Privacy policy
in accordance with Article 13 GDPR
Thank you for your interest in our website. The trust of all visitors and customers, the security of your data and the protection of your privacy are of central importance to us.
Your personal data will therefore be treated by us in accordance with the applicable statutory data protection regulations and this privacy policy. Personal data is information that can be used to determine your identity. Typical personal data includes your surname, first name, address, telephone number, IP address, cookies and e-mail address.
When you view and use our website or otherwise expressly transmit information to us, we process the data that is automatically transmitted to us with each request from your browser (see the “Log data” section). If you voluntarily transmit personal data to us, the processing is exclusively earmarked to the request or the respective order. We would like to point out that data transmission on the Internet can never be completely protected against access by third parties.
In the following sections, we would like to explain to you in more detail what data we process, when and for what purpose. It explains how our services work and how the protection of your personal data is guaranteed.
Name and address of the person(s) responsible:
The controller within the meaning of the EU General Data Protection Regulation and other data protection regulations is
Mario Manzl e.U.
Römerstraße 16
A-6056 Thaur
Legal basis for the processing of personal data
As a provider, we may only process the personal data of website visitors if one of the following conditions exists as a legal basis:
Insofar as we obtain the consent of the data subject for the processing of personal data, Art. 6 para. 1 lit. a GDPR serves as the legal basis.
Art. 6 para. 1 lit. b GDPR serves as the legal basis for the processing of personal data required for the performance of a contract to which the data subject is a party. This also applies to processing operations that are necessary for the performance of pre-contractual measures.
Insofar as the processing of personal data is necessary to fulfill a legal obligation to which our company is subject, Art. 6 para. 1 lit. c GDPR serves as the legal basis.
In the event that vital interests of the data subject or another natural person require the processing of personal data, Art. 6 para. 1 lit. d GDPR serves as the legal basis.
If processing is necessary to safeguard a legitimate interest of our company or a third party and if the interests, fundamental rights and freedoms of the data subject do not outweigh the former interest, Art. 6 para. 1 lit. f GDPR serves as the legal basis for data processing.
Data erasure and storage duration
The personal data of the data subject will be deleted as soon as the purpose of storage no longer applies.
Data may also be stored if this is provided for by European or national laws or other regulations to which the controller is subject.
The data will also be blocked or deleted if a storage period prescribed by the aforementioned regulations expires, unless there is a need for further storage of the data for the conclusion or fulfillment of a contract.
Contact us
When you contact us (e.g. by contact form, email, telephone or via social media), your details will be processed to process the contact request and its handling in accordance with Art. 6 para. 1 lit. b) GDPR (so-called pre-contractual measure).
We delete the requests if they are no longer required. We review this necessity every two years. Furthermore, the statutory archiving obligations apply.
Legal basis
The legal basis for the processing of this data is so-called pre-contractual measures pursuant to Art. 6 para. 1 lit. b GDPR
Protocol data
The provider of the Internet services (provider) automatically collects “log data” in server log files.
The log data includes the following information:
- Date and time of the respective request
- Internet address (URL) that was requested
- URL that the visitor visited immediately before (referrer)
- Browser and language used
- Operating system used
- IP address and host name of the visitor
- Access status / http status code
- Amount of data transferred in each case
The transmission of this data to us is automatic and this data cannot be assigned to your person with reasonable effort.
Legal basis
The legal basis for the processing of this data is our legitimate interest in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR.
Logging is used for access control and monitoring of technical processes and their optimization.
The data will not be passed on to third parties, except to law enforcement authorities by court order.
The data will be deleted as soon as it is no longer required for the purpose for which it was collected or after the legally prescribed deletion period has expired.
Consequently, there is no possibility for the user to object.
Your rights
You have a right to free information about the personal data we have stored about you and, if applicable, a right to rectification, restriction of processing or erasure of this data. You also have the right to data portability. Finally, you also have the right to complain to the data protection supervisory authority about the processing of your personal data by us.
Right of objection
We would also like to point out that you can object to the future processing of your personal data at any time in accordance with the legal requirements pursuant to Art. 21 GDPR. In particular, you may object to processing for direct marketing purposes.
Right to information
If you have any questions regarding the collection, processing or use of your personal data, for information, for the correction, blocking or deletion of data as well as for the revocation of any consent given or for objection to a specific use of data, please contact us using the following e-mail address:
c.manzl@alpe-chalets.at
Encryption through SSL / TLS
For security reasons, our website uses SSL or TLS encryption. This ensures that transmitted data is protected and cannot be read by third parties. You can recognize successful encryption by the fact that the protocol name in the status bar of the browser changes from “http://” to “https://” and that a closed lock symbol is visible there.
Linking
This website may contain links to websites operated by other companies, including, for example, websites of social media channels.
If you follow such links, you may encounter cookies that are not under our control. We cannot accept any liability for this and we refer you to the data protection provisions or cookie guidelines of the respective websites.
Web hosting via all-inkl
We use the services of ALL-INKL.COM – Neue Medien Münnich, Hauptstraße 68, D-02742 Friedersdorf for web hosting for our websites and have concluded an order processing contract with all-inkl.com in accordance with Art. 28 GDPR.
Further information can be found in all-inkl’s privacy policy at https://all-inkl.com/datenschutzinformationen.
Legal basis
The legal basis for processing this data is our legitimate interest in operating and maintaining the operational security of this website in accordance with Art. 6(1)(f) GDPR.
