Booking

Data Protection Declaration

Laudinella AG administers the Hotel Laudinella and the Hotel Reine Victoria and thus operates the websites www.laudinella.ch and www.reine-victoria.ch. Laudinella AG is therefore also responsible for the collection, processing and use of your personal data and the compatibility with the applicable data protection law.

We value your trust, and hence we take the issue of data protection seriously and pay attention to appropriate security. Of course, we observe the legal provisions of the Swiss Federal Data Protection Act (DSG), the Federal Law on Data Protection (VDSG), the Swiss Federal Telecommunications Act (FMG) and other applicable data protection provisions under Swiss or EU law, in particular the General Data Protection Regulation (GDPR).

Definitions of the terms used (e.g. “personal data” or “processing”) can be found in Art. 4 GDPR.

Data processing relating to our website

Visiting our website

When visiting our website, our servers temporarily store every access in a log file. The following technical data will be recorded by us, as always with every connection to a web server, without your intervention and stored by us until the automated deletion after 38 months at the latest:

The collection and processing of this data is for the purpose of enabling the use of our website (connection setup), to ensure the long-term security and stability of the system and to optimise our website and for internal statistical purposes. This is our legitimate interest in the processing of data pursuant to Art. 6 para. 1 lit. f GDPR.

The IP address will also be evaluated together with the other data in case of attacks on the network infrastructure or other unauthorised or improper use of the website for the purposes of intelligence and defence and, where appropriate, used in criminal proceedings for identification and civil and criminal proceedings against the users concerned. This is our legitimate interest in the processing of data pursuant to Art. 6 para. 1 lit. f GDPR.

Use of our contact form

You have the option to use a contact form to contact us. For this we need the following information:

We only use this data to respond to your contact request in the best possible and most personalised way. The processing of this data is therefore required within the meaning of Art. 6 para. 1 lit. b GDPR for the implementation of precontractual measures or is within our legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR.

Sign up for our newsletter

You can subscribe to our newsletter on our website. This requires registration. As part of the registration, the following details must be provided:

The above data is necessary for data processing. By registering, you give us your consent to the processing of the details provided in order to personalise the information and offers sent to you and to better align this with your interests.

By registering, you give us your consent to the processing of the specified details for the regular sending of the newsletter to the address specified by you and for the statistical evaluation of the user behaviour and the optimisation of the newsletter. This consent constitutes, pursuant to Art. 6 para. 1 lit. a GDPR, our legal basis for the processing of your email address. We are entitled to commission third parties with the technical handling of advertising measures and are entitled to pass on your details for this purpose.

At the end of each newsletter you will find a link where you can unsubscribe at any time. As part of the deregistration you can voluntarily inform us of the reason for the deregistration. Any further processing will only be done anonymously to optimise our newsletter.

Booking via our website, by correspondence or by phone call

To make reservations on our website, you can either book as a guest or open a customer account. When registering for a customer account, we collect the following data:

We will only use this information and other information voluntarily provided by you (e.g. expected time of arrival, motor vehicle license plate, preferences, remarks) to process the contract unless otherwise stated in this privacy statement or you have not specifically consented thereto. We will process the data by name in order to record your booking as requested, to provide the booked services, to contact you in case of any uncertainties or problems and to ensure the correct payment.

The legal basis for data processing for this purpose lies in the fulfillment of a contract pursuant to Art. 6 para. 1 lit. b GDPR.

Voucher shop

You have the option of placing orders at our voucher shop using the contact form. For this we need the following information:

We use this information and other information you have voluntarily provided only to fulfill your order.

Delivery Shop

You have the option of placing orders at our delivery shop using the contact form. For this we need the following information:

We use this information and other information you have voluntarily provided only to fulfill your order.

Cookies

Cookies help in many ways to make your visit to our website easier and more enjoyable and meaningful. Cookies are information files that your web browser automatically saves to your computer’s hard drive when you visit our website.
For example, we use cookies to temporarily store your selected services and submissions when filling out a form on the website so that you do not have to repeat the entry when you access another subpage. Cookies may also be used to identify you as a registered user after you have registered on the website without having to log in again when you access another subpage.

