Privacy policy

Privacy Policy
Last updated on September 18, 2025

Transparent handling of personal data is very important to us. This privacy policy provides information about what personal data we collect, for what purpose, and to whom we disclose it. We review and update this privacy policy regularly to ensure maximum transparency.

1. What do we do?
2. What information do we provide?
3. Definitions
4. Contact
5. Data security
6. Rights of data subjects
7. General principles
8. Individual data processing operations
9. Does our privacy policy always remain the same?

What do we do?
Schiregion Hochoetz Erschl. GmbH (Angerweg 13 Oetz, 6433 Oetz) operates the website shophochoetz.oetztal.com (hereinafter referred to as “we”).
The protection of your personal data is very important to us. In this privacy policy, we provide you with transparent and understandable information about what data we collect via our website and how we handle it.
For this reason, we use the icons of the PRIVACY ICONS association. These are intended to help you quickly gain an overview of how we process your data.
What information do we provide?
• Who is responsible for data processing;
• What data is collected;
• For what purpose this data is collected;
• On what legal basis we collect this data;
• To whom we pass on this data;
• How you can object to data processing;
• What rights you have and how you can exercise them.
Definition of terms

What is personal data?
Personal data (synonymous with the term “personal information”) is any information relating to an identified or identifiable natural person. This includes, for example, name, address, date of birth, email address, telephone number, and IP address. Data about personal preferences, such as leisure activities or memberships, also counts as personal data.

What are special categories of personal data?
Special categories of personal data (synonymous with the term “sensitive data”) are:
• Data concerning religious, philosophical, political, or trade union beliefs or activities;
• Data concerning health, privacy, race or ethnicity, sexual life and sexual orientation;
• Data concerning administrative or criminal proceedings and sanctions, as well as data concerning social assistance measures;
• Genetic data and biometric data that uniquely identify a person.
Where necessary and if you disclose this data to us yourself, we may process data that belongs to a special category of personal data. In this case, its processing is subject to stricter confidentiality.

What is the processing of personal data?
Processing (synonymous with the term “handling”) is any handling of personal data, regardless of the means and procedures used, in particular the collection, storage, retention, use, modification, disclosure, archiving, deletion, or destruction of personal data.

What is the disclosure of personal data?
This is the transmission or making available of personal data, e.g. publication or disclosure to a third party.
Contact

If you have any questions or concerns about how we protect your data, you can contact our data protection officer:
Schiregion Hochoetz Erschl. GmbH
Patrick Veit
Angerweg 13
6433 Oetz
Info@bergbahnen-oetz.com

Data security
We will store your data securely and take all reasonable measures to protect your data from loss, access, misuse, or alteration.
Our contractual partners and employees who have access to your data are obliged to comply with data protection regulations. In some cases, it may be necessary for us to forward your requests to affiliated companies as part of order processing. In these cases, your data will also be treated confidentially.
Within our website, we use the SSL (Secure Socket Layer) procedure in conjunction with the highest level of encryption supported by your browser.

Rights of data subjects
Right to information
You can request information about the data we have stored about you at any time. Please send your request for information together with credible proof of identity to info@bergbahnen-oetz.com.
The information will be provided in writing or in another form, including electronically if necessary. If you request it, we can also provide you with the information verbally, provided you prove your identity in another form. If you submit your request for information electronically, we will provide the information in a common electronic format, unless you specify otherwise.
The information is usually provided free of charge. If additional copies are requested, a reasonable fee may be charged.
The right to obtain a copy of the processed data must not affect the rights and freedoms of other persons.
In the case of manifestly unfounded or excessive requests for information, we reserve the right to refuse to provide the information within the limits of the law or to charge a reasonable fee for it.
The processing of your request is subject to the statutory period of one month. Due to the complexity and high number of requests, we may extend this period by two further months if necessary. You will be informed of the extension within one month of submitting the request for information. At the same time, you will be given the reasons for the extension.

Deletion and correction
You have the right to request the deletion or correction or completion of your data at any time, provided that there are no legal retention obligations or legal grounds for permission to the contrary.
Please note that exercising your rights may conflict with contractual agreements and may have corresponding effects on the performance of the contract (e.g., premature termination of the contract or cost consequences).

Restriction of processing
You also have the right to request a restriction of processing if you dispute the accuracy of this data, the processing is unlawful, the data is no longer required, or you have objected to the processing.
If the processing of the data is restricted, it may only be stored. Further processing may only take place with your consent, for the assertion, exercise, or defense of legal claims, for the protection of the rights of another person, or for reasons of important public interest. You will be notified if the restriction is lifted.

