Your

Enquiry

...
Add More Accommodation to my List

Privacy policy 


Privacy policy


Date of issuance:  June 12th, 2020

The security and protection of your Personal Data is one of the top priorities of Elity Sàrl, a swiss-based company seated at C/o Bepartner ag
Kauffmannweg 14, 6003 Luzern (the “Company”, “Us” or “We”).

This is why We use privacy by default standards and undertake to store your Personal Data in a secured manner and to Process your Personal Data with all appropriate care and attention in accordance with the Federal Data Protection Act (RS 235.1), the Ordinance on the Federal Data Protection Act (RS 235.11) and, where applicable, the General Data Protection Regulation (the “GDPR”).

By Booking a Service on the Platform you understand and agree that your Personal Data are collected and Processed by both the Company and the Supplier who provides you with the Service(s).

All the rights and obligations applicable to the Company pursuant to the terms of this Privacy Policy (the "Policy") are fully applicable to the Supplier while Processing your Personal Data.

Please read this Policy carefully to understand our policies and practices regarding your Personal Data and how the Company will treat and Process them.

Capitalized terms defined in the Terms and Conditions available at the following  URL https://elity.co/terms-and-conditions/(the "Terms") apply to this Policy.


Definitions

Consent shall mean any freely given, specific, informed and unambiguous indication of which the Data Subject, by a statement or by a clear affirmative action, signifies agreement to the Processing of Personal Data relating to him.

Cookie(s) shall mean a piece of information that is placed automatically on your electronic device’s hard drive when you access the Platform and which is listed in this Policy. The Cookie uniquely identifies your browser to the server. Cookies allow the Company to store information on the server (for example language preferences, technical information, click or path information, etc.) to help make the User's experience of the Platform better for you and to conduct Platform analysis and Platform performance review.

Data controller(s)  shall mean the natural or legal person, which, alone or jointly with others, determines the purposes and means of the Processing of Personal Data and who is in charge of this Processing. For the purpose of this Policy, the Data controller is the Company.

Data portability  shall mean the right of the Data Subject to receive its Personal Data in a structured, commonly used and machine-readable format and the right to transmit those Personal Data to another controller without hindrance from the Data controller.

Data processor  shall mean a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller. For the purpose of this Policy, the Data processor is the Supplier who provides you the Service(s) you book through the Platform.

Data Subject(s) shall mean the natural or legal persons whose data is Processed, i.e. in the context of this Policy, the Data Subject is the User (i.e. the Customer and/or the Visitor) and/or a Third-party when a Customer makes a Booking as a Gift for such Third-party.
  For the sake of clarity, when this Policy refers to the “Customer” or to “You”, it also refers, when necessary, to the Third-party who receives  a Gift.

Disclosure  shall mean making Personal Data accessible, for example by permitting access, transmission or publication.

Group shall mean a group of companies formed by a controlling company and all the companies it controls, such as in particular but not limited to a holding.

Marketing communication(s)  shall mean all the commercials and other promotional information sent by the Company to the Users.

Newsletter  shall mean the Newsletter of the Company that may be sent to you from time to time with your Consent.

Payment data  shall mean the Personal Data of the Customer provided to the Payment provider in order to pay the Transaction price.

Personal Data shall mean any type of data and information relating to a person who is either identified or identifiable.

Processing  shall mean any operation with Personal Data, irrespective of the means applied and the procedure, and in particular the collection, storage, use, revision, disclosure, archiving or destruction of Personal Data.

Registration data shall mean the Personal Data requested to create a Customer account.

Subsidiary  shall mean a company that is controlled by another company called the parent company.

Third-party(-ies) shall mean any natural and/or legal person who is not the Company, a Supplier or a User.

Principle for processing Personal Data

While Processing Personal Data, the Company will respect the following general principles:

2.1 Fairness and lawfulness

When Processing Personal Data, the individual rights of the Data Subjects will be protected by the Company. Personal Data will be collected and Processed lawfully, in a fair manner, in good faith and must be proportionate to the objective.


2.2 Restriction to a specific purpose

Personal Data handled by the Company will be adequate and relevant to the purpose for which they are collected and Processed. This requires, in particular, ensuring that the types of Personal Data collected are not excessive to the purpose for which they are collected. Subsequent changes to the purpose are only possible to a limited extent and require substantiation.

2.3 Transparency

The Data Subject will be informed of how his/her/its Personal Data is being handled by the Company. When the Personal Data is collected, the Data Subject must be informed of:

the existence of this Policy;
the identity of the Data controller(s);
the purpose of Personal Data collection and Processing;
how, where and by whom the Personal Data is being Processed;
Third-parties to whom the Personal Data might be transmitted.

