Hotel Savoy *** Vienna

Data Protection Declaration

Data Protection Statement of Hotel Savoy BetriebsgmbH

(Revised on 25 May 2018)

Basis

Protection of your personal data and information by means of which your identity may be verified is very important to us at Hotel Savoy BetriebsgmbH. Therefore, we are committed to protect your data in compliance with the applicable data protection laws and to treat any personal data entrusted to us in a responsible manner.

This Data Protection Statement is to inform you about the purposes for which your data will be processed and what will happen to your data. In addition, we are informing you about the recipients to whom your data may be transmitted and who you may contact if you have any questions.

Contact

If you have any questions about the processing of your data, please do not hesitate to contact us at any time:

Hotel Savoy BetriebsgmbH
Handelskai 94-96/4/4
1200 Vienna

Phone: +43 1/ 523 46 46,
Fax: +43 1/ 523 46 40 
Email: office@hotelsavoy.at

Purpose and legal basis of data processing

We will process your data only if data processing is necessary for performance of the contract concluded with you or if we are under a statutory obligation to do so. In particular, your data is required to provide and invoice the services requested by you, including but not limited to fulfilling reservation or information requests, answering your enquiries, booking of tourist guides, restaurant services, rental cars, transfers, tours, and invoicing and verification of the same (B2B, B2C, FIT), ticket bookings, etc.

We are under a statutory obligation to process and/or forward or disclose your personal data to third parties in the following cases: processing of your data is necessary for fulfilling the accommodation contract, for complying with Section 5 of the Austrian Registration Act [Meldegesetz] of 1991 for accommodation providers and with the documentation rights and obligations under the Austrian Value Added Tax Act [Umsatzsteuergesetz] of 1994. Your data will be disclosed to government institutions and authorities which are entitled to information only in accordance with mandatory statutory provisions and/or if we are obliged to comply with a court order.

We need your express consent, which you may withdraw at any time, to send you direct marketing messages, newsletters or other messages which are not directly related to performance of the contract.

Categories of personal data

In order to achieve the aforementioned purposes, we may record personal data or information about you by which you can be identified directly or indirectly. This data includes your surname and first name, your address, your phone number and fax number, your date of birth, your marital status and your language. In connection with your identification the data stated in your ID document will be processed, i.e. passport number, your gender and your nationality. In connection with payments the data of your debit card or bank and credit card will be processed. In order to tailor your stay completely according to your wishes, we will process data about the duration of your stay as per your enquiry and the contact persons, terms and information on personal preferences and needs provided by you in connection with your stay.

Recipients of personal data

In most cases your data will be stored on a local server and will not be disclosed to third parties. However, in certain situations disclosure may be required to offer you the requested services, e.g. if you ask us to book a table in a restaurant or a rental car.

Moreover, we may be required to disclose your data to public authorities or courts to fulfil legal obligations.

We are also obliged to disclose personal data to protect a person's life, health or property.

Retention of data

We will not retain data longer than necessary to fulfil our contractual and/or legal obligations or to defend us against any liability claims that may arise.

Access and erasure

You have a right of access to information about your stored personal data, its source and recipients and the purpose of data processing as well as a right to rectification, data portability, a right to object, a right to restriction of processing and blocking or erasure of inaccurate or inadmissibly processed data at any time.

In the case of changes of your personal data please inform us accordingly.

You may withdraw your consent to use of your personal data at any time. Your request for access, erasure, rectification, objection and/or data portability (in the last case: unless this involves a disproportionate effort) may be sent to the address of Hotel Savoy BetriebsgmbH stated above.

If you are of the opinion that processing of your personal data by us infringes applicable data protection law or that your claims under data protection law have been infringed in any other way, you may lodge a complaint with the competent supervisory authority. In Austria the competent authority is the Austrian Data Protection Authority [Datenschutzbehörde].

Data security

Your personal data is protected through appropriate technical and organisational measures. Those measures include but are not limited to protection against unauthorised, unlawful or accidental access and against processing, loss, use and tampering.

Irrespective of our efforts to observe an appropriately high standard of due diligence at all times it cannot be excluded that information which you have provided to us via the internet will be inspected and used by other persons.

