Safety comes first

Data protection Hotel Kaiser

Name: Hotel Kaiser
Address: Dorf 11, Scheffau, Tirol, 6351, Österreich
Telephone: +4353588000

Responsible party for data protection is :

Hotel Kaiser in Tirol GmbH & Co. KG
Barbara Winkler
Dorf 11
6351 Scheffau am Wilden Kaiser
Austria

Telephone: +43 (0) 5358 44300
Telefax: +43 (0)5358 8000 340
E-Mail: welcome@hotelkaiser.at
Internet: www.hotelkaiser.at
Facebook: www.facebook.com/HotelKaiserInTirol

DataSecurity Officer GDPR: welcome@hotelkaiser.at

Data collection upon visiting our website
Upon visiting our website we regularly collect data from your browser which is automatically transferred to our web server (server log files), including your IP address, URLs of the websites which you used to get to our website, the browser used, browser language, the operating system and surfaces used, the access device, with which services are being used, date and time of access, the pages called up on our website and the time you spend on our website. Legal basis for the processing of this data is our legitimate interest, as per Art. 6 Para. 1f GDPR, and subsequently ensues for the purposes listed. We use this information to enable the accessing and visiting of the website, to continue to technically improve websites and offers and continue to adapt to suit the needs of our users, carry out internal quality checks, to determine, intercept and prevent any errors, problems and any possible misuse. Data will be stored for one year and then automatically deleted.

Cookies, web beacons and similar processes
Like almost all service providers, we use cookies, web beacons and similar processes when you visit our websites or make use of our offers.
Cookies are small text files that are stored on your computer browser or mobile device and make it possible for your computer or device to be recognised, where applicable via other websites. Cookies do not contain any personal details. Some of the cookies used by use will be deleted again at the end of your browser session, that is when you close your browser (these are known as session cookies). Other cookies stay on your end device and enable us or our partner businesses to recognise your browser when you next visit (persistent cookies).
You can prevent the use of cookies by making the relevant setting in your browser software. Although it may well be that only certain areas of the website or offers will not work as intended.
Web beacons are little graphics files (‘Pixels’) that can be integrated in our website and can be used to collect details on user behaviour. Similar processes include flash cookies, HTML5 cookies or other local (browser and device) storage procedures, where – much like cookies – data can be stored in your browser and end device so your browser or device can be recognised when you next visit or during a session.
The use of cookies and similar processes enables us to gather information about the user, to make it easier and more convenient to use the website and enable specific offers.
We use cookies for the following purposes: Booking function, log-in/customer areas etc.
Service providers we employ for web analysis, re targeting and conversion tracking and were necessary cookies (see below).

Contact form
When you get in touch with us via the options offered, some of your personal details are gathered, including your name, address, contact and communication details, such as telephone number and e-mail address, so these can be used to process and respond to your enquiry and also to deal with any follow-up questions. Data processing is effected as per Art. 6 Para. 1b GDPR. Personal details that are processed by us in the context of a general contact request via e-mail, or via the contact form, are only stored for as long as any respective correspondence is necessary, and as a general rule for a period of one year after your enquiry has been dealt with.

Direct booking option and booking enquiry on the hotel website
Personal details that we ask for in connection with a room booking will only be stored for as long as is necessary to process the contract and for any subsequent contract related correspondence (generally for a year) and, in the case of trade and/or fiscally relevant documents that contain personal details, these will be retained for the length of time prescribed by the commercial code and fiscal code (generally 6 to 10 years). Legal basis for the processing of personal details connected with booking a room: Personal details that are processed in connection with a room booking are necessary to fulfil the relevant contract, Article 6 Para. 1b GDPR. We process booking details as per Art. 6 Para. 1f GDPR based on our legitimate interest in fraud prevention, to carry our our legal claims, for the purposes of accounting and risk management. As per Art. 6 Para. 1c GDPR to fulfil legal duties, e.g. To comply with trade and fiscal retention requirements or fulfil obligations to hand over data based on a legal decision or official directive.

Direct booking option on the hotel website, linked with direct advertising via the Newsletter:
If you have registered for our newsletter, you will regularly receive a newsletter and marketing e-mails from us, which provide information about offers and the latest news. Legal basis in this instance is your consent as per Art. 6 Para. 1a GDPR. We will also use the e-mail address you provided when making the booking for the purpose of direct advertising of similar offers, in so far as this use has not been objected to. In this case legal basis is our legitimate interest in direct advertising as per Art. 6 Para. 1f GDPR.
You can your consent to receive such e-mails at any time, free of charge, and reject receipt of other such e-mails, for instance via the unsubscription link in our e-mails. Your e-mail address will only be stored for the newsletter, so long as its use has not been rescinded.

