At this point we would like to inform you about the processing of your personal data within the framework of the General Data Protection Regulation (GDPR), the Austrian Data Protection Act (DSG) and the Austrian Telecommunications Act (TKG 2021).
Das Walchsee Hotel GmbH, FN 479809b, Johannestraße 1, 6344 Walchsee in Tyrol, firstname.lastname@example.org, +43 5374 5331 is part of the Pletzer group of companies and processes your personal data together with Pletzer Resorts Holding GmbH, FN 199144 i, Brixentaler Straße 3, 6361 Hopfgarten im Brixental as joint controllers according to Art 26 GDPR. If you need further information, please feel free to contact us at any time. You can reach our data protection officer at email@example.com.
In the following text we inform you about the processing of personal data that is carried out in our hotel as part of your stay or booking. Information about the various technical processing processes that take place when you visit our website can be found in the section below.
You have the right to information about your stored personal data, as well as the right to correction, data transfer, objection, restriction of processing and blocking or deletion of incorrect or unlawfully processed data. You have the right to revoke your consent at any time.
If you believe that our processing of your personal data violates applicable data protection law, you have the right to lodge a complaint with a supervisory authority. This can either be the data protection authority responsible for Das Walchsee Hotel GmbH (“Datenschutzbehörde” in Vienna, www.dsb.gv.at) or the supervisory authority responsible for your place of residence.
As a general rule, your personal data will not be passed on to third parties unless this is explained in the detailed information on individual processing operations listed below or is absolutely necessary for the respective processing purpose.
Regardless, we use technical service providers to help us provide our services. These service providers also have partial access to personal data, e.g. IT support companies or system hosting providers (“processors”). However, these processors are not allowed to use the data for their own purposes and are bound by extensive agreements to the strict provisions of the General Data Protection Regulation (GDPR), which also provides for appropriate state-of-the-art security measures.
We ensure that your data is stored either in-house or on servers within the European Union. If transmission to countries outside the European Union is necessary for individual service providers (e.g. to analyze database problems), the transmission will only take place if an adequacy decision has been made by the EU Commission with the respective country or company (Article 45 GDPR) exists, or standard contractual clauses published by the EU institutions for the protection of personal data are concluded (Art. 46 GDPR).
- Booking data and data about your stay
As part of your booking or booking request, in addition to the booking period, desired room category and any additional services (e.g. spa treatments), we process your name, address, communication data and payment data to confirm your booking. During your stay, information on the consumption or purchase of other services is stored. The legal basis for this processing is the fulfillment of a contract or pre-contractual measures (Art. 6 (1) b GDPR). After your stay, the data will be stored for the duration of the statutory retention requirements (Art. 6 (1) c GDPR). To process payments, data is transmitted to payment service providers such as credit card companies.
- Guest report
For every stay, we are legally obliged to forward your data to the responsible registration authority.
- Customer satisfaction surveys
In the legitimate interest of continually improving our processes and services (Art. 6 (1) f GDPR), we offer the opportunity to participate in customer satisfaction surveys. These surveys can also be carried out anonymously if desired. According to Art. 21 GDPR, you can object to this processing.
- Guest profiles and complaint notes
For the legitimate interest of continually improving our processes and services (Art. 6 (1) f GDPR), we store information such as preferences as well as the content of complaints. This is done for the purpose of ensuring high customer satisfaction during your next stay and dealing with complaints. According to Art. 21 GDPR, you can object to this processing.
We only process information about special categories of personal data (in particular health data about allergies) with your consent (Art. 6 (1) a GDPR in conjunction with Art. 9 (2) a GDPR), which you can provide at any time to our service employees or can be revoked in writing.
With your express consent (Art. 6 (1) a GDPR) you can register for our newsletter. The newsletter is sent for direct advertising purposes and contains information about our promotions as well as those about other hotels in our group. You can revoke your consent at any time without giving reasons by clicking on the unsubscribe link contained in every email or by sending us an email.
In addition to your email address, which is required for sending, we also process information about the opening and reading behavior of our newsletter mailings for the purpose of optimizing the content and the time of sending.
- Direct mail
Due to the legitimate interest in sending direct mail by post, we send information about seasonal offers from our hotel or other businesses within our group at irregular intervals. According to Art. 21 GDPR, you can object to this processing.
- Emergency lists (in-house lists)
In the event of emergencies such as fires, natural disasters or a comprehensive failure of the infrastructure, the reception staff have lists of all guests currently checked into the hotel and their accompanying persons. These lists are destroyed daily. The legal basis for processing is the protection of the vital interests of our guests (Art. 6 (1) d GDPR).
- Video surveillance
In the legitimate interest of protecting valuable company property and the property of our guests as well as solving crimes, a video surveillance system has been installed in some places. This only applies to places where incidents have occurred in the past or where there is an inherent risk, e.g. the checkout and reception area or parking areas.
- Anonymization for statistical purposes
For every modern business, an analysis of sales data in conjunction with general guest information or the booking period is essential. The analysis itself takes place using anonymized data from which no person can be identified. The necessary anonymization of guest data and their consumption is based on our legitimate interest in optimizing our products and services and the success of our company.
- Guest card
In order to issue the regional guest card with various discounts in the region, guest data required to issue the card (name, length of stay, hotel operation) is forwarded to the responsible tourism association.
- Sale and brokerage of third-party services
Upon request, we can organize additional services for our guests, such as transport or wellness services. Depending on the partner company, these services are either billed through the hotel or the partner company receives the guest data required for communication and billing. The legal basis in this regard is the fulfillment of agreements or pre-contractual measures (Art. 6 (1) b GDPR).
- Management of rental vehicles
When providing vehicles from our fleet, we are legally obliged to check your driving license and document this check (Art. 6 (1) c GDPR). This information is used in the event of damage or when issuing fine notices and forwarded to the responsible bodies or authorities. This data is stored for a period of three years and then anonymized.
- Electronic locking system
Our hotel is equipped with an electronic locking system. An identification number of the respective key and the time of the locking process are recorded in the respective door lock. However, this data is not collected centrally and is only evaluated if crimes are suspected. This processing is carried out for the legitimate interest of protecting both valuable company property and the property of our guests or the investigation of criminal offenses (Art. 6 (1) f GDPR).
- Birthday lists
In the legitimate interest of optimal customer service (Art. 6 (1) f GDPR), data about upcoming birthdays during the period of stay is passed on to our kitchen and service staff so that they can prepare a small birthday surprise.
- Guest app
We offer our guests a smartphone app with which you can find out about current offers, courses or events in the hotel at any time, register and reserve services. The app records usage behavior, but no person can be identified. In the case of reservations (e.g. for wellness treatments), data is transferred from the app to the hotel's own management system on the basis of pre-contractual measures (Art. 6 (1) b GDPR).
- Guest WiFi
We offer free WiFi for our guests. No identification is required. For technical reasons, your device's unique network address is used to assign an IP address. However, access via this IP address is not logged.
- Data processing on our website
In the following text we will inform you about the various processing of personal data that takes place when you use our website.