Pri­va­cy policy

With this Pri­va­cy pol­i­cy we inform you which per­son­al data we col­lect in con­nec­tion with our Activ­i­ties and oper­a­tions includ­ing our­site process. In par­tic­u­lar, we inform about what for, how and where we process which per­son­al data. We also inform about the rights of per­sons whose data we process.

Indi­vid­ual or addi­tion­al activ­i­ties and oper­a­tions may be sub­ject to addi­tion­al pri­va­cy state­ments as well as oth­er legal doc­u­ments such as Gen­er­al Terms and Con­di­tions (GTC), Terms of Use or Con­di­tions of Participation.

We are sub­ject to Swiss data pro­tec­tion law as well as any applic­a­ble for­eign data pro­tec­tion law such as, in par­tic­u­lar, that of the Euro­pean Union (EU) with the Gen­er­al Data Pro­tec­tion Reg­u­la­tion (GDPR). The Euro­pean Com­mis­sion rec­og­nizesthat Swiss data pro­tec­tion law ensures ade­quate data protection.

1. con­tact addresses

Respon­si­bil­i­ty for the pro­cess­ing of per­son­al data:

The Gate Hotel AG
Riethof­s­trasse 15
8152 Glattbrugg

We point out if there are oth­er per­sons respon­si­ble for the pro­cess­ing of per­son­al data in indi­vid­ual cases.

Data pro­tec­tion rep­re­sen­ta­tion in the Euro­pean Eco­nom­ic Area (EEA)

We have the fol­low­ing data pro­tec­tion rep­re­sen­ta­tion in accor­dance with Art. 27 GDPR:

VGS Data Pro­tec­tion Part­ner GmbH
Am Kaiserkai 69
20457 Hamburg

The data pro­tec­tion rep­re­sen­ta­tion serves data sub­jects and author­i­ties in the Euro­pean Union (EU) and the rest of the Euro­pean Eco­nom­ic Area (EEA) as a addi­tion­al Con­tact point for inquiries relat­ed to the GDPR.

2. terms and legal bases

2.1 Terms

Per­son­al data are all Infor­ma­tion that relates to an iden­ti­fied or iden­ti­fi­able nat­ur­al per­son. A Per­son con­cerned is a per­son about whom we process per­son­al data.

Edit includes every Han­dling of per­son­al data, inde­pen­dent of the means and pro­ce­dures used, for exam­ple, the retrieval, match­ing, adap­ta­tion, archiv­ing, stor­age, read­ing, dis­clo­sure, pro­cure­ment, record­ing, col­lec­tion, dele­tion, dis­clo­sure, order­ing, orga­ni­za­tion, stor­age, mod­i­fi­ca­tion, dis­sem­i­na­tion, link­ing, destruc­tion and use of per­son­al data.

The Euro­pean Eco­nom­ic Area (EEA) includes the Mem­ber States of the Euro­pean Union (EU) and the Prin­ci­pal­i­ty of Liecht­en­stein, Ice­land and Nor­way. The Gen­er­al Data Pro­tec­tion Reg­u­la­tion (GDPR) refers to the pro­cess­ing of per­son­al data as pro­cess­ing of per­son­al data.

2.2 Legal basis

We process per­son­al data in accor­dance with Swiss data pro­tec­tion law such as, in par­tic­u­lar, the Fed­er­al law on data pro­tec­tion (Data Pro­tec­tion Act, DSG) and the Reg­u­la­tion on data pro­tec­tion (Data Pro­tec­tion Reg­u­la­tion, DSV).

