Privacy Policy

The safety of your personal data is of utmost concern for COLUMBUS Reisen GmbH & Co KG.

Therefore, we process your data solely on the basis of legal regulations (DSGVO, TKG 2003, DSG 2018 and GDPR regulation (EU) 2016/679).

In this privacy policy information, we inform you about the most important aspects of data processing, which data we collect and how we use them.

 

Data controller

Responsible entity for this web-site according to Art 4 Z 7 DSGVO:
COLUMBUS Reisen GmbH & Co KG.
Universitätsring 8/24
1010 Wien
 
Use and processing of personal data when visiting our web-site:

When you use our web-site, you may provide, and we may collect Personal Data such as:
  • IP address
  • Date and time of web-site visit
  • Browser type and version
  • Operating system
  • Preferred URL

We collect information that we believe to be relevant to conduct our business, for marketing purposes and to monitor the improvement of our products. Furthermore, we use personal data for the fulfillment of legal obligations. We may also use the information collected to enforce or resolve any claims or disputes arising out of your use of our company's services, or to use them for any other purpose permitted by applicable law.

Your data will be stored for two month.

We collect, use and keep any personal information given to us by you, strictly for the purposes indicated in this policy in strict adherence to local Data Protection laws (EU’s GDPR Art 6 Par. 1).

 

Processing of personal data

If you contact us, your data (name, contact details, if you provide them) and your message will be processed solely for the purpose of processing and dealing with your inquiry. This data will be processed by us on the basis of Article 6(1)(b) GDPR in order to fulfil the contract and/or to fulfil our pre-contractual obligations, or on the basis of our legitimate interests according to Article 6(1)(f) of the GDPR to deal with your inquiry.

 

Contact, processing, travel contract

Your personal data will be processed for the purpose of optimally preparing and carrying out your travel arrangements, establishing contact and keeping records.

The following personal data is usually processed:

  • Names of all travel participants
  • Accessibility data (telephone number, e-mail addresses)
  • Address
  • Payment information
  • Passport details
  • Frequent flyer numbers
  • If necessary, individual data on personal wishes and preferences

By booking your trip, you explicitly agree to the processing of all relevant data.

The legal basis for the data processed by COLUMBUS in this context is based on pre-contractual measures and fulfillment of the contract in accordance with the provisions of Art 6 Para 1 lit b GDPR.

For the legally compliant processing of data on religious denominations or other special categories of personal data, we specifically obtain your consent (Art 9 Para 2 lit a GDPR).

The data required to process your order will be stored within the framework of the statutory retention periods and protected in accordance with the provisions of the GDPR. Your (express) consent, which you can revoke at any time, will be obtained in advance for any longer-term storage of your data for marketing purposes or the receipt of newsletters.

 

Greeting cards, sweepstakes, product information

You have the possibility of taking part in sweepstakes, or you can register for receiving greetings cards and product information. As part of this registration or participation COLUMBUS processes the following personal data provided by you:

  • Salutation
  • Title
  • Last name, first name
  • E-mail address (optional)
  • Phone number (optional)

 

Purpose of processing

The data you provide when signing up to receive product information and greeting cards, or when participating in sweepstakes, will be used by COLUMBUS for the purpose of providing existing and potential customers with the best possible information.

The processing of this data is based exclusively on the consent you have given (Art 6 Para 1 lit a GDPR), which you can revoke at any time

by letter to:
COLUMBUS Reisen GmbH & Co KG.
Universitätsring 8/24
1010 Vienna

or by e-mail to:
datenschutz@columbus-reisen.at

 

Transfer of personal data

Third party service providers may be contracted to provide services to us. For this purpose, we will need to provide such companies/organisations with the necessary personal data.

The following data can be transferred if necessary for the fulfillment of the order:

  • Personal master data
  • Passport data
  • Additional information such as dietary or mobility information
  • Communication date (e.g. telephone, e-mail)
  • Contract master data (contractual relation, product interest)
  • Client history
  • Payment information
  • Control data

We may disclose information to third parties if you consent to us doing so, as well as in the following circumstances:

  • Your credit card information will we processend and safed by our payment provider (Card Complete) only in connection with payments, and transmitted in encrypted form (SSL).
  • For the execution of services offered by us or via us, we transfer personal data to the respective contractors: hotels, airlines, travel agents, payment platforms, car rentals, cruise companies, booking platforms, travel insurance.
  • Law Enforcement and Compliance: We may disclose personal data or other information if required to do so by law.
  • For the fulfillment of our tax liability
  • For a customer-oriented and effective fulfilment of your required services, we transfer personal data to the following companies for the purpose of necessary travel preparation and handling:

Amadeus IT Group S.A.
Calle Salvador de Madariaga 1
28027 Madrid
Spain
dataprotection@amadeus.com

Umbrella Organisation AG
Binzstrasse 33
8620 Wetzikon
Schweiz
info@umbrella.ch

Midoco GmbH
Otto-Hahn-Strasse 12
40721 Hilden
Deutschland
stefan.latz@tuevhessen.de

Travel Agency Technologies & Services GmbH
Hahnstrasse 70
60528 Frankfurt
Deutschland
info@ta-ts.de

AERTiCKET Conso GmbH
Boppstraße 10
D-10967 Berlin
Deutschland
www.aerticket.de

FP Passenger Service Gmbh
Fleischmarkt 3-5/14
A-1010 Wien
datenschutz@fairplane.de

EventsAIR
60 Brandl Street
4113 Eight Mile Plains, QLD
Australia
https://eventsair.com

Please note the privacy policies of the respective companies.

The criteria we use to determine the period of storage and storage limitation is in line with GDPR (Art 5(1)(e)) therefore, personal data shall not be retained longer than necessary, in relation to the purpose for which such data is processed.

We would like to point out that data processing not only takes place in member states of the European Union or in another states that are party to the agreement on the European Economic Area, but that personal data can also leave the EU area depending on the services you have booked.
We ask for your understanding that it is not possible for us to guarantee the compliance with EU legal data protection regulations of all data recipients outside the EU area.

Before you place your booking, please make sure that you, and the people traveling with you, agree to the transfer of data to COLUMBUS and to countries outside the EU area. If you have any further questions, send an email to datenschutz@columbus.at.

 

Data subject’s rights

You are entitled to be informed of your stored data upon request and free of charge by COLUMBUS:

  • Right to access: the right to request, access and copy of the personal information
  • Right to rectification: the right to have personal data rectified if it’s incorrect, out of date or incomplete
  • Right to be forgotten: the right to withdraw consent given to process data and the right to request the deletion of personal data
  • Right to restriction: The right to stop COLUMBUS from using personal data or limit how it is used
  • Right to data portability: The right to request the return of any information provided and the right to transmit data to another controller
  • Right of appeal, which you can also assert at any time with the Austrian Data Protection Authority (Wickenburggasse 8, 1080 Vienna; e-mail: dsb@dsb.gv.at).

You can assert the above mentioned rights with COLUMBUS at any time

by letter to:
COLUMBUS Reisen GmbH & Co KG.
Universitätsring 8/24
1010 Wien

or by e-mail to:
datenschutz@columbus-reisen.at

Your contact for data policy:
COLUMBUS Reisen GmbH & Co KG.
Universitätsring 8/24
1010 Wien
datenschutz@columbus-reisen.at
+43 1 534 11 – 0

 

Cookies and cookie warnings

Cookies are small text files or pieces of information that are stored on your computer or mobile device when you visit our website. A cookie contains the name of the website and a value, which can be used for a variety of purposes. Some cookies are essential for the smooth operations of our website and necessary for the website to work.

You can also use www.columbus-reisen.at without cookies, but use will be more convenient if cookies can be used. Most browsers accept cookies automatically. You can change your browser settings so that cookies are not accepted or only accepted with your consent. If you do not want a warning to be issued every time, you can also disable the warning messages. You can disable the use of cookies by third parties by visiting the Network Advertising Initiative opt-out page.

The legal basis for the setting of cookies is the legitimate interest of COLUMBUS (online service offer) in accordance with Art. 6 Para. 1 f GDPR.

 

Google analytics

This website uses Google Analytics, a web analytics service provided by Google LLC. ("Google"). Google Analytics uses so-called "cookies", text files that are stored on your computer and enable an analysis of your use of the website. The information generated by the cookie about your use of this website (but not your IP address) is transmitted to a Google server in the USA and stored there. Google will use this information to evaluate your use of the website, to compile reports on website activity for website operators and to provide other services related to website activity and internet usage. Google may also transfer this information to third parties if required to do so by law or if third parties process this data on behalf of Google.

Google also offers a browser add-on for all common browsers, with which you can object to the use of Google Analytics.

The legal basis for the use of Google Analytics is the legitimate interest of COLUMBUS in accordance with Article 6 Paragraph 1 lit f GDPR. The analysis of the use of the website and the statistical evaluation is carried out in order to further improve the offer on the website and to make it more user-friendly.