Right to data portability
You have the right to receive the personal data concerning you that you have provided to us in a structured, commonly used, and machine-readable format and to transmit those data to another controller without hindrance from us to whom the personal data have been provided, provided that the processing is based on consent pursuant to Article 6(1)(a) or Article 9(2)(a) GDPR or on a contract pursuant to Article 6(1)(b) GDPR and the processing is carried out by automated means. You also have the right to request that the personal data be transferred directly from us to another controller, where technically feasible.

Right to object
If you have given your consent to the processing of your data, you can revoke this consent at any time. Such revocation affects the permissibility of the processing of your personal data after you have objected to us.
If we base the processing of your personal data on the balancing of interests, you can object to the processing. This is the case if the processing is not necessary to fulfill a contract with you, which is described by us in the following description of the functions. When exercising such an objection, we ask you to explain the reasons why we should not process your personal data as we have done. In the event of your justified objection, we will examine the situation and either stop or adapt the data processing or point out to you our compelling legitimate grounds on the basis of which we will continue the processing.
You can object to the processing of your personal data for advertising and data analysis purposes at any time. You can contact us about your advertising objection using the contact details provided in this privacy policy.

Right to lodge a complaint
You also have the right to lodge a complaint with a data protection supervisory authority about our processing of your personal data.

General principles
What data do we process about you and from whom do we receive this data?
First and foremost, we process personal data that you provide to us or that we collect when operating our website. Under certain circumstances, we may also receive personal data about you from third parties. This may include the following categories:
• Personal master data (name, address, date of birth, etc.);
• Contact details (mobile phone number, email address, etc.);
• Financial data (e.g., account details);
• Online identifiers (e.g., cookie ID, IP addresses);
This data may come from the following sources:
• Information from publicly available sources (e.g., media, internet);
• Information from public registers (e.g., commercial register, debt collection register, land register);
• Information in connection with official or legal proceedings;
• Information concerning your professional functions and activities (e.g., professional networks);
• Information about you in correspondence and meetings with third parties;
• Credit reports (if we do business with you personally);
• Information about you that people in your circle give us so we can enter into or process contracts with you;
• Data related to your use of the website.
Under what conditions do we process your data?
We process your data in accordance with the applicable data protection laws, in particular the GDPR. Processing is carried out for the purposes specified in this privacy policy. We ensure transparency and proportionality in this regard.
The processing of your data is lawful if one of the conditions for permission under the GDPR is met. The following conditions for permission are possible:
• Your consent (Art. 6 (1) (a) GDPR);
• The fulfillment of a contract or pre-contractual measures (Art. 6 (1) (b) GDPR);
• Compliance with legal obligations to which we are subject (Art. 6 (1) (c) GDPR);
• Protection of the vital interests of the data subject or another natural person (Art. 6 (1) (d) GDPR);
• The performance of a task carried out in the public interest or in the exercise of official authority vested in the controller (Art. 6 para. 1 lit. e GDPR);
• Our legitimate interests, unless your interests prevail (Art. 6 para. 1 lit. f GDPR).
Under certain circumstances, it may be necessary for you to disclose certain personal data to us in order to fulfill contractual obligations. Without such data, we are normally unable to execute a contract.
Similarly, the website cannot normally be used if certain information required to ensure data traffic, such as your IP address, is not disclosed.
In which cases may we disclose your data to third parties?
a. Principle
Under certain circumstances, we may need to use the services of third parties or affiliated companies and commission them to process your data (so-called processors). The categories of recipients are specifically:
• Accounting, trust, and auditing companies;
• Consulting companies (legal advice, taxes, etc.);
• IT service providers (web hosting, support, cloud services, website design, etc.);
• Payment service providers;
• Providers of tracking, conversion, and advertising services.
We ensure that these third parties and our affiliated companies comply with data protection requirements and treat your personal data confidentially.
Under certain circumstances, we may also be obliged to disclose your personal data to authorities.
b. Disclosure to partners and cooperating companies
We work with various companies and partners who advertise their offers on our website. You can recognize that these are third-party offers (marked as “advertisements”).
If you take advantage of such an offer, we will transfer your personal data to the relevant partner or cooperating company (e.g., name, function, communication, etc.) whose offer you wish to take advantage of. These partners and cooperating companies are independently responsible for the personal data they receive. After the data has been transferred, the data protection provisions of the respective partner apply.
c. Transfer abroad
Under certain circumstances, your personal data may be transferred to companies abroad in the course of order processing. These companies are subject to the same data protection obligations as we are. The transfer may take place worldwide.
If the level of data protection does not correspond to that of the EEA, we will carry out a prior risk assessment and contractually ensure that the same protection as in the EEA is guaranteed (e.g. by means of the EU Commission's standard contractual clauses or other legally prescribed measures). If our risk assessment is negative, we take additional technical measures to protect your data. You can access the EU Commission's standard contractual clauses at the following link.
How long do we store your data?
We only store personal data for as long as is necessary to fulfill the individual purposes for which the data was collected.
We store contract data for longer, as we are required to do so by law. In particular, we must retain business communications, concluded contracts, and booking receipts for up to 10 years. If we no longer need such data from you to perform the services, the data will be restricted for further processing and we will only use it for accounting and tax purposes.
Individual data processing operations
Provision of the website and creation of log files
When you simply visit shophochoetz.oetztal.com, i.e. without registering or disclosing any other information, only the data that your browser automatically transmits to our server is collected. This data is technically necessary for the operation of the website.
What data do we process?
The following data in particular is processed for the provision of the website and the creation of log files:
• Name of the internet service provider
• IP address
• Technical information such as browser, operating system, or screen resolution
• The date and time of access
• Referrer URL
This data cannot be assigned to a specific person and is not merged with other data sources.
For what purpose do we process the data?
The log files are processed to guarantee the functionality of the website and to ensure the security of our information technology systems.
On what basis do we process the data?
The legal basis for this data processing is our legitimate interest pursuant to Art. 6 (1) lit. f GDPR. Our legitimate interests are derived from the purpose of the data processing.
To whom do we pass on the data?
The transfer of data by us is governed by our statements on data transfer.
How can you prevent data processing?
The data is only stored for as long as is necessary to achieve the purpose for which it was collected. Accordingly, the data is deleted after each session ends. The storage of log files is essential for the operation of the website, so you have no option to object to this unless you do not visit our website.

