gbl logo


Goodbye Limits is the operator of the websites:
and therefore responsible for the collection, processing and use of your personal data and the compatibility of data processing with applicable data protection law.

The following data protection declaration refers exclusively to the subdomain “ ”.

Your trust is important to us, which is why we take the issue of data protection seriously and ensure appropriate security. Of course, we observe the legal provisions of the Federal Data Protection Act (DSG), the Ordinance to the Federal Data Protection Act (VDSG), the Telecommunications Act (FMG) and other applicable data protection provisions of Swiss or EU law, in particular the General Data Protection Regulation (GDPR) .

So that you are aware of what personal data we collect from you and for what purposes we use it, please note the information below. For further information about the website, please refer to the legal notice .
1. Person responsible for data protection
The following is responsible for data processing on our website:

Goodbye Limits GmbH
Büchnerstrasse 28
8006 Zürich

The address of our data protection representative in the EU is:

A. Data processing in connection with our website
2. Accessing our website
When you visit our website, our servers temporarily save every access in a log file. As with every connection to a web server, the following technical data is recorded and stored without your intervention:
After 30 days, we automatically anonymize the recorded IP addresses so that no conclusions can be drawn about individual users.

This data is collected and processed for the purpose of enabling the use of our website (establishing a connection), ensuring long-term system security and stability and enabling the optimization of our Internet offering, as well as for internal statistical purposes. This is our legitimate interest in data processing within the meaning of Article 6 (1) (f) GDPR.

The IP address is also evaluated together with the other data for purposes of investigation and defense in the event of attacks on the network infrastructure or other unauthorized or abusive use of the website and, if necessary, used as part of criminal proceedings for identification and for civil and criminal action against the users concerned. This is our legitimate interest in data processing within the meaning of Article 6 (1) (f) GDPR.
3. Use of our contact form
You have the option of using a contact form to get in touch with us. For this we require the following information:
We only use this data and a telephone number you voluntarily provide to answer your contact request in the best possible and personalized way. The processing of this data is therefore necessary within the meaning of Art. 6 Para. 1 lit. b GDPR to carry out pre-contractual measures or is in our legitimate interest according to Art. 6 Para. 1 lit. f GDPR.
4. Cookies
Cookies help in many ways to make your visit to our website easier, more pleasant and more meaningful. Cookies are information files that your web browser automatically saves to your computer’s hard drive when you visit our website. For example, we use cookies to temporarily save your selected services and entries when filling out a form on the website so that you do not have to repeat the entry when you access another subpage. Cookies may also be used to identify you as a registered user after registering on the website, without you having to log in again when you access another subpage.

Most internet browsers automatically accept cookies. However, you can configure your browser so that no cookies are stored on your computer or a message always appears when you receive a new cookie.

On the following pages you will find explanations of how you can configure the processing of cookies in the most common browsers:
5. Tracking tools
a. General

For the purpose of needs-based design and ongoing optimization of our website, we use the web analysis service from Google Analytics. In this context, pseudonymized usage profiles are created and small text files stored on your computer (“cookies”) are used. The information generated by the cookie about your use of this website is transmitted to the servers of the providers of these services, stored there and processed for us.

In addition to the data listed under section 1, we may receive the following information:
b. Google Analytics

The provider of Google Analytics is Google Inc., a company of the holding company Alphabet Inc, based in the USA. The IP address transmitted by your browser as part of Google Analytics is anonymized and not combined with other Google data. According to Google Inc., the IP address will under no circumstances be linked to other data relating to the user.

Further information about the web analysis service used can be found on the Google Analytics website. Instructions on how you can prevent the processing of your data by the web analysis service can be found at
6. Email correspondence
Based on Art. 957 ff OR, all business correspondence via email is archived in encrypted form for 10 years. The archived emails are automatically deleted after 10 years. The email data is stored in Switzerland.

B. Data processing in connection with your stay
7. Central storage and linking of data
We store the data specified in sections 3-6 in a central electronic data processing system. We base the processing of this data within the framework of the software on our legitimate interest within the meaning of Article 6 (1) (f) GDPR in customer-friendly and efficient customer data management.
8. Disclosure of data to third parties
We only pass on your personal data if you have expressly consented, if there is a legal obligation to do so or if this is necessary to enforce our rights, in particular to enforce claims arising from the contractual relationship. In addition, we pass on your data to third parties to the extent that this is necessary as part of the use of the website and contract processing (also outside the website), namely the processing of your bookings.

A service provider to whom the personal data collected via the website is passed on or who has or may have access to it is our web host The Net-Internet Service AG, Morgenstrasse 129, CH-3018 Bern. The website is hosted on servers in Switzerland. The data is passed on for the purpose of providing and maintaining the functionality of our website. This is our legitimate interest within the meaning of Article 6 Paragraph 1 Letter f GDPR.
9. Transfer of personal data abroad
We are entitled to transfer your personal data to third parties (commissioned service providers) abroad for the purposes of the data processing described in this data protection declaration. They are obliged to protect data to the same extent as we are. If the level of data protection in a country does not correspond to that in Switzerland or Europe, we contractually ensure that the protection of your personal data corresponds to that in Switzerland or the EU at all times. Please note section 15.

E. Further information
10. Right to information, correction, deletion and restriction of processing; Right to data portability
You have the right to request information about the personal data we store about you. In addition, you have the right to correct incorrect data and the right to delete your personal data, provided that this does not conflict with a legal retention requirement or a permit that allows us to process the data.

You also have the right to request that we return the data that you have given us (right to data portability). You have the right to receive the data in a common file format.

Requests to exercise the rights of data subjects are accepted via the websites (contact data protection). In order to process your requests, we require proof of identity of the person making the request.
11. Data Security
We use appropriate technical and organizational security measures to protect your personal data stored by us against manipulation, partial or complete loss and against unauthorized access by third parties. Our security measures are continuously improved in line with technological developments.

You should always keep your access data confidential and close the browser window when you have finished communicating with us, especially if you share the computer with others.

We also take internal company data protection very seriously. We have obliged our employees and the service companies we commission to maintain confidentiality and to comply with data protection regulations.
12. Note on data transfers to the USA
For reasons of completeness, we would like to point out to users with residence or registered office in Switzerland that there are surveillance measures in place by US authorities in the USA, which generally require the storage of all personal data of all persons whose data was transferred from Switzerland to the USA. enabled. This is done without differentiation, limitation or exception based on the objective pursued and without an objective criterion that makes it possible to limit the US authorities’ access to the data and their subsequent use to very specific, strictly limited purposes that are consistent with both the access to this data and the intervention associated with its use. We would also like to point out that there are no legal remedies in the USA for data subjects from Switzerland that would allow them to gain access to the data concerning them and to obtain its correction or deletion, or no effective judicial protection against general US authorities have access rights. We explicitly inform those affected of this legal and factual situation in order to make an appropriately informed decision to consent to the use of their data.

We would like to point out to users residing in a member state of the EU that, from the perspective of the European Union – due, among other things, to the issues mentioned in this section – the USA does not have an adequate level of data protection. To the extent that we have explained in this data protection declaration that recipients of data (such as Google) are based in the USA, we will either establish contractual arrangements with these companies or by ensuring that these companies are certified under the EU or Swiss-US -Privacy Shield ensure that your data is protected with an appropriate level by our partners.
13. Right to complain to a data protection supervisory authority
You have the right to complain to a data protection supervisory authority at any time.

July 2022