Privacy statement

Version: December 2020

Chetzeron 2112 SA, Restaurant d’Altitude Chetzeron, 3963 Crans-Montana operates the Hotel Chetzeron and is the owner of the chetzeron.ch website and is therefore responsible for the collection, processing and use of your personal data and for ensuring that data processing complies with applicable data protection legislation.

We attach great importance to your trust, which is why we take data protection very seriously and ensure appropriate security. It goes without saying that we comply with the legal provisions of the Federal Data Protection Act (DPA), the Ordinance on the Federal Data Protection Act (DPAO), the Federal Telecommunications Act (FTA) and any other data protection provisions of Swiss or EU legislation that may be applicable, in particular the General Data Protection Regulations (GDPR).

So that you know what personal data we collect about you and for what purposes we use it, please read the information below carefully.

The address of our representative in the EU for data protection legislation is: Sami Lamaa, Chetzeron 2112 SA, Restaurant d’altitude Chetzeron, 3963 Crans-Montana, info@chetzeron.ch.

A. Data processing in connection with our website

1. Consulting our website

When you visit our site, our server temporarily records each access in a log file. The following technical data is then entered, in principle as with any connection to a web server, without any intervention on your part, and stored by us until it is automatically deleted after 6 months at the latest:

  • the IP address of the computer accessing the site,
  • the name of the owner of the IP space (usually your Internet service provider),
  • the date and time of access,
  • the website from which you accessed our site (original URL) and possibly the search keywords used,
  • the name and URL of the accessed file,
  • the status code (e.g. error message),
  • the operating system of your computer,
  • the browser you are using (type, version and language),
  • the communication protocol used (e.g. HTTP/1.1), and
  • possibly your username from a registration/authentication.

The purpose of collecting and processing this data is to enable the use of our website (establishment of a connection), to guarantee the long-term security and stability of the system and to enable the optimisation of our online offer, as well as for internal statistical purposes. Such processing is based on our legitimate interest under Art. 6 to 1 let. f RGPD.

In addition, the IP address is analysed together with other data for the purposes of recognition and defence in the event of attacks on the network infrastructure or other unauthorised or abusive use of the website, and may be used in criminal proceedings for the purpose of identification and civil and criminal action against the user in question. Such processing is based on our legitimate interest under Art. 6 to 1 let. f RGPD.

2. Use of our contact form

You have the possibility to use a form to contact us. The following information is required for this purpose:

  • first name and surname
  • address, postcode and city
  • country
  • email address
  • message

We only use this data, together with your optional telephone number, in order to be able to respond to your contact request in the best and most personalised way possible. The processing of this data is therefore necessary for the execution of pre-contractual measures in accordance with Art. 6 to 1 let. b RGPD or is based on our legitimate interest in accordance with Art. 6 to 1 let. f RGPD, respectively.

3. Subscribe to our newsletter

You can subscribe to our newsletter on our website. To do so, you must register and provide the following data:

  • first name and surname
  • email address

The above data are essential for data processing. You can also provide other optional data. We process this data exclusively in order to personalise the information and offers we send you and to better adapt them to your interests.

By registering, you consent to the processing of the data provided by you in this context for the purpose of regularly sending the newsletter to the address provided by you, as well as for the statistical analysis of your user behaviour and the optimisation of the newsletter. This consent is our legal basis for the processing of your email address in accordance with Art. 6 to 1 let. a RGPD. We are authorised to use third parties for the technical implementation of advertising campaigns and are authorised to pass on your data for this purpose (see section 13 below).

At the end of each newsletter you will find a link to unsubscribe at any time. When you unsubscribe, you can tell us the reason for doing so on an optional basis. Your personal data is deleted after you unsubscribe. Further processing only takes place in anonymous form for the purpose of optimising our newsletter.

4. Creation of a customer account

To make reservations on our site, you can place an order as a visitor or open a customer account. When you register for a customer account, the following data is obligatorily collected:

  • title
  • first name and surname
  • postal address
  • postcode
  • city
  • country
  • date of birth
  • phone number
  • email address
  • password

This data, together with other optional information (e.g. company name), is collected for the purpose of providing you with direct, password-protected access to your master data stored in our system. Here you can view your previous and current bookings or manage or change your personal data.

Your consent in accordance with article. 6 to 1 let. he RGPD is the legal basis for the processing of data for this purpose.

5. Booking on the site, by mail or by phone

If you make reservations via our website, by correspondence (email or post) or by telephone, we require the following data for the execution of the contract:

  • title
  • first name and surname
  • postal address
  • postcode
  • city
  • country
  • date of birth
  • phone number
  • langue
  • credit card information
  • email

We use this data, as well as other optional information that you provide (e.g. estimated time of arrival, motor vehicle license plate, preferences, remarks), only for the performance of the contract, unless otherwise stated in this privacy policy or you have given your separate consent. We will process this data in particular in order to enter your reservation in accordance with your request, to provide the services booked, to contact you in the event of uncertainties or problems, and to ensure that payment is made correctly.

The execution of a contract according to Art. 6 to 1 let. b RGPD is the legal basis for data processing for this purpose.

6. Cookies

Cookies help in many ways to make your visit to our site simpler, more enjoyable and more useful. Cookies are files containing information that your web browser automatically saves on your computer’s hard drive when you visit our site.

For example, we use cookies to temporarily store your selected services and information entered when you fill out a form on our site so that you do not have to enter it a second time when you visit a subpage. In addition, cookies may also be used to identify you as a registered user following your registration on our site. This saves you from having to log in again when you visit another subpage.

Most web browsers automatically accept cookies. You can, however, configure your browser so that it does not store any cookies on your computer or so that a message appears each time you receive a new cookie. On the following pages you will find explanations on how to configure the processing of cookies for the most commonly used browsers:

  • Microsoft Windows Internet Explorer
  • Microsoft Windows Internet Explorer Mobile
  • Mozilla Firefox
  • Google Chrome for desktop
  • Google Chrome for mobile
  • Apple Safari for the desktop
  • Apple Safari for mobile

Disabling cookies may prevent you from using the full functionality of our site.

7. Monitoring tools

a. General

We use the Google Analytics web analytics service to present and optimise our website on an ongoing basis. For example, we create pseudonymised user profiles and use small text files stored on your computer (“cookies”). The information generated by the cookie about your use of this site is transmitted to the servers of the providers of these services and then stored and processed for us. In addition to the data given in ch. 1 below, we may receive the following information:

  • navigation path taken by a visitor on the site,
  • duration of the visit on the site or on the page,
  • the page from which the visitor leaves the site,
  • the country, region or city from which access takes place,
  • device (type, version, colour depth, resolution, width and height of the navigation window) and
  • recurring or new visitor.

The information is used to analyse the use of the website, to compile reports on website activities and to provide other services in connection with the use of the website and the use of the Internet for market research purposes and for the appropriate presentation of the website. This information may also be passed on to third parties insofar as this is prescribed by law or insofar as third parties are commissioned to process this data.

b. Google Analytics

The provider of Google Analytics is Google Inc, a company of the US-based holding company Alphabet Inc. Prior to the transmission of data to the provider, the IP address is abbreviated by activating IP anonymization (“anonymizeIP”) on this website within the Member States of the European Union or in other states that have signed the Agreement on the European Economic Area. Google will not combine the anonymised IP address transmitted by your browser with any other data held by Google Analytics. In exceptional cases, the complete IP address is transmitted to a Google server in the USA and then abbreviated. In this case, we ensure through contractual guarantees that Google Inc. complies with a sufficient level of data protection. According to Google Inc. the IP address will not be linked to any other data concerning the user under any circumstances.

Further information on the audience analysis service used can be found on the Google Analytics website. To find out how to prevent the processing of your data by the Audience Analysis Service, please visit http://tools.google.com/dlpage/gaoptout?hl=en.

B. Processing of data relating to your stay

8. Processing of data to meet legal obligations to inform

When you arrive at our hotel, we need the following information about you and your companions:

  • first name and surname
  • postal address and canton
  • date of birth
  • place of birth
  • nationality
  • official identity document and number
  • day of arrival and departure
  • room number

We collect this information to meet the legal obligations to provide information arising in particular from police and hotel legislation. Insofar as we are obliged to do so in accordance with the applicable provisions, we shall forward this information to the competent police authority.

We have a legitimate interest under art. 6 to 1 let. f RGPD to fulfil the legal provisions.

9. Entry of services provided

Insofar as you receive additional services during your stay (e.g. use of the mini bar or our pay-TV offer), we will record for billing purposes the purpose of the service and the date on which you received it. The processing of this data is necessary for the execution of your contract with us pursuant to Art. 6 to 1 let. b RGPD.

C. Storage and exchange of data with third parties

10. Reservation platforms

If you make reservations via a third party platform, the operator of the platform in question sends us various personal information. In principle, these are the data indicated in ch. 5 of this Privacy Policy. We may also receive requests concerning your reservation. In particular, we process this data in order to enter your reservation in accordance with your request and to provide the services booked. The execution of a contract according to Art. 6 to 1 let. b RGPD is the legal basis for data processing for this purpose.

Finally, the operators of the platforms inform us of potential disputes in connection with a reservation. They also provide us with data about the booking process, for which a copy of the booking confirmation can be used as proof when the booking is actually closed. We process this data for the protection and observance of our rights. For these treatments we rely on our legitimate interest under art. 6 to 1 let. f RGPD.

Please also take note of the privacy policies of the respective suppliers.

