Bell

Privacy policy

The protection of your personal data is of particular concern to us. We therefore process your data exclusively on the basis of the statutory provisions (GDPR, TKG 2003). In this data protection information, we inform you about the most important aspects of data processing on our website.


Contact with us

If you contact us using the form on the website or by email, the data you provide will be stored by us for six months for the purpose of processing your enquiry and in the event of follow-up questions. We will not pass on this data without your consent.


Cookies

Our website uses so-called cookies. These are small text files that are stored on your end device with the help of the browser. They do not cause any damage.

We use cookies to make our website more user-friendly. Some cookies remain stored on your end device until you delete them. They enable us to recognise your browser on your next visit.

If you do not want this, you can set up your browser so that it informs you about the setting of cookies and you only allow this in individual cases.

If you deactivate cookies, the functionality of our website may be restricted.


Data storage

We would like to point out that for the purpose of simplifying the reservation process and for subsequent contract processing, the webshop operator stores the IP data of the connection owner as part of cookies, as well as the name, address and, if specified, credit card number of the buyer.
In addition, the following data is also stored by us for the purpose of contract processing: date of birth, voluntary information on food intolerances or allergies, preferences, hobbies, memberships. The data provided by you is required to fulfil the contract or to carry out pre-contractual measures and is stored in our hotel reservation system (Fidelio Suite8). In order to fulfil the registration law, data is passed on to the responsible authority (municipality/municipality), credit card data to the processing bank/payment service provider (Card Complete) for the purpose of debiting the agreed invoice amount, as well as to our tax consultant (TGW, Stockerau) to fulfil our tax obligations.
In order to make your reservation and stay in one of the other IPP HOTELS uncomplicated and to be able to fulfil your wishes, the following companies can access the above-mentioned data: arte Hotel GmbH (arte Hotel Krems, arte Hotel Kufstein, Hotel Schwarz Alm Zwettl), Atlantis HotelbetriebsgmbH (arte Hotel Wien Stadthalle), ARTE City Hotel GmbH (arte Hotel Linz, arte Hotel Salzburg), ASB HotelbetriebsgmbH (I`m Inn Hotel Wieselburg). This consent can of course be revoked.

If a contract is concluded, all data from the contractual relationship will be stored until the expiry of the retention period under tax law (7 years). Data processing is carried out on the basis of the legal provisions of § 96 para. 3 TKG and Art. 6 para. 1 lit a (consent) and/or lit b (necessary for contract fulfilment) of the GDPR.


Your rights

You have the rights to information, rectification, erasure, restriction, data portability, cancellation and objection. Please contact the hotel with your request or send an email to privacy@ipp-hotel.at

If you believe that the processing of your data violates data protection law or your data protection claims have otherwise been violated in any way, you can complain to the data protection authority (Wickenburggasse 8, 1080 Vienna, dsb@dsb.gv.at).


Google Maps

We use the maps of the “Google Maps” service provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
Privacy Policy: https://www.google.com/policies/privacy/, Opt-Out: https://adssettings.google.com/authenticated.


Google Fonts

We use fonts (“Google Fonts”) from the provider Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
Privacy Policy: https://www.google.com/policies/privacy/, Opt-Out: https://adssettings.google.com/authenticated.


Google ReCaptcha

We use the “ReCaptcha” function to prevent bots from making entries in online forms, for example. It is offered by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
Privacy Policy: https://www.google.com/policies/privacy/, Opt-Out: https://adssettings.google.com/authenticated.


Web analysis

Our website uses functions of the web analysis service Google Analytics. The provider is Google Inc. based at 1600 Amphitheatre Parkway Mountain View, CA 94043, USA. Cookies are used to analyse the use of the website by its users. The information generated in this way is transferred to the Google server in the USA and stored there. You can prevent this by configuring your browser so that no cookies are stored.

We have concluded a corresponding contract with the provider for order data processing.

Our concern within the meaning of the GDPR (legitimate interest) is the improvement of our offer and our website. As the privacy of our users is important to us, the user data is pseudonymised.

Your IP address is recorded but immediately pseudonymised (e.g. by deleting the last 8 bits). This means that only a rough localisation is possible.

Data processing is carried out on the basis of the legal provisions of § 96 para. 3 TKG and Art. 6 para. 1 lit a (consent) and/or f (legitimate interest) of the GDPR.

Google has been subject to an adequacy decision (implementing acts) of the EU Commission since 10 July 2023. The EU Commission continuously monitors developments in the relevant third countries and revokes, amends or suspends the decisions by means of implementing acts if there is information that the third country does not guarantee an adequate level of protection. Below you will find the link to the adequacy decision for the USA (EU-US Data Privacy Framework – https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en)

The user data is stored for a period of 14 months.

You can find detailed information on the use of data by Google, your options for settings and objections on the following Google websites: https://www.google.com/intl/de/policies/privacy/partners (“Data use by Google when you use our partners’ websites or apps”), http://www.google.com/policies/technologies/ads (“Use of data for advertising purposes”), http://www.google.de/settings/ads “Manage information that Google uses to show you advertising”).


