Privacy policy guests

The non-profit organisation “Focolare Movement Switzerland” is the operator of the DIALOGHOTEL ECKSTEIN
(“Hotel”) and the website www.dialoghotel-eckstein.ch (hereinafter “Website”) and, unless otherwise stated, is responsible for the data processing specified in this privacy policy.

So that you know what personal data we collect from you and for what purposes we use it, please take note of the following information. When it comes to data protection, we are primarily guided by the legal requirements of Swiss data protection law, in particular the Federal Act on Data Protection (FADP).

Please note that the following information is reviewed and amended from time to time. We therefore recommend that you consult this privacy policy regularly. Furthermore, other companies are responsible or jointly responsible with us under data protection law for individual data processing operations listed below, so that in these cases the information provided by these providers is also authoritative.

2. Contact person for data protection

If you have any questions about data protection or would like to exercise your rights, please contact our Managing Director – who is our contact person for data protection – by sending an e-mail to the following address: .

3. Your rights

If the legal requirements are met, you have the following rights as a person affected by data processing:

Right to information: You have the right to request access to your personal data stored by us at any time free of charge (insofar as we process it). This gives you the opportunity to check what personal data we process about you and that we use it in accordance with the applicable data protection regulations.

Right to rectification: You have the right to have inaccurate or incomplete personal data rectified and to be informed of the rectification. In this case, we will inform the recipients of the data concerned of the adjustments made, unless this is impossible or involves disproportionate effort.

Right to erasure: You have the right to have your personal data erased under certain circumstances. In individual cases, particularly in the case of statutory retention obligations, the right to erasure may be excluded. In this case, the data may be blocked instead of erased if the conditions are met.

Right to restriction of processing: You have the right to request that the processing of your personal data be restricted.

Right to data portability: You have the right to receive from us, free of charge, the personal data that you have provided to us in a readable format.

Right to object: You can object to data processing at any time, in particular for data processing in connection with direct advertising (e.g. advertising e-mails).

Right of revocation: In principle, you have the right to revoke your consent at any time. However, processing activities based on your consent in the past are not rendered unlawful by your revocation.

To exercise these rights, please send an e-mail to the following address for the attention of our managing director: .

Right to lodge a complaint: You have the right to lodge a complaint with a competent supervisory authority, e.g. against the way in which your personal data is processed,

4. Data security

We use suitable technical and organisational security measures to protect your personal data stored by us against loss and unlawful processing, in particular unauthorised access by third parties. Our employees and the service companies commissioned by us are obliged by us to maintain confidentiality and to respect data protection. Furthermore, these persons are only granted access to personal data to the extent necessary to fulfil their tasks.

Our security measures are continuously adapted in line with technological developments. However, the transmission of information via the Internet and electronic means of communication always harbours certain security risks and we cannot provide an absolute guarantee for the security of information transmitted in this way.

5. Contact us at

If you contact us via our contact addresses and channels (e.g. by e-mail, telephone or contact form), your personal data will be processed. The data that you have made available to us will be processed, e.g. the name of your company, your name, your function, your e-mail address or telephone number and your enquiry. In addition, the time of receipt of the enquiry is documented. Mandatory information is marked with an asterisk (*) in contact forms.

We process this data exclusively in order to fulfil your request (e.g. providing information about our hotel, support with contract processing such as questions about your booking, incorporating your feedback into improving our service, etc.).
booking, incorporation of your feedback into the improvement of our service, etc.).

6. Use of your data for marketing purposes

6.1 Centralised data storage and analysis in the CRM system

If a clear assignment to your person is possible, we will store and link the data described in this data protection declaration, i.e. in particular your personal details, your contacts, your contract data and your surfing behaviour on our websites in a central database. This serves the efficient management of customer data and allows us to respond to your requests appropriately and enables the efficient provision of the services requested by you and the processing of the associated contracts.

We analyse this data in order to further develop our offers in line with your needs and to display and suggest the most relevant information and offers to you. We also use methods that predict possible interests and future orders based on your use of the website.

