Privacy policy
Personal data (hereinafter mostly referred to as “data”) is processed by us only to the extent necessary and for the purpose of providing a functional and user-friendly website, including its content and the services offered there.
According to Article 4(1) of Regulation (EU) 2016/679, i.e. the General Data Protection Regulation (hereinafter referred to as “GDPR”), “processing” means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
With the following data protection declaration, we inform you in particular about the type, scope, purpose, duration and legal basis of the processing of personal data, insofar as we decide either alone or together with others on the purposes and means of processing. In addition, we inform you below about the third-party components we use for optimization purposes and to increase the quality of use, insofar as third parties process data under their own responsibility.
Our privacy policy is structured as follows:
I. Information about us as the controller
II Rights of users and data subjects
III. Information on data processing
I. Information about us as the controller
The responsible provider of this website in terms of data protection law is
Family Fankhauser
Museumstraße 134
A–5733 Bramberg am Wildkogel
Austria
Tel.: +43 676 / 387 00 17
Email: info@ff-appartements.at
is the provider’s data protection officer:
Monika Fankhauser
II Rights of users and data subjects
With regard to the data processing described in more detail below, users and data subjects have the right to
- to confirmation as to whether data concerning them is being processed, to information about the processed data, to further information about the data processing and to copies of the data (cf. also Art. 15 GDPR);
- to rectification or completion of incorrect or incomplete data (see also Art. 16 GDPR);
- to the immediate erasure of the data concerning them (see also Art. 17 GDPR), or, alternatively, insofar as further processing pursuant to Art. 17 para. 3 GDPR, to restriction of processing in accordance with Art. 18 GDPR;
- to receive the data concerning them and provided by them and to transfer this data to other providers/controllers (cf. also Art. 20 GDPR);
- to lodge a complaint with the supervisory authority if they are of the opinion that the data concerning them is being processed by the provider in breach of data protection regulations (see also Art. 77 GDPR).
In addition, the provider is obliged to inform all recipients to whom data has been disclosed by the provider of any rectification or erasure of data or restriction of processing required under Articles 16, 17 (1) and (2) GDPR. 1, 18 GDPR takes place. However, this obligation does not apply if this notification is impossible or involves a disproportionate effort. Notwithstanding this, the user has a right to information about these recipients.
Likewise, users and data subjects have the right to object to the future processing of data concerning them in accordance with Art. 21 GDPR, provided that the data is processed by the provider in accordance with Art. 6 (1) GDPR. 1 lit. f) GDPR are processed. In particular, an objection to data processing for the purpose of direct advertising is permitted.
II. Information on data processing
Your data processed when using our website will be deleted or blocked as soon as the purpose of the storage no longer applies, the deletion of the data does not conflict with any statutory retention obligations and no other information is provided below on individual processing procedures.
Hosting
The hosting services we use serve to provide infrastructure and platform services, computing capacity, storage space and database services, security services and technical maintenance services that we use for the purpose of operating this online offering.
We or the hosting provider process inventory data, contact data, content data, contract data, usage data, meta and communication data of customers, interested parties and visitors to this online offer on the basis of our legitimate interests in an efficient and secure provision of this online offer in accordance with Art. 6 para. 1 lit. f GDPR. Art. 6 para. 1 lit. f) GDPR in conjunction with. Art. 28 GDPR (conclusion of order processing contract).
Access data/server log files
We or our hosting provider collect data about every access to the server on which this service is located (so-called server log files). We automatically collect information about your usage behavior and your interaction with us and register data about your computer or mobile device. We collect, store and use data about every access to our online offering. The access data includes:
- Name and URL of the retrieved file
- Date and time of retrieval
- Amount of data transferred
- Message about successful retrieval (HTTP response code)
- Browser type and browser version
- Operating system
- Referrer URL (i.e. the previously visited page)
- Websites that are accessed by the user’s system via our website
- Internet service provider of the user
- IP address and the requesting provider
We use this log data without allocation to your person or other profiling for statistical evaluations for the purpose of operation, security and optimization of our online offer, but also for anonymous recording of the number of visitors to our website (traffic) and the extent and type of use of our website and services, as well as for billing purposes to measure the number of clicks received from cooperation partners. This information allows us to provide personalized and location-based content and analyze traffic, troubleshoot and fix errors, and improve our services.
This is also our legitimate interest pursuant to Art. 6 para. 1 lit. f) GDPR.
We reserve the right to check the log data retrospectively if there is a justified suspicion of unlawful use based on concrete evidence. We store IP addresses in the log files for a maximum period of 3 months if this is necessary for security purposes or for the provision or billing of a service, e.g. if you use one of our offers. After canceling the order process or after receipt of payment, we delete the IP address if it is no longer required for security purposes. We also store IP addresses if we have a concrete suspicion of a criminal offense in connection with the use of our website. We also store the date of your last visit as part of your account (e.g. when registering, logging in, clicking on links, etc.). Data whose further retention is required for evidentiary purposes is excluded from deletion until the respective incident has been finally clarified.
