Privacy Policy
Privacy Policy of Stoelzle-Oberglas GmbH
We take the protection of your personal data very seriously. Therefore, we treat your personal data always and of course in accordance with the legal data protection obligations. We have appointed a qualified and reliable external Data Protection Officer. The external commissioning of data protection will be conducted from UIMC Dr. Voßbein GmbH & Co KG.
In the following, we would like to inform you about the processing of personal data:
- Data processing within the scope of hotel accommodation
- Data processing within the scope of our website
- Storage and exchange of data with third parties
- Rights of the data subjects
- Contact to the Data Protection Officer
- Data protection related to plugins on our website
We reserve the right to amend this Privacy Policy from time to time so that it will always comply with the legal requirements or to change our services in the Privacy Policy, e.g. the introduction of new services. In case of your revisit and the privacy policy has changed the new privacy policy will be valid.
1. Data processing within the scope of hotel accommodation
We – the Stoelzle-Oberglas GmbH, Fabrikstraße 11, A-8580 Köflach – process personal data relating to your person in connection with the establishment, implementation and execution of the closed accommodation contract and its initiation on the basis of Art. 6 para. 1 p. 1 lit. b DSGVO and for the fulfillment of legal obligations (e.g. commercial and tax law) on the basis of Art. 6 (1) sentence 1 lit. c DSGVO. Furthermore, we are required by law to collect various information about you in order to make it available to the registration authority.
Furthermore, data may also be processed for legitimate purposes in accordance with art. 6 (1) s.1 let f GDPR, such as internal market research, marketing purposes and in-house statistics and optimization of the offers. The legitimate interests lie in particular in the optimisation of processes and cost-based attribution. Your interests, fundamental rights and fundamental freedoms will be duly taken into account. The data provided by you are necessary for the execution of the contractual relationship. Without this data we can not fulfill the contract.
We will only use your data to send you information about products, services, events and other interesting facts about our company if you have given us your consent or if we have informed you appropriately in the context of data collection in accordance with § 107 TKG. You can object to this sending at any time with effect for the future.
Dissemination
Some of your personal data will be passed on to external service providers (e.g. tax consultants, legal advisors). In some cases, external IT service providers (in the context of order data processing in accordance with Article 28 DSGVO) can access your data. Here, the service providers act in accordance with instructions, which was ensured by corresponding contracts.
Data processing for the fulfilment of legal reporting obligations
On arrival at our hotel, we may need the following information from you and your escorts at the check-in: first and last name, address, post code and land. We collect this information for the fulfilment of legal reporting obligations, which result in particular from the hospitality industry or police law. Where we are required to do so by applicable regulations, we will forward this information to the appropriate police authority.
Retention and deletion of data
Your data will be kept for as long as necessary for the above-mentioned purposes. The data will be deleted at the latest after termination of the contractual relationship and after expiry of the legal retention periods under civil, commercial and tax law.
2. Data processing within the scope of our website
Logging
Every time accessing this website, protocols for statistical purposes will be created and processed whereby single users will remain anonymous:
- Referrer (site from the link you reached this website)
- Search terms (by search engines as referrer)
- IP is evaluated to determine the country of origin and the provider
- Browser, operation system, installed plugins and screen resolution
- Duration of the visit on the website.
The stated data will be processed by us on the basis of our legitimate interests according to art. 6 para. 1 s.1 lit. f GDPR for the following purposes:
- Ensuring a trouble free connection establishment to the website
- Ensuring of a comfortable use of the web site
- Evaluation of the system security and stability as well as
- For further administrative purposes.
We reserve the right to check this data subsequently if we have concrete indications of an illegal use. The data will be deleted immediately when they are no longer needed for the purpose they were collected but at the latest after six months.
Inquiries via e-mail
You can contact us by e-mail. For this we need the following information: first and last name, e-mail address and your message to us. We only use this data along with the telephone number and address you gave us voluntarily to answer any queries you may have as effectively and as personally as possible. The processing of this data is, therefore, required to complete contractual activities and is in our legitimate interest.
Booking hotel rooms
Bookings for the Bed&Breakfast of Stoelzle-Oberglas GmbH can be made online. You book via our service provider Protel using the Web Booking Engine or Booking.com. Your data will be processed on behalf of us through these service providers.
Liability for own Content
The content of these sites has been created with the greatest accuracy. We cannot provide any guarantee for accuracy, completeness and topicality of the content. As a service provider, we are responsible for our own content on these sites according to the general laws.
Liability for Links (Content of Third Party Providers)
It is important to distinguish between our own content and references (“links”) that lead to other content from other providers. We have no influence on their content of the linked websites. Here, it is always the provider or the operator of these sites that is responsible for the content.
3. Storage and exchange of data with third parties
Transfer of Data
A transfer to Third Parties for commercial or non-commercial purposes will not happen without your explicit consent. We will only transfer your personal data to third parties if this is lawful in accordance with the current laws [e.g.: on the basis of article 6 GDPR] and/or it is necessary. To some extent we appoint service provider for the necessary statutory processing of data; the website is hosted by „Telematica Internet Service Provider GmbH“ (Reininghausstraße 13a, 8020 Graz) and maintained by Bramauer Branding (Hochtregisterstraße 3, 8572 Bärnbach). The full responsibility for the data processing remains with us. Further on we use to some extent Plugins of other service provider on our website.
Booking platforms
If you make bookings via a third-party platform, we will receive personal information from the respective platform operator. In addition, inquiries about your booking may be forwarded to us. We will process this data by name in order to record your booking as requested and to make the booked services available. The legal basis for data processing for this purpose lies in the fulfillment of a contract pursuant. Finally, we may be notified by the platform operators about disputes related to a booking. In doing so, we may also receive data on the booking process, which may include a copy of the booking confirmation as proof of the actual posting. We process this data in order to safeguard and enforce our claims. Please also note the privacy policy of the respective provider.
Bookings on the website via Protel Web Booking Engine
On our website you can make direct bookings using the booking form of the Protel Web Booking Engine.
Operator and contact of the booking form: protel hotelsoftware GmbH, www.protel.net
The necessary data of our contract customers, as well as their further described in this notice Data are on the servers of „protel hotelsoftware GmbH“ saved.„protel hotelsoftware GmbH“ uses this information to booking your hotel stay on our behalf. However„protel hotelsoftware GmbH“ does not use the data of our contract partners to write them yourself or to third parties.
We have faith in the reliability of „protel hotelsoftware GmbH“ and their data security measures and thereby commits itself to comply with EU data protection requirements. We also have a „Data-Processing-Agreement“ with „protel hotelsoftware GmbH“. This is a contract in which „protel hotelsoftware GmbH“ has committed to protecting on our behalf the privacy of our users data in accordance with its privacy policy, and in particular not to disclose it to third parties. „protel hotelsoftware GmbH“ Privacy Policy is available here: www.protel.net/imprint
By using the booking form we collect following personal data: first and last name, address, post code, land, arrival date, departure date, telephone und e-mail. To show possible legal claims, we store this data. To document above personal data and supplementary information, such as IP, date, time and information about the received communication is stored in our hotel software.
Payments with credit and debit card via Protel Web Booking Engine
PCI-DSS stands for “Payment Card Industry Data Security Standards” and is a globally defined security standard for electronic payment systems. The “protel hotelsoftware GmbH” uses this standard to ensure our guests secure credit card handling. The data collected in connection with card payments are transmitted encrypted and made inaccessible to unauthorized persons. Vouchers containing the data of cardholders will be kept inaccessible to unauthorized persons.
Booking via Booking.com
Bookings can also be made through Booking.com. We have concluded an appropriate contract data processing contract with the providers. You can read the privacy policy of Booking.com here: www.booking.com/content/privacy.en.html
Storage period
We store personal data only as long as it is required to use the above tracking services and to process the data further for our own legitimate interest. Contractual data will be kept for a longer period, as this is prescribed by statutory record-keeping requirements. The record-keeping requirements that oblige us to store data stem from the from rules on the right of noti-fication as well as from accounting, civil law and tax law. In accordance with these rules, business communications, concluded contracts and accounting documents must be stored for up to 10 years. If we no longer need this data to carry out the services for you, the data will be locked. This means that the data may only be used for the purposes of accounting and tax purposes.
4. Rights of the data subjects
We hereby inform you that pursuant to Article 15 et seq. GDPR you have the right to obtain information on the personal data concerned, as well as rectification or deletion or limitation of processing or of a right to object to processing as well as of the personal data right to have data portability. Likewise, under Article 77 of the GDPR, you have the right to complain to a data protection supervisory authority if you consider that the processing of your personal data violates the regulations stated in the GDPR. If the processing is based on Article 6 (1) (a) GDPR or Article 9 (2) (a) GDPR (Consent), you also have the right to revoke the consent at any time without affecting the legality of the processing on the basis of the consent until the revocation.
5. Contact to the Data Protection Officer
If you have any questions regarding the processing of personal data you can contact our Data Protection Officer who is available with his team in the case of any requests of information, general requests or complaints.
Dr. Jörn Voßbein, UIMC
Fleischmarkt 1/6/12, A-1100 Wien
Phone: +43 1 20 5107 3383
E-Mail: datenschutz.stoelzle@uimc.at
6. Data protection related to plugins on our website
Cookies und Plugins
This site uses “Cookies”. Cookies are text files that will be stored on your computer and allow analysis of the use of the website as well as recognizes you by your next visit of this website. You can prevent the installation of cookies through an appropriate setting in your browser or via the permissions given in the Cookie banner. However, this could result that you will be unable to use some of the function of this website. Our website uses various plugins from other service providers. For detailed information please see below.
Borlabs Cookie
This website uses Borlabs Cookie, which sets a technically necessary cookie (borlabs cookie) in order to save your cookie consent. Borlabs Cookie does not process any personal data. The borlabs cookie stores the consent you gave when you entered the website. If you would like to revoke this consent, simply delete the cookie in your browser. When you re-enter/reload the website, you will be asked again for your cookie consent.
Google Tag Manager
This website uses Google Tag Manager of Google LLC. A tag is a JavaScript snippet that is used to send information to third parties, such as Google. Google Tag Manager is a solution that allows marketed website tags to be managed using an interface. The Google Tag Manager manages Google tags (e.g. the Google Analytics Tag), but also supports tags from third-party providers. The Tag Manager tool itself (which implements the tags) is a cookie-less domain and does not register personal data. The tool causes other tags to be activated which may, for their part, register data under certain circumstances. Google Tag Manager does not access this information but passes information on to Third parties via the respective tags (Google Analytics). Information on how you can revoke the processing of your personal data using the respective tags, can be found in the section of the respective tag listed in this data protection declaration.
Web analysis with Google Analytics
If you consented to the use of tracking cookies acc. to Art. 6 para. 1 lit. a GDPR upon visiting our website, this website uses Google Analytics, a web analysis service from Google Ireland Limited; Gordon House, Barrow Street, Dublin 4, Irland. (“Google”), based on your consent. Google Analytics uses so-called Cookies, text files that will be stored on your computer and allow an analysis of the use of the website. The information about the use of the website produced through Cookies (including your shortened IP address) is transferred and retained on a Google server in the US for the duration of 14 months. Google will use this information to evaluate the use of the website, to prepare reports of website activities for the website provider and to deliver other services connected with the use of the website and the Internet. Additionally, Google may transfer this data to Third Parties, e.g. US authorities, if it is legally required to do so or if Third Parties process these data on request of Google. In case you consented to the use of tracking cookies, but wish to withdraw your consent at a later point in time, you can do so by managing your cookie settings on our website accordingly. Alternatively, you could instal a so-called add-on in your browser.
The following link leads you to the add-on on the site of Google: tools.google.com/dlpage/gaoptout
Google Maps
This website uses Google Maps to display a site map. Google Maps is powered by Google Inc. (“Google”). By using this website, you consent to the collection, processing and use of the collected data and the data entered by you by Google, one of its agents, or third parties. The terms of service for Google Maps can be found in Google Maps Terms of Service: www.google.com/intl/en_US/help/terms_maps