Privacy Policy

In the following, we provide information about the collection of personal data when using our website and in connection with your stay at the hotel. Personal data is all data that can be related to you personally, e.g. name, address, e-mail addresses, user behavior. We have taken extensive technical and operational precautions to protect your data from accidental or intentional manipulation, loss, destruction or access by unauthorized persons. Our security procedures are regularly reviewed and adapted to technological progress.

  1. Name and Address of the Person Responsible
    The controller within the meaning of the General Data Protection Regulation (GDPR) and other data protection regulations isHRG Hospitality B.V. & Co KG
    Hauptstraße 66
    12159 Berlin
    Berlin, Germany
    E-Mail: info@revo-h.com (You can contact our data protection officer at the above address with the addition “Data Protection Officer”)
  2. General Information on Data Processing
    Scope of the processing of personal data: We only process personal data of our users to the extent necessary to provide a functional website and our services connection with your hotel stay. The personal data is used exclusively within the framework of the statutory data protection regulations, such as the General Data Protection Regulation (“GDPR”), the Federal Data Protection Act (“BDSG”) and the Telecommunications Digital Services Act (TDDDG). Our employees and service providers are obliged to comply with data protection regulations.The legal basis for the processing of personal data may be in particular your consent pursuant to Art. 6 para. 1 sentence 1 lit. a) GDPR, if you have given your consent; the performance of a contract pursuant to Art. 6 para. 1 sentence 1 lit. b) GDPR, if the processing is necessary for the performance of a contract for the individual with the guest/participant; a legal obligation pursuant to Art. 6 para. 1 sentence 1 lit. c) GDPR, if the processing is necessary for compliance with a legal obligation, on the basis of vital interests pursuant to Art. 6 para. 1 sentence 1 lit. d) GDPR, if the processing is necessary for the protection of vital interests on the basis of legitimate interests pursuant to Art. 6 para. 1 sentence 1 lit. f) GDPR, if the processing is necessary to safeguard a legitimate interest of the company, unless the interests or fundamental rights of the data subjects prevail.In connection with the provision of the website and our services, various personal data are collected and processed, about which we would like to inform you below.
  3. Provision of the Website
    The website is hosted on servers of a service provider commissioned by us. The servers automatically collect and store information in so-called server log files, which your browser automatically transmits when you visit the website. The information stored is Browser type and browser version, Operating system used, Referrer URL, Website accessed by the user’s system via our website, Date and time of the server request, IP address.This data is not merged with other data sources. This data is collected on the basis of Art. 6 para. 1 sentence 1 lit. f) GDPR. The website operator has a legitimate interest in the technically error-free presentation and optimized operation of its website – the server log files must be recorded for this purpose. The website server is geographically located in Germany. As a result, no data is transferred to the USA and an appropriate level of data protection is guaranteed for data processing. We delete the data collected in this context after storage is no longer required, provided there are no statutory retention obligations. Further information on the processing of data by Kinsta Inc. can be found here: https://kinsta.com/legal/privacy-policy/
  4. Booking and Reservation as well as Payment Processing
    As part of our activities in connection with booking/reservation inquiries, various data required for the conclusion of the contract, such as first and last name, address and other contact data as well as payment data, may be processed. The legal basis is the conclusion and execution of a contract with you /your accompanying persons in accordance with Art. 6 para. 1 sentence 1 lit. b) GDPR. The data is stored for the duration of the contract and in accordance with legal obligations. Various payment service providers are used for payment processing, which are always identified and directly accept your entries and are therefore recipients of your personal data collected in connection with the payment process. The legal basis for the involvement of payment service providers is contract processing in accordance with Art. 6 para. 1 sentence 1 lit. b) GDPR. The storage for the purpose of payment takes place for the duration of the payment processing and in accordance with legal obligations.
  5. Contact form
    When you contact us by e-mail or via a contact form, the data you provide (your e-mail address and your name) will be stored by us in order to answer your questions. If we request information via our contact form that is not required to contact you, we have always marked this as optional. We use this information to specify your request and to improve the processing of your request. This information is provided expressly on a voluntary basis and with your consent, Art. 6 para. 1 sentence 1 lit. a) GDPR. If this involves information on communication channels (e.g. email address, telephone number), you also consent to us contacting you via this communication channel in order to respond to your request. You can of course withdraw your consent at any time with effect for the future.We delete the data arising in this context after storage is no longer required, unless there are statutory retention obligations.
