Privacy Statement

TOURIST BOARD GRIMMING-DONNERSBACHTAL

This declaration describes how we, as the data protection officer responsible for our website, process your personal data.

Which data we process about you

Our website (accessible via www.derbergdastal.at and www.machtsinn.at) is operated by ourselves, i.e. the Grimming-Donnersbachtal Tourism Association. In case of a visit the following information will be collected: The date and time of the visit to a page on the website, your IP address, name and version of your web browser, the website (URL) you visited before you visited this website, certain cookies and the information you provide yourself by filling out the contact form for requesting the newsletter on our website. There is no obligation to actually provide the information that we ask you to provide on our website. However, if you do not do this, you will not be able to use all the functions of the website.

The Tourismusverband Grimming-Donnersbachtal is also represented online via the website of the Dachverband, Schladming-Dachstein Tourismusmarketing GmbH (accessible via www.schladming-dachstein.at or www.grimming-donnersbachtal.at). This website is operated by Schladming-Dachstein Tourismusmarketing GmbH. In the event of a visit, the following information is collected: The date and time of the visit to a page on the website, your IP address, name and version of your web browser, the website (URL) which you visited before the visit to this website, certain cookies and the information which you provide yourself by filling out the contact form for requesting the newsletter on our website. There is no obligation to actually provide the information that we ask you to provide on our website. However, if you do not do this, you will not be able to use all the functions of the website.

For what purpose we process data about you

We will process your personal data for the following purposes:

  • To make this website available to you and to further improve and develop this website;
  • to compile usage statistics;
  • to detect, prevent and investigate attacks on our website;
  • to respond to your requests or to send you a newsletter;
  • for specific room requests for quotation and booking processing or invoicing;
  • to organise services via third parties, e.g. reservation of cable cars, various transfers, package ski passes or other components of booked packages;
  • in order to organise the processing for the implementation of various programmes, such as guided hikes;
  • for the organisational handling of events.

Cookies

Our website uses so-called cookies. These are small text files that are stored on your end device with the help of the browser. They do not cause any damage.

We use cookies to make our website user-friendly. Some cookies remain stored on your terminal until you delete them. They enable us to recognise your browser the next time you visit. If you do not wish this, you can set up your browser so that it informs you when cookies are set and you only allow this in individual cases.

If cookies are deactivated, the functionality of our website may be restricted.
In addition, we use cookies on our website which enable an analysis of the surfing behaviour of the users.

The user data collected in this way is pseudonymised by technical precautions. It is therefore no longer possible to assign the data to the calling user. The data are not stored together with other personal data of the user.

When calling up our website, users are informed by an information banner about the use of cookies for analysis purposes and referred to this data protection declaration. In this context, there is also an indication as to how the storage of cookies in the browser settings can be prevented.

Use of SSL encryption

In order to protect your transmitted data in the best possible way, we use SSL encryption. You can recognize such encrypted connections by the prefix “https://” in the page link in the address bar of your browser. Unencrypted pages are identified by “http://”.
All data that you transmit to this website – for example when making enquiries or logging in – cannot be read by third parties thanks to SSL encryption.

Sämtliche Daten, welche Sie an diese Website übermitteln – etwa bei Anfragen oder Logins – können dank SSL-Verschlüsselung nicht von Dritten gelesen werden.

Web analysis

On the basis of our legitimate interests (i.e. interest in the analysis, optimisation and economic operation of our online offer in the sense of Art. 6 Para. 1 lit. f. of the German Civil Code), we act in accordance with the following principles DSGVO) Google Analytics, a web analysis service of Google LLC (“Google”). Google uses cookies. The information generated by the cookie about users’ use of the website is generally transmitted to and stored by Google on servers in the United States.
Google is certified under the Privacy Shield Agreement and thus offers a guarantee of compliance with European data protection law (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).

Google will use this information on our behalf to evaluate the use of our online services by users, to compile reports on activities within this online service and to provide us with other services related to the use of this online service and the Internet. Pseudonymous user profiles can be created from the processed data.
We use Google Analytics only with activated IP anonymization. This means that the IP address of the user is shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases is the full IP address transmitted to a Google server in the USA and shortened there.

The IP address transmitted by the user’s browser is not merged with other Google data. Users may refuse the use of cookies by selecting the appropriate settings on their browser, they may also refuse the use of cookies by selecting the appropriate settings on their browser, they may refuse the use of cookies by selecting the appropriate settings on their browser, and they may refuse the processing of cookies by selecting the appropriate settings on Google, and they may refuse the processing of cookies by selecting the appropriate settings on Google, and they may refuse the processing of cookies by Google, by downloading and installing the browser plugin available from the following link: http://tools.google.com/dlpage/gaoptout?hl=de .

