Privacy Policy
Introduction
This Privacy Policy is designed to inform you about the types, purposes, and extent of personal data processing (hereinafter referred to as “Data”) we perform. This Privacy Policy applies to all personal data processing carried out by us, whether within the framework of providing our services or on our websites, mobile applications, and external online presences such as our social media profiles (collectively referred to as “Online Services”).
Effective Date: March 17, 2022
Table of Contents
1. Introduction
2. Data Controller
3. Overview of Processing Activities
4. Legal Basis for Processing
5. Security Measures
6. Transfer of Personal Data
7. Data Processing in Third Countries
8. Data Deletion
9. Use of Cookies
10. Business Services
11. Provision of Online Services and Web Hosting
12. Contact and Inquiry Management
13. Marketing Communication via Email, Post, Fax, or Phone
14. Web Analytics, Monitoring, and Optimization
15. Online Marketing
16. Social Media Presence
17. Plugins and Embedded Functions and Content
18. Management, Organization, and Support Tools
19. Changes and Updates to this Privacy Policy
20. Definitions
2. Data Controller
CHALET 1551 GmbH
Oberlech 747
6764 Lech, Austria
Authorized Representative: Edward Vermeer
Email: info@chalet1551.com
Phone: +43 676 6434 060
Imprint: https://www.chalet1551.com/imprint
3. Overview of Processing Activities
Below is an overview of the types of data we process, the purposes for processing, and the categories of individuals affected.
Types of Data Processed
• Basic Data
• Payment Data
• Contact Information
• Content Data
• Contract Data
• Usage Data
• Meta/Communication Data
Categories of Individuals Affected
• Interested Parties
• Communication Partners
• Users
• Business and Contract Partners
Purposes of Processing
• Provision of contractual services and customer support
• Responding to contact inquiries and communication
• Direct marketing
• Audience measurement
• Office and organizational procedures
• Remarketing
• Managing and responding to inquiries
• Feedback
• Marketing
• Creating user-based profiles
• Building target audiences
• Provision of our online services and user-friendliness
4. Legal Basis for Processing
Here is an overview of the legal bases under the GDPR on which we rely when processing personal data. Please note that in addition to the GDPR, national data protection laws in your or our place of residence may also apply. Should specific legal grounds be relevant, we will disclose them in this Privacy Policy.
• Consent (Art. 6 (1) lit. a GDPR) – The individual has given consent to the processing of their personal data for one or more specific purposes.
• Contract Performance and Pre-Contractual Inquiries (Art. 6 (1) lit. b GDPR) – Processing is necessary for the performance of a contract or to take steps at the request of the data subject prior to entering into a contract.
• Legal Obligation (Art. 6 (1) lit. c GDPR) – Processing is necessary for compliance with a legal obligation to which the data controller is subject.
• Legitimate Interests (Art. 6 (1) lit. f GDPR) – Processing is necessary for the purposes of the legitimate interests pursued by the data controller or a third party unless overridden by the interests or fundamental rights and freedoms of the data subject.
5. Security Measures
We implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, considering the state of technology, the costs of implementation, and the nature, scope, circumstances, and purposes of processing. This includes protecting the confidentiality, integrity, and availability of data.
• SSL Encryption (https): To protect your data transmitted via our online services, we use SSL encryption, identifiable by the “https://” prefix in your browser’s address bar.
6. Transfer of Personal Data
In the context of our processing, personal data may be disclosed to other entities, companies, legally independent organizational units, or individuals. This may include service providers tasked with IT services or other providers of content included in a website. We comply with legal requirements and enter into appropriate agreements to ensure the protection of your data.
7. Data Processing in Third Countries
If we process data in a third country (outside the EU or EEA), or if data is processed as part of the use of third-party services or disclosure/transfer of data to other persons, entities, or companies, this will only occur in compliance with legal requirements.
8. Data Deletion
Data processed by us will be deleted in accordance with legal requirements, as soon as the consents permitted for processing are revoked or other legal bases cease to apply (e.g., if the purpose for processing no longer exists).
9. Use of Cookies
Cookies are small text files or other storage tags that store information on end devices and can retrieve information from end devices. Cookies serve different purposes, such as ensuring the functionality, security, and convenience of our online services and compiling analyses on visitor flows.
10. Business Services
We process data from our contract and business partners (such as customers and prospective customers) within the context of contractual or similar relationships and associated measures.
11. Provision of Online Services and Web Hosting
To provide our online services securely and efficiently, we use the services of one or more web hosting providers, from whose servers our online services can be accessed.
12. Contact and Inquiry Management
When contacting us (e.g., through a contact form, email, phone, or social media), the information of the inquiring person is processed to the extent necessary to respond to the inquiry.
13. Marketing Communication via Email, Post, Fax, or Phone
We process personal data for advertising communication through various channels, such as email, phone, mail, or fax, as permitted by law.
14. Web Analytics, Monitoring, and Optimization
Web analytics helps us evaluate visitor flows to our online services and may include pseudonymous values about visitors’ behavior, interests, or demographics.
15. Online Marketing
We process personal data for online marketing purposes, including advertising and content display based on users’ potential interests.
16. Social Media Presence
We maintain online presences within social networks to communicate with users and offer information about us.
17. Plugins and Embedded Functions and Content
We integrate functional and content elements sourced from third-party servers into our online services. These may include graphics, videos, or maps.
18. Management, Organization, and Support Tools
We use services, platforms, and software from other providers (referred to as “third parties”) for organization, administration, planning, and provision of our services.
19. Changes and Updates to this Privacy Policy
We ask that you regularly check the content of our Privacy Policy. We will adapt this Privacy Policy as soon as changes to the data processing activities we conduct make this necessary.
20. Definitions
Here is an overview of the terms used in this Privacy Policy for your understanding.
• Personal Data: Any information relating to an identified or identifiable natural person.
• Controller: The natural or legal person, public authority, agency, or other body which determines the purposes and means of data processing.
• Processing: Any operation performed on personal data, such as collection, storage, modification, retrieval, use, or deletion.
For further inquiries, please feel free to contact us using the contact information provided above.