Data Protection Declaration
Date: May 2018
Hotel Du Nord AG , Höheweg 70 in 3800 Interlaken runs the Hotel Du Nord, Höheweg 70 in 3800 Interlaken. It operates the website www.hotel-dunord.ch and is therefore responsible for the collection, processing and use of your personal data and the compatibility of data processing with the applicable data protection law. The protection of your data is important to us. We therefore treat your personal data as confidential and pay attention to appropriate security. Of course, we comply with the legal provisions of the Federal Act on Data Protection (FADP), the Ordinance to the Federal Act on Data Protection (DPO), the Telecommunications Act (TCA) and other applicable data protection provisions of Swiss or EU law, in particular the EU General Data Protection Regulation (GDPR).
In order for you to know what personal data we collect on you and what purposes we use them for, please take note of the information below.
Commissioner for data protection
Address of our data protection representative in the EU:
A. Data Processing in Connection with our Website
1. Visiting our website
The use of the website of the Hotel Du Nord, Höheweg 70 in 3800 Interlaken, is basically possible without providing any personal data. If, as a user, you wish to make use of special services - in particular the possibility of online booking - via the website, the processing of personal data may become necessary. These data will not be passed on to any third party without your express consent and are used solely to process your enquiry.
We would like to point out that despite all measures taken, data transmission over the Internet (e.g. when communicating by e-mail) can have security gaps and, therefore, complete protection of data against access by third parties is not guaranteed in every case.
2. SSL encryption / HTTPS protocol
To secure the transmission of confidential data through the forms provided on this website and for security reasons, we use SSL as encryption technology. You can recognise an encrypted connection by the address line »https://« and the lock symbol displayed in the browser. Data encrypted via SSL cannot be read by third parties during transmission.
The hosting provider of this website automatically collects and stores information in what is known as »server log files«, that are transmitted automatically by your browser. The following data are logged in this way:
- Website visited
- Access time
- Amount of data sent in bytes
- Source/reference from which you accessed the page
- Browser used
- Operating system used
- IP address used (pseudonymised: the creation of a personal reference is no longer possible)
These data cannot be assigned to specific persons. Such data are not combined with other data sources. The storage of the data is used solely for statistical evaluation, to guarantee the operation, as well as the safety of the offer.
If there is a justified suspicion of illegal use due to concrete indications, we reserve the right to subsequently check the log data.
3. Access data / server log files
The hosting provider of this website automatically collects and stores information in what is known as "server log files", which your browser automatically transmits. The following data are logged in this way:
- the IP address of the requesting computer (pseudonymised, the creation of a personal reference is no longer possible),
- the name of the owner of the IP address range (usually your Internet access provider),
- the date and time of access,
- the website from which access was gained (referrer URL), where applicable with the search term used,
- the name and URL of the file retrieved,
- the status code (e.g. error message),
- the operating system of your computer,
- the browser you are using (type, version and language),
- the transmission protocol used (e.g. HTTP/1.1), and
- where applicable, your username from a registration/authentication.
These data are collected and processed for the purpose of enabling the use of our website (establishment of the connection), to permanently guarantee system security and stability and to enable the optimisation of our Internet offer as well as for internal statistical purposes. This is our legitimate interest in data processing within the meaning of Art. 6 para. 1 lit. f GDPR.
Furthermore, the IP address is evaluated together with the other data in the event of attacks on the network infrastructure or other unauthorised or abusive use of the website for reconnaissance and defence purposes and, if required, used in the context of criminal proceedings for identification and civil and criminal proceedings against the users concerned. This is our legitimate interest in data processing within the meaning of Art. 6 para. 1 lit. f GDPR.
4. Use of our contact form
You have the possibility to use a contact form to get in touch with us. For this purpose, we imperatively need the following information:
- name and surname
- e-mail address
We will only use these details to answer your contact inquiry in the best possible and personalised manner. The processing of these data is therefore necessary for the implementation of steps to be taken prior to entering into a contract within the meaning of Art. 6 para. 1 lit. b GDPR or is in our legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR.
5. Booking on the website, by correspondence or by phone call
If you make bookings either via our website, by correspondence (e-mail or letter post) or by telephone call, we imperatively require the following data to process the contract:
- form of address
- name and surname
- address, postcode and place
- date of birth
- phone number
If you communicate through e-mail, please also provide your e-mail address.
