- we will not collect personally identifiable information like your name, email, mailing address or telephone number (“Personal Information”) in a manner inconsistent with this policy;
- we will not disclose your Personal Information to third parties except as described in this policy, or unless you have authorized us to do so in advance;
- we will allow you to view, correct or remove your Personal Information and other information that is accessible to you as part of your guest account and
- we will take reasonable steps to protect the security of the Personal Information we collect from you. The remainder of this policy describes our information handling practices in detail.
We collect, process and use your Personal Information for purposes of providing the services requested by you from us, and in particular to register and manage your account, process your reservations, requests, and payments, and to communicate with you in connection with the above-listed purposes. Refusal to provide Personal Information for the above-mentioned purposes may affect our ability to fulfill contractual obligations or to provide you with services, information, and or material requested by you. With your consent, we may also use your Personal Information in order to provide you with advertising and promotional materials relating to us or other third parties using automatic means (such as e-mail or fax.), as well as paper mail and operator-assisted phone calls. Certain Personal Information that you have provided us may be given to the airline, car rental agency, hotel or property, travel package vendor or other involved third parties to fulfill your travel arrangements.
If you decide to register with us or to make a reservation on this site, we will collect Personal Information about you, such as your name, email and mailing addresses, telephone number(s), credit card information, that you voluntarily share with us. We process Personal Information mainly by electronic and automatic means. Personal Information may also be processed in paper form. We collect Personal Information that is necessary for us to provide you with the services offered on our site. When you browse, reserve or purchase travel services through our site such information may be provided to the applicable vendors or other involved third parties to fulfill your travel arrangements, subject to the conditions described in the section “Sharing and Transfer of Personal Information” below.
Purchasing, Booking or Reserving Travel Services or Accommodations
Payment Information and Travel History
Whether or not you register with us, you will be able to book, reserve or purchase travel services or accommodations through our site. To do so, you must provide payment information to us – for example, your credit card specifics like card number, issuing bank, expiration date, cardholder name and billing address.
Additional Products and Services
Sharing and Transfer of Personal Information
For the purposes described above, we may transfer and share your information, in compliance with applicable data privacy laws and on a need-to-know basis, with third parties including contractors, agents or data processors, some of whom may be located outside of your home jurisdiction, to enable such parties to provide services to us and to improve our service offerings to you. We will establish appropriate contract terms or other protections to appropriately safeguard such data.
Storage of Personal Information
The Personal Information you provide will be transferred and stored in a jurisdiction that may not provide an adequate level of protection to Personal Information equivalent to that provided by your home jurisdiction. We have engaged the following service providers for the purposes of processing your reservation requests:
- Zimmersoftware KG, Stammersdorferstraße 420 / 16b, 2201 Gerasdorf bei Wien, Austria (processing of enquiries and bookings)
- easyname GmbH, Canettistrasse 5/10, 1100 Wien, Austria (as hoster and email provider)
- Stripe Payments Europe, Limited, The One Building, 1 Grand Canal Street Lower, Dublin 2, Co. Dublin, Ireland (payment processing)
Inquiry and booking management
We use the zimmersoftware software (Zimmersoftware KG, Stammersdorferstraße 420 / 16b, 2201 Gerasdorf bei Wien, Austria) as a SaaS (Software as a Service) solution to process inquiries and collect and process booking data. All data recorded in the room software is divided into appropriate data categories and will be automatically deleted after the legal basis no longer applies.
Hosting und E-Mail Provider
We host our website with our processor easyname GmbH, Canettistrasse 5/10, 1100 Vienna, Austria.
Connection data is processed for the purpose of providing and delivering the website. For the mere purpose of delivering and providing the website, the data will not be stored beyond the call.
The legal basis for data processing is the legitimate interest (absolute technical necessity for the provision and delivery of the “website” service you expressly requested when you called it up) in accordance with Article 6 (1) (f) GDPR.
To operate the website, the connection data and other personal data are also processed as part of various other functions or services. This is explained in detail in the context of this data protection declaration for the individual functions or services.
Furthermore, easyname acts as an e-mail provider (sending, receiving and saving of e-mails).
Server log files
Connection data is processed for the purpose of monitoring the technical function and increasing the operational security of our web host. The processing time is timely limited.
The legal basis for data processing is the legitimate interest (absolute technical necessity of a server log file as a basic database for error analysis and for security measures within the framework of the “website” service expressly requested by your call-up) in accordance with Article 6 Paragraph 1 lit. f GDPR.
If you send us inquiries via the contact form, your details from the inquiry form, including the contact details you provided there, will be stored by us for the purpose of processing the inquiry and in the event of follow-up questions. We do not pass on this data without your consent.
