We place great value on protecting your data. In order to fully inform you about the use of personal data, we ask you to take note of the following data privacy statement.
The EU General Data Protection Regulation, the Data Protection Act 2000 as well as the Data Protection Amendment Act 2018 serve to safeguard the right to protect personal data. We process your data exclusively on basis of the legal requirements (GDPR, DPR 2018, TKG (Telecommunications Act) 2003).
It is a matter of great concern to us to protect and securely store all personal data you entrust us with.In this document, you will learn more about how we use and process your personal data.
We use the following data, if you conclude a contract with us:
Personal details
Personal data which you transmit electronically on this website, such as name, email address, address or other personal information, will only be used by us for the purpose indicated, stored securely and not passed on to third parties. The provider automatically collects and stores information on the web server such as the browser used, operating system, link page, IP address, time of access, etc. These data cannot be associated with any specific individual without checking additional data sources and we also do not analyse these data as long as no unlawful use of our website has occurred.
Core data
Sur- and first name, address, other contact information (e.g. e-mail-address, telephone number), information about nature and content of our contractual relationship.
Other personal data
Pursuant to the Austrian Reporting Law you are required to provide us with the data specified in § 5 and § 10 of the Reporting Law. This relates to the following data: Name, date of birth, gender, nationality, country of origin, address plus postal code and - for international guests - type, number, issue location and issuing authority of a travel document, and also the date of arrival and departure.
Enlisting of data processing companies
The protection of your data is important to us. Even if we use a data processing company (e.g.: Protel Hotelsoftware, Fertel – guest directory according to § 19 MeldeV), we make sure that data processing takes place within the Euopean Union.
Purpose limitation, legal basis,
storage duration as well as data receivers
The collected personal data is required by us for contractual performance, settlement, asserting contractual claims, for customer service and for advertising purposes. The data will be collected, stored, processed and used for these purposes.
The legal principles for processing your personal data are, on the one hand, contractual performance, justified interests, the performance of our legal and/or contractual obligations as well as, on the other hand, your consent (e.g. contact form, newsletter, online booking, cookies). Non-provision of these data can have various consequences.
We process your personal data, to the extent required, for the duration of the entire business relationship (from the initiation, processing all the way to termination of a contract) and even beyond that in accordance with the legal storage and documentation obligations, which result from the Austrian Commercial Code (UGB), the Federal Fiscal Code (BAO) as well as until the conclusion of any legal disputes, running warranty periods, etc.
Use Google of Tag Manager
This website uses Google Tag Manager. Google Tag Manager is a solution that enables marketers to manage site tags through a single interface. The Tag Manager tool itself (which implements the tags) is a cookie-less domain and does not collect personally identifiable information. The tool triggers other tags, which may collect data. Google Tag Manager does not access this data. If disabled at the domain or cookie level, it will remain in effect for all tracking tags implemented with Google Tag Manager.
Use of Google Analytics
Our website uses Google Analytics, a web analysis service from Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043 USA, hereinafter referred to as “Google“. Google Analytics employs so-called “cookies“, text files that are stored to your computer in order to facilitate an analysis of your use of the site. The information generated by these cookies, such as time, place and frequency of your visits to our site, including your IP address, is transmitted to Google’s location in the US and stored there. We use Google Analytics with an IP anonymization feature on our website. In doing so, Google abbreviates and thereby anonymizes your IP address before transferring it from member states of the European Union or signatory states to the Agreement on the European Economic Area. Google will use this information to evaluate your usage of our site, to compile reports on website activity for us, and to provide other services related to website- and internet usage.
Google may also transfer this information to third parties if this is required by law or to the extent this data is processed by third parties on Google´s behalf. Google states that it will in never associate your IP address with other data held by Google. You can prevent cookies from being installed by adjusting the settings on your browser software accordingly. You should be aware, however, that by doing so you may not be able to make full use of all the functions of our website.
Google also offers a disabling option for the most common browsers, thus providing you with greater control over the data which is collected and processed by Google. If you enable this option, no information regarding your website visit is transmitted to Google Analytics. However, the activation does not prevent the transmission of information to us or to any other web analytics services we may use. For more information about the disabling option provided by Google, and how to enable this option, visit https://tools.google.com/dlpage/gaoptout?hl=en
We would like to point out that this website uses Google Analytics with the extension "_anonymizeIp ()" and therefore IP addresses are only shortened processed in order to exclude a direct personal reference.