2.4 Consent of the Data Subject

Personal Data will be collected directly from the Data Subject concerned and, when required, the Consent of the Data Subject will be granted before Processing Personal Data. The Consent will be obtained electronically for the purposes of documentation. Your Consent is valid only if given voluntarily. y

Your Consent for the Processing of your Personal Data by the Company and the Supplier in accordance with this Policy is given once you tick the two boxes in the pop-up window which states:

- “I agree with the Terms and Conditions and with the Privacy policy and Consent that this Policy  entirely apply to me and my use of the Platform”; and

- “I understand and expressly Consent that the Company may transfer my Personal Data to the Suppliers’ country of domicile who will process them as Data processor”.

Personal Data can be Processed without Consent if this is required  :

to enforce a legitimate interest of the Company; or
to execute the contract concluded between you and the Company ;or
if any national or international law or regulation requests, requires or allows it.

2.5 Accuracy

Personal Data kept on file must be correct and  up to date. Inaccurate or incomplete Personal Data will not be kept on file and deleted.



Acceptance

During your use of the Platform, the Company may collect a certain number of Personal Data that relate to you and Process them in accordance with this Policy, including through Cookies provided you accept our Cookie policy.

This Policy shall apply to any use of the Platform, whatever the method or medium used. It details the conditions at which, the Company and Suppliers may collect, Process, keep, use and save Personal Data.

By using the Platform, you acknowledge that you have read and understood this Policy and agree to be bound by it and to comply with all applicable laws and regulations. You also acknowledge that you have read and understood the Terms that apply to the Platform and agree to be bound by them.
Collected Data

4.1 Visitors’ data

As a Visitor, you may browse the Platform without communicating Registration data.

By browsing the Platform, you understand and agree that we may collect and Process the following Personal Data:

your IP address;
your Cookies in accordance with our Cookies Policy available at the following address: https://elity.co/cookie-policy/;

(the “Visitor’s data”).

4.3 Registration data

Each Customer who desires to create a Customer account may be asked to communicate a number of Personal Data, including (without limitation) his/her/its personal contact details such as:

Mandatory data:

title;
first name;
last name;
address (zip code, city, country);
email address;
mobile number;
password;

(the “Mandatory Registration data”).

Optional data:

language settings;
picture;
date of birth;

(the “Optional Registration data”).

The Customer understands and agrees that his/her/its Booking historic is stored in his/her/its Customer account. The Customer has the possibility to rate and comment the Services he/she/it booked through his/her/its Customer account.

The Customer has the ability to delete an old Booking from his/her/its history.

The Customer who accepted to receive Marketing communication  sais entitled to unsubscribe from Marketing communication on his/her/its Customer account.

4.4 Payment data

By using the Platform, you transmit data relating to your means of payment, including (without limitation) your credit card information.

Credit card payments are Processed by the Payment Provider in compliance with the PCI-DSS norms. The Payment Provider decide at its own discretion which data it collects and Processes. We do not have access to the credit card numbers. For all credit card payments, the Payment Provider uses a secure payment system; this is an SSL secure payment. This payment protocol standard is recognized throughout the world for the protection of data transmitted over the Internet. It is available on practically all browsers. The Payment Data which you provide are encrypted prior to the sending of your post to the payment server.

The Customer expressly Consents that the Payment provider may particularly but not only collect and Process the following Personal Data related to the banking or credit card registered in his/her/its Customer account:

credit or banking card number;
expiration date of the banking or credit card;
name of the owner of the credit or banking card; and
any other information which concerns the banking or credit card, the Customer and/or the Payment provider and which are not relevant for the Company and/or the Supplier.

(the “Payment Data”).
The Company does not store, nor Processes any Payment data. Regarding these Payment data, the general terms and the privacy policy of the Payment Provider are solely applicable.

The Customer may request that the Company Processes his/her/its Payment data in order to facilitate the organization of the Booking and to allow further reservation which requires a credit or a debit card. In such case, the Processing of your Payment data by the Company is based on your Consent and the Company shall not be liable for any loss or hack of such Payment data provided it was stored in a secured way.
The Company does not act as a financial intermediary or as a payment institution for the transactions which take place via the Platform, said transactions being processed by the Payment Provider.

You hereby expressly agree to comply with the general terms and conditions and policies of the Payment provider, as well as any other external supplier in charge of processing the payment, to pay the latter the commission provided therefore and to grant it/them all banking authorizations required to carry out the payment with your credit or banking card.

The Company shall not be held liable for the content of the privacy policy and the general terms of the Payment Provider, if any.

Your credit card transaction is made at your sole risk. The Company shall in no way or manner be held liable for any delay in the banking authorization relating to your credit or banking card or of any damage or loss which may arise in relation with the transaction made via the Platform.

4.5 Wire transfer data

When you choose to pay the Transaction price by wire transfer thanks to the banking details received from the Company, this latter store and Processes the following banking information:

name of the bank account holder;
surname of the bank account holder; and
address of the bank account holder.

(the “Wire transfer data”)

The Company only Processes your Wire transfer data when you pay the Transaction price by wire transfer in order to know which Customer already paid the Transaction price indicated he/she/it has to pay.

4.6 Transaction data

When you Book a Service on the Platform, We collect a number of information about the transaction including but not limited to:

the type of transaction;
the travel purpose;
the type of stay;
the type of Services booked;
your insurance information;
your passport information;

(the “Transaction Data”).