Most internet browsers accept cookies automatically. However, you can configure your browser so that no cookies are stored on your computer or a note always appears when you receive a new cookie.

Disabling cookies may mean that you cannot use all the features on our website.

Tracking tools

General

For the purpose of needs-oriented design and continuous optimisation of our website, we use the web analysis service provided by Google Analytics. In this context, pseudonymised usage profiles are created and small text files (“cookies”) are stored on your computer. The information generated by the cookie about your use of this website is transmitted to the server of the provider, stored there, and processed for us. In addition to the data included in Data processing relating to our website, we may receive the following information:

The information is used to evaluate the use of the website, to compile reports on website activity, and to provide other services related to website and internet usage for the purposes of market research and needs-based configuration of this website. This information may also be transferred to third parties if required by law or if third parties process this data on instructions from us.

Google Analytics

The provider of Google Analytics is Google Inc., an enterprise by the holding company Alphabet Inc, based in the US. According to Google Inc., under no circumstances will the IP address be associated with other data related to the user.
For more information about the web analytics service used, visit the Google Analytics website. For instructions on how to prevent your data from being processed by the Web Analytics Service, see http://tools.google.com/dlpage/gaoptout?hl=en.

Data processing related to your stay

Data processing to fulfill legal reporting obligations

Upon arrival at our hotel, we may need the following information from you and those you are with:

We provide this information for the fulfillment of legal reporting obligations which arise in particular from hospitality or police law. Insofar as we are required to do so under the applicable regulations, we will forward this information to the relevant police authority. In fulfilling the legal requirements, our legitimate interest is pursuant to Art. 6 para. 1 lit. f GDPR.

Recording of related services

If you receive additional services during your stay (for example, use of the telephone), the object of service as well as the time of receipt of the service will be recorded by us for billing purposes. The processing of this data is required pursuant to Art. 6 para. 1 lit. b GDPR for the execution of the contract with us.

Storage and exchange of data with third parties

Booking platforms

If you make bookings via a third-party platform, we will receive personal information from the respective platform operator. This usually relates to information refered to in Section 5 of this data protection declaration. In addition, inquiries about your booking may be forwarded to us. We will process this data by name in order to record your booking as requested and to make the booked services available. The legal basis for data processing for this purpose lies in the fulfillment of a contract pursuant to Art. 6 para. 1 lit. b GDPR.
Finally, we may be notified by the platform operators about disputes related to a booking. In doing so, we may also receive data on the booking process, which may include a copy of the booking confirmation as proof of the actual posting. We process this data in order to safeguard and enforce our claims. This is our legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR.
Please also note the privacy policy of the respective provider.

Central storage and linking of data

We store the specified data in a central electronic data processing system. The data relating to you is systematically recorded and linked to the processing of your bookings and the processing of the contractual services. For this we use:

Protel – Rebag Data AG
Einsiedlerstrasse 533
CH- 8810 Horgen

Hotelpartner Management GmbH
Chaltenbodenstrasse 16
8834 Schindellegi

E-Guma
Idea Creation GmbH
Walchestrasse 15
8006 Zurich

Cyon GmbH
Brunngässlein 12
4052 Basel

The processing of this data within the scope of the software is based on our legitimate interest in customer-friendly and efficient customer data management pursuant to Art. 6 para. 1 lit. f GDPR.

Retention period

We only store personal data for as long as is necessary to use the above tracking services as well as any further processing within the scope of our legitimate interest. Contract data is kept longer by us, as this is required by statutory storage requirements. Retention requirements, which oblige us to keep data, result from regulations relating to the right to report, relating to financial accounting and relating to tax law. According to these regulations, business communication, concluded contracts and accounting documents must be kept for up to 10 years. As far as we no longer need this data to carry out the services for you, the data will be blocked. This means that the data may then only be used for accounting purposes and for tax purposes.

Disclosure of data to third parties

We only pass on your personal data if you have expressly consented, if there is a legal obligation to do so or if this is necessary to enforce our rights, in particular to enforce claims arising from the contractual relationship. In addition, we pass your data on to third parties, as far as this is required within the context of the use of the website and the execution of the contract (including outside the website), namely the processing of your bookings. One service provider to which the personal data collected via the website is disclosed or which has access to it is our web host Cyon GmbH, Brunngässlein 12, 4052 Basel. The website is hosted on servers in Switzerland. The disclosure of data is for the purpose of providing and maintaining the functionality of our website. This is our legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR. Finally, we will forward your credit card information to your credit card issuer and credit card acquirer upon credit card payment on the website. If you decide to pay by credit card, you will be asked to enter all the necessary information. The legal basis for passing on the data lies in the fulfillment of a contract pursuant to Art. 6 para. 1 lit. b GDPR. As regards the processing of your credit card information by these third parties, we ask you to read the terms and conditions and privacy policy of your credit card issuer.

Transfer of personal data abroad

We are also entitled to transfer your personal data to third-party enterprises (contracted service providers) abroad for the purposes of the data processing described in this privacy policy. These are obliged, to the same extent as we are ourselves, to maintain data protection. If the level of data protection in one country does not correspond to the Swiss or the European one, we contractually ensure that the protection of your personal data at all times corresponds to that in Switzerland or in the EU.

Further information

Right to information, correction, erasure and restriction of processing; Right to data portability

You have the right to receive information about the personal data that we store about you on request. In addition, you have the right to correct inaccurate data and the right to delete your personal data, as far as there is no statutory storage obligation or an authorisation requirement that allows us to process the data.
You also have the right to reclaim from us the data you have given us (right to data portability). On request, we also pass the data on to a third party of your choice. You have the right to receive the data in a common file format.
You can reach us for the aforementioned purposes via the email address info@laudinella.ch. We may, at our sole discretion, require proof of identity to process your requests.

Data security

We use appropriate technical and organisational security measures to protect your stored personal data against manipulation, partial or complete loss and against unauthorised access by third parties. Our security measures are continuously improved in line with technological developments.
You should always treat your access data confidentially and close the browser window when you have finished communicating with us, especially if you share your computer with others.
We also take corporate privacy very seriously. Our employees and the service enterprises commissioned by us have been bound to confidentiality and comply with data protection regulations.

Note about data transfers to the US

For the sake of completeness, we would like to point out to users resident or domiciled in Switzerland that in the US there are surveillance measures taken by US authorities which generally entail the storage of all personal data of all persons whose data was transferred from Switzerland to the US. This is done without any differentiation, limitation, or exception on the basis of the objective pursued, and without an objective criterion that would limit the US authorities access to the data and its subsequent use to very specific, strictly limited purposes which justify access to this data as well as intervention associated with their use. Furthermore, we would like to point out that in the US there are no legal remedies available for affected Swiss residents that allow them to obtain access to the data concerning them and to demand their rectification or deletion, and that there is no effective legal protection against general legal access rights of US authorities. We explicitly inform such persons concerned about this legal and factual situation in order for them to make a correspondingly informed decision to consent to the use of their data.
For users residing in EU member states, we point out that, from the point of view of the European Union, the US does not have sufficient data protection levels due to, inter alia, the issues mentioned in this section. To the extent that we have explained in this privacy statement that recipients of data (such as Google) are based in the US, we will either ensure that your data is protected at a reasonable level by our partners by contractual arrangements with these enterprises or by securing certification of these enterprises under the EU or Swiss-US Privacy Shield.

Right to complain to a data protection supervisory authority

You have the right to complain to a data protection supervisory authority at any time.

Translator’s note:

Should there be discrepancies between the interpretation of the German and English versions of this Data Protection Declaration, the German version shall prevail.