Legal

Privacy Policy

The protection of your personal data is a particular concern for us. This privacy policy informs you about which data we process on www.goldener-loewe.at, for what purpose and on what legal basis. Processing is based on the EU General Data Protection Regulation No. 2016/679 ("GDPR") and the Austrian national data protection laws (DSG, TKG).

1. Controller

The controller within the meaning of Art. 4 (7) GDPR is the operator of this website named in the imprint — Hotel Goldener Löwe, Oberer Stadtplatz 14, 6330 Kufstein, Austria. Please direct any privacy-related concerns to the contact details given in the imprint.

2. What data we process

Specifically, we process the following data on this website:

We do not process any special categories of personal data (Art. 9 GDPR).

3. Cookies, web storage and our own audience measurement

This website uses no tracking or advertising cookies and no cross-device profiling. In your browser's localStorage we only store your cookie decision (see above). You can delete this entry at any time via your browser settings — on your next visit we will ask for your choice again.

To improve our offering we operate our own privacy-friendly audience measurement on our own server, collecting the usage data listed in section 2. This measurement is deliberately data-minimising:

The legal basis is our legitimate interest in an anonymous, data-minimising statistical evaluation of website usage (Art. 6 (1) lit. f GDPR). As no personal data is stored, no consent is required. You may nevertheless object at any time by enabling "Do Not Track" in your browser or by setting the entry gl-analytics-optout to the value 1 in this site's web storage.

In addition we use Google Analytics — but only after your explicit consent via the cookie notice (see section 4).

4. External content and third-party providers

If you click "Accept all" in the cookie notice, we embed the following third-party content. If you choose "Essential only", this content remains behind a click-to-load gate and is loaded only after a separate consent.

Google Analytics

After your consent ("Accept all") we use Google Analytics 4, a web analytics service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (measurement ID G-QVRYNXGKMX). Google Analytics uses cookies or comparable identifiers and creates pseudonymous usage profiles to analyse website usage. In doing so, data — including your IP address (shortened thanks to the IP anonymisation we have enabled) — is transmitted to Google; transfer to servers in the USA is possible. Google is certified under the EU-US Data Privacy Framework; additionally, standard contractual clauses (Art. 46 GDPR) are in place.

The legal basis is solely your consent under Art. 6 (1) lit. a GDPR and § 165 (3) TKG 2021. Without your consent, Google Analytics is not loaded and no related data is collected. You may withdraw your consent at any time with effect for the future by clearing this site's web storage — on your next visit the cookie notice will appear again and you can choose "Essential only". More information: policies.google.com/privacy and support.google.com/analytics.

Google Maps

On the hotel page (/en/pages/hotel/) we display our location using a map from Google Maps. Provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. When the map is loaded, your IP address is transmitted to Google; transmission to the USA is possible. The legal basis is your consent under Art. 6 (1) lit. a GDPR. You may withdraw your consent at any time by clearing your browser storage — on your next visit the cookie notice will appear again. More info: policies.google.com/privacy.

Interalp Webbox (booking engine)

The booking pages (/en/pages/booking) embed the online booking engine of Interalp Touristik GmbH (Inngasse 5, 6330 Kufstein, Austria). The tool loads scripts from webbox3.interalp-touristik.com and, for availability/price checks and booking processing, transmits data to Interalp (in particular selected travel dates, number of guests, contact and where applicable payment details you enter). Legal basis is the initiation and performance of the accommodation contract (Art. 6 (1) lit. b GDPR). Processing takes place under a data processing agreement pursuant to Art. 28 GDPR. Privacy policy: interalp-touristik.com.

Event data (tirol.at / OEW Tourdata)

On the homepage we show a selection of regional events from the Tirol Unterland region. The data is queried server-side once per hour from the Tourdata interface of Österreich Werbung (oew.tourdata.at, operated by TTG Tourismus Technologie GmbH) and cached on our own server. Your IP address is not transmitted to Tourdata. However, event preview images may load directly from their original sources (regional tourism associations) into your browser when you expand the event list. Legal basis: Art. 6 (1) lit. f GDPR (legitimate interest in providing tourism information for our guests).

Web fonts (self-hosted)

The fonts used on this website ("Cormorant Garamond", "Cinzel", "Inter") are served directly from our own web server. No connection is made to Google or any other third-party provider. Therefore, neither your IP address nor any other data is transmitted to external providers when fonts are loaded. The legal basis for hosting the fonts on our own server is our legitimate interest in the consistent, performant and privacy-friendly presentation of the website (Art. 6 (1) lit. f GDPR).

Links to social networks (Facebook, Instagram)

The footer of this website contains plain text links to our Facebook and Instagram profiles. No social plugins or like buttons are embedded — data is transmitted to Meta Platforms Ireland Ltd. only when you actively click such a link and thereby visit the respective platform. Their own privacy policies then apply.

5. Hosting and web server

This website is hosted at a web hoster with a server location within the European Union. Within the scope of the hosting contract there is a data processing agreement pursuant to Art. 28 GDPR. We will name the specific provider on request.

6. Disclosure to third parties

Your personal data is only disclosed to third parties to the extent necessary for contract performance (e.g. to our hosting provider or a booking partner) or where we are legally required to do so. A transfer to third countries outside the EU/EEA only takes place where an adequate level of data protection is ensured (in particular via standard contractual clauses pursuant to Art. 46 GDPR or by your express consent).

7. Storage period

We retain personal data only as long as necessary for the respective purpose or as long as statutory retention obligations exist (in particular § 132 BAO, § 212 UGB — seven years for business records). Server logs are deleted after no more than 14 days.

8. Your rights

You have the right at any time to:

Please direct such requests to the contact address given in the imprint.

If you consider that the processing of your personal data violates data protection law, you have the right to lodge a complaint with the competent supervisory authority — in Austria: Austrian Data Protection Authority, Barichgasse 40-42, 1030 Vienna.

9. Data security

This website is delivered exclusively over a TLS-encrypted connection (HTTPS). We take appropriate technical and organisational measures to protect your data against manipulation, loss and unauthorised access. Despite these measures, complete security cannot be guaranteed for data transmissions over the internet.

10. Changes to this privacy policy

We reserve the right to adapt this privacy policy, e.g. to reflect changes in the law or in our services. The version available at the time of your visit shall apply.

Last updated: May 2026. In case of any discrepancy, the German version remains legally binding.