Google Web Fonts
We use Google Web Fonts. All fonts are loaded locally.
When using Google Web Fonts, no personal data is forwarded to third parties.
Booking system
We use products from IMS Media GmbH to make the inquiry and booking process as convenient and efficient as possible for you
by Gerhard Frank, Hagedornweg 73a 1220 Vienna Austria.
If you make a booking inquiry or online booking via our website, the following personal data will be transmitted to us.
- Number of adults
- Number of children
- Arrival and departure dates
- First name, last name
- Phone number
- E-mail address
- Address
The data you transmit to us will remain with us until the purpose for data storage no longer applies (e.g. after your request has been processed).
Mandatory statutory provisions – in particular statutory retention periods – remain unaffected.
To protect your data, we have concluded an order processing contract with IMS Media GmbH in accordance with Art. 28 GDPR.
Further information can be found at the following links: https://www.my-bookings.org/agb/ and https://www.my-bookings.org/datenschutzerklaerung/
Legal basis
The processing of your data for the online booking and the online booking request is based on Art. 6 para. 1 lit. b GDPR and serves the fulfillment of a contract or the implementation of pre-contractual measures.
Cookies
In order to make your visit to our website attractive and to enable the use of certain functions, we use so-called cookies. These are small text files that are stored on your end device and store certain information for exchange with our system.
Cookie types
First-party cookies – Necessary cookies
These are generated by our website and are necessary for the error-free operation of the application. These cookies are also known as session cookies or transient cookies and are automatically deleted at the end of the browser session, i.e. when the browser is closed.
Without these cookies, error-free operation of the website cannot be guaranteed.
Legal basis
The legal basis for the processing of this data is Art. 6 para. 1 sentence 1 lit. f GDPR.
Cookies from third-party providers
These are set by various services (e.g. analysis services or Facebook) and store a unique identifier that recognizes your end device the next time you visit (persistent cookies).
These cookies remain on your end device for a specified period of time. This duration is variable.
Legal basis
The legal basis for the processing of this data is Art. 6 para. 1 sentence 1 lit. a GDPR.
We would like to point out that with some providers, especially providers from the USA, there is a possibility that data will be transferred to the USA and processed by US authorities. According to the current legal situation, the USA is considered an unsafe third country with an inadequate level of data protection.
There is currently no adequacy decision pursuant to Art. 45 GDPR, nor can suitable guarantees be offered pursuant to Art. 46 GDPR.
Some American companies have agreed to comply with the standard contractual clauses for the transfer of personal data to third countries in accordance with Directive 2016/679 (Standard Contractual Clauses – SCC).
We would like to point out that in the event of non-compliance with the aforementioned standard contractual clauses, the legal basis is your express consent in accordance with Art. 49 para. 1 lit. a GDPR.
Deactivate cookies
Please note that certain cookies are already set as soon as you enter our website.
You can set your browser so that you are informed about the setting of cookies and can decide individually whether to accept them or to exclude the acceptance of cookies for certain cases, in particular cookies from third-party providers (third-party cookies) or in general.
If you do not accept cookies, the functionality of our website may be restricted for you.
Borlabs Cookie
This website uses Borlabs Cookie, which sets a technically necessary cookie (borlabsCookie) to store your cookie consent.
Borlabs Cookie does not process any personal data.
The borlabs cookie stores the consent you gave when you entered the website. If you wish to revoke this consent, simply delete the cookie in your browser. When you re-enter/reload the website, you will be asked for your cookie consent again.
Cookie settings (borlabs)
[borlabs-cookie type=”btn-cookie-preference” title=”Cookie settings” /]
Consent history (borlabs)
Your consent history:
[borlabs-cookie type=”consent-history” /]
If you have any questions, please contact us using the following UID.
UID: [borlabs-cookie type=”uid” /]
Cookie list (borlabs)
We use the following cookies:
[borlabs-cookie type=”cookie-list” /]
Google Maps
In order to offer you an appealing internet presence, our website has an interface to Google Maps. In order to use Google Maps, your IP address must be stored on a Google server in the USA.
If you use Google Maps, Google Maps loads Google web fonts for the uniform display of the position.
The recipient of the data is Google Inc., 1600 Amphitheatre Parkway Mountain View, CA 94043, USA.
This service is operated by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
We would like to point out that there is a possibility that data may be transferred to the USA and processed by US authorities. According to the current legal situation, the USA is considered an unsafe third country with an inadequate level of data protection.
There is currently no adequacy decision pursuant to Art. 45 GDPR.
However, Google has undertaken to comply with the standard contractual clauses for the transfer of personal data to third countries in accordance with Directive 2016/679 (Standard Contractual Clauses – SCC).
You can find more information on the standard contractual clauses at
https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_de
and at https://policies.google.com/privacy/frameworks?hl=de
To protect your personal data, we have concluded a contract for commissioned data processing in accordance with Art. 28 GDPR and a special, supplementary addendum to data processing with Google, as well as accepting the amendment to Google’s General Terms and Conditions and the amended commissioned data processing conditions with regard to the use of the standard contractual clauses.
Further information can be found at:
https://privacy.google.com/businesses/processorterms/
Additional information is provided in the Google Privacy Policy at https://www.google.de/intl/de/policies/privacy.
Legal basis
The legal basis for this data processing is your consent pursuant to Art. 6 para. 1 lit. a GDPR.
