Skip to content

privacy statement

We have drawn up this data protection declaration (version 11.03.2020-111253730) in order to explain to you, in accordance with the provisions of the basic data protection regulation (EU) 2016/679, what information we collect, how we use data and what decision-making options you have as a visitor to this website.

Unfortunately, it is in the nature of things that these explanations sound very technical, but we have tried to describe the most important things as simply and clearly as possible.

Automatic data storage

Nowadays, when you visit websites, certain information is automatically created and stored, as is the case on this website.

When you visit our website as you are doing right now, our web server (the computer on which this website is stored) automatically stores data such as

  • the address (URL) of the web page accessed
  • Browser and browser version
  • the operating system used
  • the address (URL) of the previously visited page (referrer URL)
  • the host name and IP address of the device from which access is made
  • date and time

in files (web server log files).

Usually web server log files are stored for two weeks and then automatically deleted. We do not pass on this data, but cannot exclude the possibility that this data may be viewed in the event of illegal behaviour.

Cookies

Our website uses HTTP cookies to store user-specific data.
In the following we explain what cookies are and why they are used so that you can better understand the following privacy policy.

What exactly are cookies?

Whenever you surf the Internet, you use a browser. Some well-known browsers include Chrome, Safari, Firefox, Internet Explorer, and Microsoft Edge. Most web pages store small text files in your browser. These files are called cookies.

One of them is not to be dismissed: Cookies are really useful little helpers. Almost all websites use cookies. To be more precise, they are HTTP cookies, as there are also other cookies for other applications. HTTP cookies are small files that are stored on your computer by our website. These cookie files are automatically stored in the cookie folder, quasi the “brain” of your browser. A cookie consists of a name and a value. When defining a cookie, one or more attributes must also be specified.

Cookies store certain user data about you, such as language or personal page settings. When you visit our site again, your browser transmits the “user-related” information back to our site. Thanks to the cookies, our website knows who you are and offers you the settings you are used to. In some browsers, each cookie has its own file, in others, such as Firefox, all cookies are stored in a single file.

There are both first-party cookies and third-party cookies. First-party cookies are created directly by our site, third-party cookies are created by partner sites (e.g. Google Analytics). Each cookie is evaluated individually, as each cookie stores different data. The expiration time of a cookie also varies from a few minutes to a few years. Cookies are not software programs and do not contain viruses, trojans or other “malware”. Cookies also cannot access information on your PC.

For example, cookie data may look like this:

Name: _ga
Value: GA1.2.1326744211.152111253730-9
Purpose: differentiation of website visitors
Expiry date: after 2 years

A browser should be able to support these minimum sizes:

  • At least 4096 bytes per cookie
  • At least 50 cookies per domain
  • At least 3000 cookies in total

What types of cookies are there?

The question of which cookies we use in particular depends on the services used and is clarified in the following sections of the privacy policy. At this point we would like to briefly discuss the different types of HTTP cookies.

You can distinguish between 4 types of cookies:

Essential cookies
These cookies are necessary to ensure basic functions of the website. For example, these cookies are needed when a user places a product in the shopping cart, then continues surfing on other pages and only proceeds to checkout later. These cookies do not delete the shopping cart, even if the user closes his browser window.

Appropriate cookies
These cookies collect information about user behavior and whether the user receives any error messages. In addition, these cookies also measure the loading time and the behaviour of the website with different browsers.

Target-oriented cookies
These cookies ensure a better user-friendliness. For example, entered locations, font sizes or form data are stored.

Advertising cookies
These cookies are also called targeting cookies. They are used to deliver customized advertising to the user. This can be very practical, but also very annoying.

Usually the first time you visit a website, you are asked which of these types of cookies you would like to allow. And of course this decision is also stored in a cookie.

How can I delete cookies?

How and whether you want to use cookies is up to you. Regardless of which service or website the cookies come from, you always have the option of deleting, deactivating or only partially allowing cookies. For example, you can block third-party cookies, but allow all other cookies.

If you want to find out which cookies are stored in your browser, if you want to change or delete cookie settings, you can find this in your browser settings:

Chrome: Delete, activate and manage cookies in Chrome

Safari: Manage cookies and website data with Safari

Firefox: delete cookies to remove data that websites have placed on your computer

Internet Explorer: Delete and manage cookies

Microsoft Edge: Delete and manage cookies

If you do not wish to receive cookies, you can set up your browser so that it always informs you when a cookie is to be set. This way you can decide for each individual cookie whether you want to allow it or not. The procedure varies from browser to browser. The best way to find the instructions is to search Google using the keyword “Delete Chrome cookies” or “Disable Chrome cookies” in the case of a Chrome browser.

