We process your data exclusively on the basis of the legal provisions (General Data Protection Regulation and Austrian Data Protection Act in the version of the data protection amendment law, BGBl (Federal Law Gazette for the Republic of Austria) I No. 120/2017). The protection of your personal data is important to us.
The data controller pursuant to Art. 4 para. 7 General Data Protection Regulation (GDPR) is:
Name: Martina Seebacher-Breitfuss, M.A.
Address: dasbleibt.gmbh, Erzherzog-Johann-Str. 544, 8970 Schladming
E-mail address: firstname.lastname@example.org
Collection and Use of personal Data
When you contact us by e-mail or through a contact form, we store the information you freely provide (your e-mail address, maybe your name, your address and your telephone number) in order to answer your inquiry.
In addition to the use of our website, we also provide various services. For us to provide these services, you generally need to provide us with further personal data.
Obligatory fields in our contact or order form are marked as such. We need the data to be entered in the obligatory fields to process your inquiry or conduct pre-contractual measures and to fulfil the contract, as otherwise we cannot answer your inquiry or conclude your order.
We erase the data provided by you in this context once storing them ceases to be necessary, or we restrict their processing should a legal retention obligation exist. After the end of the legal retention period, your data are deleted, unless you have explicitly consented to their continued use or a legal foundation for the processing of your data remains.
Data collection when you visit our website
When you simply visit our website, but without filling out a contact or order form or otherwise transferring information to us, we only collect those data that your browser transmits to our server. We only collect those data that are technically required to show you our website and to ensure the stability and security of our website. This is based on Art. 6 para. 1 lit f GDPR.
The following data are collected by us when you visit our website:
- Anonymized IP address
- Date and time of request
- Time zone difference from Greenwich Mean Time (GMT)
- Content of request
- Access status/HTTP status code
- Respectively transmitted data volume
- Website from which the request came
- Operating system and interface
- Language and version of the browser software
In addition to the data listed above, when you use our website cookies are stored on your device; only those cookies that are absolutely necessary are stored. Cookies are small text files that are stored on your hard drive to make your visit to our website appealing to you and to enable the optimal use of certain offered functions and services. Cookies cannot execute a programme or transfer viruses to your computer. They serve in particular to make our online offering more user-friendly and effective.
Our website uses session cookies and persistent cookies, which will be described below.
Session cookies are automatically deleted when you close your browser. Session cookies store a so-called session ID with which the various requests sent by your browser can be assigned to the session. This enables us to recognise your device when you visit again. Session cookies are deleted when you log out or close your browser.
Persistent cookies are automatically deleted after a defined period, which varies from cookie to cookie. The duration of storage is shown in the overview in the cookie settings of your browser. You can furthermore delete these cookies at any time through the security settings of your browser.
It is possible to configure your browser settings so that for example cookies are rejected. If you want to know how to do so, please use your browser’s help function.
However, please note that if you reject cookies some of the functions of our website may not work properly.
For purposes of a simplified reservation process and for later execution of the contract, the IP data of the connection owner are stored in cookies and the following personal data are collected:
- First name and last name (obligatory field)
- Middle name
- Postal code
- ID number
- E-mail (obligatory field)
- First name and last name (obligatory field)
- E-mail (obligatory field)
Transmission of data
Customer login data for reservation management. The data provided by you is necessary for the fulfilment of the contract or for the implementation of pre-contractual measures. Without these data we cannot conclude the contract with you. Data are not transmitted to third parties, with the exception of the transmission/query of transfer data to the bank/payment provider for the purpose of debiting/settling the purchase price, and to our tax accountant to fulfil our tax obligations and any debt collection services.
Upon interruption of the reservation process, the data we have stored are deleted. In the event that a contract is concluded, all data from the contractual relation are stored for the legally required retention period (7 years).
We use processors to process the data.
We transmit your data to the following recipients or recipient categories:
Casablanca Hotelsoftware GmbH
Tel.: +43 –(0) 5418-5622
Fax: +43 –(0) 5418-5622-17
Company Register no: 315397w
VAT number: ATU64415029
TLS encryption – HTTPS
We use https to transmit data securely over the Internet. By using TLS, an encryption protocol for the secure transmission of data online, we can ensure the protection of confidential data. You can recognise the use of this security feature for data transmission by the little lock symbol at the top left of your browser and by the use of https as part of our Internet address.
