Privacy Policy Website

1. INTRODUCTION

Dealing sensitively with your personal information is of greatest importance for DO & CO im Haas Haus Restaurantbetriebs GmbH, Stephansplatz 12, 1010 Vien, Tel: +43 1 535-3969 oder +43 1 24188, E-Mail: stephansplatz@doco.com, ("DO & CO", "we"). Thus, we process your personal data solely in accordance with the laws, particularly the EU General Data Protection Regulation ("GDPR"), the applicable Austrian Data Protection Act 2018 ("DPA") and the Austrian Telecommunications Act ("TKG"). In the following, your are informedwhich personal data we collect, process and use when you visit and use our website www.docohotel.com ("Website").

In course of the further development of the internet, we may need to update this privacy policy . Therefore, we recommend you to access this policy regularly in order to inform yourself of the current version.

2. WHAT ARE PERSONAL DATA?

Personal data is information that can be used on its own or with other information to identify a natural person. This includes, for example, your name, email address and your IP address.

3. WHAT PERSONAL DATA DO WE COLLECT FROM PEOPLE THAT VISIT OUR WEBSITE AND FOR WHAT PURPOSES?

3.1. Contact Data

When you establish contact with us via e-mail, telephone, mail or through our contact form, we process your voluntarily provided personal information (address, name, company, email, phone number) and your request for the purpose of processing the request and answering any follow-up questions (pre-contractual measures or overriding legitimate interests). If necessary, we transfer these data to our group companies for the purpose of processing the request. Of course, any further transfer will only take place with your consent.

3.2. Hotel reservations and orders through the webshop

For the purpose of processing your order or booking, we process the data deliberately provided by you in the course of a hotel reservation (salutation, title, name, company, e-mail, telephone number, postal address, facsimile) and in addition, the selected hotel room, notes and special preferences related to your booking and credit card data (credit card provider, credit card holder, the last four digits of the credit card number) as well as the data in relation to product orders placed by e-mail or via telephone. The data provided by you are required to fulfill the contract or required to perform pre-contractual obligations. Without this data, we cannot conclude a contract with you. A transfer of data to third parties will not take place, except to the accounting department of DO & CO Aktiengesellschaft as our corporate headquarter and to tax advisor to fulfill our tax obligations.

3.3. Transfer to Third Parties

In addition to the above-mentioned data transfers, we transfer your personal data to the extent necessary to external agents or service providers:

  • IT service providers and / or provider of data hosting or data processing or similar services;
  • to other service providers, suppliers of tools and software solutions that also support us in providing our services and act on our behalf;
  • to service providers and / or providers of touristic activities (such as sightseeing tours) or transfer companies, if you ask us to arrange and book such activities or transfers for you;
  • to our affiliates listed below in order to fulfill the contract and fulfill legal obligations:

    DO & CO Aktiengesellschaft
    Stephansplatz 12
    A-1010 Wien
    Tel.: +43 (1) 74 000-1001

    K.u.K. Hofzuckerbäcker Ch. Demel's Söhne GmbH
    Kohlmarkt 14
    A-1010 Wien
    Tel.: +43 (1) 535 17 17-0

    DO & CO Catering & Logistics Austria GmbH
    Stephansplatz 12
    A-1010 Wien
    Tel.: +43 (1) 74 000-1001

    DO & CO Pastry GmbH
    Dampfmühlgasse 5
    A-1110 Wien
    Tel.: +43 (1) 74 000-1001

    DO & CO Event Austria GmbH
    Stephansplatz 12
    A-1010 Wien
    Tel.: +43 (1) 74 000-1001 
  • to any parties towards you contribute to the fulfillment of our obligations (such as payment service provider, banks for payment processing, other service providers for the provision of decoration, equipment or marketing materials for events, messengers);
  • to other external third parties to the extent necessary (eg accountants, insurance companies in the insurance case, legal representative in the present case, etc);
  • to authorities and other public bodies in the mandatory extent (eg tax authorities, etc).

4. COOKIES

Our website uses cookies. Cookies are small text files that are temporarily stored on your device and saved by your browser. We use cookies in order to improve the usability of the website. Some cookies remain stored on your device until you delete them. They allow us to recognize your browser the next time you visit our website.

If you wish to disable cookies, you can set your browser so that it informs you about the use of cookies and allow it only in individual cases. Please note, that when disabling cookies the functionality of our site may be limited.

