The website of Convention Team Lucerne AG (hereafter referred to as “CTL AG”) is subject to Swiss data protection law, including in particular the Swiss Federal Act on Data Protection (DPA) along with any applicable foreign data protection law, such as for example the General Data Protection Regulation (GDPR) of the European Union (EU). The EU has recognised that Swiss data protection law guarantees an adequate level of data protection.
Our website may be accessed by transport encoding (SSL/TLS).
Thank you for taking an interest in our company. Data protection is particularly important for us. As a matter of principle, the CTL AG website can be used without providing any personal data. However, should a data subject wish to receive particular services from our company through our website, it may be necessary to process personal data. If any personal data have to be processed but there is no legal basis for such processing, we shall in general obtain the consent of the data subject.
Personal data, such as for example the name, address, email address or telephone number of a data subject, are processed at all times in accordance with statutory data protection requirements. By this Privacy Statement, our company would like to inform the general public of the nature, scope and purpose of the personal data collected, used and processed by us. In addition, this Privacy Statement also informs data subjects of their rights.
As the controller, CTL AG has put in place numerous technical and organisational measures in order to ensure that the personal data processed through this website are protected as seamlessly as possible. However, as a general matter online data transfers can feature security vulnerabilities, with the result that it is not possible to guarantee absolute protection. For this reason, each data subject may choose to transmit personal data to us using alternative means, such as over the telephone.
1. Name and address of the controller
The controller for all legal purposes (hereafter, the “operator”) is:
Convention Team Lucerne AG
Oberseeburg 10 6006 Lucerne
Tel.: +41 (0) 41 371 18 60
2. General information concerning data processing
Whenever our website is visited, we collect and use in the first instance only the data referred to in section 3. Other than this, as a matter of principle we only process the personal data of our users where this is necessary in order to provide a properly functioning website along with our content and services. As a rule, personal data are only collected from our users and processed with the consent of the specific individual user. An exception applies in situations in which it is not possible to obtain consent in advance due to practical reasons and the data processing is permitted by law.
2.1. Legal basis for the processing of personal data
If we obtain the consent of the data subject for the processing of personal data, the legal basis for the processing of personal data is the Swiss Data Protection Act (DPA) or, if and insofar as applicable, point (a) of Article 6(1) of the EU General Data Protection Regulation (GDPR).
The legal basis for the processing of personal data that is necessary for the performance of a contract to which the data subject is party is the Swiss Data Protection Act (DPA) or, if and insofar as applicable, point (b) of Article 6(1) GDPR. This also applies to processing that is necessary for the implementation of pre-contractual measures.
If the processing of personal data is necessary for compliance with a legal obligation to which our company is subject, the legal basis is the Swiss Data Protection Act (DPA) or, if and insofar as applicable, point (c) of Article 6(1) GDPR.
If processing is necessary in order to protect a legitimate interest of our company or of a third party and such interests are not overridden by the interests or fundamental rights and freedoms of the data subject, the legal basis for processing is the Swiss Data Protection Act (DPA) or, if and insofar as applicable, point (f) of Article 6(1) GDPR.
2.2. Erasure of data and duration of storage
The personal data of the data subject are erased or made unavailable as soon as the purpose for which they were stored no longer applies. Data may also be made unavailable if provided for under European or national legislation within EU regulations, laws or other provisions to which the controller is subject. Data may also be made unavailable or erased upon expiry of a storage period provided for under the above-mentioned provisions, unless the further storage of the data is required in order to enter into a contract or for the performance of a contract.
3. Provision of the website and creation of log files
3.1. Description, purpose and scope of data processing
Whenever our website is accessed, our system automatically collects data and information from the computer system of the accessing computer.
The following data are collected:
- information concerning the browser type and version used
- the user’s operating system
- the user’s IP address
- the data and time of access
- the websites from which the user’s system was directed to our website
- the websites that were visited by the user’s system from our website
- username (if the user is logged in)
The IP address must be stored temporarily by the system in order to enable the website to be displayed on the user’s computer. For this purpose, the user’s IP address must be stored for the duration of the session. Log files contain IP addresses or other data that can be attributed to a particular user. This may be the case for instance if the link to the website that directed the user to the website or the link to the website subsequently visited by the user contains personal data.
Data are also stored in log files on our system. These data are not stored alongside other personal data of the user. Data are stored in log files in order to ensure the proper functioning of the website. In addition, we require the data in order to optimise the website and to ensure the security of our computer systems. No data are assessed for marketing purposes in this regard.
3.2. Legal basis for data processing
The legal basis for the temporary storage of data and log files is the Swiss Data Protection Act (DPA) or, if and insofar as applicable, point (f) of Article 6(1) GDPR
3.3. Duration of storage
Data are erased as soon as they are no longer required in order to fulfil the purpose for which they were stored. Technical server log files are automatically erased after 365 days.
3.4. Ability to object to processing and to remove data stored
The collection of data in order to display the website and the storage of data in log files is absolutely necessary in order operate the website. It is not therefore possible for the user to object to such processing.
4. Usage of cookies
The usage of cookies makes it possible to provide the visitors to this website with more user-friendly services, which would not be possible without cookies.
The data subject can prevent cookies from being saved by our website at any time by adjusting the appropriate settings on the internet browser used and thus object to the storage of cookies until further notice. In addition, any cookies that have previously been saved may be erased at any time using an internet browser or other software. This is possible in all commonly used internet browsers. However, if the data subject disables cookies in the internet browser used, in some cases it may not be possible to use all functions of our website to the full.
4.1. Description, purpose and scope of data processing
- search terms entered
- frequency with which pages are visited
- usage of website functions
Analysis cookies are used for the purpose of enhancing the quality of our website and its content. Analysis cookies help us to establish how the website is used, and thus enable us to continuously optimise our content.
4.2. Legal basis for data processing
The legal basis for the processing of personal data and the usage of cookies is the Swiss Data Protection Act (DPA) or, if and insofar as applicable, point (f) of Article 6(1) GDPR.
4.3. Duration of storage, ability to object to processing and to remove data stored
Cookies are stored on the user’s computer and transmitted by it to this website. This means that, as the user, you also have full control over how cookies are used. You can disable or limit the transmission of cookies by adjusting the settings in your internet browser. You can delete cookies that have previously been saved at any time. This can also occur automatically. If cookies are disabled for our website, it is possible that it will no longer be possible to use all functions of the website in full.
5. Contact forms and email contact
5.1. Description, purpose and scope of data processing
Our website contains contact forms, which may be used in order to contact us electronically. If a user takes advantage of this option, the data entered into the input mask is transmitted to us and stored. These data include:
- company name (optional)
- form of address / title (optional)
- surname / first name
- address (optional)
- post code / locality (optional)
- country (optional)
- email address
The following data are also stored at the time the message is sent:
- the user’s IP address
- the date and time of registration
The personal data from the input mask is processed by us solely for the purposes of dealing with the issue raised in the contact. If we are contacted by email, the requisite legitimate interest in processing the data is also to deal with the issue raised when contacting us. The other personal data processed during the transmission serve the purpose of preventing the abuse of the contact form and ensuring the security of our computer systems.
No data are disclosed to third parties in this regard. The data are used exclusively for processing the conversation between us.
5.2. Registration form for conferences
In order to register for a conference certain personal data must necessarily be provided in relation to the arrangement of the conference. However, we only use these data in order to process your registration. In the event that any hotel reservations are made through our website the following data will be forwarded to the hotels (surname, first name, institution/company, postal address, telephone number, email address, date of arrival, date of departure, room category).
You will then receive an email confirmation for the conference, and also for the hotel reservation if applicable, for which we shall require your email address.
The information will not be disclosed to any third party.
5.3. Legal basis for data processing
The legal basis for the processing of the data is, where consent has been provided by the user, the Swiss Data Protection Act (DPA) or, if and insofar as applicable, point (a) of Article 6(1) GDPR.
The legal basis for the processing of personal data transmitted in relation to email communication is the Swiss Data Protection Act (DPA) or, if and insofar as applicable, point (f) of Article 6(1) GDPR. If the purpose of the email contact is the conclusion of a contract, the Swiss Data Protection Act (DPA) or, if and insofar as applicable, point (b) of Article 6(1) GDPR constitutes an additional legal basis for processing.
