Privacy policy of the
Wilderer Group

1. General information on data processing

In this privacy policy we inform you about which personal data is processed when you use our website. Personal data is any information relating to an identified or identifiable natural person (e.g. name, address, e-mail address, IP address, user behaviour).

Processing is carried out in particular on the basis of Art. 6 (1) (a–f) GDPR – for example for the performance of a contract, the implementation of pre-contractual measures, compliance with legal obligations, protection of vital interests, performance of a task carried out in the public interest or for the purposes of legitimate interests, provided that these are not overridden by the rights of the data subject.

2. Collection of personal data when visiting our website

If you use our website purely for information purposes – i.e. if you do not register or otherwise transmit information to us – we only process the data that your browser transmits to our server for technical reasons. This data is necessary in order to display our website to you in a stable and secure manner (Art. 6 (1) (f) GDPR).

This includes in particular:

• IP address
• Date and time of the request
• Time zone difference to Greenwich Mean Time (GMT)
• Content of the request (specific page / URL)
• Access status / HTTP status code
• Amount of data transferred in each case
• Website from which the request originates (referrer)
• Browser, operating system and its interface
• Language and version of the browser software

3. Contact by e-mail or contact form

If you contact us by e-mail or via a contact form, we process the data you provide (e.g. name, e-mail address, telephone number and the content of the message) in order to handle your request and answer any follow-up questions.

The legal basis is usually Art. 6 (1) (b) GDPR (pre-contractual measures or performance of a contract) or – for general enquiries – our legitimate interest in efficient communication (Art. 6 (1) (f) GDPR). If you give explicit consent, Art. 6 (1) (a) GDPR may also apply.

We delete the data arising in this context as soon as it is no longer necessary for the respective purpose, unless statutory retention obligations require us to keep it for a longer period.

4. Cookies

Our website uses cookies. These are small text files that are stored on your device and through which certain information flows back to us or to the respective service provider. Cookies cannot run programs or transmit viruses; they are used, for example, to make our offer more user-friendly and efficient.

In particular, we use the following categories:

• Transient cookies (e.g. session cookies), which are automatically deleted after the end of the browser session.
• Persistent cookies, which are automatically deleted after a defined period or can be removed manually in the browser settings.

You can configure your browser so that it, for example, rejects third-party cookies or all cookies. Please note that in this case not all functions of our website may be fully available.

5. Additional functions, services & recipients

In addition to the purely informational use of our website, we offer further services (e.g. booking enquiries). In doing so, additional personal data may be processed, for example in order to handle contracts or provide special services. For this processing, the principles set out in this privacy policy apply.

We sometimes use external service providers (e.g. hosting providers, technical service providers) that act as processors pursuant to Art. 28 GDPR. They are carefully selected, contractually bound and monitored on a regular basis.

We only pass on personal data to third parties for their own purposes if this is legally permissible, you have given your consent or it is necessary for contract processing. If service providers or partners are located outside the European Economic Area, we provide information on the relevant safeguards in accordance with Art. 46 GDPR in the context of the respective services.

6. Web analytics & security (Jetpack / WordPress.com-Stats)

Our website may use the web analytics service Jetpack (WordPress.com-Stats). We use this to analyse usage of the website in order to improve content and make our offer more user-friendly. The system also serves to protect our website, for example by detecting attacks or misuse.

Processing takes place on the basis of Art. 6 (1) (f) GDPR (legitimate interest in analysing and securing the online offer) and – where required – on the basis of your consent (Art. 6 (1) (a) GDPR), for example via a cookie banner.

7. Children

Our offer is generally aimed at adults. Persons under 18 years of age should not transmit personal data to us without the consent of a parent or legal guardian.

8. Your rights as a data subject

You have extensive rights regarding the processing of your personal data. Below you will find a summary of the most important rights under the GDPR.

To exercise your rights, you can contact us at any time using the contact details listed under “Controller”.

9. Data security

We use technical and organisational security measures to protect your data against manipulation, loss, unauthorised access or other misuse. This includes, in particular, encrypted transmission of content where technically provided (e.g. via TLS/SSL).

Our security measures are regularly reviewed and continuously improved in line with technological developments.

10. Updates to this privacy policy

We will update this privacy policy whenever changes to the data processing activities we carry out or to legal requirements make this necessary. The current version published on this website applies.