Skip to content
DE | EN
Alpina Logotext schwarz Alpina von Alpina Holiday Logotext weiß Alpina von Alpina Holiday
Küche Top 10 Ferienwohnung in Buchensteinwand von Alpina Holiday

Privacy Policy

Privacy Notice
The protection of your personal data is of particular importance to us. We therefore process your data exclusively in accordance with legal requirements (GDPR, TKG 2021). In this privacy notice, we inform you about the most important aspects of data processing in connection with our website.

SSL or TLS Encryption
For security reasons and to protect the transmission of confidential content, such as booking requests or messages you send to us, this website uses SSL or TLS encryption. You can recognize an encrypted connection by the fact that the address bar of your browser changes from “http://” to “https://” and by the lock icon in your browser bar.

1. Data Controller
The data controller within the meaning of the General Data Protection Regulation (GDPR) is:
Alpina Holiday GmbH
Represented by the Managing Director, Mr Lukas Wieser
Kirchplatz 1
6370 Kitzbühel
Austria
+43 (0) 664 92 65 518
office@alpina-holiday.at

2. Contacting Us
If you contact us via the form on the website or by email, the data you provide will be stored by us for the purpose of processing your enquiry and in the event of any follow-up questions. We will not pass on this data without your consent.

3. Website hosting (peaknetworks)
We use the services of peaknetworks GmbH, Handwerkerzone 2a, 6134 Vomp / Postal address: Eduard-Bodem-Gasse 6, 6020 Innsbruck, Austria, for the hosting and provision of our website. When you visit our website, the peaknetworks server automatically collects general information (server log files) such as your IP address, the date and time of access, browser type, the operating system used and the referrer URL. Legal basis: Processing is carried out on the basis of our legitimate interest in the secure, stable and error-free provision of our online services (Art. 6(1)(f) GDPR). A legally required data processing agreement (DPA) has been concluded with peaknetworks GmbH in accordance with Art. 28 GDPR. The data is processed exclusively in data centres in Austria and Switzerland.

4. Cookies and Consent Management
Our website uses cookies. These are small text files that are stored on your device via your browser. They do not cause any harm. We use technically necessary cookies to ensure the secure and proper functioning of our website (legal basis: Article 6(1)(f) of the GDPR – legitimate interest). All other cookies (e.g. for Google’s analytical or marketing purposes) are only loaded once you have given us your active consent (legal basis: Article 6(1)(a) GDPR). You can view, change or withdraw your consent at any time via our cookie banner, with effect for the future.

5. Google services (Google Analytics, Google Maps, YouTube)
We use services provided by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA) on our website.

  • Google Analytics is used to analyse user behaviour on our website for statistical purposes.
  • Google Maps is used to display interactive maps to help you find your way here.
  • YouTube is used to embed videos directly on our pages.

Legal basis and consent: The use of these services and the associated storage of data on your device (cookies) takes place exclusively on the basis of your express consent in accordance with Article 6(1)(a) of the GDPR in conjunction with Section 165(3) of the TKG 2021. You actively grant this consent via the cookie banner when you first visit our website.

Withdrawal: You may withdraw your consent at any time with future effect by accessing the cookie settings via our banner on the website again and adjusting your selection.

Data transfer to third countries: In the course of using these services, data may be transferred to the USA. Google LLC is certified under the EU-US Data Privacy Framework (DPF). An adequacy decision by the European Commission therefore applies to the USA, provided that the US companies are registered under this agreement.

6. Online bookings, booking platforms and PMS (Property Management System)
When you make a reservation via our website (direct booking), via an integrated booking widget or via connected external booking platforms (in particular Booking.com and Airbnb, including their sub-sites), we process the data you have entered or submitted (e.g. name, contact details, travel dates, booked category, payment details). 

Use of a PMS / Channel Manager: For the centralised management, synchronisation and processing of bookings, occupancy schedules and guest data, we use the Property Management System (PMS) provided by the service provider onestephost (operated by Inndat GmbH, Urstein Nord 21, 5412 Puch, Austria). Guest data generated on our website or via portals such as Booking.com and Airbnb is transmitted to Inndat GmbH for this purpose and processed there. A legally required data processing agreement (DPA) in accordance with Article 28 of the GDPR has been concluded with Inndat GmbH.

Legal basis: The processing and transfer of data is necessary for the performance of the accommodation contract or for the implementation of pre-contractual measures (Article 6(1)(b) GDPR). Retention period: The data remains in our system for as long as statutory retention obligations (in particular the 7-year tax retention obligation in Austria and provincial registration law requirements) require.

7. Payment service provider (Stripe)
We offer payment via Stripe on our website and as part of the booking process. The provider of these payment services is Stripe Payments Europe Ltd., 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, Ireland. If you choose this payment method, the payment details you enter (e.g. credit card number, expiry date, CVC) will be transmitted directly to Stripe. We do not have access to your full credit card details at any time.

Legal basis: The transfer of data to Stripe is based on Article 6(1)(b) of the GDPR (performance of a contract) and to ensure a secure and smooth payment process (legitimate interest pursuant to Article 6(1)(f) of the GDPR). Further information on data protection at Stripe can be found at: https://stripe.com/at/privacy

8. Newsletter via RapidMail (with double opt-in procedure)
When you subscribe to our newsletter on our website, we process the email address you provide and the time of your subscription.

Double opt-in procedure: To prevent misuse and ensure that no third party can subscribe using your email address without your authorisation, we use the double opt-in procedure. After registering on the website, you will receive a confirmation email at the address you provided. Only once you click on the activation link contained therein will your email address be added to our newsletter mailing list.

Use of rapidmail: Our newsletters are sent via the mailing service provider rapidmail GmbH, Augustinerplatz 2, 79098 Freiburg i.Br., Germany. For this purpose, your registration details (email address, IP address, date and time of registration and confirmation) are transmitted to rapidmail and stored on their servers in Germany. A legally required data processing agreement (DPA) in accordance with Article 28 of the GDPR has been concluded with rapidmail GmbH. rapidmail uses your data exclusively for sending our newsletter and does not pass it on to third parties.

Legal basis: Data processing is carried out exclusively on the basis of your express consent in accordance with Article 6(1)(a) of the GDPR in conjunction with Section 174 of the TKG 2021.

Withdrawal & Retention Period: You may withdraw your consent to receive the newsletter and to the storage of your data at any time with future effect. To do so, simply click on the unsubscribe link at the bottom of each newsletter or send us an informal email. Once you have unsubscribed, your data will be deleted immediately from our mailing list and from RapidMail’s servers.

9. Your rights
You are generally entitled to the rights of access, rectification, erasure, restriction, data portability, withdrawal and objection. If you believe that the processing of your data infringes data protection law or that your data protection rights have otherwise been infringed, you may lodge a complaint with the supervisory authority. In Austria, this is the Data Protection Authority.

Contact Details:
Alpina Holiday GmbH
Kirchplatz 1
6370 Kitzbühel
Österreich
+43 (0) 664 92 65 518
office@alpina-holiday.at