Terms of Use and Privacy Policy

Familie am Mountainbiken in Savognin Bivio
Terms of Use and Privacy Policy of the Website of Tourismus Val Surses Savognin Bivio AG, Savognin, Switzerland. By using the website www.valsurses.ch, you consent to the following terms.

Privacy Policy

With this Privacy Policy, we inform you about the processing of personal data in connection with our activities and operations, including our valsurses.ch website. We particularly inform you about the purposes, methods, and locations where we process personal data. We also inform you about the rights of individuals whose data we process.

For specific or additional activities and operations, additional privacy policies or other data protection information may apply.

We are subject to Swiss data protection law and, where applicable, foreign data protection laws such as the European Union's (EU) General Data Protection Regulation (GDPR).

The European Commission recognized on July 26, 2000 that Swiss data protection law ensures an adequate level of data protection. On January 15, 2024, the European Commission reaffirmed this adequacy decision.

1. Contact Addresses

Responsible for the processing of personal data:

Tourismus Val Surses Savognin Bivio AG
Stradung 42
7460 Savognin
ferien@valsurses.ch

In individual cases, third parties may be responsible for processing personal data, or there may be joint responsibility with third parties.

1.1 Data Protection Officer or Data Protection Consultant

We have the following data protection officer or data protection consultant as a point of contact for individuals and authorities regarding inquiries related to data protection:

Tanja Amacher
Tourismus Val Surses Savognin Bivio AG
Stradung 42
7460 Savognin
ferien@valsurses.ch

1.2 Data Protection Representation in the European Economic Area (EEA)

We have the following data protection representation in accordance with Art. 27 GDPR:

VGS Datenschutzpartner GmbH
Am Kaiserkai 69
20457 Hamburg
Germany
ferien@valsurses.ch

The data protection representation serves as an additional point of contact for individuals and authorities in the European Union (EU) and the rest of the European Economic Area (EEA) regarding inquiries related to GDPR.

2. Terms and Legal Bases

2.1 Terms

Data Subject: A natural person whose personal data we process.

Personal Data: Any information relating to an identified or identifiable natural person.

Special Categories of Personal Data: Data related to trade union membership, political, religious, or philosophical beliefs and activities, data on health, intimate life, ethnic or racial origin, genetic data, biometric data uniquely identifying a natural person, data on criminal and administrative sanctions or prosecutions, and data on social welfare measures.

Processing: Any handling of personal data, regardless of the means and procedures used, such as querying, comparing, adjusting, archiving, storing, reading, disclosing, acquiring, recording, collecting, deleting, disclosing, organizing, organizing, storing, altering, disseminating, linking, destroying, and using personal data.

European Economic Area (EEA): Member States of the European Union (EU), as well as the Principality of Liechtenstein, Iceland, and Norway.

Note: The European General Data Protection Regulation (GDPR) refers to the processing of personal data as the processing of personal data and the processing of special categories of personal data as the processing of special categories of personal data (Art. 9 GDPR).

2.2 Legal Bases

We process personal data in accordance with Swiss data protection law, such as the Federal Act on Data Protection (Data Protection Act, DPA) and the Ordinance on Data Protection (Data Protection Ordinance, DPO).

We process – insofar as and to the extent that the General Data Protection Regulation (GDPR) is applicable – personal data or personally identifiable information in accordance with at least one of the following legal bases:

  • Art. 6(1)(b) GDPR for the processing of personal data necessary for the performance of a contract with the data subject or to carry out pre-contractual measures.
  • Art. 6(1)(f) GDPR for the processing of personal data necessary to safeguard legitimate interests – including the legitimate interests of third parties – unless the fundamental freedoms, rights, and interests of the data subject outweigh them. Such interests include, in particular, the sustainable, human-friendly, secure, and reliable performance of our activities and operations, ensuring information security, protection against misuse, enforcement of our own legal claims, and compliance with Swiss law.
  • Art. 6(1)(c) GDPR for the processing of personal data necessary to fulfill a legal obligation to which we are subject under the applicable law of the member states within the European Economic Area (EEA).
  • Art. 6(1)(e) GDPR for the processing of personal data necessary for the performance of a task carried out in the public interest.
  • Art. 6(1)(a) GDPR for the processing of personal data with the consent of the data subject.
  • Art. 6(1)(d) GDPR for the processing of personal data necessary to protect the vital interests of the data subject or another natural person.
  • Art. 9(2) GDPR for the processing of special categories of personal data, particularly with the consent of the data subjects.

