Boutique Hotel
Saalbach Hinterglemm

book now

Boutique Hotel
Saalbach Hinterglemm

book now
cta-arrow-white Booking
cta-arrow-white Specials
cta-arrow-white Vouchers

Data privacy

I. General

We take data protection seriously

Protecting your privacy when processing personal data is very important to us. When you visit our website, our web servers automatically store the IP address of your internet service provider, the website from which you are visiting us, the pages you visit on our site, and the date and duration of your visit. This information is essential for the technical transmission of the web pages and secure server operation. This data is not evaluated on a personalised basis.

II. Responsible

Sepp Kröll

Wiesern 48
5754 Hinterglemm

Tel.: +43 6541 6308
Fax: +43 6541 630838
E-Mail: info@wiesergut.com

III. Personal data

Personal data is data about you as an individual. This includes your name, address and email address. You do not need to disclose any personal data in order to visit our website. In some cases, we require your name and address as well as other information in order to provide you with the service you require.

The same applies if we send you information material at your request or if we respond to your enquiries. In these cases, we will always inform you accordingly. Furthermore, we only store data that you have provided to us automatically or voluntarily.

When you use one of our services, we generally only collect the data necessary to provide you with our service. We may ask you for further information, but this is voluntary. Whenever we process personal data, we do so in order to provide you with our service or to pursue our commercial objectives.

IV. Contact

When you contact us (e.g. via contact form, email, telephone or social media), the details of the person making the enquiry are processed to the extent necessary to respond to the contact enquiry and any requested measures.
Responding to contact requests within the framework of contractual or pre-contractual relationships is done to fulfil our contractual obligations or to respond to (pre-)contractual enquiries and, in all other cases, on the basis of our legitimate interests in responding to enquiries.

• Types of data processed: Inventory data (e.g. names, addresses), contact details (e.g. email, telephone numbers), content data (e.g. entries in online forms).
• Data subjects: Communication partners.
• Purposes of processing: Contact enquiries and communication.
• Legal basis: Contract fulfilment and pre-contractual enquiries (Art. 6(1)(b) GDPR), legitimate interests (Art. 6(1)(f) GDPR).

V. Automatically stored data

Server log files

The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:

• Date and time of the request
• Name of the requested file
• Page from which the file was requested
• Access status (file transferred, file not found, etc.)
• Web browser and operating system used
• Full IP address of the requesting computer
• Amount of data transferred

This data is not merged with other data sources. Processing is carried out in accordance with Art. 6 (1) lit. f GDPR on the basis of our legitimate interest in improving the stability and functionality of our website.   
For reasons of technical security, in particular to defend against attempts to attack our web server, we store this data for a short period of time. We cannot draw any conclusions about individual persons based on this data. After seven days at the latest, the data is anonymised by shortening the IP address at domain level so that it is no longer possible to establish a connection to the individual user. The data is also processed in anonymised form for statistical purposes; it is not compared with other data sets or passed on to third parties, even in excerpts. The number of page views is only presented in our server statistics, which we publish every two years in our activity report.

Cookies

When you visit our websites, we may store information on your computer in the form of cookies. Many cookies contain a so-called cookie ID. A cookie ID is a unique identifier for the cookie. It consists of a string of characters that can be used to assign websites and servers to the specific web browser in which the cookie was stored. This enables the visited websites and servers to distinguish the individual browser of the person concerned from other Internet browsers that contain other cookies. A specific Internet browser can be recognised and identified via the unique cookie ID.

By using session cookies, the controller can provide users of this website with a user-friendly service that would not be possible without the use of cookies. Without consent, we only use technically necessary cookies on the legal basis of legitimate interest pursuant to Art. 6 (1) lit. f GDPR.

We only use personal cookies to improve our website or for marketing/advertising purposes with your consent. On your first visit, you can voluntarily agree to tracking or analysis via the cookie banner that appears. Your data may be passed on to partners or third-party providers. These cookies are only stored if you explicitly agree to this; the legal basis is then your consent in accordance with Art. 6 (1) (a) GDPR.
You can change your settings for the use of cookies at any time here:

Registration on the website

The data subject has the option of registering on the website of the controller by providing personal data. The following personal data is collected: name, address, telephone number, email address, date of birth, bank details.

