Tickets
Search
EN
Search
End search

Data Privacy Policy

1.    General
2.    What is personal data?
3.    Display, improvement and security of the website
    3.1.    Categories of data; Purposes and legal bases
    3.2.    Storage period; Duration of processing
4.    Contact form
    4.1.    Categories of data; Purposes and legal bases
    4.2.    Storage period; Duration of processing
5.    Online shop (sale of tickets and vouchers)
    5.1.    Categories of data; Purposes and legal bases
    5.2.    Storage period; Duration of processing
6.    Issue and administration of annual passes
    6.1.    Categories of data; Purposes and legal bases
    6.2.    Storage period; Duration of processing
7.    Registration and bookings
    7.1.    Categories of data; Purposes and legal bases
8.    Events
    8.1.    Categories of data; Purposes and legal bases
    8.2.    Storage period; Duration of processing
9.    Prize draws
    9.1.    Categories of data; Purposes and legal bases
    9.2.    Storage period; Duration of processing
10.    Press and public relations, including social media presence
    10.1.    Categories of data; Purposes and legal bases
    10.2.   Storage period; Duration of processing
11.    Electronic direct marketing on the basis of Section 174(4) TKG
    11.1.    Categories of data; Purposes and legal bases
    11.2.    Storage period; Duration of processing
12.    CCTV surveillance
    12.1.    Categories of data; Purposes and legal bases
    12.2.    Storage period; Duration of processing
13.    Data processing for the establishment, exercise or defence of legal claims, proceedings before public authorities (including courts)
    13.1.    Categories of data; Purposes and legal bases
    13.2.    Storage period; Duration of processing
14.    Recipients of data
15.    Cookies on our website
    15.1.    Use of essential cookies
    15.2.    Use of non-essential cookies
16.    Automated decision-making
17.    What rights do you have with respect to data processing

1.    General

Your personal data ("data") is safe with us, Haus des Meeres Aqua Terra Zoo GmbH and Haus des Meeres Betriebs GmbH (hereinafter: "we"). We are required to protect your data and take this requirement very seriously. Please take the time to read this Data Privacy Policy and find out why we collect your data when you visit our website and how we will process it. This text is for your information and does not establish any contractual rights or duties.

2.    What is personal data?

Personal data means any information relating to an identified or identifiable natural person (e.g. name, contact details, invoice data, IP address).

3.    Display, improvement and security of the website

3.1.    Categories of data; Purposes and legal bases

When you visit our website, the following data will be processed to display the website to you. Data will be processed to provide you with a service expressly requested by you, namely our website (Section 165(3) of the Austrian Telecommunications Act [Telekommunikationsgesetz], hereinafter: TKG):

  • address of the website retrieved (URL)
  • IP address of the website visitor
  • date and time of request
  • identification data of the browser used (user agent)

Provision of the data listed above is neither prescribed by law or contract nor required for concluding a contract. You are under no obligation to provide this data. Please bear in mind that we will not be able to display the website to you if you do not provide the relevant data.

We create log files where we will store the data stated above and link them to other data for three (3) months. The purpose of log files is to identify or track cyberattacks or other unauthorised access. We will process this data on the basis of our legitimate interest in the security of our website (Article 6(1)(f) GDPR).

3.2.    Storage period; Duration of processing

Data will be processed to display our website for the duration of your visit to our website. Data stored in log files will be processed by us for a period of three (3) years from entry into the log file to identify or track cyberattacks or other unauthorised access.

For the option of a longer processing period for purposes of establishing, exercising or defending legal claims and for proceedings before public authorities (including courts) please refer to Clause 13.

4.    Contact form

4.1.    Categories of data; Purposes and legal bases

When you send a request via the contact form on our website, the following data will be processed for you to be able to use the contact form and submit your request to us. Data will be processed to provide you with a service expressly requested by you, namely our contact form (Section 165(3) TKG):

  • IP address of the website visitor 
  • email address
  • name 
  • contact details
  • message

Provision of the data listed above is neither prescribed by law or contract nor required for concluding a contract. You are under no obligation to provide this data. Please bear in mind that the contact form will not work and we will not be able to process your request if you do not provide the relevant data.