We process — if and to the extent that the Gen­er­al Data Pro­tec­tion Reg­u­la­tion (GDPR) is applic­a­ble — per­son­al data in accor­dance with at least one of the fol­low­ing legal bases:

  • Art. 6 para. 1 lit. b DSG­VO for the nec­es­sary pro­cess­ing of per­son­al data for the ful­fill­ment of a con­tract with the data sub­ject as well as for the imple­men­ta­tion of pre-con­trac­tu­al measures.
  • Art. 6 para. 1 lit. f DSG­VO for the nec­es­sary pro­cess­ing of per­son­al data to pro­tect the legit­i­mate inter­ests of us or of third par­ties, unless the fun­da­men­tal free­doms and rights and inter­ests of the data sub­ject pre­vail. Legit­i­mate inter­ests are, in par­tic­u­lar, our inter­est in being able to car­ry out our activ­i­ties and oper­a­tions per­ma­nent­ly, in a user-friend­ly, secure and reli­able man­ner, as well as to com­mu­ni­cate about them, to ensure infor­ma­tion secu­ri­ty, to pro­tect against mis­use, to enforce our own legal claims and to com­ply with Swiss law.
  • Art. 6 para. 1 lit. c DSG­VO for the nec­es­sary pro­cess­ing of per­son­al data to com­ply with a legal oblig­a­tion to which we are sub­ject under any applic­a­ble law of Mem­ber States in the Euro­pean Eco­nom­ic Area (EEA).
  • Art. 6 para. 1 lit. e DSG­VO for the nec­es­sary pro­cess­ing of per­son­al data for the per­for­mance of a task that is in the pub­lic interest.
  • Art. 6 para. 1 lit. a DSG­VO for the pro­cess­ing of per­son­al data with the con­sent of the data subject.
  • Art. 6 para. 1 lit. d DSG­VO for the nec­es­sary pro­cess­ing of per­son­al data to pro­tect vital inter­ests of the data sub­ject or anoth­er nat­ur­al person.

3. nature, scope and purpose

We process those per­son­al data that required in order to be able to car­ry out our activ­i­ties and oper­a­tions in a per­ma­nent, user-friend­ly, secure and reli­able man­ner. Such per­son­al data may fall in par­tic­u­lar into the cat­e­gories of inven­to­ry and con­tact data, brows­er and device data, con­tent data, meta or mar­gin­al data and usage data, loca­tion data, sales data and con­tract and pay­ment data.

We process per­son­al data dur­ing those Dura­tionwhich is required for the respec­tive purpose(s) or by law. Per­son­al data whose pro­cess­ing is no longer nec­es­sary will be anonymized or deleted.

We may use per­son­al data by third par­ties have processed. We may process per­son­al data joint­ly with third par­ties or trans­fer it to third par­ties. Such third par­ties are, in par­tic­u­lar, spe­cial­ized providers whose ser­vices we use. We also guar­an­tee data pro­tec­tion for such third parties.

We process per­son­al data basi­cal­ly only with the con­sent of the data sub­jects. If and to the extent that the pro­cess­ing is per­mit­ted for oth­er legal rea­sons, we may waive the require­ment to obtain con­sent. For exam­ple, we may process per­son­al data with­out con­sent in order to ful­fill a con­tract, to com­ply with legal oblig­a­tions or to pro­tect over­rid­ing interests.

In this con­text, we process in par­tic­u­lar infor­ma­tion that a data sub­ject pro­vides when con­tact­ing us — for exam­ple, by mail, e‑mail, instant mes­sag­ing, con­tact form, social media or tele­phone — or when reg­is­ter­ing for a user account. vol­un­tary trans­mit­ted to us. We may store such infor­ma­tion, for exam­ple, in an address book, in a cus­tomer rela­tion­ship man­age­ment sys­tem (CRM sys­tem) or with com­pa­ra­ble tools. If we receive data trans­mit­ted to us about oth­er per­sons, the trans­mit­ting per­sons are oblig­at­ed to ensure data pro­tec­tion with respect to these per­sons as well as to ensure the accu­ra­cy of this per­son­al data.

We also process per­son­al data that we receive from third par­ties, obtain from pub­licly avail­able sources or col­lect in the course of our activ­i­ties and oper­a­tions, if and to the extent that such pro­cess­ing is per­mit­ted for legal reasons.

4. per­son­al data abroad

We process per­son­al data basi­cal­ly in Switzer­land and the Euro­pean Eco­nom­ic Area (EEA). How­ev­er, we may also export or trans­fer per­son­al data to oth­er coun­tries, in par­tic­u­lar to process it or have it processed there.

We can trans­fer per­son­al data to all States and ter­ri­to­ries on earth and else­where in the Uni­verse export, pro­vid­ed that the local law accord­ing to Deci­sion of the Swiss Fed­er­al Coun­cil ade­quate data pro­tec­tion and — if and to the extent that the Gen­er­al Data Pro­tec­tion Reg­u­la­tion (GDPR) is applic­a­ble — in accor­dance with Deci­sion of the Euro­pean Com­mis­sion ensures ade­quate data protection.

We may trans­fer per­son­al data to coun­tries whose laws do not ensure ade­quate data pro­tec­tion, pro­vid­ed that data pro­tec­tion is ensured for oth­er rea­sons, in par­tic­u­lar on the basis of stan­dard data pro­tec­tion claus­es or with oth­er appro­pri­ate safe­guards. By way of excep­tion, we may export per­son­al data to coun­tries with­out ade­quate or appro­pri­ate data pro­tec­tion if the spe­cif­ic require­ments under data pro­tec­tion law are met, for exam­ple the express con­sent of the data sub­jects or a direct con­nec­tion with the con­clu­sion or per­for­mance of a con­tract. We will be hap­py to pro­vide data sub­jects with infor­ma­tion about any guar­an­tees or a copy of any guar­an­tees upon request.

5. rights of data subjects

5.1 Data pro­tec­tion law claims

We grant data sub­jects all rights in accor­dance with applic­a­ble data pro­tec­tion law. In par­tic­u­lar, data sub­jects have the fol­low­ing rights:

  • Infor­ma­tion: Data sub­jects can request infor­ma­tion as to whether we process per­son­al data about them and, if so, what per­son­al data is involved. Data sub­jects also receive the infor­ma­tion required to assert their data pro­tec­tion rights and to ensure trans­paren­cy. This includes the per­son­al data processed as such, but also, among oth­er things, infor­ma­tion about the pur­pose of pro­cess­ing, the dura­tion of stor­age, any dis­clo­sure or export of data to oth­er coun­tries and the ori­gin of the per­son­al data.
  • Cor­rec­tion and lim­i­ta­tion: Data sub­jects can have incor­rect per­son­al data cor­rect­ed, incom­plete data com­plet­ed and the pro­cess­ing of their data restricted.
  • Dele­tion and objec­tion: Data sub­jects can have per­son­al data delet­ed (“right to be for­got­ten”) and object to the pro­cess­ing of their data with effect for the future.
  • Data out­put and data trans­mis­sion: Data sub­jects may request the sur­ren­der of per­son­al data or the trans­fer of their data to anoth­er data controller.

We may sus­pend, restrict or refuse the exer­cise of the rights of data sub­jects to the extent per­mit­ted by law. We may inform data sub­jects of any require­ments they must meet in order to exer­cise their rights under data pro­tec­tion law. For exam­ple, we may refuse to pro­vide infor­ma­tion in whole or in part with ref­er­ence to busi­ness secrets or the pro­tec­tion of oth­er per­sons. We may also, for exam­ple, refuse to delete per­son­al data in whole or in part with ref­er­ence to statu­to­ry reten­tion obligations.

We can be respon­si­ble for exer­cis­ing the rights excep­tion­al­ly pro­vide for costs. We will inform affect­ed per­sons in advance of any costs.

We are oblig­ed to take appro­pri­ate mea­sures to iden­ti­fy data sub­jects who request infor­ma­tion or assert oth­er rights. Data sub­jects are oblig­ed to cooperate.

5.2 Right to complain

Data sub­jects have the right to enforce their data pro­tec­tion claims through legal chan­nels or to lodge a com­plaint with a com­pe­tent data pro­tec­tion super­vi­so­ry authority.

The data pro­tec­tion super­vi­so­ry author­i­ty for pri­vate con­trollers and fed­er­al bod­ies in Switzer­land is the Fed­er­al Data Pro­tec­tion and Infor­ma­tion Com­mis­sion­er (FDPIC).

Data sub­jects have — if and to the extent that the Gen­er­al Data Pro­tec­tion Reg­u­la­tion (GDPR) is applic­a­ble — the right to lodge a com­plaint with a com­pe­tent Euro­pean data pro­tec­tion super­vi­so­ry author­i­ty to raise.

6. data security

We take suit­able tech­ni­cal and orga­ni­za­tion­al mea­sures to ensure data secu­ri­ty appro­pri­ate to the respec­tive risk. How­ev­er, we can­not guar­an­tee absolute data security.

Access to our web­site is via trans­port encryp­tion (SSL / TLS, in par­tic­u­lar with the Hyper­text Trans­fer Pro­to­col Secure, abbre­vi­at­ed HTTPS). Most browsers mark trans­port encryp­tion with a pad­lock in the address bar.

Our dig­i­tal com­mu­ni­ca­tion is sub­ject — like basi­cal­ly any dig­i­tal com­mu­ni­ca­tion — to mass sur­veil­lance with­out cause or sus­pi­cion and oth­er mon­i­tor­ing by secu­ri­ty author­i­ties in Switzer­land, the rest of Europe, the Unit­ed States of Amer­i­ca (USA) and oth­er coun­tries. We can­not direct­ly influ­ence the cor­re­spond­ing pro­cess­ing of per­son­al data by secret ser­vices, police agen­cies and oth­er secu­ri­ty authorities.

7. use of the website

7.1 Cook­ies

We may use cook­ies. Cook­ies — our own cook­ies (first-par­ty cook­ies) as well as cook­ies from third par­ties whose ser­vices we use (third-par­ty cook­ies) — are data that are stored in the brows­er. Such stored data need not be lim­it­ed to tra­di­tion­al cook­ies in text form.

Cook­ies can be stored in the brows­er tem­porar­i­ly as “ses­sion cook­ies” or for a cer­tain peri­od of time as so-called per­ma­nent cook­ies. “Ses­sion cook­ies” are auto­mat­i­cal­ly delet­ed when the brows­er is closed. Per­ma­nent cook­ies have a spe­cif­ic stor­age peri­od. In par­tic­u­lar, cook­ies enable us to rec­og­nize a brows­er the next time it vis­its our web­site and thus, for exam­ple, to mea­sure the reach of our web­site. How­ev­er, per­ma­nent cook­ies can also be used for online mar­ket­ing, for example.

Cook­ies can be com­plete­ly or par­tial­ly deac­ti­vat­ed and delet­ed in the brows­er set­tings at any time. With­out cook­ies, our web­site may no longer be ful­ly avail­able. We active­ly request — at least if and to the extent nec­es­sary — the express con­sent to the use of cookies.

7.2 Serv­er log files

We may col­lect the fol­low­ing infor­ma­tion for each access to our web­site, pro­vid­ed that this infor­ma­tion is trans­mit­ted by your brows­er to our serv­er infra­struc­ture or can be deter­mined by our web serv­er: Date and time includ­ing time zone, IP addressThe fol­low­ing data is stored on our web­site: access sta­tus (HTTP sta­tus code), oper­at­ing sys­tem includ­ing user inter­face and ver­sion, brows­er includ­ing lan­guage and ver­sion, indi­vid­ual sub-pages called up on our web­site includ­ing the amount of data trans­ferred, the last web­site called up in the same brows­er win­dow (refer­rer).

We store such infor­ma­tion, which may also con­sti­tute per­son­al data, in serv­er log files. The infor­ma­tion is nec­es­sary to pro­vide our web­site per­ma­nent­ly, user-friend­ly and reli­ably, as well as to ensure data secu­ri­ty and thus in par­tic­u­lar the pro­tec­tion of per­son­al data — also by third par­ties or with the help of third parties.

7.3 Track­ing pixel

We may use track­ing pix­els on our web­site. Track­ing pix­els are also known as web bea­cons. Track­ing pix­els — also from third par­ties whose ser­vices we use — are small, usu­al­ly invis­i­ble images that are auto­mat­i­cal­ly retrieved when you vis­it our web­site. With pix­el coun­ters, the same infor­ma­tion can be col­lect­ed as in serv­er log files.

8. noti­fi­ca­tions and messages

We send noti­fi­ca­tions and com­mu­ni­ca­tions via email and oth­er com­mu­ni­ca­tion chan­nels, such as instant mes­sag­ing or SMS.

8.1 Suc­cess and reach measurement

Noti­fi­ca­tions and mes­sages may con­tain web links or track­ing pix­els that record whether an indi­vid­ual mes­sage was opened and which web links were clicked. Such web links and track­ing pix­els may also track usage of noti­fi­ca­tions and com­mu­ni­ca­tions on a per­son­al basis. We need this sta­tis­ti­cal record­ing of usage for per­for­mance and reach mea­sure­ment in order to be able to send noti­fi­ca­tions and mes­sages based on the needs and read­ing habits of the recip­i­ents in an effec­tive and user-friend­ly man­ner as well as per­ma­nent­ly, secure­ly and reliably.

8.2 Con­sent and objection

You must basi­cal­ly express­ly con­sent to the use of your e‑mail address and oth­er con­tact address­es, unless such use is per­mit­ted for oth­er legal rea­sons. For any con­sent, we use the “dou­ble opt-in” pro­ce­dure where pos­si­ble, i.e. you will receive an e‑mail with a web link that you must click to con­firm, so that no mis­use by unau­tho­rized third par­ties can take place. We may use such con­sents includ­ing IP address as well as date and time for evi­dence and secu­ri­ty reasons.

You can basi­cal­ly object to receiv­ing noti­fi­ca­tions and com­mu­ni­ca­tions such as newslet­ters at any time. With such an objec­tion, you can simul­ta­ne­ous­ly object to the sta­tis­ti­cal record­ing of usage for per­for­mance and reach mea­sure­ment. Required noti­fi­ca­tions and com­mu­ni­ca­tions in con­nec­tion with our activ­i­ties and oper­a­tions remain reserved.

9. social media

We are present on social media plat­forms and oth­er online plat­forms in order to com­mu­ni­cate with inter­est­ed per­sons and to pro­vide infor­ma­tion about our activ­i­ties and oper­a­tions. In con­nec­tion with such plat­forms, per­son­al data may also be processed out­side of Switzer­land and the Euro­pean Eco­nom­ic Area (EEA).

The Gen­er­al Terms and Con­di­tions (GTC) and Terms of Use as well as data pro­tec­tion dec­la­ra­tions and oth­er pro­vi­sions of the indi­vid­ual oper­a­tors of such plat­forms also apply in each case. These pro­vi­sions inform in par­tic­u­lar about the rights of data sub­jects direct­ly vis-à-vis the respec­tive plat­form, which includes, for exam­ple, the right to information.

For our Social media pres­ence on Face­book includ­ing the so-called site insights, we are — if and inso­far as the Gen­er­al Data Pro­tec­tion Reg­u­la­tion (GDPR) is applic­a­ble — joint­ly respon­si­ble with Meta Plat­forms Ire­land Lim­it­ed (Ire­land). Meta Plat­forms Ire­land Lim­it­ed is part of the Meta-com­pa­ny (includ­ing in the USA). Page insights pro­vide infor­ma­tion about how vis­i­tors inter­act with our Face­book pres­ence. We use Page Insights to pro­vide our social media pres­ence on Face­book in an effec­tive and user-friend­ly manner.

Fur­ther infor­ma­tion on the nature, scope and pur­pose of data pro­cess­ing, infor­ma­tion on the rights of data sub­jects and the con­tact details of Face­book as well as Facebook’s data pro­tec­tion offi­cer can be found in the Face­book pri­va­cy pol­i­cy. With Face­book, we have the so-called “Addi­tion for respon­si­ble per­sons” and thus agreed in par­tic­u­lar that Face­book is respon­si­ble for ensur­ing the rights of data sub­jects. For the so-called page insights, the cor­re­spond­ing infor­ma­tion can be found on the page “Page Insights Infor­ma­tion” includ­ing “Page Insights Data Infor­ma­tion”.

10. ser­vices from third parties

We use ser­vices of spe­cial­ized third par­ties to per­form our activ­i­ties and oper­a­tions in a durable, user-friend­ly, secure and reli­able man­ner. With such ser­vices, we can, among oth­er things, embed func­tions and con­tent in our web­site. In the case of such an embed­ding, the ser­vices used at least tem­porar­i­ly record for tech­ni­cal­ly com­pelling rea­sons the IP address­es of the users.

For nec­es­sary secu­ri­ty-relat­ed, sta­tis­ti­cal and tech­ni­cal pur­pos­es, third par­ties whose ser­vices we use may process data in con­nec­tion with our activ­i­ties and oper­a­tions in aggre­gat­ed, anonymized or pseu­do­nymized form. This is, for exam­ple, per­for­mance or usage data in order to be able to offer the respec­tive service.

10.1 Dig­i­tal infrastructure

We use ser­vices from spe­cial­ized third par­ties to make use of required dig­i­tal infra­struc­ture in con­nec­tion with our activ­i­ties and oper­a­tions. These include, for exam­ple, host­ing and stor­age ser­vices from select­ed providers.

We use in particular:

10.2 Con­tact options

We use ser­vices from select­ed providers to bet­ter com­mu­ni­cate with third par­ties, such as poten­tial and exist­ing customers.

10.3 Pay­ments

We use spe­cial­ized ser­vice providers to process our cus­tomers’ pay­ments secure­ly and reli­ably. The legal texts of the indi­vid­ual ser­vice providers, such as the Gen­er­al Terms and Con­di­tions (GTC) or data pro­tec­tion dec­la­ra­tions, also apply to the pro­cess­ing of payments.

We use in particular:

11. exten­sions for the website

We use exten­sions for our web­site in order to be able to use addi­tion­al functions.

We use in particular:

12. video surveillance

We use video sur­veil­lance for the pre­ven­tion of crim­i­nal acts and for the preser­va­tion of evi­dence in the event of crim­i­nal acts, as well as for the exer­cise of our domi­cil­iary rights. These are — if and to the extent that the Gen­er­al Data Pro­tec­tion Reg­u­la­tion (GDPR) is applic­a­ble — over­rid­ing legit­i­mate inter­ests pur­suant to Art. 6 para. 1 lit. f DSG­VO.

We store record­ings from our video sur­veil­lance for as long as they are need­ed to pre­serve evidence.

We may secure record­ings on the basis of legal oblig­a­tions, to enforce our own legal claims and in the event of sus­pect­ed crim­i­nal acts, as well as trans­mit them to com­pe­tent bod­ies such as, in par­tic­u­lar, judi­cial or law enforce­ment authorities.

13. final provisions

We can adapt and sup­ple­ment this data pro­tec­tion dec­la­ra­tion at any time. We will inform about such adjust­ments and addi­tions in an appro­pri­ate form, in par­tic­u­lar by pub­lish­ing the respec­tive cur­rent pri­va­cy pol­i­cy on our website.

Scroll to Top