Privacy Policy
Introduction
We at S&A GmbH (Premium Apartments Seekirchen) take the protection of the data of users of our website and our mobile app www.sua.co.at and www.premium-apartments.at very seriously and are committed to protecting the information that users provide to us in connection with the use of our website and our mobile app. We are further committed to protecting and using your data in accordance with applicable law.
This Privacy Policy explains our practices regarding the collection, use and disclosure of your information through the use of our digital assets when you access the Services through your devices.
Please read the Privacy Policy carefully and make sure you fully understand our practices regarding your information before using our Services. If you have read this policy, fully understand it and do not agree with our practices, you must stop using our digital assets and services. By using our Services, you accept the terms of this Privacy Policy. Continued use of the Services constitutes your acceptance of this Privacy Policy and any changes thereto.
In this privacy policy you will learn:
-
How we collect data
-
What data we collect
-
Why we collect this data
-
Who we pass on the data to
-
Where the data is stored
-
How long the data is retained
-
How we protect the data
-
How we deal with minors
-
Updates or Changes to the Privacy Policy
What Data Do We Collect?
Below is an overview of the data we may collect:
- Non-identifiable and non-personal information that you provide during the registration process or that is collected through the use of our services (“non-personal data”). Non-personal data does not allow for any conclusions regarding the identity of the individual from whom it was collected. The non-personal data we collect primarily consists of technical information and aggregated usage data.
- Identifiable information, i.e., any information that can identify you or can be identified with reasonable effort (“personal data”). Personal data collected through our services may include, but is not limited to, names, email addresses, physical addresses, phone numbers, IP addresses, and more. When we combine personal data with non-personal data, it will be treated as personal data for the duration of that combination.
How Do We Collect Data?
Below are the primary methods we use to collect data:
- We collect data through your use of our services. Therefore, when you visit our digital assets and utilize our services, we may collect, gather, and store information regarding your usage, sessions, and associated data.
- We collect data that you provide directly to us, for example, if you contact us via a communication channel (e.g., an email with a comment or feedback).
- We may also collect data from third-party sources as described below.
- We collect data that you provide when you sign up for our services through a third-party, such as Facebook or Google.
Why Do We Collect This Data?
We may use your data for the following purposes:
- To provide and operate our services;
- To develop, customize, and improve our services;
- To respond to your feedback, inquiries, and requests and to provide support;
- To analyze patterns of requests and usage;
- For other internal, statistical, and research purposes;
- To enhance our capabilities in data security and fraud prevention;
- To investigate violations and enforce our terms and policies and to comply with applicable laws, regulations, or governmental requests;
- To send you updates, messages, promotional materials, and other information relating to our services. For promotional emails, you can choose whether or not to continue receiving them. If not, simply click the unsubscribe link in those emails.
To Whom Do We Disclose This Data?
We may share your data with our service providers to operate our services (e.g., storing data using third-party hosting services, providing technical support, etc.).
We may also disclose your data under the following circumstances: (i) to investigate, detect, prevent, or address illegal activities or misconduct; (ii) to establish or exercise our rights to defense; (iii) to protect our rights, properties, or personal safety as well as that of our users or the public; (iv) in the event of a change of control over us or any of our affiliates (through a merger, acquisition, or purchase of all or substantially all assets, etc.); (v) to collect, maintain, and/or manage your data using authorized third-party vendors (e.g., cloud service providers), as long as it is appropriate for business purposes; (vi) to collaborate with third parties to enhance your user experience. To avoid any misunderstanding, we would like to clarify that we may transmit, share, or otherwise use non-personal data at our discretion.
Cookies and Similar Technologies
When you visit or access our services, we authorize third parties to use web beacons, cookies, pixel tags, scripts, and other technologies and analytics services (“tracking technologies”). These tracking technologies allow third parties to automatically collect your data, enhancing the navigation experience on our digital assets, optimizing performance, ensuring a customized user experience, and for security and fraud prevention purposes. For more details, please read our cookie policy.
We may serve advertisements through our services and digital assets (including websites and applications utilizing our services), which may also be tailored to you, e.g., ads based on your recent browsing behavior across websites, devices, or browsers.
To deliver these advertisements to you, we may use cookies and/or JavaScript and/or web beacons (including transparent GIFs) and/or HTML5 local storage and/or other technologies. We may also employ third parties, such as network advertisers (i.e., third parties that display advertisements based on your website visits), to serve targeted ads. External providers of advertising networks, advertisers, sponsors, and/or services measuring website traffic may also use cookies and/or JavaScript and/or web beacons (including transparent GIFs) and/or Flash cookies and/or other technologies to measure the effectiveness of their ads and tailor advertising content for you. These third-party cookies and other technologies are subject to the respective third-party's privacy policy and not this document.
