Privacy Policy

The following information explains the collection of personal data when using our website and in connection with your stay at the hotel. Personal data includes all data that can be related to you personally, e.g., name, address, email addresses, user behavior. We have implemented extensive technical and organizational security measures to protect your data from accidental or intentional manipulation, loss, destruction, or unauthorized access. Our security procedures are regularly reviewed and adapted to technological developments.

  1. Name and Address of the Controller

    The controller under the General Data Protection Regulation (GDPR) and other data protection laws is:

    HRG Hospitality B.V. & Co. KG
    Hauptstraße 66
    12159 Berlin
    Berlin, Germany

    Email:
    info@revo-h.com

    You can reach our Data Protection Officer at the above address using the addition “Data Protection Officer”.

  2. General Information on Data Processing

    We process the personal data of our users only to the extent necessary to provide a functional website and our services in connection with your hotel stay. Personal data is used exclusively within the legal framework, such as the GDPR, the Federal Data Protection Act (BDSG), and the Telecommunications-Digital-Services Act (TDDDG). Our employees and service providers are obligated to comply with data protection regulations.

    The legal basis may include: consent under Art. 6(1)(a) GDPR; contract fulfilment under Art. 6(1)(b) GDPR; legal obligations under Art. 6(1)(c) GDPR; vital interests under Art. 6(1)(d) GDPR; or legitimate interests under Art. 6(1)(f) GDPR.

    In connection with the provision of the website and our services, various personal data are collected and further processed, which we describe below.

  3. Provision of the Website

    The website is hosted on servers by a contracted service provider. The servers automatically collect and store information in server log files transmitted by your browser: browser type/version, operating system, referrer URL, pages visited, date and time, IP address.

    These data are not merged with other sources. Processing is based on Art. 6(1)(f) GDPR due to our legitimate interest in technically error-free presentation and optimized operation of the website.

    Server location is Germany—no data is transferred to the USA, ensuring adequate data protection.

    Further information can be found at:

    Kinsta Inc. Privacy Policy


  4. Booking, Reservation, and Payment Processing

    During booking/reservation processes, necessary personal data such as name, address, contact data and payment information are processed under Art. 6(1)(b) GDPR. Data is stored for the duration of the contract and legal obligations.

    Payment processing is performed by third-party service providers who receive your data directly. Data is stored as long as necessary for payment and as required by law.

  5. Contact Form

    When contacting us via email or contact form, your data (name, email address) is stored to answer your inquiry. Optional fields are marked as such. Processing is based on your consent (Art. 6(1)(a) GDPR), which you may withdraw at any time.

    Data is deleted when no longer required, provided no legal retention obligations exist.

  6. Hotel Stays, Guest Registration, and Events

    Personal data such as name, address, date of birth, nationality, and other necessary information are collected and processed under Art. 6(1)(b) GDPR and Art. 6(1)(c) GDPR (legal obligations incl. Federal Registration Act).

    Processing also occurs under Art. 6(1)(f) GDPR for service personalization, guest preferences, communication, billing, security, check-in/out, booking, event processing, video surveillance, etc.

    If consent is given (Art. 6(1)(a) GDPR), processing is based on this consent.

  7. General Business Operations and Customer Support

    Personal data may be processed under Art. 6(1)(b) GDPR and Art. 6(1)(f) GDPR for customer care, communication, security (fraud prevention), service improvement, complaints, inquiries, restructuring and transactions.

    Consent can be withdrawn at any time.

  8. Voucher Shop

    Data necessary for order processing (contact details, recipient information, payment data) are processed under Art. 6(1)(b) GDPR and Art. 6(1)(f) GDPR. Data is deleted when no longer required.

  9. Emergency and Incident Management

    Personal data may be collected in connection with safety incidents, emergency situations, compliance requirements. Processing is based on Art. 6(1)(b) GDPR and Art. 6(1)(f) GDPR.

  10. Guest Services and Marketing

    Data for communication, promotions, loyalty programs, personalized offers, and advertising are processed under Art. 6(1)(b) GDPR and Art. 6(1)(f) GDPR; if consent is provided, under Art. 6(1)(a) GDPR.

  11. Newsletter

    Newsletter subscription uses a double-opt-in process. Required data is your email address. Processing is based on consent (Art. 6(1)(a) GDPR).

    Tracking (web beacons, pixels) may be used unless image display is disabled in your email program. Consent may be withdrawn anytime.

  12. Use of Corporate Profiles on Social and Professional Networks

    Joint controllership exists with platforms such as LinkedIn, Meta (Facebook/Instagram), YouTube, TikTok, Xing, Pinterest.

    Platform-specific privacy policies:
    LinkedIn:
    https://www.linkedin.com/help/linkedin/answer/a1338708
    Instagram:
    https://privacycenter.instagram.com/policy
    YouTube:
    YouTube Terms
    Facebook:
    Page Controller Addendum
    TikTok:
    TikTok Policy
    Xing:
    Xing Data Processing
    Pinterest:
    Pinterest DE

    Additional policies for objection and removal options follow on the platforms.

  13. Data Deletion and Storage Duration

    Personal data is deleted when no longer required unless legal retention obligations require extended storage.

  14. Data Recipients

    Personal data is shared only when legally permitted (consent, contract, legal obligation, legitimate interest). Service providers are bound by Art. 28 GDPR.

  15. Transfer to Third Countries

    Transfers outside the EEA occur only with appropriate safeguards, such as adequacy decisions, standard contractual clauses, or equivalent protective measures.

  16. Your Rights

    You have the right to access, rectification, deletion, restriction, data portability, and objection. You may withdraw consent at any time.

  17. Rights in the Case of Legitimate Interest Processing

    Under Art. 21(1) GDPR, you may object at any time to processing based on legitimate interest.

    Direct Marketing Rights:
    Under Art. 21(2) GDPR, you may object anytime to processing for direct marketing purposes.

  18. Changes to This Privacy Policy

    We reserve the right to amend this policy at any time in compliance with applicable data protection laws.
    Questions may be addressed to:
    info@revo-h.com

Effective: 03/2025