The protection of your personal data is of particular concern to us. We therefore process your data exclusively in a lawful manner on the basis of the legal provisions (especially GDPR, DSG 2018, TKG 2021).
In this data protection information, we inform you about the most important aspects of data processing - the type, scope and purposes of the collection and use of personal data - in the context of the use of our website and in the context of other services provided by our company.
The person responsible (as defined in Art. 4 Z 7 DSGVO) for the processing of your personal data (personal data as defined in Art. 4 Z 1 DSGVO) is:
Tourist Association Ausseerland Salzkammergut
A-8990 Bad Aussee
Tel. +43 3622 54040
Data Protection Officer:
We take the protection of personal data seriously and have appointed an external data protection officer for this purpose. Our data protection officer is MMag. Martin Zeppezauer, Thurnbichlweg 50, A-6353 Going am Wilden Kaiser (www.zepedes.com). You can contact our data protection officer at the e-mail address email@example.com.
Purposes of processing
The purposes of processing your personal data generally result from our business activities as a tourism organization: making our online offers available, processing customer inquiries / orders / bookings, accounting, communication with business partners and customers. For detailed information on the purposes of processing and, if applicable, further processing for other compatible purposes, as well as on the categories of data processed, please refer to the detailed descriptions of the individual data processing processes.
General data categories
Special categories of data ("sensitive data") according to Art. 9 DSGVO
Legal basis for the processing
In principle, there is no obligation to provide the data for the data processing described in this data protection declaration. Failure to provide this data will only result in us not being able to offer these services. The legal basis for the processing of your personal data that is required for the performance of a contract with you or an order placed with us by you is Art. 6 (1) lit. b DSGVO. Insofar as processing of personal data is necessary for the fulfillment of a legal obligation on our part (accounting obligation, bookkeeping obligation or other legal documentation obligations), Art. 6 (1) lit. c DSGVO serves as the legal basis. If we process your data to perform a task assigned to us in the public interest ("sovereign action"), the legal basis is Art. 6 (1) lit. e DSGVO. If the processing is necessary to protect a legitimate interest of our company or a third party and your interests, fundamental rights and freedoms do not override our interest, Art. 6 (1) lit. f DSGVO ("legitimate interest") serves as the legal basis for the processing. In this case, we will also inform you about our legitimate interests. Insofar as we do not have any other legal basis for the processing of personal data as explained above, we will ask you for your consent to data processing, thereby relying in these cases on Art. 6 (1) lit. a DSGVO or, in the case of the processing of sensitive data, on Art. 9 (2) lit. a DSGVO as the legal basis. You may revoke this consent at any time free of charge without affecting the lawfulness of the processing carried out on the basis of the consent until revocation.
We process your personal data with the support of processors who assist us in providing our services. These processors are bound by a corresponding agreement iSd. Art. 28 DSGVO with us to strictly protect your personal data and may not process your personal data for any other purpose than the provision of our services. You can find out which processors are involved in the detailed descriptions of the individual data processing procedures.
A transfer of your personal data to companies other than our order processors is made to service providers typical for the economy, such as banks, tax consultants or auditors. Personal data is only transferred to state institutions and authorities within the scope of mandatory national legal provisions.
Depending on your order (e.g. for bookings and inquiries), your personal data will be transmitted exclusively to the extent necessary, if applicable, to hotel partners or other tourism service providers (members of our organization), which are necessary for the fulfillment of your order. The transmitted personal data varies depending on the service.
In principle, we process your personal data in the EU area. If we process data in a third country (i.e. outside the European Union (EU) or the European Economic Area (EEA)) or if this is done in the context of using the services of our processors or third parties, this is only done if the requirements of Art. 44 et seq. DSGVO for the transfer to third countries: i.e. on the basis of special guarantees, such as the officially recognized determination of a level of data protection corresponding to the EU or in compliance with officially recognized contractual obligations, the so-called "EU standard contractual clauses". If we rely on the EU standard contractual clauses as the legal basis for the transfer of your personal data, we will additionally examine the permissibility of this data transfer as part of a comprehensive risk assessment. If we come to a negative result, we will not transfer this data to a third country without your express consent pursuant to Art. 49 (1) lit. a GDPR to a third country.
Data transfer to the USA
Through the services integrated in this website, Google Tag Manager, Google Analytics, Facebook Pixel, Pinterest Pixel, Tiktok Analytics, Google Maps and YouTube, your data will (at least in some cases) also be transferred to the USA. Authorities or secret services in the USA can access your data without giving you legal recourse. The ECJ has therefore determined that there is no sufficient level of data protection in the sense of Art. 44 to 50 GDPR for data transfers from the EU to the USA. For this reason, the legal basis for the use of this service is your express consent pursuant to Art. 49 (1) lit. a GDPR.
Your personal data will be deleted by us as soon as the purpose for which we collected your data no longer applies. Storage may take place beyond this if we continue to process the data for a purpose compatible with the original purpose. It may also take place if this is provided for by laws, ordinances or other regulations to which our company is subject.
We collect your personal data exclusively from you and do not use any other data sources.
We do not use any automated decision-making or profiling procedures that have a legal effect on you or affect you significantly in a similar way. However, with your consent, we will use your usage data to get to know your interests better and thus be able to display information that is of interest to you or to make you customized offers or to display relevant information to you on third-party websites or social media platforms.
In accordance with DSGVO, you are generally entitled to the rights of information, correction, deletion, restriction, data portability, revocation and objection. To do so, please contact us as the responsible party using the contact details provided in this data protection information. A detailed explanation of these rights can be found here in Chapter III.
Right to complain
If you believe that the processing of your data violates data protection law or that your data protection rights have otherwise been violated in some way, you can complain to the competent supervisory authority. In Austria, this is the data protection authority (Wickenburggasse 8, 1080 Vienna, e-mail: firstname.lastname@example.org).
In this section we inform you how we process your personal data when you visit our website.
For technical reasons, on the legal basis of § 96 (3) S 3 TKG 2003 (necessary for the operation of our website), the following data, among others, which your Internet browser transmits to us or to our web space provider, is recorded (so-called "server log files"):
Browser type and version
Operating system used and device type (e.g. desktop / mobile)
Website from which you visit us (referrer URL)
Website that you visit
Date and time of your access
Your Internet Protocol address (IP address)
This data, which is anonymous for us, is stored separately from any personal data you may have provided and thus does not allow us to draw any conclusions about a specific person. They are evaluated for statistical purposes in order to be able to optimize our Internet presence and our offers.
SSL or TLS encryption
For security reasons and to protect the transmission of confidential content, such as orders or requests that you send to us as the site operator, this site uses SSL or TLS encryption. You can recognize an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" or by the lock symbol in your browser line. If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.
Technical service providers
We create and edit the content of our website with the help of the following service providers, whom we have engaged through a corresponding agreement iSd. Art. 28 GDPR to process your data exclusively within the scope of our order:
Webagentur - elements.at New Media Solutions GmbH (Gusswerk Halle 6, Söllheimerstraße 16, A-5020 Salzburg); More information on data protection at: https://www.elements.at/de/datenschutzhinweise
Cookie Banner - Cookies on our website
Changing the cookie settings in your web browser
How the web browser you use handles cookies, i.e. which cookies are allowed or rejected, can be determined by you in the settings of your web browser. You can also delete cookies already stored on your computer/end device yourself at any time. Where exactly these settings are located depends on the respective web browser. Detailed information on this can be accessed via the help function of the respective web browser.
In addition, it is possible to generally object to cookies and similar tracking technologies via the services mentioned below by setting your individual preferences - which technologies for usage- and interest-based advertising you wish to allow:
- European Interactive Digital Advertising Alliance (EDAA): https://www.youronlinechoices.com/de/praferenzmanagement/
- Network Advertising Initiative (NAI):
Contact form and e-mail
On our site, we offer you the opportunity to contact us by e-mail and/or via a contact form. In this case, the information you provide will be processed for the purpose of handling your contact on the legal basis of contract performance pursuant to Art. 6 (1) lit. b GDPR. There is a legitimate interest on our part pursuant to Article 6 (1) lit. f GDPR for the use of a contact form. The legitimate interest lies in offering our website visitors an opportunity to contact us that does not require them to call up their own e-mail client. There is no legal or contractual obligation to provide this personal data. The only consequence of not providing it is that you do not submit your request and we cannot process it. Data will only be passed on to third parties if this is stated on the website or in this data protection declaration or is necessary for the fulfillment of the contract or is required by law. We store your data only as long as this is appropriate for the processing of your requests or for any queries.
