Privacy policy

Linguista

Your trust and the protection of your privacy is our highest priority. We do everything we can to ensure that your personal data is secure. Our privacy policy applies to all personal data collected on our websites, on other channels such as social media as well as other applications for booking processing, data analysis or marketing purposes. The collected data will always be used with due care.

Linguista, a Media Touristik AG company, is the data controller responsible for collecting and processing your personal data in connection with its activities. Our mission is to provide our customers with a comprehensive range of travel services.

Linguista Language Travel ("We") is the data controller responsible for collecting and processing your personal data in connection with its activities. Our mission is to provide our customers with a comprehensive range of travel services.

In this privacy statement, we explain how we process your personal data and how you can control and manage it. Our data processing may, if necessary, be covered by further data protection notices, as also contained in particular in the General (Travel) Terms and Conditions, or may result from the circumstances or be regulated by law.

This privacy policy complies with the requirements of Swiss data protection law and - if and to the extent applicable - the General Data Protection Regulation (GDPR) of the European Union.

For better readability, we use the masculine form for personal names and personal nouns. Corresponding terms apply in principle to all genders for the purposes of equal treatment. The abbreviated form of language is for editorial reasons only and does not imply any valuation.

1.    Are you affected by this communication?

This Privacy Policy applies to you if you:

  • are one of our customers or have a contractual relationship with us;
  • are a fellow traveler of one of our customers.
  • are interested in our products or services and therefore provide us with your personal data (e.g. in an agency, on our websites and apps or at events) so that we can contact you.

If you provide us with personal data of others, please make sure that you inform them about the disclosure of their personal data and ask them to read this Privacy Policy. We will ensure that we do the same whenever possible (e.g., when we have the contact details of the person concerned).

2.    How you can control our processing of your personal data

You have rights that allow you to effectively control your personal data and the way we process it. Below we explain your rights in relation to your personal data.

If you wish to exercise the rights set out below, please submit a request by email to web@mediatouristik.ch or by post to the following address:

Linguista Sprachaufenthalte
Media Touristik AG
Birmensdorferstrasse 55
8004 Zürich

If you have any questions about the use of your personal data within the scope of this privacy policy, please direct them to the following address: web@mediatouristik.ch

2.1.    You can request information about your personal data

If you request information about your personal data, we will provide you with a copy of the personal data you have requested and information about its processing. Your right to information may be restricted in the cases provided for by law.

2.2.    You can request the correction of your personal data

If you believe that your personal data is inaccurate or incomplete, you may request that such personal data be amended or completed accordingly. In some cases, the submission of supporting documents may be required.

2.3.    You can request the deletion of your personal data

If you so wish, you may request the deletion of your personal data to the extent permitted by law.

2.4.    You may object to the processing of your personal data on the basis of legitimate interests

If you do not consent to processing based on a legitimate interest, you may object on grounds relating to your individual situation. In that case, inform us in detail about the relevant processing and the reasons for your objection. We will stop processing your personal data unless there are compelling legitimate grounds or the processing serves the assertion, exercise or defense of legal claims.

2.5.    You can object to the processing of your personal data for the purpose of direct advertising

You have the right to object to the processing of your personal data for the purpose of direct marketing at any time. This also applies to profiling, insofar as it is associated with such direct advertising.

2.6.    You may request the restriction of the processing of your personal data

If you dispute the accuracy of the personal data we use or object to the processing of your personal data, we will review or revise your request. You may request that we restrict the processing of your personal data while we review your request.

2.7.    You have rights against an automated individual decision

In principle, you have the right not to be subject to a decision based solely on automated processing - including profiling - which produces legal effects concerning you or similarly significantly affects you. However, we may automate such a decision if it is necessary for the conclusion or performance of a contract with us, is permitted by law or if you have given your consent.
In any case, you have the right to challenge the decision, to state your position and to request the intervention of a competent person to review the decision.

2.8.    You can revoke your consent

In those cases where processing is based on your declared consent, you can revoke this consent at any time.

2.9.    You can request the portability of part of your personal data

You may request a copy of the personal data provided by you in a structured, common and machine-readable format. If technically feasible, you may request that we transfer this copy to a third party.

2.10.     Complaint to the Federal Data Protection and Information Commissioner

In addition to the above rights, you may file a complaint with the competent supervisory authority. In Switzerland, this is the Federal Data Protection and Information Commissioner (FDPIC), Feldeggweg 1, 3003 Bern.

