Skip to main content

Data protection

We are pleased that you are visiting our homepage and thank you for your interest in our company. Dealing with our customers and interested parties is a matter of trust. The trust placed in us is very important to us and therefore the importance and obligation to handle your data carefully and to protect it from misuse.

So that you feel safe and comfortable when visiting our website, we take the protection of your personal data and their confidential treatment very seriously. Therefore we act in accordance with the applicable legislation on the protection of personal data and data security.

With this information on data protection, we would like to inform you about when we store which data and how we use it – of course in compliance with the applicable German case law. Data protection at Steinfeld Monastery takes into account the European data protection level and is based in particular on the current Federal Data Protection Act (BDSG). When using the internet, we are guided by the Telemedia Act (TMG) of the Federal Republic of Germany to protect your personal data.

Collection and processing of personal data

In principle, you can visit our websites without telling us who you are. Our web servers automatically store information of a general nature. This includes the type of web browser, the operating system used, the domain name of your Internet service provider, the website from which you are visiting us, the websites that you are visiting on our site and the date and duration of the visit. This is exclusively information that does not allow any conclusions to be drawn about your person. We only evaluate this data for statistical purposes and only in anonymous form.

Privacy at Google Analytics and Google Remarketing

This website uses Google Analytics and Google Remarketing. These are services of Google Inc. (“Google”). Google uses so-called “cookies”, text files which are stored on your computer and which enable an analysis of your use of the website. The information generated by the cookie about your use of this website (including your IP address) is transmitted to a Google server in the USA and stored there. The IP address is then shortened by Google by the last three digits, so a clear assignment of the IP address is no longer possible. Google complies with the data protection provisions of the US Safe Harbor Agreement and is registered with the US Department of Commerce’s Safe Harbor program.

Google will use this information to evaluate your use of the website, to compile reports on website activity for website operators and to provide other services related to website activity and internet usage. Google may also transfer this information to third parties if required to do so by law or if third parties process this data on Google’s behalf. Third-party vendors, including Google, serve ads on websites across the internet. Third parties, including Google, use stored cookies to serve ads based on a user’s previous visits to this website. Under no circumstances will Google associate your IP address with other Google data.

You can object to the collection and storage of data at any time with effect for the future. You can opt out of Google’s use of cookies by visiting the Google Ads Opt-out page. Alternatively, users can deactivate the use of cookies by third parties by visiting the deactivation page of the network advertising initiative. You can also prevent Google from collecting the data generated by the cookie and related to your use of the website (including your IP address) and from processing this data by Google by downloading the browser plug-in available under the following link and install:

However, we would like to point out that in this case you may not be able to use all the functions of this website to their full extent. By using this website, you consent to the processing of data about you by Google in the manner and for the purposes set out above. You can object to the collection and storage of data at any time with effect for the future. You can find more information about Google’s regulations here. You can object to the storage of cookies: You can set your browser so that the storage of cookies is only accepted if you consent to this. As a rule, the help function in the menu bar of your web browser shows you how to reject new cookies and switch off those that have already been received. Flash cookies, which are used by browser add-ons, can be switched off or deleted by changing the browser add-on settings or via the browser add-on manufacturer’s website. We recommend that you always log off completely on shared computers that are set to accept cookies and flash cookies.

Data protection at PIWIK

This website uses Piwik, an open source software for the statistical analysis of visitor access. Piwik uses so-called “cookies”, text files that are stored on your computer and enable an analysis of your use of the website. This gives us the opportunity to optimize the websites for you and make them more visitor-friendly. The information generated by the cookie about your use of this website is stored on the provider’s local server in Germany. The IP address is anonymized immediately after processing and before it is stored. The evaluations generated with PIWIK are completely anonymous and cannot be used to identify individual persons. You can prevent the installation of cookies by setting your browser software accordingly; we would like to point out to you however that in this case you can if applicable not use all functions of this website in full.

