Privacy policy
Version from September 1, 2023
-
In this privacy policy, we, Meili Hotels AG, explain how we collect and process personal data. This is not an exhaustive description; other data protection declarations (or general terms and conditions, conditions of participation, contracts and similar documents) may govern specific matters.
Meili Hotels AG is the operator of the following hotels:
Meili Selection Hotels(www.meili-selection.ch)
Opera Hotel(www.operahotel.ch)
Ambassador Hotel(www.ambassadorhotel.ch)
Hotel Seehof(www.seehof.ch)
Hotel Felix(www.hotelfelix.ch)
Hotel Rössli(www.hotelroessli.ch)
Hotel Piz Buin(www.pizbuin-klosters.ch)
Hotel Sport(www.hotel-sport.ch)
Your trust is important to us, which is why we take the issue of data protection seriously and naturally comply with the legal requirements of Swiss data protection law, in particular the Federal Act on Data Protection (FADP), as well as the EU GDPR, the provisions of which may be applicable in individual cases.
Personal data means any information relating to an identified or identifiable person. Please take note of the following information so that you know what personal data we collect from you and for what purposes we use it.
Please note that the following information is reviewed and amended from time to time. We therefore recommend that you consult this privacy policy regularly. Furthermore, other companies are responsible or jointly responsible with us under data protection law for individual data processing operations listed below, so that in these cases the information provided by these providers is also authoritative.
-
If you have any questions about data protection or wish to exercise your rights, please contact our data protection contact person by writing to the following address:
Meili Hotels AG
Thomas Sieber
Dufourstrasse 3
8008 Zurich
Tel: +41 44 396 99 61
Mail: thomas.sieber@meili-unternehmungen.ch -
3.1 Contacting us
If you contact us via our contact addresses and channels (e.g. by e-mail, telephone or contact form), your personal data will be processed. The data that you have made available to us will be processed, e.g. the name of your company, your name, your function, your e-mail address or telephone number and your request. In addition, the time of receipt of the request is documented.
We process this data exclusively in order to implement your request (e.g. providing information about our hotels, support with contract processing such as questions about your booking, incorporating your feedback into the improvement of our service, etc.).
The legal basis for this data processing is our legitimate interest within the meaning of Art. 6 para. 1 lit. f EU GDPR in the implementation of your request or, if your request is aimed at the conclusion or execution of a contract, the necessity for the implementation of the necessary measures within the meaning of Art. 6 para. 1 lit. b EU GDPR.
3.2 Ordering via our online store
You have the option of ordering vouchers via the Meili Selection Hotels website(www.meili-selection.ch). We collect the following data for this purpose:
Salutation, title, first name, surname, e-mail address, telephone number, date of birth, address
We use the data to establish your identity before concluding a contract. We need your e-mail address to confirm your order and for future communication with you that is necessary to process the contract. We store your data together with the order details (e.g. name, price and characteristics of the products ordered), the payment details (e.g. payment method selected, confirmation of payment and time) and the information on the processing and fulfillment of the contract (e.g. receipt and handling of complaints) in our CRM database (see section 4) so that we can ensure correct order processing and contract fulfillment.
The legal basis for this data processing is the fulfillment of a contract with you in accordance with Art. 6 para. 1 lit. b GDPR.
We use a software application from INCERT eTourismus GmbH & Co KG, Businesspark Lederfabrik, Leonfeldstrasse 328, 4040 Linz, Austria ("Incert") to provide the online store. Therefore, your data may be stored in a database of Incert, which may allow Incert to access your data if this is necessary for the provision of the software and for support in the use of the software.
The legal basis for this data processing is the fulfillment of a contract with you in accordance with Art. 6 para. 1 lit. b GDPR.
Incert may wish to use some of this data for its own purposes (e.g. to send marketing e-mails or for statistical analyses). Incert is responsible for this data processing and must ensure compliance with data protection laws in connection with this data processing.
3.3 Data processing for bookings
3.3.1 Booking on the website, by correspondence or by telephone call
When you make bookings either via our websites, by correspondence (email or post) or by telephone call, we or third party providers with whom we work collect the following data:
Title First name Last name Email address Mobile phone Credit card details
We use the data to establish your identity before concluding a contract. We need your e-mail address to confirm your booking and for future communication with you that is necessary to process the contract. We store your data in our CRM database, together with the peripheral data of the booking (e.g. room category, period of stay and description, price and features of the services), the payment data (e.g. selected payment method, confirmation of payment and time) and the information on the processing and fulfillment of the contract (e.g. receipt and handling of complaints), so that we can ensure correct booking processing and contract fulfillment.
Insofar as this is necessary for the fulfillment of the contract, we will also pass on the required information to any third-party service providers (e.g. event organizers or transport companies).
The legal basis for this data processing is the fulfillment of a contract with you in accordance with Art. 6 para. 1 lit. b GDPR.
We use a software application from QNT S.r.l., Via Lucca, 52-50142 Florence, Italy ("QNT") to process bookings via our website. Therefore, your data may be stored in a QNT database, which may allow QNT to access your data if this is necessary for the provision of the software and for support in the use of the software.
The legal basis for this data processing is the fulfillment of a contract with you in accordance with Art. 6 para. 1 lit. b GDPR.
QNT may wish to use some of this data for its own purposes (e.g. to send marketing e-mails or for statistical analyses). QNT is responsible for this data processing and must ensure compliance with data protection laws in connection with this data processing.
3.3.2 Bookings via booking platforms
If you make bookings via a third-party platform, we receive various personal information from the respective platform operator in connection with the booking made. This is generally the data listed in section 3.2 of this privacy policy. In addition, we may receive inquiries about your booking. We will process this data by name in order to record your booking as requested and provide the booked services.
The legal basis for data processing for this purpose is the implementation of pre-contractual measures and the fulfillment of a contract in accordance with Art. 6 para. 1 lit. b EU GDPR.
Finally, we may exchange personal data with the platform operators in connection with disputes or complaints in connection with a booking, insofar as this is necessary to protect our legitimate interests. This may also include data relating to the booking process on the platform or data relating to the booking or processing of services and the stay with us. We process this data to safeguard our legitimate claims and interests in the processing and maintenance of our contractual relationships with the platform operators:
Your data is stored in the databases of the platform operators, which enables them to access your data.
The legal basis for data processing for this purpose is our legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR.
3.3.3 Data processing when reserving a table
On some of our websites, you have the option of reserving a table in one of the restaurants listed on our websites. We collect the following data for this purpose:
Number of guests Date and time of reservation Comment First name Last name Telephone number Mobile no. E-mail
We collect and process the data only to process the reservation, in particular to compile your reservation request according to your wishes, to make the reservation and to contact you in the event of ambiguities or problems.
We use a tool from Lunchgate AG (Badenerstrasse 255, 8003 Zurich, Switzerland) to process reservations. Therefore, your data is stored in a database of Lunchgate AG, which may allow Lunchgate AG to access your data if this is necessary for the provision of the software and for support in the use of the software. Information on the transfer and processing of data by third parties can be found in section 5 of this privacy policy.
The legal basis for the processing of your data for this purpose is the fulfillment of a contract in accordance with Art. 6 para. 1 lit. b EU GDPR.
Lunchgate AG may wish to use some of this data for its own purposes (e.g. to send marketing e-mails or for statistical analyses). Lunchgate AG is responsible for this data processing and must ensure compliance with data protection laws in connection with this data processing.
3.4 Data processing during payment processing
3.4.1 Payment processing at the hotel
If you purchase products, obtain services or pay for your stay in our hotels using electronic payment methods, the processing of personal data is required. By using the payment terminals, you transmit the information stored in your means of payment, such as the cardholder's name and card number, to the payment service providers involved (e.g. providers of payment solutions, credit card issuers and credit card acquirers). They also receive the information that the payment method was used in our hotel, the amount and the time of the transaction. Conversely, we only receive the credit of the amount of the payment made at the relevant time, which we can assign to the relevant receipt number, or information that the transaction was not possible or was canceled. Please always refer to the information provided by the respective company, in particular the privacy policy and the general terms and conditions.
The legal basis for our data processing is the fulfillment of a contract with you in accordance with Art. 6 para. 1 lit. b GDPR.
3.4.2 Online payment processing
If you make chargeable bookings on our websites or order services or products, depending on the product or service and the desired payment method - in addition to the information specified in section 3.3.1 - you may be required to provide further data, such as your credit card information or the login for your payment service provider. This information and the fact that you have purchased a service from us at the relevant amount and time will be forwarded to the respective payment service providers (e.g. providers of payment solutions, credit card issuers and credit card acquirers). Please always note the information provided by the respective company, in particular the privacy policy and general terms and conditions.
