PRIVACY POLICY

Chalet AlpinLux GmbH, Spirenwaldstrasse 155, 3803 Beatenberg – Chalet AlpinLux (hereinafter 'we') is the operator of the website chaletalpinlux.ch (hereinafter 'our website') and is responsible for the collection, processing, and use of your personal data.

This privacy policy is intended to inform you about which personal data and information we collect from you on our website and for what purposes we use and evaluate them.

We assure you that we take your data protection seriously, train our employees, and pay attention to appropriate data protection security (with organizational and technical measures).

All personal data protected by the FADP and GDPR that arise during the use of our website or are collected as part of registration are used exclusively for contract fulfillment, unless we have your explicit consent for further use or applicable law legitimizes it.

When handling your data, we always comply with the legal provisions – we observe the legal provisions of the completely revised Federal Act on Data Protection (FADP), the implementing provisions in the new Data Protection Ordinance (DPO), and the new Ordinance on Data Protection Certifications (VDSZ). Furthermore, we comply with the legal provisions of the Telecommunications Act (FMG) and other applicable data protection regulations under Swiss or EU law, particularly the General Data Protection Regulation (GDPR).

By using our website, you agree to the following terms.

RESPONSIBLE ENTITY

The responsible entity for data protection concerns is:

Chalet AlpinLux GmbH

Spirenwaldstrasse 155

3803 Beatenberg

info@chaletalpinlux.ch

DISCLAIMER

Despite the utmost care, we do not guarantee the content accuracy, correctness, timeliness, reliability, or completeness of the information published on our website.

We disclaim all liability claims (including negligence and liability towards third parties) for actual or possible damages of a material or immaterial nature arising from access to, use of, or inability to use elements of our website, from misuse of the connection, technical disruptions, viruses, or links to other websites. We exclude any liability for damages caused by auxiliary persons.

All offers are non-binding. We reserve the right to modify, supplement, or delete parts of the pages or the entire offer without prior notice.

LIABILITY FOR LINKS TO OTHER WEBSITES

To provide you with further useful information, our website contains links to third-party websites or excerpts from third-party websites within our website. How these providers handle personal data collected on their websites is beyond our control and responsibility.

We also assume no liability for access, content, operation, and use of these websites. Accessing a website through these links or excerpts is at your own risk.

COPYRIGHTS

All content on our website is protected by copyright or other rights and belongs exclusively to us or the expressly named rights holders. The elements on our website are freely accessible for browsing purposes only.

For the complete or partial reproduction, modification, use, or distribution of any parts of our website, prior written consent from the copyright holders must be obtained.

Anyone who commits a copyright infringement without the consent of the respective rights holder may be liable to prosecution and possibly to pay damages.

COLLECTION, PROCESSING, AND USE OF YOUR PERSONAL DATA

Personal data includes all information that can be used to determine your identity and can be traced back to you (e.g., name, postal address, phone number, email address).

A data subject is someone whose personal data is being processed. Processing includes all actions with personal data, such as storing, disclosing, collecting, obtaining, deleting, saving, modifying, destroying, and using personal data. We process personal data in accordance with legal data protection regulations.

Unless otherwise specified in the following sections, personal data is generally not collected, processed, or used when visiting and using our website.

We only request personal information when it is necessary for communication with you or for the execution of the services offered.

However, by using analytics and tracking tools, we receive certain technical information generated based on the data transmitted by your browser (such as browser type and version, operating system used, websites visited on our site including duration of stay). This information is evaluated exclusively for statistical purposes.

