The protection of your privacy and your personal data is of vital importance to TUI Austria Holding GmbH. We also place great emphasis on this aspect when implementing our Internet activities. Our data protection policy is therefore compliant with the applicable data protection regulations and other statutory requirements. In order to best protect your data against random or deliberate manipulation, loss, destruction or access by unauthorized third parties, we employ technical and organizational security measures that we continuously streamline in accordance with technical and legal developments. We would like take the opportunity here to explain to you what personal data is collected from you and what this is used for. We will also tell you how your data is protected, to whom we will disclose it and how you can amend your data.
What is personal data?
Personal data is information that can be used to find out your identity. This includes information such as your name, address, postal address, IP address, telephone number or email address. Information that cannot be directly linked to your real identity (for example, favorite websites or the number of users of a page) do not fall under this definition.
What is anonymized data?
Each time content on our Internet site is accessed, general information is saved automatically (e.g. number and duration of users to individual pages etc.). This data is not personally identifiable and is therefore processed in anonymized form. Information of this kind is only ever used for statistical purposes and by us to improve our Internet site.
What data do we collect about you?
We collect personal data from you in order to complete offers and services selected by you. This occurs in particular when booking a holiday arranged by us, but also e.g. by filling in a form, taking part in competitions, subscribing to a newsletter, taking part in opinion polls, assessing travel services and sending emails or using online services. Please note that when booking tourist services in particular, personal data may also be collected from fellow travelers. You should therefore ensure that all information relating to third parties, is made available with that person's consent.
How do we use and process your personal data?
The object of our company is the sale of tourist services and the associated service or settlement. The data is collected, processed and used in order to exercise this purpose. If we collect your personal data solely as part of the use of our website, we use this in order to structure a contractual relationship regarding telemedia services in terms of content and to improve the quality of our online services. In the case of participation in competitions, we use your data to process the entries. In the case of the newsletter subscription, we collect and process the data you provided in order to compile the content and to send out the newsletter. When you sign up for the newsletter, your email address will be used for advertising purposes until such time as you unsubscribe from the newsletter. You can withdraw this consent at any time by unsubscribing from the newsletter. If your personal data is collected and processed in connection with the reservation or booking of a tourist service, then we shall use this within the intended use for the contractual relationship for procurement of the product and to process the services associated therewith. We save the contract text and send you the order data and GTCs by email. The GTC version applicable to your order can be viewed here at any time. We use the data provided by you to fulfill and process your order. We would like to write to you in future about current offers, unless we are aware that you do not wish to receive such offers. If you do not wish to be sent information, please contact the TUI Austria Holding GmbH data protection officer: email@example.com. Your personal data will only be collected, processed and used for advertising or market research possibilities within the framework of the statutory provisions. You can contradict any use of your data in this respect at any time. In particular, we will inform you of your right to object at any time each time that your data is used for advertising, market research or opinion research purposes and provide you with a simple means of opting out (e.g. via a link).
Who do we pass your personal information on to?
In order to execute and process the tourist services arrange by us we forward your personal data to your relevant contractual partner (e.g. tour operator, airline, hotel, travel agent, car rental, billing service provider and distribution system service provider or travel insurer). If we use external service providers outside the EU or the EEA ("third party countries" without an adequate data protection level) in order to process and use personal data, protection of your personal data is safeguarded through the "EU standard contract clauses" agreement. Within the framework of competitions, we pass your data on to the relevant competition partner where necessary to award a prize. As part of the Internet Partner Program, we shall only ever disclose personal data provided by you and your binding booking requests to the agency nominated by you. It is just your payment data that will not be sent to the travel agency of your choice directly for reasons of data protection. In relation to the newsletter subscriptions, we will forward personal data to our service provider employed to send out the newsletters. In relation to the use of online services, we will forward your data to our online system service providers (hosting systems operators, Internet booking engines, mid-office systems, web analysis service providers, global distribution systems and marketing service providers). Our system service providers help us to constantly improve our offers and services for you. We only ever pass on personal data to the extent permitted by law and in cases where strictly necessary in order to process your booking or for the related payment process. In all other scenarios, only anonymized data that is in no way personally identifiable is passed on. Personal information shall only be collected and transmitted to government agencies and authorities in accordance with mandatory legal regulations. Personal data, particularly addresses, will not be sold to third parties.
How do we protect your data?
To process your personal data in the most secure way possible, we always use the SSL (Secure Socket Layer) security software, particularly when booking a tourist service organized by us, to transfer data between your computer and our server. This means that the data is always transferred in encrypted form. Your personal data is only saved in compliance with the statutory regulations within the Federal Republic of Germany and the USA. The Safe Harbor Agreement, recognized by the EU, shall apply to data saved in the USA. If we forward data to our service providers as part of the services described herein, such service providers shall also be bound by the mandatory statutory provisions applicable to contractual requirements with us on the matter of data protection. To protect credit card details provided by you, we hereby expressly point out that such data must only be provided in the fields intended for this purpose within the booking form. Using the stipulated transmission method is the only way of ensuring that your data is handled securely.
Right to information/your rights:
You are entitled to obtain information about the data held about you, upon application and free of charge. You are also entitled to correct, delete or block inaccurate data. Certain legal requirements may prevent deletion, particularly in terms of data held for billing and accounting purposes.
