achesa Group

PRIVACY POLICY

Achesa Management AG (hereinafter also “we”, “us”) obtains and processes personal data concerning you or other persons (so-called “third parties”). We use the term “data” here synonymously with “personal data” or “personal information”. In this Privacy Policy, we describe what we do with your data when you use our websites, one of our project or event websites or other websites of ours (including all sub-sites) (hereinafter collectively referred to as “websites”), purchase or use our services or products, communicate with us in the context of processing contracts or otherwise have dealings with us. In addition, we may inform you separately about the processing of your data (e.g. in forms, contractual terms or additional data protection declarations). If you provide us with data about other persons (e.g. family members, work colleagues), we assume that you are authorised to do so and that this data is correct. By transmitting data about third parties, you confirm this. Please also ensure that these third parties have been informed of this privacy policy.

Your trust is important to us, which is why we take the issue of data protection seriously and ensure appropriate security. It goes without saying that we comply with the legal provisions of the Federal Act on Data Protection (FADP), the Ordinance to the Federal Act on Data Protection (OFADP), the Telecommunications Act (TCA) and other applicable data protection provisions of Swiss or EU law, in particular the General Data Protection Regulation (GDPR).

So that you know what personal data we collect from you and for what purposes we use it, please take note of the following information:

1. Data processing in connection with our website:

1.1 Accessing our websites:

Achesa Management AG operates the following companies and websites:

www.a-chesa.ch
www.achesahomes.ch
www.allegra-lodge.ch
www.hotel-welcomeinn.ch
www.tschadun.ch
www.restaurant-mercato.ch
www.pizzeria-giardino.ch
www.achesaliving.ch

and therefore responsible for the collection, processing and use of your personal data and the compliance of data processing with the applicable data protection law.

When you visit one of our websites, our servers temporarily store every access in a log file. As with every connection to a web server, the following technical data is recorded without your intervention and stored by us until it is automatically deleted after 24 months at the latest:

  • the IP address of the requesting computer
  • the name of the owner of the IP address range (usually your internet access provider)
  • the date and time of access
  • the website from which the access was made (referrer URL) possibly with the used
    search term
  • the name and URL of the retrieved file
  • the status code (e.g. error message)
  • the operating system of your computer
  • the browser you are using (type, version and language)
  • the transmission protocol used (e.g. HTTP/1.1) and
  • if applicable, your user name from a registration/authentication.

This data is collected and processed for the purpose of enabling the use of our website (establishing a connection), ensuring system security and stability in the long term and enabling the optimisation of our website as well as for internal statistical purposes. This constitutes our legitimate interest in data processing within the meaning of Art. 6 para. 1 lit. f GDPR and DSG.

The IP address is also evaluated together with the other data in the event of attacks on the network infrastructure or other unauthorised or abusive website use for clarification and defence purposes and, if necessary, used in the context of criminal proceedings for identification and for civil and criminal proceedings against the users concerned. This constitutes our legitimate interest in data processing within the meaning of Art. 6 para. 1 lit. f GDPR and DSG.

The content of our website has been carefully created and checked several times, but we assume no liability for the topicality, correctness and completeness of the information provided. Claims for damages due to the use or non-use of the information or due to the use of incorrect or incomplete information are excluded. All offers are subject to change and non-binding. We reserve the right to change, supplement or delete the offer or parts thereof without prior notice or to temporarily or permanently cease publication of the website.

The content and programming of our website are protected by copyright and ancillary copyright. Any duplication – even in part – and public reproduction, in particular the copying of texts, graphics and photos, is prohibited without our prior written consent.

2. Storage and exchange of data with third parties

2.1 Booking platforms

If you make bookings via a third-party platform, we receive various pieces of personal information from the respective platform operator. This is generally the data listed in section 5 of this privacy policy. In addition, we may receive enquiries about your booking. We will process this data by name in order to record your booking as requested and provide the booked services. The legal basis for data processing for this purpose is the fulfilment of a contract in accordance with Art. 6 para. 1 lit. b GDPR and FADP.

Finally, we may be informed by the platform operators about disputes in connection with a booking. We may also receive data on the booking process, which may include a copy of the booking confirmation as proof of the actual completion of the booking. We process this data to safeguard and enforce our claims. This is our legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR and DSG. Please also note the privacy policy of the respective provider.

