HotellerieSuisse, Monbijoustrasse 130, 3001 Bern is the operator of the website hospitality-booster.swiss and therefore responsible for the collection, processing and use of your personal data and the compatibility of the data processing with the applicable data protection law. Your trust is important to us, which is why we take the issue of data protection seriously and ensure appropriate security. It goes without saying that we comply with the legal provisions of the Federal Act on Data Protection (FADP), the Ordinance to the Federal Act on Data Protection (FADP), the Telecommunications Act (TCA) and any other applicable data protection provisions of Swiss or EU law, in particular the General Data Protection Regulation (GDPR). So that you know what personal data we collect from you and for what purposes we use it, please take note of the information below.
A. Data processing in connection with our website
.
1. Calling up our website
When you visit our website, our servers temporarily save each access in a log file. The following technical data is collected without your intervention, as is generally the case with every connection to a web server, and stored by us until automated or requested deletion:
-
- the IP address of the requesting computer,
- the name of the owner of the IP address range (usually your Internet access provider),
- the date and time of access,
- the website from which the access took place (referrer URL), if applicable with the search word used,
- the name and URL of the file accessed,
- the status code (e.g. error message),
- the operating system of your computer,
- the browser you are using (type, version and language),
- the transmission protocol used (e.g. HTTP/1.1) and
.
- if applicable, your username from a registration/authentication.
The collection and processing of this data is carried out for the purpose of enabling the use of our website (connection establishment), to permanently guarantee system security and stability and to enable the optimisation of our internet offer as well as for internal statistical purposes. This is our legitimate interest in data processing within the meaning of data protection law. Furthermore, the IP address is evaluated together with the other data in the event of attacks on the network infrastructure or other unauthorised or abusive website use for the purpose of clarification and defence and, if necessary, used in the context of criminal proceedings for the purpose of identification and civil and criminal proceedings against the users concerned. This is our legitimate interest in data processing within the meaning of data protection law.
2. Use of our contact form
You have the option of using a contact form to get in touch with us. For this purpose, we compulsorily require the following information:
- First and last name
- Address
- Email address
- Message
We use this data, as well as a telephone number and company name voluntarily provided by you, only to be able to answer your contact request in the best possible and personalised way. The processing of this data is therefore necessary for the implementation of pre-contractual measures or is in our legitimate interest according to data protection law.
3. Registration for our newsletter
On our website, you have the option of subscribing to our newsletter. Registration is required for this. The following data must be provided as part of the registration:
- First name
- First and last name
- Email address
By registering, you give us your consent to process the data provided for the regular dispatch of the newsletter to the address you have provided and for the statistical evaluation of user behaviour and the optimisation of the newsletter. We use the Click Dimensions software for this purpose. This consent constitutes our legal basis for the processing of your e-mail address within the meaning of data protection law. We are entitled to commission third parties with the technical processing of advertising measures and are entitled to pass on your data for this purpose. At the end of each newsletter you will find a link that allows you to unsubscribe from the newsletter at any time. When unsubscribing, you can voluntarily inform us of the reason for the unsubscription. After unsubscribing, your personal data will be deleted. Further processing only takes place in anonymised form to optimise our newsletter.
4. Orders for documents and materials
To place orders for documents and materials on our website, we collect the following data:
- Hotel number
- Member number
- First and last name
- Postal address
- Phone number (voluntary)
- Email address (voluntary)
The legal basis for processing the data for this purpose is the consent you have given.
5. Cookies
Cookies help in many aspects to make your visit to our website easier, more pleasant and more meaningful. Cookies are information files that your web browser automatically stores on your computer’s hard drive when you visit our website. For example, we use cookies to temporarily store your selected services and entries when you fill out a form on the website so that you do not have to repeat the entry when you call up another sub-page. Cookies may also be used to identify you as a registered user after you have registered on the website, without you having to log in again when you call up another sub-page. Most internet browsers automatically accept cookies. However, you can configure your browser so that no cookies are stored on your computer or a message always appears when you receive a new cookie. On the following pages you will find explanations of how you can configure the processing of cookies in the most common browsers:
- Microsoft’s Windows Internet Explorer
- Microsoft’s Windows Internet Explorer Mobile
- Mozilla Firefox
- Google Chrome for Desktop
- Google Chrome for Mobile
- Apple Safari for Desktop
- Apple Safari for Mobile
Disabling cookies may prevent you from using all the features of our website.
6. Tracking Tools
a. General
For the purpose of demand-oriented design and continuous optimisation of our website, we use the web analysis service of Google Analytics. In this context, pseudonymised usage profiles are created and small text files stored on your computer (“cookies”) are used. The information generated by the cookie about your use of this website is transmitted to the servers of the providers of these services, stored there and processed for us. In addition to the data listed under point 1, we may receive the following information as a result:
-
- Navigation path that a visitor takes on the site,
- duration of stay on the website or sub-page,
- the sub-page on which the website is left,
- the country, region or city from which an access is made,
- end device (type, version, colour depth, resolution, width and height of browser window) and
.
- Recurring or new visitor.
The information is used to evaluate the use of the website, to compile reports on website activity and to provide other services related to website and internet use for the purposes of market research and demand-oriented design of this website. This information may also be transferred to third parties where required to do so by law, or where such third parties process the information on our behalf.
b. Google Analytics
The provider of Google Analytics is Google Inc, a company of the holding company Alphabet Inc, based in the USA. Before the data is transmitted to the provider, the IP address is truncated by activating IP anonymisation (“anonymizeIP”) on this website within the Member States of the European Union or in other contracting states to the Agreement on the European Economic Area. The anonymised IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. In these cases, we ensure through contractual guarantees that Google Inc. maintains a sufficient level of data protection. According to Google Inc., in no case will the IP address be associated with other data relating to the user. For more information about the web analytics service used, please visit the Google Analytics website. Instructions on how to prevent the processing of your data by the web analysis service can be found at tools.google.com/dlpage/gaoptout.
