This Data Protection Statement provides information about which personal data we process as well as how, where and for what purpose, in particular in connection with our stadtcasino-basel.ch website and other offerings. This Data Protection Statement also contains details of your rights in terms of data processed and on the regulations governing the video surveillance systems at the Stadtcasino Basel.
Casino-Gesellschaft Basel, Konzertgasse 1, CH-4051 Basel, UID: CHE-102.246.972 (referred to hereinafter as "Casino-Gesellschaft") is the controller in terms of the General Data Protection Regulation (GDPR) and corresponding national legislation.
2.1. Personal data collected by the Casino-Gesellschaft
The Casino-Gesellschaft processes personal data
2.2. Types of data processing
The Casino Gesellschaft may use personal data as follows:
2.3. Lawful bases
Your personal data is processed on the grounds of the following lawful bases
2.4 Transfer to third parties
The Casino-Gesellschaft may share your personal data outside the company. For example:
If the Casino-Gesellschaft transfers your personal data outside Europe, it shall ensure that data are transferred in protected form and in accordance with the legal requirements applicable to the information. This may be achieved in different ways, e.g.:
The Casino-Gesellschaft may retain your personal data for varying periods of time, essentially depending on:
The Casino-Gesellschaft shall ensure that appropriate security measures are taken to protect personal data stored by us.
3.1. Right of access to information
You may ask the controller to confirm whether or not your personal data are subject to processing. If so, you have a right of access to information about that personal data, as well as to information about the purpose, type and scope of processing.
You are entitled to know whether your personal data are subject to transfer to a third country or any international organisation.
3.2. Right to rectification
You are entitled to demand that the controller rectifies and/or completes personal data to the extent that processed personal data concerning you are incorrect or incomplete. The controller must make the necessary rectification immediately.
3.3. Right to erasure
You may demand that the controller erases your personal data immediately, and the controller must undertake to delete such personal data without delay where one of the following reasons applies:
3.4. Right to notification
If you have exercised your right to rectification, erasure or limitation of processing against the controller, the latter shall undertake to inform all recipients to whom the personal data were disclosed of this rectification or erasure of personal data, or limitation on processing, unless this proves impossible to do or would entail unreasonable expense or effort. You are entitled to ask the controller to provide you with details of recipients.
3.5. Right to revoke consent under data protection law
You are entitled to revoke your declaration of consent under data protection law at any time. Revocation of consent shall not affect the legality of data processing undertaken on the basis of your consent prior to revocation of such consent.
We take adequate and appropriate technical and organisational measures to guarantee data protection and data security in particular. Regardless of such measures, it is a fact that gaps in security may occur when processing personal data on the internet. We cannot, therefore, guarantee absolute data security.
Our online offer is accessed via transport encryption (SSL / TLS, in particular using Hypertext Transfer Protocol Secure, abbreviated as HTTPS). Most browsers signal transport encryption by displaying a padlock in the address bar.
Like basically any other type of internet use, access to our online offer is subject to indiscriminate mass surveillance even where there are no grounds for suspicion, and other surveillance by security authorities in Switzerland, the European Union (EU), the United States of America (USA) and in other states. We have no means of directly influencing the processing of personal data by intelligence services, police organisations and other security authorities.
5.1 Cookies
We may use cookies for our website. Both our own cookies (first-party cookies) and cookies used by third-party service providers (third-party cookies) are data in text form which are stored on your browser. Cookies cannot execute programs or transfer malware such as Trojans and viruses.
When you visit our website, cookies may be stored on your browser temporarily, as session cookies, or for a certain period, as persistent cookies. Session cookies are erased automatically when you close your browser. Persistent cookies allow us – in particular – to recognise your browser on a repeat visit to our website so that we can measure our website reach, for example. Persistent cookies may also be used for online marketing.
You may partially or wholly deactivate cookies, or delete cookies, via your browser settings at any time. However, without cookies our website will no longer be fully available to you. We therefore ask you – where and to the extent required – for your specific consent to the use of cookies.
Cookies used to measure website results and reach, or for publicity purposes, may often be tied to a general opt-out via the Network Advertising Initiative (NAI), YourAdChoices (Digital Advertising Alliance) or Your Online Choices (European Interactive Digital Advertising Alliance, EDAA).
5.2 Server log files
Whenever our website is accessed, we may collect the following information where it is transmitted from your browser to our server infrastructure, or can be identified by our web server: date and time, including time zone, Internet Protocol (IP) address, access status (HTTP status code), operating system including user interface and version, browser including language and version, which subpages you visit, including volume of data transmitted and which website you accessed previously in your browser window (referring site).
We store this information, which may include personal data, in server log files. This information is required to ensure our online offering is durable, user-friendly and reliable, and to guarantee data security as a means of ensuring, in particular, protection of personal data – possibly by third parties or with assistance from third parties.
5.3 Tracking pixels
We may use tracking pixels on our website. Tracking pixels are also known as web beacons. Tracking pixels – our own or those used by third-party service providers – are tiny, usually invisible images which are automatically loaded when you visit our website. Tracking pixels collect the same information as server log files.
We send notifications and communications such as our newsletter via email and via other communication channels such as instant messaging.
6.1 Measurement of website results and reach
Notifications and communications may include web links and tracking pixels to identify whether a specific communication was opened and, if so, which web links attracted clicks. These web links and tracking pixels are also capable of identifying what use was made of notifications and communications on an individual basis. This statistical identification of use is needed for measuring website results and reach so that we may make notifications and communications effective and user-friendly in relation to recipients‘ needs and reading habits, as well as durable, secure and reliable.
