Privacy Policy

Updated on January 31st, 2026

1. Introduction

This Privacy Policy explains how Susanne Knobloch ("we," "our," "host") collects, uses, stores, and protects your personal data when you book and stay at Chalet Elsa, a vacation rental property in Murau, Austria. We are committed to protecting your privacy in compliance with the EU General Data Protection Regulation (GDPR) and Austrian data protection laws.

Data Controller: Susanne Knobloch, Chalet Elsa, Schlossberg 11, 8850 Murau, Styria, Austria. Phone: +43 664 251 3486. Email: susanne.knobloch247@gmail.com

2. Information We Collect

Full name, address, email address, phone number. Arrival and departure dates, number of guests and guest composition. Payment information (credit card via Stripe, or bank details for wire transfers). Special requests or requirements.

Government-issued ID verification. Guest screening results. Identity authentication data. Verification completion status.

Credit card information processed by Stripe (we never see full card details). Wire transfer transaction references and confirmation receipts. Invoice and payment history. Security deposit transactions.

Email correspondence regarding your booking. Phone call records and messages. Customer service inquiries and responses. Pre-arrival and during-stay communications.

IP address, browser type, device information. Website usage data and cookies. Booking timestamps and interaction history. Referral sources (Booking.com, Airbnb, direct booking).

3. How We Use Collected Information

We use your personal data for the following purposes: Process and confirm bookings. Verify guest identity and conduct safety screening through Truvi. Process payments via Stripe (credit card) or wire transfer. Manage security deposits and refunds. Communicate about your reservation and provide arrival instructions. Manage shared amenities (sauna, terrace) scheduling. Issue invoices and payment confirmations. Fulfill legal obligations (tax reporting, Styrian tourist registration). Improve our services and website functionality. Prevent fraud and unauthorized property access. Send booking confirmations and pre-arrival information. Send marketing communications (with your explicit consent only).

4. Sharing and Disclosure

We share your data only with essential service providers and as legally required:

Truvi: Guest identity verification and screening only (no payment data). Stripe: Credit card payment processing only (PCI DSS Level 1 compliant). Our Bank: Wire transfer confirmation (only transaction references). Booking Platforms: Booking.com and Airbnb for reservation management.

Austrian Tax Authorities: As required by law. Murau Tourism Office: For local tourist registration. Law Enforcement: When required by legal proceedings or court orders.

We do not sell or rent your personal data to third parties for marketing purposes.

5. Data Security

We implement appropriate technical and organizational measures to protect your data: SSL/TLS encryption for all data transmission. PCI DSS compliant credit card processing through Stripe. Limited access to personal data on need-to-know basis. Password-protected systems and encrypted databases. Truvi's third-party verified security for verification data. Regular security assessments and updates. Staff training on data protection. Regular secure backups with encryption. We never store full credit card details on our systems.

Truvi: Encrypted identity document storage, secure verification protocols, GDPR-compliant data processing, no access to payment information. Stripe: PCI DSS Level 1 compliant, end-to-end encryption, tokenization of payment information, does not share full card details with merchants.

6. User Rights

Under GDPR, you have the following rights: Access (request a copy of all personal data we hold about you). Rectification (correct inaccurate or incomplete data). Erasure or "Right to be Forgotten" (request deletion subject to legal retention obligations). Restriction (limit how we process your data). Data Portability (receive your data in a structured, machine-readable format). Object (object to processing based on legitimate interests). Withdraw Consent (for marketing or consent-based processing at any time). Automated Decision-Making (not be subject to solely automated decisions with legal effects).

Important Note: For Stripe payment data, you may need to contact Stripe directly to exercise certain rights. For verification data, some requests may require coordination with Truvi.

To exercise your rights: Email susanne.knobloch247@gmail.com, Phone +43 664 251 3486, Mail Chalet Elsa, Schlossberg 11, 8850 Murau, Austria. We will respond within 30 days of receiving your request.

7. Cookies

Our website uses cookies for the following purposes:

Essential Cookies (always active): Booking system functionality. Session management and security. Language preferences. Stripe payment form functionality.

Analytics Cookies (with consent): Understanding how visitors use our site. Improving user experience. Traffic analysis.

Marketing Cookies (with consent): Personalized content. Retargeting on third-party platforms.

You can manage cookie preferences through your browser settings or our cookie consent banner. Disabling essential cookies may affect booking and payment functionality.

8. Data Retention

Booking and payment data: 7 years (Austrian tax law requirements). Guest verification records: 3 years after stay completion. Stripe payment data: Controlled by Stripe's retention policy (typically 7 years for compliance). Wire transfer records: 7 years (Austrian accounting requirements). Communication records: Duration of relationship plus 3 years. Marketing consent records: Until consent is withdrawn. Technical and cookie data: 12 months. Dispute-related records: Until resolution plus applicable limitation periods.

9. International Data Transfers

Your data is primarily stored within the EU/EEA. Truvi: Data processed within EU/EEA with appropriate GDPR safeguards. Stripe: Primarily EU infrastructure; some data may be transferred to Stripe Inc. (USA) under Standard Contractual Clauses and GDPR-compliant safeguards. Our Systems: All stored within Austria/EU.