What about my privacy?

The so-called “cookie guidelines” have been in place since 2009. They state that the storage of cookies requires the consent of the person you are visiting. Within the EU countries, however, there are still very different reactions to these guidelines. In Austria, however, this directive was implemented in § 96 para. 3 of the Telecommunications Act (TKG).

If you want to know more about cookies and are not afraid of technical documentation, we recommend https://tools.ietf.org/html/rfc6265, the Request for Comments of the Internet Engineering Task Force (IETF) called “HTTP State Management Mechanism”.

 

Storage of personal data

Personal information that you submit to us electronically on this website, such as your name, email address, postal address or other personal information when submitting a form or comments on the blog, together with the time and IP address, will only be used by us for the purpose stated in each case, will be kept securely stored and will not be disclosed to third parties.

Thus, we will only use your personal data for communication with those visitors who expressly request contact and for processing the services and products offered on this website. We will not pass on your personal data without your consent, but we cannot exclude the possibility that this data may be viewed in the event of unlawful behaviour.

If you send us personal data by e-mail – thus off this website – we cannot guarantee secure transmission and protection of your data. We recommend that you never send confidential data by e-mail without encryption.

 

Rights under the basic data protection regulation

According to the provisions of the DSGVO and the Austrian Data Protection Act (DSG), you are basically entitled to the following rights:

  • Right of rectification (Article 16 DSGVO)
  • Right of deletion (“right to be forgotten”) (Article 17 DPA)
  • Right to restrict processing (Article 18 DSGVO)
  • Right of notification – obligation to notify in connection with the rectification or erasure of personal data or the restriction of processing (Article 19 DPA)
  • Right to data transferability (Article 20 DSGVO)
  • Right of objection (Article 21 DSGVO)
  • Right not to be subject to a decision based solely on automated processing, including profiling (Article 22 DPA)

If you believe that the processing of your data violates data protection law or your rights under data protection law have otherwise been violated in any way, you can complain to the supervisory authority, which in Austria is the data protection authority, whose website you can find at https://www.dsb.gv.at/

Evaluation of the visitor behaviour

In the following data protection declaration we inform you whether and how we evaluate data from your visit to this website. The evaluation of the collected data is usually anonymous and we cannot deduce your identity from your behaviour on this website.

You can find out more about how to object to this evaluation of visit data in the following data protection declaration.

TLS encryption with https

We use https to transmit data tap-proof on the Internet (data protection through technology design article 25 paragraph 1 DSGVO). By using TLS (Transport Layer Security), an encryption protocol for secure data transmission on the Internet, we can ensure the protection of confidential data. You can recognize the use of this data transmission security by the small lock symbol in the upper left corner of the browser and the use of the https scheme (instead of http) as part of our Internet address.

Google Maps Privacy Policy

On our website we use Google Maps from the company Google Inc. (1600 Amphitheatre Parkway Mountain View, CA 94043, USA). With Google Maps we can show you locations better and thus adapt our service to your needs. By using Google Maps, data is transferred to Google and stored on Google’s servers. Here we would like to go into more detail about what Google Maps is, why we use this Google service, what data is stored and how you can prevent this.

What is Google Maps?

Google Maps is an Internet map service from Google Inc. that allows you to search online for exact locations of cities, places of interest, accommodations or businesses using a PC, tablet or app. If companies are represented on Google My Business, additional information about the company is displayed next to the location. To show how to get there, map sections of a location can be embedded into a website using HTML code. Google Maps shows the surface of the earth as a street map or as an aerial or satellite image. Thanks to the Street View images and the high quality satellite images, very accurate representations are possible.

Why do we use Google Maps on our website?

All our efforts on this site are aimed at providing you with a useful and meaningful time on our website. Through the integration of Google Maps, we can provide you with the most important information about various locations. You can see at a glance where we have our headquarters. The directions always show you the best or fastest way to reach us. You can call up the directions for routes by car, public transport, on foot or by bicycle. For us, providing Google Maps is part of our customer service.

Which data is stored by Google Maps?

