Data Protection
I. Name and address of the Controller
The Controller within the meaning of the General Data Protection Regulation (GDPR) is:
Kaiserstrand Tourismus GmbH & Co KG, Am Kaiserstrand 1, 6911 Lochau, Austria
Ph +43 5574 58 111
info@kaiserstrand.at
II. General information on data processing
1. Scope of personal data processing
Our processing of the personal data of our users is restricted to the data necessary for the provision of a functioning website as well as for our content and services, The personal data of our users is only processed for the purposes agreed with them or if there are other legal grounds (within the meaning of the GDPR). The collection of personal data is restricted to the data which is actually needed for the performance and execution of our tasks and services, or which you have voluntarily made available to us.
2. Your rights (rights of the data subject)
You have the right to request information about your personal data that we process. In particular, you have the right to request information about the purposes of the processing, the categories of personal data, the categories of recipients to whom the personal data has been or will be disclosed, the planned period for which the personal data will be stored, the existence of a right to rectification, erasure, restriction of or objection to processing, data portability (provided that in the event of data transfer a disproportionate amount of effort or expense is not incurred), the origin of your data if we did not collect this data, as well as information about automated decision-making including profiling.
You also have the right at any time to withdraw the consent you have given to the use of your personal data,
If you are of the opinion that we are processing your personal data in breach of the applicable provisions of data protection legislation, you may lodge a complain with the Data Protection Office.
III. Description and scope of the data processing
1. Provision of the website
Every time our website is accessed our web-server automatically captures data and information from the computer system making contact with us, and places this data in what are called “log files”. The following data is collected in this process:
- Browser type and browser version
- The operating system used
- The referrer URL
- The IP address / host name of the accessing computer
- Time of the server inquiry
We cannot match this data with specific persons. We store this information for a maximum period of 30 days. The data is stored for reasons of data security in order to ensure the stability and operational reliability of our system.
2. Cookies
We use cookies on our website to make our offering more user-friendly. Cookies are small files which your browser automatically creates and which are automatically stored on your terminal (lap top, tablet, smartphone etc.) when you visit our site. The cookies are stored until you delete them They enable us to recognize your browser the next time you visit us.
If you do not wish this to happen, you can set up your browser in such a way that it informs you when cookies are installed and you permit this installation in this particular case. However, we wish to point out that if you deactivate these cookies you will be unable to use all the functions of our website.
The legal basis for data processing by these cookies is Article 6(1), sentence 1 (f) of the GDPR.
The cookies remain active for an indefinite period and are subsequently deleted by your browser.
Our Cookies Information lists all cookies; these are sorted by function and explained in detail. You can customize your settings and thereby allow or decline only the necessary cookies or all cookies (including statistical and marketing cookies etc.)
3. Web analysis
We use Google Analytics, a web analysis service of Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94.043 USA, on our website to evaluate website use. Google Analytics uses cookies (see Section 5) which are saved on your computer.
The information on the website and Internet use obtained from the cookies can be processed and evaluated by Google. The information collected by Google is sometimes transferred to countries outside the EU and EEA, particularly to the USA. However, Google has accepted the provisions of the Privacy Shield Framework. Further information on your rights under the Privacy Shield Framework can be found at http://ec.europa.eu/justice/dataprotection/document/citizens-guide_en.pdf.
We also use “Google Signals”, in the course of which Google employs what is called “cross device tracking”. This enables the website visits of an individual visitor with a variety of terminals to be traced back to this individual visitor provided that he or she is logged into a Google service during these sessions and at the same time has also activated the option “personalized advertising” in his/her Google account settings. No personal data or user profiles are accessible to us in this process. If you do not want “Signals” to be used, you can deactivate the option “personalized advertising” in your Google account settings.
In addition, we ensure that your IP address has been anonymized before the information is passed to Google.
You can also prevent the use of Google Analytics’ cookies by selecting the button “Only necessary cookies” in the “Cookie information” pop-up that appears when you access a website, This prohibits the use of cookies by Google Analytics.
The legal basis for the use of Google Analytics is Article 6(1), sentence 1 (f) of the GDPR.
4. Web Tracking
4.1 Google Remarketing
These Internet pages use the remarketing function of Google Inc. The purpose of this function is to display advertisements related to their interests to website users within the Google promotional network. A cookie is saved in the browser of the website visitor that enables the visitor to be recognized if he/she accesses websites that form part of Google’s promotional network. Advertisements relating to content that the visitor has previously accessed on websites using Google’s remarketing function can be displayed to the visitor
According to information provided by Google, the latter collects no personal data during this process. However, if you do not wish to make use of Google’s remarketing function, you can deactivate it completely by selecting the appropriate settings at http://www.google.com/settings/ads. Alternatively you can deactivate the use of cookies for interest-related advertising via the network advertising initiative by following the instructions at networkadvertising.org/managing/opt_out.asp.
5. Forms and email contact
If you complete a contact form or send us an email or any other electronic message, your data is only saved and used within the framework of the inquiry for processing the inquiry and possible associated additional questions.
The legal basis for processing your inquiry is Article 6(1), sentence 1, (b) of the GDPR.
We will delete your email address after your inquiry has been settled.
6. Newsletter
You can register for our newsletter on our website. To complete the registration we need your email address and your statement that you agree to receiving the newsletter. In order to send you information in which you have declared an interest, we also collect and process information on your areas of interest, your name, birthday and country or region of origin you have given us voluntarily.
