Privacy Policy
Data Protection at a Glance
General Information
The following information provides a simple overview of what happens to your personal data when you visit our website. Personal data is any data by which you can be personally identified. Detailed information on the subject of data protection can be found in our privacy policy set out below.
Data Collection on Our Website
Who is responsible for data collection on this website?
Data processing on this website is carried out by the website operator:
Moar Gut Hotel GmbH
Moargasse 22
5611 Großarl
Austria
Phone: +43 (0)6414 318
Fax: +43 (0)6414 318-44
Email: info@moargut.com
Website: www.moargut.com
Data Protection Officer
Statutory Data Protection Officer
We have appointed a data protection officer for our company:
Elisabeth Kendlbacher
Moar Gut Hotel GmbH
Moargasse 22
5611 Großarl
Austria
Phone: +43 (0)6414 318
Email: info@moargut.com
How do we collect your data?
Some data is collected when you provide it to us, for example by entering information into a contact form. Other data is collected automatically by our IT systems when you visit the website. This is primarily technical data (e.g., internet browser, operating system, or time of page access). This data is collected automatically as soon as you enter our website.
What do we use your data for?
Some of the data is collected to ensure that the website is provided without errors. Other data may be used to analyze your user behavior.
Analysis Tools and Third-Party Tools
When you visit our website, your browsing behavior may be statistically analyzed. This is done primarily using cookies and so-called analysis programs. The analysis of your browsing behavior is generally anonymous; browsing behavior cannot be traced back to you. You can object to this analysis or prevent it by not using certain tools. Detailed information can be found in the following privacy policy.
You may object to this analysis. We will inform you about the options to object in this privacy policy.
SSL or TLS Encryption
This site uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as orders or inquiries that you send to us as the site operator. You can recognize an encrypted connection by the browser’s address line changing from “http://” to “https://” and by the lock icon in your browser line. If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.
Encrypted Payment Transactions on This Website
If, after concluding a paid contract, you are required to transmit your payment data (e.g., account number for direct debit authorization), this data is required for payment processing.
Payment transactions via common payment methods (Visa/MasterCard, direct debit) are carried out exclusively via an encrypted SSL or TLS connection.
With encrypted communication, your payment data cannot be read by third parties.
Data Collection on Our Website
Cookies
Some of our web pages use so-called cookies. Cookies do not harm your computer and do not contain viruses. They are used to make our website more user-friendly, effective, and secure. Cookies are small text files stored on your device and saved by your browser.
Most of the cookies we use are “session cookies.” They are automatically deleted after your visit. Other cookies remain stored on your device until you delete them. These cookies enable us to recognize your browser on your next visit. You can configure your browser to inform you about the setting of cookies and only allow cookies in individual cases, exclude acceptance of cookies for specific cases or in general, and activate automatic deletion of cookies when closing the browser. Disabling cookies may limit the functionality of this website. Necessary cookies are those required for the essential functions of a website, such as saving login data, shopping cart contents, or language preferences (session cookies). Non-essential cookies are text files that do not serve solely the functionality of the website but also collect other data. These include:
• Tracking cookies
• Targeting cookies
• Analysis cookies
• Social media cookies
Necessary cookies may be set without prior user consent. Visitors must consent before non-essential cookies are stored.
Server Log Files
We automatically collect and store information in server log files that your browser transmits to us. These are:
• Browser type and version
• Operating system used
• Referrer URL
• Host name of the accessing computer
• Time of server request
• IP address
This data is not merged with other data sources. Data processing is based on Art. 6(1)(b) and (f) GDPR. We have a legitimate interest in the technically error-free presentation and optimization of our website. It also serves to fulfill a contract or pre-contractual measures.
Contact by Email, Contact Form, Telephone or Fax
If you contact us via email, contact form, telephone, or fax, your inquiry including all resulting personal data (name, email, inquiry) will be stored and processed for the purpose of handling your request. We do not pass this data on without your consent.
Processing is based on Art. 6(1)(b) GDPR if related to contract performance or pre-contractual measures, or on our legitimate interests (Art. 6(1)(f) GDPR).
Your data remains with us until the purpose for storage no longer applies or you request deletion. Mandatory statutory retention periods remain unaffected
Zimres – Online Bookings and Booking Inquiries
Our website uses the booking technology Zimres, provided by Elmar Pircher GmbH, Kirchweg 4, I-39014 Burgstall (BZ), Italy. We have concluded a data processing agreement with Zimres.