When registering on the website of the controller, the IP address assigned by the data subject’s Internet service provider (ISP), the date and time of registration are also stored. This data is stored because it is the only way to prevent misuse of our services and, if necessary, to enable criminal offences to be investigated. In this respect, the storage of this data is necessary to protect the controller. This data will not be passed on to third parties unless there is a legal obligation to do so or the disclosure serves the purpose of criminal prosecution.
The registration of the data subject, who voluntarily provides personal data, enables the controller to offer the data subject content or services that, due to their nature, can only be offered to registered users. Registered persons are free to change the personal data provided during registration at any time or to have it completely deleted from the controller’s database.

You undertake to treat your personal access data confidentially and not to make it accessible to unauthorised third parties. We cannot accept any liability for misused passwords unless we are responsible for the misuse.
With the “stay logged in” function, we want to make your visit to our websites as pleasant as possible. This function allows you to use our services without having to log in again each time. For security reasons, however, you will be asked to enter your password again if, for example, you want to change your personal data or place an order. We recommend that you do not use this function if the computer is used by multiple users. Please note that the “stay logged in” function is not available if you use a setting that automatically deletes stored cookies after each session.

Borlabs Cookie

Our website uses Borlabs Cookie’s cookie consent technology to obtain your consent to store certain cookies in your browser and to document this in accordance with data protection regulations. This technology is provided by Borlabs GmbH – Benjamin A. Bornschein, Hamburger Str. 1, 22083 Hamburg (hereinafter referred to as Borlabs).

When you visit our website, a Borlabs cookie is stored in your browser, in which the consents you have given or the revocation of these consents are stored. This data is not passed on to the provider of Borlabs Cookie.

The data collected is stored until you request us to delete it, delete the Borlabs cookie yourself, or the purpose for data storage no longer applies. Mandatory legal retention periods remain unaffected. Details on data processing by Borlabs Cookie can be found at https://de.borlabs.io/kb/welche-daten-speichert-borlabs-cookie/

Borlabs cookie consent technology is used to obtain the legally required consent for the use of cookies. The legal basis for this is Art. 6 (1) (c) GDPR.

We have concluded a contract for order processing (AV) in accordance with Art. 28 GDPR with the above-mentioned provider. This is a contract required by data protection law, which ensures that the provider only processes the personal data of our website visitors in accordance with our instructions and in compliance with the GDPR.

Google Tag Manager

Our website uses the Google Tag Manager tool from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter: “Google”). We use Google Tag Manager to manage the tools used on our website, which we describe in this privacy policy.

Details regarding these tools can therefore be found in the information regarding the specific tool. We use Google Tag Manager on the basis of our legitimate interest pursuant to Art. 6 (1) (f) GDPR in the integration of tags. The use of Google Tag Manager enables us to integrate additional services on our website.

The tool triggers other tags, which in turn may collect data. Google Tag Manager does not access this data. If deactivation has been carried out at domain or cookie level, this remains in place for all tracking tags implemented with Google Tag Manager. Tag Manager processes and transmits your IP address to servers in the USA.

The data transmitted is pseudonymous only; it is not possible to trace it back to your name. Google bases the transfer of data to the United States on the Transatlantic Data Privacy Framework of 10 July 2023 (TADPF) and, in the case of data transfer to other third countries, on EU standard contractual clauses. A copy of the EU standard contractual clauses is available here. This ensures that a level of protection comparable to that in the EU is maintained.

We have concluded a data processing agreement with Google for the use of Google Tag Manager. Through this agreement, Google assures that it collects data in accordance with the General Data Protection Regulation and guarantees the protection of the rights of the data subject. For more information about Google Tag Manager, please refer to the usage guidelines for this product.

Google Analytics 4

We use Google Analytics 4, a web analytics service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter: “Google”) on our website. In this context, pseudonymous usage profiles are created and cookies are used.
The information generated by the cookie about the use of our website (e.g. IP address of the accessing computer, time of access, referrer URL and information about the browser and operating system used) is usually transferred to Google servers in the USA and processed there.

