DATA PRIVACY STATEMENT

This privacy policy was created and published by Andermatt Sedrun Disentis Marketing AG, Oberalppass, Berggasthaus Piz Calmot, 6490 Andermatt, Switzerland, registered in the Commercial Register of the Canton of Uri under the number CHE-413.104.183. Andermatt Sedrun Disentis Marketing AG is the marketer of the Andermatt+Sedrun+Disentis destination and its two service providers, Andermatt-Sedrun Sport AG and Bergbahnen Disentis AG. On this website, you will also find information about the group companies of Andermatt Swiss Alps AG, which additionally includes Bellevue Hotel & Apartment Management AG (The Chedi Andermatt) and Hotel 4b Management AG (Radisson Blu Reussen Andermatt).

Andermatt Sedrun Disentis Marketing AG is legally responsible for the collection, processing, and use of your personal data and for lawful data processing on this website. Personal data includes all information relating to an identified or identifiable natural person. This includes details that allow conclusions to be drawn about your identity (e.g., name, postal address, email address, and telephone numbers).

Your trust is important to us, which is why we take data protection seriously and ensure appropriate security measures. We naturally comply with the legal provisions of the Swiss Federal Act on Data Protection (FADP), the Ordinance to the Federal Act on Data Protection (OFADP), the Telecommunications Act (TCA), and other applicable data protection provisions of Swiss or EU law, in particular the General Data Protection Regulation (GDPR).
To ensure that you know what personal data we collect from you and for what purposes we use it, please read the following information. Please note that the following information may be reviewed and amended from time to time. We therefore recommend that you regularly review this privacy policy. Furthermore, for certain data processing operations listed below, other companies are legally responsible for data protection or jointly responsible with us, so in these cases the information provided by these providers is also decisive.
 

Contact Details of the Data Controller and the EU Representative

If you have questions about data protection or wish to exercise your rights, please contact our data protection officer:

Andermatt Sedrun Disentis Marketing AG c/o Andermatt-Sedrun Sport AG Oberalppass Berggasthaus Piz Calmot 6490 Andermatt

Phone: +41 58 200 68 68 Email: info@asd-marketing.ch

Our EU representative pursuant to Art. 27 GDPR is:

MLL EU-GDPR GmbH Ganghoferstrasse 33 DE - 80339 Munich

andermattswissalpsag(at)mll-gdpr.com

A. Data Processing on the Websites

1. Accessing our websites (including associated microsites)

In order to establish a connection to our websites or any microsites, your browser transmits certain data to the servers of our hosting provider, which temporarily records each access in a log file. The following data is collected automatically without your intervention and stored until automatic deletion:

  • IP address of the requesting device,
  • Name of the owner of the IP address range,
  • Date and time of your request,
  • Type of your operating system,
  • Name and URL of the requested data,
  • The website from which our domain was accessed,
  • Country from which access to our websites occurs,
  • Status code,
  • Browser used,
  • Transmission protocol used

The collection and processing of this data is intended to enable the use of our websites, ensure system security and stability, optimize our online offerings, and for internal statistical purposes.

The IP address is also evaluated together with other data in case of attacks on the network infrastructure or other unauthorized or abusive use of the website for clarification and defense, and may be used in criminal proceedings to identify and take civil and criminal action against the respective users.

For the above-described purposes, our legitimate interest in data processing exists pursuant to Art. 6(1)(f) GDPR.

2. Use of our contact form

On our websites, you have the option at various points (e.g., general contact, consultation requests, or booking inquiries) to use a contact form to get in touch with us. For this, we require the following information. Mandatory fields are marked with an asterisk (*):

  • Salutation*
  • First and last name*
  • Postal address
  • Phone number
  • Email address*
  • Message*

We use this data, as well as any voluntarily provided data, only to respond to your contact request in the best and most personalized way. Processing this data is therefore necessary pursuant to Art. 6(1)(b) GDPR for the performance of pre-contractual measures or falls within our legitimate interest pursuant to Art. 6(1)(f) GDPR.

3. Contact via Telephone or Email

On various parts of our websites, you have the option to contact us by telephone or email, for example to ask questions about website functionalities, bookings, or services.

We only collect the data that you disclose to us. Consequently, you are responsible for the content of your message and decide which information you provide. We recommend that you do not send sensitive information. To answer your questions, we may ask you to provide additional information (e.g., your address, email address, etc.). We will only collect the data necessary to respond to your inquiries or provide the services you requested.

