A. Notices concerning all channels

1. Person responsible and content of data protection policy

We, the undersigned HOME SWISS HOME SA, Avenue de Sainte Clotilde 7, 1205 GENEVE, SWITZERLAND are the operators of the Home Swiss Hotel and the www.homeswisshotel.ch website (hereinafter, the "Website") and, unless otherwise specified, are responsible for the data processing described in this data protection policy.

Please see the information below to learn about the personal data we collect from you and the purposes of use. In matters of data protection, we are guided primarily by the requirements of the Swiss Data Protection Act, in particular the Federal Data Protection Act (DPA) and the EU's General Data Protection Regulation (GDPR), the provisions of which may apply in individual cases.

We are committed to the protection of your personal data.

Please bear in mind that the information below will be reviewed and amended from time to time. We therefore recommend that you consult this data protection policy regularly. In addition, the Applicable data protection provisions provide that other companies are responsible for processing the individual data listed below or are jointly responsible with us. Therefore, in this case, the information from these suppliers is also decisive.

2. Contact person

If you have any questions about data protection or wish to exercise your rights in this regard, please contact our contact person by sending an e-mail to: info@homeswisshotel.ch

3. Your rights

In order to satisfy the legal requirements, you, as a data subject, have the following rights:

  • Right to information: You have the right to request free access to your personal data stored by us at any time if we process it. This gives you the opportunity to check what personal data we process about you and to confirm that we use it in accordance with applicable data protection regulations.
  • Right of rectification: You have the right to have inaccurate or incomplete personal data rectified and to be informed of the rectification. In this case, we will inform the recipients of the data concerned of the rectifications made, unless this is impossible or involves a disproportionate effort.
  • Right to erasure: You have the right to have your personal data erased in certain circumstances. In special cases, for example in the case of legal retention requirements, the right to erasure may be waived. In this case, if the conditions are met, the data may be blocked instead of deleted.
  • Right to limitation of processing: You have the right to request the restriction of the processing of your personal data.
  • Right to data portability: You have the right to receive from us the personal data you have communicated to us, free of charge and in a readable format.
  • Right to object: You may at any time object to the processing of data, particularly in the context of direct marketing (e.g., advertising e-mails).
  • Right of withdrawal: In principle, you have the right to withdraw your consent at any time. However, processing activities based on past consent will not become illegal as a result of your withdrawal.

To exercise these rights, please email us at info@homeswisshotel.ch

Right of appeal: You have the right to lodge a complaint with a competent supervisory authority, for example against the way your personal data is processed.

4. Data security

We implement adequate technical and organizational security measures to protect the personal data we store against loss and unlawful processing, i.e. unauthorized access by third parties. Our employees and service providers commissioned by us are bound by rules of confidentiality and data protection. In addition, these persons only have access to personal data to the extent necessary for the performance of their activities.

Our security measures are constantly adapted to technological developments. However, the transmission of information via the Internet and electronic means of communication always involves certain security risks, and we cannot guarantee the absolute security of information transmitted in this way.

Our security measures are constantly being adapted in line with technological developments.

5. Contact

Any contact via our addresses and contact channels (e.g. e-mail, telephone or contact form) involves the processing of your personal data. The processing relates to the data you make available to us, e.g. your company name, your name, your function, your e-mail address or telephone number and your question. The time of receipt of your request is also recorded. Mandatory information is marked with an asterisk (*) in contact forms.

We process this data exclusively for the purpose of fulfilling your request (e.g., providing information about our

6. Use of your data for marketing purposes

6.1 Centralized data storage and analysis in the CRM system

If it is clearly possible to link the data to your person, we will store and link the data referred to in this data protection policy, i.e. in particular your contact details, contract data and browsing behavior on our websites in a centralized database. This will enable us to manage customer data efficiently, to respond appropriately to your concerns, to provide you with the requested services efficiently and to perform the associated contracts. The legal basis for this data processing is our legitimate interest in the efficient management of user data within the meaning of Article 6, paragraph 1, letter f) of the EU GDPR.

