Data Protection Regulation
SHH GmbH
Address:
Triester Straße 377
8055 Graz
Austria
Telephone: +43 (0)3135 / 53 7 54 v
Fax: +43 (0)3135 / 53 7 54-6
Email: info@hotel-schachenwald.at
Responsible Chamber: Styrian Chamber of Commerce
Specialist group: Hotel industry
Authority according to ECG: District Authority Graz-Umgebung
All rights reserved. The contents of this website are for your information only. The assumption and
Use of the data for other purposes requires the
written consent of SHH GmbH.
Data Protection Declaration (TMG)
We appreciate your interest in our website. Despite careful control of the content, we cannot accept any liability for external links to third-party content. The protection of your personal data during the collection, processing, and use of our website is important to us. Your data is protected in accordance with legal regulations. Below you will find information about which data is collected during your visit to our website and how it is used:
1. Collection and processing of data
Every access to our website and every retrieval of a file stored on the website is logged. This storage serves internal system-related and statistical purposes. The following are logged: the name of the retrieved file, the date and time of retrieval, the amount of data transferred, a notification of successful retrieval, the web browser, and the requesting domain. The IP addresses of the requesting computers are also logged. Further personal data is only collected if you provide this information voluntarily, for example, as part of an inquiry or registration.
2. Use and disclosure of personal data
If you have provided us with personal data, we will only use it to answer your inquiries, to process contracts concluded with you, and for technical administration. Your personal data will only be passed on or otherwise transmitted to third parties if this is necessary for the purpose of contract processing - in particular passing on order data to suppliers - if this is required for billing purposes, or if you have previously consented. You have the right to revoke your consent at any time with effect for the future. The stored personal data will be deleted if you revoke your consent to storage, if knowledge of the data is no longer required to fulfill the purpose for which it was stored, or if its storage is inadmissible for other legal reasons.
3. Right to information
Upon written request, we will be happy to inform you about the data stored about you.
Security notice: We strive to store your personal data in such a way that it is not accessible to third parties, using all technical and organizational measures. We cannot guarantee complete data security when communicating via email, so we recommend sending confidential information by post.
All rights reserved. All text, images, graphics, sound, video, and animation files, as well as their arrangements, are subject to copyright and other intellectual property laws.
Technical changes as well as changes in shape and color are reserved within reasonable limits.
4. Rights
The protection of your personal data is of utmost importance to us. We therefore process your data exclusively in accordance with legal regulations (GDPR, Telecommunications Act 2003). In this privacy policy, we inform you about the most important aspects of data processing on our website.
Contact us
If you contact us via the form on the website or by email, your
provided data for the purpose of processing the request and in case
We will store your data for six months in case of follow-up questions. We will not share this data without your
consent.
E-Mail-Marketing / Newsletter (Brevo – Sendinblue GmbH)
Our website uses so-called cookies. These are small text files that are stored on your device with the help of your browser. They do not cause any damage. We use cookies to make our service user-friendly. Some cookies remain stored on your device until you delete them. They enable us to recognize your browser the next time you visit. If you do not want this, you can set your browser to inform you about the use of cookies and only allow this on a case-by-case basis. If you deactivate cookies, the functionality of our website may be limited.
Schriftarten (Adobe Fonts / lokal)
You have the option of subscribing to our newsletter via our website. To do so, we require your email address and your declaration that you agree to receive the newsletter. In order to provide you with targeted information, we also collect and process voluntarily provided information about your interests, date of birth, and postcode.
[…].
Once you have subscribed to the newsletter, we will send you a confirmation email with a link to confirm your registration.
You can cancel your newsletter subscription at any time. Please send your cancellation to the following email address:
[Enter your email address]. We will then immediately delete your data in connection with the newsletter dispatch.
Web analysis
Our website uses functions of the web analysis service ...
[Name of the tool and company of the provider including company headquarters including information as to whether data is transferred to a (non-European) third country].
Cookies are used to analyze how users use the website. The information generated is transferred to the provider's server and stored there.
You can prevent this by configuring your browser to prevent cookies from being stored. We have concluded a corresponding contract for order data processing with the provider.
Your IP address is recorded but immediately pseudonymized (e.g., by deleting the last 8 bits). This allows only a rough localization.
The relationship with the web analytics provider is based on...
[Standard contractual clauses/an adequacy decision of the European Commission (e.g. in the case of the USA: “Privacy Shield”)].
Data processing is carried out on the basis of the legal provisions of Section 96 Paragraph 3 of the Telecommunications Act (TKG) and Article 6 Paragraph 1 Letter a (consent) and/or f (legitimate interest) of the GDPR.
Our aim, within the meaning of the GDPR (legitimate interest), is to improve our services and our website. Because the privacy of our users is important to us, user data is pseudonymized.
[Pseudonymization is recommended for the legal reason “legitimate interest”; this must be clarified with the web analysis service].
The user data will be stored for a period of ... [specify storage period] [this must be clarified with the web analytics service].
Child (Article 8 paragraph 1)
The GDPR sets an age limit of 16 for the legality of a child's consent to the provision of information society services. However, EU member states may stipulate lower age limits, but not below 13 years. The Austrian Data Protection Act (DSG), as amended by the Data Protection Adaptation Act 2018 and the Data Protection Deregulation Act 2018, sets this age limit at 14 years.
Recipient (Article 4(9))
The GDPR defines a "recipient" as a natural or legal person, public authority, agency, or other body to which personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be considered recipients; the processing of those data by those public authorities shall be in compliance with applicable data protection rules and in accordance with the purposes of the processing.
This definition also includes the processor, which also counts as a “recipient”.
Personal data (Article 4(1))
The provisions of the GDPR apply to the processing of personal data of natural persons.
By definition, “personal data” means any information relating to an identified or identifiable natural person (“data subject”).
A natural person is considered identifiable if he or she can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
Special categories of personal data (“sensitive data”, Article 9(1)):
This refers to personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, as well as the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation.
The GDPR defines the term “processing” as any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or linking, restriction, erasure or destruction.
The EU General Data Protection Regulation (GDPR) comes into force on May 25, 2018. Learn more about our terms and conditions .