3. Nature, Scope, and Purpose of Processing Personal Data

We process the personal data that is necessary for us to sustainably, humanely, securely, and reliably perform our activities and operations. The personal data processed may fall into categories such as browser and device data, content data, communication data, metadata, usage data, master data including inventory and contact data, location data, transaction data, contract data, and payment data.

We also process personal data that we receive from third parties, obtain from publicly accessible sources, or collect in the course of performing our activities and operations, to the extent such processing is legally permissible.

We process personal data as necessary, with the consent of the data subjects. In many cases, we may process personal data without consent, such as to fulfill legal obligations or to safeguard overriding interests. We may also seek the consent of data subjects even when it is not required.

We process personal data for the duration necessary for the respective purpose. We anonymize or delete personal data, particularly based on statutory retention and limitation periods.

4. Disclosure of Personal Data

We may disclose personal data to third parties, have it processed by third parties, or process it jointly with third parties. These third parties include specialized providers whose services we use.

We may disclose personal data to, for example, banks and other financial service providers, authorities, educational and research institutions, consultants and lawyers, interest groups, IT service providers, cooperation partners, credit and economic information agencies, logistics and shipping companies, marketing and advertising agencies, media, organizations and associations, social institutions, telecommunications companies, and insurers.

5. Communication

We process personal data to communicate with third parties. In this context, we particularly process data provided by a data subject when contacting us, for example, by postal mail or email. We may store such data in an address book or similar tools.

Third parties who transmit data about other persons are obliged to ensure data protection for such data subjects. This includes ensuring the accuracy of the personal data transmitted.

We use selected services from suitable providers to improve our communication with third parties.

6. Data Security

We take appropriate technical and organizational measures to ensure data security appropriate to the respective risk. With our measures, we particularly ensure the confidentiality, availability, traceability, and integrity of the processed personal data, although we cannot guarantee absolute data security.

Access to our website and other online presences is via transport encryption (SSL / TLS, particularly with the Hypertext Transfer Protocol Secure, abbreviated HTTPS). Most browsers warn against visiting websites without transport encryption.

Our digital communication is – like all digital communication – subject to mass surveillance without cause or suspicion by security authorities in Switzerland, the rest of Europe, the United States of America (USA), and other countries. We cannot directly influence the corresponding processing of personal data by intelligence agencies, police forces, and other security authorities. We also cannot exclude the possibility that a data subject may be specifically monitored.

7. Personal Data Abroad

We generally process personal data in Switzerland and the European Economic Area (EEA). However, we may also export or transfer personal data to other countries, particularly to process it there or have it processed.

We can export personal data to any countries and territories on Earth, provided that the law there ensures adequate data protection according to the Swiss Federal Council's decision and – insofar as the General Data Protection Regulation (GDPR) is applicable – also according to the European Commission's decision.

We may transfer personal data to countries whose laws do not ensure adequate data protection, provided that data protection is guaranteed for other reasons, particularly based on standard data protection clauses or other appropriate safeguards. In exceptional cases, we may export personal data to countries without adequate or appropriate data protection if the special data protection requirements are met, such as the explicit consent of the data subjects or a direct connection with the conclusion or execution of a contract. We are happy to provide information on any guarantees or a copy of any guarantees on request.

8. Rights of Data Subjects

8.1 Data Protection Rights

We grant data subjects all rights under applicable data protection law. Data subjects have the following rights, in particular:

  • Information: Data subjects can request information about whether we process personal data about them and, if so, which personal data is involved. Data subjects also receive the information necessary to assert their data protection rights and ensure transparency. This includes the processed personal data itself, as well as information on the processing purpose, retention duration, any disclosure or transfer of data to other countries, and the origin of the personal data.
  • Correction and Restriction: Data subjects can have incorrect personal data corrected, incomplete data completed, and the processing of their data restricted.
  • Deletion and Objection: Data subjects can request the deletion of personal data ("Right to be Forgotten") and object to the processing of their data for the future.
  • Data Portability and Transfer: Data subjects can request the release of personal data or the transfer of their data to another data controller.