The use of Google Analytics is based on your consent (Art. 6 (1) sentence 1 lit. a GDPR in conjunction with § 25 (1) TTDSG) to the analysis and optimisation of our online offering and the economic operation of this website. Google therefore processes the information on our behalf in order to evaluate the use of the website, to compile reports on website activity and to provide us with other services relating to website activity and internet use ( ) for the purposes of market research and the design of this website in line with user needs.

We have concluded a data processing agreement with Google for the use of Google Analytics. Through this agreement, Google assures that it will process the data in accordance with the General Data Protection Regulation and guarantee the protection of the rights of the data subject.

The IP address processed by Google Analytics is automatically truncated. The last three digits of your IP address are replaced by a “0”, which prevents assignment.
If necessary, the collected data will be transferred to third parties if this is required by law or if third parties process the data on our behalf. The user data collected via cookies is automatically deleted after 14 months.

The information generated by cookies about the use of our website (e.g. IP address of the accessing computer, time of access, referrer URL and information about the browser and operating system used) is transmitted to Google servers in the USA and processed there. Google relies on the Transatlantic Data Privacy Framework of 10 July 2023 (TADPF) for the transfer of data to recipients based in the USA and, in the case of data transfer to other third countries, on standard contractual clauses approved by the EU Commission as a guarantee for ensuring a level of data protection comparable to that in the EU. You can obtain a copy of the standard contractual clauses here. We only transfer data to Google on the basis of your consent.

You can revoke or adjust your consent at any time with future effect. Further information on data protection in connection with Google Analytics can be found in the Google Analytics Help Centre. Information on Google’s use of data can be found in their privacy policy.

Google Ads

The website operator uses Google Ads. Google Ads is an online advertising programme from Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

Google Ads enables us to display advertisements in the Google search engine or on third-party websites when the user enters certain search terms on Google (keyword targeting). Furthermore, targeted advertisements can be displayed based on the user data available to Google (e.g. location data and interests) (target group targeting). As the website operator can evaluate this data quantitatively, for example by analysing which search terms led to the display of our advertisements and how many advertisements led to corresponding clicks.

The use of this service is based on your consent in accordance with Art. 6 (1) lit. a GDPR and 25 (1) TTDSG. Consent can be revoked at any time. Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here:
https://policies.google.com/privacy/frameworks and
https://privacy.google.com/businesses/controllerterms/mccs/.

Google Maps

This site uses the Google Maps map service. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

To use the functions of Google Maps, it is necessary to store your IP address. This
information is usually transferred to a Google server in the USA and stored there. The provider of this site has no influence on this data transfer. If Google Maps is activated, Google may use Google Web Fonts for the purpose of uniform font display. When you call up Google Maps, your browser loads the required web fonts into your browser cache in order to display texts and fonts correctly.

The use of Google Maps is in the interest of an appealing presentation of our online
offerings and to make it easy to find the locations we have indicated on the website. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR. If consent has been requested, processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and 25 para. 1 TTDSG, insofar as the consent includes the storage of cookies or access to information on the user’s terminal device (e.g. device fingerprinting) within the meaning of the TTDSG. Consent can be revoked at any time.

Data transfer to the USA is based on the standard contractual clauses of the EU Commission.
Details can be found here:
https://privacy.google.com/businesses/gdprcontrollerterms/ and
https://privacy.google.com/businesses/gdprcontrollerterms/sccs/.

For more information on how user data is handled, please refer to Google’s privacy policy: https://policies.google.com/privacy?hl=de.

Google Remarketing

This website uses the functions of Google Analytics Remarketing. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

Google Remarketing analyses your user behaviour on our website (e.g. clicks on specific
products) in order to classify you into specific advertising target groups and then display appropriate advertising messages to you when you visit other online offerings (remarketing or retargeting).

Furthermore, the advertising target groups created with Google Remarketing can be linked to Google’s cross-device functions. In this way, interest-based, personalised advertising messages that have been tailored to you based on your previous usage and surfing behaviour on one device (e.g. mobile phone) can also be displayed on another of your devices (e.g. tablet or PC).

If you have a Google account, you can opt out of personalised advertising at the following link:
https://www.google.com/settings/ads/onweb/.

The use of this service is based on your consent in accordance with Art. 6 (1) lit. a GDPR and 25 (1) TTDSG. Consent can be revoked at any time.

Further information and the data protection provisions can be found in Google’s privacy policy at:
https://policies.google.com/technologies/ads?hl=de.

We use Google Remarketing’s customer matching feature, among other things, to create target groups.
In doing so, we transfer certain customer data (e.g. email addresses) from our customer lists to Google.
Google. If the customers in question are Google users and are logged into their Google account, they will be shown relevant advertising messages within the Google network (e.g. on YouTube, Gmail or in the search engine).

Rapidmail

This website uses Rapidmail to send newsletters. The provider is rapidmail GmbH,
Augustinerplatz 2, 79098 Freiburg i.Br., Germany. Rapidmail is a service that can be used to organise and analyse the sending of newsletters, among other things. The data you enter for the purpose of receiving the newsletter is stored on Rapidmail’s servers in Germany.

For analysis purposes, emails sent with Rapidmail contain a so-called “tracking pixel” that connects to Rapidmail’s servers when the email is opened. This allows us to determine whether a newsletter message has been opened.

YouTube

This website embeds videos from YouTube. The operator of the site is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

We use YouTube in extended data protection mode. According to YouTube, this mode means that YouTube does not store any information about visitors to this website before they watch the video. However, the extended data protection mode does not necessarily exclude the transfer of data to YouTube partners. YouTube establishes a connection to the Google DoubleClick network regardless of whether you watch a video.

As soon as you start a YouTube video on this website, a connection to YouTube’s servers is established.
YouTube. The YouTube server is informed which of our pages you have visited. If you are logged into your YouTube account, you enable YouTube to associate your browsing behaviour directly with your personal profile. You can prevent this by logging out of your YouTube account.

Furthermore, after starting a video, YouTube may store various cookies on your device or use comparable recognition technologies (e.g. device fingerprinting). In this way, YouTube can obtain information about visitors to this website. This information is used, among other things, to collect video statistics, improve user-friendliness and prevent fraud attempts.

After a YouTube video has been started, further data processing operations may be triggered
over which we have no control. YouTube is used in the interest of an appealing presentation of our online offerings. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR. If consent has been requested, processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and 25 para. 1 TTDSG, insofar as the consent includes the storage of cookies or access to information on the user’s terminal device (e.g. device fingerprinting) within the meaning of the TTDSG. Consent can be revoked at any time.

Further information on data protection at YouTube can be found in their privacy policy at: https://policies.google.com/privacy?hl=de.

Online booking service

When you make an online booking at www.wiesergut.com, this is done using the online booking software “Webbox” from Interalp Touristik GmbH. All data required to complete a booking (first name, surname, address, email address, any personal details relating to the booking, etc.) is transmitted in encrypted form and is only processed and stored for the purpose of processing your booking. The software provider Interalp undertakes to handle your data in accordance with data protection regulations and takes all organisational and technical measures to protect it.

Facebook Pixel

This website uses Facebook’s visitor action pixels to measure conversions. This service is provided by Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. However, according to Facebook, the data collected is also transferred to the USA and other third countries.

This allows the behaviour of page visitors to be tracked after they have been redirected to the provider’s website by clicking on a Facebook advertisement. This allows the effectiveness of Facebook advertisements can be evaluated for statistical and market research purposes and future advertising measures can be optimised.

The data collected is anonymous to us as the operator of this website; we cannot draw any conclusions about the identity of the users. However, the data is stored and processed by Facebook, so that a connection to the respective user profile is possible and Facebook can use the data for its own advertising purposes in accordance with the Facebook Data Use Policy. This enables Facebook to place advertisements on Facebook pages and outside of Facebook. As the website operator, we have no influence on this use of the data.

The use of this service is based on your consent in accordance with Art. 6 (1) lit. a GDPR and 25 (1) TTDSG. Consent can be revoked at any time.

Data transfer to the USA is based on the standard contractual clauses of the EU Commission.

Details can be found here:

https://www.facebook.com/legal/EU_data_transfer_addendum and

https://de-de.facebook.com/help/566994660333381.

