Menu opener
Country and language
Country
Other countries
Language
English
Currency
EUR
  1. B&B HOTELS
  2. Privacy policy - Liechtenstein
BackYour staySelect your dates to see availabilitiesChange datesSelect rooms and travelersClose
Select your dates to see availabilities
Please fill in the destination field
There are no suggestions
Allow geolocation in your browser settings, or type the destination
Please select period of 20 days max
Start date cannot be set in the past.

Please select period of 20 days maxStart date cannot be set in the past.

From
To
Clear dates
Rooms
-+
+ Add another roomValidate
Discount code
Valid Breakfast voucher to be added at checkout
Add discount code
  • Destination
  • FromTo
    FromTo
  • 1 room, 1 adult
  • 1 room, 1 guest

Privacy policy - Liechtenstein

Status: August 2025

Preamble

In the course of our business activities, we process personal data of visitors to our websites, users of our app, hotel guests, participants in our loyalty programs, prospective customers, service providers, and other business partners.

These data protection notices are aimed at users, guests, and future guests (hereinafter "you") in connection with (i) visiting the website https://www.hotel-bb.com/de (hereinafter "Website") and the B&B HOTELS mobile application (hereinafter "App") as well as the channels on social media platforms in German, (ii) participation in one of our loyalty programs, and (iii) a stay at a hotel in Liechtenstein.

Its purpose is to inform you, in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (hereinafter the "General Data Protection Regulation" or "GDPR"), as well as the Liechtenstein Data Protection Act (DSG) and the Liechtenstein Data Protection Ordinance (DSV), how your personal data is processed via our Website, App, and social media channels, and particularly in connection with accommodation in one of our hotels and with our loyalty programs. In the following sections, we refer to the relevant articles of the GDPR.

The protection of your personal data is a top priority for the companies of the B&B HOTELS Group. Therefore, the B&B HOTELS Group companies are committed to processing this data in strict compliance with the General Data Protection Regulation and other applicable data protection laws.

 

1. Definitions

App means the B&B HOTELS mobile application available in iOS and Android versions.
Controller is the natural or legal person, public authority, agency, or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.
Website is the website accessible at the URL address https://www.hotel-bb.com/de.
User means any person who accesses the Website and the App, regardless of whether they are a customer, an operator, or a regular internet user with or without an account.

Furthermore, we refer to the definitions in Art. 4 GDPR for the terms used:
Personal data means any information relating to an identified or identifiable natural person. This includes, for example, your name, your address and communication data, or your e-mail address.
Processing means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction.
Data subject is any identified or identifiable natural person whose personal data is processed by the controller.

 

1. Controllers

The controller within the meaning of the GDPR is the person who decides on the purposes and means of processing personal data. If several people jointly decide on the purposes and means of processing, they are jointly responsible for the processing. For some processing operations, the German operating company of the B&B HOTELS Group mentioned below is solely responsible. For others, the B&B HOTELS Group operating companies are each jointly responsible for the processing and act jointly with other companies.

Sole Controller:
B&B Hotels (Liechtenstein) GmbH, Wirtschaftspark 41, 9492 Eschen, registered in the commercial register of the Principality of Liechtenstein under registration number FL-0002.744.224-1, is the sole controller for the following processing operations:
(1) Processing of reservations not made via the online booking system;
(2) Management of accommodation contracts;
(3) Exercise of the rights of data subjects in accordance with the GDPR;
(4) Handling of insurance claims;
(5) Management of registration forms for accommodation;
(6) Setup and operation of a video camera system in the self-operated hotels;
(7) Operation and provision of guest Wi-Fi in the self-operated hotels;
(8) Handling of guest complaints and claims;
(9) Accounting and receivables management in connection with accommodation in the self-operated hotels. The B&B HOTELS Group companies operate the online booking system, which is the central reservation system for all B&B Hotels.

Joint Controllership:
The B&B HOTELS Group companies act as joint controllers for the following processing operations:
(1) Operation of the online booking system and processing of reservations made through it;
(2) Implementation of direct marketing measures;
(3) Management of loyalty programs.
The companies on the list, which you can access here, are jointly responsible for processing data for the purpose of managing direct marketing activities/campaigns for customers and prospective customers of the B&B HOTELS Group.
The companies on the list, which you can access here, are jointly responsible for processing data whose purpose is the management of online bookings.
The companies on the list, which you can access here, are jointly responsible for the other, aforementioned processing operations.

