Privacy Policy

1. Data Controller

ViennaPass operates the website asftravel-pass.eu. The data controller for personal data processed through this website is:

2. Data We Collect

We collect the following categories of data:

• Contact form data: Name, email address, and message content submitted via our contact form on /contacts.html.
• Technical data: IP address, browser type, operating system, referring URL, and pages visited. This data is collected automatically by our web server.
• Cookie consent data: We store your cookie consent preference in your browser's localStorage under the key cookieConsent_asftravel-pass.eu.

We do not collect payment information, sensitive personal data, or data from third-party tracking services.

3. How We Use Your Data

Contact form data is used solely to respond to your enquiry. We do not use it for marketing purposes without your explicit consent. Technical data is used for website security, performance monitoring, and aggregate analytics. Cookie consent data is used to remember your preference and avoid showing the consent banner repeatedly.

4. Legal Basis for Processing

We process contact form data on the basis of your consent (Article 6(1)(a) GDPR) and our legitimate interest in responding to enquiries (Article 6(1)(f) GDPR). Technical data is processed on the basis of our legitimate interest in operating a secure and functional website.

5. Cookies and localStorage

This website uses minimal cookies for essential functionality. We use your browser's localStorage (not cookies) to store your cookie consent preference. localStorage data is stored locally on your device and is not transmitted to our servers. You can clear localStorage data at any time through your browser settings.

We do not use third-party tracking cookies, advertising cookies, or analytics cookies from external providers.

6. Data Retention

Contact form data is retained for up to 12 months from the date of receipt, after which it is securely deleted. Technical server logs are retained for up to 90 days. localStorage data persists until you clear it from your browser.

7. Data Sharing

We do not sell, rent, or share your personal data with third parties for marketing purposes. We may share data with service providers who assist in operating this website (e.g., hosting providers), subject to appropriate data processing agreements. We may disclose data if required by Austrian or EU law.

8. Your Rights

Under GDPR, you have the right to: access your personal data; correct inaccurate data; request deletion of your data; restrict processing; object to processing; and data portability. To exercise these rights, contact us at [email protected]. We will respond within 30 days.

9. Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, or destruction. Our website uses HTTPS encryption for all data transmission.

10. Changes to This Policy

We may update this privacy policy from time to time. The date at the top of this page indicates when it was last revised. Continued use of asftravel-pass.eu after changes constitutes acceptance of the updated policy. For significant changes, we will post a notice on our homepage.

For questions about this privacy policy, contact us at [email protected].