4.2.    Storage period; Duration of processing

For the option of a longer processing period for purposes of establishing, exercising or defending legal claims and for proceedings before public authorities (including courts) please refer to Clause 13.

5.    Online shop (sale of tickets and vouchers)

5.1.    Categories of data; Purposes and legal bases

When you buy tickets or vouchers in our online shop, we will process your data on a (pre-)contractual basis (Article 6(1)(b) GDPR), namely for the purposes of starting, maintaining and handling the business relationship. The following categories of data will be processed in connection with our business relationships with customers for the above-mentioned purposes, unless you represent a legal entity or other person having a legal personality:

  • name
  • contact details
  • date of birth
  • delivery address
  • date and selected timeslot
  • voucher number
  • voucher value
  • data relating to the ticket type (adult, child)
  • additional remarks in the purchase order, e.g. special needs (wheelchair, etc.), if applicable
  • discount code, if applicable
  • membership of Ö1 Club, if applicable
  • different invoice address, if applicable
  • payment details

5.2.    Storage period; Duration of processing

Provision of the above data is not prescribed by law. It is, however, necessary for concluding a contract. If you maintain a contract with us, you will be required to provide such data for us to handle the contractual relationship, i.e. the provision of data is required under the contract insofar. Please bear in mind that we will not be able to process transactions if the necessary above-mentioned personal data is not available to us. 

If you provide additional data, we will process the same to safeguard our legitimate interests (Article 6(1)(f) GDPR) in improving the quality of our contractual relationship and our performance. 

In order to perform the contract we will process your data until performance of the contract by both parties. 

We will process your data for our bookkeeping to fulfil our business-law and tax-law obligations to safeguard our legitimate interest in fulfilling our bookkeeping requirements defined in Section 190 of the Austrian Business Code [Unternehmensgesetzbuch/UGB] (Article 6(1)(f) GDPR) and the duty to file VAT returns. For reasons of business law (Section 212 UGB) and tax law (Section 132 of the Austrian Federal Tax Code [Bundesabgabenordnung/BAO]) we retain our bookkeeping records for seven (7) years from the end of the financial year in which the relevant transaction took place.

For establishing, exercising or defending legal claims we will retain data regarding gift voucher purchases or unused tickets which are converted into vouchers for a period of 30 years due to the 30-year period of statutory limitation. For processing for purposes of establishing, exercising or defending legal claims and for proceedings before public authorities (including courts) please refer to Clause 13.

6.    Issue and administration of annual passes

6.1.    Categories of data; Purposes and legal bases

We will process your personal data listed below for issuing and managing annual passes on a (pre-)contractual basis (Article 6(1)(b) GDPR), namely for starting, maintaining and handling the business relationship. 

  • name
  • date of birth
  • postal code
  • term of validity
  • for card payments: purchase amount, date, bank details (encrypted)

6.2.    Storage period; Duration of processing

In order to perform the contract we will process your data until performance of the contract by both parties. Data regarding card payments will be stored by us for ten (10) days.

We will process your data for our bookkeeping to fulfil our business-law and tax-law obligations to safeguard our legitimate interest in fulfilling our bookkeeping requirements defined in Section 190 UGB (Article 6(1)(f) GDPR) and the duty to file VAT returns. For reasons of business law (Section 212 UGB) and tax law (Section 132 BAO) we retain our bookkeeping records for seven (7) years from the end of the financial year in which the relevant transaction took place.

For processing for purposes of establishing, exercising or defending legal claims and for proceedings before public authorities (including courts) please refer to Clause 13. 

