Closing your account
After the closure of your account, we will continue to need some of your information for legal obligations, such as tax matters and accounting. In addition, a legitimate interest in subsequent processing exists with regard to the disclosure and prevention of fraud and security guarantees.
Data for bookings
We cannot help you in the search for your perfect accommodations without some information from you. For this, we will need the information that has been or is to be provided by you, such as your name and the names of those traveling with you, your e-mail address and your payment information. When booking accommodations, we may ask for your address, phone number, date of birth and possible preferences. We ask that you provide health-related information by telephone.
Transfer of booking information
The purpose of transferring your information is to complete your bookings with your accommodations of choice and to convey your information to the respective providers. Your information will be provided to the people supporting us if necessary for the completion of the booking. Such recipients include financial institutions, communications providers or also authorities. Their headquarters are located within the European Economic Area or in other countries that have been deemed data-secure. We do not sell or rent out your information.
Information we receive from you on others
As a rule, you usually do not book an accommodation just for yourself, but also for companions whose information you also provide us at the time of booking. This is also the case if you make a booking for someone else. In some cases, you may use our platform to share information with others (such as with referral programs). Information on the data processing is listed separately there. We hereby inform you that it is your own responsibility for the people whose personal information you have provided to us to have correspondingly agreed to this.
Legal basis and duration of the processing for bookings
Providing personal information within the framework of bookings is necessary because otherwise, the agreed upon services cannot be provided. The legal basis for the aforementioned data processing is the fulfilment of the agreed upon services for which the party is the affected person or else for which the processing fulfils a legal obligation (Art. 6, Sec. 1, subsec. b and c of the GDPR). The data are processed and/or stored until they are no longer applicable.
Data that we collect automatically
When you visit our website (or apps), it is possible that we process some data automatically. This possible data could include: the IP address, date, and time of your visit; your hardware, software, and/or browser type, the operating system of your computer, the version of an app, your language settings, and information about clicks and which sites you visited. If you use our services with your mobile device, it is possible that we process some further data: the type of your mobile device and operating system, device-specific settings and properties, your geographical location, information about app crashes, and other system activities. The legal basis for this processing is the fulfilment of the agreed upon services or the technical necessity of the processing or of our legitimate interests, namely, traceability and optimization of our services, whereby the interests or basic rights of the affected party do not take precedence (Art. 6, Sec. 1, subsec. f of the GDPR). Within the context of the latter legal justification, the affected person has a right to object with an interest taking precedence; for details, see the rights of the affected party below. The data are processed and/or stored until the cited purpose is no longer applicable.
Processing partners, recipients
We process your personal information with the support of processing partners which support us by providing our services (such as web hosting, e-mail newsletter distribution, etc.) These processing partners are obligated to strictly protect your personal information and may not use your personal information for any purpose other than providing our services. Furthermore, your personal information will only be passed on to service providers that are typical within business such as banks (if you receive money transfers), tax advisors (if you are part of our accounting), distributors (if you receive mail from us), etc. which, on their part, are subject to the provisions under privacy laws.
Contact by contact form / e-mail / fax / post / telephone
In case if you contact us via a contact form, fax, post or e-mail, your data will be processed for the purpose of transacting the contact request. The data will be deleted as soon as they will no longer be required to achieve the purpose of your enquiry.
In case of using a contact form – fields: name, address, e-mail address, other form fields
Once you have filled in and sent a contact form, the personal information that you provided will be processed by the person responsible under privacy laws in order to answer your inquiry based upon the consent you have given by submitting the contact form. There is no legal or contractual obligation to provide personal information. Choosing to not provide personal information simply means that your inquiry will not be sent to us and we will not be able to process it. You have the right to withdraw your consent in writing at any time form. This withdrawal of consent shall have no impact on the legality of data processing activity up to the point in time when consent was withdrawn.
Further processing of the information from the contact form
Further processing of the data which is consistent with the original purpose of processing on the same legal basis for the purpose of direct marketing in forms not subject to consent, including for example the addressed postal delivery of advertising, is carried out until consent is revoked. In that case, the data is forwarded to the shipping provider. You have the right to revoke your consent to the use of your personal information for the purpose of direct advertising at any time; for details, see the rights of the affected party below. If consent is revoked, your personal information will no longer be processed for the purpose of direct advertising.
By checking the box, you agree to the aforementioned personal information being used by the person responsible under privacy laws to send you current information and offers by e-mail newsletters until your consent is revoked. There is no legal or contractual obligation to provide personal data. Not providing personal data will only result in you not receiving the e-mail newsletter. You have the right to withdraw your consent at any time in written form or by clicking on the unsubscribe link in the e-mail newsletter. This withdrawal of consent shall have no impact on the legality of data processing activity up to the point in time when consent was withdrawn.
