Privacy Policy

We protect your privacy and your private data. We collect, process, and use your personal data (“data”) exclusively within the bounds of the provisions of the General Data Protection Regulation (GDPR) and applicable data protection regulations.

This privacy policy applies to all the processing operations of your data we perform, to our rendering of services, on our website http://www.lechzuers.com/, and within external online presences such as our social media presences (together the “online services”).

To make this text easier to read, we will use masculine pronouns throughout. This obviously refers to all genders equally.

What follows will inform you, in accordance with the regulations of the GDPR, about the type, scope, and purpose of the data collection and data use.

If you have questions or concerns about the processing of your data, please contact us:

Lech-Zürs Tourismus GmbH

Dorf 2

6764 Lech am Arlberg

E-mail: info@lechzuers.com

Telephone: +43 5583 2161-0

Website: http://www.lechzuers.com/

We will forward or transmit your data to third parties only if this is necessary to perform a contract or for billing purposes, or you as a user of our website and/or customer have provided your consent in advance in accordance with Art. 6 para. 1 lit a GDPR.

The recipients of these data might include (1) service providers commissioned for IT assignments or (2) providers of services and content embedded in a website. We comply with statutory requirements in such cases, particularly by entering into appropriate contracts or agreements with the recipients of your data in order to protect your data.

Data transfer into a third country (USA):

Many of the aforementioned recipients are located outside your country or process your data outside your country. Under certain circumstances, the level of data protection in other countries might not be equivalent to those of your country. However, we transmit your data only in countries whose level of data protection has been deemed adequate by the EU Commission, or we take measures to guarantee that all recipients have an adequate level of data protection. To that end, we enter into Standard Contract Clauses (EU 2021/914), for example. These are available on request (see contact data under section 1).

You can find additional information on the third-party providers we use in sections 4, 5, 6, and 7).

6.1 Scope of processing

We use cookies on this website to offer you the optimal online experience. Cookies are small text files or other data records that store information on end devices and read information from the end devices. For example, to store the login status in a user account, the contents of a shopping cart in an e-shop, the contents accessed or the functions used of an online offer. Cookies can also be used for various purposes, e.g. for purposes of functionality, security and convenience of online offers as well as the creation of analyses of visitor flows.

We use cookies in accordance with the statutory provisions. Therefore, we obtain prior consent from users, except when it is not required by law. In particular, consent is not required if the storage and reading of information, including cookies, is strictly necessary in order to provide the requested online service. The revocable consent will be clearly communicated to you and will contain the information on the respective cookie use.

The following distinction is made regarding the functions:

• Technical (also: essential or strictly necessary) cookies
• Marketing and analysis (also: non strictly necessary) cookies

With regard to the retention period, a distinction is drawn between the following types of cookies:

• Temporary cookies (also known as “session cookies”): Temporary cookies are deleted at the latest after a user has left an online service and closed his or her browser.
• Permanent cookies: Permanent cookies remain stored even after the browser is closed. For example, the login status can be saved, or preferred content can be displayed directly when you visit a website again. Such cookies can also store the interests that are used to measure reach or for marketing purposes.

Processing Cookie Data on the Basis of Consent

We use a cookie management solution in which your consent to the use of cookies, or the procedures and providers mentioned in the cookie management solution, can be obtained, managed and revoked by you. The declaration of consent is stored so that it does not have to be retrieved again and the consent can be proven in accordance with the legal obligation. Storage can take place server-sided and/or in a cookie (so-called opt-in cookie or with the aid of comparable technologies) in order to be able to assign the consent to a user and/or his/her device. Subject to individual details of the providers of cookie management services, the following information applies: The duration of the storage of the consent can be up to two years. In this case, a pseudonymous user identifier is formed and stored with the date/time of consent, information on the scope of the consent (e.g. which categories of cookies and/or service providers) as well as the browser, system and used end device.

To manage consent to cookies, we use the services of CookieHub, CookieHub ehf, Hafnargata 55, 230 Reykjanesbær, Island (https://www.cookiehub.com/). You can find the privacy policy under the following URL: https://www.cookiehub.com/privacy-policy.

You can find an exact listing of all the cookies we use here [Insert link to “cookie overview”].

6.2. Legal basis

The legal basis for the processing of your data using technically necessary cookies is Art 6 Paragraph 1 lit f GDPR. If consent was requested (to use analysis cookies, for example), the processing will be based on Art. 6 para. 1 lit a GDPR.

