Privacy Policy

With this privacy statement, we would like to inform you about the types of your personal data (hereinafter collectively referred to as “data”) we process, for what purposes and to what extent and how we use this data. We treat your personal data confidentially and in accordance with the statutory data protection regulations. Personal data is data that can be used to identify you personally. Data subjects are also referred to collectively as “users” in the following. The terms used are not gender-specific.

As of March 2026, this Privacy Policy

Responsible for data collection on this website:

Data processing on this website is carried out by:
Mag. Julia Skardarasy Peak Hotel Consulting
Bucklreuthstraße 8/8 5020 Salzburg
Contact: 
+43 664/2828 547
E-Mail: js@peak-h-consulting.com

The controller is the natural or legal person who, alone or jointly with others, decides on the purposes and means of the processing of personal data (e.g. names, e-mail addresses, etc.).

Data collection on this website

Your data is collected when you submit it to us, e.g. by using our contact form. Other data is collected automatically when you visit the website.

These are mainly the following technical data:

  • Address of the accessed website (URL)
  • User’s browser and browser version
  • the user’s operating system
  • the address of the previously visited page (referrer URL)
  • Host name and IP address of the device from which this website is accessed
  • Date and time of the call

This data is stored in the web server log files for 2 weeks and then automatically deleted by the hoster. We do not merge this data with other data sources and do not evaluate it – so this data cannot be assigned to a specific person. We reserve the right to check the server log files retrospectively if there is a justified suspicion of unlawful activities. We collect this data on the basis of Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in the technically error-free presentation and optimisation of its website.

Hosting

This website is hosted by an external service provider (hoster) The use of the hoster is carried out by a professional provider in the interest of a secure, fast and efficient provision of our online offer (Art. 6 para. 1 lit. f GDPR). Our hoster will only process your data to the extent necessary to fulfil its performance obligations. In order to ensure data protection-compliant processing, we have concluded a contract for order processing with our hoster.

Types of data processed:

  • Inventory data (e.g., names, addresses).
  • Contact details (e.g., e-mail, telephone numbers)
  • Content data (e.g., text inputs, photographs, videos).
  • Usage data (e.g., websites visited, interest in content)
  • access times). Meta/communication data (e.g., device information, IP addresses).

 

Categories of data subjects:

  • Customers, interested parties, business partners.
  • Visitors and users of the online offer.

 

Purpose of processing:

  • Providing our online offer
  • Responding to inquiries
  • Communication with users
  • Safety measures

 

Legal basis for data processing

In the following, we provide the legal basis of the General Data Protection Regulation (GDPR), on the basis of which we process the personal data. Please note that in addition to the regulations of the GDPR, national data protection regulations may apply in your or our country of residence and domicile. National data protection regulations in Austria: In addition to the data protection regulations of the General Data Protection Regulation, national regulations on data protection apply in Austria. These include, in particular, the Federal Act on the Protection of Natural Persons with regard to the Processing of Personal Data (Data Protection Act – FADP). In particular, the Data Protection Act contains special provisions on the right of access, the right to rectification or erasure, the processing of special categories of personal data, processing for other purposes and transmission, as well as automated decision-making in individual cases. Consent (Art. 6 para. 1 sentence 1 lit. a GDPR): The data subject has given his or her consent to the processing of personal data concerning him or her for a specific purpose or purposes. Performance of a contract and pre-contractual enquiries (Art. 6 para. 1 sentence 1 lit. b. GDPR) Processing is necessary for the performance of a contract to which the data subject is a party or for the implementation of pre-contractual measures taken at the request of the data subject. Legitimate interests (Art. 6 para. 1 sentence 1 lit. f. GDPR) – Processing is necessary for the purposes of the legitimate interests pursued by the controller or a third party, unless such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require the protection of personal data. Data processing in third countries If we process data in a third country (i.e. outside the European Union (EU), the European Economic Area (EEA)) or if the processing takes place in the context of the use of third-party services or the disclosure or transfer of data to other persons, bodies or companies, this will only take place in accordance with the legal requirements. Subject to explicit consent or contractually or legally required transfer, we only process or allow the data to be processed or processed in third countries with a recognized level of data protection, which include the US processors certified under the “Privacy Shield”, or on the basis of special guarantees, such as contractual obligations through so-called standard protection clauses of the EU Commission, the existence of certifications or binding internal data protection regulations (Art. 44 to 49 GDPR, information page of the EU Commission: https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection_de ).

Security measures / SSL encryption

This site uses SSL encryption for security reasons and to protect the transmission of confidential content, such as inquiries via our contact form that you send to us. You can recognize an encrypted connection by the fact that the address bar of the browser changes from “http://” to “https://” and by the lock symbol in your browser line. If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties. In accordance with Art. 32 GDPR, we take appropriate technical and organisational measures to ensure a level of protection appropriate to the risk, taking into account the state of the art, the implementation costs and the type, scope, circumstances and purposes of the processing, as well as the different probability of occurrence and severity of the risk to the rights and freedoms of natural persons; These measures include safeguarding the confidentiality, integrity and availability of data by controlling physical access to the data, as well as access, input, disclosure, availability and separation. Furthermore, we apply procedures that ensure the exercise of the rights of data subjects, deletion of data and response to data endangerment. We take the protection of personal data into account as early as the development or selection of hardware, software and processes, in accordance with the principle of data protection through technical design and through data protection-friendly default settings.

