Privacy Policy Long form:

Contact

When you contact us, we assume that we are allowed to automatically process and store the data you have transmitted (including personal data) and use it for our business purposes. We also assume that we may contact you by phone or e-mail for any further queries regarding your reservation or similar.

Legal Basics

We process your data exclusively on the basis of the current valid legal regulations (GDPR and TKG 2003). Principally, we store or process personal data for the sole purpose of answering inquiries or reservations or orders and only for as long as it is absolutely necessary.
You may at any time request the disclosure of the stored data concerning yourself, an update of your data or the deletion of all your data. We try to answer all inquiries in this regard as soon as possible, however, under certain circumstances an answer may not be given until a few working days later. In principle, all data is completely deleted after a maximum of one week in order to keep the amount of data collected and our efforts as low as possible.

E-Mail

If you contact us by e-mail or telephone, the data you provide will be stored by us for the purpose of processing the request and in case of follow-up questions. We do not pass this data on to third parties; only our web host NMM, who also manages our mail server, may have access to certain data, but will not misuse it according to our valid order data processing contract. Furthermore, NMM uses SSL encryption to ensure that the hosted data is stored in the most secure way. However, it should be noted that your emails may be transmitted unencrypted if for example your mail server used does not support encryption. In this case, a spy out and/or misuse of data cannot be ruled out.

Website

Cookies

This website does NOT use so-called cookies, i.e. files that are stored on your end device that recognize you when you re-visit the website or record your behaviour during the website visit. Only session cookies, i.e. system-related cookies, are used, which are usually automatically removed when the browser is closed, but are automatically deleted at latest when the browser history is deleted. Session cookies do not record any personal data, but are essential for the well-functioning access and structure of the website.

Tracking and Analytics Tools

This website does NOT use any programs that record or analyse in any way personal data and/or the behaviour (duration of website visit, country or location of website accessor, time of website access, etc.) of the website visitor, as it would be the case for example with Google Analytics.

Access data and server log files

Our web host NMM automatically collects data about access to our website (so-called server log files). This data includes: name of the pages accessed, date and time of access, data amounts transferred, notifications about successful access, browser type and version, your operating system and the requesting provider. This log data is only used for statistical evaluations for the purpose of operation and security of the hoster's services and cannot be processed by us.
In order to comply with the GDPR, IP addresses are not evaluated and displayed in the access statistics. Log files are stored for seven days. After these seven days, however, these log data are automatically deleted. In order to collect the data just mentioned, cookies may be used, which enable the analysis of the use of the website. The information generated is normally stored exclusively on the servers of NMM.
You can prevent this by setting up your browser so that no cookies are saved. We have also concluded a corresponding contract for order data processing with NMM, which ensures that the host acts on the basis of the GDPR as well and complies with all guidelines in this regard.

Retention periods

IMPORTANT: The duration of data storage or processing is also determined by laws and retention periods, e.g. g. financial law, tax law, etc. – it is therefore not always possible to immediately delete all of your data before the expiry of certain deadlines, even if you wish to do so.
If it is required to pass on certain personal data (e.g. billing address or e-mail address for the delivery of invoices) to authorised third parties (accounting, tax consultants, tax office etc.) or to entrust authorised third parties (web hosts, email providers etc .) with the storage of personal data, there are order data processing contracts in place with the respective institutions.
These order data processing contracts ensure that authorised third parties also comply with the applicable data protection regulations, handle all personal data provided with care and do not misuse it. Retention periods or legal regulations may also apply here, which make the processing/storage of personal data or the minimum duration of this processing/storage necessary in the first place.

You can request the information, correction, deletion, restriction, data transferability, revocation and objection regarding your data, insofar as there is no legal obligation to retain it.
If you believe that the processing of your data violates the data protection law or your data protection rights have been violated in any other way, you can complain to the supervisory authority. In Austria, this is the data protection authority.