For the purpose of providing contractual services as well as their payment and execution in the context of online purchases, bookings and brochure orders, we process your personal master data, contract and payment data as well as communication data (IP address and server log files) on the legal basis of Art. 6 (1) lit. b DSGVO (contract performance) as well as Art. 6 (1) lit. c DSGVO (legal obligation for invoicing and archiving).
We store this data as long as the purpose requires, legal regulations provide for this (retention period of invoices according to § 132 BAO for 7 years; voucher orders until the expiry of the redemption period for 30 years) or we need this data on the basis of the legal basis of Art. 6 (1) lit. f DSGVO (legitimate interest) to defend against possible liability claims. If you cancel the ordering process, we store the data for 14 days to clarify possible problems during the ordering process.
There is no legal or contractual obligation to provide the personal data. The only consequence of not providing it is that we cannot process your bookings / orders.
Feratel DESKLINE online bookings, booking inquiries and brochure orders
For the processing of online bookings, brochure orders and inquiries, we process your personal data in order to provide you with the booked services with the help of our service provider feratel Media Technologies AG (Maria-Theresien-Straße 8, A-6020 Innsbruck). For this purpose, we store and process inventory data, communication data, contract data, payment data of our customers, interested parties and other business partners. The processing is carried out for the purpose of providing contractual services or for the fulfillment of pre-contractual services on the basis of the legal grounds of Art. 6 para. 1 lit. b DSGVO (booking transactions, answering quotation requests and sending brochures) and Art. 6 para. 1 lit. c DSGVO (legally required retention periods of bookings or invoices). For this purpose, the data fields marked as required are necessary for the justification and fulfillment of the contract. We disclose your personal data within the scope of this data processing to third parties (hotel partners or other tourism service providers) on the legal basis of Art. 6 (1) lit. b DSGVO (if it is necessary for the processing of a booking transaction), or on the basis of our legitimate interest according to Art. 6 (1) lit. f DSGVO for the use of corresponding booking software. We have concluded a corresponding agreement with the company feratel pursuant to Art. 28 DSGVO as a processor, which ensures that your data is processed exclusively within the scope of our order. For more information on feratel's data protection, please visit: https://www.feratel.com/datenschutz.html.
HRS online bookings and booking requests
For the processing of online bookings and inquiries, we process your personal data in order to provide them with the booked services with the help of our service provider HRS Destination Solutions (Breslauerplatz 4, D-50668 Cologne). For this purpose, we store and process inventory data, communication data, contract data, payment data of our customers, interested parties and other business partners. The processing is carried out for the purpose of providing contractual services or fulfilling pre-contractual services on the basis of the legal grounds of Art. 6 para. 1 lit. b DSGVO (booking transactions, answering quotation requests) and Art. 6 para. 1 lit. c DSGVO (legally required retention periods of bookings or invoices). For this purpose, the data fields marked as required are necessary for the justification and fulfillment of the contract. We disclose your personal data to third parties (hotel partners or other tourism service providers) as part of this data processing on the legal basis of Art. 6 (1) lit. b DSGVO (if it is necessary for the processing of a booking transaction), or on the basis of our legitimate interest pursuant to Art. 6 (1) lit. f DSGVO for the use of appropriate booking software. We have concluded a corresponding agreement with the company HRS Destination Solutions pursuant to Art. 28 DSGVO as a processor, which ensures that your data is processed exclusively within the scope of our order. For more information on the data protection of HRS Destination Solutions, please visit: https://www.im-web.de/datenschutzerklaerung.php.