6.3. Duration of storage / Objection and removal options

Cookies are stored on your computer and transmitted to our site. Therefore, you as a user have full control over the use of cookies.

Depending on whether the processing is based on consent or legal permission, you have the option at any time to revoke your consent or to object to the processing of your data using cookie technologies ( collectively referred to as “opt-out”). You can first explain your objection using the settings of your browser, e.g. by deactivating the use of cookies. An objection to the use of cookies for online marketing purposes can also be declared using a variety of services, especially in the case of tracking, via the websites https://optout.aboutads.info and https://www.youronlinechoices.com/. In addition, you can receive further objection notices in the context of the information on the service providers and cookies used.

If you deactivate cookies on our website, you might not be able to use all the functions of our online services to their full extent.

8.1. Scope of processing

We maintain online presences within social networks and process user data in this context in order to communicate with the users active there or to offer information about us.

On our website, you’ll find links to the following social media platforms:

Instagram, Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (https://www.instagram.com);

Facebook, of Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (https://www.facebook.com);

LinkedIn, of LinkedIn Ireland Unlimited Company, Wilton Plaza Wilton Place, Dublin 2, Ireland (https://www.linkedin.com/);

Pinterest, of Pinterest Europe Ltd., Palmerston House, 2nd Floor, Fenian Street, Dublin 2, Ireland (https://www.pinterest.at/); as well as

YouTube, of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (www.youtube.com).

We may view and process the following data you publish on the platforms:

• Basic data (e.g. names, addresses)
• Contact details (e.g. e-mail, telephone numbers).
• Content data (e.g. text entries, photographs, videos).
• Usage data (e.g. websites visited, interest in content, access times)
• Meta/communication data (e.g. device information, IP addresses)

Furthermore, your data within social networks will normally be processed for market research and advertising purposes. This means, for example, user profiles can be created using your user behaviour and the resulting interests. The user profiles can then be used to show ads inside and outside the networks that presumably match your interests.

Cookies are normally stored on your computers for those purposes. Furthermore, data can be stored in the user profiles independently of the devices you used (especially if you are a member of the platform in question and are logged into it).

8.2. Legal basis

The legal basis for processing your data is our legitimate interests pursuant to Art. 6 para. 1 lit f GDPR.

8.3. Duration of storage / Objection and removal options

For a detailed presentation of the respective forms of processing, the storage period, and the options for objecting (opt-out), please see the privacy policy and information from the operator of the network in question.

• Privacy policy for Facebook: https://www.facebook.com/about/privacy;
  Privacy policy for Facebook pages: https://www.facebook.com/legal/terms/information_about_page_insights_data;
  Facebook (opt-out): https://www.facebook.com/settings?tab=ads 
  You can find information on data protection regarding the agreement on the joint processing of personal data on Facebook pages under https://www.facebook.com/legal/terms/page_controller_addendum;
• Privacy policy for Instagram: http://instagram.com/about/legal/privacy;

You can find the standard contract clauses of META (Facebook and Instagram) under the following URL: https://www.facebook.com/legal/EU_data_transfer_addendum.

• Privacy policy for LinkedIn: https://www.linkedin.com/legal/privacy-policy;

(Opt-out): https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out;

LinkedIn’s standard contract clauses are found in the following: https://de.linkedin.com/legal/l/dpa?;

• Privacy policy for Pinterest: https://policy.pinterest.com/de/privacy-policy;
• Privacy policy for YouTube: https://policies.google.com/privacy; 
  YouTube (opt-out): https://adssettings.google.com/authenticated.

9.1. Scope of processing

Our website gives you the opportunity to subscribe to a free newsletter. If you register for the newsletter, the data from the input mask will be transmitted to us. During the registration procedure, we will obtain your consent to the processing of the data and refer you to this privacy policy.

The registration to our newsletter takes place in general in a so-called Double-Opt-In procedure. This means that you will receive an e-mail after registration asking you to confirm your registration. This confirmation is necessary so that no one can register with external e-mail addresses. The registrations for the newsletter are logged in order to be able to prove the registration process. This includes storing the login and confirmation times as well as the IP address.