Mouse tracking

Our concern within the meaning of the GDPR (legitimate interest) is the improvement of our offer and our website. We therefore use Hotjar to better understand the needs of our users and to optimise the offer on this website. With the help of Hotjar technology, we gain a better understanding of our users’ experiences (e.g. how much time users spend on which pages, which links they click on, what they like and dislike, etc.) and this helps us to tailor our offering to our users’ feedback. Hotjar works with cookies (see above) and other technologies to collect information about the behaviour of our users and their end devices (in particular IP address of the device (is only recorded and stored in anonymised form), screen size, device type (unique device identifiers), information about the browser used, location (country only), preferred language for displaying our website). Hotjar stores this information in a pseudonymised user profile. The information is not used by Hotjar or by us to identify individual users or merged with other data about individual users. Further information can be found in Hotjar’s privacy policy: https://www.hotjar.com/legal/policies/privacy.

You can object to the storage of a user profile and information about your visit to our website by Hotjar and the setting of Hotjar tracking cookies on other websites by clicking on this opt-out link.


Data storage via our webshop

We store the following data for the purpose of contract processing Title, first and last name, address, e-mail address and optionally entered user data (company name, address details, telephone number). The data provided by you is required to fulfil the contract or to carry out pre-contractual measures. We cannot conclude the contract with you without this data. Data is not transferred to third parties, with the exception of the transfer of credit card data to the processing bank/payment service provider for the purpose of debiting the purchase price, to the transport company/shipping company commissioned by us to deliver the goods and to our tax advisor to fulfil our tax obligations.

After cancellation of the purchase process, the data stored by us will be deleted. If a contract is concluded, all data from the contractual relationship will be stored until the expiry of the retention period under tax law (7 years).

The data name, address, purchased goods and date of purchase are also stored until the expiry of product liability (10 years). Data processing is carried out on the basis of the legal provisions of § 96 para. 3 TKG and Art. 6 para. 1 lit a (consent) and/or lit b (necessary for contract fulfilment) of the GDPR.


Registration and user account

Users of our webshop can optionally create a user account. As part of the registration process, we provide users with the required information (mandatory fields and optional information). We use the data entered during registration for the purpose of using our website. Users may be informed by e-mail about information relevant to the offer or registration, such as changes to the scope of the offer or technical updates.

In the event that users cancel their user account, their data will be deleted from this account; an exception is data whose retention is necessary for commercial or tax law reasons in accordance with Art. 6 para. 1 lit. c GDPR. Users are responsible for backing up any data in the event of cancellation before the end of the contract. We are authorised to irretrievably delete all user data stored during the term of the contract.

Both on the basis of our legitimate interests and on the basis of the user’s interests in protection against misuse and other unauthorised use, we store the IP address and the time of the respective action by the user if a user uses our registration and login function in connection with their user account. The IP addresses are anonymised or deleted after 7 days at the latest.

We generally do not pass on the data to third parties, with the exception of situations in which we have to pursue our claims or in which we have to fulfil a legal obligation pursuant to Art. 6 para. 1 lit. c GDPR.


Newsletter

You have the option of subscribing to our newsletter via our website. In order to provide you with targeted information, we may also collect and process additional information that users provide voluntarily.

To send you our newsletter, we need your email address and your declaration that you agree to receive the newsletter. As soon as you have registered for the newsletter, we will send you a confirmation e-mail with a link to confirm your registration.

You can cancel your subscription to the newsletter at any time. Please send your cancellation to the following email address: [EMAIL ADDRESS].

We will then immediately delete your data in connection with the newsletter dispatch.


Google re/marketing services

Our concern within the meaning of the GDPR (legitimate interest) is the improvement of our offer and our website. We therefore use the marketing and remarketing services (“Google Marketing Services” for short) of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, (“Google”).

Google is certified under the Privacy Shield Agreement and thus offers a guarantee of compliance with European data protection law (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).

With the help of Google marketing services, we can display adverts for and on our website in a targeted manner in order to present users only with adverts that potentially reflect their interests. To do this, Google executes a code and uses so-called (re-)marketing tags, with the help of which an individual cookie is stored in the user’s browser. For the use of cookies, see above.

The information collected can also be combined by Google with such information from other sources. If the user subsequently visits other websites, they can be shown adverts tailored to their interests.

In addition, the IP address of the user is recorded via Google Analytics, but immediately pseudonymised (e.g. by deleting the last 8 bits). This means that only a rough localisation is possible, the ads are not managed and displayed for a specific person, but for the cookie owner, regardless of who this cookie owner is. Of course, this does not apply if a user has expressly allowed Google to process the data without this pseudonymisation. The information collected by Google marketing services about users is transmitted to Google and stored on Google’s servers in the USA. The user’s IP address is not merged with the user’s data within other Google services.