4.1. Google Analytics

Our website uses functions of the web analytics service Google Analytics by Google Inc. ("Google"). This analysis tool uses cookies to collect standard log information and to enable analysis of the use of the website in an aggregate form. The information about your use of this website covered by the Google Analytics cookies may be transferred to Google server (usually in the US or in other countries outside the EU) and stored there. Since we respect the privacy of our users, we process only anonymized IP addresses.

The following information is collected by Google Analytics: anonymized IP address, browser, device type, device model, country, service provider, monitor resolution (on a mobile device), dwell time, language, operating system, visited pages on the website. Google will use this information, in particular to evaluate the use of the website users, compiling reports on website activity. Google may also transfer this information to third parties where required by law or third parties process this data on behalf of Google. If you want to opt out on Google Analytics, you can download the following plugin http://tools.google.com/dlpage/gaoptout download and install it.

User data is stored indefinitely or until you request deletion of your data. Google will then as soon as possible and in any case within 180 days delete the data.

4.2. Google Maps

Our site uses Google Maps API to display geographic information on the site Contact / Locations visually. Google Maps is operated by Google Inc. 1600 Amphitheater Parkway, Mountain View, CA 94043.

When using Google Maps information about the use of our website, including your IP address will be transferred to a Google server in the US and stored there. By using this site, you agree in this respect to the collection, processing and use of your data automatically collected by Google. We receive at no time your personal data.

Please find the terms of use for Google Maps here http://www.google.com/intl/en_en/help/terms_maps.html.

If you do not wish that Google Maps processes your personal information, disable this JavaScript in your browser. However, we point out that in this case you cannot use the map.

4.3. Facebook Custom Audiences

This website uses "site Custom Audiences" pixel of the social network Facebook, 1601 South California Avenue, Palo Alto, CA 94304, USA.

When you visit our site, a direct connection between your browser and the Facebook server will be established through these web beacons. Facebook receives the information that you have visited via your IP address this website. This allows Facebook to assign your visit to our website to your user account. The information thus obtained can be used for the display of Facebook Ads. We point out that we as providers of the website do at no time process your personal data.

For more information, please see the privacy policy of Facebook at https://www.facebook.com/about/privacy/. If you do not wish to disable the data collection via custom audience, you can disable Custom Audiences here.

5. STORAGE DURATION

Your personal data will be stored by us for as long as required to fulfil our obligations towards users. However, due to our statutory retention obligations, we store your personal data in relation to orders and bookings for a maximum of seven years after contract fulfilment. We store your personal data provided in course of requests for a period of six months after answering your request in order to respond to any follow-up questions. This storage is based on our legitimate interests. So DO & CO has to develop a user-friendly customer support and to strengthen the company's reputation. In this case, no overriding interests of users exist.

6. DATA SECURITY

We take appropriate technical and organizational security measures to protect your personal data against accidental or unauthorized destruction, alteration or against loss, theft and unauthorized access, disclosure, reproduction, use, modification or access.

Thus, our secure server software encrypts all your personal information such as credit card number, bank code, bank account number, name and address. This information cannot be read by unauthorized persons during transmission on the Internet. When encrypting the characters you enter are converted into a code that can be securely transmitted over the Internet. This means that our customers are optimally protected from unauthorized accesses.

In addition, we and our employees are obliged to maintain confidentiality and data secrecy. Likewise, our agents and data processors who need to have access to your personal data to fulfill their obligations towards us are obliged to the same obligations to maintain confidentiality and data secrecy.

7. YOUR RIGHTS AS DATA SUBJECT

You have the right to access the personal data concerning you that is being processed by us. Additionally, you have the right to rectification of inaccurate data and to erasure your data. You can furthermore be entitled to the right to restriction of processing of your data as well as the right to receive the personal data concerning you in a structured, commonly used and machine-readable format.

You also have a right to object to the use of your data at any time if the processing is done for purposes of direct marketing. Insofar as we process data for our legitimate interests, you additionally have the right to object at any time if reasons arise for this from your specific situation.

Apart from that you have the right to lodge a complaint with the supervisory authority. The competent authority for us is the Österreichische Datenschutzbehörde, Wickenburggasse 8, 1080 Vienna.

Should you have questions concerning your personal data, contact us:

DO & CO im Haas Haus Restaurantbetriebs GmbH
Stephansplatz 12, 1010 Wien
Tel: +43 1 535-3969 or +43 1 24188

E-Mail: stephansplatz@doco.com or datenschutz@doco.com

In order to be able to process your requests of the above mentioned data subject rights above and to ensure that personal data will not be disclosed to unauthorized third parties, please address the request by clearly identifying your person as well as a short description of the scope of the exercised data subject right listed above.