The Company operates in accordance with the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (EU GDPR) as well as the current national Data Privacy Acts. When using the Internet, we are committed to the protection of your personal data by the Federal Act concerning the Protection of Personal Data (Datenschutzgesetz - DSG), on Personal Data Protection or any legal regulation that would replace this law in the future and in accordance with the Regulation (EU) 2016/679 of the European Parliament and of the Council, on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive (hereinafter as “GDPR”).
This Policy is developed to explain our practices regarding the Personal Data we collect from you or about you at hotelschlossweikersdorf.com/ (hereinafter: the "website"), through written or verbal communications with us, when you visit one of our hotels from the MOZART HOTEL GROUP, or from other sources. We use Personal Data primarily to administer, provide, develop and maintain the hotel services, process your reservations, optimize your experience with respect to the services and individualize the communication with you. Please read this Policy carefully to understand how and for what purposes we process your Personal Data.
By using this website or using any of our services and by agreeing to this Policy, you agree to the collection and use of Personal Data as described in this Policy.
Controller: A legal person, CIFCON GmbH, Id. No. 452971 i, with its registered office at Althanstrasse 5, 1090 Wien, Austria, who determines the purposes and means of the processing of Personal Data.
Consent of the data subject: means any freely given, specific, informed and unambiguous indication of the data subject's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of Personal Data relating to him or her;
Processor: A natural or legal person, public authority, agency or other body which processes Personal Data on behalf of the controller.
Recipient: A natural or legal person, public authority, agency or another body, to which the Personal Data are disclosed, whether a Third Party or not.
Third Party: A natural or legal person, public authority, agency or body other than the data subject, controller, Processor and persons who, under the direct authority of the controller or processor, are authorized to process Personal Data.
Supervisory Authority: An independent public authority which is established by a Member State pursuant to Article 51 of the GDPR. Specifically, Austrian Data Protection Authority (Österreichische Datenschutzbehörde), Wickenburggasse 8, 1080 Vienna, Austria, Telephone +43 1 52 152-0, E-Mail: email@example.com
Personal Data: Any information relating to an identified or identifiable natural person (“Data Subject”). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
Processing: Any operation or set of operations which is performed on Personal Data or on sets of Personal Data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
MOZART HOTEL GROUP: PRESIDENT MANAGEMENT Kft., Hungary; CIFCON GmbH, Austria; LIRIKOS Invest s.r.o., Czech Republic – companies from the MOZART HOTEL GROUP's network based in the European Economic Area (EEA).
HOTEL SCHLOSS WEIKERSDORF (furthermore also as hotel) is a hotel operated by the Controller and located at Schloßgasse 9-11, 2500 Baden, Austria.
Standard Contractual Clauses: Sets of standard contractual clauses for transfers as adopted by the European Commission for the international transfer of Personal Data.
Personal Data Breach: A breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, Personal Data transmitted, stored or otherwise processed.
The law prescribes the management of the following data with regard to citizens of third countries:
Citizens of third countries: All persons who are not citizens of a member state of the European Economic Area, including displaced persons. Member states of the European Economic Area are:
Providing the required data by the Guests is a precondition for using hotel services. By signing the registration card, Guests consent to the Company processing the personal data provided by filling in the registration card in order to verify that the contract was concluded and/or performed, as well as to possibly enforce claims.
Also we may ask for information about your joint travelers, including their names and additional information. We may also collect information such as in-app messages and SMS.
In addition to the information we collect from you directly, we may also infer information about you based on the information you provide to us or from Other Information we collect.
It is important for us to keep your Personal Data up to date and accurate at all times, why we may import Personal Data about you from external sources such as public registers. When the law requires that consent be obtained for the processing of certain types of Personal Data or for certain forms of processing, consent will be obtained from you before processing takes place.
We may also collect information about you from third parties, including information from airlines, payment systems and other partners; from online social services consistent with your settings on such services; and from other third-party sources that are lawfully entitled to share your data with us. The Company uses and shares this information only for the purposes described in the relevant contracts with the third parties which are contractually obligated to protect your Personal Data.
We use your Personal Data in different ways where permitted:
- to improve and personalize the services you expect from the Company, to offer you the high level of hospitality in-room and throughout our hotels, conduct marketing events;
At our hotels you can benefit from additional services and facilities, such as breakfast, room service, minibar, pool, restaurants and bars, spa treatments, laundry services, parking, taxi requests, free Wi-Fi, etc. In the event you make use of additional services or facilities at HOTEL SCHLOSS WEIKERSDORF, your Personal Data may be processed to (i) manage the booking and use of such additional hotel services and/or facilities; (ii) administer any advance bookings of additional services and/or facilities to your file; (iii) personalize returning guests’ arrival to the hotel and the choice of room amenities and room features; and (iv) manage the expenses incurred for such additional services and/or facilities.
You are entitled, at any time and without charge, to request us to refrain from processing your Personal Data for marketing purposes or revoke your consent thereto. Also, you have a right to get your Personal Data for the further transfer. You may exercise these rights by contacting us by the address which is stated below.
In case you wish to obtain more details about our data transfer safeguards and the mechanisms in place, you may contact us at GDPR@schlossweikersdorf.at.
The loyalty program of the MOZART HOTEL GROUP is applicable throughout the hotels of the MOZART HOTEL GROUP based in the EEA that is available to guests staying in our hotels. The loyalty program is managed by the Company in cooperation with other companies which are working under the MOZART HOTEL GROUP trademark within the EEA. The loyalty program provides you with a number of benefits during your stay at our hotel, such as gifts, discount for housing, restaurant and massage services. You may take a part in the loyalty program by pressing the button “Become a member” at the website of the hotel. Also you may join the loyalty program by filling the registration form at the front desk of the hotel. In such context, we may process your Personal Data in order to be able to i) create your personal account; ii) provide you with information on your current status in the loyalty program; iii) register your bookings and award points to your membership card; iv) inform you about your rewards once you reach a certain points level; and v) inform you about any changes to the loyalty program.
When you visit and interact with the website and other mobile applications, the Company collects information that does not directly identify you about your use of the site, such as a catalog of the site pages you visit, and the number of visits to our web (“Other Information”). We use Other Information to deliver you email, online (on our sites and other sites) and mobile advertisements. The Company may also use Other Information to allow third-party partners to recognize you as a MOZART HOTEL GROUP’s client when you visit the partner’s website or app, or to recognize you as one of their customers when you visit MOZART HOTEL GROUP websites or apps so that they may provide more relevant offers to you.
Overall, cookies help us provide you with a better website, by enabling us to monitor which pages you find useful and which you do not. Cookies in no way give us access to your computer or any information about you, other than the data you choose to share with us.
You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the website. If you want to remove or block cookies from your device at any time, you can update your browser settings (consult your browser's "help" menu to learn how to remove or block Cookies).
The Company may use collected information, or anonymized Personal Data received from third parties, to understand more about our users. This includes demographic data, such as date of birth, gender and marital status, inferred commercial interests, such as favorite products or hobbies, and other information we may collect from you or from third parties.
Because Other Information does not personally identify you, such information may be disclosed for any purpose where permitted by law. In some instances, we may combine Other Information with Personal Data. If we do combine any Other Information with Personal Data, the combined information will be treated by us as Personal Data in accordance with this Statement.
The term "sensitive information" refers to information related to your racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, health, sex life, or sexual orientation, genetic information, criminal background, and any biometric data used for the purpose of unique identification. We do not generally collect sensitive information unless it is volunteered by you. We may use health data provided by you to serve you better and meet your particular needs (for example, information that you state in the “Notes” section during the reservation procedure).
We do not knowingly collect personal information from individuals under 18 years of age. As a parent or legal guardian, please do not allow your children to submit Personal Data without your permission.
In the event we learn that we have collected Personal Data from a child under the age of 18 without verification of parental consent, steps will be taken promptly to remove that information. If you believe that we have or may have information from or about a child under 18 years of age, please contact us at GDPR@schlossweikersdorf.at.
The Company takes reasonable measures to: (i) protect Personal Data from unauthorized access, disclosure, alteration or destruction, and (ii) keep Personal Data accurate and up-to-date as appropriate. We also seek to require our partners and service providers with whom we share Personal Data to exercise reasonable efforts to maintain the confidentiality of Personal Data about you.
The Company uses SSL cryptography on its website for online reservations. Any information shared by the data subject with the Company shall be encrypted automatically and be protected when transferred through the network. When the information is received by our server, it is decoded by using an individual private key. SSL enables the browser to connect to the website and establish a secure communication channel in a transparent manner. SSL is the most widely used and most successful cryptographic system. In order to use the system, the data subjects simply need to verify their browsers' compatibility.