2.2 Retention period

We only store personal data for as long as is necessary to use the above-mentioned tracking services and other processing within the scope of our legitimate interest. We store contractual data for longer, as this is required by statutory retention obligations. Retention obligations that oblige us to retain data result from regulations on reporting law, accounting and tax law.

According to these regulations, business communication, concluded contracts and accounting documents must be stored for up to 10 years. If we no longer need this data to perform the services for you, the data will be deleted.

2.3 Disclosure of data to third parties:

Your personal data may be transferred by us within the Group, taking into account the permitted purposes of use, to processors (e.g. for our electronic advertising in the form of newsletters) and, to third parties who need to be involved in the provision of the services you have requested, all of whom have undertaken to us to comply with the applicable data protection standards. In the event of debt collection and the enforcement of outstanding claims, the personal data will also be passed on to processors (debt collection).

We only pass on your personal data if you have expressly consented to this, if there is a legal obligation to do so or if this is necessary to enforce our rights, in particular to enforce claims arising from the contractual relationship.

In addition, we pass on your data to third parties if this is necessary in the context of using the website and contract processing (including outside the website), namely the processing of your bookings.

Finally, we forward your credit card information to your credit card issuer and the credit card acquirer when you pay by credit card on the website. If you decide to pay by credit card, you will be asked to enter all mandatory information. The legal basis for passing on the data is the fulfilment of a contract in accordance with Art. 6 para. 1 lit. b GDPR and DSG. With regard to the processing of your credit card information by these third parties, please also read the General Terms and Conditions and the privacy policy of your credit card issuer.

2.4 Transfer of personal data abroad

We are authorised to transfer your personal data to third parties (contracted service providers) abroad for the purposes of the data processing described in this privacy policy. These companies are obliged to protect data to the same extent as we are. If the level of data protection in a country does not correspond to that in Switzerland or the EU, we ensure by contract that the protection of your personal data corresponds to that in Switzerland or the EU at all times. We would like to point out that our data is mainly processed in Switzerland and the EU.

3. Data processing in connection with your stay

3.1 Data processing to fulfil the legal obligation to register:

Upon arrival at our hotels or serviced flats, we require the following information from you and your travelling companions (*mandatory):

  • First and last name*
  • Postal address and canton*
  • Date of birth*
  • Place of birth*
  • Nationality*
  • Official identification card and number*
  • Day of arrival and departure

We collect this information to fulfil legal reporting obligations, in particular those arising from hospitality or police law. Insofar as we are obliged to do so under the applicable regulations, we forward this information to the competent police authority.

3.2 Recording of services received:

If you purchase additional services as part of your stay (e.g. visits to the restaurant, hotel bar, private SPA, etc.), the subject of the service will be recorded. If you make use of additional services during your stay (e.g. visits to the restaurant, hotel bar, private spa, etc.), we will record the subject matter of the service and the time at which it was purchased for billing purposes. The processing of this data is necessary within the meaning of Art. 6 para. 1 lit. b GDPR and DSG for the execution of the contract with us.

3.3 Security of personal data:

During their stay in one of our hotels or restaurants, each guest is responsible for the security of their personal data. Personal data such as passports, ID cards or medication should not be left lying around in plain sight and should ideally be locked to ensure security.

3.4 Video surveillance:

In the public areas of our hotels, restaurants and serviced flats, video cameras are installed in the interest of protecting people and property and are labelled accordingly. As a rule, the data is deleted from our internal local server after 72 hours at the latest, provided that no significant events have been detected within this period. In the event of incidents affecting the safety or property of a person, the recording is retained and used for evidence purposes. It may be passed on to authorities for the enforcement of rights or for law enforcement purposes.

4. Further information

4.1 Right of access, rectification, erasure and restriction of processing; right to data portability:

You can object to data processing at any time, especially data processing in connection with direct advertising (e.g. against advertising emails). You also have the following rights:

Right to information:
You have the right to request access to your personal data stored by us at any time if we are processing it. This gives you the opportunity to check what personal data we process about you and that we use it in accordance with the applicable data protection regulations. A fee of up to CHF 500.00 may be charged for an inspection if the search is particularly extensive. We will respond to your request within 30 days.

