The protection of your personal data is very important to us, especially on the Internet. Therefore, we would like to provide you with detailed and understandable information on this page about what data we collect from you and how this data is processed.

If you have any further questions about data protection, please feel free to contact us directly at info@beppo-backnang.de.

PERSONAL DATA

When you use our services, various personal data is collected, processed, and stored with or without your intervention. We explain what data this is and why this happens in the following sections.

When visiting our website

When you visit our website www.beppo-backnang.de, the program used on your device (e.g., your browser) automatically sends information to our web server. This information is temporarily stored in a so-called log file. The following information is collected without your intervention and stored until it is automatically deleted:

• IP address of the requesting computer,

• Date and time of access,

• Address (URL) of the file accessed,

•    Message indicating whether the access/retrieval was successful,

•    Amount of data transferred,

•    Website from which access was made (referrer URL),

•    Identification of the browser used (user agent; including, if applicable, the name of the device's operating system and, if applicable, the identification of the network provider).

We process this data for the following purposes:

•    To ensure smooth connection to the website,

•    To ensure convenient use of our website,

•    To evaluate system security and stability, and

•    For other administrative purposes.

The legal basis for this data processing is Art. 6 (1) (f) GDPR. The above-mentioned purposes give rise to a legitimate interest in data collection on our part. Under no circumstances do we use the collected data to draw conclusions about your person.

In addition, when you visit our website, we use cookies, our own analysis services, and third-party services and content. We provide more detailed explanations of this below in this privacy policy.

When registering for our newsletter

On our websites, we offer you the option of receiving the current cinema program or special information and offers via newsletter. If you have expressly consented to this in accordance with Art. 6 (1) (a) GDPR, we will use your email address to send you the newsletter you have subscribed to on a regular basis.

To receive the newsletter, it is sufficient to provide an email address. In order to better assess which regions our particularly interested customers come from, you can also voluntarily indicate your location.

When using our contact form:

We offer you the option of contacting us via a contact form on our website. The restaurant management is the recipient of your enquiry. To use this form, you generally need to provide your name and a valid email address so that we know who the enquiry comes from and can respond to your request. Additional information can be provided voluntarily or is required for your inquiry.

Data processing for the purpose of contacting us is carried out in accordance with Art. 6 (1) (a) GDPR on the basis of your voluntary consent. The personal data collected by us for the use of the contact form will be automatically deleted after your inquiry has been transmitted.

Wi-Fi

We provide our guests at beppo with free Wi-Fi. We do not collect any personal data when you use this Wi-Fi. No data is stored, tracked, or passed on to third parties.

Use is anonymous and serves exclusively to provide Internet access—without registration or logging.

DATA SECURITY

We primarily rely on self-managed open source software to operate our servers and services. All stored data is located on our own servers. Our servers are located in data centers in Germany. The operators of the data centers and our contractual partners are German companies. Where necessary, we have concluded data processing agreements with these companies that comply with the legal requirements of Art. 28 GDPR.

For transport security, we use the widely used TLS (Transport Layer Security; formerly SSL = Secure Socket Layer) procedure on our websites in conjunction with the highest level of encryption supported by your browser. This is usually 256-bit encryption. This ensures that communication between your device and our servers is encrypted. You can tell whether an individual page of our website is being transmitted in encrypted form by the (usually) green or closed display of the key or lock symbol in the address bar of your browser.

We also use technical and organizational security measures to protect your data against unauthorized access, misuse, manipulation, or loss. We continuously optimize the measures we use in line with technological developments.

DISCLOSURE OF DATA

Please note: Your personal data will not be disclosed to third parties under any circumstances, unless this is absolutely necessary, as explained below. Under no circumstances will we sell your data, disclose it for advertising purposes, or use it beyond the minimum necessary.

We will not disclose your data to third parties unless:

•    you have given your express consent in accordance with Art. 6 (1) (a) GDPR,

•    the disclosure is necessary for the assertion, exercise, or defense of legal claims pursuant to Art. 6 (1) (f) GDPR and there is no reason to assume that you have an overriding interest worthy of protection in not disclosing your data,

•    in the event that there is a legal obligation for the transfer pursuant to Art. 6 (1) sentence 1 lit. c GDPR, and

•    this is legally permissible and necessary for the performance of contractual relationships with you pursuant to Art. 6 (1) sentence 1 lit. B GDPR.

COOKIES

We use cookies on our website. Cookies do not harm your computer and do not contain viruses. Cookies serve to make our website more user-friendly, effective, and secure. Cookies are small text files that are stored on your computer and saved by your browser.

