Data Privacy Statement

We, the  Hotel du Nord AG, Höheweg 70, 3800 Interlaken, Switzerland, are the operators of the hotel and website www.hotel-dunord.ch and, unless specified otherwise, we are responsible for processing the data included in this Data Privacy Statement.

Please read the following information which outlines which personal data we collect from you and how we use it. Our data protection policy is based primarily on the statutory requirements of Swiss data protection legislation, specifically the Federal Law on Data Protection (DSG), and also the EU-GDPR, whose provisions may be applicable in individual cases.

Please be aware that the following information may be revised and amended from time to time. For this reason, we recommend that you regularly view this Data Privacy Statement. Furthermore, other companies have data privacy responsibility for some of the specific data handling actions listed below, or may share responsibility with us, meaning that in these cases, information from these providers is also relevant.

 

Contact partners for data privacy

If you have questions on data privacy or would like to exercise your rights regarding data privacy, please contact our data privacy officer by sending an e-mail to the following address: garry.lock@hotel-dunord.ch

You can contact our EU data privacy representative at:

VGS Datenschutzpartner GmbH
Am Kaiserkai 69
20457 Hamburg
Germany
info@datenschutzpartner.eu
https://datenschutzpartner.eu

 

Your rights

Provided the statutory requirements have been met, you have the following rights as a data subject:

  • Right to information: If we process your personal data, you may ask to view the data stored by us at any time and without charge. You thus have the opportunity to check which personal data we are processing about you, and to ensure that we are using this data in accordance with the valid data protection provisions.
  • Right to correction: You may ask to have incorrect or incomplete personal data corrected and to be informed about this correction. In this case, we shall inform the recipient of the data in question of the amendments made, provided this is possible and does not require a disproportionate effort.
  • Right to deletion: You may request deletion of your personal data under certain conditions. In isolated cases, specifically with regard to statutory retention requirements, the right to deletion may be excluded. In this case, under the given requirements, the data may be blocked and not deleted.
  • Right to restriction of processing: You may request that processing of your personal data is limited.
  • Right to data transfer: You may receive the personal data you have provided to us in a legible format, without charge.
  • Right of objection: You may object to data processing at any time, specifically for data processing related to direct advertising (e.g., advertising e-mails).
  • Right of withdrawal: You have a basic right to revoke your consent at any time. However, past processing activities for which your consent was given do not become illegitimate with your withdrawal.
  • Right of complaint: You may submit a complaint to a responsible supervisory authority, for example, in relation to the way in which your personal data is processed.

To exercise these rights, please send us an e-mail at the following address: info@hotel-dunord.ch.

 

Data privacy

We use appropriate technical and organisational security measures to protect against the loss or unlawful processing of the personal data we hold, in particular to protect against unauthorised access by a third party. We require our employees and the service companies instructed by us to observe confidentiality and to safeguard data privacy. Furthermore, these persons are only granted access to personal data to the extent necessary to fulfil their tasks.

Our security measures are continuously amended in accordance with technological developments. However, the transmission of information via the internet and electronic communication methods always involves a certain level of security risk and we cannot make any absolute guarantee for the security of information transmitted in this way.

 

Note on data transmission to the USA

For reasons of completeness, we would like to advise users who are resident or work in Switzerland that, in the USA, the US authorities implement supervisory measures which generally enable all personal data to be saved for all persons whose data has been transmitted from Switzerland to the USA. This takes place with no differentiation, restriction or exception of the goal, and with no objective criteria to enable access to the data by the US authorities and subsequent use of the data to be restricted to a specific, strictly limited purpose which may justify either access to this data or intervention associated with the use of the data. We would also like to point out that there are no legal remedies in the USA for persons from Switzerland which would allow them to access the data in question, and to have it corrected or deleted, or rather, there is no effective legal protection against the general access rights granted to US authorities. We are advising affected persons of this legal situation so they can make an appropriately informed decision on providing consent for the use of their data.

We would like to advise users who are resident in an EU member state that, from the perspective of the European Union – based the topics mentioned in this section, amongst others – the USA does not have an adequate level of data privacy. Where we have outlined in this Data Privacy Statement that recipients of data (for example, Google) are located in the USA, we will ensure that your data held by our partners has an adequate level of protection either through contractual regulations with this company or through certification of this company under the EU or Swiss-US Privacy Mark.

 

Contact with us

If you contact us via our contact addresses and channels (e.g., via e-mail, telephone, or contact form), your personal data will be processed. The data that you have provided to us, e.g., the name of your company, your name, your function, e-mail address or telephone number, and your issue, is processed. We also document the time of receipt of the query. Mandatory information is flagged with an asterisk (*) in the contact form.
We process your data only for dealing with your issue (e.g., providing information about our hotel, support with contract execution, for example, booking queries, inclusion of your feedback in order to improve our service etc.). The legal basis for this data processing is our legitimate interest in the sense of Art. 6 (1) lit. f EU-GDPR for dealing with your issue, or, if your query is in relation to the conclusion or settlement of a contract, the requirement for performance of the required measures in the sense of Art. 6 (1) lit. b EU-GDPR.

 

Central data storage and analysis in the CRM system

If data can be uniquely assigned to you, we will save and link the data described in this Data Privacy Statement, specifically your personal details, communication, contract data and browsing habits on our website, in a central database. This enables efficient administration of customer data and allows us to respond to your issue appropriately so we can effectively provide the services required by you and fulfil the associated contracts. The legal basis for this data processing is our legitimate interest in the sense of Art. 6 (1) lit. f. EU-GDPR for the efficient administration of user data.

We evaluate this data in order to further develop our offerings according to needs, and to display and suggest information and offerings that are as relevant as possible. We also use methods which predict interests and future orders based on your website use. The legal basis for this data processing is our legitimate interest in the sense of Art. 6 (1) lit. f. EU-GDPR for the implementation of marketing actions.

 

Forwarding to third parties and access by third parties

Without the support of other companies, we would not be able to provide our offerings in the required form. So that we can use the services provided by these companies, it is also necessary, to a certain extent, to pass on your personal data. Data may be passed on in this case if this is necessary for fulfilment of your required contract, this means, for example, it may be passed to restaurants or other third-party providers with whom you have made a reservation. If data is passed on as in this case, the legal basis is the requirement for fulfilment of the contract in the sense of Art. 6 par. 1 lit. b EU-GDPR.

Data may also be passed to selected service providers but only to the extent required for provision of the service. This generally refers to IT service providers (such as providers of software solutions), advertising agencies, consulting companies. The legal basis for passing on of data in this case is our legitimate interest in the sense of Art. 6 (1) lit. f. EU-GDPR for the purchase of third-party services.

