Privacy Policy
The responsible handling of your data is a major concern to us. This privacy policy provides information about how we use your data.
Responsible for processing your personal data on this website is (Legal Notice):
X-Country Hotels & Resorts e.V.
is a project of MTS Austria GmbH
Saalfeldnerstrasse 14
5751 Maishofen
Austria - Europe
Tel: +43 6542 804 80-25
Fax: +43 6542 804 80-4
E-Mail: info@langlauf-urlaub.com
Website: www.langlauf-urlaub.com
VAT ID No.: ATU68492419
MTS Austria GmbH
Legal representative: Mag. Gerald Moore
VAT ID No.: ATU73521405
Registration number: FN 482041 i
St. Johann Tax office - Tamsweg - Zell am See
Responsible for content: MTS Austria GmbH
Place of jurisdiction: Zell am See
Salzburg Regional Court
Authority: Zell am See District Commission
Chamber affiliation: Salzburg Chamber of Commerce
Division: Market communication, Travel agency
This privacy policy applies to all domains, portals and social media networks in the REALM of X-Country Hotels & Resorts e.V. - MTS Austria GmbH. This includes FACEBOOK, INSTAGRAM, GOOGLE, TWITTER, YOUTUBE, and similar.
We take all necessary measures to ensure the protection of your data and to uphold confidentiality, and we use your data in compliance with the legal provisions of, in particular, the GDPR (General Data Protection Regulation), the Data Protection Act and the Federal Law Gazette 2017/120 as well as the TCA (Telecommunications Act). This means that your data can only be used if a legal permission or your consent is available.
We implement organisational, contractual and technical security measures to ensure that the legal conditions are met, thus protecting your data against accidental or deliberate manipulation, loss, destruction or access by unauthorized persons.
We would like to point out that the data transmission on the Internet (e.g. when communicating by email) may have security gaps. Thus, complete protection against access by third parties is not possible.
When using this website without further transmission of data to us (e.g. through registration or by using the contact form), we collect technically necessary data which is transmitted automatically to our server, including:
- IP address - encrypted transmission
- Date and time of the enquiry
- Content of the enquiry
- Access status/http status code
- Browser type
- Language and version of the browser software
- Operating system
This data is technically necessary for the display of our website. We use this data also to ensure the security and stability of our website. Legal basis for the collection is Article 6 (1) letter f GDPR.
Personal data
Personal data means any information relating to an identified or identifiable individual (e.g. name, address, phone number, email address, IP address, ...).
We only process personal data which you provide in your enquiry, booking, order or participation in a competition or for the use of our services, and which are necessary for the provision of our services to you.
Simple contact request
When you contact us by email or by using the form on our website, we will store the data you provided for processing the enquiry and for any subsequent questions. This data will not be disclosed without your consent.
Using and disclosing personal data relating to enquiries, orders or bookings
Personal data you transmitted in relation to enquiries, orders, bookings or when participating in a competition will be used exclusively for processing your enquiry, order or booking. The data provided by you is necessary for the performance of preliminary measures and/or fulfilment of contract. Without this data, we are unable to conclude a contract with you.
Your personal data is only disclosed to persons who are involved in the enquiry, order, booking or competition process. All employees entrusted with data processing are obliged to keep your data confidential. The personal data you transmitted will not be sold to third parties or otherwise exploited. Your personal data will only be disclosed or otherwise transmitted to third parties if this is necessary for the business transaction (enquiry to or booking with the hotel) or if you have given your consent beforehand. We neither use your data given in relation to enquiries, orders, bookings or participation in competitions nor do we use other personal data related to this to send you targeted advertisements unless you have given your expressed consent.
Based on specifically concluded agreements on the processing of personal data, your data will be processed by
- INCERT eTourismus GmbH & Co KG with registered office in Linz
- Kubeos GmbH with registered office in Nußdorf
- Seekda Hospitaly Solutions GmbH with registered office in Vienna / Kognitiv Global Corporation with registered office in Toronto, Canada
- Conecto Business Communication GmbH with registered office in Maishofen
on our behalf in form of support measures as part of the order processing pursuant to Article 28 GDPR and in accordance with the relevant legal provisions. As part of performing their services, the mentioned order processors have access to your data but they can use this data only for the purpose of these support measures and cannot use this data for their own purposes.
In case a contract has been concluded, all data relating to the contractual relationship will be stored until the expiry of the record-keeping period under tax law. In addition, “name“, “address“, “ordered vouchers“ and “purchase date“ will be stored until the expiry of the statutory or, if applicable, stipulatory longer periods with regard to guarantee and redemption period of vouchers.
