Data processing takes place on the basis of the statutory provisions of § 165 para 3 TKG 2021 and Art. 6 para 1 lit a (consent) and/or lit b (necessary to fulfil the contract) and/or f (safeguarding the legitimate interests of the person responsible or a third party) of the GDPR.
When does our website process personal data?
- When registering for one of our newsletters, your email address will be stored with a third-party provider until the request for deletion and will be used until cancelled.
- To book on wienerwandern.singles, a one-time registration is necessary. Your name, surname, gender, postal code, telephone number, e-mail address and date of birth will be stored on our website until the request for deletion. This will give you easier access for future bookings and will allow us to verify that you are legitimized for a booking.
- For bookings, we use a third-party tool. Accordingly, the following data is stored with this name, first name and e-mail address. Other details, such as the details of your address and telephone number, are optional. Depending on the selected payment method, these data are transmitted to other service providers (credit card institutions, Paypal, etc.) and, if necessary, an input of further data is necessary.
- The contact form on wienerwandern.singles generates an e-mail with your name, the e-mail address and optionally your telephone number, which will be sent to us. Emails are removed from our archive after 7 years.
- The web server stores IP addresses for the analysis of errors and as part of protective mechanisms. Without these measures, it is not possible to operate secure and functional websites. The data will be deleted after 7 days. For details, please refer to the section on hosting.
- The content delivery network stores IP addresses to maintain the security and functionality of the CDN and our websites. The data is usually deleted within 25 hours. For details, please refer to the point content delivery network.
- With your consent, the previously anonymized IP address will be sent to the Google Analytics service. The data are stored for a maximum of 14 months. Details can be found in the entry below.
- There is an obligation to document your consent, so a log entry containing your IP address is created. These entries will be deleted after a maximum of 3 years.
The data provided by you are required to fulfil the contract or to carry out pre-contractual measures. Without this data, we can not conclude the contract with you. In the case of a contract, further electronic and analogous documents such as invoices and credits are created from the data and transmitted to our tax advisor to fulfil our tax obligations. All data from the contractual relationship remain stored until the expiry of the tax retention period (7 years).
Third-party providers may also have their own privacy policies. In order to oblige these third-party providers to process the transmitted data only in accordance with our instructions and to comply with the applicable data protection regulations, we have concluded order processing agreements with them.
We use external hosting from the provider Feyer Media GmbH & Co. KG (Eibenweg 42, 42111 Wuppertal, Germany) for storage resources, database services, security and technical maintenance services in order to ensure efficient and secure provision of our website.
The provider automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:
- Browser type and browser version
- operating system used
- Referrer URL
- Host name of the accessing computer
- Time of the server request
- IP address
This data will not be merged with other data sources. The files are deleted after 7 days.
Cloudflare's content delivery network
We use what is known as a "Content Delivery Network" (CDN), offered by Cloudflare, Inc. (101 Townsend St, San Francisco, CA 94107, USA) to make our websites faster and more secure.
A CDN is a service with the help of which the contents of our online offer, in particular large media files such as graphics or scripts, are delivered faster via regionally distributed servers connected via the Internet. The processing of user data takes place solely for the aforementioned purposes and to maintain the security and functionality of the CDN and our websites. This service is switched between you and our hoster.
Cloudflare automatically saves log data, including IP addresses, system configuration information and other information about incoming and outgoing traffic from the websites, devices, applications and / or networks. These data will be deleted within 25 hours, provided they do not trigger security warnings.
For security reasons, the CDN Cloudflare sets the cookie (__cfduid) to identify individual visitors / devices behind a shared IP address and to apply security settings for each individual visitor / device. The cookie does not store any personal data and the storage period is 1 year.
This site uses SSL encryption for security reasons and to protect the transmission of confidential content, such as inquiries that you send to us as the site operator. Depending on the browser, you can recognize an encrypted connection by the "https://" in the address line or by the lock symbol.
With encryption, the data that you transmit to us cannot be read by third parties.
Cookies and similar functions
When using our website, cookies and similar functions may be stored in the web browser of the device you are using. Cookies are small files that are stored locally in the cache of the browser used. Cookies do not become part of the PC system and cannot run any programs.
List of technically necessary functions:
- The session cookie Contao HTTPS CSRF Token protects against cross-site request forgery attacks and only remains for the current browser session.
- The session cookie PHP SESSION ID saves the current PHP session and only remains for the current browser session.
- The Contao cookie bar sets a token in the local storage to save your privacy settings. The entry remains permanent but can be deleted at any time.
- For security reasons, the CDN Cloudflare sets the cookie (__cfduid) to identify individual visitors/devices behind a shared IP address and to apply security settings for each individual visitor/device. The cookie does not store any personal data and the storage period is 1 year.
List of functions requiring approval:
- Google Analytics cookies with a storage period of max. 14 months. Details can be found in the entry below.
- Google Maps cookies with a storage period of 6 months. Details can be found in the entry below.
A use of our offers is also possible without cookies. You can deactivate the storage of cookies in your browser, restrict them to certain websites or set your web browser so that it notifies you as soon as a cookie is sent. You can also delete cookies from your PC's hard drive at any time. Please note that in this case you will have to reckon with a limited display of the page and limited user guidance.
