Legal
Privacy Policy
1. Controller
S.IN GmbH — Schitterhof CAMPING WEISS, Birkachweg 3, 8724 Spielberg, Austria.
Email: servus@schitterhof.at (alternatively info@schitterhof.at) · Tel. +43 670 50 90 460.
2. What data we process
- Booking data: name, address, email, phone, chosen category, period, persons, options and payment status.
- Guest registration data (§ 5 Meldegesetz): data of all accompanying persons as well as your digital signature for the legally required guest registration.
- Payment data: payment is processed via our payment service provider; complete card details are not stored by us.
- Entries in the AI chat assistant: questions and text you enter into our FAQ assistant (see point 8).
- Technical data: server logs (IP, time, page accessed) for secure provision.
3. Purposes & legal bases
- Performance of the contract (booking, payment, confirmation) — Art. 6(1)(b) GDPR.
- Statutory registration obligation (guest registration) — Art. 6(1)(c) GDPR.
- Secure operation of the website, responding to enquiries and fraud prevention — Art. 6(1)(f) GDPR.
4. Processors & recipients
We use carefully selected service providers (processing under Art. 28 GDPR):
- Supabase / AWS — database hosting in the EU (Frankfurt region, eu-central-1).
- Vercel — hosting/delivery of the website.
- Mollie — payment processing (EU).
- Resend — sending of confirmation and service emails.
- AI service provider — processing of entries in the FAQ assistant (see point 8).
- Authorities, insofar as legally required (e.g. registration system, local tourist tax).
5. Data transfer to third countries (USA)
Some of the service providers used (in particular Vercel, Resend as well as the AI service mentioned under point 8) are companies with their registered office or parent company in the USA. Processing in a third country outside the EU/EEA therefore cannot be ruled out. The database hosting itself takes place in the EU (Frankfurt).
Insofar as personal data is transferred to a third country, this takes place on the basis of appropriate safeguards within the meaning of Art. 44 et seq. GDPR — in particular via the EU Standard Contractual Clauses and/or a certification of the respective provider under the EU-US Data Privacy Framework (DPF). A copy of the respective safeguards can be requested from us.
6. Retention period
Booking and invoice data is stored in accordance with the retention periods under tax and company law (as a rule 7 years). Registration data is retained in accordance with the requirements of the registration law. Beyond that, we store data only for as long as is necessary for the stated purposes.
7. Cookies
We use exclusively technically necessary cookies for the booking process and the protected area. No tracking for advertising purposes takes place.
8. AI chat assistant
An AI-supported FAQ assistant is available on our website. If you enter a question there, the text entered is transmitted to and processed by an AI service in order to answer it. The legal basis is our legitimate interest in a helpful, fast service (Art. 6(1)(f) GDPR). Please do not enter any sensitive personal data into the assistant. If the processing is carried out by a provider in a third country, the safeguards mentioned under point 5 apply.
9. Your rights
You have the right to access, rectification, erasure, restriction of processing, data portability and objection. To exercise these, please contact servus@schitterhof.at. You also have the right to lodge a complaint with the Austrian Data Protection Authority (www.dsb.gv.at).
As of: 07/2026. Note: This text is a carefully prepared draft and does not replace legal advice.
Language version
This privacy policy is provided in further languages as a pure service translation. Only the German version is authoritative; in the event of discrepancies, the German text prevails.