Moreover, your data may be passed on, specifically to authorities, legal advisors or collection agencies, if we are legally obliged to do so, or if this is necessary to safeguard our rights, specifically for the enforcement of rights resulting from our relationship with you. Data may also be passed on if another company intends to purchase our company or parts thereof and passing on of the data is necessary for a due diligence check or for execution of the transaction. The legal basis for passing on of data in this case is our legitimate interest in the sense of Art. 6 (1) lit. f EU-DSGVO for safeguarding our rights and compliance with our obligations, or for the sale of our company.

One service provider to whom data collected on the website is passed or who has, or can have, access to this data is our web hoster Netfuchs GmbH, untere Bönigstrasse 10a, 3800 Interlaken, Switzerland. The website is hosted on servers in the Federal Republic of Germany. Data is passed on for the purpose of providing and maintaining the functionality of our website. This establishes our legitimate interest in the context of Art. 6 (1) lit. f GDPR.

 

Transmission of personal data to a foreign country

We are permitted to transfer your personal data to third parties abroad if this is necessary for execution of the data processing specified in this Data Privacy Statement (see specifically sections 16-20). In this case, the statutory regulations for disclosure of personal data to third parties are observed as a matter of course. If the country in question does not provide an adequate level of data privacy, we implement contractual regulations to ensure that your data is adequately protected by this company.

We only store personal data for as long as is necessary to complete the processing outlined in this Data Privacy Statement within the scope of our legitimate interest. Contractual data must be stored in accordance with the statutory retention requirements. The requirement to store data may arise from reporting provisions and from fiscal regulations. In accordance with these regulations, business communication, concluded contracts and posting documents must be stored for up to 10 years. As soon as this data is no longer needed for fulfilment of the services for you, the data is blocked. This means that the data may then only be used if required for fulfilment of retention requirements or to defend and enforce our legal interests. The data is deleted as soon as there is no longer a retention requirement and there is no legitimate interest in its storage.

 

A. Data processing in connection with our website

1. Accessing our website

Use of the internet site for the Hotel Du Nord, Höheweg 70 in 3800 Interlaken, is generally possible without specification of any personal data. If you would like to use our website as a user of specific services - in particular, the online booking option - processing of personal data may be required. This data is not passed to third parties without your explicit consent and is used only to process your query.
We would like to point out that, in spite of all measures taken, data transfer via the internet (e.g., in an e-mail communication) may present security gaps and, as a result, it is not possible to protect data from third-party access in all cases.

 

2. SSL encryption / HTTPS protocol

To protect the transfer of confidential data via the forms on this website and for security reasons, we use SSL encryption technology. You can recognise an encrypted connection with "https://” in the address bar and the lock symbol displayed in the browser. Data that is encrypted using SSL cannot be read by third parties during transmission.

 

3. Access data / server log files

With each visit to our website, the servers from our hosting provider Netfuchs GmbH, untere Bönigstrasse 10a, 3800 Interlaken, Switzerland, temporarily store each access in a log file. The following data is thus recorded without your intervention and is stored until it is automatically deleted by us:

  • the IP address for the querying computer (pseudonymised, creation of a  personal reference is no longer possible),
  • the name of the owner of the IP address range (usually your internet access provider),
  • the date and time of the visit,
  • the website from which the visit is made (referrer URL), if applicable with search term used,
  • the name and URL of the accessed file,
  • the status code (e.g., error message),
  • the operating system used by your computer,
  • the browser used by you (type, version and language),
  • the transfer protocol used (e.g., HTTP/1.1), and
  • if applicable, your user name from registration / authentication.

The purpose of collecting and processing this data is to enable use of our website (connection creation), to ensure long-term system security and stability, to optimise our internet offering, and also for internal statistical purposes. This establishes our legitimate interest in the context of Art. 6 (1) lit. f GDPR. The IP address is also used together with the other data for clarification and defence purposes if the network infrastructure is attacked or if the website is used in another unauthorised or improper manner, or if applicable, for identification in the case of criminal proceedings or for civil and criminal action against the user in question. This establishes our legitimate interest in data processing in the context of Art. 6 (1) lit. f GDPR.

 

4. Use of our contact form

You can use a contact form to communicate with us. In this case, we require the following information:

  • first and last name
  • e-mail address
  • message

We only use this information in order to provide the best personalised answer to your query. Thus, processing of this data is required in the sense of Art. 6 (1) lit. b GDPR for the execution of precontractual actions and also comes from our legitimate interest as per Art. 6 (1) lit. f GDPR.

 

5. Booking on the website, via correspondence or telephone call

If you make bookings or use vouchers via our website, via correspondence (e-mail or letter), or via a telephone call, we collect the following data. Mandatory information is marked with an asterisk (*) in the corresponding form:
title

  • first name
  • last name
  • street and house number
  • postal code and town/city
  • country
  • date of birth
  • e-mail address
  • telephone number
  • language
  • credit card information

For bookings made directly via our website, we work with the booking system from Hotelpartner GmbH, Chaltenbodenstrasse 16, 8834 Schindellegi. To process the contract, personal data is collected and forwarded to us via e-mail. This data is:

  • title
  • first and last name
  • address
  • postal code and town/city
  • country
  • e-mail address
  • telephone number
  • credit card information

We only use this data and other information voluntarily provided by you (e.g., expected arrival time, car registration, preferences, notes) to process the contract, unless specified otherwise in this Data Privacy Statement, or if you have not consented separately to this. We process the data to record your booking as per your requirements, to provide the booked services, to contact you in the case of queries or problems, and to ensure the correct payment. Your credit card data is automatically deleted on your departure from us.
The legal basis for data processing for this purpose comes from fulfilment of a contract as per Art. 6 (1) lit. b EU-GDPR, or rather, your consent as per Art. 6 (1) lit. a EU-GDPR. You can withdraw your consent at any time with future effect.

 

6. Online job applications / publication of job vacancies

We provide the facility to apply for our job with us via our internet site. With these digital applications, your applicant and application data is collected and processed by us electronically in order to conduct the application process. If an employment contract is concluded following the application process, we store the data transmitted for the application in your personnel file for the purpose of standard organisation and administrative processes - this is, of course, in accordance with continued legal obligations. The legal basis for the data processing arises from the execution of precontractual measures and in our legitimate interest as per Art. 6 (1) lit. b and f GDPR. For further data processing, the legal basis arises from the consent provided by you as per Art. 6 (1) lit. a GDPR. If an application is rejected, we automatically delete the data transmitted to us two months after communication of the rejection. However, the data is not deleted if statutory provisions require a longer data storage period of up to four months, or until the conclusion of a legal process.