In processing your inquiry, our legitimate interest exists pursuant to Art. 6(1)(f) GDPR.

4. Newsletter Subscription

You have the option to subscribe to our newsletter on our websites. This requires registration, during which the following data must be provided. Mandatory fields are marked with an asterisk (*):

  • Salutation
  • First and last name*
  • Email address*
  • Areas of interest

After entering the information mentioned above, you are directly registered for the desired newsletter. We use a Double-Opt-In mechanism. After submitting your registration, you will receive an email containing a confirmation link. To complete your subscription, you must confirm this link. If you do not confirm, your email address will be permanently deleted from our temporary list of newsletter subscribers, and no subscription will occur. For newsletter delivery, we work with email marketing software such as Braze, 330 West 34th Street, 18th Floor New York, NY 10001 USA, and Alturos Destinations Lakeside, B03, 9020 Klagenfurt, Austria.

We use your data for sending the newsletter until you withdraw your consent. You can withdraw your consent at any time with future effect or by using the unsubscribe link in the newsletter emails.

Our newsletter contains a so-called Web Beacon or similar technical means (tracking pixel). A Web Beacon is a 1x1 pixel invisible graphic associated with the user ID of the respective newsletter subscriber. Through the Web Beacon, we receive the following information about newsletter delivery:

  • Mailing list used;
  • Subject and number of newsletters sent;
  • Information on which addresses received or did not receive the newsletter and where delivery failed;
  • Information on which addresses opened the newsletter;
  • Information on which addresses unsubscribed; and
  • Technical information (e.g., retrieval time, IP address, browser type, and operating system).

This information is used for statistical analysis of our newsletter campaigns. The results may be used to better tailor future newsletters to the interests of recipients. The Web Beacon is deleted when you delete the newsletter.

To prevent the use of the Web Beacon, please configure your email program, if not already standard, to display messages in plain text rather than HTML. The following links explain how to do this for common email programs:

By registering for the newsletter, you consent to the processing of the provided data for regular newsletter delivery to the address you provided, as well as for statistical evaluation of usage behavior and optimization of the newsletter. This consent constitutes our legal basis for data processing pursuant to Art. 6(1)(a) GDPR. You can withdraw your consent at any time with future effect.

5. Use of the Chat Function

You have the option to contact us via the chat functionality, for example to ask questions about website functionalities, bookings, or services. The following data is collected. Mandatory fields in the registration form are marked with an asterisk (*):

  • Data
  • Message*

Additionally, we only collect personal data that you disclose to us. Consequently, you are responsible for the content of your message and decide which information you provide. We recommend that you do not send sensitive information. To answer your chat inquiries, we may ask you to provide additional information. We will only collect the personal data necessary to respond to your questions or provide the requested services.

In connection with the chat function, we work with a tool from Enterprise bot GmbH, Baarerstrasse 135, 6300 Zug, Switzerland. Chat data is stored on servers at the following location: Enterprise bot GmbH, Baarerstrasse 135, 6300 Zug, Switzerland.

In processing your chat inquiry or message, our legitimate interest exists pursuant to Art. 6(1)(f) GDPR.

6. Opening a Customer Account

To make bookings on our websites, you can book as a guest or create a customer account. When registering for a customer account, we collect the following data. Mandatory fields are marked with an asterisk (*):

  • Salutation
  • First and last name*
  • Postal address
  • Country
  • Date of birth
  • Phone number
  • Email address*
  • Password*
  • Language

The collection of this data, as well as any additional data you voluntarily provide, is intended to provide you with password-protected access to your stored basic data. You can view past and current bookings or manage and update your personal information. You can also request complete deletion of the customer account.

The legal basis for processing this data for this purpose is your consent pursuant to Art. 6(1)(a) GDPR. You can withdraw your consent at any time with future effect.

7. Booking on Our Websites, via Correspondence, or by Telephone

If you make bookings via our websites, through correspondence (email or postal mail), or by telephone, we require personal data from you to process the contract. Depending on the order and product, the necessary data may vary. Possible mandatory fields are marked with an asterisk (*):

  • Salutation*
  • First and last name*
  • Date of birth* Postal address*
  • Phone number*
  • Language*
  • Payment method*
  • Email address*
  • Password*

This data, along with any additional information you voluntarily provide (e.g., expected arrival time, vehicle license plate, preferences, remarks), will only be used to process the contract, unless otherwise stated in this privacy policy or unless you have given separate consent. We will process the data by name to record your booking as requested, provide the booked services, contact you in case of issues or questions, and ensure correct payment.