Most of the cookies we use are so-called “session cookies.” They are automatically deleted at the end of your visit. Other cookies remain stored on your device until you delete them or they reach their expiration date. These cookies enable us, for example, to statistically record the use of the website or to recognize your browser the next time you visit.

You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general, and activate the automatic deletion of cookies when closing the browser. If you deactivate cookies, the functionality of this website may be limited.

Alternatively, you can use the privacy settings available at the top of the page to determine which functions on our website should be activated and which providers are allowed to use cookies.

The data processed by cookies is necessary for the purposes mentioned above in order to protect our legitimate interests and the rights of third parties in accordance with Art. 6 (1) (f) GDPR.

ANALYSIS AND STATISTICS

The tracking measures we use are carried out on the basis of Art. 6 (1) (f) GDPR. Our aim is to ensure that our website is designed to meet your needs and to continuously optimize it. We also use these measures to statistically record and evaluate the use of our website. These interests are considered legitimate within the meaning of the aforementioned provision.

NEWSLETTER SUCCESS MEASUREMENT

Our newsletters have technical measures in place that allow conclusions to be drawn about their use. However, for this to work, you must allow images to be reloaded in your preferred email client for these newsletters, or you must click on a link in the newsletter. Only then will the relevant information be stored in our newsletter software.

This information is used to improve the technical aspects of the services or reading behavior. The statistical surveys also include determining whether the newsletters are opened, when they are opened, and which links are clicked.

THIRD-PARTY SERVICES AND CONTENT

Based on our legitimate interests, we use content or service offerings from third-party providers on our website in order to offer their services and content, such as booking online tickets or embedding videos. This requires that the IP address of the user be sent to the third-party providers of this content, as the providers would not be able to deliver the content to the user's browser without the IP address. The IP address is therefore necessary for the display of this content.

We endeavor to use only content whose respective providers use the IP address solely for the delivery of the content. Third-party providers may also use technologies that can be used for statistical or marketing purposes. By integrating these services, cookies may also be stored on the user's device and linked to information from other sources.

ROOM RESERVATIONS

On our website, we offer the option of making a room reservation for our restaurant or purchasing vouchers for our restaurant to print out yourself. This is done by integrating the service in the form of a “widget.” These services are provided on behalf of our partner UP Hotel Agency, The Old Telephone Exchange, Albert Street, Rugby, England, CV21 2SA, https://uphotel.agency, with whom we have concluded a contract for order processing within the meaning of Art. 28 of the General Data Protection Regulation.

The widgets provided by UP Hotel Agency enable users of this website to reserve a room at our hotel. In order to provide the service, the user's personal data (first and last name, email address, telephone number, payment method information for the payment of hotel rooms and, if applicable, other voluntary information) is collected, stored and processed by our partner UP Hotel Agency on the basis of consent in accordance with Art. 6 (1) (1) (f) GDPR. You can object to the collection and storage of data at any time by sending an email to info@beppo-backnang.de. We will then delete your personal data from the system.

If you have explicitly selected the option to receive advertising information from us when using a UP Hotel Agency widget, we will add your email address to our newsletter distribution list, from which you can unsubscribe at any time.

When using the above services, UP Hotel Agency also automatically stores information in so-called server log files, which your browser automatically transmits to UP Hotel Agency. These are: browser type and browser version, operating system used, referrer URL, host name of the accessing computer, and the time of the server request. This data is not merged with other data sources. This data is collected on the basis of Art. 6 (1) lit. f GDPR. The website operator (UP Hotel Agency) has a legitimate interest in the technically error-free presentation and optimization of its website – for this purpose, the server log data must be collected.

UP Hotel Agency privacy policy: https://www.zendesk.de/company/agreements-and-terms/privacy-notice/

TABLE RESERVATIONS AND GIFT CERTIFICATE SALES

On our website, we offer the option of making a table reservation for our restaurant or purchasing gift certificates for our restaurant to print out yourself. This is done by integrating the service in the form of a “widget.” These services are provided on behalf of our partner gastronovi GmbH, Buschhöhe 2, D-28357 Bremen, registered office: Bremen, Bremen Local Court, HRB 32767 HB, www.gastronovi.com, with whom we have concluded a contract for order processing within the meaning of Art. 28 of the General Data Protection Regulation.

The gastronovi widgets enable users of this website to reserve a table in our restaurant or purchase vouchers for self-printing. In order to provide this service, the user's personal data (first and last name, email address, telephone number, payment method information for voucher purchases, and any other voluntary information) is collected, stored, and processed by our partner gastronovi on the basis of consent in accordance with Art. 6 (1) (f) GDPR. You can object to the collection and storage of data at any time by sending an email to info@beppo-backnang.de. We will then delete your personal data from the system.

If you have explicitly selected the option to receive promotional information from us when using a gastronovi widget, we will add your email address to our newsletter distribution list, from which you can unsubscribe at any time.

When using the above-mentioned services, gastronovi automatically stores information in so-called server log files, which your browser automatically transmits to gastronovi. These are: browser type and browser version, operating system used, referrer URL, host name of the accessing computer, and the time of the server request. This data is not merged with other data sources. This data is collected on the basis of Art. 6 (1) lit. f GDPR. The website operator (gastronovi) has a legitimate interest in the technically error-free presentation and optimization of its website—for this purpose, the server log data must be collected.

gastronovi privacy policy: www.gastronovi.com/de/datenschutz

GOOGLE MAPS

On our website, we use maps from the “Google Maps” service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. The data processed may include, in particular, IP addresses and location data of users, but this data is not collected without their consent (usually given in the settings of their mobile devices). The data may be processed in the USA.

Privacy policy: www.google.com/policies/privacy/

Advertising settings: adssettings.google.com/

SOCIAL MEDIA

We have set up our own fan page (company page) on Instagram and Facebook. Here we offer additional up-to-date information. This service is operated by Meta Platforms Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

You do not need to be a member of Facebook or Instagram to view the content.

However, since this fan page is hosted by Facebook (Instagram is part of the Facebook group of companies), Instagram collects and stores visitor data each time you visit our fan page. Instagram also sets cookies in your browser. If you are a member of Facebook or Instagram and are logged in while visiting our fan page, Instagram can track your user behavior, as this visit is then linked to your personal user account.

We have no influence on the collection and further use of this data. We do not collect any personal data from you when you visit the page.

Further information can be found in Instagram's privacy policy:

www.instagram.com/legal/privacy/

Parts of the data of visitors to our fan page are provided to us by Facebook in anonymized form as statistics (Facebook Insights). Further information on these statistics can be found on Facebook:

www.facebook.com/help/794890670645072

OTHER INFORMATION

Sending emails

When you send us emails, we store and archive this data. Please note that unencrypted emails sent via the Internet are not adequately protected against unauthorized access by third parties.

Audio and video recordings during events

Special events may also be held on our premises, e.g. when filmmakers and actors present their films and are our guests afterwards due to the proximity of the cinema. In such cases, audio and video recordings may be made by persons and service providers commissioned or accredited by us. These recordings are intended to document both the event itself and the participation of individual persons. We usually provide information about such special events in advance via our website and social media channels.

The recordings may cover the entire public area as well as all other freely accessible rooms, including the foyer of the building. If further activities related to the event take place on the property or around the cinema building, recordings may also be made there.

We would like to point out that we are producing and publishing the recordings on the basis of a legitimate interest. These interests are to be regarded as legitimate within the meaning of Art. 6 (1) sentence 1 lit. f GDPR. This includes the publication of the recordings on the Internet, in print media, and on social media for advertising or communication purposes in the context of the event attended. Any use unrelated to the event without your personal consent is excluded.

If you are directly in focus in these recordings and do not wish to be recorded, please inform the photographer or videographer immediately. If, on the other hand, you willingly make yourself available, e.g. by “posing” or “looking at the camera,” we must assume that you have no objections to the recordings and their publication.

The recordings will be processed and stored by us or by persons or service providers authorized by us for the duration of the aforementioned purpose.

Handling of application documents

We process applicant data only for the purpose and within the scope of the application process in accordance with legal requirements. The processing of applicant data is carried out to fulfill our (pre)contractual obligations within the framework of the application process in accordance with Art. 6 (1) lit. b. GDPR Art. 6 (1) lit. f. GDPR if data processing becomes necessary for us, e.g., in the context of legal proceedings (in Germany, § 26 BDSG also applies).

The application process requires applicants to provide us with their application data. The necessary application data is specified in the job descriptions and generally includes personal details, postal and contact addresses, and the documents required for the application, such as cover letters, resumes, and references. Applicants may also voluntarily provide us with additional information.

By submitting their data, applicants consent to the processing of their data for the purposes of the application process in the manner and to the extent set out in this privacy policy. If special categories of personal data within the meaning of Art. 9 (1) GDPR are voluntarily provided during the application process, they will also be processed in accordance with Art. 9 (2) lit. b GDPR (e.g., health data, such as severe disability or ethnic origin). If special categories of personal data within the meaning of Art. 9 (1) GDPR are requested from applicants as part of the application process, their processing will also be carried out in accordance with Art. 9 (2) lit. a GDPR (e.g., health data, if this is necessary for the performance of the job).

