Book now

- +

Rothenbaumchaussee 10
20148 Hamburg

Back to top
Scroll down

Data Privacy

1. Officer responsible

Responsible for data capture and processing is Elysée Hotel AG Hamburg Rothenbaumchaussee 10, 20148 Hamburg, represented by General Manager, Axel Bethke.

2. Storing your IP address

The IP address of the computer enquiring is immediately concealed, so personal reference is no longer recoverable. The protocol data stated are concealed for processing. No personal reference is recoverable thereby, so deletion of data is not strictly necessary.

3. Usage data when you visit our websites

When you visit our websites, so-called usage data are temporarily stored on our server for statistical purposes as protocol, in the interest of improving the quality of our websites and technically enabling you to view the pages. This data set consists of

  • page originating the file enquiry
  • name of the file
  • date and time of enquiry
  • data quantity transferred
  • access status (file transferred, file not found)
  • description of the type of browser used
  • IP address of the enquiring computer is immediately concealed, so personal reference is no longer recoverable

The protocol data stated are concealed for processing. Thereby personal reference is not recoverable, so deletion of data is not strictly necessary.

4. Cookies used by Elysée Hotel AG Hamburg

5. Tracking tools

On this page we use web tracking technologies involving setting up usage profiles under a pseudonym. These are not used to identify visitors to this website personally or are combined with personal data about the owners of the pseudonym. At any time you can revoke data processing by tracking tools. How that happens is explained in the following passages on the respective tracking services.

6. Google Analytics

To make our website user-friendly we create pseudonym usage profiles with the help of Google Analytics, a web analysis service of Google Inc. (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA: “Google”). Google Analytics use cookies stored on your device and read by us. In this way we are enabled to recognise returning visitors. Data processing is guided by Art. 6 paragraph 1 page 1 letter f DSGVO and in the interest of discovering how often our websites are retrieved by various users.

Since we have activated IP concealment on this website, your IP address is abbreviated by Google beforehand within member states of the European Union and in treaty states of the European Economic Area. Only in exceptional cases is the full IP address transferred to a Google server in the USA for abbreviation there. Google uses this information to evaluate your use of the website for us, compile reports on website activity and render us further services connected with website and internet use.

You can revoke the use of pseudonym usage profiles at any time. There are several possibilities:

1.) One possibility of revoking web analysis by Google Analytics involves setting an opt-out cookie, which informs Google not to store or use your data for purposes of web analysis. Please note that, when using this solution, web analysis is only halted as long as the opt-out cookie is stored by the browser. If you wish to set the opt-out cookie now, please click here.hier.

2.) You can also prevent storage of cookies used to build profiles by a corresponding setting of your browser software.

3.) Depending on the browser you use, you have the possibility of installing a browser plugin to prevent tracking. To do this, please click here and install the browser plugin downloadable there. hier und installieren das dort abrufbare Browser-Plugin.

7. Re-targeting technologies

In order to offer you advertising tailored as far as possible to your interests even on other web pages, we use Google re-targeting technologies. Data processing is based on your agreement in line with Art. 6 paragraph 1 page 1 letter a DSGVO.

If  you visit our websites, we call up recognition characteristics of your browser or device, evaluate your IP address or store a recognition characteristic on your device in the form of a small text file (e.g. so-called third-party cookie). Your usage behaviour is captured when you visit various websites. The characteristics are in the form of a pseudonym. If you are logged in with your Google Account, these characteristics can be directly allocated to your profile. Google can connect your visits to our websites with your characteristics and store them, so they can display targeted advertising on other web pages. So Google can also detect your previous visit made to our website. Your device and browser are recognised by Google, e.g. if  you visit a page where Google advertising pops up.

8. Re-marketing

We provide our websites with buzzwords containing statements about the content of the internet page such as products on offer. Google receives these buzzwords, which contain neither personal nor sensitive information. If you visit a page with certain buzzwords on products, Google stores and allocates it in your pseudonym recognition characteristics. Using this connection, Google can recognise, whether and which of our advertising is displayed for you.

You declare your agreement with the processing of anonymous data about you captured by Google as described here for the above purpose by confirming our cookie banners.

9. Cross-device re-marketing

Google can technically connect the pseudonym characteristics of e.g. your device such as tablet, smartphone and email inbox (cross-device marketing). It is a precondition that in the past you have given your agreement to Google for this data processing. In this way Google can carry out targeted advertising campaigns across various devices.