Changing cookie settings
Cookies on our website
Our website uses the following cookies:
- _ga, Source: Google. Google Analytics cookie used to distinguish unique users. Valid for 2 years
- _gat, Source: Google. Google Analytics cookie used to throttle the request rate. Valid for 1 minute
- _gid, Source: Google. Google Analytics cookie that registers a unique ID that is used to generate statistical data on how the visitor uses the website. Valid for 24 hours
- ARRAffinity, Source: Microsoft Windows Azure cloud platform. Cookie us for load balancing, that enables the user to connect with the same server in each session. Valid for this session
- cookieconsent_status, Source: Silktide Ltd. Cookie Consent by Insites. Cookie used for the storage of the current cookie notice status. Valid for 1 year
- IDE, Source: Double Click. Google cookie for the ad preferences for websites, which is saved under the domain doubleclick.net. It measures and processes user interactions with ads on a website and is used for the survey of campaign efficiency as well as for the display of relevant ads. Valid for 1 year
- 1P_JAR (valid for 1 month), CONSENT valid for 20 years), NID (valid for 6 months), _gcl_au (valid for 3 months), DV (valid for 10 minutes) – Source: Google. Cookies used for the support of Google ad services
- SID, HSID, SSID, SAPISID, APISID, Source: Google: Security cookies used to identify users, to prevent the fraudulent use of logon credentials and to protect user data against unauthorized access. Valid for 2 years
- OAGEO (valid for this session), OAID (valid for 2 years), OXBLC (valid for 2 years), Source: OpenX Ad Server. Cookies used for the recognition of geo region and user, in order to place ads specifically and not repeatedly. However, no information of other system will be used or forwarded
- gds, Source: garda-see.com- Cookie that is used for prefilling the request form, if the user has already filled in his details for one time. Valid for 1 year.
Deactivating Google Analytics
It is possible to prevent our website from collecting your user data by activating the “Do not track” function in your web browser. Your web browser will then send a “Do not track” signal to all websites, including ours. You can prevent all websites from collecting your user data by downloading the following extension and installing it on your computer: https://tools.google.com/dlpage/gaoptout?hl=en
Deactivating Google Remarketing / Adwords
Other video providers
- Vimeo: Vimeo, Inc., 555 West 18th Street, New York 10011, USA – Privacy: https://vimeo.com/privacy
- Dailymotion: Dailymotion SA, 140 boulevard Malesherbes, 75017 Paris, F – Privacy: https://www.dailymotion.com/legal/privacy?localization=us
Presence in social media
Server log files
For the purposes of technical monitoring and increased security, this website processes the following personal information in a server log file. This processing is based on the principle of overriding legitimate interest of the person/company responsible (technical security measures).
- content accessed
- date and time the file was accessed
- browser type and version
- operating system used
- referrer URL
- IP address
- host name
The IP address is going to be anonymised.
Our administrative, technical, and physical security measures are continuously being improved by us to provide protection of your data against unauthorized access, loss, destruction, or change. The security measures include firewalls and data encryption as well as access control to shared information. For reasons of security and protections of the transmission of private contents, this website uses the SSL coding system (Secure Sockets Layer). This encryption is shown by the “https://” and by the lock symbol in the address bar of your browser. In this way, third parties cannot read the data. However, we would like to inform that the data transmission can have security gaps on the web. A gap free protection against the access by third parties is not possible.
Your affected rights
You have the right to information on which personal information has been collected and, under certain circumstance, to request that this information be corrected or deleted as well as to limit the use of your personal information. If the processing of your personal information is based on your consent or an agreement which has been concluded with you, you also have the right to request that this data be sent to you. You have the right to withdraw any consent you have given for your data to be processed. This withdrawal of consent shall have no impact on the legality of data processing activity up to the point in time when consent was withdrawn. You have the right to object to the processing of your personal information for the purposes of direct advertising or with a predominantly legitimate interest. In that case, your personal data will no longer be used for direct advertising. For the exercising of your rights as an affected person, please consult the contact information that is listed at the very top of the Declaration on the Protection of Personal Information.
Furthermore, you have the right to submit a complaint to the Privacy Protection Authority, specifically in
- Germany: Deutsche Bundesbeauftragte für den Datenschutz und die Informationsfreiheit, Husarenstr. 30, D-53117 Bonn, email@example.com
- Austria: Austrian Data Protection Authority, Wickenburggasse 8, A-1080 Vienna, Austria firstname.lastname@example.org
- Italy: Il Garante per la protezione dei dati personali, Piazza di Monte Citorio 121, I-00186 Roma, email@example.com.
- Switzerland: Eidgenössischer Datenschutz- und Öffentlichkeitsbeauftragter (EDÖB), Feldeggenweg 1, 3003 Bern
Links to other websites
Date: February 1st 2019