Please note that we therefore assume no liability whatsoever for any disclosure of information due to errors in data transfers that were not caused by us and/or unauthorised access by third parties (e.g. hacker attack on email account or phone, interception of fax messages). In the case of a data breach affecting your personal data despite all security measures taken we shall immediately communicate such data breach to you and notify the competent supervisory authority.

Our website

Our website is hosted by Bookassist (Automatic Netware Limited, trading as Bookassist, Company registration number: IE312796, registered address: 1st Floor South Block, Rockfield Central, Dublin D16 R6V0, Ireland, contact phone no. +353 1 676 2913 / email address: ireland@bookassist.com, website: www.bookassist.org) Please also note the Privacy Statement of Bookassist: https://www.bookassist.com/global/security.jsp?user_language=en

We will ensure with utmost care that the personal information we collect about you will not be used in any way of which you may not be aware or which you may not like or which may infringe data protection principles. When you send us an enquiry, we may in our reply ask you for information, such as your name, your email address, your postal address and/or your phone number. If you decide to provide us with such information, we shall use it exclusively for the purposes stated. Information collected via the website will be processed as described below.

Secure bookings

Our hotel has instructed Bookassist to make available their booking system to us. Bookassist is verified as a service provider by the Thawte Certification Authority. If you decide to book online via the website, you will be forwarded to a booking interface and a booking system of our partner for the Bookassist booking management system. We know that online users are very concerned about security and we have selected our booking system partner carefully. All information transmitted via this website will be encrypted if transmitted in a secure socket layer session and protected against disclosure to third parties. Bookassist have been certified as being in conformity with the PCI DSS (Payment Card Industry Data Security Standards).

Data security

We want to ensure that visitors to our website feel secure when planning and booking their accommodation. The Hotel is under an obligation to protect the information we have collected. The Hotel has a security program for the protection of information in place which protects the data stored in our systems against unauthorised access. Our website is hosted in a secure environment. The servers and systems of the site use data encryption and scrambling technologies as well as firewalls which are in line with the industrial standard. When you enter personal data in connection with a booking or email registration, your data will be protected by means of secure socket layer (SSL) technology to warrant secure data transfer.

Online reservation

When you visit our website your access data will be collected and stored automatically. Such access data includes, without limitation, the site accessed, the files viewed, the date and time of access, the user IP address, data of the retrieving computer, in particular of the browser and operating system, as well as the data volume and a report on successful retrieval. Access data will be used by Bookassist.com for internal statistical purposes to warrant security of our range of services and to optimise offers. If an unlawful act is suspected, access data will be analysed to preserve evidence.

The data you have entered into any of our contact forms or sent us by email will be processed by us. We need that data to process your enquiry and in such cases will also store your IP address for purposes of preservation of evidence. We will not retain data longer than necessary to fulfil our contractual and/or legal obligations or to defend us against any liability claims that may arise.

We will process your data only if data processing is necessary for performance of the contract concluded with you or pre-contractual measures or if we are under a statutory obligation to do so.

Online payment

The credit card data page of Bookassist is protected by means of secure SSL encryption technology. SSL encrypts your name, your credit card number and the expiry date before data is sent via the internet. This ensures privacy of your credit card details during data transfer. In addition, when using a credit card, each debit will be made directly via a secure and direct connection with the bank's system. This ensures that no stolen cards will be used and prevents fraudulent transactions against hotels and customers.

Cookies

This website uses "cookies" to make our offer more user-friendly, more effective and safer.

A "cookie" is a small text file which we transmit to the cookie file of a browser on the hard disk of your computer via our web server. This enables our website to recognise you as a user when a connection is established between our web server and your browser. Cookies help us to establish the frequency of use and the number of users of our website. The content of the cookies used by us is limited to an identification number which no longer allows any direct reference to the user. The main objective of a cookie is to identify visitors to the website.

Two types of cookies are used on this website:

  • Session cookies: are temporary cookies which are stored in the cookie file of your browser until you leave our website and are automatically deleted at the end of your visit.
  • Persistent cookies: are saved on your terminal equipment and allow us to recognise your browser on your next visit in order to enhance user-friendliness.

You may adjust your browser settings so that you will be informed about the placement of cookies and only allow them on a case-by-case basis, accept them for specific cases or generally refuse or automatically delete cookies when you close your browser. The functionality of this website may be restricted as a result of deactivating cookies.