What is this privacy notice about?
The Hotelplan Group is a business division of the Migros group. The processing of personal data in relation with the Hotelplan Group is set out in the General Privacy Notice of the Migros group, which you can read here.
This supplementary privacy notice contains additional information on data processing in relation with the Hotelplan Group. It is to be read in addition to the General Privacy Notice.
Who is the controller for data processing?
In principle, a Hotelplan Group company («we» or «us») is primarily responsible, under data protection law, for data processing in accordance with this privacy notice. As a rule, the controller is the company with which you are in direct contact and which has referred you to this privacy notice. For data processing in connection with the Hotelplan Group, this is often the following company:
The Hotelplan Group includes the following business units, each of which combines several companies and brands:
- Hotelplan Suisse;
- Hotelplan UK;
- Volume Tour Operating (including the brands Migros Ferien and vtours);
- Interhome Group;
- bta first travel;
- Finass Travel.
In addition to this privacy notice, you should read any privacy provisions of the relevant company, which can usually be found on its website.
In some cases, a company outside the Hotelplan Group may be a controller solely or jointly with us. In these cases, please read any privacy provisions of that company as well, which you can usually find on its website.
If you have any questions about the processing of your personal data in connection with the Hotelplan Group or would like to exercise any of your data protection rights, please feel free to contact us as follows: firstname.lastname@example.org
What personal data do we process?
As a tour operator, we process data in particular in relation with the organization and arrangement of travel services and vacation offers. This includes, for example:
- Personal details about you, your fellow travellers or substitutes, such as gender, date of birth, marital status, nationality, identification data per your passport or identity card, contact details including mobile phone number;
- Information about planned or booked travel, events, or transportation services, such as dates of travel, date of booking or ticketing, flight number, loyalty and frequent flyer program data, baggage information;
- Information on participation in target group-specific travel offers;
- Information about insurance taken out in connection with the travel services, such as travel insurance;
- Information about special medical needs, such as dietary requests or intolerances;
- Information about physical impairments, such as in the context of adapted transportation services or barrier-free accommodations;
- Information about illnesses, accidents or claims during travel.
This may include sensitive personal data, which, for example, may allow conclusions to be drawn about your health or your privacy . Further information on how we process sensitive personal data can be found in section 10 of the General Privacy Notice.
We may also process other master data, contract data, communication data, behavioural and transactional data, preference data, technical data, image and sound recordings and other categories of personal data. You can find more information about this in section 4 of the General Privacy Notice.
For what purposes do we process personal data?
In connection with Hotelplan, we process personal data in particular in order to be able to provide our services. This includes, for example:
- Organization and arrangement of travel and related services such as transportation, accommodation (vacation homes and apartments), leisure events, car rental booking, insurance services, childcare, arrangement of sports equipment (e.g. ski passes, ski equipment);
- Organization and arrangement of incentive-event trips and other business trips as well as congresses, meetings and other business events ;
- Services and support for companies in planning, handling and optimizing business travel;
- Information in advance, for example about travel changes;
- Carrying out rebookings and cancellations;
- Assistance with visa and passport issues and with applications for entry documents ;
- Information and support in case of difficulties on site;
- Protect your vital interests, for example, to provide emergency responders with an evacuation list in emergency situations;
- Assist in applying for a subsidy or reimbursement for services to insurance companies.
We may also process personal data for other purposes, in particular communication, contract management, information and marketing, market research and product development, security and prevention, compliance with legal requirements, law enforcement, and internal group administration and support. You will find further information on this in section 6 of the General Privacy Notice.
What else should be considered?
Under certain circumstances, we share your personal data with other companies in the Hotelplan Group and with other third parties in Switzerland and abroad so that these recipients can process personal data for their own purposes (i.e. not on our behalf). In such cases, the recipient of the data is usually considered its own controller under data protection law. This applies, for example, to the following cases:
- When you book travel with us, depending on the subject of the booking, we share personal data with transportation companies (for example, train, bus, ship, airlines), accommodation providers (for example, hotels, guesthouses, vacation apartments), local organizers (for example, concert halls, city guides) and other service providers (for example, car rental companies).
- When we arrange a trip, we pass on personal data to the respective tour operator.
- If we arrange insurance, we pass on personal data to the respective insurance provider.
- At the request of the authorities of certain countries and depending on the travel route, certain personal data and travel details are passed on to these authorities for security reasons. This relates in particular to passenger name record data. This includes information such as the name of the passenger, contact details, travel route, seat numbers, baggage details, data on loyalty and frequent flyer programs and means of payment used.
- It may also be necessary to share personal data with local authorities and emergency responders in the context of emergencies or disasters.
Further information on the disclosure of personal data to third parties can be found in section 8 of the General Privacy Notice. Additional information on the disclosure of personal data abroad can be found in section 9 of the General Privacy Notice.
You can find further information on data protection in the General Privacy Notice, including:
- How you can benefit from Migros’ data processing;
- From which sources the personal data we process originate;
- The legitimate interests we have in the data processing and on which other legal grounds our processing is based;
- How we use personal data within Migros group and under which circumstances we may share personal data with companies outside Migros group;
- How we transfer personal data abroad and what precautions we take to ensure appropriate data protection;
- How and for what purpose we use profiling and whether we make material decisions on a fully automated basis;
- What measures we take to ensure an appropriate level of security of personal data;
- How long we generally process and store personal data;
- What rights you have in connection with the processing of your personal data and how you can exercise them;
- How to contact the Migros group data protection officer or the representation in the European Union or the European Economic Area.
Changes to this privacy notice
This supplementary privacy notice may be adapted over time, in particular if we change our data processing or if new legislation becomes applicable. We will inform persons whose con-tact details are registered with us of such changes in the event of significant changes, if this is possible without disproportionate effort. In general, the privacy notice in the version current at the start of the processing in question applies to data processing in each case.