GUIDELINES

Status: May 2018

Reloc AG, Neue Winterthurerstrasse 26, 8304 Wallisellen manages the company RELOC serviced apartments and is the operator of the website www.relocag.ch and therefore responsible for the collection, processing and use of your personal data and the compliance of data processing with the applicable data protection law.
Your trust is important to us, which is why we take the issue of data protection seriously and pay attention to appropriate security. We naturally comply with the statutory provisions of the Federal Act on Data Protection (FADP), the Ordinance to the Federal Act on Data Protection (OFADP), the Telecommunications Act (TCA) and any other applicable data protection provisions under Swiss or EU law, in particular the General Data Protection Regulation (GDPR).
So that you know what personal data we collect from you and for what purposes we use it, please take note of the following information.
The address of our data protection representative in the EU is:
VGS Data Protection Partner UG
Am Kaiserkai 69
20457 Hamburg
Germany
info@datenschutzpartner.eu
https://datenschutzpartner.eu/

A. Data processing in connection with our website

1. Calling up our website
When you visit our website, our servers temporarily store every access in a log file. The following technical data is collected without any action on your part, as is generally the case with any connection to a web server, and stored by us until it is automatically deleted after 12 months at the latest:
– the IP address of the requesting computer,
– the name of the owner of the IP address range (usually your Internet access provider),
– the date and time of access,
– the website from which the access was made (referrer URL) with the search term used, if applicable,
– the name and URL of the retrieved file,
– the status code (e.g. error message),
– the operating system of your computer,
– the browser you are using (type, version and language),
– the transmission protocol used (e.g. HTTP/1.1) and
– If applicable, your user name from a registration/authentication.
This data is collected and processed for the purpose of enabling the use of our website (connection establishment), to ensure system security and stability in the long term and to enable the optimization of our website as well as for internal statistical purposes. This constitutes our legitimate interest in data processing within the meaning of Art. 6 para. 1 lit. f GDPR.
The IP address is also evaluated together with the other data in the event of attacks on the network infrastructure or other unauthorized or abusive website use for clarification and defense and, if necessary, used in the context of criminal proceedings for identification and for civil and criminal proceedings against the users concerned. This is our legitimate interest in data processing within the meaning of Art. 6 para. 1 lit. f GDPR.

2. use of our offer/contact form
You have the option of using a quotation/contact form to get in touch with us or to request a quotation. We require the following information for this:
– First and last name
– E-mail address
– Phone number
– Message/requested object
We only use this data to answer your contact request in the best possible and personalized way. The processing of this data is therefore in accordance with Art. 6 para. 1 lit. b GDPR is necessary for the implementation of pre-contractual measures or is in our legitimate interest pursuant to Art. 6 para. 1 lit. f DSGVO..

3. Booking on the website, by correspondence or by telephone call
If you make bookings either via our website, by correspondence (email or letter post) or by telephone call, we require the following data in order to process the contract:
– Salutation
– First and last name, company name if applicable
– Postal address/billing address
– Phone number
– Credit card information/bank details
– E-mail address
We will only use this data and other information voluntarily provided by you (e.g. expected arrival time, motor vehicle license plate, preferences, comments) to process the contract, unless otherwise stated in this data protection declaration or unless you have given your separate consent. We will process the data by name in order to record your booking as requested, to provide the booked services, to contact you in the event of ambiguities or problems and to ensure correct payment.
The legal basis for data processing for this purpose is the fulfillment of a contract in accordance with Art. 6 para. 1 lit. b GDPR.

4. Cookies
Cookies help in many ways to make your visit to our website easier, more pleasant and more meaningful. Cookies are information files that your web browser automatically stores on your computer’s hard disk when you visit our website.

For example, we use cookies to temporarily store your selected services and entries when you fill out a form on the website so that you do not have to repeat the entry when you call up another subpage. Cookies may also be used to identify you as a registered user after you have registered on the website without you having to log in again when you visit another subpage.

Most Internet browsers accept cookies automatically. However, you can configure your browser so that no cookies are stored on your computer or so that a message always appears when you receive a new cookie. On the following pages you will find explanations of how you can configure the processing of cookies in the most common browsers:
– Microsofts Windows Internet Explorer
– Microsofts Windows Internet Explorer Mobile
– Mozilla Firefox
– Google Chrome for desktop
– Google Chrome for mobile
– Apple Safari for desktop
– Apple Safari for mobile
If you deactivate cookies, you may not be able to use all the functions of our website.

