Privacy Policy

The controller for data processing on this website is:

M.C. Seyrling Hotel GmbH & Co. KG, Albrecht-Dürer-Weg 9, 6100 Mösern, Austria.

Phone: +43 (5212) 52509 · Email: info@sportalm-seefeld.at

We process personal data of our users in principle only insofar as this is necessary to provide a functional website, our content and services, and to respond to your enquiries.

Processing is regularly carried out with your consent or on the basis of another statutory legal basis (see section 10).

This website is hosted on servers of Amazon Web Services EMEA SARL, 38 Avenue John F. Kennedy, 1855 Luxembourg, in the European region (AWS Amplify Hosting). AWS is our processor; a data processing agreement pursuant to Art. 28 GDPR is in place.

Each time the website is called up, server log data is automatically processed:

• IP address of the requesting device

• Date and time of access

• Requested URL and HTTP status code

• Amount of data transferred

• User-Agent (browser / operating system)

• Referrer URL

This data is used exclusively for the technical operation, security and stability of the website (e.g. to defend against attacks) and is deleted after a maximum of 30 days. The data is not merged with other data sources or analysed on an individual basis.

Legal basis: Art. 6 (1) (f) GDPR (legitimate interest in secure operation).

When you contact us via the enquiry form or by email, we process the data you provide (name, email address, optionally phone number, travel dates, number of people, message) exclusively to respond to your enquiry.

For server-side email dispatch we may use the service Resend (Resend, Inc., San Francisco, USA) as a processor. A transfer to the USA takes place; it is based on the EU Standard Contractual Clauses and — where applicable — the EU-US Data Privacy Framework. If Resend is not enabled, enquiry data is delivered directly to our email inbox.

Legal basis: Art. 6 (1) (b) GDPR (pre-contractual measures) or Art. 6 (1) (f) GDPR (legitimate interest). Data is deleted as soon as it is no longer required for the processing purpose and no statutory retention obligations apply.

We use cookies and comparable technologies on this website. Cookies are small text files stored on your end device.

Essential cookies (always on): The cookie “sportalm_consent” stores your cookie selection for 6 months. It is technically required to honour your choice on each visit. Legal basis: Art. 6 (1) (f) GDPR and § 96 (3) Austrian TKG 2003.

Optional cookies (only with consent) — statistics, marketing, preferences: Currently no cookies or tracking tools of these categories are active. Should we introduce such tools in the future (e.g. reach measurement, online advertising) we will obtain your explicit consent before they are set. Legal basis: Art. 6 (1) (a) GDPR and § 96 (3) Austrian TKG 2003.

You can change or fully withdraw your consent at any time via the “Cookie settings” link in the footer. Withdrawal does not affect the lawfulness of processing carried out prior to withdrawal.

For fast and responsive image delivery we use the content delivery network service Cloudinary (Cloudinary Ltd., 16 Berkeley Street, London W1J 8DZ, United Kingdom). Each time a page with images is loaded, your IP address is transmitted to Cloudinary so images can be delivered in optimal size and resolution.

Cloudinary may use servers in the EU, the UK and where applicable in the USA. Appropriate safeguards are in place for third-country transfers (in particular EU Standard Contractual Clauses; for the UK the UK Data Transfer Addendum).

Legal basis: Art. 6 (1) (f) GDPR (legitimate interest in performant image delivery).

On individual pages (e.g. “Contact”, “Discover Seefeld”) we embed interactive maps from Google Maps. Provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. When the map loads, your IP address is transmitted to Google. Google may also set its own cookies and transfer data to Google LLC in the USA.

The embed only takes place after your explicit consent via the “preferences” cookie category. As long as you have not consented, the map is not loaded — instead we show a placeholder with a notice and a direct link to Google Maps.

Data transfers to the USA are based on the EU Standard Contractual Clauses and — where applicable — the EU-US Data Privacy Framework. For further information please consult Google’s privacy policy: policies.google.com/privacy

Legal basis: Art. 6 (1) (a) GDPR (consent).

We use the fonts Geist and Fraunces. To protect your privacy these are served exclusively from our own server (self-hosting via next/font). No requests are made to Google Fonts or other third parties when the website is loaded — your IP address is not transmitted to any third party for this purpose.

In the footer we link to our profiles on Instagram (Meta Platforms Ireland Ltd.) and Facebook (Meta Platforms Ireland Ltd.). These are simple hyperlinks; you are only redirected to the respective platform when you click them, at which point their independent data processing begins, over which we have no influence. Please refer to the privacy policies of the respective providers.

• Art. 6 (1) (a) GDPR — consent (e.g. optional cookies, Google Maps)

• Art. 6 (1) (b) GDPR — performance of a contract / pre-contractual measures (e.g. enquiries)

• Art. 6 (1) (c) GDPR — compliance with legal obligations (e.g. retention)

• Art. 6 (1) (f) GDPR — legitimate interest (e.g. secure operation, performance, defence against attacks)

Your personal data is only transferred within the framework of the services described above to the following recipients:

• Amazon Web Services EMEA SARL (hosting/processor, based in Luxembourg, primarily EU data processing)

• Cloudinary Ltd. (image CDN/processor, based in the UK)

• Resend, Inc. (email dispatch, if enabled, based in the USA)

• Google Ireland Limited (Google Maps, only with consent)

Data processing agreements pursuant to Art. 28 GDPR are in place with our processors.

Where data is transferred to countries outside the European Economic Area (in particular USA, United Kingdom), this is based on appropriate safeguards:

• EU Standard Contractual Clauses (Art. 46 GDPR)

• EU-US Data Privacy Framework (where applicable)

• UK Data Transfer Addendum (for transfers to the UK)

We store your data only for as long as is necessary for the respective processing purpose. Once the purpose ceases, data is deleted, unless statutory retention obligations apply (e.g. commercial and tax law, typically up to 7 years).

You have the following rights with regard to your personal data:

• Access (Art. 15 GDPR)

• Rectification (Art. 16 GDPR)

• Erasure (Art. 17 GDPR)

• Restriction of processing (Art. 18 GDPR)

• Data portability (Art. 20 GDPR)

• Objection to processing (Art. 21 GDPR)

• Withdrawal of consent with effect for the future (Art. 7 (3) GDPR)

An informal message to info@sportalm-seefeld.at is sufficient to exercise your rights.

You have the right to lodge a complaint with a data protection supervisory authority. The competent authority in Austria is:

Austrian Data Protection Authority

Barichgasse 40-42, 1030 Vienna

www.dsb.gv.at

We reserve the right to amend this privacy policy so that it always complies with the current legal requirements or in order to reflect changes to our services, e.g. when introducing new services. The latest version of the privacy policy applies on each renewed visit.

For any data protection matters please contact us at:

M.C. Seyrling Hotel GmbH & Co. KG

Albrecht-Dürer-Weg 9, 6100 Mösern, Austria

Email: info@sportalm-seefeld.at