Data protection
Michaela Geisler, Burgstall 361 - 6290 Schwendau
We use the following data when you conclude a contract with us
Master data:
Family and first name, complete address, all contact information (e.g. e-mail address, telephone number), information about the nature and content of our contractual relationship.
Other personal data which you or third parties make available to us with your consent or otherwise permissibly when initiating the contract, during the contractual relationship (e.g. for issuing a guest card) or for the fulfilment of legal obligations:
Date of birth or age, marital status, gender, occupation, identification data, bank details, authority to sign or represent, contract commitment, notice/cancellation periods or other information about your person which you have made known to us yourself.
Use of processors
The protection of your data is important to us. Even if we use an order processor, e.g. Feratel - guest directory according to § 19 MeldeV), we make sure that the order processing takes place within the European Union.
- Reporting obligation
According to the Austrian Registration Act, you are obliged to register with us with the data specified in § 5 and § 10 of the Registration Act. This concerns the following data:
Name, date of birth, gender, nationality, country of origin, address including postcode and - in the case of foreign guests - type, number, issuing office and issuing authority of a travel document as well as the date of arrival and departure.
1.2 Guest directory
We will keep this data in a guest register on the basis of the legal obligation imposed on us under Section 19 of the Registration Act Enforcement Order and store it for a period of 7 (seven) years, unless it is processed for longer for other purposes specified in this privacy policy.
The guest directory is maintained electronically by us, whereby we forward the data to an IT processor. The data is stored locally with this company. A transfer to a third country does not take place.
1.3 Disclosure of data
The data categories "Arrival", "Departure" linked with the country of origin are forwarded to the municipality in which our accommodation is located in accordance with § 6 of the Tourism Statistics Ordinance. The respective tourism association Mayrhofen Hippach to which we belong and/or the municipality are also aggregated data on the number of total overnight stays and the persons who are obliged to pay the residence tax to be transmitted. This is done on the basis of § 9 of the Tyrolean Residence Tax Act.
1.4 Legal basis of the processing operations
The processing according to points 1.1 to 1.3 above is based on Art. 6 para. 1 lit. c DSGVO (fulfilment of legal obligation).
1.5 Additional data transmission to TVB/municipality
In addition, we forward your postcode and year of birth (in pseudonymous or anonymous form) for statistical purposes for the creation and evaluation of origin and age statistics by the tourism association to our municipality and our TVB. This forwarding is based on Art. 6 para. 1 lit e (task in the public interest) and lit f (overriding legitimate interests) DSGVO. You can object to this at any time for reasons arising from your particular situation (Art. 21 (1) DSGVO).
- Guest card
- General
You have the possibility to take advantage of a guest card. The guest card grants you discounts and/or services at various companies in the region (e.g. discounted admissions). The guest card is valid for the period of your stay with us.
- Issuing the guest card
The guest card is issued and issued by the accommodation provider only at your request. Depending on the guest card system used by the TVB and/or the accommodation provider, it will be issued either in the form of
- an electronically generated guest card,
- a manually created guest card or
- of the copy of the registration form
issued.
2.3 Personal data processed
The following personal data, which is determined from the registration data (see point 1 above), is processed for both the electronically generated and the manually generated guest card:
First name, last name, date of birth and length of stay (arrival/departure), country of origin, postcode.
If the guest card is issued in the form of a "registration form", it contains the contents according to § 5 in connection with § 9 of the Registration Act (see above point "Registration data" 1.1). In this case, no electronic processing takes place for the purposes of the guest card.
When using the guest card, the following personal data are also processed: Data on the usage cycle of the respective card, service usage, bookings, transaction logging, billing data, reference to the registration data and the accommodation provider.
The data is required in order to establish identity and to determine the period of validity of the guest card at the respective service provider and to enable the settlement of benefits between service providers, the TVB and, if applicable, the accommodation establishments.
2.4 Legal basis of the processing operations
The processing of data for the purpose of the guest card is either based on your consent (Art. 6 para 1 lit a DSGVO) or, if the guest card is part of the service provision within the framework of the accommodation contract, for the purpose of fulfilling the contract (Art. 6 para 1 lit b DSGVO).
You can revoke your consent at any time verbally to the accommodation provider or in writing to the e-mail address info@leuhaus.at.
2.5 Operation of the guest card system
The guest card system is operated by the local tourism association ("TVB"). Furthermore, local accommodation establishments and local enterprises ("service providers") are involved.
The data processed for the guest card will be deleted after 48 (forty-eight) months.
2.6 Recipients of the data
The local TVB receives the data processed for the purposes of the guest card for the purposes of billing the service providers and/or accommodation establishments.
The individual service providers who offer discounted services on the basis of the guest card also receive the data if you make use of the guest card services for these companies.
