Skip to content

Privacy policy

Privacy policy Swiss Quality Hotels

The Swiss Quality Hotels Cooperative (SQHI) collects and processes personal data as part of its business activities. In this privacy policy, we explain how we collect and process personal data. Personal data is any information relating to an identified or identifiable natural person.
This privacy policy is subject to Swiss law. The collection and processing is governed in particular by the Swiss Data Protection Act (DPA). Where applicable, provisions of the European Union (EU), in particular the EU General Data Protection Regulation (GDPR), are taken into account.
We may amend this privacy policy at any time without prior notice. The current version published on our website applies.

Status 10.2023

Responsible for data processing

The person responsible for data processing is
Swiss Quality Hotels Cooperative
Seestrasse 353
CH-8038 Zurich
Telephone: +41 44 928 27 27
E-mail: E-Mail
If you have any data protection concerns, you can send them to us at the above contact address.

General

1 Collection and processing of personal data

We collect and process personal data that we receive in the course of our business activities and business relationships with customers, business partners and other persons.
Publicly known or accessible personal data may also be processed by us if this is necessary for our business activities.
As part of our business relationship, you must provide the personal data that is required for the establishment and implementation of a business relationship and the fulfillment of the associated contractual obligations. Without this data, we will generally not be able to conclude or execute a contract with you (or the entity or person you represent). The website can also not be used if certain information to secure data traffic (such as IP address) is not disclosed.

2 Processing purposes

We use the personal data we collect primarily to process our contracts and services with our affiliated hotels and with our business partners. If you work for such a customer or business partner, you may of course also be affected in this function with your personal data.
Personal data is collected by us on the basis of Art. 6 para. 1 lit. b GDPR if you provide it to us voluntarily for the execution of a contract (e.g. a booking or booking request) or when opening a customer account. This data is used to process the contract and your inquiries.
We also collect personal data when you apply for a job with us. The processing of this personal data is necessary for us to carry out the application process and is also based on Art. 6 para. 1 lit. b GDPR.
In addition, we also process personal data of you and other persons for the following purposes, to the extent permitted and deemed appropriate, in which we (and sometimes third parties) have a legitimate interest corresponding to the purpose (Art. 6 para. 1 lit. f GDPR):

  • Offer and further develop our products, services and websites, apps and other platforms;
  • Advertising and marketing (including the organization of events), provided you have not objected to the use of your data (if we send you advertising from us as an existing customer, you can object to this at any time and we will then put you on a blacklist against further advertising mailings).

 

3 Data transfer

As part of our business activities, we disclose the data to the hotels or service providers with whom we place bookings made by you via our online reservation system.
Third-party companies may be involved in order processing, guest reviews and the distribution of our affiliated hotels.
Some of the recipients are in Switzerland, but they can be anywhere in the world. In particular, you must expect your data to be transferred to all countries in which we are represented by group companies, branches or other offices, as well as to other countries in Europe (such as Italy, France and Germany) and the USA, where the service providers we use are located.
If a recipient is located in a country without adequate statutory data protection, we contractually oblige the recipient to comply with the applicable data protection regulations (we use the revised standard contractual clauses of the European Commission, which are available here: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?), unless the recipient is already subject to a legally recognized set of rules to ensure data protection and we cannot rely on an exemption provision. An exception may apply in particular in the case of legal proceedings abroad, but also in cases of overriding public interests or if the performance of a contract requires such disclosure, if you have given your consent or if the data in question has been made generally accessible by you and you have not objected to its processing.
Within the framework of the GDPR, we only pass on data if this is necessary for the fulfillment of the contract (Art. 6 para. 1 lit. b) or if we have a legitimate interest in doing so (Art. 6 para. 1 lit. f GDPR).

4 Storage period

We process and store your personal data for as long as is necessary for the fulfillment of our contractual and legal obligations or otherwise for the purposes pursued with the processing, i.e., for example, for the duration of the entire business relationship (from the initiation, execution to the termination of a contract) as well as beyond that in accordance with the statutory retention and documentation obligations. It is possible that personal data may be stored for the period in which claims can be asserted against our company and insofar as we are otherwise legally obliged to do so or legitimate business interests require this (e.g. for evidence and documentation purposes). As soon as your personal data is no longer required for the above-mentioned purposes, it will be deleted or anonymized as far as possible. For operational data (e.g.
system protocols, logs), shorter retention periods of twelve months or less generally apply.

5 Data security

We take appropriate technical and organizational security precautions to protect your personal data from unauthorized access and misuse.

6 Your rights

You have the following rights vis-à-vis us and the hotels with which you have made a booking with regard to the personal data concerning you:

  • Right to information,
  • Right to rectification or erasure,
  • Right to restriction of processing,
  • Right to object to the processing.

If data processing is based on your consent, you can revoke it at any time for the future without giving reasons. The revocation must be sent to the address [E-Mail]. In order to process your requests to exercise your rights, it may be necessary for you to identify yourself so that we can clearly identify you.
In Switzerland, there is no right of appeal to a supervisory authority. Persons in Switzerland can report a data protection breach to the Federal Data Protection and Information Commissioner. If the GDPR applies, there is a right of appeal to the competent data protection supervisory authority in accordance with Art. 77 EU GDPR.

Website

When you use our website, various personal data is collected. This privacy policy explains what data we collect when you visit our website and what we use it for. It also explains how and for what purpose this is done.
This declaration applies to the following websites:

  • www.SwissQualityHotels.com
  • www.sqh.ch
  • https://reservations.verticalbooking.com/premium/group_index.html
  • https://reservations.verticalbooking.com/premium/index2.html

It should be noted that links to other websites with different data protection rules are possible. When forwarding to external websites, the data protection regulations of the respective website apply.

1 General recording

Our website collects a range of general data each time it is accessed. This general data and information is stored in the server log files. The following data is recorded:

  • IP address
  • Date and time of the request
  • Time zone difference to GMT time zone
  • Content of the request
  • Access status/http status code
  • Amount of data transferred in each case
  • Website from which the request originates
  • Browser (incl. language and version)
  • Operating system and its interface

When using this general data, no assignment to a specific person takes place. The collection of this data is technically necessary in order to display our website to you and to ensure its stability and security.
Insofar as the EU GDPR is applicable, Art. 6 para. 1 lit. b and f constitute the legal basis for the processing.

2 Making contact

If you contact us via the contact form or the e-mail addresses provided, we will always treat the data you provide in compliance with the applicable data protection regulations. The data you provide will only be used to process your request.
This data is processed on the basis of Art. 6 para. 1 lit. a. in accordance with your consent, which you can revoke at any time.
We will retain the data you provide on the contact form until you request its deletion, revoke your consent for its storage, or the purpose for its storage no longer pertains (e.g. after fulfilling your request). Mandatory statutory provisions – in particular retention periods – remain reserved.

3 SSL or TLS encryption

This website uses SSL or TSL encryption for security reasons and to protect the transmission of confidential content, such as the requests you send to us as the site operator. You can recognize an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line.
If SSL encryption is activated, the data you transmit to us cannot be read by third parties.

4 Cookies

Our website uses cookies, which are small text files that are stored on your computer and can be retrieved from there. Cookies are used to enable you to log in to our services and to personalize the website for you. For this purpose, our website is supported by cookies that collect information about your IP address, the time and duration of your visit, the number of your visits, the use of forms, your search settings, your display view and your settings for favorites on our website. The storage duration of cookies varies.
You can prevent the setting of cookies by our website at any time by means of a corresponding setting of the Internet browser used and thus permanently object to the setting of cookies. Furthermore, cookies that have already been set can be deleted at any time via an Internet browser or other software programs. This is possible in all common Internet browsers. If the data subject deactivates the setting of cookies in the Internet browser used, not all functions of our website may be fully usable.
The legal basis for the collection of data by cookies within the scope of the GDPR is Art. 6 para. 1 lit. a and lit. f.

4.1 Google Analytics

Our website uses Google Analytics 4, a web analytics service provided by Google Inc (Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA). Google Analytics uses cookies to help the website analyze how users use the site. Google Analytics uses this information to evaluate the use of the website on behalf of the operator of this website, to compile reports on website activity and to provide other services related to website activity and internet usage to the website operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.
The legal basis is Art. 6 para. 1 lit. f GDPR.

4.2 Google Ads

Google Ads is an advertising program of Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, through which companies can place targeted ads.
Google Ads also uses cookies and uses this information to evaluate the success of the advertising campaign on behalf of the operator of this website, to compile reports and to provide the website operator with further services associated with the use of the website and the Internet. The IP address transmitted by your browser as part of Google Ads will not be merged with other Google data.
The legal basis is Art. 6 para. 1 lit. f GDPR.

5 Social media plugins

Plugins from various third-party providers of social media platforms may be integrated into the website. When you visit the website, these plugins may automatically transmit data to the third-party providers.

5.1 Facebook

Plugins from the social network Facebook, 1601 South California Avenue, Palo Alto, CA 94304, USA are integrated on our pages. You can recognize the Facebook plugins by the Facebook logo or the “Like” button on our site. You can find an overview of the Facebook plugins here: www.facebook.com/about/privacy/.
When you visit our pages, a direct connection is established between your browser and the Facebook server via the plugin. Facebook receives the information that you have visited our site with your IP address. If you click on the Facebook “Like” button while you are logged into your Facebook account, you can link the content of our pages to your Facebook profile. This allows Facebook to associate your visit to our pages with your user account. We would like to point out that, as the provider of the pages, we have no knowledge of the content of the transmitted data or its use by Facebook.
Further information on this can be found in Facebook’s privacy policy at www.facebook.com/about/privacy/. The following contract addendum applies to the transmission of European data: https://www.facebook.com/legal/EU_data_transfer_addendum. It applies insofar as Facebook Ireland processes European data as a processor in accordance with the terms of use for covered products and transfers of such data from the EU, the EEA, the United Kingdom or Switzerland to Facebook, Inc. take place.

5.2 X Corp. (formerly “Twitter”)

Functions of X Corp. are integrated on our pages. These functions are offered by X Corp, 795 Folsom St., Suite 600, San Francisco, CA 94107, USA. By
By using X and the “Re-Tweet” function, the websites you visit are linked to your X account and made known to other users. This includes
a. Data such as IP address, browser type, domains accessed, pages visited, mobile phone provider, device and application IDs and search terms are transmitted to X Corp.
We would like to point out that, as the provider of the pages, we have no knowledge of the content of the transmitted data or its use by X. You can change your data protection settings with X Corp. in the account settings at twitter.com/account/settings. If you have any questions, please contact E-Mail.
Due to ongoing updates to the X Corp. privacy policy, we refer you to the current version at http://twitter.com/privacy. X Corp. adheres to the standard contractual clauses approved by the EU Commission when transferring data to the USA.

5.3 Youtube

Our website uses YouTube plugins from Google LLC, D/B/A YouTube, 901 Cherry Ave, San Bruno, CA 94066, USA. When you visit one of our pages equipped with a YouTube plugin, a connection to the YouTube servers is established. The YouTube server is informed which of our pages you have visited.
If you are logged into your YouTube account, you enable YouTube to assign your surfing behavior directly to your personal profile. You can prevent this by logging out of your YouTube account. Further information on the handling of user data can be found in YouTube’s privacy policy at: www.google.de/intl/de/policies/pri-vacy.
At Google, the standard contractual clauses of the European Commission apply to the transfer of data for online advertising and personal data originating from the European Economic Area, Switzerland and the United Kingdom (Standard Contractual Clauses, SCCs).
(Standard Contractual Clauses, SCC; https://support.google.com/publisherpolicies/answer/ 10437486?hl=en).

5.4 Instagram

Plugins of the social network Instagram, 1601 Willow Rd, Menlo Park CA 94025, USA of Facebook Inc. are integrated on our pages. We can display images and videos using the functions for embedding Instagram content (embed function).
When you access websites that use such functions, data (IP address, browser data, date, time, cookies) is transmitted to Instagram, stored and analyzed.
If you have an Instagram account and are logged in, this data will be assigned to your personal account and the data stored in it. You can prevent this by logging out.
The privacy policy, what information Instagram collects and how they use it, can be found at https://help.instagram.com/519522125107875. For the transfer of European data, the standard contractual clauses approved by the European Commission apply, insofar as Facebook Ireland Inc. processes European data as a processor in accordance with the terms of use for covered products and transfers of such data from the EU, the EEA, the United Kingdom or Switzerland to Facebook Inc. take place.

5.5 Pinterest

Functions of the Pinterest service are integrated on our pages. These functions are offered by Pinterest Inc, 651 Brannan Street, San Francisco, CA 94107, USA. By using Pinterest and the “Pin” function, the websites you visit are linked to your Pinterest account and made known to other users.
Data such as IP address, browser type, domains accessed, pages visited, mobile phone provider, device and application IDs and search terms are transmitted to Pinterest.
We would like to point out that, as the provider of the pages, we have no knowledge of the content of the transmitted data or its use by Pinterest.
Due to ongoing updates to Pinterest’s privacy policy, we refer you to the current version at https://policy.pinterest.com/de/privacy-policy. Pinterest adheres to the standard contractual clauses approved by the EU Commission when transferring data to the USA.

6 Newsletter

You can subscribe to our newsletter, which we use to inform you about interesting developments. You can use the corresponding web form to subscribe. Mandatory information is marked separately; all other information is voluntary. We may also send you our newsletter as part of a business or contractual relationship with you. You can unsubscribe from the newsletter at any time. You can unsubscribe by clicking on the link provided in every newsletter email or by using the contact details of the controller provided in the legal notice.

7 Data security

To protect your data, we have implemented numerous technical and organizational measures to ensure that the personal data processed via this website is protected as completely as possible. Communication by e-mail, fax, cell phone or Internet applications involves risks such as the possibility of viewing the content of the message, its alteration or loss. Swiss Quality Hotels Genossenschaft accepts no liability for this.

8 Your rights

You have the following rights vis-à-vis us with regard to your personal data that we collect on our website:

  • Right to information,
  • Right to rectification or erasure,
  • Right to restriction of processing,
  • Right to object to the processing.

If data processing on our website is based on your consent, you can revoke this consent at any time for the future without giving reasons. The revocation should be sent to the address [E-Mail]. The legality of the data processing carried out until the revocation remains unaffected by the revocation. In order to process your requests to exercise your rights, it may be necessary for you to identify yourself so that we can clearly identify you.
In the event of breaches of data protection law, EU citizens have the right to lodge a complaint with the competent supervisory authority in the EU. In Switzerland, there is no right of appeal to a supervisory authority. Persons in Switzerland can report a data protection breach to the Federal Data Protection and Information Commissioner.