Data protection
Privacy policy
1) Introduction and contact details of the responsible person
1.1 We are pleased that you are visiting our website and thank you for your interest. In the following, we will inform you about how we handle your personal data when you use our website. Personal data is any data with which you can be personally identified.
1.2 The controller of the data processing on this website within the meaning of the General Data Protection Regulation (GDPR) is Wilfried Rainer, Hotel SONNBLICK, Plangeross 45, 6481 St. Leonhard im Pitztal, Austria, Tel.: +43541386204, e-mail: hotel@sonnblick-pitztal.at. The controller is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data.
1.3 This website uses SSL or TLS encryption for security reasons and to protect the transmission of personal data and other confidential content (e.g. orders or enquiries to the person responsible). You can recognise an encrypted connection by the string "https://" and the lock symbol in your browser line.
2) Data collection when visiting our website
During the mere informational use of our website, i.e. if you do not register or otherwise transmit information to us, we only collect data that your browser transmits to our server (so-called "server log files"). When you call up our website, we collect the following data, which is technically necessary for us to display the website to you:
- Our visited website
- Date and time at the time of access
- Amount of data sent in bytes
- Source/reference from which you reached the page
- Browser used
- Operating system used
- IP address used (if applicable: in anonymised form)
The processing is carried out in accordance with Art. 6 para. 1 lit. f DSGVO on the basis of our legitimate interest in improving the stability and functionality of our website. A transfer or other use of the data does not take place. However, we reserve the right to check the server log files retrospectively if there are concrete indications of illegal use.
3) Cookies
In order to make visiting our website more attractive and to enable the use of certain functions, we use so-called cookies on various pages. These are small text files that are stored on your terminal device. Some of the cookies we use are deleted after the end of the browser session, i.e. after you close your browser (so-called session cookies). Other cookies remain on your terminal device and enable us or our partner companies (third-party cookies) to recognise your browser on your next visit (persistent cookies). If cookies are set, they collect and process certain user information such as browser and location data as well as IP address values to an individual extent. Persistent cookies are automatically deleted after a specified period of time, which may vary depending on the cookie.
If personal data is also processed by individual cookies implemented by us, the processing is carried out in accordance with Art. 6 Para. 1 lit. b DSGVO either for the execution of the contract or in accordance with Art. 6 Para. 1 lit. f DSGVO to protect our legitimate interests in the best possible functionality of the website as well as a customer-friendly and effective design of the page visit.
We may work with advertising partners who help us to make our website more interesting for you. For this purpose, cookies from partner companies are also stored on your hard drive when you visit our website (third-party cookies). If we cooperate with aforementioned advertising partners, you will be informed individually and separately about the use of such cookies and the scope of the information collected in each case within the following paragraphs.
Please note that you can set your browser in such a way that you are informed about the setting of cookies and can decide individually about their acceptance or can exclude the acceptance of cookies for certain cases or in general. Each browser differs in the way it manages cookie settings. This is described in the help menu of each browser, which explains how you can change your cookie settings. You can find these for the respective browsers under the following links:
Microsoft Edge: https://support.microsoft.com
Firefox: https://support.mozilla.org
Chrome: http://support.google.com
Safari: https://support.apple.com
Opera: http://help.opera.com
Please note that if you do not accept cookies, the functionality of our website may be limited.
4) Contacting
When contacting us (e.g. via contact form or e-mail), personal data is collected. Which data is collected in the case of the use of a contact form can be seen from the respective contact form. This data is stored and used exclusively for the purpose of answering your request or for contacting you and the associated technical administration. The legal basis for the processing of this data is our legitimate interest in responding to your request in accordance with Art. 6 (1) lit. f DSGVO. If your contact aims at the conclusion of a contract, the additional legal basis for the processing is Art. 6 (1) lit. b DSGVO. Your data will be deleted after final processing of your request. This is the case if it can be inferred from the circumstances that the matter concerned has been conclusively clarified and provided that there are no statutory retention obligations to the contrary.