 

Remarketing

This website uses remarketing. Remarketing is an advertising medium in which ads are placed on other websites on the Internet. Our partners use cookies so that our ads can be shown to you on other websites based on your previous visits to our website. The data protection regulations of the respective companies apply. COLUMBUS assumes no liability for this content. The respective provider of the linked website is solely responsible for the content and accuracy of the information provided there. You can find out more about the data protection of our remarketing partners and their settings for interest-based advertising on the following linked pages:

  • Google LLC, Mountain View, USA: data protection declaration or settings for interest-based advertising
  • Facebook Ireland Ltd., Dublin, Ireland: Privacy policy or cookie policy or settings for interest-based advertising

The legal basis for remarketing is the legitimate interest of COLUMBUS (online service offer) in accordance with Article 6 Paragraph 1 f GDPR.

 

Data security

The security of your personal data is of particular concern to us.
COLUMBUS takes appropriate technical and organizational measures within the meaning of Art. 32 GDPR, taking into account the state of technology, the implementation costs and the type, scope, circumstances and purposes of the processing as well as the probability of occurrence and the severity of the risk for the rights and freedoms of natural persons
The following measures are therefore taken to protect your data and to secure it against loss, destruction, access, modification and dissemination by unauthorized persons:
  • Ensuring the confidentiality, integrity, availability and resilience of the systems and services related to processing;
  • Ensuring a rapid restoration of the availability of personal data in the event of a physical or technical incident;
  • Implementation of procedures for regular review, assessment and evaluation of the
  • Effectiveness of the technical and organizational measures to ensure the security of data processing.

Please note that we accept no liability for the disclosure of information due to errors in data transmission and/or unauthorized access by third parties (e.g. hack attacks) not caused by us or attributable to us.

 

Data security for credit card payments

We use technology to securely transmit your data. Thanks to the powerful SSL (Secure Sockets Layer) encryption technologies, all your transactions are protected. SSL encrypts credit card number, name, address, phone number, etc. before they are sent via the Internet. This makes business transactions over the Internet as secure as over the phone. SSL encryption is set by default in all browsers. If your browser doesn't support secure transactions, or you don't want to make online transactions, you can call us on +43 1 534 11 100 Mon-Fri 9am-6pm and Sat 9am-12pm to place your order.

 

Use of Facebook social plug-ins

Our website uses Social Plug-Ins („Plug-Ins”) of facebook.com operated by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA (“Facebook”) . The Facebook plugins can be recognized by one of the Facebook logos (white "f" on a blue tile or a "thumbs up" sign) or are marked with the addition "Facebook Social Plugin". The list and appearance of the Facebook social plugins can be viewed here: https://developers.facebook.com/docs/plugins.

If you access a website of our internet presence that contains such a plugin, your browser establishes a direct connection to the Facebook servers. The content of the plugin is transmitted directly from Facebook to your browser, which integrates it into the website. We therefore have no influence on the scope and content of the data that Facebook collects with the help of this plugin and therefore inform you according to our state of knowledge (http://www.facebook.com/help/?faq=186325668085084): By integrating the Plugins, Facebook receives the information that you have accessed the corresponding page of our website. If you are logged into Facebook, Facebook can assign the web-site visit to your Facebook account. If you interact with plugins, for example by pressing a Like button or leaving a comment, the corresponding information is transmitted directly from your browser to Facebook and stored there. If you are not a member of Facebook, there is still the possibility that Facebook will find out and store your IP address. The purpose and scope of the data collection and the further processing and use of the data by Facebook as well as your rights in this regard and setting options for protecting your privacy can be found in Facebook's data protection information: http://www.facebook.com/policy.php.

If you are a Facebook member and do not want Facebook to collect data about you via our website and link it to your member data stored on Facebook, you must log out of Facebook before visiting our website and delete the cookies that have been set. You can find more information about cookies in this data protection declaration. You can also block Facebook social plugins with add-ons for your browser, for example with the "Facebook Blocker".

