Privacy policy

‍Lastupdate: 31.08.2023

I. General information

1. introductory remarks

With this data protection declaration, Camping Lodge AG (hereinafter referred to as "CampingLodge", "we" or "us") explains to its customers, users, business partners, applicants, authorities and other persons involved ("you") how personal data is collected and processed in the company. Responsible handling of your personal data is very important to us.

You may only disclose personal data of third parties to us if you are authorized to do so and the personal data is correct. We ask you to ensure that the persons concerned are aware of this privacy policy.

In this privacy policy, we use the feminine and masculine form alternately. The respective designation also includes all other gender designations.

We may amend this privacy policy at any time and without prior notice. The current version published on our website applies in each case.

2. persons responsible for data protection matters

Responsible for the content of this privacy policy and for the data processing described is:

Camping Lodge AG
Chollerstrasse 4
6300 Zug
datenschutz@camping-lodge.com
Tel.: +41 41 220 75 20

For natural persons with simple residence in countries of the European Economic Area (EEA), the European Union (EU) and the Principality of Liechtenstein, as well as for the country-specific supervisory authorities provided for under the GDPR, we designate the following person as EU Data Protection Representative pursuant to Art. 27DSGVO:

LodgyslifeAG

Hausener Weg 29
60489 Frankfurt am Main

Germany

Phone:+49 69 78 80 88 06 21
E-mail: info@lodgyslife.com

3. terminologies

By way of introduction, we would like to clarify the most important terms used in the following for better understanding. In this regard, we adhere to the definitions of terms from the Swiss Data Protection Act.

Personal data (GDPR: personal data): any information relating to an identified or identifiable natural person.
Data subjects: natural persons about whom data are processed;
Particularly sensitive personal data (GDPR: special categories of personal data): (1) data relating to religious, philosophical, political or trade union beliefs or activities, (2) data relating to health, privacy or racial or ethnic origin, (3) genetic data, (4) biometric data uniquely identifying a natural person, (5) data relating to administrative or criminal prosecutions or sanctions, and (6)data relating to social assistance measures.
Processing (GDPR: processing): any handling of personal data, regardless of the means and procedures used, in particular the acquisition, storage, retention, use, modification, disclosure, archiving, deletion or destruction of data.
Person in charge: private person or federal body that alone or together with others decides on the purpose and means of processing.
Data processor (DSGVO: Auftragsverarbeiter): private person or federal body that processes personal data on behalf of the controller.

4. legal bases of data processing

This Privacy Policy complies with the requirements of the Swiss Federal Law on Data Protection ("FADP") and the associated Ordinance ("DPA") as well as the General Data Protection Regulation of the European Union ("GDPR"). The type and scope of the applicable legislation depends on the individual case. Foreign data protection law is only applied insofar as this is mandatory under the applicable law and only for the data processing processes and persons affected by it.

We comply with the applicable data protection regulations when processing personal data.

The processing of personal data must not unlawfully infringe the personality of the persons concerned. For this reason, such data processing must comply with the processing principles of data protection law and/or must be legitimized by a justification. In particular, we are legitimized to process personal data if the processing:

⦁ based on a legal basis
The processing of personal data may be required or legitimized by law (e.g. legal retention obligations).

⦁ necessary for the performance of a contract with the data subject or for pre-contractual measures
The essential part of the processing of personal data in our company is carried out in the context of the fulfillment of contractual obligations (e.g. in the context of the acquisition of campsites, framework agreements with suppliers, when issuing voucher cards for the group, in connection with the employment of employees, in the area of service provision for our campsites).

⦁ is necessary for the exercise of legitimate interests on our part or on the part of third parties
A legitimate interest on our part exists in particular if the processing of personal data takes place within the framework of the purposes specified in section 7 as well as the disclosure of data pursuant to section 10 and the associated objectives.

⦁ based on consent
If processing of personal data is based on your consent, we will inform you about this separately and transparently. You can revoke your consent with future effect at any time using the functions provided for this purpose (e.g. unsubscribe link for newsletters) or by notifying us in writing (see points of contact in section 2 above). Upon receipt of your revocation, we will cease the data processing affected by it, unless we can base the processing on another justification.

⦁ necessary to comply with domestic and foreign legislation.

5. categories of personal data

Depending on the services you use and the respective relationship between you and us, we process in particular the following categories of personal data:

⦁ Master data (e.g. title, surname, first name, date of birth, address, gender, ID numbers passport/ID, contact information, language, user names, etc.).

⦁ Contractual data (e.g. information regarding the initiation, conclusion, processing, administration and termination of contracts between you and us, information in connection with job applications [see also section 15 below], interaction history, financial and payment information such as creditworthiness, information in connection with the enforcement of claims, bank data, etc.).

⦁ Communication data (e.g., content exchanged via the respective communication channel, type, time and, if applicable, location of the communication that took place, boundary data, etc.).

⦁ Behavioral and transactional data (e.g., in connection with the use of our website, participation in events, contests and surveys, use of electronic communication channels, etc.).

⦁ Technical data (e.g. IP addresses, device IDs, details of the devices and applications you use and their settings, Internet provider you use, user names, passwords [as hash value], information in connection with 2-factor authentication, log data, time and, if applicable, approximate location in the context of using our services, etc.).

⦁ Marketing data (e.g. information on personal preferences and interests, subscriptions and unsubscriptions to newsletters, content of marketing correspondence).

⦁ Image and sound recordings (e.g. recordings of telephone and video conference calls [will only be made after prior announcement and, if necessary, with your consent], recordings in connection with customer events).

6. origin of the data

To a large extent, we collect personal data directly from you as the data subject. This includes in particular master data, contract data, communication data, marketing data as well as behavioral and transaction data. The collection of such personal data takes place in the context of the initiation and processing of business relationships and the use of our services.

We may also collect personal data about you ourselves or automatically or derive it from existing data. This includes in particular behavioral and transaction data as well as technical data.

Finally, we also receive personal data from third parties to the extent permitted by law. Such third parties include, in particular, persons from your environment (e.g. employer, work colleagues), business partners, insurance companies, banks, authorities, official agencies, courts, parties and their legal representation in the context of legal disputes, etc. In addition, we may also collect personal data from public sources (e.g. credit agencies, social media).

7. purposes of data processing

We process the collected data in order to fulfill our legal and contractual obligations towards you and third parties. This includes in particular the establishment, management and processing of contractual relationships such as:

Takeover of campsites
Service provision for our campsites
Framework agreements with suppliers
Issuance of voucher cards for the group
Hiring of employees

Furthermore, we process the collected data to ensure communication with you, to provide and improve the services and information you have requested, to manage your use of and access to our services and information, to maintain our business relationship with you, to carry out advertising and marketing measures (insofar as we are authorized to do so, e.g. through your consent), to monitor the performance of our offer, to enforce legal claims or defend ourselves against them, to detect, prevent or clarify illegal activities, and to improve our services. to monitor and improve the performance of our services, to enforce or defend against legal claims, to detect, prevent or investigate illegal activities, to ensure compliance with laws and recommendations of domestic and foreign authorities and internal regulations, to generally ensure our operations (esp. IT, website, etc.) and to ensure administrative processes (e.g. data archiving, accounting, master data maintenance, quality assurance).

8. processing time of personal data

We process your personal data for as long as we are legally obliged to do so (e.g. retention and archiving obligations) or our legitimate business interests require this (e.g. enforcement or defense of claims, ensuring IT security), respectively as long as the purpose of the collection of your data makes it necessary or the retention is technically required. In the case of contracts, data is generally retained for the duration of the contractual relationship and for the statutory retention periods beyond this (generally 10 years).

This may mean that your personal data or extracts thereof must be retained for several years after the end of the contractual relationship between you and us. If your personal data is no longer required for the above-mentioned purposes, it will be deleted or anonymized as far as possible.

In certain cases, based on your consent, we may retain your personal data for a longer period of time (e.g. job applications that we have pending).

9. data security

To secure your data, we maintain technical and organizational security measures in accordance with the current state of the art.

Communication via our website is encrypted using the SSL/TLS encryption protocol.

We point out that even encrypted data transmission on the Internet always involves security risks. A complete protection of the data against access by third parties cannot be guaranteed.

We oblige our employees as well as our business partners to maintain secrecy and confidentiality and to comply with the applicable data protection regulations.

10. disclosure of personal data to third parties

To the extent permitted by law or necessary, we may also disclose certain personal data to third parties in the course of our business activities. These third parties process your personal data either on our behalf (order processor), under joint responsibility with us or on their own responsibility. These include, among others:

Group companies
our service providers, such as banks, insurance companies, IT providers, debt collection companies, credit agencies, cleaning companies, advertising service providers, attorneys, external consultants, etc.
Business partners, such as insurance companies, distributors, suppliers, etc.
Domestic and foreign authorities, agencies and courts
Other parties in administrative and judicial proceedings
Parties involved in transactions under company law (e.g. purchase, sale or mergers of companies, business units, etc.)
Other third parties that are necessary to achieve the purpose of the data processing in question

Where necessary, we have concluded corresponding contracts with these third parties. In the event of the involvement of order processors, they undertake to comply with the data protection and data security provisions. Furthermore, they may only process personal data in accordance with our instructions. They also grant us comprehensive auditing and control rights as well as the right to information, correction and deletion.

11. disclosure of personal data abroad

We process and store personal data in Switzerland and in the European Union (EU) or the European Economic Area (EEA). In certain cases, however, we may also disclose personal data to service providers and recipients located outside this area or process personal data outside this area, in principle in any country in the world. In particular, you must expect that personal data will be disclosed to all countries in which the service providers we use and their subcontractors are located (in particular the USA).

By taking appropriate measures, we ensure compliance with the legal requirements. Specifically, an adequacy decision by the competent authority is available. In the absence of such a decision, the personal data is transferred on the basis of appropriate safeguards (in particular standard contractual clauses approved by the European Commission and the Federal Data Protection and Information Commissioner [FDPIC]) or there are exceptions for certain situations (contract processing, law enforcement abroad, etc.) or we obtain your express consent.

12. your rights as a data subject

Insofar as the legal requirements are met and no legal exceptions apply, you as the data subject have the following rights in particular:

to receive information upon request as to whether and, if so, which personal data we process about you
on correction of incorrect or incomplete personal data
to the deletion or anonymization of your personal data, provided this does not conflict with a legal obligation to retain data
on data portability
revoke any consent given for the processing of your personal data with effect for the future
object to the processing of your personal data.

Please note that these rights may be restricted or excluded in specific individual cases (e.g. to protect third parties or trade secrets).

For the purpose of asserting your data subject rights or if you have any questions regarding this data protection declaration and the processing procedures described therein, you can contact the offices mentioned in section 2 above at any time.

If you believe that your data has been processed unlawfully, we would be grateful if you could contact us directly. Alternatively, you can file a complaint with the supervisory authority responsible for you. The supervisory authority for data protection in Switzerland is the Federal Data Protection and Information Commissioner (FDPIC). In the EU, the complaint must be submitted to the respective national data protection authority.

II. Supplementary information in connection with selected data processing operations

13. processing of personal data within the framework of the use of our website and the services offered thereon.

13.1 Website hosting provider

Our website is hosted by an external service provider (hoster). The personal data collected in the course of website use is stored on the hoster's servers. These are in particular server log files (e.g. name and URL of the accessed file, date and time of access, amount of data, web browser and web browser version, operating system, the domain name of your Internet provider, the so-called referrer URL [the page from which you accessed our offer), the IP address], contact requests, meta and communication data, contract data, contact details, names, website accesses and other data.

Our hoster will process your data only insofar as this is necessary for the fulfillment of its service obligations and will follow our instructions regarding this data. We have concluded an order processing contract with the hoster.

Within the scope of the DSGVO, the associated processing of your personal data takes place either for the purpose of initiating and fulfilling a contract (Art. 6 para. 1 lit. b DSGVO) or based on our legitimate interest (Art. 6 para. 1 lit. f DSGVO) in providing a user-friendly, secure and efficient website in cooperation with a professional provider.

13.2 Mail provider

Our mail servers are hosted by an external service provider (hoster). The personal data collected in the course of mail traffic is stored on the hoster's servers. This may include IP addresses, meta and communication data, contact data, names and other data.

Within the scope of the DSGVO, the associated processing of your personal data takes place either for the purpose of initiating and fulfilling a contract (Art. 6 (1) (b) DSGVO) or based on our legitimate interest (Art. 6 (1) (f) DSGVO) in processing the inquiries and communication content addressed to us and in providing secure, fast and efficient e-mail communication in cooperation with a professional provider.

13.3. cookies

Our Internet pages use so-called "cookies". Cookies are small text files and do not cause any damage to your terminal device. They are stored either temporarily for the duration of a session (session cookies) or permanently (permanent cookies) on your end device. Session cookies are automatically deleted at the end of your visit. Permanent cookies remain stored on your end device until you delete them yourself or until they are automatically deleted by your web browser.

In some cases, cookies from third-party companies may also be stored on your terminal device when you use our site (third-party cookies). These enable us or you to use certain services of the third-party company (e.g. cookies for processing payment services).

Cookies have various functions. Many cookies are technically necessary, as certain website functions would not work without them (e.g. the display of videos). Other cookies are used to evaluate user behavior or display advertising.

You can configure your browser so that no cookies are stored on your computer or a notice always appears when you receive a new cookie. On the following pages you will find explanations of how you can configure the processing of cookies in the most popular browsers:

If cookies are deactivated, the functionality of this website may be limited.

We use cookies to carry out the electronic communication process, to provide certain functionalities or to optimize our website (technically necessary cookies). Within the scope of the DSGVO, we store technically necessary cookies on the basis of our legitimate interest (Art. 6 para. 1 lit. f DSGVO). If consent to the storage of cookies and similar recognition technologies has been requested, the processing is based on your consent (Art. 6 para. 1 lit. a DSGVO). The consent can be revoked at any time with effect for the future.

13.4 Tracking & Analytics

Our website uses Google Analytics from Google Inc. For the European area, the company Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible for all Google services (hereinafter "Google").

In addition to the following statements, you will find further information on data protection at Google in the Google privacy policy: https://policies.google.com/privacy.

We have concluded an order processing contract with Google.

In the scope of the DSGVO, the processing of this data is based on your consent (Art. 6 para. 1 lit. a DSGVO). The consent can be revoked at any time with effect for the future.

Google Analytics

We use functions of the web analysis service Google Analytics on our website. Google Analytics uses "cookies", which are text files placed on your computer, to help the website analyze how users use the site (see section 13.3 above). The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there. However, due to the activation of IP anonymization on these websites, your IP address will be truncated beforehand by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area as well as Switzerland. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage to the website operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with other data from Google.

The purposes of data processing are to evaluate the use of the website and to compile reports on activities on the website. Based on the use of the website and the internet, further related services shall then be provided.

You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) to Google and the processing of this data by Google by downloading and installing the browser plugin available at the following link: https://tools.google.com/dlpage/gaoptout.

Alternatively, you can prevent tracking by Google Analytics on our websites by installing an opt-out cookie on your device. This will prevent the collection by Google Analytics for this website and for this browser in the future, as long as the cookie remains installed in your browser. You can find the opt-out cookie here: https://chrome.google.com/webstore/detail/google-analytics-opt-out/fllaojicojecljbmefodhfapmkghcbnh?hl=en

Demographic characteristics in Google Analytics

This website uses the "demographic characteristics" function of Google Analytics to display suitable advertisements to website visitors within the Google advertising network. This allows reports to be generated that contain statements about the age, gender and interests of site visitors. This data comes from interest-based advertising from Google as well as from visitor data from third-party providers. This data cannot be assigned to a specific person. You can deactivate this function at any time via the ad settings in your Google account or generally prohibit the collection of your data by Google Analytics as shown in the item "Objection to data collection".

13.5 Contact form

You have the option of using a contact form to get in touch with us. In doing so, we collect the following data:

Name
E-mail address
Phone number
Your message to us

Within the scope of the DSGVO, this data is processed for the purpose of initiating or fulfilling a contract (Art. 6 para. 1 lit. b DSGVO) or on the basis of our legitimate interest in processing the inquiries addressed to us (Art. 6 para. 1lit. f DSGVO) or based on your consent (Art. 6 para. 1 lit. a DSGVO).

13.6 Links to other websites

Our website contains hyperlinks to third-party websites that are not operated or controlled by us. We are not responsible for their content or data protection practices.

14. processing of personal data in the context of interaction with our social media channels

14.1 General

We maintain the publicly accessible profiles on social networks listed below. In connection with the use of social networks, we would like to point out the following:

By visiting our profiles on the social networks, personal data about you may be collected. For example, if you are logged into your accounts on the social networks and visit our profile at the same time, the portal operator can assign this visit to your user account. But even if you have logged out of your account or if you do not have an account with the respective portal, your personal data may be collected. Such data collection can occur, for example, through the setting of cookies. Based on the data collected in this way, the portal operators can create user profiles and display interest-based advertising to you. You can find more information on this in the respective data protection declarations of the portal operators.

Within the scope of the GDPR, the use of social networks is in the interest of an appealing presentation of our online offers, to increase our reach and to promote our services. This is our legitimate interest within the meaning of Art. 6 para. 1 lit. f DSGVO. If a corresponding consent was requested, the processing is based on Art. 6 para. 1 lit. a DSGVO. The consent can be revoked at any time with effect for the future.

14.1 LinkedIn

We maintain a profile on LinkedIn. The provider is LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland. You can find more information about how LinkedIn handles your personal data in their privacy policy: https://www.linkedin.com/legal/privacy-policy.

LinkedIn uses advertising cookies. If you wish to disable them, please follow this link: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.

14. processing of personal data of applicants

We use the recruiting tool REFLINE as part of the recruiting process. The provider is Refline AG, Baarermattstrasse 10, 6340 Baar, Switzerland. You can find the company's privacy policy here. We have concluded an order processing contract with the provider.

If necessary, we can also work with other external partners (e.g. job portals and employment agencies). In this case, please also note the data protection information of these partners.

We treat your data strictly confidential. Your personal data will only be passed on within our company to persons who are entrusted with processing your application.

We process the personal data sent to us as part of your application and the personal data collected as part of the application process, insofar as this is necessary to decide on the conclusion and implementation of an employment contract. This includes:

‍

Master data (surname, first name, address, contact details, date of birth, marital status, etc.)
Information about your educational, professional and personal qualifications
Information that we have collected as part of the application process (e.g. as part of assessments)
Other information which you have provided to us in connection with your application

We process your personal data in this regard for as long as this is necessary for the decision on your application. They are deleted a maximum of six months after the end of the application process, unless longer storage is legally required or permitted or you have not consented to longer storage.

If an employment relationship is established after the application process, your application documents will be transferred to your personnel file.

‍