Data Privacy Policy

Schladming Appartements Maria Gruber GmbH

This privacy statement concerns all persons, which use the services of Schladming Appartements Maria Gruber GmbH. We are hereby informing you of the type, extent and purpose of the capture and use of your personal data by our company. We respect your privacy and are committed to precisely following the legal requirements for the processing of your personal data (EU regulation no. 679/2016 (GDPR), DSG 2000, DSG 2018 and TKG 2003). All your personal data is processed on this basis.

By using our services and providing your consent in accordance with this declaration, you confirm that you are 18-years or above and are able to give valid consent, or you have provided us with a valid declaration of consent from your legal guardian or solicitors.

 

Contacting us

Schladming Appartements Maria Gruber GmbH
Erzherzog-Johann-Strasse 248 A; A-8970 Schladming
PHONE: +43(0)3687/22818
FAX: +43(0)3687/22841
EMAIL: office@schladming-appartements.at 
INTERNET: www.schladming-appartements.at 

 

Data storage

Your personal data, particularly your 

  • master data (last name, first name, address, email address, telephone number), 
  • the data contained in your travel documents (passport number, passport data, date of birth, issuing authority, expiration date), 
  • data regarding payment type and pertaining to payments, in particular EC-cards, credit cards and bank cards, 
  • destinations, hotels, length of stay, contact persons, conditions, special services, medical data, frequent flyer number and 
  • special data categories such as medical data and data regarding special requirements or marital-/partnership, 
     

are required for our services. In particular, these include bookings pertaining to travel, guides, hotels, restaurants, rental vehicles, transfers, registries, insurance, events, tours, accreditation, vouchers - including customer system, invoicing and checking thereof (B2B, B2C, FIT) – tickets.
For these purposes, this data is saved, processed and, if needed, transferred to third parties - including service providers in other countries for the purpose of processing travel bookings, software and agency services. 

The legal foundations for these data processing procedures are 

  • the fulfilment of our pre-contractual and contractual obligations to yourself, 
  • consent declarations obtained from yourself, 
  • statutory, contractual or other legal obligations (e.g. documentation rights and obligations as per finance and accounting, tax and customs regulations, contract administration, reporting regulations, legal disputes) as well as Art. 96 TKG and
  • our legitimate interests (e.g. the betterment of our client services, also within the scope of direct advertising or the perception of our own legal interests).
     

The length for which the data is saved is calculated in accordance with the length of our business relationship, the declarations of consent, as provided by yourself, as well as the statutory requirements to preserve records and legal obligations, which apply to our business. In case of regular business and in the interest of optimum client services, we must stress that we are committed to knowing your previously submitted customer wishes so well, that we can provide lasting and on-going customer satisfaction. 

 

Our internet presence

Your access data is automatically captured and saved when you access our webpage. This access data can include which webpage you accessed, any viewed documents, date and time of access, IP address of the user, data of the pc used for access, particularly the browser and operating system as well as data size and the successful access notification, in particular. We use this access data for internal statistical purposes to guarantee the reliability of our presence and improve it. The access data will be used for evidence preservation in case of suspicion of illegal activity. 

By entering your personal data into one of our contact forms, you acknowledge that it is saved and processed by us for the duration of this concrete enquiry. This applies to the enquiries you submit via contact forms, chat and emails in particular. We need this data to process your enquiry and also save your IP address, in these cases, for evidence preservation. The data is saved provided it is required to aid with potential supplementary or follow-up questions by you or us.

The legal basis for this data processing is your declaration of consent, our pre-contractual and contractual obligations to you, our legitimate interests and legal requirements of any kind and Art. 96 TKG.