4.7 Booking data

The Company also collects Personal Data regarding your search, including but not limited to:

check-in;
check-out;
check-in time;
number of guests;
number of rooms;
type of Accommodation;
type of Facilities;
Users’ language;
Users’ currency;
a copy of your driving license (if applicable);
exchange rate;
date and time of Booking;
date and time of eventual cancellation;
the possible comment about your Booking you may write to the Company and/or the Supplier (e.g. time of arrival/departure, food allergy, specific requests);
your feedback about your experience of use of the Platform;

(the “Booking data”).

4.8 Health Data

In order to allow the Company and/or the Supplier to organize the Service(s) and the Facilities you Book at their best, We may collect Personal data related to your health condition such as information about your eventual:

allergies;
intolerances;
diseases;
injuries;
any type of medical information which may be relevant for the enjoyment of the Service(s) and/or the Facilities;


(the “Health Data”).

Since Health Data are sensitive data requiring your express Consent to be Processed, you are absolutely not obliged to provide the Company with such Personal Data.

This being said, by providing the Company with your Health Data, you expressly Consent that the Company Processes these Personal data in order to provide you and/or to allow the Supplier to provide you with the Services and the Facilities in the best possible way. For this purpose, you expressly Consent that the Company may transfer your Health Data to the Suppliers.

You understand and agree that the Booking of some Services and Facilities may obligated the Company to Process your Health Data. In such case, your understand and agree that the Booking of the said Services and Facilities will not be allowed without providing Us with the Health Data.

4.9 Third-party Data

When a Customer books Services for a Third-party he/she/it shall provide the Company with all the following information about the Third-party who will actually beneficiating from the Service(s):

title;
first name;
last name;
address (zip code, city, country);
email address;
mobile number;
ID/Passport number;
allergies;
intolerances;
diseases;
injuries;
any type of medical information which may be relevant for the enjoyment of the Service(s) and/or the Facilities;
[please complete].

(the “Third-party Data”)

The Customer who provides the Company with the Third-party Data is fully responsible of the accuracy of these Personal Data.

After receiving the Third-party Data, the Company will send an email to the Third-party to inform him/her that it processes his/her Third-party Data in accordance with this Policy.

4.10  Cookies

Please read our separate Cookies Policy available at the following URL:  https://elity.co/cookie-policy/ , which tells you how the Company makes use of Cookies and other similar technologies such as Google Analytics.

4.11  Other Personal Data

You expressly understand and agree that other specific policies of the Supplier who provides you with the Service(s) may entirely apply to you in addition with this Policy.

In particular, you may be requested to provide the Supplier with additional Personal Data which are specific to the Service(s) you book on the Platform and not described in this Policy. In such case, you expressly agree to provide the Supplier with the Personal Data requested in accordance with and to be bound by the specific privacy policies of the Supplier. In such event, the Company does not control the Personal Data communicated to Supplier(s).

Should you not desire to provide the Supplier with the requested Personal Data and/or to be bound by the specific privacy policies of the Supplier, please refrain from Booking the said Services.


Use of the Personal Data

5.1 Purpose of use of Personal data

The following paragraphs describe the various purposes for which We collect and use your Personal Data, and the different types of Personal Data that are collected for each purpose. Please note that not all of the uses below will be relevant to every individual.

Generally, We use your Personal Data, in accordance with applicable laws, to provide you with the Platform and the Functionalities, to enter into contract with you, to run our business and our activities, to communicate with you and for other general business purposes, such as conducting internal marketing and demographic studies and measuring the effectiveness of advertising campaigns.

We also use your Personal Data for security purposes and to insure a peaceful use of the Platform by all the Users.

Considering the scope of our activities, We also have to collect some of your Personal Data to fulfill with legal requirement and to be compliant with all the suitable laws and regulations.



Consent

The following uses of Personal Data are based on your Consent:

your Optional Registration data:

language preference;
picture; and
date of birth.

your Health Data:

allergies;
intolerances;
diseases;
injuries; and
any type of medical information which may be relevant for the enjoyment of the Service(s) and/or the Facilities.

your Wire transfer data:

name of the bank account holder;
surname of the bank account holder; and
address of the bank account holder.

your Payment data when you expressly request that the Company Processes it:

credit or banking card number;
expiration date of the banking or credit card;
name of the owner of the credit or banking card; and
any other information which concerns the banking or credit card, the Customer and/or the Payment provider and which are not relevant for the Company and/or the Supplier.

We use any of the above-mentioned Personal Data for customer service purposes, including responding to your enquiries, as well as to provide you with the Service and/or to allow the Supplier to provide you with the Services to the best of our capacities. This typically requires the use of certain personal contact information and information regarding the reason for your inquiry (e.g. technical issue, question/complaint, general question, medical information, etc.).

We use information about your usage of the Platform and/or the Functionalities and your contact information to provide you with the Newsletter and/or the Marketing communications.

With your Consent, by ticking the box “I subscribe to the Newsletters of the Company” and/or by ticking the box “I wish to receive Marketing communication from the Company” in the pop-up window appearing at your first connection on the Platform, you expressly Consent that We use your a email address and name to send you Newsletters and/or Marketing communications until you unsubscribe. Your Consent remains valid even if you do not tick this box again in the future every time the pop-up window appears.

By freely providing Us with your Optional Registration data and Health Data and by giving your Consent to the applicability of this Policy by ticking the box “I agree with mthe use of my Optional Registration data and my Health Data by the Company and/or the Suppliers for providing the Services”, you expressly Consent that We Process your Optional Registration data and your Health Data.

By paying the Transaction price by wire transfer thanks to the banking details received from the Company and by giving your Consent to the applicability of this Policy by ticking the box “I agree with the Terms and Conditions and with the Privacy Policy and Consent that these terms entirely apply to me and my utilization of the Platform”, you expressly Consent that We Process your Wire transfer data.

By ticking the box “I wish that the Elity GmbH keeps and Processes my credit/debit card information (i.e. my Payment data) and expressly Consent that Elity GmbH use this information to book Facilities in my name and under my behalf and to provide me with the Services more efficiently”, you expressly Consent that We Process your Payment data.

Even if you have opted in, you can at any time:

- opt-out of the Marketing communications and the Newsletter at any time by inscribing to it in the settings of your Customer account or by sending Us an email at the following email address:  privacy(at)elity.co; and

- refuse that We save and Process your Health Data and your Optional Registration data by sending Us an email at the following email address: privacy(at)elity.co.

Generally, You may revoke your Consent at any time for any use of your Personal Data by the Company. Please note that the withdrawal of your Consent will not affect the lawfulness of the Processing of your Personal Data based on your Consent before its withdrawal. The Company cannot guarantee that your use of the Platform will be the same as before your revocation of Consent.


Legitimate interest

By browsing the Platform you understand that the Company has the legitimate interest to Process the following Personal Data for security reason, in particular to insure a legal and peaceful utilization of the Platform in the full respect of the laws and suitable regulations, as well as for measuring the effectiveness of the Platform and its Functionalities, as well as enable you to enjoy these latter in the best possible way:

your Visitors’ data:

your IP address; and
your Cookies in accordance with our Cookies Policy available at the following address: https://elity.co/cookie-policy/ .
These Personal Data are collected and used to prevent potentially prohibited or illegal activities.

These Personal Data are used in order to know who interacted with the Platform and to ensure that there is no cyber-security threat and in order to have an initial verification of the Visitor and potential User of the Platform. If a cyber-security threat occurs at a particular moment, it would be possible to identify the whereabouts of the threat.

In some instances, We may use your geographical location information in order to ensure that the Platform and its Functionalities will not be used in a country/area where it is expressly prohibited for the Platform to be used in order to ensure that no legal action is taken against the Company.

These Personal Data are also used to enforce the Terms. We have a legitimate interest that you entirely respect the Terms.

Contract

By contracting with the Company through the Platform, you understand that We Process and use the following Personal Data for the sake of executing the contractual engagement (including communicating with You and charging your credit card):

your Mandatory Registration data:

title;
first name;
last name;
address (zip code, city, country);
email address;
mobile number; and
Customer account’s password.

your Transaction data:

type of transaction;
travel purpose;
type of stay; and
transaction status.

your Booking data:

check-in;
check-out;
check-in time;
number of guests;
number of rooms;
type of Accommodation;
type of Facilities;
Users’ language;
Users’ currency;
a copy of your driving license;
exchange rate;
date and time of Booking;
date and time of cancellation;
the possible comment about your Booking you may write to the Company and/or the Supplier (e.g. time of arrival/departure, food allergy, specific requests); and
your feedback about your experience of use of the Platform.

the Third-party Data:

title;
first name;
last name;
address (zip code, city, country);
email address;
mobile number;
ID/Passport number;
allergies;
intolerances;
diseases;
injuries;
any type of medical information which may be relevant for the enjoyment of the Service(s) and/or the Facilities;
[please complete].

The above-mentioned Personal Data are absolutely essential to build the contractual relationship between you (or the Third-party who will benefitting from the Services) and the Company. By communicating with Us these Personal Data, you understand and Consent that without them We are in the impossibility to provide you with the Platform and its Functionalities.

You also understand that these Personal Data allow Us to provide you with personalized support and to propose you tailored Services and Facilities.

Your intention to contract with the Company confirms that you Consent that We Process and use these Personal Data for the conclusion and execution of the agreement concluded between you and Us.

5.2 Type of use of Personal Data

Interaction & communication

The Company will be using your Mandatory Registration data in order to carry out online sales, to interact with you, including by means of telephone, and to respond to your requests. Your Mandatory Registration data may also be used for fraud detection purposes. By browsing the Platform, you agree that the Company may Process and use your Mandatory Registration data to contact you, in particular by sending emails containing general information and/or by Newsletter (provided you subscribed to it).

Marketing

The Company will use your Mandatory Registration data to send you information regarding the Services and any promotional offers. Your Visitors data, Booking data, Transaction data and Optional Registration data may also be used in relation with the development of our partners in order to test your interest in the creation of new services, products or activities based on elements of your profile, your interests or your use of the Platform. Visitors data, Booking data, Transaction data and Optional Registration data amay also be used in order to improve the services offered by the Company and/or the Services of the Supplier and to prepare statistics, including for big data and/or artificial intelligence purposes.

By expressly agreeing to receive Marketing communications, you consent that your email address will be used for electronic advertising purposes by the Company. The Company will always endeavor sending the Users advertising material tailored to his/her/its interests.

If you decide that you no longer wish to receive the Newsletters and/or the Marketing communications, you can unsubscribe from receiving marketing-related communications at any time, by following the instructions provided in each such communication or by sending an email to: privacy(at)elity.co.

To opt out of the Newsletters and/or Marketing communications you can also opt out at any time by logging into the Platform and adjusting your user preferences in your Customer account profile by unchecking the relevant boxes. Please note that, even if you opt out from receiving Newsletters and/or Marketing communications, you may still receive administrative communications from the Company, such as order or other transaction confirmations, notifications about your Customer account activities (e.g. account confirmations, password changes, etc.), notifications about new versions of the Terms or of this Policy, and other important announcements.

Neither the Company nor the Supplier will be responsible for any subscription you made to any other newsletters and/or material communications with Third-parties.

Personalization

We may use your Visitors data, Booking data, Transaction data and Optional Registration data in order to analyze your preferences and your patterns, to personalize your experience on the Platform, as well as to optimize the Platform. We may also suggest to you content which is best suited to your interests.

We may use your Visitors data, Booking data, Transaction data and Optional Registration data (i) to analyze your preferences and habits, (ii) to anticipate your needs based on our analysis of your profile, (iii) to improve and personalize your experience on our Platform, (iv) to ensure that content from Our Platform is optimized for you and for your computer or device; and (v) to allow you to participate in interactive features, when you choose to do so.

Customer service

We use your Mandatory Registration data for customer service purposes, including responding to your enquiries. This typically requires the use of certain personal contact information and information regarding the reason for your inquiry (e.g. order status, technical issue, product question/complaint, general question, etc.).

Social networks

We use your Personal data when you interact with Third-party social networking features, such as to serve you with advertisements and engage with you on social networks. You can learn more about how these features work, the profile data that We obtain about you, and find out how to opt out by reviewing the privacy notices of the relevant Third-party social networks.

Certain features (called plugins) offered by various Third-party social media platform providers (for example Facebook, Linkedin, Twitter) are incorporated into our Platform. These plugins allow Users to share content available via social networks. If a plugin appears on the Platform during a browsing session, an automatic link with the servers of said website is provided. The Personal Data relating to our Platform may be sent to this Third-party provider. If the User is identified at the same time on the social network of said Third-party provider, the visit to our Platform may then be linked to the User’s social network account (for example Facebook). The Company has no influence over this type of Personal Data transfer.

Please consult the information relating to data protection by your social network regarding the purpose and the extent of the collection of your Personal Data, the subsequent management and use of your Personal Data by said provider, as well as your rights and setting options in order to protect your privacy.

When you authorize a Third-party social network (such as Facebook) to share information and Personal Data with Us, We may receive any Personal Data which you publicly share on said social network as well as any Personal Data which forms part of your profile. This may consist of basic Personal Data relating to your Customer account (e.g. your name, email address, gender, date of birth, the town where you reside, your profile photography, your user identifier, your list of friends, etc.) and all other information or activity which you have authorized the Third-party network to share.

We also receive Personal Data relating to your profile when you use a function of the social network which is integrated into the Platform (such as Facebook Connect) or when you interact with Us via a social network. In order to find out more about how We receive Personal Data regarding yourself from Third-party social networks or to cease sharing your Personal Data on said social networks, We invite you to read the conditions of use of the relevant social networks. You should at all-time be aware of the terms of use and privacy policy that applies to the Third-party social network and are of its exclusive responsibility.

Booking fulfillment

We use your Booking data, Transaction data, Mandatory Registration data, Optional Registration data and Wire transfer data to process your Bookings, charge your banking or credit card, correct addresses and conduct identity verifications and other fraud detection activities.

Reviews

When you leave a review on the Platform after your enjoyment of a Service, We collect a number of Personal Data, including the eventual Supplier’s name, address, zip code, city and country, day and time of your check-in and check-out, your rating and your comments.

Internal research, analytic, security

In accordance with applicable laws, We may use your Visitors data, Booking data, Transaction data and Optional Registration data for other general business purposes, such as conducting internal marketing and demographic studies and measuring the effectiveness of advertising campaigns.

We also use your Personal Data to ensure Our security.

Legal reasons or merger/acquisition

In the event that the Company or its assets are acquired by, or merged with, another company including through bankruptcy, We may share your Personal Data with any of our legal successors. We may also disclose your Personal Data to Third-parties (i) when required by applicable law; (ii) in response to legal proceedings; (iii) in response to a request from a competent law enforcement agency; (iv) to protect Our rights, privacy, safety, property or the public; or (v) to enforce the terms of any agreement or the Terms.


Gift and person accompanying you

In the event you make a Booking as a Gift, you are fully responsible for providing accurate information about the person(s) to whom you offer the Gift and who will beneficiate from the Service(s). You also represent and warrant that this/these person(s) agree(s) that these Terms and the Policy entirely apply to him/her/them and that this/these person(s) )gave his/her/theirs Consent for the Processing of his/her/their Personal Data you communicate to us.

Likewise, you are fully responsible for providing accurate information about the person(s) accompanying you and who will be indicated on the Booking confirmation. Thus you represent and warrant that the person(s) accompanying you agree(s) that these Terms and the Policy entirely apply to him/her/them and that the person(s) accompanying you give(s) his/her/their express Consent for the Processing of his/her/their Personal Data you communicate to us.

The Company will not be liable if the information you provide are not legit, incomplete, inaccurate and/or if the person(s) to whom you make the Gift and/or the person(s) accompanying you did not give his/her/their Consent for the Processing of the Personal Data you communicate to us.



Third-party disclosure

The Company may disclose your Personal Data to relevant Third-parties, in particular if We are requested to do so to comply with a court order or law enforcement authorities request, or if We find it necessary, as determined in the Company’s sole discretion, to investigate, prevent or take action regarding illegal activities, to defend Our interest, in case of violations of the Terms or as otherwise required or permitted by law.

In any case where cross-border transfer is done to Third-parties, the Company ensures that an adequate protection is guaranteed for Personal Data to be transferred outside of Switzerland and the EEA. In some specific cases when this level of protection is not guaranteed, the Company will obtain your prior Consent or establish with the recipient of Personal Data a contractual framework or sufficient safeguards that ensure an adequate level of protection abroad. You may request access to a copy of these safeguards by contacting the Company.

Unless otherwise stated, the Third-parties who receive Personal Data from the Company are prohibited to use this Personal Data beyond what is necessary to provide their product or service to you, directly or by participating to the Company’s activities.


Minors

The Platform and its Functionalities are prohibited to Minors.

The use of the Platform by Minors is subject to the approval of a guardian and/or legal representative.

By creating a Customer account and/or logging in as a Minor, you represent and warrant that your guardian and/or legal representative is entitled to validate your acts legally.

Should the Company realize that it Processed Minors’ Personal Data without legal representative’s approval, it will erase them immediately and/or closed the Customer account immediately.


Storage of your personal data

Your Personal Data will be stored in on the server of Amazon in Europe and in the United States of America in accordance with the EU-U.S. Privacy Shield framework and the SWISS-U.S. Privacy shield framework. You agree that the Company may store your Personal Data in any other country of the European Economic Area (“EEA”), including Switzerland.

The storage as well as the Processing of your Personal Data may require that your Personal Data are ultimately transferred/transmitted to, and/or stored at, a destination outside of your country of residence, in particular in the country where the Supplier is located. Where permitted by law, by accepting the terms of this Policy, you agree to such transferring, transmission, storing and/or Processing by the Supplier. You also agree that such activities may take place to or in countries offering a lower level of protection than your country of residence.


Retention of your personal data

In accordance with applicable laws, the Company will use your Personal Data for as long as necessary to satisfy the purposes for which your Personal Data was collected or to comply with applicable legal requirements. Personal Data used to provide you with a personalized experience will be kept for a duration permitted by applicable laws.

When you delete your Customer account, your Personal Data is kept for a period of 12 (twelve) months in order to comply with legal requirements.


Security of your Personal Data

The Company applies high industry standards and will always apply adequate technical and organisational measures, in accordance with applicable laws to ensure that your Personal Data is kept secure.

However, you shall be solely responsible to keep your Registration data and other information relating to your Customer account confidential and allow only authorized individuals to access and use your Customer account.

In the event of a Personal Data breach, the Company shall without undue delay, and where feasible, not later than 72 hours after having become aware of it, notify the breach to the competent supervisory authority, unless said breach is unlikely to result in a risk to your rights and freedoms. If the breach is likely to result in a high risk to your rights and freedoms, the Company shall communicate this breach to you without undue delay.


Access to your Personal Data and information rights

You have the right to request access to or information about the Personal Data related to you which are Processed by the Company.

You can access, review, correct, update or delete your Personal Data at any time by accessing your Customer account.

Where provided by law, you, your successors, representatives and/or proxies may (i) request deletion, correction or revision of your Personal Data; (ii) oppose the data Processing; (iii) limit the use and disclosure of your Personal Data; and (iv) revoke Consent to any of our Personal Data Processing activities if the Company is relying on your Consent and does not have another legitimate interest and/or another legal or contractual basis to continue Processing your Personal Data.

These rights can be exercised by contacting Us through our contact form or writing to Us at: privacy(at)elity.co
, attaching a copy of your ID. If the request is submitted by a person other than you, without providing evidence that the request is legitimately made on your behalf, the request will be rejected.

The request is free of charge unless your request is unfounded or excessive (e.g. if you have already requested such Personal Data multiple times in the last twelve months or if the request generates an extremely high workload). In such case, the Company may charge you a reasonable request fee according to applicable laws.

The Company may refuse, restrict or defer the provision of Personal Data where it has the right to do so, for example if fulfilling the request will adversely affect the rights and freedoms of others.


Portability of your Personal data

You also have the right to receive your Personal Data, which you have provided to the Company with, in a structured, commonly used and machine-readable format and have the right to transmit those Personal Data to Third-parties without hindrance from the Company.

This right can be exercised by contacting Us through our contact form or writing to Us at: privacy(at)elity.co, attaching a copy of your ID. If the request is submitted by a person other than you, without providing evidence that the request is legitimately made on your behalf, the request will be rejected.

The request is free of charge unless your request is unfounded or excessive (e.g. if you have already requested such Personal Data multiple times in the last twelve months or if the request generates an extremely high workload). In such case, the Company may charge you a reasonable request fee according to applicable laws.

The Company may refuse, restrict or defer the provision of Personal Data where it has the right to do so, for example if fulfilling the request will adversely affect the rights and freedoms of others.


Privacy by design and by default

The Company will, both at the time of the determination of the means for Processing and at the time of the Processing itself, implement appropriate technical and organizational measures, such as pseudonymization, which are designed to implement data-protection principles, such as data minimization, in an effective manner and to integrate the necessary safeguards into the Processing in order to meet the requirements of the GDPR and protect your rights.

The Company will implement appropriate technical and organizational measures for ensuring that, by default, only Personal Data which are necessary for each specific purpose of the Processing are Processed. This obligation applies to the amount of your Personal Data We collect, the extent of their Processing, the period of storage and their accessibility. These measures will ensure that by default your Personal Data are not made accessible without your intervention to an indefinite number of Third-parties.


Contacting the Company and complaints

The Company hopes to be able to answer any questions or concerns you have about your Personal Data. You can get in touch with the Company at the postal address or the following email address: privacy(at)elity.co.

The Company’s representative in the EU for the purposes of the GDPR is


Prighter provided by
Maetzler Rechtsanwalts GmbH & Co KG
c/o Elity GmbH

Address:
Schellinggasse 3/10, 1010 Vienna, Austria
Website:
https://prighter.com
Please add the following subject to all correspondence: Prighter ID: 18482638871

Representation for data subjects in the EU


We value your privacy and your rights as a data subject and have therefore appointed Prighter as our privacy representative and your point of contact.


Prighter gives you an easy way to exercise your privacy-related rights (e.g. requests to access or erase personal data). If you want to contact us via our representative Prighter or make use of your data subject rights, please visit: https://prighter.com/q/18482638871

You have the right to make a complaint if you feel your Personal Data has been mishandled or if the Company has failed to meet your expectations. You are encouraged to contact the Company about any complaints or concerns but you are entitled to complain directly to the relevant supervisory authority.


Changes to the Terms of the Policy

The Company may modify the Terms or this Policy from time to time and will post the most current version on the Platform. You will be notified such changes in accordance with the procedures set forth in our Terms. You Consent that We use the e-mail address you provided Us with upon registration to ask you to Consent to these modifications. You expressly Consent to receive new versions of the Terms or of this Policy in the e-mail address you provided to Us.


Data controller

The Data co-Controller is:

Elity Sàrl.

Your Consent for the Processing of your Personal Data by the Company and the Supplier in accordance with this Policy is given once the Users tick the box in the pop-up window which states “I understand and expressly Consent that the Company control and Process my Personal Data as Data controller and that my Personal Data may be transferred to the Supplier’s country of domicile who will process them as a Data processor”.

As a Data processor, the Supplier has the right to Process the Personal Data on behalf of the Company, in accordance with these Terms. The Supplier has entered into a Data transfer agreement with the Company in order to ensure your Personal Data are Processed with the same level of protection and the same legal requirements as those applicable to the Company.

All the rights and obligations applicable to the Company under this Policy are fully applicable to the Supplier while Processing your Personal Data. For the sake of clarity, when the Policy refers to the Company it also refers to the Supplier who provides you with the Service(s) in all cases where this makes sense.

Shall the Supplier be part of a Group and/or shall it have Subsidiaries, you expressly understand and Consent that the Supplier is legitimate to communicate your Personal Data to all the companies of the Group and/or to its Subsidiaries. The Supplier must adopt binding corporate rules applicable to its Group and its Subsidiaries.

As a consequence, you understand and agree that the Supplier is legitimate to Process your Personal Data on behalf of the Company, in particular for statistic reason, to contact you or for any other reason based on the law, on a legitimate interest of the Supplier or on your Consent.


