Privacy Policy

 

a) Below we provide information about the collection of personal data when using our website. Personal data are all data relating to you personally, e.g. name, address, email addresses, user behavior.

 

b) The controller pursuant to Art. 4 para. 7 EU General Data Protection Regulation (GDPR) is: 

 

Richter GmbH & Co. KG

Elisabethstrasse 12

35037 Marburg

Phone: +49 (0) 6421 59075-0

Fax: +49 (0) 6421 59075-100

Email: info@marburgerhof.de 

 

You can reach our data protection officer at:

 

Gesellschaft für Datenschutz Mittelhessen mbH

Auf der Appeling 8

35043 Marburg

Email: datenschutz@gdsm.de

 

c) If we use commissioned service providers for certain functions of our offer or wish to use your data for advertising purposes, we will inform you in detail below about the respective procedures. We will also specify the defined criteria for the storage period.

 

Your Rights

 

a) You have the following rights vis-à-vis us regarding your personal data:

• Right to access,

• Right to rectification or deletion,

• Right to restriction of processing,

• Right to object to processing,

• Right to data portability.

 

b) You also have the right to complain to a data protection supervisory authority about the processing of your personal data by us.

 

 

 

a) When using the website purely for informational purposes, that is, if you do not register or otherwise provide us with information, we only collect the personal data that your browser transmits to our server. If you simply want to view our website, we collect the following data which is technically necessary for us to display our website to you and to ensure stability and security (legal basis is Art. 6 para. 1 sentence 1 lit. f GDPR):

• IP address

• Date and time of the request

• Time zone difference to Greenwich Mean Time (GMT)

• Content of the request (concrete page)

• Access status/HTTP status code

• Transferred amount of data respectively

• Website from which the request comes

• Browser

• Operating system and its interface

• Language and version of the browser software.

 

b) In addition to the aforementioned data, cookies are stored on your computer when you use our website. Cookies are small text files that are stored on your hard drive assigned to the browser you are using and through which the party setting the cookie (here us) receives certain information. Cookies cannot execute programs or transmit viruses to your computer. They serve to make the internet offer overall more user-friendly and effective. The use of these cookies is based on Art. 6 para. 1 sentence 1 lit. a or c GDPR.

 

 

 

a) This website uses the following types of cookies, the scope and functionality of which are explained below:

• Transient cookies (see b below)

• Persistent cookies (see c below).

 

b) Transient cookies are automatically deleted when you close the browser. These primarily include session cookies. These store a so-called session ID, with which various requests from your browser can be assigned to the common session. This makes it possible to recognize your computer when you return to our website. Session cookies are deleted when you log out or close the browser.

 

c) Persistent cookies are automatically deleted after a predetermined period which can vary depending on the cookie. You can delete the cookies at any time in the security settings of your browser.

 

d) You can configure your browser settings according to your wishes and, for example, refuse acceptance of third-party cookies or all cookies. We point out that you may not be able to use all functions of this website in this case.

 

e) Cookie Consent Manager System 

On our website, we use a Cookie Consent Manager tool to inform you about technologies we use on our website and to obtain, manage and document your consent to the processing of your personal data by these technologies. 

This is necessary to fulfill our legal obligation pursuant to Art. 6 para. 1 sentence 1 lit. c GDPR in conjunction with Art. 7 para. 1 GDPR in order to be able to prove your consent to the processing of your personal data. 

 

 

 

a) In addition to purely informational use of our website, we offer various services which you can use if interested. For this you usually have to provide additional personal data which we use to provide the respective service and for which the above-mentioned principles of data processing apply.

 

b) Sometimes we use external service providers for processing your data. These have been carefully selected and commissioned by us, are bound by our instructions, and are regularly monitored.

 

c) Furthermore, we may pass your personal data to third parties if participations in campaigns, competitions, contract conclusions or similar services are offered jointly with partners. You will receive more information on this when providing your personal data or below in the description of the offer.

 

d) If our service providers or partners are based outside the European Economic Area (EEA), we inform you of the consequences of this circumstance in the description of the offer.