Pursuant to the Austrian Reporting Law you are required to provide us with the data specified in § 5 and § 10 of the Reporting Law. This relates to the following data: Name, date of birth, gender, nationality, country of origin, address plus postal code and - for international guests - type, number, issue location and issuing authority of a travel document, and also the date of arrival and departure.
GUEST REGISTRY
Owing to our legal obligation arising from § 19 of the Reporting Law-Implementation Order, we shall maintain this data in a Guest Registry and save it for a period of 7 (seven) years, unless it is needed for a longer period of time for other purposes which are named in this Privacy Policy. The Guest Registry shall be maintained by us in electronic format, and for this purpose we shall transfer the data to an IT services provider. The data shall thus be saved locally. The data will not be transmitted to a third country.
TRANSMISSION OF DATA
The data categories of “arrival” and “departure,” linked with the country of origin, shall be transmitted to the community where the hospitality company is located, in accordance with § 6 of the Tourism Statistics Order. Ötztal Tourism, of which we are a member, and/or the municipality must also be provided with aggregated data on the total number of overnight stays and the persons who are obliged to pay the residence tax. This shall be handled on the basis of § 19 of the Tirol Accommodation Law.
LEGAL BASIS FOR DATA PROCESSING
Data processing pursuant to the above points are based on Art. 6 para. 1 lit. c GDPR.
ADDITIONAL DATA TRANSMISSION TO THE TVB/MUNICIPALITY
In addition, we shall provide your postal code and year of birth (in a pseudonymised and/or anonymised form) to our municipality and to our TVB for statistical purposes in order to prepare and evaluate the origin and age statistics by the Tourismusverband/TVB (Tourism Association). This transmission is based on Art. 6 para. 1 lit. e (transmittal in the public interest) and lit. f (predominate lawful interest) of the GDPR. You may object to this at any time for reasons arising from your particular situation (Art. 21 para. 1 GDPR).
GENERAL
You are entitled to obtain a guest card. The guest card gives you a discount on regular transport services tariffs. The guest card is valid for the period of your visit.
Issuance of the Guest Card
The guest card will be issued and validated by the accommodation provider solely at your request. It will be issued according to the Guest Card system employed by the TVB and/or by the accommodation company, either in the form of
Processed Personal Data
The following personal data, obtained from the reservation data (see Section 1 above) will be processed both for the electronically generated, and also for the cell phone-provided Guest Card: First and last name, date of birth, country of origin/postal code and the date of arrival and departure. If the Guest Card is issued in the form of the “reservation slip,” then it will contain the information required by § 5 in connection with § 9 of the Reservations Law (see Section 1.1 “Reservation Data”). In this case, no electronic processing will be performed relating to the Guest Card.
When using the Guest Card, the following additional personal data will be processed: Data relating to the frequency of use of the particular card, service requested, reservations, transaction logging, reference to the reservation data and accommodation company. This data is required firstly to verify your identity and secondly to verify the validity of the Guest Card for the particular service requests, and if necessary, to allow invoicing of the benefits between the service providers, the TVB and any accommodation companies involved.
Legal Basis for Data Processing
Processing of the data for purposes of the Guest Card shall proceed pursuant to your consent (Art. 6 para. 1 lit. a DSGVO). Your consent can be withdrawn at any time by giving oral or written instructions to the accommodation provider at the email address (office@trofana.at).
Operation of the Guest Card System
The Guest Card System is operated by the local tourism association (TVB). In addition, local accommodation operators and local companies (service providers) are involved. The data that is processed for the Guest Card will be deleted after 40 (forty) months, unless additional retention is necessary for other lawful purposes (e.g. reporting requirements).
Receivers of the Data
Data processed for purposes of the Guest Card will be provided to the local Tourist Association for invoicing to the service providers and/or accommodation operators. The individual service providers who provide beneficial services based on the Guest Card, likewise will receive the data, provided you have used the Guest Card services provided by these companies.
To claim the benefits, you must present the particular Guest Card on which the data is recorded, and thus disclose the data to the service provider. The company will then check whether the card is (still) valid, usually by reading the bar code on the Guest Card and by transmitting the bar code data to our IT services provider. At this time personal data will be transmitted to the company, in particular also your identity data (to verify your identity and date of birth). If the Guest Card has been issued in the form of a reservation slip, then its validity will be checked based on the copy of the reservation slip.
