Last update: July 2024
Who is responsible for data processing?
Linda Thai Massage & Spa
Salerstrasse 12
8050 Zurich
Switzerland
E-Mail: welcome@lindathaimassage.ch
Persons authorized to represent the company:
Siwaphon Sorawan, owner
Name of the company:
Linda Thai Massage & Spa, Siwaphon Sorawan
(hereinafter referred to as “Linda Thai Massage & Spa”)
General note
Based on Article 13 of the Swiss Federal Constitution and the data protection provisions of the Swiss Confederation (Data Protection Act, DSG), every person is entitled to protection of their privacy and protection against misuse of their personal data. The operators of these pages take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this privacy policy.
In cooperation with our hosting providers, we endeavor to protect the databases as well as possible against unauthorized access, loss, misuse or falsification.
We would like to point out that data transmission over the Internet (e.g. when communicating by e-mail) may be subject to security vulnerabilities.
Complete protection of data against access by third parties is not possible. By using this website, you consent to the collection, processing and use of data in accordance with the following description.This website can generally be visited without registration. Data such as pages called up or the name of the file called up, date and time are stored on the server for statistical purposes without this data being directly related to your person. Personal data, in particular name, address or e-mail address, are collected on a voluntary basis as far as possible. No data will be passed on to third parties without your consent.
Links to other websites
This privacy policy applies only to the website of “Linda Thai Massage & Spa” and not to websites of third parties. Our websites may contain links to other websites that may be of interest to you.
However, due to the nature of the internet, we do not guarantee the protection of your personal data on these websites and accept no responsibility for the content of other websites.
This privacy policy does not apply to linked websites that do not originate from “Linda Thai Massage & Spa”. Always exercise caution when opening a link to another website and read the privacy policy of that site.
Processing of personal data
Personal data is any information relating to an identified or identifiable person. A data subject is a person about whom personal data is processed. Processing includes any handling of personal data, regardless of the means and procedures used, in particular the storage, disclosure, procurement, deletion, storage, modification, destruction and use of personal data.
We process personal data in accordance with Swiss data protection law.
If and insofar as the EU GDPR is applicable, we also process personal data on the following legal bases in conjunction with Art. 6 (1) GDPR:
lit. a) Processing of personal data with the consent of the data subject.
lit. b) Processing of personal data for the performance of a contract with the data subject and for the implementation of corresponding pre-contractual measures.
lit. c) Processing of personal data for compliance with a legal obligation to which we are subject under applicable EU law or under applicable law of a country in which the GDPR is applicable in whole or in part.
lit. d) Processing of personal data to protect the vital interests of the data subject or another natural person.
lit. f) Processing of personal data for the purposes of the legitimate interests pursued by us or by a third party, except where such interests are overridden by the fundamental freedoms and rights and interests of the data subject. Legitimate interests include, in particular, our business interest in being able to provide our website, information security, the enforcement of our own legal claims and compliance with Swiss law.
We process personal data for the duration required for the respective purpose or purposes.
In the case of longer-term retention obligations due to legal and other obligations to which we are subject, we restrict processing accordingly.
Safety measures
We take appropriate technical and organizational measures in accordance with the legal requirements, taking into account the state of the art, the implementation costs and the nature, scope, circumstances and purposes of the processing as well as the different probabilities of occurrence and the extent of the threat to the rights and freedoms of natural persons, in order to ensure a level of protection appropriate to the risk.
The measures include, in particular, ensuring the confidentiality, integrity and availability of data by controlling physical and electronic access to the data as well as access, input, disclosure, ensuring availability and separation of the data. Furthermore, we take the protection of personal data into account as early as the development or selection of hardware, software and processes in accordance with the principle of data protection, through technology design and through data protection-friendly default settings.
Transmission of personal data
As part of our processing of personal data, data may be transmitted to other bodies, companies, legally independent organizational units or persons or disclosed to them. The recipients of this data may include, for example, service providers commissioned with IT tasks or providers of services and content that are integrated into a website. In such cases, we observe the legal requirements and, in particular, conclude corresponding contracts or agreements with the recipients of your data that serve to protect your data.
Data processing in third countries
If we process data in a third country (i.e. outside the European Union (EU), the European Economic Area (EEA)) or if the processing takes place in the context of the use of third-party services or the disclosure or transfer of data to other persons, bodies or companies, this will only take place in accordance with the legal requirements.
Subject to express consent or transfer required by contract or law, we only process the data in third countries with a recognized level of data protection, contractual obligation through so-called standard protection clauses of the EU Commission, in the presence of certifications or binding internal data protection regulations (Art. 44 to 49 GDPR, information page of the EU Commission: https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection_de).
Cookies
This website uses cookies. These are small text files that make it possible to store specific information relating to the user on the user’s device while the user is using the website.
Cookies make it possible in particular to determine the frequency of use and the number of users of the pages, to analyze patterns of page use, but also to make our offer more customer-friendly.
