de VouchersTicket-shop
Warenkorb
user
close

cart_thinCart

Total

Next steps

You will now be forwarded to the simple & uncomplicated ticket platform "starjack".

  • "Create account
    or log in"
  • Buy the ticket

You will be automatically redirected in 21 seconds.

Powered by Starjac
  • 1

    Ticket

  • 21

    Regions

  • 2.750

    Piste kilometres

  • 926

    Ski lifts

Buy Ticket

Simply super. Simply informed.

Data protection statement

SuperSkiCard

1. General

We very much emphasise the protection of your personal details. We treat details that you have entrusted to us with strict confidentiality and therefore handle them in a responsible manner. In this Data Protection Statement we provide you with information about the most important aspects of data processing in the context of our business, based on applicable data protection terms in GDPR and the German Data Protection Act (DSG).

2. What details do we process and for what purpose?

2.1 Contact form
When you contact us via the form on the website www.superskicard.com or by e-mail, the details you enter will be processed to deal with your enquiry.

2.2 Ticket ordering
To carry out your order and for contract processing, we compile and process the following data:

First name, surname, address, telephone number, e-mail address, date of birth and photo to implement the booking and payment process.

The date made available by you is required for the purpose of contract fulfilment or to imple-ment precontractual measures. Without these details we are unable to enter into a contract with you. The data will also be used for access control for ski areas participating in the Super-SkiCard (Art. 6 Para. 1 lit. b GDPR, Art. 6 Para. 1 lit. f GDPR).

3.3 Newsletter
You can subscribe to a newsletter on our website. If you subscribe to the newsletter, we gather and store the details that you enter in the form (surname, first name, e-mail address). Your details will not be forwarded to third parties. Subscription to the newsletter is only possible with your consent. Legal basis for processing is Art. 6 Para. 1 lit. a GDPR. We only use your details to send our newsletter.

The double opt-in process is used for registration. After registration you will receive a message to the e-mail address provided, this will be a confirmation and authorisation e-mail and a request that you click on the link contained. This is to ensure that only the authorised e-mail address user can register for the newsletter. If the newsletter registration is done online, we will save the IP address of the computer system used at the time of registration, as well as the date and the time of registration. This will serve as documentation of your consent and with of the fulfilment of the statutory data protection obligations of the responsible party.

You have the option to cancel the newsletter at any time. There is a link at the end of each newsletter, via which you can unsubscribe. Alternatively, you can send a pertinent e-mail to datenschutz@schmitten.at. Upon unsubscription, your personal details will be deleted from our system immediately.

3. Do we share your details?

3.1 Under Point 2.2 we forward your cited personal details to a central database. Only authorised staff in SuperSkiCard participating cable car and lift companies have access to this database. These cable car and lift companies can be found here. Data is compiled in a central database for the purpose of implementing your order and for the pay-ment process, and also for access control at cable car and lift companies that are part of the SuperSkiCard.

We use the services of order processors in this context (SkiData GmbH, Axess AG, Star Jack GmbH, Incert eTourismus GmbH & Co KG). All our order processors only process your details on our instructions and based on our advice for the above-mentioned purposes. We would point out that none of our order processors are located outside the EU.

3.2 We do not forward your personal details to third parties, unless it is necessary for the purposes mentioned and there is a relevant legal basis, such as a statutory basis or to fulfil a contract. In this case, while adhering to statutory provisions, details will be forwarded to third parties, e.g. to tax advisors and chartered accountants and credit card details forwarded to the banking institute/payment service provider dealing with the transaction.

4. Data storage and Data security

4.1 The data mentioned under Point 2 will be stored for as long as this is deemed reason-able or necessary by us, to achieve the purposes mentioned under Point 2 and this is permissible according to applicable law. In any event, we save personal-related details for the duration of statutory retention requirements, or when the periods of limitation of potential legal claims have not yet expired.

4.2 Your details will be protected against any unlawful access via encrypted transmission and encrypted storage. We implement up-to-date technical and organisational security measures to protect personal details and internationally recognised Best Practices and use security standards which we continually improve.

5. Cookies

This website uses what are known as cookies. A cookie is a small text file that can be stored on your computer when you visit a website. Generally, these cookies are used to provide users with additional functions on a website. For instance, they can be used to make website navigation easier, to enable you to make further use of a website which you have left and/or to store your preferences and settings when you visit the website again. Cookies are not able to access, read or change any other data on your computer.

The majority of cookies on this website are so-called session cookies. They are automatically deleted when you leave our website again. In contrast, long-term cookies remain stored on your computer until you manually delete them in your browser. We use long-term cookies to recognise you again when you next visit our website.

If you want to control cookies on your computer, you can choose your browser settings in such a way that you get a message if a website wants to store cookies. You can also block or delete cookies if they have already been stored on your computer. If you would like to know more about how to implement these steps, use the 'Help' function in your browser.

