Personal data (such as name, e-mail address, telephone number) are processed and conveyed by the operator only in a lawful manner - in particular for the fulfillment of contractual or legal obligations, on the basis of predominant legitimate interests of the operator or on the basis of the consent of the user.
The lawfulness of data processing results from the Austrian Data Protection Act as well as from the regulation (EU) 2016/679 (GDPR). The legal basis is specifically detailed in the following processing.
The operator continuously optimises the presentation and services offered for the website users. In order to better understand how the pages are used, the operator saves the following data, short term, each time the site is accessed: name of the website visited, requested details, date/time, volume of data transmitted, message about successful retrieval of data, browser/version/language, operating system, previously visited sites, duration of use, country of origin and anonymised IP-address. By visiting this website, the user, in accordance to Article 6 (1) (a) of the GDPR, gives his/her consent to the short term storage of the IP address of the terminal. The user's IP-address will be deleted when use of the website is complete. The operator uses the aforementioned data anonymously only for statistical purposes in connection with the offer.
On making contact with the operator (eg. by contact formula or e-mail), the following user's information may be stored for the purpose of processing the request, as well as, in the case of follow-up questions: title, first name and surname, postal address, e-mail address, telephone number and additional inquiry-related information (eg. duration of stay, number of persons).
Personal data collected in this manner will be deleted by the operator within three years, after processing of the request has been completed. The personal data disclosed by the user will only be processed and used by the operator to the extent necessary in fulfilling the request and /or for the provision of the requested service.
In the course of this data processing, the operator may forward the collected personal data to the following third parties (see contact details).
Use of the website is also possible without cookies. The user can deactivate the storage of cookies in his browser, limit cookies to certain websites or set his browser to send a notification before a cookie is stored. The user can delete cookies, at any stage, from the device's hard disk using the browser's privacy functions. In this case, the website's functions and user-friendliness could be restricted. The user's consent forms the legal basis of data processing, in the context of cookies, via the cookie banner.
The OpenStreetMap project was launched in 2004. The goal of the project is and was to create a free map of the world. Users collect data worldwide about buildings, forests, rivers and roads. Over the years, an extensive digital world map has been created by users themselves. Of course, the map is not complete, but in most regions it contains a lot of data.
First and foremost, our website should be helpful to you. And from our point of view, it is always helpful if you can find information quickly and easily. On the one hand, this is of course about our services and products, but on the other hand, we also want you to have access to other helpful information. That's why we also use the OpenStreetMap map service. Because this way we can show you, for example, exactly how to ﬁnd our company. The map shows you the best way to us and your journey becomes a breeze.
The collected data is subsequently accessible to the corresponding working groups of the OpenStreetMap Foundation. According to the company, personal data is not shared with other individuals or companies unless legally necessary. The third-party provider Pika does store your IP address, but in a truncated form.
The following cookie may be set in your browser when you interact with OpenStreetMap on our website:
Purpose: The cookie is needed to unlock the content of OpenStreetMap.
Expiration date: after 10 years
If you want to view the full screen of the map, you will be linked to the OpenStreetMap website. There, among other things, the following cookies may be stored in your browser:
Purpose: This cookie is used to ensure the operation of the map section.
Expiration date: after one hour
Purpose: The cookie can be used to store session information (i.e. user behavior).
Expiration date: after session end
Purpose: This cookie is set by PIWIk to store or measure user data such as click behavior.
Expiration date: after one year
The APl servers, databases, and ancillary services servers are currently located in the United Kingdom (Great Britain and Northern Ireland) and the Netherlands. Your IP address and user information that is stored in shortened form by the web analytics tool Piwik is deleted after 180 days.
You have the right to access your personal data at any time and object to its use and processing. You can manage, delete or deactivate cookies that may be set by OpenStreetMap in your browser at any time. However, this will prevent the service from working to its full extent. For each browser, managing, deleting or disabling cookies works slightly differently. Under the section "Cookies" you ﬁnd the corresponding links to the respective instructions of the most popular browsers.
If you have consented to OpenStreetMap being used, the legal basis of the corresponding data processing is this consent. According to Art, 6 para, 1 lit, a DSGVO (consent), this consent constitutes the legal basis for the processing of personal data as it may occur during the collection by OpenStreetMap.
From our side, there is also a legitimate interest to use OpenStreetMap to optimize our online service. The corresponding legal basis for this is Art, 6 para, 1 lit, f DSGVO (Legitimate Interests). Nevertheless, we only use OpenStreetMap if you have given your consent.
