Dealing sensitively with your personal information is of greatest importance for DO & CO im Haas Haus Restaurantbetriebs GmbH, Stephansplatz 12, 1010 Vien, Tel: +43 1 535-3969 oder +43 1 24188, E-Mail: firstname.lastname@example.org, ("DO & CO", "we"). Thus, we process your personal data solely in accordance with the laws, particularly the EU General Data Protection Regulation ("GDPR"), the applicable Austrian Data Protection Act 2018 ("DPA") and the Austrian Telecommunications Act ("TKG"). In the following, your are informedwhich personal data we collect, process and use when you visit and use our website www.docohotel.com ("Website").
2. WHAT ARE PERSONAL DATA?
Personal data is information that can be used on its own or with other information to identify a natural person. This includes, for example, your name, email address and your IP address.
3. WHAT PERSONAL DATA DO WE COLLECT FROM PEOPLE THAT VISIT OUR WEBSITE AND FOR WHAT PURPOSES?
3.1. Contact Data
When you establish contact with us via e-mail, telephone, mail or through our contact form, we process your voluntarily provided personal information (address, name, company, email, phone number) and your request for the purpose of processing the request and answering any follow-up questions (pre-contractual measures or overriding legitimate interests). If necessary, we transfer these data to our group companies for the purpose of processing the request. Of course, any further transfer will only take place with your consent.
3.2. Hotel reservations and orders through the webshop
For the purpose of processing your order or booking, we process the data deliberately provided by you in the course of a hotel reservation (salutation, title, name, company, e-mail, telephone number, postal address, facsimile) and in addition, the selected hotel room, notes and special preferences related to your booking and credit card data (credit card provider, credit card holder, the last four digits of the credit card number) as well as the data in relation to product orders placed by e-mail or via telephone. The data provided by you are required to fulfill the contract or required to perform pre-contractual obligations. Without this data, we cannot conclude a contract with you. A transfer of data to third parties will not take place, except to the accounting department of DO & CO Aktiengesellschaft as our corporate headquarter and to tax advisor to fulfill our tax obligations.
3.3. Transfer to Third Parties
In addition to the above-mentioned data transfers, we transfer your personal data to the extent necessary to external agents or service providers:
- IT service providers and / or provider of data hosting or data processing or similar services;
- to other service providers, suppliers of tools and software solutions that also support us in providing our services and act on our behalf;
- to service providers and / or providers of touristic activities (such as sightseeing tours) or transfer companies, if you ask us to arrange and book such activities or transfers for you;
- to our affiliates listed below in order to fulfill the contract and fulfill legal obligations:
DO & CO Aktiengesellschaft
Tel.: +43 (1) 74 000-1001
K.u.K. Hofzuckerbäcker Ch. Demel's Söhne GmbH
Tel.: +43 (1) 535 17 17-0
DO & CO Catering & Logistics Austria GmbH
Tel.: +43 (1) 74 000-1001
DO & CO Pastry GmbH
Tel.: +43 (1) 74 000-1001
DO & CO Event Austria GmbH
Tel.: +43 (1) 74 000-1001
- to any parties towards you contribute to the fulfillment of our obligations (such as payment service provider, banks for payment processing, other service providers for the provision of decoration, equipment or marketing materials for events, messengers);
- to other external third parties to the extent necessary (eg accountants, insurance companies in the insurance case, legal representative in the present case, etc);
- to authorities and other public bodies in the mandatory extent (eg tax authorities, etc).
4.1. Google Analytics
The following information is collected by Google Analytics: anonymized IP address, browser, device type, device model, country, service provider, monitor resolution (on a mobile device), dwell time, language, operating system, visited pages on the website. Google will use this information, in particular to evaluate the use of the website users, compiling reports on website activity. Google may also transfer this information to third parties where required by law or third parties process this data on behalf of Google. If you want to opt out on Google Analytics, you can download the following plugin http://tools.google.com/dlpage/gaoptout download and install it.
User data is stored indefinitely or until you request deletion of your data. Google will then as soon as possible and in any case within 180 days delete the data.
4.2. Google Maps
Our site uses Google Maps API to display geographic information on the site Contact / Locations visually. Google Maps is operated by Google Inc. 1600 Amphitheater Parkway, Mountain View, CA 94043.
When using Google Maps information about the use of our website, including your IP address will be transferred to a Google server in the US and stored there. By using this site, you agree in this respect to the collection, processing and use of your data automatically collected by Google. We receive at no time your personal data.
4.3. Facebook Custom Audiences
This website uses "site Custom Audiences" pixel of the social network Facebook, 1601 South California Avenue, Palo Alto, CA 94304, USA.
When you visit our site, a direct connection between your browser and the Facebook server will be established through these web beacons. Facebook receives the information that you have visited via your IP address this website. This allows Facebook to assign your visit to our website to your user account. The information thus obtained can be used for the display of Facebook Ads. We point out that we as providers of the website do at no time process your personal data.
5. STORAGE DURATION
Your personal data will be stored by us for as long as required to fulfil our obligations towards users. However, due to our statutory retention obligations, we store your personal data in relation to orders and bookings for a maximum of seven years after contract fulfilment. We store your personal data provided in course of requests for a period of six months after answering your request in order to respond to any follow-up questions. This storage is based on our legitimate interests. So DO & CO has to develop a user-friendly customer support and to strengthen the company's reputation. In this case, no overriding interests of users exist.
6. DATA SECURITY
We take appropriate technical and organizational security measures to protect your personal data against accidental or unauthorized destruction, alteration or against loss, theft and unauthorized access, disclosure, reproduction, use, modification or access.
Thus, our secure server software encrypts all your personal information such as credit card number, bank code, bank account number, name and address. This information cannot be read by unauthorized persons during transmission on the Internet. When encrypting the characters you enter are converted into a code that can be securely transmitted over the Internet. This means that our customers are optimally protected from unauthorized accesses.
In addition, we and our employees are obliged to maintain confidentiality and data secrecy. Likewise, our agents and data processors who need to have access to your personal data to fulfill their obligations towards us are obliged to the same obligations to maintain confidentiality and data secrecy.
7. YOUR RIGHTS AS DATA SUBJECT
You have the right to access the personal data concerning you that is being processed by us. Additionally, you have the right to rectification of inaccurate data and to erasure your data. You can furthermore be entitled to the right to restriction of processing of your data as well as the right to receive the personal data concerning you in a structured, commonly used and machine-readable format.
You also have a right to object to the use of your data at any time if the processing is done for purposes of direct marketing. Insofar as we process data for our legitimate interests, you additionally have the right to object at any time if reasons arise for this from your specific situation.
Apart from that you have the right to lodge a complaint with the supervisory authority. The competent authority for us is the Österreichische Datenschutzbehörde, Wickenburggasse 8, 1080 Vienna.
Should you have questions concerning your personal data, contact us:
DO & CO im Haas Haus Restaurantbetriebs GmbH
Stephansplatz 12, 1010 Wien
Tel: +43 1 535-3969 or +43 1 24188
In order to be able to process your requests of the above mentioned data subject rights above and to ensure that personal data will not be disclosed to unauthorized third parties, please address the request by clearly identifying your person as well as a short description of the scope of the exercised data subject right listed above.