Privacy Policy

Last updated [DATE placeholder]. This is a standard template — have it reviewed by Austrian legal/Datenschutz counsel before launch.

1. Controller

The controller for the processing of your personal data is:

Eva Pump
Grubberg 27a, 8511 St. Stefan ob Stainz, Austria
E-mail: eva@mosthutte.com
Phone: +43 3463 00000 (placeholder — to be updated)

2. Data We Collect and Why

Booking inquiries

When you submit an inquiry or booking request, we collect your name, email address, phone number, requested dates, number of guests, and any message you include. We process this data to respond to your inquiry and, where a contract is concluded, to fulfil the rental agreement. The lawful basis is Art. 6(1)(b) GDPR (performance of a contract or pre-contractual measures).

Newsletter and marketing communications

If you sign up for our newsletter or marketing updates, we collect your email address. The lawful basis is your consent under Art. 6(1)(a) GDPR. You may withdraw your consent at any time by clicking the unsubscribe link in any email or by contacting us directly.

Cookies and analytics

We use cookies and similar technologies. Strictly necessary cookies (e.g. theme preference, consent record) are set without consent. Analytics and advertising cookies (Google Analytics, Google Ads, Meta Pixel) are only set after you give your consent via our cookie banner. See our Cookie Policy for full details. The lawful basis for analytics and advertising is Art. 6(1)(a) GDPR (consent).

Server logs

Our hosting provider (Cloudflare) automatically records standard server log data including your IP address, browser type, pages visited, and timestamps. This is processed for security and technical operation purposes under Art. 6(1)(f) GDPR (legitimate interest in operating a secure website).

WhatsApp and SMS

If you contact us via WhatsApp or SMS, we process your phone number and the content of your messages in order to respond to your enquiry. The lawful basis is Art. 6(1)(b) GDPR (pre-contractual communication).

3. Service Providers and Processors

We use the following third-party processors. Each is bound by a data processing agreement:

4. International Data Transfers

Several of our service providers are based in the United States. Transfers are carried out on the basis of the European Commission's Standard Contractual Clauses (SCCs) pursuant to Art. 46(2)(c) GDPR. You may request a copy of the applicable safeguards by contacting us.

5. Retention Periods

6. Your Rights

Under the GDPR, you have the following rights in relation to your personal data:

To exercise any of these rights, contact us at eva@mosthutte.com. We will respond within one month.

7. Right to Lodge a Complaint

You have the right to lodge a complaint with the Austrian supervisory authority:

Österreichische Datenschutzbehörde (DSB)
Barichgasse 40–42, 1030 Wien, Austria
www.dsb.gv.at
E-mail: dsb@dsb.gv.at

You may also contact the supervisory authority in your country of residence within the EU.

8. Changes to This Policy

We may update this privacy policy from time to time. The current version is always available at /privacy. Material changes will be communicated by updating the "last updated" date at the top of this page.


See also: Cookie Policy · Impressum