 

Use of Google Plus Plugins

Social plugins (“plugins”) from the Google Plus social network operated by Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, United States (“Google”) are integrated into our website. You can recognize the Google Plus plugin by the "+1" sign on a white or colored background. If you access a website of our internet presence that contains such a plugin, your browser establishes a direct connection to the Google servers. The content of the plugin is transmitted directly to your browser by Google and integrated into the website by it. We therefore have no influence on the scope and content of the data that Google collects with the help of this plugin. According to Google, no personal data is collected without a click on the button. Such data, including the IP address, is only collected and processed for logged-in members. The purpose and scope of the data collection and the further processing and use of the data by Google as well as your rights in this regard and setting options for protecting your privacy can be found in Google's data protection information at www.google.com/intl/de/policies/privacy/. If you are a Google Plus member and do not want Google to collect data about you via our website and link it to your member data stored on Google, you must log out of Google Plus and delete cookies before you visit our website. You can find more information about cookies in this data protection declaration.

 

Use of Twitter plug-ins

Our website uses Social Plug-Ins („Plug-Ins”) of Twitter, operated by Twitter Inc. with head office in 795 Folsom St., Suite 600, San Francisco, CA 94107, USA. The plug-ins can be recognized by a bird symbol and the lettering “Tweet”.
 
 

Use of WhatsApp for customer communication

If you use WhatsApp to contact us, we process your telephone number, your name and other data you have provided in order to answer your inquiry or, if you have given your express consent, to send you advertising messages.

To send and receive messages via our various communication channels, including WhatsApp, we use the SuperX GmbH service, Oranienburger Str. 91, 10178 Berlin ("Superchat"). The data is stored on our behalf on Superchat servers in Germany.

The operator of the WhatsApp service is WhatsApp Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland ("WhatsApp"), a group company of Meta Platforms, Inc. (formerly Facebook). WhatsApp processes the data in accordance with its data protection notices , which you can access here. The communication content is end-to-end encrypted. WhatsApp may also collect other so-called "metadata", which may contain information about the identity of the sender and recipient, as well as the telephone number, device information and information on the use of WhatsApp (e.g. duration and frequency). WhatsApp also uses this data for its own purposes, such as improving the WhatsApp service. Further information can be found in the WhatsApp data protection information. We have no knowledge of the details of this data processing and have no influence on it. A transfer to other recipients within the meta group of companies in Lände We cannot exclude those outside the EU that do not offer an adequate level of data protection (especially in the USA).

The legal basis for data processing by us is

- Art. 6 (1) b) GDPR if the communication serves to initiate or process a contractual relationship;
- Your consent in accordance with Article 6 Paragraph 1 Letter a) GDPR if you have registered to receive the newsletter via WhatsApp
- as well as in all other cases our legitimate interest in processing your request in accordance with Article 6 Paragraph 1 Letter f) GDPR.

If the processing is based on your consent, the data will be deleted as soon as you have revoked your consent. You can revoke your consent at any time by sending a message with the content "Stop" in the chat or by sending an email to datenschutz@columbus-reisen.at. Otherwise we will delete your data as soon as the purpose of the processing no longer applies (e.g. the inquiry has been finally answered). If the deletion conflicts with statutory retention periods, the data will be blocked for further use until the retention period has expired.

 

Use of Facebook Messenger for customer communication

If you use Facebook Messenger to contact us, we process personal data that is required for contact and communication. Facebook gives us access to your "public information," which includes, for example, your name, gender, Facebook ID, and your profile and cover photos. We use this information to respond to your inquiry or, if you have expressly consented, to send you promotional messages.

To send and receive messages via our various communication channels, including Facebook Messenger, we use the Superchat service from SuperX GmbH, Oranienburger Str. 91, 10178 Berlin (“Superchat”). The data is stored on our behalf on Superchat servers in Germany.

Facebook is a service of Facebook Ireland Ltd., 4 Grand Canal Square, Dublin 2, Ireland ("Facebook"), a Meta Group company. Facebook processes the data in accordance with its privacy policy, which you can access here. Facebook offers the option of end-to-end encryption of communication, which can be activated in the messenger settings. We would like to point out that Facebook may collect so-called "metadata", which may contain information about the identity of the sender and recipient, as well as the location, device information and information on the use of Facebook Messenger (e.g. duration and frequency). Facebook also uses this data for its own purposes, such as improving Facebook Messenger. Further information can be found in the Facebook data protection information. We have no knowledge of the details of this data processing and have no influence over it. We cannot rule out a transfer to other recipients within the Meta group of companies in countries outside the EU that do not offer an adequate level of data protection (especially in the USA).

The legal basis for data processing by us is

- Art. 6 (1) b) GDPR if the communication serves to initiate or process a contractual relationship;
- Your consent in accordance with Article 6 Paragraph 1 Letter a) GDPR if you have registered for the newsletter to be sent via Facebook Messenger
- as well as in all other cases our legitimate interest in processing your request in accordance with Article 6 Paragraph 1 Letter f) GDPR.