SSL encryption
This site uses SSL encryption for security reasons and to protect the transmission of confidential content, such as inquiries and orders that you send to us as the site operator. You can recognize an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line. You can find out more about data security in section 5.
Cookies
a) session cookies/session cookies
We use so-called cookies on our website. Cookies are small text files or other storage technologies that are placed and stored on your end device by the Internet browser you use. These cookies process certain information from you, such as your browser or location data or your IP address, to an individual extent. This processing makes our website more user-friendly, effective and secure, as the processing of e.g. enables the reproduction of our website in different languages or the offer of a shopping cart function.
The legal basis for this processing is Art. 6 para. 1 lit. b.) GDPR, insofar as these cookies are processed for the initiation or execution of a contract. If the processing does not serve to initiate or execute a contract, our legitimate interest lies in improving the functionality of our website. The legal basis in this case is Art. 6 para. 1 lit. f) GDPR. These session cookies are deleted when you close your Internet browser.
b) third-party cookies
Our website may also use cookies from partner companies with whom we cooperate for the purposes of advertising, analysis or the functionalities of our website.
Please refer to the following information for details, in particular the purposes and legal basis for processing such third-party cookies.
c) Possibility of elimination
You can prevent or restrict the installation of cookies by changing the settings of your Internet browser. You can also delete cookies that have already been saved at any time. However, the steps and measures required for this depend on the specific Internet browser you are using. If you have any questions, please use the help function or documentation of your Internet browser or contact its manufacturer or support. In the case of so-called Flash cookies, however, processing cannot be prevented via the browser settings. Instead, you must change the settings of your Flash player. The steps and measures required for this also depend on the specific Flash player you are using. If you have any questions, please also use the help function or documentation of your Flash player or contact the manufacturer or user support.
However, if you prevent or restrict the installation of cookies, this may mean that not all functions of our website can be used to their full extent.
Contact requests / contact option
If you contact us by contact form or e-mail, the data you provide will be used to process your request. The provision of the data is necessary for processing and answering your request – without their provision we cannot answer your request or can only answer it to a limited extent.
The legal basis for this processing is Art. 6 para. 1 lit. b) GDPR. Your data will be deleted if your request has been conclusively answered and the deletion does not conflict with any statutory retention obligations, such as in the event of any subsequent contract processing.
User contributions, comments and ratings
We offer you the opportunity to publish questions, answers, opinions or evaluations, hereinafter referred to as “contributions”, on our website. If you make use of this offer, we will process and publish your contribution, the date and time of submission and the pseudonym you may have used.
The legal basis for this is Art. 6 para. 1 lit. a) GDPR. You can revoke your consent in accordance with Art. 7 para. 3 GDPR at any time with effect for the future. All you have to do is inform us of your revocation.
In addition, we also process your IP and e-mail address. The IP address is processed because we have a legitimate interest in initiating or supporting further steps if your contribution infringes the rights of third parties and/or is otherwise unlawful. The legal basis in this case is Art. 6 para. 1 lit. f) GDPR. Our legitimate interest lies in any necessary legal defense.
We operate a company presence on the Facebook platform to advertise our products and services and to communicate with interested parties or customers.
On this social media platform, we are jointly responsible with Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Ireland. Facebook’s data protection officer can be contacted via a contact form:
https://www.facebook.com/help/contact/540977946302970
We have regulated the joint responsibility in an agreement regarding the respective obligations within the meaning of the GDPR. This agreement, which sets out the mutual obligations, is available at the following link:
https://www.facebook.com/legal/terms/page_controller_addendum
The legal basis for the processing of personal data that takes place as a result and is described below is Art. 6 para. 1 lit. f GDPR. Our legitimate interest lies in the analysis, communication, sales and advertising of our products and services. The legal basis may also be the user’s consent pursuant to Art. 6 para. 1 lit. a GDPR towards the platform operator. The user can withdraw consent to this in accordance with Art. 7 para. 3 GDPR at any time for the future by notifying the platform operator.
When our online presence is accessed on the Facebook platform, user data (e.g. personal information, IP address, etc.) is processed by Facebook Ireland Ltd. as the operator of the platform in the EU. This user data is used for statistical information about the use of our company presence on Facebook. Facebook Ireland Ltd. uses this data for market research and advertising purposes and to create user profiles. Using these profiles, Facebook Ireland Ltd. is able, for example, to advertise users within and outside of Facebook based on their interests. If the user is logged into their Facebook account at the time of access, Facebook Ireland Ltd. can also link the data to the respective user account.
If the user contacts us via Facebook, the personal data entered by the user on this occasion will be used to process the request. The user’s data will be deleted by us if the user’s inquiry has been conclusively answered and there are no statutory retention obligations to the contrary, e.g. in the case of subsequent contract processing.
