Data Protection - Humans of Hospitality
- Home
- Data Protection
We appreciate your interest in our company. The protection of your personal data is very important to us. Below, we inform you in accordance with Art. 13 of the GDPR about the processing of your personal data when you visit our website.
Controller in the sense of GDPR
Studio 49 Hospitality GmbH
Lindower Strasse 18
13347 Berlin
E-Mail: hello@humans-of-hospitality.com
Purposes of Data Processing
We process personal data of website visitors only to the extent necessary to provide a functional website and our content and services.
Legal Basis for Processing
Processing is carried out on the following legal bases:
• Art. 6(1)(a) GDPR – Consent (e.g., for cookies or contact forms),
• Art. 6(1)(b) GDPR – Performance of a contract or pre-contractual measures,
• Art. 6(1)(c) GDPR – Legal obligation,
• Art. 6(1)(f) GDPR – Legitimate interest in the secure and efficient operation of our website and services.
Collection and Storage of Personal Data and Nature and Purpose of Use
When visiting the website:
When you access our website, the browser automatically transmits the following data to our server, which is temporarily stored in a log file:
• IP address of the requesting device,
• Date and time of access,
• Name and URL of the accessed file,
• Referrer URL (previously visited site),
• Browser used and, if applicable, your operating system.
These data are processed for the following purposes:
• Ensuring a smooth connection,
• Ensuring comfortable use of the website,
• Evaluating system security and stability.
SSL or TLS Encryption
For security reasons and to protect the transmission of confidential content, such as contact form inquiries, this website uses SSL or TLS encryption. You can recognize an encrypted connection by the “https” in your browser’s address bar and the lock icon.
Use of Cookies and Consent Management
Our website uses cookies. Some are technically necessary, others serve statistical or marketing purposes.
We use a consent management tool that asks for your permission when you first visit the site. Consent is voluntary and can be withdrawn or changed at any time.
Legal basis: Art. 6(1)(a) GDPR in conjunction with § 25(1) TTDSG (for consent), Art. 6(1)(f) GDPR (for necessary cookies).
Third Parties and Data Sharing
We use the following third-party providers for analytics and marketing purposes:
Zoho CRM
Service provider: Zoho Corporation GmbH, Trinkausstraße 7, 40213 Düsseldorf, Germany.
Contracting entity under applicable German law; the processing is based on a Data Processing Agreement in accordance with Art. 28 GDPR and EU Standard Contractual Clauses (SCCs). The legal jurisdiction is Germany (Düsseldorf).
For more information, please visit: https://www.zoho.com/privacy.html
Privacy Policy Regarding the Use of Brevo (formerly Sendinblue)
We use the email marketing service Brevo, operated by Brevo SAS, 18 rue d’Antin, 75002 Paris, France. Brevo helps us send and analyze newsletters and other marketing emails.
Brevo processes personal data such as email address, name, and usage data of the emails. The data processing is based on Art. 6(1)(f) GDPR (legitimate interest) or Art. 6(1)(a) GDPR (consent), if consent has been given.
A data processing agreement (DPA) has been concluded with Brevo to ensure an adequate level of data protection. Further information on data protection at Brevo can be found here: https://www.brevo.com/en/privacy/.
Data subjects can revoke their consent to receive newsletters at any time, for example via an unsubscribe link in the emails.
Data Retention
We retain personal data only as long as necessary for the respective purpose:
• Contact inquiries: up to 6 months,
• Contract-related data (e.g., invoices): 6 to 10 years in accordance with commercial and tax law,
• Job applications: up to 6 months after the recruitment process ends.
Your Rights as a Data Subject
Under the GDPR, you have the following rights:
• Right to access (Art. 15 GDPR),
• Right to rectification (Art. 16 GDPR),
• Right to erasure (Art. 17 GDPR),
• Right to restriction of processing (Art. 18 GDPR),
• Right to data portability (Art. 20 GDPR),
• Right to object to processing (Art. 21 GDPR),
• Right to withdraw consent at any time (Art. 7(3) GDPR).
To exercise your rights, please contact us using the details provided above.
Right to Lodge a Complaint with a Supervisory Authority
You have the right to lodge a complaint with a supervisory authority if you believe the processing of your personal data violates the GDPR. The authority responsible for us is:
Berlin Commissioner for Data Protection and Freedom of Information
Alt-Moabit 59–61
10555 Berlin, Germany
Phone: +49 30 13889-0
Email: mailbox@datenschutz-berlin.de
Website: https://www.datenschutz-berlin.de