Your data are transferred to Google and stored in the USA. An appropriate data protection level is guaranteed in line with Art. 45 paragraph 1 DSGVO by Google’s participation in Privacy Shield. In addition we have concluded a contract on order processing with Google Inc. (USA) in line with Art. 28 DSGVO. In line with that Google may only use information for specific purposes aimed at evaluating for us the use of our website and compiling reports on website activity.

You can revoke your agreement given hereto via the cookie banner on our website at any time. For this you should click the following link:  
In order to revoke cross-device re-marketing, please go to the Google internet page at and change your personalised advertising settings. Please note these settings may not work on all devices. If you are using a device with your Google account, pseudonym characteristics are probably allocated to your account. If you do not desire this, please log off.

10. General handling of your personal data

If you give us first and surnames and postal address, we use these for advertising purposes and statistical evaluation on the basis of Art. 6 paragraph 1 page 1 letter f DSGVO and in the interest of informing you about new products and news from Elysée Hotel AG Hamburg.

You have the right to revoke this data processing. You will learn more under the following point “your rights”.

We use other personal details and contact data for advertising purposes and statistical evaluation only if you have expressly agreed thereto. Data processing then proceeds on the basis of Art. 6 paragraph 1 page 1 letter a DSGVO.

If you do not wish us to use your data for advertising purposes and evaluation, you can inform us of this or revoke your agreement at any time, e.g. with Elysée Hotel AG Hamburg, Rothenbaumchaussee 10, 20148 Hamburg. You will learn more under the following point “your rights”. Your revocation does not affect the legality of processing already carried out. If  agreement is revoked, we halt the corresponding data processing.

Personal data you give us online (by email or web forms) are captured and processed in line with legal provisions. We only disclose your data to third parties, if  we are entitled or obliged to do so by law (e.g. in line with contract or criminal prosecution) or if you expressly desire this.

11. Contact and complaints

Details you give us in connection with complaints or general contact are used solely for processing your enquiry. Data processing is carried out on the basis of Art. 6 paragraph 1 page 1 letter f DSGVO and in the interest of offering you comprehensive customer service and the possibility of leaving us feedback on offers, events or your stay or submitting other things.

You have the right to revoke this data processing. You will learn more under the following point “your rights”.  As soon as your data are no longer required for the above  purposes, they are deleted. If data have to be retained for legal reasons, they are blocked. Then the data are no longer available for other uses.

12. Newsletter

You can subscribe to our newsletter on our website. Please note that we require certain data (at least your e-mail address) to subscribe to the newsletter. We use the data that you provide voluntarily in the registration form for targeted communication. The newsletter will only be sent if you have given us your express consent. Once you have placed an order on our website, you will receive a confirmation e-mail to the e-mail address you have provided (so-called double opt-in). You can revoke your consent at any time, e.g. via the unsubscribe link provided in every newsletter. If you subscribe to our newsletter, we will ask you to consent to further newsletter tracking during the order process. If you give us the corresponding consent, we will include individual tracking pixels in our newsletters, with which we can recognize when the newsletter sent to you was retrieved or opened and individualize the links in the newsletter in order to be able to evaluate when you clicked on which link.

As part of the newsletter registration process, we store further data in addition to the data already mentioned, if this is necessary so that we can prove that you have ordered our newsletter. This may include the storage of the full IP address at the time of the order or confirmation of the newsletter, as well as a copy of the confirmation email sent by us. The corresponding data processing takes place on the basis of Art. 6 para. 1 sentence 1 lit. f GDPR and is carried out in the interest of being able to account for the legality of the newsletter dispatch. As part of the newsletter distribution, we use Online Birds GmbH & Co. KG and Block Marketing GmbH as contractually and strictly instruction-bound processors. No data processing takes place outside the EU or the EEA.

13. Links to other websites and social media

On our websites you also find links to other providers’ web offers. You can recognise this by their logo or the opening of a new browser window. If these are not web offers of Elysée Hotel AG Hamburg, we are not responsible for those providers respecting  data protection provisions. Any queries on data protection should please be directed to the providers themselves. You also find on our websites links to social media on the basis of Art. 6 paragraph 1 page 1 letter f DSGVO and in the interest of offering you comprehensive customer service and the possibility of leaving us feedback, giving assessments, gathering information on the Company or asking questions. These include:







We never capture, store or process personal data of our users on this page. Furthermore no other data processing is carried out or initiated by us. Any data uploaded by you on our social media pages such as remarks, videos and pictures are never used or processed by us for other purposes.

Social media can include so-called web-tracking methods on their pages. Please be aware: It cannot be ruled out that social media use your profile data in an effort to evaluate your habits, personal relationships, preferences etc. We have no influence on processing of your data by social media. If you visit our pages on social media, please also see our data protection declaration there and the declarations of providers.