5.4. Duration of storage
Data are erased as soon as they are no longer required in order to fulfil the purpose for which they were stored. This is only the case for the personal data provided in the input mask in the contact form and any data sent by email if the relevant conversation with the user has ended. The conversation will be deemed to have ended if it is clear from the circumstances that the issue in question has been conclusively clarified.
5.5. Ability to object to processing and to remove data stored
The user has the ability to withdraw his or her consent at any time to the processing of data. If the user contacts us by email (contact form), he or she may object at any time to the storage of his personal data. Should he or she do so, it will not be possible to continue the conversation and consent must be withdrawn over the telephone.
In such an eventuality, all personal data stored in relation to the contact will be erased.
6. Rights of the data subject
If your personal data are processed, you have the status of a “data subject” for the purposes of the Swiss Federal Act on Data Protection (DPA) and, if and insofar as applicable, the GDPR and have the following rights against us as the controller. In order to exercise your rights, please contact us stating your concern.
6.1. Right of access
Each data subject has the right to obtain at any time from the controller access free of charge to the personal data concerning him or her that have been stored and to receive a copy of these data. You can obtain from the controller confirmation as to whether or not any personal data concerning you are being processed by us.
6.2. Right to rectification
Each data subject has the right to obtain the erasure of personal data concerning him or her without undue delay. In addition, the data subject has the right, taking into account the purposes of the processing, to have incomplete personal data completed, including by means of providing a supplementary statement.
6.3. Right to restriction of processing
Each data subject has the right to obtain from the controller the restriction of processing where any of the prerequisites laid down by law in the Swiss Data Protection Act (DPA) or, if and insofar as applicable, in Article 18(1) GDPR applies.
6.4. Right to erasure
Each data subject has the right to obtain from the controller the erasure of personal data concerning him or her without undue delay where any of the grounds set forth in the Swiss Data Protection Act (DPA) or, if and insofar as applicable, in Article 17(1) GDPR applies.
6.5. Right to data portability
Each data subject has the right to receive the personal data concerning him or her, which he or she has provided to a controller, in a structured, commonly used and machine-readable format. The data subject also has the right to transmit those data to another controller without hindrance from the controller to which the personal data have been provided where the processing is based on consent pursuant to the Swiss Data Protection Act (DPA) or, if and insofar as applicable, point (a) of Article 6(1) GDPR or point (a) of Article 9(2) GDPR or on a contract pursuant to point (b) of Article 6(1) GDPR and the processing is carried out by automated means.
6.6. Right to object
Each data subject has the right to object, on grounds relating to his or her particular situation, at any time to processing of personal data concerning him or her which is based on the Swiss Data
Protection Act (DPA) or, if and insofar as applicable, on points (e) or (f) of Article 6(1) GDPR. This also applies to profiling based on those provisions.
In the event of any objection, the company will no longer process the personal data, unless we are able to demonstrate compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject or for the establishment, exercise or defence of legal claims.
If the company processes personal data for direct marketing purposes, the data subject has the right to object at any time to processing of personal data concerning him or her for such marketing. This also applies to profiling to the extent that it is related to such direct marketing. Where the data subject objects to processing for direct marketing purposes, the personal data will no longer be processed for such purposes.
6.7. Right to withdraw consent under data protection law
Each data subject has the right to withdraw at any time his or her consent to the processing of personal data.
You have the right to withdraw your consent under data protection law at any time. The withdrawal of consent will not affect the lawfulness of processing based on consent before its withdrawal.
6.8. Right to lodge a complaint with a supervisory authority
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement, if you consider that the processing of personal data relating to you infringes the Swiss Data Protection Act (DPA) or, if and insofar as applicable, the GDPR.
7. Links to other websites
The website may occasionally contain links (interactive references) to third party websites, for which Convention Team Lucerne AG bears no responsibility. Convention Team Lucerne AG has no influence whatsoever over the content and design of the linked external pages or websites to which the user is directed through these links. The relevant providers are exclusively responsible for the content and design of these websites and for compliance with data protection law.