Where Do We Store the Data?
- Non-Personal Data
Please note that our companies and our trusted partners and service providers operate globally. For the purposes described in this privacy policy, we store and process all non-personal data we collect in various jurisdictions.
- Personal Data
Personal data may be maintained, processed, and stored in other jurisdictions as necessary for the proper provision of our services and/or as required by law (as further described below).
How Long Do We Retain the Data?
Please note that we retain the collected data for as long as necessary to provide our services, comply with our legal and contractual obligations to you, resolve disputes, and enforce our agreements. We may correct, supplement, or delete inaccurate or incomplete data at our discretion.
How Do We Protect the Data?
The hosting service for our digital assets provides us with the online platform through which we can offer our services to you. Your data may be stored through our hosting provider's data storage, databases, and general applications. Your data is stored on secure servers behind a firewall, and it offers secure HTTPS access to most areas of its services.
User accepts payments/eCommerce
All payment options offered by us and our hosting provider for our digital assets comply with the PCI-DSS (Payment Card Industry Data Security Standard) requirements as set forth by the PCI Security Standards Council, which includes collaboration from brands like Visa, MasterCard, American Express, and Discover. PCI-DSS requirements help ensure secure handling of credit card data (including physical, electronic, and procedural safeguards) by our shop and service providers.
Despite the measures and efforts taken by us and our hosting provider, we cannot and will not guarantee absolute protection and security of the data you upload, publish, or otherwise share with us or others. Therefore, we urge you to create secure passwords and avoid sharing confidential information with us or others that you believe could cause significant or lasting harm if disclosed. Because email and instant messaging are not considered secure forms of communication, we also ask that you refrain from sharing confidential information through these communication channels.
We will only use your personal data for the purposes set out in the Privacy Policy and only if we are satisfied that:
the use of your personal data is necessary to perform or enter into a contract (e.g. to provide you with the Services themselves or customer service or technical support);
the use of your personal data is necessary to comply with relevant legal or regulatory obligations, or
the use of your personal information is necessary to support our legitimate business interests (provided that at all times this is done in a manner that is proportionate and respects your data protection rights).
As an EU resident you can:
request confirmation as to whether or not personal data concerning you is being processed and request access to your stored personal data and certain additional information;
request to receive personal data that you have provided to us in a structured, commonly used and machine-readable format;
request correction of your personal data held by us;
request the deletion of your personal data;
object to our processing of your personal data;
request the restriction of the processing of your personal data, or
lodge a complaint with a supervisory authority.
Please note, however, that these rights are not absolute and may be subject to our own legitimate interests and regulatory requirements. If you have general questions about the personal information we collect and how we use it, please contact us as indicated below.
In the course of providing the Services, we may transfer data across borders to affiliates or other third parties and from your country/jurisdiction to other countries/jurisdictions worldwide. By using the Services, you consent to the transfer of your data outside the EEA.
If you are based in the EEA, your personal data will only be transferred to locations outside the EEA if we are satisfied that an adequate or comparable level of protection of personal data exists. We will take appropriate steps to ensure that we have appropriate contractual arrangements in place with our third parties to ensure that appropriate safeguards are in place so that the risk of unlawful use, alteration, deletion, loss or theft of your personal data is minimized and that such third parties act at all times in accordance with applicable laws.
Rights under the California Consumer Privacy Act
If you use the Services as a California resident, you may have the right to request access to and deletion of your information under the California Consumer Privacy Act (“CCPA”).
To exercise your right to access and delete your data, please read below how to contact us.
The website does not sell any data about its users
We do not sell users' personal information for the purposes of the CCPA.
Updates or Changes to the Privacy Policy
We may revise this Privacy Policy from time to time in our sole discretion, the version posted on the Site will always be current (see “As of” statement). We encourage you to periodically review this Privacy Policy for any changes. If there are any significant changes, we will post a notice on our website. Your continued use of the Services following notification of changes on our website will constitute your acknowledgment and agreement to the changes to the Privacy Policy and your agreement to be bound by the terms and conditions of such changes.
Contact
If you have general questions about the Services or the information we collect about you and how we use it, please contact us at:
S&A GmbH
Kraiham 45
A-5201 Seekirchen am Wallersee