The joint controllers have concluded agreements on joint responsibility for the aforementioned processing operations, which define their respective obligations. The essential contents of these agreements are available on request at the following address: privacy-liechtenstein@hotelbb.com.
Information about the processing operations carried out in this context is provided in detail below. The Data Protection Officer of B&B Hotels Germany GmbH can be contacted at privacy-liechtenstein@hotelbb.com or by telephone at +49 (0) 6146 9090-0 or by post to the address provided with the addition "The Data Protection Officer".

 

2. General Criteria for Storage Duration

Unless a more specific storage period is mentioned in these data protection notices, your personal data will be kept until the purpose for the data processing ceases to exist. If you assert a justified request for deletion or withdraw your consent to data processing, your data will be deleted, unless we have other compelling reasons for the continued storage of your personal data (e.g., tax or commercial law retention periods); in the latter case, the data will be deleted after these reasons cease to exist.

 

3. General Information on the Legal Bases for Data Processing on this Website

If you have given your consent to data processing, we process your personal data on the basis of Art. 6 (1) (a) GDPR. In the event of express consent to the transfer of personal data to third countries, data processing is also carried out on the basis of Art. 49 (1) (a) GDPR. Consent can be withdrawn at any time. If your data is necessary for the conclusion or performance of a contract or for the implementation of pre-contractual measures, we process your data on the basis of Art. 6 (1) (b) GDPR. Furthermore, we process your data on the basis of Art. 6 (1) (c) GDPR if this is necessary to fulfill a legal obligation. Data processing can also be carried out on the basis of our legitimate interest in accordance with Art. 6 (1) (f) GDPR. We provide information about the legal basis relevant in each individual case in the following paragraphs of these data protection notices.

 

4. General Information on Data Transfer to Third Countries

Some companies of the B&B HOTELS Group are based in a third country outside the European Union and the European Economic Area. For data transfers with these B&B HOTELS Group companies, EU standard contractual clauses have been concluded, which you can obtain on request via the contact details provided, for example by e-mail to privacy@hotelbb.com. The UK and Switzerland have been confirmed to have a data protection level comparable to the EU by adequacy decisions of the EU Commission of 28.06.2021 (UK) and 26.07.2000 (Switzerland).

Provided you have given your consent, tools are used and external content and media are integrated on the Website and the App that are offered by companies based in third countries. If these tools are activated, your personal data can be transferred to these third countries and processed there. We would like to point out that in data protection-unsafe third countries, a data protection level comparable to that of the EU cannot be guaranteed. In these cases, data is transferred on the basis of additional guarantees in accordance with Art. 44 et seq. GDPR. The USA is classified by the EU Commission under certain conditions as a safe third country with a data protection level comparable to the EU. Data transfer to the USA is then permissible if the data recipient is certified under the "EU-U.S. Data Privacy Framework" (DPF). Information on transfers to third countries, including the data recipients, can be found in these data protection notices and in the notices on cookies and other trackers.

 

5. Information on the Processing of Personal Data

5.1. Visiting the Website
When you visit the Website, your browser transfers certain system and browser data for technical reasons. This involves the following data (so-called server log files), which are processed by the jointly responsible companies for the online booking system:

  • IP address
  • Date and time of the server request
  • Browser, language, and version of the browser software
  • Operating system used
  • Hostname of the accessing computer
  • Website from which the request came ("Referrer URL")

This data is not stored together with other personal data of the users.

The temporary storage of the user's IP address by the web server is technically necessary to be able to display the website. For this purpose, the IP address must necessarily remain stored for the duration of the session.
The storage of the above-mentioned data in the log files is to ensure the functionality of the online booking system. This data also serves to ensure the security of the information technology systems (e.g., to detect attacks). The data is not evaluated for marketing purposes in this context.

The legal basis for the temporary storage of this data and the log files is Art. 6 (1) (f) GDPR. The legitimate interest is the technically flawless display and optimization of the website — for this, the server log files must be collected.
The above-mentioned data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected. In the case of data collected for the provision of the website, this is the case when the respective session is over. In the case of data stored in the log files, the retention period is up to 3 months. Further storage is possible if this data is required for (e.g., clarification of attacks, misuse, or fraudulent activities). Data whose further retention is required for evidentiary purposes are excluded from deletion until the final clarification of the respective incident.

The collection of data for the provision of the website and its storage in log files is mandatory for the operation of our website for technical reasons. You therefore have no right to object.

 

5.2. Contact Form on the Website

If you send us inquiries via the contact form on the website, we collect the data requested in the contact form (e.g., name, e-mail address) as well as the information about your request. Mandatory fields are marked accordingly. We process your personal data to answer your inquiry and process your request. In case of follow-up questions, we store your data.

If your request is related to the fulfillment of a contract or is necessary for the implementation of pre-contractual measures (e.g., offer), the processing is based on Art. 6 (1) (b) GDPR. In all other cases, the processing is based on our legitimate interest in the effective processing of inquiries addressed to us (Art. 6 (1) (f) GDPR).

The data is used exclusively for processing the conversation and your request. The data you enter in the contact form remains with us until you ask us to delete it or the purpose for data storage no longer applies (e.g., after your request has been processed). Mandatory legal provisions—in particular retention periods—remain unaffected. Your personal data will be deleted at the end of the calendar year no later than three years after your request has been processed.

 

5.3. Inquiries by E-mail or Telephone

If you contact us via the e-mail addresses provided on the website or by telephone, we store and process your inquiry, including all personal data resulting from it (name data, address data, contact data, inquiry) for the purpose of processing your request.

If your request is related to the fulfillment of a contract or is necessary for the implementation of pre-contractual measures (e.g., offer), the processing is based on Art. 6 (1) (b) GDPR. In all other cases, the processing is based on our legitimate interest in the effective processing of inquiries addressed to us (Art. 6 (1) (f) GDPR).

The data is used exclusively for processing the conversation and your request.

The data transmitted by you via contact inquiries remains with us until you ask us to delete it or the purpose for data storage no longer applies (e.g., after your request has been processed). Mandatory legal provisions—in particular retention periods—remain unaffected. Your personal data will be deleted at the end of the calendar year no later than three years after your request has been processed.

 

5.4. Newsletter

You can subscribe to a newsletter on our website. We only send newsletters with the consent of the recipients. We use a double opt-in procedure for this. After registering for the newsletter, you will receive an e-mail in which you have to confirm your registration. We use this procedure so that no one can register with a third party's e-mail address. We log the registrations for the newsletter to be able to prove the registration process in accordance with legal requirements. This includes the date, time, and IP address at the time of registration. For the newsletter registration, we collect the name and e-mail address.

We send newsletters for advertising purposes to inform you about offers, promotions, and other news about B&B HOTELS.

The processing of the data entered in the newsletter registration form is based exclusively on your consent (Art. 6 (1) (a) GDPR). By sending the e-mail as part of the double opt-in procedure, we fulfill our legal obligation to verify your e-mail address, Art. 6 (1) (c) GDPR. Your data in connection with the newsletter registration and dispatch will be processed by the marketing department of B&B Hotels (Liechtenstein) GmbH. The companies of the B&B Hotels Group, whose overview can be found here, are jointly responsible for the management and implementation of the direct marketing measure.

The joint controllers have commissioned B&B HOTELS DIGITAL SERVICES, 9 boulevard Romain Polland, 75014 Paris, France, and MOVE ON B&B HOTELS, 271, rue du Général Paulet, 29200 Brest, France, with the management and dispatch of the newsletters. The contractors act on the basis of data processing agreements on the instructions of the joint controllers.

Consent to receive our newsletter can be withdrawn at any time with effect for the future without giving reasons, for example via the unsubscribe function in every newsletter. In the event of a withdrawal, your e-mail address will be marked with a block note to document that you no longer wish to receive the newsletter. Data that is no longer required will be deleted immediately. The block note and your e-mail address will be deleted three years after the end of the calendar year in which the block note was set. If you do not confirm your consent to receive our newsletter as part of the double opt-in procedure, we will block your e-mail address and delete it after six months, unless we have to keep it for other reasons and in another context.

 

5.5. Online Booking of Hotel Stays and Check-in

If you book a room via the online booking system on the website or the app, we process the personal data requested via the booking form (e.g., personal master data, contact data, reservation/booking details, conditions, payment and invoice data) to carry out the booking and establish an accommodation contract.

Your e-mail address is processed to send you reservation/booking confirmations, changes, cancellations, and other communications in connection with the reservation/booking and the accommodation contract. In addition, you will receive an automatically generated invitation to online check-in by e-mail before the planned arrival day. For online check-in, you must register via the link in the e-mail and provide your credit card details (card number, expiry date, security code) for payment purposes.

The companies of the B&B Hotels Group, whose overview can be found here, are jointly responsible for data processing via the online booking system on the website and the app.

The joint controllers have commissioned B&B HOTELS DIGITAL SERVICES, 9 boulevard Romain Polland, 75014 Paris, France, and MOVE ON B&B HOTELS, 271, rue du Général Paulet, 29200 Brest, France, to operate and manage the online reservation system. The contractors act on the basis of data processing agreements on the instructions of the joint controllers.

For the purpose of establishing and performing the accommodation contract, the data from the online booking system may be transmitted to the operator of the hotel for which you have booked your stay.

In order to comply with legal reporting obligations, it may be necessary for some personal data to be transmitted to the registration authority responsible for the hotel in which you are staying after you have checked in at the hotel. When checking in, you are obliged to provide this data.

In the case of a single minor staying, the hotel where the overnight stay takes place collects a declaration from a legal representative stating their name, contact details, and a copy of an identity document. Details on data processing can be found in the corresponding form.

The legal basis is Art. 6 (1) (b) GDPR, as the processing of the data is necessary for the establishment and performance of an accommodation contract in a B&B Hotel. By reporting guest data to the respective responsible registration authority, the B&B Hotel fulfills its legal obligation as a hotel operator in accordance with Art. 6 (1) (c) in conjunction with Art. 1 (1) (a) of the Regulation on the Obligation to Register and Pay Taxes for Accommodation (BMTV).

The data stored with us will be deleted as soon as it is no longer required for its intended purpose and there are no legal retention obligations that prevent the deletion.

The tax-related retention periods are ten years (Art. 17 (2) Tax Act, SteG); the general accounting regulations also provide for a retention period of ten years (Art. 1059 (1) Persons and Companies Act, PGR). The registration forms required under the BMTV are stored for at least two years in accordance with the provisions of Art. 3 (4) BMTV. If you have made a booking with us, we will use your e-mail address to send you advertising for similar goods and services in connection with your booking. You can object to this use at any time by either clicking the unsubscribe link in the footer of such an advertising e-mail or alternatively sending us a message via the contact form on our website with the subject "Feedback on your stay" and stating your e-mail address. The legal basis for this data processing is Art. 6 (1) (f) GDPR. Our legitimate interest lies in promoting customer loyalty.

 

5.6 Payment Service Providers

If you use third-party payment services (e.g., PayPal, Visa, Mastercard, Maestro, American Express), the B&B HOTELS Group companies work with the payment service provider Adyen N.V. (hereinafter "Adyen"), Simon Carmiggeltstraat 6-50, 1011 DJ, Amsterdam, Netherlands. Adyen is a full payment service provider that, among other things, handles payment processing. The data necessary for the respective payment method is transmitted to Adyen, unless it is collected directly by the respective payment service itself (e.g., PayPal).

The bank card number, expiry date, and cryptogram are processed exclusively by Adyen, which only provides us with a token for the guarantee and payment of the bookings.

The purpose of the transmission is identity verification, the desired payment processing, the implementation of any credit check, and fraud prevention. To the extent necessary to fulfill the contractual obligations, Adyen also passes on the personal data to service providers or subcontractors.

The legal basis for the processing is Art. 6 (1) (b), (c), (f) GDPR. By transmitting for identity verification, we fulfill legal obligations for customer authentication in accordance with Art. 6 (1) (c) GDPR in conjunction with the Payment Services Directive and the Payment Services Supervision Act. The legitimate interest in the data transmission results from the purposes described above.

The terms and conditions and the data protection notices of our partner for electronic payment processing apply. Further information on data protection can be found at https://www.adyen.com/de_DE/richtlinien-und-haftungsausschluss/privacy-policy.