Risks of data transfer to third countries
When processing personal data outside the EU (third countries), there is a risk that this data will not be processed and stored anonymously, will be merged with other data or will be made accessible to state authorities.
We would like to point out that the European Court of Justice is currently of the opinion that there is no adequate level of data protection for processing in the USA! This primarily affects the services offered by Google. The services of Google are therefore only used with your consent.
Google Tag Manager
This website can use "Google Tag Manager", a service provided by Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland), hereinafter referred to as "Google".
The Google Tag Manager is an organization tool with which website tags (small sections of code) are integrated and managed centrally and via a user interface. According to the operator, the Google Tag Manager is a domain that does not set cookies and does not save any data. It ensures that other tags are triggered, which may collect data and are then described in this data protection declaration. The Google Tag Manager does not access this data.
If a deactivation has been made at the domain or cookie level, this remains in effect for all tracking tags that are implemented with Google Tag Manager.
List of services that are integrated with the Google Tag Manager:
- Google Analytics 4
Further information on data protection can be found on the following Google websites:
- Data protection declaration: https://policies.google.com/privacy
- FAQ on Google Tag Manager: https://www.google.com/intl/de/tagmanager/faq.html
This website may use "Google Analytics 4". This is a web analytics service provided by Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland), hereinafter referred to as "Google".
By accepting the "Data Processing Terms" we have concluded a direct customer contract with Google for the use of Google Analytics.
Google Analytics uses so-called "cookies”, small files that are stored on your computer for a maximum of 14 months and that enable your use of the website to be analyzed. The information generated by the cookie about your use of this website is usually transferred to a Google server in the USA and stored there. This information also includes your IP address.
IP anonymization is activated by default in Google Analytics 4 Properties. As a result, your IP address will be shortened beforehand by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area (so-called IP masking). The full IP address will only be transmitted to a Google server in the USA and shortened there in exceptional cases. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide the website operator with other services relating to website activity and internet usage. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.
Only with your consent (opt-in) will Google Analytics be activated, its cookies set, data collected from it and possibly transferred to an unsafe third country (USA).
Further information on the use of data by Google, on setting and objection options as well as on data protection can be found on the following Google websites:
- Data protection overview: https://support.google.com/analytics/answer/6004245
- Use of data by Google when you use our partners' websites or apps: https://policies.google.com/technologies/partner-sites
This website may use "Google Maps", a service for displaying maps from Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland), hereinafter referred to as "Google".
This service enables us to display and conveniently operate (e.g. route guidance) maps for you. In doing so, Google receives the information which of our pages you have accessed. It also stores the search terms entered, your IP address and the latitude and longitude coordinates. If you use the route planner function, the entered start address is also saved. However, this data storage takes place on the servers of Google Maps. This happens regardless of whether Google provides a user account that you are logged in to or whether there is no user account. If you are logged in to Google, your data will be assigned directly to your account. We can only inform you about it, but we cannot influence it.
Please note that Google can also process the data in the USA. There is then a data transfer to a third country that does not offer an adequate level of data protection and no suitable guarantees. We have concluded so-called EU standard contractual clauses with Google to legitimize this data transfer.
Since we have integrated Google Maps into our website, Google places at least one cookie (NID) in your browser. This cookie stores data about your user behaviour. Google uses this data primarily to optimize its own services and to provide you with individual, personalized advertising.
The Google Analytics cookies are only set with your consent (opt-in)!
Further information on data protection can be found on the following Google websites:
- Data protection declaration: https://policies.google.com/privacy
Booking system by Regiondo
Payment service provider PayPal
Payment service provider Mangopay
Services for payment by [bank transfer, credit and debit cards, SEPA direct debit, Sofortüberweisung, Giropay, iDeal and Przelewy24] are provided by MANGOPAY S.A, 10 Boulevard Royal, L-2449 Luxembourg.
Our websites contain numerous links and references to our social media pages. These links do not exchange data with the corresponding platforms. When you visit these pages, data is collected from the respective site operator. Only visit these pages if you are familiar with the operator.
Push notifications with CleverPush
You can register at wienerwandern.singles to receive so-called push notifications. For this we use the “CleverPush” offer, which is operated by CleverPush GmbH, Nagelsweg 22, 20097 Hamburg (“CleverPush”).
You will receive regular information about our appointments and important information via our push notifications.
In order to register for the push notifications, you have to confirm the query of your browser or device to receive the notifications. This process is documented and saved by CleverPush. The registration time and a push token or device ID are saved for this purpose. This data is used on the one hand to send you the push notifications and on the other hand as proof of your registration. The legal basis for this processing is your consent and thus Art. 6 Para. 1 lit. a GDPR.
