Aktiv Hotel Schweiger

Privacy Policy

Last updated: April 2, 2026

Privacy Policy

1. Name and Contact Details of the Controller

Medizinisches Aktiv-Zentrum Schweiger Hotel & Rehaklinik GmbH & Co. OHG

Ländeweg 2, 87629 Füssen – Bad Faulenbach, Germany

Phone: +49 8362 9140-0

Fax: +49 8362 9140-150

Email: info@aktiv-schweiger.de

Data Protection Officer: RA Philipp Rodenberg

Email: philipp.rodenberg@ra-rodenberg.com

2. General Information on Data Processing

We process your personal data exclusively in accordance with the provisions of the General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG). The protection of your data is our highest priority.

3. Collection and Storage of Personal Data When Visiting the Website

When you visit our website for purely informational purposes, the following data is automatically collected by the server:

  • IP address
  • Date and time of the request
  • Time zone difference to GMT
  • Content of the request (specific page)
  • Access status / HTTP status code
  • Amount of data transferred
  • Referrer URL
  • Browser type and version
  • Operating system and interface
  • Language and version of the browser software

The website is hosted on the Vercel platform (Vercel Inc., 440 N Barranca Ave #4133, Covina, CA 91723, USA). Vercel processes the above data on our behalf. Data transfer to the USA is based on EU Standard Contractual Clauses.

Legal basis: Art. 6(1)(f) GDPR (legitimate interest in the stability and security of the website).

4. Content Management System (Sanity)

We use the content management system Sanity (Sanity AS, Grønland 32, 3045 Drammen, Norway) to manage our website content. Sanity stores and delivers editorial content (texts, images, page structures). No personal data of website visitors is processed in this context.

Legal basis: Art. 6(1)(f) GDPR (legitimate interest in efficient content management).

5. Cookies and Consent Management

We use cookies on our website. On your first visit, your consent is obtained via a cookie consent banner. You can adjust your settings at any time via the cookie icon at the bottom left of the website.

We distinguish the following cookie categories:

  • Essential cookies: Technically necessary for the operation of the website (e.g. language settings, cookie consent settings). These cookies are set without consent.
  • Analytics cookies: Help us understand how the website is used (see Section 6).
  • Third-party services: Enable the integration of external services such as map providers (see Section 7).

Your cookie settings are stored as a cookie (cookieConsentSettings) in your browser for 365 days.

Legal basis: Art. 6(1)(a) GDPR (consent) for non-essential cookies; Art. 6(1)(f) GDPR for essential cookies.

6. Web Analytics with PostHog

We use PostHog (PostHog Inc.), hosted on EU servers (eu.posthog.com), to analyse website usage. PostHog is only activated if you have consented to analytics cookies.

PostHog collects:

  • Page views and navigation paths
  • Anonymised usage patterns
  • Technical information (browser, device type)
  • Web vitals (loading times, interaction metrics)

Data is processed exclusively on EU servers. Session recording is disabled. Data is stored in your browser's local storage, not as a cookie. You can withdraw your consent at any time via the cookie settings; PostHog will then be immediately deactivated (opt-out).

Legal basis: Art. 6(1)(a) GDPR (consent).

7. Integration of Google Maps

We use Google Maps (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland) to display interactive maps. Google Maps is only loaded if you have consented to "Third-party services" in the cookie settings. Without your consent, a placeholder is displayed instead of the map.

When Google Maps is loaded, data (including your IP address) is transmitted to Google and may be processed in the USA. The transfer is based on EU Standard Contractual Clauses.

More information: https://policies.google.com/privacy

Legal basis: Art. 6(1)(a) GDPR (consent).

8. Contact Form and Email Communication

When you contact us via our contact form or by email, we collect the data you provide (name, email address, message) to process your enquiry. The transmission is encrypted via the email service Gmail (Google Ireland Limited). A data processing agreement is in place with Google.

Legal basis: Art. 6(1)(b) GDPR (pre-contractual measures) or Art. 6(1)(f) GDPR (legitimate interest in responding to enquiries).

9. Booking Enquiries and Contract Processing

For booking enquiries, we collect the data you provide (e.g. name, contact details, arrival and departure dates) to process your request or carry out your booking.

Legal basis: Art. 6(1)(b) GDPR (contract performance and pre-contractual measures).

10. Web Fonts (Adobe Fonts)

Our website uses fonts from Adobe Fonts (Adobe Inc., 345 Park Avenue, San Jose, CA 95110, USA), which are loaded from Adobe's servers when you visit the page. Your IP address is transmitted to Adobe in this process. Adobe processes the data solely for the purpose of providing the fonts.

More information: https://www.adobe.com/privacy.html

Legal basis: Art. 6(1)(f) GDPR (legitimate interest in a consistent presentation of the website).

11. Social Media Links

We only use links to our social media profiles (e.g. Instagram). No social media plugins are embedded and no data is transferred to the platforms unless you actively click the links. When you access these links, the privacy policies of the respective platforms apply.

12. Data Processors

We use external service providers who work strictly according to our instructions. Contractual agreements pursuant to Art. 28 GDPR are in place with all data processors. These include:

  • Vercel Inc. (website hosting)
  • Sanity AS (content management)
  • PostHog Inc. (web analytics, EU servers)
  • Google Ireland Limited (Google Maps, Adobe Fonts)
  • Google Ireland Limited / Gmail (email delivery)

13. Rights of Data Subjects

You have the following rights at any time:

  • Right of access (Art. 15 GDPR)
  • Right to rectification (Art. 16 GDPR)
  • Right to erasure (Art. 17 GDPR)
  • Right to restriction of processing (Art. 18 GDPR)
  • Right to data portability (Art. 20 GDPR)
  • Right to object to processing (Art. 21 GDPR)
  • Right to lodge a complaint with the competent supervisory authority

Competent authority: Bavarian State Office for Data Protection Supervision (BayLDA), Promenade 27, 91522 Ansbach, Germany.

14. Data Security

Our website uses SSL/TLS encryption to protect your data during transmission.

15. Updates to This Privacy Policy

This privacy policy is updated regularly. The version published on our website always applies.

Last updated: April 2026