If necessary, personal data may be shared with companies involved in processing this contract, e.g., service providers such as hotels or financial institutions for payment processing.

The legal basis for processing this data for this purpose is the fulfillment of a contract pursuant to Art. 6(1)(b) GDPR.

8. Purchasing Products or Vouchers

If you purchase products or order vouchers via our websites, we require the following data to process the contract. Mandatory fields are marked with an asterisk (*):

  • Salutation
  • First and last name*
  • Date of birth* Company
  • Postal address*
  • Country
  • Phone number
  • Payment method*
  • Email address*
  • Shipping method*
  • Billing address

This data, along with any additional information you voluntarily provide, will only be used to process the contract, unless otherwise stated in this privacy policy or unless you have given separate consent. We will process the data by name to record your order as requested, deliver the purchased products or vouchers, contact you in case of issues or questions, and ensure correct payment.

If necessary, personal data may be shared with companies involved in processing this contract, e.g., service providers such as hotels or financial institutions for payment processing.

On our websites, we link to a voucher shop operated by E-Guma. E-Guma is operated by Idea Creation GmbH, Walchestrasse 15, 8006 Zurich, Switzerland. The information you provide when purchasing vouchers is used for contact, execution, and fulfillment of the contractual service, as well as to comply with related legal obligations. Payment service providers assist us in processing purchases.

The legal basis for processing this data for this purpose is the fulfillment of a contract pursuant to Art. 6(1)(b) GDPR.

9. Ticket Purchases

If you purchase tickets via our websites (e.g., for events, mountain lifts, etc.), we require the following data to process the contract. Mandatory fields are marked with an asterisk (*):

  • Ticket type*
  • Ticket holder (postal address, email, phone number)*
  • Ticket category*
  • Date of birth*
  • Date*
  • Billing address*
  • Payment method*

This data, along with any additional information you voluntarily provide, will only be used to process the contract, unless otherwise stated in this privacy policy or unless you have given separate consent. We will process the data by name to record your order as requested, deliver the purchased tickets, contact you in case of issues or questions, and ensure correct payment.

If necessary, personal data may be shared with companies involved in processing this contract, e.g., service providers such as hotels or financial institutions for payment processing.

The legal basis for processing this data for this purpose is the fulfillment of a contract pursuant to Art. 6(1)(b) GDPR.

10. Job Applications

On our websites, you have the option to apply for open positions. When applying, we collect the following data. Mandatory fields are marked with an asterisk (*):

  • Salutation*
  • First name*
  • Last name*
  • Date of birth*
  • Email address*
  • Password*
  • User language*
  • Personal details:
    • Mobile phone*
    • Country of residence*
    • Nationality*
    • Residence permit*
  • Documents (upload):
    • Cover letter*
    • CV*
    • Certificates, diplomas*
    • Additional documents
  • Relationship with our company:
    • How did you hear about us?*
    • I am currently an employee
    • I have previously worked for your company
    • Remarks regarding previous employment
  • Additional information:
    • Message
  • I agree to the privacy policy*
  • Data release*:
    • I consent to my data being stored in accordance with the privacy policy (3 months) even beyond the specific job application.
    • I request that my data be deleted after the current application process.

In connection with your online application, we use the tool Umantis from Haufe-Lexware GmbH & Co. KG, Munzinger Strasse 9, 79111 Freiburg, Germany. Data is stored on a server in Germany and processed by employees of Andermatt-Sedrun Sport AG and/or Andermatt Swiss Alps AG as part of the recruitment process.

We require this information to review your application and, if necessary, contact you in this context. The legal basis for processing your personal data is pre-contractual measures and performance of a contract pursuant to Art. 6(1)(b) GDPR, as well as our legitimate interest pursuant to Art. 6(1)(f) GDPR. You may object to this data processing at any time if there are reasons in your specific situation that oppose the processing.

11. Booking Hotel Rooms and Apartments

If you book a hotel room or an apartment on www.alpine.apartments.ch, www.thechediandermatt.com, or similar websites, we require the following data to process the contract. Mandatory fields are marked with an asterisk (*):

  • Number of guests*
  • Check-in and check-out dates*
  • Apartment category*
  • Extras
  • Special requests
  • Salutation
  • First and last name*
  • Phone number
  • Email address*
  • Postal address*
  • Additional guests (salutation, first and last name)
  • Please inform me about offers via email
  • Payment method*
  • Yes, I have read and accepted the Terms and Conditions and the Privacy Policy.*

This data, along with any additional information you voluntarily provide, will only be used to process the contract, unless otherwise stated in this privacy policy or unless you have given separate consent. We will process the data by name to record your booking as requested, provide the booked services, contact you in case of issues or questions, and ensure correct payment.

