Legal information about Google and Facebook
We would like to take this opportunity to inform you about the manner in which we process your data in accordance with the General Data Protection Regulation (GDPR), the German Data Protection Act (Datenschutzgesetz; DSG) and the German Telecommunications Act (Telekommunikationsgesetz; TKG).
We process your personal data in cooperation with MP Consulting GmbH, FN 244397h, Brixentaler Strasse 3, 6361 Hopfgarten im Brixental, Austria, as joint controllers in accordance with Art. 26 GDPR. Please do not hesitate to contact us should you require any further information. Our contact details are stated at the end of this Data Protection Declaration.
1. Personal Data
Personal data includes all data containing information about your personal or factual circumstances, such as name, address, e-mail address, phone number, date of birth, age, gender, social insurance number, video recordings, photos, etc.
We collect, process and use your personal data only if required for the fulfilment of an agreement or if required to do so by law or you have provided us with this data on a voluntary basis. We obtain your consent for any data processing activities which exceed this scope. We may also process your data without your consent if our justified interests outweigh your right to data protection.
We usually collect the data directly from you. However, during the conclusion of an agreement, we may sometimes collect your data from third parties, such as when selling vouchers, ordering other services for you from third parties, placing bookings through tour operators, booking platforms, etc.
We use any health data provided by you during the booking process, such as allergies, disabled access needs, etc., to tailor our offer to meet your requirements. The health data entered by you is used exclusively for the contractual fulfilment and is never transferred to third parties. Your health data is only processed if you have given your explicit consent for us to do so in the accommodation agreement. We implement adequate and effective data protection measures to secure your health data.
We shall use the data provided to us primarily for the fulfilment and negotiation of agreements, compliance with legal obligations, etc.
Please notify us should your personal data change.
We would herewith like to inform you that the provision of your personal data is required by law in certain cases (e.g. tax regulations) or may result from contractual provisions (e.g. information about the contracting partner). Failure to provide the personal data may result in us being unable to conclude the agreement.
2. Your rights
You are entitled to obtain information about your personal data that has been stored and also to request the correction, data transfer, limitation of the processing activities, and blocking or deletion of, and you also have the right to object to, data that has been incorrectly or impermissibly processed. You may withdraw your consent at any time.
If you are of the opinion that the processing of your personal data by us contravenes the applicable data protection laws, you have the option to complain to the relevant supervisory authorities. The Data Protection Agency (Datenschutzbehörde) is the responsible instance in Austria. In Bavaria, complaints can be submitted to the Bavarian Data Protection Authority (email@example.com).
3. Data security
We implement organisational and technical measures to protect your personal data. These measures primarily relate to the protection of unauthorised, illegal and also accidental access, loss, processing, use and manipulation.
Please note that we shall not assume any form of liability whatsoever for the disclosure of information caused by data transmission errors and/or unauthorised third-party access outside our scope of control.
4. Data transfer to third parties
We may have to transfer your data to order processors or other recipients, such as primarily government agencies, to meet our contractual, statutory and reporting obligations. Order processors process your personal data as instructed and only within the scope required for the fulfilment of this task. Our order processors include tax advisors, lawyers, auditors, external service providers, etc.
Based on our justified interests (i.e. interest in analysing, optimising and professionally operating our website within the meaning of Art. 6 (1) lit. f. GDPR), our website therefore contains third-party contents and services in order to include such contents and services.
This requires for the third-party provider to receive your IP address as without it the contents cannot be sent to your browser. The IP address is required for displaying these contents. Third-party providers may also use web beacons for statistical and marketing purposes. Web beacons can be used for analysing information, such as the traffic to this website. A cookie may also be placed for this purpose, which contains technical information on the browser and operating system, referrer URL, time of visit and further information on the use of our website. Below is an overview of the third-party providers used by us:
- Social Media Stream of Juicer, 1515 7th street, #424, Santa Monica, CA, 90401, USA. For further information go to: https://www.juicer.io/privacy.
- If you book a hotel stay through the HolidayCheck booking platform, the data entered by you is transferred to HolidayCheck AG, Bahnweg 8, 8598 Bottighofen, Switzerland. For further information go to: https://www.holidaycheck.de/datenschutz.
- If you make your booking through the TripAdvisor booking platform, the data provided by you is transferred to TripAdvisor LLC, 400 1st Avenue, Needham, MA 02494, USA. For further information go to: https://tripadvisor.mediaroom.com/AT-privacy-policy.
- If you use the booking service on our Seepark Hotel website by WorldHotels, the data provided by you is transferred to WorldHotels AG, HRB 73339, Unterschweinstiege 2-14, 60549 Frankfurt am Main, Germany. For further information go to: https://www.worldhotels.com/de/ datenschutzrichtlinien.
If you have further given your explicit consent, your data is transferred to the advertising partners listed in the declaration of consent and used by them for sending advertising, satisfaction surveys and customer retention programmes, etc. We only transfer your data to other recipients if you have given us or the recipient consent to transfer the data, the data transfer is required for concluding the agreement or contractual fulfilment, or we are legally obliged to transfer the data.
However, we only transfer your personal data to recipients within the European Union or countries which the EU Commission has deemed to have an adequate data protection level. Insofar as this does not apply, we issue suitable guarantees to ensure that the recipient complies with the General Data Protection Regulation.
Google Analytics, TripAdvisor and Instagram transfer personal data and information to providers in the USA. This personal data is stored and processed in the USA. This data may be transferred to third parties.