Data protection declaration for the use of Facebook Ads

We use communication tools from the social network Facebook, in particular the product Custom Audiences and Website Custom Audiences. Basically, a non-reversible and non-personal checksum (hash value) is generated from your usage data, which can be transmitted to Facebook for analysis and marketing purposes. The Facebook cookie is addressed for the Website Custom Audiences product. For more information about the purpose and scope of the data collection and the further processing and use of the data by Facebook, as well as your setting options to protect your privacy, please refer to Facebook’s data protection guidelines, which can be found at and can be found. If you wish to object to the use of the Facebook Custom Audiences website, you can do so at

Use and disclosure of the collected data

We use the personal data you provide exclusively for the stated or agreed purposes, i.e. usually to process the contract concluded with you or to answer your inquiry. If you make use of services, as a rule only data that we need to provide the services is collected. If we ask you for further data, this is voluntary information. The processing of personal data takes place exclusively to fulfill the requested service and to protect legitimate business interests. Personal data is only collected or processed if you provide this information voluntarily, e.g. as part of an inquiry. If there are no necessary reasons in connection with a business transaction, you can revoke the previously granted approval of your personal data storage at any time in writing (e.g. by e-mail or fax) with immediate effect. Your data will not be passed on to third parties unless disclosure is required by law.

Are personal data forwarded to third parties?

Your data will only be processed and used for consulting, advertising and market research purposes with your express consent. Your data will not be sold, rented or made available to third parties in any other way. Transfers of personal data to state institutions and authorities only take place within the framework of mandatory national legislation.

Use of cookies

So-called cookies are used in some areas of our website. A cookie is a small text file that is placed on your hard drive by a website. Cookies do not damage your computer and do not contain viruses. The cookies on our website do not collect any personal data. We use the information contained in cookies to make it easier for you to use our website and to tailor it to your needs. Of course you can also view our website without cookies. If you do not want cookies to be stored on your computer, you can deactivate the corresponding option in the system settings of your browser. You can delete saved cookies at any time in the system settings of your browser. However, if you do not accept cookies, this can lead to functional restrictions of our offers.

Use of Google Maps

This website uses Google Maps to display maps and to create directions. Google Maps is operated by Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA. By using this website, you agree to the collection, processing and use of the automatically collected data and the data you have entered by Google, one of its representatives, or third parties. For the Google Maps Terms of Service, see the Google Maps Terms of Service.

Data protection when using partner portals

Our website may use technologies from our partner companies Expedia Inc. and meetago GmbH in order to be able to process your inquiries/bookings efficiently.

By using this website, you agree to the collection, processing and use of the data collected automatically and the data you have entered by our partner companies, one of their representatives, or third-party providers. Our partner companies ensure that your data is only processed and used for the purposes of advice, advertising and market research with your express consent. Your data will not be sold, rented or made available to third parties in any other way. You can object to the use of your data at any time by contacting our partner companies.

The terms of use and information on data protection for the Expedia MeetingMarket can be found in the imprint of Expedia Inc., USA.

Details on the meeting portal can be found in the imprint of meetago GmbH.


The Kloster – Steinfeld monastery uses technical and organizational security measures in accordance with § 64 BDSG to protect your data managed by us against accidental or intentional manipulation, loss, destruction or against access by unauthorized persons. Our security measures are continuously improved in line with technological developments. Kloster – Steinfeld Monastery stores information relevant to data protection exclusively on secure systems in Germany. Access to it is only possible for a few authorized persons and persons who are responsible for the technical, administrative or editorial support of data and who are responsible for special data protection.

Protection of minors

Children and adolescents with limited legal capacity may not transmit any personal data to our websites without the consent of their parents or guardian. Under no circumstances will Steinfeld Monastery knowingly collect personal data obtained from children or adolescents with limited legal capacity, nor use it in any way or disclose it to third parties without authorization.

User Consent

By using our website and the offers contained therein, you agree that the personal data you have voluntarily transmitted will be stored by us and processed and used in compliance with this data protection declaration.

Purpose of data collection, processing and use

Operation of hotels and related businesses, as well as all related transactions

Operation of a customer service center for the purpose of taking and making reservations

Implementation of passenger transport, or the operation of a rental car company

Secondary purposes are accompanying or supporting functions in personnel, intermediary, supplier and service provider administration

At the hotel locations, video surveillance is used exclusively to collect evidence in the event of vandalism, burglary, robbery or other criminal offenses. The presence and use of video cameras are indicated by appropriate warnings. Digitized recordings of booking calls for documentation, evidence and training purposes are only made with the express consent of the conversation partner. Carrying out the storage and data processing of personal data for our own purposes, as well as on behalf of individual companies in accordance with the existing service agreements within the group of companies. The collection, processing and use of data takes place in order to carry out the purposes listed above.

Description of the data subjects and the related data/data categories

Personal data is essentially collected, processed and used for the following groups of people:

  • Guest data (especially address data, reservation data, guest requests, billing data, contact data)
  • Customer data (especially address data, contract data, billing and service data, contact data)
  • Interested party data (especially accommodation interest, room and hall rental interest, address data, contact data)
  • Employee data, applicant data, data from pension providers (particular personnel and salary data)
  • Mediator/broker/agency data (especially address, billing and performance data)
  • Business partners, external service companies (especially address, billing and service data)
  • Data on suppliers (especially address, billing, service and functional data)
  • Non-assignable group of people: video recordings if these are necessary to fulfill the purposes mentioned under point 5.

Your rights

(1) You have the following rights towards us with regard to your personal data:

  • right to information,
  • right to rectification or erasure,
  • right to restriction of processing, –     right to object to processing,
  • right to data portability.

(2) You also have the right to complain to a data protection supervisory authority about the processing of your personal data by us.

Categories of recipients to whom data may be communicated

Hotels, guesthouses and other lodging establishments may collect personal data from their guests and store it in automated processes, insofar as this is necessary within the framework of the lodging contract. These include i. i.e. Usually also billing data about food and drinks, about telephone calls made from the room and/or other hotel-specific services. Due to the registration regulations, hotels and accommodation facilities are obliged to request information about the place of residence, the date of birth and the nationality of their guests and their family members.

Furthermore, data can be communicated to the following recipients:

Public bodies that receive data due to legal regulations (e.g. social security agencies)

Internal departments involved in the execution and fulfillment of the respective business processes (e.g. HR administration/control, accounting, marketing, sales, IT organization and the central reservation service (Customer Service Center)

External contractors (service companies) in accordance with Art. 28 GDPR

Other external bodies (e.g. credit institutions, brokerage agencies as part of intermediary activities, companies belonging to the group of companies insofar as those affected have given written consent or transmission is permitted due to overriding legitimate interests), as well as partner companies as part of the order activity placed by the customer.


Standard deadlines for deleting the data

The legislator has issued a variety of storage obligations and periods. After these periods have expired, the corresponding data and data records are routinely deleted if they are no longer required to fulfill the contract (guest, rental and service contracts). The commercial or financial data of a completed financial year will be deleted after a further ten years in accordance with the legal provisions, unless longer retention periods are prescribed or necessary for legitimate reasons. In the area of ​​personnel administration and personnel control, shorter deletion periods are used in special areas. This applies in particular to rejected applications or warnings. If data are not affected by this, they will be deleted without being asked if the purposes mentioned under point 5 no longer apply.

Registration forms are kept in accordance with the applicable registration law in the individual hotel and accommodation establishments for the legally prescribed minimum period and then destroyed under special precautionary measures in accordance with data protection regulations.

Planned data transfer to third countries

Data transfers to third countries only occur within the framework of the fulfillment of the contract, necessary communication and other exceptions expressly provided for in the Federal Data Protection Act (BDSG).

There is currently no data transfer to other third countries, in particular to those whose level of data protection is considered to be low or to countries outside the EU; such is not planned.

Ensuring security in data processing

Kloster – Steinfeld monastery uses technical and organizational security measures in accordance with § 64 BDSG to protect the data it manages against accidental or intentional manipulation, loss, destruction or against access by unauthorized persons. The security measures used are continuously improved in line with technological developments. This means that Kloster Steinfeld monastery stores your data protection-related information exclusively on secure systems in Germany. Access to it is only possible for a few authorized persons who are responsible for the technical, administrative or editorial support and are obliged to special data protection.


Name of responsible body:
Kloster Steinfeld

Managing Director:
Wolfgang Scheidtweiler
Pater Lambertus Schildt

Responsible head of data processing
Pater Lambertus Schildt
Direktor Kloster Steinfeld GmbH & Co.KG
Hermann-Josef-Straße 4
53925 Kall-Steinfeld

Address of the responsible body
Kloster Steinfeld GmbH & Co.KG
Hermann-Josef-Straße 4
53925 Kall-Steinfeld
Phone : +49 2441-889131
Telefax : +49 2441-889296

E-Mail :

Internet :

Name and address of the data protection officer

Sandro Berger

VdE Service GmbH Baden-Württemberg

Eduard-Pfeiffer-Straße 48

70192 Stuttgart

Tel.: 0711 22 333 26

E-Mail :