If you purchase goods or services on our internet sites and input your e-mail address to that end, we may subsequently use it to send a newsletter. In such a case, only direct advertising for our own similar goods or services is sent through the newsletter, and no additional consent is needed for this pursuant to § 174 para. 4 TKG [German Telecommunication Act].

We collect your e-mail address so we can send you our newsletter. Our newsletter will inform you about us, our services, and promotions and offers.

9.2. Legal basis

The legal basis for processing the data after you register for the newsletter is your consent pursuant to Art. 6 para. 1 lit a GDPR. If the newsletter is sent due to the purchase of goods or services, the legal basis is § 174 para. 3 TKG and Art. 6 para. 1 lit f GDPR.

9.3. Duration of storage / Objection and removal options

You may cancel your subscription to the newsletter at any time. For this purpose you will find a link in each newsletter. Accordingly, your e-mail address will be stored as long as your subscription to our newsletter is active.

10.1. Scope of processing

Our website gives you the opportunity to a) book accommodations or b) send us an inquiry concerning accommodations by using the platform booking&more. As part of that process, the data to be entered into the input mask (name, address, e-mail address, telephone number, and possibly payment data) will be transmitted to the accommodations provider only if a booking is made. booking&more is a service of Feratel Media Technologies AG, Maria-Theresien-Str. 8, 6020 Innsbruck (https://www.feratel.at/). You can find Feratel’s privacy policy under the following URL: https://www.feratel.at/datenschutz/. You can find booking&more’s privacy policy under the following link:https://my.bookingandmore.com/privacy_policy.

10.2. Legal basis

The legal basis for processing the data is the initiation or performance of a contract pursuant to Art. 6 para. 1 lit b GDPR.

10.3. Duration of storage / objection and removal options

The data will be stored until the contract has been completely performed or, if required under commercial or tax law, beyond that.

11.1. Scope of processing

On our website, you can order current brochures and catalogues to learn about Lech-Zürs and all its possibilities as a holiday resort. To do so, you must enter your contact and address data in the input mask provided for that purpose, and we will store that data. By disclosing those data, you allow us to send you the information and offers you selected.

11.2. Legal basis

The legal basis for processing the data is the initiation or performance of a contract pursuant to Art. 6 para. 1 lit b GDPR.

11.3. Duration of storage

Your data will be stored until your inquiry or order has been completed or as long as statutory retention obligations prescribe such storage.

If your personal data are processed, you are a data subject within the meaning of the GDPR and you have the following rights vis-à-vis us as the controller:

Right to information

You have the right to obtain confirmation as to whether or not data concerning you are being processed, to obtain information about such data, and to obtain further information and a copy of the data in accordance with the statutory provisions.

Right to rectification

Pursuant to the statutory provisions, you have the right to request the completion of the data concerning you or the correction of incorrect data concerning you.

Right to erasure and restriction of the processing

Pursuant to the statutory provisions, you have the right to demand that data concerning you be erased without delay or, alternatively, to demand that the data processing be restricted in accordance with the statutory provisions.

Right to data portability

You have the right to receive the data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format, in accordance with the statutory provisions, or to have that data transmitted to another controller;

Right to object

You have the right, on grounds arising from your particular situation, to object at any time to the processing of your personal data which is based on Art 6 para 1 lit e or f GDPR, including profiling based on those provisions. Where your personal data are processed for direct marketing purposes, you have the right to object at any time to the processing of the personal data concerning you for the purpose of such marketing, which includes profiling to the extent that it is related to such direct marketing.

Right to withdraw consent

You have the right to withdraw any consent you have granted (with effect for the future). Withdrawing consent will not affect the lawfulness of the processing already performed based on that consent.

Complaint to the supervisory authority

Without prejudice to any other judicial remedy, you also have the right to lodge a complaint with a data protection supervisory authority, if you consider that the processing of personal data concerning you infringes the GDPR. For the purposes of the GDPR, the supervisory authority is the Datenschutzbehörde (data protection authority), Barichgasse 40 - 42, 1030 Vienna, Tel: +43/1-52 152-0, 
E-Mail: dsb@dsb.gv.at.

The data protection authority shall inform you on the progress and the outcome of the complaint including the possibility of a judicial remedy.

We ask you to reread the content of our privacy policy on a regular basis. We adjust the privacy policy whenever this is required by changes to the data processing operations we perform. We will inform you as soon as those changes require cooperative action on your part (such as providing consent) or another individual notification is necessary.

Lech, June 2023