Data protection declaration
The “Sektion Niesen”, a club under public law (Art. 60 ff. ZGB), is the operator of the website www.almagellerhuette.ch and therefore responsible for the collection, processing and use of your personal data and the compatibility of data processing with Swiss law.
Your trust is important to us, which is why we take the subject of data protection seriously and ensure that it is secure. It goes without saying that we observe the legal provisions of the Federal Data Protection Act (DSG), the Ordinance to the Federal Data Protection Act (VDSG), the Telecommunications Act (TCA) and, where applicable, other data protection regulations, in particular the General Data Protection Regulation of the European Union (hereinafter DSGVO).
In order for you to know what personal data we collect from you and for what purposes we use it, please take note of the following information.
1. Scope and purpose of the collection, processing and use of personal data
a. when visiting www.almagellerhuette.ch
When you visit our website, our servers temporarily store each access in a log file. The following data is recorded without your intervention and stored by us until automatic deletion after six months at the latest:
· the IP address of the requesting computer
· the date and time of access
· the name and the URL of the retrieved file
· the website from which the access was made
· the browser you use
This data is collected and processed for the purpose of enabling the use of our website (connection establishment), to ensure system security and stability in the long term and to enable the optimisation of our Internet offer as well as for internal statistical purposes. This is our legitimate interest in data processing within the meaning of Art. 6 Para. 1 lit. f DSGVO. Furthermore, the IP address is evaluated for statistical purposes in the event of attacks on the network infrastructure of www.almagellerhuette.ch.
In addition, when you visit our website, we use so-called cookies to use web analysis services. You will find more details on this in Sections 2, 5 and 6 of this data protection declaration.
b. when making a reservation in our hut
For reservations in our hut we use the hut reservation system of the Swiss Alpine Club SAC in cooperation with other CAA Alpine Clubs. For this reason, the data protection specific to the use of this application is attached to the website of the hut reservation system.
2. Transfer of data to third parties
We will only pass on your personal data if you have given your express consent, if there is a legal obligation to do so or if this is necessary to enforce our rights, in particular to enforce claims arising from the relationship between you and the “Sektion Niesen”.
In addition, we pass on your personal data to third parties to the extent that this is necessary within the scope of using the website to provide the services you have requested and to analyse your user behaviour. Insofar as this is necessary for the purposes mentioned in sentence 1, the transfer can also take place abroad. Insofar as the website contains links to third party websites, after clicking on these links the “Sektion Niesen” no longer has any influence on the collection, processing, storage or use of personal data by the third party and accepts no responsibility for this.
3. Transfer of personal data abroad
The “Sektion Niesen” is also entitled to transfer your personal data to third companies (commissioned service providers) abroad, if this is necessary for the data processing described in this privacy policy. These companies are obliged to the same extent as we are ourselves to protect data. If the level of data protection in a country does not correspond to that in Switzerland or the EU, we will ensure by contract that the protection of your personal data corresponds to that in Switzerland or the EU at all times.
4. Data security
We use appropriate technical and organizational security measures to protect your personal data stored with us against manipulation, partial or complete loss and against unauthorized access by third parties. Our security measures are continuously improved in line with technological developments.
You should always keep your payment information confidential and close the browser window when you have finished communicating with us, especially if you share a computer with others.
We also take the company’s internal data protection very seriously. Our employees and the service companies we commission have been obligated by us to maintain confidentiality and to comply with data protection regulations.
5. Cookies
Cookies help in many ways to make your visit to our website easier, more pleasant and more meaningful. Cookies are information files that your web browser automatically stores on your computer’s hard drive when you visit our website. Cookies do not damage the hard drive of your computer, nor do they transmit personal data of users to us.
We use cookies, for example, to better tailor the information, offers and advertising displayed to you to your individual interests. Their use does not result in us obtaining new personal data about you as an online visitor. Most Internet browsers automatically accept cookies. However, you can configure your browser so that no cookies are stored on your computer or so that a message is always displayed when you receive a new cookie.
Disabling cookies may mean that you will not be able to use all the features of our website.
6. Tracking-Tools
On our website we use various so-called tracking tools. With these tracking tools your surfing behaviour on our website is observed. This observation takes place for the purpose of a demand-oriented design and continuous optimization of our website.