Basically, we only process those data which are absolutely necessary for the conclusion of the contract or for the fulfillment of the contract. If you have also given us an appropriate consent, we will process your data in such a way that we will provide you with information about our services until further notice. In doing so, we use the following communication channels: telephone, e-mail, sms or social media channels.
PERSONAL DETAILS
Personal details which you transmit electronically on this website, such as name, email address, address or other personal information, will only be used by us for the purpose indicated, stored securely and not passed on to third parties. The provider automatically collects and stores information on the web server such as the browser used, operating system, link page, IP address, time of access, etc. These data cannot be associated with any specific individual without checking additional data sources and we also do not analyse these data as long as no unlawful use of our website has occurred.
Web Server Log
For smooth functioning and, if necessary, troubleshooting, web pages generally save logs on the web server where IP addresses are stored. Like many other companies, we operate our website on servers of a professional service provider. While IP addresses by themselves do not allow identifying a person, they could theoretically be associated with people using more elaborate tracking tools, but our website doesn’t. In the logs, the time, the browser type and the page visited are saved. These logs are periodically deleted after a maximum period of one month.
Kognitiv/Seekda
Our website uses Kognitiv to process your booking. The privacy statement will be executed directly on the booking link (IBE).
Contact form
If you send us queries using the contact form, your information in the query form and the contact data entered by you therein will be stored by us to process the request and in case of any follow-up questions. However, your accommodation request can only be used by you and sent to us electronically, if you explicitly agree to this data privacy and data usage statement by clicking on the button.
We will not pass this data on without your consent. In this respect, please take note of our data privacy statement.
Bakehouse NEwsletter
You can subscribe to our newsletter at any time using this website. For this purpose, we require your email address and a declaration by you that you agree to obtain the newsletter. In order to provide you purposefully with information, we also collect and process details provided voluntarily, such as browser language and names.
As soon as you have registered for the newsletter, we will send you a confirmation email with a link to confirm the registration. You can cancel your subscription to the newsletter at any time. Please send your cancellation to the following email address: office@trofana.at. We will then delete your data in connection with the newsletter transmission immediately.
Newsletter abmelden
DATA STORAGE
We would like to point out that for the purpose of easier shopping and later contract processing by the online shop operator, the IP data of the subscriber, as well as the name, address and credit card number of the purchaser, will be stored within cookies.
The following data will also be stored by us for the purpose of contract processing: The data provided by you is necessary for the performance of the contract and the implementation of pre-contractual measures. We cannot conclude the contract with you without this data. No data will be transferred to third parties, except to transfer credit card data to the processing banking institution/payment service provider for the purpose of debiting the purchase price, to the transport/shipping company tasked by us to deliver the goods, and to our accountants for the fulfilment of our fiscal obligations.
After cancelling the purchase process, the data stored by us will be deleted. In the case of a contract conclusion, all data from the contractual relationship will be stored until the retention period under tax law (7 years) has expired.
The name, address, purchased goods and purchase date will also be stored until product liability (10 years) has expired. Data is processed based on the statutory provisions of Section 96(3) TKG and Art. 6(1)(a) (consent) and/or (b) (necessity for contract performance) GDPR.
DATA SECURITY
Hotel Trofana Royal GmbH uses technical and organisational safety measures in order to protect the stored personal details against random or deliberate manipulation, loss or destruction and against access by unauthorised persons. Our safety measures are continuously improved in keeping with the technological progress.
SSL ENCRYPTION
For reasons of security and to protect the transfer of confidential content, such as the queries you send to us as the site operator, this site uses SSL encryption. You will recognise an encrypted connection if the address bar of the browser changes from “http://” to “https://” and by the lock symbol in your browser bar. If SSL encryption is activated, the data you send to us cannot be read by third parties.
Data deletion
You can withdraw you approval everytime under the following e-mail address: office@trofana.at. In such a case, the data previously stored about you will be anonymized and subsequently used only for statistical purposes without personal reference. By withdraw of the approval, the legality of passed procession of data until time of withdraw of approval will not be touched.
Cookis
Our website uses so-called cookies. These are small text files that are stored on your end device with the help of the browser. They do not cause damage. We use cookies to make our website user-friendly. Some cookies will remain stored on your end device until you delete them. They enable us to remember your browser the next time you visit. If you do not want this, you can set your browser so that it informs you about the placing of cookies, and so that you only allow this on a case-by-case basis. Deactivating cookies may limit the functionality of our website.