We reserve the right to use your first and last name and your postal address for our own advertising purposes (e.g. to send you offerings or information on our products by mail). This serves to safeguard our preponderant legitimate interest, following a balancing of interests, in advertising to our customers.
The advertising mail is sent in our name by a service provider. We will transmit your data to that service provider for this purpose.
You further have the possibility to subscribe to our newsletter through our website. For this we require your e-mail address and your declaration that you consent to receiving the newsletter.
Once you have registered for the newsletter we will send you a confirmation e-mail with a confirmation link.
You can cancel the newsletter subscription at any time. You can de-register directly in the newsletter. You can also send your cancellation to the following e-mail address: email@example.com.
We will then quickly delete your data associated with sending the newsletter.
To send the newsletter we make use of the services of the order processor Casablanca Hotelsoftware GmbH.
Use of Web analysis tools
Our website uses functions of the Web analysis service Google Analytics of Google LLC, headquartered in California, USA. As part of this, data are transmitted to a non-European third state – Google LLC has a Privacy Shield certification for this purpose. You can find out more at:
https://support.google.com/analytics/answer/7105316?hl=de&ref_topic=2919631 (last called up on 05/04/2018).
These require cookies that enable an analysis of our users’ usage of the website. The generated information is transferred to and saved on the provider’s servers.
You can prevent this by configuring your browser to not save any cookies. We have concluded a corresponding contract for data processing with the provider.
The relation with the Web analysis provider is based on standard contractual provisions/an adequacy decision of the European Commission, in this case Privacy Shield:
https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI (last called up on 05/04/2018).
Our data processing is in accordance with the legal provisions in § 96 para 3 Telecommunications Act and Art 6 para 1 lit a (Consent) and/or f (legitimate interest) GDPR.
Our legitimate interest pursuant to GDPR is the improvement of our offering and our online presence. As the privacy of our users is important to us, these data are pseudonymised. The user data are stored for 26 months.
You can prevent the collection by Google Analytics by clicking on the following link. An opt-out cookie is then set that prevents the future collection of your data when you visit this site again: http://tools.google.com/dlpage/gaoptout?hl=de
Use of social media tools
We use social media tools such as Facebook, Instagram and YouTube for marketing purposes and administer pages/accesses on these platforms to inform potential customers, customers and users of our services and to communicate with customers, users and potential customers.
We process user data that are transmitted by the users through these platforms, such as messages or posts on the respective pages. When the platforms are called up, the terms and conditions, privacy policies and respective data processing of the respective operators apply.
Right to Object
To the extent that we process personal data to safeguard our legitimate interest following a balancing of interests, you may object to this processing with effect for the future. If the processing is for purposes of direct marketing, you can exercise this right at any time as described above. If the processing is for another purpose, you only have a right to object in the presence of reasons that arise from your personal situation.
If you exercise your right to object, we will no longer process your personal data for that purpose, unless we can demonstrate compelling legitimate grounds for the processing that outweigh your interests, rights and freedoms, or if the processing is for the purpose of asserting, exercising or defending legal claims.
Rights of Data Subjects
Information on your rights as a data subject:
You have the following rights regarding our use of your personal data:
- Right to information pursuant to Art. 15 GDPR;
- Right to correction or erasure pursuant to Art. 16 and Art. 17 GDPR;
- Right to restrict processing pursuant to Art. 18 GDPR;
- Right to data portability pursuant to Art. 20 GDPR;
- Right to object to processing pursuant to Art. 21 GDPR.
You may assert the above rights at any time, in full or in part, without providing reasons, through an informal letter sent by mail or by e-mail to the contact addresses cited above for the data controller or the data protection officer.
When you exercise your right to object, we kindly ask that you state your reasons for requesting that we no longer process your personal data. If your objection is justified we will examine the situation and either end or adjust the processing of your personal data or inform you of the compelling legitimate reasons for us to continue processing your data.
If you believe that the processing of your personal data is in violation of the law or that your data protection rights have been violated in another form, you furthermore have the right to complain to the competent authority.