3.    For what purpose and on what legal basis do we use your personal data?

3.1.    Contract execution and legitimate interest

In this section, we explain the purpose for which we process your personal data and the legal basis for doing so. First and foremost, we use your personal data to perform a contract to which you are a party or to carry out pre-contractual measures at your request. However, we may also process your personal data to fulfill our legitimate interest or that of third parties.

Your personal data will be processed in particular if this is necessary for the conclusion or performance of a contract in order to:

  • conclude a (travel) contract with you. We may process personal data in order to register you as a new customer, conclude a contract and fulfill it with you;
  • provide you with products and services that you have purchased under the relevant contract;
  • to perform billing, invoicing and collection;
  • to provide you with services related to the preparation and execution of a trip;
  • for insurance purposes;
  • to offer consulting services;
  • to be able to provide assistance in case of difficulties during the trip;
  • to provide you with access to our digital platforms. We may process personal data when you use our digital platforms for various purposes (e.g., to manage your personal information or to access travel information);
  • to provide access to our premises and facilities. We may process personal information when you visit us at our premises to conduct appropriate access and security checks;
  • to communicate with you. We may process personal data when you want to contact us, when you ask us for information about our business or services, or when the contract needs to be updated;
  • to respond to your requests and support you;
  • to manage the termination of the contract.

Where we base a processing activity on a legitimate interest, we will balance that interest against your interests or fundamental rights and freedoms to ensure that they are fairly balanced. In the course of our business as a travel provider, we also use your personal data to:

  • Continue to develop our products and services;
  • Improve cybersecurity, manage our platforms and websites, and ensure business continuity;
  • Implement implementation of IT solutions;
  • Perform maintenance of IT systems in ongoing operations;
  • Improve the automation and efficiency of our operations and customer services (e.g., auto-fill complaints, track your requests, and improve your satisfaction based on personal data collected during our interactions with you, such as phone records, emails, or chats);
  • Enable the assertion of legal claims and defense in connection with legal disputes and regulatory proceedings;
  • Organize contests, promotions, and conduct customer satisfaction surveys and opinion polls.

3.2.    Advertising and marketing

If you are a customer and unless you object, we may send you offers for our products and services. We will ensure that these commercial offers relate to products or services that are relevant to your needs and complement the offers you already use. You can object to this at any time.

3.3.    Consent

For certain processing of personal data, we will inform you specifically and ask for your consent. Of course, you can revoke your consent at any time.
In particular, we ask for your consent for:

  • The transfer of particularly sensitive personal data to third parties;
  • Tailoring our offers and products or services based on a complex profile to predict your needs and behavior;
  • Any electronic offers for products and services that are not similar to those you have purchased or for products and services from our trusted partners.

If necessary, we may ask you for further consent to process your personal data, but this will not affect any data processing already carried out.

4.    What types of personal data do we collect?

We collect and use your personal information, which is any information that identifies you or makes it possible to identify you.
Depending on the type of product or service we offer you and the interactions we have with you, we collect different types of personal information about you:

  • Contact information, (private or professional) postal address, e-mail address, telephone number;
  • Personal information, e.g. gender, birthday and age, marital status, nationality, passport details, etc.
  • Lifestyle, e.g. hobbies and interests, travel;
  • Travel details, e.g. dates of travel, itinerary/destination, airline, hotel, price, customer preferences, information about your fellow travelers, frequent flyer programs, etc...;
  • Health information, e.g., information about health-related special needs or illnesses and accidents during a trip;
  • Financial data, e.g. payment information, credit card number, account details;
  • Data about your habits and preferences, in relation to the use of our products and services (e.g. meal preferences);
  • Data from our interactions with you, e.g., your comments, suggestions, needs, collected during our interactions with you in person at our sites and during telephone communications (call notes or call recordings), communications via email, chat, chatbot, exchanges on our social media, and your complaints, if any. Your connection and tracking data (e.g. collected via cookies for non-promotional or analytical purposes on our websites), online services, other applications;
  • Data about your devices (cell phone, computer, tablet, etc.), such as IP address, technical data and unique identifier data;
  • Personalized credentials or security features used to connect you to the website and apps from us.

