Victoria, Retreat & Spa

Victoria, Retreat & Spa

Victoria, Retreat & Spa

Privacy policy and CGV

Released: August 2019

Warning: Place of well-being, our friends animals are not allowed.

Lerette SA runs the Victoria Vercorin hotel and restaurant and is the operator of the www.victoria-vercorin.com website and is responsible for the collection, processing and use of your personal data and the compliance of data processing with applicable data protection legislation.

We value your trust, which is why we take data protection very seriously and ensure that you have the right security. We, of course, comply with the legal provisions of the Federal Data Protection Act (LPD), the Federal Data Protection Act (PLOD), the Federal Telecommunications Act (LTC) and other data protection provisions from Swiss or EU legislation that may apply, in particular the General Data Protection Regulation (RGPD).

To let you know what personal data about you we collect and for what purposes we use it, please read the information below carefully.

  • Data processing related to our website
    1. Visit our website

When you visit our site, our server temporarily records each access in a log file. The following technical data is then entered, in principle as for any connection with a web server, without any intervention on your part and stored by us until their automatic removal no later than 1 month:

– the IP address of the computer that accesses the site,
– the name of the owner of the IP space (usually your Internet service provider),
– the date and time of access,
– the website from which you accessed our site (original URL) and possibly the search keywords used,
– the name and URL of the file viewed,
– the state code (e.g. error message),
– your computer’s operating system,
– the browser you use (type, version and language),
– the communication protocol used (e.g. HTTP/1.1) and
– possibly your username from registration/authentication.

The purpose of collecting and processing this data is to enable the use of our website (establishing a connection), to guarantee the security and stability of the system and to enable the optimization of our online offer, as well as for internal statistics purposes. These treatments are based on our legitimate interest under art. 6 al. 1 let. (f) RGPD.

The IP address is also analysed with other data for recognition and defence purposes in the event of attacks on the network infrastructure or other unauthorized or abusive uses of the website, and possibly used in criminal proceedings for the purpose of identification and civil and criminal action against the user in question. These treatments are based on our legitimate interest under art. 6 al. 1 let. (f) RGPD.

    1. Using our contact form

You can write us an email to info@victoria-vercorin.com in order to get in touch with us. To do this, we must:

– first and last name
– email address
– message

We only use this data, as well as your optional phone number, to be able to respond to your contact request in the best possible and personalized way. The processing of this data is therefore necessary for the execution of pre-contract measures in accordance with art. 6 al. 1 let. (b) RGPD or is based on our legitimate interest in accordance with art. 6 al. 1 let. (f) RGPD, respectively.

    1. Subscribe to our newsletter

You have the opportunity to subscribe to our newsletter on our website. To do this, you must register and provide the following data:

  • Title
  • first and last name
  • email address

The above data is essential for data processing. You can also provide other optional data (date of birth and country). We process this data exclusively for the purpose of customizing the information and offers we send to you and better tailoring it to your interests.

By registering, you consent to the processing of the data you have provided in this context, with a view to sending the newsletter regularly to the address you have provided, but also for statistical analysis of your user behavior and the optimization of the newsletter. This consent is our legal basis for the processing of your email address under s. 6 al. 1 let. a RGPD. We are legitimate to call on third parties to carry out technical advertising campaigns and are legitimized to transmit your data for this purpose (see ch. 13 below).

At the end of each newsletter, you’ll find a link to unsubscribe at any time. As part of your churn, you can tell us why on an optional basis. Your personal data is deleted as a result of your churn. Further processing takes place only in an anonymous form in order to optimize our newsletter.

    1. Creating a customer account

To make reservations on our website, you can place an order as a visitor or open a customer account. When you sign up for a customer account, we must collect the following data:

– title
– first and last name
– postal address
– date of birth
– phone number
– email address
– password

This data, along with other optional information (e.g. company name), is collected to provide you with direct and password-protected access to your basic data stored in our system. You can view your previous and current bookings or manage or change your personal data.

Your consent according to art. 6 al. 1 let. (a) RGPD is the legal basis for the processing of data for this purpose.

    1. Booking on the site, by mail or by phone

If you make reservations via our website, by correspondence (email or mail) or by phone, we need the following data to execute the contract:

– title
– first and last name
– postal address
– date of birth
– phone number
– language
– your credit card information
– email address

We use this data, as well as other optional information that you provide (e.g., scheduled arrival time, motor vehicle license plate, preferences, remarks), only for the performance of the contract, unless otherwise stated in this privacy policy or if you have consented separately. We will process this data in particular in order to enter your booking in accordance with your request, to provide the reserved services, to contact you in case of uncertainties or problems, and to ensure that the payment is made correctly.

Executing a contract according to art. 6 al. 1 let. (b) RGPD is the legal basis for the processing of data for this purpose.

    1. Cookies

Cookies make your visit to our site simpler, more enjoyable and more useful. Cookies are files containing information that your web browser automatically records on your computer’s hard drive when you visit our site.

For example, we use cookies to temporarily store your selected services and information entered when you fill out a form on our site so that you don’t have to enter them a second time when you visit a subpage. In addition, cookies can also be used to identify you as a registered user following your registration on our site. This saves you from having to reconnect when you visit another subpage.

Most web browsers automatically accept cookies. However, you can set up your browser so that it doesn’t store any cookies on your computer or that a message appears every time you receive a new cookie. On the following pages, you’ll find explanations on how cookie processing is set up for the most commonly used browsers:

Microsoft Windows Internet Explorer
Microsoft Windows Internet Explorer Mobile
– Firefox Mozilla
Google Chrome for desktop
Google Chrome for mobile
Apple Safari for desktop
Apple Safari for mobile

Disabling cookies can prevent you from using all the features of our site.

    1. Tracking tools
      • General

In order to adapt and continuously optimize our website, we use Google Analytics’ audience analytics service. So we create pseudonymous usage profiles and use small text files stored on your computer (“cookies”). The information generated by the cookie about your use of this site is transmitted to the servers of the providers of these services, and then stored and processed for us. In addition to the data shown at the ch. 1 below, we receive the following information if necessary:

– navigation route taken by a visitor to the site,
– the duration of the visit on the site or on the page,
– the page from which the visitor leaves the site,
– the country, region or city from which access takes place,
– device (type, version, depth of color, resolution, width and height of the navigation window) and
– recurring visitor or new visitor.

The information is used to analyze the use of the website, to collect reports on the activities of the site and to provide other services related to the use of the site and the use of the Internet for market research and adapted presentation of this site. This information may also be passed on to third parties as long as this is required by law or to the extent that third parties are mandated to process this data.

      • Google Analytics

The supplier of Google Analytics is Google Inc., a U.S.-based company of alphabet Holding Inc. Before the data is transmitted to the supplier, the IP address is abbreviated via the activation of IP anonymize on this website within the Member States of the European Union or in other states that are signatories to the European Economic Area Agreement. Google does not aggregate with other data the anonymized IP address transmitted by your browser as part of Google Analytics. Exceptionally, the full IP address is transmitted to a Google server in the U.S. before being abbreviated. In this case, we ensure through contractual guarantees that Google Inc. meets an adequate level of data protection. According to Google Inc., the IP address will not be associated with other user data.

Additional information about the audience analytics service used can be found on the Google Analytics website. To find out how to prevent your data from being processed by the audience analysis service, please visit the following address http://tools.google.com/dlpage/gaoptout?hl=fr.

  • Processing data related to your stay

    1. Processing data to meet legal obligations to inform

When you arrive at our hotel, we need the following information about you and the people who are with you:

– first and last name
– postal address and canton
– date of birth
– birthplace
– nationality
– official ID and number
– arrival and departure day
– room number

We collect this information to meet the legal obligations to inform arising in particular from police and hotel legislation. To the extent that we are obliged to do so according to the applicable provisions, we pass this information on to the appropriate police authority.

We have a legitimate interest under art. 6 al. 1 let. (f) RGPD to fulfil the legal provisions.

    1. Entering benefits provided

To the extent that you receive additional benefits as part of your stay (e.g., use of the mini bar or our pay-TV offer), we enter for billing purposes the purpose of the service and the date on which you received it. The processing of this data is necessary for the execution of your contract with us under art. 6 al. 1 let. (b) RGPD.

  • Storage and exchange of data with third parties

10. Booking platforms

If you make reservations via a third-party platform, the operator of the platform in question sends us various personal information. In principle, this is the data indicated in the ch. 5 of this privacy policy. In addition, requests for your booking may be sent to us. In particular, we process this data to enter your booking in accordance with your request and provide the reserved services. Executing a contract according to art. 6 al. 1 let. (b) RGPD is the legal basis for the processing of data for this purpose.

Finally, platform operators potentially inform us of disputes related to a reservation. They then also provide us with data about the booking process, for which a copy of the booking confirmation can be used as a proof for the actual closing of the booking. We process this data for the protection and respect of our rights. For these treatments we rely on our legitimate interest under art. 6 al. 1 let. (f) RGPD.

Please also read the privacy policies of the respective suppliers.

    1. Centralized storage and data linking

We record the data shown at the ch. 2-5 and 8-10 in a centralized electronic data processing system. The data about you is then systematically entered and aggregated for the processing of your bookings and the execution of contractual services. To do this, we use software from the company ‘not currently defined’ . The processing of this data by the software is based on our legitimate interest under art. 6 al. 1 let. f RGPD to manage customer data that is both customer-friendly and effective.

    1. Preservation time

We only store personal data as long as it is necessary for the use of the above-mentioned monitoring services and subsequent treatments based on our legitimate interest. We keep the contractual data for a longer period of time as long as it is prescribed by legal conservation obligations. The retaining obligations that require us to retain data arise from the right to notify authorities, financial accounting and tax law provisions. In accordance with these provisions, commercial communication, contracts and accounting documents must be kept for up to 10 years. As long as we no longer need this data to deliver benefits, it will be blocked. This means that this data can only be used for accounting purposes and for tax purposes.

    1. Transmission of data to third parties

We only transmit your personal data if you have expressly consented to it, if we are subject to a legal obligation to do so, or if it is necessary to assert our rights, including to assert our rights a result of the contractual relationship. In addition, we pass on your data to third parties as long as it is necessary for the use of the website and the execution of the contract (including outside the website), especially for the processing of your bookings.

Our web host hostpapa.eu is a provider to whom we transmit personal data collected via the website, or who has access to or may have access to it. The website is hosted on servers in Canada. The EU has recognised that Canada provides an adequate level of data protection (in accordance with Article 45 of the Regulation (EU) 2016/679), ensuring that the personal information of EU residents can be freely transferred to Canada. The purpose of data transmission is to provide and maintain the functionality of our site. This treatment is based on our legitimate interest under art. 6 al. 1 let. (f) RGPD.

Finally, we pass on your credit card payment information to the issuer and purchaser of your credit card when paying by credit card on our website. If you choose to pay by credit card, you must enter all the necessary information. Executing a contract according to art. 6 al. 1 let. (b) RGPD is the legal basis for the transmission of data. Regarding the processing of your credit card information by these third parties, please also read the terms and conditions and the privacy policy of your credit card issuer.

Please also read the instructions at the ch. 7-8 and 10-11 regarding data transmission to third parties.

    1. Transmission of personal data abroad

We are also entitled to pass on your personal data to third-party companies (mandated service providers) abroad for data processing specified in this privacy policy. These companies are subject to the same level of data protection as we do. If the level of data protection in a given country does not correspond to the Swiss or European level, we contractually ensure that the protection of your personal data matches that of Switzerland or the EU.

  • More information
      1. Right to information, rectification, erasure and treatment limitation; right to data portability

You have the right to obtain, upon request, information about your personal data that we record. In addition, you have the right to correct erroneous data and delete your personal data as long as there is no legal obligation or legal basis to process the data.

You also have the right to demand the return of the data you have given us (right to data portability). On request, we also pass the data on to a third party of your choice. You have the right to obtain the data in a standard format.

You can contact us for the above purposes at the following email address info@victoria-vercorin.com. We may ask you, at our discretion, for proof of identity for the processing of your applications.

    1. Data security

We use appropriate technical and organizational security measures to protect your personal data from manipulation, partial or total loss and unauthorized third-party access. Our security measures are constantly being improved in line with technological advances.

You should always keep your access data confidential and close the browser window when you have completed your communication with us, especially if you are not the only person using the computer.

We also take data protection very seriously within our company. Our employees and the service companies we mandate are subject to secrecy and compliance with the legal provisions regarding data protection.

    1. Note on data transmissions to the United States

For the sake of completeness, we inform users whose home or headquarters are in Switzerland that the United States is subject to surveillance measures by the US authorities. These generally allow the recording of all personal data of persons whose data has been transmitted from Switzerland to the United States. This is done without differentiation, limitation or exception based on purpose and without objective criteria to limit the access of the US authorities to the data and its subsequent use for very specific and strictly limited purposes that may justify the impairment of access to and use of the data. Furthermore, we inform you that in the United States, there is no recourse for persons concerned from Switzerland to allow you to access your data and obtain their correction or erasure, nor to effective judicial protection against general access rights of the US authorities. We explicitly draw the person’s attention to this legal and factual situation so that they can make an informed decision on consent to the use of their data.

We inform users living in an EU Member State that according to the EU, the United States – particularly because of the topics mentioned in that part – does not have a sufficient level of data protection. To the extent that we have explained in this privacy policy that certain data recipients (e.g. Google) are headquartered in the United States, we will ensure either through contractual arrangements with these companies or through their certification under the EU-US or Swiss-US data protection shield, that your data enjoys a reasonable level of protection from our partners.

    1. Right to file a complaint with a data protection regulator

You have the right to file a complaint with a data protection authority.