Who is responsible for the processing of your data and who can you contact?
The responsible entities for the processing of your data in accordance with data protection regulations are:
- Eurotours Gesellschaft m.b.H. (Kirchberger Straße 8, A-6370 Kitzbühel, Austria) and its affiliated companies
- Eurotours Deutschland GmbH (Parkring 2, 85748 Garching bei München, Germany)
- Eurotours Cesko sro (Křižíkova 2110/2b, 186 00 Praha 8-Karlín-Praha 6-Nové Město, Czech Republic)
- Eurotours Polska spolká z o.o. (Rynek Główny 7/5, 31-042 Kraków, Poland)
- Eurotours Italia S.r.l. (Via Chiesolina, 16, 37066 Sommacampagna VR, Italy)
- Verkehrsbüro Touristik GmbH
The data protection representative for the German-speaking area is located at Kirchberger Straße 8, A-6370 Kitzbühel, Austria (Tel.: +43/1/58800-752; E-Mail: firstname.lastname@example.org).
What categories of data are processed?
Due to our obligation to fulfill the contract concluded with you, we process:
Customer master data – When you contact us, register with us, or use our services, we collect general information about you to be able to contact you about our offers and to correspond with you during a trip, stay, or other service. This information may include your name, email address, phone numbers, postal address, and, if necessary, gender and date of birth.
Guest and travel information – When you book a trip, stay, or other service with us, we collect directly from you or indirectly (via third parties) details of the trip or stay or other service (such as arrival and departure location and time, airline, hotel, car rental) and other data necessary to complete your bookings. We may also collect special categories of data to provide accessibility, dietary requirements, or other desired services. We may also require passport information from travelers. If we book trips for your companions, we may collect the same categories of data from them. Therefore, please forward this information to all persons whose data you provide in a travel booking. Your customer data is stored in your travel or guest profile, where we record the information required for your travel booking and the provision of our services. You can provide additional data in your travel or guest profile, including login information for frequent flyer programs, government identification numbers, and emergency contact information.
Due to our legitimate interest in sending you personalized advertising and being able to create statistics about user behavior during visits to our websites, we process:
How long will your data be processed?
Your data will be stored for as long and to the extent necessary under the contractual basis. After the contract has been terminated, your data will be kept for 7 years (in Austria) or 10 years (in Germany) in accordance with our accounting obligations. Furthermore, your data will be stored based on our legitimate interests until we receive a justified objection from you or, with your explicit consent, until you revoke this consent.
What purposes are your data processed for?
We use your data for the following purposes:
Providing our services – We use your data for your travel bookings, accommodations, organization of meetings and events, creating travel plans and invoices, sending you communications related to your trip or our products and services, providing customer service, and managing your account.
Processing of payments – We use your basic data and payment information to process transactions and provide customer service related to payments.
Operating websites, mobile applications, and electronic communication – We use device data to ensure the security of online services and optimize the delivery and content of our services, for updates, for non-personal trend and usage analysis related to our services, and to determine the effectiveness of our ads and offers.
Business operations and improvement of business processes – We use your data to comply with our corporate policies and business processes, for accounting and economic purposes, to detect or prevent fraudulent or criminal activities, for business operations, analysis and improvement of our business and services, and otherwise as required by law.
Optimizing services & marketing
We use your data in your and our legitimate interest to optimize our services towards you and for future services, including:
- Use of frequent flyer information and travel preferences
- Pre-filling of forms and payment data
- Use of contact details to communicate service changes
- Contact in case of emergencies
- Collection of feedback on services provided
- Electronic and postal delivery of information about our products and services
If we assume such interest incorrectly on your part, you are welcome to indicate this to us by providing a contrary statement.
Who and how do we share your data with?
In principle, we do not disclose your data to third parties without your consent, either free of charge or for a fee. However, exceptions to this rule apply when we disclose your data based on a legal or contractual obligation, or in accordance with our mutual interests as stated above, including:
Travel providers and other travel service providers – In order to successfully process your travel booking and provide you and any third parties with related travel services, we may disclose data to travel providers (such as airlines and hotels) and travel service providers (such as ticketing systems and travel app providers) as well as their service partners.
Service partners – We disclose data to service providers to the extent necessary for the provision of their services, such as other travel agencies, conference and event planners, visa and passport service providers, restaurants, mobile applications and software developers, as well as partners providing IT support, data hosting, marketing and communication systems, and debt collection services.
Affiliated companies – We disclose data within the legally permissible scope within the corporate family to enable the provision, analysis, and optimization of their and our products and services.
Authorities, banks, and courts – We may disclose data to supervisory authorities, courts, banks, and government agencies if we consider this necessary or permissible in accordance with laws, regulations, or legal proceedings, or to protect your and our interests, rights, property, or those of others.
Business transfers – In the event that we negotiate or conclude a transaction that affects the business in whole or in part (such as restructuring, merger, sale or acquisition), data may be disclosed to third parties involved in this transaction within the legally permissible scope.
We have integrated the Google Analytics component (with anonymization function) on our website. Google Analytics is a web analytics service. The operator of the Google Analytics component is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
The purpose of the Google Analytics component is to analyze visitor traffic on our website. Google uses the data and information obtained, among other things, to evaluate the use of our website, to compile online reports that show the activities on our website, and to provide other services related to the use of our website.
Google Analytics sets a cookie on your IT system. The setting of the cookie enables Google to analyze the use of our website. Each time one of the individual pages of our website, which is operated by us and on which a Google Analytics component has been integrated, is called up, the Internet browser on your IT system is automatically prompted by the respective Google Analytics component to transmit data for the purpose of online analysis to Google. As part of this technical process, Google becomes aware of personal data, such as your IP address, which is used, among other things, to trace the origin of visitors and clicks and to enable commission settlements to be made in the future.
Personal information, such as access time, the location from which access originated, and the frequency of visits to our website, is stored via the cookie. Every time you visit our website, this personal data, including the IP address of the internet connection you are using, is transmitted to Google. Google may also share this personal data collected through the technical process with third parties.
You can prevent the setting of cookies by our website at any time by means of a corresponding setting of the Internet browser you are using and thus permanently object to the setting of cookies. Such a setting of the Internet browser used would also prevent Google from setting a cookie on your IT system. In addition, a cookie already set by Google Analytics can be deleted at any time via the Internet browser or other software programs.
Further information and the applicable data protection provisions of Google can be found at https://www.google.de/intl/de/policies/privacy/ and at http://www.google.com/analytics/terms/de.html. Google Analytics is explained in more detail at https://www.google.com/intl/de_de/analytics/.
Ve Interactive DACH GmbH
International data transfer
What rights do you have?
You have the right to:
- request confirmation as to whether or not personal data concerning you is being processed, and, where that is the case, access to the personal data and information about the processing of such data;
- withdraw your consent to the processing of your personal data at any time, without affecting the lawfulness of processing based on consent before its withdrawal;
- request the rectification of inaccurate personal data concerning you or, where appropriate, the erasure of such data, if there is no longer a legal ground for us to keep the data;
- request the restriction of the processing of your personal data;
- receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller without hindrance from us;
- have your personal data transferred directly from us to another controller, where technically feasible and where doing so does not adversely affect the rights and freedoms of others;
- file a complaint with the Austrian data protection authority if we fail to act on your requests and you believe that your data protection rights have been violated.
How do we protect your data?
We take appropriate administrative, technical, and physical security measures to protect your data from unauthorized access and use. We only store your data for as long as necessary to provide our services and for legitimate operational purposes, unless we are required by laws or regulations or are obliged to store them for a longer period due to legal disputes and government investigations.
General data security measures
We commit ourselves to taking appropriate technical and organizational measures, such as pseudonymization, both at the time of determining the means for processing and at the time of actual processing of your personal data, which are designed to effectively implement data protection and to incorporate the necessary safeguards into the processing in order to comply with the requirements of data protection law and to protect your data.
To this end, we take appropriate measures to ensure that only those personal data concerning you which are necessary for the respective specified processing purpose are processed by default, and thereby ensure that your data is not made accessible to an indefinite number of natural persons without your intervention. These measures include, among other things, the pseudonymization and encryption of your data, as well as the ability to ensure the confidentiality, integrity, availability and resilience of the systems and services related to the processing over the long term, the ability to rapidly restore the availability of personal data and access to it in the event of a physical or technical incident, and the regular review, assessment and evaluation of the effectiveness of the technical and organizational measures to ensure the security of the processing.
Special data security measures
Secure Socket Layer (SSL)
All booking forms through which you transmit personal information to us use an encrypted transmission method (SSL) to ensure the security of your data. “SSL” stands for “Secure Socket Layer”. You can tell that you are on a secure page, meaning that the data on this page has been transferred to your computer using this secure transmission method, by noticing that the address bar (URL) begins with “https://” instead of the usual “http://” and by the display of special symbols in the status bar (usually at the bottom of the window) of your browser.
The encryption takes place between the server and the client (i.e., your computer) in the form of a secure connection, over which any data can be transferred.
For SSL, certificates are necessary to ensure secure transmission, so that one can be sure where the server is located and who operates it.
SSL Certificate Authority: To obtain such a certificate, one needs a kind of “witness” who vouches for the correctness of the data. Our secure servers have been certified by the Comodo Group, Thawte, Inc., and Corporation Service Company (Trusted Secure Certificate Authority 5).
If you have any questions or complaints regarding the processing of your data, please contact our customer service representatives or contact us in writing at:
Eurotours Gesellschaft m.b.H. (Kirchberger Straße 8, A-6370 Kitzbühel, Austria, or email@example.com)
We will review your request and respond in writing within 30 days of receipt.