spinner

The following data protection declaration is valid for the website of Bad Rheinfelden AG with the website www.soleuno.ch and Parkresort Rheinfelden Holding AG with the website www.shop.parkresort.ch.

The protection of the privacy of the users of our website is an important concern for us. Most of our content can also be used without registration. However, we use industry-standard technologies to measure and improve the performance of our website and collect data for this purpose. In some cases, we work together with external service providers.

Based on Article 13 of the Swiss Federal Constitution and the data protection provisions of the Swiss Confederation (Data Protection Act, DSG), every person is entitled to protection of their privacy and protection against misuse of their personal data. We comply with these provisions. In addition, we also comply with the requirements of the EU GDPR, insofar as this is applicable. Personal data is treated as strictly confidential and is neither sold nor passed on to third parties. In close cooperation with our hosting providers, we endeavor to protect the databases as well as possible against unauthorized access, loss, misuse or falsification.

We would like to point out that data transmission over the Internet (e.g. when communicating by e-mail) may be subject to security vulnerabilities. Complete protection of data against access by third parties is not possible.

 

1. what is this privacy policy about?

 

Bad Rheinfelden AG (hereinafter also referred to as "we", "us") processes data concerning you or other persons (so-called "third parties"). We use the term "data" here synonymously with "personal data" or "personal data". Personal data is any information relating to an identified or identifiable natural person.

In this Privacy Policy, we describe what we do with your data when you visit our website www.soleuno.ch and its subsites (together "Website"), use our services or products, are in contact with us under a contract, work with us as a business partner or as their representative, communicate with us or otherwise deal with us.

Where appropriate, we will provide you with timely written notice of additional processing activities not mentioned in this Privacy Policy. In addition, we may inform you separately about the processing of your data, e.g. in declarations of consent, contractual terms, additional data protection declarations, forms and notices.

If you provide us with data about third parties, we assume that you are authorized to do so and that this data is correct. By transmitting data about third parties, you confirm this and guarantee that these third parties have been made aware of this privacy policy in advance and have not objected to it.

This Privacy Policy is based on the current and revised Federal Act on Data Protection ("FADP") and the General Data Protection Regulation of the European Union ("GDPR"). However, whether and to what extent the GDPR is applicable depends on the individual case.

 

2 Who is responsible for processing your data?

 

Bad Rheinfelden AG, based in Rheinfelden, is generally responsible under data protection law for the data processing described in this privacy policy, unless otherwise communicated in individual cases.

For the data processing described in this privacy policy, other bodies may be jointly responsible for the processing of your data if they co-decide on the purpose or design of the processing. If you would like details of the individual controllers for a specific data processing operation, you are welcome to request information from us within the scope of the right to information (section 13). Bad Rheinfelden AG remains your primary contact, even if there are other joint controllers.

You can contact us as follows for your data protection concerns and to exercise your rights in accordance with section 13:

 

Bad Rheinfelden AG

Roberstenstrasse 31

CH-4310 Rheinfelden

info@parkresort.ch

 

3 What data do we collect?

 

We process various categories of data about you. The most important categories are as follows:

- Master data: Master data refers to the basic data that we collect about you, such as your name, address, telephone number, e-mail address, bank details and date of birth. This also includes your login or registration data and, for certain subscriptions, a photo of you. We generally store this data for 10 years from the last exchange with you or from the end of the contract. This period may be longer if this is necessary for reasons of proof or to comply with legal or contractual requirements or for technical reasons. In the case of pure marketing and advertising contacts, the period is normally much shorter, usually no more than 2 years from the last contact.

- Communication data: If you are in contact with us by e-mail, letter, telephone or otherwise, we collect the data exchanged between you and us, including your contact details and the marginal data of the communication. Communication data includes, in particular, your contact details, the manner, place, date and time of the communication and, as a rule, its content. This data may also contain information about third parties. If we want or need to establish your identity in the course of communication, we may collect data to identify you, e.g. a photo of you or your ID. We generally store this data for 12 months from the last exchange with you. This period may be longer if this is necessary for reasons of proof or to comply with legal or contractual requirements or for technical reasons. E-mails in personal mailboxes and written correspondence are generally stored for at least 10 years.

- Contract data: As part of the conclusion, processing and fulfillment of contracts, we collect data such as information about the respective contracts (e.g. type and term), information relating to the fulfillment and processing of the contracts (e.g. contact details, delivery addresses, deliveries made and not made and information on means of payment), information on acquired rights and claims as well as data from the run-up to the conclusion of a contract and information on defects, complaints and adjustments to a contract, as well as information on customer satisfaction, which we can collect e.g. by means of surveys. As part of our wellness and fitness offer, we also collect information about your health, height and weight, your professional activity and your experience and habits with regard to sporting activities, in particular via the registration and health questionnaire. In connection with job applications, we also collect information such as details about your academic background, your qualifications and your professional experience, as well as interview notes. We generally collect contract data from you, but sometimes from other contractual partners, from parties involved in the execution of the contract or other third parties (e.g. providers of creditworthiness data) and from publicly accessible sources. As a rule, we store this data for 10 years from the last contractual activity, but at least from the end of the contract. This period may be longer if this is necessary for reasons of proof or to comply with legal or contractual requirements or for technical reasons. In the case of rejected applications, this data is generally deleted immediately from the date of notification of the rejection decision. This period may be longer in certain circumstances, e.g. if you have agreed to a longer retention period so that we can inform you about future employment opportunities with us. In this case, we generally retain the data for 2 years from the date of notification of rejection.

- Technical data: When you use our website, we collect technical data such as the IP address, log files in which we record the use of our systems (log data), information about your device and its configuration (e.g. operating system and language settings), information about the browser you use to access our offers and its configuration, your approximate location and the time of use of our website, information about your activities on our website and information about your Internet service provider. We may also assign a unique identifier (ID) to your device (PC, tablet, smartphone, etc.), e.g. using cookies or similar technologies, in order to recognize it. You can find more information on this in section 11. We generally store technical data for 12 months. The technical data itself does not allow any conclusions to be drawn about your identity. However, when using our contact forms or registering for our newsletter on a particular website, it may be linked to other categories of data (and thus possibly to your person).

- Behavioral and preference data: We always try to adapt our products and services to your needs. We therefore also process behavioral and preference data, e.g. information about your use of our website (e.g. click behavior, course registrations, purchases and ordered and canceled products in the shopping cart), information about your use of electronic communication (e.g. whether and when you opened an e-mail or a link) and your interactions on social media pages. In section 0 you will find more information about how we process your data on our social media pages and in section 11.2 you can find out more about online tracking on our website. As a rule, we anonymize or delete behavioral and preference data after 12 months at the latest.

- Other data: We also collect data about you in other situations. For example, we process data that may concern you in the context of administrative or legal proceedings (e.g. evidence). We may receive or make photo, video and audio recordings in which you can be identified (e.g. via security cameras inside and outside our buildings and photos at events); however, we do not do this in our changing areas. We may also collect data about who enters certain buildings and when, or who has access rights (including as part of access controls) and who uses our infrastructure and systems and when. The retention period for this data depends on the purpose and is limited to what is necessary. This ranges from a few days for some security cameras to reports on events with images that can last 10 years. In most cases, we obtain your personal data from you yourself, e.g. when you create a user account on our website, purchase a voucher, complete the registration and health questionnaire and when you take out one of our subscriptions. Where permitted, we also obtain data from publicly accessible sources (e.g. debt collection registers, land registers, commercial registers, media or the internet, including social media) or receive data from other sources (e.g. authorities, credit reference agencies, address traders, associations, contractual partners, internet analysis services, etc.). The categories of personal data that we receive about you from third parties may include, in particular, information from publicly accessible sources, information that we learn in connection with official and legal proceedings, information in connection with your professional functions and activities (so that we can, for example your employer with your help), information about you in correspondence and meetings with third parties, credit information (insofar as we conduct business with you personally), information about you that people in your environment (family, references, advisors, legal representatives, etc.) provide to us so that we can conclude or process contracts with you or with your involvement (e.g. references, your address for deliveries, your address for deliveries, etc.).e.g. references, your address for deliveries, powers of attorney), information to comply with legal requirements such as the fight against fraud and money laundering, information from banks, insurance companies and sales and other contractual partners of ours for the use or provision of services, information from the media and the Internet about your person (insofar as this is appropriate in the specific case, e.g. in the context of an application, branding, etc.).B. in the context of an application, marketing/sales, press review, etc.) as well as your address and, if applicable, interests and other socio-demographic data (in particular for marketing) and data in connection with the use of third-party websites and online offers, where this use can be attributed to you.

 

4 For what purposes do we process your data?

 

Below you will find information on the purposes for which we may process your data. These purposes and the underlying objectives represent our legitimate interests and, where applicable, those of third parties. Further information on the legal basis for our processing can be found in section 5.

We process your personal data in connection with communication with you, in particular to respond to inquiries and assert your rights and to contact you in the event of queries. For this purpose, we use in particular communication and master data in connection with offers and services used by you and contract data as part of the application process. We also store all this data in particular for training purposes, for quality assurance and for documentation purposes.

We process your data in connection with the conclusion, processing and fulfillment of contracts, e.g. to decide whether and how to conclude a contract with you, to deliver goods, to provide customer service and evaluate customer satisfaction, to conduct competitions and to assert any claims arising from the contracts (debt collection, legal proceedings, etc.). For this purpose, we use master data, contract data, communication data and behavioral and preference data in particular. During the application process, we also process your data in order to guide your application through the various stages of the recruitment process, to document the application process and maintain employment records, as well as to document our decision-making process and make an informed recruitment decision. If you name people as references in your application, e.g. former supervisors or employees, we may contact them to obtain references about you.

We process data for marketing purposes and to maintain relationships, e.g. to send registered users and customers advertising about our products and services and those of third parties (e.g. advertising partners). This can be done, for example, via the sole uno News Flash newsletter or the sole uno monthly hit or as part of specific marketing campaigns. For these purposes, we process master data, contract data, communication data and behavioral and preference data in particular.

We also process data to improve our offers and our operations. We strive to continuously improve our entire wellness and fitness offering and our website and to be able to react quickly to changing needs. To this end, we can evaluate the utilization and use of individual offers such as course visits or booked massages. Optimizing our online presence is also important to us, which is why we analyze how you navigate through our website and how you use it, for example. All of this gives us an indication of the market acceptance of existing offers and the market potential of new offers. In particular, we process communication and master data, but also behavioral and preference data and information from forms (e.g. the health questionnaire), customer surveys, polls and studies and other information, e.g. from the media, social media, the Internet and other public sources. Where possible, we use pseudonymized or anonymized data for these purposes.

We process your data for security purposes and for access control. Security and access controls include controlling access to electronic systems (e.g. logging into user accounts) as well as physical access control (e.g. access to buildings). For security purposes (preventive and to investigate incidents), we may keep access logs and visitor lists and use surveillance systems (e.g. security cameras). All categories mentioned in section 3 may be processed for these purposes. We process personal data to comply with laws, directives and recommendations from authorities, as well as for compliance purposes. The legal obligations may be Swiss law, but also foreign regulations to which we are subject, as well as industry standards, our own corporate governance and official instructions and requests. We also process data for the purposes of our risk management and in the context of prudent corporate governance, including business organization and corporate development. For these purposes, we process all of the data mentioned in section 3.

We process your data for other purposes, e.g. to coordinate administrative tasks or for quality assurance purposes, to manage and continuously improve our IT infrastructure, to protect our rights (e.g. to enforce claims in or out of court and before authorities in Switzerland and abroad or to defend ourselves against claims, for example by preserving evidence, conducting legal investigations and participating in court or official proceedings) and to evaluate and improve internal processes. All categories mentioned in section 3 may be processed for these purposes.

 

5 On what basis do we process your data?

 

If the GDPR is applicable and we require a legal basis for the processing of personal data, we generally rely on one or more of the following legal bases, depending on the purpose of the processing:

● Conclusion or performance of a contract: Processing is necessary in order to conclude or perform a contract with you or the entity you represent.

● Legal obligations: We may also process your data based on applicable legal, regulatory and professional requirements that we are required to comply with.

● Legitimate interests: The processing is necessary for our legitimate interests or those of a third party, in particular to carry out the processing for the purposes and objectives described in section 4, to implement measures related thereto. Among other things, we have a legitimate (and overriding) interest in the marketing of our products and services as well as in a better understanding of our market(s) and our company (in particular in the efficient and secure processing and further development of our activities) and in the efficient and effective management of our company and safeguarding the security of our systems and our interests vis-à-vis third parties.

● Consent: If we ask you for your consent to process data from you, this is the legal basis on which we process data from you. We will inform you of the purpose of the processing. You can withdraw your consent at any time by sending us written notification (by post or, unless otherwise stated or agreed, by email) with effect for the future (see section 2 for our contact details, in particular for the withdrawal of your consent in the case of online tracking, see section 11). As soon as we have received and processed the notification of the withdrawal of your consent, we will no longer process your data for the purposes to which you originally consented (unless further processing may be carried out on another legal basis). In individual cases, we may also carry out data processing based on other legal bases; if this is the case, we will inform you separately.

 

6 What applies to profiling and automated individual decisions

 

"Profiling" refers to the automated processing of personal data to analyze personal aspects or to make predictions (e.g. to analyze a person's personal interests, preferences and affinities or to predict their likely behavior). We carry out profiling in particular in the context of the automated processing of master and contract data in connection with orders via our website (e.g. to determine which other products you might be interested in based on your purchases), behavioral and preference data and technical data in connection with our website, information relating to participation in our competitions and similar events and communication data (e.g. your response to advertising and other communications).

Profiling helps us in particular to continuously improve our offers and better tailor them to individual needs, to plan our business activities and to determine the likelihood of fraudulent transactions. In order to improve the quality of our analyses and forecasts, we can also create profiles for these purposes, i.e. link personal data from different sources with each other in order to better understand you as a person with your different interests and characteristics.

In both cases, we pay attention to the proportionality and reliability of the results and take measures to prevent misuse of such profiles or profiling.

"Automated individual decisions" are decisions that are made exclusively on the basis of automated processing of personal data, i.e. without human involvement, and that have legal consequences for the data subjects or otherwise significantly affect them. We generally do not make use of this, but will inform you separately if we should make automated individual decisions in individual cases. You then have the option of having the decision reviewed by a human being if you do not agree with it.

 

7 To whom do we disclose your data?

 

As part of our processing activities, we may disclose your personal data to third parties, in particular to the following categories of recipients:

Service providers: we work with service providers in Switzerland and abroad and disclose your data to them, who process your data on our behalf, in joint responsibility with us or on their own responsibility (e.g. IT providers, shipping companies, advertising service providers, cleaning companies, security companies, banks, insurance companies, debt collection companies, credit agencies, address verifiers, consulting companies or lawyers). We use MailChimp to send our newsletter (the provider's privacy policy can be found at the following link: https://www.intuit.com/privacy/statement/. If you subscribe to our newsletter, your email address will be transmitted to the operator of MailChimp, Rocket Science Group LLC in the USA (a group company of Intuit Inc. in the USA) and your click and opening behavior can be evaluated on a personal basis and for statistical purposes.

Contractual partners: We disclose your data to our contractual partners insofar as the disclosure of your data results from the respective contracts. These recipients also include contractual partners with whom we cooperate or who advertise for us and to whom we can therefore disclose data about you for analysis and marketing purposes.

Public authorities: We may disclose personal data to offices, courts and other authorities in Switzerland and abroad if we are legally obliged or entitled to do so or if this appears necessary to protect our interests. The recipients process the data under their own responsibility.

Other persons: This refers to other cases where the inclusion of third parties arises from the purposes in accordance with section 4. Other recipients are, for example, delivery recipients or third-party payment recipients other than those specified by you, third parties in the context of representative relationships (e.g. your lawyer or your bank) or persons involved in official or legal proceedings. If we cooperate with the media and transmit material to them (e.g. photos), you may also be affected under certain circumstances. As part of our corporate development, we may sell or acquire businesses, parts of businesses, assets or companies or enter into partnerships, which may also result in the disclosure of data (including your data, e.g. as a customer or supplier or as a supplier representative) to the persons involved in these transactions. In the course of communication with our competitors, industry organizations, associations and other bodies, data may also be exchanged that also concerns you.

All these categories of recipients may in turn involve third parties, so that your data may also become accessible to them. We can restrict processing by certain third parties (e.g. IT providers), but not by other third parties (e.g. authorities, banks, etc.).

We also allow certain third parties to collect personal data from youon our website and at our events (e.g. media photographers, providers of tools that we have integrated on our website, etc.). Insofar as we are not decisively involved in this data collection, these third parties are solely responsible for it. If you have any concerns and wish to assert your data protection rights, please contact these third parties directly (see section 11 regarding the website and section 12 regarding social media).

 

8) Is your personal data also transferred abroad?

 

We process and store personal data mainly in Switzerland and the European Economic Area (EEA). In certain cases, however, we may also disclose personal data to service providers and other recipients (see section 7) who are located outside this area, or process personal data outside this area, in principle in any country in the world. If a recipient is located in a country without adequate statutory data protection, we require the recipient to undertake to comply with data protection. For this purpose, we use the revised standard contractual clauses of the European Commission, available at https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?, unless the recipient is subject to a legally recognized set of rules to ensure data protection and we cannot invoke an exception. An exception may apply in particular in the case of legal proceedings abroad, but also in cases of overriding public interests or if the performance of a contract requires such disclosure, if you have given your consent or if the data in question has been made generally accessible by you and you have not objected to its processing. We would like to point out that although these contractual measures partially compensate for a lower or lack of legal protection, they cannot completely exclude all risks (e.g. the risk of data access by governments abroad). In exceptional cases, we may allow the disclosure of your personal data to countries without adequate protection, e.g. if you give your consent, in the context of foreign legal proceedings or if this is necessary for the performance of a contract.

Please also note that data exchanged via the Internet is often routed via third countries. Your data may therefore be sent abroad even if the sender and recipient are located in the same country.

 

9 How long do we process your data?

 

We process your data for as long as required by the processing purposes (see in particular the information on the individual data categories mentioned in section 3), legal retention periods or our legitimate interests in processing for documentation and evidence purposes or if storage is technically necessary (e.g. in the case of backups or document management systems). In certain cases, we will also ask for your consent if we wish to store personal data for longer (e.g. for job applications that we wish to keep pending). After these periods have expired, we will delete or anonymize your data, provided there are no legal or contractual obligations to the contrary.

 

10. how do we protect your data?

 

We take appropriate security measures to protect the confidentiality, integrity and availability of your personal data, to protect it against unauthorized or unlawful processing and to counteract the risks of loss, unintentional alteration, unwanted disclosure or unauthorized access. However, like all companies, we cannot rule out data breaches with certainty and certain residual risks are unavoidable.

 

11. do we use online tracking, online advertising and similar technologies?

 

We use various techniques on our website (including newsletters and other digital offers) (e.g. cookies, fingerprinting, tracking pixels and similar techniques) with which we and third parties engaged by us can recognize you when you use our website and, under certain circumstances, track you over several visits.

We use our own tools and sometimes third-party services, in particular to improve the functionality or content of our website (e.g. integration of videos or maps), to compile statistics and to place advertisements. This enables us and authorized third-party providers to offer you a personalized web experience (e.g. personalized advertising, interactions on social media sites, etc.).

11.1 What are cookies and similar technologies?

A cookie is a small text file with an identifier (a sequence of letters and numbers) that is transmitted between the server and your system. This enables us and the third-party providers commissioned by us or cooperating with us to recognize visitors to our website and to track them over several visits and across different websites. Cookies allow us to recognize a particular device or browser and do not necessarily contain information that personally identifies a user. However, personal data that we or third-party providers commissioned by us store about you (e.g. if you have a user account with us or these providers) may be linked to the information stored in and obtained from cookies and thus possibly to your person.

In addition to cookies, there are other similar technologies such as pixel tags, fingerprints and social media plug-ins. Pixel tags are small, normally invisible images or program code that are loaded by a server and provide the server operator with certain information (e.g. access to a website). Fingerprints consist of information that is collected during your visit to the website via the configuration of your end device or browser and which make it possible to distinguish your end device from other devices. Social media plug-ins are small software components that establish a connection between your visit to our website and the social media platform of a third-party provider. The social media plug-in informs the third-party provider that you have visited our website and may send the third-party provider cookies that it has previously placed on your web browser. For more information on how these third-party providers use your personal data collected via their social media plug-ins, please refer to their respective privacy notices.

11.2 What types of cookies and similar technologies do we use?

The cookies and similar technologies we use on our websites serve the following purposes (similar technologies are included in each case):

- Necessary cookies: some cookies are essential for the use of the website and its functions. These cookies ensure the essential functionality of the website, e.g. the ability to navigate from page to page without the products placed in the shopping cart disappearing. They also ensure that you remain connected to the website. These cookies have an expiration period of up to 36 months.

- Performance and analytics cookies: Performance and analytics cookies collect information about how our website is used and enable us to carry out analyses of how the website is used, e.g. which pages are accessed most frequently and how visitors navigate our website. These cookies are used to make visiting the website easier and faster and to generally improve the user experience and comfort. We use third-party analytics services for this purpose. Before we use such cookies, we ask for your consent. You can revoke your consent at any time via the cookie settings here (scroll to the bottom of this website and click on "Privacy settings"). These cookies have an expiry date of up to 26 months.

- Marketing cookies: Marketing cookies help us and our advertising partners to show you advertisements on our website for offers or services that may be of interest to you, or to display our advertisements if you continue to browse the internet after leaving our website, i.e. to show you targeted advertising. These cookies have an expiration period of a few days to 12 months, depending on the circumstances.

Details of our third-party providers and advertising partners can be found in the Consent Management System, which you will find at the bottom of this website (scroll to the bottom (footer) of this website and click on "Privacy Settings"). In the Consent Management System, you also have the option of deactivating certain categories of cookies by making the appropriate settings.

Some of the third-party providers we use are located outside Switzerland. Information on the disclosure of data abroad can be found in section 8.

If you consent to the use of cookies, you accept that your data may be transferred to a country that does not have an adequate level of data protection and accept the risk that your data may be exposed to access by foreign authorities in the recipient's country that do not adhere to appropriate data protection regulations. You can withdraw your consent to cookies at any time, as explained in section 11.3.

We currently use offers from the following service providers and advertising contract partners (insofar as they use data from you or cookies set by you for advertising purposes):

-Google Analytics: Google Ireland Limited (based in Ireland) is the provider of the "Google Analytics" service and acts as our processor. Google Ireland relies on Google LLC (based in the USA) as its processor (both "Google"). Google uses performance cookies (see above) to track the behavior of visitors to our website (duration, frequency of pages accessed, geographical origin of access, etc.) and compiles reports for us on the use of our website on this basis. We have configured the service so that the IP addresses of visitors are truncated by Google in Europe before being forwarded to the USA and therefore cannot be traced. We have switched off the "Data sharing" and "Signals" settings. Although we can assume that the information we share with Google is not personal data for Google, it is possible that Google can use this data for its own purposes to draw conclusions about the identity of visitors, create personal profiles and link this data to the Google accounts of these persons. If you agree to the use of Google Analytics, you explicitly consent to such processing, which also includes the transfer of personal data (in particular usage data for the website and app, device information and individual IDs) to the USA and other countries. You can find information on data protection from Google Analytics here https://support.google.com/analytics/answer/6004245 and if you have a Google account, you can find further information on processing by Google here https://policies.google.com/technologies/partner-sites?hl=de.

- Google Ads: Google Ireland Limited (based in Ireland) is the provider of the "Google Analytics" service and acts as our processor. Google Ireland relies on Google LLC (based in the USA) as its processor (both "Google"). We also use the online marketing process Google "Ads" to place ads in the Google advertising network (e.g. in search results, in videos, on websites, etc.) so that they are displayed to users who are presumed to be interested in the ads. This allows us to display ads for and within our online offering in a more targeted manner in order to present users only with ads that potentially match their interests. If, for example, a user is shown ads for products that they have shown an interest in on other online offers, this is referred to as "remarketing". For these purposes, when our and other websites on which the Google advertising network is active are called up, a code is executed directly by Google and so-called (re)marketing tags (invisible graphics or codes, also known as "web beacons" or "payment pixels") are integrated into the website. With their help, an individual cookie, i.e. a small file, is stored on the user's device (comparable technologies can also be used instead of cookies). This file records which websites the user has visited, what content they are interested in and which offers the user has clicked on, as well as technical information on the browser and operating system, referring websites, time of visit and other information on the use of the online offer. We also receive an individual "conversion cookie". The information collected with the help of the cookie is used by Google to create conversion statistics for us. However, we only learn the anonymous total number of users who clicked on our ad and were redirected to a page with a conversion tracking tag. However, we do not receive any information with which users can be personally identified. Although we can assume that the information we share with Google is not personal data for Google and is processed by Google in pseudonymized form, it is possible that Google may use this data for its own purposes to draw conclusions about the identity of visitors, create personal profiles and link this data to the Google accounts of these individuals. If you agree to the use of Google Ads, you explicitly consent to such processing, which also includes the transfer of personal data (in particular usage data, device information and individual IDs) to the USA and other countries.

-Facebook advertising (Facebook Ads): Social media advertising; provider: Meta Platforms Ireland Limited (Ireland) and other Meta companies (including in the USA); Data protection information: Remarketing and targeting, in particular with the Facebook pixel and custom audiences including lookalike audiences, privacy policy, "Advertising preferences" (user registration required).

- Instagram Ads: Social media advertising; Provider: Meta Platforms Ireland Limited (Ireland) and other Meta companies (including in the USA); Data protection information: Remarketing and targeting in particular with Facebook pixels and custom audiences including lookalike audiences, Privacy Policy (Instagram), Privacy Policy (Facebook), "Advertising preferences" (Instagram) (registration as user required), "Advertising preferences" (Facebook) (registration as user required).

- LinkedIn Ads: Social media advertising; Provider: LinkedIn Corporation (USA) / LinkedIn Ireland Unlimited Company (Ireland); Data protection information: Remarketing and targeting in particular with the LinkedIn Insight Tag, "Data protection", Privacy Policy, Cookie Policy, Objection to personalized advertising.

The specific cookies used on our website and the purposes they serve can be found in the following tables:

 

Necessary cookies:

Name

Provider

Purpose

Process

Type

CONSENT

Youtube

Used to determine whether the visitor has accepted the marketing category in the cookie banner. This cookie is necessary for the website's GDPR compliance.

2 years

http cookie

CONSENT

Youtube

Used to recognize whether the visitor has accepted the marketing category in the cookie banner. The cookie is

Required for the DPR compliance of the website.

2 years

http cookie

test_cookie

doubleclick.net

Used to check whether the user's browser supports cookies

1 day

http cookie

 

Performance and analysis cookies:

Name

Provider

Purpose

Process

Type

_ga

Google

Registers a unique ID that is used to generate statistical data on how the visitor uses the website.

2 years

http cookie

_ga_#

Google

Collects data on how often a user has visited a website, as well as data for the first and last visit. Used by Google Analytics.

2 years

http cookie

_gat

Google

Used by Google Analytics to throttle the request rate

1 day

http cookie

_gid

Google

Registers a unique ID that is used to generate statistical data on how the visitor uses the website

1 day

http cookie

 

Marketing cookies:

Name

Provider

Purpose

Process

Type

_fbp

Facebook

Used by Facebook to provide a range of advertising products, such as real-time bidding from third-party advertisers.

3 months

http cookie

_gcl_au

Google

Used by G oogle AdSense to experiment with advertising efficiency on websites using their services.

3 months

http cookie

ads/ga-audiences

Google

Used to recognize whether the user intends to leave the page via cursor movements. This allows the website to trigger certain pop-ups to keep the user on the website or turn them into a customer

session

pixel cookie

VISITOR_INFO1_LIVE

Youtube

Tries to estimate the bandwidth of users on pages with integrated YouTube videos

180 days

http cookie

YSC

Youtube

Registers a unique ID to keep statistics on which YouTube videos the user has watched.

session

http cookie

ytidb::LAST_RESULT_ENTRY_KEY

Youtube

Saves the user's video player preferences using embedded YouTube videos

Persistent

html cookie

yt-remote-cast-available

Youtube

Saves the user's video player preferences using embedded YouTube videos

session

html cookie

yt-remote-cast-installed

Youtube

Saves the user's video player preferences using embedded YouTube videos

session

html cookie

yt-remote-connected-devices

Youtube

Stores the user's video player preferences using embedded YouTube videos

Persistent

html cookie

yt-remote-device-id

Youtube

Stores the user's video player preferences using embedded YouTube videos

Persistent

html cookie

yt-remote-fast-check-period

Youtube

Saves the user's video player preferences using embedded YouTube videos

session

html cookie

yt-remote-session-app

Youtube

Saves the user's video player preferences using embedded YouTube videos

session

html cookie

yt-remote-session-name

Youtube

Stores the user's video player preferences using embedded YouTube videos

session

html cookie

11.3 How can I control the use of cookies and similar technologies?

You can manage your preferences regarding the use of cookies and similar technologies on our website by accessing the Consent Management System, which you can find in the footer (at the bottom) of this web page (scroll to the bottom of this web page and click on "Privacy Settings").

Browsers can automatically accept or reject cookies, but allow you to change these settings. You can also deactivate or delete cookies that you have previously accepted. Please note that all settings will be lost if you delete all cookies, including the setting that you do not want to accept cookies, as this in turn requires that an opt-out cookie has been set. The settings must be made separately for each browser you use. You can find out how to manage cookies in your browser in your browser's help menu.

If you decide to reject cookies and similar technologies, you can still use our website, but your access to some functions and areas of our website may be restricted.

12. what data do we process on our pages on social networks?

 

We may operate pages and other online presences ("fan pages", "channels", "profiles", etc.) on social networks and other platforms operated by third parties and process the data about you described in section 3 and below. We receive this data from you and the platforms when you come into contact with us via our online presence (e.g. when you communicate with us, comment on our content or visit our presence). At the same time, the providers of the platforms can analyze your use of our online presences (e.g. the way you interact with us, how you use our online presences, what you view, comment on or "like") and process this data together with other data they have about you (e.g. information about your age and gender and other demographic information). In this way, they create profiles about you and statistics about the use of our online presences. They use this data and profiles to display our or other advertisements and other personalized content on the platform and to control behavior on the platform, but also for market and user research and to provide us and other parties with information about you and the use of our online presence. Insofar as we are jointly responsible with the provider for certain types of processing, we will conclude a corresponding contract with the provider. You can find out about the main content of this contract from the provider. They also process this data for their own purposes, in particular for marketing and market research purposes (e.g. to personalize advertising) and to manage their platforms (e.g. to decide what content to show you), and act as separate controllers for this purpose.

We are entitled, but not obliged, to review content before or after it is published on our online presences, to delete content without notice and, if necessary, to report it to the provider of the platform in question. In the event of breaches of the rules of decency and conduct, we may also inform the provider of the platform on which the user account in question is located in order to block or delete it.

For further information on processing by the platform operators, please refer to the data protection notices of the respective platforms. There you can also find out in which countries your data is processed, what rights of access and erasure you have and how you can exercise these or obtain further information. We currently use the following platforms:

- Facebook: We operate the profile on the page https://de-de.facebook.com/soleuno.wellnesswelt/. The controller for the operation of the platform for users from Europe is Meta Platforms Ireland Limited, Dublin, Ireland. Their privacy policy is available at www.facebook.com/privacy/policy. Some of your data will be transferred to the USA. You can object to advertising here: www.facebook.com/settings?tab=ads. We are jointly responsible with Facebook Ireland Ltd, Dublin, Ireland, for the data that is collected and processed when you visit our site for the creation of "Page Insights". As part of Page Insights, statistics are compiled about what visitors do on our page (comment on posts, forward content, etc.). This is described at www.facebook.com/legal/terms/information_about_page_insights_data. It helps us to understand how our site is used and how we can improve it. We only receive anonymous, aggregated data. We have regulated our responsibilities regarding data protection in accordance with the information on www.facebook.com/legal/terms/page_controller_addendum

- Instagram: We operate the profile on the page https://www.instagram.com/sole_uno/. The controller for the operation of the platform for users from Europe is Meta Platforms Ireland Limited, Dublin, Ireland. Their privacy policy is available at https://privacycenter.instagram.com/policy/. Some of your data will be transferred to the USA. You can find instructions on how to object to advertising here: https://help.instagram.com/.

- YouTube: We operate the profile on the page https://www.youtube.com/user/soleunorheinfelden. The controller for the operation of the platform for users from Europe is Google Ireland Limited, Dublin, Ireland. Their privacy policy is available at policies.google.com/privacy. Some of your data will be transferred to the USA.

- LinkedIn: On LinkedIn, we operate the profile on the page https://www.linkedin.com/company/parkresort-rheinfelden. LinkedIn Ireland Unlimited Company, Dublin, Ireland, is responsible for the operation of the platform for users from Europe. You can find their privacy policy at www.linkedin.com/legal/privacy-policy. Some of your data will be transferred to the USA. You can object to advertising here: www.linkedin.com/psettings/advertising-data. We are jointly responsible with LinkedIn Ireland Unlimited Company, Dublin, Ireland, for the data collected and processed when you visit our website as part of "Page Insights". As part of Page Insights, statistics are compiled about what visitors do on our site (comment on posts, forward content, etc.). This is explained at: https://www.linkedin.com/legal/privacy-policy. It helps us to understand how our site is used and how we can improve it. We only receive anonymous, aggregated data. We have regulated our responsibilities regarding data protection in accordance with the information at https://legal.linkedin.com/pages-joint-controller-addendum.

 

13 What rights do you have?

 

Under certain circumstances, applicable data protection law grants you the right to object to the processing of your data, in particular for the purposes of direct marketing, profiling for direct marketing and other legitimate interests in processing.

To make it easier for you to control the processing of your personal data, you also have the following rights in connection with our data processing, depending on the applicable data protection law:  The right to request information from us as to whether and which of your data we process;

- the right to have us correct data if it is incorrect;

- the right to request the deletion of data;

- the right to request that we provide you with certain personal data in a commonly used electronic format or transfer it to another controller

- the right to withdraw consent where our processing is based on your consent

- the right to receive, on request, further information necessary to exercise these rights.

If you wish to exercise the above rights against us, please contact us in writing, at our premises or, unless otherwise stated or agreed, by e-mail; our contact details can be found in section 2. In order for us to rule out misuse, we must identify you (e.g. with a copy of your ID, unless otherwise possible).

In principle, you also have these rights vis-à-vis other bodies that work with us as independent controllers. Please contact them directly if you wish to exercise rights in connection with their processing.

Please note that in certain cases these rights may be restricted, excluded or made dependent on the fulfillment of certain conditions. We will inform you of this on a case-by-case basis.

If you do not agree with our handling of your rights or data protection, please let us know (our contact details can be found in section 2). In particular, if you are located in the EEA or Switzerland, you also have the right to lodge a complaint with the data protection supervisory authority in your country. A list of authorities in the EEA can be found here:

https://www.edpb.europa.eu/about-edpb/about-edpb/members_de

You can contact the Swiss supervisory authority here:

https://www.edoeb.admin.ch/edoeb/de/home/deredoeb/kontakt.html

 

14. can we update this privacy policy?

 

This Privacy Policy is not part of any contract with you. We may amend this Privacy Policy at any time and without prior notice. The version published on this website is the current version.

Last update: October 16, 2024