Data protection regulations

Responsible body in the sense of the data protection laws, in particular the
EU General Data Protection Regulation (GDPR), is:
Gastro Foppa AG
PO Box 78
7017 Flims
Country: Switzerland

Contact:

Website URL: www.berghausfoppa.ch

Your aggrieved party rights
You can always exercise the following rights under the contact details of our data protection officer:

• Information about your stored data and their processing (Art. 15 GDPR),
• correction of incorrect personal data (Art. 16 GDPR),
• deletion of your stored data (Art. 17 GDPR),
• Limitation of data processing, provided that we provide your data by law can not delete duties (Art. 18 GDPR),
• objection to the processing of your data with us (Article 21 GDPR) and
• Data portability, if you have consented to the data processing or one
Contract with us (Article 20 GDPR).

If you have given us your consent, you can withdraw it at any time with effect for the future.

You can contact a regulatory authority at any time with a complaint, eg. to the competent supervisory authority of the federal state of your domicile or to the authority responsible for us as responsible authority.

A list of the supervisory authorities (for the non-public area) with address can be found at: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.

Collecting general information when visiting our website
Type and purpose of processing:

If you access our website, that is, if you do not register or otherwise provide information, information of a general nature is automatically collected. This information (server log files) includes, for example, the type of web browser, the operating system used, the domain name of your Internet service provider, your IP address and the like. This is only information that does not allow conclusions about your person. They are processed in particular for the following purposes:

• ensuring a hassle-free connection of the website,
• ensuring a smooth use of our website,
• Evaluation of system security and stability as well
• for further administrative purposes.

We do not use your information to draw conclusions about you. Information of this kind may be statistically evaluated by us to optimize our website and the underlying technology.

Legal basis:

Processing takes place in accordance with Art. 6 para. 1 lit. f GDPR based on our legitimate interest in improving the stability and functionality of our website.

Receiver:

The recipient of the data may be technical service providers who work for the operation and maintenance of our website as a processor.

Storage time:

The data will be deleted as soon as it is no longer necessary for the purpose of the survey. This is basically the case for the data that is used to provide the website when the session has ended.

Provision compulsory or required:

The provision of the aforementioned personal data is neither legally nor contractually required. Without the IP address, however, the service and functionality of our website is not guaranteed. Additionally, individual services may not be available or limited. For this reason, a contradiction is excluded.

Cookies
Type and purpose of processing:

Like many other websites, we also use so-called “cookies”. Cookies are small text files that are transferred from a website server to your hard drive. This automatically gives us certain data, such as IP address, browser used, operating system and your connection to the Internet.
Cookies can not be used to launch programs or to transfer viruses to a computer. Based on the information contained in cookies, we can facilitate navigation and enable the correct display of our websites.
In no case will the data collected by us be passed on to third parties or a link with personal data will be established without your consent.
Of course, you can also view our website without cookies. Internet browsers are regularly set up to accept cookies. In general, you can disable the use of cookies at any time through the settings of your browser. Please use the help features of your internet browser to find out how to change these settings. Please note that some features of our website may not work if you have disabled the use of cookies.

Storage duration and used cookies:

If you allow us to use cookies through your browser settings or consent, the following cookies may be used on our websites:

pll_language -> 1 year cookie_notice_accepted Bookatable

Insofar as these cookies may (also) concern personal data, we will inform you in the following sections.

You can use your browser settings to delete individual cookies or the entire cookie portfolio. In addition, you will receive information and instructions on how to delete these cookies or block their storage in advance. Depending on the provider of your browser, you will find the necessary information under the following links:
• Mozilla Firefox: https://support.mozilla.org/en/kb/cookies-lodging-database-define-sites
• Internet Explorer: https://support.microsoft.com/en-us/help/17442/windows-internet- explorer-delete-manage-cookies
• Google Chrome: https://support.google.com/accounts/answer/61416?hl=en
• Opera: http://www.opera.com/help
• Safari: https://support.apple.com/kb/PH17191?locale=en_US&viewlocale=en_US

Newsletter
Type and purpose of processing:

Your data will only be used to send you the subscribed newsletter by e-mail. The indication of your name takes place, in order to be able to address you personally in the newsletter and if necessary to identify, if you want to make use of your rights as an affected person.

