Get in touch

555-555-5555mymail@mailservice.com

Data protection

Data protection declaration of Fährhaus Austria GmbH

We are pleased that you are visiting our website and thank you for your interest in our Turrach pine lodges. The protection of personal data is important to us. Therefore, the processing of personal data, such as the name, address, email address or telephone number of a data subject, is carried out in accordance with applicable European and national legislation.

If the processing of personal data is necessary and there is no legal basis for such processing, we generally obtain the consent of the data subject.

You can of course revoke your declaration of consent at any time with effect for the future. Please contact the person responsible for this. You can find the contact details at the bottom of this data protection declaration.

In the following, Fährhaus Austria GmbH (hereinafter referred to as “we”, “us”, etc.) would like to inform the public about the type, scope and purpose of the personal data it processes. Furthermore, data subjects are informed about the rights to which they are entitled using this data protection declaration.

Definitions

Our data protection declaration is based on the terms used by the European legislator for directives and regulations when issuing the EU General Data Protection Regulation (hereinafter referred to as “GDPR”). Our data protection declaration should be easy to read and understand for the public as well as for our customers and business partners. To ensure this, we would like to explain the terms used in advance.

We use the following terms, among others, in this data protection declaration and on our website:

Personal data is all information that relates to an identified or identifiable natural person (hereinafter referred to as “data subject”). A natural person is considered to be identifiable if he or she can be identified directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more special characteristics that express the physical, physiological, genetic, psychological, economic, cultural or social identity of that natural person.

Data subject is any identified or identifiable natural person whose personal data is processed by the data controller.

Processing is any operation or series of operations carried out on personal data, whether or not by automated means, such as the collection, recording, organisation, structuring, storage, adaptation or modification, reading, querying, use, disclosure by transmission, distribution or other form of provision, alignment or association, restriction, deletion or destruction.

Restriction of processing is the marking of stored personal data with the aim of restricting their future processing.

Profiling is any type of automated processing of personal data which consists in using these personal data to evaluate certain personal aspects relating to a natural person, in particular aspects relating to work performance, economic situation, health, personal Analyze or predict the preferences, interests, reliability, behavior, location or movements of that natural person.

Pseudonymization is the processing of personal data in such a way that the personal data can no longer be assigned to a specific data subject without the use of additional information, provided that this additional information is kept separately and is subject to technical and organizational measures that ensure that the personal data not be assigned to an identified or identifiable natural person.

The person responsible or responsible for processing is the natural or legal person, public authority, institution or other body which, alone or jointly with others, decides on the purposes and means of processing personal data. If the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.

Processor is a natural or legal person, authority, institution or other body that processes personal data on behalf of the controller.

The recipient is a natural or legal person, public authority, institution or other body to which personal data is disclosed, regardless of whether it is a third party or not. However, public authorities which may receive personal data in the context of a specific investigative task under Union or Member State law shall not be considered as recipients.

Third party is a natural or legal person, public authority, agency or other body other than the data subject, the controller, the processor and the persons authorized to process the personal data under the direct responsibility of the controller or the processor.

Consent is any voluntary, informed and unambiguous expression of wishes given by the data subject for a specific case, in the form of a statement or other unambiguous confirmatory act, by which the data subject indicates that he or she agrees to the processing of personal data concerning him or her is.

Rights of the data subject

Right to confirmation: Every data subject has the right to obtain confirmation from the data controller as to whether personal data concerning him or her is being processed. If a data subject would like to exercise this right of confirmation, they can contact the person responsible for processing at any time.

Right to information: Every person affected by the processing of personal data has the right to receive free information from the person responsible for the processing at any time about the personal data stored about them and a copy of this information. Furthermore, the European legislator has granted the data subject access to the following information:

• the processing purposes

• the categories of personal data that are processed

• the recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organizations

• if possible, the planned period for which the personal data will be stored or, if this is not possible, the criteria for determining that period

• the existence of a right to rectification or deletion of personal data concerning you or to restriction of processing by the controller or a right to object to such processing

• the existence of a right to lodge a complaint with a supervisory authority

• If the personal data is not collected from the data subject: All available information about the origin of the data

• the existence of automated decision-making including profiling in accordance with Article 22 Paragraphs 1 and 4 GDPR and - at least in these cases - meaningful information about the logic involved as well as the scope and intended effects of such processing for the data subject

The data subject also has the right to information as to whether personal data has been transmitted to a third country or to an international organization. If this is the case, the data subject also has the right to receive information about the appropriate guarantees in connection with the transfer.

If a data subject would like to exercise this right to information, they can contact the person responsible for processing at any time.

Right to rectification: Every person affected by the processing of personal data has the right to request the immediate correction of inaccurate personal data concerning them. Furthermore, the data subject has the right to request the completion of incomplete personal data, including by means of a supplementary statement, taking into account the purposes of the processing.

If a data subject would like to exercise this right to rectification, they can contact the person responsible for processing at any time.

Right to deletion (right to be forgotten): Every person affected by the processing of personal data has the right to request from the controller that the personal data concerning him or her be deleted immediately if one of the following reasons applies and if the processing is not necessary :

• The personal data was collected or otherwise processed for purposes for which it is no longer necessary.

• The data subject revokes their consent on which the processing was based in accordance with Article 6 (1) (a) GDPR or Article 9 (2) (a) GDPR and there is no other legal basis for the processing.

• The data subject objects to the processing in accordance with Art. 21 Para. 1 GDPR and there are no overriding legitimate reasons for the processing, or the data subject objects to the processing in accordance with Art. 21 Para. 2 GDPR.

