Privacy & Cookie Policy for Zwiss GmbH (operator of zwiss-travel.ch)
Last updated: August 23, 2025
- Introduction
This Privacy & Cookie Policy applies to the website https://www.zwiss-travel.ch (the “Website”), which is operated by Zwiss GmbH (“Zwiss,” “we,” “our,” or “us”).
We value your privacy and are committed to protecting your personal data. This Policy explains how we collect, use, and safeguard your personal information when you use our Website, and it outlines your rights under the Swiss Federal Act on Data Protection (FADP) and the General Data Protection Regulation (GDPR) where applicable.
- What personal data we collect
When you interact with our Website or services, we may collect the following categories of personal data. We may collect your identification details, such as your name, postal address, email address, and phone number. We may also collect booking and travel information, such as the trips you book, your preferences, and your booking history.
We process your payment data exclusively through Datatrans AG and Worldline Switzerland AG, both of which are PCI-DSS-certified providers. Zwiss GmbH does not store your full payment card details.
In addition, we may collect technical data, such as your IP address, browser type, device information, operating system, and log data. We may collect usage data, such as your navigation behaviour, the pages you visit, and the links you click. We may store your marketing preferences, such as your subscription to newsletters and your consent to receive promotional communications. We may also collect customer service data, including any information you provide in enquiries, support requests, or other correspondence.
- How we collect your data
We collect your personal data in several ways. You provide data directly when you submit booking forms, make enquiries, or subscribe to our newsletters. We automatically collect technical and usage data when you browse our Website through cookies and analytics tools. We may also receive payment confirmation data securely from Datatrans AG and Worldline Switzerland AG to finalise transactions. Finally, we may receive data from service providers and partners in order to confirm and fulfil your bookings.
- How and why we use your data
We process your personal data only for specific and lawful purposes. We use your data to process and manage bookings and reservations, which is necessary to perform a contract with you. We use your data to communicate with you about your enquiries and bookings, which is both contractually necessary and in our legitimate interest.
We use your data to process secure payments through Datatrans AG and Worldline and to prevent fraud. We analyse usage data to improve the functionality and services of our Website, which is a legitimate interest. We send you newsletters and promotional offers only if you have given us your explicit consent. We also process your personal data to comply with legal obligations such as accounting and financial reporting.
- Sharing of data
We may share your personal data with selected third parties when this is necessary. We may share your data with service providers and partners such as airlines, hotels, and tour operators in order to fulfil bookings. We share your payment information with Datatrans AG and Worldline Switzerland AG to process transactions securely.
We may share your data with Cloudflare, which provides website security and performance optimisation. We may also share your data with IT, hosting, and analytics providers to ensure the proper functioning of our Website. Finally, we may share your data with authorities or regulators where we are legally required to do so.
We do not sell your personal data to third parties.
- International transfers
If we transfer your personal data outside Switzerland or the European Union, we ensure that appropriate safeguards are in place. These safeguards include the use of Standard Contractual Clauses (SCCs) or equivalent legal mechanisms.
- Data retention
We retain your personal data only for as long as necessary to fulfil the purposes outlined in this Policy or as required by law. Booking and payment data are retained for up to ten years to comply with statutory accounting obligations. Customer service and account data are retained for between three and five years after your last interaction with us. Marketing consents are retained until you withdraw your consent. Cookies are retained only for the durations listed in the Cookie Table below.
- Your rights
Under the FADP and the GDPR, you have the right to access the personal data that we hold about you. You have the right to correct inaccurate or incomplete data. You have the right to request the deletion of your personal data where it is no longer needed. You have the right to restrict or object to certain forms of processing. You have the right to receive your data in a portable, machine-readable format.
If we process your data on the basis of your consent, you may withdraw that consent at any time, for example, if you no longer wish to receive marketing emails.
- Cookie Policy
9.1 What are cookies?
Cookies are small text files that are stored on your device when you visit our Website. They allow us to maintain secure sessions, enable booking functionality, analyse site usage, remember your preferences, and, with your consent, deliver advertising.
9.2 Categories of cookies
We use four categories of cookies. Essential cookies are required for the Website to function properly, including booking processes, payment processing via Datatrans AG and Worldline, and security measures provided by Cloudflare. Functional cookies remember your preferences such as language settings and video playback options. Analytics cookies provide us with insights into how visitors use our Website so we can improve it. Marketing cookies support advertising campaigns and retargeting.
9.3 Third-party cookies
Some cookies are placed by trusted third-party providers such as Google, Meta (Facebook), LinkedIn, Twitter (X), YouTube, Cloudflare, Datatrans AG, and Worldline Switzerland AG. These providers maintain their own cookie and privacy policies and may update their cookies without notice.
9.4 Cookie Table – zwiss-travel.ch
| Cookie Name | Provider | Purpose | Category | Duration |
| PHPSESSID | zwiss-travel.ch | Maintains session state across page requests (e.g., booking) | Essential | Session |
| cookieConsent | zwiss-travel.ch | Saves the user’s cookie preferences | Essential | 12 months |
| __cf_bm, cf_clearance, __cfruid | Cloudflare | Provides bot detection, DDoS protection, and secure access | Essential | 30 minutes – 12 months |
| dtCookie, dtPC, dtLatC, rxVisitor | Datatrans AG / Worldline | Handles secure payment sessions and fraud prevention | Essential | Session – 1 year |
| _ga | Google Analytics | Registers a unique ID for statistical data | Analytics | 2 years |
| _gid | Google Analytics | Tracks user activity across pages | Analytics | 24 hours |
| _gat | Google Analytics | Throttles request rate to improve performance | Analytics | 1 minute |
| ga<container-id> | Google Analytics 4 | Persists session state and links events | Analytics | 2 years |
| IDE | Google DoubleClick | Tracks and reports actions after ad clicks | Marketing | 13 months |
| fbp, fr | Tracks visits and delivers targeted ads | Marketing | 3 months | |
| li_sugr, bcookie, bscookie | Provides tracking, retargeting, and secure identification | Marketing | 30 days – 1 year | |
| UserMatchHistory | LinkedIn Ads | Tracks visitors for LinkedIn ad retargeting | Marketing | 30 days |
| guest_id, personalization_id | Twitter (X) | Identifies users for analytics and ad personalisation | Marketing | 2 years |
| YSC | YouTube | Tracks views of embedded YouTube videos | Analytics | Session |
| VISITOR_INFO1_LIVE | YouTube | Estimates bandwidth for embedded videos | Functional | 6 months |
| yt-remote-device-id | YouTube | Stores video preferences | Functional | Persistent |
| yt-remote-connected-devices | YouTube | Stores video playback device information | Functional | Persistent |
⚠️ Disclaimer: This table reflects the cookies most commonly used on our Website. Third-party providers may update, add, or remove cookies without prior notice.
- Data security
We implement technical and organisational safeguards, including encryption, firewalls, access controls, and monitoring systems, to protect your personal data against unauthorised access, misuse, or loss. Payment transactions are processed exclusively through Datatrans AG and Worldline Switzerland AG, both of which are PCI-DSS-certified providers.
- Updates
We may update this Privacy & Cookie Policy to reflect changes in law, technology, or our practices. Updates will be published on this page with the revised “last updated” date.
- Contact us
If you have any questions or wish to exercise your rights, please contact us:
Zwiss GmbH
Undere Waldmattenstrasse 11
3778 Schönried, Switzerland
Email: [email protected]
Phone: +41 79 815 10 00
Address
Zwiss GmbH, Undere Waldmattenstrasse 11, 3778 Schönreid, Switzerland
VAT identification number
CHE444.407.337
Phone number