The General Data Protection Regulation (GDPR) is the foundation of data protection law in Europe. It protects the fundamental rights and freedoms of natural persons and, in particular, the processing of their personal data. Personal data is any information that relates to an identified or identifiable living individual.
Tourismusverband Region Graz
By visiting this website you are giving us consent to collect certain data. In return, we are committed to protecting your data in line with the latest technology.
Your details are not passed on to third parties for advertising purposes. Third parties only receive your personal data as stated within these listed regulations.
Cookies are used to make steiermark.com more user-friendly and to customise its content for visitors. None of the cookies used on this site collect information through which you could personally be identified. Almost all websites use cookie technologies and they are essential for the use of steiermark.com.
We do, however, advise that without the placement of cookies parts of our website can only partially or not be used at all.
By accepting our cookies and plugins you are allowing the following:
You can find the AddThis data protection regulations at http://www.addthis.com/privacy/privacy-policy.
We offer you the opportunity to sign in to our services via Facebook Connect. An additional registration on steiermark.com is thus not possible. To sign in, you are redirected to Facebook, where you can use your existing credentials, connecting your Facebook profile with our services. Through this connection we automatically receive the following information from your public profile with Facebook Inc.:
List of friends
Of this, we use your name and gender, e-mail address, date of birth, profile picture and list of friends to identify you.
Available Application Programming Interfaces (APIs) are used for our Facebook page, which may contain information from your public Facebook profile, including first name and surname, gender, country, place of residence and a link to your profile and picture. All posts, including likes and content that you display on your own Facebook page or add to others, can be collected, exported and used by Steirische Tourismus und Standortmarketing GmbH- STG or one of its subcontractors for business purposes. You can request that your details are deleted by sending an e-mail to email@example.com or a letter to Tourismusverband Region Graz, Messeplatz 1, 8010 Graz.
With your consent, we use the Facebook Pixel on our website, provided by Meta Platforms, Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA ("Facebook"). This service allows us to track users as they interact with our site after having clicked on a Facebook ad. Through this we can evaluate the effectiveness of Facebook ads and optimise future advertising measures. The collected data is anonymous to us and does not give any indication of the user’s identity. The details are, however, saved and processed by Facebook, meaning that there is a connection to the user profile. Facebook can use the details for advertising purposes, in line with its data policy (facebook.com/about/privacy). The collected data enables Facebook and its partners to place ads on and outside of Facebook, and cookies can be saved on your device for this purpose.
You can reject the Facebook Pixel data capture and it being used to display Facebook advertisements within the Facebook ad settings: https://www.facebook.com/settings?tab=ads Alternatively, you can object via the US site http://www.aboutads.info/choices/ or the EU site http://www.youronlinechoices.com. Settings are not platform-dependent, so will cover all devices such as desktop computers and mobile phones.
This website uses Custom Audiences, a web analysis service by Facebook Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Irland ("Facebook"). Facebook Custom Audiences uses so-called tracking tools (e.g. pixel, SDKs and APIs), which are implemented on steiermark.com. These tools send details of user activity on steiermark.com ("event data") to a Meta Platforms, Inc. Server in the USA, where they are saved and used to create Custom Audiences of people who have visited our site ("Custom Audiences of steiermark.com").
Facebook does the following to enable this specific targeting and optimisation: The event data captured on steiermark.com is combined with that collected by other advertisers or means on Facebook to optimise ads. Facebook does not allow other advertisers or third parties to target a specific audience based on event data collected on steiermark.com alone.
Google uses this information to evaluate your use of the website on our account, compile reports on website activity and provide site owners with further services relating to website and internet use.
We only use Google Analytics with active IP anonymisation. This means that Google shortens the IP address of website visitors from the European Union and its other contracting states. Only in exceptions is the full IP address transmitted to a Google server in the USA and shortened there.
To prevent the cookie-generated collection of website activity data and it being processing by Google, download and install the following browser add-on: tools.google.com/dlpage/gaoptout
We use the Google Analytics features to analyse website use, e.g. through anonymous reports and graphs on page views and visits, for remarketing, reports on impressions within the Google Display Network, integration of the DoubleClick Campaign Manager and Google Analytics reports by demographic traits and interests.
Google Analytics saves cookies in your web browser for the duration of two years since your last visit. These cookies contain a randomly generated User ID, which allows you to be recognised on future visits.
