Thank you for your interest in Hotel Pension Haydn our website at and this Privacy Policy! At Hotel Pension Haydn, we take the protection of your Personal Data very seriously.

We have written this Privacy Policy to explain to you, in accordance with the requirements of Austria`s Data Protection Act (“DSG”), the General Data Protection Regulation (“GDPR”), what information we collect, how we use data and what decision-making options you have as a visitor to this website.

Unfortunately, it is in the nature of things that these explanations sound very technical, but we have tried to describe the most important things as simply and clearly as possible when creating them.


What is Personal Data?

Personal data is any information relating to personal or material circumstances that relates to an identified or identifiable individual. This includes, for example, your name, date of birth, e-mail address, postal address, or telephone number as well as online identifiers such as your IP address. In contrast, information of a general nature that cannot be used to determine your identity is not personal data. This includes, for example, the number of users of a website.


Data Controller

The person responsible pursuant to the DSG and the GDPR is

Hotel Pension Haydn

Mariahilfer Straße 57-59

1060 Wien

Telefon: +43 1 587 44 14 0

Fax: +43 1 587 44 14 700








Legal bases for processing

The processing of your personal data may be based on the following legal grounds:

  • you have given your consent (Art. 6 para. 1 lit. a GDPR),
  • the data is necessary for the fulfilment of a contract / pre-contractual measures (Art. 6 para. 1 lit. b GDPR),
  • the data is necessary for the fulfilment of a legal obligation (Art. 6 para. 1 lit. c GDPR) or
  • the data is necessary to protect the legitimate interests of our company, provided that your interests are not overridden (Art. 6 para. 1 lit. f GDPR).


Your Rights

You have the following rights with regard to personal data concerning you:

  • Right to information (Art. 15 GDPR),
  • Right to rectification or erasure (Art. 16 and Art. 17 GDPR),
  • Right to restriction of processing (Art. 18 GDPR),
  • Right to object to processing (Art. 6(1)(e) or (f) GDPR),
  • Right to data portability (Art. 20 GDPR).


To assert these rights, please contact us at any time using the details provided.

You also have the right to lodge a complaint with your local data protection supervisory authority or the Austrian Data Protection Commission (DSB) ( We would, however, appreciate the chance to deal with your concerns before you approach the DSB or any other supervisory authority.


Collection of personal data when visiting our website

In the case of merely informative use of the website, i.e., if you do not make a booking or otherwise transmit information to us, we only collect the personal data that your browser transmits to our server. If you wish to view our website, we collect the following data, which is technically necessary for us to display our website to you and to ensure its stability and security (legal basis is Art. 6 para. 1 lit. f GDPR):

  • IP address
  • Date and time of the request
  • Time zone difference to Greenwich Mean Time (GMT)
  • Content of the request (specific page)
  • Access status/HTTP status code
  • Amount of data transferred in each case
  • Website from which the request came
  • Operating system and its interface
  • Language and version of the browser software.


In addition to the aforementioned data, cookies are stored on your computer when you use our website.



We use so-called cookies on our website. Cookies are small text files that are stored on your respective device (PC, smartphone, tablet, etc.) and saved by your browser. For further information please refer to our Cookie Policy. The legal basis for the use of cookies is your consent in accordance with Art. 6 para. 1 lit. a GDPR as well as our legitimate interest in accordance with Art. 6 para. 1 lit. f GDPR.


Contact us

When you contact us, the data you provide (your e-mail address, name, and telephone number, if applicable) will be stored by us in order to answer your questions. We delete the data accruing in this context after the storage is no longer necessary or restrict the processing if there are statutory retention obligations. The legal basis for processing is Art. 6 para. 1 lit. f GDPR and Art. 6 para. 1 lit. b GDPR


Online Reservations

To enable you to conveniently book your stay with us online, we use the booking engines of RoomCloud. Your data will be used exclusively for the contractual relationship established with the reservation, and for any pre- and post-sales service, for any pre- and post-stay mailing, and for any pre- and post-stay mailing.