Any transfers outside the EU/EEA comply with GDPR Chapter V requirements, including Standard Contractual Clauses, adequacy decisions, or other approved transfer mechanisms.

10. Third-Party Links

Our website and communications may contain links to: Booking.com and Airbnb platforms, Truvi verification portal, Stripe payment processing pages, Local Murau tourism information sites, Activity and restaurant recommendations.

We are not responsible for the privacy practices of these external sites. Please review their privacy policies separately. Stripe Privacy Policy: https://stripe.com/privacy. Truvi Privacy Policy: Available through their verification portal.

11. Children's Privacy

Our vacation rental services are not directed to individuals under 16 years of age. While we welcome families with children as guests, we do not knowingly collect personal data from children. Parents or legal guardians must provide all booking and payment information.

12. Legal Basis for Processing

We process your data based on: Contract Performance (processing necessary for booking fulfillment and service delivery, GDPR Art. 6(1)(b)). Legal Obligations (tax records, tourist registration with Murau authorities, consumer protection compliance, GDPR Art. 6(1)(c)). Legitimate Interests (fraud prevention through Truvi verification, property protection, guest safety screening, GDPR Art. 6(1)(f)). Consent (marketing communications, non-essential cookie usage, GDPR Art. 6(1)(a)).

13. Supervisory Authority

If you believe your data protection rights have been violated, you have the right to lodge a complaint with the Austrian Data Protection Authority (Datenschutzbehörde), Barichgasse 40-42, 1030 Vienna, Austria. Phone: +43 1 52 152-0. Email: dsb@dsb.gv.at. Website: www.dsb.gv.at

14. Changes to This Privacy Policy

We may update this Privacy Policy to reflect: Changes in our data processing practices. New legal requirements or GDPR guidance. Updates to our service providers (e.g., Truvi or Stripe features). Guest feedback and improvements.

The "Last Updated" date at the top indicates the most recent revision. Significant changes will be communicated via email to guests with active bookings. Continued use of our services after changes constitutes acceptance of the updated policy.

15. Legal Information (Impressum)

Information and Disclosure in accordance with §5 (1) E-Commerce Act (ECG), §25 Media Act (MedienG), §63 Trade Regulation Act (GewO), and §14 Commercial Code (UGB).

Website Operator: Susanne Knobloch. Property Address: Chalet Elsa, Schlossberg 11, 8850 Murau, Styria, Austria. Contact: Phone +43 664 251 3486, Email susanne.knobloch247@gmail.com. Applicable Legal Regulations: www.ris.bka.gv.at. Online Dispute Resolution: https://ec.europa.eu/consumers/odr

The content of this website, including photographs and descriptions of Chalet Elsa, is protected by copyright law. Any use, reproduction, or distribution of the provided material that is prohibited under copyright law requires prior written consent from the website operator.

Despite careful review of content, the website operator assumes no liability for the content of external links (including links to Booking.com, Airbnb, Truvi, Stripe, or local Murau information sites). The respective operators of linked websites are solely responsible for their content. Should you notice any external links referring to websites with unlawful activities or information, please inform us at susanne.knobloch247@gmail.com so that such links can be promptly removed in accordance with §17 (2) ECG.

The copyrights of third parties are respected with the utmost care by the operator of this website. However, if you become aware of any copyright violations on our website, please notify us. Upon being informed of such violations, we will promptly remove the affected content.

16. Contact Information

For questions about this Privacy Policy, to exercise your data protection rights, or for general inquiries about Chalet Elsa:

Email: susanne.knobloch247@gmail.com. Phone/WhatsApp: +43 664 251 3486. Mail: Chalet Elsa, Schlossberg 11, 8850 Murau, Styria, Austria.

For payment-specific questions: Credit card payments (contact Stripe support or susanne.knobloch247@gmail.com). Wire transfers (susanne.knobloch247@gmail.com).

For verification questions: Contact Truvi through their verification portal or susanne.knobloch247@gmail.com.

Response Time: We aim to respond to all privacy-related inquiries within 48 hours and formal data subject requests within 30 days as required by GDPR.

Your mountain home away from home.

We can’t wait to welcome you to Chalet Elsa. Whether you’re here to carve through the fresh powder at Kreischberg, tee off at the golf course, or simply unwind in the private sauna, we are dedicated to making your stay in Murau truly unforgettable.

+43 664 5213486

Privacy Policy

Terms

Chalet Elsa

© 2026 Chalet Elsa Murau. All rights reserved.

Your mountain home away from home.

We can’t wait to welcome you to Chalet Elsa. Whether you’re here to carve through the fresh powder at Kreischberg, tee off at the golf course, or simply unwind in the private sauna, we are dedicated to making your stay in Murau truly unforgettable.

+43 664 5213486

Privacy Policy

Terms

Chalet Elsa

© 2026 Chalet Elsa Murau. All rights reserved.