Privacy Policy

Hotel Post Lermoos 

Franz Dengg
Familie Angelika und Franz Dengg
Kirchplatz 6
A-6631 Lermoos
Tel. +43 5673/2281-0
Fax +43 5673/2281-841

Company name: Hotel Post Lermoos
Registration No: 17433m
VAT Reg No: ATU 467 134 09

This Privacy Policy outlines the collection and use of personal data. Your personal data may be collected when you view our website, when you send a request or booking via our website or when you use other services such as buying a voucher or subscribing to our newsletter. To help you understand our data protection guidelines, we are happy to provide you with the following information that serves as an outline of the types of data that we collect, how they are being processed and why we collect them. Please be assured that the protection of your personal data is our utmost priority and that we will handle your personal data carefully within our offered services. We will of course inform you about the extent in which you can object to the recording of personal data. Hotel Post Lermoos has the right to implement changes from time to time according to developments and stipulations. If these changes are essential or major, we will provide you with information accordingly. 

How do we collect, record and process your personal data?

The collection of personal data enables us to provide you with information, customized offers based on your interests and the best service possible. To be able to do this, we may ask for your personal data that can help us to compile a personalized offer and if you so wish a booking confirmation; we will then add your data to our system. We operate according to the principle of data economy and only collect data that we need to carry out an order or fulfil the precontractual offer. Furthermore, your data helps us to provide you with personalized exclusive offers according to your interests and to keep you updated about news for your future holiday. Of course, you can notify us at any time, easily and free of charge, if you do not want to receive any more product offers, news and special promotions. We will keep your data as long as it is necessary in relation to the purposes for which they are collected, and as long as we assume that you have no legitimate interest in any further notice or have not withdrawn your consent or objected to the data storage. Additionally, we point out that an erasure of your personal data is not legally possible if we are obligated on the grounds of other mandatory legal provisions to keep the data.

What types of data are collected?

If you want to receive an offer, book a holiday, buy a voucher or subscribe to our newsletter, we will only collect and process data that are necessary for the purposes of the agreement or the precontractual information. These could be: first name, family name, post address, telephone number, e-mail address. Furthermore, we may collect data that help us understand what kind of information could be important for you and that help us to learn the needs of our guests for market research purposes. You can choose to share this information with us, or not. These fields will not be marked as obligatory for the fulfilment of a contract. This means you can decide for yourself whether you want to disclose this information in for example a request form, in our newsletter system, etc.

What rights do you have regarding the handling of your data?

You have the right to rectify your personal data: should you notice in our communication that we recorded false or incomplete data, please notify us and send us the correct data. The right to erasure: if you do not want to receive any more communication, you have the right to erase your personal data or to object to its recording. This applies when you have no further interest in our offers or our recording of your data is not necessary any more in relation to the purposes for which they were collected. The right to erasure does not apply when there are overriding legitimate grounds and another legal regulation therefore obligates us to store the data. The right to restriction of processing: the data subject has the right to request a restriction of personal data processing from the controller. The right to object: the data subject has the right to object to the processing of his or her personal data at any time on the grounds of their special situation. You have the right to access your personal data at any time. Please notify us by e-mail or telephone if you want to exercise your rights. Please note that we are obligated to request a copy of your identification document to ensure that your request is legitimate.

Will we transfer your personal data, and if yes, to whom and why?

We hereby attest that we will not sell or otherwise transmit any personal data of our guests to third parties for marketing or other purposes. We do however work with third parties to ensure that you receive our product offers, our company information, reservations and/or orders. Third parties who exercise these services on our behalf are for example print shops, IT service providers and lettershops that ensure that the communication you wish to receive will reach you, as well as newsletter and print mailings and senders and contractors that entered a data processing agreement with us and must prove their high level of data protection. These companies and/or persons are obligated to handle your data in compliance with our privacy policy. Furthermore, we may be obligated to disclose your personal data to authorities, courts or administrative bodies on legislative or regulatory requirements or directives.

Placing links to other external websites on our hotel website does not encompass the transfer of personal data but only serves for the provision of further information. We do not accept responsibility for the content of other external websites. These may include links to sport partners, local recreational facilities, mountain railway companies, etc. Our guests may decide for themselves whether to click on the links or not. We are also happy to provide you with further information via telephone or e-mail.

Information security and data protection

We apply technical measures to enhance information security in data protection and to protect your data from loss, theft, unauthorized access, transfer and erasure. To achieve that, we work with technical and electronical processes of data protection and information security. Where credit card data are entered, we make sure that SSL encryption is used. This ensures the protection of your personal credit card details when paying online.

Personal data for job applications sent by e-mail or online application form

We are happy that many job applicants send us their application documents by e-mail. We record the personal data of job applicants for the purpose of the recruitment process and the search for employees as well as to document the interest in an advertised position or a position that may be advertised in the future. We store the personal data of job applicants for 7 (seven) months (At the request of the person concerned, a storage can also take place beyond that) and erase them thereafter if no employee relation was established. Personal data will be erased after a working relationship has ended if the former employee wishes so and if no other mandatory legal regulations prohibit their erasure.

Video and image data

If video recordings are made in the public areas of the hotel, we will set up appropriate signs to inform you about it. Video recordings will be stored for 72 hours and checked only by authorized personnel. Photo shootings and events take place at our hotel, we will communicate this through the usual communication channels of our hotel.  We will not put photos of guests on our website or social media channels.

Voucher Shop INCERT - Order Data Processing

On the basis of a separate agreement on the processing of personal data, your data will be collected and processed by INCERT eTourismus GmbH & Co KG, Leonfeldner Strasse 328, 4040 Linz within the framework of order data processing in accordance with Art 28 DSGVO in accordance with the relevant legal requirements on our behalf. As a contractor in case of support measures, INCERT eTourismus also has access to your date, but may only use it for support measures and not for its own purposes.
Retention and deletion of data
After interruption of the purchase or order process, the data stored with us will be deleted after 14 days in order to be able to support any problems within the scope of the order process. In the event of a contract being concluded, all data from the contractual relationship will be stored until the expiry of the tax retention period of 7 years.
The data "name, address, ordered voucher, purchased goods and date of purchase" are stored beyond that up to the expiration of the product liability (10 years) and/or up to the expiration of in the consumer protection law on basis guarantee and redemption period of vouchers (30 years).
After declared objection, we, Hotel Post Lermoos, will ensure the deletion of the data on our part and on the part of any third parties to whom the data have been transmitted. Data processing is carried out on the basis of the legal provisions of § 96 Paragraph 3 TKG and Art 6 Paragraph 1 lit a (consent) and/or lit b (necessary for contract fulfilment) of the DSGVO.

Use of cookies

We use cookies on our website. You can deactivate the placing of cookies at any time in the system settings of your browser.

We use cookies on some sites to facilitate the use of our website and the communication and to customize our online presence to your preferences. A cookie is a small text file that is placed on your hard drive by our website. Cookies will not damage your personal computer, nor do they contain viruses. Cookies are used to analyse which parts of our website are viewed often and to optimize our website’s usability and user-friendliness for guests and users. You may opt out of the placing of cookies at any time and you will still be able to visit our website without restrictions.

Google Analytics

This website uses Google Analytics, a web analysis service by Google Inc, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA (“Google”). We entered a data processing agreement with Google. Data transfer to the USA is subject to “Privacy Shields”. 

When a user views our website, a software establishes a connection to Google’s servers, some of which are located in the USA, and data will be transferred to them. Google Analytics additionally uses cookies to store information about the website users and to analyse their use of the website.

This website uses the feature “activation of IP anonymization”. When browsing on servers within the European Union or in the European Economic Area, Google will delete the last digits of your IP address. Only in exceptional cases will your full IP address be transferred to one of Google’s Servers in the USA and become anonymized there.

