Privacy Policy
for the companies:
Hotel Alpenhof Zermatt AG, Matterstrasse 43, 3920 Zermatt
and
Tradition Julen Zermatt AG
PREFACE
The above companies are sister companies with shareholders limited to family members and/or direct relations. The companies mutually undertake to provide services which are or may be related to the accommodation or board contract or other contract of sale with the guest for the service offered. Both companies take the protection of the personal data of their customers very seriously and thus commit equally to compliance with the requirements of the Swiss Federal Data Protection Act (DSG) and the European General Data Protection Regulation (GDPR). Both companies regard each other equally as data controllers, and a request for information, blocking, deletion and the like is automatically carried out by both bodies equally, even if only one body is contacted in this regard.
IMPRINT
Read the imprint here.
GENERAL INFORMATION
The following explains what personal data companies collect at what point, how, where and how it is stored and processed, and what rights and opportunities are associated with this.
What is personal data?
Personal data is all data with which a guest could be personally identified.
How is such data collected?
On the one hand, it is possible for such data to be personally communicated by guests in the context of a hotel or table reservation, either by telephone, fax, e-mail, letter or personally on site. The data may also be transmitted by a third party (a mediator) to the contractor. Also, data will be transmitted when ordering vouchers and purchasing promotional items or other goods & services. We restrict ourselves exclusively to the data, which is necessary for the fulfilment of the contract or the pre-contractual measures.
On the other hand, the data can be sent to us automatically via our website, WiFi access or our social media channels. This is mostly technical data that is captured by the IT systems (e.g.: operating system, time and origin of the page request or internet browser, etc.)
What is the data collected and processed for?
First and foremost data is collected for fulfilling contracts, for example in connection with the guest reception contract or a reservation. If the contract is concluded, legal obligations can arise from this, such as a legal obligation to report.It is also quite possible that a legitimate interest exists on our part, which requires that personal data is known and/or processed, for example to improve our immediate service (e.g.: preferred mattress hardness) Finally, the data processing concerns improving our communication by analysing user behaviour and ensuring that the site is properly delivered. In general, however, we always get explicit consent.
What rights do customers retain regarding their data?
Our customers have, at any time and free of charge, the right to information about the origin, recipient and purpose of the data stored by the companies. In addition, customers have, at any time, free of charge, the right to delete or block the data as well as to transfer the data on the basis of the customer’s consent to a third party in a machine-readable format. All of this happens via simple contact by means of an informal message, for example, by e-mail to one of the above-mentioned data controllers. Of course, any consent provided by the customer can be revoked free of charge at any time without providing reasons. An informal e-mail to the address mentioned in the imprint is sufficient for this as well.
Objection to advertising e-mails
The use of the information from the above mentioned imprint for the transmission of unsolicited advertising and informational materials is hereby clearly objected to, and the companies expressly reserve the right to take legal action in the event of violation of this point.
OFFLINE
Within our company
In order to fulfill our service, we sometimes have to collect and process personal data. Within our enterprises this can happen in the following contexts:
1. Room reservation
For contractual fulfillment
From the reserving party: First name, last name, date of birth, country of origin, title & language, e-mail address, telephone number (mobile), credit card details, length of stay, reservation channel, date of reservation, correspondence, arrival means, arrival time, pets
From fellow travellers: First name, last name, date of birth
Due to legal obligation
From the reserving party: First name, last name, date of birth, country of origin, title & language, e-mail address, telephone number
From fellow travellers: First name, last name, date of birth
With the consent of the customer
Contact information of fellow travellers, social media contacts, intolerances & allergies, bank information, food and drink preferences, bedding preferences, special wishes regarding the organisation of the stay and services on site, private anniversaries (wedding anniversary, family celebrations, etc.)
With the express consent of the customer
Newsletter and direct offers (advertising e-mails/advertising mail)
Systems used
Protel hotel software – on a central server at the company site as a PMS system and debtor accounting
Dailypoint – a cloud based marketing database, newsletters and communication software Toedt, Dr. Selk & Coll. GmbH
Straiv Code2Order - a cloud-based database for registration forms and guest requests
In the context of the contractual fulfilment of our service, we generally use the following standard communication in which personal data is processed: Offer | Confirmation | Pre-Stay Mail 1 (for information on how to get there and how to plan additional experiences locally) | Pre-Stay Mail 2 (for information on weather and pick-up service and table reservations)
2. Table reservations
For contractual fulfillment
Name, number of persons, time, phone number/e-mail
With the consent of the customer
Birthday, additional contact information, credit card details, intolerances & allergies, food & beverage preferences
With the express consent of the customer
Newsletter and direct offers (advertising e-mails/advertising mail)
Systems used
Gastronovi – a cloud based register and table reservation system Gastronovi GmbH, Buschhöhe 6, 28357 Bremen
Protel hotel software – on a central server at the company site as a PMS system and debtor accounting
Dailypoint – a cloud based marketing database, newsletters and communication software Toedt, Dr. Selk & Coll. GmbH
ONLINE
On our website and our social media accounts
1. Gathering of information
We collect information when you register on our website, log in to your account, make a booking, enter a contest and/or de-register. The information collected includes your name, e-mail address, telephone number, and/or credit card. In addition, we automatically receive and store information from your computer and browser, including your IP address, software and hardware, and the page you requested.
2. Use of information
All information we collect from you can be used for:
- Personalisation of your experience and fulfilment of your individual needs
- Provision of personalised advertising content
- Improvement of our website
- Improvement our customer service and support needs
- Contact by e-mail
- Management of a competition, promotion or survey
3. Data protection in online retail
We are the sole owners of the information collected on this website. Your personal data will not be sold, exchanged, transferred or transmitted to another company without your consent, unless it is necessary to fulfill a request and/or transaction, e.g. to place an order or to order an accommodation card with customer benefits.
4. Transfer to third parties
We do not sell, trade or transfer your personal data to third parties. This does not apply to reliable third parties who assist us in managing our website or conducting our business, provided that they commit to keeping the data confidential.
We believe that it is necessary to exchange information in order to investigate, prevent or take action regarding illegal activities, suspected fraud, situations in which the physical safety of a person could be at risk, violations of our terms of use or if required by law, in accordance with the legal obligations of the municipal, cantonal or national authorities. However, non-private information may be provided to other parties for marketing, advertising or other purposes.
5. Protection of information
We implement a variety of security measures to protect your personal information. We use the latest encryption technology to protect confidential information transmitted online. We protect your data offline as well. Only employees who need to perform certain tasks, such as billing or customer service, have access to personal information. The computers and servers used to store personal information are stored in a secure environment.
Do we use cookies?
Yes. Our cookies improve access to our website and identify regular visitors. In addition, our cookies enhance the user experience by tracking and targeting their interests. However, this use of cookies in no way involves personally identifiable information on our website.
6. Unsubscribe
We use the e-mail address you provided to send you information and updates regarding your order, occasional company news, related product information, and more. If you want to unsubscribe and no longer want to receive e-mails, you will find an unsubscribe link at the end of each e-mail.
7. Consent
By using our website you consent to our privacy policy.
8. Responsibility
Responsibility lies with the roles and persons indicated in the imprint.
9. Online data sources
List of various ONLINE data sources and systems we use:
Websites
Ennit Interactive AG - Projensdorfer Str. 324 - 24106 Kiel
P +49 (0)431 – 7097-10 - F +49 (0)431 – 7097-555 – info@ennit.de – www.ennit.de
CMS used
SilverStripe – 1 St Katharine's Way - London E1W 1UN, United Kingdom
P +44 20 3637 5420 – solutions@silverstripe.com – www.silverstripe.com
Hotel’s own booking platform/systems
Simple Booking– Via Lucca,52 - 50142 – Firenze - Italy
P +39(0)55 705718 – info@simplebooking.travel
CRS reservation system
Tourisoft Sàrl – Route de champ – Colin 18 – CH-1260 Nyon
P+41 22 360 0370 – info@hotel-spider.com
CONTACT FORM
If you send us inquiries via the contact form, your details from the inquiry form, including the contact details you provided there, will be stored in order to process the inquiry and in case of follow-up questions. We will not share this data without your consent. The processing of the data entered into the contact form is therefore exclusively based on your consent (Art. 6 (1) (a) GDPR). You can revoke this consent at any time. An informal message by e-mail to us is sufficient for this purpose. The legality of the data processing operations carried out until the revocation remains unaffected by the revocation. The data entered by you in the contact form remains with us until you ask us us to delete it, you revoke your consent to the storage, or the purpose for the data storage no longer applies (e.g. after completion of processing your inquiry). Mandatory statutory provisions – especially retention periods – remain unaffected.
DATA PROCESSING
ZERMATT TOURISM AND BONFIRE AG
Your booking data is also processed as follows:
- Your booking data (e.g. title, first name, last name, nationality, language, e-mail address, mobile telephone number, postal address, number of persons, arrival date, departure date, number of nights of stay and any visitor’s tax exemption) are forwarded to Bonfire AG and Zermatt Tourism (either by us or via our electronic booking system).
- Your booking data is recorded in a central database by Bonfire AG and/or Zermatt Tourism. If accommodation providers take part in Zermatt Tourism e-mail marketing, the guest data is likewise stored with the third-party provider «Salesforce» and used as part of the business relationship between the accommodation provider and the guest.
- Your booking data is processed exclusively in Switzerland and the EU.
- Based on this, Zermatt Tourism settles the visitor's tax owed and collects the corresponding amount from the service partners.
- Zermatt Tourism also reports information to the Federal Statistical Office.
- Bonfire AG and Zermatt Tourism grant the police access to the database with booking data so that the police can access relevant booking data for missing persons, for example.
- Zermatt Tourism uses the booking data to collect statistics (in particular regarding occupancy, length of stay, number of arrivals, etc.).
The legal basis for this data processing is the fulfilment of a legal obligation within the meaning of Art. 6 para. 1 (c) GDPR (billing and collection of visitor's tax/reporting to the Federal Statistical Office) and in the sense of Art. 6 para. 1 (f) GDPR (granting access to the police/collection of statistics).
Your booking data is only used for direct marketing purposes (e.g. newsletter distribution) if you have given us your consent for this.
More information on the processing of your data by Zermatt Tourism or Bonfire AG can be found in the Zermatt Tourism privacy policy: https://www.zermatt.ch/en/Media/Zermatt-Tourism-privacy-policy.
GOOGLE ANALYTICS
This website uses functions of the web analytics service Google Analytics. The provider is Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA.
Google Analytics uses so-called “cookies”. These are text files that are stored on your computer and that allow an analysis of the use of the website by you. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there. Google Analytics cookies are stored on the basis of Art. 6 (1) (f) GDPR. The website operator has a legitimate interest in analysing user behaviour in order to optimise both its website and its advertising.
BROWSER PLUGIN
You can prevent the storage of cookies by a corresponding setting of your browser software; However, we would like to point out that in this case you may not be able to use all the functions of our web pages in full. In addition, you may prevent the collection by Google of the data generated by the cookie and related to your use of the website (including your IP address) as well as the processing of this data by Google by downloading and installing the browser plugin available under the following link: https://tools.google.com/dlpage/gaoptout?hl=en.
OBJECTION TO DATA COLLECTION
You can prevent the collection of your data by Google Analytics by clicking on the following link. An opt-out cookie will be set to prevent your data from being collected on future visits to this site: Disable Google Analytics. For more information on the handling of user data on Google Analytics, please refer to the Google privacy policy: https://support.google.com/analytics/answer/6004245?hl=en.
GOOGLE ANALYTICS REMARKETING
Our websites leverages the features of Google Analytics Remarketing combined with the cross-device capabilities of Google AdWords and DoubleClick. The provider is Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA. This feature allows the Google Analytics Remarketing ad groups to be linked to the cross-device features of Google AdWords and Google DoubleClick. In this way, interest-based, personalised advertising messages that are adapted to you depending on your previous usage and surfing behaviour on one device (e.g. mobile phone) can also be displayed on another of your devices (e.g. tablet or PC). Once you have given your consent, Google will associate your web and app browsing history with your Google account for this purpose. That way, the same personalised advertising messages can appear on any device you sign in to with your Google account. To support this feature, Google Analytics collects Google-authenticated IDs of users who are temporarily linked to our Google Analytics data to define and create target groups for cross-device ad promotion. You can permanently opt out of cross-device remarketing/targeting by turning off personalised advertising in your Google account; to do this, follow this link: https://www.google.com/settings/ads/onweb.
The aggregation of the collected data in your Google account is based solely on your consent, which you can submit or revoke on Google (Article 6 (1) (a) GDPR). For data collection operations that are not merged into your Google account (e.g., because you do not have a Google Account or have objected to the merge), the collection of data is based on Art. 6 (1) (f) GDPR. The legitimate interest arises from the fact that the website operator has an interest in the anonymous analysis of the website visitors for advertising purposes. For more information, see the Google privacy policy at: https://www.google.com/policies/technologies/ads.
GOOGLE ADWORDS AND GOOGLE CONVERSION-TRACKING
This website uses Google AdWords. AdWords is an online advertising program of Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, United States (“Google”). As part of Google AdWords, we use so-called conversion tracking. When you click on an ad served by Google, a conversion tracking cookie is set. Cookies are small text files that the internet browser stores on the user's computer. These cookies lose their validity after 30 days and are not used for the personal identification of the users. If the user visits certain pages of this website and the cookie has not expired yet, Google and we can recognise that the user clicked on the ad and was redirected to this page. Each Google AdWords customer receives a different cookie. The cookies cannot be tracked through the websites of AdWords customers. The information gathered using the conversion cookie is used to generate conversion statistics for AdWords customers who have opted for conversion tracking. Customers are told the total number of users who clicked on their ad and were redirected to a conversion tracking tag page. However, they do not receive information that personally identifies users. If you do not wish to participate in tracking, you can opt-out of this usage by disabling the Google conversion tracking cookie through your internet browser under user preferences. You will not be included in the conversion tracking statistics. The storage of “conversion cookies” is based on Art. 6 (1) (f) GDPR. The website operator has a legitimate interest in analysing user behaviour in order to optimise both its website and its advertising. For more information about Google AdWords and Google conversion tracking, see the Google privacy policy: https://www.google.de/policies/privacy. You can set your browser so that you are informed about the setting of cookies and allow cookies only in individual cases or only for certain cases or generally exclude cookies and enable the automatic deletion of cookies when closing the browser. Disabling cookies may limit the functionality of this website.
FACEBOOK PIXEL
Our website uses Facebook’s visitor action Pixel for conversion measurement: Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA (“Facebook”).
This allows the behaviour of the site visitors to be tracked after they have been redirected to the provider’s website by clicking on a Facebook ad. As a result, the effectiveness of Facebook advertisements can be evaluated for statistical and market research purposes and future advertising measures optimised. The collected data is anonymous to us as the operator of this website; we cannot draw conclusions about the identity of the users from this data. However, the data is stored and processed by Facebook, so that a connection to the respective user profile is possible, and Facebook can use the data for their own advertising purposes, according to Facebook data use policy. Facebook can thereby enable ads to be displayed on Facebook and outside of Facebook. This use of data cannot be influenced by us as the site operator. In the privacy policy of Facebook you will find more information on the protection of your privacy: https://www.facebook.com/about/privacy. You can also deactivate the “Custom Audiences” remarketing feature in the ads settings section under https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen. To do this, you must be logged in to Facebook. If you do not have a Facebook account, you can disable usage-based advertising from Facebook on the European Interactive Digital Advertising Alliance website: http://www.youronlinechoices.com/de/praferenzmanagement.
NEWSLETTER
If you would like to receive the newsletter offered on the website, we require an e-mail address from you, as well as information that allows us to verify that you are the owner of the e-mail address provided and that you agree to receive the newsletter. Further data is not collected or is collected only on a voluntary basis. We use this data exclusively for the delivery of the requested information and do not pass it on to third parties. The processing of the data entered into the newsletter registration form takes place exclusively on the basis of your consent (Article 6 (1) (a) GDPR). The granted consent to the storage of the data, the e-mail address and their use for sending the newsletter can be revoked at any time, for example via the “unsubscribe” link in the newsletter. The legality of the already completed data processing operations remains unaffected by the revocation.
The data deposited with us for the purpose of obtaining the newsletter will be saved by us until your cancellation and will be deleted after cancellation of the newsletter. Data stored for other purposes with us (e.g. e-mail addresses for the members area) remains unaffected.
YOUTUBE
Our website uses plugins from the Google-powered YouTube page. The site operator is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA.
When you visit one of our YouTube plug-in-enabled sites, you will be connected to the servers of YouTube. The YouTube server is then told which of our pages you have visited. If you are logged into your YouTube account, you allow YouTube to associate your browsing behaviour directly with your personal profile. You can prevent this by logging out of your YouTube account. The use of YouTube serves the interest of an attractive presentation of our online offers. This constitutes a legitimate interest within the meaning of Art. 6 (1) (f) GDPR. For more information on the handling of user data, please refer to the YouTube privacy policy at: https://www.google.de/intl/de/policies/privacy.
VIMEO
Our website uses plugins from the video portal Vimeo. The provider is Vimeo Inc., 555 West 18th Street, NY, New York 10011, USA.
If you visit any of our sites equipped with a Vimeo plugin, you will be connected to Vimeo’s servers. This tells the Vimeo server which of our pages you have visited. In addition, Vimeo obtains your IP address. This also applies if you are not logged in to Vimeo or do not have an account with Vimeo. The information collected by Vimeo is transmitted to the Vimeo server in the United States. If you are logged in to your Vimeo account, you allow Vimeo to associate your surfing behavior directly with your personal profile. You can prevent this by logging out of your Vimeo account. For more information on the handling of user data, please refer to the Vimeo privacy policy at: https://vimeo.com/privacy.
GOOGLE WEB FONTS
This site uses so-called web fonts, provided by Google, for the uniform representation of fonts. When you visit a page, your browser loads the required web fonts into your browser cache to display texts and fonts correctly. To do this, the browser you use must connect to Google’s servers. As a result, Google learns that our website has been accessed via your IP address. The use of Google web fonts serves the interest of a consistent and attractive presentation of our online services. This constitutes a legitimate interest within the meaning of Art. 6 (1) (f) GDPR. If your browser does not support web fonts, a default font will be used by your computer. For more information about Google web fonts, see: https://developers.google.com/fonts/faq also see Google’s privacy policy: https://www.google.com/policies/privacy.
GOOGLE MAPS
This site uses the mapping service Google Maps via an API. The provider is Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA.
To use the features of Google Maps, it is necessary to save your IP address. This information is usually transmitted to and stored on a Google server in the United States. The provider of this site has no influence on this data transfer. The use of Google Maps serves the interest of an attractive presentation of our online offers and easy findability of the places we have indicated on the website. This constitutes a legitimate interest within the meaning of Art. 6 (1) (f) GDPR. For more information on the handling of user data, please refer to the Google privacy policy at: https://www.google.de/intl/de/policies/privacy.
FACEBOOK-PLUGINS (LIKE-BUTTON)
Our website integrates plugins of the social network Facebook, provider Facebook Inc., 1 Hacker Way, Menlo Park, California 94025, USA.
The Facebook plugins can be recognized by the Facebook logo or the “Like Button” (“Like”) on our site. An overview of the Facebook plugins can be found here: http://developers.facebook.com/docs/plugins. When you visit our website, the plugin establishes a direct connection between your browser and the Facebook server. Facebook receives the information that you have visited our website with your IP address. If you click on the Facebook “Like Button” while you are logged into your Facebook account, you can link the contents of our pages to your Facebook profile. As a result, Facebook can assign your visit to our website to your user account. We point out that we as the provider of the website are not aware of the content of the data transmitted and its use by Facebook. For more information, see the Facebook privacy policy at: https://www.facebook.com/policy.php. If you do not want Facebook to be able to associate your visit of our website with your Facebook user account, please log out of your Facebook user account.
TRIPADVISOR-PLUGINS
TripAdvisor plug-ins are integrated into our website (TripAdvisor Inc., 141 Needham Street, Newton, MA 02464, USA) and can be recognized by the logo. When you visit our website a direct connection is made between your browser and the plugin provider. These firms receive the information that you have visited our website with your IP-Address. We wish to advise you that we, as site provider, receive no information regarding the content of the data transmitted nor the use thereof. Further information can be found in TripAdvisor's Data Protection Declaration: https://tripadvisor.mediaroom.com/UK-privacy-policy.
Contact: Attn: Privacy Officer/Legal Department. E-Mail: privacy@tripadvisor.com.
EXTERNAL LINKS
Our website contains links to external websites. When you use these links to visit other websites the operators of these websites may receive information which they may use (in accordance with data protection laws). These may differ from our data protection declaration. We advise you to read the data protection declarations on these websites to receive information about the type of collection, use and disclosure of personal data.
E-GUMA
We use the E-GUMA voucher system. E-GUMA is a product of Idea Creation GmbH, Walchestrasse 15, 8006 Zürich, Switzerland.
This voucher shop is multilingual and is linked to our home page. Our customers can order and print the required vouchers at home. Further information about E-GUMA's data protection declaration can be found here: https://www.e-guma.ch/datenschutz.
Contact: Idea Creation GmbH: Tel. +41 44 500 54 00 or E-Mail: info@e-guma.ch