Data controller/data protection officer:
TUI Austria Holding GmbH shall be the body and service provider responsible for data storage and processing. For more information and contact details, please see our legal notice. For queries, requests or comments about data protection, please contact the TUI Austria Holding GmbH data protection officer by email: firstname.lastname@example.org. The rapid development of the Internet means changes to our data protection provisions are sometimes necessary. You will be informed about any amendments as they are made.
Use of Facebook, Google Plus and Twitter social plugins:
Our website uses social plugins for the Facebook, Twitter and Google+ networks. These services are provided by Facebook Inc., Twitter Inc. and Google Inc.("Providers"). Facebook is operated by Facebook Inc.,1601 S. California Ave, Palo Alto, CA 94304, USA ("Facebook"). Google+ is operated by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA ("Google"). Twitter is operated by Twitter Inc., 1355 Market St, Suite 900, San Francisco, CA 94103, USA ("Twitter") An overview of the plugins and their appearance can be found here: http://developers.facebook.com/plugins, https://twitter.com/about/resources/buttons and https://developers.google.com/+/plugins
When you call up a page on our website that contains such a plugin, your browser establishes a direct connection with Google, Twitter or Facebook's servers. The content of that plugin is sent from the provider in question to your browser directly and incorporated into the page. By incorporating the plugins, the Providers receive notice that your browser called up the page in question on our website, even if you do not have any profile with the social network in question or are not logged in at the time. This information (including your IP address) is sent by your browser directly to a server belonging to the Provider in question in the USA and is saved there.
If you are logged on to the social networks, the Providers can assign the visit to our website to your profile on Facebook, Twitter or Google+ directly. If you interact with the plugins, for example by pressing the "Like" button, Tweet button or "+1" button, the information in question is also sent directly to a Provider's server and saved there. The information is also published on the social network and your contact is displayed there. For more information about the scope and purpose of the data collected and how it is processed and used by the Providers, as well as about your rights in this respect and preferences regarding the protection of your privacy, please refer to the data protection information from the Providers.
Facebook data protection information:
Google data protection information:
Twitter data protection information:
If you do not want Google, Twitter or Facebook to assign the data collected through our website to your profile on the social network in question directly, you will need to log out of the relevant network before visiting our website. You can also prevent the plugins from loading completely with add-ons for your browser, e.g. with the "NoScript" script blocker (http://noscript.net/).
Use of Google Analytics:
This website uses Google Analytics, a web analysis service by Google Inc. ("Google"). Google Analytics uses "cookies", text files stored on your computer that enable analysis of your use of the website. The information generated by the cookie about your use of this website is generally transferred to a Google server in the USA and is saved there. If IP anonymization is enabled on this website, your IP address will first be abbreviated by Google within member states of the European Union or in other contracting states belonging to the European Economic Area. Only in exceptional cases will the full IP address be transferred to a Google server in the USA and be abbreviated there. Google will use this information on behalf of the operator of this website to assess your use of the website, compile reports about website activities and also to provide the website operator with services associated with use of the website and Internet use.
The IP address communicated by your browser as part of Google Analytics is not put together with other Google data. You can prevent cookies from being saved with an appropriate setting in your browser software; we hereby point out, however, that in such cases, you may not be able to make full use of all the features of this website. You can also prevent the data generated by the cookie and about your use of the website (incl. your IP address) from being recorded by Google and this data from being processed by Google by downloading and installing the browser plugin available at the following link: http://tools.google.com/dlpage/gaoptout?hl=en
In addition to the data recorded by means of the standard implementation of Google Analytics, we also assess demographic characteristics, e.g. estimated age and gender and the interests of our website visitors. Third-party providers, including Google, place advertisements on the Internet and use saved cookies to show advertisements based on a user's previous visits to this website. By combining "first-party cookies" and "third-party cookies", data collected on the website can be used in conjunction with the advertisements on the third-party website. You can prevent cookies from being saved with an appropriate setting in your browser software; we hereby point out, however, that in such cases, you may not be able to make full use of all the features of this website. You can also prevent data generated by the cookie and related to your use of the website (including your IP address) from being recorded by Google and the processing of such data by Google by downloading and installing the browser plugin available at the following link. The current link is tools.google.com/dlpage/gaoptout.
For more information about Google Analytics and data protection, see http://www.google.com/analytics/learn/privacy.html.
Important for travelers to the USA:
Due to US federal legislation on the investigation of terrorists, airlines are now required to notify the US immigration authorities of the flight and reservation information for every passenger prior to entering the country. Entry to the USA is not possible unless this information has been provided.
Links to other websites:
Our online site contains links to other websites. This data protection declaration shall not extend to other providers. We have no influence over compliance with the data protection provisions by their operators and therefore accept no responsibility for the accuracy, currentness or completeness of the information provided therein.
TUI Austria Holding GmbH, Heiligenstädter Strasse 31, A-1190 Wien Management CEO: Dirk Lukas, Gottfried Math Company registration: Mitgliedschaft der Wirtschaftskammer Österreich Fachgruppe Reisebüros FN 227414 h HG Wien, UID-Nr. ATU 61025946, DVR 0053821
Last updated: May 2015