- Mayrhofner Bergbahnen
- Mountain experience summer
- Mountain experience winter
We hereby wish to inform you of the processing of your personal data within the context of the General Data Protection Regulation (GDPR), the Data Protection Law (DPL) and the Telecommunications Law (TL). Please contact us at any time should you need more information.
Personal data means all data containing information about personal or factual circumstances, such as name, address, e-mail address, telephone number, date of birth, age, gender, social security number, video recordings (potentially add more details, photos, payment information etc. Please notify us if changes are made to your personal data. We will collect, process and use your personal data only where this is necessary for the performance of the contract or is required by a legal obligation or if you voluntarily provide us with such data. We will obtain your consent before any further processing of your data. Processing may also take place without your consent where our legitimate interest in data processing outweighs your interest in data protection.
As a rule we will collect your data directly from you. In the context of the contract, however, it may happen that we will collect your data from third parties, such as bookings made via tour operators or booking platforms and similar. We would furthermore state that the provision of personal data is to a certain extent required by law (e.g. tax law) or may result from contractual provisions (e.g. information about the contracting party). Failure to provide the personal data may mean that the contract cannot be concluded.
Performance of services:
In the case of tickets that are issued for a period of one or more days, your name, date of birth, address and payment details will potentially be collected so that the controller knows the individual with whom the contract has been concluded and to whom there is a performance obligation. The processing of these data, and for this purpose, is performed in a legally justified manner upon the basis of the performance of the contract in accordance with Article 6(1)(b) GDPR.
Tickets may be used in several areas operated by legally independent cable car companies. In order to facilitate this, as well as for the purpose of internal billing between the individual cable car companies, data are transferred to IG members (Point 16) and processed by them for approval purposes. The processing of these data, and for this purpose, is performed in a legally justified manner upon the basis of the performance of the contract in accordance with Article 6(1)(b) GDPR as well as our legitimate interest in accordance with Article 6(1)(f) GDPR.
In the case of tickets for which Photocompare is enabled, a reference photo will be taken the first time the ticket is used, provided the terminal in use has the technical capability to do so and the Photocompare process is actually enabled as well. If the ticket is used again, this reference photo will then be compared with an inspection photo and checked to see if the ticket has been given to someone else in an unauthorised manner. The processing of these data, and for this purpose, is performed in a legally justified manner upon the basis of the legitimate interest in accordance with Article 6(1)(f) GDPR.
On the basis of our legitimate interests (i.e. our interest in the analysis, optimisation and business operation of our (web) offer within the meaning of Article 6(1)(f) GDPR)), our offering will include third-party content or service offers in order to integrate content and services.
This assumes that your IP address will be transmitted to such third-party providers because the content cannot be sent to your browser without the IP address. The IP address is required to display this content. Third-party providers may also use so-called web beacons for statistical or marketing purposes. Web beacons can be used to evaluate information such as visitor traffic on the website. For this purpose a cookie may also be set that will contain technical information about your browser and operating system, the referring websites, time spent visiting and other information regarding the use of our website.
Under the provisions of the GDPR you have the right to receive information on any of your personal data that we store, as well as a right to correction, data transmission, objection, limitation of processing and blocking or deletion of incorrect or unlawfully processed data. You have the right to revoke your given consent at any time. Where such revocation is issued, any data processing undertaken up to this point will remain lawful. If you believe that our processing of your personal data violates the applicable data protection law, you may make a complaint to the competent supervisory authority. The Data Protection Authority is the competent body for Austria (https://www.dsb.gv.at/).
Your personal data will be protected by appropriate organisational and technical precautions. These precautions in particular relate to protection against unauthorised, unlawful or accidental access, loss, processing, use or manipulation of data. Please note that we do not accept any liability whatsoever for the disclosure of information owing to errors in data transmission and/or unauthorised access by third parties for which we are not responsible.
In order to perform our contractual or legal obligations, it may be necessary to transfer your data to data processors or to other recipients, in particular to public authorities. Data processors will process your personal information according to strict guidelines and only to the extent necessary to perform such tasks. As an example, our data processors are external IT service providers. Below you will find a list of data processors or recipients of data that we use:
We will only transfer your data to other recipients if you have given us or the recipient your consent to the transmission of data, or if the transmission of data is required to execute or perform the contract, or if we are legally obliged to transmit the data.