External payment service providers
For the payment of order transactions / bookings, we use external payment service providers on the legal basis of Art. 6 (1) lit. b DSGVO (contract performance), through whose platforms you can make your payments. The payment data you enter as part of the order (e.g. account numbers, credit card numbers including check digits, passwords / TANs, etc.) are processed exclusively by our payment service providers and are not visible to us. We only receive a confirmation of the payment made or information that the payment could not be made via our payment service providers. For more information on data protection and terms and conditions of our payment service providers, please contact:
Datatrans AG, Kreuzbühlstrasse 26, CH-8008 Zurich
Tel. +41 44 256 81 91
QENTA Payment CEE GmbH, Taborstrasse1-3/10, 1020 Vienna (Branch office: Reininghausstrasse 10, 8020 Graz)
Tel.:+43 316 813 681
hobex AG, Josef-Brandstätter-Strasse 2b, A-5020 Salzburg
Tel. +43 662 2255-0
Klarna Bank AB (publ), Sveavägen 46, 111 34 Stockholm, Sweden
Tel. 0046 8-120 120 00
Sale of event tickets
For the sale of event tickets, we link to our online ticket store (https://kultur.ausseerland.at/) on our website. This link is integrated into our site using an HTML link. When you click on the link, a new browser window opens and the page of our online ticket store opens. We are responsible for the further processing of your personal data in connection with the purchase of mountain railway tickets. You can find further information on the data protection of our online ticket store at: https://kultur.ausseerland.at/de/datenschutz
2.6 Web analysis - statistical analysis of our website
Google Tag Manager
We use the service of the provider Google Ireland Limited ("Google") (Gordon House, Barrow Street, Dublin 4, Ireland) to manage website tags via a common tool. The Google Tag Manager tool itself (which implements the tags) is a domain that does not set cookies or collect any other personal data. The tool takes care of triggering other tags, which in turn may collect data. Google Tag Manager does not access this data. If a deactivation has been made at the domain or cookie level, this remains in place for all tracking tags implemented with Google Tag Manager. Further information on Google's data protection at: https://www.google.com/policies/privacy/.
Google Ads Conversion Tracking
Email newsletter (Numbirds)
On our website there is the possibility to register for our newsletter. The legal basis for sending the newsletter is your consent iSd. Art. 6 (1) lit. a GDPR. The registration for our newsletter takes place in the so-called double opt-in procedure. This ensures that no one can log in with foreign e-mail addresses (e.g. with your email address). Your consent can be revoked at any time free of charge by clicking on the "unsubscribe link" at the end of each mailing. The legality of the data processing operations already carried out up to that point remains unaffected by the revocation. After unsubscribing your email address, we will store it for a period of 3 years on the basis of our legitimate interest (Art. 6 (1) lit. f GDPR) in order to obtain your original consent to be able to prove if necessary. To send out our newsletter, we use the service provider "NumBirds", a tool of NumBirds CRM GmbH (Brixnerstraße 3/3, A-6020 Innsbruck). With the help of NumBirds we can analyze our newsletter campaigns. When you open an email sent with the NumBirds newsletter tool, a connection is established with the NumBirds server. This allows us to determine whether a newsletter message has been opened and which links have been clicked on. The purpose of these analyses is to better adapt future newsletters to the interests of the recipients. In addition, technical information such as the time of retrieval, the IP address, browser type and operating system of the recipient are registered. In addition, we use information from some of our other systems such as our feratel booking system or our digital holiday companion PIA, which is connected to your email address, in order to be able to tailor your personalized newsletter even more individually to your interests. We have concluded a data processing agreement with NumBirds CRM GmbH according to Art. 28 GDPR to ensure that your data is only processed to the extent desired by us and permitted by you. General data protection information of NumBirds at: https://www.sports-tourism.at/de-DE/datenschutz-cookies.