Insofar as personal data is collected on our website using the tool described here and forwarded to Facebook, we and Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, are jointly responsible for this data processing (Art. 26 GDPR). Joint responsibility is limited exclusively to the collection of data and its transfer to Facebook. The processing by Facebook after the transfer is not part of the joint responsibility. The obligations incumbent upon us jointly have been set out in a joint processing agreement. The wording of the agreement can be found at:

https://www.facebook.com/legal/controller_addendum. According to this agreement, we are responsible for providing data protection information when using the Facebook tool and for the data protection-compliant implementation of the tool on our website. Facebook is responsible for the data security of Facebook products. You can assert your rights as a data subject (e.g. requests for information) regarding the data processed by Facebook directly with Facebook. If you assert your rights as a data subject with us, we are obliged to forward them to Facebook.

You can find further information on the protection of your privacy in Facebook’s privacy policy: https://de-de.facebook.com/about/privacy/.

You can also disable the “Custom Audiences” remarketing feature in the settings for

https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen. To do this, you must be logged in to Facebook.

If you do not have a Facebook account, you can deactivate usage-based advertising from Facebook on the European Interactive Digital Advertising Alliance website:

http://www.youronlinechoices.com/de/praferenzmanagement/.

ONLINE PRESENCE ON FACEBOOK, INSTAGRAM, PINTEREST

If you have given your consent to the respective social media operator in accordance with Art. 6 (1) (a) GDPR, your data will be automatically collected and stored for market research and advertising purposes when you visit our online presence on the above-mentioned social media, from which usage profiles are created using pseudonyms. These can be used, for example, to place advertisements within and outside the platforms that are likely to be of interest to you. Cookies are generally used for this purpose. For detailed information on the processing and use of data by the respective social media operator, as well as contact details and your rights and settings options for protecting your privacy, please refer to the providers’ privacy policies linked below. If you still require assistance in this regard, please contact us.

Facebook page
We operate this page as a communication and information channel to provide information about our offers. Personal data is processed in accordance with Art. 6 (1) lit. f) of the General Data Protection Regulation on the basis of our legitimate interest in using this modern means of information and interaction with users and visitors to the page.
We would like to point out that you use this Facebook page and its functions at your own responsibility. This applies in particular to the use of interactive functions (e.g. commenting, sharing, rating).

Processing of personal data by Facebook:
When you visit our Facebook page, Facebook collects your IP address and other information stored on your computer in the form of cookies. This information is used to provide us, as the operator of the Facebook pages, with statistical information about the use of the Facebook page. Facebook provides more detailed information on this at the following link: http://de-de.facebook.com/help/pages/insights.

The data collected about you in this context is processed by Facebook Ltd. and may be transferred to countries outside the European Union. Facebook describes in general terms what information it receives and how it is used in its data use guidelines. There you will also find information about how to contact Facebook and how to set your advertising preferences. The data usage guidelines and the information required under Article 13(1)(a) and (b) of the GDPR are available at the following link: http://de-de.facebook.com/about/privacy.

Facebook does not conclusively and clearly state how it uses the data from visits to Facebook pages for its own purposes, to what extent activities on the Facebook page are assigned to individual users, how long Facebook stores this data and whether data from a visit to the Facebook page is passed on to third parties, and we are not aware of this.

When you access a Facebook page, the IP address assigned to your device is transmitted to Facebook. According to Facebook, this IP address is anonymised (in the case of “German” IP addresses) and deleted after 90 days. Facebook also stores information about its users’ end devices (e.g. as part of the “login notification” function); this may enable Facebook to assign IP addresses to individual users.

If you are currently logged in to Facebook as a user, a cookie with your Facebook ID is stored on your device. This enables Facebook to track that you have visited this page and how you have used it. This also applies to all other Facebook pages. Facebook buttons embedded in websites enable Facebook to record your visits to these websites and assign them to your Facebook profile. This data can be used to tailor content or advertising to you. If you wish to avoid this, you should log out of Facebook or deactivate the “stay logged in” function, delete the cookies on your device, and close and restart your browser. This will delete Facebook information that can be used to identify you directly. This allows you to use our Facebook page without revealing your Facebook ID. When you access interactive features of the page (like, comment, share, message, etc.), a Facebook login screen will appear. After logging in, you will once again be recognisable to Facebook as a specific user.