We may postpone, restrict, or refuse the exercise of data subjects' rights within the legally permissible framework. We may inform data subjects of any conditions that must be met to exercise their data protection rights. For example, we may refuse to provide information by referring to business secrets or the protection of other individuals. We may also refuse to delete personal data by referring to legal retention obligations.

In exceptional cases, we may charge for the exercise of rights. We will inform data subjects in advance of any costs.

We are obliged to take reasonable measures to identify data subjects requesting information or asserting other rights. Data subjects are required to cooperate.

8.2 Legal Protection

Data subjects have the right to enforce their data protection rights through legal action or to file a complaint with a data protection supervisory authority.

The data protection supervisory authority for private data controllers and federal bodies in Switzerland is the Federal Data Protection and Information Commissioner (FDPIC).

European data protection supervisory authorities are organized as members of the European Data Protection Board (EDPB). In some member states of the European Economic Area (EEA), the data protection supervisory authorities are federally structured, particularly in Germany.

9. Use of the Website

9.1 Cookies

We may use cookies. Cookies – both first-party cookies and third-party cookies from providers whose services we use – are data stored in the browser. Such stored data is not necessarily limited to traditional text-based cookies.

Cookies may be stored temporarily as "Session Cookies" or for a specific period as so-called permanent cookies. "Session Cookies" are automatically deleted when the browser is closed. Permanent cookies have a specific storage duration. Cookies enable, in particular, the recognition of a browser upon the next visit to our website, thereby allowing, for example, the measurement of the reach of our website. However, permanent cookies may also be used, for example, for online marketing purposes.

Cookies can be deactivated or deleted in the browser settings at any time, either entirely or partially. Without cookies, our website may no longer be fully available. We request – at least insofar as necessary – explicit consent for the use of cookies.

For cookies used for performance and reach measurement or for advertising purposes, a general opt-out is available for many services via the AdChoices (Digital Advertising Alliance of Canada), the Network Advertising Initiative (NAI), YourAdChoices (Digital Advertising Alliance), or Your Online Choices (European Interactive Digital Advertising Alliance, EDAA).

9.2 Logging

We may log at least the following information for each access to our website and other online presences, provided that this information is transmitted to our digital infrastructure during such access: date and time, including time zone, IP address, access status (HTTP status code), operating system including user interface and version, browser including language and version, accessed sub-page of our website, including transmitted data volume, and the last visited page in the same browser window (referrer).

We log such information, which may also constitute personal data, in log files. This information is necessary to ensure the long-term, human-friendly, and reliable provision of our online presence. It is also required to ensure data security – also by third parties or with the help of third parties.

9.3 Tracking Pixels

We may embed counting pixels in our online presence. Counting pixels are also known as web beacons. Counting pixels – also from third parties whose services we use – typically consist of small, invisible images or JavaScript scripts that are automatically retrieved when accessing our online presence. Counting pixels can collect at least the same information as in log files.

10. Notifications and Communications

10.1 Performance and Reach Measurement

Notifications and communications may contain web links or counting pixels that track whether a particular communication was opened and which web links were clicked. Such web links and counting pixels may also track the use of notifications and communications on a personal basis. We need this statistical tracking of usage for performance and reach measurement, so we can send notifications and communications effectively and user-friendly, based on the needs and reading habits of the recipients, and in a sustainable, secure, and reliable manner.

10.2 Consent and Objection

You must generally consent to the use of your email address and other contact addresses unless such use is legally permissible for other reasons. We may use the "Double Opt-in" procedure to obtain double-confirmed consent. In this case, you will receive a notification with instructions for double confirmation. We may log obtained consent, including IP address and timestamp, for evidentiary and security reasons.

You can generally object to receiving notifications and communications, such as newsletters, at any time. By objecting, you can also object to the statistical tracking of usage for performance and reach measurement. Required notifications and communications related to our activities and operations are exempt.

10.3 Service Providers for Notifications and Communications

We send notifications and communications with the help of specialized service providers.

11. Social Media

We are present on social media platforms and other online platforms to communicate with interested individuals and inform them about our activities and operations. In connection with such platforms, personal data may also be processed outside Switzerland and the European Economic Area (EEA).

The terms and conditions (T&Cs) and usage policies, as well as privacy policies and other provisions of the individual platform operators, apply in each case. These provisions provide information, particularly about the rights of data subjects directly against the respective platform, including the right to information.

For our social media presence on Facebook, including so-called Page Insights, we are – insofar as the General Data Protection Regulation (GDPR) is applicable – jointly responsible with Meta Platforms Ireland Limited (Ireland). Meta Platforms Ireland Limited is part of the Meta group of companies (including in the USA). Page Insights provide information about how visitors interact with our Facebook presence. We use Page Insights to provide our social media presence on Facebook effectively and user-friendly.

Further information on the nature, scope, and purpose of data processing, information on the rights of data subjects, and contact details for Facebook and Facebook's data protection officer can be found in the Facebook Privacy Policy. We have entered into the so-called "Controller Addendum" with Facebook, in which we have agreed, in particular, that Facebook is responsible for ensuring the rights of data subjects. For so-called Page Insights, the corresponding information can be found on the page "Information about Page Insights", including "Information about Page Insights Data".

Users of social media platforms can log in or register on our online offering using their corresponding user accounts ("Social Login"). The respective terms of the social media platforms apply.

12. Third-Party Services

We use services from specialized third parties to sustainably, humanely, securely, and reliably perform our activities and operations. With such services, we can, among other things, embed functions and content into our website. For such embedding, the services used necessarily capture at least temporarily the IP addresses of users.

For required security-relevant, statistical, and technical purposes, third parties whose services we use may process data in an aggregated, anonymized, or pseudonymized manner in connection with our activities and operations. For example, this may include performance or usage data necessary to provide the respective service.

We specifically use:

12.1 Digital Infrastructure

We use services from specialized third parties to obtain the digital infrastructure needed for our activities and operations. These include, for example, hosting and storage services from selected providers.

We specifically use:

12.2 Appointment Scheduling

We use services from specialized third parties to schedule appointments online, for example, for meetings. In addition to this Privacy Policy, the conditions of the services used, such as terms of use or privacy policies, may apply.

We specifically use:

12.3 Audio and Video Conferences

We use specialized services for audio and video conferences to communicate online. This allows us, for example, to hold virtual meetings or conduct online classes and webinars. The legal texts of the individual services, such as privacy policies and terms of use, apply to participation in audio and video conferences.

Depending on your life situation, we recommend muting the microphone by default during audio or video conferences and blurring the background or using a virtual background.

We specifically use:

12.4 Online Collaboration

We use third-party services to enable online collaboration. In addition to this Privacy Policy, the conditions of the services used, such as terms of use or privacy policies, may apply.

We specifically use:

12.5 Maps

We use third-party services to embed maps into our website.

We specifically use:

12.6 Digital Audio and Video Content

We use specialized third-party services to enable the direct playback of digital audio and video content, such as music or podcasts.

We specifically use:

12.7 Documents

We use third-party services to embed documents into our website. Such documents may include PDF files, presentations, spreadsheets, and text documents. This allows not only viewing but also editing or commenting on such documents.

We specifically use:

12.8 E-Commerce

We operate e-commerce and use third-party services to successfully offer services, content, or goods.

12.9 Payments

We use specialized service providers to securely and reliably process payments from our customers. The legal texts of the individual service providers, such as terms and conditions (T&Cs) or privacy policies, apply in addition to this Privacy Policy.

We specifically use:

12.10 Advertising

We use the option of displaying advertising to third parties, such as social media platforms and search engines, for our activities and operations.

We aim to reach individuals who are already interested in our activities and operations or who might be interested in them (Remarketing and Targeting). To do this, we may share relevant – possibly also personally identifiable – information with third parties that enable such advertising. We may also determine whether our advertising is successful, i.e., whether it leads to visits to our website (Conversion Tracking).