Please note that blocking or deleting cookies may restrict the functionality of our website.

6. Web analysis

We use Google Analytics, to analyse the use of and improve our website.

Google Analytics is a web analysis service operated by Google Inc. ("Google"). Google Analytics uses "cookies", text files that are stored on your computer and that enable an analysis of your use of the website. The information generated by the cookie about your use of this website is generally forwarded to a Google server in the USA and stored there. In the event of the activation of IP anonymization on this website, your IP address will be truncated by Google within European Union member states and within other contracting states that are party to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transferred to a Google server in the USA and truncated there. Google will use this information to evaluate your use of the website, to compile reports about website activities and to provide additional services linked with the use of the website and the Internet. On behalf of the website operator, Google will use this information to assess your use of the website, to compile reports about website activities and to provide additional services pertaining to the website operator. Legal basis for the processing of details with Google Analytics is Art. 6 Para. 1 lit. a GDPR. The IP address transferred from your browser in the context of Google Analytics will not be associated with other data stored by Google. You may refuse the installation of cookies by selecting the appropriate settings on your browser, we would however point out that in this case, the full functionality of this website may not be available to you. You may also prevent Google compiling details generated by the cookie and about your use of the website (incl. your IP address) by downloading and installing this browser plug-in at the following link:

http://tools.google.com/dlpage/gaoptout?hl=de

We use Google Analytics with the ‘_anonymizeIp()’ extension. This truncates your IP address (IP masking). This rules out reference to specific people. Google participates in the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework. In exceptional cases this provides an appropriate level of data protection for personal data transferred to Google in the USA.

Information about Google: Google Dublin, Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland, Fax: +353 (1) 436 1001
More information about Google usage conditions:
www.google.com/analytics/terms/de.html
More information about data protection by Google:
www.google.com/intl/de/analytics/privacyoverview.html

7. Google Ads Conversion Tracking

We use Google Ads to show you Google websites and other third party advertising. Using Conversion Tracking we are able to determine how successful individual advertising methods are. With the purpose being to show you advertising that is of interest to you and to make our website more interesting for you. Legal basis for processing your details is Art. 6 Para. 1 lit. f GDPR.

Advertising is delivered by Google via a so-called ‘ad server’. We also use cookies, which enable performance measurement of specific parameters, such as overlay of adverts or user clicks. When you reach our website via a Google advert, a Google Ads cookie is stored on your PC. These cookies are generally no longer valid after 30 days and are not used to identify you personally. This cookie generally stores a unique cookie ID, number of ad impressions per placement (frequency), last impression (relevant for post-view conversions) along with opt-out information (markers that the user no longer wants to be approached) as analysis values.

These cookies enable Google to recognise your Internet browser. In so far as a user visits specific pages of the website of an Ads client and the cookie stored on their computer has not yet expired, Google and the client are able to ascertain that the user has clicked on the adverts and has been forwarded to this site. Each Ads client has a different cookie. Cookies are not able to be tracked via the websites of Ads customer. We collate data ourselves and do not process any personal details in the advertising methods stated. We only receive statistical evaluations from Google. With the help of this analysis we are able to determine which of the advertising media used have been particularly effective. We do not receive any further details about the use of advertising media and are not able to identify the user from this information.

Due to the marketing tools used, your browser automatically creates a direct link with the Google server. We have no influence on the scope and on any further processing of data by Google and are hereby informing you of our level of awareness. By integrating Ads Conversion Tracking, Google receives information that you have called up the relevant section of our site, or that you have clicked on one of our adverts. If you are registered for a Google service, Google can attribute your visit to your account. Even if you are not registered on Google or are not logged in, there is the chance that the service provider may ascertain and store your IP address.

You can prevent the storage of cookies by making the relevant setting on your browser software; we would however point out that in this case, not all of the functions of this website will be able to be used in full. You can also prevent data being compiled for Google about your use of the website that is generated by the cookie (incl. your IP address), and ensure that Google does not process this data, by downloading and installing the browser plug-in available via the following link:

http://www.google.com/settings/ads/plugin

Google participates in the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.
Further information about data protection at Google can be found here:
http://www.google.com/intl/de/policies/privacy
https://services.google.com/sitestats/de.html

8. Google Ads Remarketing

We use Google Ads Remarketing. Using this application, after a visit to our website we can display our advertising on other websites. This is done via cookies stored in your browser, with your usage behaviour regarding visits to different websites compiled and assessed by Google. This means that Google is able to attribute your previous visit to our website. The merging of your personal details that may be stored by Google, in the context of data gather via remarketing, will not be carried out by Google, as per its own assertions. In particular according to Google, pseudonymising will be effected for any re-marketing.

