The protection of your personal data is our top priority. This principle applies to our Internet offer as well as to our conventional services. We would therefore like to inform you at this point about the collection of personal data when using our website. Personal data is all data that can be related to you personally, e.g. Name, address, email addresses, user behavior.

Name and contact details of the responsible body;

  1. This data protection information applies to data processing by:
VILLA ZUR ERHOLUNG – Bed & Breakfast Caro Schmitz-Avila, owner Koblenzerstraße 41 53498 Bad Breisig Tel: +49 (0) 171 933 7155 Email:

Your Rights

  1. You have the following rights towards us in relation to your personal data:
  • Right to information (Article 15 GDPR)
  • Right to rectification (Article 16 GDPR)
  • Right to erasure, unless processing is necessary to exercise the right to freedom of expression and information, to fulfill a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims (Art. 17 DS-GVO )
  • Right to restriction of processing (Article 18 GDPR)
  • Right to data portability (Art. 20 GDPR)
  • Right to object to the data collected in accordance with Article 6 Paragraph 1 Clause 1 Letter e or f GDPR (Article 21 GDPR)
  • Right to revoke your consent if the processing is based on Article 6(1)(a) or Article 9(2)(a) GDPR. As a result, we are no longer allowed to continue the data processing based on this consent for the future (Art. 7 Para. 3 DS-GVO).
  • Right to lodge a complaint with the supervisory authority (Article 77 GDPR)
    1. If you want to make use of your right of revocation or objection, an e-mail to is sufficient
    2. If you wish to exercise your right to lodge a complaint, please contact the responsible supervisory authority for Rhineland-Palatinate:
State Commissioner for Data Protection and Freedom of Information Rhineland-Palatinate Hintere Bleiche 34 55116 Mainz Telephone: +49 (0) 6131 8920-0 Fax: +49 (0) 6131 8920-299 Email: poststelle(at)

Collection of personal data when visiting our website

  1. If you use the website for informational purposes only, your browser automatically forwards personal data to the server we use. This information is stored in a so-called log file for a maximum of eight weeks. If you want to view our website, we collect the following data:
  • Internet protocol address (“IP address”)
  • Date and time of request
  • Time zone difference to Coordinated Universal Time (UTC)
  • Request content (specific page)
  • Access Status/HTTP Status Code
  • Amount of data transferred in each case
  • Website the request is coming from
  • browsers
  • Operating system and its interface
  • Language and version of browser software
  1. The data is collected by the external service provider Raidboxes GmbH, Friedrich-Ebert-Straße 7, 48153 Münster. The external service provider is used in the interest of a secure, fast and efficient provision of our online offer by a professional provider. The external service provider will only process your data to the extent that this is necessary to fulfill its performance obligations and will follow our instructions in relation to this data. Further information on terms of use and data protection can be found at Privacy Policy «RAIDBOXES.
  2. The data is collected for the purpose of ensuring a smooth connection setup, convenient use and evaluating system security and stability as well as other administrative purposes.
  3. The legal basis for collecting this data is Art. 6 (1) sentence 1 lit. f GDPR.
Order processing We have concluded an order processing contract (AVV) for the use of the above-mentioned service. This is a contract required by data protection law, which ensures that the personal data of our website visitors is only processed according to our instructions and in compliance with the GDPR.

Contact form, email, phone – inquiry

  1. For inquiries, we offer you the option of using our contact form on the website, or contacting us by email or telephone. We request the following data via the contact form:
  • First and last name
  • Email address
  • phone number
  • Request
We only use your e-mail address and telephone number to correspond with you. Further information can be provided voluntarily in the e-mail or in the telephone call. This data is processed exclusively to process your request.
  1. The legal basis for the collection and processing of this data is your consent in accordance with Article 6 Paragraph 1 Clause 1 Letter a GDPR.
  2. We delete the data arising in this context after the storage is no longer necessary, or restrict the processing if there are statutory storage obligations. You can revoke your consent at any time by sending an email to

Booking system (PMS) – easybooking

  1. We use the booking mask from “” from zadego GmbH:
zadego GmbH Tschamlerstrasse 4 6020 Innsbruck Austria In order to be able to process your inquiry or booking, it is necessary for the data you have given the person responsible to be processed. As a landlord, we collect and store the following data as mandatory information from you:
  • First Name
  • last name
  • home address
  • phone number
  • Mobile phone number
  • Email address
  • Payment information (bank details, credit card information)
  1. The legal basis for the collection and processing of this data is your consent in accordance with Article 6 Paragraph 1 Clause 1 Letter a GDPR.
Order processing We have concluded an order processing contract (AVV) for the use of the above-mentioned service. This is a contract required by data protection law, which ensures that the personal data of our website visitors is only processed according to our instructions and in compliance with the GDPR. Further information on terms of use and data protection can be found under privacy policy « easybooking.

