Data protection
Privacy policy
The operators of these pages take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this privacy policy.
It is generally possible to use our website without providing personal data. If personal data (e.g. name, address or e-mail addresses) is collected on our website, this is always done on a voluntary basis as far as possible. This data will not be passed on to third parties without your express consent.
We would like to point out that data transmission over the Internet (e.g. when communicating by e-mail) may be subject to security vulnerabilities. Complete protection of data against access by third parties is not possible.
SSL ENCRYPTION
This site uses SSL encryption for security reasons and to protect the transmission of confidential content, such as the enquiries you send to us as the site operator. You can recognise an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line.
If SSL encryption is activated, the data you transmit to us cannot be read by third parties.
DATA PROTECTION PROVISION FOR THE USE OF THE VIOMA BOOKING PLATFORM
We use the Vioma booking platform on the basis of legitimate interest to simplify booking enquiries.
Operator of the booking platform: vioma GmbH, Industriestraße 27, 77656 Offenburg (Germany)
If the guest makes bookings and enquiries via the third-party platform Vioma, we receive various personal information from Vioma. We may also receive enquiries about your booking. We will process this data by name in order to record your booking as requested and provide the booked services. The legal basis for data processing for this purpose is the fulfilment of a contract in accordance with Art. 6 para. 1 lit. b GDPR.
Finally, we may be informed by the Vioma booking platform about disputes in connection with a booking. In doing so, we may also receive data on the booking process, which may include a copy of the booking confirmation as proof of the actual completion of the booking. We process this data to safeguard and enforce our claims. This is our legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR.
Please also note Vioma’s data protection information https://www.vioma.de/de/company/datenschutzhinweise/
DATA PRIVACY POLICY – USE OF FACEBOOK PLUGINS
Plugins of the social network Facebook, provider Facebook Inc, 1 Hacker Way, Menlo Park, California 94025, USA, are integrated on our pages. You can recognise the Facebook plugins by the Facebook logo or the “Like” button on our site. You can find an overview of the Facebook plugins here: http://developers.facebook.com/docs/plugins/.
When you visit our pages, a direct connection is established between your browser and the Facebook server via the plugin. Facebook receives the information that you have visited our site with your IP address. If you click on the Facebook “Like” button while you are logged into your Facebook account, you can link the content of our pages to your Facebook profile. This allows Facebook to associate your visit to our pages with your user account. We would like to point out that, as the provider of the pages, we have no knowledge of the content of the transmitted data or its use by Facebook. Further information on this can be found in Facebook’s privacy policy at http://de-de.facebook.com/policy.php.
If you do not want Facebook to be able to associate your visit to our pages with your Facebook user account, please log out of your Facebook user account.
DATA PRIVACY POLICY FOR THE USE OF GOOGLE ANALYTICS
This website uses Google Analytics, a web analytics service provided by Google Inc (“Google”), 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Google Analytics uses cookies to help the website analyse how users use the site.
The data generated by the cookie about the use of this website (including the user’s IP address) is transferred to a Google server in the USA and stored there for a maximum period of two years.
The European Commission has issued an adequacy decision for the transfer of personal data to the USA.
Google will use the transmitted data on behalf of the user to analyse the use of the website by the user, to compile reports on website activity and to provide other services relating to website activity and internet usage. Google may also transfer this data to third parties where required to do so by law, or where such third parties process the data on Google’s behalf. Google will not associate the user’s IP address with any other data held by Google.
If IP anonymisation is activated on this website, Google will truncate the IP address within the European Union or the European Economic Area beforehand. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and truncated there. IP anonymisation is active on this website by default.
The user can prevent the storage of cookies by Google Analytics by selecting the appropriate settings in their browser software. In this case, however, the user may not be able to use all functions of this website to their full extent. The user can also prevent Google from collecting the data generated by the cookie and relating to the use of the website (including IP address) and from processing this data by Google by downloading and installing the browser plug-in available under the following link:
http://tools.google.com/dlpage/gaoptout?hl=de.