In order for Google Maps to offer its service in its entirety, the company must collect and store data about you. This includes the search terms entered, your IP address and also the latitude and longitude coordinates. If you use the route planner function, the start address entered will also be saved. However, this data storage happens on the websites of Google Maps. We can only inform you about it, but we cannot influence it. Since we have integrated Google Maps into our website, Google sets at least one cookie (name: NID) in your browser. This cookie stores data about your user behaviour. Google uses this data primarily to optimise its own services and to provide individual, personalised advertising for you.

The following cookie is set in your browser due to the integration of Google Maps:

Name: NID
Value: 188=h26c1Ktha7fCQTx8rXgLyATyITJ111253730-5
Purpose: NID is used by Google to adapt advertisements to your Google search. Google uses the cookie to “remember” your most commonly entered search queries or your previous interaction with ads. So you can always get customized ads. The cookie contains a unique ID that Google uses to collect your personal preferences for advertising purposes.
Expiration date: after 6 months

Note: We cannot guarantee the completeness of the stored data. Especially when using cookies, changes can never be excluded. In order to identify the cookie NID, a separate test page was created where only Google Maps was integrated.

How long and where is the data stored?

The Google servers are located in data centers around the world. However, most servers are located in America. For this reason, your data is also increasingly stored in the USA. Here you can find out exactly where the Google data centers are located: https://www.google.com/about/datacenters/inside/locations/?hl=de


Google distributes the data on different data carriers. This means that the data can be accessed more quickly and is better protected against any attempts at manipulation. Each data center also has special emergency programs. If, for example, there are problems with the Google hardware or a natural disaster paralyses the servers, the data is still protected.

Some data is stored by Google for a fixed period of time. For other data, Google only offers the option to delete it manually. The company also anonymizes information (such as advertising data) in server logs by deleting part of the IP address and cookie information after 9 and 18 months respectively.

How can I delete my data or prevent data storage?

With the automatic deletion of location and activity data introduced in 2019, location and web/app activity information is stored for either 3 or 18 months, depending on your decision, and then deleted. You can also manually delete this data from your history at any time using your Google Account. If you want to completely prevent your location tracking, you’ll need to pause web and app activity in Google Account. Click ‘Data and personalization’ and then click the ‘Activity setting’ option. Here you can turn the activity on or off.

You can also disable, delete or manage individual cookies in your browser. Depending on the browser you use, this always works slightly differently. The following instructions show how to manage cookies in your browser:

Chrome: Delete, activate and manage cookies in Chrome

Safari: Manage cookies and website data with Safari

Firefox: delete cookies to remove data that websites have placed on your computer

Internet Explorer: Delete and manage cookies

Microsoft Edge: Delete and manage cookies

If you do not wish to receive cookies, you can set up your browser so that it always informs you when a cookie is to be set. This way you can decide for each individual cookie whether you want to allow it or not.

Google is an active participant in the EU-U.S. Privacy Shield Framework, which regulates the correct and secure transfer of personal data. You can find more information on this at https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI. If you would like to learn more about Google’s data processing practices, we recommend you read the company’s own privacy policy at https://policies.google.com/privacy?hl=de.

 

Google Fonts Privacy Policy

On our website we use Google Fonts. These are the “Google Fonts” of the company Google Inc. (1600 Amphitheatre Parkway Mountain View, CA 94043, USA).

To use Google fonts, you do not need to log in or set a password. Furthermore, no cookies are stored in your browser. The files (CSS, fonts) are requested via the Google domains fonts.googleapis.com and fonts.gstatic.com. According to Google, the requests for CSS and fonts are completely separate from all other Google services. If you have a Google Account, you don’t need to worry about your Google Account information being submitted to Google while using Google Fonts. Google tracks the use of CSS (Cascading Style Sheets) and the fonts used and stores this information securely. We’ll be taking a closer look at what exactly this data storage looks like.

What are Google Fonts?

Google Fonts (formerly Google Web Fonts) is a directory of over 800 fonts that Google LLC makes available to its users free of charge.

Many of these fonts are released under the SIL Open Font License, while others are released under the Apache license. Both are free software licenses.

Why do we use Google Fonts on our website?

With Google Fonts, we can use fonts on our own website, and don’t have to upload them to our own server. Google Fonts is an important component to keep the quality of our website high. All Google fonts are automatically optimized for the web and this saves data volume and is a great advantage especially for mobile devices. When you visit our site, the low file size ensures a fast loading time. Furthermore, Google Fonts are secure web fonts. Different image synthesis systems (rendering) in different browsers, operating systems and mobile devices can lead to errors. Such errors can visually distort some texts or entire web pages. Thanks to the fast Content Delivery Network (CDN) there are no cross-platform problems with Google Fonts. Google Fonts supports all major browsers (Google Chrome, Mozilla Firefox, Apple Safari, Opera) and works reliably on most modern mobile operating systems, including Android 2.2+ and iOS 4.2+ (iPhone, iPad, iPod). So we use Google Fonts to make our entire online service as beautiful and consistent as possible.