Further information on the use of data by Google, setting and objection options can be found in Google’s data protection declaration (https://policies.google.com/technologies/ads) and in the settings for the display of advertising by Google (https://adssettings.google.com/authenticated).
The personal data of the users will be deleted or anonymized after 14 months.

Facebook Social Plugins

This website uses social plugins of the social network facebook.com, which is operated by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA (“Facebook”). The plugins are marked with a Facebook logo or the addition “Facebook Social Plugin”.

When you visit a website that contains such a plugin, your browser connects directly to Facebook’s servers. Information about the use of this website (including your IP address) is transferred to and stored on Facebook. If you are logged in to Facebook, Facebook can associate the visit with your Facebook account.

For the purpose and scope of data collection and the further processing and use of the data by Facebook, as well as your rights in this regard and setting options to protect your privacy, please refer to Facebook’s data protection information. (http://www.facebook.com/policy.php)

If you do not want Facebook to collect information about you via this website, you must log out of Facebook before visiting the website.

Vimeo

On our website videos of the platform “Vimeo” of the provider Vimeo Inc, Attention: Legal Department, 555 West 18th Street New York, New York 10011, USA, are integrated. Privacy policy: https://vimeo.com/privacy. We point out that Vimeo may use Google Analytics and refer to the privacy policy (https://www.google.com/policies/privacy) as well as opt-out options for Google Analytics (http://tools.google.com/dlpage/gaoptout?hl=de) or the settings of Google for data use for marketing purposes (https://adssettings.google.com/).

Instagram

On our website, functions of the Instagram service are integrated. These functions are offered by Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA. If you are logged into your Instagram account, you can link the contents of our pages to your Instagram profile by clicking the Instagram button. This allows Instagram to associate visiting our pages with your user account. We would like to point out that, as the provider of the pages, we do not have any knowledge of the content of the transmitted data or its use by Instagram.

For more information, please refer to Instagram’s privacy policy at https://www.instagram.com/about/legal/privacy/.

Hosting

The hosting services used by us serve the provision of the following services: Infrastructure and platform services, computing capacity, storage space and database services, security services and technical maintenance services which we use for the purpose of operating this online service.

Here we, or our hosting provider, process inventory data, contact data, content data, contract data, usage data, meta data and communication data of customers, interested parties and visitors to this online service on the basis of our legitimate interests in the efficient and secure provision of this online service in accordance with Art. 6 Para. 1 lit. f DSGVO in connection with Art. 28 DSGVO (conclusion of an order processing contract).

Collection of access data and log files

We, and/or our Hostinganbieter, raise on basis of our entitled interests in the sense of the art. 6 Abs. 1 lit. f. DSGVO collects data on each access to the server on which this service is located (so-called server log files). The access data includes the name of the website accessed, file, date and time of access, amount of data transferred, notification of successful access, browser type and version, the user’s operating system, referrer URL (the previously visited page), IP address and the requesting provider.

Log file information is stored for security reasons (e.g. to clarify abuse or fraud actions) for a maximum period of 7 days and then deleted. Data, the further storage of which is necessary for evidence purposes, are excluded from deletion until the respective incident has been finally clarified.

Online presences in social media

We maintain online presences within social networks and platforms in order to be able to communicate with customers, interested parties and users active there and to inform them about our services. When calling up the respective networks and platforms, the terms and conditions and data processing guidelines of their respective operators apply.

Unless otherwise stated in our data protection declaration, we process the data of users who communicate with us within the social networks and platforms, e.g. write articles on our online presences or send us messages.

Newsletter

You can subscribe to our newsletter via our website (www.derbergdastal.at or www.machtsinn.at). To do this, we need your e-mail address and your declaration that you agree to receive the newsletter.

As soo as you have subscribed to the newsletter, we will send you a confirmation e-mail with a link to confirm your subscription. The newsletter is sent via “MailChimp”, a newsletter distribution platform of the US provider Rocket Science Group, LLC, 675 Ponce De Leon Ave NE #5000, Atlanta, GA 30308, USA.

The e-mail addresses of our newsletter recipients, as well as their other data described in the context of this notice, are stored on the servers of MailChimp in the USA. MailChimp uses this information to send and evaluate newsletters on our behalf. Furthermore, according to its own information, MailChimp may use this data to optimise or improve its own services, e.g. for the technical optimisation of the dispatch and presentation of the newsletter or for economic purposes in order to determine from which countries the recipients come. However, MailChimp does not use the data of our newsletter recipients to write to them or pass them on to third parties.

We rely on the reliability and IT and data security of MailChimp. MailChimp is certified under the US-EU data protection agreement “Privacy Shield” and is therefore committed to complying with EU data protection regulations. In addition, we have concluded a data processing agreement with MailChimp. This is a contract in which MailChimp undertakes to protect the data of our users, to process it on our behalf in accordance with their data protection regulations and, in particular, not to pass it on to third parties. You can view the privacy policy of MailChimp here.