Our website uses the functions of "Google Analytics Remarketing" in connection with the cross-device functions of Google AdWords and Google DoubleClick on the legal basis of your consent pursuant to Art. 6 (1) lit. a DSGVO. The provider is Google Ireland Ltd. (Gordon House, Barrow Street, Dublin 4, Ireland). This function makes it possible to link the advertising target groups created with Google Analytics Remarketing with the cross-device functions of Google AdWords and Google DoubleClick. In this way, interest-based, personalized advertising messages that have been adapted to you depending on your previous usage and surfing behavior on one end device (e.g. cell phone) can also be displayed on another of your end devices (e.g. tablet or PC). If you have given your consent, Google will link your web and app browsing history with your Google account for this purpose. In this way, the same personalized advertising messages can be served on every end device on which you log in with your Google account. To support this feature, Google Analytics collects Google-authenticated IDs of users, which are temporarily linked to our Google Analytics data to define and create audiences for cross-device ad targeting. You can permanently opt out of cross-device remarketing/targeting by disabling personalized advertising in your Google account; follow this link: https://www.google.com/settings/ads/onweb/. The aggregation of the collected data in your Google account is based solely on your consent, which you can give or revoke at Google (Art. 6 para. 1 lit. a DSGVO). Further information on Google's data protection at: https://www.google.com/policies/privacy/.
Pinterest Tag (Pinterest Conversion Tracking)
In order to optimize our Pinterest campaigns and to measure their conversion (effectiveness), we set the Pinterest Tag (Pinterest Conversion Tracking Pixel) of Pinterest Europe Ltd. (Palmerston House, 2nd Floor, Fenian Street, Dublin 2, Ireland) on the legal basis of Art. 6 (1) lit. a GDPR (consent). This allows us to display advertisements of interest to our website visitors, who are also Pinterest members, on Pinterest. It also allows us to track the actions of Pinterest members after they have seen or clicked on one of our Pinterest ads. The following personal data is processed: information about the type of hardware and operating system used, its IP address, the time of access to our website, the type and content of the advertisements we place and the reaction to our advertisements. These data are anonymous to us and do not allow us to draw any conclusions about the identity of the respective user. Pinterest may, according to its own information, connect this data to your Pinterest account and also use it for its own advertising purposes. We process this data with Pinterest Europe as "Joint Controller" and have concluded an agreement with Pinterest Europe in accordance with Article 26 GDPR (JCA – Joint Controller Agreement), which obliges all partners to provide you with the corresponding information about this joint processing within the meaning of Articles 12 to 14 GDPR, to ensure appropriate protection of this data and to enable you to exercise your rights as a data subject within the meaning of the Art. 15-21 GDPR. We have agreed with Pinterest Europe that Pinterest Europe is responsible for asserting data subject rights pursuant to Articles 15-20 GDPR with regard to the personal data processed / stored by Pinterest Europe in the context of joint processing. If personal data is processed by Pinterest Europe in the context of joint processing on the legal basis of legitimate interest (Art. 6 (1) lit. f GDPR), you are entitled to the right to object acc. Art. 21 GDPR. Further information on exercising your rights as a data subject and general information on data protection at Pinterest Europe Ltd. can be found at: https://policy.pinterest.com/de/privacy-policy#section-residents-of-the-eea. Information on the individual setting of the data collected by Pinterest can be found at: https://help.pinterest.com/de/article/personalization-and-data.
In order to be able to track actions of TikTok users on our website after they have seen or clicked on one of our TikTok ads or messages, or to place target group-directed advertisements on TikTok, we use within our website TikTok Pixel of the Chinese social media platform TikTok on the legal basis of your consent in accordance with Art. 6 (1) lit. a GDPR. The company responsible for data processing in the EU or the European area is TikTok Technology Ltd. (10 Earlsfort Terrace, Dublin, D02 T380, Ireland). This allows us to display and evaluate or optimize our advertisements on the TikTok platform. So we will only show you ads that are of interest to you on TikTok with help of the data collected on our website anonymously for us in this way (we do not see any personal data of individual users, but only the overall effect). We have no influence on the further processing of your personal data by TikTok. Since TikTok (at least partially) processes personal data outside the EU in unsafe third countries, we have agreed the EU Standard Contractual Clauses with TikTok. The legal basis for a possible data transfer to the USA is your consent acc. Art. 49 (1) lit. a GDPR. Further information can be found in this data protection information under the point "Transfers of personal data to third countries". Further information on the processing of personal data by TikTok can be found at: https://www.tiktok.com/legal/privacy-policy-eea?lang=de. You can contact TikTok's Data Protection Officer at the following link: https://www.tiktok.com/legal/report/DPO.