Visiting our website (chaletalpinlux.ch)

When you visit our website, our servers temporarily store each access in a log file. As is generally the case with any connection to a web server, the following data is automatically collected and stored by our host (Internet Service Provider):

IP address of the requesting computer
Date and time of access
Name and URL of the retrieved file
Website from which the access originated
Operating system of the requesting computer
Browser used (type, version, and language)
Country from which the access occurred

By collecting and processing this data, the use of our website is enabled (connection setup), system security and stability are ensured, and the further development of our online offerings as well as internal statistical evaluations are made possible. This constitutes our legitimate interest in data processing. In the event of unauthorized or abusive website use, the IP address, along with other data, can be analyzed for clarification. Additionally, when visiting our website, we use pixels and cookies for web analysis services.

Use of our inquiry form

If you use our inquiry form for electronic contact, the following information is required to ensure we can respond to your request as effectively and personally as possible:

Arrival date and duration of stay
Number of adults
Number of children
Pets
First and last name
Address, postal code, city, and country
Phone number
Email address
Personal message (optional)

If you do not provide the required information, this may affect the provision of our services. The provision of personal data in other fields is voluntary. You are free to inform us at any time that you no longer wish for the processing of this voluntarily provided personal data (see section 'Rights of affected persons').

CHALET BOOKING

Booking online, by correspondence, by phone call

You can make your booking either through our website or via email. To process the contract, we need the following information:

Arrival date and duration of stay
Number of adults
Number of children
Desired additional services
First and last name
Date of birth of travelers
Address, postal code, city, and country
Phone number
Email address
Personal message (optional)

These and other voluntary details (e.g., expected arrival time, remarks) will only be used to process the contract unless otherwise stated in this privacy policy or you have expressly consented to it. We process the data primarily to record your booking as requested, provide the booked services, contact you in case of any ambiguities, and ensure correct payment.

Booking platforms

If you book through a third-party platform, we receive various personal information from the respective platform operator. Additionally, we may receive inquiries regarding your booking. We process these data primarily to record your booking as requested and to provide the booked services.

The platform operators may inform us of any disputes related to a booking, and we may receive data about the booking process, including a copy of the booking confirmation as proof of the actual booking. We process these data to protect and enforce our claims. Please also refer to the privacy policy of the respective platform operator.

Data processing related to your stay

At the check-in of the chalet, we may require the following information from you and your companions:

First and last name
Postal address
Date of birth
Place of birth
Nationality
Official identification document and number
Arrival and departure dates

These details are collected to fulfill legal reporting obligations, particularly those arising from hospitality or police laws. If we are required to do so under applicable regulations, we forward this information to the appropriate police authority.

DISCLOSURE OF DATA TO THIRD PARTIES

We assure you that we only share your personal data when there is a legal obligation, we have your consent, or we have a legitimate interest (for example, to enforce our rights).

We only share your data with third parties to the extent necessary for the use of the website, to provide the services you requested (e.g., hosting providers or companies we collaborate with to offer services on our website, such as for bookings, purchases, rentals, etc.), and to analyze your usage behavior.

When sharing data with third parties, we ensure sufficient contractual guarantees that such third parties protect personal data according to legal requirements and use it exclusively in our interest.

TRANSFER OF PERSONAL DATA ABROAD

For the data processing described in this privacy policy, we may be authorized to transfer your personal data to third-party companies abroad. These third parties, i.e., contracted service providers, are subject to the same data protection obligations as we are.

If the level of data protection in a country does not correspond to that of Switzerland or the EU, we contractually guarantee that the protection of your personal data will always be equivalent to that in Switzerland or the EU.

Notice regarding data transfers to the USA:

We inform users residing in Switzerland that US authorities have surveillance measures in place that generally allow for the storage of all personal data of all individuals whose data is transferred from Switzerland to the USA.

This occurs without differentiation, limitation, or exception based on the pursued objective and without an objective criterion that would allow for the restriction of US authorities' access to and subsequent use of the data to specific, strictly limited purposes that could justify the associated interference with both access to and use of these data.

We also point out that there are no legal remedies available in the USA for affected individuals from Switzerland that would allow them to access data relating to them and to obtain its correction or deletion, nor is there effective judicial protection against the general rights of access by US authorities.

We explicitly inform affected individuals of this legal and factual situation so that they can make an informed decision regarding their consent to the use of their data.

We inform users residing in an EU member state that, from the EU's perspective—among other issues mentioned in this section—the USA does not have an adequate level of data protection.

If we have indicated in this privacy policy that data recipients (such as Facebook, Twitter) are based in the USA, we will ensure that your data is adequately protected with our partners either through contractual agreements with these companies or by ensuring their certification under the EU-US or Swiss-US Privacy Shield.

DATA SECURITY

To ensure the security of your personal data (e.g., against manipulation, loss, and unauthorized access by third parties), we have implemented a variety of technical and organizational security measures and continuously develop them further. However, we cannot guarantee absolute data security.

Our employees and the service providers we commission are obligated by us to maintain confidentiality and comply with data protection regulations.

You should always treat your information confidentially and close the browser window when you have finished communicating with us, especially if you share the computer with other users.

SSL/TLS ENCRYPTION

For security reasons and to protect the transmission of confidential data (e.g., during payment processing, orders, or inquiries you send to us), our website uses SSL/TLS encryption. You can recognize an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line.

When SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.

COOKIES

By using cookies, we can provide more user-friendly services to the users of our website that would not be possible without cookie settings.

Cookies are information files that your internet browser automatically stores on the hard drive of your computer when you visit our website. Cookies do not damage the hard drive of your computer nor do they transmit personal data to us. They are stored on your device and used to store information about your preferences and activities on the website. These files help websites remember your actions and settings over a period of time, so you don’t have to keep re-entering them whenever you come back to the site or browse from one page to another. There are different types of cookies, such as session cookies, which are deleted after you close your browser, and persistent cookies, which remain on your device for a set period. Cookies are also used for tracking and analytics to help improve website performance and user experience.

For example, we use cookies to temporarily store your selected services and entries when filling out a form on the website, so you don't have to repeat the entry when accessing another subpage. Another example is the cookie of an online shop cart. The online shop remembers the items you have placed in the virtual cart via a cookie.

Cookies may also be used to recognize you as a registered user after logging in on the website without you having to log in again when accessing another subpage.

Cookies are stored in the browser either as 'session cookies' or 'permanent cookies.' 'Session cookies' are automatically deleted when you close the browser. Permanent cookies have a specific storage duration. They allow the browser to be recognized upon your next visit to our website and are used, for example, for reach measurement.

In general, you can object to the use of cookies for online marketing purposes, particularly tracking, through a general opt-out. This is possible, for example, via the following US service: https://optout.aboutads.info/?c=2&lang=EN or the EU page: https://www.youronlinechoices.com.

Detailed information on opt-out options can be found with the respective providers and their privacy policies. Furthermore, storing cookies can be prevented by disabling them in the browser settings. Please note that this may affect certain functions of our online services.

TRACKING-TOOLS

By using tracking tools, we monitor your browsing behavior to tailor our website to your needs and continuously improve it. In this context, pseudonymized user profiles are created, and small text files known as 'cookies' are stored on your computer.

Third-party providers may also use such tracking technologies by employing permanent cookies or similar technologies. Although these third-party providers do not receive any personal data from us, they can still track your activities on our website. This information may be combined with data from other websites you have visited that are also tracked by these third-party providers. The insights gained from this can be used for their own purposes, such as targeted advertising.

The processing of your personal data by these third-party providers is carried out under their responsibility and in accordance with their own privacy policies. The following tracking tools are used on our website:

Google Analytics with anonymization function

We use Google Analytics, a web analysis service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ('Google'), on our website. We use Google Analytics with the activation of IP anonymization ('anonymizeIP').

