Menu

Privacy Policy

In this privacy policy we inform you about the processing of your personal data.

If you want to change your privacy settings (grant consent or revoke your previously granted consent), click here to change your settings.

Responsible

Hotel Schneider GmbH, Brettsteinstraße 2, 5562 Obertauern, AT, [email protected], +43 6456 73140

Hosting Provider

Raidboxes

Our website is hosted by our processor Raidboxes, RAIDBOXES GmbH, Friedrich-Ebert-Straße 7, 48153 Münster, Germany.

Connection data are processed to provide and to deliver the website. Data are not stored beyond access for the mere purpose of delivery and provision of the website.

The legal basis of processing is the legitimate interest (absolute technical necessity to provide and to deliver the “website” service which you have explicitly requested by visiting the website according to Article 6 (1) (f) GDPR.

Connection data and other personal data are also processed in connection with various other functions or services in order to operate the website. Detailed information is provided in this Data Privacy Statement and in the individual functions or services.

CDN Provider

Cloudflare CDN

Parts of our website are hosted by our processor Cloudflare, Cloudflare Germany GmbH, Rosental 7, 80331 München, Deutschland.

Connection data are processed to provide and to deliver the website. Data are not stored beyond access for the mere purpose of delivery and provision of the website. However, our processor keeps connection data for security purposes. The duration of processing for security purposes varies and ends with the necessity of the security measures. Furthermore, our processor anonymizes collected data immediately after such data were collected and provides us with statistics for analysis containing anonymous data. We use these statistics for debugging and the sophistication of our website.

The legal basis of processing is the legitimate interest (absolute technical necessity to provide and to deliver the “website” service which you have explicitly requested by visiting the website) according to Article 6 (1) (f) GDPR.

Contact Form

You can contact us by using a contact form provided on our website. After submission of the contact form, the controller will process the personal data you have provided for the purpose of handling your request on the basis of your consent which you have given by submitting the form according to Art. 6 (1) (a) GDPR, until revocation. You have no legal or contractual obligation to provide personal data. If you do not provide such data, you are simply not able to submit and we are not able to process your request.

Online booking and enquiry

websLINE

On our website you have the possibility to book and/or inquire rooms and offers. If a user uses this option, the data entered in the input mask will be transmitted to us and saved. This data is: title, first name, surname, email address, telephone number, address, number of guests, requests, date, time.

Online bookings via our website are completed using the online reservation system of websLINE Internet- & Marketing GmbH, Sägewerkstrasse 24, 83395 Freilassing, Germany. All booking data you enter shall be encrypted. websLINE commits to the data privacy-appropriate handling of your personal data. The company takes all organisational and technical measures to protect your data. In this context, no further transfer of your data to third parties takes place. The data is used exclusively for processing your booking and for communication purposes.

The legal basis for the processing of the data is the conclusion of an accommodation contract with the user. The processing of personal data from the input mask serves solely to process your booking request and to process payment transactions. The data will be deleted as soon as it is no longer necessary for the purpose of its collection. In the case of a contractual relationship, we will delete the data received as soon as national, commercial, statutory or contractual retention requirements have been met.

The user has the option to object to the processing of their personal data at any time. We would like to point out that in the case of objection, the booking cannot be completed or the communication cannot be continued.

Webfonts

Adobe Fonts

We process connection data and browser data in cooperation with our processor Adobe Fonts, Adobe Systems Software Ireland Limited, Citywest Business Campus, Dublin 24, Ireland, in order to provide the fonts which the web browser needs to display the website. These data are processed only for the time needed to select and transfer the fonts.

The legal basis of processing is the legitimate interest (absolute technical necessity to provide and to deliver the “website” service which you have explicitly requested by visiting the website according to Article 6 (1) (f) GDPR.

Any further independent processing of data by Adobe Fonts is carried out by Adobe Fonts as sole controller. Detailed information is provided in the privacy policy of Adobe Fonts.

Analytics Services

Matomo

We will process your personal data in cooperation with the processor Matomo, InnoCraft Ltd., 150 Willis St, 6011 Wellington, NewZeeland, for the purpose of failure analysis and statistical analysis of our website.

We will enable the service to collect connection data, data of your web browser and data of accessed content and to execute analysis software and to store data on your terminal device. The service anonymizes collected data immediately after such data were collected and provides us with statistics for analysis containing anonymous data. We use these statistics for failure analysis and for the sophistication of our website. Data on your terminal device are kept for up to two years.