Upon declared objection, we will ensure that your data is deleted here and at our order processors‘, unless there are legal or contractual reasons. If a purchase transaction is cancelled, the data sent to us and already stored by us until that time will be deleted in accordance with Item 3.2. The processing of data is based on the legal provisions of Section 96 (3) TCA as well as Article 6 (1) letter a (consent) and/or letter b (necessary for the performance of a contract) of the GDPR.
You are in general entitled to information, correction, deletion, data portability, revocation and objection. If you believe that the processing of your data is in breach of the data protection law or that your rights under data protection law have been infringed in any other way, please contact us directly by sending an email to datenschutz@mts-austria.at or by contacting the Austrian Data Protection Authority, Wickenburggasse 8, 1080 Vienna, Austria, Tel: +43 1 52 152-0, dsb@dsb.gv.at.
Additional services
Our website uses various first- and third-party cookies for statistics, web fonts and marketing. Cookies are small text files that, with the help of the browser (e.g. Internet Explorer, Google Chrome, Firefox,...), are saved on your terminal. They do not cause any damage. We also use Google technologies (Google Tag Manager, Google Analytics, GA Audiences, DoubleClick, DoubleClick Ad Exchange-Buyer) and Facebook technologies (Facebook Connect, Facebook Social Plugins, Facebook Impressions). If you do not agree, we recommend to delete the cookies in your browser and not to accept any cookies on our page.
Only information, which your Internet browser automatically transmits to the server, will be stored. This applies in particular to: IP address, time of the server enquiry, operating system, browser type/version, name of your Internet service provider, Internet page from where our website is accessed and pages which you access on www.langlauf-urlaub.com and its subpages. This is only for information purposes which do not allow for conclusions about you. The IP address is pseudonymised.
We use cookies to make our offer user-friendly and to show suitable advertisements on various platforms, e.g. Google. Some cookies will remain on your terminal until you delete them. They enable us to recognise your browser on your next visit. However, we do not use personal data to send you targeted advertisements, unless you have given your expressed consent. If you have disabled the placing of cookies or if you have set restrictions, then the functionality of our website may be restricted.
Google Analytics
This website uses features of the web analytics service Google Analytics. The provider is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.
Google Analytics enables the website operator to analyze the behavior of website visitors. The website operator receives various usage data, such as page views, time spent on the site, operating systems used, and the user's origin. This data is consolidated into a User ID and assigned to the respective device of the website visitor.
Furthermore, Google Analytics allows us to record your mouse and scroll movements and clicks. Google Analytics also uses various modeling approaches to supplement the collected data sets and applies machine learning technologies in data analysis.
Google Analytics uses technologies that enable the recognition of the user for the purpose of analyzing user behavior (e.g., cookies or device fingerprinting). The information collected by Google about your use of this website is typically transmitted to a Google server in the USA and stored there.
The use of this service is based on your consent according to Art. 6(1)(a) GDPR. Your consent can be revoked at any time.
Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://privacy.google.com/businesses/controllerterms/mccs/.
The company is certified under the "EU-US Data Privacy Framework" (DPF). The DPF is an agreement between the European Union and the USA that aims to ensure compliance with European data protection standards for data processing in the USA. Every company certified under the DPF is committed to adhering to these data protection standards. For more information, please refer to the provider via the following link: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt000000001L5AAI&status=Active.
Matomo
This website uses the open-source web analytics service Matomo.
With Matomo, we are able to collect and analyze data about how visitors use our website. This allows us to determine, among other things, when specific pages were accessed and from which region. We also collect various log files (e.g., IP address, referrer, browser, and operating systems used) and can track whether our website visitors perform certain actions (e.g., clicks, purchases, etc.).
The use of this analysis tool is based on Art. 6(1)(f) GDPR. The website operator has a legitimate interest in analyzing user behavior in order to optimize both its website and its advertising. If corresponding consent has been requested, processing is carried out exclusively based on Art. 6(1)(a) GDPR. Consent can be revoked at any time.
We use CleverReach for sending our newsletter. CleverReach is a service provided by CleverReach GmbH & Co. KG, Mühlenstr. 43, 26180 Rastede, Germany. With CleverReach, we can manage the newsletter distribution and analyze its usage by recipients.
When you subscribe to our newsletter, the data you provide (e.g., email address) is stored on the servers of CleverReach in Germany or within the EU. CleverReach analyzes how often the newsletter is opened and which links are clicked. This information is used solely to improve our newsletter.
The processing is based on your consent (Art. 6(1)(a) GDPR). You can revoke this consent at any time by unsubscribing from the newsletter.
For more information, please refer to CleverReach's privacy policy: https://www.cleverreach.com/en/privacy-policy/.
Google Adwords conversion tracking
The website operator uses Google Ads. Google Ads is an online advertising program provided by Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.
Google Ads allows us to display advertisements in the Google search engine or on third-party websites when users enter specific search terms on Google (keyword targeting). Targeted ads can also be displayed based on the user data available on Google (e.g., location data and interests) (audience targeting). As the website operator, we can quantitatively evaluate this data by analyzing, for example, which search terms led to the display of our ads and how many ads resulted in corresponding clicks.
The use of this service is based on your consent according to Art. 6(1)(a) GDPR. Your consent can be revoked at any time.
Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://policies.google.com/privacy/frameworks and https://privacy.google.com/businesses/controllerterms/mccs/.
The company is certified under the "EU-US Data Privacy Framework" (DPF). The DPF is an agreement between the European Union and the USA that aims to ensure compliance with European data protection standards for data processing in the USA. Every company certified under the DPF is committed to adhering to these data protection standards. For more information, please refer to the provider via the following link: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt000000001L5AAI&status=Active.
Google Adwords Remarketing
This website uses the features of Google Ads Remarketing. The provider is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.
With Google Ads Remarketing, we can assign individuals who interact with our online offering to specific target groups in order to display interest-based advertising to them within the Google advertising network (remarketing or retargeting).
Additionally, the advertising target groups created with Google Ads Remarketing can be linked to Google’s cross-device functions. This allows interest-based, personalized advertising messages, tailored to you based on your previous usage and browsing behavior on one device (e.g., mobile phone), to be displayed on another of your devices (e.g., tablet or PC).
If you have a Google account, you can opt out of personalized advertising at the following link: https://www.google.com/settings/ads/onweb/.
The use of this service is based on your consent according to Art. 6(1)(a) GDPR. Your consent can be revoked at any time.
Further information and the privacy policy can be found in Google's privacy policy at: https://policies.google.com/technologies/ads?hl=en.
The company is certified under the "EU-US Data Privacy Framework" (DPF). The DPF is an agreement between the European Union and the USA that aims to ensure compliance with European data protection standards for data processing in the USA. Every company certified under the DPF is committed to adhering to these data protection standards. For more information, please refer to the provider via the following link: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt000000001L5AAI&status=Active.
This site uses the Google Maps service. The provider is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.
To use the features of Google Maps, it is necessary to store your IP address. This information is typically transmitted to a Google server in the USA and stored there. The provider of this site has no influence over this data transfer. When Google Maps is activated, Google may use Google Fonts to ensure a consistent display of fonts. When you access Google Maps, your browser loads the required web fonts into your browser cache to display texts and fonts correctly.
The use of Google Maps is in the interest of providing an appealing presentation of our online offerings and making it easy to find the locations specified on our website. This constitutes a legitimate interest according to Art. 6(1)(f) GDPR. If the corresponding consent has been requested, processing is carried out exclusively based on Art. 6(1)(a) GDPR. Consent can be revoked at any time.
Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://privacy.google.com/businesses/gdprcontrollerterms/ and https://privacy.google.com/businesses/gdprcontrollerterms/sccs/.
For more information on how user data is handled, please refer to Google's privacy policy: https://policies.google.com/privacy?hl=en.
The company is certified under the "EU-US Data Privacy Framework" (DPF). The DPF is an agreement between the European Union and the USA that aims to ensure compliance with European data protection standards for data processing in the USA. Every company certified under the DPF is committed to adhering to these data protection standards. For more information, please refer to the provider via the following link: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt000000001L5AAI&status=Active.
Plugins of the following providers are integrated in this website:
- The social network Facebook, Meta Platforms, Inc., Menlo Park, California, United States, in form of a ”Like Button“ and/or
- The social network Instagram, Meta Platforms, Inc., Menlo Park, California, United States, in form of a ”Like Button“, and/or
- TrustYou, Steinerstraße 15, 81369 Munich, Germany, in form of a ratings summary and/or
- Bergfex, Neupauerweg 30a, 8052 Graz, Austria in form of aan iframe integration and/or
- Giggle.tips von Giggle GmbH, Jahnstraße 18, 6020 Innsbruck
The respective plugin enables a direct connection between your browser and the server of the respective provider. In this way, the providers determine information (in particular date and time of the website access and other browser-related information) about you on the website. Clicking the relevant button, while being logged in your respective account, also enables the respective provider to allocate the visit to the website to the profile of the user.
