Online check-in

Data Protection Regulation

Privacy Policy Blue City Hotel AG

Status: July 2023

 

Table of Contents

A........... Cross-Channel Notice. 3

1............ Responsible party and content of this privacy policy. 3

2............ Contact person for data protection 3

3............ Your rights. 3

4............ Data security 4

5............ Contacting us. 4

6............ Use of your data for marketing purposes. 5

6.1......... Centralized data storage and analysis in the CRM system.... 5

6.2......... E-mail marketing and newsletters 5

7............ Disclosure to and access by third parties 6

8............ Transfer of personal data abroad. 7

9............ Retention periods. 7

B........... Special notices for our website. 7

10.......... Log file data. 7

11.......... Cookies. 8

12.......... Google SiteSearch / Google Custom Search Engine. 9

13.......... Tracking and web analytics tools. 9

13.1....... General information about tracking. 9

13.2....... Google Analytics. 10

13.3....... Tracking and tagging tools. 11

13.4....... Youtube. 11

13.5....... Google Maps. 11

14.......... Social Media. 11

14.1....... Social media profiles. 11

14.2....... Social media plugins. 12

15.......... Online advertising and targeting. 13

15.1....... In general. 13

15.2....... Google Ads. 14

16.......... Use of our chat function. 14

 


17.......... Order through our online store. 15

18.......... Booking on the website, by correspondence or by phone call 15

19.......... Payment processing online. 16

20.......... Reserving a table. 16

21.......... Booking via booking platforms. 17

22.......... Submission of ratings. 17

23.......... Applying for a job opening. 17

C........... Data processing in connection with your stay 18

24.......... Data processing to comply with legal reporting requirements. 18

25.......... Recording of services received. 18

26.......... Guest feedback. 18

27.......... Video surveillance. 19

28.......... Use of our WiFi network. 19

29.......... Payment processing. 20

 

1.
Person responsible and content of this privacy policy

We, Blue City Hotel AG (Haselstrasse 17, 5400 Baden, Switzerland) are the operator of the Hotel Blue City ("Hotel") as well as the website https://www.bluecityhotel.ch/ (hereinafter referred to as the "Website") and are responsible for the data processing specified in this data protection declaration, unless otherwise stated.

Your trust is important to us, which is why we take the issue of data protection seriously and ensure appropriate security. So that you know what personal data we collect from you and for what purposes we use it, please take note of the information below. When it comes to data protection, we are guided primarily by the legal requirements of Swiss data protection law, in particular the Swiss Federal Data Protection Act (DSG), as well as the EU Data Protection Regulation (GDPR), the provisions of which may be applicable in individual cases..

In order for you to know what personal data we collect from you and for what purposes we use it, please take note of the information below.

Please note that the following information will be reviewed and amended from time to time. We therefore recommend that you review this privacy policy regularly. Furthermore, for individual data processing listed below, other companies are responsible under data protection law or jointly responsible with us, so that in these cases the information of these providers is also authoritative.

 

2.               
Contact person for data protection

If you have any questions about data protection or wish to exercise your rights, please contact our data protection contact by sending an email to the following address:

Ruzica.Dujmic@trafohotel.ch

You can reach our EU data protection representative at:

Blue City Hotel AG

Haselstrasse 17

5400 Baden

 

3.                         
Your rights

Provided that the legal requirements are met, you have the following rights as a person affected by data processing:

 

Right of access: you have the right to request at any time, free of charge, access to your personal data stored by us when we process it. This gives you the opportunity to check what personal data we are processing about you and that we are using it in accordance with applicable data protection regulations.

 

Right to rectification: You have the right to have incorrect or incomplete personal data rectified and to be informed about the rectification. In this case, we will inform the recipients of the data concerned of the adjustments made, unless this is impossible or involves disproportionate effort.

 

Right to deletion: you have the right to have your personal data deleted under certain circumstances. In individual cases, especially in the case of legal retention obligations, the right to deletion may be excluded. In this case, the deletion may be replaced by a blocking of the data if the conditions are met.

 

Right to restriction of processing: You have the right to request that the processing of your personal data be restricted.

 

Right to data transfer: You have the right to receive from us, free of charge, the personal data you have provided to us in a readable format.

 

Right to object: You may object to data processing at any time, in particular for data processing in connection with direct advertising (e.g. advertising e-mails).

 

Right of revocation: In principle, you have the right to revoke any consent you have given at any time. However, processing activities based on your consent in the past will not become unlawful as a result of your revocation.

 

To exercise these rights, please email us at the following address:

home@bluecityhotel.ch

In order to process your requests, we may, at our discretion, require proof of identity.

 

Right to lodge a complaint: You have the right to lodge a complaint with a competent supervisory authority, e.g. against the way your personal data is processed.

 

 

4.                
data security

We use appropriate technical and organizational security measures to protect your personal data stored by us against loss and unlawful processing, namely unauthorized access by third parties. Our employees and the service companies commissioned by us are obligated by us to maintain confidentiality and data protection. Furthermore, these persons are only granted access to personal data to the extent necessary for the performance of their duties.

