Data protection declaration

Back to the homepage

A. Cross-channel information

1. Responsible party and content of this privacy policy
   
   We, Garden Park Zug AG, Industriestrasse 14 in 6302 Zug, Switzerland, are the operator of the hotels:
   - Park Hotel Zug
   - City Garden Hotel
   - Residence Zug
   
   the restaurants:
   - aigu Restaurant
   - Secret Garden Restaurant
   
   and the apartments:
   - City Apartments
   
   and the websites:
   - www.gardenpark.ch
   - www.parkhotel.ch
   - www.citygarden.ch
   - www.restaurant-aigu.ch
   - www.restaurant-secretgarden.ch
   - www.cityapartment.ch
   - www.residence-zug.ch
   - www.truthahntaxi.ch
   
   and, unless otherwise stated, are responsible for the data processing specified in this privacy policy.
   
   Please take note of the following information so that you know what personal data we collect from you and for what purposes we use it. In terms of data protection, we are primarily guided by the legal requirements of Swiss data protection law, in particular the Federal Act on Data Protection (FADP), as well as the EU GDPR, the provisions of which may be applicable in individual cases.
   
   Please note that the following information is reviewed and amended from time to time. We therefore recommend that you consult this privacy policy regularly. Furthermore, other companies are responsible or jointly responsible with us under data protection law for individual data processing operations listed below, so that in these cases the information provided by these providers is also authoritative.
2. Contact person for data protection
   
   If you have any questions about data protection or wish to exercise your rights, please contact our contact person for data protection by sending an e-mail to the following address:
   welcomegardenpark.ch
   
   You can reach our EU data protection representative at:
   Garden Park Zug AG
   Industriestrasse 14
   CH-6203 Zug
   welcomegardenpark.ch
3. Your rights
   
   If the legal requirements are met, you have the following rights as a data subject affected by data processing:
   
   Right to information: You have the right to request access to your personal data stored by us at any time free of charge if we process it. This gives you the opportunity to check what personal data we process about you and that we use it in accordance with the applicable data protection regulations.
   
   Right to rectification: You have the right to have incorrect or incomplete personal data rectified and to be informed of the rectification. In this case, we will inform the recipients of the data concerned of the adjustments made, unless this is impossible or involves disproportionate effort.
   
   Right to erasure: You have the right to have your personal data erased under certain circumstances. The right to erasure may be excluded in individual cases, in particular in the case of statutory retention obligations. In this case, the data may be blocked instead of erased if the conditions are met.
   
   Right to restriction of processing: You have the right to request that the processing of your personal data be restricted.
   
   Right to data portability: You have the right to receive the personal data that you have provided to us in a readable format free of charge.
   
   Right to object: You can object to data processing at any time, in particular for data processing in connection with direct advertising (e.g. advertising emails).
   
   Right to withdraw consent: In principle, you have the right to withdraw your consent at any time. However, processing activities based on your consent in the past will not become unlawful as a result of your withdrawal.
   
   To exercise these rights, please send us an e-mail to the following address:
   welcomegardenpark.ch
   
   Right to lodge a complaint: You have the right to lodge a complaint with a competent supervisory authority, e.g. against the way in which your personal data is processed.
4. Data security
   
   We use suitable technical and organizational security measures to protect your personal data stored by us against loss and unlawful processing, in particular unauthorized access by third parties. Our employees and the service companies commissioned by us are obliged by us to maintain confidentiality and to observe data protection. Furthermore, these persons are only granted access to personal data to the extent necessary to fulfill their duties.
   
   Our security measures are continuously adapted in line with technological developments. However, the transmission of information via the Internet and electronic means of communication always involves certain security risks and we cannot provide an absolute guarantee for the security of information transmitted in this way.
5. Contacting us
   
   If you contact us via our contact addresses and channels (e.g. by e-mail, telephone or contact form), your personal data will be processed. The data that you have provided to us will be processed, e.g. the name of your company, your name, your function, your e-mail address or telephone number and your request. In addition, the time of receipt of the request is documented. Mandatory information is marked with an asterisk (*) in contact forms.
   
   We use a software application from RTP GmbH, Josefstrasse 92, 8005 Zurich, Switzerland, to process contact requests via the contact form. Your data may therefore be stored in an RTP GmbH database, which may allow RTP GmbH to access your data if this is necessary for the provision of the software and for support in the use of the software. Information on the processing of data by third parties and any transfer abroad can be found in section 9 of this privacy policy.
   
