This privacy policy informs you in accordance with Article 13 GDPR about how we process personal data when you visit our website and use our services. It is acknowledged when you access the site and is available at any time at /privacy/ retrievable. Consent to data processing is obtained separately via the cookie banner, if necessary.
Tacke Privathotels GmbH
Rostocker Chaussee 28 A
18437 Stralsund
Represented by the managing director: Sebastian Tacke
E-Mail: info@tacke-privathotels.de
Phone: +49 3831 4632200
For further information see Imprint.
Personal data is processed exclusively in accordance with the provisions of the General Data Protection Regulation (GDPR), the Federal Data Protection Act (BDSG) and the Telecommunications Digital Services Data Protection Act (TTDSG). The following sections inform you about the type, scope and purpose of collection, processing and use. This declaration relates exclusively to our own website. If you follow links to third-party websites, the respective data protection declarations apply.
When you visit this site, the web server automatically records log files that cannot be assigned to a specific person without a criminal order. The following are recorded Browser type and version, operating system, referrer URL, IP address of the requesting computer, access date and time, file accessed. This data is used for troubleshooting, defense against attacks and statistical analysis. It is not passed on to third parties. Legal basis: Art. 6 para. 1 lit. f GDPR (legitimate interest in secure operation). Storage period: 14 days rolling.
If you voluntarily provide us with personal data (e.g. via the contact form or by email), this data will be stored until the request has been completed or until the statutory retention periods have expired. Legal basis: Art. 6 para. 1 lit. b GDPR (contract initiation) or Art. 6 para. 1 lit. f GDPR (legitimate interest in communication).
We use cookies and similar storage mechanisms to keep the website functional and - with your consent - to measure reach and integrate external services. Consent is obtained via our cookie banner („Borlabs Cookie“) and can be revoked at any time via the banner link in the footer. Technically necessary cookies are set without consent (§ 25 para. 2 no. 2 TTDSG).
The following services are used on this website. Unless they are absolutely necessary for operation, they will only be loaded after you have given your consent via the cookie banner (Borlabs cookie). You can revoke your consent at any time.
We use the „Borlabs Cookie“ plugin from Borlabs GmbH, Rübenkamp 32, 22305 Hamburg, Germany, to obtain and manage your cookie consent. A technically required cookie („borlabs-cookie“) is stored in your browser, which contains your selection. Legal basis: Art. 6 para. 1 lit. c GDPR in conjunction with § 25 para. 2 no. 2 TTDSG (legal obligation to document consent).
We use a technical „honeypot“ procedure to prevent automated spam requests via contact forms: a form field that is invisible to human users recognizes automated entries and blocks them on the server side. There is no transmission to external providers, no third country transmission, no captcha solution with image recognition. Legal basis: Art. 6 para. 1 lit. f GDPR (legitimate interest in spam protection).
JavaScript components („datepicker“) hosted locally on our server are used to select arrival and departure dates. There is no transmission to external providers, no third country transmission. Legal basis: Art. 6 para. 1 lit. f GDPR (legitimate interest in user-friendly booking processing).
For direct bookings, we use the „Viato CBE“ booking engine from ViatoCRS GmbH, Wilhelm-Külz-Str. 1, 03046 Cottbus (in combination with the „hotelclass“ rate management system from the same provider). The data entered in the booking form (name, address, e-mail, telephone, payment details, period of stay, selected room category) are transmitted to Viato for the purpose of booking processing and forwarded from there to our property management system Mews. Legal basis: Art. 6 para. 1 lit. b GDPR (fulfillment of contract). Order processing contracts in accordance with Art. 28 GDPR with Viato/Hotelclass are in place.
We use the property management system „Mews“ from Mews Systems s.r.o., Nehvizdská 2536/8, 198 00 Prague, Czech Republic, to manage bookings, stays and guest master data. Mews receives the data recorded in the booking workflow via an interface from the Viato CRS and processes it during the stay and for the post-contractual fulfillment of legal obligations. Storage period: up to 10 years, insofar as required by commercial and tax retention periods (§§ 147 AO, 257 HGB). Legal basis: Art. 6 para. 1 lit. b GDPR (contract fulfillment) and Art. 6 para. 1 lit. c GDPR (legal retention). Order processing contract according to Art. 28 GDPR exists. Privacy policy of the provider: https://www.mews.com/en/privacy-policy.