Cookies remain stored beyond the end of a browser session and can be retrieved when you visit the site again. If you do not wish this to happen, you should set your Internet browser to refuse to accept cookies. Please note that in this case not all functions of this online offer can be used.
SSL/TLS encryption
This website uses SSL/TLS encryption for security reasons and to protect the transmission of confidential content, such as requests that you send to us as the site operator. You can recognize an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line.
If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.
Server log files
The provider of this website automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are
- Browser type and browser version
- Operating system used
- Referrer URL
- Host name of the accessing computer
- Time of the server request
This data cannot be assigned to specific persons. This data is not merged with other data sources. We reserve the right to check this data retrospectively if we become aware of specific indications of unlawful use.
Third party services
The services of the American Google LLC use cookies, among other things, and as a result, data is transferred to Google in the USA, whereby we assume that no personal tracking takes place in this context solely through the use of our website.
Google has undertaken to guarantee appropriate data protection in accordance with the US-European and US-Swiss Privacy Shield.
Further information can be found in the Google privacy policy.
Contact form
If you send us inquiries via the contact form, your details from the inquiry form, including the contact details you provide there, will be stored by us for the purpose of processing the inquiry and in the event of follow-up questions. We will not pass on this data without your consent.
Newsletter
If you would like to receive the newsletter offered on the website, we require an e-mail address from you as well as information that allows us to verify that you are the owner of the e-mail address provided and that you agree to receive the newsletter. No further data is collected.
We use this data exclusively for sending the requested information and do not pass it on to third parties.
You can revoke your consent to the storage of the data, the e-mail address and its use for sending the newsletter at any time, for example via the “unsubscribe” link in the newsletter.
We use third-party email marketing services when sending emails.
Our emails may therefore contain a so-called tracking pixel (web beacon) or similar technical means. A tracking pixel is a 1×1 pixel, invisible graphic that is associated with the user ID of the respective email subscriber.
The use of corresponding services makes it possible to evaluate whether our emails have been opened by the recipients. In addition, their click behavior can also be recorded and evaluated.
We use this data for statistical purposes and to optimize the content of our messages. This enables us to better tailor the information and offers in our emails to the individual interests of the respective recipient. The tracking pixel is deleted when you delete the e-mail.
To prevent the use of the tracking pixel in our emails, set your email program so that no HTML is displayed in messages.
Google TagManager
Google Tag Manager is a solution with which we can manage so-called website tags via an interface and thus, for example, integrate Google Analytics and other Google marketing services into our online offering. The Tag Manager itself, which implements the tags, does not process any personal user data. With regard to the processing of users’ personal data, we refer to the following information on Google services. Usage guidelines: https://www.google.com/intl/de/tagmanager/use-policy.html.
Google Analytics
This website uses Google Analytics, a web analytics service provided by Google Ireland Limited.
If the controller responsible for data processing on this website is located outside the European Economic Area or Switzerland, Google Analytics data processing is carried out by Google LLC.
Google LLC and Google Ireland Limited are hereinafter referred to as “Google”.
We can use the statistics obtained to improve our offer and make it more interesting for you as a user. This website also uses Google Analytics for a cross-device analysis of visitor flows, which is carried out via a user ID.
If you have a Google user account, you can deactivate the cross-device analysis of your use in the settings there under “My data”, “Personal data”.
The legal basis for the use of Google Analytics is Art. 6 para. 1 sentence 1 lit. f GDPR. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data. We would like to point out that on this website Google Analytics has been extended by the code “_anonymizeIp();” to ensure an anonymized collection of IP addresses. As a result, IP addresses are further processed in abbreviated form, so that they cannot be linked to a specific person. If the data collected about you is personally identifiable, it is immediately excluded and the personal data is deleted immediately.
Only in exceptional cases is the full IP address transmitted to a Google server in the USA and truncated there. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide other services relating to website activity and internet usage to the website operator. For the exceptional cases in which personal data is transferred to the USA, Google has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.
Google Analytics uses cookies. The information generated by the cookie about your use of this website is usually transferred to a Google server in the USA and stored there. You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by Google by downloading and installing the browser plug-in available at the following link: https://tools.google.com/dlpage/gaoptout?hl=de You can also prevent the use of Google Analytics by clicking on this link: Google Analytics deaktivieren.
Hierdurch wird ein sog. opt-out Cookie auf ihrem Datenträger gespeichert, der die Verarbeitung personenbezogener Daten durch Google Analytics verhindert. Bitte beachten Sie, dass bei einem Löschen sämtlicher Cookies auf Ihrem Endgerät auch diese Opt-out-Cookies gelöscht werden, d.h., dass Sie erneut die Opt-out-Cookies setzen müssen, wenn Sie weiterhin diese Form der Datenerhebung verhindern wollen. Die Opt-out-Cookies sind pro Browser und Rechner/Endgerät gesetzt und müssen daher für jeden Browser, Rechner oder anderes Endgerät gesondert aktiviert werden.
