By accessing our website or by booking a room in our hotel, you may provide us with information such as: your name and surname (for a physical person), company name (legal person), residential address and domicile or postal address, headquarters address, email address, profession and professional status (employee or independent), your function within your company, your age and sex, as well as the IP address with which you are connected to the internet.
This information and the manner in which it is processed are protected by the new European Union General Data Protection Regulation (“GDPR”) which entered into force on 25 May 2018.
Data protection is a key concern for us. The aim of this confidentiality declaration is to ensure that you are aware of the information that we process and to assist you in understanding the manner in which we may use such information that has been voluntarily given to us by you as a visitor to our site or when you communicate with us in any other manner.
2. LEGAL BASES
Last update: 31 August 2018
4. OUR SITE URL
An IP address is a numerical label assigned to each device connected to a computer network that uses the Internet Protocol for communication.
So-called personal data is information that may be used to identify or that we can associate with you. It includes all the information related to an identifiable or unidentifiable physical or legal person (by grouping information). In particular and as an example, this data includes the surname, name, postal address, domicile or residence, company name, headquarters address, e-mail, telephone number, age, profession, professional status or position held in a company, etc.
This is the action through which a physical or legal person accepts the collection and processing of their personal data after being clearly informed of the purpose of the processing.
A cookie refers to a text file that the site you are visiting records on the hard drive or in the memory of the workstation browser you are using to access the internet. A cookie allows your computer to store various technical data enabling overall monitoring of public access to a site (number of visits, length of the visit, connection to other sites, etc.) or the personalization of pages displayed with a view to your future interactions with the same site (your account, pages most frequently visited, etc.).
A file is a collection of all kinds of personal data and whose structure makes it possible to search for the data according to the person concerned.
Purpose of processing
The purpose of processing is the reason for which information is collected and processed.
Any physical or legal person who is the subject of data processing of a personal nature.
Data processing controller
The controller is the physical or legal person on behalf of whom the processing is being undertaken. They determine the purpose of processing either alone or jointly.
The subcontractor is any physical or legal person, public authority, service or other body that processes data of a personal nature on behalf of the controller. For example, the host of an internet site or online services supplier – notably for electronic messaging.
Tags or HTML tags are the basic HTML code elements of a web page. They are invisible to web users (unless the code source display is activated). They are interpreted by the web browser to compose the page.
They enable the formatting and structuring of content and some are specifically taken into consideration by search engine algorithms in order to establish the score of the page on request along with providing the results.
Every operation or all operations related to processing of personal data, whether or not it is assisted by automated processes, notably the collection, recording, organization, exploitation, conservation, adaptation, modification, extraction, consultation, use, communication through transmission, dissemination or any other form of provision, reconciliation or interconnection as well as limitation, erasing or destruction.
6. PROCESSING YOUR DATA
We only collect and process information that you provide voluntarily and for which you expressly provide your consent to processing.
You have the option of receiving our newsletter by inserting your e-mail address through or website or by ticking the corresponding box on the registration form at the check-in.
If you have signed up to receive our newsletter and you no longer wish to receive some or all of our mailings, you can unsubscribe at any time for all those you signed up for. In order to do this, simply click on the “unsubscribe” link at the bottom of the newsletter. Should you wish to unsubscribe from all our mailings, your information will automatically be deleted from the file designed for this purpose.
7. PURPOSE OF PROCESSING
Data of a personal nature that we process is used within the framework of our business relationship, or more generally so that we can communicate with you, fine-tune topics that interest you, send you information that is relevant to you and keep our contact and client list updated.
In short, we only process your information with the aim of better meeting your needs.
We do not sell your personal information or make it available to third parties with the exception of subcontractors that we may use for data processing.
In collecting some of your personal information, there are two distinct processing purposes:
1- An operational purpose
- Respond to requests for contacts or information
2- A marketing purpose
- Sending newsletters
- Sending occasional offers.
8. LENGTH OF TIME FOR WHICH PERSONAL INFORMATION IS STORED
Your information is stored in our systems for as long as is required for the planned processing. When processing is complete, the data is destroyed.
9. TRANSFER OF INFORMATION
To process your data, as well as for the maintenance and support of our IT systems, we call upon subcontractors (service providers) based in EU and abroad.
When our subcontractors’ servers are located abroad, we ensure that they are set up in a state where the legislation with regard to data protection is equivalent to the GDPR and that our subcontractors apply organizational and technical measures that comply with both the latter.
10. DATA PROTECTION MEASURES
We strive to maintain a high level of security with regard to data collection, processing and conservation by applying organizational and technical measures and by taking all the necessary and useful precautions with regard to the nature of personal data with which you may agree to provide us and the risks that its processing represent in order to maintain security and in particular prevent it from being altered, damaged, destroyed or made available to unauthorized third parties.
12. YOUR RIGHTS
Right to information
You have the right to be informed about data of a personal nature that concerns you, notably the type of data and the purpose of processing.
Right of access to data
You have the right to request access to your data at any time.
Right of rectification of your data
You have the right to request rectification or updating of your data.
Right to erase data (Right to be forgotten)
Within the framework of the GDPR, European Union residents may request the total and permanent erasure of data that concerns them.
Right to limitation of data processing
You have the right to limit processing of your data, notably with regard to the nature, purpose and duration of processing.
Right to data portability (transmission to third parties on your instructions)
Within the framework of the GDPR, residents of the European Union have the right to request that their data be transmitted to third parties.
Right of opposition to data processing
You have the right to oppose processing of your data at any time.
Right not to be subject to an automated individual decision
You have the right not to be subject to a decision resulting exclusively from automated processing with legal consequences that concern you or affect you significantly. Profiling is expressly included in this.
13. EXERCISING YOUR RIGHTS & REQUESTING INFORMATION
You may exercise your rights or request information by emailing us at the e-mail address below or using our contact form or by post at the address below. We will do our best to respond to you as quickly as possible.
Controller: Grand Hotel Park SA
Address: 29, WISPILENSTRASSE – 3780 GSTAAD, SWITZERLAND
Tel.: +4133 74898 00