For online bookings or inquiries, we require your email address, travel dates, booked product, title, first and last name. In individual cases, your phone number may also be requested.
Processing is based on Art. 6(1)(b) GDPR and serves contract fulfillment or pre-contractual measures. Data remains until the purpose no longer applies. Legal retention obligations remain unaffected.
We have concluded a data processing agreement with Zimres.
Incert – Voucher Purchase and Management
We use voucher software from Incert eTourismus GmbH & Co KG, Linz, Austria.
For online voucher purchases, we require your email address and the recipient’s title, first and last name, as well as delivery method details.
Processing is based on Art. 6(1)(b) GDPR (contract fulfillment) and Art. 6(1)(c) GDPR (legal retention obligations).
We have concluded a data processing agreement with Incert.
Registration on This Website
You may register on our website to use additional features. Data entered is used only for the respective service. Mandatory registration data must be provided in full.
Processing is based on your consent (Art. 6(1)(a) GDPR). You may revoke consent at any time. Data remains stored as long as you are registered. Legal retention periods remain unaffected.
Cookie Consent
We use the cookie consent technology of vioma GmbH (Offenburg, Germany). A vioma cookie stores your consent choices. These data are not passed on to us.
You may revoke your consent at any time. Logging of consent is based on Art. 6(1)(c) GDPR in conjunction with § 76 BDSG.
We have concluded a data processing agreement with vioma.
Withdrawal of Your Consent
The consent you have given in the cookie consent dialog to the storage of certain cookies, or the withdrawal of this consent, can be revoked at any time with effect for the future. If you would like to change the selection you made in the cookie consent dialog, please click here. After clicking the link, the cookie consent dialog will appear again and you can change your selection. Alternatively, you may ask us to delete your data or delete the vioma consent cookie yourself in your browser. From that point onward, we will no longer process your data. The recording (logging) of your consent/non-consent is carried out on the basis of a legal obligation pursuant to Section 76 BDSG and Art. 6(1) sentence 1 lit. c GDPR. Mandatory statutory retention periods remain unaffected.
Conclusion of a Data Processing Agreement
To ensure processing in compliance with data protection law, we have concluded a data processing agreement with vioma.
OpenStreetMap
We use OpenStreetMap (OSM) to display directions. Provider: OpenStreetMap Foundation, Cambridge, UK. The UK is considered a secure third country with an adequate level of data protection.
Use is based on Art. 6(1)(a) GDPR (consent).
Further information: https://wiki.osmfoundation.org/wiki/Privacy_Policy
Analysis Tools and Advertising
External Tracking Services
This website uses:
• Meta Pixel (Meta Platforms Ireland Ltd)
• Google Ads (Google Ireland Ltd)
• Pinterest Tracking (Pinterest Europe Ltd)
• User Adaptive Content (vioma GmbH)
• Google Analytics 4 Signals (Google Ireland Ltd)
Google Analytics 4 (with Google Signals)
Provider: Google Ireland Limited.
Google Analytics enables analysis of user behavior (page views, duration, operating systems, origin, etc.). Data may be transferred to servers in the USA.
Processing is based on Art. 6(1)(a) GDPR (consent). Consent can be revoked at any time.
Browser plugin: https://tools.google.com/dlpage/gaoptout
Privacy policy: https://support.google.com/analytics/answer/6004245
Browser Plugin
You can prevent Google from collecting and processing your data by downloading and installing the browser plugin available at the following link:
https://tools.google.com/dlpage/gaoptout?hl=de
For more information on how Google Analytics handles user data, please refer to Google’s privacy policy:
https://support.google.com/analytics/answer/6004245?hl=de
Google Signals
We use Google Signals. When you visit our website, Google Analytics collects, among other things, your location, search history, YouTube history, and demographic data (visitor data). This data can be used for personalized advertising with the help of Google Signals.
If you have a Google account, the visitor data collected via Google Signals will be linked to your Google account and used for personalized advertising messages. The data is also used to create anonymized statistics on user behavior.
Google Analytics E-Commerce Tracking
This website uses the “E-Commerce Tracking” feature of Google Analytics. With the help of e-commerce tracking, the website operator can analyze the purchasing behavior of website visitors in order to improve online marketing campaigns.
Information such as completed orders, average order values, shipping costs, and the time from viewing to purchasing a product is recorded. This data can be consolidated by Google under a transaction ID assigned to the respective user or their device.
Data Processing
We have concluded a data processing agreement with Google and fully comply with the strict requirements of the German data protection authorities when using Google Analytics.
Data transfers to the USA are based on the EU Commission’s Standard Contractual Clauses.