Hotjar
Diese Website nutzt Hotjar, ein Webanalyse-Tool. Anbieter ist Hotjar Ltd. in 2, St Julian's Business Centre, 3, Elia Zammit Street, St Julian's STJ 1000 in Malta. Es werden mit Hotjar Interaktionen von zufällig ausgewählten, einzelnen Besuchern mit der Internetseite anonymisiert aufgezeichnet. So entsteht ein Protokoll von z.B. Mausbewegungen und -klicks mit dem Ziel, Verbesserungsmöglichkeiten der jeweiligen Internetseite aufzuzeigen. Außerdem werden Informationen zum Betriebssystem, Browser, eingehende und ausgehende Verweise (Links), geografische Herkunft, sowie Auflösung und Art des Geräts zu statistischen Zwecken ausgewertet. Diese Informationen sind nicht personenbezogen und werden von Hotjar nicht an Dritte weitergegeben.
Wenn du eine Datenverarbeitung durch Hotjar nicht wünschst, kannst du in den Einstellungen deines Webbrowsers die Verwendung von Cookies deaktivieren und bereits aktive Cookies löschen. Durch Nutzung des Headers „Nicht verfolgen“ („Do Not Track“) kannst du die Erhebung deiner Daten durch Hotjar beim Besuch einer Hotjar-Website jederzeit ablehnen. Wie das geht, erährst du durch deinen Klick hier. Mehr über die Datenverarbeitung durch Hotjar findest du hier.
Web-Analysis
Our website uses functions of website analysis services Google Analytics and Matomo. The provider of Google Analytics is Google Inc., 1600 Amphitheatre Parkway Mountain View, CA 94043, USA. Matomo runs on the servers of Cookis GmbH, 6460 Imst, Franz Xaver Rennstrasse 4 (Bakehouse customers). For this purpose, cookies are used that enable users to use the website. The information thereby generated is transferred to the server of the respective provider, where it is stored.
You can prevent this by setting your browser so that no cookies are stored. Your IP address will be logged, but it will be immediately anonymised by deleting the last eight bits clwz. Therefore, only a rough localisation is possible.
The data processing takes place on the basis of the statutory provisions of Section 96(3) TKG and Art. 6(1)(a) (consent) and/or (f) (legitimate interests) GDPR.
Our concern within the scope of GDPR (legitimate interests) is to improve our services and our website. As the privacy of our users is important to us, the user data is pseudonymised.
Use of Google Fonts
We use Google Fonts on our website. This allows us to integrate certain fonts into our website. These fonts are provided by Google through servers in the United States. When you visit our website, the visitor's web browser establishes a direct connection to these servers. Among other things, the IP address of the visitor is transmitted to Google and stored there. Google is participating in the EU-US Privacy Shield: www.privacyshield.gov/EU-US Framework
For more information about Google: Google Inc., 1600 Amphitheater Parkway, Mountainview, California 94043, USA. Learn more about Google privacy: https://www.google.com/policies/privacy/
Use of Typekit fonts
We use Typekit fonts on our website. This allows us to integrate certain fonts into our website. These fonts are provided by Adobe through servers in the United States. When you visit our website, the visitor's web browser establishes a direct connection to these servers. Among other things, the IP address of the visitor is transmitted to Adobe and stored there. Adobe is participating in the EU-US Privacy Shield: www.privacyshield.gov/EU-US Framework More information about Adobe: Adobe Systems Incorporated, 45 Park Ave, San Jose, California 95110, USA. For more information on data protection when using Typekit: https://www.adobe.com/de/privacy/policies/typekit.html
Use of Google Maps
This website uses the Google Maps product by Google Analytics is the Google Inc., 1600 Amphitheater Parkway Mountain View, CA 94043, USA. By using this website, you consent to the collection, processing and use of the automated data collected by Google Inc, its agents and third parties. You can find the Terms of Use for Google Maps under "Google Maps Terms of Service": https://policies.google.com/privacy.
Twitter - data privacy statement for use
Functions of the Twitter service are included on our site. These functions are offered by Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA. When using Twitter and the “Retweet” function, the websites visited by you will be linked to your Twitter account and disclosed to other users. Data will thereby also be transferred to Twitter. We would like to point out that as the provider of the site, we receive no knowledge about the content of the data transferred or its use from Twitter. Further information can be found in the Twitter data privacy statement at http://twitter.com/privacy.