You can cancel your subscription to the newsletter at any time via the unsubscribe link included in every newsletter, or you can send your cancellation to the following e-mail address: office@grimming-donnersbachtal.at. We will then immediately delete your data in connection with the newsletter dispatch.

Mailings and newsletters

The members of the Grimming-Donnersbachtal Tourist Board regularly receive useful information on current topics from the Grimming-Donnersbachtal Tourist Board, as well as invitations to relevant events and meetings, in particular to general meetings of the Grimming-Donnersbachtal Tourist Board.

According to Art. 6 Para. 1 lit. f DSGVO, data processing is necessary to safeguard the legitimate interests of the responsible party or a third party.
Pursuant to Art. 6 Para. 1 lit. b DSGVO, data processing for this type of transmission is necessary for the fulfilment of the contract and for the implementation of pre-contractual measures or for the fulfilment of legal obligations.

In the course of this data processing, the Tourism Association forwards the personal data collected to the following third parties (data processors)
Feratel Media Technologies AG, Maria-Theresien-Straße 8, 6020 Innsbruck, Austria

  • Feratel Media Technologies AG, Maria-Theresien-Straße 8, 6020 Innsbruck, Österreich
  • Elements.at New Media Solution, Söllheimerstraße 16, Gusswerk Halle 6, 5020 Salzburg, Österreich
  • Newsletter2Go GmbH, Köpenicker Str. 126, 10179 Berlin, Deutschland
  • Schladming-Dachstein Tourismusmarketing GmbH, Ramsauerstraße 756, 8970 Schladming, Österreich

If you no longer wish to receive such information (except as may be required by law), you may unsubscribe at any time by sending an email to office@grimming-donnersbachtal.at with the unsubscribe notice.

How to contact us

When contacting us (e.g. via contact form, e-mail, telephone or via social media), the user’s details are used to process the contact enquiry and to process it in accordance with Art. 6 Para. 1 lit. b. (within the framework of contractual/pre-contractual relationships), Art. 6 Para. 1 lit. f. (other inquiries) DSGVO.

The following user details are stored for the purpose of processing the enquiry and in the event that follow-up questions arise: Salutation, first and last name, e-mail address, telephone number, street, postal code, city, country or inquiry-specific data (e.g. period of stay, type of accommodation).

The personal data collected in this way will be stored by the operator within 12 months after completion of the processing of the request and then deleted.
The personal data disclosed by the user will only be processed and used by us to the extent that they are necessary for processing the enquiry and/or providing the requested service.
In the course of this data processing we forward the collected personal data to the following third parties (data processors)

  • Feratel Media Technologies AG, Maria-Theresien-Straße 8, 6020 Innsbruck, Österreich
  • Elements.at New Media Solution, Söllheimerstraße 16, Gusswerk Halle 6, 5020 Salzburg, Österreich
  • Mitgliederbetriebe Schladming-Dachstein siehe: https://www.schladming-dachstein.at/de/unterkuenfte/suchen-buchen/liste

Data processing is required pursuant to Art. 6 (1) (b) DSGVO for the performance of the contract or for the implementation of pre-contractual measures.

Accommodation service

The data provided in the course of a personal accommodation request / holiday request will be forwarded to the accommodation provider for the purpose of arranging accommodation.
In the case of specific room enquiries for the purpose of making an offer and processing a booking or invoice, it is necessary to provide the necessary contact data in order to enable processing (e.g. name, address, e-mail address, date of birth, telephone number, length of stay, accommodation details, in the case of a given case payment details e.g. credit card).

A complete list of recipients can be found in the list of providers: Accommodation list
In the course of this data processing we forward the collected personal data to the following third parties (data processors)

  • Feratel Media Technologies AG, Maria-Theresien-Straße 8, 6020 Innsbruck, Österreich
  • Elements.at New Media Solution, Söllheimerstraße 16, Gusswerk Halle 6, 5020 Salzburg, Österreich
  • Mitgliederbetriebe Schladming-Dachstein siehe: https://www.schladming-dachstein.at/de/unterkuenfte/suchen-buchen/liste

Data processing is required pursuant to Art. 6 (1) (b) DSGVO for the performance of the contract or for the implementation of pre-contractual measures.

Booking

If you make a room reservation via our website www.grimming-donnersbachtal.at (subpage of www.schladming-dachstein.at), we will collect the data necessary to make the reservation from you, in particular your name, your telephone number, your e-mail address (“contact data”) as well as the date of your arrival and departure, your hotel and the type of room you have booked (“booking data”).

