Privacy policy App-Museums-PASS-Musées
Important: this translation was created by machine. The German version is authoritative.
Company details
Company name: Association Museums-PASS-Musées
Representative: Gilles Meyer, Director
Phone: +41 61 205 00 00 40
E-mail: info@passmusees.com
Data protection officer contact details
Email: protectiondesdonnees@passmusees.com
Company name: Association Museums-PASS-Musées
Privacy policy
The association Museums-PASS-Musées (hereinafter MPM) undertakes to process personal data collected via the Museums-PASS-Musées application (MPM App) in accordance with the legal and regulatory requirements in force (General Data Protection Regulation- RGPD and Federal Data Protection Act-LPD).
This Data Protection Statement provides users with useful information about the collection and processing of personal data in connection with the use of our application, and in particular concerning the type of data collected, the purpose of processing, how such data may be passed on to authorized third parties and the rights of users.
1. Purpose of the MPM App
The purpose of the MPM App is to enable any user :
- to have a digital Pass on smartphone or tablet ;
- obtain general information about the Museums-PASS-Musées (hereinafter referred to as the Pass) such as : the terms and conditions for using the Pass, the list of member museums and sites and their news ;
- be redirected to our online store to purchase or renew a Pass;
- create or access your user account ;
This list is not exhaustive, as the MPM App may be updated with new features over time in order to improve the quality of service provided.
2. Data controller
The person responsible for processing personal data within the meaning of data protection legislation is Museums-PASS-Musées, Birsigstrasse 2, 4054 Basel, Switzerland, +41 61 205 00 40, E-mail: protectiondesdonnees@passmusees.com
3. Services provided by the MPM App and data collected
3.1. Using the MPM App without a connection
The MPM App is accessible and usable without logging in (i.e. without collecting personal data related to identity) for everything related to :
- access to information relating to MPM museums and news : list of MPM member museums and sites, including their location via an interactive map with the option of locating the user on this map ; temporary exhibitions and events offered by member museums/sites registration of " Favorites " exclusive MPM events and offers ;
- access to information concerning the validity of the user's Pass ;
- the choice of receiving notifications for " Favorites ", " Exclusives " and " According to position ".
It also links to the www.passmusees.com for purchasing and renewing the Pass (plastic card or digital Pass on smartphone), as well as subscribing to the newsletter. For these actions carried out on the website via smartphone, the user's surname, first name, title, postal address and email address may be required, with the user's consent. The Data privacy on the www.passmusees.com website then applies.
Technical data relating to smartphone identification (name, model and identifier of the device, Wi-Fi or 4G/5G, operator), data relating to interactions with the App (clicks, browsing log, favorites), as well as data relating to geolocation via the smartphone's GPS (geolocation on the map of member museums/sites and notification informing the user of the existence of a museum nearby) collected for the purposes of using the App, are not associated with the user's identity.
3.2. Using the App with user account login
The MPM App offers services and features other than those referred to in 3.1. Access to these services implies the creation of a *user account and the collection of personal data relating to the user's identity. These services are:
|
Services |
Corresponding data collected |
|
Pass registration and *user account creation |
Last name, first name, postal address, phone number, email address, date of birth, username, password |
|
Message sent via a contact form |
Personal message |
|
Digitizing the Pass |
Photo (via access to the smartphone's camera or photo gallery) |
|
Downloads and use of the digital Pass |
Last name, first name, postal address, phone number, email address, date of birth, username, password, photo (via access to the smartphone's camera or photo gallery) |
*User account : it is required to obtain the digital Pass, including the digitization of the plastic card into a digital Pass (conversion of the card into a photo and personal QR-code on the smartphone). Combined with the laminated card, it gives access to Pass information (number, validity), loss declaration, exclusive offers (event registration, sponsorship action)
4. Purposes of processing
MPM collects and processes the personal data transmitted by the user as well as those mentioned in paragraph 3.1. for the purposes of:
- provide, maintain, optimize and secure the services and information offered via the MPM App, including the provision of the digital Pass ;
- communicate to the user the most appropriate information about MPM's products and services ;
- offer, based on the user profile, new personalized services ;
- ensure the smooth running of the App via bug analysis and correction;
- maintain system stability and security, including detection of fraud and malicious behavior ;
- optimize the use of the MPM App (improve user experience via analysis of browsing data...etc..) ;
5. Legal basis for processing
In compliance with applicable data protection laws and regulations, MPM collects user data on the basis of :
- the expression of the user's consent, which may be withdrawn at any time within the limits imposed by the performance of the contract with MPM (purchase of the Pass, personalization necessary for its validity, use of the photo taken with the smartphone for the use of the digital Pass, subscription to the Newsletter...etc);
- fulfilling legal obligations ;
- the satisfaction of MPM's legitimate interests (maintenance, improvement and development of MPM's sales and services, protection and security of MPM's online services and information systems...etc).
6. Data processing by third parties
MPM takes the necessary steps to ensure that :
- only its authorized personnel has access to users' personal data and processes it in compliance with the purposes for which it is collected ;
- its partners acting as direct subcontractors (notably for the development of the App, its hosting, the storage of information useful for the use of the Pass...etc.) and who process users' personal data in this capacity, comply with the legal and regulatory obligations applicable in this respect and the purposes for which this data is collected.
The MPM App offer can be complemented by content and services from other providers (location via Google Maps/Apple Maps, YouTube videos...for example). Calling up these services by the user requires the transmission of the IP address, which intervenes on the user's prior expression of consent to the platform concerned.
The collection of location data is based on the user's choice of whether or not geolocation is activated in the device settings. MPM does not record or store the GPS data of the device used for the MPM App. Depending on the device's operating system, this data is instead collected and processed by Apple (IOS) or Google (Android) and reference is made to the individual Data Protection Statements of these providers for details.
7. Data transfer
Personal data collected via the MPM App is stored in the EU. However, depending on the development of relations with its subcontracting service providers, data may be transferred outside the EU. MPM then endeavors to take the necessary measures to ensure that an adequate level of protection is guaranteed.
8. Data retention
Personal data is deleted or rendered anonymous as soon as it is no longer necessary for the purposes for which it was collected, unless longer retention is required by virtue of legal obligations, contractual or pre-contractual obligations or MPM's legitimate business interests.
MPM App connection data (login, password, user account details) are stored locally in the MPM App for the duration of the connection, for a maximum of one month (after one month without connection, disconnection from the MPM App is automatic and leads to the end of data storage in the App).
However, the data attached to the user account (surname, first name, postal address, e-mail address, telephone number, identifier, password) remains recorded in the software interface used to manage the validity and use of the Pass. They are anonymized after three years of inactivity of the user account whose associated Pass has expired or been invalidated.
Commercial data relating to the purchase and renewal of the Pass (surname, first name, postal address) are subject to a legal accounting retention obligation of ten (10) years from the end of the contractual relationship.
User location data is not retained.
9. Safety
MPM implements appropriate organizational and technical measures to protect against unauthorized access and/or processing. MPM ensures a high level of security for all exchanges between the MPM App and the various interfaces and servers, in particular by using SSL encryption.
However, as the transmission of information via the Internet is not totally secure, MPM cannot guarantee the full security of the data collected.
10. Your rights
Every user of the MPM App has the following rights : access, rectification, erasure, restriction, opposition to the processing of personal data concerning him/her. If the processing is based on his/her consent or on MPM's legitimate interests, the user may at any time withdraw his/her consent or object to such processing by notifying the data controller at the following Email address: protectiondesdonnees@passmusees.com
MPM reserves the right to limit these rights of the user with regard to legal and regulatory obligations that are otherwise applicable.
If MPM refuses to grant the request or if the user is dissatisfied with the processing of his/her request, he/she may lodge a complaint with the competent supervisory authority and lodge an appeal with the competent authority. For users domiciled in Switzerland, the competent authority is the Federal Data Protection and Information Commissioner (FDPIC) (www.edoeb.admin.ch). For users domiciled in EU countries, the list of supervisory authorities can be consulted online via this link : https://www.edpb.europa.eu/about-edpb/about-edpb/members_en#member-fr
Specifically concerning newsletter unsubscription from the user area: simply uncheck the box relating to newsletter subscription and proceed to save this new setting.
Specifically concerning the deletion of personal data attached to the user account : it is possible to request the deletion of personal identification data (surname, first name, e-mail address, postal address excluding town and zip code, telephone number) from the user area by clicking directly on the " DELETE PERSONAL DATA" button on the " Personal data " page in " My account ". However, by deleting the personal data associated with the digital pass, it will become invalid and the holder will no longer be able to visit member sites or benefit from exclusive Museums-PASS-Musées offers. This action is irreversible, immediate and does not entitle the holder to any financial compensation.
For the plastic card pass, the deletion of personal data will make it impossible for the pass holder to register for exclusive events, to take advantage of exclusive Museums-PASS-Musées offers, and to have the pass replaced in the event of theft or loss. At any time, it is possible to re-enter this personal data in the " Personal data" section of the user account.
For deletion of user account login and password, please send an email to : protectiondesdonnees@passmusees.com
11. Update
This Data Protection Statement may be amended at any time. The applicable version is the one in force at the time of downloading the App. MPM, or at the time of digitizing the Pass or downloading the digital Pass where applicable.
Version - 04.05.2026