• The personal data was processed unlawfully.

• The deletion of personal data is necessary to comply with a legal obligation under Union or Member State law to which the controller is subject.

• The personal data was collected in relation to information society services offered in accordance with Art. 8 Para. 1 GDPR.

If one of the reasons mentioned above applies and a data subject wishes to have personal data stored by us deleted, they can contact the person responsible for processing at any time. The data subject's request for deletion will then be complied with immediately.

If we have made the personal data public and our company, as the person responsible, is obliged to delete the personal data in accordance with Article 17 Paragraph 1 of the GDPR, we will take appropriate measures, including those of a technical nature, taking into account the available technology and the implementation costs, to ensure that others are responsible to inform the data controllers who process the published personal data that the data subject has requested the deletion of all links to these personal data or copies or replications of these personal data from these other data controllers, to the extent that the processing takes place is not required. The person responsible for processing will then take the necessary steps in individual cases.

Right to restriction of processing: Any person affected by the processing of personal data has the right to request that the controller restrict processing if one of the following conditions is met:

• The accuracy of the personal data is contested by the data subject for a period enabling the controller to verify the accuracy of the personal data.

• The processing is unlawful, the data subject refuses the deletion of the personal data and instead requests the restriction of the use of the personal data.

• The controller no longer needs the personal data for the purposes of processing, but the data subject needs them to assert, exercise or defend legal claims.

• The data subject has lodged an objection to the processing in accordance with Article 21 Para. 1 GDPR and it is not yet clear whether the legitimate reasons of the controller outweigh those of the data subject.

If one of the above conditions is met and a data subject wishes to request the restriction of personal data stored by us, they can contact the person responsible for processing at any time. The restriction of processing will then be initiated immediately.

Right to data portability: Every person affected by the processing of personal data has the right to receive the personal data concerning him or her, which the data subject has provided to a controller, in a structured, common and machine-readable format. You also have the right to transmit this data to another controller without hindrance from the controller to whom the personal data was provided, provided that the processing is based on consent in accordance with Article 6 (1) (a) GDPR or Article 9 (1). 2 lit. a GDPR or on a contract in accordance with Article 6 Paragraph 1 lit Violence occurs which has been transferred to the person responsible.

Furthermore, when exercising his or her right to data portability in accordance with Article 20 (1) of the GDPR, the data subject has the right to have the personal data transmitted directly from one person responsible to another person responsible, to the extent that this is technically feasible and to the extent that this is not the case the rights and freedoms of other people are impaired.

To assert the right to data portability, the data subject can contact the person responsible for processing at any time.

Right to object: Every person affected by the processing of personal data has the right, for reasons arising from their particular situation, to object at any time to the processing of personal data concerning them based on Art. 6 Para. 1 lit. e GDPR or Art. 6 Para. 1 lit. f GDPR requires you to lodge an objection. This also applies to profiling based on these provisions.

In the event of an objection, we will no longer process the personal data unless we can demonstrate compelling legitimate reasons for the processing which outweigh the interests, rights and freedoms of the data subject, or the processing serves to assert, exercise or defend legal claims .

If we process personal data in order to conduct direct advertising, the data subject has the right to object at any time to the processing of personal data for the purpose of such advertising. This also applies to profiling insofar as it is connected to such direct advertising. If the data subject objects to us processing it for direct advertising purposes, we will no longer process the personal data for these purposes.

In addition, the data subject has the right, for reasons arising from his or her particular situation, to object to the processing of personal data concerning him or her that is carried out by us for scientific or historical research purposes or for statistical purposes in accordance with Article 89 (1) of the GDPR unless such processing is necessary to fulfill a task carried out in the public interest.

To exercise the right to object, the data subject may contact the person responsible for processing directly. Furthermore, in connection with the use of information society services, the data subject is free, notwithstanding Directive 2002/58/EC, to exercise his or her right to object by means of automated procedures using technical specifications.

Automated decisions on a case-by-case basis, including profiling: Every person affected by the processing of personal data has the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning them or similarly significantly affects them, provided the decision:

• is not necessary for the conclusion or performance of a contract between the data subject and the controller or

• is permitted by Union or Member State law to which the controller is subject and that law contains appropriate measures to safeguard the rights and freedoms and legitimate interests of the data subject, or

• takes place with the express consent of the person concerned.

If the decision is necessary for entering into or the performance of a contract between the data subject and the person responsible, or if it is based on the data subject's explicit consent, we will take appropriate measures to safeguard the data subject's rights and freedoms and legitimate interests, for which purpose at least the right to obtain the intervention of a person on the part of the person responsible, to express one's own point of view and to challenge the decision.

If the data subject would like to assert rights with regard to automated decisions, they can contact the person responsible for processing at any time.

Right to revoke consent under data protection law: Every person affected by the processing of personal data has the right to revoke consent to the processing of personal data at any time.

If the data subject would like to exercise their right to withdraw consent, they can contact the person responsible for processing at any time.

Right to lodge a complaint with a supervisory authority: Every data subject has the right, without prejudice to any other administrative or judicial remedy, to lodge a complaint with a supervisory authority, in particular in the Member State of his or her habitual residence, place of work or the place of the alleged infringement, if the data subject believes so that the processing of personal data concerning them infringes this Regulation. A list of the state data protection officers and their contact details can be found at the following link.