For direct bookings through our website, we use the Superbooking booking engine of GHIX Group AG, Stanserstrasse 7, 6362 Stans. For the processing of the contract, personal data are collected and forwarded to us by e-mail. These data include the following details:
- form of address
- name and surname
- postcode and place
- e-mail address
- phone number
- credit card details
We will only use these data and other information you provide voluntarily (e.g. expected time of arrival, motor vehicle registration plate, preferences, comments) to process the contract, unless otherwise stated in this data protection declaration or you have given your separate consent. In particular, we will process the data in order to record your booking as requested, to provide the services booked, to contact you in case of uncertainties or problems and to ensure correct payment.
The legal basis of data processing for this purpose is the performance of a contract pursuant to Art. 6 para. 1 lit. b GDPR.
6. Online job applications / publication of job advertisements
We offer you the opportunity to apply to us through our website. In digital applications, we collect and process your applicant and application data electronically in order to process your application.
If an employment contract is concluded after the application procedure, we will store the data you provided during the application in your personnel file for the purpose of the usual organisational and administrative process - obviously in compliance with further legal obligations.
The legal basis of data processing is the performance of measures to be taken prior to entering into a contract, and our legitimate interest pursuant to Art. 6 para. 1 lit. b and f GDPR. For further data processing, the legal basis is the consent you have given within the meaning of Art. 6 para. 1 lit. a GDPR.
If an application is rejected, we will automatically delete the data submitted to us two months after notification of rejection. However, the data will not be deleted if they are required by law to be stored for a longer period of up to four months or until legal proceedings have been concluded.
If you expressly consent to a longer storage of your data, e.g. for your inclusion in a database of applicants or interested parties, the data will be processed further on the basis of your consent. In that case, the legal basis is Art. 6 para. 1 lit. a) GDPR. Meanwhile, you can of course revoke your consent at any time pursuant to Art. 7 para. 3 GDPR by declaration to us with effect for the future.
Cookies are helpful in many ways to make your visit to our website easier, more pleasant and more meaningful. Cookies are small text files that your web browser automatically stores on your computer's hard drive when you visit our website.
Most Internet browsers automatically accept cookies. However, you can configure your browser so that no cookies are stored on your computer or a message appears whenever you receive a new cookie. On the following pages you will find explanations on how you can configure the processing of cookies with the most common browsers:
- Microsoft Windows Internet Explorer
- Microsoft Windows Internet Explorer Mobile
- Mozilla Firefox
- Google Chrome for Desktop
- Google Chrome for Mobile
- Apple Safari for Desktop
- Apple Safari for Mobile
Disabling cookies may prevent you from being able to use all the features of our website.
8. Analysis tools
Matomo (formerly: »PIWIK«)
This website uses the analysis Matomo (formerly: »PIWIK«) software. This is open-source software that can be used to analyse the use of the website. This involves processing your IP address, the pages of the website you visit, the website from which you switched to this website (referrer URL), your length of stay and the frequency with which individual pages within this website are accessed on the hosting provider's server.
Matomo stores a cookie on your terminal device through your Internet browser to collect these data.
However, we use Matomo with the »Automatically Anonymize Visitor IPs« anonymisation function. This anonymisation function shortens your IP address by two bytes so that it is impossible to assign it to you or to the Internet connection you are using.
If you do not agree to this processing taking place, you have the option of preventing the storage of the cookie by changing a setting in your Internet browser. You will find more detailed information on this in the section on »Cookies above.
In addition, you have the option of terminating the analysis of your usage behaviour by an operation known as opting out. When you confirm the link
a cookie will be stored on your terminal device through your Internet browser, which will prevent further analysis. However, please note that you will have to click on the above link again if you have deleted the cookies stored on your terminal device.
We use Google Analytics on our website. This is a web analytics service provided by Google Inc., Gordon House, Barrow Street, Dublin 4, Irland (hereinafter: Google).
Through certification according to the EU-US Privacy Shield
Google guarantees that it will follow the EU's data protection regulations when processing data in the United States.
The Google Analytics service is used to analyze how our website is used. The legal basis is Art. 6 Para. 1 lit. f) GDPR. Our legitimate interest lies in the analysis, optimization, and economic operation of our site.