Since personal data is transferred to the USA, additional protective measures are required to ensure the level of data protection provided by the GDPR. To guarantee this, we have agreed standard data protection clauses with the provider in accordance with Art. 46 (2) (c) GDPR. These oblige the recipient of the data in the USA to process the data in accordance with the level of protection in Europe. In cases where this cannot be ensured even by this contractual extension, we endeavour to obtain additional regulations and commitments from the recipient in the USA. Further information from the third-party provider on data protection, including the legal basis on which Facebook Ireland relies, as well as information on how you can manage or delete information about you, can be found on the following Facebook website: https://de-de.facebook.com/about/privacy.
Processing of data by us:

Statistical data of various categories is available to us via the so-called “Insights” of the Facebook page. These statistics are generated and provided by Facebook. As the operator of the page, we have no influence on their generation and presentation. We cannot disable this function or prevent the generation and processing of the data. For a selectable period of time and for the categories of fans, subscribers, people reached and interacting people, Facebook provides us with the following data relating to our Facebook page:

  • Total number of page views and activities, post interactions (likes, comments, shared content, clicks on links, etc.), (post) reach, video views, replies,
  • proportion of men and women,
  • Origin in terms of country and city,
  • language,
  • Views and clicks in the shop,
  • clicks on route planners,
  • Clicks on telephone numbers.

Data on Facebook groups linked to our Facebook page is also provided in this way. Due to the constant development of Facebook, the availability and processing of data is subject to change, so we refer you to Facebook’s privacy policy mentioned above for further details. We use this data, which is available in aggregated form, to make our posts and activities on our Facebook page more attractive to users. For example, we use the distribution by age and gender to tailor our approach and the preferred visiting times of users to optimise the timing of our posts. Information about the type of devices used by visitors helps us to adapt the visual design of our posts. In accordance with Facebook’s terms of use, which every user has agreed to when creating a Facebook profile, we can identify the subscribers and fans of the page and view their profiles and other information they have shared.

User rights:
Under the joint responsibility agreement between us and Facebook, Facebook Ireland assumes primary responsibility under the GDPR for the processing of Insights data and fulfils all obligations under the GDPR with regard to the processing of Insights data (including Articles 12 and 13 GDPR, Articles 15 to 22 GDPR and Articles 32 to 34 GDPR). In addition, Facebook Ireland will make the essence of this Page Insights supplement available to the data subjects.
Please feel free to contact us or Facebook if you have any questions. Under the agreement between us and Facebook, we will forward your request to Facebook immediately if Facebook alone is responsible for fulfilling your data subject rights. Facebook Ireland will respond to requests in accordance with our obligations under this Page Insights Addendum.

Instagram page
We operate this page as a communication and information channel to provide information about our offers. Personal data is processed in accordance with Art. 6 (1) lit. f) of the General Data Protection Regulation on the basis of our legitimate interest in using this contemporary means of information and interaction with users and visitors to the page.
We would like to point out that you use this Instagram page and its functions at your own responsibility. This applies in particular to the use of interactive functions (e.g. commenting or rating).

When you visit our Instagram page, Facebook collects, among other things, your IP address and other information stored on your device in the form of cookies. This information is used to provide us, as the operator of the Instagram page, with statistical information about the use of the Instagram page. The data collected about you in this context is processed by Facebook and may be transferred to countries outside the European Union. Facebook describes in general terms in its privacy policy what information Facebook receives and how it is used . There you will also find information about how to contact Facebook and how to set your advertising preferences. The privacy policy is available at the following link: https://help.instagram.com/519522125107875
Facebook does not conclusively and clearly state how it uses the data from visits to Instagram pages for its own purposes, to what extent activities on the Instagram page are assigned to individual users, how long Facebook stores this data and whether data from a visit to the Instagram page is passed on to third parties, and we do not know this.

When you access an Instagram page, the IP address assigned to your device is transmitted to Facebook. According to Facebook, this IP address is anonymised (in the case of “German” IP addresses) and deleted after 90 days. Facebook also stores information about its users’ devices (for example, as part of the “login notification” function); this may enable Facebook to assign IP addresses to individual users.