Right to rectification:
You have the right to have inaccurate or incomplete personal data rectified and to be informed of the rectification. In this case, we will inform the recipients of the data concerned about the adjustments made, unless this is impossible or involves disproportionate effort.

Right to erasure:
You have the right to have your personal data erased under certain circumstances. In individual cases, the right to erasure may be excluded, e.g. in the case of statutory retention periods.

Right to restriction of processing:
Under certain circumstances, you have the right to request that the processing of your sensitive personal data be restricted.

Right to data portability:
Under certain circumstances, users outside Switzerland have the right to receive from us the personal data that you have provided to us in a readable format. An expense of up to CHF 500.00 may be charged for this.

Right to lodge a complaint:
You have the right to lodge a complaint with a competent supervisory authority about the way in which your personal data is processed. If you do not agree with our handling of your rights or data protection, please inform us or our data protection officer (section 4.4). In particular, if you are located in the EEA, the United Kingdom or Switzerland, you also have the right to lodge a complaint with the data protection supervisory authority in your country. A list of authorities in the EEA can be found here: https://edpb.europa.eu/about-edpb/board/members_de.

You can contact the supervisory authority in the United Kingdom here: https://ico.org.uk/global/contact-us/. You can also contact the Federal Data Protection and Information Commissioner: https://www.edoeb.admin.ch/edoeb/en/home/der-edoeb/kontakt/adresse.html.

Right to withdraw consent:
You have the right to withdraw your consent at any time. However, processing activities based on your consent in the past are not rendered unlawful by your revocation. We have the right to refuse further contact with you if we are not permitted to use your data.

4.2 Data security:

We use suitable technical and organisational security measures to protect your personal data stored by us against manipulation, partial or complete loss and against unauthorised access by third parties. Our security measures are continuously improved in line with technological developments.

You should always treat your access data confidentially and close the browser window when you have finished communicating with us, especially if you share the computer with others. We also take data protection within the company very seriously. Our employees and the service companies commissioned by us have been obliged by us to maintain confidentiality and to comply with data protection regulations. We will inform you immediately of any data leaks or breaches of data security.

4.3 Note on data transfers to the USA:

In the event that a transfer to the USA takes place without our knowledge, we provide the following information:

For the sake of completeness, we would like to point out to users residing or domiciled in Switzerland that surveillance measures are in place in the USA by US authorities, which generally allow the storage of all personal data of all persons whose data has been transferred from Switzerland to the USA. This is done without differentiation, restriction or exception on the basis of the objective pursued and without an objective criterion that makes it possible to restrict the US authorities’ access to the data and its subsequent use to very specific, strictly limited purposes that justify the interference associated with both access to this data and its use. We would also like to point out that there are no legal remedies available in the USA for data subjects from Switzerland that would allow them to gain access to the data concerning them and to obtain its correction or deletion, or that there is no effective legal protection against general access rights of US authorities.

We explicitly draw the attention of the data subject to this legal and factual situation so that they can make an appropriately informed decision to consent to the use of their data.

We would like to point out to users residing in a member state of the EU that the USA does not have an adequate level of data protection from the point of view of the European Union – among other things due to the issues mentioned in this section. Insofar as we have explained in this privacy policy that recipients of data (such as Google) are based in the USA, we will either ensure through contractual arrangements with these companies that your data is protected at an appropriate level by our partners.

4.4 Contact person:

Unless otherwise communicated in individual cases, Achesa Management AG is responsible under data protection law for the data processing described in this Privacy Policy.

Our address is:

Achesa Management AG
Hamelirainstrasse 5
CH-8152 Kloten

For all questions, information and complaints, please contact us by e-mail:

datenschutz@a-chesa.ch

4.5 Amendment to the privacy policy:

This privacy policy is not part of any contract with you. We may amend this Privacy Policy at any time. The version published on this website is the current version.

This page was last modified on 20 November 2023. If you have any questions or comments about our legal information or data protection, please contact us at datenschutz@a-chesa.ch.


Kloten in November 2023

Start your career in achesa group Apply now!
© 2024 achesa.group | website by opensmjle
This site is registered on wpml.org as a development site. Switch to a production site key to remove this banner.