PRIVACY POLICY
The protection of your personal data is particularly important to us. For this reason, we process your data exclusively on the basis of the legal provisions (GDPR, TKG 2003). In this data protection notice, we inform you about the most important aspects of data processing on our website.
Provider and controller
.
Hotel Rogen KG of Ewald Rogen
Dorfstraße 9, Spinges
39037 Rio di Pusteria
Phone: +39 0472 849 478
Fax: +39 0472 849 830
E-mail: info@hotel-rogen.it
Internet: www.hotel-rogen.it
MwSt-Nr.:IT02336880212
CIN: EN021074A1LC2T7UEK
Data Protection Notice for the South Tyrol Guest Pass
.
Purpose: The personal data provided will be transmitted to the single coordination centre of the Guest Pass to enable the creation and use of the Guest Pass and the provision of related services.
Recipients: In relation to the issuance of the Guest Pass, your data will be transferred to Consorzio Mobilità con P.IVA 02735170215 which, as the owner of the Guest Pass and the single coordination centre, acts as the autonomous controller of the data transferred. For further information on the processing to which your data will be subjected, please send an e-mail to privacy@moko.bz.it.
Legal basis: The legal basis for the processing is Article 6(1)(b) of the GDPR.
Contact us
.
If you contact us via the form on the website or by e-mail, the data you provide will be stored by us for six months for the purpose of processing your enquiry and in the event of subsequent questions. We will not pass this data on without your consent.
Cookies
Our website uses so-called cookies. These are small text files that are stored on your end device with the help of your browser. They do not cause any harm.
We use cookies to make our website easier to use. Some cookies remain stored on your end device until you delete them. They enable us to recognise your browser on your next visit.
If you do not wish this, you can set your browser to inform you of the cookie setting and only allow it in individual cases.
If you deactivate cookies, the functionality of our website may be limited.
Google Maps
We use the “Google Maps” service from the provider Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
Privacy Policy: https://www.google.com/policies/privacy/, Opt-Out: https://adssettings.google.com/authenticated.
Google Fonts
.
We use fonts (‘Google Fonts’) from the provider Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
Privacy Policy: https://www.google.com/policies/privacy/, Opt-Out: https://adssettings.google.com/authenticated.
Google ReCaptcha
.
We use the ‘ReCaptcha’ function to prevent bots from making entries, e.g. in online forms. It is offered by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
Privacy Policy: https://www.google.com/policies/privacy/, Opt-Out: https://adssettings.google.com/authenticated.
Web analysis
.
Our website uses the functions of the web analysis service Google Analytics. The provider is Google Inc. with headquarters at 1600 Amphitheatre Parkway Mountain View, CA 94043, USA. Cookies are used to analyse how users use the website. The information generated in this way is transmitted to a Google server in the USA and stored there. You can prevent this by configuring your browser not to store cookies.
We have concluded a corresponding contract with the supplier for the processing of order data.
Our interest within the meaning of the GDPR (legitimate interest) is the improvement of our offer and our website. Since the privacy of our users is important to us, user data is pseudonymised.
The user’s IP address is recorded but immediately pseudonymised (e.g. by deleting the last 8 bits). This means that only an approximate localisation is possible.
Data processing takes place on the basis of the legal provisions of § 96 para. 3 TKG and Art. 6 para. 1 lit. a (consent) and/or f (legitimate interest) of the GDPR.
Google is subject to an adequacy decision (implementing acts) of the EU Commission as of 10 July 2023. The EU Commission constantly monitors developments in the third countries concerned and revokes, amends or suspends decisions by means of implementing acts if there is information that the third country does not ensure an adequate level of protection. Below is the link to the adequacy decision for the United States (EU-US Data Privacy Framework – https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en).
User data are retained for a period of 14 months.
Detailed information on the use of data by Google, setting options and objections can be found on the following websites of Google: https://www.google.com/intl/de/policies/privacy/partners (“Use of data by Google when using the websites or apps of our partners”), http://www.google.com/policies/technologies/ads (“Use of data for advertising purposes”), http://www.google.de/settings/ads (“Management of information that Google uses to show you advertisements”).
Mouse tracking
.
Our concern within the meaning of the GDPR (legitimate interest) is the improvement of our offer and our website. This is why we use Hotjar to better understand the needs of our users and to optimise the offer of this website. With the help of Hotjar technology, we are able to better understand our users’ experiences (e.g. how much time users spend on which pages, which links they click on, what they like and don’t like, etc.) and to improve our offer. Hotjar works with cookies (see above) and other technologies to collect information about the behaviour of our users and their end devices (in particular, the IP address of the device (this is recorded and stored anonymously only), screen size, device type (unique device identifiers), information about the browser used, location (country only), preferred language for viewing our website). Hotjar stores this information in a pseudonymised user profile. The information is not used by Hotjar or us to identify individual users, nor is it combined with other data about individual users. Further information can be found in Hotjar’s privacy policy: https://www.hotjar.com/legal/policies/privacy.
