GPDR – Privacy policy

Data Protection
The protection of your personal data (GPDR) is very important to us. Therefore we process your data exclusively on the basis of the legal regulations (DSGVO, TKG 2003). In this privacy policy we inform you about the most important aspects of data processing within our website.

Contact us
If you contact us via the form on the website or by e-mail, you consent to the entry of your personal data which you communicate to us until revoked. Your data will be processed by us for the purpose of processing your request and in case of follow-up questions and will be kept for as long as they are necessary for our business purposes and / or legal requirements. We will not share this information without your consent.

Online booking
Our online booking tool is in collaboration with Seekda – Cognitiv Global Corporation, located at 199 Bay Street, Suite 4000, Toronto, Ontario, M5L 1A9.
More information and the privacy policy of our partner can be found on:
https://seekda.com/de/allgemeine-geschaftsbedingungen/.

Cookies
Our website uses so-called cookies. These are small text files that are stored on your device via your browser. They do no harm.
We use cookies to make our website user-friendly. Some cookies remain stored on your device until you delete them. They allow us to recognize your browser on your next visit.
If you do not want this, you can set up your browser so that it informs you about the setting of cookies and you allow this only in individual cases.
Disabling cookies may limit the functionality of our website.

Google Analytics
Our website uses features of the web analytics service ‘Google Analytics’, a web analytics service of Google Inc, located at: 1600 Amphitheater Parkway Mountain View, Ca 94043, USA. For this purpose, cookies are used to analyze your use of a website. The information generated thereby is transmitted to the server of the provider and stored there.
You can prevent this by setting up your browser so that no cookies are stored.

Social media plug-ins
On our website we have so-called “embedded” social media plug-ins. When visiting the website, the system automatically establishes a connection with the respective social network due to the integration of the plug-ins and transmits data (IP address, website visit, etc.). The data transmission happens without the intervention and outside the responsibility of us.

You can prevent them from data transmission by logging out of the respective social networks before visiting the website. Only in the “logged in” state, the social network can assign specific data to the user’s activity profile through automatic data transfer.

The automatically transmitted data is used exclusively by the social network operators and not by us. Further information on this, including the content of the data collection through social networks, can be obtained directly from the website of the corresponding social network. There you can also adjust the privacy settings.

The social networks included on the website are:
Facebook Facebook Inc., 1601 S California Ave, Palo Alto, CA, 94304, USA
Twitter Twitter Inc., 795 Folsom St., Suite 600, San Francisco, CA 94107, USA
Google („+1“, Maps) Google Inc., Amphitheatre Parkway, Mountain View, CA 94043, USA
Instagram Instagram, LLC Instagram Inc., 1601 Willow Road, Menlo Park, CA 94025, USA
Youtube Youtube LLC, 901 Cherry Avenue, San Bruno, CA 94066, USA

Links
On our website you will find links that lead to other websites to give you more
information. We do not accept any liability for linked websites via our website. These
websites are not covered by our privacy policy.

SSL encryption
Our website uses for security reasons and to protect the transmission of confidential
content, such as Requests that you send to us through this website, SSL encryption. An encrypted connection can be recognized by the address line of the browser, which changes from “http://” to “https://” and the lock symbol in your browser line.
If SSL encryption is enabled, the data you submit to us can not be read by third parties.

Your rights
Basically, you have the right to information, correction, deletion, restriction, data portability, revocation and objection regarding your stored data. If you believe that the processing of your data violates data protection law or your data protection claims have otherwise been violated in a way, you can complain to or to the Data Protection Authority.

If you claim that one of these rights is manifestly unfounded or particularly frequent, we are entitled to demand a reasonable processing fee or refuse to process the application

Confirmation of identity
To protect your rights and your privacy, we are entitled to request proof of identity in case of doubt.

Duty to participate
Within the scope of obligations to cooperate, we are obliged to provide data in accordance with the statutory provisions (eg BAO, Meldegesetz, ZPO, StPO, …) on request.

Period of validity
This Privacy Policy applies from 25 May 2018 and replaces the existing Privacy Policy.

Responsibility to cooperate
As part of our responsibility to cooperate, we are obligated to provide data as stipulated by statutory regulations (e.g. Austrian Federal Fiscal Code (BAO), Austrian Registration Law (Meldegesetz), Austrian Code of Civil Procedure (ZPO), Austrian Code of Criminal Procedure (StPO), etc) upon request.

Contract
We use the following data when you enter into an agreement with us

Personal data
First and last name, full address, all contact information (e.g., e-mail address, telephone number), information about the type of agreement and its content.

Other personal data that you or third parties make available to us, with your consent or otherwise permissible, when the contract is initiated, during the contractual relationship (for example, to issue a guest card) or to fulfill legal obligations:
Date of birth or age, marital status, gender, profession, identity card details, bank details, subscription or representation authorization, contractual commitment, cancellation deadlines or other personal information that you have provided yourself.