We transmit your personal data to recipients within the European Union or to countries for which the European Commission has determined that there exists an appropriate level of data protection. If this is not the case we will ensure, on the basis of suitable guarantees, that the data recipient complies with the GDPR. There is no adequate level of data protection in the USA in particular. If we transmit data to companies in the USA, these companies must be subject to the EU-US Privacy Shield. By self-certifying under the terms of the Privacy Shield, companies are therefore confirming compliance with the provisions of GDPR. Further details on the Privacy Shield can be found at: https://www.privacyshield.gov/welcome.
Retention in order to perform contractual or legal obligations:
We will retain your data for as long as is necessary to perform our contractual or legal obligations. We are thus for example required to keep our accounting records for a period of 7 years from the end of the calendar year in question.
When storing your data we will ensure that such data are only used to the extent necessary for the above-mentioned purposes.
Retention on the basis of your consent:
Subject to your consent, we will store your data for as long as this is specified in your statement of consent or other agreement, for example in the context of a contract made with you.
Retention based on legitimate interests:
We will also store your data for as long as is necessary to defend liability or other claims within the statutory limitation period. Under Austrian law such period is in principle 3 years from the time when the damage and the author of the damage became known.
Reference photos (see Point 2 and 5) are stored for the period of validity of the respective ticket and then erased. Inspection photos (photos used to compare individuals with the reference photo) will be deleted no more than 48 hours after passing through the turnstile. If inspection photos are required to provide evidence of fraud, they will be stored for 14 days.
Video surveillance in or around buildings will be stored for a maximum of 72 hours for the purpose of protecting property. We will store booking inquiries that do not lead to the conclusion of a contract for the purpose of internal analyses (such as analysing our offer) for a period of 12 months. We will save documents relating to job applications for a period of 12 months.
Obligations to delete data on the basis of the right to deletion:
Our obligations to delete data in the event of your exercising your right to deletion pursuant to Article 17 GDPR will not be affected by the above paragraphs.
Our website collects a series of general data and information on each visit. The browser, operating system, previously visited website, page visited, date and time of visit, IP address, internet service provider, amount of data transferred and other similar data and information may all be gathered. Such data will be used by us to maintain the website and to prevent dangers. In this regard we have a legitimate interest in the storage of log files within the meaning of Article 6(1)(f) GDPR.
The anonymous data contained in server log files will be stored separately from all other personal data.
The provider of the following services is Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.
Social Media Plug-In:
For each visit to this website where a Facebook plugin has been embedded, your browser is automatically prompted to download an image of the Facebook plugin. This technical process tells Facebook which specific subpage of our website is being visited. If you are logged into Facebook at the same time, Facebook will recognise which specific subpage is being visited. This information is collected and associated with the respective Facebook account by Facebook without your having to click on the plugin.
If you do not want to transmit such data to Facebook you can prevent it by logging out of your Facebook account.
For more information see https://de-de.facebook.com/privacy/explanation. Please contact us for more information if you wish to object to such data processing.
Facebook Custom Audiences permits visitors to our website to receive targeted interest-based advertising. This is done by placing cookies on your device. These cookies can be used to analyse user behaviour when visiting the website, then used for targeted product recommendations and interest-based advertising.
If you do not want this you can opt out via the following link: https://www.facebook.com/settings/?tab=ads.
The provider of the following services is Google Ireland Limited, Reg# 368047, Gordon House, Barrow Street, Dublin, D04 E5W5, Dublin.
Google Analytics is a service for gathering, collecting and analysing data on the behaviour of visitors to websites. Among other things, Google uses the data and information obtained to evaluate the use of our website and to provide other services related to the use of this website.
Google Analytics sets a cookie that enables Google to analyse the usage of our website. This cookie prompts the browser to send data to Google for the purpose of online analysis. As part of this technical process Google will receive such personal data as the IP address of the data subject, which among other things permits Google to track the origin of visitors and clicks and subsequently to allow the settlement of commissions.