Our online booking is made through the external service provider Travelclick. You can find information about the data protection regulations here.

You can book some of our wellness products directly through Treatwell. The privacy policy can be found here.

14. Embedding of YouTube videos

In some pages we embed YouTube videos with the URL https:/ Viewing these pages means YouTube content is loaded. YouTube also receives your IP address, which is technically required to download the content. As a matter of principle we have no influence on further processing by YouTube. Of course during the embedding of videos we were careful to activate the extended data protection mode offered by YouTube.

15. Online reservation

We process the following data in line with Art. 6 paragraph 1 letter b DSGVO for purposes of contract fulfilment: 

  • Title (all travellers)
  • First name, surname (all travellers)
  • Address data (sending bill and travel documents)
  • Date of birth / age of all travellers
  • Telephone number of the lead traveller/contact partner (for short-term contact in the case of changes)
  • Email address (sending a summary of booking data)
  • Credit card data in cases of payment by credit card
  • Bank details in cases of payment by SEPA debit

This includes associated customer support. Giving your telephone number is voluntary, and no negative consequences are connected with not providing it. Certainly not providing it can in individual cases make communication either difficult or delayed. If you wish to arrive after 18.00, we also capture your payment details as a guarantee. Your details are processed solely in the interest of our contractual services, and of course they are handled confidentially. In the case of online reservation you are automatically connected to the online booking system of our carefully chosen partner Travelclick, and they carry out the reservation for us. They are obliged to observe legal data protection provisions.

We send your booking confirmation to the email address given. In addition in connection with your booking you receive from us emails tailored to your trip with advertising content for our own similar goods. You can revoke this despatch at any time by email to, and apart from transmission costs in line with the basic tariff there are no charges . Upon receipt of your revocation we immediately halt despatch.

If required, personal data are passed to companies involved e.g. banks for payment processing.

Data required for contract fulfilment are deleted latest six months after termination of the contract and only kept for possible queries. The data are not deleted if after termination of the contract amounts due have not yet been paid. In the case of the existence of legal retention periods, the data concerned are archived for the duration of these periods.

We use the services of Hotelchamp, a software and services provider, to improve our online booking process and to personalise and enhance our interaction with you.

In providing this service, to us and to you, Hotelchamp may process some of your personal data on our behalf. Both Hotelchamp, and we, value and respect your privacy and process and protect your personal data in accordance with all applicable legislation and regulations.

We have entered into a "Data Processing Agreement" with Hotelchamp to provide specific arrangements for the processing and protection of your personal data.

We and Hotelchamp may process data such as your email address, IP address and browser fingerprint in conjunction with your booking data and other interactions on our website in order to provide you with content and offers that we believe are most relevant and attractive to you. For example, if your booking dates fall on Christmas, we may provide you with a special Christmas offer. Or if your booking dates indicate that you are a family, we can show you a special family offer.

Hotelchamp's services may involve the use of cookies on our website. By continuing to visit our website, you consent to the use of cookies to help us personalise and improve our interactions with you.

Your interactions will only be used with us and our website to personalise content and offers, never on other websites or platforms.

Translated with (free version)

16. Advertising

Elysée Hotel Hamburg AG is pleased to note your interest in our company. We take the protection of your personal data very seriously and hope you feel properly protected in the case of advertising. The protection of your private affairs in the processing of personal data is an important concern for us to consider in our business processes. We process any data captured in line with legal provisions.

If you apply for jobs advertised by us, as a matter of principle we capture only data required for processing your application to Elysée Hotel AG Hamburg. These are details such as title, first name, surname, date of birth, details of the position sought, education, professional experience, supporting documents and a contact address (email or telephone).

However giving your telephone number and email address is voluntary. There are no negative consequences to not providing this data. Of course not providing a telephone number may hinder communication by telephone interview.

Your personal information and data are captured with great care and integrity, stored and only used for specific purposes.

Data processing is carried out on the basis of § 26 BDSG and DSGVO. You undertake to provide only true details, and you should be aware that giving incorrect details may lead to the dissolution of a possible employment relationship.

17. Video systems

The hotel has installed video units for monitoring. In line with Art. 6 paragraph 1 letter f DSGVO data are processed in the interest of preventing and solving crime. In detail video monitoring prevents crime, material and personal harm caused by vandalism and theft and abuse of power and provides evidence to support criminal investigation and enforcement of civil claims arising. This also protects our staff and guards from attack. In some restaurants the video also protects fire units, emergency exits and technical rooms. Electronic images are created, whose resolution may facilitate the imaging of persons. Sound recording is not possible. Some systems are configured so as not to store data. If image data are captured, these are automatically overwritten (deleted) latest 72 hours after recording. If a crime is detected, the image data stored in some systems are retained for evaluation until termination of the respective proceedings, and then deleted.