1. Registration Data

1.1 Compulsory registration
Under the Austrian Reporting Act, you are required to register with us using the data specified in § 5 and § 10 of the Austrian Registration Law. This applies to the following data:
Name, date of birth, gender, nationality, country of origin, address and postal code and – for foreign guests – the type of travel document traveling with, its number, place of issue and issuing authority and the date of arrival and departure.

1.2. Guest directory
We are required by law to keep this data in a guest register as stipulated by § 19 of the Austrian Registration Law and store it for a period of 7 (seven) years, unless it is processed for a longer period of time for other reasons specified by this privacy policy.

We administer the guest register electronically and forward the data to an IT processor, where the data is stored locally. A transfer to a third country does not take place.

1.3. Disclosure of data
The data categories “Arrival”, “Departure” linked to the country of origin are forwarded to the municipality in which our accommodation is located in accordance with § 6 Tourism Statistics Regulation. The relevant tourist office Olympiaregion Seefeld, to which we belong, and also aggregated data on the number of total overnight stays and the persons who are required to pay the local tourist tax. This is done in accordance with § 9 of the Tyrolean Regulation on Local Tourist Tax (Tiroler Aufenthaltsabgabegesetz).

1.4. Legal basis of data processing
The processing in accordance with points 1.1 to 1.3 above is based on Art. 6 para. 1 lit. c DSGVO (fulfillment of legal obligation).

1.5. Additional data transmission to tourism association/municipality
In addition, we forward your postal code and year of birth (in pseudonymised or anonymised form) to our community and our TVB for statistical purposes to compile and evaluate the source and age statistics of the Tourist Board. This transfer is based on Art. 6 (1) lit e (task in the public interest) and lit f (predominant legitimate interests) GDPR. On the other hand, they may appeal at any time for reasons arising from their particular situation (Article 21 (1) GDPR).

2. Guest card

2.1 General Information
You have the opportunity to use a guest card. The guest card offers discounts and / or services by various companies in the region (for example, reduced entry fees). The guest card is valid for the duration of your stay with us.

2.2 Issue the guest card
Guest cards will be issued by the accommodation provider only at your request. Depending on the guest card system used by the TVB and/or the accommodation provider, you will be issued one of the following:

• an electronically generated guest card,
• Manually created guest card or
• Carbon copy of the registration form

2.3 Processed personal data
For both the electronically generated and the manually created guest card, the following personal data, which is taken from from the registration data (see point 1 above), is processed:
First name, last name, date of birth and length of stay (arrival / departure), country of origin, zip code.
If the guest card is issued as a carbon copy of the registration form, it includes information as stipulated in § 5 in conjunction with § 9 of the Austrian Registration Law (see 1.1 Registration data). In this case, the data is not processed electronically for guest card purposes.
The following additional personal data is processed when the guest card is used: data about the card’s usage frequency, services used, bookings, transaction logging, billing data, reference to registered data and the tourist accommodation establishment.
This data is required to determine, on the one hand, your identity, and on the other hand, to determine the guest card’s duration of validity at the respective service provider’s establishment. It also facilitates the settlement of discounts between the service providers, the tourism association, and if need be, the tourist accommodation establishments.

2.4 Legal basis for data processing
Data is processed for guest card purposes, based either on your consent (Art. 6, para. 1, lit. a GDPR) or, for the purpose of contractual performance (Art. 6, para. 1, lit. b GDPR), if the guest card is part of service provisioning as specified in the accommodation agreement.
You may revoke your consent at any time by notifying the accommodation provider verbally or by sending an email to the following address: karin@seefeldchalets.com.

2.5 Guest card system administration
The guest card system is managed by the local tourism association. Other parties involved are the local tourist accommodation establishments and local companies (service providers).
Data that is processed for guest cards is deleted after forty-eight (48) months.

2.6 Data recipients
Data processed for guest card purposes is forwarded to the local tourism association to facilitate the billing of service providers and/or tourist accommodation establishments.
Individual service providers, who honor the guest card and offer discounted services, also receive this data when you use services provided by these establishments that are offered through the guest card.
To claim discounts, you must present the card containing this data to the service provider. The establishment then checks if the card is (still) valid, usually by scanning the barcode on the guest card and then by transferring the barcode data to our IT processor. At this time, personal data is also transferred to the establishment, in particular, data about your identity (to verify identity and date of birth).
If the guest card is a carbon copy of the registration form, the establishment verifies its validity by means of the carbon copy of the registration form.

3 Other processing of your data
As a rule, we process only data that is absolutely necessary to conclude and execute the agreement. However, upon your consent and until revoked, we will also provide you with information about our services. We will send you information via the following communication channels if you have given us the respective data:
Telephone, email, mobile number for texts, address, social media information

4 Deleting data
Your personal data and other personal data are deleted if it is no longer required for compliance with retention laws, typically after seven (7) years, or if saving the data is not permitted according to the law.
In lieu of deleting the data, it is also possible to anonymize it, which means that any reference to a person is irrevocably removed.

Kontakt
Karin de Jong – Wiesenweg 484 – A-6100 Seefeld in Tirol – Email: karin@seefeldchalets.com