What we collect and how we use it:
- We only collect personally identifiable information that you voluntarily and knowingly provide us;
- We use the information that you provide us only for the purpose(s) for which you specifically provided it or for specific additional purposes for which we receive your prior consent;
- We do not share any information you provide us with anyone outside of The The Mansfield Hotel, and its affiliates, except for suppliers who assist us in maintaining and managing the activities on our sites. These suppliers are legally obligated
to maintain the confidentiality of any information we provide them, including your information. We may use a technology called "cookies" to enhance your experience on our sites.
- We employ appropriate security measures to protect the loss, misuse and alteration of any information you provide us; and
- We provide you with choice and control over the collection and use of any personally identifiable information that you provide us on-line, and a means for updating, correcting or removing this information;
We only collect personally identifiable information on a voluntary basis. We do not require that you provide this information to gain access to our sites, and we do not require you to disclose more information than is reasonably needed to
participate in an activity on our sites. We collect personally identifiable information primarily to e-mail updates and news, for entry into promotions and to notify subsequent winners, to send out brochures, etc. via regular mail to subscribers, and
to respond to your questions or suggestions. We do not sell any information we gather at our web sites to anyone outside of The Mansfield Hotel, and its affiliates. We do not transfer or disclose any information we gather at our web sites to anyone
outside of The Mansfield Hotel, and its affiliates, without your prior consent, except (1) in cases where we believe in good faith that we have a legal obligation to disclose such information, and (2) to certain suppliers that assist The Mansfield
Hotel, and its affiliates, in maintaining and managing the activities on its web sites. Please be assured that these suppliers are legally obligated to maintain the confidentiality of this information and do not acquire any rights to use your
information for their own benefit. We may share non-identifiable aggregate information about our users (for example, the % of male and female visitors to our sites) with advertisers, business partners, sponsors, and other third parties in an effort
to customize or enhance the content and advertising on our sites for our users.
We do reserve the right, in connection with the potential sale or transfer of the interests of The Mansfield Hotel and its subsidiaries and affiliates, to sell or transfer your information (including but not limited to your address, name, age,
gender, zip code, state, and country of residency and other information that your provide through other communications) to a third party entity that (1) concentrates its business in a similar practice or service, (2) agrees to be The Mansfield Hotel
Like many companies, we may use a technology called "cookies" to enhance your experience on our sites. The cookies The Mansfield Hotel uses do not contain any personally identifiable information and can not profile your system or collect
information from your hard drive. You are not identified by name or e-mail address, just by a unique string of numbers that we assign the first time you come to our site.
We employ appropriate security measures to protect the loss, misuse and alteration of the information under our control. For our Mansfield Hotel site, we employ Secure Sockets Layer (SSL) software, which encrypts information you input, as an
additional security measure. However, as no on-line data transmission can be guaranteed to be totally secure, we (like all web sites) cannot warrant or guarantee 100% security of any information you transmit to us at our web sites.
Links To Other Sites
Neither The Mansfield Hotel, nor any of its affiliates, shall have any responsibility of any nature whatsoever for other web sites linked to this web site, or any information contained thereon, none of which has been verified or endorsed by either
The Mansfield Hotel or any of its affiliates.
GDPR PRIVACY STATEMENT
If you are in the European Economic Area and we collect personal data relating to you in the context of the offering of goods or services, even if provided free of cost, or if we collect data when monitoring your behavior which takes place within
the European Economic Area, your personal data will be subject to Regulation (EU) 2016/679 (General Data Protection Regulation, "GDPR").
In this Privacy Statement we, The Mansfield Hotel ("We") will inform you about how we process and use personal data which is subject to the GDPR and on the specific rights you have in connection with your personal data which is subject to the GDPR.
Please note that this Privacy Statement applies only to personal data which is subject to the GDPR and therefore expressly does not apply to (a) data which is not personal data such as data on corporations or other legal entities, and (b) personal data not falling within the scope of the GDPR such as personal data of data subjects who are not in the European Economic Area.