Collaboration with processors and third parties

If, as part of our processing, we disclose data to other people and companies (processors or third parties), transfer it to them or

If you otherwise grant you access to the data, this will only be done on the basis of legal permission (e.g. if a transfer of the data to third parties, such as payment service providers, is necessary for the fulfillment of the contract in accordance with Art. 6 Para. 1 lit. b GDPR), you have consented to this have a legal obligation to do so or based on our legitimate interests (e.g. when using agents, web hosts, etc.).

If we commission third parties to process data on the basis of a so-called “order processing contract”, this is done on the basis of Art. 28 GDPR.

Routine deletion and blocking of personal data

The person responsible for processing processes (in this sense also: stores) the personal data of the data subject only for the period necessary to achieve the purpose of storage or if this is required by the European legislator or another legislator in laws or regulations, to which the controller is subject.

If the storage purpose no longer applies or if a storage period prescribed by the European legislator or another responsible legislator expires, the personal data will be blocked or deleted routinely and in accordance with legal regulations.

Data protection for applications and the application process

The person responsible for processing collects and processes the personal data of applicants for the purpose of processing the application process. Processing can also take place electronically. This is particularly the case if an applicant sends relevant application documents electronically, for example by email, to the person responsible for processing. If the person responsible for processing concludes an employment contract with an applicant, the data transmitted will be stored for the purpose of processing the employment relationship in compliance with legal regulations. If the person responsible for processing does not conclude an employment contract with the applicant, the application documents will be automatically deleted six months after the rejection decision is announced, provided that deletion does not conflict with any other legitimate interests of the person responsible for processing. Other legitimate interests in this sense include, for example, a burden of proof in proceedings under the General Equal Treatment Act (AGG).

Security

We take numerous technical and organizational measures to protect your personal data against accidental or unlawful deletion, alteration or loss and against unauthorized disclosure or access.

However, Internet-based data transfers, for example, can fundamentally have security gaps, so that absolute protection cannot be guaranteed. For this reason, every data subject is free to transmit personal data to us by alternative means, for example by telephone.

Encryption

This site uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as the requests that you send to us as the site operator. You can recognize an encrypted connection by the browser address bar changing from “http://” to “https://” and by the lock symbol in the browser bar.

If encryption is activated, the data you transmit to us cannot be read by third parties.

Collection of general data and information

Our website collects a series of general data and information each time the website is accessed by a data subject or an automated system. This general data and information is stored in the server’s log files. Can be recorded:

• the browser types and versions used

• the operating system used by the accessing system

• the website from which an accessing system accesses our website (so-called referrer)

• the sub-websites that are accessed via an accessing system on our website

• the date and time of access to the website

• a web protocol address (IP address)

• the Internet service provider of the accessing system

• other similar data and information that serves to avert danger in the event of attacks on our information technology systems

When using this general data and information, we do not draw any conclusions about the data subject. Rather, this information is needed to:

• to deliver the content of our website correctly

• to optimize the content of our website and, if necessary, the advertising for it

• to ensure the long-term functionality of our information technology systems and the technology of our website

• Provide law enforcement authorities with the information necessary for criminal prosecution in the event of a cyber attack

We therefore evaluate this collected data and information statistically and also with the aim of increasing data protection and data security in our company in order to ultimately ensure an optimal level of protection for the personal data we process. The anonymous data in the server log files is stored separately from all personal data provided by a data subject.

This data will not be merged with other data sources.

This data is collected on the basis of Article 6 Paragraph 1 Letter f GDPR. The website operator has a legitimate interest in the technically error-free presentation and optimization of his website - for this purpose the server log files must be recorded.

Inquiries by email, telephone or fax

If you contact us by email, telephone or fax, your request including all resulting personal data (name, request) will be stored and processed by us for the purpose of processing your request. We will not pass on this data without your consent.

This data is processed on the basis of Art. 6 Para. 1 lit. b GDPR, provided your request is related to the fulfillment of a contract or is necessary to carry out pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective processing of the inquiries addressed to us (Art. 6 Para. 1 lit. f GDPR) or on your consent (Art. 6 Para. 1 lit. a GDPR) if this was queried.

The data you send to us via contact requests will remain with us until you request us to delete it, revoke your consent to storage or the purpose for data storage no longer applies (e.g. after your request has been processed). Mandatory legal provisions – in particular statutory retention periods – remain unaffected.

Data transfer from forms

The data subject has the opportunity to register on the website of the controller by providing personal data for data transfer via forms. Which personal data is transmitted to the person responsible for processing results from the respective input mask used for the entries. The personal data entered by the data subject will be collected and stored exclusively for internal use by the data controller and for its own purposes. Data transmission from forms is always encrypted.

The data controller may arrange for transfer to one or more processors (e.g. a parcel service provider) who also uses the personal data exclusively for internal use attributable to the data controller.

Through the data transfer on the website of the controller, the IP address assigned by the data subject's Internet service provider (ISP) and the date and time of the transfer are also stored. This data is stored because this is the only way to prevent misuse of the services offered and, if necessary, to make it possible to investigate crimes and copyright infringements that have been committed. In this respect, the storage of this data is necessary to protect the data controller. In principle, this data will not be passed on to third parties unless there is a legal obligation to pass it on or if the transfer serves the purpose of criminal or legal prosecution.

The data subject's entries with the voluntary provision of personal data serves the purpose of the data controller to offer the data subject content or services that, due to the nature of the matter, can only be offered to these users.