We evaluate this data in order to develop our ranges according to your needs and to display and offer the most relevant information and offers possible. We also use methods that anticipate your possible interests and future orders based on your use of our website. The legal basis for this data processing is our legitimate interest in implementing marketing measures within the meaning of Article 6(1)(f) of the EU GDPR.

6.2 E-mail marketing and newsletter

If you sign up for our e-mail newsletter (e.g. when opening or in your customer account), the following data will be collected. Mandatory information is marked with an asterisk (*) in the registration form:

  • Email address
  • Title
  • Last name and first name

In order to prevent abuse and to ensure that the holder of an e-mail address has given his or her own effective consent, we use what is known as "double opt-in" for registration. After registration, you will receive an e-mail from us containing a confirmation link. To validate your subscription to the newsletter, you will need to click on this link. If you do not click on the confirmation link within the specified period, your data will be deleted and our newsletter will not be sent to the address indicated.

By registering, you consent to the processing of this data in order to receive information about our Hotel as well as information about related products and services. You may also receive invitations to participate in prize draws or to evaluate one of the aforementioned products or services. The collection of title and name enables us to check whether the registration corresponds to an existing customer account and to personalize the content of e-mails. Connecting to the customer account helps us make newsletter offers and content more relevant to you and better tailored to your potential needs.

We use your data to send you e-mails until you withdraw your consent. Withdrawal is possible at any time, including via the unsubscribe link present in all our marketing emails.

We use your data to send you emails until you withdraw your consent.

Our marketing e-mails may contain a web beacon, 1x1 pixel (spy pixel) or similar technical aids. A web beacon is an invisible graphic file that is linked to the user ID of the person registered for the relevant newsletter. For each marketing e-mail sent, we receive information on the addresses that have not yet received the e-mail, the addresses to which it was sent and the addresses for which the sending failed. We also see which addresses opened the e-mail, for how long and which links the recipients clicked on. Finally, we receive information on addresses that have unsubscribed. We use this data for statistical purposes and to optimize advertising e-mails in terms of frequency, timing, structure and content. This enables us to better tailor the information and offers contained in our e-mails to the individual interests of their recipients. The web beacon is deleted when you delete the e-mail. To prevent the use of Web beacons in our marketing e-mails, please set your e-mail software so that HTML code is not displayed in messages if this is not already the default setting. Consult the support sections of your email software to find out how to configure this setting, e.g. here for Microsoft Outlook.

By subscribing to the newsletter, you also agree to the statistical evaluation of user behavior for the purpose of optimizing and adapting this publication. The legal basis for this processing is consent within the meaning of Article 6(1)(a) of the EU GDPR.

We use CUSTOMER ALLIANCE e-mail marketing software from CA Customer Alliance GmbH Ullsteinstr. 130 Tower B 12109 Berlin for marketing e-mails. As a result, your data will be stored in a database owned by CUSTOMER ALLIANCE, which will enable CUSTOMER ALLIANCE to access your data if this is necessary for the provision of the software and for the support provided in connection with its use. The legal basis for this processing is our legitimate interest within the meaning of Article 6(1)(f) of the EU GDPR in using the services of third-party suppliers.

7. Communication to third parties and possibility of access by third parties

Without the support of other companies, we would not be able to provide our offers in the desired form. We therefore need to communicate some of your personal data to these companies in order to use their services. This communication takes place to the extent necessary to fulfill the contract you have requested. This includes, for example, restaurants or other third-party service providers for which you have made a reservation. The legal basis for these communications is the need to perform the contract within the meaning of Article 6(1)(b) of the EU GDPR.

Data is also communicated to selected service providers only to the extent necessary to provide the service. In addition, various third-party service providers are explicitly referred to in this data protection policy, for example in the sections relating to marketing. These include IT service providers (e.g. software solution providers), advertising agencies and consulting companies. In addition, your data may be shared with, for example, authorities, legal advisors or collection agencies, if we are legally obliged to do so or if it is necessary to protect our rights, in particular to enforce rights arising from our relationship with you. Data may also be shared if another company intends to acquire all or part of our business and such sharing is necessary to carry out due diligence checks or to complete the transaction. The legal basis for this communication is our legitimate interest in protecting our rights and complying with our obligations or in disposing of some of our business within the meaning of Article 6(1)(f) of the EU GDPR.