CleverPush also statistically evaluates our push notifications. CleverPush can thus recognize whether and when our push notifications were displayed and clicked. This enables us to determine which push notifications are of interest to the recipients in order to tailor future messages to the presumed interests of all recipients and thus increase interest in our offer. In addition to the push token or device ID, we also save the main focus of the app on which the push notifications were activated (e.g. business, sports, etc.). We also use this information to send push notifications to the relevant subscribers that are in their alleged interests. The legal basis for processing is Article 6 Paragraph 1 lit. f GDPR. A push token or device ID is only assigned to a specific person if we are legally obliged to do so, to defend against claims against us if this is necessary as evidence, and to prosecute any legal violations.
You can revoke your consent to the storage and use of your personal data to receive our push notifications at any time with effect for the future. Furthermore, you can use personal data as described above on the basis of Art. 6 Para. 1 lit. f object at any time. Please withdraw your consent for this purpose. You can revoke your consent in the intended setting for receiving push notifications in the settings of your device or browser.
Your data will be deleted as soon as it is no longer required to achieve the purpose for which it was collected. Your data will therefore be stored for as long as the subscription to our push notifications is active.
The competition process is explained in detail under the following link: https://cleverpush.com/faq.
To accelerate the retrieval of content (e.g. images) and to defend against attacks, CleverPush uses the offers from cloudflare.com, an offer from Cloudflare, Inc., as part of order processing on the basis of the standard contractual clauses.
CleverPush does not store any data on the Cloudflare servers that contain personal data, but only general content such as texts or images. When you access this content, the device you are using establishes a connection to Cloudflare and the IP address of the device you are using is processed as a result.
Newsletter by MailChimp
You have the opportunity to subscribe to a newsletter via this website. The newsletter informs you about news, events and our offer. For this, we need your e-mail address and your declaration that you agree with the subscription to the newsletter. By subscribing to our newsletter, you agree to the receipt and the procedures described below.
Registration for our newsletter takes place in a so-called double opt-in procedure. After registration, you will receive an e-mail asking you to confirm your registration. This confirmation is necessary so that nobody can register with external e-mail addresses.
The registration for the newsletter will be logged in order to prove the registration process according to the legal requirements. This includes the storage of the logon and the confirmation time, as well as the IP address. Likewise, changes to your data stored with MailChimp will be logged.
The newsletter is distributed via MailChimp, a newsletters distribution platform owned by Rocket Science Group, LLC, 675 Ponce De Leon Ave NE # 5000, Atlanta, GA 30308, USA.
The e-mail addresses of our newsletter recipients, as well as their other information described in these notes, are stored on the MailChimp servers in the USA. MailChimp uses this information to send and evaluate the newsletters on our behalf. Furthermore, MailChimp may, according to its own information, use this data to optimize or improve its own services, e.g. for the technical optimization of shipping and the presentation of newsletters or for economic purposes, to determine from which countries the recipients come. However, MailChimp does not use the data of our newsletter recipients to write them down or to pass them on to third parties.
The newsletters contain a so-called "web beacon", i. a pixel-sized file that is retrieved from the MailChimp server when the newsletter is opened. As part of this call, technical information, such as information about the browser and your system, as well as your IP address and time of the call are collected. This information is used to improve the technical performance of services based on their specifications or audience and their reading habits, based on their locations (which can be determined using the IP address) or access times.
The statistical surveys also include determining whether the newsletters are opened, when they are opened and which links are clicked. For technical reasons, this information can be assigned to the individual newsletter recipients. However, it is neither our desire nor that of MailChimp to observe individual users. The evaluations serve us much more to recognize the reading habits of our users and to adapt our content to them or to send different content according to the interests of our users.
We further point out that you are the future processing of your personal data in accordance with the statutory requirements. Art. 21 DSGVO can contradict at any time. The objection may, in particular, be made against processing for direct marketing purposes. Your consent to the sending of newsletters via MailChimp and the statistical analyzes will cease. A separate revocation of the shipment via MailChimp or the statistical evaluation is unfortunately not possible. You will find a link to cancel the newsletter at the end of each newsletter and in these unsubscribe forms from Mailchimp:
You can also request deletion of the data at the following e-mail address: email@example.com. We will immediately delete your data in connection with the newsletter dispatch.
In accordance with the provisions of the General Data Protection Regulation (DSGVO), which will apply from May 25, 2018, we inform you that the consent to the sending of e-mail addresses on the basis of Art. 6 (1) lit. a, 7 DSGVO and § 7 (2) no. 3, and (3) UWG. The use of the mail service provider MailChimp, carrying out the statistical surveys and analyzes as well as logging the registration process, are based on our legitimate interests in accordance with. Art. 6 para. 1 lit. f DSGVO. We are interested in using a user-friendly and secure newsletter system that serves both our business interests and the expectations of our users.
Your rights according to the GDPR, revocation
You are entitled in principle to free information, correction, deletion (taking into account legal retention periods), restriction, data portability, revocation and opposition.
You can revoke your consent at any time using the following link:
The revocation does not delete any cookies that have already been set, you must remove them manually in the browser.
If you have any questions or concerns about the processing of your personal data, please contact us!
+43 660 6503450
If you believe that the processing of your data violates data protection law or if your data protection claims have otherwise been violated in a way, you can complain to the supervisory authority. In Austria, this is the Austrian Data Protection Authority.