Use of Google Analytics
This website uses Google Analytics, a web analysis service from Google IncLLC. (following: Google). Legal basis is our legitimate interest as per Art. 6 Para.1f GDPR for analysis and assessment of the use of our website.
Google Analytics uses so-called ‘cookies’, that is, text files that are stored on your computer and enable an analysis of the use of the website by you to be effected. The information generated by the cookie about your use of this website will generally be transferred to a Google server in the USA and stored there. Due to the activation of IP anonymisation on these websites, your IP address will be truncated beforehand by Google within member states of the European Union or in other states party to the agreement on the European Economic Area. Only in exceptional cases will the full IP address be transferred to a Google server in the USA and truncated there. On behalf of the operator of this website, Google will use this information to assess your use of the website, to compile reports about website activities and provide you with additional information about services connected with your use of the website and the Internet. The IP address transferred as part of Google Analytics from your browser will not be associated with any other data held by Google.
You can prevent the storage of cookies via the relevant setting on your browser software; we would however point out that in this case, not all of the functions of the website will be able to be used in full. You can also prevent the collection of data (incl. your IP address) collated by the cookie and about your use of the website being processed by Google by downloading and installing the following link for the browser plug-in: The current link is http://tools.google.com/dlpage/gaoptout?hl=de
Additionally, or as an alternative to the browser add-on, you can prevent tracking by Google Analytics on our site.

Deactivating Google Analytics
For this an opt-out cookie will be installed on your device. This will prevent any collection via Google Analytics for this website and this browser in the future, as long as the cookie remains installed on your browser.
Personal data collected by Google with cookies, user ID or advertising ID (e.g. DoubleClick cookies, Android Advertising ID, Apple advertising ID) will automatically be deleted after 14 months.
Google also processes your personal data in the USA and is subject to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.

Use of Google web fonts
For the purpose of needs-based design and optimisation of our site we use external integrated fonts via Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043 USA (‘Google’), based on Art. 6 Para. 1f GDPR. For this, your internet browser automatically links to the Google servers, with the above-mentioned data being transferred to Google from your browser. If you have a user account with Google and are logged in to Google, Google may be able to attribute these details to your account. We have no influence on this data transfer and any further processing by Google
Additional information for the purpose and the scope of data collection and its use by Google, regarding your rights and the setting options available to protect your privacy can be found here: https://www.google.de/intl/de/policies/privacy. Google also processes your personal details in the USA and is subject to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework

Use of Google Maps
For the purpose of the needs-based design of our website, as per Art. 6 Para. 1f GDPR, we have placed the component ‘Google Maps’ on our site that is made available by Google.
For each individual request via the component ‘Google Maps’, Google sets a cookie, to process user settings and data on the adverts of the page in which the component ‘Google Maps’ has been integrated. Generally this cookie will not be deleted when you close your browser, but will expire after a set time, unless you delete it manually beforehand.
Upon visiting the website, Google receives information that the respective subpages of our website have been called up. The above-mentioned data will also be transferred from your browser to Google. This happens irrespective of whether you have a user account with Google, which you are logged in to, or whether you do not have a user account. If you are logged in to Google, the details will be directly attributed to your account. If you do not want Google to attribute this information to your profile, you have to log out before activating the button. Google saves your details as a user profile and uses this for the purposes of advertising, market research and/or the needs-based design of its website. Any such assessment is carried out on particular (even for users that are not logged in) to provide needs-based advertising and to provide information to other users of the social network about your activities on our website. You have the right to appeal against the creation of this user profile, where you must contact Google.
Other information regarding the purpose and extent of data collection and its processing by Google, about your rights and the setting options available to protect your privacy can be found here: https://www.google.de/intl/de/policies/privacy. Google also processes your personal details in the USA and is subject to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.