11. Centralised storage and data linking

We save the data indicated in the ch. 2-5 and 8-10 in a centralised electronic data processing system. Your personal data is then systematically collected and aggregated for the purpose of processing your reservations and the execution of the contractual services. In order to do this, we use company software:

  • Aleno AG, Aegertenstrasse 6, 8003 Zurich, Suisse
  • Sabre GLBL Inc. (SynXis), 3150 Sabre Drive, Southlake, TX 76092, USA
  • Automattic Inc. (WordPress, WooCommerce) 60 29th Street #343, San Francisco, CA 941110, USA
  • HubSpot, 25 First Street, 2nd Floor, Cambridge, MA 02141, USA

The processing of these data by the software is based on our legitimate interest under art. 6 to 1 let. f RGPD to customer-friendly and efficient customer data management.

12. Storage time

We only store personal data for as long as is necessary for the use of the above-mentioned monitoring services and for further processing based on our legitimate interest. We retain contractual data for a longer period of time if this is prescribed by legal retention obligations. Our obligations to retain data derive from the provisions relating to the right to notify the authorities, financial accounting and tax law. In accordance with these provisions, commercial communication, concluded contracts and accounting documents must be kept for up to 10 years. Insofar as we no longer require this data for the execution of the services, it will be blocked. This means that this data may only be used for accounting and tax purposes.

13. Transfer of data to third parties

We only pass on your personal data if you have expressly consented to this, if we are subject to a legal obligation to do so or if this is necessary in order to assert our rights, in particular to assert our rights arising from the contractual relationship. In addition, we pass on your data to third parties insofar as this is necessary for the use of the website and the fulfilment of the contract (including outside the website), in particular for the processing of your bookings.

Our web host KECO AG, Place du Marché 2, 3963 Crans-Montana is a service provider to whom we transmit the personal data collected via the website, or who has or can have access to such data. The website is hosted on servers in Switzerland. The purpose of data transmission is to provide and maintain the functionality of our site. This processing is based on our legitimate interest under Art. 6 to 1 let. f RGPD.

Finally, we transmit your credit card information to the issuer and acquirer of your credit card when you pay by credit card on our site. If you choose to pay by credit card, you must enter all the necessary information. The execution of a contract according to Art. 6 to 1 let. b PGRD is the legal basis for the transmission of data. Regarding the processing of your credit card information by these third parties, please also read the terms and conditions and privacy policy of your credit card issuer.

Please also take note of the information in the following chapters. 7-8 and 10-11 concerning the transmission of data to third parties.

14. Transmission of personal data abroad

We are also entitled to pass on your personal data to third party companies (commissioned service providers) abroad for the data processing specified in this privacy policy. These companies are subject to the same level of data protection as we are. If the level of data protection in a given country does not correspond to the Swiss or European level, we ensure by contract that the protection of your personal data corresponds to that of Switzerland or the EU.

D. Other information

15. Right to information, rectification, erasure and restriction of processing; right to portability of data

You have the right to obtain, on request, information about the personal data we store about you. Furthermore, you have the right to correct erroneous data and to have your personal data deleted as long as there is no legal obligation to retain the data or no legal basis for us to process the data.

You also have the right to demand the return of the data you have transmitted to us (right to data portability). On request, we will also pass on the data to a third party of your choice. You have the right to obtain the data in a standard format.

You can contact us for the above-mentioned purposes at the following email address: info@chetzeron.ch. It is possible that we may ask you, at our sole discretion, for proof of identity in order to process your requests.

16. Data security

We use appropriate technical and organisational security measures to protect the personal data we store about you against manipulation, partial or total loss and against unauthorised access by third parties. Our security measures are constantly being improved in line with technological progress.

You should always keep your access data confidential and close the browser window when you have finished communicating with us, especially if you are not the only person using the computer.

We also take data protection within our company very seriously. Our employees and the service providers that we commission are subject to secrecy and compliance with the legal provisions on data protection.

17. Note on data transmissions to the United States

For the sake of completeness, we would like to inform users whose place of residence or registered office is in Switzerland that the United States is subject to surveillance measures by the US authorities. These generally allow the recording of all personal data of persons whose data has been transmitted from Switzerland to the United States. This is done without any differentiation, limitation or exception based on the purpose pursued and without any objective criteria to limit the US authorities’ access to the data and their subsequent use to very precise and strictly limited purposes likely to justify the infringement that access to and use of the data entail. Furthermore, we would like to inform you that in the United States, there is no legal recourse for data subjects from Switzerland to access, correct or delete your personal data, nor is there any effective judicial protection against general access rights of the US authorities. We explicitly draw the data subject’s attention to this legal and factual situation so that he or she can make an informed decision about consenting to the use of his or her data.

We would like to inform users domiciled in an EU Member State that, according to the EU, the US – in particular because of the issues discussed in this section – does not have a sufficient level of data protection. Insofar as we have explained in this privacy policy that certain data recipients (e.g. Google) are based in the USA, we will ensure, either through contractual arrangements with these companies or through their certification according to the EU-US or Swiss-US data protection shield, that your data receive a reasonable level of protection from our partners.

18. Right to complain to a data protection supervisory authority

You are entitled to lodge a complaint with a data protection supervisory authority.

Version: December 2020