Privacy policy
Hotel Bären AG, represented by Silvia Degiacomi, operates the website www.hotelbaeren.com and is responsible for the collection, processing and use of your personal data. Hotel Bären AG is therefore also responsible for ensuring that all data processing is carried out in accordance with applicable law.
The protection of your personal data is very important to us. We take the issue of data protection seriously and pay attention to the security of your data. We comply with all applicable legal provisions, in particular the Swiss Data Protection Act (DSG) and the Ordinance to this Act (VDSG) as well as the provisions of the Telecommunications Act (FMG). Where applicable, we also comply with the provisions of the European Union’s General Data Protection Regulation (GDPR).
It is important to us that you know what personal data we collect from you, how this is done, how this data is processed and for what purposes. By using our website, you declare your consent to all this data processing within the meaning of Art. 6 para. 1 lit. a GDPR. Please therefore read the following information carefully.
I. What data do we process when you visit our website?
When you visit our website, our servers temporarily store every access in a log file. The following data is recorded automatically:
– the IP address of the requesting computer
– the date and time of access
– the name and URL of the file accessed
– the website from which the access was made
– the operating system of your computer and the browser you are using
– the country from which you accessed the website and the language settings of your browser
– the name of your Internet access provider
This data is collected and processed, to enable the use of our website (establishing a connection), to ensure system security and stability, to optimize our website and for internal statistical purposes. In particular, the IP address is used to record your country of residence and to make appropriate settings (e.g. language). The IP address is also stored in order to be able to react appropriately to attacks on our network infrastructure. Our legitimate interest in this data collection and data processing within the meaning of Art. 6 para. 1 lit. f GDPR lies in all these purposes.
Finally, we would like to point out that we also use cookies, tracking tools and social media plug-ins when you visit our website (you can find more information on this in Sections V to VIII) and that data collected may be forwarded to third parties and/or abroad (you can find more information on this in Sections IX and X).
II. What data do we process when you use our contact form?
You have the option of using a contact form on our website to get in touch with us. The input of certain data is mandatory, for other data this is voluntary:
– Salutation (mandatory)
– First name and surname (mandatory)
– Address (street, house number, city, zip code (voluntary)
– Telephone number (voluntary)
– Email address (mandatory)
– Arrival and departure (mandatory)
We will mark the mandatory data as such. Failure to provide this information may hinder the provision of our services. The provision of other information is voluntary and has no influence on the use of our website. We only use this data to answer your contact request in the best possible and personalized way. This is also our legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR. You can object to this data processing at any time. This is explained in more detail in Section XIII.
III. What data do we process when you subscribe to our newsletter?
You have the option of subscribing to our newsletter on our website. Registration is required for this. The following data must be provided during registration:
– Salutation (mandatory)
– First name and surname (mandatory)
– Email address (mandatory)
This information is required for data processing. In addition, you can voluntarily provide further data (date of birth and country). We process this data exclusively in order to personalize the information and offers sent to you and to better tailor them to your interests.
We use the [software] e-marketing suite to send our newsletter. You can find the data protection provisions of [software] at [link to data protection provisions of this software] Please also read these data protection provisions carefully. Our newsletter may also contain a so-called web beacon (tracking pixel) or similar technical means. A web beacon is a 1×1 pixel, invisible graphic that is associated with the user ID of the respective newsletter subscriber.
The use of corresponding services makes it possible to evaluate whether the emails containing our newsletter have been opened. In addition, the click behavior of newsletter recipients can also be recorded and evaluated. We use this data for statistical purposes and to optimize the content and structure of the newsletter. This enables us to better tailor the information and offers in our newsletter to the individual interests of each recipient. The tracking pixel is deleted when you delete the newsletter. To prevent tracking pixels in our newsletter, please set your mail program so that no HTML is displayed in messages.