  6. Hotel Accommodation, Guest Registration and Events
    As part of hotel accommodation and the registration of guests and at events, various personal data is collected from you and other guests/participants that is required in this context, such as first and last name, address, date of birth, nationality if applicable and other data required in connection with the execution of the accommodation and events in individual cases. The data processing is carried out on the basis of Art. 6 para. 1 sentence lit. b) GDPR for the fulfillment of the contract for your accommodation or the event and other services offered, including the processing of payments. The data is stored for the duration of the contract and in accordance with legal obligations. Processing is also carried out on the basis of Art. 6 para. 1 sentence lit. c) GDPR to fulfil legal obligations, in particular according to §§ 29f Federal Registration Act and Art. 6 para. 1 sentence lit. f) GDPR due to our legitimate interests in the provision and personalization of our services as well as the fulfilment of guest preferences within our group, in communication with you and in the fulfilment of our business purposes.This includes in particular activities in connection with: Bookings and reservations (including online bookings via third-party providers), check-in and check-out processes, communication with you including the processing of inquiries or complaints, invoicing and billing, guest services, fitness, wellness and leisure offers, the collection and transmission of registration data in accordance with the Federal Registration Act, security in our hotels (video surveillance, (video surveillance, documentation and processing of incidents), the provision of a personalized service, in particular agreements with other third-party providers on behalf of and in the name of the guests, the administration of other services and accesses offered in connection with the stay, such as access to WLAN, as well as the preparation and follow-up and the implementation of events. If you have given your consent within the meaning of Art. 6 para. 1 sentence 1 lit. a) GDPR, your personal data will be processed on the basis of this consent, which you can revoke at any time with effect for the future. We delete the data arising in connection with the above activities after storage is no longer required, unless there are statutory retention obligations.
  7. General Business Processes and Customer Service
    We may collect general information from you, such as your first and last name, address and contact details, as well as other information that arises in connection with our general business processes and customer service, such as the indication of personal preferences. Data processing is carried out on the basis of Art. 6 para. 1 sentence 1 lit. b) GDPR to fulfil the contract for your accommodation or the event and other services offered, including the processing of payments, and in accordance with Art. 6 para. 1 sentence 1 lit. f) GDPR due to our legitimate interests in the provision and personalization of our services and the fulfilment of guest preferences within our group, in communication with you and in the fulfilment of our business purposes. The data is stored for the duration of the contract and in accordance with legal obligations. This includes in particular Customer support, handling of complaints and inquiries, security measures, including in connection with fraud prevention, provision and improvement of our services and services as well as data processing in connection with corporate restructuring and transactions.If you have given your consent in accordance with Art. 6 para. 1 sentence 1 lit. a) GDPR, your personal data will be processed on the basis of this consent, which you can revoke at any time with effect for the future. We delete the data arising in this context after storage is no longer required, provided there are no statutory retention obligations.
  8. Voucher Store
    In the context of the voucher store, data is processed that is necessary to process the order. The data provided includes contact information, the name of the beneficiary and the giver, payment and general contract data. This includes in particular Booking processing and provision/transmission of the voucher. The data processing is carried out on the basis of Art. 6 para. 1 sentence 1 lit. b) GDPR for the fulfilment of the contract including the processing of payments as well as according to Art. 6 para. 1 sentence lit. f) GDPR due to our legitimate interests in the provision and personalization of our services as well as the fulfilment of guest preferences within the HR Group, in communication with you and in the fulfilment of our business purposes. We delete the data collected in this context after storage is no longer required, provided there are no statutory retention obligations.We delete the data arising in this context after storage is no longer required, unless there are statutory retention obligations.
  9. Emergency and Incident Management
    As part of emergency and incident management and activities in connection with compliance requirements, we collect general information such as first and last names, address and contact details as well as other information required in connection with the management of emergencies and incidents, such as specific information to describe a security incident to authorities. Data processing is carried out on the basis of Art. 6 para. 1 sentence 1 lit. b) GDPR for the performance of the contract, including contractual ancillary obligations, and in accordance with Art. 6 para. 1 sentence 1 lit. f) GDPR on the basis of our legitimate interests in the exercise of domiciliary rights, the protection of property and life and limb, the prevention and prosecution of criminal offenses and the preservation of evidence and the proper response to emergencies and incidents. This includes, in particular, the preservation of evidence and the management of emergencies and incidents, including communication with official bodies and aid organizations as well as medical service providers.We delete the data arising in this context after storage is no longer required, unless there are statutory retention obligations.