Use of cookies

  1. Cookies are small amounts of data that enable us to store specific, user-related information on your device while you visit our website. Cookies help us to determine the frequency of use and the number of users of our website and to make our offers as convenient and efficient as possible for you.
  2. We use so-called “session cookies” and “permanent cookies”. Session cookies are cached exclusively for the duration of your use of our website. These are stored on your data carrier to ensure certain settings and functionalities of our website via your browser. A randomly generated unique identification number, a so-called session ID, is stored in a session cookie. A cookie also contains information about its origin and the storage period. These cookies cannot store any other data. The session cookies we use are deleted after the end of the browser session, i.e. after closing your browser. Unlike the “session cookies”, the permanent cookies can also be read by other servers and are not deleted at the end of the browser session.
  3. We have compiled the cookies used by this website in our cookie policy:
  1. The legal basis for the collection of the data mentioned via necessary and functional cookies is our legitimate interest in accordance with Article 6 (1) sentence 1 lit. f GDPR. Unless your consent has been obtained pursuant to Article 6 Paragraph 1 Clause 1 Letter a GDPR, the legal basis for the collection of data by means of marketing, statistical or external cookies is our legitimate interest pursuant to Article 6 Paragraph 1 p. 1 lit. f GDPR.
  2. On your first visit to our website or if necessary again, we ask whether you are comfortable with the storage of cookies on your device and the use of analysis and marketing tools for the collection, sharing and use of personal data for the personalization of advertising or other services. This query is made via a so-called cookie banner. If you click on “Agree”, you consent to this. If you do not click on “Agree”, no cookies will be set and no pseudonymous usage profiles will be created.
  3. You can choose whether to allow cookies. Changes to this can be made here: or in your browser settings. By changing your browser settings (usually under “Options” or “Settings” in the browser menus), you have the choice to accept all cookies, to be informed when a cookie is set, or to reject all cookies. Alternatively, you can permanently deactivate personalized advertising and the associated cookies by installing a plug-in in your Firefox, Internet Explorer or Google Chrome browser under the link If you decide not to accept our cookies, the functionality of our pages may be reduced and some services may not work can be claimed. We ask for your understanding.

Borlabs Cookie

  1. This website uses Borlabs Cookie, which sets a technically necessary cookie (borlabs cookie) to save your cookie consent.
  2. Borlabs Cookie does not process any personal data.
  3. The borlabs cookie stores the consent you gave when you entered the website. If you would like to revoke this consent, simply delete the cookie in your browser. If you re-enter/reload the website, you will be asked again for your cookie consent.

Google Fonts

  1. This page uses so-called Google Fonts, which are provided by Google, for the uniform display of fonts. The Google Fonts are installed locally. There is no connection to Google servers. You can find more information about Google Fonts at and in the privacy policy of Google:
  2. If your browser does not support fonts, a standard font will be used by your computer.

Ninja Firewall

  1. We have included Ninja Firewall on this website. The provider is NinTechNet Limited, Unit 1603, 16th Floor, The L. Plaza 367 – 375 Queen’s Road Central Sheung Wan, Hong Kong (following NinjaFirewall).
  2. Ninja Firewall is used to protect our website from unwanted access or malicious cyber attacks. For this purpose, Ninja Firewall collects IP address, request, referrer and time of page access. Ninja Firewall is integrated on our own servers and does not transmit any personal data to the provider of the tool or other third parties. We have activated IP anonymization on Ninja Firewall so that the tool only collects the IP address in an abbreviated form.
  3. Ninja Firewall is used on the basis of Article 6 (1) (f) GDPR. The website operator has a legitimate interest in protecting its website from cyber attacks as effectively as possible.

Disclosure to Third Parties

  1. There will be no transfer of your personal data to third parties that have not already been expressly mentioned in this data protection declaration for purposes other than those listed below.
  2. We only share your personal information with third parties if:
    • You have given your express consent to this in accordance with Article 6 (1) sentence 1 lit. a GDPR
    • the transfer according to Article 6 Paragraph 1 Sentence 1 lit. f GDPR is necessary to assert, exercise or defend legal claims and there is no reason to assume that you have an overriding legitimate interest in not disclosing your data
    • in the event that there is a legal obligation to pass it on in accordance with Article 6 (1) sentence 1 lit. c GDPR, and
    • this is legally permissible and required for the processing of contractual relationships with you in accordance with Art. 6 (1) sentence 1 lit. b GDPR

Data Security

  1. When you visit our website, we use the widespread SSL (Secure Socket Layer) method in conjunction with the highest level of encryption supported by your browser. This is usually a 256-bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead. You can tell whether an individual page of our website is being transmitted in encrypted form by the closed representation of the key or lock symbol in the lower status bar of your browser.
  2. We also use appropriate technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or against unauthorized access by third parties. Our security measures are continuously improved in line with technological developments.