If you are currently logged in to Instagram as a user, a cookie with your Instagram ID is stored on your device. This enables Facebook to track that you have visited this page and how you have used it. This also applies to all other Instagram pages. Instagram buttons embedded in websites enable Facebook to track your visits to these websites and assign them to your Instagram profile. This data can be used to tailor content or advertising to you. If you wish to avoid this, you should log out of Instagram or deactivate the “stay logged in” function, delete the cookies on your device, and close and restart your browser. This will delete Instagram information that can be used to identify you directly. This allows you to use our Instagram page without revealing your Instagram ID. When you access interactive features on the page (likes, comments, messages and more), an Instagram login screen will appear. After logging in, you will once again be recognisable to Instagram as a specific user.

Since personal data is transferred to the USA, additional protective measures are required to ensure the level of data protection provided by the GDPR. To guarantee this, we have agreed standard data protection clauses with the provider in accordance with Art. 46 (2) (c) GDPR. These oblige the recipient of the data in the USA to process the data in accordance with the level of protection in Europe. In cases where this cannot be ensured even by this contractual extension, we endeavour to obtain additional regulations and commitments from the recipient in the USA. Further information from the third-party provider on data protection and information on how you can manage or delete information about you can be found in the Instagram help section at the following address: https://help.instagram.com/196883487377501.

VI. Security

We have taken technical and administrative security measures to protect your personal data against loss, destruction, manipulation and unauthorised access. All our employees and service providers working on our behalf are bound by the applicable data protection laws.

Whenever we collect and process personal data, it is encrypted before it is transmitted. This means that your data cannot be misused by third parties. Our security measures are subject to a continuous improvement process and our privacy policies are constantly being revised. Please ensure that you have the latest version.

VII. Rights of data subjects

You have the right to information, correction, deletion or restriction of the processing of your stored data at any time, a right to object to the processing, as well as a right to data portability and to lodge a complaint in accordance with the requirements of data protection law.

Right to information:

You can request information from us as to whether and to what extent we process your data.

Right to rectification:

If we process your data that is incomplete or incorrect, you can request that we correct or complete it at any time.

Right to erasure:

You may request that we erase your data if we process it unlawfully or if the processing disproportionately interferes with your legitimate interests. Please note that there may be reasons that prevent immediate erasure, e.g. in the case of statutory retention obligations.

Regardless of whether you exercise your right to erasure, we will erase your data immediately and completely, provided that there are no legal or contractual obligations to retain it.

Right to restriction of processing:

You may request that we restrict the processing of your data if

–           you dispute the accuracy of the data, for a period enabling us to verify the accuracy of the data.

–           the processing of the data is unlawful, but you refuse to have it deleted and instead request that its use be restricted,

–           we no longer need the data for the intended purpose, but you still need this data to assert or defend legal claims, or

–           you have objected to the processing of the data.

Right to data portability:

You may request that we provide you with the data you have provided to us in a structured, commonly used and machine-readable format and that you may transfer this data to another controller without hindrance from us, provided that

–           we process this data on the basis of your revocable consent or for the performance of a contract between us, and

–           this processing is carried out using automated means.

If technically feasible, you may request that we transfer your data directly to another controller.

Right to object:

If we process your data on the basis of legitimate interest, you may object to this data processing at any time; this would also apply to profiling based on these provisions. We will then no longer process your data unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims. You may object to the processing of your data for direct marketing purposes at any time without giving reasons.

Right to lodge a complaint:

If you believe that we are violating German or European data protection law when processing your data, please contact us so that we can clarify any questions. You also have the right to contact the supervisory authority responsible for you, the respective state office for data protection supervision.

If you wish to exercise any of the above rights against us, please contact our data protection officer. In case of doubt, we may request additional information to confirm your identity.

VIII. Changes to this privacy policy

We reserve the right to change our privacy policy if this becomes necessary due to new technologies. Please ensure that you have the latest version. If fundamental changes are made to this privacy policy, we will announce them on our website.

 

All interested parties and visitors to our website can contact us with any data protection questions at:

 

Mr Matthias Baumgartner

Projekt 29 GmbH & Co. KG
Ostengasse 14
93047 Regensburg

 

Tel.: 0941 2986930
Fax:  0941 29869316
Email: anfragen@projekt29.de
Website: www.projekt29.de