Source: Created with the privacy generator from AdSimple
We only want to welcome flesh and blood people to our site. Bots or spam software of any kind may confidently stay at home. That's why we pull out all the stops to protect ourselves and provide the best possible user experience for you. For this reason we use Google reCAPTCHA from Google. This way we can be pretty sure that we remain a 'bot-free' website. By using reCAPTCHA, data is sent to Google to determine if you are actually human, so reCAPTCHA is used to keep our website safe, and by extension, keep you safe. For example, without reCAPTCHA, it could happen that a bot registers as many e-mail addresses as possible during registration, in order to subsequently "spam" forums or blogs with unwanted advertising. With reCAPTCHA we can avoid such bot attacks.
reCAPTCHA collects personal data from users to determine whether the actions on our website really come from humans. Thus, the IP address and other data required by Google for the reCAPTCHA service may be sent to Google. IP addresses are almost always shortened beforehand within the member states of the EU or other contracting states to the Agreement on the European Economic Area before the data ends up on a server in the USA. The IP address is not combined with other data from Google unless you are logged in with your Google account while using reCAPTCHA. First, the reCAPTCHA algorithm checks whether Google cookies from other Google services (YouTube Gmail, etc.) are already placed on your browser. Then, reCAPTCHA sets an additional cookie on your browser and collects a snapshot of your browser window.
The following list of collected browser and user data, does not claim to be exhaustive. Rather, they are examples of data that, to our knowledge, are processed by Google:
It is undisputed that Google uses and analyzes this data even before you click the "I am not a robot" checkbox. With the Invisible reCAPTCHAN version even the ticking is omitted and the whole recognition process runs in the background. How much and which data Google stores exactly, Google does not tell you in detail.
The following cookies are used by reCAPTCHA: Here we refer to the reCAPTCHA demo version from Google at https://www.google.com/recaptcha. All these cookies require a unique identifier for tracking purposes. Here is a list of cookies that Google reCAPTCHA has set on the demo version.
Purpose: This cookie is set by the Doubleclick company (also owned by Google) to register and report a user's actions on the website in dealing with advertisements. In this way, advertising effectiveness can be measured and appropriate optimization measures can be taken. IDE is stored in browsers under the domain doubleclick.net.
Expiration date: after one year
Purpose: This cookie collects statistics on website usage and measures conversions A conversion occurs, for example. when a user becomes a buyer. The cookie is also used to display relevant advertisements to users. The cookie can be used to prevent a user from seeing the same ad more than once.
Expiration date: after one month
Expiration date: after 9 months
Purpose: The cookie stores the status of a user's consent to use different services provided by Google. CONSENT is also used for security purposes to verify user. Prevent login information fraud and protect user data from unauthorized attacks.
Expiration date: after 19 years
Purpose: NID is used by Google to customize ads to your Google search. With the help of the cookie, Google "remembers" your most entered search queries or your previous interaction with ads. This way you will always get tailored ads. The cookie contains a unique ID to collect personal settings of the user for advertising purposes.
Expiration date: after 6 months
Purpose: Once you tick the "I am not a robot" box, this cookie will be set. The cookie is used by Google Analytics for personalized advertising. DV collects information in anonymous form and is further used to make user distinctions.
Expiration date: after 10 minutes
Note: This list cannot claim to be exhaustive, as experience has shown that Google also changes the choice of its cookies time and again.
By inserting reCAPTCHA, data is transferred from you to the Google server. Where exactly this data is stored, Google does not make clear, even after repeated inquiries. Without having received confirmation from Google, it can be assumed that data such as mouse interaction, time spent on the website or language settings are stored on Google's European or American servers. The IP address that your browser transmits to Google is generally not merged with other Google data from other Google services. However, if you are logged into your Google account while using the reCAPTCHA PIugin, the data will be merged. The deviating data protection regulations of the Google company apply to this.
If you do not want any data about you and your behavior to be transmitted to Google, you must log out of Google completely and delete all Google cookies before you visit our website or use the reCAPTCHA software. Basically, the data is automatically transmitted to Google as soon as you visit our site. To delete this data, you must contact Google support.
Therefore, when you use our website, you agree that Google LLC and its agents automatically collect, process and use data.
Please note that when you use this tool, data about you may be stored and processed outside the EU. Most third countries (including the USA) are not considered secure under current European data protection law. Data to insecure third countries may therefore not simply be transferred, stored and processed there unless there are suitable safeguards (such as EU standard contractual clauses) between us and the non-European service provider.
If you have consented to Google reCAPTCHA being used, the legal basis for the corresponding data processing is this consent. According to Art, 6 para, 1 lit. a DSGVO (consent), this consent constitutes the legal basis for the processing of personal data, as it may occur in the case of both collection by Google reCAPTCHA.
On our part, there is also a legitimate interest in using Google reCAPTCHA to optimize our online service and make it more secure. The corresponding legal basis for this is Art. 6 para. 1 lit. ( DSGVO (Legitimate Interests). Nevertheless, we only use Google reCAPTCHA if you have given your consent.
Google also processes data from you in the USA, among other places. We would like to point out that according to the opinion of the European Court of Justice, there is currently no adequate level of protection for the transfer of data to the USA. This may be associated with various risks to the legality and security of data processing.
As a basis for data processing with recipients located in third countries (outside the European Union, Iceland, Liechtenstein, Norway, i.e. in particular in the USA) or a data transfer there, Google uses so-called standard contractual clauses (:=Art. 46. para. 2 and 3 DSGVU), standard contractual clauses (Standard Contractual Clauses ' SCC) are templates provided by the EU Commission and are intended to ensure that your data also comply with European data protection standards when transferred to and stored in third countries (such as the USA). Through these clauses, Google undertakes to comply with the European level of data protection when processing its relevant data, even if the data is stored, processed and managed in the USA. These clauses are based on an implementing decision of the EU Commission. You can ﬁnd the decision and the corresponding standard contractual clauses here, among other places: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de
The Google Ads Data Processing Terms, which refer to the standard contractual clauses, can be ﬁnd at https://business.safety.google/intl/de/adsprocessorterms/. You can learn a bit more about reCAPTCHA on Google's web developer page at https://developers.google.com/recaptcha/. Google does go into more detail here about the technical development of reCAPTCHA, but you will search in vain for precise information about data storage and privacy-related issues there as well. A good overview of Google's basic use of data can be found in the company's own privacy statement at https://www.google.com/intl/de/policies/privacy/.
Source: Created with the privacy generator from AdSimple
To improve our products, automated data processing techniques are used to analyse user behaviour (ie. profiling).
The operator, according to Article 107 (3) of the Telecommunications Act 2003 (TKG 2003) and Article 6 (1) (a) of the GDPR, reserves the right to save the following data permanently and for sending offers and information on services and offers provided by the operator by mail or e-mail, for the purposes of their own advertising purposes: title, first name, surname, postal address, e-mail address, telephone number. The user may object to the processing of his data for this purpose, during the collection, and at any time thereafter by sending an e-mail to firstname.lastname@example.org.
Furthermore, the user has more rights, which are granted by law. These are shown clearly below.
Right to be informed:
It is your right to be informed, if and to what extent your data is processed by us.
Right to Rectification:
If we process incomplete or incorrect personal data about you, you may request a correction or completion at any time.
Right to Erasure / the Right "to be forgotten":
If your personal data is unlawfully processed, you have the right to demand the deletion of your personal data from us. There may well be reasons opposing an immediate deletion (retention requirements or other legal obligations).
Right to Restriction of Processing:
If you contest the accuracy of data, you may request that your data be restricted for the duration of the audit if the processing of your personal information is unlawful, but you do not wish the data to be deleted if it is no longer required for the agreed purpose, as you may need the data for asserting / enforcing legal claims, or if you have objected to the processing of the data.
Right to Data Portability:
You have the right to demand the publication of the data provided by you in machine-readable form, provided that processing takes place on the basis of a consent or a contract.
Right to Objection to Processing:
If the processing of your personal data serves the purpose of performing public-interest tasks, the exercise of official authority or if we have a legitimate interest, you can object to this data processing if there is a legitimate interest in your personal data.
Right of Appeal:
If, in your opinion, the processing of your personal data violates Austrian or European data protection law, please contact us to clarify any questions. Of course you have the right to complain to the Austrian Data Protection Authority (Hohenstaufengasse 3, 1010 Vienna),
Assertion of Rights:
In order to assert one of the aforementioned rights, please contct us by e-mail at email@example.com. We will be pleased to help you further.
Confirmation of Identity:
To protect your rights and your privacy, in case of doubt, we are entitled to request proof of identity.
Right to Claim for Fees:
If you claim that one of the above-mentioned rights is manifestly unfounded or particularly frequent, we are entitled to charge an appropriate processing fee or refuse to process the application.
As public bodies, the operators of this Website are obliged to provide an official data protection officer. This ensures that your data is handled even more responsibly. Data protection for the Hotel Restaurant Humlerhof is provided by:
A-6150 Steinach am Brenner
phone.: +43 5272 6270
A-6150 Steinach am Brenner
phone: +43 5272 6251
Phone: +43 512 304788