Privacy policy

The protection of your personal data is of particular concern to us. We have written this privacy policy (last updated on 28.07.2021) in order to explain to you, in accordance with the requirements of the General Data Protection Regulation (EU) 2016/679 and the Data Protection Act (DSG), what information we collect, how we use data and what decision-making options you have as a visitor to this website. We therefore process your data exclusively on the basis of the legal provisions (DSGVO, TKG 2003).

In terms of the DSGVO 2016/679, Astrid Totschnig-Wurzer is the data controller of the management or processing of personal data that may be collected via the website. The data controller manages and processes any data collected via the website (www.chalet-georg.at) under the following conditions.

In this data protection information, we inform you about the most important aspects of data processing within the framework of our website.

As a rule, it is possible to use our website without providing personal data. Insofar as personal data (for example name, address or e-mail addresses) is collected on our pages, this is always done, as far as possible, on a voluntary basis.

Chalet Georg
Owner Astrid Totschnig-Wurzer MBA
Eßreithweg 2
A-5710 Kaprun
Tel.: +43(0)6547 8550
agricola@kaprun.at

Responsible for data collection on the website

Responsible for the processing of your personal data on our website is Chalet Georg – Astrid Totschnig-Wurzer. The data of the holiday home Chalet Georg can be found in the imprint of our website.

Data storage

Server log files

For technical reasons, in particular to ensure a functional and secure internet presence, we process technically necessary data about accesses to our website in so-called server log files, which your browser automatically transmits to us. The access data we process includes:
– Name of the website accessed
– type of browser used incl. version
– the operating system used by the visitor
– the previously visited page of the visitor (referrer URL)
– time of the server request
– amount of data transferred
– host name of the accessing computer (IP address used)

This data is not assigned to any natural person and is only used for statistical evaluations and for the operation and improvement of our website as well as for the security and optimisation of our internet offer. This data is only transmitted to our website operator. This data is not linked or merged with other data sources. If there is any suspicion of illegal use of our website, we reserve the right to check this data retrospectively. The data processing is based on our legitimate interest in accordance with Art. 6 para. 1 lit. f DSGVO in the technically error-free presentation and optimisation of our website. The access data is deleted shortly after the purpose has been fulfilled, usually after a few days, insofar as no further storage is required for evidence purposes. Otherwise, the data is retained until final clarification of an incident.

Cookies

Our website uses so-called cookies – whereby we ask the user for his or her consent where this is expressly required by law or other relevant regulations – in order to make it easier for the user to navigate, to personalise content and advertisements, to be able to offer social media functions and to analyse the accesses to our website. We also use relevant systems to collect information about the user, such as their IP address, the browser and operating system used and/or websites visited by a user for security and statistical purposes. Our partners may combine this information with other data that you have provided to them or that they have collected in the course of your use of the services.

Some cookies remain stored on your terminal device until you delete them. They enable us to recognise your browser on your next visit.

If you do not wish to do this, you can set your browser to inform you when cookies are set and only allow them in individual cases.

What are cookies?

Cookies are small text files that are placed on your device when you visit certain websites and are used to make the user experience more efficient. By law, we may store cookies on your device if they are necessary for the operation of the particular site. All other cookie types require your permission.

Changing the cookie settings

How the web browser handles cookies, which cookies are allowed or rejected, can be determined by a user in the settings of the web browser. Where exactly these settings are located depends on the respective web browser. Detailed information on this can be accessed via the help function of the respective web browser.

If cookies are deactivated, the functionality of the website may be limited.

Cookies on this website

Some cookies remain stored on your terminal device until you delete them. They enable us to recognise your browser on your next visit.

This website uses cookies. We use cookies to personalise content and ads, provide social media features and analyse traffic to my website. Click on “Allow cookies” to accept all types of cookies or on “Allow selection” to allow only those cookies you have selected.

This site uses different types of cookies. Some cookies are placed by third parties that appear on our pages.

You can change or withdraw your consent at any time from the cookie statement on this site.

Find out more about who we are, how you can contact us and how we process personal data in the Privacy Policy.

Please provide your consent ID and date when you contact us regarding your consent.

Your consent applies to the following domains: www.chalet-georg.at

We use the following data when you enter into a contract with us.

Master data:

Family name and first name, full address, all contact information (e.g. email address, telephone number), information about the nature and content of our contractual relationship.

Other personal data which you or third parties make available to us with your consent or otherwise permissibly when initiating the contract, during the contractual relationship (e.g. for issuing a guest card) or for the fulfilment of legal obligations: Date of birth or age, marital status, gender, occupation, identification data, bank details, authority to sign or represent, contractual obligation, notice/cancellation periods or further information about your person which you have made known to us yourself.