On our website, data is collected and stored using the web analysis service software Matomo (www.matomo.org), a service of the provider InnoCraft Ltd, 150 Willis St, 6011 Wellington, New Zealand, (“Matomo”) on the basis of our legitimate interest in the statistical analysis of user behaviour for optimisation and marketing purposes in accordance with Art. 6 Para. 1 letter f DSGVO. From this data, pseudo-anonymised user profiles can be created and evaluated for the same purpose. Cookies may be used for this purpose. Cookies are small text files that are stored locally in the cache of the visitor’s Internet browser. Among other things, the cookies enable the recognition of the Internet browser. The data collected with Matomo technology (including your pseudo-anonymised IP address) is processed on our servers. The information generated by the cookie in the pseudo-anonymous user profile is not used to personally identify the visitor of this website and is not combined with personal data about the bearer of the pseudonym.
If you do not agree with the storage and evaluation of this data from your visit, you can object to the storage and use of this data at any time by clicking on the mouse. In this case a so-called opt-out cookie is stored in your browser, which means that Matomo does not collect any session data. Please note that the complete deletion of your cookies means that the opt-out cookie is also deleted and may have to be reactivated by you.
7. Note on data transfers to the USA
For the sake of completeness, we would like to point out to users who are resident or domiciled in Switzerland that surveillance measures are in place in the USA by US authorities which generally allow the storage of all personal data of all persons whose data has been transferred from Switzerland to the USA. This is done without any differentiation, restriction or exception based on the objective pursued and without any objective criterion that would make it possible to limit access to the data by the US authorities and its subsequent use to very specific, strictly limited purposes that could justify the interference associated with both access to and use of the data. Furthermore, we would like to point out that there are no legal remedies available in the United States for data subjects from Switzerland that would allow them to gain access to the data concerning them and to obtain its correction or deletion, or that there is no effective judicial protection against general access rights of US authorities. We explicitly draw the data subject’s attention to this legal and factual situation in order to make an appropriately informed decision to consent to the use of his or her data.
Users residing in a member state of the EU are advised that the USA does not provide an adequate level of data protection from the perspective of the European Union – among other things due to the issues mentioned in this section. Insofar as we have explained in this privacy policy that recipients of data (such as Google, Facebook, MailChimp and Twitter) are based in the USA, we will ensure that your data is protected at an adequate level with our partners, either through contractual arrangements with these companies or by ensuring that these companies are certified under the EU-US Privacy Shield.
8. Right of access, rectification, erasure and limitation of processing; right of data transfer
You have the right to receive information about the personal data we store about you free of charge upon request. In addition, you have the right to have incorrect data corrected and the right to have your personal data deleted, provided that this does not conflict with any legal obligation to retain the data or any permission that allows us to process it. In accordance with Articles 18 and 21 of the DSGVO, you also have the right to demand a restriction of data processing and to object to data processing.
You also have the right to demand that the data you have given us be returned to you (right to data portability). Upon request, we will also pass on the data to a third party of your choice. You have the right to receive the data in a common file format.
You can contact us for the above-mentioned purposes by e-mail at datenschutz@sac-cas.ch. In order to process your requests, we may, at our discretion, require proof of identity.
You can also tell us what should happen to your data after your death by giving us appropriate instructions.
9. Data retention
We store personal data only as long as necessary,
to use the above-mentioned tracking, advertising and analysis services within the scope of our legitimate interest;
to carry out services to the above-mentioned extent that you have requested or for which you have given your consent (e.g. for the newsletter);
to comply with our legal obligations.
Contract data will be stored by us for a longer period of time, as this is required by statutory storage obligations. Retention obligations which oblige us to retain data result from accounting regulations and from tax regulations. According to these regulations, business communications, concluded contracts and booking vouchers must be stored for up to 10 years or, in the case of user’s resident in France, for up to 5 years. If we no longer need these data for the performance of services for you, the data will be blocked. This means that the data may then only be used for accounting and tax purposes.
10. Right to complain to a data protection supervisory authority
If you are resident in an EU member state, you have the right to complain to a data protection authority at any time.
Changes to the privacy policy
We reserve the right to change this privacy policy at any time. We therefore recommend that you review this statement regularly. This page was last changed on 21.8.2019.
General information
If you have any questions or comments about our legal indications or data protection, please contact us at datenschutz@sac-cas.ch.