CONTENTS OF THE WEBSITE
The content of this website is provided with the best of our knowledge and belief. No responsibility is taken for the completeness of the information, although every precaution has been taken to avoid errors, mistakes or the like. The Continental Park hotel is not liable for any damages resulting from the use of this information, the expectations set out in this information or any related information.
The layout of the website, the information, the graphics and images used and individual contributions are protected by copyright. Downloads or hard copies of pages and/or parts thereof as well as documents contained on this website may only be provided for information purposes. Trademarks (or registered trademarks) have been used only for explanations or designations.
Continental Lucerne AG, Murbacherstrasse 4, 6002 Lucerne, runs the Continental Park hotel and is the operator of the website www.continental.ch and thus responsible for the collection, processing and use of your personal data and the compatibility of data processing with the applicable data protection law.
Your trust is important to us, which is why we take the subject of data protection seriously and pay close attention to taking appropriate security measures. Of course, we comply with the legal provisions of the Federal Data Protection Act (DSG), the Ordinance to the Federal Data Protection Act (VDSG), the Telecommunications Act (FMG) and other applicable data protection provisions of Swiss or EU law, in particular the General Data Protection Regulation (GDPR).
In order for you to know what personal data we collect from you and for what purposes we use it, please take note of the information below.
DATA PROCESSING ASSOCIATED WITH OUR WEBSITE
When visiting our website, our servers temporarily store every access in a log file. The following technical data will be collected, as always with every connection to a web server, without your intervention and stored until automated deletion by us: the IP address of the requesting computer, the date and time of access, the website from which the access was made (referrer url) with the search term used, the name and the URL of the retrieved file, the operating system of your computer, the browser you are using (type, version and language), the transmission protocol used (eg HTTP / 1.1) and if applicable, your username from a registration / authentication.
This data is collected and processed for the purpose of enabling the use of our websites (connection establishment), to permanently guarantee system security and stability and to enable the optimisation of our Internet offer as well as for internal statistical purposes. This is our legitimate interest in data processing within the meaning of Art. 6 para. 1 lit. f GDPR.
The IP address is also evaluated together with the other data in the event of attacks on the network infrastructure or other unauthorized or abusive use of the website for explanatory and defensive purposes and may be used in the course of criminal proceedings to identify and prosecute the users concerned under civil and criminal law. This is our legitimate interest in data processing within the meaning of Art. 6 para. 1 lit. f GDPR.
USE OF OUR CONTACT FORM
You have the opportunity to get in touch with us via our contact form. For this we need the following information:
We use this data as well as a voluntarily given telephone number or address only to be able to answer your contact request in the best possible and personalized way. The processing of this data is therefore required within the meaning of Art. 6 para. 1 (b) GDPR for the implementation of pre-contractual measures or is in our legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR.
You can subscribe to our newsletter on our website. This requires registration. The following data must be provided as part of the registration:
The above data is required for data processing. We process this data exclusively in order to personalise the information and offers sent to you and to better tailor them to your interests.
By registering, you give us your consent to the processing of the data provided for the regular dispatch of the newsletter to the address you have provided and for the statistical evaluation of usage behaviour and optimisation of the newsletter. This consent constitutes represents Art. 6 para. 1 (a) of the GDPR, our legal basis for processing your email address. We are entitled to commission third parties with the technical handling of advertising measures and are entitled to pass on your data for this purpose (cf. § 13).
At the end of each newsletter, you will find a link to unsubscribe at any time. You can voluntarily inform us of the reason for your cancellation. After opting out, your personal data will be deleted. Further processing will only take place in anonymous form to optimise our newsletter.
BOOKING ON THE WEBSITE, BY CORRESPONDENCE OR BY TELEPHONE CALL
If you make bookings either through our website, by correspondence (email or letter post) or by phone call, we need the following data to process the contract:
The legal basis of data processing for this purpose is the performance of a contract pursuant to Art. 6 para. 1 lit. b GDPR.
Cookies help to make your visit to our website easier, more pleasant and more meaningful. Cookies are information files which your web browser automatically stores on your computer’s hard drive when you visit our website.
Most internet browsers automatically accept cookies. However, you can configure your browser so that no cookies are stored on your computer, or so that you are always notified before a new cookie is created. On the following pages, you will find explanations on how to configure the processing of cookies in the most popular browsers:
We use the web analysis service of Google Analytics for the purpose of demand-oriented design and continuous optimisation of our website. In this context, pseudonymous user profiles are created and small text files stored on your computer ("cookies") are used. The information generated by the cookie about your use of this website is transmitted to the servers of the providers of these services, stored there and processed for us. In addition to the details set forth under § 1, we may receive the following information:
The information is used to evaluate the use of the website, to compile reports regarding website activity and to provide other services related to website activity and Internet usage for the purposes of market research and needs-based design of these websites. This information may also be transferred to third parties if required by law or as far as third parties process this data in the order.
b. Google Analytics
Provider of Google Analytics is Google Inc., a company of the holding company Alphabet Inc, based in the US. Before the data is transmitted to the provider, the IP address will be truncated by activating IP anonymization ("anonymizeIP") on this website within the member states of the European Union or in other contracting states of the Agreement on the European Economic Area. The IP address transmitted by your browser as part of Google Analytics is not merged with any other data held by Google. Only in exceptional cases will the entire IP address be transmitted to a Google server in the USA and truncated there. In such cases, we provide contractual warranties to ensure that Google Inc. maintains a reasonable level of data protection. According to Google Inc., the IP address will in no case be associated with other data concerning the user.
For more information about the web analytics service, please visit the Google Analytics website. For instructions on how to prevent your data from being processed by the Web Analytics Service, see http://tools.google.com/dlpage/gaoptout?hl=en.
c. Social Media Plug-ins Facebook
Our website uses Facebook.com plug-ins from Facebook Inc., 1601 S. California Avenue, Palo Alto, CA 94304, USA. Please note that the plug-in creates a connection to Facebook, thereby creating a transmission to your browser so that the plug-in appears on the website. Furthermore, data will be sent to the Facebook servers, which contain information about your website visits on our homepage. For registered Facebook users, this means that the usage data will be assigned to their personal Facebook account. As soon as you are logged in to Facebook and actively use the Facebook plug-in (e.g. by clicking on the "Like" button or using the comment function), this data will be transferred to your Facebook account and published. You can only avoid this by logging out of your Facebook account. Further information regarding the use of data by Facebook can be found in the data protection regulations on Facebook.
d. Plug-Ins TripAdvisor
e. Plug-ins TrustYou
Lunchgate is an online table reservation system provider. Lunchgate AG, Badenerstrasse 255, 8003 Zürich adds an entry in the website cookie to be able to provide the service. Further details can be found in the data protection line of Lunchgate.
g. Simple Booking
DATA PROCESSING IN CONNECTION WITH YOUR STAY
a. Data processing to meet legal reporting requirements
Upon arrival at our hotel, we may require the following information from you and your escorts:
We collect this information in order to fulfill legal reporting obligations, in particular resulting from hospitality or police law. We will forward this information to the appropriate police authority, if we are required to do so by applicable regulations.
We have a legitimate interest in the fulfillment of the legal requirements within the meaning of Art. 6 para. 1 lit. f DSGVO.
b. Acquisition of related services
If you receive additional services during your stay (eg make use of the mini-bar offer), the object of service as well as the time of receipt of the service will be recorded by us for billing purposes. The processing of this data is required within the meaning of Art. 6 para. 1 (b) GDPR for processing the contract with us.
Finally, we may be informed by the platform operators of any disputes in connection with a booking. We may also receive information about the booking process, which may include a copy of the booking confirmation as proof of the actual completion of the booking. We process this data to protect and enforce our claims. This is our legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR.
Please also note the information on data protection of the respective provider.
CENTRAL STORAGE AND CONNECTION OF DATA
We store the data specified in paragraphs 2-5 and 8-10 in a central electronic data processing system. The data concerning you is systematically recorded and linked in order to process your bookings and the contractual services. We use a software for this [company name, address, country]. The processing of this data within the framework of the software is based on our legitimate interest within the meaning of Art. 6 Para. 1 (f) GDPR in customer friendly and efficient customer data management.
We only store personal data for as long as it is necessary for using the tracking services mentioned above and the further processing within the scope of our legitimate interest. We keep contractual data for a longer period of time, as this is prescribed by legal storage obligations. Storage obligations, which oblige us to store data, result from regulations concerning the right to report, accounting and tax law. According to these regulations, business communications, contracts concluded and accounting records must be kept for up to 10 years. If we no longer need this data to perform the services for you, the data will be blocked. This means that the data may then only be used for accounting and tax purposes.
TRANSMISSION OF DATA TO THIRD PARTIES
We only pass on your personal data if you have expressly consented, if there is a legal obligation or if this is necessary for the enforcement of our rights, in particular for the enforcement of claims arising from the contractual relationship. Furthermore, we pass on your data to third parties as far as this is necessary in the context of the use of the website and the contract processing (also outside the website), namely the processing of your bookings.
A service provider to whom the personal data collected via the website is passed on or who has or can have access to it is our web host Swisscom Schweiz AG. The data is passed on for the purpose of providing and maintaining the functionalities of our website. This is our legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR.
Finally, we will forward your credit card information to your credit card issuer and acquirer when payment is made by credit card on the website. If you decide to pay by credit card, you will be asked to enter all necessary information. The legal basis for the transfer of the data lies in the fulfillment of a contract in accordance with Art. 6 Para. 1 lit. b GDPR. Concerning the processing of your credit card information by these third parties, we ask you to also read the General Terms and Conditions and the data protection declaration of your credit card issuer.
Furthermore, with regard to the passing on of data to third parties, please also observe the notices in §§ 7-8 and 10-11.
COMMUNICATION OF PERSONAL INFORMATION OVERSEAS
We are entitled to transfer your personal data to third parties (commissioned service providers) abroad for the purpose of the data processing described in this data protection declaration. These are obliged to the same extent as we ourselves are to data protection. If the level of data protection in a country does not correspond to that in Switzerland or Europe, we contractually ensure that the protection of your personal data corresponds at all times to that in Switzerland or the EU.
We use appropriate technical and organisational security measures to protect your stored personal data against manipulation, partial or complete loss, as well as against unauthorised access. Our security measures are constantly being improved in accordance with technological developments.
You should keep your access data confidential and close the browser window when you have finished your session, especially if your computer is also used by other people.
We also take internal company privacy very seriously. Our employees and the service providers appointed by us are sworn to secrecy and to comply with data protection regulations.
INFORMATION ON DATA COMMUNICATION IN THE USA
For the sake of completeness, we would like to point out that in the USA, the surveillance measures of US authorities allow the general storage of all personal data of all persons whose data has been transmitted from the EU or Switzerland to the USA. This is done without differentiation, restriction or exception with respect to the aim pursued and without an objective criterion that would make it possible to restrict the US authorities' access to data and its subsequent use to very specific, strictly limited purposes which justify the interference associated with both access to, and use, of such data. Furthermore, we would like to point out that, in the USA, there are no legal remedies available to data subjects that would allow them to gain access to the data concerning them and to obtain its correction or deletion, and that there is no effective legal protection against general access rights by US authorities. We explicitly point out this legal and factual situation to the data subject in order for them to make an appropriately informed decision to consent to the use of their data.
You have the right, upon request and free of charge, to receive information about the personal data that we store about you. In addition, you have the right to correct incorrect data and to have your personal data deleted, insofar as this does not conflict with any legal obligation to retain data or an event of authorisation which allows us to process the data.
You also have the right to reclaim from us the data that you have provided to us (right of data portability). Upon request, we will also pass the data on to a third party of your choice. You have the right to receive the data in a common file format.
You can reach us for the aforementioned purposes via the email address firstname.lastname@example.org. We may, at our sole discretion, require proof of identity to process your requests.
Date: 18 May 2018
Continental Park Hotel
Telephone +41 (0) 41 228 90 50
Fax +41 (0) 41 228 90 59