Data protection declaration

Your personal data and any photos and/or documents uploaded by you will be collected and processed for the purpose of marketing, as well as correspondence, processing of your data and those of your family members (if disclosed by you) by the above-mentioned companies and businesses.

Personal data of children will only be processed by us with information and with the consent of their parents or legal guardians or the child itself (if they are able to decide for themselves). As a matter of principle, we only use or pass on children’s personal data to the extent permitted by law, in order to obtain the parental consent required by law or to protect children.

The following personal data will be processed for this purpose:

• First and last name including title
• Date of birth
• Nationality
• Gender
• Address
• Email address
• Phone contact details
• Car registration number and brand of car
• Account details, if applicable (if provided by you) This data comes from:
• The law on obligation to report
• The customer guidance system
• The voucher ordering system

Personal data will only be processed by us if you provide it to us on a voluntary basis (except Reporting Act), for example, if you register with us, order something or contact us.

We would like to point out that the data disclosed and its further use has been recorded in the processing directory. For further information or publication of the directory, please contact our data protection officer Mr Mario Pabst.

The use of our website(s) is basically possible without providing personal data. However, different regulations may arise for the use of individual services, which we will make you aware of separately in the following paragraph:

When you visit our website(s), information such as your IP address is transmitted to us. This information provides details about the terminal device used (computer, smartphone, tablet etc.), the browser used (Internet Explorer, Safari, Firefox etc.), the time of access to our website, the amount of data transferred and the like. We do not use this data to identify individual users. The information only serves to determine the desirability of our website(s) and to continuously improve their contents and make them even more interesting for you. For the sake of completeness, however, we would like to point out that, in the case of a static IP address, there is the possibility of establishing references to a person via a RIPE query. We do not perform such RIPE queries.

We use the personal data provided by you exclusively insofar as your data is required for the fulfilment of the respective purpose (e.g. registration, sending of newsletters, processing of an order, sending of information material and advertising, handling of a competition, answering a question, enabling access to certain information), and/or this is legally permitted (sending of advertisements and information material to existing customers).

The purpose of processing your data is to operate the website(s) with information, the presentation and offering of goods and services of one of our hotels.

Any further use of your data will only take place if you have given your express prior consent. You may withdraw your consent for the future at any time.

The data will be disclosed to the following external institutions or authorities in accordance with the Reporting Act:

• Community of Gosau

A transfer of your data to third parties will not take place, unless we are legally obliged to do so, the transfer of data is necessary for the execution of the contractual relationship, or you have previously expressly agreed to the transfer of your data. External service providers and partner companies, such as the shipping company responsible for the delivery or other cooperation partners, will only receive your data if this is necessary to process the contract or your order. If our service providers come into contact with your personal data, we will make sure that they comply with the provisions of the data protection laws in the same way as we do. Your personal data will not be sold to third parties or marketed in any other way.

We transmit your personal data to companies of the group of companies, whose exact names and contact data you can look up here at any time, for the purpose of analysis in order to be able to provide you with optimal offers, and for the purpose of sending you information and advertisements.

You can revoke your consent to the transfer of your data to companies of the business group at any time with effect for the future.

In the event of a contract being concluded, your personal data will be stored after complete execution of the contract until the expiry of the guarantee, warranty, statute of limitations and statutory retention periods applicable to us, and beyond that until the end of any legal disputes for which the data is required as proof.

The persons of the above-mentioned companies involved in the processing and the process have access to the disclosed data. For further information, please contact our data protection coordinator Mr Mario Pabst.

The data is protected against unauthorised access by encrypted transmission, encrypted storage, a role authorisation concept, a data backup concept and physical security measures for the servers. The security measures are continuously improved in line with technological development.

In accordance with the General Data Protection Regulation, you, as the data subject, are entitled to the rights and judicial remedies listed below. To assert your rights, and if you have any questions, please contact Mario Pabst, Am Hornspitz 1, 4824 Gosau, m.pabst@dachsteinkoenig.at

The right to be informed
According to Art. 15 of the GDPR, the Mayer family business group is required to provide information to any data subject requesting confirmation as to whether personal data relating to them is being processed. You may be required to provide appropriate proof of your identity.

Correction and deletion
According to Art. 16 of the GDPR, you as the data subject have the right to demand the immediate correction of incorrect personal data concerning you or, taking into account the purposes of data processing, the completion of incomplete personal data. According to Art. 17 of the GDPR, a right to the deletion (“right to be forgotten”) of data exists.

Storage period
We store data that you have made available to us exclusively for customer service or for marketing and information purposes seven years after your last contact with us, unless you revoke your consent beforehand.

Restrictions of processing
According to Art. 18 of the GDPR, the right to restrict the processing of all personal data collected exists, which from then on may only be processed after individual consent or for the assertion and enforcement of legal claims.

Data portability
According to Art. 20 of the GDPR, the right to data transferability exists, which is the right to demand the unhindered and unrestricted transfer of personal data collected to a third party.