We integrate third-party content within our website, such as videos from YouTube, maps from Google Maps, RSS feeds or graphics from other websites. This always requires that the providers of this content (hereinafter referred to as "third-party providers") are aware of the IP address of the user. This is because without the IP address they would not be able to send the content to the browser of the respective user. The IP address is thus necessary for the presentation of this content. We endeavor to only use content whose respective providers only use the IP address to deliver the content. However, we have no influence if the third-party providers store the IP address, e.g. for statistical purposes. The legal basis for the use of these services, insofar as they are necessary for the function of our website, is our legitimate interest pursuant to Art. 6 (1) lit. f DSGVO, otherwise your consent pursuant to Art. 6 (1) lit. a DSGVO. Information on the purpose and scope of further processing and use of the data by the providers of the embedded services/content as well as further information iSd. Art. 13 and 14 DSGVO can be found under the information links below. The following services/content are embedded in our website:
We use the open source map service "OpenStreetMaps" (also called "OSM") of the company Openstreetmap Foundation (St John's Innovation Centre, Cowley Road, Cambridge, CB4 0WS, United Kingdom) for cartographic display. For this purpose, the map material is loaded from the server of OSM. In the process, the following data is transferred to OSM: the page visited on our website, the IP address of your end device and location data. The legal basis for the processing of your data is Art. 6 (1) lit. f DSGVO (legitimate interest). Our legitimate interest consists in an appealing presentation of our online offer or the geographical presentation of the offers of our region. In the case of mobile device location data, the legal basis is your consent pursuant to Art. 6 (1) lit. a DSGVO by enabling the sharing of location data on your mobile device. More information about OSM at: https://wiki.openstreetmap.org/wiki/Privacy_Policy.
We use the map service "Basemap" for cartographic display, a cartographic product based on the administrative geodata of the nine federal states, the Graph Integration Platform (GIP.at), as well as the state partners, first and foremost the cities and municipalities. These maps are integrated into our site via our service provider TTG Tourismus Technologie GmbH (Freistädter Str. 119, A-4040 Linz). The legal basis for processing your data is Art. 6 (1) lit. f DSGVO (legitimate interest). Our legitimate interest consists in an appealing presentation of our online offer or the geographical presentation of the offers of our region. We have concluded an order processor agreement with TTG iSd. Art. 28 DSGVO to ensure that your data is only processed to the extent desired by us and permitted by you. General data protection information of TTG at: https://www.ttg.at/datenschutz/.
Our website uses the web fonts service of Fonticons, Inc. for the uniform display of fonts and icons. (710 Blackhorn Drive, Carl Junction, 64834 MO, USA). When you call up one of our pages, your browser loads the required web fonts and icons from the servers of Fonticons, Inc. into your browser cache for the correct display of fonts and icons. In the process, your IP address is transmitted to the servers of Fonticons, Inc. The legal basis for the use of Font Awesome is our legitimate interest iSd. Art. 6 (1) lit. f DSGVO. Our legitimate interest lies in a consistent and visually appealing presentation of our website. Further information on the data protection of Font Awesome at: https://fontawesome.com/privacy. To generally prevent the execution of Java Script codes, a Java Script blocker can be installed. Further information on this at: https://www.noscript.net or https://www.ghostery.com/.
We embed videos of the platform "YouTube" of the provider Google Ireland Ltd. (Gordon House, Barrow Street, Dublin 4, Ireland) in extended data protection mode. The implementation is based on Art. 6 (1) lit. f GDPR, whereby our interest lies in the smooth integration of the videos and the thus appealing design of our website. However, we only use YouTube if you have given your consent. The legal basis for the processing of your data is therefore your consent in accordance with Art. 6 (1) lit. a GDPR. If a corresponding consent was requested, the processing is based exclusively on your consent pursuant to Art. 6 (1) lit. a DSGVO, which you can revoke at any time for the future. If you call up a page in which we have embedded a YouTube video, a connection is established to the Google servers and the content is displayed on the website by notifying your browser. According to Google's information, in extended data protection mode, your data (in particular which of our Internet pages you have visited) as well as device-specific information including the IP address are only transmitted to the YouTube server when you watch the video. In some cases, information is transmitted to the parent company Google Inc. based in the USA, to other Google companies and to external partners of Google, each of which may be located outside the European Union. By clicking on the video, you consent to this transmission. If you are logged in to Google at the same time, this information will be assigned to your member account with Google. You can prevent this by logging out of your member account before visiting our website or by making individual settings in your Google account under the following link: https://adssettings.google.com/authenticated. Further information on YouTube's data protection at: https://www.google.com/policies/privacy/.