If you make a payment in our booking engine, payment by credit card and SOFORT bank wire transfer is possible. The provider of this payment service is:
Stripe Payments Europe, Limited, The One Building, 1 Grand Canal Street Lower, Dublin 2, Co. Dublin, Ireland.
This corresponds to our legitimate interest in offering an efficient and secure payment method (Art. 6 Para. 1 lit. f GDPR). In this context, we pass on the following data to Stripe insofar as this is necessary for the fulfillment of the contract (Article 6 (1) (b) GDPR).
- name of the cardholder
- email address
- customer number
- order number
- bank details
- credit card details
- validity period of the credit card
- credit card verification number (CVC)
- date and time of the transaction
- transaction total
- vendor name location
The processing of the data specified under this section is not required by law or contract. Without the transmission of your personal data, we cannot make a payment via Stripe.
Stripe takes on the role as controller in data processing activities. As the controller, Stripe uses your transmitted data to fulfill regulatory obligations. This corresponds to Stripe’s legitimate interest (according to Art. 6 Para. 1 lit. f GDPR) and serves to execute the contract (according to Art. 6 Para. 1 lit. b GDPR). We have no influence on this process.
Stripe has implemented compliance measures for international data transfers. These apply to all worldwide activities in which Stripe processes personal data of natural persons in the EU. These measures are based on the EU Standard Contractual Clauses (SCCs).
You can find more information on how to object to and remove Stripe from: https://stripe.com/privacy-center/legal. More information about Stripe’s service contract can be found at https://stripe.com/at/legal/ssa and the data protection declaration at https://stripe.com/at/privacy. (https://github.com/oprvc/oprvc.github.io)
Payment data is stored for the duration of the service provided by Stripe or as required by regulatory requirements. This includes the time it takes to process refunds, claims management and fraud prevention. Find out more on our payment provider’s website: https://stripe.com/en-at/privacy#security-and-retention.
In addition to the circumstances described above, Amadee Appartements may disclose information you have provided if required to do so by law, court order, as requested by any government or law enforcement authority, or in the good faith belief that disclosure is otherwise necessary or advisable including, without limitation, to protect the rights or properties of Amadee Appartements when we have reason to believe that disclosing the information is necessary to identify, contact or bring legal action against someone who may be causing interference with our rights or properties, whether intentionally or otherwise, or when anyone else could be harmed by such activities.
We maintain technical, electronic, and organizational security procedures to maintain the security of Personal Information, and safeguard Personal Information against unauthorized or unlawful processing and/or against accidental or unlawful loss, alteration, disclosure or access. Our security procedures include contractual terms with any contractors, agents or data processors that require such entities to protect the security and confidentiality of Personal Information in accordance with our standards.
It is your responsibility to safeguard any email or password that you have created or used in connection with this site, and to notify us if you ever suspect that the security and confidentiality of such email or password has been compromised in any way. You are solely responsible for any use of this site via your email and password.
For security reasons and to protect the transmission of confidential data, such as enquiries you sent to us as the provider, this website uses an SSL encryption. You recognise an encrypted transmission by the change of the address line of the browser from “https://” to “https://” and by the lock-symbol in your browser address line.
If the SSL encryption is active, the data you have transmitted to us cannot be accessed by third parties.
Retention of Personal Information
We will maintain Personal Information for as long as we are required to do so by applicable law(s), or for as long as necessary for the purpose(s) described above for which it is processed. We will delete Personal Information when it is no longer needed and, in any case, upon expiration of the maximum storage term set forth by applicable law.
Notification of Changes
We may change this policy from time to time. If we decide to change this policy in a material way (for example, a change regarding disclosure of Personal Information), we will post notice of the change on our site. Your continued use of our site after we make changes to this policy is deemed acceptance of those changes. If any proposed change is unacceptable to you, you may request to that we remove your Personal Information (and/or that of other individuals for whom you made your travel reservations) from our records.
Our site provides links to other sites. When you click on one of these links, you are leaving our site and entering another site that we do not control and for which we cannot be responsible. You should carefully review the privacy statements or policies on any other site that you visit because those privacy statements or policies will apply to your visit to that site and may be very different from our policy.
You have the right to access, review, correct, change or delete your Personal Information that you have provided to us by written request. You can also object to the processing of your personal data for marketing purposes, or, for legitimate reasons, for other purposes, by contacting us.
If you believe that the processing of your data violates data protection law or your data protection rights have otherwise been violated in any way, you can complain to the supervisory authority. In Austria, this is the data protection authority.
Karin und Alfred Hummer
Hochosterwitzer Str. 1
9300 St. Veit an der Glan