In order to claim benefits, you must present the respective guest card, on which the data is displayed, to the service provider and thus disclose it yourself. The entrepreneur then checks whether the guest card is (still) valid, usually by reading the barcode on the guest card and by transmitting the barcode data to our IT contractor. In the process, personal data is also transmitted to the entrepreneur, in particular also your identity data (to check the identity and date of birth).
If the guest card is issued in the form of the "Meldezettel", he checks the validity by means of the carbon copy of the "Meldezettel".
- Other processing of your data
In principle, we only process the data that is absolutely necessary for the conclusion or fulfilment of the contract. If you have also given us your consent, we will process your data so that we can send you information about our services until you revoke it. In doing so, we use the following communication channels, provided you have named them to us:
Phone, email, text, mail or social media channels.
- Data deletion
Your master data and other personal data will be deleted when they are no longer required to fulfil the purpose for which they were stored - usually after 7 (seven) years - or when storage becomes inadmissible for legal reasons.
Instead of deletion, data can also be made anonymous, which means that any reference to a person is irretrievably removed.
- Cookies
Our website uses so-called cookies. These are small text files that are stored on your end device with the help of the browser. They do not cause any damage.
We use cookies to make our offer user-friendly. Some cookies remain stored on your terminal device until you delete them. They enable us to recognise your browser on your next visit.
If you do not wish this, you can set up your browser so that it informs you about the setting of cookies and you only allow this in individual cases.
If cookies are deactivated, the functionality of our website may be limited.
- Web Analysis
Our website uses functions of the web analysis service Google Analytics. Cookies are used for this purpose, which enable an analysis of the use of the website by your users. The information thus generated is transferred to the provider's server and stored there.
You can prevent this by setting up your browser so that no cookies are stored. We have concluded a corresponding contract for order processing with the provider.
- Newsletter
You have the possibility to subscribe to our newsletter via our website. For this we need your e-mail address and your declaration that you agree to receive the newsletter.
In order to provide you with targeted information, we also collect and process information voluntarily provided on areas of interest, birthday and postcode [...].
Once you have signed up for the newsletter, we will send you a confirmation email with a link to confirm your subscription.
You can cancel your subscription to the newsletter at any time. Please send your cancellation to the following e-mail address: info@leuhaus.at We will then immediately delete your data in connection with the newsletter dispatch.
- social media plug-ins
The operator uses so-called "embedded" social media plug-ins (interfaces to social networks) on the website. When visiting the website, the system automatically establishes a connection with the respective social network due to the integration of the plug-ins and transmits data (IP address, visit to the website, etc.).
The data transmission occurs without the intervention and outside the responsibility of the operator. The user can prevent this data transmission by logging out of the respective social networks before visiting the website. Only in the "logged in" state can the social network assign specific data to the user's activity profile through automatic data transmission.
The automatically transmitted data is used exclusively by the operators of the social networks and not by the operator. Further information on this, including the content of the data collection by the social networks, can be taken directly from the website of the relevant social network. The privacy settings can also be adjusted there.
The social networks embedded on the website are:
- Facebook ("like")
Facebook Inc, 1601 S California Ave, Palo Alto, CA, 94304, USA
For further information please visit https://de-de.facebook.com/policy.php
Instagram, LLC Instagram Inc., 1601 Willow Road, Menlo Park, CA 94025, USA
For further information please visit https://help.instagram.com/155833707900388
- You can exercise the following rights with regard to the processing of your data:
- Right to information: You have the right to find out from us whether and to what extent we process your data.
Contact / Responsible:
Michaela Geisler | Burgstall 361 - 6290 Schwendau
- your rights
You are generally entitled to the rights of information, correction, deletion, restriction, data portability, revocation and objection. If you believe that the processing of your data violates data protection law or your data protection rights have otherwise been violated in some way, you can complain to the supervisory authority. In Austria, this is the data protection authority.
- Right of complaint: If you believe that the processing of your personal data violates Austrian or European data protection law, please contact us to clarify any issues. Of course, you have the right to complain to the Austrian data protection authority or to a supervisory authority within the EU.
- Confirmation of Identity:
In order to protect your rights and privacy, we are entitled to request proof of identity in case of doubt.
- Claiming rights unduly:
If you claim one of the aforementioned rights in a manifestly unfounded or particularly frequent manner, we are entitled to charge an appropriate processing fee or to refuse to process the request.
- Duty to cooperate:
Within the scope of our duty to cooperate, we are obliged to hand over data upon request in accordance with the statutory provisions (e.g. BAO, Meldegesetz, ZPO, StPO, ...).
- Period of validity:
This privacy policy is effective from 25 May 2018 and replaces the existing privacy policy.