Live Chat: www.tidiochat.com, Tidio LLC, 180 Steuart St, CA 94119, San Francisco, USA
CRM: www.numbirds.com, NumBirds CRM GmbH, Brixner Straße 3/3, 6020 Innsbruck
Coupon system: www.hobex.at, hobex AG, Josef-Brandstätter-Straße 2b, 5020 Salzburg


Accommodation providers

In the course of processing this data, Schladming Appartements Maria Gruber GmbH transmits the personal data collected to the following third parties (data processors)

  • Feratel Media Technologies AG, Maria-Theresien-Straße 8, 6020 Innsbruck, Österreich
  • elements.at New Media Solutions GmbH, Gusswerk Halle 6, Söllheimerstraße 16, 5020 Salzburg, Österreich
  • www.numbirds.com, NumBirds CRM GmbH, Brixner Straße 3/3, 6020 Innsbruck

This data processing is necessary in accordance with Article 6(1)(b) GDPR for the performance of a contract or in order to take steps prior to entering into a contract.

 

Use of SSL encryption

In order to best protect the data you transmit, the website operator uses SSL encryption. You can recognize this type of encrypted connection by the prefix “https://” for the page address in your browser's address bar. Unencrypted pages are identified with “http://”.

Thanks to this SSL encryption, no data transmitted to this website—for example, for inquiries or login—can be read by third parties.

 

Reservation

If you reserve a room through Schladming Appartements Maria Gruber GmbH, we collect from you the data necessary to make the reservation, in particular: your name, your telephone number, your email address (“contact data”) and the dates of your arrival and departure, your hotel and the type of room reserved (“reservation data”).

If you make a reservation with Schladming-Appartements Maria Gruber GmbH, your reservation data will be transmitted to the accommodation/service provider chosen by you, in order to actually make your reservation possible. Other than that, your data will not be transmitted to third parties. (Exception for data processing: see below). Your contact data will never be sold or lent by Schladming-Dachstein. Due to legal regulations and the corresponding legal or official provisions, we are obliged in exceptional cases to hand over data to the associated authorities or courts. This is only done in the context of our legal obligations.

In the course of processing this data, the operator transmits the personal data collected to the following third parties (data processors)

  • Feratel Media Technologies AG, Maria-Theresien-Straße 8, 6020 Innsbruck, Österreich
  • Datatrans AG, Kreuzbühlstrasse 26, 8008 Zürich, Schweiz
  • PayPal (Europe) S.à r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg
  • Hobex AG, Josef-Brandstätter-Straße 2B, 5020 Salzburg, Österreich
  • elements.at New Media Solutions GmbH, Gusswerk Halle 6, Söllheimerstraße 16, 5020 Salzburg, Österreich
  • Stadtgemeinde Schladming, Coburgstraße 45, 8970 Schladming, Österreich
  • ARGE Schladming-Dachstein Card, Ramsauerstraße 756, 8970 Schladming, Österreich
     

This data processing is necessary in accordance with Article 6(1)(b) GDPR for the performance of a contract or in order to take steps prior to entering into a contract.

 

Payment via credit card an PayPal

You can use a credit card to pay on our website. Payment data will then be transmitted to the payment service, in order to carry out the payment. The legal basis for this processing of your data is Article 6(1)(f) GDPR. The payment service records the details of the transaction, plus further information related to the transaction such as information about goods/services, financial information, information about the interaction between you and the payment service, merchant information, including details regarding payment methods, device information and location data. The payment service uses the data for purposes including payment processing, credit checks, monitoring and improvements to its service.

In the course of processing this data, the operator transmits the personal data collected to the following third parties (data processors)

  • Feratel Media Technologies AG, Maria-Theresien-Straße 8, 6020 Innsbruck, Österreich
  • Datatrans AG, Kreuzbühlstrasse 26, 8008 Zürich, Schweiz
  • PayPal (Europe) S.à r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg
  • Hobex AG, Josef-Brandstätter-Straße 2B, 5020 Salzburg, Österreich
  • elements.at New Media Solutions GmbH, Gusswerk Halle 6, Söllheimerstraße 16, 5020 Salzburg, Österreich
     

This data processing is necessary in accordance with Article 6(1)(b) GDPR for the performance of a contract or in order to take steps prior to entering into a contract.

