Skip to content

PRIVACY POLICY

Seehof Valbella runs the Hotel Seehof Valbella and is the operator of the www.seehof-valbella.ch website and is therefore responsible for the collection, processing and use of your personal data and for ensuring that the processing of such data complies with the applicable data protection legislation.

Your trust is important to us, which is why we take the subject of data protection seriously and ensure appropriate security. It goes without saying that we comply with the legal provisions of the Federal Data Protection Act (DSG), the Ordinance to the Federal Data Protection Act (VDSG), the Telecommunications Act (TCA) and any other applicable data protection provisions of Swiss or EU law, in particular the Basic Data Protection Ordinance (DSGVO).

In order for you to know what personal data we collect from you and for what purposes we use it, please take note of the following information.

A. DATA PROCESSING IN CONNECTION WITH OUR WEBSITE

1. call of our website

When you visit our website, our servers temporarily save each access in a log file. The following technical data is recorded without your intervention, as is the case with every connection to a web server, and stored by us until automatic deletion after [number] months at the latest:

  • the IP address of the requesting computer,
  • the name of the owner of the IP address range (usually your Internet access provider),
  • the date and time of access,
  • the website from which the access took place (referrer URL), if applicable with the search term used,
  • the name and URL of the retrieved file,
  • the status code (e.g. error message)
  • the operating system of your computer,
  • the browser you use (type, version and language),
  • the transmission protocol used (e.g. HTTP/1.1) and
  • Your user name from a registration/authentication.

This data is collected and processed for the purpose of enabling the use of our website (connection establishment), to permanently guarantee system security and stability and to enable the optimisation of our Internet offer as well as for internal statistical purposes. This is our legitimate interest in data processing within the meaning of Art. 6 Para. 1 lit. f DSGVO.

Furthermore, the IP address is evaluated together with other data in the event of attacks on the network infrastructure or other unauthorised or abusive website use for the purpose of clarification and defence and, if necessary, is used in the context of criminal proceedings for identification and for civil and criminal proceedings against the users concerned. This is our legitimate interest in data processing within the meaning of Art. 6 Para. 1 lit. f DSGVO.

2. use of our contact form

You have the possibility to use a contact form to get in touch with us. For this we need the following information:

  • first and last name
  • E-mail address
  • Communication

We only use this data as well as a telephone number that you have voluntarily provided in order to be able to answer your contact request in the best possible and personalised way. The processing of this data is therefore necessary within the meaning of Art. 6 para. 1 lit. b DSGVO for the implementation of pre-contractual measures or is in our legitimate interest according to Art. 6 para. 1 lit. f DSGVO.

3. use of our booking form

You have the possibility to use a booking form to contact us and make a non-binding booking request. For this we need the following information:

  • first and last name
  • E-mail address
  • Phone number
  • Travel data
  • number of passengers

We only use this data as well as a telephone number that you have voluntarily provided in order to be able to answer your contact request in the best possible and personalised way. The processing of this data is therefore necessary within the meaning of Art. 6 para. 1 lit. b DSGVO for the implementation of pre-contractual measures or is in our legitimate interest according to Art. 6 para. 1 lit. f DSGVO.

4. opening a customer account

To make bookings on our website, you can order as a guest or create a customer account. When registering for a customer account, we collect the following data:

  • Salutation
  • First and last name
  • Phone number
  • Postal address
  • Date of birth
  • E-mail address
  • Password

The collection of this and other data (e.g. name) provided voluntarily by you is carried out for the purpose of providing you with password-protected direct access to your basic data stored with us. You can view your previous and current bookings or manage or change your personal data.

The legal basis for processing the data for this purpose is the consent you have given us in accordance with Art. 6 Para. 1 lit. a DSGVO.

5. booking on the website, by correspondence or by telephone call

If you make bookings either via our website, by correspondence (e-mail or letter post) or by telephone call, we require the following data for the processing of the contract:

  • Salutation
  • First and last name
  • E-mail address
  • Phone number
  • Travel data
  • number of passengers
  • Credit card information

We will only use this data as well as other information provided voluntarily by you (e.g. expected time of arrival, motor vehicle control plate, preferences, remarks) for processing the contract, unless otherwise stated in this data protection declaration or unless you have given your separate consent. We will process the data by name in order to record your booking according to your wishes, to provide the services you have booked, to contact you in case of any uncertainties or problems and to ensure correct payment.

The legal basis of the data processing for this purpose is the fulfilment of a contract according to art. 6 paragraph 1 letter b DSGVO.

6. cookies

Cookies help in many ways to make your visit to our website easier, more pleasant and more useful. Cookies are information files that your web browser automatically stores on your computer’s hard drive when you visit our website.

We use cookies, for example, to temporarily save your selected services and entries when you fill out a form on the website so that you do not have to repeat the entry when you call up another subpage. Cookies may also be used to identify you as a registered user after you have registered on the website, so that you do not have to log in again when you visit another subpage.

Most Internet browsers automatically accept cookies. However, you can configure your browser so that no cookies are stored on your computer or so that a message always appears when you receive a new cookie. Every Internet browser has the option of deactivating cookies. Disabling cookies may mean that you will not be able to use all the features of our website.

7. tracking tools

a. General information

We use the web analysis service of Google Analytics for the purpose of tailoring our website to your needs and continuously optimizing it. In this context, pseudonymised user profiles are created and small text files stored on your computer (“cookies”) are used. The information generated by the cookie about your use of this website is transferred to the servers of the providers of these services, stored there and processed for us. In addition to the data listed in section 1, we may receive the following information as a result:

  • Navigation path that a visitor follows on the site,
  • Dwell time on the website or subpage,
  • the subpage on which the website is left,
  • the country, region or city from where access is made,
  • terminal device (type, version, color depth, resolution, width and height of the browser window) and
  • Returning or new visitor.

The information is used to evaluate the use of the website, to compile reports on the website activities and to provide further services associated with the use of the website and the Internet for the purposes of market research and demand-oriented design of this website. This information may also be transferred to third parties where required by law or where third parties process this data on our behalf.

b. Google Analytics

The provider of Google Analytics is Google Inc, a company of the holding company Alphabet Inc, based in the USA. Before the data is transmitted to the provider, the IP address is shortened by activating IP anonymisation (“anonymizeIP”) on this website within the member states of the European Union or in other states which are parties to the Agreement on the European Economic Area. The anonymised IP address transmitted by your browser within the scope of Google Analytics is not merged with other Google data. Only in exceptional cases will the full IP address be transferred to a Google server in the USA and shortened there. In these cases we ensure by contractual guarantees that Google Inc. maintains an adequate level of data protection. According to Google Inc., the IP address will never be associated with other data concerning the user.

Further information about the web analysis service used can be found on the website of Google Analytics. Instructions on how to prevent the processing of your data by the web analysis service can be found at http://tools.google.com/dlpage/gaoptout?hl=de.

B. DATA PROCESSING OPERATIONS IN CONNECTION WITH YOUR STAY

8. data processing for the fulfilment of legal reporting obligations

Upon arrival at our hotel, we may need the following information from you and your accompanying persons:

  • first and last name
  • Postal address and canton
  • Date of birth
  • Place of birth
  • Nationality
  • Official identification card and number
  • Arrival and departure day

We collect this information to fulfil legal reporting obligations, which result in particular from the hospitality or police law. Insofar as we are obliged to do so under the applicable regulations, we shall forward this information to the competent police authority.

We have a legitimate interest in the fulfilment of the legal requirements in the sense of Art. 6 Para. 1 lit. f DSGVO.

9. recording of purchased services

If you receive additional services during your stay (e.g. you make use of the mini-bar or the Pay-TV offer), the subject matter of the service as well as the time of receipt of the service will be recorded by us for billing purposes. The processing of this data is necessary in the sense of Art. 6 para. 1 lit. b DSGVO for the processing of the contract with us.

C. STORAGE AND EXCHANGE OF DATA WITH THIRD PARTIES

10. booking platforms

If you make bookings via a third-party platform, we receive various personal information from the respective platform operator. As a rule, this is the data listed in section 5 of this data protection declaration. In addition, we may be forwarded inquiries regarding your booking. We will process these data by name in order to record your booking as requested and to provide the services you have booked. The legal basis for data processing for this purpose is the fulfilment of a contract in accordance with Art. 6 para. 1 lit. b DSGVO.

Finally, we may be informed by the platform operators about disputes in connection with a booking. In doing so, we may also receive data relating to the booking process, which may include a copy of the booking confirmation as proof of the actual booking. We process this data to protect and enforce our claims. This is our legitimate interest within the meaning of Art. 6 para. 1 lit. f DSGVO.

Please also note the data protection information of the respective provider.

11. central storage and linking of data

We store the data specified in paragraphs 2-5 and 8-10 in a central electronic data processing system. The data concerning you is systematically collected and linked for the purpose of processing your bookings and handling contractual services. For this purpose, we use software from [Rebagdata AG, Einsiedlerstrasse 533, 8810 Horgen] We base the processing of this data within the framework of the software on our legitimate interest in the sense of Art. 6 Para. 1 lit. f DSGVO in customer-friendly and efficient customer data management.

