The specific data processed and how it is used largely depends on the particular circumstances.
Protecting your privacy is of great importance to us. We process personal data in accordance with the provisions of the Swiss Federal Act on Data Protection (DSG) and the European General Data Protection Regulation (GDPR), to the extent that these regulations are applicable.
a) Who are we?
Hotel illuster is a business hotel, located in Uster, and is operated by SISKA Immobilien AG ("Hotel illuster").
The data controller for the purposes of data protection law or the GDPR for the processing described here is, unless otherwise communicated in individual cases:
SISKA Immobilien AG / Hotel illuster
Zürichstrasse 14, CH-8610 Uster
+41 44 944 85 85
If you have questions relating to data protection, please contact:
Zürichstrasse 14, CH-8610 Uster
+41 44 944 85 85
We collect your personal data primarily when you interact with us, for example through our website, as an interested party, applicant, customer, etc. We process personal data that we receive from our customers in the context of our business relationship. In addition, we process – if necessary for the provision of our services – personal data that we legally obtain from publicly accessible sources.
We also process data generated when using our website or the data you provide (e.g., when subscribing to newsletters or registering for events or in other web forms).
Relevant personal data include personal details (name, address and other contact details, date and place of birth and nationality) and identification data (e.g., ID details). Moreover, this could also include order data, data resulting from fulfilling our contractual obligations, advertising and sales data, documentation data, and other data comparable to the mentioned categories.
For merely informational use of the website, i.e., if you do not fill out web forms and do not register for an event or otherwise provide us with information, we do not collect personal data. Only the data transmitted by your browser, for example, IP address, visitor path through the website, date and time of the website visit, browser type and version, type of device, referring website, etc., are transmitted. No identification is possible on the basis of this data.
We process your data for the following purposes. (Since the GDPR – where applicable – requires that we individually list the legal bases on which we base our processing, these are also listed below):
a) Provision of Services and Execution of Our Contracts
Data processing is carried out for the provision of services of the Hotel illuster within the scope of fulfilling our contracts (e.g., in the area of hotel reservations, seminars, events, corporate events and our other services) with our customers or for carrying out pre-contractual measures, which occur upon request. The purposes of data processing primarily depend on the specific service and may include activities such as hotel bookings, creation of quotes, customer care, and billing for services rendered.
We process inventory data (e.g., master customer data, such as names or addresses), contact and communication data (e.g., email, phone numbers), and payment data (e.g., bank details, payment history).
The contract documents and terms and conditions may contain further details on the purposes of data processing.
As far as the GDPR applies, we base these processes on the fulfilment of contractual obligations (Art. 6 para. 1 b GDPR).
b) Other Purposes
We also process your data beyond the actual fulfilment of the contract for the following purposes, including to protect legitimate interests on our part or those of third parties:
The above-mentioned data may also be processed to comply with legal obligations (e.g., reporting obligations) and official orders, including communication with authorities and courts and enforcement and defence of legal claims.
As far as the GDPR applies, the following applies: We base these processes on our legitimate interests (Art. 6 para. 1 f GDPR), legal requirements (Art. 6 para.1 c GDPR), and public interests (Art. 6 para. 1 e GDPR). If you have given us consent to process personal data for specific purposes (e.g., data sharing, analysis of personal data for marketing purposes), the legal basis for this processing is your consent. A given consent can be revoked at any time. The revocation of consent does not affect the legality of the data processed up to the revocation.
c) Video Surveillance
Video surveillance is operational at Hotel illuster, with on-site signs indicating camera locations. We collect and process several types of data: video footage, technical specifications (e.g., camera location, recording time), potential communication exchanges (via letter, email, or phone), and—if identification is warranted—basic and contract-related information such as name, birthdate, and address. The collected data serves multiple purposes, including crime prevention, legal enforcement, and safeguarding property rights, particularly against vandalism, contamination, break-ins, and thefts. Retention periods for this data are dictated by its necessity for the outlined purposes, including any legal or evidentiary requirements. For more comprehensive information, please consult the office referenced in section 1.
As far as the GDPR applies, the following applies: We base these processes on our legitimate interests (Art. 6 para. 1 f GDPR) for the purposes mentioned above and public interests (Art. 6 para. 1 e GDPR).
Data entered by you in an online form are transmitted unencrypted. Therefore, it cannot be excluded that data may be lost or accessed by third parties during transmission. Online transmission of personal data is at your own risk.
Data submitted by you will be stored on our servers, handled with the utmost care, and protected from access by third parties. Only employees who require this data to fulfil their duties will have access to it. We will only disclose your data to third parties if we have explicitly indicated so.
We are pleased to keep you informed about current topics and events related to Hotel illuster and our products through our various newsletters. To subscribe to a newsletter, we require at minimum your email address, and typically also your name and gender, as well as your address if applicable. If you wish to sign up for one or more newsletters, you can enter this information into the designated fields. Once you've submitted the data, you'll receive an email at the address you provided, containing a confirmation link you must click to verify your email address.
You can unsubscribe from our newsletters at any time, thereby opting out of any further use of your data. To do so, simply click the unsubscribe link at the bottom of each Hotel illuster newsletter.
The recipients to whom we disclose personal data are generally all located in Switzerland, as well as in countries within the European Union (EU) and the European Economic Area (EEA).
Potential transfers to other countries may occur if arising from our contractual relationship or your instructions, e.g., because you ask us to send you an invoice or receipt to your residence abroad. In such cases, the disclosure is based on one of the exceptions in Art. 17 DSG, especially if (a) the disclosure is directly related to the conclusion or fulfilment of a contract between us and you, or (b) within the framework of a contract between us and one of our contractual partners in your interest, or (c) another specific exception exists, particularly in the DSG, based on that exception, or based on your explicit consent.
Otherwise, we will contractually require the recipient to comply with applicable data protection laws (using the European Commission's revised standard contractual clauses), unless they are already subject to a legally recognized data protection framework.
If you use plugins from social media platforms, there may also be a transfer abroad in this context. The processing of your personal data will then be under the responsibility of that operator, following their data protection regulations.
Where GDPR is applicable, data transfers to entities in countries outside the European Union or Switzerland (so-called third countries) are made as far as required by law or if you have given us your consent, or if we have provided suitable guarantees through corresponding mechanisms (e.g., contracts).
You can obtain further information on the countries concerned and the measures implemented from the contact point mentioned in point 1.
We process and store your personal data as long as it is required for the aforementioned purposes, particularly including:
Individuals whose data we process have the right, among other things, to request information about the data we process about them, as well as its correction or deletion. For exercising such rights, the affected individuals can contact the address mentioned above in Section 1. We will handle these requests in accordance with Swiss data protection law and may also reject them or fulfil them only to a limited extent according to legal regulations. Depending on the applicable legal basis, different rights apply to you. If the DSG (Data Protection Act) applies, your rights are governed by its provisions.
If the GDPR applies, the following applies: Every affected person has the right to information under Article 15 GDPR, the right to correction under Article 16 GDPR, the right to deletion under Article 17 GDPR, the right to limit processing under Article 18 GDPR, the right to object under Article 21 GDPR, and the right to data portability under Article 20 GDPR. If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights, and freedoms, or the processing serves to establish, exercise or defend legal claims. If you object to processing for direct marketing purposes, we will no longer process your personal data for these purposes. Objections can be made informally and should ideally be directed to: firstname.lastname@example.org. If you believe that our processing violates applicable data protection laws, you can contact us (see contact details under Section 1) or file a complaint with a competent data protection supervisory authority (Article 77 GDPR).
If the GDPR applies, we hereby inform you that you must provide the personal data necessary for the initiation and execution of a business relationship and the fulfillment of the associated contractual obligations, or data we are legally required to collect. Without this data, we will generally not be able to conclude or execute a contract with you.
We generally do not use automated decision-making for the establishment and execution of a business relationship. If we use such methods in individual cases, we will inform you separately if this is legally required.
The Hotel illuster website uses so-called tracking cookies. Cookies are files stored on a computer system via an internet browser. Your IP address, the website from which you visit us, the type of browser software used, and the pages of the Hotel illuster website you are currently visiting, including the date and duration, are recorded. Such tracking data does not allow any conclusions to be drawn about individual users; therefore, no persons can be determined on the basis of this data.
Plugins from various third-party social media platforms (Facebook, Instagram, Google+, Tripadvisor, etc.) are integrated on the Hotel illuster websites. When you visit a website where plugins from such third-party providers are placed, data may automatically be sent to these third-party providers. If the visitor is also logged into the network of the respective third-party provider, the visit to the website may be associated with their user account, depending on the provider. Hotel illuster has no influence on the nature and extent of data transmission.