 

User queries/email contact

When contacting Schladming Appartements Maria Gruber GmbH (e.g. through the contact form or by email), the following user details will be stored for processing of the query or in case of follow-up questions: title, first name and surname, email address, telephone number, street address, postcode, country, and any data relating to the inquiry (dates of visit, type of accommodation).
These personal data will be stored by the operator for 24 months after the inquiry is processed, and then deleted.
The personal data disclosed by the user are only processed and used by the operator to the extent necessary to handle the request and/or to provide the requested service.

In the course of processing this data, the operator transmits the personal data collected to the following third parties (data processors)

  • Feratel Media Technologies AG, Maria-Theresien-Straße 8, 6020 Innsbruck, Österreich
  • elements.at New Media Solutions GmbH, Gusswerk Halle 6, Söllheimerstraße 16, 5020 Salzburg, Österreich
     

This data processing is necessary in accordance with Article 6(1)(b) GDPR for the performance of a contract or in order to take steps prior to entering into a contract.

 

Job applications

The contact data and application documents transmitted to us as part of a job application are electronically processed by us for the purpose of selecting suitable candidates for an employment relationship. 

If you are turned down, the application documents will only be kept if you consent.

 

Newsletter

You are free to subscribe to our newsletter. Registration, which requires you to submit your email address and consent to receiving the newsletter, can only take place when you acknowledge a link for registration, which you receive per email. In order to supply you with targeted information within the scope of our newsletter, which will be of most interest to you, we give you the option to notify us of particular interests, appointed dates, locations and regions and the like upon registering. 

In every newsletter which you receive, you will find all information pertaining to unsubscribing from the newsletter. For more information on our newsletter, please contact us under office@schladming-appartements.at. We are happy to help.

The content of our website has been carefully curated and repeatedly checked, however we cannot be held accountable for the topicality, validity and scope of the supplied information. Damage claims pertaining to use or non-use of the information or by using false or incomplete information is excluded. All offers are subject to change and are considered non-binding. We reserve the right to change,  supplement, delete or temporarily or entirely unpublish the website or parts thereof without prior notice.
The content and the coding of our website are protected by copyright and ancillary copyright laws.  Every reproduction - even in part - and publication, in particular copying of texts, graphics and photos is forbidden, without obtaining our prior written approval.

Source: interface feratel Deskline®/TOSC5:
- Address data of the guest including advertising blocks or releases recorded in the primary system
- Transaction data of the guest about the stay (when did the guest have which product for how many
persons with which service provider requested or booked)
- Experience bookings of the guest (when did the guest book which product)
- Brochure inquiries and orders (when did the guest order which brochure)
- The deletion logic of data records is defined in the feratel system and correct by NumBirds
processed.
Source: Newsletter registrations via the homepage
- Recording of the guest's address data including double opt-in procedure
Source: Manual imports:
- Address data of the guest including holiday motives (if available)
Facebook Lead Ads (= newsletter subscriptions via facebook and instagram)
- Collection of the guest's address data including consent procedure via facebook/instagram


Transfering to third parties/ obligations of processors

your personal data may be passed on to company-internal processors, 

  • who have committed to complying with the valid data protection standards, or
  • to third parties, who have been contacted to provide your requested services (e.g. foreign booking procedures of any kind).
     

Should it not be possible to comply with European data protection standards - for instance because in specific cases standard contractual clauses, arrangements or certifications can’t be guaranteed - then we will notify you in a timely manner, and will obtain the necessary permission from you. For more information please contact us under office@schladming-appartements.at. 

 

Cookies and tracking services 

We use cookies, which are small elements of texts, which are used for saving information in web browsers. Cookies are recognised when you next access the site and contribute considerably to accelerating loading processes and facilitating the use of our site. The information which is determined and saved by cookies serves to identify you, but also analyse your user behaviour. It will be saved on the server of the relevant provider, who is obligated to uphold our current data protection standards.

