Privacy Policy ZENSES Chalets – Nature Retreat at the Rursee, Eifel National Park

We take the protection of your personal data very seriously. This Privacy Policy explains how ZENSES GmbH (“ZENSES,” “we,” “us,” or “our”) collects, processes, and protects personal data when you visit our website, make a booking, or use our services.

1. Data Controller: The data controller responsible for data processing under applicable data protection laws (including the EU General Data Protection Regulation – GDPR) is:

ZENSES GmbH
Langerscheidt 31, 52396 Heimbach
info@zenses-chalets.com

2. Collection and Processing of Personal Data: We process personal data only to the extent necessary to provide our services, fulfill contractual obligations, and comply with legal requirements. Personal data may include: Name, address, email address, phone number Booking details (arrival/departure dates, chalet type, services booked) Payment and invoicing data (processed via secure third-party providers) Communication data (emails, messages, inquiries) Technical data (IP address, browser type, device information)

3. Booking System (Smoobu): We use Smoobu GmbH as our central booking and channel management system. Smoobu processes personal data on our behalf for: Reservation management Guest communication Calendar synchronization Payment-related coordination Integration with online booking platforms Smoobu acts as a data processor under GDPR and processes data exclusively according to our instructions and applicable data protection regulations. 4. Online Travel Agencies (OTAs) ZENSES Chalets is listed on external booking platforms (Online Travel Agencies), including but not limited to: Booking.com Airbnb Expedia and affiliated platforms.

4. Other approved distribution partners: When you book through an OTA: Your personal data is initially processed by the respective platform Relevant booking data is transferred to us via Smoobu to fulfill the accommodation contract Each OTA processes data under its own privacy policy and GDPR obligations We recommend reviewing the privacy policies of the respective booking platform when making a reservation through third-party websites.

5. Purpose of Data Processing: We process personal data for the following purposes: Handling bookings and accommodation contracts Guest communication before, during, and after your stay Providing optional services (eg, massage, bread service, bike rental, experiences) Invoicing and accounting Legal compliance (eg, registration obligations, tax requirements) Website security and technical functionality

6. Legal Basis for Processing Personal data is processed based on: Contractual necessity (Art. 6(1)(b) GDPR) Legal obligations (Art. 6(1)(c) GDPR) Legitimate interests (Art. 6(1)(f) GDPR), such as secure operations and service improvement consent, where required (Art. 6(1)(a) GDPR)

7. Payment: Processing Payments are processed through secure third-party payment service providers.ZENSES does not store full credit card or payment details. Payment providers process data independently under their own privacy policies.

8. Data Sharing with Third Parties: Personal data is shared only when necessary and limited to: Smoobu (booking and channel management) Online Travel Agencies (where applicable) Service providers for optional experiences (only when booked and required) Authorities, where legally required We do not sell or rent personal data to third parties.

9. Data Retention: Personal data is stored only as long as necessary for contractual and legal purposes.Statutory retention periods under tax and commercial law apply. After expiration, data is deleted or anonymized.

10. Cookies & Website Analytics: Our website may use essential cookies to ensure functionality and security. If analytics or marketing cookies are used, they are implemented in compliance with applicable consent requirements. Detailed cookie information is provided via a cookie banner where required.

11. Your Rights Under GDPR: You have the right to access your personal data Rectification of inaccurate data Erasure (“right to be forgotten”) Restriction of processing Data portability Object to processing Withdraw consent at any time To exercise your rights, please contact us using the details above.

12. Data Security: We implement appropriate technical and organizational measures to protect personal data against unauthorized access, loss, misuse, or alteration.

13. Changes to This Privacy Policy: We reserve the right to update this Privacy Policy to reflect legal, technical, or operational changes. The current version is always available on our website.

14. Contact: If you have any questions regarding data protection or this Privacy Policy, please contact: ZENSES GmbH at info@zenses-chalets.com.