9. Facebook Pixel

For conversion measurement, our website uses the visitor action pixel from Facebook, Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA (“Facebook”).

This allows the behaviour of visitors to the site to be tracked after they have been forwarded to the provider's website by clicking on a Facebook advertisement. The effectiveness of the Facebook advertisements can then be analysed for statistical and market research purposes so that future advertising measures can be optimised.

The collected data is anonymous for us as operator of this website; we cannot draw any inferences about the identity of the users. However, the data are stored and processed by Facebook, so it is possible to link them to the respective user profile and Facebook can use the data for its own advertising purposes in accordance with the Facebook’s data use guidelines. Facebook can therefore enable the delivery of advertisements on Facebook pages and outside Facebook. We as the site operator cannot influence how the data is used.

Further information about the protection of your privacy can be found in Facebook’s data privacy policy

https://www.facebook.com/about/privacy/.

You can also disable the “Custom Audiences” remarketing function in the settings for advertisements at https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen. You must log in to Facebook in order to do so.

If you do not have a Facebook account, you can disable use-based advertising from Facebook on the website of the European Interactive Digital Advertising Alliance:
http://www.youronlinechoices.com/de/preferencesmanagement/.

10. Use of Adform

Our website uses marketing technologies by Adform. In this context, data is collated and stored for marketing, market research and optimisation purposes. Legal basis for the processing of data is Art. 6 Para. 1 lit. f GDPR.

We use conversion tracking. A cookie is set for conversion tracking when a user has contact with adverts where Adform is switched on.

We also use re-targeting technology. Our website visitors are specifically targeted with advertising for our partners, if they have already shown an interest in our website and our products. Advertising media are overlayed using retargeting, on the basis of cookie-based analysis of previous user behaviour. This is done by way of a temporary cookie, which becomes invalid after 60 days.

A third party service provider stores these details under a pseudonym as a usage profile. To do this, so-called tracking scripts and cookies are used and these gather data. The data gathered with this technology will not be used without specific approval from the person concerned to identify visitors to the website and will not be merged with personal details about the pseudonym holder.

You have the right to object to the use of Adform. If you do not wish to participate in this procedure, you may object to the collection and storage of details at any time by setting an opt-out cookie, with effect in the future. Information about this can be found at:

You have the right to object to the creation of a user profile. If you do not wish to participate in this procedure, you may object to the collection and storage of details at any time by setting an opt-out cookie, with effect in the future. Information about this can be found at:

https://site.adform.com/dataprotection-opt-out/

Alternatively, you may set your browser in such a way that the setting of cookies is prevented. If you delete cookies in your browser, your opt-out cookie is also deleted and you will have to set this again.

More information about the third party provider: Adform ApS, Wildersgade 10B, 1408 Copenhagen, Denmark

Further information about data protection at Adform:
https://site.adform.com/dataprotection-opt-out/

11. ESC – Trade Desk

We use the service provider www.thetradedesk.com The Trade Desk der The UK Trade Desk Ltd. (Co. No. 8539108), 10th Floor, 1 Bartholomew Close, London EC1A 7BL, United Kingdom for user behavior-based advertising, technical generation of target groups and retargeting. The data allows us to optimize our online marketing methods and optimize the traffic on our website. Banner ads, video ads and image/text combinations (= native advertising) are used on all online platforms and media. TheTradeDesk processes data in the EU and also outside the EU or the EEA under the US Privacy Shields Agreement. The adequate level of data protection results from an appropriateness decision of the European Commission under art. 45 GDPR. TheTradeDesk is compliant with the GDPR and the aggregation of anonymous consumer data is as well compliant with the GDPR. If you nevertheless want to unsubscribe from this personalized advertising service, you can do so by clicking on http://insight.adsrvr.org/track/stop?action=dooptout. Please note: this action will create a cookie in your browser that stands for this opt-out; in case you delete your cookies your opt-out will be as well deleted for technical reasons. Also if you use different browsers you will have to make a separate opt-out for each browser.

12. Other processing outside our area of responsibility

12.1 Access control
Access control is the responsibility of the ski area the guest is accessing and details can be seen in the respective data protection statement for the ski area.

12.2 Photo points
If photo points are offered in ski areas, the responsibility lies with the respective ski area (in-cluding use as per GDPR).

12.3 Skiline
If SSC partners offer a Skiline service, the responsibility lies with the respective ski area, and in further consequence, in calling up the Skiline service, the respective homepage is left and the ski area is not liable.

12.4 Prize draws
If prize draws are carried out in ski areas or on their homepages, liability falls to that respec-tive ski area (including use as per GDPR).

12.5 Video monitoring
If video monitoring is carried out in ski areas, the responsibility lies with the respective ski area (including use as per GDPR).

12.6 WLAN
If WLAN is offered in ski areas, the responsibility lies with the respective ski area (including use as per GDPR).