 

 

 

The personal data we collect and store are treated confidentially and protected against loss and alteration as well as unauthorized access by suitable technical and organizational measures. Your personal data is transmitted encrypted over the internet. We use SSL encryption (Secure Socket Layer) for data transmission. 

 

 

We do not carry out automated decisions (including profiling) with the personal data we collect during your visit to our website.

 

 

 

a) If you have given consent to the processing of your data, you can revoke this at any time. Such a revocation affects the legality of the processing of your personal data after you have communicated it to us.

 

b) If we base the processing of your personal data on the balance of interests, you can object to the processing. This is the case if the processing is not necessary for the performance of a contract with you, which we will explain in connection with the description of the functions below. When exercising such objection, please state the reasons why we should not process your personal data as carried out by us. In case of your justified objection, we will examine the facts and either stop or adjust the data processing or inform you of compelling legitimate grounds based on which we continue processing.

 

c) Of course, you can object to the processing of your personal data for advertising and data analysis purposes at any time. You can inform us about your objection to advertising at the following contact details: Richter GmbH & Co. KG

Elisabethstrasse 12, 35037 Marburg, Phone: +49 (0) 6421 59075-0, Email: info@marburgerhof.de.

 

 

 

You have the option to contact us by email. The respective addresses can be found on our website under Contact.

 

If contact is made via the email address provided by us, the personal data transmitted with your email will be stored. The legal basis for the processing of your data in this context is Art. 6 para. 1 lit. f) GDPR, as our legitimate interest is to contact you as a (potential) customer.

If the email contact is related to the conclusion or execution of a contract between you and us, Art. 6 para. 1 lit. b) GDPR additionally applies as the legal basis for processing.

 

We process personal data that we store in connection with your email contact exclusively to process your inquiry. Data is not passed on to third parties in this context.

 

We delete your data as soon as it is no longer necessary for achieving the purpose for which it was collected. For personal data transmitted via email, this is the case once the respective correspondence with you has ended and the circumstances indicate that the facts concerned have been finally clarified.

If data is required for fulfilling a contract or for pre-contractual measures, deletion can only occur as far as contractual or legal retention obligations allow. Which retention periods apply must be determined individually for each contract and contracting party.

 

You can revoke your consent to the processing of personal data at any time. In case of contact via email, you can object to the storage of your personal data at any time. For this, simply send a corresponding message to the contact details named at the beginning of this privacy policy. 

 

 

a) When you contact us via a contact form, the data you provide and personal data resulting from it (e.g. name, inquiry, email address, phone number) will be stored by us for the purpose of processing your inquiry and for any follow-up questions. We do not pass on these data to third parties without your consent. 

 

b) The data you send us via contact inquiries remain with us until you request deletion, revoke your consent to storage, or the purpose for data storage no longer applies (e.g. after completed processing of your request). Mandatory legal provisions – especially statutory retention periods – remain unaffected. 

 

c) Processing of these data is based on Art. 6 para. 1 lit. b GDPR if your request is related to the performance of a contract or required for pre-contractual measures. In all other cases, processing is based on our legitimate interest in effective handling of requests addressed to us (Art. 6 para. 1 lit. f GDPR) or your consent (Art. 6 para. 1 lit. a GDPR) if obtained.

 

 

Bookings can be made via our website. For processing the booking, the following personal data will be collected by us: Name, address, date of birth, gender, email address, phone number, mobile number. These data are necessary for processing the booking. Furthermore, to process the booking, we also require personal data related to the respective booking. In particular, exchange of payment information such as bank details, card number, validity date and CVC code may occur mutually. Transmission of this data serves identity verification, payment administration and fraud prevention. The purpose of data collection is the fulfillment of (pre-) contractual obligations according to Art. 6 para. 1 lit. b GDPR.

 

 

This site uses the Profitroom booking system via an API. The provider is PROFITROOM GmbH, Potsdamer Platz 10/2, 10785 Berlin.

To correctly display booking information, your browser loads the necessary scripts into its browser cache when accessing a page.

To do this, the browser you use must connect to the servers of PROFITROOM GmbH. This allows PROFITROOM GmbH to know that our website was accessed via your IP address. The use of Profitroom is in the interest of a simple and fast booking process. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR. For cases in which your personal data is transmitted to Profitroom, the legal basis is your consent according to Art. 6 para. 1 lit. a GDPR. Further information about Profitroom can be found at https://www.profitroom.de/impressum.

