Privacy Policy

This website is operated by VIVAMAYR Marketing GmbH (Austrian Commercial Register number FN 428877b), hereinafter referred to as “we”, “us” and “VIVAMAYR”, with its head office in Maria Wörth. Acting as the controller under the definition provided in EU GDPR Art. 4 (7), we specify in this Privacy Policy which data we collect when you visit our website and for which purpose we process that data. You will find all the relevant contact details in clause 9 of this Privacy Policy.

As the protection of your personal data is extremely important to us, we strictly adhere to the legal specifications of the Austrian Data Protection Act (DSG) and EU GDPR whenever we collect and process your personal data.

Below, you will find detailed information about the scope and purpose of our data processing as well as your rights as a data subject affected by data processing. We should therefore be grateful if you could read our Privacy Policy carefully before continuing to use our website and, where applicable, give your consent to data processing.

1. Personal data

Our website can generally be used without providing personal data. However, different regulations may be applicable for the use of individual services, in which case this will be indicated separately.

Apart from cookies, described in more detail below, we only collect and store data which you share with us yourself, either by entering them into our input dialogues or by actively interacting with our website in some other way.

Personal data are all the details that refer to an identified or identifiable natural person. They include, for example, your name, address, phone number and date of birth.

2. Use of cookies

a. If you only use our website for information purposes, without registering or otherwise sending us details, we only collect the personal data which our server receives from your browser. When you visit our website, we collect the data specified below, as they are technically required by us in order to display the website on your device and to warrant the stability and security of the website, as stipulated in EU GDPR Art. 6 (1) point f.

• IP address
• Date and time of the request
• Time zone difference with Greenwich Mean Time (GMT)
• Content of request
• Access status / http status code
• Volume of data transmitted
• Website from which the request originates
• The browser used
• The operating system and its interface
• Language and version of browser software

b. In addition to the data mentioned above, we also save cookies to your computer whenever you use our website. Cookies are small text files that are systematically stored on your hard drive by the browser you use and which send certain information to the server that sets those cookies (in this case our server). Under the current state of the art, cookies cannot execute programs or transmit viruses to your computer, but merely serve the purpose of making our website more user-friendly and effective.

c. Our website(s) use(s) the following types of cookies, which can be characterised as follows with regard to scope and operation:

Transient Cookies

Transient cookies are automatically deleted when you close your browser. They include, in particular, session cookies, which store so-called session IDs, making it possible to match different requests from your browser with the session you had on our website. As a result, your computer can be recognised the next time you visit our website again. Such session cookies are deleted when you log out or close the browser.

Persistent Cookies

Persistent cookies are automatically deleted after a specified period of time, which can vary from one cookie to another. However, you can erase the cookies yourself by changing your browser settings at any time.

d. You have the option of changing your browser settings in such a way that your system rejects, for instance, third-party cookies or all cookies. Please note, however, that you may no longer be able to use all the functions of our website if you select to reject cookies.

e. We also use cookies to identify you on subsequent visits to our website if you have an account with us. Alternatively, you need to log in again every time you visit our website.

f. Whenever we use flash cookies, these are not recorded by your browser, but by your flash plug-in. We also use HTML5 storage objects which are saved to your device. These objects save the required data independently of the browser you use and therefore have no automatic expiry date. You can prevent the processing of flash cookies by installing suitable add-ons to your browser or by using your browser in private mode.

3. Collection and processing of personal data

Any personal data over and above the information saved by cookies will only be processed by us if you have voluntarily disclosed them to us, for example, by registering with us, by entering into a contractual relationship with us or by making contact in some other way. Such data exclusively consist of contact details and information about requests you send to us.

When you provide personal data, we will only use them to the extent that we need them for the relevant data processing purposes (e.g. registration, sending newsletters, processing a purchase order, sending information and advertising material, processing a raffle, answering a question or giving you access to specific information) and/or to the extent that the information is legally permitted (especially under EU GDPR Art. 6) (e.g. sending information and advertising material to existing customers).

The purpose of processing your data is so that we can operate our website and ensure the targeted provision of company-specific information, including the presentation of our products and services (i.e. marketing). Any additional use of your data will only take place to the extent that you have expressly given your consent. You can withdraw your consent at any time, with future effect, as detailed below.

4. Duration of storage

If you provide us with data exclusively for the purpose of customer support, marketing or information, we generally store such data for a period of three years after we last had contact. Should you request this, however, we will erase your data before the expiry of this period, provided that there is no legal obstacle to erasure.

