are obliged to take appropriate technical and organisational measures to protect your data.
2. Purposes for which we use your data
We use your personal data to enable you to visit our website (connection establishment) and to create anonymous usage statistics on the basis of the automatically transmitted data, which enable us to understand the use of our website and to tailor it more closely to needs and target groups.(1) In addition, the data is processed in order to answer your contact enquiries, carry out orders or bookings and align our services with your wishes. If necessary, we may also use your data to enforce our rights or the rights of third parties.(2)
We also use your personal data for advertising purposes, such as sending brochures.(3) With your consent, we use your data to send e-mail newsletters.(4)
3. Disclosure of your data to third parties
3.1 In connection with the processing of orders, bookings, voucher orders and payments, we transmit personal data to service providers who support us in carrying out the service, contract processing and payment processing. This particularly concerns providers of booking, voucher and webshop systems, payment services, credit card processing services as well as digital payment methods and wallets, insofar as the data transmission is necessary for processing the booking, order or payment.
For online bookings, we use the Internet Booking Engine / OnePageBooking of HotelNetSolutions GmbH, Genthiner Straße 8, 10785 Berlin. For voucher orders, we use the voucher and webshop platform of Jolioo Technologies GmbH, FN 516119Z, Geidorfplatz 1, 8010 Graz, Austria.
For payment processing, we work in particular with the following companies: Nexi Germany GmbH, Helfmann-Park 7, 65760 Eschborn (including for Visa, Mastercard, Diners Club, Discover, JCB, UnionPay, Maestro, V PAY, girocard and contactless payments), American Express International Inc. NL Deutschland, Theodor-Heuss-Allee 112, 60486 Frankfurt am Main, Germany (for American Express), PayPal (Europe) S.à r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg (for PayPal), Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (for Google Pay), and Apple Distribution International Limited, Hollyhill Industrial Estate, Hollyhill, Cork, Ireland (for Apple Pay).
When selecting a corresponding payment method, the data required for payment processing is transmitted to the respective payment service provider. This may include, in particular, name, booking, order and invoice data, payment amount, payment method, transaction data, technical data and, depending on the payment method, further data required for payment verification or fraud prevention. The processing is carried out for the purpose of payment processing, contract fulfilment and fraud prevention.
3.2 If you subscribe to our newsletter, the data you provide, such as your e-mail address and, if applicable, title and name, will be transmitted to our service provider Sendinblue GmbH, Köpenicker Straße 126, 10179 Berlin, Germany, for the purpose of sending newsletters, provided that you have given your consent. You may withdraw your consent at any time.
3.3 Our website uses the communication services of DialogShift GmbH, Torstr. 201, 10115 Berlin, Germany. These include a chat application, e-mail communication and telephone communication. The applications process and store data for the purpose of web analysis, operating the communication services and answering enquiries.
For the operation of the chat function, the chat texts are stored and a cookie with a unique ID is set; this is used to recognise you as a customer. In e-mail and telephone communication, the communication content is also temporarily stored in order to ensure efficient processing of your enquiries.
A cookie is a small text file that is stored locally in the cache on your device. With the help of this cookie, our application recognises the device and can retrieve previous chat logs. This cookie is stored in Germany for 90 days since its last use. You can disable the storage of cookies in your browser settings. However, the chat function cannot be executed without the use of cookies. The possible disclosure of, for example, name, e-mail address or telephone number is voluntary and with your consent to temporarily use and store this data for the purpose of contacting you until the contact has ended.
This personal data is deleted after 90 days. When using the Journey Messaging Service, your contact details may also be used to transmit travel-related information, such as check-in information, provided that you have consented to this.
The legal basis for data processing is Art. 6 para. 1 lit. a GDPR, Section 25 para. 1 TTDSG, based on your consent. DialogShift provides further information on the collection and use of data as well as your rights and options for protecting your privacy at www.dialogshift.com/datenschutz.
4. Cookies, etc.
4.1 Cookies
Our websites use so-called cookies in several places. They serve to make our offer more user-friendly, effective and secure. Cookies are small text files that are placed on your computer and stored by your browser. These cookies enable us to analyse how users use our websites. This allows us to design the website content according to visitors’ needs. Cookies also enable us to measure the effectiveness of a specific advertisement and place it, for example, depending on users’ thematic interests. Most of the cookies we use are so-called “session cookies”. These are automatically deleted after your visit. Cookies do not cause any damage to your computer and do not contain viruses. Most web browsers accept cookies automatically. However, you generally have the option of changing your browser settings if you prefer not to transmit this information.
4.2 Use of Google Analytics
4.2.1 This website uses Google Analytics, a web analytics service provided by Google LLC (“Google”). Google Analytics uses so-called “cookies”, text files that are stored on your computer and enable an analysis of the use of the website. The information generated by the cookie about your use of this website is usually transmitted to and stored on a Google server. This website uses Google Analytics with activated IP anonymisation. Therefore, your IP address is shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area beforehand. Only in exceptional cases is the full IP address transmitted to a Google server and shortened there. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, compile reports on website activities and provide further services relating to website use and internet use to the website operator. The IP address transmitted by your browser within the scope of Google Analytics is not merged with other Google data.
Google Analytics cookies are stored on the basis of your consent, insofar as such consent is required. You can adjust your cookie settings at any time using the corresponding link on this page. You can also prevent the storage of cookies by selecting the appropriate settings in your browser software; however, please note that in this case you may not be able to use all functions of this website to their full extent. In addition, you can object to the collection of the data generated by the cookie and related to your use of the website as well as to the processing of this data by Google for the future by downloading and installing the browser plugin available at the following link: https://tools.google.com/dlpage/gaoptout?hl=en.
4.2.2 More information on how Google Analytics handles user data can be found in Google’s privacy policy: https://support.google.com/analytics/answer/6004245?hl=en.
4.2.3 We have concluded a data processing agreement with Google and implement the data protection requirements accordingly when using Google Analytics.
4.3 Use of Google Ads Conversion Tracking
We use Google Ads Conversion Tracking. Google Ads Conversion Tracking is an analytics service provided by Google. When you click on an advertisement placed by Google, a cookie for conversion tracking may be stored on your device. These cookies lose their validity after a certain period of time, do not contain directly personal data and are not used for personal identification.
If you visit certain pages of our website and the cookie has not yet expired, Google and we can recognise that you clicked on an advertisement and were redirected to this page. Each Google Ads customer receives a different cookie. This means that cookies cannot be tracked by us across the websites of Google Ads customers.
The information obtained using the conversion cookie is used to create conversion statistics for Google Ads customers who have opted for conversion tracking. Customers are informed of the total number of users who clicked on their advertisement and were redirected to a page provided with a conversion tracking tag. However, they do not receive any information that can personally identify users.
If you do not wish to participate in tracking, you can object to this use by preventing the installation of cookies through an appropriate setting in your browser software or by adjusting your cookie settings on this page accordingly. You will then not be included in the conversion tracking statistics. Further information on Google Ads and data processing by Google can be found at: https://www.google.com/policies/technologies/ads/ and https://policies.google.com/privacy?hl=en.
4.4 Google Tag Manager
This website uses Google Tag Manager. Google Tag Manager is a solution that allows website tags to be managed via an interface. The Google Tag Manager tool itself, which implements the tags, is a cookieless domain and, according to Google, does not collect any personal data. The tool triggers other tags, which may themselves collect data under certain circumstances. Google Tag Manager does not access this data. If deactivation has been carried out at domain or cookie level, it remains in place for all tracking tags implemented with Google Tag Manager.
4.5 Use of YouTube
Videos from YouTube are embedded on our website. YouTube is operated by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Insofar as data is transferred to the USA, it may also be transferred to Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
On some of our web pages, we use plugins or embedded content from YouTube. When you access pages of our website that contain such a plugin, a connection to YouTube servers may be established and the plugin displayed. This may transmit to YouTube which of our web pages you have visited. If you are logged into your YouTube or Google account, YouTube may assign this information to your personal user account. When using the plugin, for example by clicking the start button of a video, this information may also be assigned to your user account. You can prevent this assignment by logging out of your YouTube or Google account before using our website and deleting the corresponding cookies.
Further information on data processing and privacy notices by YouTube or Google can be found at https://policies.google.com/privacy?hl=en.
4.6 Use of Facebook Pixel
Our website uses the visitor action pixel of Meta Platforms Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (“Facebook” or “Meta”) for conversion measurement.
This allows the behaviour of website visitors to be tracked after they have been redirected to our website by clicking on a Facebook advertisement. This enables the effectiveness of Facebook advertisements to be evaluated for statistical and market research purposes and future advertising measures to be optimised.