 

 

If you subscribe to our newsletter, we inform you about our current interesting offers. The legal basis for this is your consent according to Art. 6 para. 1 lit. a GDPR.

If the newsletter of our company is subscribed to, the data entered in the input mask is transmitted to the responsible person for processing. Subscription to our newsletter is done via a so-called double opt-in process. This means you receive an email after signing up asking you to confirm your subscription.

When signing up for the newsletter, the IP address of the user as well as date and time of registration are stored. This serves to prevent abuse of the services or the email address of the affected person. Data is not shared with third parties. An exception applies if there is a legal obligation to share data. The data is used exclusively for sending the newsletter. The subscription can be canceled by the affected person at any time. Likewise, consent to the storage of personal data can be revoked at any time. Every newsletter contains a corresponding link for this purpose.

 

 

This website uses services from "Cloudflare" (provider: Cloudflare, Inc., 101 Townsend St, San Francisco, CA 94107, USA).

Cloudflare operates a Content Delivery Network (CDN) and provides security functions for the website (Web Application Firewall). Data transfer between your browser and our servers flows via the Cloudflare infrastructure and is analyzed there to fend off attacks. Cloudflare uses cookies to enable you access to our website. The use of Cloudflare occurs only if you consent. The legal basis is Art. 6 para. 1 lit. a GDPR.

For cases in which personal data is transferred to the USA, Cloudflare has committed to the EU-U.S. Data Privacy Framework, https://www.dataprivacyframework.gov/s/. 

Further information can be found in the Cloudflare privacy policy: https://www.cloudflare.com/de-de/privacypolicy/.

 

 

This website uses the online marketing tool DoubleClick by Google. For the European area, the company Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible for all Google services. Placing Google DoubleClick cookies is based on Art. 6 para. 1 lit. a GDPR.

DoubleClick uses cookies to show users relevant ads, improve reports on campaign performance, or avoid showing the same ads multiple times. Google registers which ads appear in which browser through a cookie ID, thus preventing duplicate ad displays. Additionally, DoubleClick can record so-called conversions linked to ad requests. This happens when a user sees a DoubleClick ad and later visits the advertiser's website with the same browser and makes a purchase. Due to the marketing tools used, your browser automatically establishes a direct connection to Google's server. We have no influence on the extent and further use of data collected by Google through this tool and inform you accordingly: By embedding DoubleClick, Google receives information that you accessed the respective part of our website or clicked on our ad. If you are registered with a Google service, Google may associate the visit with your account. Even if you are not registered or logged in, the provider may receive and store your IP address.

For cases in which personal data are transferred to the USA, Google has committed to the EU-U.S. Data Privacy Framework, https://www.dataprivacyframework.gov/s/. More about the data processed by Google DoubleClick can be found in the privacy policy at https://policies.google.com/privacy?hl=en-US.

 

 

We use Google Adwords to draw attention to our attractive offers on external websites with the help of advertising materials (so-called Google Adwords). We can determine, in relation to the data from the advertising campaigns, how successful the individual advertising measures are. We aim to show you ads that are of interest to you, make our website more interesting for you, and achieve fair advertising costs. These advertising materials are delivered by Google via so-called "Ad Servers." We use Ad Server cookies which allow to measure parameters relevant for success such as ad impressions or clicks by users. If you come to our website via a Google ad, a cookie is stored on your PC by Google Adwords. These cookies usually expire after 30 days and are not intended to personally identify you. Analysis values such as unique cookie ID, number of ad impressions per placement (frequency), last impression (relevant for post-view conversions), and opt-out information (marking that the user no longer wants to be addressed) are usually stored linked to this cookie. These cookies enable Google to recognize your internet browser. If a user visits certain pages of an Adwords customer's website and the stored cookie on their computer has not yet expired, then Google and the customer can recognize that the user clicked the ad and was forwarded to that page. Each Adwords customer is assigned a different cookie. Cookies cannot be tracked across the websites of Adwords customers. We do not collect or process personal data in the mentioned advertising measures. We only receive statistical evaluations from Google. Based on these, we can identify which advertising measures are particularly effective. We do not receive any further data from the use of the advertising materials and, in particular, cannot identify users based on this information. Due to the marketing tools, your browser automatically establishes a direct connection to Google's server. We have no influence on the extent and further use of data which are collected by Google through the use of this tool and inform you accordingly: Through the integration of AdWords Conversion, Google receives the information that you accessed the respective part of our website or clicked on one of our ads. If you are registered with a Google service, Google can associate the visit with your account. Even if you are not registered or logged in, it is possible that the provider obtains and stores your IP address. 