In this section, we inform you about other data processing procedures outside our website.
The contact data and application documents submitted to us in the course of a job application are processed by us exclusively internally for the purpose of selecting suitable candidates for an employment relationship. There is no legal or contractual obligation to provide the personal data. Failure to provide it merely means that you do not submit your request and we are unable to process it. In accordance with the legal provisions, we will store the personal data transmitted in this way for a maximum of 6 months, or for a maximum of 2 years if the applicant has expressly agreed to keep the documents on file.
We maintain online presences within social networks and platforms in addition to our website: Facebook, Twitter, Instagram and YouTube in order to communicate with customers and business partners active there and to be able to inform them about our services on these networks. When calling up the respective networks and platforms, the GTCs and privacy policies of the respective operators of these networks apply.
Your personal data provided for participation in our competitions (e-mail address, name, address) will only be used by us to determine a winner, to inform him/her about the prize and to send prizes. Your data will not be passed on to third parties. The legal basis for the processing of your personal data is contract performance pursuant to Art 6 para 1 lit b DSGVO. There is no legal or contractual obligation to provide the personal data. Failure to provide the data will only result in you not being able to participate in the competition. Your data will be stored for the duration of the competition and - for the processing of any claims for winnings and damages - for a maximum of 3 years thereafter and then deleted. By participating, you also agree that your name will be published on our website as well as on our public social media channels in case you win.
In the case of events, it may happen that we create photos and videos of these events or have them created by photographers commissioned by us, on which you are recognizable as a participant of these events. We need these photos / videos to document and advertise our events and will therefore also publish them in our media (e.g., print brochures, website and social media) and make them available to other media owners (print and online) for the promotion of our event. There is no legal or contractual obligation on your part to provide this data. The legal basis for the processing of your personal data (images and videos on which you are recognizable) is our legitimate interest pursuant to Art. 6 (1) lit. f GDPR. Our legitimate interest lies in our right to public relations (presentation of our activities) and the promotion of our events. You have the right to object to the processing. Please address your objection to the e-mail address provided by us in this data protection declaration. However, it can be assumed that our above-mentioned interest in the use of the photos does not unduly interfere with your rights as a person depicted. This is especially true because we create these photos / videos in public space and point out the production and use of the photos / videos in the run-up to each event. We also always make sure that no legitimate interests of persons depicted are violated. If, for reasons particularly worthy of consideration, your personal rights and freedoms are violated by an image / video created by us, we will refrain from further processing / publication. Removal from print media that have already been circulated cannot take place. In this case, however, we will make a deletion on our website or in our social media channels. We generally delete photos / videos of events if we no longer need these images to document and advertise these events.
We offer a freely accessible visitor WLAN in our offices. In order to provide the services of the hotspot for you, the use of personal data of your terminal device is required. In this context, we may also temporarily store the MAC addresses (media access control address) of end devices. Furthermore, we may store log data ("log files") about the type and scope of use of the services for 7 days. This data cannot be directly assigned to your person, but it can be directly assigned to your used end device and thus indirectly assigned to your person. To provide this offer, we use the services of OpenSystems Factory GmbH (Marktleite 151, 8990 Bad Aussee) as our processor. We have concluded a corresponding agreement with our order processor pursuant to Art. 28 DSGVO, which ensures that your data is processed exclusively within the scope of our order.
It is possible to register for events of different providers in our region at our information offices. For this purpose we process your personal data (name, e-mail address and telephone number). This data is processed by us on the legal basis of Art. 6 (1) lit. b DSGVO (contract performance/pre-contractual measures) and also passed on to the respective organizer. This data will be deleted or destroyed by us after the event.