Data Privacy Policy

The protection of your personal data is a top priority for us. As a consequence, we handle your data exclusively in strict compliance with data privacy laws (DSGVO, TKG 2003). In the following data privacy policy, we inform you about the most important aspects of how data is handled within the framework of our website.

If you have transmitted your personally identifiable information through this website or by email, such information will only be used in order to conduct correspondence with you as well as for those purposes for which you provided that information. We assure you that your personally identifiable information will not be shared with third parties unless the law requires us to do so.

The data you have provided will only be stored for 12 months or until such point as the purpose for which it was shared has been achieved. Insofar as the law requires that data be stored for a specific period of time, we will comply with such legal provisions. Should you no longer agree to our storing your personally identifiable data, pursuant to your request we will delete such data. If your personal data has changed in the meantime, we will correct that data based upon the information you provide us.

For security reasons and in order to protect transmission of confidential content, such as inquiries which are sent to us using the contact form, this site uses SSL encryption. You will be able to recognize the secure connection when the URL in your browser changes from "http://" to "https://", also generally accompanied by a green padlock symbol in your browser toolbar. When SSL encryption is activated, the data you share with us cannot be read or stolen by third parties.

You have the right, at any time and at no cost, to receive information about your personally identifiable data stored by us, about the source and recipient, the purpose for which it was collected, as well as to demand the correction, blockage or deletion of such data. 
If you think that the processing of your data violates the data protection law or your data protection claims have otherwise been violated, you can complain to the relevant supervisory authority. In Austria this is the „Datenschutzbehörde“ (data protection authority).

If you have questions on the topic of “your personally identifiable data”, you may contact us at any time as follows:

Josef Hutegger
+43 676 9518228
nfglstrbrglmt

The provider of our website automatically stores information in so-called server log files for certain services on the server on which our website is hosted. All log files are rotated daily, the logs from the previous day are archived and are then available for the specified retention time. However, these are purely internal log files to which we as the customer have no access. This data is not merged with personal data sources.

Web server log file
Contains: Domain, IP, requests, user agent, timestamp, status code
Retention time: 3 days

FTP log file
Contains: FTP User, IP, Downloaded / Uploaded files
Retention time: 24 hours

Email log file
Contains: metadata (sender, receiver, time, IP, size)
Retention time: 3 days

The plug-in we use from Google is based on a 2-click system. When you open a website, only a placeholder is loaded for YouTube videos and no actual connection is made automatically to YouTube itself. This connection is only initiated when you click on the appropriate button to view the video. In order to enable you to view the video, the website uses a plug-in from the Google-owned service YouTube. The operator is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA.
If you are also logged into your YouTube account while visiting our website, whenever you play a video you also allow YouTube to associate your surfing behaviors with your personal profile. However, you can prevent this from happening by logging out of your YouTube account beforehand.
When you view the video, a connection is made to the servers of YouTube. This simultaneously informs the YouTube server which of our pages you are visiting and have already visited.
Further information about how user data is used as well as the data privacy policy can be found on the pertinent webpages of Google.

The social media buttons provided on our website for Facebook and Twitter are “share” buttons or hyperlinks to the respective social media channel. They do not create an automatic connection to the various platforms, which distinguishes them from “like” buttons, which are not used on this website.

The online booking module we use on this website makes it easier for you and us to agree and manage bookings. For this purpose we use the „book-in Hotelsoftware“ provided by Wilfried Reiter. In the case of a booking, it is essential to collect the data, as this is necessary for the processing of your booking and the provision of your booked service for the Galsterbergalm. The data entered are transferred to the book-in Hotelsoftware.
Find more information about the handling of user data in the privacy policy of Wilfried Reiter - book-in Hotelsoftware

We only store personal data collected as part of a room booking for as long as necessary to process the contract and any subsequent contract-related correspondence. If the documents contain personal data relevant to commercial and/or tax law, they will be retained for the duration of the statutory retention periods stipulated in the German Commercial Code and the German Tax Code.
Legal basis for processing: The processing of personal data in connection with a room booking is necessary to fulfill the corresponding contract (Art. 6 GDPR).