If a contract is initiated or concluded with you, we will continue to process your personal data after the complete performance of the contract until the expiry of the guarantee, warranty, limitation and statutory retention periods applicable to us and, in addition, until the closure of any legal disputes for which the data are required as proof.

5. Tools and applications used by us

a. Google Analytics

We use Google Analytics, a web analysis service provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. This service uses so-called cookies (see above). The information created by cookies on your use of our website is usually sent to a Google server, where it is then stored.

Acting at our request, Google uses this information to analyse your use of our website, to create reports on website activities for us as website operators and to provide us with other services connected with website use and internet use by website users. The IP address which Google Analytics sends via your browser will not be linked by Google with any other data Google may have.

You can make suitable settings in your browser software that will prevent the storage of cookies needed by Google Analytics. However, this may mean that you cannot use all the functions of our website in their entirety. If you do not want Google to store, transmit or process data produced by cookies about your website use (including your IP address), you can prevent this by downloading and installing a browser plug-in from the following link:

If you require further details about the manner, scope and purpose of Google’s data collection, we recommend that you read Google’s own data privacy terms.

b. External Links

Our website also contains links to other websites, which are provided for information only. These third-party websites are outside our control and are therefore not covered by the provisions of this Privacy Policy. When you click on such a link, the operator of that website may collect and process your data on the basis of that website operator’s own privacy policy, which may deviate from ours.

c. YouTube components with Privacy-Enhanced Mode

Our website contains components (i.e. videos) from YouTube, LLC 901 Cherry Ave., 94066 San Bruno, CA, USA, a company owned by Google Inc., Amphitheatre Parkway, Mountain View, CA 94043, USA. We use the option of Privacy-Enhanced Mode provided by YouTube.

When you call up a page with an embedded video, a link is created to the YouTube servers, and the content is shown on the website via notification to your browser. According to YouTube, Privacy-Enhanced Mode merely means that data are sent to the YouTube server, especially data with information as to which of our webpages you visited when you viewed the video. If you are logged in to YouTube at the same time, this information will be associated with your YouTube account. You can prevent this by logging out of your member account before visiting our website. Further details of YouTube’s data privacy are provided by Google via the following link:

d. Use of Eyepin

Consent to our newsletter
As regards the use of your personal data for the receipt of our newsletter, you will be asked to provide your consent in the relevant place, as follows: “I agreed to receive the newsletter”

We use this newsletter to send you regular information about our products and services. To receive the newsletter, you need to provide a valid email address. Once we have received the email address you provide, we will follow a double opt-in procedure whereby we check whether you really are the owner of that email address and whether the said owner is authorised to receive the newsletter. When you subscribe to our newsletter, we store your IP address and the date and time of your subscription request. This provides us with security in the event that a third party misuses your email address and subscribes to our newsletter without your knowledge. We will not align such data with any data that may have been collected via other components of the website.

Newsletter via eyepin
We use eyepin components in order to send our newsletters. eyepin is a service provided by eyepin, Billrothstraße 52, 1190 Vienna, Austria. The data that are stored when you subscribe to the newsletter (i.e. email address, name, company, IP address, date and time of subscription) are sent to the eyepin server and then saved there.

Further details on data privacy at eyepin can be found at

You can cancel or revoke this newsletter subscription and thus your data storage consent at any time. Unsubscription details can be found in each newsletter.

Newsletter tracking
Our newsletters contain so-called tracking pixels (web bugs) that enable us to see whether and when an email was opened and which links in the email have been followed by the personalised recipient. We store these data so that we can optimise our newsletters to suit the preferences and interests of our subscribers. When you unsubscribe from our newsletter, you automatically also revoke your consent to this tracking procedure.

e. Use of reCAPTCHA

To protect input forms on our website, we use the reCAPTCHA service from Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043 USA (hereinafter “Google”). This service makes it possible to distinguish whether input was made by a human being or whether it is the result of improper automated machine processing.

As far as we are aware, Google receives details of the referrer URL, the IP address, the behaviour of website visitors, information about the operating system, the relevant browser, the length of the session, cookies, display instructions and scripts, the user’s input behaviour and any mouse movements within the reCAPTCHA checkbox.

Information obtained by Google in this way is used, among other purposes, for the digitisation of books and other printed products and for the optimisation of services such as Google Street View and Google Maps (e.g. recognition of building numbers and street names).

The IP address transmitted via reCAPTCHA is not merged by Google with other data, unless you are logged into your Google account at the time of using the reCAPTCHA plug-in. If you want to prevent Google from recording the transmission and storage of data about you and your behaviour on our website, you need to log out of Google before you visit our website and/or before you use the reCAPTCHA plug-in.