5) Online marketing
Facebook Pixel for the creation of Custom Audiences (with Cookie Consent Tool)
Within our online offer, the so-called "Facebook pixel" of the social network Facebook is used, which is operated by Meta Platforms Ireland Limited, 4 Grand Canal Quare, Dublin 2, Ireland ("Facebook").
If a user clicks on an ad placed by us that is played on Facebook, an addition is added to the URL of our linked page by Facebook Pixel. If our site allows data to be shared with Facebook via Pixel, this URL parameter is inscribed in the user's browser via a cookie that our linked site sets itself. This cookie is then read by Facebook Pixel and enables the data to be forwarded to Facebook.
With the help of the Facebook pixel, it is possible for Facebook to determine the visitors to our online offer as a target group for the display of advertisements (so-called "Facebook ads"). Accordingly, we use the Facebook pixel to display the Facebook ads placed by us only to those Facebook users who have also shown an interest in our online offer or who have certain characteristics (e.g. interests in certain topics or products determined on the basis of the websites visited), which we transmit to Facebook (so-called "Custom Audiences"). With the help of the Facebook pixel, we also want to ensure that our Facebook ads correspond to the potential interest of the users and do not have a harassing effect. This allows us to further evaluate the effectiveness of the Facebook ads for statistical and market research purposes by tracking whether users were redirected to our website after clicking on a Facebook ad (so-called "conversion").
The data collected is anonymous for us, so it does not allow us to draw any conclusions about the identity of the user. However, the data is stored and processed by Facebook so that a connection to the respective user profile is possible and Facebook can use the data for its own advertising purposes in accordance with the Facebook data usage policy (https://www.facebook.com
The data processing associated with the use of the Facebook Pixel is only carried out with your express consent in accordance with Art. 6 Para. 1 lit. a DSGVO. You can revoke your consent at any time with effect for the future. To exercise your revocation, remove the checkmark next to the setting for the "Facebook Pixel" in the "Cookie Consent Tool" integrated on the website.
6) Web analytics services
Google (Universal) Analytics
This website uses Google (Universal) Analytics, a web analytics service provided by Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland ("Google"). Google (Universal) Analytics uses "cookies", which are text files placed on your computer, to help the website analyze how users use the site. The information generated by the cookie about your use of the website (including your IP address) will be transmitted to and stored by Google on servers in the United States.
This website uses Google (Universal) Analytics exclusively with the extension "_anonymizeIp()", which ensures anonymization of the IP address by shortening and excludes a direct personal reference. Through this extension, your IP address is shortened beforehand by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google LLC.server in the USA and shortened there. Google will use this information on our behalf for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage. In this context, the IP address transmitted by your browser within the scope of Google (Universal) Analytics will not be merged with other Google data.
Google Analytics also enables the creation of statistics with statements about the age, gender and interests of site visitors on the basis of an evaluation of interest-based advertising and with the inclusion of third-party information via a special function, the so-called "demographic characteristics". This allows the definition and differentiation of user groups of the website for the purpose of targeting marketing measures. However, data records collected via the "demographic characteristics" cannot be assigned to a specific person.
Details on the processing triggered by Google Analytics and Google's handling of data from websites can be found here: https://policies.google.com
All processing described above, in particular the setting of Google Analytics cookies for the reading of information on the end device used, will only be carried out if you have given us your express consent in accordance with Art. 6 (1) a DSGVO. Without this consent, Google Analytics will not be used during your visit to our website.
You can revoke your consent at any time with effect for the future. To exercise your revocation, please deactivate this service in the "Cookie Consent Tool" provided on the website.