8. Cross-border communication of data

We also reserve the right to communicate your personal data to third parties located abroad if this is necessary to carry out the data processing provided for in this data protection policy (see in particular points 12 to 15). We will, of course, comply with the legal provisions governing the transfer of personal data to third parties. If the country in question does not have an adequate level of data protection, we ensure, by entering into contractual arrangements with these companies, that your data is adequately protected.

9. Retention periods

We retain personal data only for the period necessary to carry out the processing described in this data protection policy and based on our legitimate interest. As far as contractual data is concerned, registration is covered by legal retention requirements. The rules that oblige us to retain data result from accounting and tax regulations. According to these regulations, commercial communications, concluded contracts and accounting documents must be kept for a period of 10 years. If we no longer need this data to perform services on your behalf, the data will be blocked. In this way, data can only be used if this is necessary to meet our retention obligations or to defend and assert our legal interests. Data will be deleted as soon as there is no longer any obligation to retain it or any legitimate interest in doing so.

B. Special provisions relating to our website

10. Logging data

When you visit our website, the servers of our hosting provider (Promideas GmbH, Hirsernstrasse 26, CH6052 Hergiswil NW, SWITZERLAND, temporarily store each access in a log file (so-called "log file"). The following data is recorded without your intervention and stored by us until it is automatically deleted:

  • The IP address of the requesting computer,
  • The date and time of access,
  • The name and URL of the file accessed,
  • The website from which the access was made, possibly with the search term used,
  • Your computer's operating system and the browser you use (including type, version and language settings),
  • The type of device in the case of cell phone access,
  • The city or region from which the access took place,
  • The name of your Internet service provider.

This data is collected and processed for the purpose of enabling use of our website (establishing a connection), ensuring long-term system security and stability, and analyzing errors and performance, and enables us to optimize our website (see also the last items in point 13).

In the event of an attack on the website's network infrastructure or suspicion of unauthorized or abusive use of the website, the IP address and other data are evaluated for purposes of explanation and defense and, if necessary, in legal proceedings for the purpose of identification and in civil and criminal actions brought against the users concerned. For the purposes described above, we have a legitimate interest in processing data within the meaning of Article 6(1)(f) of the EU GDPR.

Finally, we use cookies as well as applications and tools based on the use of cookies when you visit our website. In this context, the data described herein may also be processed. You will find more detailed information on this subject in the following sections of this data protection policy, in particular point 11.

11. Cookies

Cookies are information files that your web browser stores on your computer's hard drive or memory when you visit our website. Cookies are associated with identification numbers that make it possible to recognize your browser and read the information contained in the cookie.

Cookies help, among other things, to make your visit to our website easier, more enjoyable and more relevant. We use cookies for various purposes that are necessary for your intended use of our website, i.e. that are "technically necessary". For example, we use cookies that enable us to identify you as a registered user after you have logged in, without you having to log in again when you navigate between different subpages. The shopping cart and order functionalities also rely on the use of cookies.

The legal basis for this processing is our legitimate interest in providing a user-friendly and up-to-date website within the meaning of Article 6(1)(f) of the EU GDPR.

Most Internet browsers automatically accept cookies. However, when you access our website, we ask you to accept certain cookies we use that are not necessary for the technical operation of our site, in particular when using third-party cookies for marketing purposes. You can use the buttons in the cookie banner to make the settings you require. The cookie banner and the following sections of this data protection policy offer information on the services and data processing associated with individual cookies.

You can also configure your browser so that no cookies are stored on your computer, or so that a message is always displayed when you receive a new cookie. On the following pages, you'll find explanations of how you can configure cookie handling in the targeted browsers.

Google Chrome

Apple Safari

Disabling cookies could hinder your use of certain features of our website.

