Privacy policy

Privacy policy

Privacy and private data are protected. The processing of personal data of guests, customers, suppliers, partners and other users is limited to that data which is necessary for the optimal fulfilment of the services. Personal data is collected, processed and used in accordance with the content of this privacy policy and the applicable data protection regulations, in particular the Swiss Data Protection Act (DSG). The present data protection declaration regulates which personal data is collected, processed and used.

Name and address of the controller

The controller within the meaning of the General Data Protection Regulation is:

Hotel Winkelried
Dorfplatz 5
CH-6362 Stansstad
T +41 41 618 23 23
F +41 41 618 23 33
hotel@winkelried.ch

  1. Description and scope of data processing

1.1 Personal data within the meaning of these data protection provisions is any information relating to an identified or identifiable natural person (hereinafter "data subject"). This includes in particular name, e-mail address, address, telephone number as well as credit card and account data and VAT information.

1.2 Personal data also includes information about the use of the website. In this context, personal data may be collected as follows: Information about visits to the website, such as the scope of the data transfer, the location from which the data is retrieved, and other connection data and sources that are retrieved. This is usually done through the use of log files and cookies. Further information on log files and cookies can be found in section 5.

1.3 In principle, personal data is destroyed or made anonymous as soon as it is no longer required for the purpose of processing.

  1. Intended use

The personal data are basically used for the following purposes:

2.1 In order to optimally provide the required (service) to the guest/customer;

2.2 To ensure that the website can be used in the most effective and customer-friendly way;

2.3 To meet obligations under contracts with third parties;

2.4 To enable participation in interactive offerings;

2.5 To inform about changes in the services;

2.6 To use other tools such as social media plugins, newsletters or web analytics tools.

  1. Principles of data processing

Data processing takes into account the principles of legality, proportionality, purpose limitation, transparency - in particular the fulfillment of information obligations - and data security.

  1. Information regarding the user computer, cookies

4.1 Each time the website is accessed, the following information is collected: The IP address, the browser request and the time of this request. In addition, the status and the amount of data transferred are recorded as part of this request. Also, the product and version information about the browser used and the operating system of the computer are collected as well as from which website the access to the page was made. This data is used for the operation of the website; in particular, to detect and eliminate website errors and to determine the utilization of the website and to make adjustments or improvements.

4.2 Cookies help in many aspects to make visits to the Website easier, more pleasant and more meaningful. Cookies are information files that the web browser automatically stores on the hard disk of the user's computer when visiting this website.

Cookies are used, for example, to temporarily store the selected services and entries when filling out a form on the website so that the entries do not have to be repeated when calling up another sub-page. Cookies may also be used after registration to identify you as a registered user, so that you do not have to log in again when you call up another sub-page.

If the use of browser cookies is not desired, the browser can be set so that the storage of cookies is not accepted. In this case, the website can only be used to a limited extent or not at all. If only the cookies of this website are accepted, but not those of the service providers and partners used, the setting "Block third-party cookies" can be selected in the browser.

  1. Data security

All information transmitted through use is stored on servers within Switzerland/European Union. Since the transmission of information via the Internet is generally not absolutely secure, the security of data transmitted to the website via the Internet cannot be guaranteed. However, the website and other systems are secured by technical and organizational measures against loss, destruction, access, modification or distribution of data by unauthorized persons.

  1. No disclosure of personal data

Subject to consent to data disclosure, legal provisions and/or official or court orders regarding the authorization or obligation to disclose data, personal data will not be disclosed to third parties. This may involve, in particular, the provision of information for the purposes of law enforcement, the prevention of danger or the enforcement of intellectual property rights.

  1. Changes to this privacy policy

The right is reserved to change this privacy policy at any time with effect for the future. A current version is available on the website. In order to be aware of the applicable data protection provisions, this website should be visited continuously.

  1. Rights of the guest/customer

There is the right to request information about the personal data processed. In particular, there is the right to information about the personal data as such, the purpose of processing, the retention period or, if this is not possible, the criteria for determining this period, the origin of the data if they were collected via third parties, if applicable, the existence of an automated individual decision and any recipients or categories of recipients to whom personal data are disclosed. There is also the right to revoke any consent given for the use of personal data at any time. The aforementioned rights can be asserted at the company at any time.

Collection of general data and information

This website collects general data and information with each call. This information is stored in the log files of the server:

  • IP address of the contacting device
  • Date and time
  • URL of the called page
  • Referrer URL
  • Browser and other device information

When using these general data and information, no conclusions are drawn about the data subject.

Collection of personal data and information

Which personal data is transmitted to the data controller results from the respective input masks. The personal data entered by the data subject is collected and stored exclusively for internal use by the controller and for its own purposes. The controller may arrange for the transfer to one or more processors, for example a parcel service provider, who will also use the personal data exclusively for internal use.

The controller shall provide any data subject at any time, upon request, with information about what personal data is stored about the data subject. Furthermore, the controller will correct or delete personal data at the request or notice of the data subject, provided that this does not conflict with any statutory retention obligations. Due to the deletion of the data, not all functions, services and services may be fully usable.

Cookies

The Internet pages use cookies. Cookies are text files that are stored on a computer system via an Internet browser. Through the use of cookies, the users of this website can be provided with more user-friendly services, which would not be possible without the cookie setting.

The data subject can prevent the setting of cookies by our website at any time by means of an appropriate setting of the Internet browser used and thus permanently object to the setting of cookies. Furthermore, cookies that have already been set can be deleted at any time via an Internet browser or other software programs. This is possible in all common Internet browsers. If the data subject deactivates the setting of cookies in the Internet browser used, not all functions of our website may be fully usable.

Disclosure of data to third parties

Insofar as it complies with the legal framework and is necessary for the business transaction, personal data will be passed on to third parties.

Web analysis service from Google (Google Analytics)

The purpose of the Google Analytics component is to analyze the flow of visitors to our website. Google uses the data and information obtained, among other things, to evaluate the use of our website, to compile online reports for us showing the activities on our website, and to provide other services related to the use of our website.

Further information and the applicable Google privacy policy can be found at https://policies.google.com/pr[...] and at https://marketingplatform.go[...].

Rights of the data subject

  • Right to confirmation
    You have the right to request confirmation as to whether personal data concerning you are being processed.
  • Right to information
    You have the right to receive free information about your stored personal data.
  • Right to rectification
    You have the right to have your stored personal data rectified.
  • Right to erasure
    You have the right to request the controller to delete your personal data without undue delay.
  • Right to restriction of processing
    You have the right to request the controller to restrict processing.
  • Right to data portability
    You have the right to receive the personal data concerning you in a structured, common and machine-readable format.
  • Right to object
    You have the right to object to the processing of your personal data at any time.
  • Right to revoke consent under data protection law
    You have the right to revoke consent to the processing of personal data at any time.

Data security

We have implemented numerous technical and organizational measures to ensure the most complete protection possible for the personal data processed via this website. Nevertheless, Internet-based data transmissions can have security vulnerabilities, so that absolute protection cannot be guaranteed. For this reason, every data subject is free to transmit personal data to us by alternative means, for example by telephone.

Your personal data is always transmitted encrypted (from and to this website). For this purpose, an SSL/TLS certificate from Let's Encrypt (https://letsencrypt.org) is used.

Duration of data storage

The criterion for the duration of storage of personal data is the respective statutory retention period. After expiry of the period, the corresponding data is routinely deleted, provided that it is no longer required for the fulfillment or initiation of the contract.

Topicality

The privacy policy can be changed and adapted at any time.

Status: June 2023