Processing in the Context of Visiting our Website
Information We Collect
When you visit our website, our web server will temporarily record the domain name or IP address of the requesting computer, the access date, the file request of the client (file name and URL), the HTTP response code and the website from which you
are visiting us, the number of bytes transferred during the connection and, if applicable, other technical information that we use and statistically evaluate for the technical implementation of the website's use (delivery of the content, guaranteeing
the website's functionality and security, protection against cyberattacks and other abuses).
It is necessary to store and process the information referred to above for the duration of your session in order to deliver our website content to your computer. We also store some of this information in the log files of our servers. We will not
combine this information with your IP address or other personal data relating to you except as disclosed below.
This processing will take place for the fulfilment of the existing contract of use with you, as far as it serves the purpose of the technical implementation of the website's use (legal basis for processing: Art. 6 no. 1 lit. b) of the GDPR) and to
otherwise protect our legitimate interest in making our website as user-friendly, safe and attractive as possible and in promoting the sale of our products and services (legal basis for processing: Art. 6 no. 1 lit. f) of the GDPR). We will assume
that your interests do not conflict with this, because the measures described below are taken in order to limit processing to an appropriate degree.
We will also use the data described above to draw conclusions about your interests from your use and to adapt our website's offerings according to your interests (profiling) in order to make our website as user-friendly, safe and attractive as
possible and thus promote the sale of our products and services. We do this for the preservation of our aforementioned legitimate interests (legal basis for processing: Art. 6 no. 1 lit. f) of the GDPR) and, where applicable, on the basis of your
consent as described below (legal basis for processing: Art. 6 no. 1 lit. a) of the GDPR). For further information please refer to the following Section.
Cookies, Analysis and Tracking
GDPR) and, where applicable, on the basis of your consent as described in below (legal basis for processing: Art. 6 no. 1 lit. a) of the GDPR):
Types of Cookies
There are two different types of cookies used:
- Session Cookies: Also called transient cookies, are cookies that are temporarily stored in your browser for the duration of a browser session, and they typically will store information in the form of a session identification and no further information personally
- Persistent Cookies: Also called permanent or stored cookies, are cookies that are stored on your hard drive until they expire (persistent cookies are set with expiration dates) or until you delete the cookie. Persistent cookies are used to collect identifying
information, such as web surfing behavior or user preferences for a specific web site.
We employ the following types of cookies:
- Required Cookies
- Functionality Cookies
- Targeting / Advertising Cookies
These cookies are a mixture of first party cookies, which we set ourselves, and third-party cookies, which are set by other websites.
- Personalization- For example, your language preference is remembered.
- Session Management- To ensure that your session is routed to the correct system for the duration of your visit.
- AB Testing / Multivariate Testing- We can display multiple versions of a page to a user to assess which generates the best user experience.
- Advertising- We can display advertising content depending on location, language, and your past browsing history.
We use a number of cookies which are strictly necessary to allow you to access our websites, to move between pages and to receive services which you have requested. The types of data collected are:
- session identifier
- IP address, and information generated from anonymized IP address that includes
- a computer host name
- geographic location
- time of visit
- webpage URL
- referring website
- security tokens (for authentication and information submission, like RFP forms)
The following is an example of a strictly necessary cookie which we use:
- Authentication Cookies: Provide an authentication method of a secure log-in.
We use functionality cookies to allow us to remember your preferences. For example, cookies save you the trouble of selecting your language or currency every time you access the website and recall your customization preferences.
We utilize other cookies to analyze how our visitors use our websites and to monitor website performance. This allows us to provide a high-quality experience by customizing our offering and quickly identifying and fixing any issues that arise. For
example, we might use performance cookies to keep track of which pages are most popular, which method of linking between pages is most effective, and to determine why some pages are receiving error messages.
The following is an example of a functionality cookie which we use:
- Google Analytics Website Analytics: Refer to Google Analytics for more details.
Targeting / Advertising Cookies
We allow certain third party advertisers and partners to collect information about your use of the website through first and third-party cookies in order to serve adverts to you. They may also analyze this data in order to serve adverts to you on
other third-party websites.