Data will be disclosed regardless of whether you have an account with the plugin provider and are logged in there. When you are logged in with the plugin provider, the data we have collected from you will be allocated directly to your existing account with the plugin provider.
Further information about the purpose and extent of the data collection and the processing by the plugin providers is available in the data protection statements of these providers in the links below. There you will also find further information regarding your rights and setting options for the protection of your privacy:
Further information can be found on the respective websites of the particular provider:
- Facebook, Meta Platforms, Inc., Menlo Park, California, USA, www.facebook.com/policy.php
- Google Inc., 1600 Amphitheater Parkway, Mountain View, California 94043, USA, www.google.com/policies/privacy/partners/?hl=de
- Instagram, Meta Platforms, Inc., Menlo Park, California, USA, www.facebook.com/policy.php
- TrustYou, Steinerstraße 15, 81369 München, Germany, https://www.trustyou.com/wp-content/uploads/2018/05/2017-01-19-TY-Privacy-Policy.pdf
- Bergfex, Neupauerweg 30a, 8052 Graz, Austria, https://www.bergfex.at/datenschutz/
- Giggle.tips von Giggle GmbH, Jahnstraße 18, 6020 Innsbruck, https://hotel.giggle.tips/privacy
Visiting our website, you expressively agree to the use of your user information as described above.
This website integrates videos from the YouTube website. The operator of YouTube is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.
When you visit one of our web pages that includes YouTube, a connection to YouTube's servers is established. This connection tells the YouTube server which of our pages you have visited.
Additionally, YouTube may store various cookies on your device or use similar technologies for recognition (e.g., device fingerprinting). This allows YouTube to gather information about visitors to this website. Such information is used, among other things, to collect video statistics, enhance user experience, and prevent fraud.
If you are logged into your YouTube account, YouTube can directly associate your browsing behavior with your personal profile. You can prevent this by logging out of your YouTube account.
The use of YouTube is intended to present our online offerings in an engaging manner. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR. If consent has been obtained, the processing is carried out solely based on Art. 6 para. 1 lit. a GDPR. Consent can be withdrawn at any time.
For more information on how user data is handled, please refer to YouTube’s privacy policy at: https://policies.google.com/privacy?hl=en.
The company is certified under the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the United States that aims to ensure compliance with European data protection standards in data processing in the U.S. Any company certified under the DPF commits to adhering to these data protection standards. More information can be found from the provider at the following link: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt000000001L5AAI&status=Active.
On our website, we use Vimeo plugins. Vimeo is a service of Vimeo LCC, 555 West 18th Street, New York, New York 10011, USA. This component is integrated in our website and prompts your browser to download the relevant display of Vimeo every time you access our website. With the help of the information collected by the component, Vimeo is able to identify which specific site you are accessing and allocates this information to your personal Vimeo account every time you access our website while being logged in to Vimeo. For example, if you click the "Play" button or enter relevant comments, this information will be transmitted to and stored in your personal user account with Vimeo. In addition, the information that you have visited our website will be forwarded to Vimeo. This will be done regardless of whether you, for example, click the component/leave comments or not.
If you want to stop the transmission and storing of data about you and your behaviour on our website by Vimeo, then you must log out of Vimeo before you visit our website. The data protection statement of Vimeo contains further information, in particular with regard to the collection and use of the data by Vimeo: https://vimeo.com/privacy
To protect input forms on our website, we use the "reCAPTCHA" service of Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043 USA. Using this service helps us to distinguish whether the relevant input is made by a human or by automatized machine processing.
According to our knowledge, the referrer URL, the IP address, the behaviour of the website visitors, information about the operating system, browser and length of stay, cookies, display instructions and scripts, the input behaviour of the user as well as mouse movements in the area of the "reCAPTCHA" checkbox are transmitted to "Google".
The IP address transmitted as part of "reCAPTCHA" will not be merged with other Google data, unless you are logged in to your Google account at the time you are using the "reCAPTCHA" plugin. If you want to stop the transmission and storing of data about you and your behaviour on our website by "Google", then you must log out of "Google" before you visit our website and/or use the reCAPTCHA plugin.
The use of information obtained through "reCAPTCHA" is subject to the Google conditions of use: https://www.google.com/intl/de/policies/privacy/.
We use fonts („Google Fonts”) provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
Privacy policy: https://www.google.com/policies/privacy/, Opt-Out: https://adssettings.google.com/authenticated
Effective as of 13 August 2024