Usage and user-related information, such as IP address, place, time, or frequency of your visits to our website will be transmitted to a Google server in the United States and stored there. However, we use Google Analytics with the so-called anonymization function, whereby Google truncates the IP address within the EU or the EEA before it is transmitted to the US.
The data collected in this way is in turn used by Google to provide us with an evaluation of visits to our website and what visitors do once there. This data can also be used to provide other services related to the use of our website and of the internet in general.
Google states that it will not connect your IP address to other data. In addition, Google provides further information with regard to its data protection practices at
including options you can exercise to prevent such use of your data.
In addition, Google offers an opt-out add-on at
9. Use of social media plugins
Social media plugins of Facebook
This website uses the Facebook Social Plugin, which is provided by Facebook Inc. (1 Hacker Way, Menlo Park, California 94025, USA). The includes can be recognised by the Facebook logo or the terms »Like«, »Share« in the Facebook colours (blue and white). Information about all Facebook plugins can be found through the following link: https://developers.facebook.com/docs/plugins/
Facebook Inc. complies with European data protection law and is certified according to the Privacy Shield Agreement: https://www.privacyshield.gov/participant?id=a2zt0...
The plugin will establish a direct connection between your browser and the Facebook servers. The website operator has no influence on the nature and scope of the data that the plugin transmits to the servers of Facebook Inc. More information can be found here: https://www.facebook.com/help/186325668085084
The plugin will inform Facebook Inc. that you have visited this website as a user. It is possible that your IP address is stored. If you are logged into your Facebook account during your visit to this site, this information will be assigned to your Facebook account.
If you use the functions of the plugin - for example by sharing or "likening" a post – the corresponding information will also be transmitted to Facebook Inc.
If you want to prevent Facebook Inc. from linking these data to your Facebook account, please log out of Facebook before visiting this website and delete the cookies stored. You can use your Facebook profile to make further data processing settings for advertising purposes or to object to the use of your data for advertising purposes. You can access the settings here:
- Profile settings on Facebook: https://www.facebook.com/ads/preferences/?entry_pr...
- Cookie deactivation page of the US website: http://optout.aboutads.info/?c=2#!/
- Cookie deactivation page of the European website: http://optout.networkadvertising.org/?c=1#!/
To find out what data, for what purpose and to what extent Facebook collects, uses and processes data and what rights and setting options you have to protect your privacy, please read Facebook's data protection guidelines. You can find them here: https://www.facebook.com/about/privacy/
Social plugins from »Instagram«
Our website will use what is known as social plugins ("plugins") from Instagram, which is operated by Instagram LLC, 1601 Willow Road, Menlo Park, CA 94025, USA ("Instagram"). The plugins are marked with an Instagram logo, for example in the form of an "Instagram camera". An overview of the Instagram plugins and their appearance can be found here:
When you access a page of our website that contains such a plugin, your browser will establish a direct connection to Instagram's servers. Instagram will transfer the content of the plugin directly to your browser and integrate it into the page. This integration will inform Instagram that your browser has called up the corresponding page of our website, even if you do not have an Instagram profile or are not currently logged in to Instagram. This information (including your IP address) will be transmitted by your browser directly to an Instagram server in the USA and will be stored there.
If you are logged in to Instagram, Instagram can immediately assign your visit to our website to your Instagram account. If you interact with the plugins, for example by pressing the "Instagram" button, this information will also be transmitted directly to an Instagram server and be stored there. The information will also be published on your Instagram account and be displayed in your contacts.
If you do not want Instagram to assign the data collected via our website directly to your Instagram account, you must log out of Instagram before visiting our website. You can also completely prevent the Instagram plugins from loading through add-ons for your browser, e.g. through the script blocker "NoScript" (http://noscript.net/).
10. Tools & plugins
Google web fonts
This site uses what is known as web fonts provided by Google to uniformly display fonts. When you call up a page, your browser will load the required web fonts into your browser cache to display texts and fonts correctly.
To do this, the browser you are using must connect to Google's servers. By doing so, Google will become aware that our website has been accessed via your IP address. Google web fonts are used to ensure a uniform and appealing presentation of our online offers. If your browser does not support web fonts, a default font will be used by your computer.
For more information about Google Web Fonts, please visit https://developers.google.com/fonts/faq and read Google's privacy statement: https://policies.google.com/privacy/update?hl=en.