If you wish to book an overnight stay with us online, it is necessary for the conclusion of the contract that you provide your personal data, which we require for the processing of your order. Mandatory data required for the processing of contracts are marked separately, other data are voluntary. We process the data you provide to process your order. For this purpose, we may pass on your payment data to our house bank. The legal basis for this is Art. 6 para. 1 lit. b GDPR.

Due to commercial and tax law requirements, we are obliged to store your address, payment confirmation and order data for a period of ten years. However, we will restrict processing after two years, i.e., your data will only be used to comply with legal obligations.


Extended data collection in the course of your stay

In the course of a booking at our hotel, we sometimes collect the following personal data in accordance with Art 13 GDPR:

  • Master data (surname, first name, main residence, address, mail address, telephone and fax number, professional and private contact data including, place of birth, date of birth, customer number, language and, if applicable, car registration number).
  • Data in identity documents (e.g., travel document, identity card, driving license etc. including issuing authority and period of validity, nationality)
  • Date of arrival and departure and duration of booking, room number,
  • the services you have requested and personal preferences you have made known (e.g., food or upholstery preferences), as well as allergies, intolerances, special needs and customer or special requests, date and type of services used and consumed, including special categories of data such as marriage/partnership
  • data on payment methods and in connection with payments, in particular with debit cards, credit cards and bank cards
  • customer feedback


The duration of storage is measured according to the duration of our business relationship, the consents you have given, and furthermore according to the statutory retention obligations and legal obligations applicable to us. We emphasize that in the case of regular cooperation for our best possible customer service, we strive to know your customer wishes already communicated to us so well that we can continuously and permanently satisfy you.


Google Analytics

We use Google Analytics, a service provided by Google Inc. This means that the data collected can in principle be transmitted to a Google server in the USA, whereby the IP addresses are anonymized by means of IP anonymization so that an allocation is not possible. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data. You can object to the collection and processing of this data by Google Analytics by setting an opt-out cookie that prevents the future collection of your data when you visit this website: The legal basis for this processing is Art. 6 para. 1 lit. f GDPR, our legitimate interest.


Google Maps

We use the services of Google Maps provided by Google Inc to allows us to show you interactive maps directly and to enable you to use the map function conveniently. Google receives the information that you have called up the corresponding sub-page of our website and in addition, the data your location data will be transmitted. This takes place regardless of whether Google provides a user account via which you are logged in or whether no user account exists. If you are logged in to Google, your data will be directly assigned to your account. Google stores your data as usage profiles and uses them for the purposes of advertising, market research and/or the needs-based design of its website. The legal basis for this processing is our legitimate interest Art. 6 para. 1 lit. f GDPR.


Duration of data storage

We only store personal data for as long as it is necessary for the purposes for which it is processed or for as long as any consent you have given us has been revoked by you. Insofar as statutory retention obligations must be observed, the storage period for certain data may be up to 10 years, irrespective of the processing purposes.


Transfer of personal data

Hotel Pension Haydn will not disclose or otherwise distribute your personal data to third parties unless this is necessary for the performance of our services (legal basis for processing: Art. 6 para. 1 lit. b GDPR), you have consented to the disclosure (legal basis for processing: Art. 6 para. 1 lit. f GDPR) or the disclosure of data is permitted by relevant legal provisions.

Hotel Pension Haydn is entitled to outsource the processing of your personal data in whole or in part to external service providers acting as processors for Hotel Pension Haydn pursuant to Art. 4 No. 8 GDPR within the framework of the data protection provisions. External service providers support us, for example, in the technical operation and support of the website, data management, the provision and performance of services, marketing, as well as the implementation and fulfilment of reporting obligations.

The service providers commissioned by Hotel Pension Haydn process your data exclusively in accordance with our instructions. Hotel Pension Haydn remains responsible for the protection of your data, which is ensured by strict contractual regulations, technical and organizational measures and additional controls by us.