Imbedded YouTube -videos
This website integrates a ‘YouTube plug-in’ in its information offer. This YouTube software uses cookies for data collection and statistical data analysis. YouTube uses cookies in particular to compile reliable video statistics, prevent fraud and enhance user-friendliness. The operator of this website receives statistical values via YouTube cookies with regard to the retrieval of individual videos embedded in the website, without any reference to the respective user. Legal basis for the use of YouTube plug-ins is as per Art. 6 Para. 1f GDPR of our legitimate interest in provided an interesting and needs-based design for our website.
We use embedded YouTube videos in extended data protection mode. That is, no data about you as a user will be transferred to YouTube if you do not play the videos. It is only when you play videos that the data mentioned is transferred. We have no influence on the transfer of this data.
By playing a video, YouTube receives the information that you have called up the respective subpage on our website. The files mentioned under ‘Server Logfiles’ above will also be transferred. This happens irrespective of whether or not you have a YouTube, which you are logged in to, or whether you do not have a user account. If you are logged in to Google, the details will be directly attributed to your account. If you do not want this to be allocated to your YouTube profile, you must log out before activating the button. YouTube stores your details as your user profile, using it for the purposes of advertising, market research and/or the needs-based design of its website. Any such assessment is carried out (even for users who are not logged in) to provide needs-based advertising and to provide information to other users about your activities on our website. You have the right to object to the formation of this user profile, whereby you must contact YouTube to do so.
Additional information regarding the purpose and scope of data collection and processing by
YouTube is available in the data protection statement. You will also get additional information there regarding your rights and the settings options to protect your privacy: https://www.google.de/intl/de/policies/privacy. Google also processes your personal details in the USA and is subject to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework

Social Plug-ins
On our website we use sharing functions with the following Social Media service providers:

Facebook: Facebook Inc., 1601 S California Ave, Palo Alto, California 94304, USA, http://de-de.facebook.com/about/privacy/
Furtherinformation about data collection: http://www.facebook.com/about/privacy/your-info-on-other#applications and http://www.facebook.com/about/privacy/your-info#everyoneinfo.
Facebook is subject to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework
Google+: Google LLC, 1600 Amphitheater Parkway, Mountainview, California 94043, USA, https://www.google.com/policies/privacy/partners/?hl=de Google is subject to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework
Instagram: Instagram LLC., 1601 Willow Road, Menlo Park, CA 94025, USA
https://help.instagram.com/155833707900388/
Instagram is subject to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework

Pinterest Inc., 808 Brannan Street, San Francisco, CA 94103, USA („Pinterest“) https://developers.pinterest.com/docs/getting-started/introduction/

Pinterest is subject to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework

Via plug-ins we offer you the option to interact with social networks and other users, so we can make our offer more interesting for you as a user. Legal basis for the use of plug-ins is Art. 6 Para. 1f GDPR.

We use the so-called two click solution for this. That is, when you visit our site, no personal details are initially forwarded to the plug-in service provider. You can recognise the service provider of the plug-in via the branding on the box above its initials, or the logo. We open up the opportunity for you to communicate direct with the service provider of the plug-in via the button. Only when you click on the marked field, thereby activating it, does the plug-in provider receive information that you have called up the respective website in our online offer. In addition, the log data stated above in this statement will be transferred. This includes:

– Address of the website which contained the activated link,
– date and time the website was called up and the link activated,
– information regarding the browser used and the operating system used,
– IP address.

By activating the plug-in, your personal data will be transferred to the respective plug-in provider and stored there (in the USA if they are US-American suppliers).

If you are registered with and logged in to the respective Social Media provider at that time, they are able to attribute your visit to our website and any further interaction with the Social Media provider (e.g. by clicking the ‘Like’ button) to your user profile (e.g. your Facebook account).

We have no influence on the data collected and data processing and are not provided with information regarding the purpose of processing or the retention period. We also have no information regarding the deletion of the data gathered by the Social Media provider. Additional information regrading the purpose and scope of data collection and its processing by Social Media providers is available in the data protection statements for these providers, listed above. You will also get further information there regarding your rights in this regard and the setting options available to protect your privacy.

The servers for Social Media services are located in the USA and in other countries outside the European Union. Data can therefore be processed by providers of the Social Media service in countries outside the European Union. Please note that businesses in these countries are subject to a data protection law that generally protects your personal data to the same extent as in member states of the European Union.

Conversion Tracking
We use the offer provided by external advertising partners to bring your attention to our offers via advertising on external websites. To do this we also use marketing tools to determine how successful individual advertising methods are (‘Conversion Tracking’).
What we are interested in is showing you advertising that makes our website more appealing for you and to achieve a fair calculation of advertising costs. Legal basis is Art. 6 Para. 1f GDPR.
Cookies and web beacons are also set by our partners (see above), enabling specific parameters to measure success rates, including the display of adverts or clicks by the user. These cookies are not used to identify you personally. For as long as the cookie is active, the advertising partner is able to determine that you have clicked on an advert and gone to a specific page (e.g. Input form, confirmation page, Newsletter registration). The advertising partner compiled conversion statistics using this cookie. These statistics include the number of users who have clicked on one of our adverts. There are also counts of how many users have reached a target page which has a ‘conversion tag’ (remarketing tag, see above). However the statistics do not include any data which can be used to identify you.

We do not compile or process any personal data in the advertising measures mentioned. We only receive information from our advertising partners that enables statistical assessment. Using this assessment we are able to ascertain which of the advertising measures used is particularly effective. We do not receive any additional data about the use of advertising methods, and we are not able to identify the user from this information. Due to the conversion tracking tools used, your browser automatically makes a direct link with the advertising partner’s server. We have no influence on the scope and further use of data that is collected by the advertising partner with the use of this tool. By integrating marketing tools, the advertising partner receives information that you have called up the relevant section of our Internet presence, or have clicked on one of our adverts. If you are registered with our advertising partner (e.g. with Facebook or Google), the advertising partner can attribute the visit to your account. Even if you are not registered or are not logged in, the service provider still has the option of finding out and storing your IP address.

We use Conversion Tracking from the following advertising partners:

Google Adwords
Google LLC, 1600 Amphitheater Parkway, Mountainview, California 94043, USA
Additional information about data protection with Google can be found here: http://www.google.com/intl/de/policies/privacy and https://services.google.com/sitestats/de.html. Alternatively you can visit the website for Network Advertising Initiative (NAI) at http://www.networkadvertising.org . Google is subject to the EU-US Privacy Shield , https://www.privacyshield.gov/EU-US-Framework. You can prevent Conversion Tracking by Google Adwords by deactivating cookies for Conversion Tracking, when you set your browser in such a way that cookies are blocked by the domain ‘www.googleadservices.com’, https://www.google.de/settings/ads, whereby these settings will be deleted when you delete your cookies, or permanently deactivate them in your Firefox browser, Internet explorer or Google Chrome under the link http://www.google.com/settings/ads/plugin .

Facebook
Facebook Inc., 1601 S California Ave, Palo Alto, California 94304, USA Further information on data protection at Facebook can be found here: http://de-de.facebook.com/about/privacy/ . If you do not want Facebook to attribute the collected information to your Facebook account, you can take corrective action here: https://www.facebook.com/settings/?tab=ads
TO do this, you must be logged in to Facebook. Facebook is subject to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework

Use of Google Remarketing
Our websites use what are known as ‘Retargeting Tags’ to switch on interest-related advertising on third party websites. Legal basis is our legitimate interest in advertising measures as per Art. 6 Para.1f GDPR.
A JavaScript-Element is defined as a re-targeting tag, that is positioned in the source code for the website. When a user visits any such page that contains a retargeting tag, the service provider of the online advert (‘Retargeting provider’, e.g. Google, Facebook) places a cookie on the user's computer and directs this to relevant retargeting target group lists. The respective retargeting provider uses the cookie to compile interest-related data (e.g. Pages visited or search enquiries on our website) through the use of pseudonyms. Using this information, you will then be shown interest-related adverts by the retargeting provider. No directly personal data will be stored and no user profile will be linked with any personal data. However, the retargeting provider may be able to identify you and attribute your usage behaviour to our website, especially if you are a registered user of the retargeting provider (e.g. Have a Google or Facebook account).

We use the following retargeting providers:

Facebook Retargeting
Facebook Inc., 1601 S California Ave, Palo Alto, California 94304, USA Your IP address and the pages that you look at on the GoEuro website, will be transferred to Facebook. More information about data processing by Facebook and your rights and the options available to protect your personal data can be found in the Facebook data protection statement at: http://de-de.facebook.com/about/privacy/
If you do not want Facebook to allocate the information gathered to your Facebook account, you can adjust the retargeting functions here: https://www.facebook.com/settings/?tab=ads
To do this you must be logged in to Facebook.
Facebook is subject to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework

Newsletter
In registering to receive our Newsletter, the data you provide will only be used to send you a Newsletter via e-mail and marketing e-mails with advertising and information about our offers, on a regular basis. Subscribers will also be kept up-to-date about circumstances t hat are relevant for this service or registration (for instance, changes to the newsletter offer or technical conditions).
We require a valid e-mail address for registration to be effective. To verify that a registration is actually effected by the holder of the e-mail address, we use the ‘double-opt-in’ process. For this we log the Newsletter order (data that is entered to register in the input form, including address, first name, surname, e-mail ), the sending of a confirmation mail and input of the requested response. No other data is collected. Data is only used to send the Newsletter.
Legal basis for data processing is your consent as per Art. 6 Para. 1a GDPR.
You may revoke your consent to the storage of your personal data and its use to send the Newsletter at any time. A relevant link is also provided in each newsletter. Rescission can also be effected via the other contact options provided on the website. Your data will then be immediately deleted from our system.