   We process this data exclusively in order to implement your request (e.g. providing information about our hotel, support with contract processing such as questions about your booking, incorporating your feedback into the improvement of our service, etc.). The legal basis for this data processing is our legitimate interest within the meaning of Art. 6 para. 1 lit. f EU GDPR in the implementation of your request or, if your request is aimed at the conclusion or execution of a contract, the necessity for the implementation of the necessary measures within the meaning of Art. 6 para. 1 lit. b EU GDPR.
6. Use of your data for marketing purposes
   1. Central data storage and analysis in the CRM system
      
      If a clear assignment to your person is possible, we will store and link the data described in this privacy policy, i.e. in particular your personal data, your contacts, your contract data and your surfing behavior on our websites in a central database. This serves the efficient management of customer data and allows us to respond to your concerns appropriately, and enables the efficient provision of the services you have requested and the processing of the associated contracts. The legal basis for this data processing is our legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR in the efficient management of user data.
      
      We evaluate this data in order to further develop our offers in line with your needs and to display and suggest the most relevant information and offers to you. We also use methods that predict potential, interests and future orders based on your website usage. The legal basis for this data processing is our legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR in the implementation of marketing measures.
   2. Email marketing and newsletter
      
      If you register for our email newsletter (e.g. when opening or within your customer account), the following data will be collected. Mandatory information is marked with an asterisk (*) in the registration form:
      - e-mail address
      - title
      - first name and surname
      
      To prevent misuse and to ensure that the owner of an e-mail address has actually given their consent, we use the so-called double opt-in for registration. After sending the registration, you will receive an e-mail from us containing a confirmation link. To definitely register for the newsletter, you must click on this link. If you do not click on the confirmation link within the specified period, your data will be deleted and our newsletter will not be sent to this address.
      
      By registering, you consent to the processing of this data in order to receive news from us about our hotel and related information on products and services. This may also include invitations to take part in competitions or to rate one of the aforementioned products and services. The collection of the salutation and name allows us to verify the assignment of the registration to a possibly already existing customer account and to personalize the content of the mails. The link to a customer account helps us to make the offers and content contained in the newsletter more relevant to you and to better tailor them to your potential needs.
      
      We use your data for sending emails until you withdraw your consent. Withdrawal is possible at any time, in particular via the unsubscribe link in all our marketing emails.
      
      Our marketing emails may contain a so-called web beacon or 1x1 pixel (tracking pixel) or similar technical aids. A web beacon is an invisible graphic that is linked to the user ID of the respective newsletter subscriber. For each marketing email sent, we receive information about which addresses have not yet received the email, to which addresses it was sent and which addresses failed to receive it. We also see which addresses have opened the email, for how long and which links they have clicked on. Finally, we also receive information about which addresses have unsubscribed. We use this data for statistical purposes and to optimize the advertising emails in terms of frequency, timing, structure and content of the emails. This enables us to better tailor the information and offers in our emails to the individual interests of the recipients.
      
      The web beacon is deleted when you delete the email. To prevent the use of the web beacon in our marketing emails, please set the parameters of your email program so that HTML is not displayed in messages, if this is not already the case by default. You can find information on how to configure this setting in the help sections of your email software, e.g. here for Microsoft Outlook.
      
      By subscribing to the newsletter, you also consent to the statistical analysis of user behaviour for the purpose of optimizing and adapting the newsletter. This consent constitutes our legal basis for the processing of data within the meaning of Art. 6 para. 1 lit. a EU GDPR.
      
      We use the email marketing software Creatsend.com from Campaign Monitor Marigold for marketing emails. Therefore, your data is stored in a Campaign Monitor database, which allows Campaign Monitor to access your data if this is necessary for the provision of the software and for support in the use of the software. The legal basis for this processing is our legitimate interest within the meaning of Article 6(1)(f) GDPR in the use of third-party services.
7. Disclosure to third parties and third-party access
   
   Without the support of other companies, we would not be able to provide our services in the desired form. In order for us to be able to use the services of these companies, it is also necessary to pass on your personal data to a certain extent. Such disclosure takes place in particular if this is necessary to fulfill the contract you have requested, e.g. to restaurants or other third-party providers for which you have made a reservation. The legal basis for these transfers is the necessity for the performance of the contract within the meaning of Art. 6 para. 1 lit. b EU GDPR.
   
   Data is also transferred to selected service providers and only to the extent necessary for the provision of the service. Various third-party service providers are also already explicitly mentioned in this privacy policy, e.g. in the sections on marketing. These are, for example, IT service providers (such as providers of software solutions), advertising agencies and consulting firms. The legal basis for this data transfer is our legitimate interest within the meaning of Art. 6 para. 1 lit. f EU GDPR in obtaining third-party services.
   
