Privacy Policy
Vienna Sightseeing Tours
1. Privacy Notice
Status: August 2024
Your privacy is important to us. Here, you will learn how we at Vienna Sightseeing collect and use your data, with the goal of providing you with the best booking experience.
2. Data Controller
VIENNA SIGHTSEEING TOURS - Wiener Rundfahrten GmbH & Co. KG
Opernring 3-5, Top 508-529, 1010 Vienna, Austria
Phone: +43 (0)1 712 46 83 - 0
Fax: +43 (0)1 714 11 41
Web: www.viennasightseeing.at
Email: office(at)viennasightseeing.at
For further information about our company, please refer to the imprint on our website.
No data protection officer has been appointed, as this is not required by law.
3. General Information on Data Processing
In our privacy notices, we inform you about the key aspects of data processing in the context of our activities as a provider of city tours and excursions in and around Vienna, specifically:
- Organizing tour programs,
- Our HOP ON HOP OFF service,
- Administration and sale of our sightseeing cards: Vienna PASS and Flexi PASS, and
- Additional processing activities:
- Client and supplier management,
- Public relations and marketing for our own purposes,
- Image processing at events,
- Functionalities of our website, as well as
- Our newsletter and
- Customer surveys.
4. Purposes of Processing Operations:
4.1 We carry out the following processing operations that are relevant to you as:
- A customer,
- An affiliate partner or client,
- A natural person (contact person) of clients and affiliates,
- A supplier and contractor,
- A marketing contact, newsletter subscriber, or website visitor.
These operations include:
- Tour management and processing,
- Administration, sale, and refunds related to our sightseeing card Flexi PASS,
- Supplier and client management (to process our sales, purchases, and back office operations),
- Contact forms on the website (for responding to inquiries),
- Call center,
- Contact database (from public sources or business cards),
- Public relations (to showcase our activities),
- Marketing, including customer surveys (to inform customers, prospects, and attract new customers) with your consent,
- Information on products and events via electronic mail to existing contacts, based on our legitimate interest in providing information about our offers,
- Newsletters (to support and inform existing B2B contacts, based on our legitimate interest in such information regarding our offers).
4.2. To provide you with better service, we collect information from you. This information allows us to identify you directly or indirectly. In some cases, the information we require from you includes personal data, which enables you to use certain services on our website. For example, when you make a booking on our website, we request personal data such as your first and last name, email address, billing address, hotel name, and payment information such as credit card number, expiration date, and security code. We use this information for billing and transaction processing. If there are any issues with processing your order, we use this information to contact you. We also use the information to ensure the successful completion of the service.
4.3. As the data controller, we process the data you provide during the contract agreement for the duration of the contractual relationship to fulfill the contract or initiate it, and to carry out pre-contractual measures, such as inquiries about our products or services (Article 6(1)(b) GDPR). Beyond this, we retain the data as long as required by tax laws (Article 6(1)(c) GDPR). Additionally, the processing operations may be based on our legitimate interests or the legitimate interests of a third party (Article 6(1)(f) GDPR), provided that the processing is not covered by the previously mentioned legal bases. The European legislator considers it a legitimate interest if the data subject is a customer of the controller, for example, for the purpose of direct marketing.
5. Categories of Recipients
5.1. In the course of processing, we transmit data to the following categories of recipients, either acting on our behalf or when the transfer is necessary to fulfill contractual or legal obligations. For specific processing operations, we list particular recipients here:
- Business partners and third parties involved in or expected to be involved in business transactions (e.g., tax advisors, auditors, liability and legal protection insurers, other insurance companies, notaries, translators, lawyers)
- Banks and credit card companies (e.g., Trust My Travel, Adyen) for payment processing
- Data processors in the context of IT and communication services (e.g., Palisis AG, software support, marketing service providers, network administrators, server and client administrators, email service providers, and telephone service providers)
- Authorities, if requested by them
- Website (public)
5.2. In certain situations, we are legally required to disclose your data. This may occur in response to legal requests from authorities, particularly related to national security or law enforcement, in order to protect the rights, property, or safety of Vienna Sightseeing or others. This includes, but is not limited to, customer fraud and system abuse. We may also share customer data with third parties, such as credit card institutions, for the purpose of dispute resolution.
5.3. There is no intention to transfer data to international organizations or recipients in third countries. If a transfer to recipients in third countries is necessary, it will be done based on adequate safeguards, such as standard data protection clauses or under the framework of an adequacy decision.
6. Public Forums
We offer a publicly accessible blog and reviews on our website. Please note that any information you provide in these areas can be read, collected, and used by others. If you would like us to remove this information, please email us at office(at)viennasightseeing.at. However, it may not always be possible to delete your personal data, and if so, we will inform you of the reason.