Details can be found here: https://privacy.google.com/businesses/controllerterms/mccs/
Google Ads with Conversion Tracking
We have integrated Google Ads on this website. The service provider of Google Ads is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
Google Ads allows us to display advertisements in the Google search engine or on third-party websites when users enter certain search terms in Google (keyword targeting). In addition, targeted advertisements can be displayed based on user data available to Google (e.g., location data and interests) (audience targeting).
As website operators, we can evaluate this data quantitatively, for example by analyzing which search terms led to the display of our advertisements and how many ads resulted in corresponding clicks. The purpose of Google Ads is to promote our website by displaying interest-based advertising on third-party websites and in Google search results. If you reach our website via a Google advertisement, a so-called conversion cookie is stored on your IT system by Google. A conversion cookie expires after thirty days and does not serve to identify you personally. As long as the cookie has not expired, it enables tracking of whether certain subpages (e.g., the shopping cart page of an online shop system) have been accessed on our website.
Through the conversion cookie, both we and Google can track whether a user who reached our website via an AdWords advertisement generated revenue, i.e., completed or abandoned a purchase. The data and information collected through the use of the conversion cookie are used by Google to create visitor statistics for our website. We use these statistics to determine the total number of users referred to us via Ads advertisements, to evaluate the success or failure of respective Ads campaigns, and to optimize our Ads campaigns for the future.
Neither our company nor other Google Ads advertisers receive information from Google that could identify you personally.
Personal data, such as the websites you visit, are stored via the conversion cookie. With each visit to our website, personal data—including the IP address of your internet connection—are transmitted to Google in the United States of America. This personal data is stored by Google in the United States. Google may, under certain circumstances, pass on this personal data collected via the technical process to third parties. These processing operations are carried out exclusively on the basis of your explicit consent in accordance with Art. 6(1)(a) GDPR. Google LLC, the parent company, is certified under the EU-US Data Privacy Framework. An adequacy decision pursuant to Art. 45 GDPR is therefore in place, allowing personal data to be transferred without additional guarantees or supplementary measures.
Meta Pixel
Used to measure advertising effectiveness. Data may be transferred to the USA.
Processing is based on consent (Art. 6(1)(a) GDPR).
Joint responsibility pursuant to Art. 26 GDPR applies for data collection and transfer to Meta.
Further information: https://www.facebook.com/about/privacy/
Brevo – Newsletter
Provider: Sendinblue GmbH (Brevo), Berlin.
To subscribe, we require your email address and confirmation of ownership.
Processing and analysis (open rates, clicks) are based exclusively on your consent (Art. 6(1)(a) GDPR). You may unsubscribe at any time.
Data is stored until you unsubscribe. A suppression list may be maintained to prevent future mailings (Art. 6(1)(f) GDPR).
YouTube (Enhanced Privacy Mode)
Provider: Google Ireland Limited.
Enhanced privacy mode means no data is stored before video playback. Data transfer to Google/USA may occur once a video is played.
Use is based on Art. 6(1)(f) GDPR (legitimate interest) or Art. 6(1)(a) GDPR (consent), where required.
Privacy policy: https://policies.google.com/privacy
Pinterest Plugin
Provider: Pinterest Europe Ltd, Dublin.
When visiting a page with a Pinterest plugin, data may be transmitted to the USA.
Processing is based on consent (Art. 6(1)(a) GDPR).
Privacy policy: https://policy.pinterest.com/privacy-policy
Your Rights
Right to Information, Deletion and Correction
You have the right to obtain free information about your stored personal data, its origin, recipients, and purpose of processing, and, where applicable, a right to correction or deletion.
Right to Restriction of Processing
You have the right to request restriction of processing in certain circumstances (e.g., contesting accuracy, unlawful processing, legal claims, pending objection).
Right to Withdraw Consent
You may withdraw your consent at any time. Processing carried out before withdrawal remains lawful.
Right to Object (Art. 21 GDPR)
If processing is based on Art. 6(1)(e) or (f) GDPR, you have the right to object at any time for reasons arising from your particular situation.
If your data is processed for direct marketing, you have the right to object at any time. After objection, your data will no longer be used for direct marketing.
Right to Lodge a Complaint
You have the right to lodge a complaint with a supervisory authority, particularly in your country of residence, workplace, or place of the alleged infringement.
Right to Data Portability
You have the right to receive data processed automatically on the basis of your consent or a contract in a commonly used, machine-readable format, or to have it transmitted to another controller where technically feasible.