You can oppose the storage of a user profile and information about your visit to our website by Hotjar and the setting of Hotjar’s tracking cookies on other websites by clicking on this opt-out link.
Data storage via our web shop
.
For the purpose of contract processing, we store the following data Title, first name and surname, address, e-mail address and optionally entered user data (company name, address, telephone number). The data provided by you is necessary for the fulfilment of the contract or the execution of pre-contractual measures. Without this data we cannot conclude the contract with you. The data are not transferred to third parties, with the exception of the transfer of credit card data to the processing bank/payment service provider for charging the purchase price, to the transport/shipping company commissioned by us for the delivery of the goods and to our tax advisor for the fulfilment of our tax obligations.
After cancellation of the purchase process, the data stored by us will be deleted. In the case of the conclusion of a contract, all data from the contractual relationship will be stored until the expiry of the retention period stipulated by tax legislation (7 years).
Data on name, address, purchased goods and date of purchase are also stored until the expiry of product liability (10 years). Data processing is carried out on the basis of the legal provisions of § 96 para. 3 TKG and Art. 6 para. 1 lit. a (consent) and/or lit. b (necessary for contractual fulfilment) of the GDPR.
Registration and user accounts
.
Users of our web shop can optionally create a user account. As part of the registration process, we provide users with the necessary information (mandatory fields and optional information). The data entered during registration is used for the use of our website. Users may be informed by e-mail about information relevant to the offer or registration, such as changes to the scope of the offer or technical updates.
In the event that users delete their user account, their data will be deleted from this account, with the exception of data whose retention is necessary for commercial or tax law reasons pursuant to Art. 6 para. 1 lit. c GDPR. Users are responsible for backing up their data in the event of deletion before the expiry of the contract. We are entitled to irretrievably delete all user data stored during the term of the contract.
Both on the basis of our legitimate interests and on the basis of the user’s interests in protection against misuse and other unauthorised uses, we store the IP address and the time of the respective action by the user if a user uses our registration and login function in connection with his user account. IP addresses are anonymised or deleted after 7 days at the latest.
As a matter of principle, we do not pass on data to third parties, except in situations where we need to enforce our rights or where we need to fulfil a legal obligation pursuant to Art. 6 para. 1 lit. c GDPR.
Newsletter
.
You have the opportunity to subscribe to our newsletter via our website. In order to provide you with targeted information, we may also collect and process additional information provided voluntarily by users.
In order to send you our newsletter, we need your e-mail address and your declaration of acceptance of the newsletter. As soon as you have registered for the newsletter, we will send you a confirmation e-mail with a link to confirm your registration.
You can unsubscribe from the newsletter at any time. Please send your cancellation to the following e-mail address: [EMAIL ADDRESS].
We will immediately delete your data in connection with the sending of the newsletter.
Google re/marketing services
.
Our interest within the meaning of the GDPR (legitimate interest) is the improvement of our offer and our website. For this reason we use the marketing and remarketing services (“Google Marketing Services”) of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, (“Google”).
Google is certified by the Privacy Shield agreement and thus offers a guarantee of compliance with European data protection legislation (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).
With the help of Google Marketing Services, we can display advertisements for and on our website in a targeted manner, in order to present users only ads that potentially reflect their interests. For this purpose, Google runs a code and uses so-called (re)marketing tags, with the help of which an individual cookie is stored in the user’s browser. For the use of cookies, see above.
The information collected may be combined by Google with other information from other sources. If the user subsequently visits other websites, he or she may be shown advertisements tailored to his or her interests.
In addition, the user’s IP address is recorded by Google Analytics, but immediately pseudonymised (e.g. by deleting the last 8 bits). This means that only a rough localisation is possible, the advertisements are not managed and displayed for a specific person, but for the owner of the cookie, regardless of who this owner is. Of course, this does not apply if the user has expressly allowed Google to process the data without this pseudonymisation. The user information collected by Google’s marketing services is transmitted to Google and stored on Google’s servers in the USA. The user’s IP address is not merged with user data within the scope of other Google services.
Among other things, we use cookies from Google’s marketing service “Google AdWords”; we may display advertisements from third parties on the basis of Google’s marketing service “AdSense” and related cookies. Further information on the use of data for marketing purposes by Google is available at https://policies.google.com/technologies/ads, Google’s privacy policy is available at https://www.google.com/policies/privacy.