Which data is stored by Google?

When you visit our website, the fonts are downloaded via a Google server. This external call transfers data to the Google servers. In this way Google also recognises that you or your IP address is visiting our website. The Google Fonts API was developed to reduce the use, storage and collection of end user data to what is necessary for the proper provision of fonts. By the way, API stands for “Application Programming Interface” and serves, among other things, as a data transmitter in the software sector.

Google Fonts stores CSS and font requests securely at Google and is therefore protected. The usage figures collected enable Google to determine how well the individual fonts are received. Google publishes the results on internal analysis pages, such as Google Analytics. Google also uses data from its own web crawler to determine which websites use Google fonts. This data is published in Google Fonts’ BigQuery database. Entrepreneurs and developers use the Google BigQuery web service to examine and move large amounts of data.

However, it should be noted that each Google Font request also automatically sends information such as language settings, IP address, browser version, browser screen resolution and browser name to the Google servers. Whether this data is also stored is not clearly ascertainable or is not clearly communicated by Google.

How long and where is the data stored?

Google stores requests for CSS assets for one day on your servers, which are mainly located outside the EU. This allows us to use the fonts using a Google style sheet. A stylesheet is a style template that allows you to easily and quickly change, for example, the design or font of a web page.

The font files are stored at Google for one year. Google’s goal is to improve the loading time of web pages. If millions of web pages link to the same fonts, they are cached after the first visit and reappear immediately on all other web pages visited later. Sometimes Google updates font files to reduce file size, increase language coverage and improve design.

How can I delete my data or prevent data storage?

The data that Google stores for a day or a year cannot simply be deleted. The data is automatically transmitted to Google when the page is viewed. To delete this data prematurely, you must contact Google support at https://support.google.com/?hl=de&tid=111253730. In this case you only prevent data storage if you do not visit our site.

Unlike other web fonts, Google allows us unlimited access to all fonts. This means that we have unlimited access to a sea of fonts and can thus get the most out of our website. You can find more information about Google Fonts and other questions at https://developers.google.com/fonts/faq?tid=111253730. Although Google addresses privacy issues there, it does not provide really detailed information about data storage. It’s relatively difficult to get really detailed information about data storage from Google.

You can also read about what data Google collects and what this data is used for at https://www.google.com/intl/de/policies/privacy/.

YouTube Privacy Policy

We have included YouTube videos on our website. So we can present you interesting videos directly on our site. YouTube is a video portal, which is a subsidiary of Google LLC since 2006. The video portal is operated by YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. When you visit a page on our website that has an embedded YouTube video, your browser automatically connects to the servers of YouTube or Google. Various data is transferred (depending on the settings). Google is responsible for the entire data processing and Google’s data protection policy therefore also applies.

In the following we would like to explain to you in more detail which data is processed, why we have embedded YouTube videos and how you can manage or delete your data.

What is YouTube?

On YouTube, users can view, rate, comment on and upload videos for free. Over the last few years, YouTube has become one of the most important social media channels worldwide. To enable us to display videos on our website, YouTube provides a code snippet that we have integrated into our site.

Why do we use YouTube videos on our website?

YouTube is the video platform with the most visitors and the best content. We strive to provide you with the best possible user experience on our website. And of course interesting videos should not be missing. With the help of our embedded videos, we provide you with further helpful content in addition to our texts and images. In addition, the embedded videos make our website easier to find on the Google search engine. Even if we place ads via Google Ads, Google can – thanks to the data collected – really only show these ads to people who are interested in our offers.

What data is stored by YouTube?

When you visit one of our sites that has a YouTube video embedded, YouTube at least sets a cookie that stores your IP address and our URL. If you are logged in to your YouTube account, YouTube can associate your interactions on our site with your profile, usually using cookies. This includes information such as session duration, bounce rate, approximate location, technical information such as browser type, screen resolution, or your Internet service provider. Other information may include contact information, any ratings, sharing content through social media, or adding to your favorites on YouTube.

If you’re not signed in to a Google Account or a YouTube account, Google stores data with a unique identifier associated with your device, browser, or app. For example, your preferred language setting is preserved. But much interaction data can’t be stored because fewer cookies are set.