We also work with advertisers in order to display our advertisements on third party websites, based on cookies set on your visit to this website. Advertising/targeting cookies may also be used to track your responses to particular adverts, which
helps advertisers ensure that you see the most relevant advertisements in future on third party websites.
The following is an example of a targeting/advertising cookie which we use:
- DoubleClick: These cookies may also be used by advertisers to allow third parties to serve advertisements to you when you are on other sites. These ads may be adapted to be relevant to you based on your use of the website. This is done on an anonymized basis, using non-personally identifiable information.
The types of data used include online identifiers, including cookie identifiers, IP addresses and device identifiers, imprecise location data (based on your IP address) or precise location data (if you have set your system to allow transmission of
geolocation information), and client identifiers.
Types of targeting enacted based on cookies include:
- Demographics: Target ads based on how well products and services trend with users in certain locations, ages, genders, and device types.
- In-market: Show ads to users who have been searching for products and like-services.
- Custom intent audiences: Choose words or phrases related to the people that are most likely to engage with sites and make purchases by using "custom intent audiences."
- Similar audiences: Target users with interests related to those on remarketing lists.
- Remarketing: Target users that have already interacted with our ads, website, or app.
We do not control the information collected by such partners or advertiser in connection with our website or the further use of information we may provide to them for the aforementioned services, and they do not process such data on our behalf. Only the data protection policies of those third parties as the respective controllers of such data will apply to their processing of such data.
Please see the following sites for more information about specific advertisers and their data policies: [links to advertiser sites and data policies]
You can prevent or restrict the storage of cookies on your hard disk by setting your browser not to accept cookies or to request your permission before setting cookies. Once cookies have been set, you can delete them at any time. Please refer to your browser's operating instructions to find out how this works. If you do not accept cookies, this can lead to restrictions in the use of our service.
Data Retention and Deletion
Log files are deleted after 120 days. Session cookies expire and are deleted at the end of your browser session. Persistent cookies may be set to expire from 30 days to 1 year depending on the function of the cookie. After expiry of those periods information will be deleted or made anonymous.
Use of Google Analytics
Our website uses Google Analytics, a web analysis service of Google ("Google").
You can find further information on how Google uses information from sites or apps that use its services here:
Google Analytics uses so-called "cookies", which are text files placed on your computer, to help the website analyse how users use the site (see Section 4.1). The information generated by the cookie about your use of this website such as
- browser type and version,
- operating system of your computer,
- referrer URL (i.e. the page last visited),
- host name of accessing computer (IP address),
- date and time of server request
is transferred to an Google server and stored there. In order to render the information stored on Google's servers not personally identifying, we use Google Analytics with activation of the settings "Before Geo-Lookup: Replace visitor's last IP
octet with 0". By activating "Before Geo-Lookup: Replace visitor's last IP octet with 0" we ensure that the user's IP address is anonymized by replacing the last eight digits by zero prior to geo-localization. For statistical analysis the imprecise
location of the user is added to the tracking package which includes the IP address.
Analytics from collecting the data generated by the cookie and relating to your use of the website (including your IP address), from processing this data by following these instructions:
use Google Analytics for the purposes set forth and for the preservation of our legitimate interest described therein (legal basis for processing: Art. 6 no. 1 lit. f) of the GDPR) and, where applicable, on the basis of your consent as described
(legal basis for processing: Art. 6 no. 1 lit. a) of the GDPR).
Tripper has concluded a contract processing agreement with Google Analytics, Limited to ensure that personal data is processed only on our behalf and in accordance with our instructions. The contract processing agreement with Google Analytics
contains guarantees for an adequate level of protection in the form of Google Anayltics' participation in the Privacy Shield Program.