12. Google SiteSearch / Google Custom Search Engine

This website relies on the Google SiteSearch/Google Custom Search Engine tool from Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, United States). This tool enables us to provide you with an efficient search function on our website.

If you use our search fields, your browser may transmit to Google the log file data (including IP address) listed in point 10 as well as the search term entered, provided that Java Script is installed in your browser.

The legal basis for this data processing is our legitimate interest in providing an efficient website search function within the meaning of Article 6(1)(f) of the EU GDPR.

For information on the further processing of data by Google, please see Google's data protection policy: https://policies.google.com/privacy?hl=fr.

13. Tracking and web analysis tools

13.1 General tracking information

We use the web analytics services listed below with the aim of designing a website that meets your needs and optimizing it on an ongoing basis. In this context, pseudonymized user profiles are created and cookies are used (please also note point 11). The information generated by the cookie about your use of this website is generally transferred to a server of the service provider, where it is stored and processed together with the log file data listed in point 10. Information may also be transferred to servers located abroad, e.g. in the United States (see point Error! Source of reference not found. including guarantees provided).

In the course of our data processing, we receive the following information, among others:

  • The navigation path that a visitor has followed on our site (including the content consulted and the products/services selected, purchased or booked),
  • Duration of the visit to the site or subpage,
  • Subpage on which the website is located,
  • Country, region or city from which access takes place,
  • End device (type, version, color depth, resolution, browser window width and height) and,
  • Recurring or new visitor.

The legal basis for this data processing using the following tools is your consent within the meaning of Article 6(1)(a) of the EU GDPR. You can withdraw your consent or refuse processing at any time by refusing or disabling the relevant cookies in your web browser settings (see point 11) or by using the options specific to the services described below.

For further processing of data by the relevant provider as (sole) responsible under applicable data protection legislation, in particular the possible transfer of such information to third parties such as authorities covered by national legislation, please consult the provider's respective data protection information.

13.2 Google Analytics

We use the web analytics service Google Analytics from Google Ireland Limited (Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland) or Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, United States) ("Google").

The aforementioned data relating to the use of the website meeting the aforementioned purposes (see point 13.1) may be transmitted to Google LLC servers in the United States. Activation of the IP anonymization feature ("anonymizeIP") on this website makes it possible to shorten the IP address before transmission to member states of the European Union or to other states party to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be sent to a Google server in the USA and shortened there.

Users can prevent the data generated by the cookie and linked to the use of the website (including the IP address) from being sent to and processed by Google by downloading and installing a browser plug-in under the following link: https://tools.google.com/dlpage/gaoptout?hl=fr.

Please click here for more information on data protection at Google.

14. Social media

14.1 Social media profiles

We have embedded links to our following social media profiles on our website:

  • Meta Platforms Inc, 1601 S California Ave, Palo Alto, CA 94304, United States;
  • Instagram Inc. 1601 Willow Road, Menlo Park, CA 94025, United States;

If you click on the social media icons, you will be automatically redirected to our respective profile. A direct connection is established between your browser and the respective social network server. It informs the media that you have visited our website from your IP address and clicked on the link.

If you click on a link to a media outlet while logged in to your user account on that network, the content of our website may be linked to your profile to enable the media outlet to directly attribute your visit to our website to your account. If you wish to avoid this, you must log out before clicking on the corresponding links. There is always a link between your access to our website and your user account when you connect to the network in question after clicking on the link. The respective provider is responsible under the applicable data protection legislation for processing the associated data. Therefore, please note the information on the network's website.

The legal basis for any data processing that may be attributed to us is our legitimate interest in the use and promotion of our social media profiles within the meaning of Article 6(1)(f) of the EU GDPR.

14.2 Social media plug-ins

You can use social media plug-ins from the following providers on our website:

We use social media plug-ins to make it easier for you to share content from our website. Social media plug-ins help us increase the visibility of our content on social networks and, in this respect, improve our marketing operations.