If you explicitly consent to your data being stored for a longer period of time, for example, for inclusion in a database of applicants or interested parties, the data shall be processed according to your consent. The legal basis is then Art. 6 (1) lit. a GDPR. You can of course revoke your consent at any time with future effect in accordance with Art. 9 (3) GDPR by contacting us.

 

7. Cookies

Cookies are information files saved by your web browser on the hard drive or in the memory of your computer when you visit our website. Cookies are assigned to identification numbers which can be used to identify your browser and read the information contained in the cookie.
One function of cookies is to make your visit to our website easier, more enjoyable and more useful. We use cookies for different purposes, and these are necessary so you can use our website as you wish, these are “technically necessary”. For example, we use cookies to temporarily store your selected services and entries when completing a form on the website so that you do not need to repeat the entries when you call a subpage. Cookies also carry out technical functions required for the operation of the website, such as load balancing, in other words, distribution of the capacity load for the page to different web servers to free up the servers. Cookies are also used for security purposes, for example, to stop unauthorised posting of content. Finally, we also use cookies in the design and programming of our website, for example, to enable uploading of scripts or codes.

The legal basis for this data processing is our legitimate interest in the sense of Art. 6 (1) lit. f. EU-GDPR for the provision of a user-friendly and modern website.

Most internet browsers accept cookies automatically. However, when you visit our website, we ask for your consent for the cookies we use that are not technically necessary, specifically for the use of cookies from third parties for marketing purposes. You can configure the settings you require via the corresponding buttons in the cookie banner. Details on the services and data processing associated with the individual cookies are available within the cookie banner and in the following sections of this Data Privacy Statement.

In addition, where possible, you can also configure your browser so that no cookies are stored on your computer, or so that a notification always appears if you receive a new cookie. The following pages provide explanations of how you can configure the processing of cookies on selected browsers.

Cookie settings in Google Chrome
Cookie settings in Firefox
Cookie settings in Microsoft Edge
Cookie settings in Apple Safari

Deactivating cookies may mean that you cannot use all functions on our website.

 

8. Tracking & web analysis tools

We use the web analysis services listed below to ensure the needs-based design and continuous optimisation of our website. In this context, pseudonymised usage profiles are created and cookies are used (see also section 15). The information generated by the cookies relating to your use of this website and the logfile data listed in section 13 are usually transferred to a server managed by the service provider, where they are saved and prepared. This may include transfer to a server in a foreign country, e.g., the USA (cf. section 9, esp. guarantees).
Following preparation of the data, the information we receive includes the following:

  • navigation path taken by a user (incl. content viewed and selected, or products purchased or services booked),
  • time spent on the website or subpage,
  • the subpage from which the website is left,
  • the country, region or city from where the visit is made,
  • end device (type, version, colour depth, width and height of browser window) and
  • whether the visitor is returning or a new visitor.

The service provider uses this information on our behalf to evaluate the use of the website, to compile reports for us relating to website activities and to provide addition services relating to website usage and internet usage for the purposes of market research and the needs-design of these internet pages. For this type of data processing, we and the provider can, to a certain extent, be considered to have joint responsibility for data privacy.

The legal basis for data processing with the following tools is your consent in the sense of Art. 6 (1) lit. a EU-GDPR. You can revoke your consent or reject the data processing at any time by rejecting or disabling the relevant cookies (see also section 15) or by using the service-specific options described below.

For further processing of the data by the respective service provider as the (sole) party responsible for data privacy, specifically the possible passing on of this information to third parties such as authorities in accordance with national statutory requirements, please see the respective data privacy information of the provider.

 

Matomo (formerly: “PIWIK”)

This website uses the analysis software Matoma (formerly: “PIWIK”). This is open source software which can analyse the use of the internet site. In doing so, your IP address, the website pages you visit, the website from which you switched to this website (referrer URL), the length of time spent on the website, and also the frequency of visits to individual pages within this website are processed on the hosting provider’s server. To collect this data, Matomo saves a cookie on your end device via your internet browser.

However, we use Matomo with the anonymisation function “Automatically Anonymize Visitor IPs”. This anonymisation function reduces your IP address by two bytes so that an assignment to you or to the internet connection used by you is impossible. If you do not agree with this processing action, you can prevent the saving of cookies by means of a setting in your internet browser, For more information, see below under “Cookies”.

You can also terminate the analysis of your usage behaviour using an opt-out. By confirming the link:

9. Use of social media plug-ins

Our website includes links to our profiles in the social media networks of the following providers:

  • Meta Platforms Inc., 1601 S California Ave, Palo Alto, CA 94304, USA;
  • Instagram Inc. 1601 Willow Road, Menlo Park, CA 94025, USA;

If you click on the icons for the social networks, you are automatically taken to our profile page in the respective network. In doing so, a direct connection is created between your browser and the server of the respective social network. This means that the network receives the information that you have visited our website with your IP address and have clicked on the link.

If you click on a link to a network while you are logged in to your user account with the network in question, the content of our website can be linked to your profile so that the network can assign your visit to our website directly to your account. If you want to prevent this from happening, you should log out before you click on the link. A connection between your visit to our website and your user account is also always created when you log on to the respective network after clicking the link. The respective service provider has responsibility for data privacy with regard to the associated data processing. Please see the information on the website for the network.

The legal basis for any data processing which may be attributed to us is our legitimate interest in the sense of Art. 6 (1) lit. f EU-GDPR in the use and promotion of our social media profiles.

 

Social media plug-ins from Meta (formerly Facebook)

On our website, you can use social plug-ins from the following providers:

  • Meta Platforms Inc., 1601 S California Ave, Palo Alto, CA 94304, USA, Data privacy information;
  • Instagram Inc., 1601 Willow Road, Menlo Park, CA 94025, USA, Data policy;

We use social plug-ins to make it easier for you to share content from our website. The social plug-ins help us to increase the noticeability of our content in social networks and, in this respect, to improve our marketing.

The plug-ins are deactivated on our website as standard and thus do not send data to the social networks if you simply visit our website. To increase data privacy, we have embedded the plug-ins in such a way that no automatic connection is created with the network servers. Your browser only creates a direct connection to the servers of the respective social network when you activate the plug-ins and thus give your consent to the data transfer and further processing of data by the providers of the social networks.

The content of the plug-in is transmitted directly to your browser from the social network and integrated in the website. In this way, the respective provider receives the information that your browser has called the relevant page of our website, even if you do not have an account with this social network or are not currently logged in. This information (including your IP address) is transmitted by your browser directly to one of the provider’s servers (usually in the USA) and saved there. We have no influence on the scope of data collected by the provider with the plug-in, although, from a data privacy perspective, we can, to a certain extent, be considered jointly responsible with the providers.

If you are logged in to a social network, the plug-in can assign your visit to our website directly to your user account. When you interact with the plug-ins, the corresponding information is also transmitted directly to one of the provider’s services and saved there. Information (e.g., that you like a product or service of ours) is also published on the social network and, in certain circumstances, is displayed to other users of the social network. Where appropriate, the provider of the social network uses this information to switch advertising and for the needs-based design of the respective offer. Usage, interest, and relationship profiles can also created for this purpose, for example, to evaluate your use of our website with regard to the advertising shown on the social network, to inform other users about your activities on our website, and to provide other services associated with the use of the social network. For information on the purpose and scope of data collection, further processing, and use of the data by the provider of the social networks, and your relevant rights and configuration options for protecting your privacy, please see the data privacy notices for the respective provider.

If you do not want the provider of the social network to assign the data collected via our website to your user account, you must log out from the social network before the plug-in is activated. The legal basis for this data processing is your consent in the sense of Art. 6 (1) lit. a EU-GDPR. You can withdraw your consent at any time by informing the provider of the plug-in of your withdrawal in accordance with the data privacy notices.

 

10. Tools & plug-ins

Google Web Fonts

This site uses Web Fonts provided by Google for the standardised display of fonts. When visiting a site, your browser loads the required Web Fonts to your browser cache so that text and fonts can be displayed correctly. To do so, the browser you are using must have a connection to the Google servers. This informs Google that our website has been visited by your IP address. Google Web Fonts are used for the standardised and appropriate display of our online offerings. If your browser does not support Web Fonts, your computer will use a standard font.
For more information on Google Web Fonts, see https://developers.google.com/fonts/faq and the data protection statement from Google: https://policies.google.com/privacy.

 

Google Maps

Our website uses the Google Maps map service via an API. The provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. To use the functions of Google Maps, it is necessary to store your IP address. This information is usually transferred to a Google server in the USA and stored there. The provider of this page has no influence on this data transmission. Google Maps is used to provide an appropriate display of our online offerings and to make it easier to find the locations specified on our website. For more information on handling the user data, see the Google data privacy statement: https://policies.google.com/privacy/update.

 

Google reCAPTCHA

We use reCAPTCHA in our internet site to review and prevent automated interactions with our internet site, for example, from bots. This is a service provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043 USA, hereafter known as “Google”.

Google has certification according to the “EU-US Privacy Shield” https://www.privacyshield.gov/participant?id=a2zt0...  which guarantees that the EU data privacy regulations are also observed when data is processed in the USA. This service enables Google to identify which website a query is sent from and from which IP address you are using the reCAPTCHA input box. In addition to your IP address, additional information is collected by Google where possible. This is necessary for the offering and for safeguarding this service. The legal basis is Art. 6 (1) lit. f GDPR. Our legitimate interest comes from the security of our internet site and the defence of unwanted, automated visits in the form of spam or similar.

Google provides detailed information on general handling of user data at  https://policies.google.com/privacy.
 
11. Online advertising and targeting

We use the services of different companies to provide you with interesting online offerings. In doing so, your use of our websites and the websites of other providers is analysed so that online adverts can be displayed which are targeted to you individually.

Most technologies for tracking your user behaviour (“tracking”) and for the targeted display of advertising (“targeting”) work with cookies so that your browser can be recognised across different websites. Depending on the provider, it is also possible that you may also be identified online through the use of different end devices (e.g., laptop and smartphone). This may be the case if, for example, you have registered for a service that you use across several devices.

In addition to the above data, which is created when websites are visited (“log file data”) and when cookies are used, and which may be passed to the companies participating in advertising networks, the following data is also included in the selection of the advertising that is potentially most relevant for you:

  • personal information which you may have provided when registering for or using a service provided by advertising partners (e.g., gender, age group).
  • user behaviour (e.g., search queries, interactions with advertising, type of websites visited, products or services viewed or purchased, newsletter subscriptions).

We and our service providers use this data to identify whether you belong to the target group addressed by us, and take this into account in the selection of advertisements. For example, when you have visited our site, advertisements from the products or services you have already consulted may be displayed when you visit other sites (“re-targeting”). Depending on the scope of the data, a user profile may also be created. This is evaluated automatically, and the advertisement selected according to the information stored in the profile, for example, membership of particular demographic segments or potential interests or behaviours. Such advertisements may be presented on various channels, which, as well as our website and app (within the framework of on-site and in-app marketing), also include advertising communicated via online advertising networks used by us, for example, Google.

The data can then be evaluated for invoice settlement with the service provider and for assessment of the effectiveness of advertising measures in order to better understand the needs of our users and customers and to improve future campaigns. This may also include the information that the execution of an action (e.g., visiting specific sections of our website or sending information) is due to a particular advertisement. Furthermore, we also receive aggregated reports from our service providers on the advertising activities and information on how users interact with our website and our advertising.

The legal basis for this data processing is your consent in the sense of Art. 6 (1) lit. a EU-GDPR. You can withdraw your consent at any time by rejecting or disabling the relevant cookies in your browser settings (see section 15). The relevant service providers, for example, Google, also provide information on further options for blocking advertisements.


Payment processing online

If you make chargeable bookings or purchase products on our website, additional data must be provided depending on the product or service and the required payment type, for example, your credit card information or the log-in for your payment service provider. This information, and also the fact that you have purchased a service from us costing the specified amount at the specific time, are passed on to the relevant payment service provider (e.g., provider of payment solutions, credit card issuer and credit card acquirer). Please always see the information provided by the respective company, specifically their data privacy statement and General Terms and Conditions. The legal basis for this transmission comes from fulfilment of a contract as per Art. 6 (1) lit. b EU-GDPR.

 

Booking via booking platforms

If you make a booking via a third-party platform (i.e., via booking.com, Hotel, Escapio, Expedia, Holidaycheck, Hotel Tonight, HRS, Kayak, Mr. & Mrs. Smith, Splendia, Tablet Hotels, Tripadvisor, Trivago, Weekend4Two), we receive personal information relating to the booking made from the respective platform operator. This is usually the data listed in point 13 of this Data Privacy Statement. Queries about your booking are also passed to us. We use this data to record your booking requirements and to provide the booked services. The legal basis for data processing for this purpose comes from the execution of precontractual measures and fulfilment of a contract as per Art. 6 (1) lit. b EU-GDPR.
Finally, we may be informed by the platform operators about disputes relating to a booking. In this case, we may also, in some cases, receive data relating to the booking process, which may also include a copy of the booking confirmation as proof of the actual booking agreement. We process this data to safeguard and exercise our rights. This establishes our legitimate interest in the context of Art. 6 (1) lit. f GDPR.
Please also see the data privacy information on the respective booking platform.


B. Data processing relating to your stay

12. Data processing for fulfilment of statutory reporting obligations

When you arrive at our hotel, we require the following (“mandatory”) information from you and, if applicable, your companions

  • first and last name*
  • postal address and canton*
  • date of birth*
  • nationality*
  • official identification card and number*
  • date of arrival and departure*

We collect this information to comply with statutory reporting obligations based specifically on legislation governing the hospitality industry and the police. If required by the applicable regulations, we pass on this information to the responsible police authority. This data is processed in accordance with a statutory obligation in the sense of Art. 6 (1) lit. c EU-GDPR. Our legitimate interest comes from fulfilment of the statutory requirements in the sense of Art. 6 (1) lit. f GDPR.

 

13. Recording purchased services

If you purchase additional services during your stay (e.g., wellness, restaurant, activities), the service and time of service purchase are recorded by us for accounting purposes. Processing of this data is necessary in the sense of Art. 6 (1) lit. b EU-GDPR for fulfilment of the contract with us.

 

14. Video surveillance

To prevent abuses and unlawful behaviour (esp. theft and property damage), the reception area and public areas of our hotel are monitored by video cameras. The image data is only viewed if there is suspicion of unlawful behaviour. Otherwise, the image recordings are automatically deleted after 72 hours.

The video surveillance system is provided by a service provider who can have access to the data if this is necessary for provision of the system. If the suspicion of unlawful behaviour is confirmed, the data can be passed on to consulting companies (specifically our solicitor) or to authorities to the extent required for the assertion of claims or for filing a report.

The legal basis is our legitimate interest in the sense of Art. 6 (1) lit. f EU-GDPR for the protection of our property and safeguarding and exercising our rights.

 

15. Use of our WiFi network

At our hotel, you may use the WiFi network operated by Kabelfernsehen Bödeli AG, Weissenaustrasse 56, 3800 Unterseen free of charge. To prevent abuses and unlawful behaviour, prior registration is required. In doing so, you transmit the following data to Kabelfernsehen Bödeli AG:

  • MAC address of the end device (automatic)

In addition to the above data, data on the hotel visited and time, date, and end device is also recorded each time the WiFi network is used. The legal basis for this data processing is your consent in the sense of Art. 6 (1) lit. a EU-GDPR. The customer can withdraw his registration at any time by notifying us.

Kabelfernsehen Bödeli AG must comply with statutory obligations specified in federal law with regard to Surveillance of Post and Telecommunications (BÜPF) and the associated regulations. Provided the statutory requirements are met, the operator of the WiFi must monitor the use of the internet and data traffic on behalf of the responsible authorities. The WiFi operator may also be obliged to disclose the contact, usage, and peripheral data for the customer to the authorised authorities. The contact, usage and peripheral data is kept for individuals for 6 months and is then deleted.

The legal basis for this data processing is our legitimate interest in the sense of Art. 6 (1) lit. f. EU-GDPR for the provision of a WiFi network in compliance with applicable statutory regulations.

 

16. Payment processing

If you purchase products or services at our hotel or pay for your stay using electronic payment methods, processing of personal data is necessary. By using the payment terminal, you transmit information stored within your payment method, such as the name of the card holder and card number, to the payment service provider involved (e.g., provider of payment solutions, credit card issuers and credit card acquirers). These parties also receive the information that the payment method has been used in our hotel, the payment amount, and the time of the transaction. In return, we only receive the credit amount for the payment at the corresponding time, which we can assign to the relevant document number, or information that the transaction was not possible or has been terminated.

Please always see the information provided by the respective company, specifically their data privacy statement and General Terms and Conditions. The legal basis for this transmission comes from fulfilment of the contract with you as per Art. 6 (1) lit. b EU-GDPR.

 

17. Timeliness and amendment to this Data Privacy Statement

This Data Privacy Statement is currently valid as from September 2023. We have written to the best of our knowledge and belief. As a result of further development of our website and offerings and amendments to statutory or official regulations, it may be necessary to amend this Data Privacy Statement. The most recent Data Privacy Statement can be viewed and printed from our website at any time.

Date: September 2023

Data Protection Declaration

Date: May 2018

Hotel Du Nord AG, Höheweg 70 in 3800 Interlaken runs the Hotel Du Nord, Höheweg 70 in 3800 Interlaken. It operates the website www.hotel-dunord.ch and is therefore responsible for the collection, processing and use of your personal data and the compatibility of data processing with the applicable data protection law. The protection of your data is important to us. We therefore treat your personal data as confidential and pay attention to appropriate security. Of course, we comply with the legal provisions of the Federal Act on Data Protection (FADP), the Ordinance to the Federal Act on Data Protection (DPO), the Telecommunications Act (TCA) and other applicable data protection provisions of Swiss or EU law, in particular the EU General Data Protection Regulation (GDPR).

In order for you to know what personal data we collect on you and what purposes we use them for, please take note of the information below.

Commissioner for data protection

Address of our data protection representative in the EU:

VGS Datenschutzpartner
Am Kaiserkai 69
20457 Hamburg
Germany
Mail: info@datenschutzpartner.eu
https://datenschutzpartner.eu

A. Data Processing in Connection with our Website

1. Visiting our website

The use of the website of the Hotel Du Nord, Höheweg 70 in 3800 Interlaken, is basically possible without providing any personal data. If, as a user, you wish to make use of special services - in particular the possibility of online booking - via the website, the processing of personal data may become necessary. These data will not be passed on to any third party without your express consent and are used solely to process your enquiry.

We would like to point out that despite all measures taken, data transmission over the Internet (e.g. when communicating by e-mail) can have security gaps and, therefore, complete protection of data against access by third parties is not guaranteed in every case.

2. SSL encryption / HTTPS protocol

To secure the transmission of confidential data through the forms provided on this website and for security reasons, we use SSL as encryption technology. You can recognise an encrypted connection by the address line »https://« and the lock symbol displayed in the browser. Data encrypted via SSL cannot be read by third parties during transmission.
The hosting provider of this website automatically collects and stores information in what is known as »server log files«, that are transmitted automatically by your browser. The following data are logged in this way:

  • Website visited
  • Access time
  • Amount of data sent in bytes
  • Source/reference from which you accessed the page
  • Browser used
  • Operating system used
  • IP address used (pseudonymised: the creation of a personal reference is no longer possible)

These data cannot be assigned to specific persons. Such data are not combined with other data sources. The storage of the data is used solely for statistical evaluation, to guarantee the operation, as well as the safety of the offer.

If there is a justified suspicion of illegal use due to concrete indications, we reserve the right to subsequently check the log data.

3. Access data / server log files

The hosting provider of this website automatically collects and stores information in what is known as "server log files", which your browser automatically transmits. The following data are logged in this way:

  • the IP address of the requesting computer (pseudonymised, the creation of a personal reference is no longer possible),
  • the name of the owner of the IP address range (usually your Internet access provider),
  • the date and time of access,
  • the website from which access was gained (referrer URL), where applicable with the search term used,
  • the name and URL of the file retrieved,
  • the status code (e.g. error message),
  • the operating system of your computer,
  • the browser you are using (type, version and language),
  • the transmission protocol used (e.g. HTTP/1.1), and
  • where applicable, your username from a registration/authentication.

These data are collected and processed for the purpose of enabling the use of our website (establishment of the connection), to permanently guarantee system security and stability and to enable the optimisation of our Internet offer as well as for internal statistical purposes. This is our legitimate interest in data processing within the meaning of Art. 6 para. 1 lit. f GDPR.
Furthermore, the IP address is evaluated together with the other data in the event of attacks on the network infrastructure or other unauthorised or abusive use of the website for reconnaissance and defence purposes and, if required, used in the context of criminal proceedings for identification and civil and criminal proceedings against the users concerned. This is our legitimate interest in data processing within the meaning of Art. 6 para. 1 lit. f GDPR.

4. Use of our contact form

You have the possibility to use a contact form to get in touch with us. For this purpose, we imperatively need the following information:

  • name and surname
  • e-mail address
  • message

We will only use these details to answer your contact inquiry in the best possible and personalised manner. The processing of these data is therefore necessary for the implementation of steps to be taken prior to entering into a contract within the meaning of Art. 6 para. 1 lit. b GDPR or is in our legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR.

5. Booking on the website, by correspondence or by phone call

If you make bookings either via our website, by correspondence (e-mail or letter post) or by telephone call, we imperatively require the following data to process the contract:

  • form of address
  • name and surname
  • address, postcode and place
  • country
  • date of birth
  • phone number
  • language

If you communicate through e-mail, please also provide your e-mail address.

For direct bookings through our website, we use the Superbooking booking engine of GHIX Group AG, Stanserstrasse 7, 6362 Stans. For the processing of the contract, personal data are collected and forwarded to us by e-mail. These data include the following details:

  • form of address
  • name and surname
  • address
  • postcode and place
  • country
  • e-mail address
  • phone number
  • credit card details

We will only use these data and other information you provide voluntarily (e.g. expected time of arrival, motor vehicle registration plate, preferences, comments) to process the contract, unless otherwise stated in this data protection declaration or you have given your separate consent. In particular, we will process the data in order to record your booking as requested, to provide the services booked, to contact you in case of uncertainties or problems and to ensure correct payment.

The legal basis of data processing for this purpose is the performance of a contract pursuant to Art. 6 para. 1 lit. b GDPR.

6. Online job applications / publication of job advertisements

We offer you the opportunity to apply to us through our website. In digital applications, we collect and process your applicant and application data electronically in order to process your application.

If an employment contract is concluded after the application procedure, we will store the data you provided during the application in your personnel file for the purpose of the usual organisational and administrative process - obviously in compliance with further legal obligations.

The legal basis of data processing is the performance of measures to be taken prior to entering into a contract, and our legitimate interest pursuant to Art. 6 para. 1 lit. b and f GDPR. For further data processing, the legal basis is the consent you have given within the meaning of Art. 6 para. 1 lit. a GDPR.

If an application is rejected, we will automatically delete the data submitted to us two months after notification of rejection. However, the data will not be deleted if they are required by law to be stored for a longer period of up to four months or until legal proceedings have been concluded.

If you expressly consent to a longer storage of your data, e.g. for your inclusion in a database of applicants or interested parties, the data will be processed further on the basis of your consent. In that case, the legal basis is Art. 6 para. 1 lit. a) GDPR. Meanwhile, you can of course revoke your consent at any time pursuant to Art. 7 para. 3 GDPR by declaration to us with effect for the future.

7. Cookies

Cookies are helpful in many ways to make your visit to our website easier, more pleasant and more meaningful. Cookies are small text files that your web browser automatically stores on your computer's hard drive when you visit our website.

For example, we use cookies to temporarily save your selected services and entries when you complete a form on the website, so that you do not have to repeat the entry when you call up another subpage. Cookies may also be used to identify you as a registered user after registering on the website, without you having to log in again when calling another subpage.

Most Internet browsers automatically accept cookies. However, you can configure your browser so that no cookies are stored on your computer or a message appears whenever you receive a new cookie. On the following pages you will find explanations on how you can configure the processing of cookies with the most common browsers:

  • Microsoft Windows Internet Explorer
  • Microsoft Windows Internet Explorer Mobile
  • Mozilla Firefox
  • Google Chrome for Desktop
  • Google Chrome for Mobile
  • Apple Safari for Desktop
  • Apple Safari for Mobile

Disabling cookies may prevent you from being able to use all the features of our website.

8. Analysis tools

Matomo (formerly: »PIWIK«)
This website uses the analysis Matomo (formerly: »PIWIK«) software. This is open-source software that can be used to analyse the use of the website. This involves processing your IP address, the pages of the website you visit, the website from which you switched to this website (referrer URL), your length of stay and the frequency with which individual pages within this website are accessed on the hosting provider's server.

Matomo stores a cookie on your terminal device through your Internet browser to collect these data.

However, we use Matomo with the »Automatically Anonymize Visitor IPs« anonymisation function. This anonymisation function shortens your IP address by two bytes so that it is impossible to assign it to you or to the Internet connection you are using.

If you do not agree to this processing taking place, you have the option of preventing the storage of the cookie by changing a setting in your Internet browser. You will find more detailed information on this in the section on »Cookies above.
In addition, you have the option of terminating the analysis of your usage behaviour by an operation known as opting out. When you confirm the link

a cookie will be stored on your terminal device through your Internet browser, which will prevent further analysis. However, please note that you will have to click on the above link again if you have deleted the cookies stored on your terminal device.

Google Analytics
We use Google Analytics on our website. This is a web analytics service provided by Google Inc., Gordon House, Barrow Street, Dublin 4, Irland (hereinafter: Google).

Through certification according to the EU-US Privacy Shield

https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active

Google guarantees that it will follow the EU's data protection regulations when processing data in the United States.

The Google Analytics service is used to analyze how our website is used. The legal basis is Art. 6 Para. 1 lit. f) GDPR. Our legitimate interest lies in the analysis, optimization, and economic operation of our site.

Usage and user-related information, such as IP address, place, time, or frequency of your visits to our website will be transmitted to a Google server in the United States and stored there. However, we use Google Analytics with the so-called anonymization function, whereby Google truncates the IP address within the EU or the EEA before it is transmitted to the US.

The data collected in this way is in turn used by Google to provide us with an evaluation of visits to our website and what visitors do once there. This data can also be used to provide other services related to the use of our website and of the internet in general.

Google states that it will not connect your IP address to other data. In addition, Google provides further information with regard to its data protection practices at

https://www.google.com/intl/de/policies/privacy/partners

including options you can exercise to prevent such use of your data.

In addition, Google offers an opt-out add-on at

https://tools.google.com/dlpage/gaoptout?hl=en

in addition with further information. This add-on can be installed on the most popular browsers and offers you further control over the data that Google collects when you visit our website. The add-on informs Google Analytics' JavaScript (ga.js) that no information about the website visit should be transmitted to Google Analytics. However, this does not prevent information from being transmitted to us or to other web analytics services we may use as detailed herein.

9. Use of social media plugins

Social media plugins of Facebook

This website uses the Facebook Social Plugin, which is provided by Facebook Inc. (1 Hacker Way, Menlo Park, California 94025, USA). The includes can be recognised by the Facebook logo or the terms »Like«, »Share« in the Facebook colours (blue and white). Information about all Facebook plugins can be found through the following link: https://developers.facebook.com/docs/plugins/

Facebook Inc. complies with European data protection law and is certified according to the Privacy Shield Agreement: https://www.privacyshield.gov/participant?id=a2zt0...

The plugin will establish a direct connection between your browser and the Facebook servers. The website operator has no influence on the nature and scope of the data that the plugin transmits to the servers of Facebook Inc. More information can be found here: https://www.facebook.com/help/186325668085084

The plugin will inform Facebook Inc. that you have visited this website as a user. It is possible that your IP address is stored. If you are logged into your Facebook account during your visit to this site, this information will be assigned to your Facebook account.

If you use the functions of the plugin - for example by sharing or "likening" a post – the corresponding information will also be transmitted to Facebook Inc.

If you want to prevent Facebook Inc. from linking these data to your Facebook account, please log out of Facebook before visiting this website and delete the cookies stored. You can use your Facebook profile to make further data processing settings for advertising purposes or to object to the use of your data for advertising purposes. You can access the settings here:

To find out what data, for what purpose and to what extent Facebook collects, uses and processes data and what rights and setting options you have to protect your privacy, please read Facebook's data protection guidelines. You can find them here: https://www.facebook.com/about/privacy/

Social plugins from »Instagram«

Our website will use what is known as social plugins ("plugins") from Instagram, which is operated by Instagram LLC, 1601 Willow Road, Menlo Park, CA 94025, USA ("Instagram"). The plugins are marked with an Instagram logo, for example in the form of an "Instagram camera". An overview of the Instagram plugins and their appearance can be found here:
http://blog.instagram.com/post/36222022872/introdu...

When you access a page of our website that contains such a plugin, your browser will establish a direct connection to Instagram's servers. Instagram will transfer the content of the plugin directly to your browser and integrate it into the page. This integration will inform Instagram that your browser has called up the corresponding page of our website, even if you do not have an Instagram profile or are not currently logged in to Instagram. This information (including your IP address) will be transmitted by your browser directly to an Instagram server in the USA and will be stored there.

If you are logged in to Instagram, Instagram can immediately assign your visit to our website to your Instagram account. If you interact with the plugins, for example by pressing the "Instagram" button, this information will also be transmitted directly to an Instagram server and be stored there. The information will also be published on your Instagram account and be displayed in your contacts.

Please refer to Instagram's privacy policy for the purpose and scope of data collection and the further processing and use of the data by Instagram as well as your rights and setting options for the protection of your privacy:
https://help.instagram.com/155833707900388/

If you do not want Instagram to assign the data collected via our website directly to your Instagram account, you must log out of Instagram before visiting our website. You can also completely prevent the Instagram plugins from loading through add-ons for your browser, e.g. through the script blocker "NoScript" (http://noscript.net/).

10. Tools & plugins

Google web fonts
This site uses what is known as web fonts provided by Google to uniformly display fonts. When you call up a page, your browser will load the required web fonts into your browser cache to display texts and fonts correctly.

To do this, the browser you are using must connect to Google's servers. By doing so, Google will become aware that our website has been accessed via your IP address. Google web fonts are used to ensure a uniform and appealing presentation of our online offers. If your browser does not support web fonts, a default font will be used by your computer.
For more information about Google Web Fonts, please visit https://developers.google.com/fonts/faq and read Google's privacy statement: https://policies.google.com/privacy/update?hl=en.

Google Maps

Our website uses the Google Maps map service via an API. The provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
To use the functions of Google Maps it is necessary to save your IP address. This information will usually be transmitted to a Google server in the USA and be stored there. The provider of this site has no influence on this data transmission.

Google Maps is used to ensure an appealing representation of our online offers and to make it easy to locate the places we indicate on the website.
More information on the handling of user data can be found in Google's data protection declaration: https://policies.google.com/privacy/update?hl=en

Google reCAPTCHA

We use Google reCAPTCHA on our website to check and avoid interactions on our website by automated access, e.g. by what is known as bots. This is a service of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043 USA, hereinafter referred to as "Google".

Google's certification under the EU-US Privacy Shield https://www.privacyshield.gov/participant?id=a2zt0... guarantees that the EU's data protection requirements are also complied with when processing data in the USA.

Through this service Google can determine from which website a request is sent and from which IP address you use what is referred to as the reCAPTCHA input box. In addition to your IP address, Google may collect other information necessary for the offer and to guarantee this service.
The legal basis is Art. 6 para. 1 lit. f) GDPR. Our legitimate interest is the security of our Internet presence and the prevention of unwanted, automated access in the form of spam or similar.

Google offers further information on the general handling of your user data at https://policies.google.com/privacy/update?hl=en .

B. Data Processing in Connection with Your Stay

11. Data processing for the fulfilment of legal reporting obligations

On arrival at our hotel, we may need the following information about you and your escorts:

  • name and surname
  • postal address and canton
  • date of birth
  • place of birth
  • nationality
  • official identification card and number
  • day of arrival and departure
  • room number

We collect this information for the fulfilment of legal reporting obligations, which result in particular from the hospitality industry or police law. Where we are required to by applicable regulations, we will forward this information to the appropriate police authority.

We have a legitimate interest in the fulfilment of the legal requirements within the meaning of Art. 6 para. 1 lit. f GDPR.

12. Recording of services purchased

If you make use of additional services during your stay (e.g. the mini-bar or pay TV offer), we will record the item of the service and the time at which it is used for invoicing purposes. The processing of these data is required within the meaning of Art. 6 para. 1 lit. b GDPR for the processing of the contract with us.

C. Storage and Exchange of Data with Third Parties

13. Booking platforms

If you make bookings through a third-party platform (booking.com, triva-go.com, hrs.com etc.), we will receive various personal details from the respective platform provider. These are usually the data listed in the section provided for "Booking on the website, by correspondence or by phone call". In addition, we may receive enquiries regarding your booking. We will process these data in particular in order to record your booking as requested and to make available the services booked. The legal basis of data processing for this purpose is the performance of a contract according to Art. 6 para. 1 lit. b GDPR.

Finally, we may be informed by the platform providers of any disputes in connection with a booking. In this context, we may also receive information about the booking process, which may include a copy of the booking confirmation as proof of the actual confirmation of the booking. We process these data to protect and enforce our claims. This is our legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR.

Please also note the respective provider’s information on data protection.

14. Central storage and linking of data

We will store your personal data in a central electronic data processing system. In this context, your specific personal data will be systematically recorded and linked in order to process your bookings and provide the contractual services. For this purpose, we use software from FO-DATA GmbH, Geerenstrasse 3, 9507 Stettfurt, Switzerland. The processing of these data within the scope of the software is based on our legitimate interest in customer-friendly and efficient customer data management within the meaning of Art. 6 para. 1 lit. f GDPR.

15. Retention period

We will only store personal data for as long as it is necessary to use the tracking services mentioned above and further processing within the scope of our legitimate interest. We will keep contractual data for a longer period of time because this is required according to legal storage obligations. Storage obligations obliging us to store data result from regulations concerning the right to report, accounting and tax law. According to these regulations, business communication, contracts concluded and accounting documents must be kept for up to 10 years. If and as we no longer need these data to perform the services for you, the data will be blocked. This means that the data may then only be used for accounting and tax purposes.

16. Disclosure of data to third parties

We will only pass on your personal data if you have expressly consented to this, if there is a legal obligation to do so or if it is necessary for the enforcement of our rights, in particular for the enforcement of claims arising from the contractual relationship. Furthermore, we will pass on your data to third parties to such an extent as it is necessary in the context of the use of the website and the processing of the contract (also outside the website), in particular the processing of your bookings.

One service provider to whom the personal data collected through the website will be passed on and who has or can have access to them is our web hoster netfuchs gmbh, untere Bönigstrasse 10a, 3800 Interlaken, Switzerland. The website is hosted on servers in the Federal Republic of Germany. The data will be passed on for the purpose of providing and maintaining the functionalities of our website. This is our legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR.

Finally, we will forward your credit card information to your credit card issuer and the credit card acquirer when payment is made by credit card on the website. If you decide to pay by credit card, you will be asked to enter all necessary details. The legal basis for the transfer of the data is the performance of a contract in accordance with Art. 6 para. 1 lit. b GDPR. With respect to the processing of your credit card information by these third parties, please also read the general terms and conditions and the data protection declaration of your credit card issuer.

17. Transmission of personal data abroad

We are also entitled to transmit your personal data to third parties (commissioned service providers) abroad for the purpose of data processing as described in this data protection declaration. These third parties are obliged to the same extent as we are to comply with data protection regulations. If the level of data protection in a country does not correspond to that in Switzerland or Europe, we will contractually ensure that the protection of your personal data will correspond at all times to that in Switzerland or the EU.

D. Further Information

18. Right to request access to, rectification, erasure of personal data and restriction of processing; right to data portability, withdrawal and objection
You have the right to request information about the personal data that we store about you. In addition, you have the right to request rectification of inaccurate data and erasure of your personal data, unless there is a legal obligation to retain such data or a factual ground allowing us to process the data.
You also have the right to reclaim the data that you have provided to us (right of data portability). Upon request, we will also pass the data on to a third party of your choice. You have the right to receive the data in a common file format.

Once given, you can revoke your consent to the processing of your data at any time. As a result, we will no longer be allowed to, and will not continue to process the data in the future as we will have done before on the basis of this consent. Furthermore, you have the right to object to the processing of your personal data if there are reasons for this which arise from your particular situation or if the objection is directed against direct advertising.

You can contact us for the above-mentioned purposes by e-mail at info@hotel-dunord.ch. We may, at our discretion, require proof of identity to process your applications.

19. Data security

We use appropriate technical and organisational security measures to protect your personal data stored with us against manipulation, partial or complete loss and against unauthorised access by third parties. Our security measures are continuously improved in line with technological developments.
You should always treat your access data confidentially and close the browser window when you have finished communicating with us, in particular if you share your computer with others.
We also take internal data protection very seriously. We have committed our employees and the service companies we have commissioned to secrecy and compliance with data protection regulations.

20. Note on data transmission to the USA

For reasons of completeness, we would like to point out to users residing or domiciled in Switzerland that there are monitoring measures vested in US authorities in the USA, which generally allow the storage of all personal data of all persons whose data were transmitted from Switzerland to the USA. This is done without differentiation, restriction or exception on the basis of the objective pursued and without an objective criterion making it possible to limit access by the US authorities to the data and their subsequent use to very specific, strictly limited purposes justifying intervention related to both access to these data and their use. Furthermore, we would like to point out that there are no legal remedies available in the USA for data subjects from Switzerland allowing them to gain access to the data about them and obtain their rectification or erasure, i.e. that there is no effective legal protection against general access rights of US authorities. We explicitly point out this legal and factual situation to the person concerned (data subject) in order to enable them to make an appropriately informed decision to consent to the use of his or her data.

Users residing in a EU Member State are advised that the US does not have an adequate level of data protection from the point of view of the European Union, in part due to the issues mentioned in this section. Having explained in this Data Protection Declaration that recipients of data (such as Google) are based in the USA, we will nonetheless ensure that your data is protected by our partners at an appropriate level, either by contractual arrangements with these companies or by ensuring that these companies are certified under the EU / Swiss-US privacy shield.

21. Right to lodge a complaint with a supervisory authority

You have the right to lodge a complaint with a data protection supervisory authority at any time.

22. Up-to-dateness and amendment of this Data Protection Declaration

This Data Protection Declaration has been valid as of May 2018 and has been written to the best of our knowledge and belief.

Due to the further development of our website and offers processed on it, as well as due to possible amendments of legal or official requirements, it may become necessary to amend this Data Protection Declaration. You can call up and print the current version of the Data Protection Declaration on our website at any time.

Last updated: May 2018