Among other things, we use cookies from the Google marketing service “Google AdWords”; we may display third-party adverts on the basis of the Google marketing service “AdSense” and its cookies. Further information on the use of data for marketing purposes by Google can be found at https://policies.google.com/technologies/ads, Google’s privacy policy is available at https://www.google.com/policies/privacy.

We also use the “Google Tag Manager” to integrate the analysis and marketing services offered by Google into our website and to manage them centrally.


Online presence in social media

We operate online presences within social networks and platforms in order to be able to communicate with users, interested parties and customers who are active there. When accessing these networks and platforms, the terms and conditions and data processing guidelines of the respective operators apply.

Unless otherwise stated in our privacy policy, we process users’ data when they communicate with us on social networks and platforms.


Use of Facebook social plugins

Our concern within the meaning of the GDPR (legitimate interest) is the improvement of our offer as well as the analysis, optimisation and economic operation of our website. We therefore use social plugins (“plugins”) from the social network facebook.com, which is operated by Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (“Facebook”). The plugins can display content such as graphics, text contributions or videos or elements for interaction on the website. You can recognise them by one of the Facebook logos (“f” on a corresponding background, the “thumbs up” sign or the terms “Like” or “Gefällt mir”) or the label with the addition “Facebook Social Plugin”. You can view the list and appearance of the Facebook social plugins here: https://developers.facebook.com/docs/plugins/.

Facebook is certified under the Privacy Shield Agreement and thus offers a guarantee of compliance with European data protection law (https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active).

Further information regarding data collection by Facebook, the further processing and use of the data as well as user rights and setting options to protect privacy can be found in Facebook’s data protection information: https://www.facebook.com/about/privacy/.


Twitter

Content and functions of the Twitter service may be integrated into our online offering. They are offered by Twitter Inc, 1355 Market Street, Suite 900, San Francisco, CA 94103, USA. This may include, for example, content such as images, videos or texts and buttons with which users can react to the content. If the users are members of Twitter, Twitter can assign access to the content and functions to the respective user profiles. Twitter privacy policy: https://twitter.com/de/privacy.

Twitter is certified under the Privacy Shield Agreement and thus offers a guarantee of compliance with European data protection law (https://www.privacyshield.gov/participant?id=a2zt0000000TORzAAO&status=Active).


Instagram

Content and functions of the Instagram service may be integrated into our online offering. They are offered by Instagram Inc, 1601 Willow Road, Menlo Park, CA, 94025, USA. This may include, for example, content such as images, videos or texts and buttons with which users can react to the content. If the users are members of Instagram, Instagram can assign the access to the content and functions to the respective profiles of the users. Instagram privacy policy: http://instagram.com/about/legal/privacy/.


Pinterest

Content and functions of the Pinterest service may be integrated into our online offering. They are offered by Pinterest Inc, 635 High Street, Palo Alto, CA, 94301, USA. This may include, for example, content such as images, videos or texts and buttons with which users can react to the content. If the users are members of Pinterest, Pinterest can assign access to the content and functions to the respective user profiles. Pinterest privacy policy: https://about.pinterest.com/de/privacy-policy.


Xing

Content and functions of the Xing service may be integrated into our online offering. They are offered by XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany. This may include, for example, content such as images, videos or texts and buttons with which users can react to the content. If the users are members of Xing, Xing can assign the access to the content and functions to the respective profiles of the users. Xing privacy policy: https://www.xing.com/app/share?op=data_protection.


LinkedIn

Content and functions of the LinkedIn service may be integrated into our online offering. They are offered by LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland. This may include, for example, content such as images, videos or texts and buttons with which users can react to the content. If the users are members of LinkedIn, LinkedIn can assign the access to the content and functions to the respective profiles of the users. LinkedIn privacy policy: https://www.linkedin.com/legal/privacy-policy.

LinkedIn is certified under the Privacy Shield Agreement and thus offers a guarantee of compliance with European data protection law (https://www.privacyshield.gov/participant?id=a2zt0000000L0UZAA0&status=Active).


Vimeo

Videos from the “Vimeo” platform may also be integrated into our website. They are offered by Vimeo Inc, Attention: Legal Department, 555 West 18th Street New York, New York 10011, USA. Privacy policy: https://vimeo.com/privacy.


Youtube

Our website may also include videos from the YouTube platform. They are offered by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
Privacy policy: https://www.google.com/policies/privacy/, opt-out: https://adssettings.google.com/authenticated.


Your rights

In principle, you have the rights to information, rectification, erasure, restriction, data portability, cancellation and objection. If you believe that the processing of your data violates data protection law or your data protection rights have been violated in any other way, you can lodge a complaint with the supervisory authority. In Austria, this is the data protection authority.

You can reach our data protection officer at the following contact details

Bernd Kleinschuster
Email: b.kleinschuster@althof.at

 

Source: The model data protection declaration of the WKO was used as the basis for this data protection declaration
Status: