Aussicht über die Wälder der Eifel bei Morgenstimmung nahe dem Nürburgring

Privacy matters to us.

Privacy policy

1. Controller

Nuerburgring Hotels & Ferienpark
Stefan Bellof- Str.
53520 Nuerburg
+49 2691 302 5000
info@nuerburgring.de

Represented by: Wolfgang Gros

2. Data Protection Officer

You can reach our Data Protection Officer at:

TÜV Informationstechnik GmbH
TÜV NORD GROUP 
Alexander P. Taubitz, Assessor jur. 
Am TÜV 1
45307 Essen 
E: a.taubitz@tuvit.de

3. General Information on Data Processing

We process the personal data of users of our website only insofar as this is necessary to provide a functional website and to deliver our content and services.

Processing is carried out regularly only with the consent of the user (Article 6 (1) (a) GDPR) or if the processing is permitted by statutory provisions (Article 6 (1) (b), (c), (f) GDPR).

4. Hosting and Server Log Files

Our website is hosted by HK-Net - Händle & Korte GmbH, Rathausufer 20, D-40213 Düsseldorf. When you visit our website, certain data are automatically collected and stored in so-called log files:

  • IP address
  • Date and time of the request
  • Referrer URL
  • Browser type and version
  • Operating system
  • Legal basis: Article 6 (1) (f) GDPR (legitimate interest in secure operation).

5. Cookies & Consent Management (Cookiebot)

We use Cookiebot provided by Cybot A/S, Havnegade 39, 1058 Copenhagen, Denmark.
We have concluded a Data Processing Agreement pursuant to Article 28 GDPR with Cookiebot.

  • Purpose: Management and documentation of cookie consents.
  • Data: IP address, consent status, date/time.
  • Legal basis: Article 6 (1) (c) GDPR (legal obligation).

6. Booking System DIRS21 (ONE)

We use the booking system DIRS21 ONE, provided by TourOnline AG, Borsigstraße 26, 73249 Wernau, Germany. When using the booking function, personal data (name, address, payment details) are processed.
A Data Processing Agreement has been concluded with DIRS21.

  • Legal basis: Article 6 (1) (b) GDPR (performance of a contract).

7. Applications via Coveto

We use the applicant management system Coveto, provided by coveto ATS GmbH, Bad Nauheim, Germany.
We have concluded a Data Processing Agreement with Coveto.

  • Data: Application documents, contact details, communication content.
  • Retention period: 6 months after the completion of the recruitment process
  • Legal basis: Article 6 (1) (b) GDPR in conjunction with § 26 BDSG (where applicable).

8. Newsletter (Mailchimp)

We use Mailchimp (Intuit Inc., USA).
We have concluded a Data Processing Agreement with Mailchimp.

Where personal data are transferred to a third country (e.g. the USA), such transfer is based on the Standard Contractual Clauses adopted by the European Commission pursuant to Article 46 (2) (c) GDPR. These clauses are designed to ensure an adequate level of data protection in the recipient country.

  • Data: E-mail address, name, proof of consent.
  • Legal basis: Article 6 (1) (a) GDPR.
  • Retention period: until unsubscribed
  • Children: Registration is only permitted from the age of 16 or with parental consent.

9. 3D Tours (bemotion 360° / Matterport)

We integrate interactive 3D tours provided by bemotion 360° and Matterport Inc., USA.
We have concluded Data Processing Agreements with bemotion 360° and Matterport Inc.

When these tours are loaded, personal data (e.g. IP address, browser data) may be transferred to the USA.

Where personal data are transferred to a third country (e.g. the USA), such transfer is based on the Standard Contractual Clauses adopted by the European Commission pursuant to Article 46 (2) (c) GDPR. These clauses are designed to ensure an adequate level of data protection in the recipient country.

  • Legal basis: Article 6 (1) (a) GDPR (consent).

10. Contact (E-mail, Telephone, Contact Form)

If you contact us by e-mail, telephone or via a contact form, we will process your details (name, e-mail address, message) to respond to your enquiry.

  • Legal basis: Article 6 (1) (b) GDPR (performance of a contract) or Article 6 (1) (f) GDPR (general enquiries).

11. Social Media & External Links

Our website contains links to social media platforms and external websites such as Facebook, Instagram, and Tripadvisor.

When you click on these links, you are redirected directly to the respective platform. Processing of your data on these platforms is outside our responsibility. Please refer to the privacy notices of the respective providers.

12. Disclosure of Data

Data are only shared with service providers that are contractually bound as processors under Article 28 GDPR or where there is a statutory obligation.

13. Data Retention

Personal data are deleted as soon as the purpose for which they were collected no longer applies, or statutory retention periods have expired.

14. Your Rights as a Data Subject

If we process your data, you have certain rights which you can exercise at any time. To do so, please contact us (see contact details above).

  • Access: You may request information about which data we store about you and for what purpose.
  • Rectification: If your data are inaccurate or incomplete, you can ask us to correct them.
  • Erasure: You can request the deletion of your data – for example, if they are no longer needed or if you withdraw your consent.
  • Restriction of processing: You can ask us to retain your data but not to use them further – for example, while we verify their accuracy.
  • Data portability: On request, we will provide your data in a commonly used, machine-readable format so you can transfer them to another provider.
  • Objection: If we process your data based on legitimate interests (e.g. for statistics or marketing), you may object at any time. We will then review whether our reasons override your interests or whether we must stop processing.
  • Withdrawal of consent: If you have given us consent to process your data (e.g. to receive newsletters), you can withdraw this consent at any time with effect for the future. This means that we may no longer use your data for this purpose from the time of withdrawal. Processing carried out before your withdrawal remains lawful. Your withdrawal therefore affects only future processing, not the past.
     

15. Right to Lodge a Complaint

You have the right to lodge a complaint with any data protection supervisory authority. The competent authority is the one in the federal state in which our hotel is located.

16. Security

We use SSL encryption in line with the latest technical standards.

17. Status and Amendments

Status: September 2025
Version: 1.0
We reserve the right to amend this Privacy Policy to reflect changes in legal requirements or technical developments.

Cookie consent

By clicking here you can change or reset your cookie consent anytime.