This website uses forms from the „Gravity Forms“ plugin (Rocketgenius Inc., 1620 Centerville Turnpike, Suite 102 Box #228, Virginia Beach, VA 23464, USA). The data entered in the form (e.g. name, e-mail, request) is processed on our server in the website database and forwarded to our e-mail address for processing. The form data is not transmitted to the USA - Gravity Forms is operated as a self-hosted WordPress plugin on our server in Germany (IONOS). Storage period until completion of the request plus statutory retention periods. Legal basis: Art. 6 para. 1 lit. b GDPR (contract initiation) or lit. f (legitimate interest in communication).
We offer you a direct WhatsApp contact button via the „Joinchat“ plugin. A connection to WhatsApp Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (part of Meta Platforms, Inc.) is only established when you click on the button. The content and history of the WhatsApp conversation are processed on the devices of the participants and on WhatsApp's servers. Legal basis: Art. 6 para. 1 lit. a GDPR (consent by click). Privacy policy of the provider: https://www.whatsapp.com/legal/privacy-policy-eea.
To display our location and directions, we use „Google Maps“ from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. The map material is only loaded after your consent via the cookie banner. When loading, your IP address and technical browser information are transmitted to Google. Legal basis: Art. 6 para. 1 lit. a GDPR (consent). Third country transfer USA on the basis of standard contractual clauses and EU-US Data Privacy Framework. Privacy policy of the provider: https://policies.google.com/privacy.
Fonts from Google Fonts (Google Ireland Limited, address as above) are used for the uniform presentation of the website. If fonts are loaded from the Google server, your IP address will be transmitted to Google. Legal basis: Art. 6 para. 1 lit. f GDPR (legitimate interest in uniform presentation). Third country transfer USA on the basis of standard contractual clauses and EU-US Data Privacy Framework.
If you have given your consent, we use Google Analytics 4, a web analytics service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Analytics processes your IP address (shortened by IP anonymization), device and browser information as well as your surfing behavior within the website in pseudonymized form in order to evaluate the reach and usage behavior of the site. We operate two property configurations with the measurement IDs G-65GFBM8SYT and G-65GFBM8SYT. Storage period up to 14 months. Legal basis: Art. 6 para. 1 lit. a GDPR (consent via Borlabs cookie). Third country transfer USA on the basis of standard contractual clauses and EU-US Data Privacy Framework. Privacy policy of the provider: https://policies.google.com/privacy. Revocation possible at any time via the cookie banner.
On subpages of our website, we display reviews of our guests, which they have submitted to us in their Google profile, in the form of a widget. The „Trustindex“ plugin from Trustindex.io Kft, Frankel Leó út 30-34, 1023 Budapest, Hungary, is used for this purpose. Trustindex retrieves the ratings via the Google Maps interface and displays them on our website. The widget is only loaded after your consent via the cookie banner. Legal basis: Art. 6 para. 1 lit. a GDPR (consent) or Art. 6 para. 1 lit. f GDPR (legitimate interest in reputation presentation). Privacy policy of the provider: https://www.trustindex.io/privacy-policy/.
We use the WordPress plugin „TranslatePress“ from Cozmoslabs S.R.L., Bucharest, Romania in combination with the machine translation interface „DeepL API“ from DeepL SE, Maarweg 165, 50825 Cologne, Germany for the automatic translation of website content into several languages (English, Polish, Russian, Swedish, French, Danish). When a text module is automatically translated once, it is transmitted to the DeepL API, translated there and stored in our database. No personal data of website visitors is transmitted, only the content texts of our website to be translated. DeepL processes the transmitted texts in accordance with its privacy policy; according to DeepL, the API requests are not stored beyond the translation period. Legal basis: Art. 6 para. 1 lit. f GDPR (legitimate interest in multilingual accessibility). Data processing agreement pursuant to Art. 28 GDPR with DeepL exists. Privacy policy of the provider: https://www.deepl.com/de/privacy.
This page binds a widget from HOTELCLASS to display the current star category. Provider is the DEHOGA German Hotel Classification GmbH, Am Weidendamm 1A, 10117 Berlin (Provider imprint). Guests can see that the Aparthotel Stralsund has been classified and complies with the official guidelines of the German Hotel Classification.
Collection and processing of personal data: The HOTELCLASS widget can be used without providing personal data. Name, e-mail address and postal address are neither collected nor stored.