Our website uses the Google Maps map service via an API. The provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
To use the functions of Google Maps it is necessary to save your IP address. This information will usually be transmitted to a Google server in the USA and be stored there. The provider of this site has no influence on this data transmission.
Google Maps is used to ensure an appealing representation of our online offers and to make it easy to locate the places we indicate on the website.
More information on the handling of user data can be found in Google's data protection declaration: https://policies.google.com/privacy/update?hl=en
We use Google reCAPTCHA on our website to check and avoid interactions on our website by automated access, e.g. by what is known as bots. This is a service of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043 USA, hereinafter referred to as "Google".
Google's certification under the EU-US Privacy Shield https://www.privacyshield.gov/participant?id=a2zt0... guarantees that the EU's data protection requirements are also complied with when processing data in the USA.
Through this service Google can determine from which website a request is sent and from which IP address you use what is referred to as the reCAPTCHA input box. In addition to your IP address, Google may collect other information necessary for the offer and to guarantee this service.
The legal basis is Art. 6 para. 1 lit. f) GDPR. Our legitimate interest is the security of our Internet presence and the prevention of unwanted, automated access in the form of spam or similar.
Google offers further information on the general handling of your user data at https://policies.google.com/privacy/update?hl=en .
B. Data Processing in Connection with Your Stay
11. Data processing for the fulfilment of legal reporting obligations
On arrival at our hotel, we may need the following information about you and your escorts:
- name and surname
- postal address and canton
- date of birth
- place of birth
- official identification card and number
- day of arrival and departure
- room number
We collect this information for the fulfilment of legal reporting obligations, which result in particular from the hospitality industry or police law. Where we are required to by applicable regulations, we will forward this information to the appropriate police authority.
We have a legitimate interest in the fulfilment of the legal requirements within the meaning of Art. 6 para. 1 lit. f GDPR.
12. Recording of services purchased
If you make use of additional services during your stay (e.g. the mini-bar or pay TV offer), we will record the item of the service and the time at which it is used for invoicing purposes. The processing of these data is required within the meaning of Art. 6 para. 1 lit. b GDPR for the processing of the contract with us.
C. Storage and Exchange of Data with Third Parties
13. Booking platforms
If you make bookings through a third-party platform (booking.com, triva-go.com, hrs.com etc.), we will receive various personal details from the respective platform provider. These are usually the data listed in the section provided for "Booking on the website, by correspondence or by phone call". In addition, we may receive enquiries regarding your booking. We will process these data in particular in order to record your booking as requested and to make available the services booked. The legal basis of data processing for this purpose is the performance of a contract according to Art. 6 para. 1 lit. b GDPR.
Finally, we may be informed by the platform providers of any disputes in connection with a booking. In this context, we may also receive information about the booking process, which may include a copy of the booking confirmation as proof of the actual confirmation of the booking. We process these data to protect and enforce our claims. This is our legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR.
Please also note the respective provider’s information on data protection.
14. Central storage and linking of data
We will store your personal data in a central electronic data processing system. In this context, your specific personal data will be systematically recorded and linked in order to process your bookings and provide the contractual services. For this purpose, we use software from FO-DATA GmbH, Geerenstrasse 3, 9507 Stettfurt, Switzerland. The processing of these data within the scope of the software is based on our legitimate interest in customer-friendly and efficient customer data management within the meaning of Art. 6 para. 1 lit. f GDPR.
15. Retention period
We will only store personal data for as long as it is necessary to use the tracking services mentioned above and further processing within the scope of our legitimate interest. We will keep contractual data for a longer period of time because this is required according to legal storage obligations. Storage obligations obliging us to store data result from regulations concerning the right to report, accounting and tax law. According to these regulations, business communication, contracts concluded and accounting documents must be kept for up to 10 years. If and as we no longer need these data to perform the services for you, the data will be blocked. This means that the data may then only be used for accounting and tax purposes.
16. Disclosure of data to third parties
We will only pass on your personal data if you have expressly consented to this, if there is a legal obligation to do so or if it is necessary for the enforcement of our rights, in particular for the enforcement of claims arising from the contractual relationship. Furthermore, we will pass on your data to third parties to such an extent as it is necessary in the context of the use of the website and the processing of the contract (also outside the website), in particular the processing of your bookings.
One service provider to whom the personal data collected through the website will be passed on and who has or can have access to them is our web hoster netfuchs gmbh, untere Bönigstrasse 10a, 3800 Interlaken, Switzerland. The website is hosted on servers in the Federal Republic of Germany. The data will be passed on for the purpose of providing and maintaining the functionalities of our website. This is our legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR.
Finally, we will forward your credit card information to your credit card issuer and the credit card acquirer when payment is made by credit card on the website. If you decide to pay by credit card, you will be asked to enter all necessary details. The legal basis for the transfer of the data is the performance of a contract in accordance with Art. 6 para. 1 lit. b GDPR. With respect to the processing of your credit card information by these third parties, please also read the general terms and conditions and the data protection declaration of your credit card issuer.
17. Transmission of personal data abroad
We are also entitled to transmit your personal data to third parties (commissioned service providers) abroad for the purpose of data processing as described in this data protection declaration. These third parties are obliged to the same extent as we are to comply with data protection regulations. If the level of data protection in a country does not correspond to that in Switzerland or Europe, we will contractually ensure that the protection of your personal data will correspond at all times to that in Switzerland or the EU.
D. Further Information
18. Right to request access to, rectification, erasure of personal data and restriction of processing; right to data portability, withdrawal and objection
You have the right to request information about the personal data that we store about you. In addition, you have the right to request rectification of inaccurate data and erasure of your personal data, unless there is a legal obligation to retain such data or a factual ground allowing us to process the data.
You also have the right to reclaim the data that you have provided to us (right of data portability). Upon request, we will also pass the data on to a third party of your choice. You have the right to receive the data in a common file format.
Once given, you can revoke your consent to the processing of your data at any time. As a result, we will no longer be allowed to, and will not continue to process the data in the future as we will have done before on the basis of this consent. Furthermore, you have the right to object to the processing of your personal data if there are reasons for this which arise from your particular situation or if the objection is directed against direct advertising.
You can contact us for the above-mentioned purposes by e-mail at firstname.lastname@example.org. We may, at our discretion, require proof of identity to process your applications.
19. Data security
We use appropriate technical and organisational security measures to protect your personal data stored with us against manipulation, partial or complete loss and against unauthorised access by third parties. Our security measures are continuously improved in line with technological developments.
You should always treat your access data confidentially and close the browser window when you have finished communicating with us, in particular if you share your computer with others.
We also take internal data protection very seriously. We have committed our employees and the service companies we have commissioned to secrecy and compliance with data protection regulations.
20. Note on data transmission to the USA
For reasons of completeness, we would like to point out to users residing or domiciled in Switzerland that there are monitoring measures vested in US authorities in the USA, which generally allow the storage of all personal data of all persons whose data were transmitted from Switzerland to the USA. This is done without differentiation, restriction or exception on the basis of the objective pursued and without an objective criterion making it possible to limit access by the US authorities to the data and their subsequent use to very specific, strictly limited purposes justifying intervention related to both access to these data and their use. Furthermore, we would like to point out that there are no legal remedies available in the USA for data subjects from Switzerland allowing them to gain access to the data about them and obtain their rectification or erasure, i.e. that there is no effective legal protection against general access rights of US authorities. We explicitly point out this legal and factual situation to the person concerned (data subject) in order to enable them to make an appropriately informed decision to consent to the use of his or her data.
Users residing in a EU Member State are advised that the US does not have an adequate level of data protection from the point of view of the European Union, in part due to the issues mentioned in this section. Having explained in this Data Protection Declaration that recipients of data (such as Google) are based in the USA, we will nonetheless ensure that your data is protected by our partners at an appropriate level, either by contractual arrangements with these companies or by ensuring that these companies are certified under the EU / Swiss-US privacy shield.
21. Right to lodge a complaint with a supervisory authority
You have the right to lodge a complaint with a data protection supervisory authority at any time.
22. Up-to-dateness and amendment of this Data Protection Declaration
This Data Protection Declaration has been valid as of May 2018 and has been written to the best of our knowledge and belief.
Due to the further development of our website and offers processed on it, as well as due to possible amendments of legal or official requirements, it may become necessary to amend this Data Protection Declaration. You can call up and print the current version of the Data Protection Declaration on our website at any time.
Last updated: May 2018