5

DATA PRIVACY STATEMENT

This privacy policy covers the collection and use of personal information that may be collected when you contact us, visit our website, request, book, purchase or when you call us. Please take a moment to read through the document below, which informs you how Gurglhof GmbH handles your personal data, what types of data are collected at all, how and for what purpose this data is used, to whom Gurglhof GmbH passes on this data and how Gurglhof GmbH protects your personal data.

Responsible for the processing of your data is the Gurglhof GmbH located at Ramolweg 19, A-6456 Obergurgl with all associated facilities which include: Hotel & Apartments Gurglhof as well as Josl Mountain Lounging in Obergurgl, Hotel Valentin and Valentin Design Apartments in Sölden as well as the Hotel Enzian in Hochsölden Data protection officer is Mr. Mag. Vala Sadeghi.

Your personal rights have the highest priority, and Gurglhof GmbH makes every effort to protect these rights.Of course, all further data protection obligations beyond this privacy policy remain unaffected.

Why does Gurglhof GmbH collect personal data and for how long will personal data be stored?
Gurglhof GmbH collects and uses your personal data in order to provide you with exemplary customer service in connection with your stay at the hotels of Gurglhof GmbH, to facilitate convenient access to our website and to be able to offer you optimal service offers. In addition, your personal data will help Gurglhof GmbH to keep you up to date with the latest product announcements, special offers and other developments that we believe may be of interest to you.If you are not interested in keeping up to date with the latest developments and/or product and service information, feel free to let us know at any time. A storage of your personal data takes place as long as this is necessary for the fulfillment of the above-mentioned services or Gurglhof GmbH is obliged to store such data due to mandatory legal provisions.

Which data is collected?
There are a number of situations where your personal information may help Gurglhof GmbH to better serve you. For example, you might be asked for personal information when you start a transaction. You will only be asked for information beiing relevant to the respective situation. These include, for example, name, mailing address, telephone number, e-mail address and preferred method of contacting or credit card information. In addition, Gurglhof GmbH collects information for market research purposes in order to get to know its customers/ guests better and thus to be able to offer you a more effective service. Furthermore, Gurglhof GmbH collects personal data on customer activities on its website. Based on this data, Gurglhof GmbH can determine which information is really useful for its customers/guests and which areas of its websites and internet services most relevant for its customers.

When does Gurglhof GmbH pass on personal data?
Gurglhof GmbH takes the protection of your personal rights very seriously. Gurglhof GmbH assures you that it does not sell or lend your contact information to other providers. In order to provide you with an exemplary service, Gurglhof GmbH may transfer your personal data to service companies that are obliged to protect this data in accordance with this privacy policy as well.It may sometimes be advantageous for Gurglhof GmbH to make certain personal data available to other companies that work for Gurglhof GmbH in order to supply you with products and services on behalf of Gurglhof GmbH. In particular, these companies can help us process information, execute customer orders, deliver products, manage and maintain customer data, provide customer service, evaluate your interest in Gurglhof GmbH's products and services, conduct research or conduct customer satisfaction surveys.These companies are also required to protect your personal information in accordance with this privacy policy and applicable privacy rights laws. In addition, Gurglhof GmbH may be obliged to disclose your personal data due to mandatory legal provisions or official orders. 

How does Gurglhof GmbH protect your personal data?
Gurglhof GmbH takes precautions, including administrative, electronic and physical procedures, to protect your personal information from loss, theft and
mis-use, as well as unauthorized access, disclosure, alteration and destruction.The website of Gurglhof GmbH uses the industry standard SSL (Secure Sockets Layer) for encryption. This will ensure the confidentiality of your personal information and credit card information when transacting over the Internet. Further details in connection with the treatment of your personal data on our website can be found below.You too can help us and take appropriate precautions to protect your personal information on the Internet. Be sure to use a secure web browser and to enable the web browser settings to protect your personal information.

Integrity of your personal data 
Gurglhof GmbH has taken protective measures to ensure that your personal data are always correct, complete and up-to-date for the intended purposes. Of course, you always have the right to have the personal data provided by you checked for accuracy and up-to-dateness and, if necessary, to require changes.You can help us to ensure that your contact information and preferences are correct, complete and up-to-date. You can also request a copy of your personal data by contacting us via the e-mail address below. 

Our company-wide commitment to protecting your personal rights.
As already mentioned, Gurglhof GmbH takes the protection of your personal rights very seriously. To ensure the security of your personal information, these policies will be shared with all relevant employees and strict safeguards will be implemented to protect privacy within the organization. The website contains links to websites of other companies. Gurglhof GmbH is not responsible for the handling of these companies with personal rights. Gurglhof GmbH therefore recommends that you inquire the privacy policy from these companies.