According to Google, they will use the collected data to evaluate the use of the website, to compile reports about activities on the website and to provide more services that relate to the use of the website and the world wide web.

Google may also transfer this information to third parties where applicable if a transfer is prescribed by law or if third parties process the data on Google’s behalf.

Detailed information about how Google Analytics handles your personal data can be found in the data protection declaration by Google ( or Google Analytics (


Opt out of Google Advertisements 

Go to ( or the opt-out website of the network advertising initiative (

Use of Google Maps

Use of Google Maps: the services of the media owner use Google Maps to show maps and to create route maps. Google Maps is operated by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. If users use the platform, a direct connection to Google’s servers is established. Google therefore receives device-specific data, location data, IP address (log files) and cookie information. By using the platform, users consent to the transfer, collection, processing and the use of automatically collected data by Google. Apart from that, the stipulations of article 10 of this data protection statement apply. 


With our newsletter we would like to provide you with information about our company and share our offers with you. If you want to receive our newsletter, we need a valid e-mail address and information that lets us verify that you are the owner of said e-mail address or that its owner consents to receiving the newsletter. You can choose to give us further information about your interests or postal code. If this information is collected, it serves to send you targeted information. This data will only be used for sending the newsletter; it will not be transferred to third parties. If you subscribe to this newsletter, we will record your IP address and the date of subscription. Recording this data serves only as evidence if a third party abuses an e-mail address and subscribes to the newsletter without the owner’s knowledge. You can withdraw your consent to our storage of your data and your e-mail address as well as to receiving our newsletter at any time. You can unsubscribe by clicking on a link in the newsletter itself, in your profile or by notifying us through our contacts.

User’s declaration of consent

By using our website and the therein placed offers, you consent to the recording, processing and use of your voluntarily provided data in compliance to this data protection statement.

Right of access

You have the unreserved right to receive access to your personal data free of charge, as well as the right to erasure or the right to block invalid data or the right to rectify untrue data. Upon request, we will be happy to notify you in hard copy if and what type of your personal data we store. We will do our best to take appropriate measures to update or rectify your personal data on short notice. Please consult our hotel management directly. in such cases.

Social Media, "Share"-, "I like"-Buttons

The website has social media buttons on some pages, buttons to share and / or mark with I like the page content on the social media platforms Facebook, Google Plus, Pinterest, Twitter. The buttons are ideally designed to protect the personal data of our website visitors, as the script behind the buttons (computer program) does not collect or process any personal data. The heise publishing house as publisher of the IT magazine c't and as developer of the buttons offers exact information about the function of the buttons.

Website visitors who want to share our site and / or mark with like, will be redirected to the "Share" pages of the respective social media platforms by clicking on the buttons. Only there / then the scripts necessary to split / mark the page contents are loaded. The terms and conditions of business and data protection agreed by the website visitor with the respective social media platforms then apply. Detailed information can be found on the respective platforms Facebook, Google Plus, Pinterest, Twitter.

Facebook Pixel

This website uses Facebook Pixel, a web analysis service of Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland (“Facebook”). We have entered a contract with Facebook to process data. The data will be partially transferred to the USA. Transferral of the data to the USA is based on the regulations of “Privacy Shields”. 

When our website is viewed, a software establishes a connection to Facebook’s servers and data will be transferred to Facebook’s servers, some of which are located in the USA. Facebook Pixel uses cookies to record information about the website user and to analyse the use of the website by the website user.

According to Facebook, they will use the collected data to evaluate the use of the website, to compile reports about the website activities and to provide further services that relate to the use of the website and the world wide web.

Facebook may also transfer this information to third parties where applicable if a transfer is prescribed by law or if third parties process the data on Facebook’s behalf.

For detailed information about the handling of user data by Facebook, please consult Facebook’s data protection statement (