Welcome to STC Switzerland Travel Centre AG and our online presence, in particular https://www.swisshotels.com
We are pleased to have aroused your interest in our products and services. We attach great importance to protecting your privacy and your personal data. For this reason, the collection and use of your data is always carried out in accordance with the provisions of the Genera Data Protection Regulation (EU) 2016/679 (GDPR), the Federal Data Protection Act ("Bundesdatenschutzgesetz" – DSG) and the Telemedia Act "Telemediengesetz" – TMG). As the party responsible for data privacy, we hereby provide you with information as to which data is collected by us and how we process this data.
1. Personal data
Personal data is defined by the GDPR as all information relating to an identified or an identifiable natural person; a natural person is regarded as identifiable if they can be identified directly or indirectly in particular by attribution to a means of identification such as a name, a code, location data, an online identifier or one or more features which reflect the physical, physiological, genetic, mental, economic, cultural or social identity of this natural person. Personal data is only saved insofar as this is necessary in order to render the service you have booked, comply with statutory requirements and serve the purpose specified below.
2. Anonymised files/logfiles
You can visit our website without the need for personal data to be collected. However, every time you visit our website, certain anonymised data is saved, for example which page or which product/service was accessed. This data is not personal and is therefore not subject to the statutory provisions of the GDPR or the BDSG.
The website operator or page provider collects data via visits to the web page and saves these as server logfiles. In this way, a protocol is compiled of the following data:
website visited, time of access, volume of data sent in bytes, source/reference specifying the page from which access was made, browser used, operating system used, IP address used.
The data collected is used solely for the purpose of statistical analysis and to improve the website. However, the website operator reserves the right to examine the logfiles subsequently if there is any concrete indication of unlawful use.
Anonymous data is collected solely for the purpose of statistical analysis in order to improve our services. In this regard, please note the section "Right to information/right of cancellation".
3. Purpose of collecting personal data
However, collection of personal data is essential when you use our website to book a trip or other service, get in contact with us, subscribe to our newsletter or use other facilities offered by our website where personal data is required for handling purposes. This also includes buying vouchers and entering competitions, for example.
In compliance with statutory regulations and in the interests of data economy, this generally only involves collecting the data required for providing the service in question. If we ask you to provide additional information in our forms, this is always voluntary and is designated accordingly.
Temporary saving of the IP address by the system is necessary in order to allow the website to be delivered to the user's computer. For this purpose, the user's IP address has to be saved for the duration of the session. Saving of this information in logfiles also serves the purpose of ensuring the proper functioning of the website. In addition, this data helps us optimise the website and ensure our IT systems are secure. In this connection, there is no analysis of the data for marketing purposes. These purposes also constitute our legitimate interest in data processing according to Article 6 Paragraph 1 Letter f GDPR.
If a trip or other service is booked, the data collected in order to handle this booking is used according to statutory requirements for promotional purposes and for statistical purposes.
The legal basis for sending out the newsletter as a result of selling goods or services is Section 7 Paragraph 3 Unfair Commercial Practices Act ("Gesetz gegen den unlauteren Wettbewerb" – UWG).
If you subscribe to our newsletter, we then use the data you submitted concerning your person and your trip to be able to provide optimum support for you as a newsletter subscriber based on Article 6 Paragraph 1 Letter f GDPR.
If the user has given their consent after registering for the newsletter, the legal basis for processing the data is Article 6 Paragraph 1 Letter a) GDPR.
Otherwise we use the personal data saved by us to maintain customer relations, to provide customer support (e.g. information on how your trip was handled), to implement our own advertising and marketing measures (e.g. send out catalogues and other advertising mails within the legal limits, to assess customer satisfaction and to process orders.
4. Legal basis for the processing of personal data
Insofar as we obtain the consent of the data subject to undertake processing of personal data, Article 6 Paragraph 1 Letter a EU General Data Protection Regulation (GDPR) serves as the legal basis.
When processing personal data is required in order to meet contractual obligations where the data subject is the contractual party, Article 6 Paragraph 1 Letter b GDPR serves as the legal basis. This also applies to processing measures required to implement pre-contractual measures.
Insofar as the processing of personal data is required in order to meet a statutory requirement to which our company is subject, Article 6 Paragraph 1 Letter c GDPR serves as the legal basis.
If it is the case that the vital interests of the data subject or another natural person make the processing of personal data necessary, Article 6 Paragraph 1 Letter d GDPR serves as the legal basis.
If processing is required in order to safeguard a legitimate interest of our company or of a third party and if the interests, fundamental rights and basic freedoms of the data subject do not override the first-mentioned interest, Article 6 Paragraph 1 Letter f GDPR serves as the legal basis for processing.
5. Disclosure of personal data to third parties
Your personal data is only made available within the limits of the relevant statutory provisions, in particular those of data privacy and competition law.
Insofar as is necessary for the service we are contractually required to provide or due to statutory requirements, your data is also made available to subcontractors or service providers so as to enable them to render the service on our behalf or under our authority (e.g. technical handling of post and e-mails, payment handling, customer service).
In addition, the data is made available to persons or companies to handle your booking, in particular transport companies, travel operators, hotels, travel agencies, car rental companies, cruise lines, authorities etc. Please note in this connection that the data privacy provisions in force in the countries in which these persons and companies are located may differ from those that apply in Germany.
What is more, we disclose and transfer your data to third parties insofar as we are obliged to do so by law or based on a final court ruling.
You have the right to receive the personal data relating to you in a structured, commonly used and machine-readable format. You also have the right to have this data sent to another responsible party without hindrance by the controller to whom the personal data was provided.
6. Saving and deletion of data
Your personal data is saved in the context of the purposes stated in the section "Purpose of collecting personal data". The personal data of the data subject is deleted or blocked as soon as the purpose of saving no longer applies. Data can also be saved if this is required by European or national legislation as stipulated by EU directives or other provisions to which the controller is subject. The legislative authorities impose a diverse range of safekeeping obligations and periods. Data is also blocked or deleted when a safekeeping period required by the above-mentioned legal provisions expires, unless it is necessary to continue to save the data in order to conclude a contract or meet contractual obligations.
We apply cookies (small computer files containing text information which the web server sends to your internet browser) so as to improve your experience when visiting our website. If you allow us to apply a cookie, for example, certain messages only appear once. Our cookies also have an expiry date. If have not blocked the saving of cookies and you delete your cookies manually prior to expiry, you will receive a new one the next time your visit the website.
The technical specifications are such that cookies can only be read by the server that sent them. We assure you that no personal data is saved in the cookies.
If you do not accept cookies, use of our website is unfortunately subject to limitations. We therefore recommend activating cookies permanently for our website. Most internet browsers are set in such a way that they automatically accept cookies. However, you can deactivate the saving of cookies and set your internet browser in such a way that it notifies you whenever a cookie is sent.
The legal basis for the processing of personal data using cookies is Article 6 Paragraph 1 Letter f GDPR.
The legal basis for the processing of personal data using cookies for the purpose of analysis, providing the user's consent has been given, is Article 6 Paragraph 1 Letter a) GDPR.
8. Use of Google Analytics
9. Security, questions and ideas, controller
Not least, security also depends on your system. You should always treat your access details confidentially, never have your web internet browser save passwords and always close the browser when you have finished visiting our website. This makes it more difficult for third parties to gain access to your personal data.
Use an operating system that enables you to manage user rights. Set up several users on your system for your family, too, and never use the internet under administrator rights. Make use of security software such as virus scanners and firewalls and keep your system up-to-date on an ongoing basis.
The controller for this online presence as defined by the General Data Protection Regulation and other national data protection laws of the member states as well as other data privacy provisions is:
STC Switzerland Travel Centre AG
Tel. +41 43 210 5500
10. Right to information / right of cancellation; further rights of the data subject
You have the right: