Public restaurants in your area

Data Protection Declaration

I. Welcome to our website
You are now on an official website of SV (Schweiz) AG. SV (Schweiz) AG is part of the SV Group AG,  a service company with core competencies in the areas of gastronomy and hotel management, operating in Switzerland, Austria and Germany.

The person responsible in accordance with Art. 4 par. 7 of the EU General Data Protection Regulation (GDPR) / holder of the data collection in accordance with Art. 3 (i) of the German Data Protection Act (DPA) is:

SV (Schweiz) AG
Memphispark
Wallisellenstrasse 57
PO box
CH-8600 Dübendorf 1

Tel. +41 43 814 11 11
Fax +41 43 814 11 12

E-Mail: Datenschutz_CH@sv-group.ch

Thank you for visiting our website. We respect your privacy. Data protection and data security when using our website are very important to us. With this data protection declaration, we would like to inform you to what extent data is collected when using our website and for what purposes we use this data. We would also like to inform you about your rights in this regard.


II. Data security
The personal data of every individual who has a contractual, pre-contractual or other relationship with our company deserves special protection. We aim to maintain a high standard of data protection. As such, we are committed to the ongoing further development of our data protection and data security concepts.

We therefore undertake to protect your privacy and treat your personal data confidentially. We take extensive technical and organisational security measures, which are regularly checked and adapted to technological progress, in order to prevent the manipulation, loss or misuse of your data stored with us. This includes the use of recognised encryption methods (SSL or TLS).

We would like to point out, however, that due to the structure of the Internet, it is possible that the rules of data protection and the aforementioned security measures may not be observed by other persons or institutions that are not within our area of responsibility. In particular, data disclosed in unencrypted form – e.g. when sent by e-mail – can be read by third parties. We have no technical influence on this. It is the responsibility of the user to protect the data they provide against misuse by means of encryption or in any other way.

III. Visitors to the website
If you access our website, i.e. if without registering or otherwise submitting information, information of a general nature is automatically collected. In this respect, its processing is based on Art. 6 par. 1 (f) GDPR or Art. 13 par. 1 DPA. This information (server log files) includes the type of browser, the operating system used, the domain name of your Internet service provider, your IP address and similar details. This is exclusively information that does not allow any conclusions to be made about your person. In particular, such information is processed for the following purposes:

–    To ensure problem-free access to the website,
–    To ensure the smooth use of our website,
–    To evaluate system security and stability, and
–    for other administrative purposes.

We do not use your data to draw conclusions about your person. Information of this kind is statistically evaluated by us, if necessary, in order to optimise our Internet presence and the technology behind it.

IV. Rights of data subjects
(1) According to the GDPR and/or DPA, you have the following rights in relation to your personal data

•    Right to information (Art. 15 GDPR, Art. 8 ff. DPA),
•    Right of rectification (Art. 5 DPA)
•    Right of correction or deletion (Art. 17 GDPR)
•    Right to restrict processing (Art. 18 GDPR),
•    Right to block disclosure (Art. 20 DPA)
•    Right to object to the processing (Art. 21 GDPR),
•    Right to data transferability (Art. 20 GDPR).

(2) You also have the right submit a complaint to a data protection supervisory authority about our processing of your personal data.

(3) Furthermore, as a Swiss citizen, you can contact the Federal Data Protection and Information Commissioner.


V. Cookies
This website uses the following types of cookies, the scope and function of which are explained below:

-    Transiente Cookies
-    Persistente Cookies

Transient cookies are automatically deleted when you close the browser. These include in particular session cookies. These store a session ID, with which various requests from your browser can be assigned to the common session. This allows your computer to be recognised when you return to our website. The session cookies are deleted when you log out or close the browser.

Persistent cookies are automatically deleted after a specified period of time, which may vary depending on the cookie. You can delete the cookies in the security settings of your browser at any time.

You can configure your browser settings according to your preferences and, for example, refuse to accept third-party cookies or all cookies. Please note that you may not be able to use all functions of this website if you do this.

We may use cookies to identify you for subsequent visits if you have an account with us. Otherwise you would have to log in again for each visit.