Plug-ins are deactivated by default on our websites and therefore do not send any data to social networks during a simple visit to our site. To increase data protection, we have integrated the plug-ins in such a way that no connection to network servers can be automatically established. Your browser only establishes a direct connection with the servers of the relevant social network when you activate the plug-ins and thus give your consent to the transmission and further processing of data by the social media providers.

The plug-in content is transmitted directly from the social network to your browser, which integrates it into the website. This informs the relevant provider that your browser has accessed the corresponding page on our website even if you do not have an account for that social network or are not currently logged in to it. This information (including your IP address) is transmitted directly from your browser to the provider's server (usually in the USA) and stored there. We have no influence on the extent of the data that the provider collects using the plug-in, even though, from the point of view of applicable data protection legislation, we may be considered co-responsible with the providers up to a certain point.

If you are connected to a social network, it may attribute your visit to our website directly to your user account. If you interact with the plug-ins, the corresponding information is sent directly to the provider's server for storage. The information (e.g. the fact that you like one of our products or services) may also be published on the social network and displayed to other users of the medium in question. The social network provider may use this information to place advertisements and tailor the relevant offer to your needs. To this end, usage, interest and relationship profiles may be created, for example to evaluate your use of our website with regard to advertisements shown to you on the social network, to inform other users of the activities you carry out on our website and to provide other services related to the use of the social network. The purpose and scope of the data collection as well as the further processing and use of the data by the social network providers as well as your rights in this regard and the setting options for protecting your privacy can be consulted directly in the data protection information of the relevant provider.

If you do not want the social network provider to assign the data collected via our website to your user account, you must log out of the social network before activating the plug-in. The legal basis for this processing is your consent within the meaning of Article 6(1)(a) of the EU GDPR. You may withdraw your consent at any time by declaring your wish to withdraw it to the plug-in provider in accordance with the information contained in its data protection declaration.

15. Online advertising and targeting

15.1 General provisions

We use the services of various companies to provide you with interesting offers online. We analyze your user behavior on our website and on the websites of other providers in order to offer you online advertisements tailored to your individual needs.

Most technologies for tracking your user behavior ("tracking") and displaying targeted advertisements ("targeting") work with cookies (see also point 11) that recognize your browser on different websites. Depending on the service provider you use, it is also possible for you to be recognized online even when using different terminals (e.g. laptop and smartphone). This may be the case, for example, if you sign up for a service that you use with several devices.

In addition to the data already mentioned, which is generated when you visit websites ("log data", point 10) and when you use cookies (point 11) and which can refer to companies that are part of advertising networks, the following data, in particular, helps to select ads that may be of interest to you:

  • Information about you that you have given us when registering or using an advertising partner's service (e.g., your gender, age range);
  • User behavior information (e.g., search terms, interactions with advertisements, types of websites visited, products or services viewed and purchased, newsletters you have subscribed to).

We and our service providers use this data to determine whether you belong to the target group we are addressing and take this into account when selecting which ads to display. For example, when you visit certain sites after visiting ours, you may be offered advertisements relating to the products or services you consulted ("re-targeting"). Depending on the scope of the data, a user profile may also be created and evaluated automatically. Ads are then selected based on information stored in the profile, such as membership of specific demographic segments or potential interests or behaviors.

These ads may be presented to you on various channels which, in addition to our website or app (as part of on-site and in-app marketing), also include ads served via online ad networks we use, such as Google.

The data may then be evaluated for billing purposes with the service provider and to assess the effectiveness of advertising measures in order to better understand the needs of our users and customers and improve subsequent campaigns. They may also include information indicating that an action (e.g., visiting certain sections of our website or sending information) is the result of a specific advertisement. We also receive from service providers aggregate reports on advertising activity and information on how users interact with our website and ads.

The legal basis for this processing is your consent within the meaning of Article 6(1)(a) of the EU GDPR. You can withdraw your consent at any time by refusing or deactivating the relevant cookies in your web browser settings (see point 11). Other methods for blocking advertisements are also offered in the information provided by the respective service provider, e.g. Google.

