Obligation to provide information
(Data Protection Statement)
Protecting your personal details is important to us. We process your details solely on the basis of statutory obligations (GDPR, Telecommunications Act 2003). This information about data protection provides details on the most important aspects of data processing on our website.
1.1. Reporting obligation
In accordance with Austrian Registration Law you are obliged to register with us using details stated in § 5 and § 10 of the Registration Law. This comprises the following details: name, date of birth, gender, citizenship, country of origin, address including postcode and – for guests from other countries – type, number, issuing area and authority of your travel documents, along with the date of arrival and departure.
1.2. Guest register
We will record details in a guest register as per our statutory duty in accordance with § 19 Registration Law, for a duration of 7 (seven) years, as long as this is not to be processed for a longer period of time for other purposes stated in this Data Protection Declaration. We keep electronic guest register files, whereby we forward your details to an IT data processor, who store these details locally. No data transference will be made to a third party country.
1.3. Transfer of data
In accordance with § 6 Tourism Statistics directive, the data categories ‘arrival’ and ‘departure’ associated with country of origin are transferred to the district authority area where our accommodation is located. Paznaun – Ischgl tourist association, to which we are affiliated, and/or the district authority also transfer aggregated details about the number of overnight stays in total and persons who are obliged to pay tourist tax. The basis for this is § 19 Tyrol’s tourist tax legislation.
1.4. Legal basis for processing
Processing of the above points 1.1 to 1.3 is based on Art. 6 Para. 1 lit. c GDPR.
1.5. Additional transfer of date to the Tourist Authority/District council
We also transfer your postcode and date of birth (in pseudonymised and anonymised form) to our district council and to our tourism association for statistical purposes, so statistics about origin and age can be created and evaluated. This transfer is based on Art. 6 Para. 1 lit e (obligation for public benefit) and lit f (legitimate prevailing interests) of GDPR. You can file an objection to this to this at any time, for reasons resulting from your specific situation (Art. 21 Para 1 GDPR).
2. Guest card
There is the option to use the guest card. Guest cards provide you with discounts and/or services with various businesses in the region (e.g. discounted entry tariffs). A guest card is valid for your duration of your stay with us.
2.2. Issuing guest cards
A guest card is only issued and handed out by accommodation providers at your request. They will be issued using the guest card system used by the tourist association and/or the accommodation provider, either as:
- an electronically generated guest card,
- as a guest card that has been manually created, or
- as a carbon copy of your certification of registration.
2.3. Processing of personal details
The following personal details will be processed from your registration details, for electronically generated and also manually created guest cards (see Point 1 above): first name, surname, date of birth, country of origin/postcode and duration of stay (arrival/departure).
If a guest card is issued as a ‘certificate of registration’, it will include content as per § 5 in connection with 9 Reporting Act (see also the above point, ‘Registration details’ 1.1). In this instance there will be no electronic processing for guest card purposes.
In using the guest card, the following additional personal details will also be processed: details about the usage cycle of the respective card, use of services, bookings, transactions logging, reference to registration details and accommodation provider.
These details are required on the one hand to confirm identity and on the other to determine the period of validity for the guest card for respective service providers, and if necessary to calculate discounts between service providers, the tourist association and if necessary accommodation providers.
2.4. Legal basis for processing
The processing of data for guest card purposes is done through your consent (Art. 6 Para 1 lit a GDPR).
You may rescind your consent at any time by writing to your accommodation provider via their e-mail address (email@example.com).
2.5. Operating the guest card system
The guest card system is operated by the local tourist association (‘TVB’). The local accommodation providers and local businesses (‘service providers’) are also involved. Details that are to be processed for the guest card will be deleted after 40 (forty) months, unless further processing is effected for other legitimate purposes (e.g. registration).
2.6. Data recipient
Details processed for guest card purposes are received by the local tourist association to settle accounts for service providers and/or accommodation providers.
Individual service providers, who provide discounted services for the guest card, also receive these details in so far as guest card services have been used for these businesses.
To avail of discounts available for the respective guest card you must clearly present the card which shows the details to the service provider. The provider will then check, generally by reading the barcode on the guest card and by transferring bar code details to our IT service provider, to see if it is (still) valid. Personal details will also be transferred to the business, in particular details about your I.D. (to check your identity and date of birth).
Should the guest card be issued as a ‘certificate of registration’, they will check the validity of the carbon copy of the ‘certificate of registration’.
If you would like to receive the newsletter offered on the website, we need an e-mail address from you and information which enables us to check that you are the owner of the e-mail address provided and that you agree to receive the newsletter. To ensure that you consent to being sent the newsletter we use the so-called double opt-in process. In this context the potential recipient is included in a distribution list. After this user has the option via a confirmation e-mail to confirm registration. It is only when confirmation is granted that the address is actively included in the distribution list.
We use this data solely to send the information requested and offers.
Newsletter2Go is the newsletter software used. Your details will be transferred to Newsletter2Go GmbH. Newsletter2Go is prohibited from selling your details and using it for purposes other than to send newsletters. Newsletter2Go is a German, certified service provider which has been selected in accordance with the General Data Protection Act and the Federal Data Protection Act.
More information is available here: https://www.newsletter2go.de/informationen-newsletter-empfaenger/
You can rescind your consent to store details, your e-mail address and its use to send the newsletter at any time; for instance via the "Unsubscribe" link in the newsletter.
Statutory data protection measures are always subject to technical updates and for this reason we would ask that you stay informed of our data protection provisions at regular intervals by reviewing our data protection statement.
An online booking via our website is carried out using the booking process on the official Paznaun - Ischgl tourist association website.
This website uses Google Analytics, a web analysis service operated by Google Inc. (‘Google’). Google Analytics uses so-called ‘cookies’, small text files that are stored on your computer enabling an analysis of your use of the website. The information generated by the cookie about your use of this website (including your IP address) will be sent to a Google server in the USA and stored there. Google will use this information to evaluate your use of the website, to compile reports about website activities for the website operator and to provide additional services linked with the use of the website and the Internet. Google will also transfer this information to third parties if necessary, in so far as this is required by law, and third parties may process this data on behalf of Google. Google will not associate your IP address with any other data held by Google. You can prevent the installation of cookies by selecting the relevant settings on your browser software; we would however point out that in this case, the full functionality of this website may not be available to you. By using this website you consent to the processing of data by Google in the manner and for the purposes previously outlined.
You fundamentally have rights regarding information, correction, deletion, restriction, data transfer, rescission and objection. If you believe that the processing of your details contravenes the Data Protection Act or your rights to data protection have been infringed in another manner, you can raise a complaint with the supervisory authorities. In Austria this is the data protection authority.
We can be reached via the following contact details:
Berghotel Rasis, Fam. Kurz, No. 66 c, 6563 Galtür, Austria, Tel.: +43 5443 8417, Fax: 8417 7, e-mail: firstname.lastname@example.org
As at: May 2018