Projekt EN > Data Protection

Data protection

General Data Protection Regulation (GDPR)

We care about the security of data. We only use them emarked and only pass them on to our partners, if they contribute to the fullfillment of purpose regarding our specific assingment. According to the EU-General-Dataprotection regulation and according to the Data Protection Act of the Republic of Austria starting 25.5.2018 users have the right to obtain free information on request about all stored personal data. In addition each customer or user is allowed to ajust incorrect data, block, or delete ("right to be forgotten") his personal data. The only exception is that we have the legal obligation to preserve business or reporting records.

If we do not comply with our data protection duty in due time, please contact your complaint to:

Austrian Data Protection
Wickenburggasse 8
A-1080 Wien
Phone: +43 1 52 152-0
eMail: dsb@dsb.gv.at

 

I. General information about data processing



1.Scope of processing of personal data

In principle, we collect and use personal data of our users only to the extent necessary for the provision of a functional website and our content and services. The collection and use of personal data of our users regularly takes place only with the consent of the user. An exception applies to cases in which prior consent cannot be obtained for practical reasons and the processing of the data is permitted by law.



2. Legal basis for the processing of personal data

Insofar as we obtain the consent of the data subject for the processing of personal data, Art. 6 (1) (a) GDPR serves as the legal basis. For the processing of personal data necessary for the performance of a contract to which the data subject is a party, Art. 6 (1) (b) GDPR serves as the legal basis. This also applies to processing operations required to carry out pre-contractual measures. Insofar as the processing of personal data is required to fulfil a legal obligation that our company is subject to (e.g. national reporting laws), Art. 6 (1) (c) GDPR serves as the legal basis. If the processing is necessary to safeguard the legitimate interests of our company or a third party, and if the interests, fundamental rights and freedoms of the data subject do not prevail over the first interest, Art. 6 (1) (f) GDPR serves as the legal basis for processing.



3. Deletion of data and duration of storage
The personal data of the data subject will be deleted or blocked as soon as the purpose of the storage ceases to exist. In addition, storage may be provided for by European or national legislators in EU regulations, laws or other provisions to which the controller is subject. Blocking or deletion of the data also takes place when a storage period prescribed by the provisions mentioned expires, unless there is a need for further storage of the data for the conclusion or fulfilment of a contract.

 

II. Provision of the website and creation of log files



1. Description and scope of data processing

Each time our website is accessed, our system automatically collects data and information from the system of the computer accessing it. The following data is collected:

(1) Information about the browser type and version used

(2) The operating system of the user

(3) The IP address of the user

(4) Date and time of access

(5) Websites from which the system of the user is rerouted to our website

(6) Websites accessed by the user’s system via our website
The data is also stored in our system’s log files. No storage of this data together with other personal data of the user takes place. Personal user profiles cannot be created. The stored data is only evaluated for statistical purposes.

2. Legal basis for data processing
The legal basis for the temporary storage of data and log files is Art. 6 (1) (f) GDPR.

3. Purpose of data processing
The temporary storage of the IP address by the system is necessary to allow delie website to the user’s computer. To do this, the user’s IP address must be kept stored for the duration of the session.
Storage in log files is carried out to ensure the functionality of the website. In addition, the data is used to optimise the website and ensure the security of our information technology systems. No evaluation of the data for marketing purposes takes place in this context.
These purposes also represent our legitimate interest in the processing of data according to Art. 6 (1) (f) GDPR.

4. Duration of storage
The data is deleted as soon as it is no longer necessary for the purpose of its collection. If the data is collected for the purpose of the providing the website, this is the case when the respective session is ended.
If the data is stored in log files, this is the case after no more than seven days. Further storage is possible. In this case, the IP addresses of the users are deleted or anonymised, thus preventing them from being associated with the visiting client.

5. Objection and removal options

The collection of data for the provision of the website and the storage of the data in log files is essential for the website’s operation. As a result, the user has no option to object.

 

III. Contact/email contact


1. Description and scope of data processing
A contact option is available on our website which can be used for electronic contact. If a user makes use of this option, they can contact the relevant contact person via the email address provided. In this case, the user’s personal data transmitted by email is stored in the email system.
In this context, there is no disclosure of data to third parties. The data is used exclusively for processing the conversation.

2. Legal basis for data processing

The legal basis for the processing of these data is Art. 6 (1) (a) GDPR if the user has granted its consent.
The legal basis for the processing of the data is, moreover, Art. 6 (1) (f) GDPR. If contact is established in order to conclude a contract, the additional legal basis for processing is Art. 6 (1) (b) GDPR.

3. Purpose of data processing
For the processing of personal data as part of email contact, the required legitimate interest in the processing of data is given.

4. Duration of storage

The data is deleted as soon as it is no longer necessary for the purpose of its collection. For the personal data sent by email, this is the case when the respective conversation with the user has ended. The conversation is ended when it can be inferred from the circumstances that the relevant facts have been definitively clarified.
If the contact is a pre-contractual relationship (offer or reservation request), the data transferred is also stored in our hotel software and used for contract performance. If no contractual relationship arises, we will delete the data after one year effective at the end of the year.

5. Objection and removal options
The user has the option to object to the processing of their personal data at any time. We have the email address happy@goldenerberg.at for this purpose.
Please note that in the case of an objection, the conversation cannot be continued and we cannot create offers etc.
All personal data stored in the course of making contact will be deleted in this case.

 

Use of Cookies

Use of Google Analytics, Google Conversion Tracking and Google Remarketing

Use of Checkeffect

Deactivation of Google Advertising

Use of Google Maps

Use of Facebook Social Plugins

Use of Instagram Social Plugins

Use of Twitter Plugins

“Share” and “Like” buttons

Use of the +1 Button/Google+1 Button

Use of YouTube Plugins

Newsletter

Declaration of Consent on the Part of User

Right to Information

Share

Goldener Berg Information