We use the “_gat._anonymizeIp” feature for web analysis via Google Analytics. This feature means that the IP address will be shortened and anonymised by Google.
For more information see https://www.google.com/intl/de_de/analytics/ and https://www.google.de/intl/de/policies/privacy/. Please contact us for more information if you wish to object to such data processing. It is possible to opt out by installing the following plugin: https://tools.google.com/dlpage/gaoptout?hl=de.
We use Google Maps from Google Inc. (1600 Amphitheatre Parkway Mountain View, CA 94043, USA) on our website. When the functions of this map are used, data are transferred to Google. To find out what data Google collects and what these data are used for, click: https://www.google.com/intl/de/policies/privacy/.
Google Remarketing is a feature of Google AdWords that allows us to show you ads if you have previously visited our website.
Google Remarketing sets a cookie that will recognise you when you subsequently visit websites that are also members of the Google advertising network. The cookie is used to store personal information such as the websites visited. Whenever you visit a website that has the Google Remarketing service embedded, your browser automatically identifies itself with Google. As part of this technical process Google will receive such personal data as the user's IP address or browsing habits.
It is possible to opt out via the following link: https://adssettings.google.com/authenticated?hl=de. You can also configure your browser to prevent the use of third-party cookies.
Google AdWords is an internet advertising service that allows advertisers to show ads in Google search engine results as well as on the Google advertising network.
If you have reached our website via a Google ad, a so-called conversion cookie will be placed on your system. The conversion cookie stores personal information such as the web pages visited. A conversion cookie will expire after thirty days and will not be used to identify you. The conversion cookie indicates whether you have visited certain subpages of our website, for example an online shop. The conversion cookie helps both us and Google to determine whether you have generated revenue. The data and information collected will be used by Google to provide visitor statistics for our website. Neither we nor any other advertisers using Google AdWords will receive any information that could identify you.
DoubleClick is an online marketing service that sets cookies in order to provide users with relevant ads. DoubleClick can also track so-called conversions using cookie IDs. This will happen for example if a user sees a DoubleClick ad and later visits the advertiser’s website using the same browser and buys something there. DoubleClick lets your browser automatically establish a direct connection to the Google server. If you are registered with a service provided by Google, Google may associate the visit with your account. Even if you are not registered with Google or have not logged in, it is possible for the provider to find and store your IP address.
You can disable the interest-based ads of providers that are part of the About Ads self-regulatory campaign via the link http://www.aboutads.info/choices; this setting will be deleted when you delete your cookies.
For more information see https://www.google.de/doubleclick.
We use YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA, on this page.
When you visit pages of our website that include integrated YouTube videos, data are transferred to YouTube, stored and evaluated.
If you have a YouTube account and are logged in, this information will be associated with your personal account and the information stored in it. To find out what data Google collects and what these data are used for, click: https://www.google.com/intl/de/policies/privacy/.
On our website we use functions of the social media network Instagram of Instagram LLC, 1601 Willow Rd, Menlo Park CA 94025, USA.
Content embedding features (embed function) allow us to view images and videos. When you access pages using such functions, data (IP address, browser data, date and time, cookies) is transmitted to Instagram, stored and evaluated. If you have an Instagram account and are logged in, this information will be associated with your personal account and the information stored in it. The data protection guidelines, the nature of the information Instagram collects and how it uses it can be found at: https://help.instagram.com/155833707900388.
We use browser push notifications from PushPanda.io. Browser push notifications are notifications that can be displayed on your terminal device without opening the website or the relevant app. No distinctive user data, such as IP addresses or similar, that could allow the user in question to be identified, are saved. If somebody registers for the notification distributor (opt-in process), only an identification code and the geographical IP information (country and state) of the user are sent to PushPanda.io and stored in its database. This code is issued by the respective browser provider (Google, Mozilla, Apple, etc.) and enables the notifications to be sent to the relevant browser later. Notifications are sent by the browser provider itself.