The legal basis for our data processing is the fulfillment of a contract in accordance with Art. 6 para. 1 lit. b GDPR.
We reserve the right to store a copy of the credit card information as security. In order to avoid payment cases, the necessary data, in particular your personal details, may also be transmitted to a credit agency for an automated assessment of your creditworthiness. In this context, the credit agency can assign you a so-called score value. This is an estimate of the future risk of a payment default, e.g. based on a percentage. The value is calculated using mathematical-statistical procedures and taking into account credit agency data from other sources. We reserve the right not to offer you the payment method "invoice" in accordance with the information received.
The legal basis for this data processing is our legitimate interest pursuant to Art. 6 para. 1 lit. f. GDPR in the avoidance of payment defaults.
3.5 Recognition of purchased services
If you purchase additional services during your stay (e.g. wellness, restaurant, activities), we will record the subject matter of the service and the time of purchase for billing purposes.
The processing of this data is necessary within the meaning of Art. 6 para. 1 lit. b EU GDPR for the performance of the contract with us.
3.6 Data processing for e-mail marketing
When you register for our e-mail newsletter, the following data is collected:
E-mail address Salutation First and last name Language
To avoid misuse and to ensure that the owner of an e-mail address has actually given their consent, we use the so-called double opt-in for registration. After sending the registration form, you will receive an e-mail from us containing a confirmation link. To definitely register for the newsletter, you must click on this link. If you do not click on the confirmation link within the specified period, your data will be deleted and our newsletter will not be sent to this address.
By registering, you consent to the processing of this data in order to receive news from us about our hotels and related information on products and services. This may also include requests to participate in competitions or to rate one of the aforementioned products and services. The collection of the salutation and name allows us to verify the assignment of the registration to a possibly already existing customer account and to personalize the content of the mails. The link to a customer account helps us to make the offers and content contained in the newsletter more relevant to you and better tailored to your potential needs.
We will continue to use your data to send you emails until you withdraw your consent. You can withdraw your consent at any time, in particular via the unsubscribe link in all our marketing e-mails.
Our marketing emails may contain a so-called web beacon or 1x1 pixel (tracking pixel) or similar technical aids. A web beacon is an invisible graphic that is linked to the user ID of the respective newsletter subscriber. For each marketing email sent, we receive information about which addresses have not yet received the email, to which addresses it was sent and which addresses failed to receive it. We also see which addresses have opened the email, for how long and which links they have clicked on. Finally, we also receive information about which addresses have unsubscribed. We use this data for statistical purposes and to optimize the advertising emails in terms of frequency, timing, structure and content of the emails. This enables us to better tailor the information and offers in our e-mails to the individual interests of the recipients.
The web beacon is deleted when you delete the email. To prevent the use of the web beacon in our marketing emails, please set the parameters of your email program so that HTML is not displayed in messages, if this is not already the case by default. You can find information on how to configure this setting in the help sections of your email software.
By subscribing to the newsletter, you also consent to the statistical analysis of user behavior for the purpose of optimizing and adapting the newsletter. This consent constitutes our legal basis for the processing of data within the meaning of Art. 6 para. 1 lit. a EU GDPR.
We use the email marketing software MailChimp from Intuit Inc (2700 Coast Avenue, Mountain View, CA 94043, USA) for marketing emails. Therefore, your data is stored in an Intuit Inc. database, which allows Intuit Inc. to access your data if this is necessary for the provision of the software and for support in the use of the software.
The legal basis for this processing is our legitimate interest within the meaning of Article 6(1)(f) GDPR in using the services of third-party providers.
3.7 Data processing when submitting guest feedback
If you have provided us with your e-mail address in connection with your booking, you will receive an electronic form after your departure. We collect the following data for this purpose:
First and last name
The information is voluntary and helps us to continuously improve our offer and our services and to adapt them to your needs. We will only use the information provided to us for statistical purposes, unless otherwise stated in this privacy policy or unless you have given your separate consent. We will process the data by name in order to contact you in the event of any uncertainties.
For the aforementioned purposes, the legal basis for processing is our legitimate interest within the meaning of Art. 6 para. 1 lit. f EU GDPR.