If the processing is based on your consent, the data will be deleted as soon as you have revoked your consent. You can revoke your consent at any time by sending a message with the content "Stop" in the chat or by sending an email to datenschutz@columbus-reisen.at. Otherwise we will delete your data as soon as the purpose of the processing no longer applies (e.g. the inquiry has been finally answered). If the deletion conflicts with statutory retention periods, the data will be blocked for further use until the retention period has expired.

 

Use of Instagram Direct Messenger for customer communication

If you use Instagram Direct Messenger to contact us, we process personal data that is required for contact and communication. Instagram grants us access to the username you have chosen. We use this information to respond to your inquiry or, if you have expressly consented, to send you promotional messages.

We use the SuperX GmbH service, Oranienburger Str. 91, 10178 Berlin (“Superchat”), to send and receive messages via our various communication channels, including Instagram Direct Messenger. The data is stored on our behalf on Superchat servers in Germany.

Instagram is a service of Facebook Ireland Ltd., 4 Grand Canal Square, Dublin 2, Ireland, a Meta Group company. Instagram processes the data in accordance with its privacy policy, which you can access here. We would like to point out that Instagram collects the content provided by its users, including communication content, as well as other information such as location, device information and information on Instagram usage (e.g. duration and frequency) in accordance with the information in the Instagram Privacy Policy. Instagram also uses this data for its own purposes, such as improving the Instagram service. Further information can be found in the Instagram data protection information. We have no knowledge of the details of this data processing and have no influence over it. We cannot rule out a transfer to other recipients within the Meta group of companies (e.g. to Facebook) as well as external third parties (e.g. advertising partners and analysis services) in countries outside the EU that do not offer an adequate level of data protection (especially in the USA).

The legal basis for data processing by us is

- Art. 6 (1) b) GDPR if the communication serves to initiate or process a contractual relationship;
- Your consent in accordance with Article 6 Paragraph 1 Letter a) GDPR if you have registered for the newsletter to be sent via Instagram Messenger
- as well as in all other cases our legitimate interest in processing your request in accordance with Article 6 Paragraph 1 Letter f) GDPR.

If the processing is based on your consent, the data will be deleted as soon as you have revoked your consent. You can revoke your consent at any time by sending a message with the content "Stop" in the chat or by sending an email to datenschutz@columbus-reisen.at. Otherwise we will delete your data as soon as the purpose of the processing no longer applies (e.g. the inquiry has been finally answered). If the deletion conflicts with statutory retention periods, the data will be blocked for further use until the retention period has expired.

 

Use of Google Business Messages for customer communication

If you contact us via our company profile on Google or another Google service (e.g. Maps), we process personal data that is required for contact and communication. Google grants us access to the username you have chosen. We use this information to respond to your inquiry or, if you have expressly consented, to send you promotional messages.

We use the SuperX GmbH service, Oranienburger Str. 91, 10178 Berlin (“Superchat”), to send and receive messages via our various communication channels, including Google Business Messages. The data is stored on our behalf on Superchat servers in Germany.

Google Business Messages is a service of Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland ("Google"), a company of the Google group. Google processes the data in accordance with its privacy policy, which you can access here. We have no knowledge of the details of this data processing and have no influence over it. We cannot rule out a transfer to other recipients within the Google group of companies in countries outside the EU that do not offer an adequate level of data protection (especially in the USA).

The legal basis for data processing by us is

- Art. 6 (1) b) GDPR if the communication serves to initiate or process a contractual relationship;
- Your consent in accordance with Article 6 Paragraph 1 Letter a) GDPR if you have registered for the newsletter to be sent via Instagram Messenger
- as well as in all other cases our legitimate interest in processing your request in accordance with Article 6 Paragraph 1 Letter f) GDPR.

If the processing is based on your consent, the data will be deleted as soon as you revoke your consent by sending an email to datenschutz@columbus-reisen.at. Otherwise we will delete your data as soon as the purpose of the processing no longer applies (e.g. the inquiry has been finally answered). If the deletion conflicts with statutory retention periods, the data will be blocked for further use until the retention period has expired.
 
 
 
 
 

Wir sind ausgezeichnet & zertifiziert

Lizenznehmer Österreichisches Umweltzeichen - Green Meetings & Green Events
Travelife - Partner - Commited to sustainability
IATA
Österreichischer ReiseVerband