Kiss me one last time*
Welcome to Kaprun
The protection of your personal data is particularly important to us. We therefore process your data exclusively on the basis of the legal provisions (GDPR, TKG 2003). In this data protection information we inform you about the most important aspects of data processing on our website.
Data storage contact
If you contact us using a form on the website or by email, the data you provide (including personal data and IP address) will be stored by us or on our servers (see server log files) in order to process your request. This data is used exclusively in connection with the request, is only stored for the duration of an active business relationship and is not passed on to third parties.
Data storage when booking
On our website you can book and/or inquire about rooms and offers. If a user takes advantage of this option, the data entered in the input mask will be transmitted to us and stored. These can be: salutation, first name, last name, email address, telephone, address, number of fellow travelers, wishes, date, time, room selection, offers, price.
If you make an online booking from our website, this is done through the online reservation system of websLINE Internet- & Marketing GmbH, Sägewerkstrasse 24, 83395 Freilassing, Germany. All booking data you enter is transmitted encrypted. websLINE is committed to handling your transmitted data in accordance with data protection regulations. It takes all organizational and technical measures to protect your data. In this context, the data will not be passed on to third parties. The data is used exclusively for processing the booking and for communication.
The legal basis for processing the data is the conclusion of an accommodation contract with the user. The sole purpose of processing the personal data from the input mask is to process the booking request and process payment transactions. Which are no longer necessary to achieve the purpose for which they were collected. In the case of a contractual relationship, we will delete the data received as soon as national, commercial law, statutory or contractual retention requirements have been met. The user has the opportunity to object to the processing of their personal data at any time. We would like to point out that in the event of an objection, the booking cannot be completed or the conversation cannot be continued.
PURCHASING VOUCHERS VIA OUR WEBSITE
1. Description and scope of data processing
On our website there is the option to purchase vouchers. If a user uses this option, the data entered in the input mask will be transmitted to us and saved. This data is: title, firstname, surname, address, email address, telephone number, voucher amount, personalisation of the voucher, shipping options/alternative shipping address, method of payment. Voucher purchases on our website go through the online ordering system of websLINE Internet- & Marketing GmbH, Sägewerkstrasse 24, 83395 Freilassing, Germany. All order data you enter shall be encrypted. websLINE commits to the data privacy-appropriate handling of your personal data. The company takes all organisational and technical measures to protect your data. In this context, no further transfer of your data to third parties takes place. The data is used exclusively for processing your booking and for communication purposes.
2. Legal basis for the processing of data
The legal basis for the processing of the data is the conclusion of a contract of sale with the user.
3. Purpose of data processing
The processing of personal data from the input mask serves solely to process your voucher purchase and to process payment transactions.
4. Duration ofstorage
The data will be deleted as soon as it is no longer necessary for the purpose of its collection. In the case of a contractual relationship, we will delete the data received as soon as national, commercial, statutory or contractual retention requirements have been met.
5. Means of objection and removal
The user has the option to object to the processing of their personal data at any time.
Current status: AcceptedCurrent status: Denied
When visitors visit the website, log data is collected by the servers. The data is stored and processed by the hosting provider, Managed-Office IT Services GmbH
Triesterstraße 10/221, 2351 Wiener Neudorf https://www.managed-office.at on servers located in Austria. This data includes the IP address and operating system of your device, the data, the access time, the type of browser and the browser request including the origin of the request (referrer). Log data including IP addresses are stored for a period of 6 months. The data is used internally for forensic investigations in the event of hack attacks or for other security-related analyses. In this way, we guarantee the security of your data on our systems and ensure that, in suspected cases, countermeasures are quickly taken to protect your data. The legality of this processing therefore results from Art. 6 GDPR.
In order to inform website users and interested parties about news, we send an email newsletter to subscribers at regular intervals (usually once a month).
Registration / Consent
You have the option of subscribing to our free newsletter via the website. By entering your email address in the registration form, you declare that you agree to receiving the newsletter and to the necessary storage of your data. The legal basis for data processing for the purpose of sending the newsletter is your consent. We process your data for the purpose of sending newsletters until you revoke your consent.
A sending service is used to process the newsletter dispatch, which is processed via their server. Only the data provided by you and necessary for shipping will be stored. By collecting opening rates, deletions and clicks, the user behavior of the recipients is analyzed anonymously, whereby IP addresses can also be transferred and saved. The data is stored for an indefinite period of time (until deletion is requested). Personal information is secure and will not be shared or sold to third parties.
Revocation / cancellation / deletion
You can revoke your consent to the newsletter being sent to your email address at any time. In every newsletter you have the option to unsubscribe from the newsletter or to manage your newsletter receipt via a clearly visible link (e.g. registering for another newsletter list). Alternatively, you can also send an email requesting you to unsubscribe to firstname.lastname@example.org. If you would like to have your data completely deleted in addition to unsubscribing from the newsletter, please send an email to email@example.com. The revocation does not affect the lawfulness of the processing carried out based on the consent before the revocation.
Our website uses functions of the web analysis service Google Analytics. Cookies are used for this purpose, which enable an analysis of the use of the website by your users. The information generated in this way is transferred to the provider's server (Google) and stored there.
You can prevent this by setting your browser so that no cookies are stored. Data processing is carried out on the basis of the legal provisions of Section 96 Paragraph 3 TKG and Article 6 Paragraph 1 lit a (consent) and/or f (legitimate interest) of the GDPR. Our concern within the meaning of the GDPR (legitimate interest) is to improve our offering and our website.