3.8 Data processing for video surveillance
To prevent misuse and to take action against unlawful behavior (in particular theft and damage to property), the entrance areas and publicly accessible areas of our hotels are monitored by cameras. The image data is only viewed if there is a suspicion of unlawful behavior. Otherwise, the images are automatically deleted after 72 hours.
For the provision of the video surveillance system, we use a service provider who may have access to the data if this is necessary for the provision of the system. If the suspicion of unlawful conduct is substantiated, the data may then be passed on to the extent necessary for the enforcement of claims or the filing of reports to consulting firms (in particular our law firm) and authorities.
The legal basis is our legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR in the protection of our property and the protection and enforcement of our rights.
3.9 Use of our WiFi network
In our hotels you have the opportunity to use the WiFi network operated by Sophos Technology GmbH (Steingasse 6a, 4020 Linz, Austria) free of charge. Prior registration is required to prevent misuse and to take action against illegal behavior. In doing so, you transmit the following data to Sophos Technology GmbH:
Cell phone number MAC address of the end device (automatic)
In addition to the above data, data on the hotel visited, including the time, date and end device, is recorded each time the WiFi network is used.
The legal basis for this processing is your consent within the meaning of Art. 6 para. 1 lit. a EU GDPR. The customer can revoke their registration at any time by notifying us.
Sophos Technology GmbH must comply with the legal obligations of the Federal Act on the Surveillance of Postal and Telecommunications Traffic (BÜPF) and the associated ordinance. If the legal requirements are met, the WiFi operator must monitor the use of the Internet and data traffic on behalf of the responsible authority. The WiFi operator may also be obliged to disclose the customer's contact, usage and edge data to the authorized authorities. The contact, usage and peripheral data will be stored for 6 months and then deleted.
The legal basis for this processing is our legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR in the provision of a Wi-Fi network in compliance with the applicable legal regulations.
3.10 Data processing to fulfill legal reporting obligations
On arrival at our hotel, we may need the following information from you and your companions:
First and last name Postal address and canton Date of birth Nationality Official identification document and number Arrival and departure date
We collect this information to fulfill legal reporting obligations, in particular those arising from hospitality or police law. Insofar as we are obliged to do so under the applicable regulations, we forward this information to the competent police authority.
This data is processed on the basis of a legal obligation within the meaning of Art. 6 para. 1 lit. c EU GDPR.
3.11 Data processing for applications
You have the option of applying to us spontaneously or via a corresponding e-mail address for a specific job advertisement. For this purpose, we, or any third-party provider, collect the following data:
First name Last name E-mail address Application documents (e.g. CV, letter of motivation, certificates, etc.)
We use this and other data you provide voluntarily to review your application. Application documents of unsuccessful applicants will be deleted at the end of the application process, unless you explicitly consent to a longer retention period or we are legally obliged to retain them for a longer period.
The legal basis for processing your data for this purpose is therefore the performance of a contract (pre-contractual phase) in accordance with Art. 6 para. 1 lit. b EU GDPR.
-
If a clear assignment to your person is possible, we will store and link the data described in this privacy policy, i.e. in particular your personal details, your contacts, your contract data and your surfing behavior on our websites, in a central database. This serves the efficient management of customer data and allows us to respond to your concerns adequately, and enables the efficient provision of the services you require and the processing of the associated contracts.
The legal basis for this data processing is our legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR in the efficient management of user data.
We evaluate this data in order to further develop our offers in line with your needs and to display and suggest the most relevant information and offers to you. We also use methods that predict potential, interests and future orders based on your use of the website.
The legal basis for this data processing is our legitimate interest within the meaning of Art. 6 para. 1 lit. f EU GDPR in the implementation of marketing measures.
-
5.1 Disclosure to third parties and access by third parties
Without the support of other companies, we would not be able to provide our services in the desired form. In order for us to be able to use the services of these companies, it is also necessary to pass on your personal data to a certain extent. Such a transfer takes place in particular if this is necessary to fulfill the contract you have requested, e.g. to restaurants or other third-party providers for which you have made a reservation.
The legal basis for these transfers is the necessity to fulfill the contract within the meaning of Art. 6 para. 1 lit. b EU GDPR.
Data is also passed on to selected service providers and only to the extent necessary for the provision of the service. Various third-party service providers are also already explicitly mentioned in this privacy policy, e.g. in the sections on marketing. These are, for example, IT service providers (such as providers of software solutions), advertising agencies and consulting firms. We also transfer your data to companies affiliated with us within the Group.