12. retention period

We store personal data only as long as it is necessary to use the above-mentioned tracking services and further processing within the scope of our legitimate interest. Contract data will be stored by us for a longer period of time, as this is required by legal retention obligations. Storage obligations which oblige us to store data result from regulations on the right to report, on accounting and from tax law. According to these regulations, business communication, concluded contracts and accounting vouchers must be kept for up to 10 years. If we no longer need this data to perform the services for you, the data will be blocked. This means that the data may then only be used for accounting and tax purposes.

13. transfer of data to third parties

We will only pass on your personal data if you have expressly consented to this, if there is a legal obligation to do so or if this is necessary to enforce our rights, in particular to enforce claims arising from the contractual relationship. In addition, we will pass on your data to third parties, as far as this is necessary in the context of the use of the website and the contract processing (also outside the website), namely the processing of your bookings.

A service provider to whom the personal data collected via the website is passed on or who has or can have access to it is our webhoster [cyon gmbh, Basel]. The website is hosted on servers in [Switzerland]. The data is passed on for the purpose of providing and maintaining the functionality of our website. This is our legitimate interest in the sense of Art. 6 para. 1 lit. f DSGVO.

Finally, we forward your credit card information to your credit card issuer as well as to the credit card acquirer when you pay by credit card on the website. If you decide to pay by credit card, you will be asked to enter all mandatory information. The legal basis for the forwarding of data is the fulfilment of a contract according to Art. 6 para. 1 lit. b DSGVO. With regard to the processing of your credit card information by these third parties, we ask you to also read the General Terms and Conditions and the privacy policy of your credit card issuer.

Please also note the information in sections 7-8 and 10-11 regarding the transfer of data to third parties.

14. transfer of personal data abroad

We may also transfer your personal data to third parties (contracted service providers) abroad for the purposes of the data processing described in this privacy policy. These companies are obliged to the same extent as we are ourselves to protect data. If the level of data protection in a country does not correspond to that in Switzerland or the EU, we will ensure by contract that the protection of your personal data is equivalent to that in Switzerland or the EU at all times.

D. FURTHER INFORMATION

15. the right of access, rectification, erasure and limitation of processing; the right to transferability of data

You have the right to request information about the personal data that we store about you. In addition, you have the right to have incorrect data corrected and the right to have your personal data deleted, provided that this does not conflict with a legal obligation to retain data or a permit that allows us to process the data.

You also have the right to reclaim from us the data that you have provided us (right to data portability). On request, we will also pass on the data to a third party of your choice. You have the right to receive the data in a standard file format.

You can contact us for the above-mentioned purposes by e-mail at info@seehof-valbella.ch. In order to process your requests, we may, at our discretion, require proof of identity.

16. data security

We use appropriate technical and organisational security measures to protect your personal data stored with us against manipulation, partial or complete loss and against unauthorised access by third parties. Our security measures are continuously improved in line with technological developments.

You should always treat your access data confidentially and close the browser window when you have finished communicating with us, especially if you share the computer with others.

We also take the company’s internal data protection very seriously. Our employees and the service companies commissioned by us have been obligated by us to maintain confidentiality and to comply with data protection regulations.

17. Note on data transfers to the USA

For the sake of completeness, we would like to point out to users resident or domiciled in Switzerland that monitoring measures are in place in the USA by US authorities which generally allow the storage of all personal data of all persons whose data has been transferred from Switzerland to the USA. This is done without differentiation, restriction or exception on the basis of the objective pursued and without any objective criterion making it possible to limit the access of the US authorities to the data and their subsequent use to very specific, strictly limited purposes that may justify the interference associated with both access to this data and its use. Furthermore, we would like to point out that there are no legal remedies available in the United States for data subjects from Switzerland that would allow them to gain access to the data concerning them and to obtain its correction or deletion, or that there is no effective judicial protection against general access rights of US authorities. We explicitly draw the data subject’s attention to this legal and factual situation in order to make an appropriately informed decision to consent to the use of his or her data.

Users residing in a member state of the EU should note that from the perspective of the European Union, the USA does not have an adequate level of data protection, partly due to the issues mentioned in this section. Insofar as we have explained in this data protection declaration that recipients of data (such as Google) are based in the USA, we will ensure that your data is protected at an adequate level with our partners, either by contractual arrangements with these companies or by ensuring that these companies are certified under the EU or Swiss-US Privacy Shield.

18 Right to complain to a data protection supervisory authority

You have the right to complain to a data protection supervisory authority at any time.

Status: May 2019