If necessary, personal data may be shared with companies involved in processing this contract, e.g., service providers such as financial institutions for payment processing.

The legal basis for processing this data for this purpose is the fulfillment of a contract pursuant to Art. 6(1)(b) GDPR.

12. Registration of a User Account

On our websites, such as www.andermatt-sedrun-disentis.ch, you can create a user account. When registering for a user account, we collect the following data. Mandatory fields are marked with an asterisk (*):

  • First and last name*
  • Email address*
  • Password*
  • I would like to receive regular news
  • I accept the Terms of Use and Privacy Policy*

The collection of this data, as well as any additional data you voluntarily provide, is intended to provide you with password-protected access to your stored basic data. You can view your past and current purchases or manage and update your personal information. You can also request complete deletion of the user account.

The legal basis for processing this data for this purpose is your consent pursuant to Art. 6(1)(a) GDPR. You can withdraw your consent at any time with future effect.

B. Data Processing Outside the Websites

1. General

Andermatt Sedrun Disentis Marketing AG also collects personal data from you outside of the website. This may occur, for example, if you contact us via email or telephone independently of the website, and we need to record data to process your inquiries and get in touch with you.

Personal data is also collected by Andermatt Sedrun Disentis Marketing AG when you register on-site for events or book accommodation. The same types of data are generally collected as when booking on the website.

The legal basis for processing this data is the fulfillment of your contact requests, constituting a legitimate interest pursuant to Art. 6(1)(f) GDPR, or the fulfillment of a contract pursuant to Art. 6(1)(b) GDPR.

For third-party services, Andermatt Sedrun Disentis Marketing AG acts solely as an intermediary and makes bookings on behalf of the service providers. Data is forwarded to the selected service providers for booking purposes, who are responsible for further data processing under data protection law. For more information on how these providers handle personal data, please consult the privacy policy of the respective service provider.

2. Data Processing to Fulfill Legal Reporting Obligations

Upon arrival at our accommodations, we may require the following information from you and your accompanying persons. Mandatory fields are marked with an asterisk (*):

  • First and last name*
  • Postal address*
  • Date of birth*
  • Place of birth / hometown
  • Nationality*
  • Official ID*
  • Check-in and check-out dates*
  • Vehicle license plate
  • Name of accommodation*

This information is collected to comply with legal reporting obligations, particularly arising from hospitality or police regulations. If required by applicable law, we forward this information to the competent police authority.

The processing of this data is based on a legal obligation pursuant to Art. 6(1)(c) GDPR.

3. Recording of Used Services

If you use additional services during your stay (e.g., wellness, restaurant, activities), the service and the time of use are recorded by us for billing purposes.

The processing of this data is necessary for contract fulfillment with us pursuant to Art. 6(1)(b) GDPR.

4. Storage of Your Personal Data in a Central Database of Andermatt Sedrun Disentis Marketing AG

The personal data mentioned in this privacy policy is centrally stored and processed by Andermatt Sedrun Disentis Marketing AG. The data is stored in a central electronic data processing system (CRM). Your data is systematically recorded, linked, and analyzed to process inquiries and manage services (e.g., to offer personalized services or product information, to improve products and services, etc.). User profiles may be created based on this data. Data may also be enriched with publicly available information (e.g., from the press or internet). For this, we use the software Azure by Microsoft, South County Business Park, Leopardstown, Dublin 18, Ireland, as well as Braze, 330 West 34th Street, 18th Floor, New York, NY 10001 USA, by Alturos Destinations Lakeside, B03, 9020 Klagenfurt, Austria, and Salesforce, Salesforce UK Limited, Village 9, Floor 26, Salesforce Tower, 110 Bishopsgate, London, UK, EC2N 4AY. The processing of this data through the software is based on our legitimate interest pursuant to Art. 6(1)(f) GDPR in customer-friendly and efficient data management, as well as on contractual measures pursuant to Art. 6(1)(b) GDPR.

If you have consented to the processing of your personal data for advertising purposes, we may also use the collected data for marketing. This consent constitutes the legal basis for processing under Art. 6(1)(a) GDPR. You can withdraw your consent at any time with future effect.

5. Use of Our Apps

In addition to our online services, we provide a mobile app that you can download to your device. When downloading the MountainAccess app, the necessary information is transmitted to the app store, including username, email address, account number, download time, device IMEI, mobile number (MSISDN), MAC address for Wi-Fi use, and IMSI. We have no influence over this data collection and are not responsible for it. We process this data only to enable app downloads and do not store it further.

If you log in via the app or place orders, we collect the following additional personal data to enable these services. Mandatory fields are marked with an asterisk (*):

  • First and last name
  • Address
  • Phone number (if applicable)
  • Email*
  • Username*
  • Customer number
  • Password*
  • Date of birth

The legal basis for processing this data is the fulfillment of a contract pursuant to Art. 6(1)(b) GDPR or your consent pursuant to Art. 6(1)(a) GDPR. You may withdraw your consent at any time with future effect.

At the beginning of app use, the apps request the following access rights for the purposes indicated:

  • Location data (via GPS and anonymized IP address): To receive personalized location-based messages
  • Camera: To scan barcodes for reserving services/items or obtaining related information
  • Photos/Media/Files: Related to the use of the camera for barcode scanning
  • Device ID and call information: Used by app stores for statistics
  • Fingerprint/Biometric information: For convenient login and purchase via fingerprint or facial recognition
  • App history

If you deny this, the app will not use these data, but the corresponding functions cannot be used. You can grant or revoke access later in the app settings. Data is transmitted to our servers only as necessary to provide functionality and is treated confidentially and deleted when no longer required or legal retention obligations do not exist.

This consent constitutes the legal basis for processing under Art. 6(1)(a) GDPR and can be revoked at any time with future effect.

If necessary, personal data may be shared with companies involved in providing services, e.g., service providers such as hotels or credit card institutions for payment processing.

6. Push Notifications

If you have consented, Andermatt Sedrun Disentis Marketing AG can send notifications to your device (e.g., smartphone, tablet). The MountainAccess app uses push notifications to inform you about topics related to the Andermatt+Sedrun+Disentis destination (e.g., products, promotions, contests) and partner offers. Your data is not shared with these partners.

If enabled, we also use location data from your device. Location information is used to track movements and send notifications. Within a defined "Geo Fence" near the destination, push notifications alert you to current offers.

You can configure push notification settings at any time via your operating system or within the MountainAccess app under "Settings."

This consent constitutes the legal basis for processing under Art. 6(1)(a) GDPR and can be revoked at any time with future effect.

7. Booking Platforms

If you make bookings through third-party platforms, we receive various personal information from the platform operator, generally including the data listed in this privacy policy related to the booking. Additionally, inquiries regarding your booking may be forwarded to us. This data is processed to record your booking as requested and provide the booked services. The legal basis for this processing is the fulfillment of a contract pursuant to Art. 6(1)(b) GDPR.

We may also receive information from platform operators regarding disputes related to bookings. This may include booking-related data, such as a copy of the booking confirmation. We process this data to protect and enforce our rights, constituting a legitimate interest pursuant to Art. 6(1)(f) GDPR.

Please also review the privacy information of the respective booking platform.

8. Newsletter

When you book, make a purchase, submit an inquiry, or request information or brochures from us, we process your personal data in accordance with Art. 6 (1) sentence 1 lit. b and f GDPR. You can also subscribe to our newsletters on our website. In these newsletters, we inform you about updates to our products or services, news, and relevant topics—tailored as much as possible to your interests and vacation preferences.

When you subscribe to the newsletter, we collect and store the data you enter into the input form (e.g. surname, first name, email address, postal address) and supplement it with interest data derived from your vacation preferences. We use your data for direct marketing purposes in accordance with Art. 21 GDPR and Art. 6 (1) lit. f GDPR to provide you with customized information about our services. Your data will not be shared with third parties. Subscribing to the newsletter is only possible with your consent. The double opt-in procedure is used for registration.

We also use your child’s date of birth to send booking-related direct marketing emails. These emails are always sent to the parent’s email address specified in the booking process. You may object to this use at any time with effect for the future.

You can revoke your consent to receive direct marketing emails or newsletters at any time, simply by using the unsubscribe function included in each newsletter. We use your data exclusively for sending direct marketing communications and newsletters.