Hotel software MEWS

We use the hotel software (“Property Management System” or “PMS” for short) MEWS from Mews Systems B.V. for the CAB20. A property management system is a software application primarily used to operate hospitality accommodation and commercial rental properties. A PMS provider provides a computer system locally or, as with MEWS, in the “cloud” to organize, plan and carry out the daily tasks in accommodation establishments. These include:

• Management and maintenance of bookings

• Carrying out check-ins and check-outs

• Planning and executing events

• Manage housekeeping, room maintenance tasks, etc.

• Determination of key figures

• Preparation of reports

• Hotel inventory supply management

• Integration of electronic locking systems, telephone systems, point-of-sale systems, etc.

MEWS also creates a profile using the MEWS Navigator with which CAB20 guests can use the following functions, among others:

• Overview and processing of past and future orders

• Completion of personal information

• Inviting travel companions

• Use of features such as online check-in

The legal basis for the processing of personal data in a property management system is Article 6 (1) (b) GDPR. With regard to voluntary data, the legal basis for processing the data is Article 6 (1) (a) GDPR. The legal basis for the mandatory information on the registration form is Section 29 Paragraphs 2-4; 30 BMG in

Connection with Art. 6 Para. 1 lit c GDPR. There is an order processing contract between CAB20 GmbH and MEWS in accordance with Art. 28 GDPR.

Further information on the subject of data protection can be found here:

German: https://www.mews.li/Platform/Document/PrivacyPolicy?language=de

English: https://app.mews.com/Platform/Document/PrivacyPolicy?language=en-GB

Booking system MEWS

For online room reservations, we use the online service of MEWS SYSTEMS BV, Kleine-Gartmanplantsoen 21, 1017RP, Amsterdam, Netherlands (hereinafter referred to as “MEWS”). By clicking on the corresponding button, a browser window opens, which redirects you to the MEWS website.

If you would like to book a room with us, in order to conclude the contract it is necessary that you provide your personal data, which we need to process your booking. Mandatory information required to process the contracts is marked separately; further information is voluntary. The data is entered into an input mask and transmitted to us and stored.

Data is also passed on to the relevant payment service providers. The data will only be passed on to third parties if the transfer is necessary for the purpose of contract processing or for billing purposes or to collect payment or if you have expressly consented. In this regard, we only pass on the necessary data. The data recipients are: the respective delivery/shipping company (passing on name and address), debt collection companies if the payment has to be collected (passing on name, address, order details), payment institutions for the purpose of collecting claims, if you have chosen direct debit as the payment method as well as payment service providers - depending on the choice of payment method.

The legal basis is Article 6 Paragraph 1 Letter b GDPR. With regard to voluntary data, the legal basis for processing the data is Art. 6 Para. 1 lit. a GDPR. There is an order processing agreement between us and MEWS SYSTEMS BV.

The mandatory information collected is necessary to fulfill the contract with the user (for the purpose of providing the goods or services and confirming the contents of the contract). We therefore use the data to answer your inquiries, to process your booking, if necessary to check your creditworthiness or collect a debt and for the purpose of the technical administration of the websites. The voluntary information is provided to prevent misuse and, if necessary, to investigate crimes.

The data will be deleted as soon as it is no longer required to achieve the purpose for which it was collected. Due to commercial and tax law requirements, we are obliged to store your address, payment and order data for a period of ten years after execution of the contract. However, we restrict processing after 6 years, i.e. H. Your data will only be used to comply with legal obligations. If there is a continuing obligation between us and the user, we store the data for the entire term of the contract and for the duration of 10 years thereafter (see above). With regard to the data provided voluntarily, we will delete the data six years after execution of the contract, provided that no further contract is concluded with the user during this time; In this case, the data will be deleted 6 years after the last contract was implemented.

If the data is necessary to fulfill a contract or to carry out pre-contractual measures, early deletion of the data is only possible unless contractual or legal obligations prevent deletion. Otherwise, you are free to have the personal data provided during registration completely deleted from the data controller's database. With regard to voluntary data, you can declare your revocation to the person responsible at any time. In this case, the voluntary data will be deleted immediately.

Information on data protection at MEWS SYSTEMS BV can be found here: https://www.mews.li/Platform/Document/PrivacyPolicy?language=de

Sending newsletters with Campaign Monitor

This website uses Campaign Monitor to send newsletters. The provider is Campaign Monitor Pty Ltd, 201 Elizabeth Street, Sydney, New South Wales 2000, Australia (hereinafter referred to as “Campaign Monitor”). Campaign Monitor is a service that can be used to organize and analyze newsletter distribution. The data you enter to receive the newsletter (e.g. email address) is stored on Campaign Monitor's servers in the United States and, if applicable, Germany and Australia.

Our newsletters sent with Campaign Monitor enable us to analyze the behavior of newsletter recipients. Among other things, it can be analyzed how many recipients opened the newsletter message and how often which link in the newsletter was clicked. With the help of so-called conversion tracking, it can also be analyzed whether a pre-defined action (e.g. purchasing a product on a website) took place after clicking on the link in the newsletter.

The data processing takes place on the basis of your consent and therefore on the basis of Art. 6 Para. 1 lit. a GDPR. You can revoke this consent at any time by unsubscribing from the newsletter. The legality of the data processing operations that have already taken place remains unaffected by the revocation.

If you do not want analysis by Campaign Monitor, you must unsubscribe from the newsletter. For this purpose, we provide a corresponding link in every newsletter message.

The data you provide to us for the purpose of subscribing to the newsletter will be stored by us until you unsubscribe from the newsletter and will be deleted from both our servers and Campaign Monitor's servers after you unsubscribe from the newsletter.

For more information, see Campaign Monitor's privacy policy at https://www.campaignmonitor.com/policies/#privacy-policy

Links to other websites

This website contains links to other websites (so-called external links).