The collected data is stored with the randomly generated User ID, enabling the evaluation of pseudonym user profiles. These user-related details are automatically deleted after 14 months. All other data remains stored indefinitely.
Google is certified within the EU-US Privacy Shield, and thus complies with the standards and regulations of the European data protection law. You will find further information here: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active
Third-party provider details: Google Dublin, Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland, Fax: +353 (1) 436 1001. For more information on data protection, visit the Google websites:
Share buttons for the social networks of Twitter Inc., 795 Folsom St., Suite 600, San Francisco, CA 94107, USA, Facebook, 1601 South California Avenue, Palo Alto, CA 94304, USA, YouTube by YouTube, LLC, 901 Cherry Ave, San Bruno, CA 94066, USA, Instagram by Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA and GooglePlus by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States are embedded on our website. We have also integrated a share button for the Steiermark Blog. The individual share buttons can be recognised by their logo.
All share buttons are installed in line with data protection laws. Only once you have clicked on the share button on our site is a direct connection established between your browser and the respective social network. According to the social network operators, no personal or business-related data is captured without clicking on the share button. It is only when users are logged in to their social network account that such data, including their IP address, is collected and processed. Should you not wish for a connection to be established between your visit to our website and a specific social network, please log out of its account.
We incorporate posts and photos from Instagram channels in the Steiermark Blog. Your browser exchanges data with the network that these are downloaded from. When loading an image or layout information, for example, your browser transmits your IP address to the social network Instagram. Instagram also sends information to the browser, which is saved e.g. in cookies.
As website operators, the content of the data transmitted to and from social networks and its use is not known to us. You can find further information on the use of data in the respective social network’s privacy statements.
With each use of our website, i.e. whenever a file is accessed or attempted to be accessed from its server, details of the process are saved in a log file. This data is not related to an individual, so we cannot see which user accessed the file, and we do not attempt to.
Records that are saved:
The above data is used for statistical purposes only by ourselves and those appointed by us. We use this data to improve our website for you.
Disclosure of campaign data to Steiermark Tourismus partners
In line with marketing campaigns, anonymised data is collected for remarketing purposes on the individual campaign landing pages and passed on to campaign partners. This is used to target ads for visitors of our own and our campaign partnersʼ websites.
When you send an enquiry via firstname.lastname@example.org or our contact form, we save your information and contact details to process this and, if necessary, pass them on to other contact partners for further processing. Your details are deleted once we have successfully responded to the enquiry.
We require certain information to despatch catologues and brochures ordered via our website. These details are solely used to send the requested material, and are not passed on to third parties unless they are involved in delivery. Once the request has been processed, your details are deleted.
Personal and business-related data (e-mail, name, address) is disclosed on a voluntary basis to access the tools on our website (e.g. brochure request, vouchers or newsletters). If you send us an e-mail, your e-mail address and further details are only used for the correspondence with yourself.
Where technically possible and acceptable, you can use and pay for services offered by ourselves without disclosing personal data or by using anonymised data or a pseudonym.
We capture images (photos / videos) of our events, in particular press conferences and events with a speech or appearance by those working with or for us.
Guests are advised in invitations and at the event that pictures will be taken. Provided that the "media privilege" is not applicable, the photographer is instructed to ask for consent from small groups. Pictures of large groups at events are used to raise awareness of our organisation and image. We publish these online and, where appropriate, in printed material about our organisation (legitimate interest).
If you are captured as an individual or in a small group, the photographer will ask for your consent before a picture is taken. Should you not wish to be in the photo, you will have the opportunity to step aside. Provided that the "media privilege" is not applicable, you have the right to decline your consent for all future images.
In the event of revocation, the images will be deleted where technically possibly and an attempt to remove them from any further media will be made. Print brochures will not be withdrawn, but the images will no longer be processed for this purpose. Should costs arise in line with the revocation (website amendments, disposal of printed material) without legitimate interest, then these must be beared by the individual.
There is a right to appeal where there is legitimate interest, although it must be taken into account that an invitation was accepted to an event in a public space, and that the promotion of this event was in the interest of our organisation.
The images will be removed from our website after their copyright has expired or upon withdrawal of consent. Should they have been published in social networks, they will only be deleted upon withdrawal of consent.
17.1 The right to confirmation
As data subject, you have the right to demand confirmation that your personal data is being processed by ourselves. You can contact us in line with this at any time at email@example.com.
17.2 The right to be informed
As data subject, you have the right to obtain free information on the personal data we hold of you and a copy of this. You can contact us in line with this at any time at firstname.lastname@example.org.
Your right to be informed entails the following:
We use software providers and agencies to help run our website, who may gain access to personal data in line with their work. They have committed themselves to upholding our data protection regulations. You can request further information on our service providers from email@example.com.
As data subject, you also have the right to know whether your personal data has been passed on to a third country or international organisation. Should this be the case, you have the right to find out whether the transmitted information is being stored / processed in a legitimate manner.
17.3 The right to rectification
As data subject, you have the right ask to us to amend any incorrect personal data. You can contact us in line with this at any time at firstname.lastname@example.org.
17.4 The right to erase (be forgotten)
As data subject, you have the right to ask us to to delete your personal data with immediate effect where the following applies and a further processing is not required:
Your personal data is no longer necessary in relation to the purpose for which it was collected / processed.
As data subject, you object to the processing in line with GDPR Article 6, paragraph 1, letter a or GDPR Article 9, paragraph 2, letter a, and there are no overriding legitimate grounds for the processing.
As data subject, you object to the processing in line with GDPR Article 21, paragraph 1 and there are no overriding legitimate grounds for the processing, or you object to the processing in line with GDPR Article 21, paragraph 2.
Your personal data was unlawfully processed.
Your personal data must be deleted in line with Austrian or European Union law.
Should one of the above apply and you wish to have your personal data held by the Tourismusverband Region Graz deleted, contact us at any time at email@example.com.
17.5 The right to restrict processing
As data subject, you have the right to restrict the processing of data held by us where:
You have contested the accuracy of personal data held on yourself and given us adequate time to review this.
Processing is unlawful and you have declined the erasure of your personal data, but wish to restrict its processing.
We no longer need the data, but you require it to establish, exercise or defend a legal claim.
You have objected to the processing in line with GDPR Article 21, paragraph 1 and it is not yet clear whether there is a legitimate ground to override this.
Should one of the above apply and you wish to have the processing of your personal data held by the Tourismusverband Region Graz restricted, contact us at any time at firstname.lastname@example.org.
17.6 The right to data portability
As data subject, you have the right to receive the personal data that has been provided to us in a structured, commonly used and machine-readable format. You also have the right to share this data without hindrance if its processing is in line with GDPR Article 6, paragraph 1, letter a or GDPR Article 9, paragraph 2, letter a or another contract in line with GDPR Article 6, paragraph 1, letter b. Processing must be carried out by automated means and the data must not be required for the performance of a task carried out in the public interest or in the exercise of official authority.
Furthermore, as data subject in line with the right to data portability of GDPR Article 20, paragraph 1, you have the right to request that we transmit your personal data directly to another controller where technically possible and the rights and freedoms of others are not impaired.
To make use of the right to data portability, contact us at any time at email@example.com.
17.7 The right to object
As data subject, you have the right to object to the processing of your personal data in line with GDPR Article 6, paragraph 1, letter e or f in certain circumstances. You can contact us in regards to this at any time at firstname.lastname@example.org.
You have an absolute right to stop your data being used for direct marketing purposes at any time.
The registration for our newsletter is done in a double opt-in process. After registration, you will receive an e-mail asking you to confirm your registration. You agree to the analysis of the newsletter by individual measurement, storage and evaluation of opening rates and the click rates in recipient profiles for the purpose of designing future newsletters according to the interests of our readers. The consent can be revoked with effect for the future. The legality of the data processing operations already carried out remains unaffected by the revocation. You can unsubscribe from the newsletter by clicking the unsubscribe link at the end of each newsletter.
After you have unsubscribed from our newsletter, your e-mail address will be stored by us or our external service provider in a blacklist, if necessary, in order to prevent future mailings. The personal data from the blacklist will only be used for this purpose and will not be merged with other personal data. This serves both your interest and our interest in complying with legal requirements when sending newsletters (legitimate interest within the meaning of Art. 6 (1) f DSGVO). The storage in the blacklist is not limited in time. You can object to the storage if your interests outweigh our legitimate interest.
The data you provide for the purpose of receiving the newsletter will be stored by us or the newsletter service provider until you unsubscribe from the newsletter and will be deleted from the newsletter distribution list after you unsubscribe from the newsletter. Data that has been stored by us for other purposes remains unaffected by this. We commission a service provider to send our newsletter. This service provider has undertaken to comply with the applicable data protection regulations. You can request more information about the service provider we have commissioned at email@example.com.