:focal())
Our sister hotel in Vienna
Hotel Zur Wiener Staatsoper
The protection of your personal data is very important to us. Personal data is any information relating to an identified or identifiable natural person. In this privacy policy, we explain how we process personal data in our company.
Please read this statement carefully. Our privacy policy is divided into the following sections:
Rights of individuals concerned
Here we explain the rights that individuals whose data we process have under data protection law.
Processing of personal data
Here you will find information about the cookies on our website and the marketing and statistics services we use on our website. We also specify which groups of people we process personal data from, for what purpose we do so, how long we store the personal data, and why the processing of personal data is lawful.
Integration of third-party services and content
Here we explain which third-party services and content we integrate into our website.
Protection of personal data
Here you can find out more about how we protect your personal data from unauthorized, unlawful, or accidental access, processing, loss, use, and manipulation.
Transfer of personal data
Here we provide information about our processors, and we also list who we transfer data to apart from our processors.
Updates to our privacy policy
Here you can find out how to stay informed about updates to our privacy policy.
Individual responsible
Here you will find our contact details:
Managing Director: Mag. Marko Mikula
Hotel Vier Jahreszeiten Salzburg, Hubert-Sattler-Gasse 12, 5020 Salzburg
Rights of the individual concerned:
RIGHT TO INFORMATION (ART. 15 GDPR)
Upon request, we will provide you with information about the personal data processed and the purpose of the processing within one month.
RIGHT TO RECTIFICATION (ART. 16 GDPR)
If the data is incorrect or incomplete, you can request that it be corrected.
RIGHT TO ERASURE (ART. 17 GDPR)
We must delete data if it is no longer necessary for the purposes of processing, if you withdraw your consent (unless there is another additional legal basis for processing), or if the data has been processed unlawfully.
RIGHT TO RESTRICTION OF PROCESSING (ART. 18 GDPR)
You can request a restriction on processing if, for example, your data should only be used for specific purposes.
RIGHT TO DATA PORTABILITY (ART. 20 GDPR)
You may request to receive the data processed by you in a structured, commonly used, and machine-readable format and to have it transmitted to other controllers.
RIGHT TO OBJECT (ART. 21 GDPR)
You may object to processing that is based on public interest or our legitimate interest.
RIGHT OF WITHDRAWAL (ART. 7(3) GDPR)
You may revoke your consent at any time without providing a reason. You can do this by sending a message to our email address info@hotel-staatsoper.at or by sending a letter to our postal address at Krugerstraße 11, A-1010 Vienna. Please note that revoking your consent does not affect the legality of the processing that took place prior to your revocation based on your consent.
COMPLAINT TO THE DATA PROTECTION AUTHORITY (ART. 77 GDPR)
If you believe that the processing of your personal data violates the GDPR, you have the right to lodge a complaint with a supervisory authority (in Austria, this is the Data Protection Authority).
Further details on these rights can be found in the German version of the GDPR at the following link https://eur-lex.europa.eu/legal-con- tent/DE/TXT/PDF/?uri=CELEX:32016R0679&from=DE
Please note that in order to exercise these rights, you must provide proof of your identity in an appropriate form. Without this proof, there would be a risk that unauthorized persons could access or dispose of your data.
Processing of personal data:
WEBSITE VISITORS
When you visit our website, the following information is automatically sent from your device to our website and temporarily stored in a log file:
vHost of the website accessed
File
Date and time of access
Amount of data transferred in the response
Notification of successful access
Browser type and version
User's operating system (only if transmitted in the user agent by the client)
Referrer URL (the previously visited page)
IP address
This data is stored until it is automatically deleted. The processing serves the purpose of statistical evaluations for the operation, security, and optimization of the website. If there are concrete indications of justified suspicion of illegal use, we reserve the right to subsequently review the log data.
The legal basis for this data processing is our legitimate interest in data processing in accordance with Art. 6 (1) lit. f GDPR. Our legitimate interest lies in the above-mentioned purposes.
When you visit our website and process your reservation, we collect the following categories of personal data from you:
Name,
Title,
Gender,
Date of birth
Contact details (address, email, phone number)
Preferred language
Billing address
Payment method
Bank details or credit card number and credit card company
Tax liability and tax calculation data
Reservation details (number of people, date and time of reservation, length of stay)
Additional information you provide to us (e.g., allergies, dietary requirements)
This data is generally stored for as long as statutory retention obligations exist or as long as any legal claims for which the personal data is required for assertion or defense are not yet time-barred. The processing serves the purpose of handling, initiating, and carrying out the accommodation.
The legal basis for this data processing is the fulfillment of a contract concluded with you or the implementation of pre-contractual measures, insofar as this is necessary in accordance with Art. 6 (1) lit. b GDPR or the necessity of fulfilling legal obligations to which we are subject in accordance with Art. 6 (1) lit. c GDPR.
In addition, we also use cookies and marketing and statistics services on our website:
COOKIES
We use cookies to improve the operation of our website. Cookies are small text files that are stored on your computer when you visit a website. Cookies are generally used to provide users with additional functions on a website. Cookies cannot access, read, or modify any other data on your computer.
We use cookies that (i) are deleted when you close your browser (session cookies), (ii) remain stored on your device even after you close your browser (permanent cookies) so that we can recognize you when you next visit our website, and (iii) originate from us (first-party cookies) or from third-party providers (third-party cookies).
We use cookies from the following categories on our website: “Essential,” “Marketing,” “Statistics,” and “External media.” Cookies in the “Essential” category are absolutely necessary for the functioning of our website and are used on the legal basis of our overriding legitimate interest pursuant to Art. 6 (1) (f) GDPR to achieve the above-mentioned purposes. We use all other cookies on the basis of your consent.
To revoke your consent or restrict certain cookies, you have the following options in particular:
Use your browser settings. Details can be found in your browser's help function (usually accessible via the F1 key on your keyboard).
At youronlinechoices.com/uk/your-ad-choices, you can analyze which cookies are used on your device and disable them individually or all at once. This is a service provided by the European Interactive Digital Advertising Alliance.
Please note that the functionality of our website may be limited if you withdraw or restrict your consent.
Google Analytics
This website uses Google Analytics, a web analytics service provided by Google LLC (“Google”). For the EU, Google Ireland Limited is responsible for Google Analytics services. If you have not given your consent to “Statistics” cookies, no Google Analytics cookies will be set on your device.
The cookies set contain information about your use of our website (including your IP address and the URLs of the websites you visit) and are transmitted to Google servers in the USA and stored there. We do not store any of your data collected in connection with Google Analytics.
This website uses the IP anonymization option offered by Google Analytics. Your IP address will therefore be truncated/anonymized by Google on servers within the EU before being stored on servers in the USA. Only in exceptional cases will the IP address be stored unabridged on servers in the USA. On our behalf, Google will use this information to evaluate your use of the website, to compile reports on website activity, and to provide us with other services related to website and internet usage.
To implement the above solution, it is necessary to modify the HTML code of the respective website and insert the following code snippet at the point where the opt-out link should appear: <a href="javascript:gaOptout()">
For more information about Google's Terms of Service and Privacy Policy, please visit http://www.google.com/analytics/terms/de.html and https://www.google.de/intl/de/policies/.
Google Display & Video 360
If you have consented to the use of “marketing” cookies, we use cookies from Google Display & Video 360, a marketing service provided by Google, whereby Google Ireland Limited is also responsible for the service in Europe.
This tool helps us to link advertising contacts and clicks on ads with the resulting use of our website. This helps us to determine whether the advertising placed is effective and which products you are interested in. The information generated by Google Display & Video 360 about your use of this website—including your IP address—is usually transferred to a Google server in the USA and stored there.
For more information about Google's terms of use and Google's privacy policy, please visit https://www.google.de/intl/de/policies/.
Google Tag Manager
This website uses Google Tag Manager. This service enables the management of website tags via an interface. No cookies are set and no personal data is collected through the implementation of Google Tag Manager. However, Google Tag Manager can activate other tags that may collect personal data. Even in such cases, Google Tag Manager does not access the data collected by other tags. If deactivation has been carried out at the domain or cookie level, it remains in effect for all tracking tags when they are implemented with Google Tag Manager.
Meta Pixel
If you have consented to the use of “marketing” cookies, we also use Meta Pixel, a marketing service provided by Meta Inc., whereby Facebook Ireland Ltd. is responsible for the service in the EU.
We can therefore track your activities after you click on a Meta advertisement that redirects users to our website. This serves to track the effectiveness of Meta advertising for statistical and market research purposes and can be used to optimize future advertising for you.
All data collected remains anonymous to us, so we cannot draw any conclusions about the identity of a user. However, Meta stores and processes data that enables a connection to your user profile and allows Meta to use your data for advertising purposes in accordance with the Meta Privacy Policy (https://www.facebook.com/legal/terms/dataprocessing). This allows Meta and its partners to place ads inside and outside of Facebook.
Newsletter recipients
If you have subscribed to our newsletter, we process the following personal data for the purposes of the newsletter: Email address
Name
The purpose of the processing is to provide information to customers and business partners.
