MILPAU
Book
Menu
LocationsApartmentsBusinessPrivate & EventsFAQContact
Ruhr area & NRW
Premium apartments
Book now+49 2361 9703890

Privacy policy

Last updated: March 9, 2026

This English version is provided for convenience. In case of legal interpretation, the German version and applicable German law prevail.

Privacy policy

1. Information about the controller

The controller responsible for data processing on this website is:

MILPAU Apartments GmbH

Karlstraße 57

45661 Recklinghausen

Germany

Email: info@milpau.de

Phone: +49 2361 9703890

Managing Director: Christopher Büttner

2. Definitions and general information

Our privacy policy is based on the terminology used in the General Data Protection Regulation (GDPR).

  • Personal data: Any information relating to an identified or identifiable natural person.
  • Data subject: Any identified or identifiable natural person whose personal data is processed.
  • Processing: Any operation related to personal data, including collection, storage, use or transfer.
  • Cookies: Small text files stored on your device to analyse website use or save preferences.

3. Data collected when visiting our website (server log files)

When using the website for information purposes only, we collect the data that your browser transmits to our server:

  • IP address (anonymised)
  • Date and time of the request
  • Browser type and version
  • User operating system
  • Referrer URL (the previously visited page)
  • Legal basis: Art. 6 para. 1 lit. f GDPR (legitimate interest in the stability and security of the website).

4. Contact options (email, phone, live chat)

If you contact us, the data you provide, such as email address, name, phone number and chat history, will be stored in order to process your request.

Live chat: We use a chat module to answer real-time enquiries. Data processing takes place for the initiation or performance of a contract.

Legal basis: Art. 6 para. 1 lit. b GDPR.

5. WhatsApp Business

We offer communication via WhatsApp. The provider is WhatsApp Ireland Limited (Ireland/USA).

Data processing: mobile number, profile name and message content.

Note: WhatsApp uses end-to-end encryption. Nevertheless, WhatsApp may process metadata. By using this channel, you consent to the transmission.

Legal basis: Art. 6 para. 1 lit. a GDPR (consent) or Art. 6 para. 1 lit. b GDPR (performance of a contract).

6. Analytics tools and tracking

We only use tracking technologies after you have given your explicit consent via our cookie banner.

6.1 Google Analytics 4 (GA4)

Provider: Google Ireland Limited, Dublin, Ireland.

Purpose: Analysis of user behaviour and creation of reports on website activities.

Special feature: IP addresses are automatically anonymised in GA4. Data may be transferred to the USA (Google is DPF-certified).

Legal basis: Art. 6 para. 1 lit. a GDPR (consent).

6.2 Hotjar

Provider: Hotjar Ltd, Malta.

Purpose: Understanding user needs, for example heatmaps and click behaviour.

Data: IP address (anonymised), screen size, device type, geographic location (country only).

Legal basis: Art. 6 para. 1 lit. a GDPR (consent).

6.3 Google Tag Manager

This tool manages other scripts. The Tag Manager itself does not collect personal data, but it may trigger other tags that do.

7. Social media plugins (Instagram, Facebook)

We include links to our social media profiles. Data is only transferred to the providers, such as Meta Platforms, once you actively click the respective button. If you are logged in, the provider may associate the visit with your account.

8. Google Fonts

We use Google Fonts for a consistent presentation of typefaces. To maximise data protection, we integrate them locally on our server, meaning without a connection to Google servers, OR, if loaded remotely, use is based on Art. 6 para. 1 lit. f GDPR.

9. Retention period and deletion

We only store data for as long as required for the relevant purpose, such as booking or enquiry handling, or due to statutory retention periods under commercial and tax law, which may be up to 10 years.

10. Your rights as a data subject

You have the following rights vis-à-vis us:

  • Access (Art. 15 GDPR): Which data do we store about you?
  • Rectification (Art. 16 GDPR): Correction of inaccurate data.
  • Erasure (Art. 17 GDPR): Right to be forgotten.
  • Restriction (Art. 18 GDPR): Limitation of processing.
  • Data portability (Art. 20 GDPR): Receipt of your data in a machine-readable format.
  • Withdrawal (Art. 7 para. 3 GDPR): You may withdraw any consent you have given with effect for the future at any time.
  • Right to lodge a complaint: You may complain to a supervisory authority, for example the data protection authority in North Rhine-Westphalia.

11. Data security

We use SSL/TLS encryption to protect your data as effectively as possible during transmission, for example via the booking form.