HolidayCheck transfers personal data and information to the provider in Switzerland. This personal data is stored and processed in Switzerland. This data may be transferred to third parties. The data transfer is permissible in accordance with the adequacy decision (2000/518/EC).
5. Data storage
a.) Storage in compliance with contractual and legal obligations:
We store your data for as long as required for fulfilling our contractual and legal obligations. We are obliged, for instance, to store our accounting documentation for a period of seven years from the end of the calendar year to which they refer.
When storing your data, we shall ensure that it is only used to the extent required for the above purposes.
b.) Storage based on your consent:
If you have given us your consent, we shall store your data for as long as has been agreed in your declaration of consent or other form of consent, such as within the scope of an agreement concluded with you. This affects, for instance, the health data disclosed by you about facts such as allergies or need for disabled access.
c.) Storage based on justified interests:
We shall also store your data for as long as required to defend compensation and other claims within the scope of the legal statutes of limitation. In accordance with Austrian law, this period is always three years from uncovering a defect or liable party.
We store booking enquiries which did not result in the conclusion of an agreement for a period of 24 months for internal analysis purposes, such as the analysis of our contents.
We store job application documents for a period of 12 months.
d.) Obligations to delete data in accordance with the right to deletion:
The above paragraphs do not affect our obligations to delete the data should you exercise your right to deletion in accordance with Art. 17 GDPR.
6. Collection of general data and information
Our website collects a number of general data and information every time you access it. The browser, operating system, previous website visited by you, date and time, IP address, internet service provider and other similar data and information may be collected. We use this data to maintain the website and protect it against cyber attacks. The use of this data does not give any inference to personal data.
The anonymous server logfile data is stored separately from all other personal data.
If you wish to prevent these cookies from being stored on your computer, you can adjust your browser settings so that you receive information every time a cookie is stored and you can choose to permit it on an individual basis. If the cookies used by us require consent, we will obtain this from you in advance. Deactivating cookies may limit the functionality of our website.
The plug-in is provided by Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.
Each time a web page containing the Facebook plug-in is accessed, the browser is automatically triggered to download an image of the plug-in from Facebook. During this technical process, Facebook obtains knowledge of the specific sub-page visited on our website. If you are logged into Facebook at the same time, Facebook recognises which specific sub-page has been visited. This information is collected and allocated to the respective Facebook account by Facebook without you having to click on the plug-in.
If you wish to prevent such data transfer to Facebook, you can do so by logging out of your Facebook account.
For further information go to: https://de-de.facebook.com/privacy/explanation. Please contact us for further information if you wish to object to this Data Protection Declaration.
The plug-in provider is Instagram LLC., 1601 Willow Road, Menlo Park, CA 94025, USA.
Each time a web page containing the Instagram plug-in is accessed, the browser is automatically triggered to download an image of the plug-in from Instagram. During this technical process, Instagram obtains knowledge of the specific sub-page visited on our website. If you are logged into Instagram at the same time, Instagram recognises which specific sub-page has been visited. This information is collected and allocated to the respective Instagram account by Instagram without you having to click on the plug-in.
For further information go to: https://help.instagram.com/155833707900388/. Please contact us for further information if you wish to object to this Data Protection Declaration.
10. Google Analytics
The provider is Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA. Google Analytics is a service for collecting, storing and analysing data on the conduct of website visitors. Google uses the collected data and information for activities such as analysing the use of our website and providing other services relating to the use of our website.
Google Analytics installs a cookie. This enables Google Analytics to analyse the use of our website. This cookie triggers the browser into sending data to Google for the purpose of online analysis. As part of this technical process, Google obtains knowledge about personal data, such as the IP address of the affected person, which Google uses for activities such as tracing the origin of the visitors and clicks. This data is subsequently used for invoicing commission payments.
We use the extension "_gat._anonymizeIp” for web analyses via Google Analytics. With this extension, Google abbreviates and anonymises the IP address.
For further information go to: https://www.google.com/intl/de_de/analytics/ and https://www.google.de/intl/de/policies/privacy/. Please contact us for further information if you wish to object to this Data Protection Declaration.
We only mail the Newsletter to you with your consent or if permitted to do so by law. The data is used for sending advertising. The data is deleted as soon as you withdraw your consent to send the Newsletter.
To send you the Newsletter, we require your confirmation that you are the owner of the e-mail address (so-called double opt-in). This confirmation is required to ensure that you actually registered to receive the Newsletter. The Newsletter registrations are logged to provide evidence of the registration process. This process includes the storage of the registration and confirmation time and date as well as the IP address. Changes to your data stored with the service provider sending the Newsletter are also logged. You can cancel your subscription at any time by using the unsubscribe option provided in the Newsletter.
The data is transferred to ONELOGIN Business & Technology Consulting GmbH, FN 217969v, Universitätsstrasse 92, 9020 Klagenfurt, Austria, our dispatcher. You can read this company’s data protection policy at www.onelogin.at. The dispatcher does not transfer your data to third parties.
The engagement of the dispatcher and analyses are based on our justified interest in accordance with Art. 6 (1) lit. f GDPR to create a user-friendly and secure Newsletter system.
When accessing the Newsletter, a web beacon collects technical information, such as information on your browser and system, as well as your IP address and time of access. This information is used for technical service improvements based on the technical data, target groups and reader habits, or access times. The statistical data collected also includes information on if and when the Newsletters have been opened and which links have been clicked. This information can be allocated to individual Newsletter recipients for technical reasons.
MP Seepark Hotel GmbH
FN 392282 k
9020 Klagenfurt am Wörthersee
+43 463 204499
Klagenfurt am Wörthersee, 30. Mai 2018