The legal basis of processing is the legitimate interest (absolute technical necessity to provide and to deliver the “website” service which you have explicitly requested by visiting the website according to Article 6 (1) (f) GDPR. The legal basis for the transfer of data to the Newzeeland is the Commission implementing decision 2013/65/EU.

Newsletter Services

Sendinblue

If you give your consent, we will process your personal data for the purpose of transmitting electronic direct advertising (e.g. newsletter delivery) until you withdraw your consent.

For the purpose of sending newsletters, we use the service provider Sendinblue, Sendinblue GmbH, Köpenicker Straße 126, 10179 Berlin, Deutschland.

The legal basis for the data processing is your consent in accordance with Art. 6 para. 1 lit. a GDPR. There is no legal or contractual obligation to grant consent. Not giving consent will only result in you not receiving a newsletter from us.

Marketing & Targeting Services

Facebook Pixel

In case of granting your consent, we process your personal data with the service Facebook Pixel, Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland as joint controller for the purpose of placing personalised advertisements and measuring our advertising success.

Not giving consent will not directly affect the functioning of the website, but it will not be possible for us to serve personalised advertising on your devices if you do not give consent. You can revoke consent you have already given by changing the data privacy settings.

We enable the service to collect connection data, data from your web browser and data about the content accessed. In addition, we enable the service to run tracking and recognition software and to store data on your device. By use of the tracking and recognition software, it is then possible for the service to enrich its advertising network and to recognise you when you visit external websites or to show personalised advertising. We also use the data collected to measure our advertising success. The data on your device is stored for up to two years.

The legal basis for the data processing is your consent in accordance with Art. 6 para. 1 lit. a GDPR.

Facebook transfers your personal data to the USA. The legal basis for data transfer to the USA is your consent in accordance with Art. 49 Para. 1 lit a in conjunction with Art. 6 Para. 1 lit a GDPR. Before giving your consent, you were already informed that the USA does not have a level of data protection that corresponds to the standards of the EU. In particular, US intelligence agencies can access your data without informing you about it and without you being able to take legal action against it. For this reason, the CJEU ruled that the previous adequacy decision (Privacy Shield) was invalid.

Google Ads

In case of granting your consent, we process your personal data with the service Google Ads, Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland as joint controller for the purpose of placing personalised advertisements and measuring our advertising success.

Not giving consent will not directly affect the functioning of the website, but it will not be possible for us to serve personalised advertising on your devices if you do not give consent. You can revoke consent you have already given by changing the data privacy settings.

We enable the service to collect connection data, data from your web browser and data about the content accessed. In addition, we enable the service to run tracking and recognition software and to store data on your device. By use of the tracking and recognition software, it is then possible for the service to enrich its advertising network and to recognise you when you visit external websites or to show personalised advertising. We also use the data collected to measure our advertising success. The data on your device is stored for up to two years.

The legal basis for the data processing is your consent in accordance with Art. 6 para. 1 lit. a GDPR.

Google transfers your personal data to the USA. The legal basis for data transfer to the USA is your consent in accordance with Art. 49 Para. 1 lit a in conjunction with Art. 6 Para. 1 lit a GDPR. Before giving your consent, you were already informed that the USA does not have a level of data protection that corresponds to the standards of the EU. In particular, US intelligence agencies can access your data without informing you about it and without you being able to take legal action against it. For this reason, the CJEU ruled that the previous adequacy decision (Privacy Shield) was invalid.

Right to object

You have the right to object to processing if your personal data are processed based on legitimate interests.

We will then cease the processing carried out on this basis, unless there are compelling and legitimate reasons for us to do so.

You have the right to object to the processing of your personal data for the purpose of direct marketing. In this case, we will cease the processing of your personal data for the purpose of direct mail.

The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.

Withdrawal

You have the right to withdraw your consent at any time by changing the data privacy settings.

If you have given your consent to receive advertising by email, you may withdraw your consent by clicking the unsubscribe link. In this case, we will cease the processing operations, unless there is any other legal basis.

The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.

Data subject rights

You also have the right to information, correction, deletion and restriction of the processing of personal data.

You have the right to data portability if the processing of your personal data is based on your consent or on a contract concluded with you.

You have the right to lodge a complaint with the supervisory authority. If you need more information on the supervisory authorities in the European Union, click here.