VI. Tools and plug-ins used on our website

A. Bookings, reservations and advance bookings
For bookings and reservations in the hotel and gastronomy sector, we require some personal data, the legal basis for which is set out in Art. 6 par. 1 (b) GDPR or Art. 13 par. 1 DPA. After your hotel or restaurant visit, the data you have provided will be kept for some time in order to comply with the legal retention periods for receipts/invoices.

For reservations in the gastronomy sector, tables can also be reserved via  Bookatable GmbH & Co.KG, Deichstraße 48-50, 20459 Hamburg, Germany. In doing so, the personal data is stored and forwarded to us. The corresponding data protection declaration of Bookatable GmbH & Co.KG can be found at https://www.bookatable.com/de/datenschutz.

In order to guarantee smooth catering operations, we work together with various providers, which enable us to offer menu pre-ordering, voucher systems or (pre-)orders of meals through an online shop. Frequently used tools include:

- Bankett Profi (https://www.mdas.ch/datenschutzerklaerung/)
- Menu app  (https://cms.menu.app/#/en/privacy)
- E-GUMA (https://www.e-guma.ch/en/data-privacy/)

The legal basis for the processing of data is Art. 6 par. 1 (b) GDPR and Art. 13 par. 1 DPA

B. Geographical and cartographic representations
On this website, we use Google Maps. Google Maps is operated by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. This allows us to display interactive maps directly on the website and enables you to use the map function conveniently. This is only done with your express consent, in accordance with Art. 6 par. 1 (a) GDPR or Art. 13 par. 1 DPA. Further information about data processing by Google can be found in the Google privacy policy. There you can also change your personal data protection settings in the data protection centre. When you visit the website, Google receives information that you have called up the corresponding subpage of our website. This happens regardless of whether Google provides a user account in which you are logged in or whether no user account exists. If you are logged in to Google, your data will be assigned directly to your account. If you do not want this data to be assigned to your profile on Google, you must log out of Google before activating the button. Google stores your data as user profiles and uses them for the purposes of advertising, market research and/or the appropriate design of its website. Such an evaluation is carried out in particular (even for users who are not logged in) to provide needs-based advertising and to inform other users of the social network about your activities on our website. You have a right of objection to the creation of these user profiles, whereby you must contact Google to exercise this right.

Google processes your data in the USA and is subject to the EU–US Privacy Shield https://www.privacyshield.gov/EU-US-Framework.

On the basis of this agreement between the USA and the European Commission, the latter has established an adequate level of data protection for companies certified under the Privacy Shield.

If you do not want Google to collect, process or use data about you via our website, you can deactivate JavaScript in your browser settings. In this case, however, you will not be able to use our website, or only to a limited extent. You can revoke your consent to the storage of your personal data at any time, with effect for future visits. You can inform us of your revocation at any time by using the contact option provided at the beginning of this data protection notice.

C. Fonts for better web page presentation
This website uses various fonts to optimise the display. When using fonts, the exchange of personal data is reduced to a minimum. More detailed information can be obtained from the various suppliers used:

-    Google Fonts (https://developers.google.com/fonts/faq?tid=331586858319)
-    MyFonts (https://www.myfonts.com/legal/website-use-privacy-policy)
-    Fonts.com (www.fonts.com/info/legal/privacy/)
-    FontAwesome (https://fontawesome.com/privacy)


D. Google Analytics
(1) This website uses Google Analytics, a web analysis service from Google Inc. (“Google”). Google Analytics uses cookies, which are text files stored on your computer to enable analysis of your use of the website. The information generated by the cookies with regard to your use of this website is generally sent to a Google server in the USA, where it is stored. However, if IP anonymisation is enabled on this website, Google will first truncate your IP address within Member States of the European Union or other signatory states of the European Economic Area Agreement. In exceptional cases only, the full IP address is transferred to a Google server in the USA and truncated there. Google uses this information on behalf of the operator of this website for the purposes of evaluating your use of the website, generating reports on website activity and providing other services to the website operator relating to website and Internet usage.

(2) The IP address transmitted by your browser through Google Analytics will not be combined with other data from Google.

(3) There is a setting in your browser software to prevent the storage of cookies; please note, however, that if you modify the setting, you may not be able to make full use of all the functions of this website. You can also prevent Google from collecting the data generated by cookies and related to your use of the website (including your IP address) and from processing this data by downloading and installing the browser plug-in available via the following link: http://tools.google.com/dlpage/gaoptout?hl=en

(4) This website uses Google Analytics with the extension “_anonymizeIp()”. This means that IP addresses are further processed in a truncated form, thus excluding the possibility of personal references. If the data collected about you contains a personal reference, this is immediately excluded and the personal data is therefore deleted immediately.

(5) We use Google Analytics to analyse and regularly improve the use of our website. We can use the statistics obtained to improve our offering and make it more interesting for you as a user. For exceptional cases in which personal data is transferred to the USA, Google is subject itself to the EU–US Privacy Shield: www.privacyshield.gov/EU-US-Framework. The legal basis for the use of Google Analytics is Art. 6 par. 1 clause 1 (f) GDPR and Art. 13 par. 1 DPA.

(6) Third party information: Google Dublin, Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, Ireland, Fax: +353 (1) 436 1001. Terms of use:
http://www.google.com/analytics/terms/de.html, data protection overview: https://support.google.com/analytics/answer/6004245?hl=en,  data protection declaration: https://policies.google.com/privacy?hl=en&gl=de

(7) Google processes your data in the USA and is subject to the EU–US Privacy Shield https://www.privacyshield.gov/EU-US-Framework. On the basis of this agreement between the USA and the European Commission, the latter has established an adequate level of data protection for companies certified under the Privacy Shield. We have also concluded standard data protection clauses with Google for the use of Google Analytics.

(8) You can revoke your consent to the storage of your personal data at any time with future effect. You can notify us of your revocation at any time by e-mail in No. 22, Right of objection.

E. Google Tag Manager
Google Tag Manager is a solution that allows marketers to manage website tags through one interface. The Tool Tag Manager itself (which implements the tags) is a cookie-free domain and does not collect any personal information. The tool triggers other tags, which may in turn collect data. Google Tag Manager does not access this data. If deactivation is made at domain or cookie level, it will remain in effect for all tracking tags implemented with Google Tag Manager:  https://www.google.com/analytics/terms/tag-manager/. The processing of the data entered is based on the consent of the user (Art. 6 par. 1 (a) GDPR or Art. 13 par. 1 DPA).

Google processes your data in the USA and is subject to the EU–US Privacy Shield https://www.privacyshield.gov/EU-US-Framework.

On the basis of this agreement between the USA and the European Commission, the latter has established an adequate level of data protection for companies certified under the Privacy Shield. We have also concluded standard data protection clauses with Google for the use of Google Analytics.


F. Newsletter and e-mail marketing
Your data will only be used to send you newsletters to which you have subscribed or other requested information by e-mail. Your name is given in order to address you personally in the context of newsletter/e-mail marketing and, if necessary, to identify you if you wish to exercise your rights as a data subject. To receive the newsletter and other e-mails, entering your e-mail address is usually sufficient. When you register to receive information, the data you provide will be used exclusively for this purpose. Subscribers can also be informed by e-mail about circumstances relevant to the service or registration (e.g. changes to the newsletter and e-mail marketing offer or technical conditions). For registration to be effective, we need a valid e-mail address. To verify that registration has actually been made by the owner of an e-mail address, we use the “double opt-in” procedure. For this purpose we log the order of the subscription, the sending of a confirmation e-mail and the receipt of the thereby requested answer. No other data is collected. The data will not be passed on to third parties.

On the basis of your expressly granted consent (Art. 6 par. 1 (a) GDPR, Art. 7 GDPR in conjunction with section 107 par. 2 of the Telecommunications Act (TA) or Art. 13 par. 1 DPA), we will send you our newsletter or comparable information on a regular basis by e-mail to your specified e-mail address.

We use various service providers with whom an order data processing contract has been concluded for this purpose. These service providers and corresponding data protection declarations are listed below:

-    Mayoris AG (https://www.mayoris.com/datenschutz/)
-    The Rocket Science Group, LLC. (https://mailchimp.com/legal/privacy/)
-    Newsletter2Go (https://www.sendinblue.com/legal/privacypolicy/)

G. Online presence on social media video platforms
Our presence on social networks and platforms serves to improve active communication with our customers and interested parties. This is where we inform you about our products and current special offers. When you visit our online social media channels, your data may be automatically collected and stored for market research and advertising purposes.

Youtube
You can read the privacy policy of YouTube at (https://policies.google.com/privacy). The processing is carried out in accordance with Art. 6 par. 1 (f) GDPR or Art. 13 par. 1 DPA on the basis of our legitimate interest in the functionality of our website and opportunities for contact with our customers.

As the aforementioned social media platform is based in the USA, the European Commission has issued an adequacy finding. This refers back to the EU–US Privacy Shield. A current certificate for the respective company can be viewed via the following link (https://www.privacyshield.gov/list).

Please refer to the provider’s data protection information linked below for your rights and settings options to protect your privacy, in particular your right to object (opt out). You can contact us if you still need help in relation to this matter.

Vimeo
Content from third parties is integrated into this website. The integration of the videos serves to protect our legitimate interests in providing optimal marketing for our offer, which predominate in the context of a balancing of interests. The tracking tool Google Analytics is automatically included for Vimeo videos that are integrated into our site. We have no influence on the settings of the tracking and the analysis results obtained from it and cannot view them. In addition, web beacons are placed for website visitors via the embedding of Vimeo videos.

Details regarding the purpose and scope of data collection and further processing and use of your data by the provider, as well as your rights in this respect and information on how to modify your settings to protect your privacy, can be found in the Vimeo data protection notice: https://vimeo.com/privacy.
Processing is carried out in accordance with Art. 6 par. 1 (f) GDPR or Art. 13 par. 1 DPA on the basis of our legitimate interest in the functionality of our website.
This content is provided by Vimeo LLC. Vimeo is operated by Vimeo LLC, 555 West 18th Street, New York 10011, USA.

There is a setting in your browser software to prevent the storage of Google Analytics tracking cookies; please note, however, that if you modify this setting, you may not be able to make full use of all the functions of this website. Users can also prevent the collection by Google of data generated by cookies about their use of the website (including their IP address) and processing of this data by Google by downloading and installing the browser plug-in at the following link:
https://tools.google.com/dlpage/gaoptout?hl=en. You can revoke your consent to the storage of your personal data at any time with future effect.

H. Application via our website
We process applicant data only for the purpose and within the scope of the application procedure, in accordance with the legal requirements. The processing of applicant data is carried out to fulfil our (pre-)contractual obligations within the framework of the application procedure, insofar as data processing is necessary for us, e.g. within the framework of legal procedures.

The application procedure requires that applicants provide us with their application data. If we offer an online form, the necessary applicant data is marked as such, otherwise it is derived from the job description and generally includes personal details, postal and contact addresses and documents pertaining to the application, such as covering letter, CV and certificates. In addition, applicants can voluntarily provide us with additional information. By submitting their application to us, applicants agree to the processing of their data for the purposes of the application procedure, in accordance with the type and scope described in this data protection declaration. Applicants can send us their applications using an online form on our website, if provided. The data will be encrypted according to the state of the art and transmitted to us. Applicants can also send us their applications by e-mail. Please note, however, that e-mails are generally not sent in encrypted form and the applicants themselves must ensure that they are encrypted. As such, we cannot take any responsibility for the transmission path of the application between the sender and its receipt by our server and therefore recommend using an online form or sending the application by post instead. The data provided by applicants can be processed by us for the purposes of the employment relationship in the event of a successful application.

The processing of the data required for the conclusion of the contract is based on Art. 6 par. 1 (b) GDPR and Art. 13 par. 2 (a) DPA. The processing is carried out in accordance with Art. 6 par. 1 (f) GDPR or Art. 13 para. 1 DPA on the basis of our justified interest in the further development of our company’s personnel.

We use the applicant management software Umantis from Haufe-Lexware GmbH & Co. KG, a company of the Haufe Group, Munzinger Straße 9, 79111 Freiburg, Germany to process online applications. For this purpose, a contract for processing orders was concluded with Haufe-Lexware in accordance with Art. 28 of the GDPR. More detailed provisions on the data protection provided by the Umantis solution can be found via the following link: https://www.haufe.de/datenschutzerklaerung_24_360.html

I. Comment function and contact form
If users leave comments on our website, the time of their creation and the user name previously selected by the website visitor are also stored together with this information. This is for our security, as we can be prosecuted for illegal content on our website, even if it has been created by users.
Data entered as comments are processed on the basis of a legitimate interest (Art. 6 par. 1 (f) GDPR or Art. 13 par. 1 DPA). The comment function is intended to enable easy interaction. The information that you provide will be stored for the purpose of processing your enquiry and for possible follow-up questions.

The data that you enter will be stored for the purpose of individual communication with you. A valid e-mail address and your name are required for this purpose. This is used to assign the request and to answer it afterwards. The specification of further data is optional.

The data entered in the contact form is processed on the basis of a legitimate interest (Art. 6 par. 1 (f) GDPR or Art. 13 par. 1 DPA). By providing the contact form, we would like to make it easy for you to contact us. The information that you provide will be stored for the purpose of processing your enquiry and for possible follow-up questions. If you contact us in order to request a quotation, the data entered in the contact form will be processed for the purpose of implementing pre-contractual measures (Art. 6 par. 1 (b) GDPR or Art. 13 par. 2 (a) DPA).

J. Use of survey tools
You have the option of participating in surveys on our website and in the hotels. The legal basis for this is Art. 6 par. 1 (a) GDPR or Art. 13 par. 1 DPA. The survey questionnaires are created by SurveyMonkey. For more information on the protection of your data, please see here: https://www.surveymonkey.com/mp/legal/privacy/.


K. Use of Userlike
If you use the live chat tool to contact us, the data you voluntarily enter there (name, e-mail address, message) will be processed by us for the purpose of answering the enquiry within the framework of contract processing. In addition, the use of this tool serves to safeguard our legitimate interests in effective and improved customer communication, which prevail in the balance of interests. As part of the processing carried out on our behalf, the third-party provider, Userlike, provides us with the services to offer the live chat tool. All data collected in the course of using the chat tool are processed on its servers.

Processing is carried out in accordance with Art. 6 par. 1 (f) GDPR or Art. 13 par. 1 DPA on the basis of our legitimate interest in improving the stability and functionality of our website and on the basis of consent in accordance with Art. 6 par. 1 clause 1 (b) GDPR or Art. 13 par. 2 (a) DPA.

L. Social media plug-ins
Social media buttons with data protection (Shariff)
Normally, these social media plug-ins mean that every visitor of a page is immediately registered by these services with their IP address and that further activities on the internet are logged.

This happens even if the user does not click on any of the buttons at all.

To prevent this we use the Shariff method. Our Social button establishes direct contact between the social network and the visitor only when the latter actively clicks on the Share button. If the user is already logged in to a social network, Facebook and Google+ will do this without another window. On Twitter, a pop-up window appears where you can still edit the tweet text.

Users can therefore post Berlin.de content in social networks without having to create complete surf profiles. With the Shariff method, Berlin.de takes the data protection interests of its visitors into account as far as is possible with the latest technology. The Shariff method is already being used by many websites to protect their users. The starting point was an initiative by Heise.de, where you can find more information on the current state of the discussion.

Facebook pixel
We use Facebook pixel, Facebook Custom Audiences and Facebook conversion.
Within our online presence, we use Facebook pixel from social network Facebook, which is operated by Facebook Inc, 1 Hacker Way, Menlo Park, CA 94025, USA, or, if you are resident in the EU, Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (“Facebook”).

With the help of Facebook pixel, Facebook is able to determine you as a visitor to our online presence as a target group for the presentation of ads (“Facebook ads”). Accordingly, we use Facebook pixel to display Facebook ads placed by us only to those Facebook users who have also shown an interest in our online offering or who exhibit certain characteristics (e.g. an interest in certain topics or products determined on the basis of the websites visited) that we transmit to Facebook (“Custom Audiences”). With the help of Facebook pixel, we also want to ensure that our Facebook ads match the potential interest of users and are not annoying. Using Facebook pixel, we can further track the effectiveness of Facebook ads for statistical and market research purposes by seeing whether users are redirected to our website after clicking on a Facebook ad (“conversion”).

The processing of the data by Facebook is carried out within the framework of the Facebook data usage guidelines. General notes on the display of Facebook ads can be found at https://www.facebook.com/policy.php. Specific information and details about Facebook pixel and how it works can be found at
https://www.facebook.com/business/help/651294705016616.

Facebook processes your data in the USA and is subject to the EU_US Privacy Shield
https://www.privacyshield.gov/EU-US-Framework.

On the basis of this agreement between the USA and the European Commission, the latter has established an adequate level of data protection for companies certified under the Privacy Shield.

Use of social walls
A social wall is integrated into our website and is operated by the provider Juicer. This provider does not currently collect any data from visitors to the website. The data protection information of the provider can be found at https://www.juicer.io/privacy.

LinkedIn Insight Tag
We use Insight Tag by the social network LinkedIn on our pages. This is provided by LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA (hereinafter “LinkedIn”). LinkedIn Insight Tag is a small JavaScript code snippet that we have added to our website. The legal basis for the processing of personal data is Art. 6 par. 1 (f) GDPR or Art. 13 par. 1 DPA, i.e. a legitimate interest on our part. Our legitimate interest lies in the aforementioned purposes.

LinkedIn Insight Tag allows us to collect information about visits to our website, including URL, referrer URL, IP address, device and browser characteristics, timestamps and page views. LinkedIn does not share any personally identifiable information with us, but only provides aggregate reports about the site’s audience and ad performance. The data is encrypted, pseudonymised within seven days and the pseudonymised data is deleted within 90 days. LinkedIn also provides retargeting for website visitors, so we can use this information to display targeted advertising outside of our website without identifying the member. Members of LinkedIn may control the use of their personal data for advertising purposes via their account settings.
 
LinkedIn Insight Tag is used for the purpose of providing detailed campaign reporting and information about visitors to our website and thus for our advertising and marketing interests. As a LinkedIn marketing solutions customer, we use LinkedIn Insight Tag to track conversions, retarget our site visitors and gather additional information about the LinkedIn members who view our ads.

Details on data collection (purpose, scope, further processing, use) as well as your rights and settings options can be found in LinkedIn’s data protection information. LinkedIn makes this information available at https://www.linkedin.com/legal/privacy-policy.

As a user, you can also decide yourself at any time whether to execute the JavaScript code required for the tool via your browser settings. By changing the settings in your Internet browser, you can deactivate or restrict the execution of JavaScript and thus also prevent it from being saved. Note: If the execution of JavaScript is deactivated, it is possible that not all functions of the website can be used to their full extent.

If you are logged in to LinkedIn, you can deactivate the data collection at any time by clicking on the following link: https://www.linkedin.com/psettings/data-sharing.

You can prevent the execution of the JavaScript code required for the tool by setting your browser software accordingly.
To prevent the execution of JavaScript code altogether, you can also install a JavaScript blocker such as the browser plug-in NoScript (e.g. www.noscript.net or www.ghostery.com).

VII. Data Protection Officer
You can contact our Data Protection Officer at Datenschutz_CH@sv-group.ch or at our postal address, specifying “The Data Protection Officer".

VIII. Opposition or revocation of data processing
(1) If you have given your consent to the processing of your data, you can revoke this consent at any time. Such revocation affects the permissibility of processing your personal data after you have expressed it to us.

(2) Insofar as we base the processing of your personal data on the weighing of interests, you may object to the processing. In particular, this is the case if such processing is not necessary for the fulfilment of a contract with you, which is described by us in the following description of the functions. In the event of such an objection, we ask you to explain the reasons why we should not process your personal data as we have done. In the event of your justified objection, we will examine the facts of the case and will either stop or adapt the data processing or show you our compelling reasons worthy of protection, on the basis of which we will continue with the processing.

(3) You can of course object to the processing of your personal data for advertising and data analysis purposes at any time. You can inform us of your objection to advertising by contacting us at: Datenschutz_CH@sv-group.ch

IX. Amendments to the guidelines
Since changes in law or changes to our internal company processes may make it necessary to adapt this data protection declaration, we ask you to please read this data protection declaration from time to time. We reserve the right to change these guidelines at any time in compliance with data protection regulations.