Cookies
Our website uses cookies. Cookies are text files that are stored on your device's operating system with the help of your browser when you visit our website. Cookies do not cause any damage to your computer and do not contain viruses. Some cookies are technically necessary for the website to function. Most of the cookies we use are so-called “session cookies.” They are automatically deleted at the end of your visit. Other cookies remain stored on your device until you delete them or they expire.
For what purpose do we process the data?
We use cookies so that we can use the data collected to make our website more user-friendly, effective, and secure. In particular, we use cookies to store your preferences (e.g., language and location settings), to quickly provide and attractively display website content (e.g., through the use of fonts and content delivery networks), and to analyze the use of this website for statistical evaluation and continuous improvement (usually through third-party cookies). The specific purposes for which we use (technically unnecessary) cookies are set out in the following sections of this privacy policy.
On what legal basis do we process the data?
The legal basis for this processing is your consent in accordance with Art. 6 (1) (a) GDPR. Insofar as technically necessary cookies are concerned, our legitimate interest pursuant to Art. 6 (1) lit. f GDPR forms the legal basis.
To whom do we pass on the data?
The transfer of data by us is governed by our statements on data transfer. In addition, the following explanations on the individual data processing operations in this privacy policy must be observed.
How can you prevent data processing?
A cookie banner is displayed when you visit the website. Cookies that require your consent pursuant to Art. 6 (1) (a) GDPR are only activated once you have given your consent. If you refuse to give your consent, no data will be collected by the cookies that require consent.
You cannot prevent data collection by cookies that we use on the basis of our legitimate interest pursuant to Art. 6 (1) lit. f GDPR through the cookie banner. These cookies, which are technically necessary for the operation of the website, are stored on your computer. You can delete them completely or deactivate or restrict their transmission by changing the settings in your browser. If you deactivate cookies for our website, you may no longer be able to use all of the website's functions to their full extent.
Instructions for the most common browsers can be found here:
• For Chrome from Google
• For Safari from Apple
• For Edge from Microsoft
• For Firefox from Mozilla
For cookies used to measure success and reach or for advertising, a general opt-out is possible for numerous services via the Network Advertising Initiative (NAI), YourAdChoices (Digital Advertising Alliance), or Your Online Choices (European Interactive Digital Advertising Alliance, EDAA).
Tracking pixels
We may use tracking pixels on our website or in our emails. Tracking pixels are also known as web beacons. Tracking pixels are small, usually invisible images that are automatically retrieved when you visit our website or open our emails.

What data do we process?
Tracking pixels can be used to collect the same information as log files. In addition, movement profiles for the entire session can be collected. Tracking pixels are used in particular by third parties whose services we use. Detailed information about these third-party services is provided below in this statement.
For what purpose do we process the data?
Tracking pixels are used by various tracking services to analyze the use of this website and for statistical evaluation and continuous improvement. Tracking pixels can also be used for email tracking.
On what legal basis do we process the data?
The legal basis for the dissemination is your consent in accordance with Art. 6 (1) (a) GDPR.
To whom do we pass on the data?
The disclosure of data by us is governed by our statements on data disclosure. Please also note the statements in this privacy policy regarding the individual tracking services.
How can you prevent data processing?
To prevent data processing using tracking pixels, you can install suitable browser extensions such as uBlockOrigin and block external graphics in your email program.
Does our privacy policy always remain the same?
We may change this privacy policy at any time. The changes will be published on shophochoetz.oetztal.com. You will not be informed separately.