Privacy policy

1. Data protection at a glance
General notes and mandatory information

We take the protection of your data very seriously and operate this website in accordance with the applicable data protection legislation with the inclusion of the requirements of the EU General Data Protection Regulation (hereinafter: GDPR). In the following, we inform you about the type and scope of the processing of your personal data as well as the rights to which you are entitled.

When you use this website, various personal data is collected. Personal data is data with which you can be personally identified. This privacy policy explains what data we collect and what we use it for. It also explains how this is done and for what purpose.

We would like to point out that data transmission on the Internet (e.g. when communicating by e-mail) can have security gaps. Complete protection of the data against access by third parties is not possible.

Note on the responsible body

The responsible party for data processing on this website is:

Kathleen Holzschuh
Holzschuh’s Schwarzwaldhotel
Murgtalstr. 655
72270 Baiersbronn OT Schönmünzach

Phone: +49 7447 9463-0

The controller decides alone or jointly with others on the purposes and means of the processing of personal data (e.g. names, contact details or similar).

Basics for data processing

We process personal data only in compliance with the relevant data protection regulations. This means that the data of the users are processed only in the presence of a legal permission, that is,

  • in order to provide our contractual services (e.g. processing of orders) and online services, or these are required by law (Art. 6 para. 1 lit. b. and c. GDPR)
  • your consent has been given (Art. 6 para. 1 lit. a. and Art. 7 GDPR), as well as
  • based on our legitimate interests (i.e. interest in the analysis, optimization and economic operation and security of our online offer within the meaning of Art. 6 para. 1 lit. f. GDPR, in particular in measuring reach, creating profiles for advertising and marketing purposes, and collecting access data and using third-party services).
Data transmission to third parties

Data is only passed on to third parties within the framework of legal requirements. We only disclose user data to third parties if this is necessary, for example, for contractual purposes or on the basis of legitimate interests in the economic and effective operation of our business.

Where we use subcontractors to provide our services, we take appropriate legal precautions and corresponding technical and organizational measures to ensure the protection of personal data in accordance with the relevant legal requirements.

Data transfer to a third country or an international organization

Third countries are countries in which the GDPR is not directly applicable law. This basically includes all countries outside the EU or the European Economic Area.

No data is transferred to a third country or an international organization without your consent or without a legal basis.

If applicable, note on data transfer to the USA and other third countries

Among other things, we use tools from companies based in the USA or other third countries that are not secure under data protection law. When these tools are active, your personal data may be transferred to and processed in these third countries. We would like to point out that no level of data protection comparable to that in the EU can be guaranteed in these countries. For example, U.S. companies are obligated to release personal data to security authorities without you, the data subject, being able to take legal action against this. It can therefore not be ruled out that U.S. authorities (e.g. intelligence agencies) process, evaluate and permanently store your data located on U.S. servers for monitoring purposes. We have no influence on these processing activities.

Storage duration

Data that we store is blocked for further use when the corresponding authorization ceases to apply, in particular after the purpose has been achieved, and is deleted after expiry of the retention periods under tax and commercial law, unless you have expressly consented to the further use of your data or something else has been contractually agreed.

Data that you enter as part of an application process is stored for a maximum of 6 months.

Revocation of your consent to data processing

Only with your explicit consent are some operations of data processing possible. A revocation of your already given consent is possible at any time. For the revocation an informal communication by e-mail is sufficient. The legality of the data processing carried out until the revocation remains unaffected by the revocation.

Right to complain to the competent supervisory authority

As a data subject, you have a right of appeal to the competent supervisory authority in the event of a data protection breach. The competent supervisory authority with regard to data protection issues is the state data protection commissioner of the federal state in which our company’s registered office is located. The following link provides a list of data protection officers and their contact details:

Right to data portability

You have the right to have data that we process automatically on the basis of your consent or in fulfillment of a contract handed over to you or to third parties. The provision takes place in a machine-readable format. If you request the direct transfer of the data to another controller, this will only be done insofar as it is technically feasible.

Right to information, correction, blocking, deletion

Within the framework of the applicable legal provisions, you have the right at any time to free information about your stored personal data, the origin of the data, their recipients and the purpose of the data processing and, if applicable, a right to correction, blocking or deletion of this data. In this regard and also for further questions on the subject of personal data, you can contact us at any time via the contact options listed in the imprint.

SSL- or TLS-Encryption

For security reasons and to protect the transmission of confidential content that you send to us as the site operator, our website uses an SSL or SSL protocol. TLS encryption. This means that data that you transmit via this website cannot be read by third parties. You can recognize an encrypted connection by the “https://” address line of your browser and the lock symbol in the browser line.

Server log files

In server log files, the provider of the website automatically collects and stores information that your browser automatically transmits to us. These are:

  • Visited page on our domain
  • Date and time of the server request
  • Browser type and version
  • Operating system used
  • Referrer URL
  • Host name of the accessing computer
  • IP-Adress

This data is not merged with other data sources. The basis for data processing is Art. 6 para. 1 lit. b GDPR, which permits the processing of data for the performance of a contract or pre-contractual measures.

2. Data acquisition
Borlabs Cookies

This website uses Borlabs cookie, which sets a technically necessary cookie (borlabs-cookie) to store your cookie consents.