Use of cookies

Cookies are text files containing data from websites or domains visited and are stored by a browser on the user’s computer. Cookies do not cause any damage to your device, but are primarily used to store information about a user during or after his visit within an online offer. The stored information can include, for example, the language settings on a website, or the login status. We also include other technologies that perform the same functions as cookies (e.g., user IDs – user information stored on the basis of pseudonymous online identifiers).

  • Temporary cookies, also known as session cookies: Temporary cookies are deleted at the latest after a user has left an online offer and closed their browser.
  • Permanent cookies: Permanent cookies remain stored on your device until you delete them yourself or an automatic solution is carried out by your web browser. For example, the login status can be saved or preferred content can be displayed directly when the user visits a website again.
  • First-party cookies: First-party cookies are set by ourselves.
  • Third-party cookies, also known as third-party cookies: Third-party cookies are mainly used by advertisers (so-called third parties) to process user information.
  • Necessary, also known as essential or absolutely necessary cookies: Cookies can be absolutely necessary for the operation of a website, e.g. to store logins or other user input, or for security reasons.
  • Statistics, marketing and personalisation cookies: Furthermore, cookies are usually also used in the context of reach measurement and when a user’s interests or behaviour (e.g. viewing certain content, using functions, etc.) are stored in a user profile on individual websites. Such profiles are used to show users, for example, content that corresponds to their potential interests. This procedure is also known as “tracking”, i.e. tracking the potential interests of the users. These types of cookies are not set on our website
  • We do not use Google Analytics, no Facebook pixels

You can decide for yourself which and whether you want to use cookies. You have the option of deleting, deactivating or only partially allowing cookies. For example, you can only block third-party cookies, but allow all other cookies. You can also set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies in certain cases or in general, and activate the automatic deletion of cookies when you close the browser. If you want to see which cookies have been stored in your browser when you want to change or delete cookie settings, you can find this in your browser settings:

Chrome:  Delete, enable, and manage cookies in Chrome
Safari: Manage cookies and website data with Safari
Firefox: Delete cookies to remove data that websites have placed on your computer
Internet Explorer:  Delete and manage cookies
Microsoft Edge: Delete and manage cookies

Use of personal data in the course of a contact:


Contacting us by e-mail or telephone: If you contact us by e-mail, telephone or fax and provide us with personal data, such as name, e-mail address, address or other personal information, this will only be used by us for the specified purpose, stored securely and not passed on to third parties.
Purpose of data storage: Processing of your enquiry, booking confirmations, making appointments, sending information material.
Duration of data storage: Your data will remain with us until you ask us to delete it, revoke your consent to storage or the purpose for which it was stored no longer exists (e.g. after your request has been processed). Mandatory statutory provisions – in particular retention periods – remain unaffected.

Your rights as a data subject

Right to lodge a complaint with the competent supervisory authority

In the event of violations of the GDPR, data subjects have the right to lodge a complaint with a supervisory authority, in particular in the Member State of their main residence, their place of work or the place of the alleged infringement. The right of appeal exists without prejudice to other administrative or judicial remedies.

Right to data portability

You have the right to have data that we process on the basis of your consent handed over to you or to a third party in a common, machine-readable format. If you request the direct transfer of the data to another controller, this will only be done to the extent that it is technically feasible.

Information, deletion and correction

Within the framework of the applicable legal provisions, you have the right to free information about your stored personal data, its origin and recipients and the purpose of data processing at any time, and a right to have this data deleted. You can contact us at any time for this and other questions on the subject of personal data.

Right of withdrawal

You have the right to revoke your consent in accordance with Art. 7 (3) GDPR with effect for the future.

Right to object

You can object to the future processing of data concerning you at any time in accordance with Art. 21 GDPR. The objection can be made in particular to processing for direct marketing purposes. Objection to direct marketing (Art. 21 GDPR) If we use your data for direct marketing, you may object at any time – without giving reasons. This also applies if we use profiling for this purpose, e.g. Analyze your interests to create appropriate advertising. After your objection, we will no longer use your data for advertising.

Plugin and Tools

Elementor

We use the plugin “Elementor Website Builder for WordPress”, from the provider Elementor 8 THE GRN STE A DOVER, DE 19901 USA. No personal data is processed by this plugin. You can read more about Elementor’s privacy policy here: https://elementor.com/about/privacy/

Plugin for Multilingual Support

We use the Polylang plugin on our website to provide the site in multiple languages. This plugin stores a cookie containing the user’s selected language preference.

peak:hotel consulting Julia Skardarasy
Powered by  GDPR Cookie Compliance
Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.