Information on Other Processing Operations
Processing in the Context of Newsletters
If you register via our website or by other means to receive electronic newsletters, we will store and process your registration data (the registration form will show you which registration data we collect and store and whether entries are
mandatory or voluntary) for an unlimited period of time until you unsubscribe or we cancel the newsletter dispatch in order to fulfil the existing contract with you for the receipt of the newsletter (legal basis for processing: Art. 6 no. 1 lit. b)
of the GDPR). The IP address assigned to you by the internet service provider (ISP), and the date and time of registration will also be stored when you register. The purpose of this is to protect our legitimate interest in preventing and, if
necessary, prosecuting misuse of our services (legal basis for processing: Art. 6 no. 1 lit. f) of the GDPR). In addition, we will store and process your consent to receive the newsletter for the retention period specified below. This serves to
protect our legitimate interest in being able to prove in the event of a dispute that you wished to receive the newsletter (legal basis for processing: Art. 6 no. 1 lit. f) of the GDPR).
termination of your registration for the receipt of newsletters, we will retain the registration data, the IP address, date and time of registration and your consent for up to six months. This serves to protect our legitimate interest in being able
to restore this data in the event of unintentional deletion; or in establishing, exercising or defending legal claims in connection with the registration for, and consent to, receipt of newsletters(legal basis for processing: Art. 6 no. 1 lit. f) of
the GDPR). We will assume that your interests do not conflict with this, because the retention period is appropriate with respect to the interests to be protected.
The registration for our newsletter takes place in a so-called double opt-in procedure. This means that after registration you will receive an e-mail asking you to confirm your registration. This confirmation is necessary to prevent unauthorized use of your e-mail address by another person.
Processing in the Context of Registration or Use of the Contact Form
If you register on our website and create a user account (the registration form will show you which registration data we collect and store and whether entries are mandatory or voluntary), all personal data collected in connection with this user account will be stored in this user account until you request to delete the user account or until we cancel the user account for the performance of our contractual relationship on use of the respective website or web service (legal basis for processing: Art. 6 no. 1 lit. b) of the GDPR). The IP address assigned to you by your internet service provider (ISP), and the date and time of registration will also be stored when you register. The purpose of this is to protect our legitimate interest in preventing and, if necessary, prosecuting misuse of our services (legal basis for processing: Art. 6 no. 1 lit. f) of the GDPR).
After de-registration of your user account, we will retain all data for up to six months. This serves to protect our legitimate interest in being able to restore this data in the event of unintentional deletion; or in establishing, exercising or defending legal claims in connection with our contractual relationship (legal basis for processing: Art. 6 no. 1 lit. a) of the GDPR). We will assume that your interests do not conflict with this because the retention period is appropriate with respect to the interests to be protected.
Our website contains a contact form which you can use to submit communications to us. When submitting information through the contact form, you are required to enter certain information which we will use for responding to your request. The contact form enables you to submit additional information on a voluntary basis.
If you provide us with personal data via the user account or the contact form for a purpose beyond the use of the website or respective web service, such as sending us an offer or product information, we will also store and process this data for this purpose. In order to find more information on how we store and process such data, you will need to refer to the Section of this Privacy Statement that is pertinent to the respective purpose.
Information on (Categories of) Recipients
Operation of Website By Travel Tripper
Our website is operated on our behalf by Travel Tripper, 370 Lexington Ave., New York, NY 100017, USA ("Travel Tripper"). This means that our website (including your user account and registration information for newsletters) is physically hosted on servers operated for Travel Tripper by Amazon Web Services, Inc. ("AWS") located in the USA.
We have concluded a contract processing agreement with Travel Tripper to ensure that the website is operated, and personal data is processed, only on our behalf and in accordance with our instructions. [The contract processing agreement contains guarantees for an adequate level of protection in the form of incorporation of the standard data protection clauses adopted by the Commission for this purpose.]
Travel Tripper have similarly concluded a contract processing agreement with AWS to ensure that the website is hosted, and personal data is processed, only on its behalf and in accordance with its instructions.
General Information on Recipients, Categories of Recipients and Transfers
All of our servers and databases may be operated, maintained or further developed by additional processors or other contractors. They may have access to your data. Where we store and process data for the performance of contracts, we may pass these data on to agents and contractors we employ for such performance (e.g. to carriers for transportation purposes).