Borlabs Cookie does not process any personal data.

The borlabs-cookie cookie stores the consent you gave when entering the website. If you wish to revoke these consents, simply delete the cookie in your browser. When you re-enter/reload the website, you will be asked again for your cookie consent.

Contact form

Data transmitted via contact form will be stored, including your contact data, in order to be able to process your inquiry or to be available for follow-up questions. This data will not be passed on without your consent.

The processing of the data entered in the contact form is based exclusively on your consent (Art. 6 para. 1 lit. a GDPR). A revocation of your already given consent is possible at any time. For the revocation an informal communication by e-mail is sufficient. The legality of the data processing operations carried out until the revocation remains unaffected by the revocation.

Data transmitted via the contact form will remain with us until you request us to delete it, revoke your consent to store it, or there is no longer any need to store the data. Mandatory legal provisions – in particular retention periods – remain unaffected.

Email Marketing / Newsletter

We send e-mail campaigns (e.g. newsletters) only with the consent of the recipient in accordance with. Art. 6 para 1 (a) GDPR. The data entered when registering for the information service will be used exclusively for this purpose. By registering, you will receive information about new or interesting for you products or services, sweepstakes and events through various email campaigns. We thereby pursue our own advertising and information purposes.

The subscription to the newsletter takes place in the so-called double opt-in procedure. By entering your email address, you will receive an email after registration asking for confirmation of your registration. This ensures that no one can log in with a foreign identity. We log the receipt of the registration for the newsletter by storing the IP address of the calling computer and the date and time of registration.

The data will only be used for sending the newsletter and will not be passed on to third parties.

Consent to receive email campaigns can be revoked at any time for the respective email campaign. The link to the revocation is located at the end of each e-mail. In addition, you can also conveniently unsubscribe online at any time using the unsubscribe form.

Online booking – provided by third parties

In order to provide you with a convenient and easy booking experience, we use third-party booking modules and free/busy ads on our website.

This always requires that these third-party providers perceive the IP address of the users. Because without the IP address, they could not send the content to the browser of the respective user. However, we have no influence if the third-party providers store the IP address, e.g. for statistical purposes.

Responsibility for data protection-compliant operation is to be ensured by their respective third-party providers.

The data processing is carried out according to Art. 6 para. 1 letter a) GDPR on the basis of your voluntarily given consent.

Plug-Ins / Tools / External Links
Meta Platforms (Facebook, Instagram)

We use on our website on the basis of Art. 6 para.1 sentence 1 lit.f GDPR uses social media plug-ins from Facebook, offered by Meta Platforms Ireland Limited. The underlying promotional purpose is to be considered a legitimate interest within the meaning of the GDPR. The responsibility for data protection-compliant operation is to be ensured by the respective provider. The integration of this plug-in by us takes place by way of the so-called two-click method in order to protect visitors to our website as best as possible. Our buttons in this regard function as external links, so that no information is transmitted to one of these providers without clicking on one of the buttons. By clicking on the buttons, the specified pages receive information, such as the fact and time when they accessed the website, your IP address or details of the browser used. You will find information on data protection in the respective data protection declarations.

Google Web Fonts

This site uses so-called web fonts provided by Google for the uniform display of fonts. The Google Fonts are installed locally. A connection to Google servers does not take place.

You can find more information about Google Web Fonts here and in Google’s privacy policy.

Google Maps

This site uses the map service Google Maps via an API. The provider is Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. To use the functions of Google Maps, it is necessary to store your IP address. This information is usually transferred to a Google server in the USA and stored there. The provider of this site has no influence on this data transmission. The IP address is only transmitted to Google if the website visitor consents to the transmission.

Google Maps is used in the interest of an appealing presentation of our online offers and to make it easy to find the places we indicate on the website. The use of Google Maps is based on your consent pursuant to Art. 6 para. 1 lit. a. GDPR and § 25 para. 1 TTDSG.

More information on the handling of user data can be found in Google’s privacy policy:


This page uses “Google reCAPTCHA” (hereinafter referred to as “reCAPTCHA”). The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

The purpose of reCAPTCHA is to check whether the data input on this website (e.g. in a contact form) is made by a human or by an automated program. For this purpose, reCAPTCHA analyzes the behavior of the website visitor based on various characteristics. This analysis begins automatically as soon as the website visitor enters the website. For analysis purposes, reCAPTCHA evaluates various information (e.g. IP address, time spent by the website visitor on the website or mouse movements made by the user). The data collected during the analysis is forwarded to Google.

The reCAPTCHA analyses run completely in the background. Website visitors are not informed that an analysis is taking place.

The data is stored and analyzed on the basis of Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in protecting its website from abusive automated spying and SPAM. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR; consent can be revoked at any time.

For more information about Google reCAPTCHA, please refer to the Google Privacy Policy and the Google Terms of Service at the following links: and

Status April 2022.

Due to the further development of our website and offers on it or due to changed legal or regulatory requirements, it may become necessary to change this privacy policy. You can access and print out the current data protection declaration on the website at any time.


Holzschuh’s Schwarzwaldhotel
Murgtalstr. 655
72270 Baiersbronn-Schönmünzach

Telefon: +49 (0) 7447 / 9463 – 0