For the creation and distribution of our newsletters, we use the “WS SPORTS” service provided by Waldhart Software GmbH, 6405 Pfaffenhofen, Unterdorf 1, as a technical service provider. In the course of technical processing, employees of Waldhart Software may have access to your personal data to the necessary extent, solely for implementing and maintaining newsletter delivery. We have concluded a data processing agreement with Waldhart Software in accordance with Art. 28 GDPR to ensure the confidentiality and security of your data. Waldhart Software does not use your data for its own purposes.

C. Tools and Tracking Technologies

1. Cookies

Cookies help make your visit to our website easier, more enjoyable, and more meaningful in many ways. Cookies are information files automatically stored on your device's hard drive by your web browser when you visit our website.

We use cookies, for example, to temporarily save your selected services and entries when filling out a form on the website, so that you do not have to repeat the input when navigating to another page. Cookies may also be used to identify you as a registered user after registration without requiring you to log in again on another page.

Most internet browsers automatically accept cookies. However, you can configure your browser so that no cookies are stored on your computer or so that a notification appears whenever a new cookie is received. The following links provide instructions on how to manage cookie processing in the most common browsers:

Disabling cookies may prevent you from using all functions of our website.

2. Tracking Tools

a. Google Analytics

We use Google Analytics, a web analytics service by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, or Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA ("Google"). Google Analytics uses methods that allow an analysis of website usage, such as cookies. Information generated by the cookie about your use of our website, such as

  • Navigation path taken by a visitor on the website,
  • Time spent on the website or individual pages,
  • The page from which the website is exited,
  • Country, region, or city of access,
  • Device (type, version, color depth, resolution, browser window size),
  • Returning or new visitor,
  • Browser type/version,
  • Operating system used,
  • Referrer URL (previously visited website),
  • Hostname of the accessing computer (IP address), and
  • Time of the server request,

is generally transmitted to a Google server in the USA and stored there. IP anonymization ("anonymizeIP") is enabled on this website to shorten the IP address before transmission within the EU or other states of the European Economic Area or Switzerland. The masked IP address transmitted by your browser to Google is not combined with other data from Google. Only in exceptional cases is the full IP address transmitted to a Google server in the USA, where it is shortened. In these cases, we ensure through contractual guarantees that Google maintains an adequate level of data protection.

The information is used to evaluate website usage, compile reports about website activities, and provide additional services related to website usage and internet usage for market research and optimal website design. The data may also be transmitted to third parties if required by law or processed by third parties on our behalf.

The legal basis for processing this data is your consent pursuant to Art. 6(1)(a) GDPR, which you may revoke at any time with future effect.

Users can prevent the collection of data generated by the cookie and related to their website usage (including the IP address) by Google and the processing of these data by installing the browser plugin available at: tools.google.com/dlpage/gaoptout

Further information about Google and how Google processes data can be found here.

b. Google Tag Manager

We use Google Tag Manager from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, or Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA ("Google"). Google Tag Manager allows marketers to manage website tags via an interface. Tag Manager itself is a cookie-free domain and does not collect personal data. It triggers other tags that may collect personal data, but Google Tag Manager does not access this data. Any deactivation at domain or cookie level persists for all tracking tags implemented via Google Tag Manager. You can prevent tag placement at any time.

The legal basis for processing these data is our legitimate interest pursuant to Art. 6(1)(f) GDPR.

c. Google Ads Remarketing

We use Google Ads Remarketing, an online advertising program by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, or Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA ("Google"). Using the remarketing function, we can display interest-based ads to website users via cookies. User interactions on our website are analyzed to show targeted ads on other sites based on interests. Cookies uniquely identify a web browser but not a person. According to Google, no personal data is stored.

The legal basis for processing this data is your consent pursuant to Art. 6(1)(a) GDPR, which can be revoked at any time with future effect.

You can disable Google cookies via the following link and download the provided plugin: tools.google.com/dlpage/gaoptout.

Further information about Google and how Google processes data can be found here.

d. Google Ads Conversion Tracking

We use Google Ads from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, or Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA ("Google"). Google Ads allows advertisers to display ads in Google search results and across the Google advertising network. Ads are triggered based on predefined keywords to show relevant results. Conversion cookies track whether specific pages on our site were visited and whether revenue was generated. These cookies expire after 30 days and do not identify individuals.

The legal basis for processing this data is your consent pursuant to Art. 6(1)(a) GDPR, which can be revoked at any time with future effect.

You can disable Google cookies via the following link and download the provided plugin: tools.google.com/dlpage/gaoptout.

Further information about Google and how Google processes data can be found here.

e. Facebook Pixel

We use the "Facebook Pixel" from Facebook, operated by Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland, or Meta Platforms Inc., 1601 Willow Road, Menlo Park, CA 94025, USA. The Facebook Pixel allows Facebook to identify website visitors as target audiences for ads ("Facebook Ads"). We use it to show ads only to users who have shown interest in our website or match certain characteristics (e.g., interests in topics/products inferred from visited pages) transferred to Facebook ("Custom Audiences").

The pixel also ensures that ads match potential user interests and are not intrusive. It allows tracking ad effectiveness for statistical and market research purposes (conversion tracking). Data collected by Facebook is anonymized for us, but Facebook may link it to user profiles for its own purposes.

If data is transmitted to Facebook for matching purposes, it is encrypted in the browser and sent via secure HTTPS connection to Facebook.

We also use the "Advanced Matching" feature to create target groups (Custom Audiences or Lookalike Audiences) using encrypted data.

Data processing by Facebook follows Facebook's privacy policy. More details on the Facebook Pixel can be found in Facebook's help section.

You can opt out of Facebook Pixel tracking and use of your data for Facebook Ads. Settings for interest-based ads can be configured via Facebook. Cookie-based ad tracking can also be disabled via: www.aboutads.info/choices and www.youronlinechoices.com/uk/your-ad-choices/.

The legal basis for this data processing is your consent under Art. 6(1)(a) GDPR, which can be revoked at any time with future effect.

f. Capture Media

This website uses a tracking solution by Capture Media AG ("Capture Media"), a Swiss company based in Zurich, which measures website usage in the context of engagements and events. Tracking is anonymous, and no link to identifiable persons is made. Capture Media offers an opt-out option for this tracking.

g. Tracking with fusedeck

This Website uses “fusedeck”, a tracking solution provided by cptr AG (hereinafter referred to as “cptr”). cptr is a Swiss company having its registered office in Zurich which, on behalf of its customers, measures website usage in the context of engagements and events. Tracking is anonymous so that it is impossible to attribute any information gained to any identified or identifiable persons.

For more information on data protection and the rights which data subjects have in connection with “fusedeck”, including their right to “opt out” (right to object), please refer to the Privacy Policy and the Information on the Right to Object.

3. Social Media Presence

Our website contains links to our profiles on the following social networks:

  • Facebook, operated by Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland, or Meta Platforms Inc., 1601 Willow Road, Menlo Park, CA 94025, USA;
  • Instagram Inc., 1601 Willow Road, Menlo Park, CA 94025, USA;
  • Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA;
  • YouTube, operated by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland;
  • Pinterest Inc., 635 High Street, Palo Alto, CA, 94301, USA;
  • LinkedIn Unlimited Company, Wilton Place, Dublin 2, Ireland;
  • TikTok, TikTok Technology Limited, 10 Earlsfort Terrace, Dublin, D02 T380, Ireland;
  • Giphy, Giphy Inc., 416 W 13th Street Suite 207, New York, NY 10014, USA.

Clicking on the social media icons will automatically redirect you to our profile on the respective network. This creates a direct connection between your browser and the server of the respective social network, allowing the network to receive information that you visited our website and clicked the link with your IP address.

If you click a link while logged into your account on that network, the content of our website may be linked to your profile, allowing the network to associate your visit directly with your account. To prevent this, you should log out before clicking the links. A connection between your website access and your account always occurs if you log in to the network after clicking the link. The respective provider is responsible for data processing in accordance with privacy law. Please refer to the network's privacy information.

The legal basis for any data processing that may be attributed to us is our legitimate interest pursuant to Art. 6(1)(f) GDPR in using and promoting our social media profiles.

4. Social Media Plugins

We use social plugins ("plugins") from social networks on our website. To enhance the protection of your data when visiting our website, plugins are embedded so that no connection to the servers of the respective social network is established when a page containing such plugins is accessed. Only when you activate the plugins and thereby give your consent for data transmission does your browser establish a direct connection to the servers of the respective network. The content of the plugin is then transmitted directly from the provider to your browser and embedded in the page. Clicking the icons of the social networks links you to the respective network to perform the selected function, such as sharing content on Facebook. You must be logged in to your account to use this functionality.