As a provider, we are responsible for our own content in accordance with applicable European and national legislation. Links to the content provided by other providers must be distinguished from this own content. We have no influence on whether the operators of other websites comply with applicable European and national legal regulations. Please inform yourself about the data protection declarations provided on the respective website

In order to make our website user-friendly for you and optimally tailored to your needs, we use cookies. Cookies are small text files that are sent to your browser by a web server as soon as you visit a website and are stored locally on your device (PC, notebook, tablet, smartphone, etc.).

Many websites and servers use cookies. Many cookies contain a so-called cookie ID. A cookie ID is a unique identifier of the cookie. It consists of a string through which websites and servers can be assigned to the specific web browser in which the cookie was stored. This allows the websites and servers visited to distinguish the individual browser of the data subject from other web browsers that contain other cookies. A specific web browser can be recognized and identified via the unique cookie ID. This information is used to automatically recognize you when you visit the website again using the same device and to make navigation easier for you.

You can also consent or reject cookies - including for web tracking - via the settings of your web browser. You can configure your browser so that it generally refuses to accept cookies or you are informed in advance if a cookie is to be saved. In this case, however, the functionality of the website may be affected (for example when placing orders). Your browser also offers a function to delete cookies (for example via “Delete browser data”). This is possible in all common web browsers. You can find further information about this in the operating instructions or in the settings of your browser.

First-party cookies: First-party cookies refer to permanent cookies that are stored on the computer and only lose their validity when the expiry date assigned to them has expired. The word “Party” refers to the domain from which the cookie comes. In contrast to third-party cookies, first-party cookies usually come from the website operator itself. They are therefore not accessible by browsers across domains. For example, website A issues a cookie A, which is not recognized by website B and can only be recognized by website A. This means that data cannot be passed on to third parties.

Third-party cookies: With a third-party cookie, the cookie is set and recorded by a third party. These cookies are mostly used by advertisers who use the cookies to collect information about website visitors through their advertising on other websites. These are data sets that are stored in the user's web browser when they visit a page with advertising. If he visits a page with advertising from the same provider again, he will be recognized.

Cookiebot

A web service from Cybot A/S, Havnegade 39, 1058 Copenhagen, DK (hereinafter referred to as “Cookiebot”) is loaded onto our website. Through Cookiebot we can inform you precisely and transparently about the use of cookies on our website. You will receive an up-to-date and data protection-compliant cookie notice and you can decide for yourself which cookies you would like to allow.

For this purpose, Cookiebot shows you a cookie list divided into functional groups when you visit for the first time. Here you can switch on cookies by clicking on the corresponding box. Please note that the technical cookies are saved when you access the website and the relevant box is preset. If you deselect technical cookies, the use of the website or individual functions on the website may be restricted or even impossible.

If you allow cookies, the following data will be transmitted to Cybot:

• IP address (in anonymized form, the last 3 digits are set to 0)

• Date and time of your consent

• our website URL

• technical browser data

• encrypted, anonymous key

• the cookies you have allowed (as proof of consent)

The legal basis for the use of Cookiebot arises from our legitimate interest in functional cookie management and is therefore in accordance with Article 6 (1) (f) GDPR. A further legal basis arises from the fulfillment of data protection requirements in connection with cookies requiring consent (e.g. also through the “cookie ruling” of the European Court of Justice) and is therefore in accordance with Article 6 Paragraph 1 Letter c GDPR.

If you have consented to the setting of cookies when you visit this website, you can revoke your consent by accessing Cookiebot (see below) and deselecting the relevant cookie category. In addition to the revocation option via Cookiebot, you can deactivate cookies directly from a cookie provider or prevent the processing of data through browser plug-ins. An additional way to control the use of cookies is through the appropriate settings that you can make in most browsers.

Further information about “Cookiebot” and the company Cybot behind it can be found in the data protection declaration at https://www.cookiebot.com/de/privacy-policy/

Google Analytics

If you have given your consent, Google Analytics, a web analysis service provided by Google LLC, will be used on this website. The responsible service provider in the EU is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”).

1. Scope of processing

Google Analytics uses cookies that enable analysis of your use of our websites. The information collected by cookies about your use of this website is usually transmitted to a Google server in the USA and stored there.

We use the User ID function. User ID allows us to assign a unique, persistent ID to one or more sessions (and the activities within those sessions) and analyze user behavior across devices.

We use Google Signals. This means that Google Analytics collects additional information about users who have activated personalized ads (interests and demographic data) and ads can be delivered to these users in cross-device remarketing campaigns.

We use the 'anonymizeIP' function (so-called IP masking): Due to the activation of IP anonymization on this website, your IP address will be shortened by Google within member states of the European Union or in other contracting states to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. The IP address transmitted by your browser as part of Google Analytics is not combined with other Google data.

During your website visit, the following data, among others, is collected:

• the pages you access, your “click path”

• Achievement of “website goals” (conversions, e.g. newsletter registrations, downloads, purchases)

• Your user behavior (e.g. clicks, length of stay, bounce rates)

• Your approximate location (region)

• Your IP address (in shortened form)

• technical information about your browser and the devices you use (e.g. language settings, screen resolution)

• Your internet provider

• the referrer URL (via which website/advertising medium you came to this website)

2. Purposes of processing

On behalf of the operator of this website, Google will use this information to evaluate your use of the website and to compile reports on website activities. The reports provided by Google Analytics are used to analyze the performance of our website and the success of our marketing campaigns.