Google Analytics uses cookies that are stored on your computer, allowing an analysis of your use of the website. The following information generated by these cookies, including your anonymized IP address, is transmitted to and stored by Google:

Returning or new visitor
Duration of stay on the website or subpage
Navigation path you take on the site
The subpage from which the website is exited
The country, region, or city from which access occurs
Device (type, version, color depth, resolution, width, and height of the browser window)

Google will process this information to evaluate your use of our website, compile reports on website activity for us, and provide other services related to website and internet usage. Google may also transfer this information to third parties if required by law or if these third parties process the data on Google's behalf. According to Google, it will not associate your IP address with any other data held by Google. For more information, please refer to the Google Analytics privacy policy: https://support.google.com/analytics/answer/6004245?hl=de

You can prevent the installation of cookies by adjusting your browser software accordingly. However, please note that in this case, you may not be able to use all the features of our website to their full extent. Instructions on how to prevent the processing of your data by the Google Analytics web analysis service can be found at https://tools.google.com/dlpage/gaoptout?hl=de.

OpenStreetMap

Wir nutzen über eine API das Open-Source-Mapping-Werkzeug „OpenStreetMap“ (OSM). Anbieter ist die OpenStreetMap Foundation, St John’s Innovation Centre, Cowley Road, Cambridge, CB4 0WS, United Kingdom. Die Nutzung von OpenStreetMap erfolgt im Interesse einer ansprechenden Darstellung unserer Online-Angebote und einer leichteren Auffindbarkeit der von uns auf der Website angegebenen Orte. Die Karten werden mittels iFrame angezeigt. Dies bedeutet, dass in jedem Bereich unserer Website, in dem die Karte angezeigt wird, auf eine fremde Website zugegriffen wird. Die Datenverarbeitung in diesem iFrame entzieht sich unserem Einfluss. Zur Nutzung der Funktionen von OpenStreetMap ist es notwendig, Ihre IP Adresse zu speichern. Diese Informationen werden in der Regel an einen Server von OpenStreetMap übertragen und dort gespeichert. Wir haben keinen Einfluss auf diese Datenübertragung.

Die OpenStreetMap-Datenschutzerklärung finden Sie unter https://wiki.osmfoundation.org/wiki/Privacy_Policy

Google Tag Manager

We use Google Tag Manager from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ('Google'). This Google service allows website tags to be managed via an interface. The Google Tag Manager tool itself only implements tags, meaning no cookies are used and no personal data is collected. Google Tag Manager triggers other tags, which may themselves collect data. However, Google Tag Manager does not access this data. If deactivation has been performed at the domain or cookie level, it remains in effect for all tracking tags implemented with Google Tag Manager.

For more information, please refer to Google's privacy policy: https://policies.google.com/privacy and the use policy at https://marketingplatform.google.com/intl/de/about/analytics/tag-manager/use-policy.

Web Fonts (Google Fonts, Adobe Fonts, Monotype)

For uniform representation of fonts, our website uses web fonts provided by Google, Adobe, or Monotype. When you access our website, your browser loads the required web fonts into your browser cache to display texts and fonts correctly. For this purpose, the browser you use must connect to the servers of Google, Adobe, or Monotype. Through this process, Google, Adobe, or Monotype will be informed that our website was accessed via your IP address. The use of web fonts is in the interest of a uniform and appealing presentation of our online offers. If your browser does not support web fonts, a standard font from your computer will be used. For more information, please refer to the privacy policy of Google: https://policies.google.com/privacy?hl=de, the privacy policy of Adobe: https://www.adobe.com/de/privacy/policies/adobe-fonts.html, and the privacy policy of Monotype: https://www.fonts.com/info/legal/privacy.

LEGAL BASES FOR THE PROCESSING OF PERSONAL DATA

Our processing of personal data is carried out within the framework of Swiss data protection law, in particular in accordance with the Federal Act on Data Protection (FADP) and the Ordinance to the Federal Act on Data Protection (OFADP). If and to the extent that the General Data Protection Regulation (GDPR) is applicable, the processing of personal data is carried out in accordance with the legal bases of the GDPR.

As a rule, the following articles serve as legal bases for the processing of personal data by us:

Article 13, paragraph 2, letter a of the FADP (processing in direct connection with the implementation of pre-contractual measures or the fulfillment of a contract, corresponds to Article 6, paragraph 1, letter b of the EU GDPR).

Article 13, paragraph 1 of the FADP (consent of the data subject or legal obligation to process, corresponds to Article 6, paragraph 1, letter a of the EU GDPR).

Article 13, paragraph 1 of the FADP (corresponds to Article 6, paragraph 1, letter f of the EU GDPR) processing of personal data to protect our legitimate interests or those of third parties, provided that this does not override the fundamental freedoms, fundamental rights, and interests of the data subject. These legitimate interests particularly include our economic interest in being able to provide our website, information security, the enforcement of our own legal claims, and compliance with Swiss law. Processing of your personal data by other companies within the group is also carried out in accordance with Article 13, paragraph 1 of the FADP (corresponds to Article 6, paragraph 1, letter f of the EU GDPR).

PROFILING AND AUTOMATED DECISION-MAKING

Neither in our company nor with third parties commissioned by us does profiling or automated decision-making take place. Profiling refers to the automated processing of customer data to evaluate personal aspects such as economic situation, health, interests, behavior, etc.

DATA STORAGE

We store personal data only as long as necessary, e.g., for tracking and analysis services in legitimate interest or legal obligations.

We retain user account master data indefinitely, but you can request its deletion.

For unregistered orders, we delete master data after the warranty period or service end, unless retention obligations apply. We retain contract data in accordance with billing and tax regulations for up to 10 years.

After the end of usage, data is locked and used only for billing and tax purposes.

RIGHTS OF AFFECTED PERSONS

We grant affected persons all rights to which they are entitled under the applicable data protection regulations.

Right to confirmation and right to information : You have the right to receive information about whether and which personal data about you are processed by us. Furthermore, data subjects have the right to be provided with the necessary information to assert their data protection claims and to ensure transparency. This includes not only the personal data processed, but also information about the purpose of processing, the retention period, possible disclosure or transfer of data to other countries and the origin of the personal data.

Right to rectification and right to restriction of processing: You have the right to have inaccurate personal data rectified, to have incomplete data completed and to have the processing of your data restricted.

Right to withdraw your consent to the processing of non-essential personal data and right to erasure: You have the right to request the erasure of your personal data (“right to be forgotten”) and to withdraw your consent to the future processing of your personal data.

Right to object : You can object to the processing of your personal data at any time.

Right to data disclosure and right to data portability: You have the right to request that the personal data concerned be disclosed in a structured, common and machine-readable format or to request that your data be transferred to another controller.

Personal data is processed for the period necessary for the specific purposes in question. If longer retention periods exist due to legal or other obligations to which we are subject, we will restrict processing accordingly.

Within the framework of the legal requirements, we reserve the right to postpone, restrict or refuse the exercise of the rights of data subjects. For example, we can legally refuse to delete your personal data if your personal data is still required for the original purposes (e.g. if you continue to receive a service from us), if the processing is based on a mandatory legal basis (e.g. on statutory accounting regulations) or if we have an overriding interest of our own (e.g. in the event of a legal dispute with the data subject).

We are committed to ensuring that individuals requesting information or exercising other rights are appropriately identified. Data subjects are obliged to cooperate.

PLACE OF JURISDICTION AND APPLICABLE LAW

This privacy policy, as well as the contracts concluded on the basis of or in connection with this privacy policy, are subject to Swiss law. The place of jurisdiction is the location of the operator of the website, namely Bern.

FINAL PROVISIONS

If individual parts of this privacy policy should be invalid, the validity of the remaining parts of the privacy policy remains unaffected.

We reserve the right to adjust this privacy policy to reflect changes to our website, our offerings, or due to new legal or regulatory requirements. The current version of this privacy policy will be published on our website.

Effective: February 2024