To submit their application to us, we provide applicants with a link upon request that ensures encrypted transmission (upload) of the application documents to a company-owned system.

Applicants can also send us their applications via email. However, please note that emails are generally not sent in encrypted form and applicants must ensure encryption themselves. We therefore cannot accept any responsibility for the transmission of the application between the sender and the recipient on our server and therefore recommend using the above-mentioned upload method or sending the application by post. Instead of applying online, applicants still have the option of sending us their application by post.

The data provided by applicants may be further processed by us for the purposes of the employment relationship in the event of a successful application. Otherwise, if the application for a job vacancy is unsuccessful, the applicant's data will be deleted. The applicant's data will also be deleted if an application is withdrawn, which applicants are entitled to do at any time.

Subject to a justified revocation by the applicant, the data will be deleted after a period of six months so that we can answer any follow-up questions regarding the application and fulfill our obligations under the Equal Treatment Act.

Communication via WhatsApp

As a customer or applicant in the application process, you can contact us via the instant messaging service WhatsApp if you wish. The provider is WhatsApp Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. We use WhatsApp in the “WhatsApp Business” version.

Communication takes place via end-to-end encryption (peer-to-peer), which prevents WhatsApp or other third parties from accessing the communication content. However, WhatsApp does have access to metadata generated during the communication process (e.g., sender, recipient, and time). We also point out that, according to its own statement, WhatsApp shares the personal data of its users with its parent company Meta, which is based in the USA. Further details on data processing can be found in WhatsApp's privacy policy at: www.whatsapp.com/legal/#privacy-policy.

The use of WhatsApp is based on our legitimate interest in communicating with customers, interested parties, and other business and contractual partners as quickly and effectively as possible (Art. 6 (1) (f) GDPR). If consent has been requested, data processing is carried out exclusively on the basis of this consent, which can be revoked at any time with future effect.

Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: www.whatsapp.com/legal/business-data-transfer-addendum. We have concluded a contract for order processing (AVV) with the above-mentioned provider.

YOUR RIGHTS AS A DATA SUBJECT

You have the right:

•    to request information about your personal data processed by us in accordance with Art. 15 GDPR;

•    to request the immediate correction of incorrect or incomplete personal data stored by us in accordance with Art. 16 GDPR;

•    to request the erasure of your personal data stored by us in accordance with Art. 17 GDPR, unless the processing is necessary for exercising the right of freedom of expression and information, for compliance with a legal obligation, for reasons of public interest, or for the establishment, exercise, or defense of legal claims;

•    to request the restriction of the processing of your personal data in accordance with Art. 18 GDPR;

•    to receive your personal data that you have provided to us in a structured, commonly used, and machine-readable format or to request its transfer to another controller in accordance with Art. 20 GDPR;

•    pursuant to Art. 7 (3) GDPR, to revoke your consent at any time. As a result, we will no longer be permitted to continue processing data based on this consent in the future. And

•    pursuant to Art. 77 GDPR, to lodge a complaint with the competent supervisory authority. Your competent supervisory authority depends on the state in which you reside, work, or where the alleged infringement occurred. A list of supervisory authorities for the non-public sector with addresses can be found at: www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.

Please note that when asserting your rights, there may be further legal requirements or constraints that may limit your rights.

You can contact us directly with your inquiries at our email address info@beppo-backnang.de.

RIGHT TO OBJECT

If your personal data is processed on the basis of legitimate interests pursuant to Art. 6 (1) (f) GDPR, you have the right to object to the processing of your personal data pursuant to Art. 21 GDPR. This applies if there are reasons for this arising from your particular situation or if the objection is directed against direct marketing.

You can contact us directly with your requests at our email address info@beppo-backnang.de.

RESPONSIBILITIES

The controller within the meaning of data protection law is:

MTA Betriebsgesellschaft mbH, Eduard-Breuninger-Straße 6, 71522 Backnang, Germany

Managing Director: Andreas Benignus

Email: info@beppo-backnang.de

Phone: +49 (0)7191 / 343 56 83

Further information can be found in the legal notice.

CURRENCY

We are constantly developing our website and offers. This may result in technical changes to data processing. In addition, legal requirements may change. This may mean that we have to amend this privacy policy. The current privacy policy can be found at any time at www.beppo-backnang.de/datenschutz.

Status of this privacy policy: July 1, 2025