5.    From whom do we collect personal data?

We usually collect personal data directly from you. However, we may also collect it from other sources.
Sometimes we collect data from public sources:

  • Publications/databases provided by official authorities or third parties (e.g. the Swiss Official Gazette of Commerce or the Commercial Register);
  • Websites/social media presences of legal entities or corporate clients that contain information you have disclosed (e.g., your own website or social media presence);
  • public information, e.g. information from the media.

We also collect personal data from third parties:

  • from our customers (e.g., as fellow travelers);
  • from our business partners (e.g. tour operators, service providers abroad);
  • from third parties such as credit bureaus and fraud prevention agencies;
  • from address research service providers who are themselves responsible for ensuring that they collect the relevant information in a lawful manner.

6.    Who do we share your personal information with and why?

In order to fulfill some of the purposes described in this Privacy Policy, in particular the performance of a trip, we may share your personal information with others. These may be the following:

  • Our service providers in the destination country (e.g. agencies, tour guides, hotel reservations, transfer and excursion services), transport service providers (airline, train, car rental, etc.) and accommodation operators (hotel, hostels, etc.);
  • Processors who provide services on our behalf (e.g., IT services, logistics, printing services, telecommunications, debt collection, consulting and sales, and marketing);
  • Certain regulated professionals such as lawyers, notaries or auditors, if required in certain circumstances (litigation, auditing, etc.) and to our insurers;
  • Partners to conduct advertising, market and opinion research;
  • Partners to assist in the investigation of criminal offences (e.g. fraud), assertion, exercise or defense of legal claims;
  • Authorities and official bodies (e.g. tax authorities, embassies of the destination country) in the event of a legal or official obligation (e.g. retention obligations, obtaining visas, obtaining entry requirements).

7.    International transfer of personal data

In the case of international transfers from Switzerland and the European Economic Area (EEA) to a non-EEA country (third country), the cross-border transfer of your personal data may occur. In particular, you must expect the transfer of your data to their travel countries. But also to countries in Europe, the USA and worldwide, where the service providers and service providers we use are located. If the FDPIC or the European Commission has recognized that a third country offers an adequate level of data protection, your personal data may be transferred on this basis.

For transfers to a third country whose level of protection has not been recognized as adequate by the FDPIC and the European Commission, we will either rely on an exemption applicable to the particular situation (e.g., if the transfer is necessary for the performance of our contract with you) or apply one of the following appropriate safeguards to ensure the protection of your personal data:

  • standard contractual clauses approved by the FDPIC and the European Commission;
  • binding internal data protection rules.

To obtain a copy of these safeguards or information about where they can be obtained, you may submit a written request in accordance with Section 2.

7.1.    Note on data transfer to the USA

For the sake of completeness, we would like to point out for users who are resident or domiciled in Switzerland that there are surveillance measures in place in the USA by US authorities which generally allow the storage of all personal data of all persons whose data has been transferred from Switzerland to the USA. This is done without any differentiation, limitation or exception based on the objective pursued and without any objective criterion that would make it possible to limit the access of the U.S. authorities to the data and their subsequent use to very specific, strictly limited purposes that are capable of justifying the intrusion associated both with the access to these data and with their use. Furthermore, we would like to point out that in the U.S. there are no legal remedies available to data subjects from Switzerland that would allow them to obtain access to the data concerning them and to obtain its correction or deletion, or that there is no effective judicial legal protection against general access rights of U.S. authorities. We explicitly draw the attention of the data subject to this legal and factual situation so that he or she can make an appropriately informed decision to consent to the use of his or her data.

We would like to point out to users residing in a member state of the EU that the USA does not have a sufficient level of data protection from the perspective of the European Union - among other things due to the topics mentioned in this section. To the extent that we have explained in this Privacy Policy that recipients of data (such as Google, Facebook, and Twitter ) are located in the U.S., we will ensure either through contractual arrangements with these companies or by ensuring that these companies are certified under the EU-U.S. Privacy Shield that your data is protected with our partners with an adequate level.

8.    How long do we keep your personal data?

We will retain your personal information for as long as necessary to fulfill our contractual obligations and to comply with applicable laws and regulations, or for any other period of time with respect to our legitimate business interest, such as proper recordkeeping and responding to legal claims or regulatory inquiries.

9.    Data security

We use appropriate technical and organizational security measures to protect your personal data stored with us against manipulation, partial or complete loss and against unauthorized access by third parties (e.g. encryption of data transmission, access controls, etc.). Our security measures are continuously improved in line with technological developments.

We take reasonable precautions to protect your information. The transmission of information via the Internet and other electronic means always involves certain security risks and we cannot guarantee the security of information transmitted in this way.

9.1.    SSL encryption when using the website

Secure Socket Layer (SSL) is a protocol for secure data transmission on the Internet. The majority of browsers support this procedure. SSL uses the public key method, in which data encoded with a publicly accessible key can only be decoded again with a very specific private key. Most browsers use a key or padlock to indicate whether the connection is secured or unsecured.

Please note that the Internet is a worldwide open network. When you transmit personal data over the Internet, you always do so at your own risk.
The personal data you transmit is encrypted/protected using Secure Socket Layer (SSL) with 256 bits. Despite extensive technical and organizational security measures, it is possible that data may be lost or intercepted and/or manipulated by unauthorized persons. Media Touristik AG takes appropriate technical and organizational security measures to prevent this within the system of Media Touristik AG. However, your computer is located outside the security area controllable by Media Touristik AG. It is your responsibility as user to inform yourself about the necessary security measures and to take appropriate measures in this respect. Media Touristik AG is not liable under any circumstances for damages that you may incur as a result of data loss or manipulation.

10.    Cookies, tracking and other technologies when using our websites

We use various techniques on our websites and apps to identify your browser or device.

10.1.     Cookies

A cookie is a small file that is sent to your computer or automatically stored on your computer or mobile device by the web browser you use when you visit our website or install our app. When you visit this website again or use our app, we can recognize you even if we do not know who you are. In addition to cookies that are only used during a session and deleted after your website visit ("session cookies"), cookies can also be used to store user settings and other information for a certain period of time (e.g. two years) ("permanent cookies"). However, you can set your browser to reject cookies, store them for one session only, or otherwise delete them early. Most browsers are preset to accept cookies. We use persistent cookies so that you can save user settings (e.g. language, autologin), so that we can better understand how you use our offers and content, and so that we can show you offers and advertising tailored to you (which may also happen on websites of other companies; however, they will not learn from us who you are, if we ourselves know that at all, because they only see that on their website is the same user who was also with us on a particular page). Certain of the cookies are set by us, and certain are also set by contractors with whom we work. If you block cookies, certain functionalities (such as language selection or booking processes) may no longer work.

10.2.     Google Web Fonts

Our websites use so-called web fonts provided by Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland ("Google") for the uniform display of fonts. When you call up a page, your browser loads the required web fonts into its browser cache in order to display texts and fonts correctly. For this purpose, the browser you use must connect to Google's servers. This enables Google to know that our website has been accessed via your IP address. Google Web Fonts are used in the interest of a uniform and appealing presentation of our online offers. This represents a legitimate interest within the meaning of Art. 6 (1) lit. f GDPR. If your browser does not support web fonts, a standard font will be used by your computer.

For more information on Google Web Fonts, please visit https://developers.google.com/fonts/faq and see Google's privacy policy: https://www.google.com/policies/privacy/

10.3.     Google Maps

Our websites use Google Maps API, a mapping service provided by Google Ireland Limited. "Google", to display an interactive map and to create directions. Google Maps is operated by Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland. By using this website, you consent to the collection, processing and use of automatically collected data by Google Inc, its agents and third parties.
The terms of use of Google Maps can be found here.

10.4.     Web analysis

For the analysis and optimization of our website offers, we use Google Analytics from Google Ireland Limited, based in Ireland (hereinafter "Google"). Google is certified under the Swiss-U.S. Privacy Shield agreement.

Google uses cookies that are stored on your computer. The tracking data collected by the cookies about your use of this website will be transmitted to and stored by Google on servers in the United States. Your IP address is also transferred, but Google anonymizes it before storing it so that it can no longer be assigned to you. Google uses the _anonymizeIp() method for this purpose.

About the use of our websites, the following data can be stored and evaluated anonymously and exclusively for statistical purposes: The pages visited and their order, the operating system and browser used, the date and time of page views, the address of the previously viewed website if your visit came about via a direct link to us placed there and information about the origin. Google may expand this list and may transfer information to third parties if required by law or if third parties process this data on behalf of Google.

10.5.     Technologies for advertising purposes

Our websites use Google Ads Conversion Tracking and Google Remarketing from Google for advertising purposes.

Google Ads Conversion Tracking uses a cookie to determine performance after you have clicked on a Google Ads ad. In the context of Google Remarketing, cookies are used to collect the surfing behavior of website visitors for marketing purposes in anonymized form and used to tailor advertising offers to your interests. Under no circumstances will personal data be collected or stored by these technologies that would allow your identity to be inferred. The DoubleClick by Google cookie (Pixel TAG) is also used to enable remarketing for products such as Google Ads in the Google Display Network. Information such as the time of your visit is stored in the cookies, as well as information on whether this is your first visit and details of the website that referred you to this website.

10.6.     HubSpot

We use HubSpot for our online marketing activities. HubSpot is a software company from the USA with a branch in Ireland (HubSpot European Headquarters, Ground Floor, Two Dockland Central, Guild Street, Dublin 1, Ireland).

This is an integrated software solution that covers various aspects of online marketing. All data is stored on HubSpot's servers.

HubSpot is certified under both the EU-U.S. and the Swiss-U.S. Privacy Shield, thereby ensuring adequate data protection. For comprehensive information on how HubSpot handles the data collected and how it is protected, please refer to HubSpot's Privacy Policy. https://legal.hubspot.com/privacy-policy

The following features are used on our websites:

  • Contact forms: The customer data for inquiries via HubSpot contact form are used exclusively for related marketing activities. Afterwards, this contact data is deleted from HubSpot's servers unless it is needed for further activities (e.g. booking). By entering contact information, you agree that Linguista may contact you.
  • Live chat: Data collected in chat is used to process your request. By entering your email address or other contact information, you consent to its processing and use to contact you regarding your request.
  • Offer and booking forms: The collection and processing of this data is for the purpose of enabling the service you requested. This is our legitimate interest in data processing within the meaning of Art. 6 para. 1 lit. f GDPR.

11.    Social Media Plug-ins

On our websites, we also use so-called plug-ins from social networks such as Facebook, Twitter, YouTube, Pinterest or Instagram. This is apparent to you in each case (via corresponding icons). We have configured these elements so that they are deactivated by default. If you activate them (by clicking on them), the operators of the respective social networks can register that you are on our website and where and can use this information for their purposes. The processing of your personal data is then the responsibility of this operator according to its data protection regulations. We do not receive any information about you from him.

11.1.    Facebook Pixel

The use of the Facebook pixel serves to determine visitors to our online offer as a target group for the display of ads on Facebook, to ensure that our Facebook ads correspond to the potential interest of users and do not have a harassing effect, and to track the effectiveness of Facebook ads for statistical and market research purposes. Through this cookie, we collect information about the use of our apps and websites, device identification, IP address and browser type, demographic data or the URL of the website visited from your device.

11.2.    YouTube videos

We have integrated YouTube videos into our online offer, which are stored on www.YouTube.com and can be played directly from our website. These are all embedded in "extended data protection mode", which means that no data about you as a user is transmitted to YouTube if you do not play the videos. Only when you play the videos, the data mentioned in the next paragraph will be transferred. We have no influence on this data transmission.

By visiting the website, YouTube receives the information that you have accessed the corresponding subpage of our website. In addition, personal data is transmitted. This occurs regardless of whether YouTube provides a user account through which you are logged in or whether no user account exists. If you are logged in to Google, your data will be directly assigned to your account. If you do not want the assignment with your profile at YouTube, you must log out before activating the button. YouTube stores your data as usage profiles and uses them for the purposes of advertising, market research and/or demand-oriented design of its website. Such an evaluation is carried out in particular (even for users who are not logged in) to provide needs-based advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles, whereby you must contact YouTube to exercise this right.

For more information on the purpose and scope of data collection and processing by YouTube, please refer to their privacy policy. There you will also find further information about your rights and setting options to protect your privacy: https://policies.google.com/privacy?hl=en&gl=en

Google also processes your personal data in the USA and has submitted to the EU-US Privacy Shield, www.privacyshield.gov/EU-US-Framework.

12.    How you can follow the development of this privacy policy

In a world where technologies are constantly evolving, we regularly review this Privacy Policy and update it as necessary.

The most current version published on our website applies. We encourage you to review the latest version of this document online. We will notify you of changes via our website or through our usual communication channels.

Status: September 2023