On this website, the "Google Signals" service can also be used as an extension of Google Analytics. With Google Signals, cross-device reports can be created by Google (so-called "cross-device tracking"). If you have activated "personalised ads" in your Google account settings and you have linked your Internet-enabled devices to your Google account, Google can analyse user behaviour across devices and create database models based on this, provided you have given your consent to the use of Google Analytics in accordance with Art. 6 (1) lit. a DSGVO (see above). The logins and device types of all page visitors who were logged into a Google account and performed a conversion are taken into account. The data shows, among other things, on which device you first clicked on an ad and on which device the associated conversion took place. Insofar as Google Signals is used, we do not receive any personal data from Google, but only statistics compiled on the basis of Google Signals. You have the option of deactivating the "personalised ads" function in the settings of your Google account and thus turning off the cross-device analysis. To do this, follow the instructions on this page: https://support.google.com
Further information can be found here: https://support.google.com
As an extension of Google Analytics, the "UserIDs" function can also be used on this website. By assigning individual UserIDs, we can have Google create cross-device reports (so-called "cross-device tracking"). This means that your usage behaviour can also be analysed across devices if you have given your corresponding consent to the use of Google Analytics in accordance with Art. 6 (1) a DSGVO, if you have set up a personal account by registering on this website and are logged into your personal account on different end devices with your relevant login data. The data collected in this way shows, among other things, on which end device you clicked on an ad for the first time and on which end device the relevant conversion took place.
We have concluded an order processing agreement with Google for the use of Google Analytics, which obliges Google to protect the data of our site visitors and not to pass it on to third parties.
For the transfer of data from the EU to the USA, Google refers to so-called standard data protection clauses of the European Commission, which are intended to ensure compliance with the European level of data protection in the USA.
Further information on Google (Universal) Analytics can be found here: https://policies.google.com
7) Retargeting/ Remarketing/ Referral advertising
Google Ads Remarketing
Our website uses the functions of Google Ads Remarketing, with which we advertise for this website in Google search results, as well as on third-party websites. The provider is Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland ("Google"). For this purpose, Google sets a cookie in the browser of your terminal device, which automatically enables interest-based advertising by means of a pseudonymous cookie ID and on the basis of the pages you visit. Further data processing will only take place if you have consented to Google linking your internet and app browsing history to your Google Account and using information from your Google Account to personalise the ads you see on the web. In this case, if you are logged into Google while visiting our website, Google will use your data together with Google Analytics data to create and define target group lists for cross-device remarketing. For this purpose, your personal data will be temporarily linked by Google with Google Analytics data in order to form target groups. The use of Google Ads Remarketing may also involve the transmission of personal data to the servers of Google LLC. in the USA.
All processing described above, in particular the setting of cookies for the reading of information on the end device used, will only be carried out if you have given us your express consent to do so in accordance with Art. 6 Para. 1 lit. a DSGVO. Without this consent, Google Ads Remarketingl will not be used during your visit to our website.
You can revoke your consent at any time with effect for the future. To exercise your revocation, please deactivate this service in the "Cookie Consent Tool" provided on the website.
You can also permanently object to the setting of cookies by Google Ads Remarketing by downloading and installing the Google browser plug-in available at the following link: https://support.google.com
Further information and the privacy policy regarding advertising and Google can be found here:
https://www.google.com
8) Page functionalities
8.1 Use of Youtube videos
This website uses the Youtube embedding function to display and play videos from the provider "Youtube", which belongs to Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland ("Google").
The extended data protection mode is used here, which, according to the provider, only triggers the storage of user information when the video(s) is/are played. If the playback of embedded Youtube videos is started, the provider "Youtube" uses cookies to collect information about user behaviour. According to information from "Youtube", these are used, among other things, to collect video statistics, to improve user-friendliness and to prevent abusive behaviour. If you are logged in to Google, your data will be directly assigned to your account when you click on a video. If you do not wish to have your data associated with your YouTube profile, you must log out before activating the button. You have the right to object to the creation of these user profiles, whereby you must contact YouTube to exercise this right. When using YouTube, personal data may also be transmitted to the servers of Google LLC. in the USA.
Independently of a playback of the embedded videos, a connection to the Google network is established each time this website is called up, which may trigger further data processing operations without our influence.
All of the processing described above, in particular the reading of information on the end device used via the tracking pixel, is only carried out if you have given us your express consent to do so in accordance with Art. 6 Para. 1 lit. a DSGVO. Without this consent, Youtube videos will not be used during your visit to the site.
You can revoke your given consent at any time with effect for the future. To exercise your revocation, please deactivate this service in the "cookie consent tool" provided on the website via alternative options communicated to you on the website.