You can prevent participation in this tracking method in various ways: 

a) by setting your browser software accordingly, especially suppressing third-party cookies so that you receive no advertisements from third-party providers; 

b) by deactivating cookies for conversion tracking by setting your browser to block cookies from the domain "www.googleadservices.com," https://www.google.de/settings/ads, noting that this setting is deleted when you clear your cookies; 

c) by deactivating interest-based advertisements of providers who are part of the self-regulation campaign "About Ads" via the link http://www.aboutads.info/choices, noting that this setting is deleted when you clear your cookies; 

d) by permanent deactivation in your browsers Firefox, Internet Explorer or Google Chrome under the link http://www.google.com/settings/ads/plugin. 

We point out that you might not be able to use all functions of this offer in this case. The legal basis for processing your data is Art. 6 para. 1 sentence 1 lit. a GDPR. Further information about data protection at Google can be found here: http://www.google.com/intl/de/policies/privacy and https://services.google.com/sitestats/de.html. Alternatively, you can visit the Network Advertising Initiative (NAI) website at http://www.networkadvertising.org. For cases in which personal data are transferred to the USA, Google has committed to the EU-U.S. Data Privacy Framework, https://www.dataprivacyframework.gov/s/.

 

 

a) This website uses Google Analytics, a web analytics service of Google LLC. (for Europe: Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland – “Google”). Google Analytics uses so-called “cookies,” text files stored on your computer, which enable analysis of your use of the website. The information generated by the cookie about your use of this website is usually transmitted to and stored on a Google server in the USA. We have activated IP anonymization on this website, so your IP address will be shortened by Google within member states of the European Union or other contracting states to the Agreement on the European Economic Area prior to transmission. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, compile reports on website activity and provide other services related to website and internet use to the website operator. Hence, Google is a processor on behalf of the operator within the meaning of Art. 4 No. 8 GDPR, and an agreement on processing on behalf was concluded according to Art. 28 para. 3 GDPR. Google Analytics cookies are set based on Art. 6 para. 1 lit. a GDPR.

b) The IP address transmitted by your browser in Google Analytics is not merged with other data from Google. 

c) You can prevent the storage of cookies by appropriate settings in your browser software; however, we point out that in this case you may not be able to use all functions of this website fully. You can also prevent Google from collecting and processing the data generated by the cookie relating to your use of the website (including your IP address) by downloading and installing the browser plug-in available at the following link: https://tools.google.com/dlpage/gaoptout?hl=de.

d) This website uses Google Analytics with the “_anonymizeIp()” extension. This shortens IP addresses so that an assignment to a person is excluded. If personal data is collected, it is deleted immediately.

e) We use Google Analytics to analyze and regularly improve the use of our website. Through the statistics obtained, we can improve our offer and make it more interesting for you as a user.

f) For cases where personal data is transferred to the USA, Google has committed to the EU-U.S. Data Privacy Framework, https://www.dataprivacyframework.gov/s/. 

g) This website uses Google Analytics to analyze cross-device visitor flows via a user ID. You can deactivate this cross-device analysis of your usage in your customer account under “My Data,” “Personal Data.”

 

 

This site uses so-called web fonts provided by Google for uniform font display. When a page is called up, your browser loads the required web fonts into its browser cache to display texts and fonts correctly. The fonts are held locally by us, so no personal data is transmitted to Google. If your browser does not support web fonts, a standard font on your computer is used. More information about Google Web Fonts can be found at https://developers.google.com/fonts/faq and in Google's privacy policy: https://www.google.com/policies/privacy.

 

 

a) On this website, we use Google Maps via an API based on your consent pursuant to Art. 6 para. 1 lit. a GDPR. This allows us to display interactive maps directly on the website and enables convenient use of the map function. The provider is Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland.

b) To ensure data protection on this website, Google Maps is deactivated when you first visit this website. A direct connection to the Google servers will only be established after you have activated Google Maps yourself. This prevents your data from being transmitted to Google upon initial page visit.

c) After activation, Google Maps will store your IP address and location information, which is usually transferred to a Google server in the USA and stored there. After activation, the operator of this site has no influence on this data transfer. For cases where personal data is transferred to the USA, Google has committed to the EU-U.S. Data Privacy Framework, https://www.dataprivacyframework.gov/s/. 

d) More information on handling user data can be found in Google's privacy policy here: https://www.google.de/intl/de/policies/privacy/.

 

 

This website uses Google Tag Manager, a service of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Google Tag Manager manages website tags via an interface, allowing other services to be integrated into our online offer. The tag manager itself (which implements tags) does not create profiles of users or store cookies. Google only learns the IP address of the user, which is necessary for executing Google Tag Manager. The legal basis for data processing is your consent pursuant to Art. 6 para. 1 lit. a GDPR.  For cases in which personal data is transferred to the USA, Google has committed to the EU-U.S. Data Privacy Framework, https://www.dataprivacyframework.gov/s/.  Further information about Google Tag Manager is available at: https://marketingplatform.google.com; Privacy Policy: https://policies.google.com/privacy; Type of processing and data processed: https://privacy.google.com/businesses/adsservices; Data processing terms for Google advertising products and standard contractual clauses for data transfers to third countries: https://business.safety.google/adsprocessorterms.

 

We use Sentry, an error management tool, on our website. The service provider is the American company Functional Software, Inc., 132 Hawthorne Street, San Francisco, CA 94107, USA. The legal basis for data processing is your consent pursuant to Art. 6 para. 1 lit. a GDPR.

For cases in which personal data is transferred to the USA, Functional Software Inc. has committed to the EU-U.S. Data Privacy Framework, https://www.dataprivacyframework.gov/s/. Additionally, Functional Software uses so-called standard contractual clauses (= Art. 46 para. 2 and 3 GDPR). Standard contractual clauses (SCC) are templates provided by the EU Commission intended to ensure that your data comply with European data protection standards when transferred and stored in third countries (such as the USA). Through the EU-US Data Privacy Framework and standard contractual clauses, Functional Software commits to complying with the European data protection level, even if data are stored, processed and managed in the USA. These clauses are based on an implementing decision by the EU Commission. You can find the decision and corresponding standard contractual clauses here: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de.

The data processing conditions (Data Processing Addendum) compliant with the standard contractual clauses can be found at https://sentry.io/legal/dpa/.

More about the data processed by using Sentry can be found in the privacy policy https://sentry.io/privacy/?tid=331709114127.

 

 

If you use WhatsApp to contact us, we process your phone number, name, and other data you provide in order to answer your inquiry or send you promotional messages, if you have expressly consented. For sending and receiving messages via our various communication channels including WhatsApp, we use the service Superchat of SuperX GmbH, Oranienburger Str. 91, 10178 Berlin ("Superchat"). The data is stored on servers of Superchat in Germany on our behalf. The WhatsApp service is operated by WhatsApp Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland ("WhatsApp"), a subsidiary of Meta Platforms, Inc. WhatsApp processes data according to its own privacy policy, which you can access at https://www.whatsapp.com/legal/privacy-policy-eea?lang=de. Communications content is end-to-end encrypted. WhatsApp may also collect so-called "metadata" containing information about the identity of sender and receiver, as well as phone number, device information, and information about WhatsApp usage (e.g. duration and frequency). WhatsApp uses this data also for its own purposes, e.g., to improve WhatsApp services. More information can be found in the WhatsApp privacy policy https://www.whatsapp.com/legal/privacy-policy-eea?lang=de. We cannot exclude data transfers to other recipients within the Meta group in countries outside the EU which do not offer an adequate level of data protection (particularly the USA).

The legal basis for the data processing by us is

- Art. 6 para. 1 lit. b) GDPR when communication serves to the initiation or execution of a contractual relationship;

- Your consent according to Art. 6 para. 1 lit. a) GDPR if you have registered for the newsletter via WhatsApp and for cases where your personal data is transmitted to Meta Platforms;

- As well as, in all other cases, our legitimate interest pursuant to Art. 6 para. 1 lit. f) GDPR in processing your inquiry.

If processing is based on your consent, data is deleted as soon as you revoke your consent. You can revoke your consent at any time by sending a message containing "Stop" via chat or an email to info@marburgerhof.de. Otherwise, we delete your data as soon as the purpose for processing no longer applies (e.g. the inquiry has been conclusively answered). If statutory retention periods prevent deletion, data will be blocked for further use until the retention period expires.

Data Processing by Social Networks

 

We maintain publicly accessible profiles on social networks. The social networks used by us can be found below.

 

Social networks like Facebook etc. usually analyze your user behavior extensively when you visit their website or a website with integrated social media content (e.g., like buttons or advertising banners). Visiting our social media presences triggers numerous data protection-related processing activities as follows:

 

If you are logged into your social media account and visit our social media presence, the operator of the social media portal can assign this visit to your user account. Your personal data may also be collected even if you are not logged in or do not have an account on the respective social media portal. In this case, data collection occurs, for example, via cookies stored on your device or by recording your IP address.

 

Using the data thus collected, operators of social media portals can create user profiles in which your preferences and interests are stored. This allows interest-based advertising to be displayed on and off the respective social media platform. If you have an account on the respective social network, interest-based advertising can be shown on all devices on which you are or have been logged in.

 

Please also note that we cannot trace all the processing processes on the social media platforms. Depending on the provider, further processing steps may be carried out by operators of social media platforms. Details can be found in the terms of use and privacy policies of the respective social media portals.

 

Legal Basis

Our social media presences are intended to provide the most extensive presence on the internet possible. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR. The analysis processes initiated by social networks may be based on different legal grounds to be specified by the providers of social networks (e.g., consent within the meaning of Art. 6 para. 1 lit. a GDPR).

 

Controller and Assertion of Rights

If you visit one of our social media profiles (e.g. on Facebook), we are jointly responsible with the social media platform operator for data processing activities triggered during the visit. You can generally assert your rights (access, rectification, deletion, restriction of processing, data portability, and complaint) both against us and against the operator of the respective social media portal (e.g., Facebook).

 

Please note that despite the joint responsibility with social media portal operators, we do not have full influence over the data processing processes of the social media portals. Our possibilities depend substantially on the respective provider’s corporate policy.

 

Storage Duration

Data directly collected by us via the social media presence will be deleted from our systems once the purpose for storing them ceases, you request deletion, revoke consent to storage, or the purpose for data storage ceases. Stored cookies remain on your device until you delete them. Mandatory legal provisions – particularly retention periods – remain unaffected.

 

We have no influence on the storage duration of your data that is stored by the operators of social networks for their own purposes. For details, please inform yourself directly from the operators of social networks (e.g., in their privacy policies listed below).

Social Networks in Detail:

 

We have a profile on Facebook. Provider is Meta Platforms Inc., 1 Hacker Way, Menlo Park, California 94025, USA. We have concluded a joint processing agreement (Controller Addendum) with Facebook. This agreement specifies which data processing activities we or Facebook are responsible for when you visit our Facebook page. You can view this agreement at: https://www.facebook.com/legal/terms/page_controller_addendum. You can adjust your ad settings independently in your user account. Click the following link and log in: https://www.facebook.com/settings?tab=ads. Details can be found in Facebook’s Privacy Policy: https://www.facebook.com/about/privacy/.

 

We have a profile on Instagram. Operator of the social network Instagram is Meta Platforms Ireland Limited. Details about how they handle your personal data can be found in Instagram's Privacy Policy: https://help.instagram.com/581066165581870

 

We have a profile on TripAdvisor. Operator of the social network TripAdvisor is TripAdvisor LLC, 400 1st Avenue, Needham, MA 02494 USA. Details about their handling of your personal data can be found in TripAdvisor’s Privacy Policy: https://tripadvisor.mediaroom.com/de-privacy-policy