Data protection
1. Name and address of the data protection responsible person
The protection of your personal data is of particular concern to us. We therefore process your data exclusively on the basis of the statutory provisions (GDPR, TKG 2003). In this privacy policy, we inform you about the most important aspects of data processing by us.
This declaration sets out how we collect and process the data of those persons (data subjects) who visit our website and make a property inquiry. It also covers the processing of persons who are our contractual partners when concluding a tenancy agreement.
It should be noted in advance that we do not collect and process data from minors (under the age of 18). Our services are aimed exclusively at persons of legal age.
The current version of this privacy policy is available on our website at all times. We will inform the persons already affected of any changes to the processing.
The data protection responsible person is:
Martina Kaplan and Wolfgang Schweifer, apartment@villasolislacus.com, +43 660/3280202, Daniel Gran-Straße 2, 3100 St. Pölten
2. Statistical analysis
During a simple website visit, we only store access data within the framework of so-called server log files. These are data which your browser makes available and which are without personal reference, namely
- Browser type/version
- Operating system used
- Referrer URL (the previously visited page)
- Host name of the accessing computer (IP address)
- Time and date of the server request
This data cannot be assigned to specific persons. This data is not merged with other data sources, and the data is deleted after a statistical analysis. For this purpose, user access to our websites is stored in the server log files, including the IP address. These log files are processed monthly for statistical purposes using analysis software and then deleted. It is not possible to draw conclusions about a specific person when we use the data.
Some functions of our website require the visitor to enter personal data such as name and e-mail address. Names and details can be entered here voluntarily.
The data is processed by us on servers located in Austria and thus within the framework of the EU data protection level.
3. Data collection
Furthermore, we collect and process the following personal data of the data subject on our website as well as in a personal conversation or via correspondence in addition to the above-mentioned (non-assignable) data:
a) Data collection in the course of the inquiry
Title, form of address, first name, surname, street, zip code, city, telephone number, email address
b) Data collection in the course of the reservation service
Title, form of address, first name, surname, street, zip code, city, telephone number, e-mail address
c) Data collection in connection with existing relationships
Title, form of address, first name, surname, street, zip code, city, telephone number, e-mail address, nationality
Information about bank details
Information that has become known in the context of the tenancy/rental relationship (e.g. inquiries, complaints, damage reports, etc.)
4. Intended use and legal basis
We process the data provided by the data subject in order to be able to offer the data subject a suitable vacation apartment in accordance with their request. Furthermore, in order to be able to process the concluded tenancy agreements.
However, the data subject has no entitlement to a vacation apartment from the mere disclosure of data. The data is stored and processed for the purpose of carrying out the business of the controller as a landlord and/or manager of vacation apartments (e.g. tenant registration, rental accounting) and to fulfill the legal and contractual obligations incumbent on them as such.
The processing of the data of the data subject is based on the voluntary provision and consent of the data subject to the necessary data processing.
The legal basis for the processing also lies in the underlying brokerage contract or the respective inventory contract. Without the corresponding data processing, we would not be able to fulfill our contractual obligations.
The legal obligations of Austria and Croatia (including the respective accompanying legal acts) also form a basis for the processing of data.
Your data will be processed by us on servers located in Austria and thus within the framework of the EU data protection level.
Data processing takes place in pseudonymized form. This serves to protect your data. We have taken the necessary organizational and technical precautions to ensure confidentiality and integrity in accordance with Art. 5 GDPR. Our processors have also implemented these measures in accordance with the GDPR.
For example, your data is processed via a secure computer system or stored in secure cabinets. We regularly review our services, databases, networks and security measures. The processors named in point 7 are commissioned with the implementation, testing and maintenance of the computer systems and the operation of the website.
5. Transmission of data
We do not sell your data and do not pass it on to unauthorized persons! However, the data may be passed on to the following recipients in order to fulfill the contract or due to legal obligations:
Federal, state or municipal authorities and/or departments (reporting obligations, etc.), courts.
Commercial or entrepreneurial professionals/trade businesses, energy suppliers, banking institutions, lawyers, tax consultants, insurance companies
Our processors: For the purpose of fulfilling an existing contractual relationship.
For the purpose of pursuing legal interests. Transmission to interest groups or other processors
6. Duration of data storage
Data will be stored in any case for the duration of the reservation of the person concerned as a prospective tenant or for the duration of the existence of an existing relationship between the person concerned and the person responsible. In addition, your data will be stored for the pursuit of legal claims or until a justified request for deletion is received.
7. Data processing
On the basis of a separate agreement on the processing of personal data on our behalf, your data will be processed by our web designer Murauer IT as part of commissioned data processing in accordance with Art. 28 GDPR in accordance with the relevant legal requirements on our behalf. Data about every access to our website is stored exclusively on servers in Austria. However, this does not involve any transfer of your personal data to third parties in the sense of data protection law.
The processor has made a contractual commitment to us to comply with the level of protection of the GDPR and the DSG and to comply with all technical and organizational measures to protect your data.
8. Rights of the data subjects
You can contact us using the contact details given in point 1 to request that your data be updated and amended (Art. 16 GDPR). We will inform you of any changes to our use of your data.
You can revoke your consent to data processing at any time using the above-mentioned contact details. This can be done without giving reasons. However, we would like to point out that further data processing is still permitted if this is necessary for the processing or fulfillment of the underlying contracts (e.g. existing contracts).
In accordance with Art. 15 GDPR, you have the right to information about the data we process about you, as well as the purpose of use, recipients and origin. You can request a written copy of the data stored about you (Art. 20 GDPR).
Under the conditions of Art. 17 GDPR, you have the right to request the deletion of the data. Under the conditions of Art. 18 GDPR, you can request the restriction of the processing of your data. In accordance with Art. 21 GDPR, you can object to data processing at any time. However, if the further use of data is necessary due to legal requirements (e.g. retention obligations), the fulfillment of the contract or to defend against claims for damages by us, this unfortunately takes precedence over your request for deletion and restriction or your revocation of consent. In these cases, we are permitted to continue processing.
In accordance with Art. 22 GDPR, you have the right to object to automated decision-making (profiling).
In the event of a data breach, we will rectify the causes immediately and inform you in accordance with Art. 34 GDPR.
If you believe that unauthorized data processing has occurred, you can lodge a complaint with the supervisory authority (data protection authority).