COOKIE INFORMATION

  1. Service provider:
    Vienna International Hotelmanagement AG ("VIENNA HOUSE")
    Business address: Dresdner Straße 87, 1200 Vienna, Austria
    Telephone: +43 1 333 73 73-0
    Email: office[a]viennahouse.com

  2. What are cookies?
    Internet connections are anonymous for technical reasons. The service provider cannot identify visitors to their website without additional mechanisms. Cookies are small sets of data (text files) that are generated by a web server, sent via the Internet, and stored on your end device with help of a browser programme. The website specifically uses "cookies" to recognise the user and end device upon future visits as well as to store the user's preferences or time spent on the website. Cookies are also used to display behaviour-based marketing and control advertising content.

  3. What types of cookie are there
    • First-party cookies Sent and read exclusively by the service provider's domain.
    • Third-party cookies Sent and read by the domains of other service providers.
    • Session cookies(session-id) Temporary cookies that are automatically deleted once the browser is closed. Sessions cookies allow the movements of the user on the website to be recognised and ensure information is preserved. Without cookies, websites are unable to "remember" visitors.
    • Permanent cookies These cookies are permanent and can be deleted manually, or deleted once a certain time period has elapsed. These cookies help the website remember users and their settings; e.g. language selection, menu preferences, internal bookmarks or favourites.

  4. How can a user decline cookies?
    You can find information on managing cookies in the help section of your browser, or in the manual for your end device (tablet, smartphone, etc.), e.g.
    • Chrome: chrome://settings/content/cookies
    • Firefox: about:preferences#privacy
    • Safari: safari:settings:data protection:Cookies and website data
    • Microsoft Edge: Symbol to the top-right with three dots: Settings: Browser data

  5. Restriction in functionality
    If the use of cookies is not allowed, certain functions (particularly login) and pages will not function as expected.

  6. How can a user delete cookies?
    Prevalent browsers allow the user to delete cookies that have already been saved (usually under the section "Settings" or "Data protection").

  7. When can an online service provider use cookies?
    The service provider is entitled to store cookies on the (informed) user's end device whose sole purpose is to implement or facilitate the transmission of a message via an electronic communication network, or insofar as a participant or user expressly desires a specific service (Art. 5 Para. 3 ePrivacy directive). The Art. 29 Data Protection Group declared an exception in Opinion 4/2012 for the requirements for approving cookies for the following cookies:
    • User cookies (session ID) such as first-party cookies to track the user's entries when filling in online forms, shopping baskets etc. for the duration of a session, or permanent cookies which are restricted to a few hours in some cases
    • Authentication cookies to identify the user after login and for the duration of a session
    • User-centred security cookies used for a limited time period to identify authentication errors
    • Player cookies for multimedia content used to store technical data related to the playback of video or audio content for the duration of a sessions
    • Load-balancing cookies for the duration of the session
    • Cookies for user interface modification, e.g. language or font settings, for the duration of a session (or somewhat longer)
    • Social plug-in cookies for sharing from third-party providers for logged-in users of a social network.
    The user's consent for saving cookies is also required.

  8. Which first-party cookies are used?
    • Session ID cookie PHPSessID
      The service provider uses this ID to process user requests for which the respective session was instantiated. A session ID is issued to the user and saved in a cookie when first accessing a page. This ID is given again upon subsequent access to the page to recognise the user's session.
      Lifespan: Upon closing the respective browser.
      Legal basis: Art. 5 Para. 3 (Information)
    • Login cookie for registered users
      The link between the registered user and session ID cookie is created when a registered online user logs in.
      Lifespan: Upon closing the respective browser.
      Legal basis: Art. 5 Para. 3 (Information)
    • Auto login cookie for registered users Login_SSO
      Contains a unique identifier that means the end device is recognised when the logged in user subsequently visits the respective page, and ports the login state of a user to another domain. (Single sign-on)
      Lifespan: Remains in place unless actively deleted by the user.
      Legal basis: Definite action of the registered user and thus consent to the desired service.
    • Privacy policy
      Saves the status showing that the user has consented to the cookie guidelines.
      Lifespan: 60 days
      Legal basis: Consent