We also use ‘Google Tag Manager’ to integrate the analytics and marketing services offered by Google into our website and to manage them centrally.
Online presence on social media
We manage online presences within social networks and platforms in order to communicate with users, stakeholders and customers who are active there. When accessing these networks and platforms, the terms and conditions and data processing guidelines of the respective operators apply.
Unless otherwise stated in our privacy policy, we process users’ data when they communicate with us on social networks and platforms.
Use of Facebook social plugins
.
Our interest within the meaning of the GDPR (legitimate interest) is the improvement of our offer, as well as the analysis, optimisation and economic operation of our website. For this reason we use social plugins (“plugins”) of the social network facebook.com, operated by Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (“Facebook”). The plugins can display content such as graphics, text or video contributions or interaction elements on the website. They can be recognised by one of the Facebook logos (‘f’ on a corresponding background, the ‘thumbs up’ sign or the terms ‘Like’ or ‘Gefällt mir’) or by the label with the addition ‘Facebook Social Plugin’. You can view the list and appearance of Facebook Social Plugins here: https://developers.facebook.com/docs/plugins/.
Facebook is certified by the Privacy Shield agreement and thus offers a guarantee of compliance with European data protection law (https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active).
Further information about the collection of data by Facebook, the further processing and use of the data as well as the rights of users and setting options for privacy protection can be found in Facebook’s data protection information: https://www.facebook.com/about/privacy/.
The contents and functions of the Twitter service can be integrated into our online offer. They are offered by Twitter Inc, 1355 Market Street, Suite 900, San Francisco, CA 94103, USA. This can include, for example, content such as images, videos or texts and buttons with which users can react to the content. If users are members of Twitter, Twitter may assign access to the content and functions to the respective user profiles. Twitter’s privacy policy: https://twitter.com/de/privacy.
Twitter is certified under the Privacy Shield agreement and thus offers a guarantee of compliance with the European Data Protection Act (https://www.privacyshield.gov/participant?id=a2zt0000000TORzAAO&status=Active).
.
The contents and functions of the Instagram service can be integrated into our online offer. They are offered by Instagram Inc, 1601 Willow Road, Menlo Park, CA, 94025, USA. This can include, for example, content such as images, videos or texts and buttons with which users can react to the content. If users are members of Instagram, Instagram may assign access to content and functions to the respective user profiles. Instagram’s privacy policy: http://instagram.com/about/legal/privacy/.
.
The contents and functions of the Pinterest service can be integrated into our online offer. They are offered by Pinterest Inc, 635 High Street, Palo Alto, CA, 94301, USA. This can include, for example, content such as images, videos or texts and buttons with which users can react to the content. If users are members of Pinterest, Pinterest may assign access to the content and functions to their respective user profiles. Pinterest’s privacy policy: https://about.pinterest.com/de/privacy-policy.
.
The contents and functions of the Xing service can be integrated into our online offer. They are offered by XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany. This can include, for example, content such as images, videos or texts and buttons with which users can react to the content. If users are members of Xing, Xing may assign access to content and functions to their respective user profiles. Xing’s Privacy Policy: https://www.xing.com/app/share?op=data_protection.
.
The contents and functions of the LinkedIn service can be integrated into our online offer. They are offered by LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland. They may include, for example, content such as images, videos or texts and buttons with which users can react to the content. If users are members of LinkedIn, LinkedIn may assign access to content and features to the respective user profiles. LinkedIn’s privacy policy: https://www.linkedin.com/legal/privacy-policy.
LinkedIn is certified under the Privacy Shield agreement and thus offers a guarantee of compliance with the European Data Protection Act (https://www.privacyshield.gov/participant?id=a2zt0000000L0UZAA0&status=Active).
Vimeo
Videos from the ‘Vimeo’ platform can also be integrated into our website. They are offered by Vimeo Inc, Attention: Legal Department, 555 West 18th Street New York, New York 10011, USA. Privacy Policy: https://vimeo.com/privacy.
Youtube
.
Our website may also include videos from the YouTube platform. They are offered by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
Privacy policy: https://www.google.com/policies/privacy/, opt-out: https://adssettings.google.com/authenticated.
Your rights
.
In principle, you have the rights to information, rectification, deletion, restriction, data portability, erasure and opposition. If you believe that the processing of your data violates the Data Protection Act or that your data protection rights have been violated in any other way, you can lodge a complaint with the supervisory authority. In Austria, this is the data protection authority.
You can contact us at the following addresses
You can contact our representative in the EU at the following addresses: info@hotel-rogen.it
You can contact our data protection officer using the following contact details: info@hotel-rogen.it
Source: The WKO data protection declaration template was used as the basis for this data protection declaration.
Status: 28.10.2019