12.7 Occasions and Events
For photos and videos that have been taken during an event or an occasion with SSC co-operation partners, the respective cooperation partner is responsible, with regard to GDPR.

12.8 Proof of low epidemiological risk for ski pass validity (“2G verification)
In accordance with COVID-19 regulatory measures, persons wishing to use cable cars and lifts for recreational purposes must provide proof that they present a low epidemiological risk. Currently, this is in the form of “2G verification” (“2G” refers to the person being either vaccinated or recovered). The legal foundation for inspection of this verification by us is our legal obligation to conduct said inspection consistent with § 3 (2) (1) of the “3. COVID-19-Maßnahmenverordnung” (the 3rd version of the Austrian Federal Covid-19 regulatory statutes) in conjunction with Art. 6 (1) (c) GDPR. For the purposes of simplifying the inspection process with respect to multi-day tickets or season passes, 2G verification may be stored insofar as you give us your expressed consent to do so. That said, the legal foundation for the storage of 2G verification is your expressed consent consistent with Art 9 (2) (a) GDPR to the processing of health data. When using digital sales channels, the aforementioned consent may be expressed by means of a checkbox; when purchasing in person at one of the ticket windows, by signing a corresponding consent declaration in paper form. There exists no legal obligation to consent to storage of 2G verification. Instead of storage, 2G verification may be inspected on an individual basis on each occasion when you wish to enter the lifts. For the purposes of automated storage and inspection of 2G verification, we utilize the services of contracted service provider SKIDATA (SKIDATA Austria GmbH, Hochthronstraße 1–7, A-5083 Grödig/Salzburg). We have entered into a corresponding contracting agreement with the company SKIDATA consistent with Art. 28 GDPR, ensuring that your data are processed exclusively within the framework of that agreement. Further information about Skidata’s own privacy policy may be found at: https://www.skidata.com/de-at/datenschutz/. Your 2G verification will be stored only for the validity period of your multi-day ticket or season ticket. Furthermore, your data may be processed in order to assert or defend legal claims. You may revoke your consent by email to datenschutz@schmitten.at at any time. Should you do so, this will in no way impact the legality of our having processed your data prior to the point of revocation.


13. Social Media plug-ins

On our website www.superskicard.com we use so-called 'embedded' Social Media plug-ins (interfaces with social networks). When you visit our website, the system automatically makes a connection with the respective social network using plug-in and transfers these details (IP address, website visit).
Data transfer occurs without any assistance and is outside our scope of responsibility. You can prevent this data transfer by logging out of the respective social networks before you visit our website. Only when you are 'logged in' can the social network allocate specific details to your 'User activity profile', via automatic data transfer.
Automatically transferred data will only be used by the operators of the social network and not by us. Further information on this, including the content of the data collected by social networks, can be gathered direct from the Internet site of the respective social network. Your privacy settings can be adjusted there too.
The social networks integrated on the website are:

Facebook ('Like')

Facebook Inc., 1601 S California Ave, Palo Alto, CA, 94304, USA
More information at https://de-de.facebook.com/policy.php.

14. Your rights

As per GDPR as the person concerned, you have the following rights and legal remedies:

14.1 Right to information
As per Art. 15 GDPR, you have the right to know whether, and to what extent we process your data. In certain instances, it may be necessary for your identity to be proven in a suitable form.

14.2 Updating and Deletion
As per Art. 16 GDPR, you have the right to update or add to your personal details – in consideration of the purposes of data processing – should we have processed incomplete or incorrect details about you.

As per Art. 17 GDPR you have the right to delete personal details in so far as this are not required to fulfil contractual purposes.

14.3 Limitation of processing
As per Art. 18 GDPR, you have the right to restrict the processing of your details.

14.4 Data processing
As per Art. 20 GDPR you have the right to receive any personal details relating to you in a format that is structured, current and machine-readable, or to have it transferred to another responsible party.

14.5 Right to object
As per Art 21 GDPR you are entitled to object to the processing of your personal details.

14.6 Right of withdrawal of your data protection approval
You can withdraw your consent to the processing of your personal data as per Art. 7 Para. 3 GDPR at any time, with future effect. The legitimacy of processing carried out up until the time of cancellation is however not affected by this.

You also have the opportunity to contact the Austrian Data Protection Authority (Barichgasse 40-42, 1030 Vienna, dsb@dsb.gv.at, www.dsb.gv.at) should you wish to lodge a complaint.

15. Contact details

Protecting your personal details is particularly important to us. You can contact us at any time via the contact details below:

Schmittenhöhebahn AG
Rubrik SuperSkiCard
Salzachtal-Bundesstraße 7
5700 Zell am See
Tel: +43 6542 / 789 0
E-mail: datenschutz@schmitten.at

As at: 15.11.2021