  9. Which known third-party cookies are used?
    • Google Analytics, , services of Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA ("Google")
      • _ga and _git: Cookie for differentiating users Lifespan:_ga: 2 years, _git: 24 hours;
      • _gat: Cookie to throttle the request Lifespan: 10 minutes;
      • _utma: Cookie for first and last visit, number of visits Lifespan: Unlimited;
      • _utmb: Cookie for time-stamping the access to the website, this cookie can provide information on how long the visitor stays on the site in conjunction with _utmc. Lifespan: Until the end of the session;
      • _utmc: Cookie for time-stamping when the visitor leaves the website, this cookie can provide information on the length of the visit in conjunction with _utmb. Lifespan: 30 minutes;
      • _utmk: Contains a hash value relating to all Google Analytics UTM cookies; Lifespan: unbegenzt;
      • _utmz: Contains information on where the user was prior to accessing the page being analysed; Lifespan: unlimited;
      • DoubleClick: Enrichment of demographic data for own website visitors; Lifespan: 6 months;
      Legal basis: Art. 5 Para. 3 (Information)
      Data protection provisions of Google:
      http://www.google.com/intl/policies/privacy
      The gathering and processing of data by Google can be prevented by installing the following links:
      https://tools.google.com/dlpage/gaoptout

    • Social Plugin Facebook
      Can be recognised by the Facebook logo or "Like" button. A link is created to Facebook upon loading our website while the user is logged into their Facebook user account. The connection allows browser-specific data to be sent and third-party cookies to be stored by Facebook, which can identify the user's browser amongst other aspects. We point out that as the provider of the pages, we are not aware of the full content of the data transmitted and their use by Facebook.
      Facebook Connect:
      A service that enables users of the social network Facebook to log into our websites using their Facebook profile without needing to create a separate account.
      Facebook Impressions
      Calculates how often the content, advertisement etc. has been viewed when displayed in conjunction with the social network.
      Lifespan: When the user logs out of their Facebook user account
      Legal basis: Art. 5 Para. 3 (Information)
      Facebook's data protection policy: http://facebook.com/policy.php

    • Social Plugin Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA; Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA; Youtube LLC, principal place of business in 901 Cherry Avenue, San Bruno, CA 94066, USA - represented by Google Inc. headquartered in 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; LinkedIn Ireland UC., Wilton Place, Dublin 2, Irland

      Incorporation of the Instagram, Twitter, YouTube and LinkedIn plug-ins to share advertising content of the website. Can be recognised by the respective logo. Data is only transmitted once the icon is clicked on. Clicking on the respective button creates a connection to the service provider's account. The connection allows browser-specific data to be sent and third-party cookies to be stored by Instagram, which can identify the user's browser amongst other aspects.
      We point out that as the provider of the pages, we have no influence on the cookies used and receive no knowledge of the full content of the data transmitted and their use by the service providers.
      Lifespan: When the user logs out of the Instagram user account
      Legal basis: Art. 5 Para. 3 (Information)
      Data protection policy of Instagram: http://instagram.com/about/legal/privacy/
      Data protection policy of Twitter: https://twitter.com/privacy
      Data protection policy of Youtube: https://policies.google.com/privacy
      Data protection policy of LinkedIn: https://www.linkedin.com/legal/privacy-policy

    • Atriba; Bing; The Hotel Network
      Session cookies and online activities are stored for tracking user clicks on advertisements/ad buttons to analyse marketing campaigns and identify user interests.
      Lifespan: 2 years
      Legal basis: Art. 5 Para. 3 (Information)
      Data protection policy of Adtriba: https://privacy.adtriba.com/
      Data protection policy of Bing: https://privacy.microsoft.com/de-de/privacystatement
      Data protection policy of The Hotel Network: https://www.thehotelsnetwork.com

    Download PDF
    Enable Social Sharing