Information obtained via reCAPTCHA is used in accordance with Google’s terms and conditions:

6. Data transfer

None of your data are transferred to third parties, unless we are legally obliged to do so, unless the transfer of data is necessary for the performance of a contract concluded between us or unless you have previously expressly agreed to the transfer of your data. External processors and other cooperation partners will only receive your data where this is required for the purpose of contract processing or where we have a legitimate interest in this. Where one of our contract processors has access to your personal data, we make sure that they comply with the provisions of data protection legislation in the same way as we do.

We will not sell or otherwise market your personal data to third parties outside our group of companies.

Should our contractors or contract processors be based in a third country, i.e. in a country outside the European Economic Area (EEA), we will notify you about the consequences of this circumstance in the specifications of the relevant product or service.

7. Security

We use numerous technical and organisational security precautions to protect your data against manipulation, loss, destruction and third-party access. Our security precautions are continually being improved to reflect developments in internet technology.

8. Your rights

According to the General Data Protection Regulation and the Austrian Data Protection Act (Datenschutzgesetz), you are entitled to the following rights and means of redress as the data subject affected by our data processing:

Right of access (EU GDPR Art. 15)
As a data subject you may at any time require us to provide information as to whether we are processing your personal data, and if so, which personal data. For your own protection – i.e. to prevent third parties from gaining information about your data – we may need to verify your identity in a suitable form.

Right to rectification (EU GDPR Art. 16) and erasure (EU GDPR Art. 17)
You are entitled to demand that we immediately rectify any of your personal data that are inaccurate, or – taking account of the purposes of data processing – complete any incomplete personal data of yours, or that we erase your data, provided that the requested action meets the criteria specified in EU GDPR Art. 17.

Right to restriction of processing (EU GDPR Art. 18)
Provided that the relevant legal requirements are met, you have the right to demand the restriction of processing for all of your data that have been collected. As soon as you have applied for restriction, we shall only process such data if processing has your personal consent or if we need your data in order to establish or enforce legal claims.

Right to data portability (EU GDPR Art. 20)
You may demand the unimpeded and unrestricted transmission to a third party of personal data that we have collected.

Right to object (EU GDPR Art. 21)
In cases where we process your personal data in order to safeguard our legitimate interests or those of a third party, you have the right to object to such processing at any time if there are grounds relating to your particular situation. Once you have objected, we will stop processing your personal data, unless there are compelling legitimate grounds to continue processing and to override your interests, rights and freedoms, or the processing serves the establishment, exercise or defence of legal claims. You may object to processing for direct marketing purposes at any time, with future effect.

Withdrawal of consent
If you have provided separate consent to the processing of your data, you can withdraw your consent at any time. Such withdrawal influences the legitimacy of processing your personal data after you have issued the withdrawal.

If you take action to enforce one of the aforementioned rights arising from GDPR, VIVAMAYR must immediately, and no later than within a month of receiving your request, either comment on the requested action or meet your request.

We shall respond to all reasonable requests within the legally specified parameters, free of charge and as quickly as possible.

Any applications concerning a violation of the right to access, data privacy rights, rectification or erasure must be sent to the competent data protection authority.

9. Contact Details

You may at any time request free information about any of your personal data stored in our system. As a data subject, you are also entitled to withdraw your consent, to receive information and to obtain the erasure, rectification, restriction or portability of your personal data, unless such a right is in conflict with any of our statutory retention duties. When you withdraw your consent, your personal data will be erased from our systems immediately, unless this is prevented by a statutory retention duty to which we are subject. Should you require further details about your rights as a data subject, please contact us at We will be happy to assist you.

If you wish to lodge a complaint, you may contact the relevant data protection supervisory authority: Österreichische Datenschutzbehörde (DSB), Wickenburggasse 8-10, 1080 Vienna, Austria.

VIVAMAYR is proud winner at the World Luxury Spa Awards in 2018
VIVAMAYR wins prestigious Condé Nast Traveler Readers' Choice Award in 2019
VIVAMAYR Altausee won the Conde Nast Traveller Award 2018 for "Best Targeted Healing"
VIVAMAYR is ordained winner at the Seven Stars Luxury Hospitality and Lifestyle Awards in 2018
VIVAMAYR receives Signum Virtutis at the Seven Stars Luxury Hospitality and Lifestyle Awards in 2019
VIVAMAYR wins Seven Stars Luxury Hospitality and Lifestyle Award in the Medical Wellness / Longevity Sector in 2017
VIVAMAYR wins annual World Luxury Spa Award in 2019