  10. Guest Services and Marketing
    As part of guest service and marketing, we collect general information such as first and last names, address and contact details as well as other information on inquiries and preferences that are required in this context. This includes in particular: communication about the programme and rewards offers as well as personalized service offers, the implementation of personalized service offers and services as well as the implementation of promotions and other campaigns, the implementation of customer loyalty programmes, customer communication, in particular about products and services, and the provision of personalized advertising and services. Data processing is carried out on the basis of Art. 6 para. 1 sentence 1 lit. b) GDPR for the performance of the contract and Art. 6 para. 1 sentence 1 lit. f) GDPR on the basis of our legitimate interests in the provision and personalization of our services and the fulfillment of guest preferences within the HR Group, in communication with you and in the fulfillment of our business purposes. If you have given your consent in accordance with Art. 6 para. 1 sentence 1 lit. a) GDPR, your personal data will be processed on the basis of this consent, which you can revoke at any time with effect for the future.We delete the data arising in this context after storage is no longer required, provided there are no statutory retention obligations.
  11. Newsletter
    General information: With your consent in accordance with Art. 6 para. 1 sentence 1 lit. a) GDPR, you can subscribe to our newsletter, which we use to inform you about our current offers.We use the so-called double opt-in procedure to subscribe to our newsletter. This means that after you have registered, we will send you an e-mail to the e-mail address you have provided in which we ask you to confirm that you wish to receive the newsletter. If you do not confirm your subscription to within 24 hours, your information will be blocked and automatically deleted after one month.In addition, we store the IP addresses you use and the times of registration and confirmation. The purpose of this procedure is to be able to prove your registration and, if necessary, to clarify any possible misuse of your personal data.The only mandatory information for sending the newsletter is your e-mail address. After your confirmation, we will save your e-mail address for the purpose of sending you the newsletter. The legal basis is Art. 6 para. 1 sentence 1 lit. a) GDPR.You can revoke your consent to the sending of the newsletter at any time and unsubscribe from the newsletter. You can declare your revocation by clicking on the link provided in every newsletter e-mail or by sending a contact request to the data protection officer specified above.Newsletter tracking: We would like to point out that we evaluate your user behavior when sending the newsletter. For this evaluation, the e-mails sent contain so-called web beacons or tracking pixels that are stored on our website. For the evaluations, we link the aforementioned data and the web beacons with your e-mail address and an individual ID.We use the data obtained in this way to create a user profile in order to tailor the newsletter to your individual interests. We record when you read our newsletters, which links you click on in them and deduce your personal interests from this. We link this data to the actions you take on our website.You can object to this tracking at any time by clicking on the separate link provided in each email. The information will be stored for as long as you are subscribed to the newsletter. After unsubscribing, we store the data purely statistically and anonymously.Such tracking is also not possible if you have deactivated the display of images in your e-mail program by default. In this case, the newsletter will not be displayed in full and you may not be able to use all the functions. If you display the images manually, the above-mentioned tracking will take place.
  12. Use of Company Presences in Social and Professional Networks
    We use the possibility of company appearances on social and professional networks for communication and the exchange of information with (potential) customers.Joint responsibility: As the operator of these pages, we are jointly responsible with the respective network operator within the meaning of Art. 4 No. 7 GDPR. As such, we have concluded the following data protection agreements. Due to the joint responsibility, we inform you with regard to Art. 26 GDPR about the essentials of the agreement existing between us and the network in the following:LinkedIn: LinkedIn Ireland Unlimited Company https://www.linkedin.com/help/linkedin/answer/a1338708
    Instagram: Meta Platforms Ireland Limited https://privacycenter.instagram.com/policy
    YouTube: Google Ireland Limited – Dublin, Ireland https://www.youtube.com/static?gl=DE&template=terms&hl=de
    Facebook: Meta Platforms Ireland Limited – Dublin, Ireland https://www.facebook.com/legal/terms/page_controller_addendum and here the general privacy policy: https://www.facebook.com/about/privacy/previous
    TikTok: TikTok Technology Limited – Dublin, Ireland https://ads.tiktok.com/i18n/official/policy/jurisdiction-specific-terms
    Xing: New Work SE – Hamburg, Germany https://recruiting-help.xing.com/hc/de/articles/8698364896913-Datenverarbeitung
    Pinterest: Pinterest Inc – San Francisco, USA https://business.pinterest.com/de/pinterest-advertising-services-agreement/germany/If you carry out an action on one of our company websites (e.g. comments, posts, likes, etc.), you may make personal data (e.g. real name or photo of your user profile) public. However, as we generally or to a large extent have no influence on the processing of your personal data by the companies jointly responsible for the corporate presence, we cannot provide any binding information on the purpose and scope of the processing of your data. Further information on objection and removal options vis-à-vis the providers of the social/professional networks can be found hereLinkedIn: https://de.linkedin.com/legal/privacy-policy
    YouTube: https://policies.google.com/privacy
    Facebook: https://www.facebook.com/privacy/policy/
    Instagram: https://privacycenter.instagram.com/policy
    TikTok: https://www.tiktok.com/legal/page/eea/privacy-policy/de
    Xing: https://privacy.xing.com/de/datenschutzerklaerung
    Pinterest: https://policy.pinterest.com/en-gb/privacy-policy
  13. Data Erasure and Storage Duration
    Personal data is deleted or blocked as soon as it is no longer required for the purposes for which it was collected and processed. Data will only be stored beyond this point if this is required by European or national law, for example if storage is necessary to fulfill a legal obligation or to assert, exercise or defend legal claims. Relevant legal obligations arise in particular in the area of tax and commercial law, but also from other laws.