3. Receiver

is the recipient of the data

• Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland

as a processor. For this purpose, we have concluded an order processing agreement with Google. Google LLC, based in California, USA, and possibly US authorities can access the data stored by Google.

4. Transfer to third countries

A transfer of data to the USA cannot be ruled out.

5. Storage period

The data we send and linked to cookies is automatically deleted after 14 months. The deletion of data whose retention period has been reached occurs automatically once a month.

You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by Google

a. Do not give your consent to the setting of the cookie or

b. Download and install the browser add-on to deactivate Google Analytics here: https://tools.google.com/dlpage/gaoptout?hl=de

You can also prevent the storage of cookies by setting your browser software accordingly. However, if you configure your browser to reject all cookies, functionality on this and other websites may be limited.

6. Legal basis and possibility of revocation

Your consent is required for this data processing, Art. 6 Para. 1 lit. a GDPR. You can revoke your consent at any time with future effect by accessing the cookie settings and changing your selection there. You can do this at the bottom of the page, above the table with the cookies used.

Further information on the terms of use of Google Analytics and data protection at Google can be found at https://www.google.com/analytics/terms/de.html and at https://policies.google.com/?hl=de

Google Tag Manager

We use Google Tag Manager on our website. Google Tag Manager is a solution that allows marketers to manage website tags from one interface. The Tag Manager tool itself (which implements the tags) is a cookie-less domain and does not collect any personal data. The tool triggers other tags, which in turn may collect data. Google Tag Manager does not access this data. If a deactivation has been made at the domain or cookie level, this will remain in effect for all tracking tags implemented with Google Tag Manager.

Further information about Google Tag Manager and Google's privacy policy can be found at the following link: https://policies.google.com/privacy

Google Ads

We use “Google Ads” (formerly Google AdWords), a service provided by Google Ireland Limited, Google Building Gordon House, Barrow St, Dublin 4, Ireland (hereinafter referred to as “Google”) on our website. Google Ads enables us to draw attention to our attractive offers using advertising materials on external websites. This allows us to determine how successful individual advertising measures are. These advertising materials are delivered by Google via so-called “AdServers”. For this purpose, we use so-called ad server cookies, through which certain parameters can be measured to measure success, such as display of ads or clicks by users. If you reach our website via a Google ad, Google Ads will store a cookie on your PC. These cookies usually expire after 30 days. They are not intended to identify you personally. The following information is usually stored for this cookie as analysis values: unique cookie ID, number of ad impressions per placement (frequency), last impression (relevant for post-view conversions), opt-out information (marking that the user no longer wants to be addressed). These cookies enable Google to recognize your web browser.

If a user visits certain pages of an Ads customer's website and the cookie stored on their computer has not yet expired, Google and the customer can recognize that the user clicked on the ad and was redirected to this page. Each Ads customer is assigned a different cookie. Cookies cannot therefore be tracked via the websites of Ads customers. We ourselves do not collect or process any personal data in the advertising measures mentioned. We only receive statistical evaluations from Google. Based on these evaluations, we can identify which of the advertising measures used are particularly effective. We do not receive any further data from the use of advertising materials; in particular, we cannot identify users based on this information. Due to the marketing tools used, your browser automatically establishes a direct connection with the Google server. We have no influence on the scope and further use of the data collected by Google through the use of Google Ads. As far as we know, Google receives the information that you have accessed the relevant part of our website or clicked on an advertisement from us. If you have a user account with Google and are registered, Google can assign the visit to your user account. Even if you are not registered with Google or have not logged in, there is a possibility that Google will find out and store your IP address.

We use Google Ads for marketing and optimization purposes, in particular to show ads that are relevant and interesting to you, to improve campaign performance reporting and to achieve a fair calculation of advertising costs. The legal basis for the use of Google Ads is your consent in accordance with Art. 6 Para. 1 lit. a GDPR.

You can prevent the installation of these cookies by refusing your consent to the storage of these cookies when you enter the website, deleting existing cookies or deactivating the storage of cookies in the settings of your web browser. We would like to point out that in this case you may not be able to fully use all functions of our website. It is also possible to prevent the storage of cookies by setting your web browser so that cookies from the domain “www.googleadservices.com” are blocked (https://www.google.de/settings/ads). Please note that this setting will be deleted if you delete your cookies.

You can also deactivate interest-based ads via the link http://optout.aboutads.info. We would like to point out that this setting will also be deleted if you delete your cookies.

Third party information: Google Ireland Limited, Google Building Gordon House, Barrow St, Dublin 4, Ireland

Further information about Google's use of data, settings and objection options, and data protection can be found on the following Google websites:

Data protection declaration: https://policies.google.com/privacy

Google website statistics: https://services.google.com/sitestats/de.html

Google Dynamic Remarketing

On our website we use “Google Dynamic Remarketing”, a service provided by Google Ireland Limited, Google Building Gordon House, Barrow St, Dublin 4, Ireland (hereinafter referred to as “Google”). Google Dynamic Remarketing enables us to show you our advertisements when you continue to use the Internet after you have visited our website. This is done using cookies stored in your browser, through which your usage behavior when you visit various websites is recorded and evaluated by Google. This allows Google to determine your previous visit to our website. According to Google, the data collected as part of remarketing will not be combined with your personal data, which may be stored by Google. In particular, according to Google, pseudonymization is used in remarketing.

We use Google Dynamic Remarketing for marketing and optimization purposes, in particular to show ads that are relevant and interesting to you, to improve campaign performance reporting and to achieve a fair calculation of advertising costs. The legal basis for the use of Google Dynamic Remarketing is your consent in accordance with Art. 6 Para. 1 lit. a GDPR.