6.2 Email marketing and newsletters

If you register for our e-mail newsletter (whether on our website or elsewhere), the following data will be collected. Mandatory information is marked with an asterisk (*) in the registration form:

eMail address
First name and surname

By registering, you consent to the processing of this data in order to receive news from us about our hotel and related information on products and services. This may also include requests to evaluate one of the aforementioned products and services. The collection of the salutation and name allows us to verify the assignment of the registration to any existing customer account and to personalise the content of the emails. The link to a customer account helps us to make the offers and content contained in the newsletter more relevant to you and better customise them to your potential needs. You also consent to the statistical analysis of user behaviour for the purpose of optimising and adapting the newsletter.

We will use your data to send you emails until you withdraw your consent. Revocation is possible at any time, in particular via the unsubscribe link in all our marketing e-mails.

Our marketing emails may contain a so-called web beacon or 1×1 pixel (tracking pixel) or similar technical aids. A web beacon is an invisible graphic that is linked to the user ID of the respective newsletter subscriber. For each marketing email sent, we receive information on which addresses have not yet received the email, to which addresses it was sent and which addresses failed to receive it. We also see which addresses have opened the email, for how long and which links they have clicked on. Finally, we also receive information about which addresses have unsubscribed. We use this data for statistical purposes and to optimise the advertising e-mails in terms of frequency, timing, structure and content of the e-mails. This enables us to better tailor the information and offers in our e-mails to the individual interests of the recipients.

The web beacon will be deleted when you delete the email. To prevent the use of the web beacon in our marketing e-mails, please set the parameters of your e-mail programme so that HTML is not displayed in messages, if this is not already the case by default. You can find information on how to configure this setting in the help sections of your e-mail software, e.g. here for Microsoft Outlook.

We use the email marketing software “sendinblue” from Sendinblue for marketing emails. Therefore, your data is stored in a database of Sendinblue Germany, which allows Sendinblue to access your data if this is necessary for the provision of the software and for support in the use of the software. Sendinblue Germany is domiciled in Berlin-Mitte. Their experts for support, sales, marketing and IT are based there. The Berlin team has been part of the Sendinblue family since April 2020 and primarily supports the DACH region.

7. Disclosure to third parties and access by third parties

Without the support of other companies, we would not be able to provide our services in the desired form. In order for us to be able to use the services of these companies, it is also necessary to pass on your personal data to a certain extent. Such disclosure takes place in particular if this is necessary for the fulfilment of the contract you have requested, i.e. e.g. to other hotels, restaurants or other third-party providers for which you have made a booking or order (e.g. flower arrangements for a banquet).

Data is also passed on to selected service providers and only to the extent necessary for the provision of the service. Various third-party service providers are also already explicitly mentioned in this privacy policy, e.g. in the sections on marketing. These are, for example, IT service providers (e.g. providers of software solutions), advertising agencies and consulting firms.

In addition, your data may be passed on to authorities, legal advisors or debt collection agencies in particular if we are legally obliged to do so or if this is necessary to protect our rights, in particular to enforce claims arising from the relationship with you. Data may also be disclosed if another company intends to acquire our company or parts thereof and such disclosure is necessary to carry out a due diligence review or to complete the transaction.

8. Transfer of personal data abroad

We are also authorised to transfer your personal data to third parties abroad if this is necessary to carry out the data processing specified in this privacy policy (see in particular sections 12-15). It goes without saying that the statutory provisions on the disclosure of personal data to third parties will be complied with. If the country in question does not have an adequate level of data protection, we ensure through contractual regulations that your data is adequately protected by these companies.

9. Retention periods

We only store personal data for as long as is necessary to carry out the processing described in this privacy policy within the scope of our legitimate interest. In the case of contractual data, storage is prescribed by statutory retention obligations. Requirements that oblige us to retain data result from accounting and tax regulations. According to these regulations, business communication, concluded contracts and accounting documents must be stored for up to 10 years. If we no longer need this data to perform the services for you, the data will be blocked. This means that the data may then only be used if this is necessary for the fulfilment of retention obligations or for the defence and enforcement of our legal interests. The data will be deleted as soon as there is no longer an obligation to retain it and there is no longer a legitimate interest in retaining it.

Special notes for our website

10.Log file data

When you visit our website, the servers of our hosting provider (Cyon AG, Switzerland) temporarily store every access in a log file. The following data is recorded without any action on your part and stored by us until it is automatically deleted:

the IP address of the requesting computer
the date and time of access
the name and URL of the retrieved file
the website from which the access was made, if applicable with the search term used
the operating system of your computer and the browser you are using (incl. type, version and language setting)
Device type in the event of access by mobile phones
the city or region from which the access was made
the name of your Internet access provider

This data is collected and processed for the purpose of enabling the use of our website (establishing a connection), ensuring system security and stability in the long term, analysing errors and performance and enabling us to optimise our website (see also section 13).

In the event of an attack on the network infrastructure of the website or in the event of suspicion of other unauthorised or abusive website use, the IP address and other data will be evaluated for clarification and defence purposes and, if necessary, used in the context of criminal proceedings for identification and for civil and criminal proceedings against the users concerned.

Finally, when you visit our website, we use cookies as well as applications and tools that are based on the use of cookies. The data described here may also be processed in this context. You will find more detailed information on this in the following sections of this privacy policy, in particular section 11.

11.Cookies

Cookies are information files that your web browser stores on your computer’s hard drive or memory when you visit our website. Cookies are assigned identification numbers that identify your browser and allow the information contained in the cookie to be read.

Cookies help, among other things, to make your visit to our website easier, more pleasant and more meaningful. We use cookies for various purposes that are required for your desired use of the website, i.e. are “technically necessary”. For example, we use cookies to be able to identify you as a registered user after you have logged in without you having to log in again each time you navigate the various subpages. The provision of the “Book direct” function is also based on the use of cookies. Cookies also perform other technical functions required for the operation of the website, such as load balancing, i.e. the distribution of the performance load of the site to different web servers in order to reduce the load on the servers. Cookies are also used for security purposes, for example to prevent the unauthorised posting of content. Finally, we also use cookies as part of the design and programming of our website, e.g. to enable the uploading of scripts or codes.

Most Internet browsers accept cookies automatically. However, when you access our website, we ask for your consent to the cookies we use that are not technically necessary. You can make your desired settings using the corresponding buttons in the cookie banner. Details on the services and data processing associated with the individual cookies can be found within the cookie banner and in the following sections of this privacy policy.

You may also be able to configure your browser so that no cookies are stored on your computer or so that a message always appears when you receive a new cookie. On the following pages you will find explanations of how you can configure the processing of cookies in selected browsers.

If you deactivate cookies, you may not be able to use all the functions of our website.

You can find more detailed information about the cookies used on our website and their providers at https://dialoghotel-eckstein.ch/cookies.

12.Google SiteSearch / Google Custom Search Engine

This website uses the Google SiteSearch/Google Custom Search Engine of Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA). This enables us to provide you with an efficient search function on our website.

When using our search fields, your browser may transmit the data described in section 10 (incl. IP address) and the search term you enter to Google if you have installed JavaScript in your browser. If you wish to prevent the transmission of data, you can deactivate JavaScript in your browser settings (usually in the “Data protection” menu). Please note that the search function and other functions of the website may be impaired in this case.

For further processing of the data by Google, please refer to Google’s privacy policy: www.google.com/intl/de_de/policies/privacy.

13.Tracking and web analysis tools

13.1 General information about tracking

We use the web analysis services listed below for the purpose of designing and continuously optimising our website to meet your needs. In this context, pseudonymised user profiles are created and cookies are used (please also refer to section 11). The information generated by the cookie about your use of this website is generally stored together with the data specified in section 10 to a server of the service provider, where it is stored and processed. This may also involve a transfer to servers abroad, e.g. in the USA (see, in particular with regard to the guarantees taken, Section 8).

By processing the data, we obtain the following information, among other things:

Navigation path followed by a visitor on the site (incl. content viewed and products selected or purchased or services booked)
Dwell time on the website or subpage
the subpage on which the website is left
the country, region or city from which access is made
End device (type, version, colour depth, resolution, width and height of the browser window)
returning or new visitors

The provider will use this information on our behalf to analyse the use of the website, to compile reports on website activity for us and to provide other services relating to website activity and internet usage for the purposes of market research and the needs-based design of this website. For these processing operations, we and the providers can be regarded as joint controllers under data protection law up to a certain extent.

You can reject the processing by rejecting or switching off the relevant cookies in the settings of your web browser (see section 11) or by making use of the service-specific options described below.

For further processing of the data by the respective provider as the (sole) controller under data protection law
(sole) controller, in particular any forwarding of this information to third parties such as authorities due to national legal regulations, please refer to the respective data protection information of the provider.

13.2 Google Analytics

We use the web analysis service Google Analytics from Google Ireland Limited (Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland) or Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA) (“Google”).

The data described about the use of the website for the processing purposes explained (see section 13.1) to the servers of Google LLC. in the USA. The IP address is shortened by activating IP anonymisation (“anonymizeIP”) on this website before transmission within the member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and truncated there.

Users can prevent Google from collecting the data generated by the cookie and relating to the use of the website by the user concerned (including the IP address) and from processing this data by Google by downloading and installing the browser plug-in under the following link:

http://tools.google.com/dlpage/gaoptout?hl=de. Further information on data protection at Google can be found here.

14.Social media

14.1 Social media profiles

We have included links to our profiles in the social networks of the following providers on our website:

Meta Platforms Inc, 1601 S California Ave, Palo Alto, CA 94304, USA;
Instagram Inc. 1601 Willow Road, Menlo Park, CA 94025, USA;
Twitter Inc. with registered office at 1355 Market Street, Suite 900, San Francisco, CA 94103, USA;
Linkedin Unlimited Company, Wilton Place, Dublin 2, Ireland.

If you click on the social network icons, you will be automatically redirected to our profile in the respective network. This establishes a direct connection between your browser and the server of the respective social network. As a result, the network receives the information that you have visited our website with your IP address and clicked on the link.

If you click on a link to a network while you are logged into your user account with the network in question, the content of our website can be linked to your profile so that the network can assign your visit to our website directly to your account. If you want to prevent this, you should log out before clicking on the relevant links. A connection between your access to our website and your user account takes place in any case if you log in to the respective network after clicking on the link. The respective provider is responsible under data protection law for the associated data processing. Please therefore note the information on the network’s website.

14.2 Social media plugins

You can use social plugins from the providers listed below on our website:

Meta Platforms Inc, 1601 S California Ave, Palo Alto, CA 94304, USA, data protection information;
Instagram Inc, 1601 Willow Road, Menlo Park, CA 94025, USA, privacy policy;
Twitter Inc, 1355 Market Street, Suite 900, San Francisco, CA 94103, USA, data protection information;
Linkedin Unlimited Company, Wilton Place, Dublin 2, Ireland, Privacy Notice.

We use social plugins to make it easier for you to share content from our website. The social plugins help us to increase the visibility of our content in social networks and thus contribute to better marketing.

The plugins are deactivated on our website by default and therefore do not send any data to the social networks when you simply visit our website. To increase data protection, we have integrated the plugins in such a way that a connection is not automatically established with the servers of the networks. Your browser only establishes a direct connection to the servers of the respective social network when you activate the plugins and thus give your consent to data transmission and further processing by the social network providers.

The content of the plugin is transmitted by the social network directly to your browser, which integrates it into the website. As a result, the respective provider receives the information that your browser has accessed the corresponding page of our website, even if you do not have an account with this social network or are not currently logged in to it. This information (including your IP address) is transmitted directly from your browser to a server of the provider (usually in the USA) and stored there. We have no influence on the scope of the data that the provider collects with the plugin, although we can be considered jointly responsible with the providers to a certain extent from a data protection perspective.

If you are logged in to the social network, it can assign your visit to our website directly to your user account. If you interact with the plugins, the corresponding information is also transmitted directly to a server of the provider and stored there. The information (e.g. that you like a product or service from us) may also be published on the social network and possibly displayed to other users of the social network. The provider of the social network may use this information for the purpose of displaying advertising and customising the respective offer. For this purpose, usage, interest and relationship profiles may be created, e.g. to analyse your use of our website with regard to the advertisements displayed to you on the social network, to inform other users about your activities on our website and to provide other services associated with the use of the social network. The purpose and scope of the data collection and the further processing and use of the data by the providers of the social networks as well as your rights in this regard and setting options to protect your privacy can be found directly in the data protection information of the respective provider.

If you do not want the provider of the social network to assign the data collected via our website to your user account, you must log out of the social network before activating the plugins. You can revoke your consent at any time by declaring your revocation to the provider of the plugin in accordance with the information in their privacy policy.

15.Online advertising and targeting

15.1 No third-party online advertising

We do not use the services of other companies to show you customised online advertising.

Consequently, neither tracking of your user behaviour (“tracking”) nor a targeted display of advertising (“targeting”) by other companies is possible.

15.2 Google Ads

This website uses the services of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”) for online advertising. Google uses cookies for this purpose, such as the so-called DoubleClick cookie, which enable your browser to be recognised when you visit other websites. The information generated by the cookies about your visit to these websites (including your IP address) is transmitted to a Google server in the USA and stored there (please also refer to section 8). Further information on data protection at Google can be found here.

You can revoke your consent at any time by rejecting or switching off the relevant cookies in the settings of your web browser (see section 11). Further options for blocking advertising can be found here.

16. Booking on our website, by correspondence or by phone call

If you make bookings or order vouchers either via our website (simplebooking, see also section 18), by correspondence (e-mail or letter post) or by telephone call, we collect the following data, whereby mandatory information is marked with an asterisk (*) in the corresponding form:

Salutation
First name
Surname
Street and house number
Postcode Postcode
Place
Country
Date of birth
eMail address
Telephone number
Language
Credit card information

We will only use this data and other information voluntarily provided by you (e.g. expected arrival time, motor vehicle licence plate, preferences, comments) to process the contract, unless otherwise stated in this privacy policy or unless you have given your separate consent. We will process the data by name in order to record your booking as requested, to provide the booked services, to contact you in the event of ambiguities or problems and to ensure correct payment. Your credit card details will be automatically deleted after your departure.

17.Payment processing online

If you make chargeable bookings on our website or add products, depending on the product or service and the desired payment method – in addition to the information specified in Section 16 – you may be required to provide further data, such as your credit card details or the login for your payment service provider. This information and the fact that you have purchased a service from us at the relevant amount and time will be forwarded to the respective payment service providers (e.g. providers of payment solutions, credit card issuers and credit card acquirers). Please always note the information provided by the respective company, in particular the privacy policy and general terms and conditions.

18.Bookings via booking platforms

If you make bookings via a third-party platform (e.g. via simplebooking, booking.com, Hotel, Escapio, Expedia, Holidaycheck, Hotel Tonight, HRS, Kayak, Mr & Mrs Smith, Splendia, Tablet Hotels, Tripadvisor, Trivago, Weekend4Two or similar), we receive various personal information from the respective platform operator in connection with the booking made. This is generally the data listed in section 16 of this privacy policy.

In addition, enquiries about your booking may be forwarded to us. We will process this data by name in order to record your booking as requested and provide the booked services.

Finally, we may be informed by the platform operators about disputes in connection with a booking. We may also receive data on the booking process, which may include a copy of the booking confirmation as proof of the actual completion of the booking. We process this data to safeguard and enforce our claims.

Please also note the data protection information of the respective booking platform.

19.Submission of ratings

In order to help other users with their purchase decision and to support our quality management (in particular the processing of negative feedback), you have the opportunity to rate your stay with us via our online questionnaire at www.trustyou.com. The data that you have made available to us will be processed and published on the website, i.e. in addition to your rating and the time of your rating, any comments that you have added to your rating or the name you have given.

We reserve the right to delete unlawful reviews or have them deleted and to contact you in the event of suspicion and ask you to comment.

20.Application for an open position

You have the opportunity to apply to us spontaneously, in person or via a corresponding e-mail address, for a specific job advertisement. For this purpose we collect the following
data, whereby mandatory information (if in form form) is marked with an asterisk (*):

First name
Name
eMail address
Application documents (e.g. CV, letter of motivation, certificates, etc.)

We use this and other data you provide voluntarily to review your application. Application documents of unsuccessful applicants will be deleted at the end of the application process, unless you explicitly consent to a longer retention period or we are legally obliged to retain them for a longer period.

Data processing in connection with your stay

21.Data processing for the fulfilment of legal reporting obligations

On arrival at our hotel, we may require the following information from you and your travelling companions (mandatory *):

First name and surname
Postal address and canton
Date of birth
Nationality
Official identification card and number
Arrival and departure day

We collect this information to fulfil legal reporting obligations, in particular those arising from hospitality or police law. Insofar as we are obliged to do so under the applicable regulations, we forward this information to the competent police authority.

22.Recording of purchased services

If you purchase additional services during your stay (e.g. wellness, restaurant, activities), we will record the subject of the service and the time of purchase for billing purposes.

23.Guest feedback

If you have provided us with your e-mail address in connection with your booking, you will receive a post-stay e-mail after your departure. In it, we thank you for your stay and ask you to rate your hotel experience via our online questionnaire (see section 19) or on online platforms such as Google. We collect the following data in our questionnaire, whereby mandatory information is marked with an asterisk (*) in the corresponding form:

Name
eMail*
Type of journey*
Country of origin*
Month and year of travel*

Providing guest feedback is completely voluntary. However, it helps us to continuously improve our offer and our services and to adapt them to your needs. We will only use the information provided to us for statistical purposes, unless otherwise stated in this privacy policy or unless you have given your separate consent. We will process the data by name in order to contact you in the event of any uncertainties.

24.Video surveillance

To prevent misuse and to take action against unlawful behaviour (in particular theft and damage to property), the entrance area and the publicly accessible areas of our hotel are monitored by cameras. The image data is only viewed if there is a suspicion of unlawful behaviour. Otherwise, the images are automatically deleted after 14 days.

For the provision of the video surveillance system, we use a service provider who may have access to the data if this is necessary for the provision of the system. If the suspicion of unlawful behaviour is substantiated, the data may then be passed on to the extent necessary for the enforcement of claims or the filing of reports to consulting firms (in particular our law firm) and authorities.

25.Use of our WiFi network

In our hotel we provide you with a WiFi network (WLAN) for free use. In doing so, you transmit the following data to the operating company Databaar AG, Zug:

Mobile phone number
MAC address of the end device (automatic)

In addition to the above data, data on the hotel visited, including the time, date and end device, is recorded each time the WiFi network is used.

Databaar AG, Zug, must comply with the legal obligations of the Federal Act on the Surveillance of Postal and Telecommunications Traffic (BÜPF) and the associated ordinance. If the legal requirements are met, the WiFi operator must monitor the use of the Internet and data traffic on behalf of the competent authority. The WiFi operator may also be obliged to disclose the customer’s contact, usage and marginal data to the authorised authorities. The contact, usage and peripheral data will be stored for 6 months and then deleted.

26.Payment processing

If you purchase products or services in our hotel using electronic means of payment or pay for your stay, the processing of personal data is required. By using the payment terminals, you transmit the information stored in your means of payment, such as the name of the cardholder and the card number, to the payment service providers involved (e.g. payment solution providers, credit card issuers and credit card acquirers). They also receive the information that the payment method was used in our hotel, the amount and the time of the transaction. Conversely, we only receive the credit of the amount of the payment made at the relevant time, which we can assign to the relevant receipt number, or information that the transaction was not possible or was cancelled. Please always refer to the information provided by the respective company, in particular the privacy policy and the general terms and conditions.

***