For the receipt of the newsletter the indication of your E-Mail address is sufficient. When registering for our newsletter, the data you provide will be used exclusively for this purpose. Subscribers may also be notified by email about circumstances relevant to the service or registration (eg. changes to the newsletter offer or technical conditions).

For an effective registration we need a valid e-mail address. In order to verify that an application is actually made by the owner of an e-mail address, we use the “Double opt-in” procedure. For this purpose we record the order of the newsletter, the dispatch of a confirmation mail and the receipt of the requested answer. Further data is not collected. The data will be used exclusively for the newsletter and will not be forwarded to third parties.

Bookatable

By using our online reservation program, you agree to our GDPR. Your e-mail address will be used for newsletters.

Legal basis:

On the basis of your expressly given consent (Article 6 (1) a GDPR), we will regularly send you our newsletter or comparable information by e-mail to your specified e-mail address.

The consent to the storage of your personal data and their use for the newsletter can be revoked at any time with effect for the future. Each newsletter has a link to it. In addition, you can unsubscribe from this website at any time or inform us of your revocation via the contact option indicated at the end of this privacy policy.

Receiver:

The recipient of the data may be a processor.

Storage time:

The data is processed in this context only as long as the corresponding consent is present. After that they will be deleted.

Provision compulsory or required:

The provision of your personal data is voluntary, solely on the basis of your consent. Unfortunately, we can not send you our newsletter without our consent.

Contact form
Type and purpose of processing:

The data you enter will be stored for the purpose of individual communication with you. This requires the specification of a valid e-mail address and your name. This serves to assign the request and the subsequent answering of the same. The specification of further data is optional.

Legal basis:

The processing of the data entered into the contact form takes place on the basis of a legitimate interest (Art. 6 (1) (f) GDPR). By providing the contact form, we would like to make it easy for you to contact us. Your information will be stored for the purpose of processing the request and for possible follow-up questions.
If you contact us to inquire about an offer, the processing of the data entered in the contact form for the implementation of pre-contractual measures (Art. 6 (1) (b) GDPR) will take place.

Receiver:

The recipient of the data may be a processor.

Storage time:

Data will be deleted no later than 6 months after processing the request. If it is too
is subject to a contractual relationship, we are subject to the statutory retention periods according to HGB and delete your data after these deadlines.

Provision compulsory or required:

The provision of your personal data is voluntary. However, we can only process your request if you provide us with your name, your e-mail address and the reason for the request.

Use of Google Analytics
Type and purpose of processing:

This website uses Google Analytics, a web analytics service of Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043 USA (hereafter: “Google”). Google Analytics uses so-called “cookies”, ie text files that are stored on your computer and that allow an analysis of the use of the website by you. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there. However, due to the activation of IP anonymization on these websites, your IP address will be shortened beforehand by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be sent to a Google server in the US and shortened there. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide other services related to website activity and internet usage to the website operator. The IP address provided by Google Analytics as part of Google Analytics will not be merged with other Google data.

The purposes of the data processing are the evaluation of the use of the website and the compilation of reports on activities on the website. Based on the use of the website and the Internet, other related services will be provided.

Legal basis:

The processing of the data is based on the consent of the user (Article 6 (1) (a) GDPR).

Receiver:

The recipient of the data is Google as a processor. For this we have with Google completed the corresponding order processing contract.

Storage time:

The deletion of data takes place as soon as they are no longer necessary for our recording purposes.

Third country transfer:

Google processes your data in the US and has submitted to the EU_US Privacy Shield https://www.privacyshield.gov/EU-US Framework. We also have standard privacy clauses with Google for the use of Google Analytics.

Provision compulsory or required:

The provision of your personal data is voluntary, solely on the basis of your consent. Unless you prevent access, this may result in functional restrictions on the website.

Withdrawal of consent:

You can prevent the storage of cookies by a corresponding setting of your browser software; however, please note that if you do this, you may not be able to use all the features of this website to the fullest extent possible. In addition, you may prevent the collection by Google of the data generated by the cookie and related to your use of the website (including your IP address) as well as the processing of this data by Google by downloading the browser plug-in available under the following link and install: Browser Add On to disable Google Analytics.
In addition or as an alternative to the browser add-on, you can prevent tracking by Google Analytics on our pages by clicking this link. An opt-out cookie will be installed on your device. This will prevent the collection by Google Analytics for this website and for this browser in the future, as long as the cookie remains installed in your browser.

