Privacy statement of Relais de la Sarvaz SA

Last update: August 2023

Please read the following conditions carefully. Persons using our services and products or visiting our website declare that they accept the following conditions.

Your trust is very important to us, which is why we take data protection very seriously and ensure appropriate security. We naturally comply with the legal provisions of the Federal Data Protection Act (DPA), the Ordinance on the Federal Data Protection Act (FDPA), the Federal Telecommunications Act (TCA) and other data protection provisions from Swiss or EU legislation that may be applicable, in particular the General Data Protection Regulation (GDPR).

Mr Philippe Michellod manages the Relais de la Sarvaz SA hotel, campsite and restaurant in Saillon and is the operator of the www.sarvaz.ch website. He is therefore responsible for collecting, processing and using your personal data and for ensuring that data processing complies with applicable data protection legislation.

Please read the following information carefully so that you know what personal data we collect from you and how we use it.

A. Data processing in connection with our website

1. Visit our website

Please note that when you visit our site, our server does not record any technical data.

2. Book your campsite or hotel online, by post or by phone

If you make camping or hotel bookings via our website, by correspondence (email or post) or by telephone, we require the following data for the execution of the contract:

  • title
  • first and last name
  • address, postal code, city and country
  • date of birth
  • cell phone number
  • email address

We use this data, together with other optional information you provide (e.g. estimated time of arrival, preferences, remarks), solely for the purpose of fulfilling the contract, unless otherwise provided in this privacy policy or unless you have given separate consent. We will process this data in particular in order to enter your booking in accordance with your request, to provide the services booked, to contact you in the event of uncertainties or problems, and to ensure that payment is made correctly.

This data, together with other optional information (e.g. company name), is collected in order to provide you with direct, password-protected access to your master data stored in our system. Here you can view your previous and current bookings, or manage or modify your personal data.

Your consent in accordance with Art. 6 para. 1 let. a RGPD constitutes the legal basis for the processing of data for this purpose.

3. Restaurant reservations on the website, by mail order or by phone

If you make reservations for a table in our restaurant via the Lunchgate AG Foratable website, by correspondence (email or post) or by telephone, we require the following data for the execution of the contract:

  • first and last name
  • phone number
  • email address

We use this data, together with other optional information you provide (e.g. estimated time of arrival, preferences, remarks), solely for the purpose of fulfilling the contract, unless otherwise provided in this privacy policy or unless you have given your separate consent. We will process this data in particular in order to enter your booking in accordance with your request, to provide the services booked, to contact you in the event of uncertainties or problems, and to ensure that payment is made correctly.

The performance of a contract in accordance with Art. 6 para. 1 let. b RGPD constitutes the legal basis for processing data for this purpose.

4. Cookies

In many ways, cookies make your visit to our site easier, more pleasant and more useful. Cookies are files containing information that your web browser automatically saves on your computer’s hard disk when you visit our site.

For example, we use cookies to temporarily store your selected services and information entered when you fill in a form on our site, so that you don’t have to re-enter it when you visit a sub-page. Cookies can also be used to identify you as a registered user when you register on our site. This saves you having to log in again when you visit another sub-page.

Most web browsers automatically accept cookies. However, you can configure your browser so that no cookies are stored on your computer, or so that a message appears each time you receive a new cookie. The following pages explain how to configure cookie handling for the most commonly used browsers:

  • Microsoft Windows Internet Explorer
  • Microsoft Windows Internet Explorer Mobile
  • Mozilla FirefoxGoogle Chrome for desktop
  • Google Chrome for mobile
  • Apple Safari for desktop
  • Apple Safari for mobile

Disabling cookies may prevent you from using the full functionality of our site.

5. Tracking tools

a. General

We use the Google Analytics audience analysis service to help us present our website in the best possible way and optimize it on an ongoing basis. In doing so, we create pseudonymized usage profiles and use small text files stored on your computer (“cookies”). The information generated by the cookie about your use of this site is transmitted to the servers of the providers of these services, then stored and processed for us. In addition to the data specified in section 1 below, we may receive the following information:

  • navigation path taken by a visitor on the site,
  • duration of visit to the site or page,
  • the page from which the visitor leaves the site,
  • the country, region or city from which access is made,
  • device (type, version, color depth, resolution, width and height of navigation window) and recurring or new visitor.

The information is used to analyze the use of the website, to compile reports on website activities and to provide other services in connection with the use of the website and the Internet for the purposes of market research and the appropriate presentation of this website. This information may also be passed on to third parties insofar as this is required by law or insofar as third parties are commissioned to process this data.

b. Google Analytics

The provider of Google Analytics is Google Inc. an Alphabet Inc. holding company based in the USA. Before the data is transmitted to the provider, the IP address is abbreviated by activating IP anonymization (“anonymizeIP”) on this website within the member states of the European Union or in other signatory states of the Agreement on the European Economic Area. Google does not combine the anonymized IP address transmitted by your browser within the framework of Google Analytics with other data. In exceptional cases, the full IP address will be transmitted to a Google server in the USA, where it will be abbreviated. In this case, we provide contractual guarantees that Google Inc. complies with an adequate level of data protection. Google Inc. does not associate the IP address with any other user data.

Further information on the web analytics service is available on the Google Analytics website. To find out how to prevent your data being processed by the web analytics service, please visit http://tools.google.com/dlpage/gaoptout?hl=fr.

B. Processing of data relating to your stay

1. Data processing to meet legal obligations to provide information

When you arrive at our hotel, we need the following information about you and any accompanying persons:

  • first and last name
  • postal address and canton
  • date of birth
  • nationality
  • official identity document and number
  • day of arrival and departure
  • room number

We collect this information in order to meet our legal obligations to provide information, in particular under police and hotel legislation. Insofar as we are obliged to do so under the applicable provisions, we pass on this information to the competent police authority.

We have a legitimate interest under Art. 6 para. 1 let. f RGPD in fulfilling the legal requirements.

C. Data processing in connection with our customer relationship management system

The personal data mentioned in the previous paragraphs is stored centrally in our system. The data contained in this system is processed for the purpose of managing customer relations and their stay, and not for advertising purposes. We process your data in the CRM system in order to fulfill our contractual obligations towards you. Our legitimate interest lies in fulfilling these obligations.

1. Entering services provided

Insofar as you receive additional services as part of your stay (e.g. use of our pay-TV offer), we record the purpose of the service and the date on which you received it for billing purposes. The processing of this data is necessary for the performance of your contract with us pursuant to art. 6 para. 1 let. b RGPD.

2. Using Wi-Fi

10.1 When you use our Wi-Fi network, certain technical information may be collected automatically, such as your IP address, the duration of your session, the websites visited and the files downloaded. This information is collected in order to ensure the proper operation of the network and to prevent misuse. 10.2 We do not collect personally identifiable data, such as your name or e-mail address, when you use our Wi-Fi network.

10.3 We use the information collected when using Wi-Fi solely for the purposes of technical network management, security, improving our services and complying with legal obligations.

10.4 We do not share your Wi-Fi information with third parties, unless this is necessary to ensure the proper operation of the network, to meet legal obligations or if you have given your prior consent.

3. Video surveillance

11.1 In some areas of our campsite, we use a camera system. These are for information purposes only (weather) and only film the landscape. No faces are recognizable. 11.2 Videos are not recorded.

11.3 Video recordings are not used for individual surveillance.

4. Rights of persons concerned

In accordance with the provisions of data protection legislation, you have the right to access your personal data collected in connection with the use of Wi-Fi and video surveillance, to request their rectification or deletion, and to object to their processing. Please contact us at info@sarvaz.ch to exercise your rights.

C. Data storage and exchange with third parties

1. Booking platforms

If you make reservations via a third-party platform (e.g. Booking.com), the operator of the platform in question will send us various items of personal information. In principle, this includes the data listed in section 5 of this privacy policy. We may also receive inquiries about your booking. We use this data in particular to process your booking in accordance with your request and to provide the services you have booked. The legal basis for processing data for this purpose is the performance of a contract in accordance with Art. 6 para. 1 let. b RGPD.

Finally, platform operators may inform us of any disputes arising in connection with a booking. In this case, they also send us data concerning the booking process, for which a copy of the booking confirmation may serve as proof of the actual completion of the booking. We process this data to protect and enforce our rights. We base this processing on our legitimate interest pursuant to Art. 6 para. 1 let. f RGPD.

Please also read the privacy policies of the respective suppliers.

2. Centralized data storage and linking

We store the data specified in sections 2-5 and 8-10 in a central electronic data processing system. Your data is then systematically recorded and combined for the purpose of processing your bookings and fulfilling your contractual obligations. For this purpose, we use software from [company name, address, country]. The processing of this data by the software is based on our legitimate interest under Art. 6 para. 1 let. f RGPD in customer-friendly and efficient customer data management.

3. Shelf life

We store personal data only for as long as is necessary for the use of the above-mentioned tracking services and for further processing based on our legitimate interest. We store contractual data for a longer period if this is required by legal retention obligations. The retention obligations that require us to store data arise from provisions relating to the right to notify the authorities, financial accounting and tax law. In accordance with these provisions, business communications, contracts concluded and accounting records must be kept for up to 10 years. Insofar as we no longer require this data for the performance of our services, it will be blocked. This means that the data can only be used for accounting and tax purposes.

4. Transmission of data to third parties

We will only pass on your personal data if you have given your express consent, if we are under a legal obligation to do so or if this is necessary to enforce our rights, in particular to enforce our rights arising from the contractual relationship. We also pass on your data to third parties insofar as this is necessary for the use of the website and the execution of the contract (including outside the website), in particular for processing your bookings.

Our web host Infomaniak, Rue Eugène-Marziano 25, 1227 Geneva, is a service provider to whom we transmit personal data collected via the website, or who has access or may have access to such data. The website is hosted on servers in Switzerland. The purpose of transmitting data is to provide and maintain the functionality of our website. This processing is based on our legitimate interest pursuant to art. 6 para. 1 let. f RGPD.

Finally, we transmit credit card information to the issuer and acquirer of your credit card when you pay by credit card on our site.

If you choose to pay by credit card, you must enter all the necessary information. The performance of a contract in accordance with Art. 6 para. 1 let. b RGPD is the legal basis for the transmission of data. Regarding the processing of your credit card information by these third parties, please also read the general terms and conditions as well as the privacy policy of your credit card issuer.

Please also note the information in ch. 7-8 and 10-11 concerning the transfer of data to third parties.

5. Transmission of personal data abroad

We may also transfer your personal data to third-party companies (contracted service providers) abroad for the data processing purposes specified in this privacy policy. These companies are subject to the same level of data protection as we are. If the level of data protection in a given country does not correspond to the Swiss or European level, we will ensure by contractual means that the protection of your personal data corresponds to that of Switzerland or the EU.

6. Right to information, rectification, deletion and restriction of processing; right to data portability

Right to information: You have the right to request free access to your personal data stored by us at any time if we process it. This gives you the opportunity to check what personal data we process about you and to confirm that we use it in accordance with the applicable data protection regulations.

Right of rectification: You have the right to have inaccurate or incomplete personal data rectified and to be informed of the rectification. In this case, we will inform the recipients of the data concerned of the corrections made, unless this is impossible or involves a disproportionate effort.

Right to erasure: You have the right to have your personal data erased under certain circumstances. In special cases, such as legal retention requirements, the right to erasure may be waived. In this case, if the conditions are met, the data may be blocked instead of deleted.

Right to restrict processing: You have the right to request the restriction of the processing of your personal data.

Right to data portability: You have the right to receive from us the personal data you have communicated to us, free of charge and in a readable format.

Right to object: You may object at any time to the processing of your data, particularly in the context of direct marketing (e.g. advertising e-mails).

Right of withdrawal: In principle, you have the right to withdraw your consent at any time. However, processing activities based on past consent will not become unlawful as a result of your withdrawal.

Right of appeal: You have the right to lodge a complaint with a competent supervisory authority, for example against the way in which your personal data is processed.

To exercise these rights, please send us an e-mail to the following address: info@sarvaz.ch

7. Data security

We use appropriate technical and organizational security measures to protect your personal data stored by us against manipulation, partial or total loss and against unauthorized access by third parties. Our security measures are constantly being improved in line with technological advances.

You should always keep your access data confidential and close the browser window when you have finished communicating with us, especially if you are not the only person using the computer.

We also take data protection within our company very seriously. Our employees and the service providers we commission are bound by confidentiality and data protection legislation.

8. Note on data transmissions to the USA

For the sake of completeness, we inform users domiciled or headquartered in Switzerland that the USA is subject to surveillance measures by the US authorities. These measures generally allow the recording of all personal data of persons whose data has been transferred from Switzerland to the USA. This is done without any differentiation, limitation or exception based on purpose, and without any objective criterion for limiting the US authorities’ access to and subsequent use of the data to very specific and strictly limited purposes that justify the harm involved in accessing and using the data. Furthermore, we would like to inform you that in the USA, there is no legal remedy available to data subjects from Switzerland for accessing, correcting or deleting their personal data, nor is there any effective legal protection against general access rights by the US authorities. We explicitly draw the attention of the data subject to this legal and factual situation, so that he or she can make an informed decision about consenting to the use of his or her data.

We inform users domiciled in an EU member state that, according to the EU, the USA – in particular because of the issues raised in this section – does not have a sufficient level of data protection. Insofar as we have explained in this privacy policy that certain data recipients (e.g. Google) are based in the USA, we will ensure either through contractual arrangements with these companies, or through their certification under the EU-US or Swiss-US Data Protection Shield, that your data receives a reasonable level of protection from our partners.

9. Right to lodge a complaint with a data protection supervisory authority

You have the right to lodge a complaint with a data protection supervisory authority.