Privacy Policy

according to Article 13 GDPR

Thank you for your interest in our website. The trust of all visitors and customers, the security of your data and the protection of your privacy are of central importance to us.

Your personal data will therefore be treated by us in accordance with the applicable legal data protection regulations and this data protection declaration. Personal data is information that can be used to find out your identity. Typical personal data includes name, first name, address, telephone number, IP address, cookies and email address.

When you view and use our website or otherwise expressly provide us with information, we process the data that is automatically transmitted to us with each request from your browser (see the "Protocol Data" section). If you voluntarily provide us with personal data, the processing takes place exclusively for the purpose of the request or the respective order. We would like to point out that data transmission over the Internet can never be completely protected against access by third parties.

In the following sections, we would like to explain in more detail which data we process when and for what purpose. It explains how our offered services work and how the protection of your personal data is guaranteed.

Name and Address of the Person(S) Responsible:

The person responsible within the meaning of the EU General Data Protection Regulation and other data protection regulations is:

Mario Manzl e.U.
Römerstraße 16
A-6056 Thaur

Legal Basis for the Processing of Personal Data

As a provider, we may only process personal data of website visitors if one of the prerequisites explained below exists as a legal basis:

If we obtain the consent of the data subject for processing personal data, Art. 6 Para. 1 lit. a GDPR serves as the legal basis.

For the processing of personal data that is necessary for the fulfillment of a contract to which the data subject is a party, Art. 6 Para. 1 lit. b GDPR serves as the legal basis. This also applies to processing operations that are necessary to carry out pre-contractual measures.

If the processing of personal data is necessary to fulfill a legal obligation to which our company is subject, Art. 6 Para. 1 lit. c GDPR serves as the legal basis.

In the event that vital interests of the data subject or another natural person require the processing of personal data, Art. 6 Para. 1 lit. d GDPR serves as the legal basis.

If processing is necessary to protect a legitimate interest of our company or a third party and the interests, fundamental rights and fundamental freedoms of the data subject do not outweigh the former interest, Art. 6 Para. 1 lit. f GDPR serves as the legal basis for data processing.

Data Deletion and Storage Period

The personal data of the data subject will be deleted as soon as the purpose of storage no longer applies.

Storage can also take place if this is provided for by European or national laws or other regulations to which the person responsible is subject.

The data will also be blocked or deleted if a storage period prescribed by the aforementioned regulations expires, unless there is a need for further storage of the data for the conclusion or fulfillment of a contract.

Contact

When you contact us (e.g. via contact form, email, telephone or via social media), your details will be processed in accordance with Art. 6 Para. 1 lit. b) GDPR (so-called pre-contractual measure) to process the contact request and its handling.

We delete the requests if they are no longer necessary. We check this necessity every two years. Furthermore, the statutory archiving obligations apply.

Legal Basis

The legal basis for processing this data is so-called pre-contractual measures in accordance with Art. 6 Para. 1 lit. b GDPR

Protocol Data

The provider of the Internet services (provider) automatically collects "protocol data" in server log files.

The protocol data includes the following information:

• Date and time of the respective request
• Internet address (URL) that was requested
• URL that the visitor visited immediately before (referrer)
• Browser and language used
• Operating system used
• IP address and hostname of the visitor
• Access status / http status code
• data volume transmitted in each case

This data is automatically transmitted to us and this data cannot be assigned to your person with reasonable effort.

Legal Basis

The legal basis for processing this data is our legitimate interest in accordance with Art. 6 Paragraph 1 Sentence 1 lit. f GDPR.

The logging serves to control access and monitor the technical processes and their optimization.

It will not be passed on to third parties, except to law enforcement authorities after a court order in the event of a specific case.

The data will be deleted as soon as it is no longer required to achieve the purpose for which it was collected, or after the statutory deletion period has been reached.

Consequently, there is no possibility of objection on the part of the user.

Your Rights

You have the right to free information about the data stored about you, as well as the right to correction, restriction of processing or deletion of this data. You also have the right to data portability. Finally, you also have the right to complain to the data protection supervisory authority about the processing of your personal data by us.

Right to Object

We would also like to point out that you can object to the future processing of your personal data in accordance with the legal requirements in accordance with Art. 21 GDPR at any time. The objection can be made in particular against processing for direct marketing purposes.

Right to Information

If you have any questions about the collection, processing or use of your personal data, for information, for the correction, blocking or deletion of data, as well as for the revocation of any consent you may have given or to object to a specific use of data, please contact us using the following email address:

c.manzl@alpe-chalets.at

Encryption Using SSL / TLS

For security reasons, our website uses SSL or TLS encryption. This protects transmitted data and prevents it from being read by third parties. You can recognize successful encryption by the fact that the protocol designation in the status bar of the browser changes from "http://" to "https://" and that a closed lock symbol is visible there.

Linking

This website may contain links to websites operated by other companies; including e.g. also websites of social media channels.

If you follow such links, you may encounter cookies that are not subject to our control. We cannot accept any liability for this and we refer to the data protection regulations or cookie guidelines of the respective websites.

Web Hosting via All-Inkl

We use the services of ALL-INKL.COM – Neue Medien Münnich, Hauptstraße 68, D-02742 Friedersdorf for web hosting for our websites and have concluded a contract for order processing with all-inkl.com in accordance with Art. 28 GDPR.

Further information can be found in all-inkl's privacy policy at https://all-inkl.com/datenschutzinformationen.