Further information on the terms of use and data protection regarding Google Analytics can be found at http://www.google.com/analytics/terms/de.html
You can prevent Google Analytics from collecting your data by clicking on the following link. An opt-out cookie will be set to prevent your data from being collected on future visits to this website: ” Deactivate Google Analytics
Remarketing or “similar target groups” function of Google Inc.
The provider uses the remarketing or “similar audience” function on the website by displaying personalised, interest-based advertisements to visitors to the provider’s website when they visit other websites in the Google Display Network. Google uses cookies to analyse website usage, which forms the basis for the creation of interest-based advertisements. For this purpose, Google stores a small file with a sequence of numbers in the browsers of website visitors. This number is used to record visits to the website and anonymised data on the use of the website. No personal data of visitors to the website is stored. If you subsequently visit another website in the Google Display Network, you will be shown adverts that are highly likely to take into account previously accessed product and information areas. You can permanently deactivate the use of cookies by Google by following the link below and downloading and installing the plug-in provided there: https://www.google.com/settings/ads/plugin. Alternatively, you can deactivate the use of cookies by third-party providers by visiting the deactivation page of the Network Advertising Initiative at http://www.networkadvertising.org/choices/ and implementing the further information on opting out mentioned there. Further information on Google Remarketing and Google’s privacy policy can be found at: http://www.google.com/privacy/ads/
You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by Google by downloading and installing the browser plug-in available at the following link: http://tools.google.com/dlpage/gaoptout?hl=de
DATA PRIVACY POLICY FOR THE USE OF YOUTUBE
Our website uses plugins from YouTube, which is operated by Google. The operator of the pages is YouTube, LLC, 901 Cherry Ave, San Bruno, CA 94066, USA. When you visit one of our pages equipped with a YouTube plugin, a connection to the YouTube servers is established. The YouTube server is informed which of our pages you have visited.
If you are logged into your YouTube account, you enable YouTube to assign your surfing behaviour directly to your personal profile. You can prevent this by logging out of your YouTube account.
Further information on the handling of user data can be found in YouTube’s privacy policy at https://www.google.de/intl/de/policies/privacy
DATA PRIVACY POLICY FOR THE USE OF GOOGLE MAPS
This website uses Google Maps to display maps and create directions.
Google Maps is operated by Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
By using this website, you consent to the collection, processing and use of the automatically collected data and the data entered by you by Google, one of its representatives or third-party providers.
The terms of use for Google Maps can be found at Terms of use for Google Maps.
You can find more details in the data protection centre of google.de: Transparency and choices and privacy policy.
GOOGLE MAP FONTS
This site uses so-called web fonts provided by Google for the standardised display of fonts. When you access a page, your browser loads the required web fonts into your browser cache in order to display texts and fonts correctly.
For this purpose, the browser you are using must connect to Google’s servers. This informs Google that our website has been accessed via your IP address. The use of Google Web Fonts is in the interest of a uniform and appealing presentation of our online offers. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR.
If your browser does not support web fonts, a standard font will be used by your computer.
Further information on Google Web Fonts can be found at https://developers.google.com/fonts/faq and in Google’s privacy policy: https://www.google.com/policies/privacy/.
BOOKING ON THE WEBSITE, BY CORRESPONDENCE OR BY PHONE CALL
If you make bookings either via our website, by correspondence (email or post) or by telephone call, we require the following data to process the contract:
– Salutation
– First name and surname
– postal address
– Date of birth
– Telephone number
– Language
– Credit card details
– e-mail address
We will only use this data and other information voluntarily provided by you (e.g. expected arrival time, preferences, comments) to process the contract, unless otherwise stated in this privacy policy or unless you have given your separate consent. We will process the data by name in order to record your booking as requested, provide the booked services, contact you in the event of ambiguities or problems and ensure correct payment.
The legal basis for data processing for this purpose is the fulfilment of a contract in accordance with Art. 6 para. 1 lit. b GDPR.
DATA PROCESSING IN CONNECTION WITH YOUR STAY
Use of contract processors
The protection of your data is important to us. Even if we use a processor (Feratel – guest directory according to § 19 MeldeV), we make sure that the order processing takes place within the European Union.