 

5.7 Guest Reviews

To get feedback from our guests about their stay, we use a review service offered by TrustYou GmbH, Schmellerstraße 9, 80337 Munich, www.trustyou.com. If you have consented to receive the newsletter, you will receive an e-mail with a link after a stay at a B&B Hotel in Liechtenstein, which allows you to submit a review of your last stay. If you make use of the option to submit a review, your name, e-mail address and/or telephone number, IP address, your review score and details of the review, other data entered, and system data (browser type and version, device used, date and time of submission of the review, referring URL) will be transmitted to TrustYou GmbH and evaluated by TrustYou and B&B Hotels (Liechtenstein GmbH). The review score, details of your review, your first name, the first letter of your last name, and the date of the review may be made publicly accessible on the website and the app.

The collection and analysis of reviews help us to improve our quality. The legal basis for the data processing is your consent to receive the newsletter (Art. 6 (1) (a) GDPR) as well as the legitimate interest of (B&B Hotels Liechtenstein) GmbH in operating a review system and evaluating reviews after the voluntary use of the review system by guests (Art. 6 (1) (f) GDPR).

Submitting a review is voluntary. You can object to the continued receipt of invitations to review the hotel by e-mail at any time via the corresponding link in each e-mail.

TrustYou GmbH acts on the basis of a data processing agreement on the instructions of B&B Hotels Germany GmbH. You can find more information on how TrustYou handles data in TrustYou's privacy policy at: https://www.trustyou.com/downloads/privacy-policy.pdf.
Reviews are made publicly accessible on the website and the app for a maximum period of 24 months from the date of submission. The data collected in connection with a review is stored and evaluated for a maximum period of five years from the date the review was submitted. TrustYou GmbH is authorized to anonymize the data afterwards and then store and use it for analysis purposes for an unlimited period of time and space.

 

5.8 Conducting Lotteries and Contests

We occasionally organize lotteries or other contests in which guests and other interested parties can participate, e.g., in connection with submitting a guest review.

For this purpose, we process the data required for participation, such as names, e-mail addresses, and answers to lottery and contest questions. Subsequently, in the event of a win, address data may be requested in order to be able to send a prize.

The processing is carried out solely for the purpose of conducting the lottery or contest, i.e., to determine and notify winners and to send prizes.

In the case of lotteries and other contests in connection with the submission of a guest review, we use the support of TrustYou GmbH, Schmellerstraße 9, 80337 Munich, which acts on our instructions on the basis of a data processing agreement.

Insofar as we obtain your consent as part of a lottery or contest, this is the legal basis for the data processing (Art. 6 (1) (a) GDPR). Otherwise, Art. 6 (1) (b) GDPR is the legal basis, as the data processing is necessary for participation in the lottery or contest.

The data will be deleted after the lottery or contest has been carried out, unless you have given your consent to the further processing of your data or a longer retention period must be taken into account in connection with the redemption or use of a prize.

 

5.9 Video Surveillance in Hotels

Video surveillance may be used in certain areas of hotels and the associated premises, in particular parking lots. In this context, images of guests can be recorded and evaluated on a case-by-case basis.

Video surveillance is generally carried out within legal limits. The legal basis is the legitimate interest in the safety and security of our guests and hotel property in accordance with Art. 6 (1) (f) GDPR.

Data subjects have the following rights in connection with video surveillance:

  • Right of access
  • Copy of the video recordings
  • Right to erasure
  • Right to object

Detailed information on the use of video cameras and the associated data processing can be found on-site at the hotels.

 

5.10 Guest Wi-Fi in Hotels

Access to guest Wi-Fi is provided in the hotels operated in Liechtenstein.

When using the guest Wi-Fi, the following data may be processed, some of which is stored using cookies and some of which can be optionally provided by you: MAC or IP address of the end device used, e-mail address, username, name, room number, date of registration.

For the provision and operation of the guest Wi-Fi system, B&B Hotels Germany GmbH has commissioned m3connect GmbH, Friedlandstraße 18, 52064 Aachen. m3connect GmbH processes your data on the basis of a data processing agreement on our instructions.

The legal basis for data processing is Art. 6 (1) (b) GDPR, insofar as the data is necessary for the desired use of the guest Wi-Fi. In the case of storing information in cookies, we also base the processing on our legitimate interests in accordance with Art. 6 (1) (f) GDPR. The cookies are technically necessary to ensure the functionality of the Wi-Fi system. This is also our legitimate interest.