Right to object
According to Art. 21 para 1 of the GDPR, any data subject has the right to object to the processing of personal data concerning him/her at any time, for reasons arising from his or her particular situation, which is necessary for the performance of a task in public interest, or in exercising official authority entrusted to the person responsible (Art. 6 para 1 lit e) of the GDPR), or which is necessary to safeguard the legitimate interests of the person responsible or a third party (Art. 6 para 1 lit f) of the GDPR). This also applies to profiling based on these provisions. The responsible party will no longer process the personal data, unless the party can prove compelling legitimate reasons for the processing, which outweigh interests, rights and freedoms of the person concerned, or the processing serves to assert, exercise or defend legal claims.

According to Art. 21 para 2 and 3 of the GDPR, any data subject has the right to object to data processing for the purpose of direct marketing with future effect.

Deadlines
If you take measures to enforce your rights under the GDPR listed above, Dachsteinkönig Hotel GmbH must comment on the requested measure or comply with the request without delay, but no later than one month after receipt of your request.

Legal appeal
The data protection authority is responsible for applications concerning violation of the right to information, violation of the rights of confidentiality, correction or deletion.

Newsletter

You have the option of subscribing to our free newsletter. With this newsletter, you will receive all the latest news and information concerning the latest promotions and offers at regular intervals. You will need a valid email address to receive the newsletter. We will then check the email address entered to ensure that you are actually its owner, or if its owner has agreed to receive our newsletter. This is done by sending you an email to the email address you provided, the receipt of which you then confirm. After confirming the email, you will be registered for our newsletter.

When you register for the newsletter, we save your IP address, the date and time of your registration. This is for security reasons in case a third party misuses your email address and subscribes to our newsletter without your knowledge. Further data is not collected and processed by us for subscribing to the newsletter; the data is exclusively used for the subscription of the newsletter.

With your consent, which you can revoke at any time with effect for the future, we transmit your data within (the business group:) familyhotels.com for the purpose of analysis, as well as for the transfer of information for advertising purposes. Your data, which you have made available to us to receive the newsletter, will be compared with data that we may otherwise collect (e.g., when purchasing goods or booking a service) within the business group.

Your data for newsletter registration will not be passed on to third parties who do not belong to the business group.

You can cancel your subscription to our newsletter at any time. Details on how to unsubscribe can be found in the confirmation email and in each individual newsletter.

Cookies
We use cookies to improve our website and to make it as useful as possible for you. Cookies are small text files that are stored on your computer when you visit our website, and allow your browser to be reassigned. Cookies store information such as your language setting, the duration of your visit to our website or the information you enter there. This avoids having to re-enter all necessary data with every use. Cookies also enable us to recognise your preferences and to adjust our website to your areas of interest.

Security
We use technical and organisational security measures to protect your data against manipulation, loss, destruction and access by third parties. Our security measures are continuously improved in line with technological developments on the Internet.

All information we receive from you is protected by a secure server. The server’s SSL (Secure Socket Layer) security software encrypts all information you enter before it is transmitted to us. The information is only decrypted after it has reached our server. A small padlock that appears at the bottom left of our site informs you that the site is secure. With that, you can transmit personal data or credit card information securely via our website.

Facebook Pixel

Our website measures conversions using visitor action pixels from Facebook, Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA (“Facebook”).

These allow the behaviour of site visitors to be tracked after they click on a Facebook ad to reach the provider’s website. This allows an analysis of the effectiveness of Facebook advertisements for statistical and market research purposes and their future optimization.

The data collected is anonymous to us as operators of this website and we cannot use it to draw any conclusions about our users’ identities. However, the data are stored and processed by Facebook, which may make a connection to your Facebook profile and which may use the data for its own advertising purposes, as stipulated in the Facebook privacy policy. This will allow Facebook to display ads both on Facebook and on third-party sites. We have no control over how this data is used.

Check out Facebook’s privacy policy to learn more about protecting your privacy: https://www.facebook.com/about/privacy/.

You can also deactivate the custom audiences re-marketing feature in the Ads Settings section at https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen. You will first need to log into Facebook.

If you do not have a Facebook account, you can opt out of usage-based advertising from Facebook on the website of the European Interactive Digital Advertising Alliance: http://www.youronlinechoices.com/de/praferenzmanagement/.

This website uses KunLeiSys Guest Club software (Regular Guest section). The provider is GASTROpoint GmbH, Pommernstraße 17, 83395 Freilassing, Germany. KunLeiSys Guest Club software is a service for organising and administering the Guest Club, offers, loyalty points, e-mails about events and the distribution of newsletters.

You can register to become a member of the Guest Club on our website. All the personal information you provide shall only be used for the purpose of the respective offer or service. The mandatory information requested for registration must be provided in full. If it is not, your registration will be declined. The personal data you provide on registration shall only be used as specified in your consent (Art. 6 Para. 1(a) GDPR). You are able to withdraw your consent free of charge at any time. This can be done via the unsubscribe link in the e-mail or the unsubscribe option in the Guest Club.

We shall store the information you have provided for the purpose of the Guest Club until such time as you unsubscribe and, as soon as you have unsubscribed and your Guest Club account has been deleted, your details shall be deleted from our servers and the servers of GASTROpoint GmbH.

We shall inform you of any important changes relating to the scope of the services we offer or that are necessary for technical reasons via the e-mail address you provided on registration or saved in your profile. This does not affect statutory retention periods. We have signed a contract data processing agreement with GASTROpoint GmbH and shall fully comply with the strict requirements imposed by the data protection authorities in our operation of KunLeiSys Guest Club software.