Server log files: The provider collects server log data (referrer URL, browser type and version, language, operating system, anonymized IP address, time of server request, HTTP status code, amount of data transferred). Storage period 7 days rolling. Not merged with other data. Legal basis: Art. 6 para. 1 lit. f GDPR.
Storage location: Server of MINDSTREAM - Christian Klar, Maria-Theresien-Straße 21, 6020 Innsbruck (Austria), location Data Center Park Falkenstein.
Right to information: info@hotelstars.eu or DEHOGA Deutsche Hotelklassifizierung GmbH, Am Weidendamm 1A, 10117 Berlin (Managing Director: Markus Luthe).
Insofar as personal data is processed by service providers on our behalf, we have concluded data processing agreements with them in accordance with Art. 28 GDPR. If data is transferred to third countries (in particular the USA), this is done on the basis of EU standard contractual clauses (SCC) and - if the recipient is certified - the EU-US Data Privacy Framework.
If your personal data is processed, you are a data subject within the meaning of the GDPR and you have the following rights vis-à-vis the controller (please click on a point to expand):
You can request confirmation from the controller as to whether personal data concerning you is being processed by us. If such processing is taking place, you can request the following information from the controller:
You have a right to rectification and/or completion vis-à-vis the controller if the processed personal data concerning you is incorrect or incomplete. The controller must make the correction without delay.
You may request the restriction of the processing of your personal data under the following conditions:
If the processing of personal data concerning you has been restricted, such data may only be processed - apart from being stored - with your consent or for the establishment, exercise or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the Union or of a Member State.
If the restriction of processing has been restricted in accordance with the above conditions, you will be informed by the controller before the restriction is lifted.
You have the right to obtain from the controller the erasure of personal data concerning you without undue delay and the controller shall have the obligation to erase personal data without undue delay where one of the following grounds applies:
If the controller has made the personal data concerning you public and is obliged to erase it pursuant to Article 17(1) GDPR, it shall take reasonable steps, including technical measures, taking into account the available technology and the cost of implementation, to inform controllers which are processing the personal data that you as the data subject have requested the erasure by such controllers of any links to, or copy or replication of, those personal data.
The right to erasure does not exist if the processing is necessary
If you have asserted the right to rectification, erasure or restriction of processing against the controller, the controller is obliged to notify all recipients to whom the personal data concerning you have been disclosed of this rectification or erasure of the data or restriction of processing, unless this proves impossible or involves a disproportionate effort. You have the right vis-à-vis the controller to be informed about these recipients.
You have the right to receive the personal data concerning you, which you have provided to the controller, in a structured, commonly used and machine-readable format. You also have the right to transmit this data to another controller without hindrance from the controller to which the personal data has been provided, where
In exercising this right, you also have the right to have the personal data concerning you transmitted directly from one controller to another, where technically feasible. The freedoms and rights of other persons must not be affected by this. The right to data portability does not apply to the processing of personal data necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.
You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on point (e) or (f) of Article 6(1) GDPR, including profiling based on those provisions.
The controller will no longer process the personal data concerning you unless the controller demonstrates compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defense of legal claims.
If your personal data is processed for direct marketing purposes, you have the right to object at any time to the processing of your personal data for such marketing, which includes profiling to the extent that it is related to such direct marketing.
If you object to processing for direct marketing purposes, your personal data will no longer be processed for these purposes.
Notwithstanding Directive 2002/58/EC, you have the option of exercising your right to object in connection with the use of information society services by means of automated procedures using technical specifications.
You have the right to withdraw your declaration of consent under data protection law at any time. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.
You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you. This does not apply if the decision
However, these decisions may not be based on special categories of personal data pursuant to Art. 9 para. 1 GDPR, unless Art. 9 para. 2 lit. a or g applies and appropriate measures have been taken to protect the rights and freedoms as well as your legitimate interests.
In the cases referred to in (1) and (3), the data controller shall implement suitable measures to safeguard your rights and freedoms and legitimate interests, at least the right to obtain human intervention on the part of the controller, to express your point of view and to contest the decision.
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement if you consider that the processing of personal data relating to you infringes the GDPR.
The supervisory authority with which the complaint has been lodged shall inform the complainant of the status and outcome of the complaint, including the possibility of a judicial remedy pursuant to Art. 78 GDPR.
We update this privacy policy from time to time, in particular in the event of changes to services or the legal situation. In the event of significant changes, we will clearly indicate this on the website. You will always find the current version at /privacy/.
Status: 17.05.2026
English 
Deutsch (Sie)