You have the right to revoke data processing, e.g. by email to There are more details under the point “rights of the person concerned” and “advice of revocation”. Elysée Hotel AG Hamburg no longer processes the personal data, unless it can show compelling protection reasons for the processing that outweigh the interests, rights and freedoms of the person concerned, or if processing aids enforcement, exercise or protection of rightful claims.

18. Data recipients

For our processing of your data we use applicant management software in the HOTELCAREER portal from YOURCAREERGROUP GmbH, Kaiserswerther Strasse 282, 40474 Düsseldorf, and they give us directives concerning order processing. After input and transmission of your data, they arrive via an encrypted connection directly on the server of our external provider and are there processed by us. If you input a profile to and apply to other companies, YOURCAREERGROUP GmbH is responsible for data processing. Please therefore also observe the data protection provisions there. We delete your details upon termination of the application process and expiry of legal retention periods after 6 months, if your application is unfortunately rejected. 

19. Data transmission to third countries

Sometimes we transmit personal data to a third country outside the EU. In the process we make sure of appropriate data protection measures:

In the case of Google Analytics (USA) there are appropriate data protection measures in their corresponding participation in the Privacy Shield agreement (Art. 45 paragraph 1 DSGVO).

In the case of Travelclick (USA) there are appropriate data protection measures in their corresponding participation in the Privacy Shield agreement (Art. 45 paragraph 1 DSGVO).
We never sell your personal data to third parties or otherwise use them.

20. Data security

We use technical and organisational security measures to protect your data as comprehensively as possible against undesired access. In addition to obligation of our staff to confidentiality, careful selection and monitoring of service providers and securitisation of our working environment we employ an encryption procedure in some areas. The information provided by you is then transferred in encrypted form over a SSL protocol (Secure Socket Layer) and authentically checked, to prevent abuse of these data by third parties. You can recognise this, if in the status bar of your browser the lock symbol is closed and the address line begins with https.

21. Your rights

DSGVO guarantees certain rights for you as internet page user in processing of your personal data:

1. Right of information (Art. 15 DSGVO):

You have the right to request confirmation whether relevant personal data are processed; if this is the case, you have a right to information about these personal data and to the information listed in Art. 15 DSGVO.

2. Right to correction and deletion  (Art. 16 and 17 DSGVO):

You have the right to request immediate correction of relevant incorrect personal data and, if appropriate, amplification of incomplete personal data.

In addition you have the right to request that your relevant personal data be deleted immediately, if one of the grounds listed in Art. 17 DSGVO applies, e.g. if  the data are no longer required for the intended purposes

3. Right to limitation of processing (Art. 18 DSGVO):

You have the right to request limitation of processing if one of the preconditions listed in Art. 18 DSGVO is fulfilled, e.g. if  you have registered your revocation of processing, for the duration of any testing.

4. Right to data transmissibility (Art. 20 DSGVO):

In certain cases outlined in Art. 20 DSGVO you have the right to receive your relevant personal data in a structured, commonplace and machine-readable format or request transfer of these data to a third party.

5. Right of revocation (Art. 21 DSGVO):

If data are captured on the basis of Art. 6 paragraph 1 page 1 letter f (data processing in protection of justified interests), you have the right to register your revocation of processing for particular personal reasons at any time. We then no longer process your personal data, unless there is for the processing evidence of compelling protection grounds that outweigh the interests, rights and freedoms of the person concerned, or if processing aids enforcement, exercise or protection of rightful claims.

6. Right to complain to a supervisory authority

In line with Art. 77 DSGVO you have the right to complain to a supervisory authority, if  you are of the opinion processing of your data contravenes data protection laws. This right can be enforced especially with a supervisory authority in the member state of your place of residence, place of work or the place of suspected contravention. In Hamburg the supervisory authority responsible is the Hamburgische Beauftragte für Datenschutz und Informationsfreiheit (HmbBfDI), Kurt-Schumacher-Allee 4, 20097 Hamburg.

22. Data protection officer

Our corporate data protection officer is available to you for information and suggestions in the matter of data protection:

Frau Jennifer Jähn-Nguyen
datenschutz nord GmbH
Standort Hamburg
Sechslingspforte 2
22087 Hamburg