15.2 Google Ads

This website uses the services of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States ("Google") for online advertising. To this end, Google uses cookies, such as "DoubleClick" cookies, which recognize your browser when you visit other websites. The information generated by the cookie about your visit to this website (including your IP address) will be transmitted to and stored by Google on servers in the U.S. (For more information, please see Error! Reference source not found). By clicking here, you will find further information on the data protection offered by Google.

The legal basis for this data processing is your consent within the meaning of Article 6(1)(a) of the EU GDPR. You can withdraw your consent at any time by refusing or deactivating the relevant cookies in your web browser settings (see point 11). You can find other ways to block ads here.

16. Booking on the website, by mail order or by phone call

When you make a booking or order a gift voucher on our website, by correspondence (e-mail or post) or by telephone, we collect the following data, with mandatory data marked with an asterisk (*) in the relevant form:

  • Last name
  • First name
  • Address
  • Postcode
  • Location
  • Country
  • Date of birth
  • Phone number
  • Email address
  • Language
  • Credit card information

We will only use this data as well as other information you have voluntarily provided (e.g. estimated time of arrival, motor vehicle license plate, preferences, remarks) for the performance of the contract, unless this privacy policy states otherwise or you have specifically consented. We will process data specifically to register your booking in accordance with your wishes, to provide the services you have booked, to contact you in the event of ambiguities or problems and to ensure correct payment. Your credit card details will be automatically deleted after your departure.

The legal basis for processing data for this purpose lies in the performance of a contract in accordance with Article 6(1)(b) of the EU GDPR or in your consent in accordance with Article 6(1)(a) of the EU GDPR. You may revoke your consent at any time with effect for the future.

17. Online payment processing

If you make bookings or purchase products on our website against payment, you will need to provide us with other data in addition to the information mentioned in point respectively point 16 depending on the products or services in question and the desired payment method, for example your credit card information or the identifier you use to log in to your payment service provider. This information and the fact that you have purchased a product or service from us for the relevant amount and duration is passed on to the relevant payment service provider (e.g. payment solution providers, credit card issuers and credit card acquirers). Always consult the information of the company concerned, in particular the data protection policy and general terms and conditions.

The legal basis for this communication is the performance of a contract within the meaning of Article 6, paragraph 1, letter b, of the EU GDPR.

18. Bookings via booking platforms

If you make reservations via a third-party platform (i.e. via booking.com, Hotel, Escapio, Expedia, Holidaycheck, Hotel Tonight, HRS, Kayak, Mr. & Mrs. Smith, Splendia, Tablet Hotels, Tripadvisor, Trivago, Weekend4Two), we receive various personal information from the relevant platform in connection with the reservation made. This generally involves the data mentioned in point 16 of this privacy policy. We may also receive requests concerning your booking. We will process this data by name in order to establish your booking in accordance with your wishes and to make the booked services available to you.

The legal basis for processing your data for this purpose lies in the performance of a contract in accordance with Article 6(1)(b) of the EU GDPR. Finally, we may be informed by the platform operators of disputes relating to a booking. In this context, we may receive data relating to the booking process, which may include a copy of the booking confirmation as proof of the actual conclusion of the booking. We process this data in order to safeguard and enforce our rights. This is our legitimate interest within the meaning of Article 6(1)(f) of the EU GDPR.

Please also note the data protection information of the relevant booking platform.

19. Ratings and comments

In order to help other users with their purchasing decisions and to promote quality (in particular by dealing with negative comments), you have the opportunity to evaluate your stay with us on our website. The data you then make available to us will be processed and published on the website, i.e. in addition to your review and its time, possibly together with the comment you have attached to your review or the name you have provided.

The legal basis for processing is your consent within the meaning of Article 6(1)(a) of the EU GDPR. You may withdraw your consent at any time by notifying us. We reserve the right to delete unlawful evaluations and to contact you in the event of suspicion, in order to request an explanation. The legal basis for this processing is our legitimate interest in providing the comment and rating functionality and preventing misuse when using it within the meaning of Article 6(1)(f) of the EU GDPR.