Information on data protection according to EU GDPR

Our company regularly checks the creditworthiness of existing customers when contracts are concluded and in certain cases in which there is a legitimate interest. For this we work together with Creditreform Boniversum GmbH, Hellersbergstraße 11, 41460 Neuss, from which we receive the necessary data. On behalf of Creditreform Boniversum, we will provide you with the following information in advance in accordance with Article 14 EU GDPR:

Creditreform Boniversum GmbH is a consumer credit agency. It operates a database in which credit information about private individuals is stored. On this basis, Creditreform Boniversum issues creditworthiness information to its customers. Customers include, for example, credit institutions, leasing companies, insurance companies, telecommunications companies, receivables management companies, mail order, wholesale and retail companies and other companies that supply or provide goods or services. Within the framework of the legal provisions, part of the data in the information database is also used to supply other company databases, e.g. used for address trading purposes.

In particular, information about the name, address, date of birth, e-mail address, if applicable, payment history and shareholdings of persons is stored in the Creditreform Boniversum database. The purpose of processing the stored data is to provide information about the creditworthiness of the person requested. The legal basis for processing is Art. 6 Para. 1f EU-DSGVO. According to this, information about this data may only be given if a customer credibly demonstrates a legitimate interest in knowing this information. If data is transmitted to countries outside the EU, this is done on the basis of the so-called “standard contractual clauses”, which you can access under the following link:…
view or have it sent to you from there.

The data will be stored for as long as knowledge of it is necessary to fulfill the purpose of storage.

The knowledge is usually necessary for an initial storage period of three years. After expiration, it is checked whether a

Storage is still necessary, otherwise the data will be deleted to the exact day. If a matter is settled, the data will be deleted to the exact day three years after settlement. According to § 882e ZPO, entries in the register of debtors are deleted to the day after three years from the date of the entry order. Legitimate interests within the meaning of Art. 6 Para. 1f EU-DSGVO can be: credit decision, business initiation, shareholdings, claim, credit check, insurance contract, information on enforcement.

You have the right to information from Creditreform Boniversum GmbH about the data stored about you. If the data stored about you is incorrect, you have the right to have it corrected or deleted. If it cannot be determined immediately whether the data is incorrect or correct, you are entitled to have the data in question blocked until it has been clarified. If your data is incomplete, you can request that it be completed. If you have given your consent to the processing of the data stored by Creditreform Boniversum, you have the right to revoke this consent at any time. Through the Page 2 of 2 | Status April 2018 | © 2018 Boniversum

Revocation does not affect the legality of the processing of your data that has taken place on the basis of your consent up to any revocation. If you have any objections, requests or complaints about data protection, you can contact the data protection officer at Creditreform Boniversum at any time. This will help you quickly and confidentially in all questions of data protection. You can also complain about the processing of the data by Boniversum to the data protection officer responsible for your federal state. The data that Creditreform Boniversum has stored about you comes from publicly accessible sources, from collection agencies and their customers.

In order to describe your creditworthiness, Creditreform Boniversum creates a score for your data. The score value includes data on age and gender, address data and, in some cases, payment history data. This data is included in the score value calculation with different weighting. Creditreform Boniversum customers use the score values ​​as an aid when making their own credit decisions.

Right to object:

The processing of the data stored at Creditreform Boniversum GmbH takes place for compelling reasons worthy of protection of creditor and credit protection, which regularly outweigh your interests, rights and freedoms or serves to assert, exercise or defend legal claims. You can only object to the processing of your data for reasons that arise from a special situation that you have and which must be proven. If such special reasons can be proven to exist, the data will no longer be processed. If you object to the processing of your data for advertising and marketing purposes, the data will no longer be processed for these purposes. Creditreform Boniversum GmbH, Hellersbergstr. 11, 41460 Neuss. Your contact in our company is Consumer Service, phone: 02131 36845560, fax: 02131 36845570, e-mail:

You can reach the responsible data protection officer under the following contact details: Creditreform Boniversum GmbH, data protection officer, Hellersbergstr. 11, 41460 Neuss, email:

© Kloster Steinfeld, Kall-Steinfeld


Datenschutzerklärung Kloster Steinfeld

This text is for information only, only the wording of the German text is legally valid.