Use of processors

The protection of your data is important to us. Even if we make use of an order processor company Feratel – guest register according to § 19 MeldeV, zadego GmbH -CAPCORN Company Software GmbH -reservation programme as well as our tax consultant for the fulfilment of our tax obligations, we make sure that the order processing takes place within the European Union.

Registration data – obligation to register

According to the Austrian Registration Act, you are obliged to register with us with the data specified in § 5 and § 10 of the Registration Act. This concerns the following data: Name, date of birth, gender, nationality, country of origin, address including postcode and – in the case of foreign guests – the type, number, issuing room and issuing authority of a travel document as well as the date of arrival and departure.

Guest directory

We will keep this data in a guest register on the basis of the legal obligation imposed on us pursuant to Section 19 of the Registration Act Implementation Ordinance and store it for a period of 7 (seven) years, unless it is processed for a longer period for other purposes stated in this data protection declaration. The guest register is kept electronically by us, whereby we forward the data to an IT contractor for this purpose. The data is stored locally with this company. The data is not transferred to a third country.

Passing on of data

The data categories “Arrival”, “Departure” linked with the country of origin are forwarded to the municipality in which our accommodation facility is located in accordance with § 6 of the Tourism Statistics Ordinance. The respective tourism association ZELL AM SEE-KAPRUN TOURISMUS GMBH, of which we are a member, and/or the municipality shall also be provided with aggregated data on the total number of overnight stays and the number of persons obliged to pay the residence tax. This is done on the basis of § 9 of the Tyrolean Residence Tax Act.

Legal basis of the processing

The processing according to points 1.1 to 1.3 above is based on Art. 6 para. 1 lit. c DSGVO (fulfilment of legal obligation).

Additional data transmission to TVB/municipality

In addition, we forward your postcode and year of birth (in pseudonymised or anonymised form) to our municipality and our TVB for statistical purposes for the compilation and evaluation of statistics on origin and age by the tourism association. This forwarding is based on Art. 6 para. 1 lit e (task in the public interest) and lit f (overriding legitimate interests) DSGVO. You can object to this at any time for reasons arising from your particular situation (Art. 21 (1) DSGVO).

Guest card – general information

You have the option of using a guest card. The guest card grants you discounts and/or services at various companies in the region (e.g. discounted admissions). The guest card is valid for the duration of your stay with us.

Issuing the guest card

The guest card is issued by the accommodation provider. Depending on the guest card system used by the TVB and/or the accommodation provider, it is issued either in the form of

– an electronically generated guest card
– a manually generated guest card or
– the carbon copy of the registration slip

issued.

Personal data processed

For both the electronically generated and the manually generated guest card, the following personal data, which are determined from the registration data (see point 1 above), are processed:

First name, surname, date of birth and duration of stay (arrival/departure), country of origin, postcode.

If the guest card is issued in the form of a “registration slip”, this contains the content according to § 5 in conjunction with § 9 of the Registration Act (see above point “Registration data” 1.1). In this case, there is no electronic processing for the purposes of the guest card.

When using the guest card, the following personal data are also processed: Data on the usage cycle of the respective card, service usage, bookings, transaction logging, billing data, reference to the registration data and the accommodation provider.

The data are necessary to establish identity on the one hand and the period of validity of the guest card at the respective service provider on the other hand and to enable the settlement of the benefits between service providers, the TVB and, if applicable, the accommodation establishments.

Legal basis for processing

The processing of data for the purposes of the guest card is either based on your consent (Art. 6 para. 1 lit a DSGVO) or, if the guest card is part of the provision of services within the framework of the accommodation contract, for the purposes of fulfilling the contract (Art. 6 para. 1 lit b DSGVO).

You can revoke your consent at any time verbally to the accommodation provider or in writing to the e-mail address agricola@kaprun.at.

Operation of the guest card system

The guest card system is operated by the local tourism association (“TVB”). Local accommodation establishments and local companies (“service providers”) are also involved. The data processed for the guest card will be deleted after 48 (forty-eight) months.

Recipients of the data

The data processed for the purposes of the guest card is received by the local TVB for the purposes of billing the service providers and/or accommodation establishments. The individual service providers who grant discounted services on the basis of the guest card also receive the data insofar as you make use of the guest card services vis-à-vis these companies.

In order to claim benefits, you must show the respective guest card, on which the data is displayed, to the service provider and thus disclose it yourself. The service provider then checks whether the guest card is (still) valid, usually by reading the barcode on the guest card and by transmitting the barcode data to our IT contractor. In the process, personal data is also transmitted to the entrepreneur, in particular also your identity data (to check your identity and date of birth).

Should the guest card be issued in the form of the “Meldezettel”, he will check the validity on the basis of the carbon copy of the “Meldezettel”.

Other processing of your data

In principle, we only process data that is absolutely necessary for the conclusion or fulfilment of the contract. If you have also given us your consent, we will process your data so that we can send you information about our services until you revoke it. In doing so, we use the following communication channels, provided you have named them to us: Telephone, e-mail, SMS, post.

Data deletion

Your master data and other personal data are deleted when they are no longer required to fulfil the purpose for which they were stored – usually after 7 (seven) years – or when storage becomes inadmissible for legal reasons. Instead of deletion, data can also be anonymised, which means that any reference to a person is irretrievably removed.

You can assert the following rights with regard to the processing of your data:
Right to information: you have the right to find out from us whether and to what extent we process your data.
Contact / person responsible: Ms Waltraud Totschnig, Eßreithweg 25, A-5710 Kaprun – agricola@kaprun.at

Your rights You are generally entitled to the rights of information, correction, deletion, restriction, data portability, revocation and objection. If you believe that the processing of your data violates data protection law or your data protection rights have been violated in any other way, you can complain to the supervisory authority. In Austria, this is the data protection authority.

Austrian Data Protection Authority

Wickenburggasse 8-10
1080 Vienna Austria
Telephone: +43153115202525
E-mail: dsb@dsb.gv.at
Website: www.dsb.gv.at

Right of complaint: 

If you believe that the processing of your personal data violates Austrian or European data protection law, please contact us to clarify any issues. Of course, you have the right to complain to the Austrian data protection authority or to a supervisory authority within the EU.

Confirmation of identity:

To protect your rights and privacy, we are entitled to request proof of identity in case of doubt.

Excessive use of rights:

If you make a manifestly unfounded or particularly frequent claim for any of the above rights, we are entitled to charge a reasonable processing fee or refuse to process the request.

Duty to cooperate:

Within the scope of duties to cooperate, we are obliged to hand over data upon request in accordance with the statutory provisions (e.g. BAO, Meldegesetz, ZPO, StPO, …).

Period of validity:

This data protection declaration is valid from 25 May 2018 and replaces the existing data protection provisions.

Information on data processing in connection with Google Analytics

This website uses Google Analytics, a web analytics service provided by Google Ireland Limited. If the data controller on this website is located outside the European Economic Area or Switzerland, then Google Analytics data processing is carried out by Google LLC. Google LLC and Google Ireland Limited are hereinafter referred to as “Google”.

Google Analytics uses “cookies”, which are text files placed on your computer, to help the website analyse how users use the site. The information generated by the cookie about the use of this website by the site visitor (including the shortened IP address) is usually transmitted to a Google server and stored there.

Google Analytics is used exclusively with the extension “_anonymizeIp()” on this website. This extension ensures anonymisation of the IP address by shortening it and excludes any direct personal reference. Through the extension, the IP address is shortened beforehand by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. The IP address transmitted by the corresponding browser within the scope of Google Analytics will not be merged with other Google data.

On behalf of the site operator, Google will use the resulting information to evaluate the use of the website, to compile reports on website activities and to provide the site operator with further services related to website and internet use (Art. 6 para. 1 lit. f DSGVO). The legitimate interest in the data processing lies in the optimisation of this website, the analysis of the use of the website and the adaptation of the content. The interests of the users are sufficiently protected by the pseudonymisation.

Google LLC. offers a guarantee based on the standard contractual clauses to maintain an adequate level of data protection. The data sent and linked to cookies, user IDs (e.g. user ID) or advertising IDs are automatically deleted after 50 months. The deletion of data whose retention period has been reached takes place automatically once a month.

The collection by Google Analytics can be prevented by the site visitor adjusting the cookie settings for this website. The collection and storage of the IP address and the data generated by cookies can also be objected to at any time with effect for the future. The corresponding browser plugin can be downloaded and installed at the following link: https://tools.google.com/dlpage/gaoptout.

The site visitor can prevent the collection by Google Analytics on this website by clicking on the following link. An opt-out cookie will be set, which prevents the future collection of data when visiting this website.

Further information on the use of data by Google, settings and opt-out options can be found in Google’s privacy policy (https://policies.google.com/privacy) and in the settings for the display of advertising by Google (https://adssettings.google.com/authenticated).

reCAPTCHA

To protect your enquiries via Internet forms, we use the reCAPTCHA service of Google LLC (Google). The query serves to distinguish whether the input is made by a human being or abusively by automated, machine processing. The query includes the sending of the IP address and possibly other data required by Google for the reCAPTCHA service to Google. For this purpose, your input is transmitted to Google and further used there. However, your IP address will be shortened beforehand by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information to evaluate your use of this service. The IP address transmitted by your browser as part of reCaptcha will not be merged with other Google data. The deviating data protection regulations of the Google company apply to this data. You can find further information on Google’s data protection guidelines at: https://policies.google.com/privacy?hl=en.