The legal basis for this data transfer is our legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR in obtaining third-party services.
In addition, your data may be passed on, in particular to authorities, legal advisors or debt collection agencies, if we are legally obliged to do so or if this is necessary to protect our rights, in particular to enforce claims arising from the relationship with you. Data may also be disclosed if another company intends to acquire our company or parts thereof and such disclosure is necessary to carry out a due diligence review or to complete the transaction.
The legal basis for this data transfer is our legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR in the protection of our rights and compliance with our obligations or the sale of our company.
5.2 Transfer of personal data abroad
We are also entitled to transfer your personal data to third parties abroad if this is necessary to carry out the data processing specified in this privacy policy. It goes without saying that the statutory provisions on the disclosure of personal data to third parties will be complied with. If the country in question does not have an adequate level of data protection, we ensure through contractual arrangements that your data is adequately protected by these companies.
5.3 Notes on data transfers to the USA
Some of the third-party service providers mentioned in this privacy policy are based in the USA. For the sake of completeness, we would like to point out to users residing or domiciled in Switzerland or the EU that there are surveillance measures in place in the USA by US authorities that generally allow the storage of all personal data of all persons whose data has been transferred from Switzerland or the EU to the USA. This is done without differentiation, restriction or exception based on the objective pursued and without an objective criterion that makes it possible to restrict the US authorities' access to the data and its subsequent use to very specific, strictly limited purposes that are capable of justifying the interference associated with both access to this data and its use. In addition, we would like to point out that in the USA there are no legal remedies or effective legal protection for data subjects from Switzerland or the EU against general access rights of US authorities that would allow them to obtain access to the data concerning them and to obtain its correction or deletion. We explicitly draw your attention to this legal and factual situation in order to enable you to make an appropriately informed decision to consent to the use of your data.
We would also like to point out to users residing in Switzerland or a member state of the EU that the USA does not have an adequate level of data protection from the perspective of the European Union and Switzerland - partly due to the statements made in this section.
-
6.1 Data processing when visiting our website (log file data)
When you visit our websites, the servers of our hosting provider: Hostpoint AG (Neue Jonastrasse 60, 8640 Rapperswil-Jona, Switzerland) and Gamma Solution GmbH (Haldenstrasse 1, 6340 Baar, Switzerland) temporarily store every access in a log file. The following data is recorded without any action on your part and stored by us until it is automatically deleted:
the IP address of the requesting computer
the date and time of access
the name and URL of the retrieved file
the website from which the access was made, if applicable with the search term used
the operating system of your computer and the browser you are using (including type, version and language setting)
Device type in the event of access by cell phones
the city or region from where the access was made
the name of your Internet access provider.
The purpose of collecting and processing this data is to enable the use of our websites (connection establishment), to ensure system security and stability in the long term, to analyze errors and performance and to enable us to optimize our websites.
In the event of an attack on the network infrastructure of the websites or in the event of suspicion of other unauthorized or abusive website use, the IP address and other data will be evaluated for clarification and defense purposes and, if necessary, used in the context of criminal proceedings for identification and for civil and criminal proceedings against the users concerned.
The purposes described above constitute our legitimate interest in data processing within the meaning of Art. 6 para. 1 lit. f EU GDPR.
Finally, when you visit our websites, we use cookies as well as applications and tools that are based on the use of cookies. The data described here may also be processed in this context. You will find more detailed information on this in the following sections of this privacy policy.
6.2 Cookies
Cookies are information files that your web browser stores on your computer's hard disk or memory when you visit our website. Cookies are assigned identification numbers that identify your browser and allow the information contained in the cookie to be read.
Cookies help, among other things, to make your visit to our websites easier, more pleasant and more meaningful. We use cookies for various purposes that are required for your desired use of the websites, i.e. are "technically necessary". For example, the provision of the shopping cart and order function is based on the use of cookies. Cookies also perform other technical functions required for the operation of the website, such as load balancing, i.e. the distribution of the performance load of the pages to different web servers in order to reduce the load on the servers. Cookies are also used for security purposes, for example to prevent the unauthorized posting of content. Finally, we also use cookies as part of the design and programming of our websites, e.g. to enable the uploading of scripts or codes.