Further information on data protection at "Youtube" can be found in the Youtube terms of use at https://www.youtube.com
8.2 Applications to job advertisements by e-mail
We advertise current vacancies on our website in a separate section, for which interested parties can apply by e-mail to the contact address provided.
In order to be included in the application process, applicants must provide us with all personal data required for a well-founded and informed assessment and selection together with their application by e-mail.
The information required includes general personal information (name, address, telephone or electronic contact details) and performance-related evidence of the qualifications required for a post. In addition, health-related information may be required, which must be given special consideration under employment and social law in the interest of social protection in the person of the applicant.
The components that an application must contain in order to be considered and the form in which these components are to be sent by e-mail can be found in the respective job advertisement.
After receipt of the application sent using the specified e-mail contact address, the applicant data will be stored by us and evaluated exclusively for the purpose of processing the application. For queries arising in the course of processing, we use either the e-mail address provided by the applicant with his/her application or a telephone number provided, at our discretion.
The legal basis for this processing, including contacting us for queries, is generally Art. 6 Para. 1 lit. b DSGVO (in the case of processing in Germany in conjunction with § 26 Para. 1 BDSG), in the sense of which the application process is regarded as the initiation of an employment contract.
Insofar as special categories of personal data within the meaning of Art. 9 (1) DSGVO (e.g. health data such as information on severely disabled status) are requested from applicants as part of the application process, the processing is carried out in accordance with Art. 9 (2) lit. b. DSGVO. DSGVO so that we can exercise the rights arising from labour law and social security and social protection law and fulfil our obligations in this regard.
Cumulatively or alternatively, the processing of the special categories of data may also be based on Article 9(1)(h) of the GDPR if it is carried out for the purposes of preventive health care or occupational medicine, for the assessment of the applicant's fitness for work, for medical diagnosis, health or social care or treatment, or for the management of health or social care systems and services.
If the applicant is not selected in the course of the evaluation described above or if an applicant withdraws his or her application prematurely, his or her data transmitted by e-mail and all electronic correspondence, including the original application e-mail, will be deleted at the latest after 6 months following notification. This period is measured on the basis of our legitimate interest in answering any follow-up questions about the application and, if necessary, to be able to meet our obligations to provide evidence under the regulations on equal treatment of applicants.
In the event of a successful application, the data provided will be further processed on the basis of Art. 6 para. 1 lit. b DSGVO (for processing in Germany in conjunction with § 26 para. 1 BDSG) for the purposes of implementing the employment relationship.
8.3 - Google Web Fonts
This site uses so-called web fonts provided by Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland ("Google") for the uniform display of fonts. When you call up a page, your browser loads the required web fonts into its browser cache in order to display texts and fonts correctly.
For this purpose, the browser you use must connect to Google's servers. This may also result in the transmission of personal data to the servers of Google LLC. in the USA. In this way, Google learns that our website has been accessed via your IP address. The processing of personal data in the course of establishing a connection with the provider of the fonts is only carried out if you have given us your express consent to do so in accordance with Art. 6 Para. 1 lit. a DSGVO. You can revoke your consent at any time with future effect by deactivating this service in the "cookie consent tool" provided on the website. If your browser does not support web fonts, a standard font will be used by your computer.
You can find more information about Google Web Fonts at https://developers.google.com
9) Tools and miscellaneous
Cookie consent tool
This website uses a so-called "cookie consent tool" to obtain effective user consent for cookies and cookie-based applications that require consent. The "cookie consent tool" is displayed to users in the form of an interactive user interface when they access the page, on which consent for certain cookies and/or cookie-based applications can be given by ticking the appropriate box. Through the use of the tool, all cookies/services requiring consent are only loaded if the respective user gives the corresponding consent by ticking the corresponding box. This ensures that such cookies are only set on the respective end device of the user if consent has been granted.
The tool sets technically necessary cookies to save your cookie preferences. Personal user data is not processed in this process.
If, in individual cases, personal data (such as the IP address) is processed for the purpose of storing, assigning or logging cookie settings, this is done in accordance with Art. 6 (1) lit. f DSGVO on the basis of our legitimate interest in legally compliant, user-specific and user-friendly consent management for cookies and thus in a legally compliant design of our website.