6.2 Consent and opt-out
As a general rule, you must explicitly consent to the use of your email address and other contact addresses unless permitted for other legal grounds. As far as possible, we use the double opt-in method to seek your consent to receiving emails, which means you receive an email with a web link and, to confirm your consent, you are required to click on the link, which prevents misuse by unauthorised third parties. We can record this consent, including your internet protocol (IP) address, date and time, for proof/security-related purposes.
You may unsubscribe from notifications and communications such as newsletters at any time. We reserve the right to send you notifications and communications which are absolutely necessary in terms of our offering. By unsubscribing, you can, in particular, opt out of statistical recording of use in connection with measuring website results and reach.
6.3 Service providers for notifications and communications
We send out notifications and communications via services provided by third parties, or with the help of service providers. Cookies may be used for this purpose. We guarantee an adequate level of data protection for these services.
We use rapidmail to send out and manage newsletters and other emails. Rapidmail is a service provided by Rapidmail GmbH in Germany. Further information on the type, scope and purpose of data processing is published in Rapidmail’s data protection statement.
We are present on social media platforms and other online platforms to communicate with interested parties and publish information about our offering. This may involve processing personal data from outside Switzerland and the European Economic Area (EEA).
The General Terms and Conditions (GTC), Terms of Use, Data Protection Statements and other provisions of the individual operators of such online platforms also apply. These provisions set out information about data subject rights, including the right to access information in particular.
We use third-party services to provide a durable, user-friendly, secure and reliable offering. Such services also allow us to embed content in our website. Such services – e.g. hosting and backup services, video services and payment services – require your Internet Protocol (IP) address for the transmission of relevant content. These services may be located outside Switzerland and the European Economic Area (EEA) providing an adequate level of data protection can be guaranteed.
Third-party service providers may, for their own security-related statistical and technical purposes, process data in connection with our offering and from other sources – e.g. by using cookies, log files and tracking pixels – in aggregate, anonymous or pseudoanonymous form.
8.1 Social media functions and social media content
8.1.1 AddThis
We use AddThis to let you share content from our online offering on social media and other online platforms, and to let you use other social media functions. Cookies are also used. AddThis is a service provided by the Oracle Corporation, an American company. Social media and other online platforms where you are registered as a user, can match use of our online offering with your profile.
Further information about the type, scope and purpose of data processing is published in the AddThis Data Protection Statement and in the Oracle General Data Protection Statement. Information about cookies and tracker pixels is also available from AddThis, and about personalised advertising from Oracle. You may also opt out of personalised advertising.
If you do not want to receive emails from anyone who shares content with AddThis by email, you may opt out of emails via AddThis.
8.1.2 Facebook
We use social plugins from Facebook to embed Facebook functions and Facebook content in our website. These functions include e.g. “Like” and “Share”. Cookies are also used. See the Facebook page on “Social Plugins” for further information. Social Plugins are provided by Facebook Ireland Ltd. in Ireland and Facebook Inc. in the United States. If you are a registered Facebook user, Facebook can match use of our online offering with your profile. Further details of the nature, scope and purpose of data processing are published in the Facebook Data Guidelines.
8.1.3 Twitter
We use embedding of Twitter functions and content (“Twitter for Websites”) on our website. As a result, you can use the Twitter “Share” function on our website, for example, and we can display tweets on our website. Cookies are also used for this.
“Twitter for Websites” is provided by the Twitter International Company in Ireland and the American company, Twitter Inc.. If you are a registered Twitter user, Twitter can match use of our online offering with your profile. Further details of the type, scope and purpose of data processing are published in the Twitter for Websites Information on Ads and Data Protection, and in the Twitter Data Protection Guidelines. Twitter also provides information about the use of cookies and similar technologies, and on the personalisation of ads, both in connection with a Twitter account and based on the use of Twitter content on the internet. Data protection settings – including possibility of opt-out – are available to manage personalised ads.
8.2 Mapping Material
We use Google Maps to embed maps in our website. Cookies are also used for this. This service is provided by the American company, Google LLC. For users in the European Economic Area (EEA) and in Switzerland it is provided by the Irish company, Google Ireland Limited. Other information about the type, scope and purpose of data processing is published in the Google Guidelines on Data Protection and Security, and in the Google Data Protection Statement, in the Guide to Data Protection in Google Products (including Google Maps), in information on how Google uses data collected from websites which use Google services and in information about cookies at Google. You may also opt out of personalised ads.
8.3 Fonts and icons
We use Font Awesome to embed selected icons in our website. Cookies are also used. This product is supplied by Fonticons Inc., an American company which undertakes to respect European data protection legislation. Further information about the type, scope and purpose of data processing is published in the Font Awesome Data Protection Statement.
8.4 Tracking of website reach and results
Google Analytics
We use Google Analytics to analyse how our website is used, including measurements to assess e.g. the reach of our website and the results of third-party links to our website. This service is provided by the American company, Google LLC. For users in the European Economic Area (EEA) and in Switzerland this service is provided by the Irish company, Google Ireland Limited.
Google also attempts to create a profile of website visitors across multiple browsers and devices (cross-device tracking). Cookies are used for this purpose. Google Analytics harvests your Internet Protocol (IP) address, but does not merge it with other Google data.
In all cases, your Internet Protocol (IP) address is anonymised before analysis by Google. Your full IP address is not transmitted to Google in the USA.
Other information about the type, scope and purpose of data processing is published in the Google Guidelines on Data Protection and Security and in the Google Data Protection Statement, in the Guide to Data Protection in Google Products (including Google Analytics), in information on how Google uses data collected from websites which use Google services and in the information on cookies at Google. Website visitors may also use the “Browser Add-on for Deactivating Google Analytics” and opt out of personalised advertising.
Casino-Gesellschaft Basel
Konzertgasse 1
4051 Basel
info@stadtcasino-basel.ch
061 226 36 00