Prize draw
Our website provides you with the option of taking part in the hotel's own prize draw. The data listed in the prize draw form will only be used to establish a winner. For this we log the completed participation form (data that is entered to register in the input form, including address, first name, surname, e-mail, postal address), the sending of a confirmation mail and input of the requested response. No other data is collected. Data is only used for the duration of the prize draw and is not forwarded to third parties. At the end of the prize draw, your data will be deleted. Legal basis is Art. 6 Para. 1b GDPR.

Data recipient
We use external service providers, in particular technical and business service providers. These include hosting providers, statistical and analysis services to manage service-desk and support data, service providers to prepare CRM systems, to send our Newsletter, for gift voucher orders, for spam and misuse prevention and also IT maintenance and development service providers. Service providers work solely on our behalf and so not process personal data for their own purposes. As part of a booking, we transfer your data to payment service providers, financial authorities and local administrative bodies. Data processing procedures may mean that data will be transferred to recipients outside the European Union. Data transfer is only effected according to the policies of the so-called Privacy Shield (https://www.privacyshield.gov/welcome) or based on so-called standard contractual clauses of the EU Commission (http://ec.europa.eu/justice/data-protection/international-transfers/transfer/index_en.htm).

Your rights
As well as the right to rescission of consents you have granted to us, you also have, upon the existence of respective statutory provisions, the right to information as per Art. 15 GDPR, to reporting as per Art. 16 GDPR, to deletion as per Art. 17 GDPR, to limitation of processing as per Art. 18 GDPR, the right to objection as per Art. 21 GDPR and the right to data transferability as per Art. 20 GDPR.
You have the right, for reasons that arise from your specific situation, to revoke the processing of your personal data at any time, based on Art. 6 Para. 1f GDPR (Art. 21 Para. 1 GDPR).
In so far as your personal details are processed as per Art. 6 Para. 1f GDPR for the purposes of direct advertising, you have the right, at any time and without having to provide reasons, to rescission (Art. 21 Para. 2 GDPR).
There is also a right to lodge a complaint with the data protection supervisory authorities as per Art. 77 GDPR.

Queries regarding data protection
If you have any queries regarding data protection, please send an e-mail to
welcome@hotelkaiser.at

Online booking on our website
1. Description and scope of data processing
On our website you have the possibility to book and/or inquire rooms and offers. If a user uses this option, the data entered in the input mask will be transmitted to us and saved. This data is: title, first name, surname, email address, telephone number, address, number of guests, requests, date, time.
Online bookings via our website are completed using the online reservation system of websLINE Internet- & Marketing GmbH, Sägewerkstrasse 24, 83395 Freilassing, Germany. All booking data you enter shall be encrypted. websLINE commits to the data privacy-appropriate handling of your personal data. The company takes all organisational and technical measures to protect your data.
In this context, no further transfer of your data to third parties takes place. The data is used exclusively for processing your booking and for communication purposes.
2. Legal basis for the processing of data
The legal basis for the processing of the data is the conclusion of an accommodation contract with the user.
3. Purpose of data processing
The processing of personal data from the input mask serves solely to process your booking request and to process payment transactions.
4. Duration of storage
The data will be deleted as soon as it is no longer necessary for the purpose of its collection. In the case of a contractual relationship, we will delete the data received as soon as national, commercial, statutory or contractual retention requirements have been met.
5. Means of objection and removal
The user has the option to object to the processing of their personal data at any time.
We would like to point out that in the case of objection, the booking cannot be completed or the communication cannot be conti

Purchasing vouchers via our website
1. Description and scope of data processing
On our website there is the option to purchase vouchers. If a user uses this option, the data entered in the input mask will be transmitted to us and saved. This data is: title, first name, surname, address, email address, telephone number, voucher amount, personalisation of the voucher, shipping options/alternative shipping address, method of payment.
Voucher purchases on our website go through the online ordering system of websLINE Internet- & Marketing GmbH, Sägewerkstrasse 24, 83395 Freilassing, Germany. All order data you enter shall be encrypted. websLINE commits to the data privacy-appropriate handling of your personal data. The company takes all organisational and technical measures to protect your data.
In this context, no further transfer of your data to third parties takes place. The data is used exclusively for processing your booking and for communication purposes.
2. Legal basis for the processing of data
The legal basis for the processing of the data is the conclusion of a contract of sale with the user.
3. Purpose of data processing
The processing of personal data from the input mask serves solely to process your voucher purchase and to process payment transactions.
4. Duration of storage
The data will be deleted as soon as it is no longer necessary for the purpose of its collection. In the case of a contractual relationship, we will delete the data received as soon as national, commercial, statutory or contractual retention requirements have been met.
5. Means of objection and removal
The user has the option to object to the processing of their personal data at any time.