By registering, you give us your consent to process the data provided for the regular sending of the newsletter to the address you have provided and for the statistical evaluation of usage behavior to optimize the newsletter. This consent constitutes our legal basis for the processing of the aforementioned personal data within the meaning of Art. 6 para. 1 lit. a GDPR. Our legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR also lies in the aforementioned evaluation purposes.
There is a link at the end of each newsletter that you can use to unsubscribe at any time. You can unsubscribe from the entire newsletter or only from certain channels. If you unsubscribe from the entire newsletter, all your relevant data will be deleted from our system.
IV. What happens to your data if you make a booking, order or reservation with a third party via our website?
There are various options on our website for making bookings or reservations, requesting information material or other services. The corresponding services are generally provided by third parties. If necessary, the data that is collected in the process is forwarded to these third parties. This includes, for example, the following data:
– Title and/or company
– First and last name
– Address (street, house number, zip code, city, country)
– Other contact details (email address, telephone number)
– Credit card or other payment details
Mandatory entries are marked as such. This is information that is required in order to provide the booking services. The provision of other information is voluntary and has no influence on the use of our website or the booking services. We would also like to point out that the data you enter is generally also collected directly by the provider of a booking service and stored by them and/or forwarded to them by us. If the provider of a booking service then processes the collected data independently, the data protection provisions of the respective provider apply and we ask you to also consult these. The legal basis for this data processing is the fulfillment of a contract within the meaning of Art. 6 para. 1 lit. b GDPR.
V. Which of your data is collected and processed for advertising purposes?
In the following section, we would like to show you which of your data is collected and processed for advertising purposes and how this is done. This data processing is all based on a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR, whereby our interest lies in particular in direct marketing and the analysis and evaluation of the use of our website. By using our website, you also give us your consent to this data processing within the meaning of Art. 6 para. 1 lit. a GDPR.
1. creation of pseudonymized usage profiles
In order to provide you with personalized services and information on our website (on-site targeting), we use and analyze the data that we collect about you when you visit the website. Cookies may also be used for the corresponding processing (see Section VI for more details). The analysis of your user behavior can lead to the creation of a so-called user profile. The usage data is only merged with pseudonyms, but never with non-pseudonymized personal data.
To enable personalized marketing in social networks, we integrate so-called remarketing pixels from Facebook and Twitter on the website. If you have an account with an integrated social network and are logged in there at the time of the page visit, this pixel links the page visit to your account. If you wish to prevent this link, you must log out of your respective account before visiting the site. You can also make further settings for advertising in the respective social networks in your user profile.
2. retargeting
We use so-called retargeting technologies on the website. This involves analyzing your user behavior on our website in order to be able to offer you customized advertising on partner websites. Your user behavior is recorded pseudonymously. Most retargeting technologies work with so-called cookies (for more information on cookies, see section VI).
Further information on the retargeting technologies used and the resulting data processing can be found at the following link: [link to list of retargeting technologies and further information]
You can prevent re-targeting at any time by rejecting or switching off the relevant cookies in the menu bar of your web browser (for more information on cookies, see section VI). You can also request an opt-out for the aforementioned other advertising and re-targeting tools via the Digital Advertising Alliance website at optout.aboutads.info.
VI What are cookies and what are they used for?
Cookies are information files that your web browser automatically saves on your computer’s hard disk when you visit our website. Cookies help us to make your visit to our website easier, more pleasant and more useful. For example, we use cookies to better tailor the information, offers and advertising displayed to your individual interests. Most Internet browsers accept cookies automatically. However, you can configure your browser so that no cookies are stored on your computer or so that a message always appears when you receive a new cookie. However, deactivating cookies may mean that you cannot use all the functions of our website.
VII. What are tracking tools and what are they used for?
We use various additional tracking tools on our website. These tracking tools are used to monitor your surfing behavior on our website. This monitoring is carried out for the purpose of designing and continuously optimizing our website to meet your needs. In this context, pseudonymized user profiles are created and cookies are also used.