Further information about Google's use of data, settings and objection options, and data protection can be found on the following Google websites:

Data protection declaration: https://policies.google.com/privacy?hl=de&gl=de

Google website statistics: https://services.google.com/sitestats/de.html

Google DoubleClick

A web service from Google Ireland Limited, Gordon House, Barrow Street, 4 Dublin, Ireland (hereinafter: DoubleClick) is loaded onto our website. We use this data to ensure the full functionality of our website. In this context, your browser may transmit personal data to DoubleClick.

You can prevent DoubleClick from collecting and processing your data by refusing your consent when entering the website, deactivating the execution of script code in your browser or installing a script blocker in your browser.

The legal basis for the use of Google Double Click is your consent in accordance with Art. 6 Para. 1 lit. a GDPR.

The data will be deleted as soon as the purpose for which it was collected has been fulfilled. Further information on the handling of transferred data can be found in DoubleClick's data protection declaration: https://policies.google.com/privacy

Google

A web service from Google Ireland Limited, Gordon House, Barrow Street, 4 Dublin, Ireland is loaded onto our website. We use this data to ensure the full functionality of our website. In this context, your browser may transmit personal data to Google.

You can prevent the collection and processing of your data by this web service by refusing your consent when entering the website, deactivating the execution of script code in your browser or installing a script blocker in your browser.

The legal basis for the use of this web service is your consent in accordance with Art. 6 Para. 1 lit. a GDPR.

The data will be deleted as soon as the purpose for which it was collected has been fulfilled. Further information on the handling of transferred data can be found in Google's data protection declaration: https://policies.google.com/privacy

Facebook Pixel and Facebook Custom Audiences

On our website we use the so-called “Facebook pixel” from the company “Facebook” (Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Ireland). Using the Facebook pixel, we can classify visitors to our website into specific target groups in order to be able to display relevant advertising (“Ads”) to you on Facebook. The data collected (e.g. IP addresses, information about the web browser, the location of the website, buttons clicked, possibly pixel IDs and other characteristics) cannot be viewed by us, but can only be used when displaying certain advertisements. Cookies are also set as part of the use of the Facebook pixel code.

If you have a Facebook account and are logged in, your visit to this website will be assigned to your Facebook user account.

We also use the remarketing function “Custom Audiences” from the company “Facebook”. This means that users of the website can be shown interest-based advertisements (“Facebook Ads”) when they visit Facebook or other websites that also use this procedure. Our interest is to show you advertising that matches your interests in order to make our website more interesting for you.

In order to exchange the respective data, your browser automatically establishes a direct connection with the Facebook server. We have no influence on the extent and further use of the data collected by Facebook through the use of this tool and therefore inform you according to our level of knowledge: By integrating Facebook Custom Audiences, Facebook receives the information that you have accessed the corresponding website of ours accessed our website or clicked on an advertisement from us. If you are registered with a “Facebook” service, “Facebook” can assign the visit to your account. Even if you are not registered with Facebook or have not logged in, it is possible that the provider will find out and store your IP address and other identifying features.

You can find out how the Facebook pixel is used for advertising campaigns at https://www.facebook.com/business/learn/facebook-ads-pixel

More information about Facebook's data policy can be found at https://www.facebook.com/policy.php

Further information on data processing by Facebook can be found at https://www.facebook.com/about/privacy

We use these functions to be able to provide you with advertising offers that match your interests.

We process your data because you have consented to this (Art. 6 Para. 1 lit. a GDPR) or we have a legitimate interest in processing the data (Art. 6 Para. 1 lit. f GDPR).

We store your data as long as we need it for the respective purpose (display of interest-based advertising) or you have not objected to the storage of your data or withdrawn your consent.

The “Facebook Custom Audiences” function can be deactivated for logged in users at https://www.facebook.com/settings/?tab=ads#.

You can change your advertising settings in Facebook at https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen, provided you are logged in to Facebook.

Facebook Connect

On this website it is possible to register using your Facebook account.

Facebook Connect is an offer from Facebook, Inc. The use of Facebook Connect is subject to Facebook's data protection conditions and terms of use.

When you use Facebook Connect, Facebook profile data and data public on Facebook from your Facebook profile are transferred to us. Conversely, data can be transferred from us to your Facebook profile. Your transmitted data will be stored and processed by us for the purpose of registering on our site.

By registering on our website via Facebook Connect, you agree to the transfer of profile data from your Facebook profile to us and to the transfer of data for use of our website to Facebook. The data that is available as public data in your Facebook profile will be transferred. We would like to point out that following changes to Facebook's data protection conditions and terms of use, the Facebook profile owner's "friends list" may also be transferred if it has been marked as "public" in the privacy settings on Facebook.

The legal basis for the use of Facebook Connect is your consent in accordance with Art. 6 Para. 1 lit. a GDPR.

Further information can be found at: https://www.facebook.com/about/privacy/your-info-on-other

Pinterest conversion tracking

This website uses the conversion tracking technology “Pinterest Tag” from Pinterest Europe Ltd., Palmerston House, 2nd Floor, Fenian Street, Dublin 2, Ireland (hereinafter referred to as “Pinterest”).

If you came to our website from a pin on Pinterest, we will place a cookie on your computer, which interacts with a “tag” that is also implemented in the form of a JavaScript code from Pinterest. Cookies are small text files that are stored on your device. These cookies expire after 180 days and are not used for personal identification.

