Hôtâ Hotels SA, rue de l’avenir 8, 2800 Delémont, Switzerland, registered in the commercial register of the Canton of Jura under the number CHE-233.772.122, is responsible for the collection, processing, and use of your personal data.

Your trust is important to us, which is why we take data protection seriously and ensure appropriate security in compliance with Swiss law.

If you have any questions or comments regarding our processing of personal data and the legal basis on which we process them, you can contact us using the following contact details:

By mail: Hôtâ Hotels SA, rue de l’avenir 8, 2800 Delémont By email: contact@hotahotels.com

You have the option to contact us by phone. You are responsible for the messages or content you send us by phone (e.g., orders, purchase requests, general inquiries, etc.).

In order to answer your questions, we may ask you to provide additional information, such as your full name, address, email address, etc. We will only collect from you the personal data necessary to identify you (including your phone number) and to best address your inquiries or provide the services you have requested.

The processing of this data is therefore necessary for the implementation of pre-contractual or contractual measures in accordance with art. 13 para. 2 lit. a LPD/31 para. 2 let. a nLPD or art. 6 para. 1 lit. b GDPR, or is in our legitimate interest in accordance with art. 13 para. 1 LPD/31 para.1 nLPD or art. 6 para. 1 lit. f GDPR.

You have the option to contact us by email or mail. You are solely responsible for the messages or content you send us in this way. We recommend not transmitting sensitive information. Only the personal data that you voluntarily provide will be collected. You decide on the information you send us.

To respond to your email request, we may ask you to provide additional information, such as your full name, address, phone number, etc. We will only collect the personal data necessary to identify you (including your email address) and to respond to your request in the best possible way.

The processing of this data is therefore necessary for the implementation of pre-contractual or contractual measures in accordance with art. 13 para. 2 lit. a LPD/31 para. 2 let. a nLPD or art. 6 para. 1 lit. b GDPR, or is in our legitimate interest in accordance with art. 13 para. 1 LPD/31 para. 1 nLDP or art. 6 para. 1 lit. f GDPR.

You have the option to use a contact form to get in touch with us. For this, we need the following information:

• Title*
• First and Last Name*
• Job Title (for business customers)
• Company (for business customers)
• Position (for business customers)
• Address*
• Phone number
• Email
• address*
• Remarks*

Information marked with an (*) is mandatory.

We only use this data to respond to your contact request in the best and most personalized way possible. The processing of this data is therefore necessary for the implementation of pre-contractual or contractual measures in accordance with Art. 13 para. 2 lit. a LPD/31 para. 2 let. a nLPD or Art. 6 para. 1 lit. b GDPR, or it is in our legitimate interest in accordance with Art. 13 para. 1 LPD/31 para. 1 nLPD or Art. 6 para. 1 lit. f GDPR.

If you have a user account, you can place orders from our product catalog on our website. The following data must be provided when ordering products:

• Customer number
• Address*
• Phone number
• Email address*
• Notification and shipping type
• Field staff
• Regional center

Information marked with an (*) is mandatory.

We use this data to respond to requests and orders in the best and most personalized way possible. The processing of this data is therefore necessary for the implementation of pre-contractual or contractual measures in accordance with Art. 13 para. 2 lit. a LPD/31 para. 2 let. a nLPD or Art. 6 para. 1 lit. b GDPR, or it is in our legitimate interest in accordance with Art. 13 para. 1 LPD/31 para.1 nLPD or Art. 6 para. 1 lit. f GDPR.

On our website, you have the opportunity to apply for open positions using our online form. During the online application, the following data will be processed:

Personal Data:

• Open position*
• First and Last Name*
• Place of residence and country*
• Postal code*
• Location*
• Email address*
• Phone number*
• Date of birth*
• Current professional position and employer*
• Type of application source*

Documents:

• Curriculum vitae*
• Cover letter*
• Certificates and diplomas*

Information marked with an (*) is mandatory.

We need this information to review your application and for possible implementation of the application procedure. The legal basis for processing your personal data is constituted by pre-contractual or contractual measures in accordance with Art. 13 para. 2 lit. a LPD/31 para. 2 let. a nLPD or Art. 6 para. 1 lit. b GDPR, or it is in our legitimate interest in accordance with Art. 13 para. 1 LPD/31 para. 1 nLPD or Art. 6 para. 1 lit. f GDPR.

On our website, you have the option to subscribe to our newsletter. Registration is required for this purpose. The following data must be submitted during registration:

• Title
• First and Last Name
• Email address*

Information marked with an (*) is mandatory.

After entering the above information, you can trigger the registration for our newsletter. We use the so-called “Double-Opt-In” mechanism. After sending the registration, you will receive an email from us containing a confirmation link. To definitively subscribe to the newsletter, you must click on this link. If you do not click on the confirmation link, the email address in our temporary newsletter subscriber list will be permanently deleted after 24 hours, and no subscription will be made.

We will use your data for sending the newsletter until you revoke your consent. You can revoke your consent at any time with effect for the future or by clicking on the unsubscribe link in the newsletter emails.

Our newsletter contains web beacons or a similar technical means (tracking pixels). Web beacons are invisible 1×1 pixel graphics that are associated with the user ID of the corresponding newsletter subscriber. Web beacons provide us with the following information about sending the newsletter:

• Address file used;
• Subject and number of newsletters sent;
• Information about addresses that have or have not received the newsletter and about addresses where sending failed;
• Information about addresses from which the newsletter was opened;
• Information about addresses that have been deleted;
• Technical information (e.g., time of retrieval, IP address, browser type, and operating system).

This information is used for the statistical analysis of our newsletter dispatch. The results of these analyses can be used to better tailor future newsletters to the interests of recipients. Web beacons are deleted when you delete the newsletter.

To prevent the use of web beacons, you can set up your email program so that no HTML is displayed in messages, if this is not already the case by default. On the following pages, you will find explanations on how to make this setting in the most common email programs.

By subscribing to the newsletter, you give us your consent to process the data provided for the regular sending of the newsletter to the address you have provided us, as well as for the statistical evaluation of usage behavior and the optimization of the newsletter. This consent constitutes our legal basis for data processing in accordance with Art. 13 para. 1 LPD/31 para. 1 nLPD and Art. 6 para. 1 lit. a GDPR. You can revoke your consent at any time with effect for the future.

Cookies contribute in many ways to make your visit to our website easier, more enjoyable, and more meaningful. Cookies are information files that your Internet browser automatically stores on the hard drive of your computer when you visit our website.

We use cookies, for example, to temporarily store the services and entries you have selected when filling out a form on our web pages, so that you do not have to repeat the entry when you call up another subpage.

Most Internet browsers automatically accept cookies. However, you can configure your browser so that no cookie is stored on your computer or a message appears every time you receive a new cookie. The following pages provide explanations on how to configure cookie processing with the most common browsers:

• Microsoft Windows Internet Explorer
• Microsoft Windows Internet Explorer for mobile
• Mozilla Firefox
• Google Chrome desktop
• Google Chrome for mobile
• Apple Safari desktop
• Apple Safari for mobile

Disabling cookies may mean that you cannot use all the features of our websites.

The legal basis for the processing of personal data for the above-mentioned purposes is in our legitimate interest, in accordance with art. 13 para. 1 LPD/31 para. 1 nLPD and art. 6 para. 1 lit. f GDPR, to ensure the functionality and optimization of our web pages. In the case of purely analytical cookies, we base the processing of your personal data on your consent, which you give via the cookie banner

Google Analytics

The websites use Google Analytics, a web analysis service of Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA. Google Analytics uses methods that allow the analysis of the use of our websites, such as cookies (see “Cookies” section). The following information is generated by the cookie regarding your use of our sites:

• Visitor’s navigation path on our sites:
• Duration of stay on the page or sub-page,
• Sub-page from which the website is exited,
• Country, region, or city from which the site is accessed,
• Device (type, version, resolution, width, and height of the browser window),
• Recurring or new visitor,
• Type and version of the browser,
• Operating system used,
• Referral URL (the previously visited page),
• Hostname of the accessing computer (IP address)
• Time of the server query.

This information is transmitted to a Google server, a company of the Alphabet Inc. holding company, in the United States, and is stored there. Due to the activation of IP anonymization on this website, the IP address is shortened before transmission to the United States (anonymizeIP). The anonymized IP address transmitted by your browser in the context of Google Analytics is not combined with other data from Google. Only in exceptional cases will the full IP address be transferred to a Google server in the United States and shortened there. In these cases, we ensure, through a guarantee agreement, that Google complies with an adequate level of data protection.

The information is used to evaluate the use of our web pages, to compile reports on activities on our web pages, and to provide other services related to the use of our web pages and the use of the Internet for market research purposes and organization of our website according to needs. This information may also be transferred to third parties when required by law or when third parties process this data on behalf of Google. According to Google, the IP address is never associated with other information about the user.

Users can prevent the collection of data generated by the cookie and related to the use of the website by the respective user (including the IP address) to Google and the processing of this data by Google by downloading and installing the browser plugin available under this link. You can find more information about the web analytics service used on the Google Analytics website.

This processing is based on our legitimate interest within the meaning of Article 6(1)(f) GDPR.

Google Maps

We use the Google Maps API (Application Programming Interface, Google Maps) from Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA, on our websites for the visual presentation of geographical information. By using Google Maps, information about the use of our website, including your IP address, is transmitted to a Google server in the United States and stored there.

The legal basis for the processing of data for this purpose lies in our legitimate interest in accordance with Article 6(1)(f) GDPR.

It is possible to disable Google Maps and prevent the transfer of data to Google by disabling JavaScript in your browser. However, we would like to point out that in this case, you will not be able to use the map display. You can find more information about the collection, processing, and use of your data by Google, as well as your rights in this regard, here in Google’s Privacy Policy and here in the additional terms of use for Google Maps or Google Earth. Failure to disable the relevant services will be considered as consent to the processing of data for this purpose and consent to the transfer of data to the United States (see section 17, second and third paragraphs).

Our websites may contain links to social media networks. The links do not lead to the transmission of data to the provider without the user’s influence when loading our web pages (no ‘plugins’). Behind the social media buttons, there is only a link to our presence on the respective network. No user data is transmitted from our websites to the social network.

Our websites may feature the following links:

• Facebook from Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, respectively Facebook Inc, 1601 S. California Ave, Palo Alto, CA 94304, USA
• Instagram from Instagram Inc, 1601 Willow Road, Menlo Park, CA 94025, United States
• YouTube managed by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, respectively Google Inc, 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA
• LinkedIn from LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, United States

When you call up a link to one of our network profiles, a direct connection is established between your browser and the server of the respective social network. The network is thus informed that you have used your IP address to visit our websites and call the link. If you log into a network while being logged into your account on that network, the content of our sites may be linked to your profile on the network, meaning that the network can directly associate your visit to our websites with your account. If you want to avoid this, you must log out before clicking on a link. In any case, a mission takes place when you log in to the respective network after clicking on the link.

The legal basis for processing data for this purpose is in our legitimate interest according to Art. 13(1) LPD/31(1) nLPD and Art. 6(1)(f) GDPR.

We retain personal data for as long as necessary to provide the aforementioned services and for further processing within the scope of our legitimate interests in accordance with art. 13 para. 1 and para. 2 lit. a LPD/31 para. 1 and para. 2 lit. a nLPD and art. 6 para. 1, lit. b and f GDPR.

Contractual data will be stored by us for a longer period if required by legal retention obligations or if we have another legitimate interest to do so. Storage obligations that require us to retain data result, in particular, from accounting and tax regulations. According to these regulations, business communications, contracts concluded, and accounting documents must be retained for ten years after the end of the year in which they were last processed. If we no longer need this data for the provision of services to you or within the scope of other legitimate interests, the data will be blocked. This means that the data can only be used for accounting and tax purposes.

We only transfer your personal data if you have expressly consented to it, if there is a legal obligation to do so, or if it is necessary to fulfill our contractual obligations or to assert our rights, especially to assert claims arising from the contractual relationship. Furthermore, we transfer your data to third parties to the extent necessary for the use of our websites or application and the performance of the contract (also outside of our websites).

Some third parties have already been mentioned (Google Inc.). Our websites are hosted on servers in Switzerland. The data is transmitted for the purpose of fulfilling our pre-contractual and contractual obligations and providing and maintaining the functionalities of our website and applications. This is our legitimate interest according to Art. 13(1) and (2) lit. a LPD/31(1) and (2) let. a nLPD and Art. 6(1) lit. b and f GDPR.

We may also transfer your personal data to third-party companies (contracted service providers) abroad for the purposes of data processing described in this privacy policy. These companies are, to the same extent as we are, obligated to protect your data. If the level of data protection in a country does not correspond to that of Switzerland or the EU, we will ensure, through a contract communicated in advance to the Federal Data Protection and Information Commissioner (FDPIC), that the protection of your personal data always corresponds to that of Switzerland or the EU.

For the sake of completeness, we note that under US law, US authorities may take surveillance measures and access data, which may also include data transferred from Switzerland or the European Union to the United States. This is done without distinction, restriction, or exception based on the pursued objective and without objective criteria that would limit the access of US authorities to personal data and their subsequent use for strictly limited purposes justifying access to this data.

Furthermore, in the United States, there is no legal recourse for individuals residing in EU member states or Switzerland that would allow them to access, rectify, or delete data about them that is subject to government action, and there is no effective legal protection against the general access rights of US authorities.

We would like to inform users residing in Switzerland or an EU member state that, according to the competent authorities in Switzerland and the European Union – partly due to the issues mentioned in this section – the United States does not have an adequate level of data protection. If data recipients (e.g., Google) are based in the United States or are expected to carry out relevant data processing in the United States, we will take all reasonable measures to ensure that your data is protected at an appropriate level with our partners through contractual agreements with these companies and, if necessary, through additional guarantees to protect the rights of individuals whose personal data is transferred to a third country.

We expressly draw your attention to this legal and factual situation so that you can make an informed decision regarding your consent to the disclosure of your data to persons who are domiciled in the United States or who may carry out data processing related to the United States.

We implement appropriate technical and organizational security measures to protect your personal data stored with us against manipulation, partial or total loss, and unauthorized access by third parties. Our security measures are continually improved in line with technological developments.

We also place a high priority on internal data protection. Our employees and the service companies we commission are obligated by us to maintain confidentiality and adhere to data protection regulations.