We store the above data until you unsubscribe from the newsletter. You can unsubscribe from the newsletter at any time.
The legal basis for this data processing is your consent in accordance with Art. 6 (1) (a) GDPR.
Consent is given by agreeing to receive the newsletter directly when registering for the newsletter and, following registration, by reconfirming your consent after receiving an automated email, which you will receive after registering.
We store the above data for at least 7 years (as provided for in § 132 BAO), or for 30 years (statute of limitations) if necessary.
The legal basis for this is the fulfillment of a contract in accordance with Art. 6 (1) lit. b GDPR and the fulfillment of a legal obligation in accordance with Art. 6 (1) lit. c.
Integration of third-party services and content:
YouTube
If you have agreed to the use of “external media,” we also use the YouTube video platform (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland) to provide videos. These videos are all embedded in extended privacy mode. This means that no data about you will be transmitted to YouTube if you do not play the videos. Only when you actually play a video will data be transmitted to YouTube. We have no influence on this data transmission. If you are logged in to Google, your data will be directly assigned to your account. If you do not want this to happen, you must log out before watching a video.
The legal basis for the use of YouTube on our website and any related transfer of your data to the USA is your consent in accordance with Art. 6 (1) (a) GDPR. You can revoke your consent at any time.
For more information on the purpose and scope of data collection and its processing by YouTube, please refer to the privacy policy at: https://www.google.de/intl/de/policies/privacy.
Mailchimp
We use Mailchimp from The Rocket Science Group, LLC, 675 Ponce de Leon Ave NE Suite 5000, Atlanta, GA 30308 USA (Mailchimp) to send our newsletter. This enables us to contact newsletter subscribers directly. We also analyze your usage behavior in order to optimize our offering.
When you subscribe to our newsletter, we pass on personal data necessary for sending the newsletter to Mailchimp. In addition, Mailchimp also collects personal data using cookies and other tracking methods:
The legal basis for the use of Mailchimp for sending the newsletter and the transfer of your data to Mailchimp in the USA is your consent in accordance with Art. 6 (1) lit. a GDPR. You can revoke your consent at any time.
Further information on the purpose and scope of data collection and its processing by Mailchimp can be found at: https://www.intuit.com/privacy/statement/
Protection of personal data:
Your personal data is protected by appropriate organizational and technical measures. These measures relate in particular to protection against unauthorized, unlawful, or accidental access, processing, loss, use, and manipulation.
Despite our efforts to maintain an appropriately high level of care, we cannot rule out the possibility that information you disclose to us via the Internet may be viewed and used by other persons.
Please note that we therefore accept no liability whatsoever for the disclosure of information due to errors in data transmission and/or unauthorized access by third parties (e.g., hacker attacks on email accounts or telephones, interception of faxes) that are not caused by us.
Transfer of personal data:
CONTRACT PROCESSOR
We sometimes use processors to process personal data. We have concluded a data processing agreement with all our processors in accordance with Art. 28 (3) GDPR. We have also ensured that we only work with processors who have implemented appropriate technical and organizational measures to ensure that data is processed in accordance with the requirements of the GDPR and that the rights of data subjects are protected.
DATA TRANSMISSION
Depending on the circumstances, our customers' personal data may also be disclosed to the following third parties who are not our processors:
Tax authorities, social security institutions, courts, legal representatives, tax advisors, debt collection agencies, partners/suppliers
Payment service providers
Accounting service providers
Shipping service providers
IT service providers
The legal basis for the transfer of data is the fulfillment of a contract in accordance with Art. 6 (1) (b) GDPR, the consent of the data subject in accordance with Art. 6 (1) (a) GDPR, and our legitimate interest in accordance with Art. 6 (1) (f) GDPR. Our legitimate interest lies in the above-mentioned purpose.
Our website incorporates several tools from companies based in the US or other third countries that are not secure from a data protection perspective. It is therefore possible that your personal data may be transferred to these third countries and processed there. We would like to point out that these countries cannot guarantee a level of data protection comparable to that of the EU. For example, US companies are required to disclose personal data to security authorities. Data subjects cannot take legal action against this. We therefore cannot rule out the possibility that US authorities (e.g., intelligence services) may process, evaluate, and permanently store your personal data, which may be located on US servers, for surveillance purposes. We have no influence over these processing activities.
Update to the privacy policy:
If there are any changes to our privacy policy, we will publish the changes on this page. Please check here for changes to the privacy policy.
Responsible person:
Responsibility for the processed personal data lies with:
Kalette GmbH
Kaiserjägerstraße 30
6020 Innsbruck, AT
UID: VAT14756003
You can reach us by email reception@hotel-4-jahreszeiten.at