Legal Basis

The legal basis for processing this data is our legitimate interest in the operation and maintenance of the operational security of these websites in accordance with Art. 6 Paragraph 1 lit. f GDPR.

Google Web Fonts

We use Google Web Fonts. All fonts are loaded locally.
When using Google Web Fonts, no personal data is passed on to third parties.

easyGuestmanagement Booking

In order to be able to offer you the inquiry and booking process as pleasantly and efficiently as possible, we use products from easyGuestmanagement by Zangerle Philipp, Baurenhof 7a, 6632 Ehrwald, Austria.

If you make a booking request or online booking via our website, the following personal data will be transmitted to us.

• Number of adult persons
• Number of children
• Arrival and departure dates
• First name, last name
• Phone number
• Email address
• Address

The data you provide to us will remain with us until the purpose for data storage no longer applies (e.g. after your request has been processed).
Mandatory legal provisions – in particular statutory retention periods – remain unaffected.

To protect your data, we have concluded a contract with easyGuestmanagement for order processing in accordance with Art. 28 GDPR.

Further information can be found under the following links: https://easyguestmanagement.at/web/agb.php, https://easyguestmanagement.at/web/datenschutz.php

Legal Basis

The processing of your data for online booking and the online booking request takes place on the basis of Art. 6 Para. 1 lit. b GDPR and serves to fulfill a contract or to carry out pre-contractual measures.

Cookies

In order to make your visit to our website attractive and to enable the use of certain functions, we use so-called cookies. These are small text files that are stored on your device and store certain information for exchange with our system.

Cookie Types

First-party cookies – Necessary cookies

These are generated by our website and are necessary for the application to function properly. These cookies are also called session cookies or transient cookies and are automatically deleted after the end of the browser session, i.e. after closing the browser.

Without these cookies, the website cannot function properly.

Legal Basis

The legal basis for processing this data is Art. 6 Paragraph 1 Sentence 1 lit. f GDPR.

Third-party Cookies

These are set by various services (e.g. analysis services or Facebook) and store a unique identifier that recognizes your device the next time you visit (persistent cookies).

These cookies remain on your device for a specified period. This duration is variable.

Legal Basis

The legal basis for processing this data is Art. 6 Paragraph 1 Sentence 1 lit. a GDPR.

We would like to point out that with some providers, especially providers from the USA, there is the possibility that data will be transferred to the USA and processed by US authorities. According to current law, the USA is considered an unsafe third country with an inadequate level of data protection.

Currently, there is no adequacy decision in accordance with Art. 45 GDPR, nor can suitable guarantees be offered in accordance with Art. 46 GDPR.

Some American companies have declared that they comply with the standard contractual clauses for the transfer of personal data to third countries in accordance with Directive 2016/679 (Standard Contractual Clauses – SCC).

We would like to point out that in the event of non-compliance with the aforementioned standard contractual clauses, the legal basis is your express consent, in accordance with Art. 49 Para. 1 lit. a GDPR.

Deactivate Cookies

Please note that certain cookies are already set as soon as you enter our website.

You can set your browser so that you are informed about the setting of cookies and can decide individually whether to accept them or exclude the acceptance of cookies for certain cases, in particular cookies from third-party providers (third party cookies) or generally.

If you do not accept cookies, the functionality of our website may be limited for you.

Borlabs Cookie

This website uses Borlabs Cookie, which sets a technically necessary cookie (borlabsCookie) to store your cookie consent.

Borlabs Cookie does not process any personal data.

Your consent is stored in the borlabs-cookie cookie, which you gave when you entered the website. If you want to revoke this consent, simply delete the cookie in your browser. When you re-enter/reload the website, you will be asked for your cookie consent again.

Cookie Settings (Borlabs)

[borlabs-cookie type="btn-cookie-preference" title="Cookie settings" /]

Consent History (Borlabs)

Your Consent History:

[borlabs-cookie type="consent-history" /]

In case of queries, please contact us stating the following UID.

UID: [borlabs-cookie type="uid" /]

Cookie-List (Borlabs)

We use the following cookies:

[borlabs-cookie type="cookie-list" /]

Google Maps

In order to be able to offer you an appealing website, our website has an interface to Google Maps. In order to use Google Maps, your IP address must be stored on a Google server in the USA.

When you use Google Maps, Google Maps loads Google Webfonts for the uniform display of the position.

The recipient of the data is Google Inc., 1600 Amphitheatre Parkway Mountain View, CA 94043, USA.

This service is operated by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

We would like to point out that there is the possibility that data will be transferred to the USA and processed by US authorities. According to current law, the USA is considered an unsafe third country with an inadequate level of data protection.

Currently, there is no adequacy decision in accordance with Art. 45 GDPR.

However, Google has committed to complying with the standard contractual clauses for the transfer of personal data to third countries in accordance with Directive 2016/679 (Standard Contractual Clauses – SCC).

Further information on the standard contractual clauses can be found at
https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_de
as well as under https://policies.google.com/privacy/frameworks?hl=de

To protect your personal data, we have concluded a contract with Google for order data processing in accordance with Art. 28 GDPR and a special, supplementary addition to data processing, and have accepted the change regarding Google's terms and conditions and the changed order data processing conditions with regard to the use of the standard contractual clauses.

Further information can be found at:
https://privacy.google.com/businesses/processorterms/

Supplementary information is provided in the Google data protection declaration at https://www.google.de/intl/de/policies/privacy.

Legal Basis

The legal basis for this processing of the data is your consent in accordance with Art. 6 Para. 1 lit. a GDPR.