Further legal basis for the processing is Art. 6 para. 1 lit. c DSGVO. As the responsible party, we are subject to the legal obligation to make the use of technically unnecessary cookies dependent on the respective user consent.
We have concluded an order processing contract with the provider, which ensures the protection of our site visitors' data and prohibits unauthorised disclosure to third parties.
You can find further information on the operator and the setting options of the cookie consent tool directly in the corresponding user interface on our website.
10) Rights of the data subject
10.1 The applicable data protection law grants you the following data subject rights (rights of information and intervention) vis-à-vis the controller with regard to the processing of your personal data, whereby reference is made to the stated legal basis for the respective prerequisites for exercising these rights:
- Right to information pursuant to Art. 15 DSGVO;
- Right to rectification pursuant to Art. 16 DSGVO;
- Right to erasure pursuant to Art. 17 DSGVO;
- Right to restriction of processing pursuant to Art. 18 DSGVO;
- Right to information pursuant to Article 19 of the GDPR;
- Right to data portability pursuant to Art. 20 DSGVO;
- Right to revoke consent given in accordance with Art. 7 (3) DSGVO;
- Right to lodge a complaint pursuant to Article 77 of the GDPR.
10.2 RIGHT OF OBJECTION
IF WE PROCESS YOUR PERSONAL DATA WITHIN THE FRAMEWORK OF A BALANCING OF INTERESTS ON THE BASIS OF OUR OVERRIDING LEGITIMATE INTEREST, YOU HAVE THE RIGHT AT ANY TIME TO OBJECT TO THIS PROCESSING WITH EFFECT FOR THE FUTURE ON GROUNDS ARISING FROM YOUR PARTICULAR SITUATION.
IF YOU EXERCISE YOUR RIGHT TO OBJECT, WE WILL STOP PROCESSING THE DATA CONCERNED. HOWEVER, WE RESERVE THE RIGHT TO CONTINUE PROCESSING IF WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR PROCESSING THAT OVERRIDE YOUR INTERESTS, FUNDAMENTAL RIGHTS AND FREEDOMS, OR IF THE PROCESSING IS FOR THE PURPOSE OF ASSERTING, EXERCISING OR DEFENDING LEGAL CLAIMS.
IF WE PROCESS YOUR PERSONAL DATA FOR THE PURPOSE OF DIRECT MARKETING, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF YOUR PERSONAL DATA FOR THE PURPOSE OF SUCH MARKETING. YOU CAN EXERCISE THE OBJECTION AS DESCRIBED ABOVE.
IF YOU EXERCISE YOUR RIGHT TO OBJECT, WE WILL STOP PROCESSING THE DATA CONCERNED FOR DIRECT MARKETING PURPOSES.
11) Duration of the storage of personal data
The duration of the storage of personal data is determined on the basis of the respective legal basis, the purpose of processing and - if relevant - additionally on the basis of the respective statutory retention period (e.g. retention periods under commercial and tax law).
When personal data is processed on the basis of explicit consent pursuant to Art. 6 (1) a DSGVO, this data is stored until the person concerned revokes his/her consent.
If there are legal retention periods for data that is processed within the framework of legal business or similar obligations on the basis of Art. 6 Para. 1 lit. b DSGVO, this data will be routinely deleted after expiry of the retention periods, provided that it is no longer required for the fulfilment of the contract or the initiation of the contract and/or there is no justified interest on our part in the continued storage.
When processing personal data on the basis of Art. 6(1)(f) DSGVO, this data is stored until the data subject exercises his or her right to object pursuant to Art. 21(1) DSGVO, unless we can demonstrate compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject, or the processing serves to assert, exercise or defend legal claims.
When processing personal data for the purpose of direct marketing on the basis of Art. 6 (1) f DSGVO, this data is stored until the data subject exercises his right to object in accordance with Art. 21 (2) DSGVO.
Moreover, unless otherwise specified in the other information on specific processing situations in this statement, stored personal data are deleted when they are no longer necessary for the purposes for which they were collected or otherwise processed.