Facebook Ireland Ltd. may also set cookies to process the data.
If the user does not agree to this processing, it is possible to prevent the installation of cookies by setting the browser accordingly. Cookies that have already been saved can also be deleted at any time. The settings for this depend on the respective browser. In the case of Flash cookies, processing cannot be prevented via the browser settings, but by the corresponding setting of the Flash player. If the user prevents or restricts the installation of cookies, this may mean that not all Facebook functions can be used to their full extent.
Further information on the processing activities, their prevention and the deletion of data processed by Facebook can be found in Facebook’s data policy:
https://www.facebook.com/privacy/explanation
It cannot be ruled out that processing by Facebook Ireland Ltd. may also be carried out by Facebook Inc., 1601 Willow Road, Menlo Park, California 94025 in the USA. Facebook Inc. has submitted to the “EU-US Privacy Shield” and thereby declares that it complies with EU data protection regulations when processing data in the USA.
https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active
Social media linking via graphic or text link
We also promote presence on the social networks listed below on our website. The integration is done via a linked graphic of the respective network. The use of this linked graphic prevents a connection to the respective server of the social network from being automatically established when a website that has a social media application is accessed in order to display a graphic of the respective network itself. Only by clicking on the corresponding graphic will the user be redirected to the service of the respective social network.
After the user has been redirected, information about the user is collected by the respective network. It cannot be ruled out that the data collected in this way will be processed in the USA.
These are initially data such as IP address, date, time and page visited. If the user is logged into his user account on the respective network, the network operator may assign the information collected from the user’s specific visit to the user’s personal account. If the user interacts via a “Share” button on the respective network, this information can be stored in the user’s personal user account and, if necessary, published. If the user wants to prevent the collected information from being directly assigned to his user account, he must log out before clicking on the graphic. It is also possible to configure the respective user account accordingly.
The following social networks are integrated into our site via links:
Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland, a subsidiary of Facebook Inc., 1601 S. California Ave., Palo Alto, CA 94304, USA.
Privacy Policy: https://www.facebook.com/policy.php
EU-US Privacy Shield Certificationhttps://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active
„Facebook“-social-plug-in
We use the plug-in of the social network Facebook on our website. Facebook is an Internet service of Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA. In the EU, this service is operated by Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland, hereinafter both referred to as “Facebook”.
Through certification under the EU-US Privacy Shield
https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active Facebook guarantees that EU data protection regulations will also be adhered to when processing data in the USA. The legal basis is Art. 6 para. 1 lit. f) GDPR. Our legitimate interest lies in improving the quality of our website. Facebook provides further information about the possible plug-ins and their respective functions at https://developers.facebook.com/docs/plugins/.
If the plug-in is stored on one of the pages of our website that you visit, your Internet browser will download a representation of the plug-in from Facebook’s servers in the USA. For technical reasons, it is necessary for Facebook to process your IP address. In addition, the date and time of your visit to our website are also recorded.
If you are logged in to Facebook while visiting one of our websites containing the plug-in, the information collected by the plug-in about your specific visit will be recognized by Facebook. Facebook may assign the information collected in this way to your personal user account there. So if you e.g. use the so-called “Like” button from Facebook, this information is stored in your Facebook user account and may be published via the Facebook platform. If you want to prevent this, you must either log out of Facebook before visiting our website or use an add-on for your Internet browser to prevent the Facebook plug-in from being blocked.
For further information about the collection and use of data as well as your rights and protection options, please visit Facebook’s privacy policy at
https://www.facebook.com/policy.php available in a data protection notice.
Google-Maps
We use Google Maps on our website to display our location and to provide directions. This is a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, hereinafter referred to as “Google”.
Through certification under the EU-US Privacy Shield
https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active Google guarantees that EU data protection regulations will also be adhered to when processing data in the USA.
In order to enable the display of certain fonts on our website, a connection to the Google server in the USA is established when you access our website. If you access the Google Maps component integrated into our website, Google will store a cookie on your device via your Internet browser. In order to display our location and create directions, your user settings and data are processed. We cannot rule out that Google uses servers in the USA. The legal basis is Art. 6 para. 1 lit. f) GDPR. Our legitimate interest lies in optimizing the functionality of our website.
Through the connection to Google established in this way, Google can determine from which website your request was sent and to which IP address the directions should be sent. If you do not agree to this processing, you have the option of preventing the installation of cookies by making the appropriate settings in your Internet browser. You can find details about this under the heading “Cookies” above.
In addition, the use of Google Maps and the information obtained via Google Maps is subject to the Google Terms of Service https://policies.google.com/terms?gl=DE&hl=de and the Google Maps Terms and Conditionshttps://www.google.com/intl/de_de/help/terms_maps.html.
In addition, Google offers
https://adssettings.google.com/authenticated
https://policies.google.com/privacy
further information.