The data is processed for authentication and to ensure the flawless operation of the guest Wi-Fi.

The data will be deleted after 10 weeks at the latest, unless legal retention obligations prevent the deletion. The technically necessary cookies are session cookies, which have a maximum functional duration of one day.
Further details can be found in the notices on site when registering for the guest Wi-Fi.

 

6. Cookies

Our website uses so-called "cookies" and other tracking tools. Details on this and your setting options are presented in our notices on cookies and other trackers.

 

7. Our Presence on Social Media Channels

B&B Hotels Germany GmbH maintains its own channel on several social media platforms. When you visit our profile on one of the social media platforms, the respective provider of the social media platform processes your data to create usage profiles and to operate and improve its own services. Furthermore, some providers of the social media platforms provide us with evaluations of the use of our profile in an anonymized form.

The data processing takes place partly regardless of whether you are registered on the social media platform yourself or not. The evaluations usually contain the following information:

  • Reach measurements regarding profile, posts, and other functions, i.e., total number of people who have visited/used the profile, posts, and other functions;
  • Aggregated data on the age, gender, and place of residence (country, region/city) of the people who visit the profile;
  • Usage duration for videos and other functions;
  • Time and location of use;
  • Devices, operating systems, and software used;
  • Interactions in connection with posts, e.g., click rates, shares, comments.
    With regard to the data processing operations for the purposes of the aforementioned evaluations, B&B Hotel Germany GmbH is jointly responsible with the respective providers of the social media platforms within the meaning of the GDPR and has concluded corresponding agreements on joint responsibility.
    We have no influence on whether and to what extent the providers collect personal data on their social media platforms. We also do not know the scope, purpose, and storage period of the data collection. It must be assumed that at least the IP address and device-related information are collected and used. It is also possible that the providers use cookies and similar technologies on their platforms with which user behavior on the platforms and other services of the providers can be tracked and evaluated.
    The providers of the social media platforms are partly based outside the territory of the European Union (EU) and the European Economic Area (EEA) (so-called "third countries"), in particular in the USA. These third countries sometimes do not have a data protection level comparable to the EU, or the recognition of the adequate data protection level is dependent on further conditions, such as for US companies, certification under the EU-U.S. Data Framework Agreement. In some third countries, for example in the USA, government agencies have extensive access rights to data from companies with headquarters in these third countries.
    We cannot rule out that even if the providers are based in the EU, data may also be transmitted to the group companies in the USA or another third country. Further information on the individual providers of the social media platforms on which we operate a profile:
  • Facebook and Instagram: The provider for the European area is Meta Platforms Ireland Limited (4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, "Meta"). Further information on data protection can be found at https://facebook.com/policy.php and regarding Instagram at https://help.instagram.com/519522125107875. Information on the cookies used by Meta when you visit our Facebook page or our channel on Instagram can be viewed at https://www.facebook.com/policies/cookies. The following agreement on joint responsibility applies to the processing operations for which we are jointly responsible with Meta: https://www.facebook.com/legal/controller_addendum. The group headquarters Meta Platforms Inc, Menlo Park, California, USA, is certified under the EU-U.S. Data Privacy Framework.
  • LinkedIn: The provider for the European area is LinkedIn Ireland Unlimited Company (Wilton Place, Dublin 2, Ireland). Further information on data protection can be found in LinkedIn's privacy policy at https://www.linkedin.com/legal/privacy-policy and in the cookie policy at https://www.linkedin.com/legal/cookie-policy. The following agreement on joint responsibility applies to the processing operations for which we are jointly responsible with LinkedIn: https://legal.linkedin.com/pages-joint-controller-addendum. The group headquarters LinkedIn Corporation, Sunnyvale, California, USA, is certified under the EU-U.S. Data Privacy Framework.
  • YouTube: The provider for the European area is Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland). Further information on data protection can be found in Google's privacy policy at https://policies.google.com/privacy?hl=en. The group headquarters Google LLC, Mountain View, California, USA is certified under the EU-U.S. Data Privacy Framework.
  • TikTok: The provider for the European area is TikTok Technology Limited, 10 Earlsfort Terrace, Dublin, D02 T380, Ireland. Further information on data protection can be found in the privacy policy at https://www.tiktok.com/legal/privacy-policy-eea?lang=en.