 

Our security measures are continuously adapted in line with technological developments. However, the transmission of information via the Internet and electronic means of communication always involves certain security risks, and even we cannot provide an absolute guarantee for the security of information transmitted in this way.

 

5.                
contact us

If you contact us via our contact addresses and channels (e.g. by e-mail, telephone or contact form), your personal data will be processed. The data that you have provided to us is processed, e.g. the name of your company, your name, your function, your e-mail address or telephone number and your request. In addition, the time of receipt of the request is documented. Mandatory data is marked with an asterisk (*) in contact forms.

We process this data exclusively in order to implement your request (e.g. providing information about our hotel, support in the processing of contracts such as questions about your booking, inclusion of your feedback in the improvement of our service, etc.). The legal basis for this data processing is our legitimate interest within the meaning of Art. 6 para. 1 lit. f EU-DSGVO in the implementation of your request or, if your request is directed towards the conclusion or execution of a contract, the necessity for the implementation of the necessary measures within the meaning of Art. 6 para. 1 lit. b EU-DSGVO.

 

6.                
Use of your data for marketing purposes

6.1             
Central data storage and analysis in the CRM system

Insofar as a clear assignment to your person is possible, we will store and link the data described in this data protection declaration, i.e. in particular your personal details, your contacts, your contract data and your surfing behavior on our websites in a central database. This serves the efficient administration of customer data and allows us to adequately respond to your requests, and enables the efficient provision of the services you have requested and the processing of the associated contracts. The legal basis for this data processing is our legitimate interest within the meaning of Art. 6 para. 1 lit. f EU-DSGVO in the efficient management of user data.

 

We evaluate this data in order to further develop our offers in a needs-oriented manner and to display and suggest the most relevant information and offers to you. We also use methods that predict possible, interests and future orders based on your website usage. The legal basis for this data processing is our legitimate interest within the meaning of Art. 6 para. 1 lit. f EU-DSGVO in the implementation of marketing measures.

 

6.2             
Email marketing and newsletter

If you register for our e-mail newsletter (e.g. when visiting our website), the following data is collected. Mandatory data is marked with an asterisk (*) in the registration form:

  • E-mail address
  • Salutation
  • First and last name
  • Telephone number

In order to avoid misuse and to ensure that the owner of an e-mail address has actually given their consent themselves, we rely on the so-called double opt-in for registration. After sending the registration, you will receive an e-mail from us containing a confirmation link. In order to definitely register for the newsletter, you must click on this link. If you do not click on the confirmation link within the specified period, your data will be deleted again and our newsletter will not be sent to this address.

By registering, you consent to the processing of this data in order to receive messages from us about our hotel and related information on products and services. This may also include invitations to participate in competitions or to evaluate one of the aforementioned products and services. The collection of the salutation and name allows us to verify the association of the registration with any existing customer account and to personalize the content of the mails. The link to a customer account helps us to make the offers and content contained in the newsletter more relevant to you and better tailored to your potential needs.

We will use your data for emailing until you revoke your consent. Revocation is possible at any time, in particular via the unsubscribe link in all our marketing emails.

Our marketing emails may contain a so-called web beacon or 1x1 pixel (tracking pixel) or similar technical tools. A web beacon is an invisible graphic that is linked to the user ID of the respective newsletter subscriber. For each marketing email sent, we receive information on which addresses have not yet received the email, to which addresses it was sent and for which addresses the sending failed. We also see which addresses opened the email, for how long, and which links they clicked on. Finally, we also receive information about which addresses have unsubscribed. We use this data for statistical purposes and to optimize the promotional e-mails in terms of frequency, timing, structure and content. This allows us to better tailor the information and offers in our emails to the individual interests of the recipients.

The web beacon is deleted when you delete the email. To prevent the use of the web beacon in our marketing emails, please set the parameters of your email program so that HTML is not displayed in messages if this is not already the case by default. See the help sections of your email software for information on how to configure this setting, e.g. here for Microsoft Outlook. In our company, this is not used so far.

By subscribing to the newsletter, you also consent to the statistical analysis of user behavior for the purpose of optimizing and customizing the newsletter. This consent constitutes our legal basis for the processing of the data within the meaning of Art. 6 para. 1 lit. a EU-DSGVO.

We use the email marketing software MailChimp for marketing emails. Therefore, your data is stored in a database of MailChimp, which allows MailChimp to access your data if necessary for the provision of the software and for support in the use of the software. The legal basis for this processing is our legitimate interest within the meaning of Article 6 (1) lit. f EU-DSGVO in the use of third-party services. You can view the privacy policy of MailChimp here: https://www.intuit.com/privacy/statement/

 

7.                
Disclosure to and access by third parties

Without the support of other companies, we could not provide our services in the desired form. In order for us to be able to use the services of these companies, it is also necessary to pass on and receive your personal data to a certain extent. Such a passing on takes place namely, as far as this is necessary for the fulfillment of the contract you
contract requested by you, i.e. e.g. to restaurants or other third-party providers for which you have made a reservation. The legal basis for these disclosures is the necessity for the fulfillment of the contract within the meaning of Art. 6 para. 1 lit. b EU-DSGVO.

 

Furthermore, data is shared with selected service providers and only to the extent necessary for the provision of the service. Various third-party service providers are also explicitly mentioned in this privacy policy, e.g. in the sections on marketing. These are, for example, IT service providers (such as providers of software solutions), advertising agencies, consulting companies. In addition, we transfer your data to affiliated companies of the group (e.g. online travel agencies, partner hotels). The legal basis for this transfer of data is our legitimate interest within the meaning of Art. 6 (1) f EU-DSGVO in obtaining third-party services.

 

In addition, your data may be disclosed, in particular to authorities, legal advisors or collection agencies, if we are required to do so by law or if this is necessary to protect our rights, in particular to enforce claims arising from our relationship with you. Data may also be disclosed if another company intends to acquire our company or parts thereof and such disclosure is necessary to conduct due diligence or to complete the transaction. Our legitimate interest within the meaning of Art. 6 (1) f EU-DSGVO in safeguarding our rights and complying with our obligations or the sale of our company forms the legal basis for this data transfer.

 

8.                
Transfer of personal data abroad

We are also entitled to transfer your personal data to third parties abroad if this is necessary to carry out the data processing mentioned in this data protection declaration (see esp. sections 12-15). In doing so, the legal requirements for the disclosure of personal data to third parties will, of course, be complied with. If the country in question does not have an adequate level of data protection, we ensure through contractual arrangements that your data is adequately protected at these companies.

 

9.               
Retention periods

We store personal data only for as long as is necessary to carry out the processing explained in this privacy policy within the scope of our legitimate interest. In the case of contractual data, storage is required by statutory retention obligations. Requirements that oblige us to retain data arise from the provisions on accounting and from tax law regulations. According to these regulations, business communication, concluded contracts and accounting vouchers must be stored for up to 10 years. If we no longer need this data to perform services for you, the data will be blocked. This means that the data may then only be used if this is necessary to fulfill the retention obligations or to defend and enforce our legal interests. The data will be deleted as soon as there is no longer any obligation to retain the data and no longer any legitimate interest in retaining it.

We store your personal data in relation to reservations only as long as we need them for the provision of the web offer used by you or for the fulfillment of contractual relations with you, that is, we can assume that future bookings are completely excluded or as long as we have your consent or we have another legitimate interest in data processing. Any storage beyond this will only take place on the basis of legal regulations.

 

  1. Special notes for our website

10.             
Logfile-Dates

When you visit our website, the servers of our hosting providers (cyon GmbH, Brunngässlein12, 4052 Basel, Switzerland and Ennit Interactive GmbH, Gerhahrd-Fröhli-Str. 14, 24106 Kiel, Axelion, 5400 Baden) temporarily store each access in a log file. The following data is collected without your intervention and stored until automated deletion by us:

  • the IP address of the requesting computer,
  • the name of the owner of the IP address range (usually your
  • Internet access provider),
  • the date and time of the access,
  • the website from which the access was made (referrer URL),
  • if applicable with the search word used,
  • the name and URL of the file accessed,
  • the status code (e.g. error message),
  • the operating system of your computer
  • the browser you use (type, version and language)
  • the transmission protocol used (e.g. HTTP/1.1) and, if
  • applicable, your username from a registration/authentication.

This data is collected and processed for the purpose of enabling the use of our website (connection establishment), to ensure system security and stability on a permanent basis, as well as for error and performance analysis, and enables us to optimize our website (see also section 13 for the last points).

In the event of an attack on the network infrastructure of the website or suspicion of other unauthorized or abusive website use, the IP address and the other data will be evaluated for the purpose of clarification and defense and, if necessary, used in criminal proceedings to identify and take civil and criminal action against the users concerned.

In the purposes described above, there is our legitimate interest in data processing within the meaning of Art. 6 (1) lit. f EU-DSGVO.

Finally, when visiting our website, we use cookies as well as applications and tools that are based on the use of cookies. In this context, the data described here may also be processed. You can find more details on this in the other subsequent sections of this data protection declaration, in particular section 11.

 

11.             
Cookies

Cookies are information files that your web browser stores on your computer's hard drive or memory when you visit our website. Cookies are assigned identification numbers that identify your browser and allow the information contained in the cookie to be read.

Among other things, cookies help to make your visit to our website easier, more pleasant and more meaningful. We use cookies for various purposes that are necessary, i.e. "technically necessary", for your desired use of the website. For example, we use cookies to be able to identify you as a registered user after logging in, without you having to log in again each time when navigating the various sub-pages. The provision of the shopping cart and order function is also based on the use of cookies. Furthermore, cookies also perform other technical functions required for the operation of the website, such as so-called load balancing, i.e. the distribution of the site's performance load to various web servers in order to relieve the servers. Cookies are also used for security purposes, for example to prevent the unauthorized posting of content. Finally, we also use cookies as part of the design and programming of our website, for example to enable the uploading of scripts or codes.

The legal basis for this data processing is our legitimate interest within the meaning of Art. 6 para. 1 lit. f EU-DSGVO in providing a user-friendly and up-to-date website.

Most Internet browsers automatically accept cookies. However, when accessing our website, we ask for your consent to the cookies we use that are not technically necessary, especially when using third-party cookies for marketing purposes. You can use the corresponding buttons in the cookie banner to make your desired settings. Details on the services and data processing associated with the individual cookies can be found within the cookie banner and in the following sections of this privacy policy.

 

You may also be able to configure your browser so that no cookies are stored on your computer or so that a message always appears when you receive a new cookie. On the following pages you will find explanations of how you can configure the processing of cookies in selected browsers.

Disabling cookies may prevent you from using all the features of our website.

 

12.             
Google SiteSearch / Google Custom Search Engine

On this website, the Google SiteSearch/Google Custom Search Engine of Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA) is used. This enables us to provide you with an efficient search function on our website.

When using our search fields, your browser may transmit the log file data listed in section 10 (incl. IP address) as well as the search term you entered to Google if you have installed Java script in your browser. If you wish to prevent the transmission of data, you can deactivate Java Script in the browser settings (usually in the "Privacy" menu). Please note that the search function and other functions of the website may be impaired in this case.

 

The legal basis for this data processing is our legitimate interest within the meaning of Art. 6 para. 1 lit. f EU-DSGVO in providing an efficient website search function.

 

For the further processing of data by Google, please refer to Google's privacy policy: www.google.com/intl/de_de/policies/privacy.

 

13.             
Tracking and web analytics tools

13.1           
General information about tracking

For the purpose of demand-oriented design and continuous optimization of our website, we use the web analysis services listed below. In this context, pseudonymized usage profiles are created and cookies are used (please also refer to section 11). The information generated by the cookie about your use of this website is usually transferred together with the log file data listed in Section 10 to a server of the service provider, where it is stored and processed. this may also involve transfer to servers abroad, e.g. the USA (see also, in particular, the guarantees taken, Section 8).

By processing the data, we obtain, among other things, the following information:

  • Navigation path followed by a visitor on the site (including content viewed and products selected or purchased or services booked),
  • the length of time spent on the website or sub-page,
  • the sub-page on which the website is left,
  • the country, region or city from which access is made,
  • End device (type, version, color depth, resolution, width and
  • height of the browser window) and
    Returning or new visitor.

On our behalf, the provider will use this information for the purpose of evaluating the use of the website, compiling reports on website activity for us and providing other services relating to website activity and internet usage for the purposes of market research and demand-oriented design of these internet pages. For these processing operations, we and the providers may be considered joint data controllers up to a certain extent.

The legal basis for this data processing with the following tools is your consent within the meaning of Art. 6 (1) lit. a EU-DSGVO. You can revoke your consent or refuse the processing at any time by rejecting or switching off the relevant cookies in your web browser settings (see section 11) or by making use of the service-specific options described below.

For the further processing of the data by the respective provider as the (sole) responsible party under data protection law, in particular also any forwarding of this information to third parties such as authorities on the basis of national statutory provisions, please refer to the respective data protection information of the provider.

 

13.2           
Google Analytics

We use the web analytics service Google Analytics from Google Ireland Limited (Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland) or Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA) ("Google").

In the process, the described data about the use of the website may be transmitted to the servers of Google LLC. in the USA for the explained processing purposes (see section 13.1). The IP address is shortened by activating the IP anonymization ("anonymizeIP") on this website before transmission within the Member States of the European Union or in other contracting states to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there.

 

Users can prevent the collection of the data generated by the cookie and related to the website usage by the respective user (incl. the IP address) to Google as well as the processing of this data by Google by downloading and installing the browser plugin at the following link:

http://tools.google.com/dlpage/gaoptout?hl=de. Further information on data protection at Google can be found here.

 

13.3           
Tracking und Tagging Tools

We use the tracking services Meta Pixel from Facebook
 (Go Menlo Park, California, United States), LinkedIn Insights Tag
 from LinkedIn (Sunnyvale, California, United States) and Google 
Tag Manager from Google LLC (1600 Amphitheater Parkway, 
Mountain View, CA 94043, USA) ("Google").

 

In the process, the described data about the use of the website may be transmitted to the servers of Google LLC. in the USA for the explained processing purposes (see section 13.1). The IP address is shortened by activating the IP anonymization ("anonymizeIP") on this website before transmission within the Member States of the European Union or in other contracting states of the Agreement on the European Economic Area. 

13.4           
Youtube

Our website uses plugins from the YouTube site operated by Google. The operator of the pages is YouTube, LLC, 901 Cherry Ave, San Bruno, CA 94066, USA. When you visit one of our pages equipped with a YouTube plug-in, a connection to the YouTube servers is established. This tells the YouTube server which of our pages you have visited.

If you are logged into your YouTube account, you enable YouTube to assign your surfing behavior directly to your personal profile. You can prevent this by logging out of your YouTube account.

YouTube is used in the interest of an appealing presentation of our online offers. This represents a legitimate interest within the meaning of Art. 6 para. 1 lit. f DSGVO. For more information on the handling of user data, please refer to YouTube's privacy policy at: https://www.google.de/intl/de/policies/privacy.

Translated with www.DeepL.com/Translator (free version)

13.5           
Google Maps

This website uses Google Maps to display maps and to create directions. Google Maps is operated by Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. By using this website, you consent to the collection, processing and use of automatically collected data and data provided by you by Google, one of its agents, or third parties. The terms of use for Google Maps can be found under the terms of use for Google Maps.

14.             
Social Media

14.1           
Social Media Profils

On our website we have included links to our profiles in the social networks of the following providers:

  • Meta Platforms Inc, 1601 S California Ave, Palo Alto, CA 94304, USA;
  • Instagram Inc, 1601 Willow Road, Menlo Park, CA 94025, USA;
  • Linkedin Unlimited Company, Wilton Place, Dublin 2, Ireland.


When you click on the icons of the social networks, you are automatically redirected to our profile on the respective network. This establishes a direct connection between your browser and the server of the respective social network. This provides the network with the information that you have visited our website with your IP address and clicked on the link.

 

If you click on a link to a network while you are logged into your user account with the network in question, the content of our website may be linked to your profile so that the network can assign your visit to our website directly to your account. If you want to prevent this, you should log out before clicking on the relevant links. A connection between your access to our website and your user account takes place in any case if you log in to the respective network after clicking on the link. The respective provider is responsible under data protection law for the associated data processing. Please therefore note the information on the website of the network.

The legal basis for any data processing attributed to us is our legitimate interest within the meaning of Art. 6 (1) lit. f EU-DSGVO in the use and promotion of our social media profiles.

 

14.2           
Social Media Plugins

On our website, you can use social plugins from the providers listed below:

  • Meta Platforms Inc, 1601 S California Ave, Palo Alto, CA 94304, USA, privacy notice;
  • Instagram Inc, 1601 Willow Road, Menlo Park, CA 94025, USA, privacy notice;
  • Linkedin Unlimited Company, Wilton Place, Dublin 2, Ireland, privacy notice.
  • Facebock Tracking Pixels, Menlo Park. United States Privacy Notice

We use the social plugins to make it easier for you to share content from our website. The social plugins help us to increase the visibility of our content on social networks and in this respect contribute to better marketing.

 

The plugins are deactivated by default on our websites and therefore do not send any data to the social networks when you simply call up our website. To increase data protection, we have integrated the plugins in such a way that a connection is not automatically established with the networks' servers. Only when you activate the plugins and thus give your consent to data transmission and further processing by the providers of the social networks, your browser establishes a direct connection to the servers of the respective social network.

 

The content of the plugin is transmitted directly to your browser by the social network and integrated into the website by it. This provides the respective provider with the information that your browser has accessed the corresponding page of our website, even if you do not have an account with this social network or are not currently logged in to it. This information (including your IP address) is transmitted from your browser directly to a server of the provider (usually in the USA) and stored there. We have no influence on the scope of the data that the provider collects with the plugin, although from a data protection perspective we can be considered jointly responsible with the providers up to a certain extent.

If you are logged into the social network, it can assign your visit to our website directly to your user account. If you interact with the plugins, the corresponding information is also transmitted directly to a server of the provider and stored there. The information (e.g., that you like a product or service of ours) may also be published on the social network and possibly displayed to other users of the social network. The provider of the social network may use this information for the purpose of placing advertisements and tailoring the respective offer to your needs. For this purpose, usage, interest and relationship profiles could be created, e.g. to evaluate your use of our website with regard to the advertisements displayed to you on the social network, to inform other users about your activities on our website and to provide other services associated with the use of the social network. The purpose and scope of the data collection and the further processing and use of the data by the providers of the social networks, as well as your rights in this regard and setting options for protecting your privacy, can be found directly in the privacy policy of the respective provider.

The Blue City Hotel handles this with the so-called "Sharrif solution".

 

If you do not want the provider of the social network to assign the data collected via our website to your user account, you must log out of the social network before activating the plugins. For the data processing described above, your consent within the meaning of Art. 6 (1) lit. a EU-DSGVO forms the legal basis. You can revoke your consent at any time by declaring your revocation to the provider of the plugin in accordance with the information in its privacy policy.

 

15.           
Online advertising and targeting

15.1           
In general

We use services of various companies to provide you with interesting offers online. This involves analyzing your user behavior on our website and websites of other providers in order to subsequently display online advertising tailored to your individual needs.

 

Most technologies for tracking your user behavior and for the targeted display of advertising work with cookies (see also section 11), which can be used to recognize your browser across various websites. Depending on the service provider, it may also be possible for you to be recognized online even when using different end devices (e.g. laptop and smartphone). This may be the case, for example, if you have registered for a service that you use with multiple devices.

 

In addition to the data already mentioned, which is generated when websites are called up ("log file data", see section 10) and when cookies are used (section 11) and which may reach the companies involved in the advertising networks, the following data in particular is included in the selection of the advertising that is potentially most relevant for you:

  • Information about you that you provided when registering or using a service of advertising partners (e.g., your gender, age group);
  • User behavior (e.g. search queries, interactions with advertisements, types of websites visited, products or services viewed and purchased, newsletters subscribed to).

We and our service providers use this data to identify whether you belong to the target group we address and take this into account when selecting advertisements. For example, after you have visited our site, you may be presented with ads for the products or services you consulted when you visit other sites ("re-targeting"). Depending on the scope of the data, a user's profile may also be created, which is evaluated automatically, and the ads are selected according to the information stored in the profile, such as membership in certain demographic segments or potential interests or behaviors. Such ads may be presented to you on various channels, which, in addition to our website or app (as part of onsite and in-app marketing), also include ads served through the online advertising networks we use, such as Google.

 

The data may then be analyzed for the purpose of billing the service provider and assessing the effectiveness of advertising measures in order to better understand the needs of our users and customers and to improve future campaigns. This may also include information that the performance of an action (e.g., visiting certain sections of our websites or sending information) is due to a certain advertising ad. We also receive aggregate reports from service providers of ad activity and information about how users interact with our website and ads.

 

The legal basis for this data processing is your consent within the meaning of Art. 6 (1) a EU-DSGVO. You can revoke your consent at any time by rejecting or switching off the relevant cookies in the settings of your web browser (see section 11). You can also find further options for blocking advertising in the information provided by the respective service provider, such as Google.

 

15.2           
Google Ads

This website uses the services of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA ("Google") for online advertising. Google uses cookies for this purpose, such as the so-called DoubleClick cookie, which allow your browser to be recognized when you visit other websites. The information generated by the cookies about your visit to these websites (including your IP address) will be transmitted to and stored by Google on servers in the United States (see also section 6). Further information on data protection at Google can be found here.

The legal basis for this data processing is your consent within the meaning of Art. 6 (1) a EU-DSGVO. You can revoke your consent at any time by rejecting or switching off the relevant cookies in your web browser settings (see section 11). Further options for blocking advertising can be found here.

 

16.             
Using and chat-function

If you contact us via chat, your personal data will be processed. The data that you have provided to us is processed, e.g. the name of your company, your name, your function, your e-mail address and your request. In addition, the time of receipt of the request is documented. Mandatory data are marked with an asterisk (*).

 

We process this data exclusively in order to implement your request (e.g. providing information about our hotel, support in the processing of contracts such as questions about your booking, inclusion of your feedback in the improvement of our service, etc.). To provide the chat function, we use a tool from Meta Platforms Inc (Whats App), (1601 S California Ave, Palo Alto, CA 94304, USA, Privacy Notice). Therefore, your data will be stored in a Meta Platforms Inc. database, which may allow Meta Platforms Inc. to access your data if necessary to provide the Software and to assist you in using the Software.

The legal basis for this data processing is our legitimate interest within the meaning of Art. 6 para. 1 lit. f EU-DSGVO in the use of up-to-date communication technologies or, if your request is directed towards the conclusion or execution of a contract, in the implementation of the necessary measures within the meaning of Art. 6 para. 1 lit. b EU-DSGVO.

 

 

17.             
ordering trough our online shop

On our website you have the possibility to order a wide selection of vouchers. For this purpose, we collect the following data. Mandatory data are marked with an asterisk (*) in the corresponding form:

  •  Salutation
  • First name
  • Last name
  • Company
  • Street and house number
  • Address addition
  • ZIP CODE
  • City
  • Country
  • Telephone number
  • E-Mail
  • Payment method/ Credit card information
  • Shipping method
  • Yes, I would like to subscribe to your newsletter.
  • I confirm the accuracy of the information provided and have read and accept the terms and conditions and the privacy policy.

    We use this data and other data voluntarily provided by you only to process your order according to your wishes. The processing of this data therefore takes place in the sense of Art. 6 para. 1 lit. b EU-DSGVO for the implementation of pre-contractual measures as well as for the implementation of a contract.

18.             
Booking on the website, by correspondence or by phone call

When you make bookings or order vouchers either via our website, by correspondence (e-mail or letter post) or by telephone call, we collect the following data, with mandatory data marked with an asterisk (*) in the corresponding form:

 

  • Salutation
  • First name
  • Last name
  • E-mail address
  • Telephone number
  • Language
  • Credit card information

We will only use this data and other information voluntarily provided by you (e.g. expected arrival time, motor vehicle registration plate, preferences, remarks) to process the contract, unless otherwise stated in this privacy policy or you have given your separate consent to do so. We will process the data by name in order to record your booking as requested, to provide the booked services, to contact you in case of ambiguities or problems and to ensure correct payment. Your credit card details, in order to guarantee future bookings and to make the booking process easier, will not be automatically deleted. If you wish to do so, please contact us directly at home@bluecityhotel.ch.

The legal basis for data processing for this purpose is the fulfillment of a contract according to Art. 6 para. 1 lit. b EU-DSGVO or your consent according to Art. 6 para. 1 lit. a EU-DSGVO. You can revoke your consent at any time with effect for the future.

 

19.             
Online payment processing

If you make chargeable bookings or purchase products on our website, depending on the product or service and the desired payment method - in addition to the information mentioned in section 18 or section 19 - the provision of further data is required, such as your credit card information or the login to your payment service provider. This information, as well as the fact that you have purchased a service from us for the amount and at the time in question, will be forwarded to the respective payment service providers (e.g. payment solution providers, credit card issuers and credit card acquirers). In this regard, please always also note the information of the respective company, in particular the data protection declaration and the general terms and conditions. The legal basis for this transfer is the fulfillment of a contract according to Art. 6 para.1 lit. b EU-DSGVO.

 

20.             
booking a table

On our website you have the possibility to reserve a table in one of the restaurants mentioned on our website. For this purpose, we collect the following data, where mandatory data are marked with an asterisk (*) in the corresponding form:

 

  • First name
  • Last name
  • Number of guests
  • E-mail address
  • Phone number
  • Comment
  • Date and time of reservation
  • I accept the terms and conditions
  • I would like to receive information about special offers and promotions

We collect and process the data only for the purpose of processing the reservation, in particular to compile your reservation request according to your wishes, to make the reservation and to contact you in case of any uncertainties or problems.

 

For the processing of reservations we use a tool from Baldegger + Sortec AG (Bützackerweg 4, 3123 Belp, Switzerland). Therefore, your data is stored in a database of Baldegger + Sortec AG, which may allow Baldegger + Sortec AG to access your data if this is necessary for the provision of the software and for support in the use of the software. Information on the transfer and processing of data by third parties can be found, on the one hand, under point 7 of this data protection declaration.

 

The legal basis for the processing of your data for this purpose is the fulfillment of a contract according to Art. 6 para. 1 lit. b EU-DSGVO.

 

21.             
bookings through booking portals

If you make bookings via a third-party platform (i.e. via booking.com, Hotel, Escapio, Expedia, Holidaycheck, Hotel Tonight, HRS, Kayak, Mr. & Mrs. Smith, Splendia, Tablet Hotels, Tripadvisor, Trivago, Weekend4Two, etc.), we receive various personal information from the respective platform operator in connection with the booking made. As a rule, this is the data listed in item 19 of these data protection declarations. In addition, inquiries about your booking may be forwarded to us. We will process this data by name in order to record your booking as requested and to provide the booked services. The legal basis for data processing for this purpose lies in the implementation of pre-contractual measures and the fulfillment of a contract in accordance with Art. 6 para. 1 lit. b EU-DSGVO.

Finally, we may be informed by the platform operators about disputes in connection with a booking. In the process, we may also receive data about the booking process, which may include a copy of the booking confirmation as proof of the actual booking completion. We process this data to protect and enforce our claims. This is our legitimate interest within the meaning of Art. 6 para. 1 lit. f EU-DSGVO.

 

Please also note the privacy policy of the respective booking platform.

 

22.             
giving Feedback

In order to help other users with their purchase decision and to support our quality management (especially the processing of negative feedback), you have the opportunity to rate your stay with us on our website. The data that is processed and published on the website is the data that you have provided to us, i.e. in addition to your rating and its time, possibly also a comment that you have added to your rating, or the name you have given.

The legal basis for data processing is your consent within the meaning of Art. 6 (1) lit a EU-DSGVO.

 

We reserve the right to delete unlawful ratings and to contact you in case of suspicion and ask you to comment. The legal basis for this processing is our legitimate interest within the meaning of Art. 6 (1) lit. f EU-DSGVO in providing the comment and rating function and preventing abuse when using it.

We use the assessment tool provided by Recruit (Chiyoda, Tokyo Prefecture, Japan). Therefore, your data will be stored in a database of Recruit, which may allow Recruit to access your data if necessary to provide the software and to assist you in using the software. Information about the transfer and processing of data by third parties can be found, on the one hand, under Section 7 of this Privacy Policy.

 

The legal basis for the processing of your data for this purpose is the fulfillment of a contract according to Art. 6 para. 1 lit. b EU-DSGVO.

23.             
aaplications for a job

You have the option of applying to us spontaneously or via a corresponding e-mail address for a specific job posting. For this purpose, we collect the following data, with mandatory data marked with an asterisk (*) in the corresponding form:

  •  First name
  • Name
  • E-mail address
  • Application documents (e.g. CV, letter of motivation, references, etc.)

We use these and other data you provide voluntarily to review your application. Application documents of unsuccessful applicants will be deleted at the end of the application process, unless you explicitly agree to a longer retention period or we are not legally obliged to retain them for a longer period.

 

24. 
Data processing to fulfill legal reporting obligations            

Upon arrival at our hotel, we may require the following information from you and your companions (mandatory *):

 

  • First and last name
  • Postal address and canton
  • Date of birth
  • Nationality
  • Official identification card and number
  • Arrival and departure date
  • Email address or telephone number

We collect this information in order to fulfill legal reporting obligations, which arise in particular from the hospitality industry or police law. Insofar as we are obliged to do so under the applicable regulations, we forward this information to the relevant police authority.

 

The processing of this data is based on a legal obligation within the meaning of Art. 6 para. 1 lit. c EU-DSGVO.

 

25.             
Registration of purchased Services

 

If you receive additional services during your stay (e.g. wellness,
restaurant, activities), the service object and the time of receipt
of the service will be recorded by us for billing purposes.
The processing of this data is necessary within the meaning of
Article 6 (1) (b) EU GDPR in order to process the contract with us.

ungszwecken erfasst. Die Bearbeitung dieser Daten ist im Sinne von Art. 6 Abs. 1 lit. b EU-DSGVO zur Abwicklung des Vertrags mit uns erforderlich.

 

26.             
guestfeedback

If you have given us your e-mail address in connection with your
booking, you may receive an electronic form after your departure.
For this we collect the following data, whereby mandatory
information is marked with an asterisk (*) in the corresponding
form:

 

  • first and last name
  • age
  • nationality
  • length of stay

 

The information is voluntary and helps us to continuously improve
our offer and our services and to adapt them to your needs. We
will only use the information made available to us for statistical
purposes, unless otherwise stated in this data protection declaration
or unless you have given your separate consent. We will process
the data by name in order to contact you in the event of
ambiguities. For the aforementioned purposes, the legal basis for the processing
is our legitimate interest within the meaning of Article 6(1)(f) EU
GDPR.

 

27.             
Video surveillance

To prevent misuse and to take action against illegal behavior (in particular theft and damage to property), the entrance area and the publicly accessible areas of our hotel are monitored by cameras. The image data is only viewed if there is a suspicion of illegal behavior. Otherwise, the recorded images will be automatically deleted after 72 hours.

 

For the provision of the video surveillance system, we rely on a 
service provider who may have access to the data if this is
necessary for the provision of the system. If the suspicion of illegal
behavior is confirmed, the data can then be passed on to
consulting companies (in particular our law firm) and authorities to
the extent necessary to enforce claims or to file a complaint.

 

The legal basis is our legitimate interest within the meaning of Art. 6 Para. 1 lit. f EU-DSGVO in the protection of our property and the protection and enforcement of our rights.

 

28.             
Using Wifi

In our hotel you have the opportunity to use the WiFi network operated by Swisscom (Tiefenaustrasse 6, 3050 Bern, Switzerland) free of charge. Prior registration is required to prevent abuse and to take action against illegal behavior. In doing so, you transmit the following data to Swisscom:

  • MAC address of the end device (automatic)

In addition to the above data, data on the hotel visited is recorded with time, date and end device each time the WiFi network is used. The legal basis for this processing is your consent within the meaning of Article 6 (1) (a) EU GDPR. The customer can revoke his registration at any time by notifying us.

 

Swisscom must comply with the legal obligations of the Federal Act
on the Surveillance of Post and Telecommunications Traffic (BÜPF)
and the associated ordinance. If the legal requirements are met,
the operator of the WiFi must monitor the use of the Internet and
data traffic on behalf of the responsible authority. The operator of
the WiFi can also be obliged to disclose the customer's contact,
usage and marginal data to the authorized authorities. The contact,
usage and marginal data will be kept for 6 months and then
deleted.

 

DThe legal basis for this processing is our legitimate interest within the meaning of Article 6 (1) (f) EU GDPR in providing a WiFi network in compliance with the applicable statutory provisions.

 

29.             
payment

If you purchase products or services or pay for your stay in our 
hotel using electronic means of payment, the processing of personal
data is necessary. By using the payment terminals, you transmit
the information stored in your means of payment, such as the
name of the cardholder and the card number, to the payment
service providers involved (e.g. payment solution providers, credit
card issuers and credit card acquirers). They also receive the
information that the means of payment was used in our hotel, the
amount and the time of the transaction. Conversely, we only
receive the credit of the amount of the payment made at the
appropriate time, which we can assign to the relevant document
number, or information that the transaction was not possible or
was canceled. Always observe the information of the respective
company, in particular the data protection declaration and the
general terms and conditions. The legal basis for this transmission
lies in the fulfillment of the contract with you in accordance with
Article 6 (1) (b) EU GDPR.

***

Cookies used