Controller and Responsible Authority in the sense of the EU-GDPR:
Towns Hotel GmbH
Rennweg 73, A-1030 Wien
Tel-Nr: +43 1 712 22 75
Contact of the controller for privacy related questions: email@example.com
This privacy statement provides users with relevant information regarding the processing of personal data carried out the by the controller and data protection practices related to them. It informs data subjects about the nature, extent and purpose of the collection and usage of personal data by the controller.
Insofar as the masculine form is used in the contents of this report, it is assumed that this refers to both genders on equal terms.
The protection and security of your personal data is an important concern of ours. Therefore, this website stores and processes your personal information only in accordance with the Austrian data protection law as well as the European general data protection regulation (GDPR). As a user you consent to these processing activities in case you continue with using our site and its services.
For further information regarding details about the GDPR, you can find the current version here: http://data.europa.eu/eli/reg/2016/679/oj.
We want to inform you, that a data transmission over the internet (e.g. by sending an E-Mail or using non-encrypted channels to access web-content) can be subject to security vulnerabilities. A completely reliable protection of data again access from third parties is not possible.
The consumption of our offered services is, as far as technically possible, available without providing any personal data at all. An additional provisioning of such data (e.g. name, contact details, E-Mail address) normally only happens on a voluntary basis. We will never forward this data to any third parties without your explicit consent in advance.
Data Protection Principles
Regarding the processing of your data, we always comply with applicable data protection principles in accordance with EU-GDPR Art. 5 by implementing adequate controls for ensuring transparency and security for the processing of your data. In case you have any concerns in that context, please let us know and contact us directly. We are always eager to fulfill all requirements of the individual data subjects and improve our data protection practices.
In principle, as a data subject you have all rights listed in chapter 3 of the EU-GDPR regarding the processing of your personal data.
Further information can be found in the EU-GDPR Artt. 12-23.
For the purpose of exercising one of those rights or any question related to it, please contact firstname.lastname@example.org.
In order to allow for a data lock at any time, it is necessary to keep the data in a lock file for checking purposes. If there is no legally required archiving obligation, you can also request the deletion of the data. Otherwise, we will lock the data if you so desire.
In case you think that any processing of your personal data carried out by us violates the data protection law or your individual privacy interests, you can complain directly at every data protection authority within the European Union. The contact address of the Austrian data protection authority can be found under: https://www.dsb.gv.at/.
Information collection when visiting the website
In case you access the contents of the website operated by Towns Hotel GmbH (from here on „Towns“ or „we“) or one of its offered online services, some personal data will be automatically collected and processed by the responsible webspace-provider (server logfiles).
Those server logfiles records mainly the following information:
This data is technically required for the operation of our online services because elsewise an access would not be possible at all.
Furthermore, we collect that information for statistical purposes to further improve our offers and technical platform.
In case we suspect an illegal use of our services, we reserve the right, to analyze data contained within server logfiles so that we can take appropriate action against it.
Users have the option to browse our site without cookies. To do so, the corresponding browser settings must be updated. Use your browser’s Help menu to find out how to deactivate cookies. However, may we point out that some features of this website may be impaired, and the use of services may be restricted. The pages http://www.youronlinechoices.com/uk/your-ad-choices/ (Europa) and http://www.aboutads.info/choices/ (USA) allow you to manage online advertising cookies.
Handling of online bookings
If you decide to book one of our services (reserving a room) over our website, we will process certain personal data. This is necessary due to enabling our internal booking procedure for answering and processing your request. This processing of your data is based upon EU-GDPR Art. 6 (1) lit. b EU-GDPR.
Specifically, we will process the following information about you in this context (to the extent they are provided at the time of the booking request):
All of this data will be processed as a respective booking entry within our internal systems and is stored for the duration of your visit as well as in accordance with the legal retention periods.
In case you consent, we will furthermore keep your data stored for future bookings to provide you with a simpler and more efficient booking experience. We will point out this option for consenting in a separate way.
Booking over third-party platforms
You also have to possibility to book our services through platforms provided by third parties. In those cases, the privacy policies of those third-party providers apply.
Normally, each platform collects similar data, which is also processed when you book our services directly through our website. This data will then be automatically gathered and provided by the third-party platform and afterwards sent to us, where we again use it for proceeding in accordance with our internal booking process.
Facebook and Instagram
We operate so called „Fanpages” on the online platforms Facebook und Instagram as part of our public relationships. The major contents of those „Fanpages“ are thereby provided by the respective third party of the platform, specifically Facebook Inc., 1 Hacker Way, Menlo Park, California 94025, USA (Facebook) and Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA (Instagram).
Since the operator of such fanpages is also to some extent responsible for the processing of personal data in the sense of EU-GDPR Art. 26 and builds and joint controller with the platform provider, we point out that we will also receive certain personal information in case you visit one of our fanpages. This data is provided to us by the respective platform provide and subject to an dedicated agreement – see here.
In general, we receive the following data from those third-party providers in an anonymized format:
Sadly, it is not possible for us, to gain a full insight in the data processed by Facebook and Instagram in detail, therefore, we cannot guarantee, that no further information is processed/provided to other recipients at all. However, we are very careful, that no further private data of an individual person is processed without proper consent. Also, we will not process any data except the one listed in this data protection policy for the purposes of the operation and improvement of our fanpages.
Please also consider in addition to the information provided right here, that for all further online services related to our fanpages Facebook and Instagram act as responsible controllers. Thereby, the following privacy rules apply:
In case you contact us with an application for a job position at our organization, we will receive certain personal information from you. This information will be used for handling your application and will therefore be processed based upon a pre-contractual relationship (EU-GDPR Art. 6 (1) lit. b, ggf. iVm Art. 9 (2) lit. b).
The exact extent of the personal data you provide us with, is determined by you. Therefore, we cannot provide an exhaustive list about possible data that will be porcessed in that context, however we want to mention that we only process that amount of data, that is necessary for proceeding with your application. Normally, this will include:
All of this data will be processed in accordance with our internal application procedures and be forwarded to the responsible employees (internal employees of our HR department, potential supervisiors etc.).
A forwarding towards third parties will not take place at all.
If you enter into an employment contract with us, we keep your application data until the conclusion of that contract’s retention periods.
If we do not close an employment contract, we keep your application data for six months (see §15 GlBG). If you then still want to receive updates on open positions, you may grant us your separate, written consent to do so.
In case you use our contact form on our website of decide to contact us via E-Mail, we will process your personal data for the purpose of handling your individual request as well as any follow-up questions for the duration of six months. Thereby, we process the following data (depending upon what you provide us with in your request):
We will not provide any third party with those data without your consent.
In order to ensure that our data protection policy always complies with the current legal requirements, we reserve the right to make changes at any time. This also applies in the event that the data protection policy has to be adapted due to new or revised activities, for example new services. The new data protection policy takes effect on your next visit.