Since the privacy of our users is important to us, the user data is pseudonymized, i.e. the personal IP addresses are anonymized. By using this website, you agree to the processing of the data collected about you by Google in the manner and for the purpose described above. The collection and storage of data can be objected to at any time with effect for the future. Information on data protection at https://policies.google.com/privacy.
Google Analytics tracking is only activated after consent.
Meta-Pixel (Facebook Pixel)
This website uses the "Meta Pixel" to measure visitor interactions on this website. The provider of this service is Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. However, the data collected is also transferred by Meta / Facebook to the USA and other third countries.
The behavior of site visitors can therefore be tracked after they have been redirected to the provider's website by clicking on a Facebook ad. This allows the effectiveness of social media ads (on Facebook & Instagram) to be measured. For the website operator, the data collected is anonymous and no conclusions can be drawn about the identity of the user. However, the data is stored and processed by Facebook so that a connection to the respective user profile is possible and Facebook uses the data for its own advertising purposes. in accordance with the Facebook data usage guidelines (https://de-de.facebook.com/about/privacy/). This allows Facebook to enable the placement of advertisements on Facebook pages as well as outside of Facebook. As the site operator, we cannot influence this use of data.
The use of this service is based on your consent in accordance with Article 6 Paragraph 1 Letter a GDPR and Section 25 Paragraph 1 TTDSG. Consent can be revoked at any time. You can find further information on protecting your privacy in Facebook's data protection information: https://de-de.facebook.com/about/privacy/.
The meta pixel is only loaded on this website after consent to marketing cookies.
Facebook Conversion API
Our website uses Facebook Conversion API, which is a server-side tracking tool for user analysis.
Facebook Conversion API collects and stores usage data such as page views, length of stay, device information, IP addresses, locations. Data processing may also include email address, telephone number, gender, date of birth, first and last name, address, user IDs. The data collected allows us to transmit user behavior to Facebook for evaluation and to optimize advertisements accordingly.
The data collected is transmitted to Facebook, Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. Data is also processed in the USA. We use the standard contractual clauses approved by the EU Commission as the basis for this data processing. Consent to data processing by Conversion API can be revoked at any time. The Facebook Conversion API is only activated after consent to marketing cookies.
Google Fonts are used and hosted exclusively locally on the web server. No connection to Google Server. All rights to the fonts belong to Google.
Font Awesome Icons
Font Awesome Icons are used and hosted via a plugin that integrates the icons that are stored locally. No connection to Font Awesome is established. All rights to the icons belong to Font Awesome.
On some pages, this site uses the Google Maps map service from Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA, via an API or an IFRAME. In order to use the functions of Google Maps, it is necessary to save your IP address. This information is transmitted to a Google server in the USA and stored there. The provider of this site has no influence on this data transfer. The use of Google Maps is in the interest of making it easy to find the places we indicate on the website. This represents a legitimate interest within the meaning of the GDPR.
Google Maps will only be loaded after consent to tracking cookies.
Social Plugins (YouTube)
So-called social plugins are used on this website to integrate YouTube videos. These services are integrated using plugins and connections are established to the companies Facebook Inc., Instagram Inc., YouTube. If you access a page on our website that contains such a plugin, your browser establishes a direct connection to the Facebook & Instagram servers. The content of the plugin is transmitted directly to your browser by the respective provider and integrated into the page.
By integrating the plugins, the providers receive the information that your browser has accessed the corresponding page on our website, even if you do not have a profile or are not currently logged in. This information (including your IP address) is transmitted from your browser directly to a server of the respective provider in the USA and stored there. If you are logged in to one of the services, the providers can directly assign your visit to our website to your profile on Facebook or Instagram. If you interact with the plugins, for example by clicking the “Like” or “+1” button, the corresponding information is also transmitted directly to a server of the provider and stored there.
The purpose and scope of data collection and the further processing and use of the data by the providers as well as your related rights and setting options to protect your privacy can be found in the providers' data protection information: https://policies.google.com/privacy. If you do not want YouTube / Google to directly assign the data collected via our website to your profile in the respective service, you must log out of the relevant service before visiting our website. You can also prevent the plugins from loading completely using add-ons for your browser.
Social plugins are only loaded on the corresponding pages after approval.
Wordfence Security Plugin
This website is secured using the “Wordfence Security” service operated by Defiant Inc., 800 5th Ave., Suite 4100, Seattle, WA 98104, USA. The use is based on legitimate interest within the meaning of the GDPR.
The website uses Wordfence Security to protect against viruses and malware and to defend against attacks by criminals. The plugin sets cookies to detect whether the website is actually visited by a person or a robot. For the purpose of protecting against so-called brute force attacks (numerous automated login attempts from the same identity) or hacker comment spam, IP addresses are temporarily stored on the web server of this site. IP addresses that are classified as harmless are placed on a white list. Wordfence Security secures this website and thus also protects website visitors from viruses and malware. This represents a legitimate interest within the meaning of the GDPR. The Live Traffic View option (real-time live traffic) of the plug-in is reduced to a security-relevant listing. We do not participate in the Wordfence security network and therefore no data is passed on to third parties.
Further information on the collection and use of data by Wordfence Security can be found in the provider's data protection information: https://www.wordfence.com/privacy-policy/.
In principle, you have the rights to information, correction, deletion, restriction, data portability, revocation and objection. If you believe that the processing of your data violates data protection law or your data protection rights have been violated in any other way, you can complain to the supervisory authority. In Austria this is the data protection authority.
Responsible for the website and data protection and happy to answer questions and requests:
CSK Betriebs GmbH & Co KG
Phone: +43 6547 7113
Fax: +43 6547 7113 55