If the opt-in for push notifications is withdrawn (opt-out), all data saved with PushPanda.io is deleted and the identification code will be invalid. You can find information about opting out of push notifications at https://www.pushpanda.io/de/links/abmeldung/. PushPanda.io is a service of Project K GmbH, with headquarters in Innsbruck, Austria.
Our Newsletter will be sent with your consent or with legal permission. If you wish to receive our Newsletter, you need only provide your e-mail address, otherwise the Newsletter cannot be sent. Further information other than your e-mail address is optional and will only be used to personalise the offer (e.g. by selecting a topic to inform you about via the Newsletter). The data will be used for the purpose of sending advertising and will be deleted as soon as you revoke your consent to the sending of the Newsletter. Cancellations may be sent to us via the contact details below, or you can simply unsubscribe directly from the Newsletter.
In order to send you the Newsletter we need confirmation that you are the owner of the e-mail address (so-called double opt-in). This confirmation is required to ensure that you have actually signed up for the Newsletter. Registrations for the Newsletter will be logged in order to provide proof of the registration process, which includes both the storage of the registration and confirmation times, and of your IP address. Changes to your stored data will also be logged. You can cancel your subscription at any time via the cancellation option in the Newsletter.
When retrieving the Newsletter, a web beacon will collect technical information such as information about your browser and system as well as your IP address and the time of retrieval. This information is used for technical improvements to the services based upon the technical data or the target audience and reading behaviour or access times. These statistical surveys will also determine whether the Newsletters were opened, when they were opened and which links were clicked on. This information may for technical reasons be assigned to individual Newsletter recipients.
If the contact form is used, the personal data you provide will automatically be saved. Different personal data may be required by mandatory fields according to the contact form used. If a mandatory field requires personal data, such data must be provided as part of the initiation or performance of the contract or on account of legal obligations.
This data will be stored for processing or contact purposes and will not as a matter of principle be disclosed to any third parties. If we cannot answer a particular request, it will be forwarded along with your personal data to the relevant enterprise for reply.
The personal data you provide will be stored for as long as is necessary for the assertion and/or defence of claims or as required by the relevant legal obligations.
You will receive information about vacancies in our company via our website. As part of the application process, you have the option of submitting your application documents electronically via e-mail, or by post. Your data will be used for evaluation purposes during the application process, for establishing contact during the application process and, where applicable, for establishing an employment relationship.
Mayrhofner Bergbahnen Aktiengesellschaft
FN 32918 i, Landesgericht Innsbruck
Ahornstrasse 853, 6290 Mayrhofen
Community of interests of the Zillertaler Seilbahnen cable car operators:
The controller is a member of the community of interests of the Zillertaler Seilbahnen cable car operators (“IG”), a company under civil law. The cable car companies have merged together to form IG, doing so in particular for marketing purposes as well as for billing purposes. Although it does not have a legal personality, IG is made up of legally independent operating companies. IG is made up of the following members:
FINKENBERGER ALMBAHNEN GmbH
Persal 200, 6292 Finkenberg
FÜGEN-BERGBAHN GesmbH & Co KG
Hochfügenerstr 77, 6263 Fügen
GERLOSPASS –KÖNIGSLEITEN-BERGBAHNEN GmbH
Königsleiten 82, 5742 Wald Königsleiten
SKILIFTGESELLSCHAFT HOCHFÜGEN GmbH
Sennereistraße 1, 6263 Fügen
Telefon: Büro 05288/62319;
HOCHKRIMMLER SEILBAHNENGESELLSCHAFT mbH
Oberkrimml 95, 5743 Krimml
BERGBAHNEN SKIZENTRUM HOCHZILLERTAL GmbH & Co KG
Postfeldstraße 7, 6272 Kaltenbach
MAYRHOFNER BERGBAHNEN AKTIENGESELLSCHAFT
SCHILIFT- ZENTRUM-GERLOS GmbH
TUXER BERGBAHNEN AG
ZELLER BERGBAHNEN ZILLERTAL GmbH & Co KG
ZILLERTALER GLETSCHERBAHN GmbH & Co KG
BERGBAHNEN WILDKOGEL -Oberpinzgauer Fremdenverkehrs-beförderungs- und Bergbahnen AG
5741 Neukirchen am Großvenediger