The cookies will remain on your end device, following your visit to our site, provided this hasn’t been disallowed from the beginning or you haven’t actively deleted cookies. Actively deactivating cookies may impact the appearance of our webpage for you. You can also prevent cookies from being saved via the appropriate settings in your browser. However, if these settings are activated then we would like to make you aware that you may not be able to access all features of our website. Furthermore, you can stop the data, which has been created by the cookie with regard to your use of the webpage (incl. IP address), from being transferred to Google, by downloading and installing the browser plug-in, available on google.com. The plug-in is only available for certain browser programmes, however.

We also use third party content on our website, in order to curate the most informative and comfortable web experience for you. This includes e.g. Google Maps, RSS feeds or Youtube. Due to technical reasons, these third party providers will receive your IP address. We have no control over the use of this data by the third party providers. In these instances, we refer to the privacy statements of the relevant provider.

We use Google Analytics, a web analysis service of Google Inc. 1600, Amphitheatre Parkway, Mountain View, CA 94043, USA („Google"). Google Analytics uses cookies. The information pertaining to your user behaviour, which is created by the cookie, is generally transferred to and saved on a Google server in the USA. In the European Union, your IP address will first be shortened and thus anonymised or at least pseudonymised. The full IP address is only transferred to a Google server in exceptional circumstances, where it is then shortened.

Google uses this information to evaluate the website, to create reports on website activity and provide other services to the website owner, regarding website use and internet use. The IP address, transferred from your browser within the scope of Google Analytics, is not combined with other google data. In this regard, please also take note of Google’s privacy statement, in particular the information which can be accessed via both of following links: 
http://www.google.com/analytics/terms/de.html and 
https://www.google.de/intl/de/policies/

We use Facebook social pug-ins of the social network Facebook, operated by Facebook Ireland Limited, 4 Grand Canal Square Dublin 2, Ireland, and Facebook Inc., 1601 S. California Avenue, Palo Alto, CA 94303, USA. These plug-ins are buttons with which Facebook measures who uses our website. If the user is also registered as a user with Facebook and is logged into their account, then Facebook will also save further information. For technical reasons, Facebook receives your IP address. We have no control over the use of this data by Facebook. In this instance, we refer to the privacy statements of Facebook which can be accessed via the following link:
https://www.facebook.com/help/568137493302217

Data security reference of Facebook: http://www.facebook.com/policy.php
Data security reference of google: http://www.google.com/intl/de/+/policy/+1button.html
Data security reference of Twitter: https://twitter.com/privacy
Data security reference of Instagram https://help.instagram.com/155833707900388/

You will also be able to access other information there, such as how you can block Facebook social plug-ins with your browser.

 

Google (re)marketing Services

On the basis of our legitimate interests (i.e. interests in the analysis, optimization and economic operation of our online services in the sense of Article 6(1)(f) GDPR), we use the marketing and remarketing Services (“Google marketing services”) provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, (“Google”).

Google is certified under the Privacy Shield Framework and therefore guarantees that it will comply with European data protection law (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active). 

Google marketing services allow us to serve targeted advertisements for and on our website, in order to present users with only those advertisements that may be of interest to them. If, for example, a user is shown advertisements about products that the user has shown interest in on other websites, we refer to this as “remarketing”. For this purpose, when accessing our website or other sites where Google marketing services are active, Google code will be executed directly by Google and “(re-) marketing tags” (invisible graphics or code, also referred to as “web beacons”, will be incorporated in the website. These will be used to store an individual cookie (small data file) on the user’s device (equivalent technology may be used instead of cookies). The cookies may be set by various domains, including google.com, doubleclick.net, invitemedia.com, admeld.com, googlesyndication.com and googleadservices.com. The file will record which websites the user visits, what content the user is interested in and which offers the user clicks on, along with technical information about the browser and operating system, referring websites, time of visit and other details about the use of the online services. The user's IP address will also be recorded; in the scope of Google Analytics, the IP address will be shortened within a member states of the European Union or another contracting state of the European Economic Area, and only transmitted in its full form to a Google server in the USA and shortened there in exceptional cases. The IP address will not be associated with the user data in other Google services. Google may link the information referred to above with similar information from other sources. If the user then visits other websites, targeted advertisements may be displayed based on the user's interests.