In the following list, we show cookies that were set in a test in the browser. On the one hand, we show cookies that are set without a logged in YouTube account. On the other hand we show cookies that are set with a registered account. The list cannot claim to be complete, because the user data always depends on the interactions on YouTube.

Name: YSC
Value: b9-CV6ojI5Y111253730-1
Purpose: This cookie registers a unique ID to store statistics of the video viewed.
Expiration date: after session end

Name: PREF
Value: f1=50000000
Purpose: This cookie also registers your unique ID. Google gets statistics about how you use YouTube videos on our website via PREF.
Expiration date: after 8 months

Name: GPS
Value: 1
Purpose: This cookie registers your unique ID on mobile devices to track your GPS location.
Expiration date: after 30 minutes

Name: VISITOR_INFO1_LIVE
Value: 95Chz8bagyU
Purpose: This cookie tries to estimate the bandwidth of the user on our websites (with built-in YouTube video).
Expiration date: after 8 months

Other cookies that are set when you are logged in with your YouTube account:

Name: APISID
Value: zILlvClZSkqGsSwI/AU1aZI6HY7111253730-
Purpose: This cookie is used to create a profile of your interests. The data is used for personalised advertisements.
Expiration date: after 2 years

Name: CONSENT
Value: YES+AT.de+20150628-20-0
Purpose: The cookie stores the status of a user’s consent to use various Google services. CONSENT is also used for security purposes, to verify users and protect user data from unauthorised attacks.
Expiration date: after 19 years

Name: HSID
Value: AcRwpgUik9Dveht0I
Purpose: This cookie is used to create a profile of your interests. This data helps us to display personalized advertising.
Expiration date: after 2 years

Name: LOGIN_INFO
Value: AFmmF2swRQIhALl6aL…
Purpose: Information about your login data is stored in this cookie.
Expiry date: after 2 years

Name: SAPISID
Value: 7oaPxoG-pZsJuuF5/AnUdDUIsJ9iJz2vdM
Purpose: This cookie works by uniquely identifying your browser and device. It is used to create a profile of your interests.
Expiration date: after 2 years

Name: SID
Value: oQfNKjAsI111253730-
Purpose: This cookie stores your Google Account ID and your last sign-in time in digitally signed and encrypted form.
Expiration date: after 2 years

Name: SIDCC
Value: AN0-TYuqub2JOcDTyL
Purpose: This cookie stores information about how you use the website and which advertisements you may have seen before visiting our site.
Expiration date: after 3 months

How long and where is the data stored?

The data that YouTube receives and processes from you is stored on Google’s servers. Most of these servers are located in America. You can see exactly where the Google data centres are located at https://www.google.com/about/datacenters/inside/locations/?hl=de. Your data is distributed across the servers. So the data can be retrieved faster and is better protected against manipulation.

Google stores the collected data for different lengths of time. Some data can be deleted at any time, others are automatically deleted after a limited time and some are stored by Google for a longer time. Some data (such as items from “My activity”, photos or documents, products) stored in your Google Account will remain stored until you delete them. Even if you’re not signed in to a Google Account, you can still delete some data associated with your device, browser, or app.

How can I delete my data or prevent data storage?

Basically, you can manually delete data in your Google Account. With the automatic deletion function of location and activity data introduced in 2019, information is stored for either 3 or 18 months, depending on your decision, and then deleted.

Whether or not you have a Google Account, you can configure your browser to delete or disable Google cookies. This works in different ways depending on the browser you use. The following instructions show you how to manage cookies in your browser:

Chrome: Delete, activate and manage cookies in Chrome

Safari: Manage cookies and website data with Safari

Firefox: delete cookies to remove data that websites have placed on your computer

Internet Explorer: Delete and manage cookies

Microsoft Edge: Delete and manage cookies

If you do not wish to receive cookies, you can set up your browser so that it always informs you when a cookie is to be set. This way you can decide for each individual cookie whether you want to allow it or not. Since YouTube is a subsidiary of Google, there is a common privacy policy. If you want to learn more about how we handle your information, we recommend you read the privacy policy at https://policies.google.com/privacy?hl=de.

 

Source: Created with the data protection generator of content marketing agency AdSimple.at in cooperation with Dr. Wallentin.

 

 

 

WINTER OFFERS

For our current winter offers
we ask you to contact us directly.

QUICKBOOK

Arrival:
Departure:
Adults:
Children: