HTM HOTEL- UND TOURISMUS-MANAGEMENT GMBH
All processing steps are in accordance with the Austrian Privacy Protection Act (Datenschutzgesetz, DSG) including the European General Data Protection Regulation (GDPR) and all other European and national laws to which we are subject (Austrian Federal Tax Code - Bundesabgabenordnung, BAO; Austrian Civil Code – Allgemeines bürgerliches Gesetzbuch, ABGB; Austrian Commercial Code - Unternehmensgesetzbuch, UGB; etc.).
We process the personal data that we obtain in the course of our business relation with you. Personal data are all information associated with an identified or identifiable natural person. Below, we provide examples of personal data that we collect and process as part of the provision of our products and services in accordance with the laws:
- Date of birth
- Contact address(es)
- Electronic contact details (phone number, fax number, e-mail address)
- IP address
- ID information from official photo IDs (e.g. personal ID card number, passport number, driver’s license number, personal master data, ID scan)
Collection and processing of personal data
We exclusively use the personal data collected from you to the extent that they are required to fulfil the respective purpose (e.g. to provide our services or products, to send a newsletter, to send information material and advertising, to conclude a lottery, to carry out customer analyses, to answer a question you ask us or to enable access to certain other information).
Data processing by a third party
If we commission a data processor, we remain responsible for the protection of your personal data. External data processors and partner companies, or other cooperation partners, only receive your data to the extent that this is necessary, e.g. to conclude a lottery. Your personal data are not sold to third parties or otherwise marketed.
For what purposes and on what legal grounds are your data processed?
HTM Hotel und Tourismus-Management GmbH processes your personal data in accordance with data protection laws.
- - Following your consent (Art. 6 para. 1 (a) GDPR)
Granted consent can be revoked at any time with effect for the future (for example, you can object to the processing of your personal data for marketing and advertising purposes if you no longer agree to this processing).
- - To execute a contract (Art. 6 para. 1 (b) GDPR)
The processing of your personal data is necessary to execute the contract.
- - To fulfil legal obligations (Art. 6 para. 1 (c) GDPR)
The processing of personal data is conducted for the purpose of fulfilling various legal obligations (e.g. ABGB (Austrian Civil Code), BAO (Austrian Tax Code) or data collection legally required as part of accommodation) to which HTM is subject.
- - To protect legitimate interests (Art. 6 para. 1 (f) GDPR)
To the extent required, data may be processed to the benefit of HTM or a third party beyond what is necessary to actually fulfil the contract following a weighing of interests and to protect the legitimate interests of HTM or those of third parties. In the following cases, data is processed to protect legitimate interests:
- Inspection and optimization of procedures for needs analysis and direct customer contact;
- Advertising or market research and surveys, provided that you have not objected to the use of your data pursuant to Art. 21 GDPR.
- Video monitoring to collect evidence in crimes; this serves in particular to protect customers and employees;
- Measures to protect employees and customers as well as the property of HTM;
- As part of prosecution.
Automated decision-making pursuant to Art. 22 GDPR
We do not use any automated decision-making in the meaning of Art. 22 GDPR to reach a decision on founding and carrying out a business relation.
How long is your personal data stored for?
When you use a product or service of HTM Hotel- und Tourismus-Management GmbH, your personal data is stored after complete fulfilment of the contract for the limitation and legal record-keeping periods applicable to us. Furthermore, your data is stored until the conclusion of any legal disputes in which the data may be required as evidence.
Recipients of personal data
Your personal data is only transmitted to third parties with your consent. Excluded from this are transmissions that are necessary due to a legal requirement or to execute the contract.
You have the right to information, correction, deletion, restriction, data portability, revocation and objection. If you believe that the processing of your data violates data protection law or that your data protection rights have otherwise been violated, you can lodge a complaint at any time with the Austrian Data Protection Authority (Österreichische Datenschutzbehörde, www.dsb.gv.at).
Enforcing your rights
If you wish to enforce a right, you can contact the data protection officer of HTM at the following e-mail address: firstname.lastname@example.org.
As part of the process to enforce your rights, it is possible that additional information is requested to confirm your identity (e.g. submission of an official ID with photo). This is to protect your rights and your privacy, ensuring that no third party gains access to your data. HTM will react to all appropriate questions free of charge and as quickly as possible in line with applicable law.
HTM Hotel- und Tourismus-Management GmbH
2351 Wiener Neudorf
Tel: +43 2252 606 -0
Data protection officer
Peter Ertl, MBA
Tel: +43 2252 60 70 90-232
Activation/deactivation of cookies
Through the browser configuration, users can select at all times what cookies on a website may be active:
- Google Chrome
Settings › Advanced settings › Content settings › Cookies
- Mozilla Firefox
Settings › Privacy & security › History
- Microsoft Internet Explorer
Internet options › Privacy › Settings
- Microsoft Edge
Settings › Advanced settings › Cookies
- Apple Safari
Settings › Privacy
For further information please contact the respective customer support for your browser. You can also find useful information at http://www.aboutcookies.org.
Web analysis tool Matomo
You can object here.
Google Ads Conversion Tracking
This website uses Google Ads, an online advertising and analysis service of Google, and Conversion Tracking as part of Google Ads. Google Ads stores a cookie for Conversion Tracking on the hard drive of your computer (so-called “Conversion Cookie” with the designation _gcl_aw), when you click on an ad displayed by Google. These cookies expire after 90 days and do not serve personal identification. When you visit certain pages on our website, we and Google can recognise that you clicked on the ad and were redirected to our site. The information collected with the help of the Conversion Cookie serve to generate statistics for our Google Ads campaigns. These statistics inform us of the total number and the cumulative contributions of users that have clicked on the ads displayed by Google and have called up one of our sites equipped with the Conversion Tracking tag. However, we do not obtain any information enabling the personal identification of users. The obtained data cannot be assigned to specific users.
This site uses the mapping service Google Maps via an API. To use the functions of Google Maps it is necessary to save your IP address. This information is usually transmitted to a server of Google in the USA and is stored there. We have no influence on the transmission of this information. We use Google Maps to make it easy to find our business locations. This is a legitimate interest in the meaning of Art. 6 para. 1 (f) GDPR.
Links to other websites
Our websites contain links to other websites. The operators of those websites are responsible for observing the relevant data protection provisions; this is beyond our control. We are therefore not responsible for the data protection strategy or for the contents of these other websites.
We use technical and organisational security measures to protect your data from manipulation, loss, destruction and access by third parties. Our security measures are continuously improved as technology improves. Here is an extract from our current catalogue of measures.
Entry and access controls
Our data centres are protected from unauthorised entry and access by state of the art technologies.
Our servers record activity logs in which certain administrative information regarding data traffic is stored, such as IP address, access time, access date and browser used. This information is essential for the provision and the quality of the services. In the event of a possible system error, the personal data to be processed at that time are logged in an error protocol in order to be able to troubleshoot as quickly and effectively as possible. These data are only viewed by specially trained and authorised personnel and are never transmitted to third parties and are deleted from our system at the latest after 4 weeks.
When using our website, all information that we obtain from you, e.g. your name, address, phone number or e-mail address, is transmitted in encrypted form from your browser to our servers using SSL (Secure Socket Layer) to protect it. The data transmission from our branches or partners to our data centres is also protected by MPLS and VPN from access by third parties. This ensures that unauthorised parties cannot read, change, interpret or copy and later resend this information during the data transmission.
Data entry controls
All entries, changes and deletions of personal data are logged.
The further processing of personal data by third parties is limited to the absolute minimum and is governed by strict, contractually agreed rules.
The protection of your data from loss or destruction is ensured by a series of measures, such as an independent power supply and distributed data centres.
Your personal data are never used for testing purposes, and our development system is clearly separated from our productive system.
Deactivate Google Analytics
- You can generally block the collection of your user data by adjusting the settings of your browser to "Do Not Track". Our website then takes into account the "Do Not Track" signal, which your browser then sends to all websites.
- You can generally block the collection of your user data by Google Analytics by downloading and installing a browser plugin which is available at: https://tools.google.com/dlpage/gaoptout?hl=de
- You can block the collection of your data by Google Analytics only on this website by clicking the following link. This allows you to set an opt-out cookie which blocks the collection of your data if you visit this website again: Deactivate Google Analytics.
Links to other websites
Our websites contain links to other websites. Compliance with the relevant data protection regulations for these websites is the responsibility of the operators of the respective websites and is therefore beyond our sphere of influence. Therefore we are not responsible for the data protection strategies or the content of these other websites.