We provide plugins from the following social networks:

  • Facebook, operated by Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland, or Meta Platforms Inc., 1601 Willow Road, Menlo Park, CA 94025, USA;
  • LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland;
  • Pinterest Inc., 635 High Street, Palo Alto, CA, 94301, USA;
  • Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA.

Selecting one of the available functions and clicking the corresponding social network icon establishes a direct connection between your browser and the network’s server. The network receives information that you visited our website and clicked the link with your IP address. If you are logged into the network, website content may be linked to your profile, allowing the network to associate your visit directly with your account. To prevent this, log out before clicking the links. Association will occur if you log in after clicking.

For the purpose, scope of data collection, further processing, and use by the respective social network, as well as your rights and privacy settings, please refer to the privacy notices of the social network.

D. Additional Information

1. Retention Period

We store personal data only as long as necessary to perform the processing described in this privacy statement within the scope of our legitimate interest. Contract-related data is stored according to legal retention requirements, which include accounting and tax regulations. Business communication, concluded contracts, and booking records must be kept for up to 10 years. Once these data are no longer needed for providing our services, they are blocked, meaning they may only be used for compliance with retention obligations or the enforcement of legal interests. Data is deleted when no retention obligation or legitimate interest remains.

2. Disclosure of Data to Third Parties

We only share your personal data if you have explicitly consented, if required by law, or if necessary to enforce our rights, particularly under contractual claims. We may also transmit your data to affiliated companies (see above). Data may be shared with third parties as required for website, app, or service use, contractual processing, or by law (e.g., law enforcement requests) or to enforce claims under contractual relationships (e.g., debt collection). Third-party use is strictly limited to the stated purposes.

Several third-party providers are explicitly mentioned in this privacy statement. Another provider with access to personal data is the website host, Alturos Destinations Lakeside B03, 9020 Klagenfurt, Austria. The servers are located in: [Switzerland]. The legal basis for this processing is our legitimate interest under Art. 6(1)(f) GDPR.

Credit card information is transmitted to your card issuer and the acquiring bank during payment on the website. Mandatory information will be requested for credit card payments. The legal basis for sharing data is the performance of a contract under Art. 6(1)(b) GDPR.

4. Transfer of Personal Data Abroad

We are authorized to transfer personal data to third-party companies abroad, including group companies, if necessary for processing purposes. Legal requirements for transferring personal data to third parties are observed, and these parties are bound to comply with data protection obligations. If the data protection level in a country does not meet Swiss or EU standards, we ensure contractual safeguards to maintain equivalent protection.

5. Note on Data Transfer to the USA

Some third-party providers mentioned in this privacy statement are based in the USA. For users in Switzerland, it is noted that U.S. authorities may monitor data stored in the USA, including personal data transferred from Switzerland or the EU, without differentiation, restriction, or limitation. No legal remedies in the USA allow access, correction, or deletion of these data for EU/Swiss users. We highlight this so users can make informed consent decisions. Transfers to U.S. recipients like Google are secured by contractual and additional safeguards to ensure adequate data protection.

6. Data Security

We use appropriate technical and organizational measures to protect personal data from manipulation, partial or complete loss, and unauthorized access. Security measures are continuously updated according to technological developments.

You should keep your access credentials confidential and close the browser window after communication, especially when sharing a computer with others.

Internal data protection is taken seriously. Our employees and service providers are bound to confidentiality and compliance with data protection regulations.

7. Your Rights

You may object to data processing at any time. You also have the following rights:

Right of access: You may request free access to your personal data that we process, allowing you to verify which personal data we hold about you and ensure it is used according to data protection laws.

Right to correction: You have the right to correct inaccurate or incomplete personal data and to be informed about the correction. We will inform recipients of the corrected data unless impossible or disproportionate.

Right to deletion: You may request deletion of personal data under certain circumstances. This right may be excluded in specific cases.

Right to restrict processing: Under certain conditions, you may request limitation of the processing of your personal data.

Right to data portability: Users outside Switzerland may request their personal data in a readable format free of charge.

Right to complain: You may file a complaint with a competent supervisory authority regarding data processing.

Right to withdraw consent: You may withdraw consent at any time for future processing. Past processing based on consent remains lawful.

You can exercise your rights via email at info@asd-marketing.ch. We may request proof of identity at our discretion.

8. Minors

We do not intend to collect personal data from minors, but we cannot always verify the age of users accessing our websites/apps. If a minor provides data without parental consent, we request parents/guardians to contact us to delete the data and prevent future marketing material from being sent.

As of August 2022