   In addition, your data may be transferred, in particular to authorities, legal advisors or debt collection agencies, if we are legally obliged to do so or if this is necessary to protect our rights, in particular to enforce claims arising from the relationship with you. Data may also be disclosed if another company intends to acquire our company or parts thereof and such disclosure is necessary to carry out a due diligence review or to complete the transaction. The legal basis for this data transfer is our legitimate interest within the meaning of Art. 6 para. 1 lit. f EU GDPR in the protection of our rights and compliance with our obligations or the sale of our company.
8. Transfer of personal data abroad
   
   We are also entitled to transfer your personal data to third parties abroad if this is necessary to carry out the data processing mentioned in this privacy policy (see in particular sections 14-17). It goes without saying that the statutory provisions on the disclosure of personal data to third parties will be complied with. If the country in question does not have an adequate level of data protection, we ensure through contractual arrangements that your data is adequately protected by these companies.
9. Retention periods
   
   We only store personal data for as long as is necessary to carry out the processing described in this privacy policy within the scope of our legitimate interest. In the case of contract data, storage is prescribed by statutory retention obligations. Requirements that oblige us to store data result from accounting and tax regulations. According to these regulations, business communication, concluded contracts and accounting documents must be stored for up to 10 years. If we no longer need this data to perform the services for you, the data will be blocked. This means that the data may then only be used if this is necessary to fulfill retention obligations or to defend and enforce our legal interests. The data will be deleted as soon as there is no longer an obligation to retain it and there is no longer a legitimate interest in retaining it.
   
   
   B. Special information for our website
10. Log file data
    
    When you visit our website, the servers of our hosting provider RTP GmbH, Josefstrassse 92, 8005 Zurich, Switzerland temporarily store every access in a log file. The following data is collected without any action on your part and stored by us until it is automatically deleted:
    - the IP address of the requesting computer,
    - the date and time of access,
    - the name and URL of the file accessed,
    - the website from which the access was made, including the search term used if applicable,
    - the operating system of your computer and the browser you are using (including type, version and language setting),
    - device type in the case of access from cell phones.
    
    This data is collected and processed for the purpose of enabling the use of our website (establishing a connection), ensuring system security and stability in the long term as well as for error and performance analysis and enabling us to optimize our website (see also section 15 for the last points).
    
    In the event of an attack on the network infrastructure of the website or in the event of suspicion of other unauthorized or abusive website use, the IP address and the other data are evaluated for clarification and defense and, if necessary, used in the context of criminal proceedings for identification and for civil and criminal proceedings against the users concerned. The purposes described above constitute our legitimate interest in data processing within the meaning of Art. 6 para. 1 lit. f EU GDPR.
    
    Finally, when you visit our website, we use cookies as well as applications and tools that are based on the use of cookies. The data described here may also be processed in this context. You will find more detailed information on this in the following sections of this privacy policy, in particular section 13.
11. Cookies
    
    Cookies are information files that your web browser stores on your computer's hard disk or memory when you visit our website. Cookies are assigned identification numbers through which your browser is identified and the information contained in the cookie can be read.
    
    Cookies help, among other things, to make your visit to our websites easier, more pleasant and more meaningful. We use cookies for various purposes that are required for your desired use of the websites, i.e. are "technically necessary". For example, we use cookies to identify you as a registered user after you have logged in without you having to log in again each time you navigate the various subpages. The provision of the shopping cart and order function is also based on the use of cookies. Cookies also perform other technical functions required for the operation of the website, such as load balancing, i.e. the distribution of the performance load of the site to different web servers in order to reduce the load on the servers. Cookies are also used for security purposes, for example to prevent the unauthorized posting of content. Finally, we also use cookies as part of the design and programming of our website, e.g. to enable the uploading of scripts or codes.
    
    The legal basis for this data processing is our legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR in providing a user-friendly and up-to-date website.
    
    Most Internet browsers accept cookies automatically. However, when you access our website, we ask for your consent to the cookies we use that are not technically necessary, in particular when using third-party cookies for marketing purposes. You can make the settings you require using the corresponding buttons in the cookie banner. Details on the services and data processing associated with the individual cookies can be found within the cookie banner and in the following sections of this privacy policy.
    
    You may also be able to configure your browser so that no cookies are stored on your computer or so that a message always appears when you receive a new cookie. The following pages explain how you can configure the processing of cookies in selected browsers.
    - Google Chrome
    - Apple Safari
    
    Deactivating cookies may mean that you cannot use all the functions of our website.
12. Google SiteSearch / Google Custom Search Engine
    
    This website uses Google SiteSearch/Google Custom Search Engine from Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA). This enables us to provide you with an efficient search function on our website.
    
    When using our search fields, your browser may transmit the log file data listed in section 12 (incl. IP address) and the search term you have entered to Google if you have installed Java Script in your browser. If you wish to prevent the transmission of data, you can deactivate JavaScript in your browser settings (usually in the "Privacy" menu). Please note that the search function and other functions of the website may be impaired in this case.
    
    The legal basis for this data processing is our legitimate interest within the meaning of Art. 6 para. 1 lit. f EU GDPR in the provision of an efficient website search function. 
    
    For further processing of the data by Google, please refer to Google's privacy policy: www.google.com/intl/de_de/policies/privacy.
13. Tracking and web analysis tools
    1. General information on tracking
       
       We use the web analysis services listed below for the purpose of needs-based design and continuous optimization of our websites. In this context, pseudonymized user profiles are created and cookies are used (please also refer to section 13). The information generated by the cookie about your use of this website is generally transmitted to a server of the service provider together with the log file data listed in section 12, where it is stored and processed.(see, in particular, the guarantees provided, section 10).
       
       By processing the data, we receive the following information, among other things:
       - navigation path taken by a visitor on the site (incl. content viewed 
       and products selected or purchased or services booked), - navigation path taken by a visitor on the site (incl. content viewed and products selected or purchased or services booked). booked services),
       - time spent on the website or subpage,
       - the subpage on which the website is left,
       - the country, region or city from which access is made,
       - end device (type, version, color depth, resolution, width and height of the browser window) and
       - returning or new visitor.
       
       The provider will use this information on our behalf to evaluate the use of the websites, to compile reports on website activity for us and to provide us with other services relating to website activity and internet usage for the purposes of market research and the needs-based design of these web pages. For these processing operations, we and the providers can be regarded as joint controllers under data protection law up to a certain extent.
       
       The legal basis for this data processing with the following tools is your consent within the meaning of Art. 6 para. 1 lit. a EU GDPR. You can withdraw your consent or refuse processing at any time by rejecting or deactivating the relevant cookies in the settings of your web browser (see section 13) or by making use of the service-specific options described below.
       
       For further processing of the data by the respective provider as the (sole) controller under data protection law, in particular any disclosure of this information to third parties such as authorities due to national legal regulations, please refer to the respective data protection information of the provider.
    2. Google Analytics
       
       We use the web analytics service Google Analytics from Google Ireland Limited (Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland) or Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA) ("Google").
       
       The data described about the use of the website may be transmitted to the servers of Google LLC. in the USA for the processing purposes explained (see section 15.1). The IP address is shortened by activating IP anonymization ("anonymizeIP") on this website before transmission within the member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there.
       
       Users can prevent Google from collecting the data generated by the cookie and relating to the use of the website by the user concerned (including the IP address) and from processing this data by Google by downloading and installing the browser plug-in under the following link:
       - http://tools.google.com/dlpage/gaoptout?hl=de. 
       
       Further information on data protection at Google can be found here.
14. Social media
    1. Social media profiles
       
       On our websites, we have integrated links to our profiles in the social networks of the following providers:
       - Meta Platforms Inc, 1601 S California Ave, Palo Alto, CA 94304, USA;
       - Instagram Inc. 1601 Willow Road, Menlo Park, CA 94025, USA;
       - Twitter Inc. located at 1355 Market Street, Suite 900, San Francisco, CA 94103, USA;
       - Linkedin Unlimited Company, Wilton Place, Dublin 2, Ireland.
       
       If you click on the icons of the social networks, you will be automatically redirected to our profile in the respective network. This establishes a direct connection between your browser and the server of the respective social network. This provides the network with the information that you have visited our website with your IP address and clicked on the link.
       
       If you click on a link to a network while you are logged into your user account with the network in question, the content of our website can be linked to your profile so that the network can assign your visit to our website directly to your account. If you want to prevent this, you should log out before clicking on the relevant links. A connection between your access to our website and your user account will always take place if you log in to the respective network after clicking on the link. The respective provider is responsible under data protection law for the associated data processing. Please therefore refer to the information on the network's website.
       
       The legal basis for any data processing attributed to us is our legitimate interest in the use and advertising of our social media profiles within the meaning of Art. 6 para. 1 lit. f EU GDPR.
    2. Social media plugins
       
       You can use social plugins from the following providers on our website:
       - Meta Platforms Inc, 1601 S California Ave, Palo Alto, CA 94304, USA, privacy policy;
       - Instagram Inc, 1601 Willow Road, Menlo Park, CA 94025, USA, privacy policy;
       - Twitter Inc, 1355 Market Street, Suite 900, San Francisco, CA 94103, USA, privacy policy;
       - Linkedin Unlimited Company, Wilton Place, Dublin 2, Ireland, privacy policy.
       
       We use social plugins to make it easier for you to share content from our websites. The social plugins help us to increase the visibility of our content on social networks and thus contribute to better marketing.
       
       The plugins are deactivated on our websites by default and therefore do not send any data to the social networks when you simply visit our website. To increase data protection, we have integrated the plugins in such a way that no connection is automatically established with the networks' servers. Your browser only establishes a direct connection to the servers of the respective social network when you activate the plugins and thus give your consent to data transmission and further processing by the social network providers.
       
       The content of the plugin is transmitted directly from the social network to your browser, which integrates it into the website. As a result, the respective provider receives the information that your browser has accessed the corresponding page of our website, even if you do not have an account with this social network or are not currently logged in to it. This information (including your IP address) is transmitted directly from your browser to a server of the provider (usually in the USA) and stored there. We have no influence on the scope of the data that the provider collects with the plugin, although we can be considered jointly responsible with the providers to a certain extent from a data protection perspective.
       
       If you are logged in to the social network, it can assign your visit to our websites directly to your user account. If you interact with the plugins, the corresponding information is also transmitted directly to a server of the provider and stored there. The information (e.g. that you like a product or service from us) may also be published on the social network and may be displayed to other users of the social network. The provider of the social network may use this information for the purpose of displaying advertising and tailoring the respective offer. For this purpose, usage, interest and relationship profiles may be created, e.g. to evaluate your use of our website with regard to the advertisements displayed to you on the social network, to inform other users about your activities on our website and to provide other services associated with the use of the social network. The purpose and scope of the data collection and the further processing and use of the data by the social network providers as well as your rights in this regard and setting options to protect your privacy can be found directly in the data protection information of the respective provider.
       
       If you do not want the social network provider to assign the data collected via our website to your user account, you must log out of the social network before activating the plugins. Your consent within the meaning of Art. 6 para. 1 lit. a EU GDPR forms the legal basis for the data processing described. You can revoke your consent at any time by declaring your revocation to the provider of the plugin in accordance with the information in their data protection information.
15. Online advertising and targeting
    1. In general
       
       We use the services of various companies to provide you with interesting offers online. Your user behavior on our websites and websites of other providers is analyzed in order to subsequently display online advertising tailored to you.
       
       Most technologies for tracking your user behavior ("tracking") and for the targeted display of advertising ("targeting") work with cookies (see also section 13), with which your browser can be recognized via various websites. Depending on the service provider, it may also be possible for you to be recognized online even when using different end devices (e.g. laptop and smartphone). This may be the case, for example, if you have registered with a service that you use on several devices.
       
       In addition to the data already mentioned, which is generated when websites are accessed ("log file data", see section 12) and when cookies are used (section 13) and which may be passed on to the companies involved in the advertising networks, the following data in particular is used to select the advertising that is potentially most relevant to you:
       - Information about you that you have provided when registering for or using a service from advertising partners (e.g. your gender, your age, your age group).E.g. your gender, your age group);
       - user behavior (e.g. search queries, interactions with advertising, types of websites visited, products or services viewed and purchased, newsletters subscribed to).
       
       We and our service providers use this data to identify whether you belong to the target group we are addressing and take this into account when selecting advertisements. For example, after you have visited our site, you may be shown advertisements for the products or services you have consulted when you visit other sites ("re-targeting"). Depending on the scope of the data, a user's profile may also be created, which is automatically evaluated, and the ads are selected according to the information stored in the profile, such as membership of certain demographic segments or potential interests or behaviors. Such ads may be presented to you on various channels, including our website or app (as part of on-site and in-app marketing) as well as ads that are placed via the online advertising networks we use, such as Google.
       
       The data may then be analyzed for the purpose of billing the service provider and assessing the effectiveness of advertising measures in order to better understand the needs of our users and customers and to improve future campaigns. This may also include information that the performance of an action (e.g. visiting certain sections of our websites or sending information) is attributable to a specific advertisement. We also receive aggregated reports from the service providers on advertising activities and information on how users interact with our website and our advertisements.
       
       The legal basis for this data processing is your consent within the meaning of Art. 6 para. 1 lit. a EU GDPR. You can withdraw your consent at any time by rejecting or deactivating the relevant cookies in the settings of your web browser (see section 13). Further options for blocking advertising can also be found in the information provided by the respective service provider, e.g. Google.
    2. Google Ads
       
       This website uses the services of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA ("Google") for online advertising. Google uses cookies for this purpose, such as the so-called DoubleClick cookie, which enable your browser to be recognized when you visit other websites. The information generated by the cookies about your visit to these websites (including your IP address) is transmitted to a Google server in the USA and stored there (please also refer to section 10). Further information on data protection at Google can be found here.
       
       The legal basis for this data processing is your consent within the meaning of Art. 6 para. 1 lit. a EU GDPR. You can withdraw your consent at any time by rejecting or deactivating the relevant cookies in the settings of your web browser (see section 13). Further options for blocking advertising can be found here.
16. Use of our chat function
    
    If you contact us via chat, your personal data will be processed. The data that you have provided to us will be processed, e.g. the name of your company, your name, your function, your e-mail address and your request. In addition, the time of receipt of the request is documented. Mandatory information is marked with an asterisk (*).
    
    We process this data exclusively in order to implement your request (e.g. providing information about our hotel, support with contract processing such as questions about your booking, incorporating your feedback into the improvement of our service, etc.). To provide the chat function, we use a tool from WhatsApp Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. Therefore, your data will be stored in a database of WhatsApp Ireland Limited, which may allow WhatsApp Ireland Limited to access your data if this is necessary for the provision of the software and for support in the use of the software.
    
    The legal basis for this data processing is our legitimate interest within the meaning of Art. 6 para. 1 lit. f EU GDPR in the use of modern communication technologies or, if your request is aimed at the conclusion or execution of a contract, in the implementation of the necessary measures within the meaning of Art. 6 para. 1 lit. b EU GDPR.
17. Registration for a customer account
    
    If you open a customer account on our website, we collect the following data, whereby mandatory information is marked with an asterisk (*) in the corresponding form:
    
    Personal data:
    - Salutation
    - Surname
    - First name
    - Billing and, if applicable, delivery address Delivery address
    - Date of birth
    - Company, company address and VAT number for corporate customers
    
    Login data:
    - E-mail address
    - Password
    
    Other details:
    - Languages
    - Gender
    
    We use the personal details to establish your identity and to check the requirements for registration. The e-mail address and password together serve as login data and thus to ensure that the correct person is using the website under your details. We also require your e-mail address for verification and confirmation of the account opening and for future communication with you required for contract processing. In addition, this data is stored in the customer account for future bookings or contract conclusions. For this purpose, we also enable you to store further details in the account (e.g. your preferred means of payment).
    
    We also use the data to provide an overview of the products ordered and bookings made (see section 19 in particular) and a simple way to manage your personal data, to administer our website and the contractual relationships, i.e. to establish, structure the content of, process and amend the contracts concluded with you via your customer account (e.g. in connection with your booking with us).E.g. in connection with your booking with us).
    
    We process the information on language and gender in order to display offer suggestions on the website that are best tailored to your profile or your personal needs, for statistical recording and evaluation of the selected offers and thus to optimize our suggestions and offers.
    
    The legal basis for processing your data for the above purpose is your consent in accordance with Art. 6 para. 1 lit. a EU GDPR. You can withdraw your consent at any time by removing the information from your customer account or deleting your customer account or having it deleted by sending us a message.
    
    To prevent misuse, you must always treat your login data confidentially and should close the browser window when you have finished communicating with us, especially if you share the computer with others.
18. Ordering via our online store
    
    On our website truthahntaxi.ch you have the option of ordering a turkey delivery. We collect the following data for this purpose, whereby mandatory information is marked with an asterisk (*) in the corresponding form:
    - Title
    - First name
    - Last name
    - Company
    - Street and house number
    - Address suffix
    - Postcode
    - City
    - Country
    - Telephone number
    - E-mail
    - Payment method
    - Yes, I would like to subscribe to your newsletter.
    - I confirm that the information I have provided is correct and that I have read and accept the terms and conditions and privacy policy
    
    We will only use this data and any other data you provide voluntarily to process your order in accordance with your wishes. This data is therefore processed within the meaning of Art. 6 para. 1 lit. b EU GDPR for the implementation of pre-contractual measures and for the performance of a contract.
19. Booking on the website, by correspondence or by telephone call
    
    If you make bookings or order vouchers either via our website, by correspondence (e-mail or letter post) or by telephone call, we collect the following data, whereby mandatory information is marked with an asterisk (*) in the corresponding form:
    - title
    - first name
    - surname
    - street and no.
    - postcode 5 - city - surname - address - postal code - postal code 6 - postal address Zip code
    - City
    - Country
    - Date of birth
    - E-mail address
    - Telephone number
    - Language
    - Credit card information
    
    We will only use this data and other information you provide voluntarily (e.g. expected arrival time, motor vehicle license plate, preferences, comments) to process the contract, unless otherwise stated in this privacy policy or unless you have given your separate consent. We will process the data by name in order to record your booking as requested, to provide the booked services, to contact you in the event of ambiguities or problems and to ensure correct payment. Your credit card data will be automatically deleted after your departure.
    
    The legal basis for data processing for this purpose is the fulfillment of a contract in accordance with Art. 6 para. 1 lit. b EU GDPR or your consent in accordance with Art. 6 para. 1 lit. a EU GDPR. You can withdraw your consent at any time with effect for the future.
20. Payment processing online
    
    If you make chargeable bookings or purchase products on our website, depending on the product or service and the desired payment method - in addition to the information specified in section 18 or section 19 - you may be required to provide further data, such as your credit card information or the login to your payment service provider. This information and the fact that you have purchased a service from us at the relevant amount and time will be forwarded to the respective payment service providers (e.g. providers of payment solutions, credit card issuers and credit card acquirers). Please always refer to the information provided by the respective company, in particular the privacy policy and general terms and conditions. The legal basis for this transmission is the fulfillment of a contract in accordance with Art. 6 para. 1 lit. b EU GDPR.
21. Reserving a table
    
    On our websites, you have the option of reserving a table in one of the restaurants listed on our websites. We collect the following data for this purpose, whereby mandatory information is marked with an asterisk (*) in the corresponding form:
    - First name
    - Last name
    - Number of guests
    - Email address
    - Telephone number
    - Comment
    - Date and time of reservation
    - I accept the terms and conditions
    
    We collect and process the data only to process the reservation, in particular to compile your reservation request according to your wishes, to make the reservation and to contact you in case of ambiguities or problems.
    
    To process reservations, we use a tool from Gastronovi, Buschhöhe 2, DE-28357 Bremen. Therefore, your data is stored in a database of Gastronovi, which may allow Gastronovi to access your data if this is necessary for the provision of the software and for support in the use of the software. Information on the transfer and processing of data by third parties can be found in section 9 of this privacy policy.
    
    The legal basis for the processing of your data for this purpose is the performance of a contract pursuant to Art. 6 para. 1 lit. b EU GDPR.
22. Bookings via booking platforms
    
    If you make bookings via a third-party platform (i.e. via booking.com, Hotel, Escapio, Expedia, Holidaycheck, Hotel Tonight, HRS, Kayak, Mr. & Mrs. Smith, Splendia, Tablet Hotels, Tripadvisor, Trivago, Weekend4Two), we receive various personal information from the respective platform operator in connection with the booking made. This is generally the data listed in section 21 of this privacy policy. In addition, we may receive inquiries about your booking. We will process this data by name in order to record your booking as requested and provide the booked services. The legal basis for data processing for this purpose is the implementation of pre-contractual measures and the fulfillment of a contract in accordance with Art. 6 para. 1 lit. b EU GDPR.
    
    Finally, we may be informed by the platform operators about disputes in connection with a booking. We may also receive data on the booking process, which may include a copy of the booking confirmation as proof of the actual completion of the booking. We process this data to safeguard and enforce our claims. This is our legitimate interest within the meaning of Art. 6 para. 1 lit. f EU GDPR.
    
    Please also note the data protection information of the respective booking platform.
23. Submission of reviews
    
    To help other users with their purchase decision and to support our quality management (in particular the processing of negative feedback), you have the opportunity to rate your stay with us on our website. The data that you have made available to us will be processed and published on the website, i.e. in addition to your rating and its time, possibly also a comment that you have attached to your rating or the name you have provided.
    
    The legal basis for data processing is your consent within the meaning of Art. 6 para. 1 lit. a EU GDPR.
    
    We reserve the right to delete unlawful ratings and to contact you in the event of suspicion and ask you to comment. The legal basis for this processing is our legitimate interest within the meaning of Art. 6 para. 1 lit. f EU GDPR in the provision of the comment and rating function and the prevention of abuse when using it.
24. Applying for a job vacancy
    
    You have the option of applying for a specific job vacancy with us spontaneously or via a corresponding e-mail address. We collect the following data for this purpose, whereby mandatory information is marked with an asterisk (*) in the corresponding form:
    - First name
    - Last name
    - E-mail address
    - Application documents (e.g. CV, letter of motivation, certificates, etc.)
    
    We use this and other data you provide voluntarily to review your application. Application documents of unsuccessful applicants will be deleted at the end of the application process, unless you explicitly consent to a longer retention period or we are legally obliged to retain them for a longer period.
    
    The legal basis for processing your data for this purpose is therefore the performance of a contract (pre-contractual phase) in accordance with Art. 6 para. 1 lit. b EU GDPR.
    
    
    C. Data processing in connection with your stay
25. Data processing to comply with legal reporting obligations
    
    Upon arrival at our hotels & apartments, we may require the following information from you and your accompanying persons (mandatory *):
    - First name and surname
    - Postal address and canton
    - Date of birth
    - Nationality
    - Official identification card and number
    - Arrival and departure date
    
    We collect this information to comply with legal reporting obligations, in particular those arising from hospitality or police law. Insofar as we are obliged to do so under the applicable regulations, we forward this information to the competent police authority.
    
    This data is processed on the basis of a legal obligation within the meaning of Art. 6 para. 1 lit. c EU GDPR.
26. Recording of purchased services
    
    If you purchase additional services during your stay (e.g. restaurant, bar, room service), we will record the subject matter of the service and the time of purchase for billing purposes. The processing of this data is necessary within the meaning of Art. 6 para. 1 lit. b EU GDPR for the execution of the contract with us.
27. Guest feedback
    
    If you have provided us with your e-mail address in connection with your booking, you will receive an electronic form after your departure. For this purpose, we collect the following data, whereby mandatory information is marked with an asterisk (*) in the corresponding form:
    - First and last name
    - Age
    - Nationality
    - Duration of stay
    
    The information is voluntary and serves us to continuously improve our offer and our services and to adapt them to your needs. We will only use the information provided to us for statistical purposes, unless otherwise stated in this privacy policy or unless you have given your separate consent. We will process the data by name in order to contact you in the event of any ambiguities.
    
    For the aforementioned purposes, the legal basis for processing is our legitimate interest within the meaning of Art. 6 para. 1 lit. f EU GDPR.
28. Video surveillance
    
    To prevent misuse and to take action against unlawful behavior (in particular theft and damage to property), the entrance areas and some of the publicly accessible areas of our hotels are monitored by cameras. The image data is only viewed if there is a suspicion of unlawful behavior. Otherwise, the image recordings are automatically deleted after 72 hours.
    
    We use a service provider to provide the video surveillance system, who may have access to the data if this is necessary for the provision of the system. If the suspicion of unlawful conduct is substantiated, the data may then be passed on to the extent necessary for the enforcement of claims or the filing of reports to consulting firms (in particular our law firm) and authorities.
    
    The legal basis is our legitimate interest within the meaning of Art. 6 para. 1 lit. f EU GDPR in the protection of our property and the protection and enforcement of our rights.
29. Use of our WiFi network
    
    In our restaurants, hotels & apartments, you have the option of using the WiFi network operated by Bithawk AG, Allee1A, CH-6210 Sursee, free of charge. Prior registration is required to prevent misuse and to take action against illegal behavior. In doing so, you transmit the following data to Bithawk AG:
    - Mobile phone number
    - MAC address of the end device (automatic)
    
    In addition to the above data, data on the house visited with time, date and end device are recorded each time the WiFi network is used. The legal basis for this processing is your consent within the meaning of Art. 6 para. 1 lit. a EU GDPR. The customer can revoke their registration at any time by notifying us.
    
    Bithawk AG must comply with the legal obligations of the Federal Act on the Surveillance of Postal and Telecommunications Traffic (BÜPF) and the associated ordinance. If the legal requirements are met, the WiFi operator must monitor the use of the Internet and data traffic on behalf of the competent authority. The WiFi operator may also be obliged to disclose the customer's contact, usage and edge data to the authorized authorities. The contact, usage and peripheral data will be stored for 6 months and then deleted.
    
    The legal basis for this processing is our legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR in the provision of a WiFi network in compliance with the applicable legal provisions.
30. Payment processing
    
    If you purchase products or services in our hotels & restaurants using electronic means of payment or pay for your stay, the processing of personal data is required. By using the payment terminals, you transmit the information stored in your means of payment, such as the name of the cardholder and the card number, to the payment service providers involved (e.g. payment solution providers, credit card issuers and credit card acquirers). They also receive the information that the payment method was used in our hotel, the amount and the time of the transaction. Conversely, we only receive the credit of the amount of the payment made at the relevant time, which we can assign to the relevant receipt number, or information that the transaction was not possible or was canceled. Please always refer to the information provided by the respective company, in particular the privacy policy and the general terms and conditions. The legal basis for this transmission is the fulfillment of the contract with you in accordance with Art. 6 para. 1 lit. b EU GDPR.

Back to the homepage