Questions about the protection of personal rights
If you have questions or concerns about privacy, please contact us. Send us a message (contact details see last section of this privacy statement).Of course, you can ask Gurglhof GmbH which data are processed by Gurglhof GmbH about you, where these data come from, what they are used for and to whom they are transmitted. Of course you can also correct wrong data or delete inadmissibly processed data. The provisions of the applicable data protection laws apply accordingly. Approval declarations which you have given Gurglhof GmbH regarding the processing of personal data can be revoked at any time. However, such a revocation does not apply to such types of data processing that are already permitted by law. Gurglhof GmbH is entitled to change this privacy policy from time to time. If major changes are made, a notice will be posted on our website along with the updated version of the privacy policy.Below we inform you about the most important aspects of data processing regarding our website.

Website
The protection of your personal data is one of our prime concerns. Therefore, we process your data exclusively on the basis of the statutory provisions (GDPR, TKG [Telecommunications Act] 2003). In this data protection statement, we inform you about the most important aspects of data protection within the framework of our website.

General
It is generally possible to use our website without entering personal data. If personal data (e.g. name, address or email address) is collected on our pages, this will always be on a voluntary basis, wherever possible. This data will not be forwarded to any third parties without your explicit consent. We would like to point out that data transfer via the internet (e.g. when communicating via email) may have security flaws. Flawless protection of your data against access by third parties is not possible.

Contact form
If you send us queries using the contact form, your information in the query form and the contact data entered by you therein will be stored by us to process the request and in case of any follow-up questions. However, your accommodation request can only be used by you and sent to us electronically, if you explicitly agree to this data privacy and data usage statement by clicking on the button. We will not pass this data on without your consent. In this respect, please take note of our data privacy statement.


Cookies
Our website uses so-called cookies. These are small text files that are stored on your end device with the help of the browser. They do not cause damage. We use cookies to make our website user-friendly. Some cookies will remain stored on your end device until you delete them. They enable us to remember your browser the next time you visit. If you do not want this, you can set your browser so that it informs you about the placing of cookies, and so that you only allow this on a case-by-case basis. Deactivating cookies may limit the functionality of our website.

Vouchershop
1. Description and scope of data processing
On our website there is the option to purchase vouchers. If a user uses this option, the data entered in the input mask will be transmitted to us and saved. This data is: title, first name, surname, address, email address, telephone number, voucher amount, personalisation of the voucher, shipping options/alternative shipping address, method of payment.
Voucher purchases on our website go through the online ordering system of websLINE Internet- & Marketing GmbH, Sägewerkstrasse 24, 83395 Freilassing, Germany. All order data you enter shall be encrypted. websLINE commits to the data privacy-appropriate handling of your personal data. The company takes all organisational and technical measures to protect your data.
In this context, no further transfer of your data to third parties takes place. The data is used exclusively for processing your booking and for communication purposes.
2. Legal basis for the processing of data
The legal basis for the processing of the data is the conclusion of a contract of sale with the user.
3. Purpose of data processing
The processing of personal data from the input mask serves solely to process your voucher purchase and to process payment transactions.
4. Duration of storage
The data will be deleted as soon as it is no longer necessary for the purpose of its collection. In the case of a contractual relationship, we will delete the data received as soon as national, commercial, statutory or contractual retention requirements have been met.
5. Means of objection and removal
The user has the option to object to the processing of their personal data at any time.


Booking & Enquire
1. Description and scope of data processing
On our website you have the possibility to book and/or inquire rooms and offers. If a user uses this option, the data entered in the input mask will be transmitted to us and saved. This data is: title, first name, surname, email address, telephone number, address, number of guests, requests, date, time.
Online bookings via our website are completed using the online reservation system of websLINE Internet- & Marketing GmbH, Sägewerkstrasse 24, 83395 Freilassing, Germany. All booking data you enter shall be encrypted. websLINE commits to the data privacy-appropriate handling of your personal data. The company takes all organisational and technical measures to protect your data.
In this context, no further transfer of your data to third parties takes place. The data is used exclusively for processing your booking and for communication purposes.
2. Legal basis for the processing of data
The legal basis for the processing of the data is the conclusion of an accommodation contract with the user.
3. Purpose of data processing
The processing of personal data from the input mask serves solely to process your booking request and to process payment transactions.
4. Duration of storage
The data will be deleted as soon as it is no longer necessary for the purpose of its collection. In the case of a contractual relationship, we will delete the data received as soon as national, commercial, statutory or contractual retention requirements have been met.
5. Means of objection and removal
The user has the option to object to the processing of their personal data at any time.
We would like to point out that in the case of objection, the booking cannot be completed or the communication cannot be continued.

Web analysis
Our website uses functions of website analysis services Google Analytics and Matomo. The provider of Google Analytics is Google Inc., 1600 Amphitheatre Parkway Mountain View, CA 94043, USA. Matomo runs on the servers of Cookis GmbH, 6460 Imst, Franz Xaver Rennstrasse 4 (Bakehouse customers). For this purpose, cookies are used that enable users to use the website. The information thereby generated is transferred to the server of the respective provider, where it is stored. You can prevent this by setting your browser so that no cookies are stored. Your IP address will be logged, but it will be immediately anonymised by deleting the last eight bits clwz. Therefore, only a rough localisation is possible. The data processing takes place on the basis of the statutory provisions of Section 96(3) TKG and Art. 6(1)(a) (consent) and/or (f ) (legitimate interests) GDPR. Our concern within the scope of GDPR (legitimate interests) is to improve our services and our website. As the privacy of our users is important to us, the user data is pseudonymised.

Google Maps
This website uses the Google Maps product by Google Analytics is the Google Inc., 1600 Amphitheater Parkway Mountain View, CA 94043, USA. By using this website, you consent to the collection, processing and use of the automated data collected by Google Inc, its agents and third parties. You can find the Terms of Use for Google Maps under "Google Maps Terms of Service": https://policies.google.com/privacy.

SSL encryption
For reasons of security and to protect the transfer of confidential content, such as the queries you send to us as the site operator, this site uses SSL encryption. You will recognise an encrypted connection if the address bar of the browser changes from “http://” to “https://” and by the lock symbol in your browser bar. If SSL encryption is activated, the data you send to us cannot be read by third parties.

Facebook plugins (Like button)
Data privacy statement for use Plugins of social network Facebook, 1601 South California Avenue, Palo Alto, CA 94304, USA, are integrated on our site. You will recognise the Facebook plugins by the Facebook logo or the “Like button” on our site. You will find an overview of the Facebook plugins here: http://developers.facebook.com/docs/plugins/. When you visit our site, a direct connection will be established between your browser and the Facebook server via the plugin. Facebook will thereby receive notification that you have visited our site with your IP-address. If you click on the Facebook “Like button” while you are logged into your Facebook account, you can link the content of our site to your Facebook profile. Facebook will therefore be able to match the visit to our site with your user account. We would like to point out that as the provider of the site, we do not receive any knowledge about the content of the data transferred or its use by Facebook. Further information can be found in the Facebook data privacy statement at https://dede. facebook.com/policy.php. If you do not want Facebook to be able to match the visit to our site with your Facebook user account, please log out of your Facebook user account.

Instagram
Data privacy statement for use Functions of the Instagram service are included on our site. These functions are offered by Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA. If you are logged into your Instagram account, you can link the content of our site to your Instagram profile by clicking the Instagram button. Instagram will therefore be able to match the visit to our site with your user account. We would like to point out that as the provider of the site, we do not receive any knowledge of the content of the data transferred or its use by Instagram. Further information can be found in the Instagram data privacy statement at https://instagram.com/about/legal/privacy/.

YouTube
Data privacy statement for use Our website uses plugins of Google-operated site YouTube. The operator of the site is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. If you visit one of our pages provided with a YouTube plugin, a connection with the YouTube servers will be established. The YouTube server will therefore be informed about which of our pages you have visited. If you are logged into your YouTube account, you enable YouTube to directly match your surfing behaviour with your personal profile. You can prevent this by logging out of your YouTube account. Further information can be found in the YouTube data privacy statement at https://www.google.de/intl/de/policies/privacy.

ISSUU
Data privacy statement for use Functions of the ISSUU service are included on our site. These functions are offered by Issuu, Inc., 131 Lytton Ave, Palo Alto, CA 94301, USA. With the Issuu service, you can connect, work with, approve and mix documents with other users of the Issuu service community on the internet. We would like to point out that as the provider of the site, we do not receive any knowledge about the content of the data transferred or its use by ISSUU. Further information can be found in the ISSUU Inc. data privacy statement at https://issuu.com/legal/privacy.

Casablanca hotel software
Further processing of personal data Further processing of personal data is permitted: if there is a business case (offer, reservation), if permission from the person has been granted, or if statutory further use (e.g. accounting, reporting) requires processing. Specifically, adjustments to correspondence and the registration form, as well as a solution for the logging, storage and archiving of the declarations of consent of the people concerned, are carried out in the hotel software. Data security and logging In the wake of GDPR, all databases on the servers will be encrypted and no more general users will be created in Casablanca, so that all access to personal data is traceable and can be allocated to respective users. In general, all access to the guest register and selections in Casablanca will be logged automatically. All passwords are encrypted and comply with the data protection guidelines. Credit card details are stored in accordance with PCI (bypayone.com - our KK provider).

Your rights
You have the fundamental right to information, correction, deletion, restriction, data transferability, cancellation and objection. If you believe that the processing of your data violates data protection law or that your legal data protection rights have been violated in any other way, you may make a complaint to the supervisory authority. In Austria, this is the Datenschutzbehörde [data protection authority].

Our details 
Hotel Gurglhof, Gurglhof GmbH, Randweg 19, 6456 Obergurgl, Österreich 
E-Mail: urlaub@gurglhof.at, UID-Nummer: ATU67239366

SHARE YOUR PERSONAL HOTEL GURGLHOF MOMENTS ON FACEBOOK AND INSTAGRAM WITH THOSE HASHTAGS

#hotelgurglhof #gurglhof

© Gurglhof GmbH 2020