Imprint | Privacy Policy | Cookie-Policy (EU) | Accessibility Statement

Privacy Policy

The protection of your personal data is of particular concern to us. We therefore process your data exclusively on the basis of the statutory provisions (GDPR, DSG, TKG 2021).

In this privacy policy, we inform you about the most important aspects of data processing within our web app.

1. Controller

TOURISMUSVERBAND SPITTAL AN DER DRAU
Burgplatz 1
A – 9800 Spittal an der Drau
Tel.: +43 (0)4762 / 37200
E-Mail: welcome@spittal-millstaettersee.at
Web: app.spittal-erleben.at
UID: ATU 70 22 38 03

2. General Information on Data Processing

We process personal data only when necessary, e.g. to provide the web app, respond to enquiries, or display embedded content.

3. Access Data / Server Log Files

When you visit our web app, information of a general nature (server log files) is automatically collected (including IP address, date/time, browser type). This data serves the secure operation of the app.

Legal basis: Art. 6(1)(f) GDPR (legitimate interest)
Storage period: The data is stored for a maximum of 30 days.

4. Contact

When you contact us by e-mail, your details are stored for the purpose of processing your enquiry.

Legal basis: Art. 6(1)(b) GDPR (contract/pre-contractual) or Art. 6(1)(f) GDPR.

5. Data Collection Forms

5.1 Form “Eyes Open”

Through the “Eyes Open” form, we collect the personal data you provide (e.g. name, e-mail address) solely for the purpose of processing your submission or report.

Legal basis: Art. 6(1)(b) GDPR (contractual/pre-contractual measures) or Art. 6(1)(f) GDPR (legitimate interest).

5.2 Form “Brochure Order”

Via the “Brochure Order” form, we collect the necessary personal data (e.g. name, address, e-mail address) in order to send you the requested printed materials.

Legal basis: Art. 6(1)(b) GDPR (contractual/pre-contractual measures).

6. Embedded Services and Third-Party Providers

6.1 Feratel (Booking and Information Modules)

Our web app integrates features provided by feratel Media Technologies AG (Innsbruck, Austria). When using these modules (e.g. booking calendar), technically necessary data is transmitted to Feratel.

Legal basis: Art. 6(1)(b) GDPR (performance of contract).

6.2 YouTube (Videos)

We embed videos from the platform “YouTube” (Google Ireland Limited, Ireland). By default, these are disabled so that no data flows to Google. Only when you actively consent to loading the content (e.g. via the cookie banner or by clicking a placeholder) will the video be loaded and data (including IP address) transmitted to Google.

Legal basis: Art. 6(1)(a) GDPR (consent).

6.3 Google Maps / Google My Maps

We use interactive maps from Google Maps (via Google My Maps) provided by Google Ireland Limited. The content is only loaded after you have given your consent. For technical reasons, your IP address is transmitted to Google’s servers in this process.

Legal basis: Art. 6(1)(a) GDPR (consent).

6.4 Google reCAPTCHA

We use Google reCAPTCHA (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland) on our web app to protect form submissions from abusive automated use (e.g. by bots). In doing so, data (including IP address and, where applicable, further information required by Google for the reCAPTCHA analysis) is transmitted to and processed on Google’s servers. Google may also process this data in the United States.

Legal basis: Art. 6(1)(f) GDPR (legitimate interest in the security and smooth operation of the web app).

For more information about Google reCAPTCHA and Google’s privacy policy, please visit: https://policies.google.com/privacy

7. Links to External Websites

Our web app contains links to external websites. We have no influence over their content or data protection standards. The respective provider is always responsible for linked pages.

8. Cookies

We use technically necessary cookies for the operation of the app. Optional cookies (e.g. for YouTube or Google Maps) are only set after your consent.

Legal basis: Art. 6(1)(f) GDPR (necessary) or Art. 6(1)(a) GDPR (consent).

9. Data Security

We protect your data through modern technical measures, in particular through encrypted transmission (HTTPS).

10. Your Rights

You have the rights of access, rectification, erasure, restriction, data portability, withdrawal and objection. Complaints may be addressed to the data protection authority:

Austrian Data Protection Authority
Barichgasse 40–42, 1030 Vienna
E-Mail: dsb@dsb.gv.at

11. Changes

We adapt this policy as needed to current legal or technical standards.

As of: 08.04.2026