1. registration data
1. obligation to register
According to the Austrian Registration Act, you are obliged to register with us with the data specified in § 5 and § 10 of the Registration Act. This concerns the following data:
Name, date of birth, gender, nationality, country of origin, address including postcode and – for foreign guests – the type, number, issuing room and issuing authority of a travel document as well as the date of arrival and departure.
2. guest directory
We will keep this data in a guest directory on the basis of the legal obligation imposed on us in accordance with Section 19 of the Registration Act Implementation Ordinance and store it for a period of 7 (seven) years, unless it is processed for longer for other purposes mentioned in this data protection declaration.
[The guest directory is kept electronically by us, whereby we forward the data to an IT processor for this purpose. The data is stored locally by this processor. The data is not transferred to a third country.
3. transfer of data
The data categories “Arrival”, “Departure” linked to country of origin are forwarded to the municipality in which our accommodation is located in accordance with § 6 of the Tourism Statistics Ordinance. The respective tourism association [insert exact name] to which we belong and/or the municipality must also be provided with aggregated data on the total number of overnight stays and the persons who are obliged to pay the tourist tax. This is done on the basis of Section 9 of the Tyrolean Residence Tax Act.
4 Legal basis of the processing
The processing pursuant to points 1.1 to 1.3 above is based on Art. 6 para. 1 lit. c GDPR (fulfilment of a legal obligation).
5. additional data transmission to TVB/municipality
In addition, we forward your postcode and year of birth (in pseudonymised or anonymised form) to our municipality and our TVB for statistical purposes for the creation and evaluation of origin and age statistics by the tourism association. This forwarding is based on Art. 6 para. 1 lit e (task in the public interest) and lit f (overriding legitimate interests) GDPR. You can object to this at any time for reasons arising from your particular situation (Art. 21 para. 1 GDPR).
2. guest card
2.1 General information
You have the option of using a guest card. The guest card grants you discounts and/or services at various companies in the region (e.g. discounted admission). The guest card is valid for the duration of your stay with us.
2.2 Issuing the guest card
The guest card is only issued by the accommodation provider at your request. Depending on the guest card system used by the TVB and/or the accommodation provider, it is issued either in the form of
– an electronically generated guest card,
– a manually generated guest card or
– the carbon copy of the registration form
issued.
2.3 Processed personal data
The following personal data, which is determined from the registration data (see point 1 above), is processed for both the electronically generated and the manually created guest card:
First name, surname, date of birth and length of stay (arrival/departure), country of origin, postcode.
If the guest card is issued in the form of a “registration form”, this contains the content in accordance with § 5 in conjunction with § 9 of the Registration Act (see point “Registration data” 1.1 above). In this case, there is no electronic processing for the purposes of the guest card.
When the guest card is used, the following personal data is also processed: Data on the usage cycle of the respective card, service usage, bookings, transaction logging, billing data, reference to the registration data and the accommodation establishment.
The data is required to establish the identity and the period of validity of the guest card with the respective service provider and to enable the settlement of benefits between service providers, the TVB and, if applicable, the accommodation providers.
2.4 Legal basis of the processing
The processing of data for the purposes of the guest card is carried out either on the basis of your consent (Art. 6 para. 1 lit a GDPR) or, if the guest card is part of the service provision within the framework of the accommodation contract, for the purposes of contract fulfilment (Art. 6 para. 1 lit b GDPR).
Consent can be revoked by you at any time verbally to the accommodation provider or in writing to the e-mail address [-].
2.5 Operation of the guest card system
The guest card system is operated by the local tourism association (“TVB”). Local accommodation providers and local companies (“service providers”) are also involved.
The data processed for the guest card will be deleted after 48 (forty-eight) months.
2.6 Recipients of the data
The local TVB receives the data processed for the purposes of the guest card for the purposes of invoicing the service providers and/or accommodation providers.
The individual service providers who grant discounted services on the basis of the guest card will also receive the data if you make use of the guest card services vis-Ã -vis these companies.
You must present the respective guest card, on which the data is displayed, to the service provider in order to take advantage of discounts and thus disclose the data yourself. The service provider then checks whether the guest card is (still) valid, usually by reading the barcode on the guest card and transmitting the barcode data to our IT processor. In the process, personal data is also transmitted to the company, in particular your identity data (to verify your identity and date of birth).
If the guest card is issued in the form of a “registration form”, it will check the validity based on the carbon copy of the “registration form”.
STORAGE AND EXCHANGE OF DATA WITH THIRD PARTIES
Booking platforms
If you make bookings via a third-party platform (Booking, Booking.com, etc.), we receive various personal information from the respective platform operator. In addition, we may receive enquiries about your booking. We will process this data by name in order to record your booking as requested and provide the booked services. The legal basis for data processing for this purpose is the fulfilment of a contract in accordance with Art. 6 para. 1 lit. b GDPR.
Finally, we may be informed by the platform operators about disputes in connection with a booking. We may also receive data on the booking process, which may include a copy of the booking confirmation as proof of the actual completion of the booking. We process this data to safeguard and enforce our claims. This is our legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR.
Please also note the data protection information of the respective provider!
Retention period
We only store personal data for as long as is necessary to use the above-mentioned tracking services and other processing within the scope of our legitimate interest. We store contractual data for longer, as this is required by statutory retention obligations. Retention obligations that oblige us to retain data result from regulations on reporting law, accounting and tax law. According to these regulations, business communication, concluded contracts and accounting documents must be stored for up to 10 years. If we no longer need this data to perform the services for you, the data will be blocked. This means that the data may then only be used for accounting and tax purposes.
Forwarding of data to third parties
We only pass on your personal data if you have expressly consented to this, if there is a legal obligation to do so or if this is necessary to enforce our rights, in particular to enforce claims arising from the contractual relationship. In addition, we pass on your data to third parties insofar as this is necessary for the use of the website and contract processing (including outside the website), in particular the processing of your bookings.
A service provider to whom the personal data collected via the website is passed on or who has or can have access to it is our web host myNet Bruggfeldstraße 5, 6500 Landeck. The website is hosted on servers in Austria. The data is passed on for the purpose of providing and maintaining the functionalities of our website. This is our legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR.
Finally, we forward your credit card information to your credit card issuer and the credit card acquirer when you pay by credit card on the website. If you decide to pay by credit card, you will be asked to enter all mandatory information. The legal basis for passing on the data is the fulfilment of a contract in accordance with Art. 6 para. 1 lit. b GDPR. With regard to the processing of your credit card information by these third parties, please also read the General Terms and Conditions and the privacy policy of your credit card issuer.
Transfer of personal data abroad
We are authorised to transfer your personal data to third parties (contracted service providers) abroad for the purposes of the data processing described in this Privacy Policy. These companies are obliged to protect data to the same extent as we are. If the level of data protection in a country does not correspond to the European level, we contractually ensure that the protection of your personal data corresponds to that in the EU at all times.
DATA SECURITY
We use suitable technical and organisational security measures to protect your personal data stored by us against manipulation, partial or complete loss and against unauthorised access by third parties. Our security measures are continuously improved in line with technological developments.
You should always treat your access data confidentially and close the browser window when you have finished communicating with us, especially if you share your computer with others.
We also take data protection within the company very seriously. Our employees and the service companies commissioned by us have been obliged by us to maintain confidentiality and to comply with data protection regulations.
COOKIES
Some of the Internet pages use so-called cookies. Cookies do not damage your computer and do not contain viruses. Cookies are used to make our website more user-friendly, effective and secure. Cookies are small text files that are stored on your computer and saved by your browser.
Most of the cookies we use are so-called “session cookies”. They are automatically deleted at the end of your visit. Other cookies remain stored on your end device until you delete them. These cookies enable us to recognise your browser on your next visit.
You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general and activate the automatic deletion of cookies when closing the browser. If cookies are deactivated, the functionality of this website may be restricted.
SERVER LOG FILES
The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are
– Browser type/browser version
– Operating system used
– Referrer URL
– Host name of the accessing computer
– Time of the server enquiry
This data cannot be assigned to specific persons. This data is not merged with other data sources. We reserve the right to check this data retrospectively if we become aware of specific indications of unlawful use.
USER INQUIRIES
When contacting us (e.g. via contact form or email), the following user details (hereinafter referred to as “personal data”) are stored for the purpose of processing the enquiry and in the event that follow-up questions arise: Title, first and last name, postal address, e-mail address, telephone number.
The personal data provided by the user will only be processed and used to the extent that it is necessary for the establishment, organisation and modification of the brokerage service and the brokered services.
We are authorised to transfer the personal data collected to third parties, in particular accommodation providers, insofar as this is necessary to process requests for information, reservation requests or bookings.
The personal data collected in this way will be stored for a maximum period of seven years and then deleted.
The data processing is required in accordance with § 8 para. 3 no. 4 DSG 2000 and Art. 6 para. 1 lit b GDPR for the fulfilment of the contract or for the implementation of pre-contractual measures. In addition, by submitting an enquiry in accordance with Section 8(1)(2) DSG 2000 and Article 6(1)(a) GDPR, the user consents to the processing of the data provided by them for the purpose of processing their enquiry.
OBJECTION TO ADVERTISING MAILS
We hereby object to the use of contact data published in the context of the imprint obligation to send unsolicited advertising and information material. The operators of this website expressly reserve the right to take legal action in the event of the unsolicited sending of advertising information, such as spam emails.
NEWSLETTER
When a user subscribes to the newsletter, the user’s personal data, namely title, first name, surname and email address, are collected and processed. The user receives a personalised email up to once a week with information and offers tailored to their needs (newsletter).
By subscribing to the newsletter, the user consents to their data being used for the regular sending of the newsletter in accordance with Section 8(1)(2) DSG 2000 and Article 6(1)(a) GDPR.
The double opt-in procedure is used for registration. After registering, the user receives a confirmation and authorisation email to the email address they have provided, asking them to click on the link contained therein. This ensures that only the authorised user of the specified email address can register for the newsletter.
The user can unsubscribe from the newsletter at any time. At the end of each newsletter there is a link (“Unsubscribe”), which the user can use to unsubscribe. Alternatively, the user can also send a corresponding e-mail. After unsubscribing from the newsletter, the user’s personal data will be deleted from the newsletter distribution list.
RIGHT TO CANCEL & WITHDRAWAL
You have the right to request information about your personal data stored by us. We will be happy to inform you in writing whether and which personal data we have stored about you. You also have the right to have incorrect personal data corrected and to have your personal data blocked or deleted.
Cancellation form: https://www.wko.at/branchen/information-consulting/immobilien-vermoegenstreuhaender/Form-Widerrufsformular-Anhang-I-BGBl_2.pdf
Right to information
If such processing is taking place, you can request the following information
– the purposes for which the personal data are processed
– the categories of personal data being processed
– the recipients or categories of recipients to whom the personal data concerning you have been or will be disclosed
– the envisaged period for which the personal data concerning you will be stored, or, if specific information on this is not possible, the criteria used to determine that period
– the existence of a right to rectification or erasure of personal data concerning you, a right to restriction of processing by the controller or a right to object to such processing
– the existence of a right to lodge a complaint with a supervisory authority.
– all available information on the origin of the data if the personal data is not collected from the data subject
– the existence of automated decision-making, including profiling, referred to in Art. 22 (1) and (4) GDPR and, at least in those cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject.
You have the right to request information as to whether the personal data concerning you is transferred to a third country or to an international organisation. In this context, you may request to be informed of the appropriate safeguards pursuant to Art. 46 GDPR in connection with the transfer.
If you have any questions regarding the processing of your personal data, please contact our data protection officer. He is also responsible for requests for information and for the correction, blocking and deletion of personal data. You can contact him as follows
CONTACT
NATUR-HOTEL PUINT
Norbert Kirschner
Unterdorf 27
Ladis – 6532 – Austria
Tel: +43 5472 6626
Fax: +43 5472 6626 5
Email: office@hotel-puint.at
Web: www.hotel-puint.at