Personal data may also be disclosed to third parties if we are legally obliged to do so e.g., by court order (legal basis for processing: Art. 6 para. 1 lit. c GDPR) or if this is necessary to support criminal or legal investigations or other legal investigations or proceedings at home or abroad or to fulfil Hotel Pension Haydn’ legitimate interests (legal basis for processing: Art. 6 para. 1 lit. f GDPR).


Automated decision-making

Automated decision-making including profiling pursuant to Art. 22 (1) and (4) GDPR does not take place on the part of Hotel Pension Haydn.


Direct marketing in the context of a customer relationship

We use the data you provide to fulfil and process our contract and to respond to your enquiries in accordance with Art. 6 para. 1 lit. b GDPR or on the basis of your consent in accordance with Art. 6 para. 1 lit. a GDPR. Insofar as you have also given us your separate consent to process your data for consulting, marketing and advertising purposes, Hotel Pension Haydn is entitled to contact you for these purposes via the communication channels you have given your consent to.

You may give us your consent in a number of ways including by selecting a box on a form where we seek your permission to send you marketing information, or sometimes your consent is implied from your interactions or contractual relationship with us. Where your consent is implied, it is on the basis that you would have a reasonable expectation of receiving a marketing communication based on your interactions or contractual relationship with us.

Direct Marketing generally takes the form of e-mail but may also include other less traditional or emerging channels. These forms of contact will be managed by us, or by our contracted service providers. Every directly addressed marketing sent or made by us or on our behalf will include a means by which you may unsubscribe (or opt out).



Hotel Pension Haydn uses technical and organizational security measures to protect the data you have provided against accidental or intentional manipulation, loss, destruction or against access by unauthorized persons. These security measures are continuously improved in line with technological developments. In addition, all employees and agents are bound to data secrecy in accordance with the DSG and the GDPR.


Social Media

We are present in “social media” (currently, Facebook, and Twitter) in order to communicate with our customers, interested parties and users registered there and to be able to inform them about our offers. We would like to point out that you use social media platforms and their functions on your own responsibility. This applies in particular to the use of the interactive functions (e.g., commenting, sharing, rating). We, as the provider of our Social Media Profile, do not collect and process any data from your use of our social media platforms and beyond this. The processing of users’ personal data is based on our legitimate interests in providing users with effective information and communicating with users.


Updating your information

If you believe that the information, we hold about you is inaccurate or that we are no longer entitled to use it and want to request its rectification, deletion, or object to its processing, please do so by contacting us. For your protection and the protection of all of our users, we may ask you to provide proof of identity before we can answer the above requests.

Keep in mind, we may reject requests for certain reasons, including if the request is unlawful or if it may infringe on trade secrets or intellectual property or the privacy of another user. Also, we may not be able to accommodate certain requests to object to the processing of personal information, notably where such requests would not allow us to provide our service to you anymore.


Links to other providers

Our website also contains – clearly recognizable – links to the websites of other companies. Insofar as there are links to websites of other providers, we have no influence on their contents. Therefore, no guarantee or liability can be assumed for these contents. The respective provider or operator of the pages is always responsible for the content of these pages.

The linked pages were checked for possible legal violations and recognizable infringements at the time of linking. Illegal contents were not recognizable at the time of linking. However, permanent monitoring of the content of the linked pages is not reasonable without concrete indications of a legal violation. Such links will be removed immediately if infringements of the law become known.


Changes and updates to the privacy policy

We kindly ask you to regularly inform yourself about the content of our privacy policy. We will amend the privacy policy as soon as changes to the information processing activities we carry out make this necessary. We will inform you as soon as the changes require an act of cooperation on your part (e.g., consent) or other individual notification.


Concerns and Contact

If you have any concerns about a possible compromise of your privacy or misuse of your personal information on our part, or any other questions or comments, you can contact us.

Who should I contact for more information?

If you have any questions or comments about our Privacy Policy or wish to exercise your rights under applicable laws, please contact us using the following contact details:

Hotel Pension Haydn

Mariahilfer Straße 57-59

1060 Wien

Tel: +43 1 587 44 14 0

Fax: +43 1 587 44 14 700








This Privacy Policy was last updated on Monday, 12 September 2022