Data transfer agreement

Considering that the Supplier is a Data processor of your Personal Data, the Company signed with this latter a Data transfer agreement.

Pursuant to this agreement, the Company undertake to transfer to the Supplier all your Personal Data collected and Processed in accordance with this Policy and the Supplier expressly warrants and undertakes in this agreement that:

 s ;
it will apply the same standards of confidentiality as the Company does to Process your Personal Data;

it has in place appropriate technical and organizational measures to protect your Personal Data against accidental or unlawful destruction or accidental loss, alteration, unauthorized disclosure or access, and which provide a level of security appropriate to the risk represented by the Processing and the nature of the Personal Data to be protected;

it has in place internal procedures so that any Third-party it authorizes to have access to your Personal Data, including sub-processors, will respect and maintain the confidentiality and security of your Personal Data;

it Processes your Personal Data for the sole purposes described in this Policy.


Supplier’s privacy policies

You expressly understand and agree that privacy policy of the Supplier who provides you with the Service(s) may apply to you when Booking Service(s) on the Platform.

In such case, both this Policy and the privacy policies of the Supplier (if any) will apply to you.

Unless otherwise provided, should the terms of this Policy and the Supplier’s privacy policy be contradictory, this Policy shall prevail.

Links

The Platform may contain links which direct you to Third-party websites. The Company rejects any liability relating to the privacy policy in force on said Third-party websites, the collection and use of your Personal Data by the latter and relating to the contents of said websites (whether the links are hypertext links or deep-links).


Jurisdiction and governing law

This Policy and any questions relating thereto shall be governed by the laws of Switzerland, to the exclusion of any rules of conflict resulting from private international law.

Any dispute relating to this Policy must exclusively be brought before the courts of Lausanne, subject to an appeal to the Swiss Federal Court.

Should you have any questions relating to this Policy, you may send these by email to the following address: privacy(at)elity.co
.


Contact

To ask questions or make comments on this Policy or to make a complaint about our compliance with applicable privacy laws, please contact Us through our contact form or writing to Us at: privacy(at)elity.co
. We will acknowledge and investigate any complaint pursuant to this Policy.

Navigation

Contact

ELITY
Kauffmannweg 14
6002 Luzern,
Switzerland

Newsletter

Follow Us

  • Devise EUR
    Most Used Currencies
    • Eur Euro(€)
    • Gbp British Pound(£)
    • chf Swiss franc(CHF)
    • usd Us Dollar(US$)
    • aud Australian Dollar(AUD)
    • aed U.A.E Dirham(AED)
    All Currencies
    • AUD Australian Dollar (AUD)
    • BGN Bulgarian Lev (BGN)
    • BRL Brazilian Real (BRL)
    • CAD Canadian Dollar (CAD)
    • CHF Swiss Franc (CHF)
    • CNY Chinese Yuan (CNY)
    • CZK Czech Koruna (CZK)
    • DKK Danish Krone (DKK)
    • EUR Euro (€)
    • GBP British Pound (£)
    • HKD Hong Kong Dollar(HKD)
    • HRK Croatian Kuna (HRK)
    • HUF Hungarian Forint (HUF)
    • IDR Indonesian Rupiah (IDR)
    • ILS Israeli New Shekel (ILS)
    • INR Indian Rupee (INR)
    • ISK Icelandic Króna (ISK)
    • PLN Polish Zloty (PLN)
    • RON Romanian Leu (RON)
    • RUB Russian Ruble (RUB)
    • SEK Swedish Krona (SEK)
    • SGD Singapore Dollar (SGD)
    • THB Thai Baht (THB)
    • USD US Dollar (US$)
    • JPY Japanese Yen (JPY)
    • KRW South Korean Won (KRW)
    • MXN Mexican Peso (MXN)
    • MYR Malaysian Ringgit (MYR)
    • NOK Norwegian Krone (NOK)
    • NZD New Zealand Dollar (NZD)
    • PHP Philippine Peso (PHP)
    • TRY Turkish Lira (TRY)
    • AUD Australian Dollar (AUD)
    • BGN Bulgarian Lev (BGN)
    • BRL Brazilian Real (BRL)
    • CAD Canadian Dollar (CAD)
    • CHF Swiss Franc (CHF)
    • CNY Chinese Yuan (CNY)
    • CZK Czech Koruna (CZK)
    • DKK Danish Krone (DKK)
    • EUR Euro (€)
    • GBP British Pound (£)
    • HKD Hong Kong Dollar(HKD)
    • HRK Croatian Kuna (HRK)
    • HUF Hungarian Forint (HUF)
    • IDR Indonesian Rupiah (IDR)
    • ILS Israeli New Shekel (ILS)
    • INR Indian Rupee (INR)
    • ISK Icelandic Króna (ISK)
GDPR CERTIFIED 2021-04-08
GDPR CERTIFIED 2021-04-08
Prighter representation

Elity® is registered trademark of Elity Ltd Switzerland Company. © 2024 elity. All rights reserved.