The data collected is anonymous for us as the operator of this website; we cannot draw any conclusions about the identity of users. However, the data is stored and processed by Meta, so that a connection to the respective user profile is possible and Meta can use the data for its own advertising purposes in accordance with Meta’s privacy policy. This enables Meta to display advertisements on Facebook pages and outside Facebook. We as the website operator cannot influence this use of the data.
Further information on protecting your privacy can be found in Meta’s privacy policy: https://www.facebook.com/about/privacy/.
You can also deactivate the “Custom Audiences” remarketing function in the ad settings at https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen. To do so, you must be logged in to Facebook.
If you do not have a Facebook account, you can deactivate usage-based advertising from Meta/Facebook on the website of the European Interactive Digital Advertising Alliance: https://www.youronlinechoices.com/uk/your-ad-choices/.
5. Retention of data
We store personal data only for as long as is necessary to provide the services requested by you or to comply with statutory retention periods.
5.1 Data collected when browsing our website and which may legally be considered personal data, such as the full IP address, is stored for a period of 180 days, unless an exceptional incident, such as a hacker attack, requires a longer storage period.
5.2 Personal data generated in connection with a booking, order or voucher order is stored for a maximum of 10 years, insofar as statutory retention obligations apply. If you subscribe to a newsletter, we store the corresponding data at least until you unsubscribe.
5.3 Non-personal data may be stored permanently.
6. Information on the controller and data protection officer:
The controller responsible for data processing on this website is:
Hotel Victoria Theodor Schuler GmbH & Co. KG
Königstraße 80
90402 Nuremberg
Germany
Phone: +49 911 24050
E-mail: dsgvo@hotelvictoria.de
The controller is the natural or legal person who, alone or jointly with others, determines the purposes and means of the processing of personal data, such as names or e-mail addresses.
In addition, we have appointed an external data protection officer for our company:
DataCo GmbH, Nymphenburger Straße 65, 80636 Munich, Germany
7. Your rights
7.1 To view, delete, update or restrict your personal data that we have collected via our website or otherwise, you may contact us at any time by e-mail or telephone. You can find our contact details at the end of this policy and in the imprint. The same applies if you have further questions about the data we have stored about you or its use.
7.2 If you request the deletion of your data, it will be removed from our systems without undue delay, unless we are required to continue storing your data, for example due to tax or commercial law retention obligations. In such a case, we will ensure that your data is blocked for other purposes.
7.3 In addition, you may contact us at any time and object, in justified cases, to the processing of personal data concerning you. This applies in particular to the collection of your data for statistical recording of the use of our website and for advertising purposes.
7.4 If you have consented to the use of your personal data for advertising purposes, you may withdraw your consent at any time with effect for the future.
8. Links to other websites
Our website contains links to websites operated by third parties, including social networks such as Facebook, X or Pinterest. This privacy policy does not apply to the collection, processing and use of personal data by such third parties. Please note that we cannot accept responsibility for the content of external websites or for compliance with data protection requirements on those websites. We have no influence over the content. Therefore, no guarantee or liability can be assumed for such content. We therefore recommend that you check the privacy provisions on those websites. The linked pages were checked for possible legal violations and recognisable infringements at the time of linking. No unlawful content was recognisable at the time of checking. Permanent monitoring of the content is not reasonable without concrete indications of a legal infringement. If we become aware of any legal infringements, such links will be removed immediately.
9. Security
For security reasons and to protect the transmission of confidential content, such as orders, bookings or enquiries that you send to us as the website operator, this site uses SSL or TLS encryption. You can recognise an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line.
If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.
10. Changes to this privacy policy
This privacy policy may be updated at regular intervals. We will update the date indicated accordingly and recommend that you keep yourself informed about any changes we may make by visiting the following link: https://www.hotelvictoria.de/en/contact/privacy-policy.
11. Contact
If you have any questions about this privacy policy or about our use of personal data, you may contact us at any time in writing or by e-mail (book@hotelvictoria.de). You also have the option of contacting the competent data protection supervisory authority directly. For Hotel Victoria, this is the Bavarian State Office for Data Protection Supervision: www.lda.bayern.de/de/index.html.
Date of last update: 15 May 2026
1) The legal basis is Art. 6 para. 1 lit. f) GDPR.
2) The legal basis is Art. 6 para. 1 lit. f) GDPR.
3) The legal basis is Art. 6 para. 1 lit. f) GDPR.
4) The legal basis is Art. 6 para. 1 lit. a) GDPR.