Further information on the tracking tools used and the data processing that takes place as a result can be found at the following link: [link to list of tracking tools and further information]
VIII. What are social media plugins and what are they used for?
The social media plugins described below are used on our website. The plugins are deactivated on our website by default and therefore do not send any data. You can activate the plugins by clicking on the corresponding social media button. If these plugins are activated, your browser establishes a direct connection with the servers of the respective social network as soon as you visit one of our websites. The content of the plugin is transmitted directly from the social network to your browser, which integrates it into the website. The plugins can be deactivated again with one click. Further important information can be found in the respective privacy policies of the social networks listed below.
1. facebook
Social plugins from Facebook are used on our website to make our web presence more personal. This is an offer from the US company Facebook Inc, 1601 S. California Ave, Palo Alto, CA 94304, USA.
We use the “LIKE” or “SHARE” button. By integrating these plugins, Facebook receives the information that your browser has accessed the corresponding page of our website, even if you do not have a Facebook account or are not currently logged in to Facebook. This information (including your IP address) is transmitted directly from your browser to a Facebook server in the USA and stored there.
If you are logged in to Facebook, Facebook can directly associate your visit to our website with your Facebook account. If you interact with the plugins, for example by clicking the “LIKE” or “SHARE” button, the corresponding information is also transmitted directly to a Facebook server and stored there. The information is also published on Facebook and displayed to your Facebook friends.
Facebook may use this information for the purposes of advertising, market research and the needs-based design of Facebook pages. For this purpose, Facebook creates usage, interest and relationship profiles, e.g. to evaluate your use of our website with regard to the advertisements displayed to you on Facebook, to inform other Facebook users about your activities on our website and to provide other services associated with the use of Facebook.
If you do not want Facebook to assign the data collected via our website to your Facebook account, you must log out of Facebook before visiting our website. The purpose and scope of the data collection and the further processing and use of the data by Facebook as well as your rights in this regard and setting options to protect your privacy can be found in Facebook’s data protection information.
2. twitter
Plugins of the short message network Twitter Inc, 795 Folsom St., Suite 600, San Francisco, CA 94107, USA are integrated on our website. You can recognize the Twitter plugins (tweet button) by the Twitter logo on our site. You can find an overview of the tweet button at the following link [link zu http://dev.twitter.com /]. If you have activated social plugins, a direct connection is established between your browser and the Twitter server. Twitter then receives the information that you have visited our site with your IP address. If you click on the Twitter “tweet button” while you are logged into your Twitter account, you can link the content of our pages to your Twitter profile. This allows Twitter to associate your visit to our website with your user account. We would like to point out that, as the provider of the pages, we have no knowledge of the content of the transmitted data or its use by Twitter. You can find further information on this under the following link [link to http://twitter.com/privacy].
If you do not want Twitter to be able to assign your visit to our pages, please log out of your Twitter user account.
3. google plus
Our website uses the “+1” button of the social network Google Plus, which is operated by Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. The button can be recognized by the “+1” sign on a white or coloured background.
If you access a page on our website that contains such a button, your browser will establish a direct connection to Google’s servers if you have activated social media plugins. The content of the “+1” button is transmitted by Google directly to your browser, which integrates it into the website. We therefore have no influence on the scope of the data that Google collects with the button. According to Google, no personal data is collected without a click on the button. Such data, including the IP address, is only collected and processed for logged-in members.
The purpose and scope of the data collection and the further processing and use of the data by Google as well as your rights in this regard and setting options to protect your privacy can be found in the Google data protection information. If you are a Google Plus member and do not want Google to collect data about you via our website and link it to your member data stored by Google, you must log out of Google Plus before visiting our website.
IX. Is collected data passed on to third parties?
We only pass on your personal data if you have expressly consented to this, if there is a legal obligation to do so or if this is necessary to enforce our rights, in particular to enforce claims arising from the relationship between you and Hotel Bären AG. In addition, we pass on your data to third parties insofar as this is necessary in the context of using the website to provide the services you have requested and to analyze your user behavior, as described above. If this is necessary for the aforementioned purposes, the data may also be transferred abroad. If our website contains links to third-party websites, Hotel Bären AG no longer has any influence on the collection, processing, storage or use of personal data by the third party after clicking on these links and assumes no responsibility or liability for this, to the extent permitted by law.
X. Is data transmitted abroad?
1. general
Hotel Bären AG is also entitled to transfer your personal data to third parties (i.e. contracted service providers) abroad if this is necessary for the data processing described in this privacy policy. These third parties are obliged to protect data to the same extent as we are. If the level of data protection in a country does not correspond to that in Switzerland or the EU, we will ensure by contract with the third party that the protection of your personal data corresponds to that in Switzerland or the EU at all times.
2. data transfers to the USA
For the sake of completeness, we would like to point out that there are surveillance measures by US authorities in the USA that generally allow the storage of all personal data of all persons whose data has been transferred from Switzerland to the USA. This is done without differentiation, restriction or exception based on the objective pursued and without an objective criterion that makes it possible to restrict the US authorities’ access to the data and its subsequent use to very specific, strictly limited purposes that justify the interference associated with both access to this data and its use. We would also like to point out that there are no legal remedies in the USA that allow you to obtain access to the data concerning you and to obtain its correction or deletion, or that there is no effective legal protection against general access rights of US authorities.
It is important to us to draw your attention to this legal and factual situation so that you can make an appropriately informed decision to consent to the use of your data.
We would also like to point out to users residing in an EU Member State that the USA does not have an adequate level of data protection from the point of view of the European Union – partly due to the issues mentioned in this section.
Insofar as we have explained in this privacy policy that recipients of data (such as Google, Facebook and Twitter) are based in the USA, we will ensure that your data is protected at an appropriate level by our partners either through contractual arrangements with these companies or by ensuring that these companies are certified under the EU-US Privacy Shield.
XI. Data security and confidentiality
We use suitable technical and organizational security measures to protect your personal data stored by us against manipulation, partial or complete loss and against unauthorized access by third parties. Our security measures are continuously improved in line with the latest state of the art.
It is important that you always treat your payment information (especially credit card details) confidentially. We recommend that you close the browser window when you have finished communicating with us, especially if you share a computer with other people.
We also take internal company data protection very seriously. Our employees and the service companies commissioned by us have been obliged by us to maintain confidentiality and to comply with data protection regulations.
XII. Storage of data
We only store personal data for as long as it is necessary,
– to use the above-mentioned tracking, advertising and analysis services within the scope of our legitimate interest;
– to perform services that you have requested or for which you have given your consent, to the extent specified above;
– to comply with our legal obligations.
We retain data in connection with the conclusion or fulfillment of a contract for a longer period of time, as this is prescribed by statutory retention obligations, for example in accounting regulations and tax law. According to these regulations, business communication, concluded contracts and accounting documents must be stored for up to 10 years. If we no longer need this data to perform the services for you, the data will generally be blocked. This means that the data may then only be used for accounting and tax purposes.
XIII Your rights
You have the right to receive information about the personal data that we store about you free of charge upon request. In addition, you have the right to rectification of incorrect data and the right to erasure of your personal data, provided that this does not conflict with a statutory retention obligation or a permission that allows us to process the data. In accordance with Articles 18 and 21 GDPR, you also have the right to request the restriction of data processing and to object to data processing. You also have the right to request that we return the data that you have provided to us (right to data portability). On request, we will also pass the data on to a third party of your choice. You have the right to receive the data in a commonly used file format.
If data processing is based on your consent, you can withdraw this consent at any time.
You can contact us for the aforementioned purposes via the e-mail address [email]. You can also let us know what you would like to happen to your data after your death by giving us appropriate instructions. We may, at our discretion, require proof of identity in order to process your requests. If you contact us, we will endeavor to provide you with a response as soon as possible and take the requested steps.
If you are resident in an EU country, you have the right to lodge a complaint with a data protection supervisory authority at any time.
