In this data protection declaration we explain, the Hotel Felmis AG Horw, how we collect and otherwise process personal data. This is not an exhaustive description; If necessary, other data protection declarations regulate this [or general terms and conditions, Conditions of participation and similar documents] specific facts. Personal data includes all information, that refer to a specific or identifiable person.
If you give us personal data of other people (z.B. family members, Data from work colleagues) provide, please make sure, that these people are aware of this data protection declaration and only provide us with their personal data, if you are allowed to do so and if this personal data is correct.
This data protection declaration is based on the requirements of the EU General Data Protection Regulation (“GDPR”), the Swiss data protection law («DSG») and the revised Swiss Data Protection Act («revDSG») designed. Whether and to what extent these laws are applicable, however, depends on the individual case.
Responsible person / Data protection officer / Representative
Responsible for data processing, which we describe here, is the Hotel Felmis AG Horw. If you have data protection concerns, You can send this to us at the following contact address:
Hotel Felmis AG Horw
Kastanienbaumstrasse 91
6048 Horw
Switzerland
Our representative in the EEA according to Art. 27 GDPR (if necessary) .:
Ivo Schmidiger
Collection and processing of personal data
We primarily process personal data, that we receive from these and other people involved as part of our business relationship with our customers and other business partners or that we receive when operating our websites, Apps and other applications collect data from their users.
As far as this is permitted, We also take it from publicly available sources (z.B. Debt collection register, Land records, commercial register, Presse, Internet) certain data or receive such data from authorities and other third parties (such as. Credit reporting agencies). In addition to your data, which you give us directly, include the categories of personal data, that we receive about you from third parties, in particular information from public registers, Declarations, which we experience in connection with official and judicial proceedings, Information related to their professional functions and activities (so that we e.g. With your help, you can conclude and process transactions with your employer), Information about you in correspondence and meetings with third parties, Credit reports (as far as we conduct business with you personally), Information about you, the people from your environment (Family, Advisor, Legal representative, etc.) give, so that we can conclude or process contracts with you or with your involvement (z.B. credentials, Your address for deliveries, Powers of attorney, Information on compliance with legal requirements such as anti-money laundering and export restrictions, Information from banks, Insurance, Sales- and other contractual partners of ours for the use or provision of services by you (z.B. payments made, purchases made)), Information about you from the media and the Internet (as far as this is appropriate in the specific case, z.B. as part of an application, Presseschau, Marketing/Sales, etc.), Your addresses and if applicable. Interests and other sociodemographic data (for marketing), Data related to the use of the website (z.B. IP Address, MAC address of the smartphone or computer, Information about your device and settings, Cookies, Date and time of visit, Pages and content accessed, functions used, referring website, Location information).
Purposes of data processing and legal basis
We primarily use the personal data we collect, to conclude and process our contracts with our customers and business partners, in particular when booking a hotel or making a reservation in our restaurant with our customers and purchasing products and services from our suppliers and subcontractors, as well as our legal obligations in the In- and abroad. If you work for such a customer or business partner, Of course, you and your personal data may also be affected in this function.
We also process personal data about you and other people, as far as permitted and deemed appropriate to us, also for the following purposes, where we (and sometimes third parties) have a legitimate interest corresponding to the purpose:
- Offer and further development of our offers, Services and websites, Apps and other platforms, on which we are present;
- Communicate with third parties and process their inquiries (z.B. Applications, Media inquiries);
- Examination and optimization of procedures for needs analysis for the purpose of direct customer contact as well as collection of personal data from publicly available sources for the purpose of customer acquisition;
- Advertising and Marketing (including holding events), unless you have objected to the use of your data (if we send you advertising from us as an existing customer, you can object to this at any time, We will then put you on a blocking list against further advertising);
- Market- and opinion research, Media monitoring;
- Assertion of legal claims and defense in connection with legal disputes and governmental proceedings;
- Prevention and investigation of crimes and other misconduct (z.B. Conducting internal investigations, Data analysis to combat fraud);
- Warranties of our company, especially IT, our websites, Apps and other platforms;
- Video surveillance to protect house rules and other IT measures, Building- and investment security and protection of our employees and other people and assets belonging to or entrusted to us (such as. Access controls, Visitor lists, network- and mail scanners, Telephone records);
- Buying and selling business areas, Companies or parts of companies and other corporate transactions and the associated transfer of personal data as well as measures for business management and to comply with legal and regulatory obligations as well as internal regulations of Hotel Felmis AG Horw.
If you have given us your consent to process your personal data for specific purposes (for example, when you register to receive newsletters or carry out a background check) or by accepting all cookies, We process your personal data within the framework and based on this consent, unless we have another legal basis and we need one. Consent given can be revoked at any time, However, this has no effect on data processing that has already taken place.
Cookies / Tracking and other technologies
We typically set on our websites “Cookies” and comparable techniques, that can be used to identify your browser or device. A cookie is a small file, which is sent to your computer or. is automatically saved on your computer or mobile device by the web browser you use, when you visit our website. If you visit this website again, we can recognize you this way, even if we don't know, who they are. Besides cookies, which are only used during a session and deleted after your website visit (“Session Cookies”), Cookies can also be used, about user settings and other information over a certain period of time (z.B. two years) save (“permanente Cookies”).
However, you can set your browser this way, that it rejects cookies, only saved for one session or otherwise deleted prematurely. Most browsers are preset this way, that you accept cookies. We use permanent cookies to save user preferences (z.B. Language, Auto login), so that we understand better, how you use our offers and content and so that we can show you offers and advertising tailored to you (which can also happen on websites of other companies; However, they do not find out from us, who they are, if we even know that ourselves, because they only see, that the same user is on your website, who was also on a certain page with us).
Certain cookies are set by us, some also from other service providers, with whom we work.
If you block cookies, it can be, that certain functionalities (such as. Language choice, shopping cart, Order processes) no longer work.
In our newsletters and other marketing e-mails, we sometimes build visibility and, where permitted- and invisible image elements, by retrieving them from our servers we can determine, whether and when you opened the email, so that we can measure and understand better here too, how you can use our offers and tailor them to you. You can block this in your email program; most of them are preset like this, that you do this. If you no longer wish to receive newsletters from us, You can unsubscribe from us at any time.
By using our websites and agreeing to receive newsletters and other marketing emails, you agree to the use of these techniques. Don't you want this?, then you have to change your browser or. Set your email program accordingly.
By using our website and accepting cookies, you agree to the use of these technologies. You can revoke your consent at any time via the cookie settings.
Cookie-Banner
To manage the cookies and similar technologies used (Tracking-Pixel, Web-Beacons etc.) and related consents, we use the Consent Tool “Real Cookie Banner” a. Details on how it works “Real Cookie Banner” you can find it under https://devowl.io/de/rcb/datenverarbeitung.
The legal basis for the processing of personal data in this context is Art. 6 Abs. 1 lit. c GDPR and Art. 6 Abs. 1 lit. f DS-GVO. Our legitimate interest is the management of the cookies and similar technologies used and the related consents.
The provision of personal data is neither contractually required nor necessary for the conclusion of a contract. You are not obliged to provide the personal data. If you do not provide the personal data, we cannot manage your consent.
Google Analytics or other statistical services
We sometimes use Google Analytics or similar services on our websites. This is a third party service, which can be located in any country in the world (in the case of Google Analytics it is Google Ireland (based in Ireland), Google Ireland relies on Google LLC (based in the USA) as an order processor (both «Google»), www.google.com), with which we use the website (not personal) measure and evaluate. Permanent cookies are also used for this purpose, that the service provider sets. We configured the service like this, that the IP addresses of visitors are shortened by Google in Europe before being forwarded to the USA and therefore cannot be traced back. We have turned off the “Data sharing” and “Signals” settings. Although we can assume, that the information, which we share with Google, is not personal data for Google, Is it possible, that Google draws conclusions about the identity of visitors from this data for its own purposes, create personal profiles and link this data to the Google accounts of these people. As long as you have registered with the service provider yourself, the service provider also knows you. The processing of your personal data by the service provider is then the responsibility of the service provider in accordance with its data protection regulations. The service provider simply informs us, how our respective website is used (no information about you personally).
The privacy policy of the library operator Google can be found here: https://www.google.com/policies/privacy/
Google Maps
On this website we use Google Maps. Google Maps is owned by Google LLC, 1600 Amphitheatre Parkway, Mountain View, THAT 94043, USA (hereinafter “Google”) operated. This allows us to show you interactive maps directly on the website and enables you to use the map function conveniently.
Further information about data processing by Google can be found in the Google data protection information. There you can also change your personal data protection settings in the data protection center.
The privacy policy of the library operator Google can be found here: https://www.google.com/policies/privacy/
Google reCaptcha
This website is protected by Google reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
The privacy policy of the library operator Google can be found here: https://www.google.com/policies/privacy/
Use of script libraries (Google Webfonts)
To display our content correctly and in a graphically appealing manner across browsers, We use “Google Web Fonts” from Google LLC on this website (1600 Amphitheatre Parkway, Mountain View, THAT 94043, USA; hereinafter “Google”) for displaying fonts.
The privacy policy of the library operator Google can be found here: https://www.google.com/policies/privacy/
Lunchgate / Foratable
Lunchgate sets the cookie on certain pages. The data protection declarations of Lunchgate respectively. Foratable can be found via https://www.lunchgate.info/datenschutzerklaerung and https://go.foratable.com/datenschutzerklaerung-gaeste.
Reconline
In order to enable you to book via our site, we work with Reconline, a recognized hotel distribution solution. Lunchgate's privacy policy can be found at https://www.reconline.com/d/privacy_policy.html.
TrustYou
TrustYou is a plugin and sets cookies, which integrates guest comments and reviews directly on the homepage. Tripadvisor's privacy policy can be found at https://www.trustyou.com/de/wp-content/uploads/2023/02/Datenschutzerklaerung.pdf.
Social Media Plug-ins
We also use so-called. Plug-ins from social networks such as Facebook, Twitter, Youtube, Pinterest, Instagram and more. This is clear to you in each case (typically via corresponding symbols).
Activate them (by clicking), The operators of the respective social networks can register, that you are on our website and where and can use this information for their purposes. The processing of your personal data is then the responsibility of this operator in accordance with its data protection regulations. We do not receive any information about you from him.
Embedded content from other websites
Posts on this website may contain embedded content (from. B. Videos, Pictures, Posts etc.). Embedded content from other websites behaves exactly the same way, as if the visitor had visited the other website.
These websites may collect information about you, Use cookies, Embed additional third-party tracking services and record your interaction with that embedded content, including your interaction with the embedded content, if you have an account and are logged in to this website.
Embedded YouTube videos
We embed YouTube videos on some of our websites. You can deactivate this content using cookie settings.
Provider of the videos or. The corresponding plugin is YouTube, LLC, 901 Cherry Ave., San Bruno, THAT 94066, USA (hereinafter “YouTube”). When you visit a site with the YouTube plugin, A connection to YouTube servers is established. YouTube will be notified, which pages you visit. If you are logged in to your YouTube account, YouTube can assign your surfing behavior to you personally. You prevent this, by logging out of your YouTube account beforehand.
More information also about https://www.youtube.com/howyoutubeworks/user-settings/privacy/.
Data transfer and data transfer abroad
As part of our business activities and the purposes set out in section. 3, as far as permitted and deemed appropriate to us, also known to third parties, be it, because they process them for us, be it, because they want to use them for their own purposes. This particularly concerns the following positions:
- Service providers from us (within Hotel Felmis AG Horw and externally, such as. Banks, Insurance), including order processors (such as. IT-Provider);
- Dealer, suppliers, Subcontractors and other business partners;
- Customers;
- in- and foreign authorities, authorities or courts;
- media;
- Publicity, including website and social media visitors;
- Competitors, Industry organizations, Associations, Organizations and other committees;
- Acquirers or parties interested in acquiring business areas, Companies or other parts of Hotel Felmis AG Horw;
- other parties in potential or actual legal proceedings;
- Other companies of Hotel Felmis AG Horw;
all common recipients.
Some of these recipients are in Germany, but can be anywhere on earth. In particular, you must expect that your data will be transmitted to all countries, as well as to other countries in Europe and the USA, where the service providers we use are located (such as. [Microsoft], [SAP], [Amazon], [Sales-force.com]).
If a recipient is located in a country without adequate legal data protection, We contractually oblige the recipient to comply with the applicable data protection regulations (For this purpose we use the revised standard contractual clauses of the European Commission, this one: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj? are available), unless it is already subject to a legally recognized set of rules to ensure data protection and we cannot rely on an exception provision. An exception may apply, particularly in legal proceedings abroad, but also in cases of overriding public interests or if contract execution requires such disclosure, if you have consented or if it concerns data that you have made generally accessible, whose processing you have not objected to.
Links
On our website you will find links to third-party sites. We are not responsible for the content or privacy practices on external websites, which you can access via the links. Please find out more about data protection directly on the relevant websites.
Duration of retention of personal data
We process and store your personal data, as long as it is necessary for the fulfillment of our contractual and legal obligations or other purposes pursued by the processing, d.h. for example, for the duration of the entire business relationship (from the initiation, Processing until the termination of a contract) as well as in accordance with legal storage requirements- and documentation requirements. It is possible though, that personal data is retained for the time being, in which claims can be asserted against our company and insofar as we are otherwise legally obliged to do so or legitimate business interests require this (z.B. for proof- and documentation purposes). As soon as your personal data is no longer required for the purposes mentioned above, They will generally and as far as possible be deleted or anonymized. For operational data (z.B. Systemprotokolle, Logs), Generally, shorter retention periods of twelve months or less apply.
data security
We take appropriate technical and organizational security precautions to protect your personal data from unauthorized access and misuse, such as issuing instructions, IT- and network security solutions, Access controls and restrictions, etc.
Obligation to provide personal data
We process and store your personal data, as long as it is necessary for the fulfillment of our contractual and legal obligations or other purposes pursued by the processing, d.h. for example, for the duration of the entire business relationship (from the initiation, Processing until the termination of a contract) as well as in accordance with legal storage requirements- and documentation requirements. It is possible though, that personal data is retained for the time being, in which claims can be asserted against our company and insofar as we are otherwise legally obliged to do so or legitimate business interests require this (z.B. for proof- and documentation purposes). As soon as your personal data is no longer required for the purposes mentioned above, They will generally and as far as possible be deleted or anonymized. For operational data (z.B. Systemprotokolle, Logs), Generally, shorter retention periods of twelve months or less apply.
Rights of the data subject
You have within the scope of the data protection law applicable to you and as provided for therein (such as in the case of the GDPR) the right to information, Correction, deletion, the right to restrict data processing and otherwise object to our data processing, especially those for direct marketing purposes, profiling carried out for direct advertising and other legitimate interests in processing as well as the release of certain personal data for the purpose of transferring it to another location (so-called. Data portability).
But please note, that we reserve, on our part, to enforce the restrictions provided for by law, for example if we are obliged to store or process certain data, have a predominant interest in it (as far as we can rely on it) or need them to assert claims.
If you incur costs, we will inform you in advance. About the possibility, to revoke your consent, we have already stated in paragraph. 3 informed. Note, that the exercise of these rights may conflict with contractual agreements and this may have consequences such as:. the early termination of the contract or may have cost consequences. We will inform you in advance if this occurs, where this is not already contractually regulated.
The exercise of such rights usually requires, that you clearly prove your identity (z.B. through a copy of your ID, where your identity is otherwise not clear or. can be verified). To assert your rights, you can contact us at the address in section 1 contact the address provided.
Every data subject also has the right, to enforce their claims in court or to file a complaint with the responsible data protection authority. The responsible data protection authority in Switzerland is the Federal Data Protection Authority- and public relations officers (https://www.edoeb.admin.ch).
Changes
We may amend this privacy policy at any time without prior notice. The current one applies, version published on our website. To the extent that the data protection declaration is part of an agreement with you, In the event of an update, we will inform you of the change by email or other appropriate means.
Horw, 17.09.2023