7.    Registration and bookings

7.1.    Categories of data; Purposes and legal bases

We will process your data listed below for processing your booking and for registration in connection with your visit to the zoo and/or restaurant. Processing will occur on a (pre-)contractual basis (Article 6(1)(b) GDPR), namely to handle the booking and registration of your visit.

  • name
  • contact details 
  • date of birth

8.    Events

8.1.    Categories of data; Purposes and legal bases

If you book an event with us, we will process your personal data on a (pre-)contractual basis (Article 6(1)(b) GDPR), namely for the purposes of starting, maintaining and handling the business relationship. The following categories of data will be processed in connection with our business relationship for the above-mentioned purposes, unless you represent a legal entity or other person having a legal personality:

  • type of event
  • setting of the event
  • number of visitors
  • description of the event (free text field)
  • date and time
  • name and contact details 
  • VAT number, if applicable 
  • references, if applicable

If you book tickets for a Kultur und Me(e)hr event, please refer to Clause 5.

8.2.    Storage period; Duration of processing

In order to perform the contract we will process your data until performance of the contract by both parties. Data regarding card payments will be stored by us for ten (10) days.

We will process your data for our bookkeeping to fulfil our business-law and tax-law obligations to safeguard our legitimate interest in fulfilling our bookkeeping requirements defined in Section 190 UGB (Article 6(1)(f) GDPR) and the duty to file VAT returns. For reasons of business law (Section 212 UGB) and tax law (Section 132 BAO) we retain our bookkeeping records for seven (7) years from the end of the financial year in which the relevant transaction took place.

For processing for purposes of establishing, exercising or defending legal claims and for proceedings before public authorities (including courts) please refer to Clause 13.

9.    Prize draws

9.1.    Categories of data; Purposes and legal bases

If you participate in one of our prize draws, we will process your data listed below for handling the prize draw and relating correspondence. Processing will occur on a (pre-)contractual basis (Article 6(1)(b) GDPR), namely to handle the prize draw and awarding the prize.

  • name
  • contact details
  • prize

9.2.    Storage period; Duration of processing

We will process your above-mentioned data until conclusion of the prize draw. If you have won, we will process your data until the prize has been awarded. For the option of a longer processing period  for purposes of establishing, exercising or defending legal claims and for proceedings before public authorities (including courts) in the case that you win please refer to Clause 13.

10.    Press and public relations, including social media presence

10.1.    Categories of data; Purposes and legal bases

Upon your consent (for the purposes of Article 6(1)(a) GDPR) we will process your data stated below to periodically inform you through a newsletter via Brevo and about upcoming events.

  • name
  • contact details
  • dates of subscribing to and unsubscribing from the newsletter
  • newsletters sent

For analysing the newsletters sent, the following data about you will be collected and processed when you read the newsletter:

  • IP address (of the device on which the newsletter is read)
  • preferences when reading the newsletter (click behaviour)
  • blocking and marking as spam
  • time at which the newsletter is opened
  • clicks on links from the newsletter
  • delivery failures

If you do not wish to provide those details, please do not subscribe to the newsletter. You may unsubscribe from the newsletter at any time by sending an email using the subject "Unsubscribe Newsletter" to the mailbox office@haus-des-meeres.at or by clicking on the relevant link contained in every newsletter sent and thus withdraw your consent.

Upon your consent (as defined in Article 6(1)(a) GDPR) we will process photos and videos, including publication of the same on the website and via social media channels and print media, in particular for public relations, to raise the awareness of Haus des Meeres. 

Provision of the data listed above is neither prescribed by law or contract nor required for concluding a contract. You are under no obligation to provide this data. Where we process your data based on your consent, you have the right to withdraw your consent at any time by sending an email to office@haus-des-meeres.at or a letter to Fritz-Grünbaum-Platz 1, 1060 Vienna. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal (Article 7(3) GDPR).

10.2.   Storage period; Duration of processing

We will process the above-mentioned data until you withdraw your consent. 

We expressly point out that on the conditions of Section 174(4) TKG we may be authorised to send you the newsletter even without your prior express consent (see Clause 11). Any withdrawal of your consent to receipt of the newsletter described herein will also be considered by us as withdrawal for the purposes of Section 174(4) TKG

For the option of a longer processing period for purposes of establishing, exercising or defending legal claims and for proceedings before public authorities (including courts) please refer to Clause 13.

11.    Electronic direct marketing on the basis of Section 174(4) TKG

11.1.    Categories of data; Purposes and legal bases

We process our customers' data for purposes of electronic direct marketing by way of emails (sending newsletters about our own similar products/services, satisfaction surveys, congratulation letters, statistical analyses).

The following data will be processed for direct marketing by email:

  • salutation
  • first name, surname
  • email address
  • data regarding products or services purchased from us before

We would like to expressly inform you that you may object to processing of your data for the purposes of electronic direct marketing at the time we collect your electronic contact details and with any transmission by email to office@haus-des-meeres.at or sending a letter to Fritz-Grünbaum-Platz 1, 1060 Vienna.

11.2.    Storage period; Duration of processing

We will process your data for the purpose of direct marketing pursuant to Section 174(4) TKG only until you object to such data processing. If you do not object, we will process your data for that purpose for three (3) years from the last contact. Retention of your data for the purpose of future direct marketing serves the purpose of safeguarding our legitimate interest in keeping records of contacts for sending direct marketing emails (Article 6(1)(f) GDPR).

For the option of a longer processing period for purposes of establishing, exercising or defending legal claims and for proceedings before public authorities (including courts) please refer to Clause 13.

12.    CCTV surveillance

12.1.    Categories of data; Purposes and legal bases

For the purposes of protecting ourselves (protection of property and staff) and complying with our responsibilities (discharge of the duty to maintain safety, contractual liability vis-à-vis visitors, etc.) and for the purposes of preventing, containing and clearing up criminal conduct we will process your data in connection with CCTV surveillance. The legal basis of processing is our legitimate interests in protecting ourselves and complying with our responsibilities (Article 6(1)(f) GDPR, Article 10 GDPR in conjunction with Section 4(3) No. 2 of the Austrian Data Protection Act [Datenschutzgesetz/DSG]. Data will be analysed exclusively in cases defined by the purpose. The following categories of data will be processed for that purpose:

  • CCTV data (appearance, conduct) 
  • place of CCTV recording
  • time of CCTV recording
  • identity of the person recorded, if identifiable based on the recordings
  • role of the person recorded (e.g. victim, offender, witness), if identifiable based on the recordings

12.2.    Storage period; Duration of processing

CCTV surveillance data will be stored for 72 hours and then erased. For the option of a longer processing period for purposes of establishing, exercising or defending legal claims and for proceedings before public authorities (including courts) please refer to Clause 13.

13.    Data processing for the establishment, exercise or defence of legal claims, proceedings before public authorities (including courts)

13.1.    Categories of data; Purposes and legal bases

Where applicable, we may process data also for the purposes of establishing, exercising or defending legal claims or handling proceedings before public authorities (including courts) on the basis of our legitimate interest (Article 6(1)(f) GDPR). Our legitimate interest lies in enforcing existing claims and defending non-existing claims and handling proceedings before public authorities (including courts) to protect our legal position.

For establishing, exercising or defending legal claims and for handling proceedings before public authorities (including courts) we will process all data categories that are necessary for that purpose. Potentially they are all categories of data of you which we already process for other purposes.

13.2.    Storage period; Duration of processing

We will process data that is required to establish, exercise or defend legal claims for that purpose even up to 30 years after termination of the business relationship. 

If data subjects claim rights under the GDPR (for details see Clause 17), we will store the relevant data for three (3) years from the last contact in connection with claiming of rights by a data subject.

In the case of proceedings before public authorities or the courts we will store your data for the duration of the proceedings and, depending on the subject matter and outcome of the proceedings, in addition for 30 years from final/non-appealable conclusion of the same.