The legal basis for this data processing is our legitimate interest within the meaning of Art. 6 para. 1 lit. f EU GDPR in the provision of a user-friendly and up-to-date website.
Most Internet browsers accept cookies automatically. However, when accessing our websites, we ask for your consent to the cookies we use that are not technically necessary, especially when using third-party cookies for marketing purposes. You can make the settings you require using the corresponding buttons in the cookie banner. Details on the services and data processing associated with the individual cookies can be found within the cookie banner and in the following sections of this privacy policy.
You may also be able to configure your browser so that no cookies are stored on your computer or so that a message always appears when you receive a new cookie. On the following pages you will find explanations of how you can configure the processing of cookies in selected browsers.
Google Chrome
Apple Safari
If you deactivate cookies, you may not be able to use all the functions of our website.
6.3 Tracking and web analysis tools
6.3.1 General information on tracking
We use the web analysis services listed below for the purpose of designing and continuously optimizing our websites to meet your needs. In this context, pseudonymized user profiles are created and cookies are used. The information generated by the cookie about your use of our websites is usually transmitted to a server of the service provider together with the log file data listed under section 6, where it is stored and processed. This may also involve transmission to servers abroad, e.g. in the USA.
By processing the data, we obtain the following information, among other things:
Navigation path that a visitor takes on the sites (incl. content viewed and products selected or purchased or services booked)
Length of stay on the websites or subpages
the subpages to which the websites are exited
the country, region or city from which access is made
End device (type, version, color depth, resolution, width and height of the browser window)
Returning or new visitor.
The provider will use this information on our behalf to evaluate the use of the websites, to compile reports on website activity for us and to provide other services relating to website activity and internet usage for the purposes of market research and the needs-based design of these web pages. For these processing operations, we and the providers can be regarded as joint controllers under data protection law up to a certain extent.
The legal basis for this data processing with the following tools is your consent within the meaning of Art. 6 para. 1 lit. a EU GDPR. You can withdraw your consent or refuse processing at any time by rejecting or deactivating the relevant cookies in your web browser settings or by making use of the service-specific options described below
For the further processing of the data by the respective provider as the (sole) controller under data protection law, in particular any disclosure of this information to third parties such as authorities on the basis of national legal regulations, please refer to the respective data protection information of the provider.
6.3.2 Google Analytics
We use the web analysis service Google Analytics from Google Ireland Limited (Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland) or Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA) ("Google").
The data described about the use of the websites may be transmitted to the servers of Google LLC. in the USA for the processing purposes explained. The IP address is shortened by activating IP anonymization ("anonymizeIP") on these websites before transmission within the member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and truncated there.
Users can prevent Google from collecting the data generated by the cookie and relating to the use of the website by the user concerned (including the IP address) and from processing this data by Google by downloading and installing the browser plug-in at the following link: http://tools.google.com/dlpage/gaoptout?hl=de.
6.4 Social media
6.4.1 Social media profiles
We may have included links to our profiles in the social networks of the following providers on our websites:
Meta Platforms Inc, 1601 S California Ave, Palo Alto, CA 94304, USA;
Linkedin Unlimited Company, Wilton Place, Dublin 2, Ireland.
If you click on the social network icons, you will be automatically redirected to our profile in the respective network. This establishes a direct connection between your browser and the server of the respective social network. As a result, the network receives the information that you have visited our website with your IP address and clicked on the link.
If you click on a link to a network while you are logged into your user account with the network in question, the content of our websites can be linked to your profile so that the network can assign your visit to our website directly to your account. If you want to prevent this, you should log out before clicking on the relevant links. A connection between your access to our website and your user account takes place in any case if you log in to the respective network after clicking on the link. The respective provider is responsible under data protection law for the associated data processing. Please therefore note the information on the network's website.
The legal basis for any data processing attributed to us is our legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR in the use and advertising of our social media profiles.
6.5 Online advertising and targeting
6.5.1 In general
We use the services of various companies to provide you with interesting offers online. Your user behavior on our websites and websites of other providers is analyzed in order to be able to display online advertising tailored to you.
Most technologies for tracking your user behavior ("tracking") and for the targeted display of advertising ("targeting") work with cookies with which your browser can be recognized via various websites. Depending on the service provider, it may also be possible for you to be recognized online even when using different end devices (e.g. laptop and smartphone). This may be the case, for example, if you have registered with a service that you use on several devices.
In addition to the data already mentioned, which is generated when websites are accessed ("log file data") and when cookies are used and which may be passed on to the companies involved in the advertising networks, the following data in particular is used to select the advertising that is potentially most relevant to you:
Personal data that you have provided when registering or using a service of advertising partners (e.g. your gender, your age group);
22/25 user behavior (e.g. search queries, interactions with advertising, types of websites visited, products or services viewed and purchased, newsletters subscribed to).
We and our service providers use this data to recognize whether you belong to the target group we are addressing and take this into account when selecting advertisements. For example, after you have visited our pages, you may be shown advertisements for the products or services you have consulted when you visit other pages ("re-targeting"). Depending on the scope of the data, a user's profile may also be created, which is automatically evaluated, and the ads are selected according to the information stored in the profile, such as membership of certain demographic segments or potential interests or behaviors. Such ads may be presented to you on various channels, including our websites or app (as part of on-site and in-app marketing) as well as ads that are placed via the online advertising networks we use, such as Google.
The data may then be analyzed for the purpose of billing the service provider and to assess the effectiveness of advertising measures in order to better understand the needs of our users and customers and to improve future campaigns. This may also include information that the performance of an action (e.g. visiting certain sections of our websites or sending information) is attributable to a specific advertisement. We also receive aggregated reports from the service providers on advertising activities and information on how users interact with our website and our advertisements.
The legal basis for this data processing is your consent within the meaning of Art. 6 para. 1 lit. a EU GDPR. You can withdraw your consent at any time by rejecting or deactivating the relevant cookies in your web browser settings. Further options for blocking advertising can also be found in the information provided by the respective service provider.
6.5.2 Google Ads
The legal basis for this data processing is your consent within the meaning of Art. 6 para. 1 lit. a EU GDPR. You can withdraw your consent at any time by rejecting or deactivating the relevant cookies in the settings of your web browser.
-
We only store personal data for as long as is necessary to carry out the processing described in this privacy policy within the scope of our legitimate interest. In the case of contractual data, storage is prescribed by statutory retention obligations. Requirements that oblige us to store data result from accounting and tax regulations. According to these regulations, business communication, concluded contracts and accounting documents must be stored for up to 10 years. If we no longer need this data to perform the services for you, this data will only be used if this is necessary to fulfill the retention obligations or to defend and enforce our legal interests. The data will be deleted as soon as there is no longer an obligation to retain it and there is no longer a legitimate interest in retaining it.
-
We use suitable technical and organizational security measures to protect your personal data stored by us against loss and unlawful processing, in particular unauthorized access by third parties. Our employees and the service companies commissioned by us are obliged by us to maintain confidentiality and to observe data protection. Furthermore, these persons are only granted access to personal data to the extent necessary to fulfill their tasks.
Our security measures are continuously adapted in line with technological developments. However, the transmission of information via the Internet and electronic means of communication always involves certain security risks and we cannot provide an absolute guarantee for the security of information transmitted in this way.
-
If the legal requirements are met, you have the following rights as a person affected by data processing:
Right of access: You have the right to request access to your personal data stored by us at any time free of charge if we are processing it. This gives you the opportunity to check what personal data we process about you and that we use it in accordance with the applicable data protection regulations.
Right to rectification: You have the right to have inaccurate or incomplete personal data rectified and to be informed of the rectification. In this case, we will inform the recipients of the data concerned about the adjustments made, unless this is impossible or involves disproportionate effort.
Right to erasure: You have the right to have your personal data erased under certain circumstances. In individual cases, particularly in the case of statutory retention obligations, the right to erasure may be excluded. In this case, the data may be blocked instead of erased if the conditions are met.
Right to restriction of processing: You have the right to request that the processing of your personal data be restricted.
Right to data portability: You have the right to receive from us, free of charge, the personal data that you have provided to us in a readable format.
Right to object: You can object to data processing at any time, in particular for data processing in connection with direct advertising (e.g. advertising emails).
Right of withdrawal: In principle, you have the right to withdraw your consent at any time. However, processing activities based on your consent in the past will not become unlawful as a result of your withdrawal.
To exercise these rights, please send us an e-mail to the following address: thomas.sieber@meili-unternehmungen.ch
Right to lodge a complaint: You have the right to lodge a complaint with a competent supervisory authority, e.g. against the way in which your personal data is processed.