If the user is redirected to pages on this website from a pin on Pinterest and the cookie has not yet expired, the tag records certain user actions predefined by us and can track them (e.g. completed transactions, leads, search queries on the website, views of product pages). When such an action is carried out, your browser sends an HTTP request from the cookie to Pinterest's server via the Pinterest tag, with which certain information about the action (including type of action, time, browser type of the device) is transmitted.

Through this transmission, Pinterest can create statistics about usage behavior on our website after being redirected from a Pinterest pin, which we use to optimize our offering.

If personal user data is processed, this is done based on your consent in accordance with Article 6 (1) (a) GDPR. You can revoke your consent at any time with future effect.

If you do not want to participate in tracking, you can also object to this by deactivating the Pinterest tag conversion tracking cookie via your Internet browser under user settings. You will then not be included in the conversion tracking statistics.

You can find further information about Pinterest's data protection regulations at the following internet address: https://policy.pinterest.com/de/privacy-policy

MapTiler

This website uses MapTiler, the Maps API from the provider Klokantech Technologies GmbH, Hofnerstrasse 98 Unterageri, Zug 6314, Switzerland (hereinafter referred to as “MapTiler”). This is a map service through which map sections for areas selected by the user are displayed on our website.

According to Maptiler, users' IP addresses are stored for 20 minutes and then deleted. This is intended to protect against malicious activities. According to the provider, no other personal data is stored.

The processing is carried out on the basis of a legitimate interest within the meaning of Art. 6 Para. 1 lit. f GDPR. The use helps us and the user to display a graphical representation of selected areas on a map.

You can prevent the collection and processing of your data by this web service by deactivating the execution of script code in your browser or installing a script blocker in your browser.

Further information on data protection can be found in the MapTiler Privacy Policy at https://www.maptiler.com/privacy-policy/

CloudFlare

On our website we use a so-called Content Delivery Network ("CDN") from the technology service provider Cloudflare Inc., 101 Townsend St. San Francisco, CA 94107, USA ("Cloudflare"). A content delivery network is an online service that is used to deliver large media files (such as graphics, page content or scripts) through a network of regionally distributed servers connected via the Internet. Using Cloudflare's Content Delivery Network helps us optimize the loading speeds of our website.

Processing is carried out in accordance with Article 6 Paragraph 1 Letter f of the GDPR based on our legitimate interest in secure and efficient provision and improving the stability and functionality of our website.

For more information, please see Cloudflare's privacy policy at: https://www.cloudflare.com/privacypolicy/

And at: https://blog.cloudflare.com/what-cloudflare-logs/

Unpack

A web service from Npm, Inc., 1999 Harrison Street #1150, CA 94612 Oakland, USA (hereinafter referred to as “Unpkg”) is loaded onto our website. We use unpkg as a content delivery network. The files integrated via Unpkg are open source, so they can be viewed and checked at any time.

The integration is based on Art. 6 Para. 1 lit. f GDPR out of the legitimate interest in upgrading our website as well as a technically secure, maintenance-free and efficient way to integrate external libraries and frameworks. Since Unpkg uses the hosting provider Cloudflare to provide the data, the requests sent to these servers may be stored for statistical or other usage purposes.

If you have activated Java Script in your browser and have not installed a Java Script blocker, your browser may transmit personal data to Unpkg.

You can prevent Unpkg from collecting and processing your data by deactivating the execution of script code in your browser or installing a script blocker in your browser.

Amazon Web Services (AWS) Germany GmbH

Krausenstr. 38

10117 Berlin

Germany

The Amazon Web Services servers used to store the data

are located in the Federal Republic of Germany in Frankfurt/Main and are subject to the data protection laws of the national and European legislators. Amazon Web Services also handles your data within the framework of the relevant legal regulations

Regulations. The Amazon Web Services privacy policy can be accessed at the following link:

https://aws.amazon.com/de/privacy/

Further information on the handling of the transferred data can be found in Unpkg's data protection declaration at https://www.npmjs.com/policies/privacy as well as at https://www.unpkg.com/ and https://www.cloudflare.com /de-de/privacypolicy/

Name and address of the person responsible:

The person responsible within the meaning of the EU General Data Protection Regulation (GDPR), other data protection laws applicable in the member states of the European Union and other provisions of a data protection nature is:

Fährhaus Austria GmbH

Hinterlengauweg 616

5754 Hinterglemm

Telephone: +49 (0)40 3990987-721

Email: info@turracher-zirbenlodges.at

Managing Director:

Dr. Mathias Krahl, Dipl.-Ing. Lasse Lütjens, Jan Kleinert

Name and address of the data protection officer:

Jan Kleinert

Hinterlengauweg 616

5754 Hinterglemm

We reserve the right to change our privacy practices and this Privacy Policy to adapt to changes in relevant laws or regulations or to better meet your needs. Possible changes to our data protection practices will be announced here accordingly. Please note the current version date of the data protection declaration.

This website uses cookies. We use cookies to personalize content and ads, to provide social media features and to analyze access to our website. We also share information about your use of our website with our social media, advertising and analytics partners. Our partners may combine this information with other information that you have provided to them or that they have collected from your use of the Services.

Cookies are small text files used by websites to make the user experience more efficient.

By law we may store cookies on your device if they are strictly necessary for the operation of this site. For all other types of cookies we need your permission.

This site uses different types of cookies. Some cookies are placed by third parties that appear on our sites.

You can change or withdraw your consent at any time from the cookie statement on our website.

Find out more about who we are, how you can contact us and how we process personal data in our privacy policy.