5. Tracking-Tools

a. General information

We use the web analysis service of Google Analytics for the purpose of designing and continuously optimizing our website to meet your needs. In this context, pseudonymized user profiles are created and small text files stored on your computer (“cookies”) are used. The information generated by the cookie about your use of this website is transmitted to the servers of the providers of these services, stored there and processed for us. In addition to the provisions set out in para. We may receive the following information:
– Navigation path that a visitor follows on the site,
– Time spent on the website or subpage,
– the subpage on which the website is left,
– the country, region or city from which access is made,
– end device (type, version, color depth, resolution, width and height of the browser window) and
– Returning or new visitor.
The information is used to evaluate the use of the website, to compile reports on website activity and to provide other services relating to website activity and internet usage for the purposes of market research and the needs-based design of this website. This information may also be transferred to third parties if this is required by law or if third parties process this data on our behalf.

b. Google Analytics

The provider of Google Analytics is Google Inc, a company of the holding company Alphabet Inc, based in the USA. Before the data is transmitted to the provider, the IP address is shortened by activating IP anonymization (“anonymize IP”) on this website within the member states of the European Union or in other contracting states of the Agreement on the European Economic Area. The anonymized IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and truncated there. In these cases, we use contractual guarantees to ensure that Google Inc. complies with an adequate level of data protection. According to Google Inc., under no circumstances will the IP address be associated with other data relating to the user.

Further information about the web analysis service used can be found on the Google Analytics website. Instructions on how you can prevent the processing of your data by the web analysis service can be found at http://tools.google.com/dlpage/gaoptout?hl=de

B. Data processing in connection with your stay

6. Data processing for the fulfillment of legal reporting obligations
On arrival at our office/apartment, we may require the following information from you and your accompanying persons:
– First and last name
– Postal address
– Date of birth
– Place of birth
– Nationality
– Official identification card and number
– Arrival and departure day
We collect this information to fulfill legal reporting obligations, which arise in particular from the hospitality industry or police law. Insofar as we are obliged to do so under the applicable regulations, we will forward this information to the competent police authority.
Our legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR lies in the fulfillment of the legal requirements. 1 lit. f GDPR.

7. Recognition of purchased services
If you purchase additional services during your stay (e.g. additional linen, beds, cleaning, etc.), we will record the subject of the service and the time of purchase for billing purposes. The processing of this data is within the meaning of Art. 6 para. 1 lit. b GDPR to process the contract with us.

C. Storage and exchange of data with third parties

8. Booking platforms
If you make bookings via a third-party platform, we receive various personal information from the respective platform operator. As a rule, these are the items listed in para. 5 of this privacy policy. In addition, inquiries about your booking may be forwarded to us. We will process this data by name in order to record your booking as requested and to provide the booked services. The legal basis for data processing for this purpose is the fulfillment of a contract pursuant to Art. 6 para. 1 lit. b GDPR.
Finally, we may be informed by the platform operators about disputes in connection with a booking. We may also receive data on the booking process, which may include a copy of the booking confirmation as proof of the actual completion of the booking. We process this data to safeguard and enforce our claims. This is our legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR.
Please also note the data protection information of the respective provider.

9. Central storage and linking of data
We store the data specified in sections 2-5 and 8-10 in a central electronic data processing system. The data relating to you will be systematically recorded and linked in order to process your bookings and handle the contractual services. For this purpose, we use software from Rebag Data AG, Einsiedlerstrasse 533, 8810 Horgen, Switzerland. We base the processing of this data within the framework of the software on our legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR on customer-friendly and efficient customer data management.

10. Storage period
We only store personal data for as long as is necessary to use the above-mentioned tracking services and other processing within the scope of our legitimate interest. Contract data will be stored by us for longer, as this is prescribed by statutory retention obligations. Retention obligations that require us to retain data arise from regulations on reporting law, accounting and tax law. According to these regulations, business communications, concluded contracts and accounting documents must be stored for up to 10 years. If we no longer need this data to perform the services for you, the data will be blocked. This means that the data may then only be used for accounting and tax purposes.

11. disclosure of data to third parties
We only pass on your personal data if you have expressly consented to this, if there is a legal obligation to do so or if this is necessary to enforce our rights, in particular to enforce claims arising from the contractual relationship. In addition, we pass on your data to third parties insofar as this is necessary for the use of the website and contract processing (also outside the website), namely the processing of your bookings.
A service provider to whom the personal data collected via the website is passed on or who has or can have access to it is our web host: paan solution systems, Sternweg 17, 9122 St. Kanzian am Klopeinersee, Austria. The data is passed on for the purpose of providing and maintaining the functionalities of our website. This is our legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR.
Finally, we forward your credit card information to your credit card issuer and the credit card acquirer when you pay by credit card. If you decide to pay by credit card, you will be asked to enter all mandatory information. The legal basis for the disclosure of the data is the fulfillment of a contract in accordance with Art. 6 para. 1 lit. b GDPR. With regard to the processing of your credit card information by these third parties, please also read the General Terms and Conditions and the Privacy Policy of your credit card issuer.
Please also note the information regarding the transfer of data to third parties in Section. 7-8 and 10-11.

12. transfer of personal data abroad
We are also entitled to transfer your personal data to third-party companies (contracted service providers) abroad for the purposes of the data processing described in this privacy policy. They are obliged to protect data to the same extent as we are. If the level of data protection in a country does not correspond to that in Switzerland or the EU, we contractually ensure that the protection of your personal data corresponds to that in Switzerland or the EU at all times.

D. Further information

13. right of access, rectification, erasure and restriction of processing; right to data portability
You have the right to request information about the personal data that we store about you. In addition, you have the right to rectification of incorrect data and the right to erasure of your personal data, provided that this does not conflict with any legal obligation to retain data or a legal permission that allows us to process the data.

You also have the right to request that we return the data that you have provided to us (right to data portability). On request, we will also pass the data on to a third party of your choice. You have the right to receive the data in a common file format.

You can contact us for the aforementioned purposes via e-mail address under
info@relocag.ch We may, at our discretion, require proof of identity in order to process your application.

14. Data security
We use suitable technical and organizational security measures to protect your personal data stored by us against manipulation, partial or complete loss and against unauthorized access by third parties. Our security measures are continuously improved in line with technological developments.

Sie sollten Ihre Zugangsdaten stets vertraulich behandeln und das Browserfenster schliessen, wenn Sie die Kommunikation mit uns beendet haben, insbesondere wenn Sie den Computer gemeinsam mit anderen nutzen.

We also take data protection within the company very seriously. Our employees and the service companies commissioned by us have been obliged by us to maintain confidentiality and to comply with data protection regulations.

15. Note on data transfers to the USA
For the sake of completeness, we would like to point out to users resident or domiciled in Switzerland that there are surveillance measures in place in the USA by US authorities, which generally allow the storage of all personal data of all persons whose data has been transferred from Switzerland to the USA. This is done without differentiation, restriction or exception on the basis of the objective pursued and without an objective criterion that makes it possible to restrict the access of the US authorities to the data and their subsequent use to very specific, strictly limited purposes that can justify the interference associated with both access to this data and its use. We would also like to point out that there are no legal remedies available in the USA for data subjects from Switzerland that would allow them to gain access to the data concerning them and to obtain its correction or deletion, or that there is no effective legal protection against general access rights of US authorities. We explicitly inform the data subject of this legal and factual situation so that they can make an appropriately informed decision to consent to the use of their data.

We would like to point out to users residing in an EU member state that the USA does not have an adequate level of data protection from the point of view of the European Union – partly due to the issues mentioned in this section. Insofar as we have explained in this privacy policy that recipients of data (such as Google) are based in the USA, we will ensure that your data is protected at an appropriate level by our partners either through contractual arrangements with these companies or by ensuring that these companies are certified under the EU or Swiss-US Privacy Shield.
16. Right to lodge a complaint with a data protection supervisory authority
You have the right to lodge a complaint with a data protection supervisory authority at any time. The following office is responsible for Reloc AG:
https://dsb.zh.ch/internet/datenschutzbeauftragter/de/home.html

Status: May 2018