Privacy Statement

in accordance with the EU General Data Protection Regulation (GDPR)

 

I. Name and Contact Details of the Controller

Hotel Bodmi GmbH
Terrassenweg 104
CH-3818 Grindelwald
Switzerland

 

II. General Information on Data Processing

1. What personal data do we process and why is your data used?
We will generally only collect and use your personal data (e.g. name, address) if this is necessary to deliver a functioning website, our content and our services.

2. What is the legal basis for the processing of your personal data?
Your personal data will be processed on the basis of points (a) to (f) of Art. 6 (1) GDPR.

3. How long will your personal data be stored and when will it be deleted?
Your personal data will be deleted or blocked as soon as it is no longer required for the purpose for which it was originally stored. Your personal data may be stored beyond this period if this is stipulated by EU law or national legislation by way of EU regulations, laws or any other provisions that are legally binding for the controller.

4. What rights do you have?
You can exercise the following rights against us with regard to your personal data:

–       Right of access
–       Right to rectification or erasure
–       Right to the restriction of processing
–       Right to data portability
–       Right to object to processing

You also have the right to lodge a complaint with a data protection supervisory authority regarding the processing of your personal data.

 

III. Provision of the Website and Creation of Log Files

1. What personal data do we process?
Whenever you access our website, our system will automatically collect data and information from your computer system.

The following data will be collected:

–       Information on your browser type
–       Your operating system
–       Your Internet service provider
–       Your IP address
–       The date and time of access
–       The web pages from which your system is redirected to our website
–       The web pages that are accessed by your system via our website

The data will also be saved in our system’s log files. This does not apply to your IP address or any other information that enables the data to be matched to a specific user. This data will not be stored together with any other personal data from you.

2. On which legal basis do we process your personal data?
What is the legal basis for the processing of your personal data? The legal basis for the temporary storage of your data is point (f) of Art. 6 (1) GDPR.

3. Why do we use your personal data?
Your IP address must be temporarily stored by the system to enable the website to be delivered to your computer. Your IP address must be stored for the duration of the session.

The data will be stored in log files to ensure the functionality of our website. We will also use the data to optimise our website and ensure the security of our IT systems. The data will not be evaluated for marketing purposes.

For these reasons, we have a legitimate interest in the processing of the data in accordance with point (f) of Art. 6 (1) GDPR.

4. How long will your personal data be stored and when will it be deleted?
Your data will be deleted as soon as it is no longer required to achieve the purpose for which it was collected. If your data is collected to deliver the website, for example, it will be deleted at the end of each session.

Any data stored in log files will be deleted after seven days at the latest. However, the data may be stored beyond this period. In such cases, your IP address will be deleted or distorted in such a way that it can no longer be matched to the accessing client.

5. Can I object to the processing of my personal data?
As the collection of data for the delivery of the website – and the storage of data in log files – is essential for the operation of the website, you cannot object to the processing of such data.

 

IV. Use of Cookies

Our website uses cookies. These are text files that are stored on your computer system via or by your Internet browser. When you access a website, a cookie may be saved on your operating system. This cookie will contain a string of characters to enable your browser to be uniquely identified when you revisit the website.

1. What personal data do we process?
We use cookies to create a more user-friendly website. Some features of our website will only work if the requesting browser can be identified after changing pages. Some of the cookies on our website also allow us to analyse the surfing patterns of our users. When visiting our website, you will be informed about the use of cookies for analytical purposes and you will be asked to consent to the processing of your personal data for such purposes. Reference will also be made to this privacy statement.

2. What is the legal basis for processing of your personal data?
The legal basis for the processing of personal data using technically necessary cookies is point (f) of Art. 6 (1) GDPR. If you consent to the processing of personal data using cookies for analytical purposes, the legal basis will be point (a) of Art. 6 (1) GDPR.

3. Why do we use your personal data?
We use technically necessary cookies to make our website easier to use. Some features of our website cannot be provided without cookies. These features will only function if your browser is recognised when changing from one page to another. The user data collected by technically necessary cookies will not be used to create user profiles. We use analytical cookies to improve the quality of our website and its contents. We use analytical cookies to find out how our website is being used and to constantly optimise our services.

4. How long will your personal data be stored and when will it be deleted?
Cookies will be saved on your computer and then transferred to our website. This gives you full control over the use of cookies. You can disable or restrict the transfer of cookies by changing your browser settings. You can delete saved cookies at any time. This may also be done automatically. If you disable cookies, however, you might not be able to fully use all the features of our website.

 

V. Contact Form and E-Mail Correspondence

1. What personal data do we process?
Our website features a contact form that can be used to contact us by electronic means. If you use this feature, the data you enter in the input mask will be sent to us and saved. This

–       Name
–       Address
–       Phone number
–       E-Mail address
–       Your message 

The following data will also be saved at the time your message is sent:

–       Your IP address
–       The date and time of submission

When you send a message, we will obtain your consent to data processing and make reference to this privacy statement.

Alternatively, you may contact us using the email address provided. In such cases, we will store any personal data provided in your email.

Your data will not be passed on to third parties. Your data will only be used to process our correspondence.

2. What is the legal basis for the processing of your personal data?
If you consent to the processing of your personal data, the legal basis will be point (a) of Art. 6 (1) GDPR.

The legal basis for the processing of any data provided via email is point (f) of Art. 6 (1) GDPR. If the aim of our email correspondence is to conclude a contract, the additional legal basis for processing will be point (b) of Art. 6 (1) GDPR.

3. Why do we use your personal data?
We will only ever process any personal data provided via the input mask to contact you. When contacting you via email, we also have the necessary legitimate interest in the processing of data.

The other personal data processed when you send a message will be used to prevent the misuse of our contact form and ensure the security of our IT systems.

4. How long will your personal data be stored and will it be deleted?
Your data will be deleted as soon as it is no longer required to achieve the purpose for which it was collected. Any personal data you provide via the contact form input mask will no longer be required when our conversation with you is over. Our conversation will be considered over when the circumstances suggest the matter has been conclusively clarified.

5. Can I object the processing of my personal data?
You may withdraw your consent to the processing of personal data at any time. If you contact us via email, you may object to the storage of your personal data at any time – without stating your reasons for doing so – in accordance with Art. 21 GDPR. If you do this, however, we will not be able to continue our correspondence.

In such cases, any personal data stored over the course of our communication will be deleted.

 

VI. Use of Social Media Plug-Ins

As we use the so-called “two-click solution”, your personal data will initially not be passed on to the plug-in providers when you visit our website. Each plug-in provider can be identified by the label on its button, its first letter or its logo. The buttons allow you to interact with each plug-in provider. A plug-in provider will only be informed that you have accessed the relevant page on our website if you activate the selected field by clicking on it.

1. Privacy Policy for the Use of Facebook

Our website features plug-ins from Facebook, a social network provided by Facebook Inc. (1 Hacker Way, Menlo Park, California 94025, USA). You can recognise the Facebook plug-ins on our website by the Facebook logo or the “Like” button. An overview on Facebook plug-ins can be found here: https://developers.facebook.com/docs/plugins/. If you visit our website, the plug-in will be used to establish a direct connection between your browser and the Facebook server. As a result, Facebook will be informed that you have visited our website with your IP address. If you click the “Like” button while you are logged in to your Facebook account, you will be able to link the content of our pages on your Facebook profile. This will allow Facebook to match the visit to your user account. If you do not want Facebook to match your website visit to your user account, please log out of your Facebook user account.

Facebook Page
This privacy statement applies to data processing performed by:

Hotel Bodmi GmbH
Terrassenweg 104
CH-3818 Grindelwald
Switzerland

https://www.facebook.com/Hotel-Bodmi

The controller provides information services there by using the technical platform and services of Facebook Ireland Ltd. (4 Grand Canal Square Grand Canal Harbour, Dublin 2, Ireland). You may use the functions (e.g. comment, share, rate) at your own risk.

What information is collected?
If you visit our Facebook page, Facebook will automatically collect various pieces of information. We do not know what information is ultimately collected by Facebook. This information will be collected regardless of whether you have a Facebook account or whether you are logged in to your Facebook account at the time of your visit. You can see what kind of information is collected by Facebook here: https://www.facebook.com/about/privacy/update?ref=old_policy: (“What kinds of information do we collect?”).

Matching your visit to our Facebook page to your Facebook account
Whenever you access a Facebook page, the IP address assigned to your device is transmitted to Facebook. According to information provided by Facebook, your IP addressed is anonymised (in the case of “German” IP addresses) and deleted after 90 days. Facebook also saves information about its users’ devices (e.g. as part of the “log-in notification” function); therefore, Facebook may also be able to match IP addresses to specific users. If you are currently logged in to Facebook as a user, a cookie will have been placed on your device containing your Facebook ID. This allows Facebook to see that you have accessed the page and how you have used it. This also applies to all other Facebook pages. Whenever Facebook buttons are embedded on websites, Facebook is able to record your visits to such pages and match them to your Facebook profile. This data can then be used to offer you targeted content or advertising. More information can be found here: https://www.facebook.com/policies/cookies/.
If you would like to prevent this, you should log out of Facebook or disable the “stay logged in” function, delete the cookies saved on your device, and then close and reopen your browser. This will delete any Facebook information that can be used to link your account directly to your visit to our page. You will then be able to visit our Facebook page without revealing your Facebook ID. If you access any interactive features on the page, (e.g. like, comment, share, news), a Facebook log-in screen will appear. If you choose to log in, Facebook will be able to recognise you again as a specific user.

Legal basis for data processing
Facebook indicates its legal basis for data processing here: https://www.facebook.com/about/privacy/update?ref=old_policy (“What is our legal basis for processing data?”).

How else is the information used?
Your data will be processed by Facebook for the purposes indicated here: https://www.facebook.com/about/privacy/update?ref=old_policy (“How do we use this information?”); it may be transferred to countries outside the European Union.

Facebook Insights
Some of the information collected by Facebook is used to provide us, as the operator of the Facebook page, with statistical data on the use of our Facebook page (“Facebook Insights”). Facebook provides more information here: http://de-de.facebook.com/help/pages/insights.
As we only ever receive this statistical information in an anonymous form, we assume the use of this data is not a form of data processing that falls within the scope of the GDPR. Nevertheless, the CJEU ruled on 5 June 2018 (C-210/16) that the operator of a Facebook page is jointly responsible for the collection of data via Facebook Insights. As we therefore cannot rule out our joint responsibility for the collection of data, we would like to fulfil our duty to provide information below to the technically feasible extent. We use Facebook Insights on the basis of point (f) of Art. 6 (1) GDPR. On the one hand, we use the service to ensure the needs-based design and continuous optimisation of our Facebook page. On the other hand, we use the service to statistically evaluate the use of our Facebook page for the purpose of optimising our services for you. Our interests may be regarded as “legitimate” within the scope of the legislation indicated above.

What rights do you have?
You have a right of access, the right to rectification, the right to data portability and the right to request the erasure of your data. You can view your specific rights here: https://www.facebook.com/about/privacy/update?ref=old_policy (“How can you exercise your rights provided under the GDPR?”). If you exercise your rights as a data subject with regard to the collection of data via Facebook Insights, we will forward your request to Facebook, because we ultimately do not have the technical means and powers to fully deal with such requests.

 

2. Privacy Policy for the Use of Instagram

The controller has integrated Instagram components on this website. Instagram is as an audio-visual platform that enables users to share photographs and videos and circulate such data via other social networks.

The services are operated by Instagram LLC (1 Hacker Way, Building 14 First Floor, Menlo Park, CA, USA).

Whenever you visit a page on this website that is operated by the controller and features an Instagram component (“Insta” button), the Instagram component will automatically prompt the web browser on your IT system to download a presentation of the corresponding Instagram component. This technical process enables Instagram to discover which specific sub-page you have visited on our website.

If you are logged in to Instagram at the same time, Instagram will recognise which specific subpages you access every time you visit our website for the duration of each visit. This information will be collected by the Instagram component, and Instagram will match it to your Instagram account. If you click on an Instagram button on our website, the transferred data and information will be matched to your personal Instagram user account and then saved and processed by Instagram.

If you are logged in to Instagram when accessing our website, Instagram will always find out via the Instagram component that you have visited our website; this will take place regardless of whether you actually click on the Instagram component. If you do not want this information to be transferred to Instagram, you can prevent such transfers by logging out of your Instagram account before accessing our website.

More information and Instagram’s privacy policy can be found at:
https://help.instagram.com/155833707900388 and https://www.instagram.com/about/legal/privacy/ 

3. Privacy Policy for the Use of Twitter

The controller has integrated Twitter components on this website. Twitter is a multilingual, publicly accessible microblogging service where users can post and share so-called “tweets” (short messages) that are limited to 280 characters. These short messages can be accessed by anyone, including those who are not registered with Twitter. However, the tweets posted by a specific user are also shown to their followers, which are other Twitter users who follow the tweets posted by a specific user. Twitter users can also reach out to a wide audience by using hashtags, links and retweets.

Twitter is operated by Twitter, Inc. (1355 Market Street, Suite 900, San Francisco, CA 94103, USA).

Whenever you visit a page on this website that is operated by the controller and features a Twitter component (Twitter button), the Twitter component will automatically prompt the web browser on your IT system to download a presentation of the corresponding Twitter component. More information on the Twitter button is available here: https://about.twitter.com/de/resources/buttons. This technical process enables Twitter to discover which specific sub-page you have visited on our website. The Twitter button is integrated on our website to enable users to share our website content, to raise the profile of our website in the digital world and to increase the number of visitors to our website.

If you are logged in to Twitter at the same time, Twitter will recognise which specific subpages you access every time you visit our website for the duration of each visit. This information will be collected by the Twitter component, and Twitter will match it to your Twitter account. If you click on a Twitter button on our website, the transferred data and information will be matched to your personal Twitter user account and then saved and processed by Twitter.

If you are logged in to Twitter when accessing our website, Twitter will always find out via the Twitter component that you have visited our website; this will take place regardless of whether you actually click on the Twitter component. If you do not want this information to be transferred to Twitter, you can prevent such transfers by logging out of your Twitter account before accessing our website.

Twitter’s privacy policy can be found here: https://twitter.com/privacy?lang=de

 

VII. Web Analysis Services

This website uses Google Analytics, a web analytics service provided by Google Inc. (“Google”). Google Analytics uses cookies; these are text files that are saved on your computer to enable us to analyse your use of the website. The information generated by cookies on your use of this website will generally be transferred to a Google server in the USA and stored there. If IP anonymisation has been activated on this website, however, Google will truncate your IP address before transferring data within Member Sates of the European Union or other Contracting States to the Agreement on the European Economic Area. Your full IP address will only be transferred to a Google server in the USA and then truncated there in exceptional circumstances. Google will use this information on behalf of the website operator to analyse your use of the website, to compile reports on website activities, and to provide the website operator with other services related to the use of this website and the Internet. The IP address transmitted by your browser via Google Analytics will not be merged with other Google data. You may prevent the storage of cookies by configuring your browser software accordingly; please note, however, that this might prevent you from fully using all the features of our website. You can also stop the data generated by the cookie on your use of this website (incl. your IP address) from being transferred to Google for processing by downloading and installing the following browser add-on: http://tools.google.com/dlpage/gaoptout?hl=de. You can prevent Google Analytics from collecting data by clicking on the following link. This will install an opt-out cookie to prevent your data from being collected when you visit our website in the future. Disable Google Analytics

Sources: Beck-online; German Institute for Information, Telecommunication and Media Law; eRecht 24;
Privacy Statement Generator provided by Deutsche Gesellschaft für Datenschutz GmbH, which operates as an external data protection officer in Cologne in cooperation with the Cologne-based lawyer for data protection law, Christian Solmecke

Call Now Button