20. Vacancy application

You have the opportunity to send us your unsolicited application or via an e-mail address in response to a specific job vacancy. To do so, we collect the following data, mandatory data being marked with an asterisk (*) in the corresponding form:

  • First name
  • Last name
  • Email address
  • Application documents (e.g. CV, covering letter, diplomas, etc.)

The legal basis for processing your data for this purpose is therefore the performance of a contract (pre-contractual phase) in accordance with Article 6(1)(b) of the EU GDPR.

21. Data processing to meet legal notification obligations

When you arrive at the hotel, we may need the following information (mandatory *) from you and the people accompanying you:

  • First name and surname*
  • Postal address and canton*
  • Date of birth*
  • Nationality*
  • Official identity card and number*
  • Day of arrival and departure*

We collect this information in order to comply with legal notification obligations arising in particular from guest advertising or police legislation. Insofar as we are required to do so under the applicable provisions, we pass on this information to the relevant police authorities. The processing of this data is carried out on the basis of a legal obligation within the meaning of Article 6(1)(c) of the EU GDPR.

22. Registration of services obtained

If you receive additional services as part of your stay (e.g. wellness, restaurant, activities), we record the purpose of the service as well as when it was provided for billing purposes. The processing of this data is necessary within the meaning of Article 6(1)(b) of the EU GDPR for the performance of the contract with us.

23. Video surveillance

In order to prevent abuse and combat illegal behavior (in particular theft and property damage), the entrance area and publicly accessible areas of our Hotel are monitored by cameras. Imaging data is only consulted if there is a suspicion of illegal behavior. Otherwise, recorded images are automatically deleted after 72 hours.

For the provision of the video surveillance system, we rely on a service provider who may have access to the data if this is necessary for the provision of the system. If the suspicion of illegal behavior is confirmed, the data may be passed on to consulting companies (in particular our law firm) and to the authorities to the extent necessary to enforce rights or to report it.

The legal basis for this processing is our legitimate interest in protecting our property and protecting and enforcing our rights within the meaning of Article 6(1)(f) of the EU GDPR.

24. Use of our Wi-Fi network

In our Hotel, you have the opportunity to use the Wi-Fi network operated by NAXOO (Quai du Seujet 28, 1201 Geneva) free of charge. Prior registration is required to prevent abuse and combat illegal behavior. By doing so, you transmit the following data to NAXOO:

  • mobile phone number
  • terminal MAC address (automatic)

In addition to the above data, data on the Hotel premises visited is recorded along with the time, date and terminal each time the WiFi network is used. The legal basis for processing is your consent within the meaning of Article 6(1)(a) of the EU GDPR. Customers may withdraw their registration at any time by notifying us.

NAXOO is required to comply with its legal obligations under the Federal Law on the Surveillance of Postal and Telecommunications Traffic and the related ordinance. If the legal requirements are met, the Wi-Fi network operator must monitor Internet use and data traffic on behalf of the competent authority. The Wi-Fi network operator may also be required to disclose customer contact, usage and auxiliary data to the relevant authorities. Contact, usage and auxiliary data are retained for 6 months before being deleted.

The legal basis for this processing is our legitimate interest in providing a Wi-Fi network that complies with the applicable legal provisions within the meaning of Article 6(1)(f) of the EU GDPR.

25. Execution of payments

The processing of personal data is necessary in the event of purchasing products or services in our Hotel or paying for your stay using electronic means of payment. When using payment terminals, you transmit the information stored in your payment means, such as the cardholder's name and card number, to the relevant payment service providers (e.g. payment solution providers, credit card issuers and credit card acquirers). These providers also receive information that the means of payment has been used in our Hotel as well as the amount and time of the transaction.

For our part, we only receive the amount paid at the appropriate time, which we can attribute to the document number concerned or to the information that the transaction was not possible or was cancelled. Always consult the information provided by the company concerned, in particular its data protection policy and general terms and conditions. The legal basis for this communication is the performance of the contract we have concluded with you in accordance with Article 6, paragraph 1, letter b, of the EU GDPR.