The user's data are processed pseudonymously for Google marketing services. That means that Google does not save and process e.g. the user's name or email address, but rather the relevant data cookie referenced from a pseudonymous user profile. Thus from Google's viewpoint, the advertisements are not managed and displayed for a concrete identifiable person, but rather for the cookie owner, regardless of who this cookie owner is. This does not apply if a Google user has expressly permitted their data to be processed without pseudonymization. The information collected about the user by Google marketing services is transmitted to Google and stored on Google servers in the USA.

The Google marketing services used by us include the “Google AdWords” online advertising scheme. With this scheme, each AdWords customer is assigned a separate “conversion tracking cookie”. It is therefore not possible to trace cookies via the websites of AdWords customers. The information collected using the cookie is used to generate conversion statistics for AdWords customers who have chosen to use conversion tracking. The AdWords customers obtain the total number of users who have clicked on their advertisement and been redirected to a site with a conversion tracking tag. However, they do not receive any information that could be used to personally identify users.

We may incorporate third-party advertisements using the “AdSense” Google marketing service. AdSense uses cookies that enable Google and its affiliate sites to serve ads based on users' visits to this site or other sites on the Internet.

In addition, we may use the “Google Tag Manager” to integrate and manage the Google Analytics and marketing services on our website.

You can find more information about Google's use of your data for marketing purposes on the overview page: 
https://www.google.com/policies/technologies/ads. Google's privacy policy can be accessed at https://www.google.com/policies/privacy.
If you would like to opt out of interest-based advertisements from Google marketing services, you can use Google's configuration and opt-out options: http://www.google.com/ads/preferences.


Hosting

We use hosting services to provide the following services: infrastructure and platform services, computing capacity, storage space and database services, security services and technical maintenance services. We use these services for the purpose of operating our online services.

We or our hosting providers may process status data, contact data, content data, contract data, usage data, metadata and communication data from customers, prospective customers, and visitors to our online presence, on the basis of our legitimate interest in making our online services efficiently and securely available, in accordance with Article 6(1)(f) GDPR in conjunction with Article 28 GDPR (Completion of Contractual Order Processing).

 

Collection of access data and log files

We, or our hosting provider, record data about every request to the server where our services are located (“server log files”), on the basis of our legitimate interest in the sense of Article 6(1)(f) GDPR. The access data include: the name of the website requested, filename, date and time of the request, volume of data transferred, report about successful access, browser and version, user operating system, referrer URL (the site visited just before), IP address and the provider queried.

For security reasons (e.g. to clear up cases of fraudulent or improper usage), log file information is saved for a maximum of seven days and then deleted. Data that must be stored longer for the purpose of providing evidence are exempted from deletion until final clarification of the relevant case.

 

Your Rights

You can request access to your personal data, saved by us, at any time and free of charge. As the person concerned, you have a right to retraction, information, deletion, correction and restriction of your personal data, provided we are not bound by a statutory requirement to preserve these records. 

For more information regarding your rights as the person concerned, please contact us under office@schladming-appartements.at. We are happy to help. The Austrian Data Protection Authority (DSB) Wickenburggasse 8-10, 1080 Vienna is responsible for complaints, as the relevant regulatory authority.

 

Amendments to this Data Privacy Policy 

We have implemented organisational and technical protective measures in places which we continually evaluate and adapt where necessary, to protect your personal data which is saved and processed by us. 

We reserve the right to change this privacy statement at any time to adapt to new developments. The new version is valid from date of publication on our website. The current version of the privacy statement can be viewed on our website via www.schladmng-appartements.at, our imprint via www.schladming-appartements.at/en/services/impressum.