Third parties where we advertise and where you are registered as a user may associate the use of our website with your profile on that platform.

We specifically use:

13. Performance and Reach Measurement

We aim to measure the success and reach of our activities and operations. In this context, we may also measure the impact of third-party references or test how different parts or versions of our online offering are used ("A/B Testing" method). Based on the results of the performance and reach measurement, we can correct errors, strengthen popular content, or make improvements.

In most cases, the IP addresses of individual users are captured for performance and reach measurement. In this case, IP addresses are generally shortened ("IP Masking") to follow the principle of data minimization through corresponding pseudonymization.

Cookies may be used for performance and reach measurement, and user profiles may be created. User profiles created may include, for example, individual pages visited or content viewed on our website, information about the screen size or browser window, and the – at least approximate – location. Generally, any created user profiles are created only pseudonymously and not used to identify individual users. Individual third-party services, where users are registered, may associate the use of our online offering with the user account or profile at the respective service.

We specifically use:

14. Final Provisions

We have created this Privacy Policy using the privacy policy generator from Datenschutzpartner. The present privacy policy is an unofficial translation from the original German version.

We may update and supplement this Privacy Policy at any time. We will inform about such updates and supplements in an appropriate manner, particularly by publishing the current Privacy Policy on our website.

Links

The Tourismus Val Surses Savognin Bivio AG provides users of the website "www.valsurses.ch" with links to other tourist or general-interest websites. The Tourismus Val Surses Savognin Bivio AG is not responsible for the content of the linked pages in any way and does not endorse the content of these pages by providing the link to them. Users of "www.valsurses.ch" use the linked web pages at their own risk. We recommend that you check the content of websites you access for currentness and accuracy. – On the basis of German court decisions, Tourismus Val Surses Savognin Bivio AG distances itself in every way from the content of linked pages. – We cannot be held responsible on any legal grounds for the consequences of using the linked pages.

Currentness of data, accuracy, contract formation, data transfer

The Tourismus Savognin Bivio Albua AG will endeavour to ensure that the information provided on this website is as current and correct as possible. As these details can change quickly, we cannot guarantee their accuracy. – We cannot be held liable on any legal grounds for incorrect or outdated information and details or the consequences of their use.

The travel recommendations and other details published on the Tourismus Savognin Bivio Albu AG website are not binding offers from us or the service providers mentioned in the travel recommendations.

The Tourismus Val Surses Savognin Bivio AG does not accept any liability for the security of data transmitted via the Internet.

Google Analytics

This website uses Google Analytics, a web analytics service provided by Google, Inc. («Google»). Google Analytics uses cookies which are text files stored on your computer to help analyse your use of the website. The information generated by the cookie about your use of this website (including your IP address) will be transmitted to a Google server in the USA and stored there. Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activities for website operators and providing other services relating to website activity and internet usage.

Google may also transfer this information to third parties where this is required by law or insofar as third parties process this data on behalf of Google. Google will never associate your IP address with any other data held by Google. You may refuse the installation of cookies by selecting the appropriate settings on your browser; however please note that if you do so you may not be able to use the full functionality of this website. By using this website you consent to the processing by Google of data relating to you in the manner and for the purposes mentioned above.

As a user of this website you hereby acknowledge that the operator of this website, their vicarious agents, their representatives, associated companies, chief executives, managerial staff, employees and their shareholders accept no liability in connection with the obtaining, transmission, processing and analysis of the above-mentioned data for which reason no claims for compensation can be asserted against these natural persons and legal entities.

Liability

You, as a user of this website, agree that the operator of this website, its assistants, its representatives, its connected companies, its directors, its managers, its employees and its shareholders do not assume any liability in connection with the collection, transmission, processing and evaluation of the above-mentioned data and that no claims for damages can be asserted against these natural persons and juridical persons in this respect.

Application of law and venue

The use of this website is subject exclusively to Swiss law. Savognin, Switzerland is agreed as the exclusive place of jurisdiction.

General

If you have any questions or comments about privacy, please contact us at ferien@valsurses.ch.
Tourismus Val Surses Savognin Bivio AG, Stradung 42, CH-7460 Savognin.