 

8. Automated Decision-Making, Profiling

No automated decision-making or profiling is carried out for the purpose of establishing and carrying out business relationships. If these procedures are used in individual cases, you will be informed separately, if required by law.

 

9. Obligation to Provide Data

For the establishment, implementation, and termination of a business relationship (e.g., booking, accommodation contract, participation in a loyalty program, receipt of a newsletter), it is necessary or, in some cases, legally required that you provide us with personal data. Without this data, a business relationship can generally not be established or will have to be terminated. In forms, this data is regularly marked as mandatory.

 

10. Data Security

We attach particular importance to the security of personal data. We implement technical and organizational measures that are appropriate to the degree of sensitivity of the personal data to ensure the integrity and confidentiality of the data and to protect it from malicious intrusion, loss, alteration, or disclosure to unauthorized third parties. These security measures include, for example, the encrypted transmission of data between your browser and our servers. Please note that SSL encryption for transmissions carried out over the Internet is only activated when the key symbol appears in your browser window and the address begins with https://. TLS (Transport Layer Security) protects the data transmission with encryption technology from illegal data access by third parties. If this option is not available, you can also choose not to send certain data over the Internet.

 

11. Your Rights

If we process your personal data, you have the following rights:

  • Right of Access (Art. 15 GDPR): You have the right to request information about the personal data processed about you. This right also includes a copy of the corresponding data.
  • Right to Rectification (Art. 16 GDPR): You have the right to demand the immediate rectification of inaccurate personal data concerning you. Taking into account the purposes of the processing, you have the right to demand the completion of incomplete personal data concerning you.
  • Right to Erasure (Art. 17 GDPR): You have the right to demand that the personal data concerning you be deleted immediately, provided that one of the reasons mentioned therein applies.
  • Right to Restriction of Processing (Art. 18 GDPR): You have the right to demand the restriction of the processing of your personal data, provided that one of the reasons mentioned therein applies.
  • Right to Data Portability (Art. 20 GDPR): You have the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used, and machine-readable format and, in certain circumstances, you have the right to transmit this data to another controller without hindrance.
  • Right to Object (Art. 21 GDPR): You have the right to object to the processing of your data at any time on grounds relating to your particular situation, insofar as the data processing is carried out on the basis of a balancing of interests in accordance with Art. 6 (1) (f) GDPR. This also applies to profiling based on this provision within the meaning of Art. 4 No. 4 GDPR. If you object, your personal data will no longer be processed unless there are demonstrably compelling reasons for the processing that are worthy of protection and override your interests, or the processing serves to assert, exercise, or defend legal claims.
  • Right to Withdraw Consent (Art. 7 (3) GDPR): In accordance with Art. 7 (3) GDPR, you have the right to withdraw any consent you have given for the processing of personal data at any time without giving reasons with effect for the future.
    The restrictions according to Art. 57 and 58 of the DSG apply to the right of access and the right to rectification and erasure. You can exercise your rights:
  • at the following e-mail address: privacy-liechtenstein@hotelbb.com;
  • or via the postal address: B&B Hotels (Liechtenstein) GmbH, Wirtschaftspark 41, 9492 Eschen.
    You also have the right to lodge a complaint with a supervisory authority (Art. 77 GDPR in conjunction with § 19 of the BDSG) if you believe that the processing of your personal data is not lawful. This can be done, for example, with the supervisory authority responsible for B&B Hotels Germany GmbH: The Data Protection Office of the Principality of Liechtenstein, Kirchstraße 8, FL-9490 Vaduz; E-mail: info.dss@llv.li Website: https://www.datenschutzstelle.li/services-und-downloads/formulare#Beschwerdeformular.

 

12. Changes to the Data Protection Notices

We reserve the right to change the data protection declaration to adapt it to changed legal situations or to changes in the service and data processing. However, this only applies with regard to declarations on data processing. If the consent of the users is required or parts of the data protection declaration contain regulations of the contractual relationship with the users, the changes will only be made with the consent of the users.
Please inform yourself regularly about the content of the data protection declaration.

  • Print
    this page
  1. B&B HOTELS
  2. Privacy policy - Liechtenstein