Profiling:

With the help of the tracking tool Google Analytics the behavior of the visitors of the website can be evaluated and the interests analyzed. For this we create a pseudonymous user profile.

Using Adobe Typekit
Type and purpose of processing:

We use Adobe Typekit for the visual design of our website. Typekit is a service of Adobe Systems Software Ireland Companies (4-6 Riverwalk, Citywest Business Campus, Dublin 24, Republic of Ireland, hereinafter “Adobe”), which grants us access to a font library. To integrate the fonts we use, your browser needs to connect to an Adobe server in the US and download the font we need for our website. Adobe receives the information that your website has been called from your IP address. For more information about Adobe Typekit, see the Adobe privacy policy, which can be found here: https://www.adobe.com/privacy/policy.html

Legal basis:

The legal basis for the integration of Adobe Typekit and the associated data transfer to Adobe is your consent (Art. 6 (1) lit. GDPR).

Receiver:

The call of script libraries or font libraries automatically triggers a connection to the operator of the library. Information about the use of your data by Adobe Typekit Web Fonts is available at https://typekit.com/ and in the Adobe Typekit privacy policy: https://www.adobe.com/privacy/policies/typekit.html.

Storage time:

We do not collect personal information through the inclusion of Adobe Typekit Web Fonts.

Third country transfer:

Adobe is certified under the Privacy Shield Agreement, which provides a guarantee to comply with European privacy legislation (https://www.privacyshield.gov/participant?id=a2zt0000000TNo9AAG&status=Active)

Provision compulsory or required:

The provision of personal data is neither statutory nor contractually required. However, without the correct representation of the contents of standard fonts can not be made possible.

Using Google Maps
Type and purpose of processing:

On this website we use the offer of Google Maps. Google Maps is licensed by Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA (hereafter
“Google”) operated. This allows us to show you interactive maps directly on the website, allowing you to conveniently use the map feature.
For more information about Google’s data processing, please refer to the Google Privacy Notice. There you can also change your personal privacy settings in the privacy center.
For detailed instructions on how to manage your own data related to Google products, click here.

Legal basis:

The legal basis for the integration of Google Maps and the associated data transfer to Google is your consent (Article 6 (1) a GDPR).

Receiver:

By visiting the website, Google receives information that you have accessed the corresponding subpage of our website. This is done regardless of whether Google provides a user account that you are logged in to, or if there is no user account.
When you’re logged in to Google, your data will be assigned directly to your account.

If you do not wish to be assigned to Google on your profile, you must log out of Google before activating the button. Google stores your data as usage profiles and uses them for purposes of advertising, market research and / or tailor-made website design. Such an evaluation is carried out in particular (even for non-logged in users) to provide needs-based advertising and to inform other users of the social network about your activities on our website. You have a right of objection to the formation of these user profiles, and you must comply with this to Google.

Legal basis:

The legal basis for the integration of Google Maps and the associated data transfer to Google is your consent (Article 6 (1) a GDPR).

Storage time:

We do not collect personal information through the inclusion of Google Maps.

Third country transfer:

Google processes your data in the US and has submitted to the EU_US Privacy Shield https://www.privacyshield.gov/EU-US Framework.

Withdrawal of consent:

If you do not want Google to collect, process or use information about you through our website, you can disable JavaScript in your browser settings. In this case, you can not or only partially use our website.

Provision required or required:

The provision of your personal data is voluntary, solely on the basis of your consent. Unless you prevent access, this may result in functional restrictions on the website.

SSL encryption

To protect the security of your data during transmission, we use state-of-the-art encryption techniques (such as SSL) over HTTPS.

Used processors

The following organizations, companies or persons were commissioned by the operator of this website to process data:
Bookatable (by Michelin), London limited

Change of our privacy policy

We reserve the right to amend this privacy policy to always comply with the latest legal requirements or to implement changes to our services in the privacy policy, e.g. when introducing new services. Your new visit will be subject to the new privacy policy.

However, you have the option to unsubscribe at any time. You can do this via every newsletter you send, or send an e-mail to our data protection officer.

Questions to the data protection officer

If you have any questions about privacy, please email us or contact the person responsible for privacy in our organization: Sebastian Kern, Managing Director

The privacy policy has been created with the privacy statement generator of activeMind AG (version 2018-06-22).