7. How Your Data Is Protected
We implement various measures to protect your data accordingly. When you provide us with personal information, we encrypt the forms appropriately. However, no method of data transmission over the Internet is 100% secure, so we cannot guarantee absolute security, even though we use all commercially reasonable means to ensure data security.
8. Opt-Out Options
We offer you the option to opt-out of the use of your personal data for specific purposes. You cannot opt-out of transactional emails. Additionally, you have the option to disable push notifications in your device settings, where you can also turn off location-based services.
9. Newsletter
9.1. Newsletter Subscription: Our newsletter can only be received by the data subject if:
a) the data subject has a functioning email address, and
b) the data subject has registered for the newsletter.
A confirmation email will be sent to the email address provided for the newsletter for legal reasons, using the double opt-in process. This confirmation email is used to verify whether the owner of the email address has authorized the receipt of the newsletter as the data subject.
9.2. Newsletter Delivery: When sending our newsletter, we process personal data from the following categories:
- Email address,
- Data for creating usage statistics,
- Data about the use of the website, and
- Logs of clicks on individual elements of the newsletter, as well as contact details like name or email address.
Purpose of processing: To send direct advertising electronically, optimize content, and analyze usage behavior.
9.3. Newsletter Tracking: Our newsletters contain tracking pixels, which are small graphics embedded in the newsletter that allow us to collect and analyze log files. These data help us evaluate the success or failure of our online marketing campaigns statistically. The tracking pixel enables us to see if and when a newsletter was opened and which links were clicked within the newsletter. The personal data collected in this way is stored and analyzed by us to optimize our newsletter delivery and better tailor its content to the recipients' interests.
9.4. Legal Basis for Processing: Your consent (Art. 6(1)(a) GDPR in conjunction with § 174(4) TKG).
You have the right to withdraw your consent at any time with future effect, in accordance with legal regulations. Each newsletter contains a link to unsubscribe from the newsletter for this purpose. Additionally, you can unsubscribe directly on the website of the data controller or inform the data controller by other means, such as via email at office(at)viennasightseeing.at.
9.5. Data Provision: You are not obligated to provide the data. If you do not provide the data, we will not be able to send you any information.
9.6. Data Processor: Data is transmitted to the data processor, CleverReach GmbH & Co. KG, Schafjückenweg 2, 26180 Rastede, Germany. We use CleverReach as a newsletter provider. You can find their privacy policy and company information here: https://www.cleverreach.com/de-de/datenschutz/. We have entered into a data processing agreement with CleverReach (Art. 28 GDPR).
9.7. Storage Duration: We store the data provided during newsletter registration for a period of 3 years after the last contact.
9.8. B2B Newsletter: Existing B2B customers receive regular newsletters under § 174(4) TKG 2021, based on our legitimate interest in informing them about our offers for customer retention and customer information.
10. Your Rights as a Data Subject
10.1. We do not create profiles of data subjects or other individuals, nor do we engage in profiling or automated decision-making as part of our activities.
10.2. As a data subject, you generally have the right to access, rectification, erasure, restriction, and data portability, all in accordance with legal provisions. However, we would like to inform you now that these rights may be restricted if providing such information would endanger a business or trade secret of the controller or a third party (§ 4(6) DSG).
10.3. If you have given us consent to process your data, you have the right to withdraw this consent at any time with future effect. The legality of data processing up to the point of withdrawal remains unaffected. After the withdrawal, the data will no longer be used for the purpose for which you gave consent (e.g., sending a newsletter).
10.4. If the data processing is based on a legitimate interest, you have the right to object to this processing. If you object to processing for direct marketing purposes, your personal data will no longer be processed for these purposes. If we process data for other purposes based on legitimate interest, we will stop processing your personal data unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights, and freedoms, or the processing is for the establishment, exercise, or defense of legal claims.
10.5. To exercise your rights, please contact us. You can reach us via email at office(at)viennasightseeing.at, by phone at +43 (0)1 712 46 83 - 0, or by post at: Opernring 3-5, Top 508-529, 1010 Vienna. It would be helpful if you could provide us with the necessary information to clearly identify you when making a request.
10.6. If you believe that the processing of your personal data violates data protection law or your data protection rights have been infringed in any way, you are free to file a complaint with the Austrian Data Protection Authority. You can find the website of the Data Protection Authority at www.dsb.gv.at.
11. Contact Us
If you have any questions or concerns regarding your privacy or the security of our website, feel free to contact us at office(at)viennasightseeing.at.