  14. Data Recipient
    Personal data is only passed on to third parties for the purposes listed here. In addition, data may only be passed on to third parties if there is a legal basis for doing so.The legal basis for the disclosure of personal data may be in particular: Consent: Art. 6 para. 1 sentence 1 lit. a) GDPR, if you have given your express consent to the disclosure, Performance of contract: Art. 6 para. 1 sentence 1 lit. b) GDPR, if the processing is necessary for the performance of a contract with you, e.g. to credit institutions or external service providers for payment processing, Legal obligation: Art. 6 para. 1 sentence 1 lit. c) GDPR, if there is a legal obligation to disclose, Legitimate interest: Art. 6 para. 1 sentence 1 lit. f) GDPR, if the processing is necessary in the context of our legitimate interests, e.g. for the assertion, exercise or defense of legal claims and there is no legitimate interest on their part to prevent the transfer of data.If necessary, your personal data is processed by contracted service providers within the scope of order processing in accordance with Art. 28 GDPR. Insofar as external service providers come into contact with your personal data, we have taken legal, technical and organizational measures to ensure that they also comply with the applicable data protection regulations, protect your personal data appropriately and only use it to the extent necessary for the provision of these services for us. We use service providers who are active in the areas of marketing, the optimization of your user experience, the provision of the website and the functionalities stored there, the implementation of events, the execution of contracts and the services and services made available to you (e.g. bookings and payment processing), the provision of information technology and the infrastructure required for this, auditing and other services in connection with compliance with the legal requirements to which we are subject, as well as event management and travel events.An overview of the destinations has been set up on our website, via which you will be redirected to the individual websites of our franchise partners’ hotels. If you select a hotel, you will be redirected to the website of that hotel. No data is transmitted to any other recipient as a result of this forwarding.
  15. Transfer to Third Countries
    If data is transferred to recipients outside the European Economic Area (“EEA”), it is ensured that suitable guarantees such as an adequacy decision or approved standard contractual clauses are in place. If there is no decision by the European Union that a level of data protection comparable to that of the European Union exists in relation to a country or company to which your personal data is transferred (so-called adequacy decision), we or our contractual partner have concluded a separate contract or binding corporate rules that ensure this level of protection through additional measures and guarantees. In this way, the protection of your personal data is also contractually guaranteed in the event of a transfer to a third country.
  16. Your Rights
    You have the following rights vis-à-vis us with regard to your personal data: General Rights
    You have the right to information, rectification, erasure, restriction of processing, objection to processing and data portability. If processing is based on your consent, you have the right to withdraw this consent with effect for the future.
  17. Rights in Data Processing according to the Legitimate Interest
    In accordance with Art. 21 para. 1 GDPR, you have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you which is based on Art. 6 para. 1 sentence 1 lit. e) GDPR (data processing in the public interest) or on Art. 6 para. 1 sentence 1 lit. f) GDPR (data processing to safeguard a legitimate interest); this also applies to profiling based on this provision. If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves the establishment, exercise or defense of legal claims.Rights in Direct Advertising
    If we process your personal data for direct marketing purposes, you have the right under Art. 21 para. 2 GDPR to object at any time to the processing of personal data concerning you for such marketing, which includes profiling to the extent that it is related to such direct marketing.If you object to processing for the purposes of direct marketing, we will no longer process your personal data for these purposes. To exercise your rights, you can contact the controller using the contact details above.Right to lodge a Complaint with a Supervisory Authority
    You also have the right to complain to a competent data protection supervisory authority about the processing of your personal data by us.
  18. Changes to the Privacy Policy
    We reserve the right to amend or supplement this privacy policy at any time in compliance with the applicable data protection laws. If you have any questions, please contact us by e-mail: info@revo-h.com

Status: 03/2025