Privacy policy

1. Controller within the meaning of the GDPR

Stadion Hotel Leverkusen Betriebs GmbH
Pariser Straße 83-89
40549 Düsseldorf
+49 214 86630

Represented by: Jochen Fehn - Otto K. Lindner - Tobias S. Oberdieck

2. Data protection officer

You can reach our data protection officer at

TÜV Informationstechnik GmbH
TÜV NORD GROUP
Alexander P. Taubitz, Assessor jur.
Am TÜV 1
45307 Essen
E: a.taubitz@tuvit.de

3. General information on data processing

We only process the personal data of users of our website to the extent necessary to provide a functional website and our content and services.

Processing takes place regularly only with the consent of the user (Art. 6 para. 1 lit. a GDPR) or if processing is permitted by legal regulations (Art. 6 para. 1 lit. b, c, f GDPR).

4. Hosting and server log files

Our website is hosted by HK-Net (Händle & Korte GmbH, Rathausufer 20, D-40213 Düsseldorf). When you visit our website, data is automatically collected (so-called log files):

  • IP address
  • Date and time of the request
  • Referrer URL
  • Browser type and version
  • operating system
  • Legal basis: Art. 6 para. 1 lit. f GDPR (legitimate interest in secure operation).

5. Cookies & consent management (Cookiebot)

We use Cookiebot from Cybot A/S, Havnegade 39, 1058 Copenhagen, Denmark.

We have concluded an order processing contract with Cookiebot (Art. 28 GDPR).

  • Purpose: Management and documentation of consents given.
  • Data: IP address, consent status, date/time.
  • Legal basis: Art. 6 para. 1 lit. c GDPR (legal obligation).

6. Booking system OnePageBooking

OnePageBooking from HotelNetSolutions GmbH (HNS), Genthiner Str. 8, 10785 Berlin, Germany.

Personal data (name, address, payment data) is processed when using the system.

Legal basis: Art. 6 para. 1 lit. b GDPR (fulfillment of contract).

There is an order processing contract with HNS.

7. Newsletter (Cendyn)

We use Cendyn (Cendyn Group, LLC USA).

We have concluded an order processing contract with Cendyn.

Insofar as personal data is transferred to a third country (e.g. the USA), this is done on the basis of the so-called standard contractual clauses of the European Commission pursuant to Art. 46 para. 2 lit. c GDPR. These are intended to ensure an adequate level of data protection in the recipient country.

  • Data: E-mail address, name, proof of consent.
  • Legal basis: Art. 6 para. 1 lit. a GDPR.
  • Storage period: until deregistration.
  • Children: Registration only from the age of 16 or with parental consent.

8. Contacting us (e-mail, telephone, contact form)

If you contact us by e-mail, telephone or form, we process your details (name, e-mail, message) to process your request.

  • Legal basis: Art. 6 para. 1 lit. b GDPR (contract fulfillment) or lit. f GDPR (general inquiries).

9. Social media & external links

Our website contains links to social media and external websites, e.g. Facebook, Instagram, Tripadvisor. When you click on these links, you will be forwarded directly to the respective platform. The processing there is outside our area of responsibility. Please note the data protection information there.

10. Transfer of data

Data will only be passed on to service providers who are obliged as processors in accordance with Art. 28 GDPR or if there is a legal obligation.

11. Storage period

Personal data will be deleted as soon as the purpose of storage no longer applies or statutory retention periods have expired.

12. Your rights as a data subject

If we process your data, you have certain rights that you can exercise at any time. You can simply contact us (see above for contact details).

  • Information: You may ask what data we have stored about you and for what purpose.
  • Correction: If data is incorrect or incomplete, you can request that we correct it.
  • Erasure: You can request that we erase your data - for example, if it is no longer needed or if you withdraw your consent.
  • Restriction of processing: You can request that we store your data but no longer use it - for example, while we check whether the data is correct.
  • Data portability: On request, we will provide you with your data in a commonly used, machine-readable format so that you can pass it on to another provider.
  • Objection: If we process your data on the basis of a legitimate interest (e.g. for statistics or marketing), you can object to this at any time. We will then check whether our reasons outweigh your reasons or whether we should stop processing your data.
  • Withdrawal of consent: If you have given us consent to process your data (e.g. for sending our newsletter), you can withdraw this consent at any time with effect for the future. This means that we may no longer use your data for this purpose from the time you withdraw your consent. However, the processing that took place before you withdrew your consent remains lawful. Your revocation therefore has no effect on the past, but only on the future.

13. Right to lodge a complaint

You can lodge a complaint with any data protection supervisory authority. The competent authority is the authority in the federal state in which our hotel is based.

14. Security

We use state-of-the-art SSL encryption.

15. Status and changes

Status: December 2025
Version: 1.0
We reserve the right to amend this privacy policy in order to adapt it to new legal situations or technical changes.

Cookie consent

Here you can adjust your consent to the storage of cookies.