14.    Recipients of data

For the above purposes we are required to disclose your data to the following recipients for the following purposes. Such disclosure may occur by way of transmission, transfer, dissemination or any other form of provision. The recipients:

Recipient Data categories Purpose Legal basis

incert eTourismus GmbH & Co KG

All data as per Clauses 3, 4, 5, 7, 8, 10, 11

Ensuring the availability, security and efficiency of our online shop

No legal basis necessary due to the data processing agreement

Amepheas AG

All data as per Clause 5

Ticket administration

No legal basis necessary due to the data processing agreement

Techtime GmbH

All data categories

Support and remote maintenance of our IT

No legal basis necessary due to the data processing agreement

PAYONE GmbH

Card payment data

Card payment management

Contractual basis (Article 6(1)(b) GDPR): payment processing upon request

Lawyers and tax advisors

All data categories

Evaluation and bringing about compliance with legal obligations

Legitimate interests (Article 6(1)(f) GDPR): compliance with the legal obligations to which we are subject

Public authorities (including courts)

All data categories

Handling proceedings and legal disputes

Legal obligations (Article 6(1)(c) GDPR);
Legitimate interests: establishment, exercise or defence of legal claims (Article 6(1)(f) GDPR) and compliance with legal obligations (in particular procedural law)

Recipient

incert eTourismus GmbH & Co KG

Data categories

All data as per Clauses 3, 4, 5, 7, 8, 10, 11

Purpose

Ensuring the availability, security and efficiency of our online shop

Legal basis

No legal basis necessary due to the data processing agreement

Recipient

Amepheas AG

Data categories

All data as per Clause 5

Purpose

Ticket administration

Legal basis

No legal basis necessary due to the data processing agreement

Recipient

Techtime GmbH

Data categories

All data categories

Purpose

Support and remote maintenance of our IT

Legal basis

No legal basis necessary due to the data processing agreement

Recipient

PAYONE GmbH

Data categories

Card payment data

Purpose

Card payment management

Legal basis

Contractual basis (Article 6(1)(b) GDPR): payment processing upon request

Recipient

Lawyers and tax advisors

Data categories

All data categories

Purpose

Evaluation and bringing about compliance with legal obligations

Legal basis

Legitimate interests (Article 6(1)(f) GDPR): compliance with the legal obligations to which we are subject

Recipient

Public authorities (including courts)

Data categories

All data categories

Purpose

Handling proceedings and legal disputes

Legal basis

Legal obligations (Article 6(1)(c) GDPR);
Legitimate interests: establishment, exercise or defence of legal claims (Article 6(1)(f) GDPR) and compliance with legal obligations (in particular procedural law)

15.    Cookies on our website

Cookies are text files stored on your computer or mobile terminal device, independent of whether they concern personal data or not. They serve the purpose of recognising the website user and storing temporary information. Without your consent we will exclusively use cookies that are essential for displaying the website. We will use non-essential cookies for other purposes only upon your consent.

15.1.    Use of essential cookies

To enable interaction with us via our website it is necessary to store the cookies listed in the table below on your terminal device (e.g. computer, mobile phone or tablet) for the duration and for the purposes stated in the table and to read out such data. Cookies will be stored on your terminal device on the legal basis of Section 165(3) TKG for the purpose of displaying the website as it is a service expressly requested by you as defined in Section 165(3) TKG.

The following essential cookies are used on our website:

Description Recipient Data categories Purpose Legal basis for transfers to third countries Storage period

data_privacy_settings

Haus des Meeres Betriebs GmbH

IP address, dwell time

Storage of cookie and data privacy settings

Not necessary because the recipient is situated within the EEA.

One year

Description

data_privacy_settings

Recipient

Haus des Meeres Betriebs GmbH

Data categories

IP address, dwell time

Purpose

Storage of cookie and data privacy settings

Legal basis for transfers to third countries

Not necessary because the recipient is situated within the EEA.

Storage period

One year

Provision of the data listed in the table is neither prescribed by law or contract nor required for concluding a contract. You are under no obligation to provide this data. If you do not consent to these cookies being set or read out, we will not be able to display the website to you.

15.2.    Use of non-essential cookies

Non-essential cookies will be stored based on your voluntary consent, which you may give via the cookie banner, and then used accordingly

They allow us, for example, to merge your "browsing behaviour" beyond the limits of our website with data from other websites. Thus, we will be able to offer you products and services tailored to your needs. You may object to such data processing at any time with effect for the future.

We also use cookies which may be set or read out by recipients of data. In that case those recipients will receive your data. For the relevant details please see the table on non-essential cookies further below.

Storage and use of the non-essential cookies described in the table below will exclusively be effected on the basis of your consent pursuant to Section 165 TKG 2021 in conjunction with Article 6(1)(a) GDPR.

You may withdraw your consent at any time. You may do so by changing the cookie settings (by refusing all non-essential cookies) of the website www.haus-des-meeres.at by clicking on the "Cookie Settings" menu item in the footer. 

You may also contact us by phone on +43 1 587 14 17, by email office@haus-des-meeres.at or by letter to Fritz-Grünbaum-Platz 1, 1060 Vienna. If you contact us by phone or letter, we will unfortunately not be able to fully comply with your withdrawal of consent remotely for technical reasons because removal of cookies that have been set before may, for example, concern a configuration which is only possible via access to your device. We are happy to provide you with detailed instructions on how to remove set cookies. However, due to withdrawal of your consent we will in any case erase all data in our sphere of control which we have processed on the basis of your consent and refrain from any future data processing for which your consent would be required.

Withdrawal of your consent shall not affect the lawfulness of processing based on consent before its withdrawal (Article 7(3) GDPR).

The following non-essential cookies will be used on our website only upon your consent:

Description Recipient Data categories Purpose Legal basis for transfers to third countries Storage period

Google Tag Manager

Google Ireland Ltd. (Irland); Google LLC (USA)

IP address, dwell time, origin of visitors

Interactions on the website will be collected and forwarded to the linked tools. Tag Manager analysis is not possible.

Adequacy decision of the European Commission: The recipient is certified under the EU-U.S. Data Protection Framework.

One year

Google Maps

Google Ireland Ltd. (Ireland); Google LLC (USA)

IP address, dwell time, origin of visitors

Embedding of the map

Adequacy decision of the European Commission: The recipient is certified under the EU-U.S. Data Protection Framework.

One year

YouTube (Google)

Google Ireland Ltd. (Ireland); Google LLC (USA)

IP address, retrieved website, dwell time

Embedding of videos via YouTube

Adequacy decision of the European Commission: The recipient is certified under the EU-U.S. Data Protection Framework.

Clicky

Roxr Software, Ltd (USA)

IP address, date, time, retrieved site, browser information, data regarding website use and click logging

Analysis of user behaviour and optimisation of the website

Adequacy decision of the European Commission: The recipient is certified under the EU-U.S. Data Protection Framework.

One year

Description

Google Tag Manager

Recipient

Google Ireland Ltd. (Irland); Google LLC (USA)

Data categories

IP address, dwell time, origin of visitors

Purpose

Interactions on the website will be collected and forwarded to the linked tools. Tag Manager analysis is not possible.

Legal basis for transfers to third countries

Adequacy decision of the European Commission: The recipient is certified under the EU-U.S. Data Protection Framework.

Storage period

One year

Description

Google Maps

Recipient

Google Ireland Ltd. (Ireland); Google LLC (USA)

Data categories

IP address, dwell time, origin of visitors

Purpose

Embedding of the map

Legal basis for transfers to third countries

Adequacy decision of the European Commission: The recipient is certified under the EU-U.S. Data Protection Framework.

Storage period

One year

Description

YouTube (Google)

Recipient

Google Ireland Ltd. (Ireland); Google LLC (USA)

Data categories

IP address, retrieved website, dwell time

Purpose

Embedding of videos via YouTube

Legal basis for transfers to third countries

Adequacy decision of the European Commission: The recipient is certified under the EU-U.S. Data Protection Framework.

Storage period
Description

Clicky

Recipient

Roxr Software, Ltd (USA)

Data categories

IP address, date, time, retrieved site, browser information, data regarding website use and click logging

Purpose

Analysis of user behaviour and optimisation of the website

Legal basis for transfers to third countries

Adequacy decision of the European Commission: The recipient is certified under the EU-U.S. Data Protection Framework.

Storage period

One year

Provision of the data listed above is neither prescribed by law or contract nor required for concluding a contract. You are under no obligation to provide this data.

16.    Automated decision-making

We would like to inform you that no data processing as defined in Article 22 GDPR will take place. This means: we will make no decisions based on exclusively automated processing (including profiling) that would become legally effective vis-à-vis you or would significantly affect you detrimentally in a similar way; any decision having such an effect will be made by a natural person.

17.    What rights do you have with respect to data processing?

We would like to inform you that you have the right 

  • to request a confirmation as to whether we process your personal data or not and, where that is the case, you have access to information about such personal data and the information stated in Article 15(1) and (2) GDPR; as to the right to obtain a copy of your personal data which is the subject matter of processing see Article 15(3) and (4) GDPR;
  • to request rectification or completion of inaccurate or incomplete data (for more details see Article 16 GDPR); 
  • to request erasure of your data, provided that there is no legal basis for future processing of your data (for more details see Article 17 GDPR); in this context we will not be able to comply with an erasure request if processing (retention) is required to fulfil a legal obligation (statutory retention duties) or if we are entitled to do so on the basis of overriding interests (e.g. establishment, exercise or defence of specific legal claims); 
  • to request restriction of processing of your data if certain prerequisites are fulfilled (for more details see Article 18 GDPR);
  • to object to processing of your data where processing is necessary for safeguarding our legitimate interests or those of a third party (Article 6(1)(f) GDPR). In the case of an objection we will no longer process your data unless processing serves the purpose of establishing, exercising or defending legal claims or we demonstrate compelling legitimate grounds for the processing which override your interests (taking your special situation into account, where applicable). If you object to processing for the purpose of direct marketing (including profiling if linked to such direct marketing), we will no longer process your personal data for these purposes (for details see Article 21 GDPR);
  • to receive the personal data provided by you in a structured, commonly used and machine-readable format. However, the right to data portability exists only if processing is based on your consent or a contract (for more details see Article 20 GDPR).

You may claim any of the above rights  either by sending an email to office@haus-des-meeres.at or a letter to Fritz-Grünbaum-Platz 1, 1060 Vienna.

Where we process your data based on your consent, you have the right to withdraw your consent at any time by sending an email to office@haus-des-meeres.at or a letter to Fritz-Grünbaum-Platz 1, 1060 Vienna. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal (Article 7(3) GDPR). 

If despite our obligation to lawfully process your data you should unexpectedly be of the opinion that your personal data is not being lawfully processed, please contact us by letter or email (see the contact details below) to let us know your concerns for us to address the same. You may also lodge a complaint with the Austrian Data Protection Authority or another data protection regulator within the EU, in particular at your place of residence or work. 

We hope that this information provides clarity as to the way in which and the purposes for which we will process your personal data. If you have any questions on the processing of your personal data, please contact us by sending an email to office@haus-des-meeres.at or a letter to Fritz-Grünbaum-Platz 1, 1060 Vienna.

Haus des Meeres Betriebs GmbH
Fritz-Grünbaum-Platz 1
1060 Vienna

Phone: +43 1 587 14 17 (you can reach us Monday to Friday from 9 a.m. to 4 p.m.)
office@haus-des-meeres.at
www.haus-des-meeres.at
VAT number: ATU 63511603