7. social plugins (“plugins”)
Plugins enable the integration of social media in the online offering of HotellerieSuisse for the benefit of our users. The various plugins are summarised below under the term “plugin provider”. By default, the functions of the plugins are deactivated to prevent the automatic transfer of user data to the providers. Only when the user clicks on the plugin is it activated and data is transmitted. Log files (including IP address) are transmitted by your internet browser directly to a server of the respective plug-in provider and may be stored there. This server may be located outside the EU or the EEA. If you do not want data to be exchanged between you and social media, you should log out of social media before using online offers from HotellerieSuisse. In addition, you should activate the private mode in the data protection settings of your browser. The plugins are independent extensions of the plugin providers. HotellerieSuisse therefore has no influence on the scope of the data collected and stored by the plug-in providers via the plug-ins. If one of the aforementioned plug-in providers has set cookies on your computer, it may log your surfing behaviour and create detailed user profiles by means of tracking data. For more information on the purpose and scope of the collection as well as the further processing and use of your data by plug-in providers as well as your rights and setting options for protecting your data, please refer to the data protection notices of the respective providers. As part of our online offering, we use plugins from social networks such as Facebook, Twitter, Instagram, YouTube, Vimeo, SoundCloud and LinkedIn. When you click on an element of a third-party provider, a connection to the servers of this third-party provider may be established automatically. In the process, data about your visit to HotellerieSuisse websites may be transmitted to the third-party provider. Under certain circumstances, this data can be assigned to your user account with the third-party provider (e.g. Facebook or Twitter account). In addition, the third-party provider may transmit personal data from your user account to Newsroom if you have consented to this function with the third-party provider. Information on the collection and use by third-party providers can be found in the privacy notices of the relevant third-party providers.
8. Central storage and linking of data
.
We store the data mentioned above in a central electronic data processing system. The data concerning you is systematically recorded and linked for the processing and handling of the contractual services. For this purpose, we use software from CONTENS Software GmbH, as well as Microsoft Dynamics. We base the processing of this data within the framework of the software on our legitimate interest in customer-friendly and efficient customer data management.
9. Retention period
We only retain personal data for as long as is necessary to use the above tracking services as well as the other processing within our legitimate interest. We retain contractual data for longer as this is required by legal retention obligations. Retention obligations that oblige us to retain data result from regulations on accounting and from tax law. According to these regulations, business communication and concluded contracts must be kept for up to 10 years.
10. Disclosure of data to third parties
We only pass on your personal data if you have expressly consented to this, if there is a legal obligation to do so or if this is necessary to enforce our rights, in particular to enforce claims arising from the contractual relationship. In addition, we will pass on your data to third parties if this is necessary in the context of the use of the website and the processing of the contract (also outside the website).
11. Transfer of personal data abroad
.
We are also entitled to transfer your personal data to third party companies (contracted service providers) abroad for the purpose of the data processing described in this privacy policy. These are obligated to data protection to the same extent as we ourselves. If the level of data protection in a country does not correspond to that in Switzerland or the EU, we will ensure by contract that the protection of your personal data corresponds to that in Switzerland or the EU at all times.
B. Further information
12. Right of access, rectification, erasure and restriction of processing; right to data portability
.
You have the right to obtain information about the personal data we hold about you on request. In addition, you have the right to have incorrect data corrected and the right to have your personal data deleted, insofar as this does not conflict with a legal obligation to retain the data or an authorisation that allows us to process the data. You also have the right to demand that we return the data you have given us (right to data portability). On request, we will also pass the data on to a third party of your choice. You have the right to receive the data in a common file format. You can contact us for the aforementioned purposes via the e-mail address kommunikation(at)hotelleriesuisse.ch. For the processing of your applications, we may, at our discretion, request proof of identity.
13. Data security
We use appropriate technical and organisational security measures to protect your personal data stored with us against manipulation, partial or complete loss and against unauthorised access by third parties. Our security measures are continuously improved in line with technological developments. You should always treat your access data confidentially and close the browser window when you have finished communicating with us, especially if you share the computer with others. We also take internal company data protection very seriously. Our employees and the service companies commissioned by us have been obliged by us to maintain confidentiality and to comply with the provisions of data protection law.
14. Notice on data transfers to the USA
For the sake of completeness, we would like to point out for users resident or domiciled in Switzerland that there are monitoring measures in place in the USA by US authorities which generally allow the storage of all personal data of all persons whose data has been transferred from Switzerland to the USA. This is done without any differentiation, restriction or exception based on the objective pursued and without any objective criterion that makes it possible to restrict the access of the US authorities to the data and their subsequent use to very specific, strictly limited purposes that are capable of justifying the interference associated with both access to and use of this data. Furthermore, we would like to point out that in the USA, there are no legal remedies available to data subjects from Switzerland that would allow them to gain access to the data concerning them and to obtain their correction or deletion, or that there is no effective judicial legal protection against general access rights of US authorities. We explicitly draw the attention of the data subject to this legal and factual situation so that he or she can make an appropriately informed decision to consent to the use of his or her data. We would like to point out to users residing in a member state of the EU that the USA does not have a sufficient level of data protection from the point of view of the European Union – among other things due to the issues mentioned in this section. To the extent that we have explained in this Privacy Policy that recipients of data (such as Google) are based in the US, we will ensure that your data is protected with an adequate level with our partners either by contractual arrangements with these companies or by ensuring that these companies are certified under the EU or SwissUS Privacy Shield.
15. Right to lodge a complaint with a data protection supervisory authority
.
You have the right to complain to a data protection supervisory authority at any time.
Status: 2020.