If you make a booking, your booking data will be passed on to the hotel/service provider you have selected in order to make your reservation possible at all. In addition, your data will not be passed on to third parties. (Exception for data processing see below) Under no circumstances will your contact data be sold or lent by Grimming-Donnersbachtal and/or Schladming-Dachstein. Due to legal regulations and corresponding judicial or official orders, we are obliged in exceptional cases to hand over data to the ordering authorities or courts. This will then only take place within the scope of our legal obligations.
In the course of this data processing, the Tourismusverband Grimming-Donnersbachtal or the Dachverband, the Schladming-Dachstein Tourismusmarketing GmbH, forwards the collected personal data to the following third parties (data processors)

  • Feratel Media Technologies AG, Maria-Theresien-Straße 8, 6020 Innsbruck, Österreich
  • Datatrans AG, Kreuzbühlstrasse 26, 8008 Zürich, Schweiz
  • Elements New Media Solution, Söllheimerstraße 16, Gusswerk Halle 6, 5020 Salzburg, Österreich
  • Member companies Schladming-Dachstein see: https://www.schladming-dachstein.at/de/unterkuenfte/suchen-buchen/liste

Contests

From time to time you have the possibility to participate in lotteries of Schladming-Dachstein. Personal data (e-mail address, name, address) will also be collected and processed for the purpose of these actions. The personal data collected in the context of such a raffle will be used exclusively for the processing of the promotion (in the case of a raffle e.g. for the determination of winnings, notification of winnings and sending of the prize). After the end of the promotion the data of the participants will be deleted.

Your data collected in the course of the competition will only be used to receive newsletters if you have given your explicit consent.

Applicants

The contact data and application documents submitted in the course of an application will be electronically processed by us for the purpose of selecting suitable candidates for an employment relationship.

In the event of rejection, the application documents will only be kept in evidence if you give your consent.

Legal basis of processing

We will not process the data made available to us for purposes other than those stated above or for purposes covered by your consent or any other provision of the DSGVO, whereby the legal basis for the processing of your personal data is in particular our overriding legitimate interest (pursuant to Art 6 para 1 lit f EU-DSGVO) and your consent (Art 6 para 1 lit a EU-DSGVO).

Transmission of your personal data

To fulfil your order, it may be necessary to pass on your data to third parties (IT service providers used by us, in particular Feratel media technologies AG, Elements New Media Solution, Schladming-Dachstein Tourismusmarketing GmbH, tax consultants, landlords, restaurants, transport companies and mountain railways, hiking guides, child carers, event locations, various service providers, courts or authorities, etc.).

Your data will be forwarded exclusively on the basis of the DSGVO, in particular on the basis of our overriding legitimate interest or your prior consent.

We only transfer your personal data to countries for which the EU Commission has decided that they have an adequate level of data protection or we take measures to ensure that all recipients have an adequate level of data protection.

Duration of storage

All personal data will be deleted within 48 months of the request being processed. The personal data disclosed by the user will only be processed and used by the operator to the extent that they are necessary for processing the enquiry and/or providing the requested service.

Those data which we receive from you for the fulfilment of the contract for any bookings and invoicing or which we use for accounting purposes will be stored in accordance with statutory provisions.

Data for registration for our weekly programme, guided tours or events etc. will be deleted after 12 months at the latest.

If you register on our blog or request the newsletter, we will store your data for as long as necessary to fulfill the contract.

Your rights in connection with personal data

You have the right at any time to check whether and which personal data we have stored about you and to receive copies of this data, to demand the correction, supplementation or deletion of your personal data which is incorrect or is not processed in a legally compliant manner. You may also request us to limit the processing of your personal data and, under certain circumstances, to object to the processing of your personal data or to revoke the consent previously given for processing, to request data transferability, to know the identity of third parties to whom your personal data will be transferred and to lodge a complaint with the competent authority.

The competent authority in Austria is the data protection authority with headquarters in 1080 Vienna, Wickenburggasse 8, e-mail dsb@dsb.gv.at, telephone number +43 1 52 152-0.

Changes to this privacy policy

We reserve the right to change this privacy policy. We therefore recommend that you read this statement at regular intervals. The changes will not be retroactive and we will not change the way previously collected data is treated.

Our contact details

The protection of your data is of particular concern to us. If you have any questions or concerns regarding the processing of your personal data, please contact us:

TOURIST BOARD GRIMMING-DONNERSBACHTAL

Trautenfelserstraße 220
8952 Irdning-Donnersbachtal

T +43 3682 23999
F +43 3682 23999 9
office@grimming-donnersbachtal.at
www.grimming-donnersbachtal.at

Chairperson: Johannes Baltl
Finance officer: Wolfgang Stieg
Managing director: Mag. (FH) Jaqueline Egger

Last update: 27.11.2018.