Other security-related activities The Company shall ensure transparency to control and establish how and what personal data are transferred by applying data transferring devices, who and when entered which data into the system, and shall also make sure that the system can be restored in the case of a failure. Reports are generated with regard to errors occurring in the course of automated processing. The Company shall manage personal data confidentially, and shall not disclose them to unauthorized persons. The Company shall particularly protect personal data from unauthorized access, modification, transfer, publication, deletion or destruction as well as from accidental destruction, harm and inaccessibility due to modification of the applied technology. The Company shall take all security measures in order to ensure the technical protection of personal data.
For online transactions, we use reasonable technological measures to protect the Personal Data that you transmit to us via our website. Unfortunately, however, no security system or system of transmitting data over the Internet can be guaranteed to be entirely secure.
For your own privacy protection, please do not send payment card numbers or any other confidential personal information to us via email.
We will not contact you by mobile/text messaging or email to ask for your confidential personal information or payment card details. In case of receiving a request about your payment card information by e-mail or SMS, please, do not reply, most probably you are communicating with swindlers.
We have an Internal regulation regarding GDPR for our personnel which is available for our guests at the reception of the hotel.
GDPR grants specific rights, summarized below, which you can in principle exercise free of charge, subject to statutory exceptions. These rights may be limited, for example if fulfilling your request would reveal Personal Data about another person, or if you ask us to delete information which we are required by law to keep or have compelling legitimate interests in keeping.
12.1. Right to withdraw consent
12.2. Right to access and rectify your data
12.3. Right to erasure
12.4. Right to restriction of processing
Under certain circumstances described in GDPR, you may ask us to restrict the processing of your Personal Data. This is for example the case when you contest the accuracy of your Personal Data. In such event, we will restrict the processing until we can verify the accuracy of your data.
12.5. Right to object to processing
Under certain circumstances described in GDPR, you may object to the processing of your Personal Data, including where your Personal Data is processed for direct marketing purposes. If you object the processing form marketing purposes, the Company will not process your Personal Data anymore for this purpose.
12.6. Right to data portability
Where you have provided your Personal Data directly to us and where the processing is based on your consent or the performance of a contract between you and us, you have the right to receive the Personal Data processed about you in a structured, commonly used and machine-readable format, and to transmit this data to another service provider.
Should you have unresolved concerns, you have the right to lodge a complaint with a Supervisory Authority where you live or where you believe a breach may have occurred. We encourage you to come to us in the first instance but, to the extent that this right applies to you, you are entitled to complain directly to the relevant Supervisory Authority.
We will make all required updates and changes within the time specified by applicable law and, where permitted by law, may charge an appropriate fee to cover the costs of responding to the request. Such requests must be submitted by email at GDPR@schlossweikersdorf.at or in writing to the following postal address: HOTEL SCHLOSS WEIKERSDORF, Schloßgasse 9-11, 2500 Baden, Austria. To protect your confidentiality, we can only respond to such requests to the email address that you have registered or otherwise provided to us. Please remember that if you make such a request, we may not be able to provide you with the same quality and variety of services to which you are accustomed.
In addition, in some circumstances based on applicable law, you may request that we cease sharing personal information about you with our business partners or that the Company ceases using personal information about you by contacting via email. We will seek to honor those requests consistently with applicable law.
We will destroy your Personal Data as early as practicable and in a way that the Personal Data may not be restored or reconstructed.
If it is printed on paper, Personal Data will be destroyed in a secure manner, such as by cross-shredding or incinerating the paper documents or otherwise and, if saved in electronic form, the personal information will be destroyed by technical means to ensure the information may not be restored or reconstructed at a later time.
If you have given us your contact information (postal address, email address or phone number), we may want to inform you in accordance with any preferences you have expressed, and with your consent where required, about our products and services or invite you to events via email, online advertising, social media, telephone, text message, push notifications, in-app alerts, our customer service call center, and other means.
If you have explicitly consented to receive our newsletters or marketing communications, including in relation to MOZART HOTEL GROUP, we may, from time to time, contact you with information about our services and latest offers and process your Personal Data for this purpose.
If you no longer want to receive our newsletters or marketing communications, please let us know by sending us an email at firstname.lastname@example.org. You can also unsubscribe from our marketing emails by clicking on the unsubscribe link in the emails sent to you. For MOZART HOTEL GROUP, you may also unsubscribe by updating your profile.