Data protection declaration


The protection of your personal data is of prime importance to us. We therefore process your data exclusively in accordance with legal directives. In this data protection information, we present the most important aspects of data processing in the context of our website.

Name and address of the responsible party


The responsible party in relation to the General Data Protection Regulation (GDPR) and other national data protection laws of the member states, as well as further data protection regulations is:

Alpengasthof Alter Pocher <br>Monika Rösler
Fleiß 10
9844 Heiligenblut
Austria


General information about data processing


1. Processing scope of personal data


In principle, we only gather and use personal data insofar as it is required for providing a functional website, as well as our content and services. As a rule, the gathering and use of the personal data of our users is only after consent by the user. An exception applies in cases in which the obtaining of prior consent is not possible for substantiated reasons and the processing of the data is permitted by legal provisions.

2. Legal basis for the processing of personal data


If we obtain consent from the person in question for the processing of personal data, Art. 6 Par. 1 lit. a of the General Data Protection Regulation (GDPR) serves as a legal basis for the processing of personal data.
In the processing of personal data that is required for fulfilling a contract whose contract party is the person in question, Art. 6 Par. 1 lit. b GDPR serves as a legal basis. This also applies to processing procedures required for carrying out pre-contractual measures.
If the processing of personal data is required for fulfilling a legal obligation that our company is subject to, Art. 6 Par. 1 lit. c GDPR serves as a legal basis.
If processing is necessary to safeguard a justified interest of our company or a third party and if the interests, basic rights and basic freedoms of the affected person do not outweigh the aforementioned interest, Art. 6 Par. 1 lit. f GDPR serves as the legal basis for the processing.

3. Data deletion and storage period


The personal data of the affected person is deleted or blocked as soon as the purpose of storing it no longer applies. Storage beyond this can occur if determined by the European or national legislature in Union regulations, laws or other directives that the responsible party is subject to. Data is also blocked or deleted if a storage period prescribed by the mentioned norms expires, unless there is a requirement for further storage of the data for conclusion or fulfilment of a contract.

Provision of the website and generation of log files


1. Description and scope of data processing


Every time our Internet page is accessed, our system automatically gathers data and information from the computer system of the accessing device.
The following data is hereby gathered:

- Information about the browser type and the version used
- The operating system of the user
- the Internet service provider of the user
- The IP address of the user
- Date and time of access
- Websites from which the system of the user reaches our webpage
- Websites that are accessed from the user’s system through our website

The data is also stored in the log files of our system. Storage of this data together with other personal data of the user does not occur.

2. Legal basis for data processing


The legal basis for the temporary storage of data and the log files is Art. 6 Par. 1 lit. f GDPR.

3. Purpose of data processing


The temporary storage of the IP address by the system is necessary to enable a provision of the website to the user’s device. The IP address of the user must remain stored for this purpose for the duration of the session. The storage in log files is to ensure the functionality of the website. In addition, the data serve to optimise the website and to ensure the security of our technical information systems. There is no evaluation of the data for marketing purposes in relation to this.
Our justified interest in data processing according to Art. Par. 1 lit. f GDPR also lies in these purposes.

4. Duration of storage


The data is deleted as soon as it is no longer necessary for attaining the purpose of its gathering. In the case of gathering data for making the website available, this is the case when the particular session has ended.
In the case of storing the data in log files, this happens at the latest after 7 days. Storage beyond this is possible. In this case, the IP addresses of the users are deleted or alienated, so that it is no longer possible to assign them to the accessing client.

5. Objection and elimination possibility


The gathering of data to make the website available and the storing of data in log files is absolutely necessary for operating the webpage. There is no possibility of objection or opt-out by the user.

Contact form and e-mail contact


There is a contact form on our webpage that can be used for electronic contact. If a user makes use of this possibility, the data entered in the input fields is transmitted to us and stored.
In addition, the IP address of the accessing device and the date and time of registration are gathered upon registration.
Your consent is obtained for the processing of the data as part of the sending procedure and you are referred to this data protection declaration.
Alternatively, it is possible to make contact via the provided e-mail address. In this case, the personal data of the user transmitted with the e-mail is stored.
If you contact us via the contact form on our webpage or by e-mail, your input data is stored for 12 months for the purpose of processing the enquiry and in case of follow-up questions.
In relation to this there is no passing on of data to third parties. The data is used exclusively for processing the conversation.

Bookings or booking enquiries for requesting orders


The data entered in relation to a booking or booking enquiry is stored and used for the purposes of booking or, in the case of a booking enquiry, to send an offer.
You can be informed by e-mail about matters relevant to the offer, such as changes to the scope of the offer or technical circumstances.
The gathered data can be viewed on the entry form relating to the booking or booking enquiry. It includes name, telephone number, postal address, e-mail address, IP address, travel dates and your optional additional comments.

Cookies


Our website uses so-called cookies. These are small text files that are deposited on your end device with the help of the browser. They do not cause any damage. We use cookies to make out website user-friendly. Some elements of our webpage require that the accessing browser can still be identified after changing pages.
Some cookies remain stored on your end device until you delete them. This type of cookie contains a characteristic character string that enables a clear identification of the browser when accessing the webpage again.
If you do not want this, you can set your browser so that it informs you of the placing of cookies and you only allow it in individual cases.
When deactivating cookies, the functionality of our website can be compromised.

Google Maps


This website uses the “Google Maps and route planner” of Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States (“Google”) to present and calculate geographical information and arrival routes. Through Google Maps, data about your use of this website can be transmitted to website, gathered and used by Google. You can prevent such a data transmission if you deactivate “Javascript” in your browser. In this case, however, no maps can be displayed. By using this website and not deactivating “Javascript”, you are declaring your consent to your data being processed by Google for the purpose above. You can find further information about how “Google Maps” and the route planner use your data, as well as the Google data protection declaration at: https://www.google.com/intl/de_de/help/terms_maps.html

Your rights


You have basic rights to information, correction, deletion, restriction, data portability, revocation and objection. If you believe that the processing of your data contravenes data protection law or your data protection rights have been infringed in any other way, you can complain to the regulatory authority.
In Austria this is the data protection authority.