As soon as you have registered for the newsletter we will send you an email confirmation with a link for confirming the registration. You can cancel your registration for the newsletter at any time by using the unsubscribe link in the newsletter. We use software provided by ADDITIVE OHG, 39011 Lana (BZ), Italy ("ADDITIVE") to process your registration and send the newsletter to your email address. As a result of the use of these services and systems, your data, or at least part of it, is also processed and saved outside the EU or EEA. The appropriate level of data protection is derived from an adequacy decision of the European Commission (“Privacy Shield”) or from the processing contract that has been concluded.
7. Online vacancies and applications
You can see the vacancies in the website. These are prepared by pepper-collection GmbH, 6764 Lech, Austria and displayed on this website by the use of iFrame.
Applications should be made directly on the website of pepper-collection GmbH.
8. Use of social media plug-ins
Social media plug-ins are used but only a link to the social media pages of Facebook is created.
9. ADDITIVE+ LANDINGPAGE – Online marketing and landing pages
In addition to our website, we also operate optimized sales landing pages in the area of online hotel marketing. We use the current cloud services and CRM systems as well as software of ADDITIVE GmbH, 39011 Lana (BZ), Italy (“ADDITIVE”), thehotel marketing agency which looks after our affairs, to process your inquiry, booking, order, activation, registration or other transmission of a form on a landing page of this nature as well as to save and archive your data. The appropriate data protection level is derived for these services from the processing contract we have concluded with the relevant companies.
Our landing pages use functions of the Google Analytics web analysis service of Google Inc. (“Google”). Google Analytics makes it possible to analyze how users use the website. The information created by Google Analytics is transmitted to the provider’s servers where it is saved.
Your IP address is captured but immediately anonymized (e.g. by deleting the last 8 Bits). As a result only a rough localization is possible.
You can prevent the transmission of the data relating to your use of the online offering to Google and the processing of this data by Google by downloading and installing the browser plug-in available at the following link:
https://chrome.google.com/webstore/detail/google-analytics-opt-out/fllaojicojecljbmefodhfapmkghcbnh
ADDITIVE can view the data collected by Google Analytics. This data is not used for any purposes other than the analysis of the use of our website and the evaluation of our marketing and sales activities.
In addition, our websites and landing pages use functions of ADDITIVE for the cross-channel logging of the use of our websites as well as our marketing and sales activities such as landing pages, newsletter and social media presence. Information on your visits and the forms you sent on our websites are also transmitted to ADDITIVE in this process to assess and optimize our marketing and sales activities.
The data is processed on the basis of the statutory provisions of Article 6(1) (f) (legitimate interest) of the GDPR.
Our concern within the meaning of the GDPR (legitimate interest) is the improvement of our offering and website by analyzing the use of our website and sales and marketing activities.
Our landing pages and our website also use the remarketing functions of Google Inc. (“Google”) and Meta Platforms Inc. (“Meta”). Meta and Google are informed at this time that you have visited this website. The purpose of these functions is to present visitors of the landing pages with advertisements in the promotional networks of Google or the social media network Facebook and Instagram that relate to their interests.
The data processing in connection with these remarketing functions is undertaken on the basis of the statutory provisions of Article 6(1) (a) (consent) of the GDPR.
Your attention is drawn to the use of cookies for these remarketing functions by a banner when you visit our landing pages. You consent to their use by continuing to use the landing pages or by clicking on the appropriate button. You can withdraw your consent at any time by accessing the page with information about the cookies on the relevant landing page and declining the use of cookies in the banner that appears.
10. ADDITIVE+ MARKETING AUTOMATION – Direct marketing
We use hotel marketing automation software from ADDITIVE GmbH, 39011 Lana (BZ), Italy (“ADDITIVE”) for the field of marketing and sales automation for hotels to increase customer loyalty and for the sale of our main and supplementary services. In this procedure, data which we collect and process in connection with your inquiry, booking, order, activation, registration or other submission of a form on the website, is analyzed and used to send you automated offers for our main and supplementary services via ADDITIVE+ MARKETING AUTOMATION. The appropriate data protection level is derived at this time from the processing contract we have concluded.
You can object to the use of your data for this purpose at any time by use of the unsubscribe link in the message you receive.
The data is processed on the basis of the statutory provisions of Article 6(1) (f) (legitimate interest) of the GDPR.
Our intention within the meaning of the GDPR (legitimate interest) is the avoidance of disadvantages compared with our competitors, the improvement of our brand awareness and the maximization of our economic success by the best possible commercial use of the contacts we have made.
11. ADDITIVE+ VOUCHERS
You can use our website to purchase vouchers by use of an online voucher system. To process your purchase and to save and archive your data in connection with voucher marketing tourism, we use the voucher software of ADDITIVE GmbH, 39011 Lana (BZ), Italy (“ADDITIVE”). Your data is processed and saved in the EU and EEA.
The data you provide is needed for the performance of the contract or the pre-contractual activities. We cannot conclude the contract with you without this data, Data is not sent to third parties with the exception of the transmission of credit card data to the payment service-provider processing the payment for the purpose of debiting the purchase price, and the transmission of data to our tax consultant for the purpose of complying with our obligations under tax law.
The data is processed on the basis of the statutory provisions of Article 6(1) (a) (consent) and/or Letter (b) (necessary for contract performance) of the GDPR.
IV. Data security
1. SSL encryption
During a visit to the website we use the widespread TSL process in conjunction with the highest encryption level supported by your browser. You can see whether the specific page of our website is being transmitted in an encrypted form by the closed representation of the key or lock symbol in your browser’s address bar.
We also use further appropriate technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or unauthorized third party access. Our security measures are continuously updated as technology progresses.
2. Emails sent to us
We wish to make you aware that, subject to an explicit agreement and configuration, emails are sent to us in an unencrypted form.