You can change your data privacy settings on Twitter in the account settings at http://twitter.com/account/settings.
Facebook plugins (Like button) - data privacy statement for use
Auf unseren Seiten sind Plugins des sozialen Netzwerks Facebook, 1601 South California Avenue, Palo Alto, CA 94304, USA integriert. Die Facebook-Plugins erkennen Sie an dem Facebook-Logo oder dem „Like-Button“ („Gefällt mir“) auf unserer Seite. Eine Übersicht über die Facebook-Plugins finden Sie hier: http://developers.facebook.com/docs/plugins/ Wenn Sie unsere Seiten besuchen, wird über das Plugin eine direkte Verbindung zwischen Ihrem Browser und dem Facebook-Server hergestellt. Facebook erhält dadurch die Information, dass Sie mit Ihrer IP-Adresse unsere Seite besucht haben. Wenn Sie den Facebook „Like-Button“ anklicken während Sie in Ihrem Facebook-Account eingeloggt sind, können Sie die Inhalte unserer Seiten auf Ihrem Facebook-Profil verlinken. Dadurch kann Facebook den Besuch unserer Seiten Ihrem Benutzerkonto zuordnen. Wir weisen darauf hin, dass wir als Anbieter der Seiten keine Kenntnis vom Inhalt der übermittelten Daten sowie deren Nutzung durch Facebook erhalten. Weitere Informationen hierzu finden Sie in der Datenschutzerklärung von facebook unter https://de-de.facebook.com/policy.php
Wenn Sie nicht wünschen, dass Facebook den Besuch unserer Seiten Ihrem Facebook-Nutzerkonto zuordnen kann, loggen Sie sich bitte aus Ihrem Facebook-Benutzerkonto aus.
Instagram - data privacy statement for use
Functions of the Instagram service are included on our site. These functions are offered by Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA. If you are logged into your Instagram account, you can link the content of our site to your Instagram profile by clicking the Instagram button. Instagram will therefore be able to match the visit to our site with your user account. We would like to point out that as the provider of the site, we do not receive any knowledge of the content of the data transferred or its use by Instagram.
Further information can be found in the Instagram data privacy statement at https://instagram.com/about/legal/privacy/.
YouTube - data privacy statement for use
Our website uses plugins of Google-operated site YouTube. The operator of the site is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. If you visit one of our pages provided with a YouTube plugin, a connection with the YouTube servers will be established. The YouTube server will therefore be informed about which of our pages you have visited.
If you are logged into your YouTube account, you enable YouTube to directly match your surfing behaviour with your personal profile. You can prevent this by logging out of your YouTube account.
Further information can be found in the YouTube data privacy statement at https://www.google.de/intl/de/policies/privacy.
Rights to informaition
You have the right to receive information with regard to the data stored about your person, their origin and recipients as well as the purpose of storage at any time.
1. You have the right to information at any time on part of the responsible party regarding the personal details in question. Provided that no legal duty to preserve records exists, you have the right to deletion of these data as well as objecting to their processing. Furthermore, you have the right to correction of the data as well as restriction of the processing, to data portability and to file a complaint with the Austrian data protection authority (Wickenburggasse 8-10, 1080 Vienna, Email: dsb@dsb.gv.at).
2. With regard to your rights, please contact us on office@trofana.at or write to:
Hotel Trofana Royal GmbH
Fam. von der Thannen
6561 - Ischgl - Dorfstraße 95
Tirol - Austria
Confirmation of identity
To protect your rights and your privacy, we are entitled to request proof of identity in case of doubt.
Rights claim over fee
If you claim one of mentioned rights manifestly unfounded or particularly frequent, we are entitled to demand a reasonable processing fee or refuse to process the application.
Duty to participate
Within scope of obligations to cooperate we are obliged to provide data according to the legal regulations (e.g. BAO, registration act, ZPO, StPO, …) on request.
This privacy policy applies from 25th of May 2018 and replaces the existing privacy policy.
If you have questions about this privacy policy, please contact us. The contact address can be found here. You can always ask if and which of your data is stored with us. In addition, you can send us information, deletion and correction requests and also suggestions by e-mail or letter.