Social media plugins
We also use so-called plug-ins from social networks such as Facebook, X (formerly Twitter), YouTube, Pinterest or Instagram on our websites. This is visible to you in each case (typically via corresponding icons). We have configured these elements so that they are deactivated by default.
If you activate them (by clicking on them), the operators of the respective social networks can register that you are on our website and where and can use this information for their purposes.
The processing of your personal data is then the responsibility of this operator in accordance with its data protection provisions. We do not receive any information about you from them.
How can its use be prevented?
If you do not want the providers to collect data about you, you can select the “Block third-party cookies” function in your browser settings. The browser will then not send any corresponding information to the provider’s server for embedded content from other providers. With this setting, however, other content on our website may no longer work in certain cases.
Functions of the Instagram service are integrated on our website. These functions are offered by Instagram Inc, 1601 Willow Road, Menlo Park, CA, 94025, USA. If you are logged into your Instagram account, you can link the content of our pages to your Instagram profile by clicking on the Instagram button. This allows Instagram to associate your visit to our pages with your user account. We would like to point out that, as the provider of the pages, we have no knowledge of the content of the transmitted data or its use by Instagram. Further information on this can be found in Instagram’s privacy policy: https://instagram.com/about/legal/privacy/
Data transfer to the USA
Tools from companies based in the USA are integrated on our website. If these tools are active, your personal data may be transferred to the US servers of the respective companies. We would like to point out that the USA is not a safe third country within the meaning of EU data protection law. US companies are obliged to disclose personal data to security authorities without you as the data subject being able to take legal action against this. It can therefore not be ruled out that US authorities (e.g. secret services) may process, evaluate and permanently store your data on US servers for surveillance purposes. We have no influence on these processing operations.
Rights in relation to your personal data
You have the right to information, correction, deletion, the right to restrict data processing and otherwise to object to our data processing, in particular for the purposes of direct marketing, profiling for direct advertising and other legitimate interests in processing, as well as to the disclosure of certain personal data for the purpose of transfer to another body (so-called data portability) within the framework of the data protection law applicable to you and to the extent provided for therein (such as in the case of the GDPR). Please note, however, that we reserve the right to assert the restrictions provided for by law, for example if we are obliged to store or process certain data, have an overriding interest in doing so (insofar as we are entitled to invoke this) or require it for the assertion of claims. If you incur costs, we will inform you in advance.
We have already informed you about the possibility of withdrawing your consent in point. 3.
Please note that exercising these rights may conflict with contractual agreements and may have consequences such as premature termination of the contract or cost consequences. We will inform you in advance if this is not already contractually regulated.
The exercise of such rights generally requires that you provide clear proof of your identity (e.g. by means of a copy of your ID where your identity is otherwise not clear or cannot be verified).
To assert your rights, you can contact us at the address given in section 1.
Every data subject also has the right to enforce their claims in court or to lodge a complaint with the competent data protection authority. The competent data protection authority in Switzerland is the Federal Data Protection and Information Commissioner (https://www.edoeb.admin.ch).
Copyrights
The copyright and all other rights to the content, images, photos or other files on the website belong exclusively to the operator of this website or the specifically named rights holders.
The written consent of the copyright holder must be obtained in advance for the reproduction of any files.
Anyone who commits a copyright infringement without the consent of the respective copyright holder may be liable to prosecution and may be entitled to claim damages.
General disclaimer
All information on our website has been carefully checked. We make every effort to ensure that the information we provide is up-to-date, correct and complete. Nevertheless, the occurrence of errors cannot be completely ruled out, which means that we cannot guarantee the completeness, correctness and topicality of information, even of a journalistic or editorial nature. Liability claims arising from material or immaterial damage caused by the use of the information provided are excluded, unless there is evidence of willful intent or gross negligence.
The publisher may change or delete texts at its own discretion and without notice and is not obliged to update the content of this website. The use of or access to this website is at the visitor’s own risk. The publisher, its clients or partners are not responsible for damages, such as direct, indirect, accidental, pre-determined or consequential damages, which are allegedly caused by visiting this website and therefore assume no liability for this.
The publisher also accepts no responsibility or liability for the content and availability of third-party websites that can be accessed via external links on this website. The operators of the linked pages are solely responsible for their content. The publisher therefore expressly distances itself from all third-party content that may be relevant under criminal or liability law or offend common decency.
Objection to advertising e-mails
We hereby object to the use of contact data published as part of our obligation to provide a legal notice for the purpose of sending unsolicited advertising and information material. The operators of this website expressly reserve the right to take legal action in the event of the unsolicited sending of advertising information, such as spam e-mails.
Changes
We may amend this privacy policy at any time without prior notice. The current version published on our website shall apply. If the privacy policy is part of an agreement with you, we will inform you of the change by e-mail or other suitable means in the event of an update.
Questions for the data protection officer
If you have any questions about data protection, please send us an e-mail or contact the person responsible for data protection in our organization listed at the beginning of this privacy policy.