With this Privacy Policy, we inform you about the personal data we process in connection with our activities and tasks, including our naturmetropole.ch website. Specifically, we inform you about why, how, and where we process which personal data. We also inform about the rights of individuals whose data we process.
For specific or additional activities and tasks, other privacy policies and other legal documents such as General Terms and Conditions (GTC), Terms of Use, or Participation Conditions may apply.
We are subject to Swiss data protection law and possibly applicable foreign data protection laws, especially that of the European Union (EU) with the General Data Protection Regulation (GDPR). The European Commission recognizes that Swiss data protection law ensures adequate data protection.
Responsibility for the processing of personal data:
Marke graubünden c/o Quant AG
Via Rudi Dadens 12
7018 Flims Waldhaus
Switzerland
We indicate if there are other responsible parties for the processing of personal data in individual cases.
We have the following data protection officer or the following data protection advisor as a contact point for affected individuals and authorities for inquiries related to data protection:
Andrea Beerli
Marke graubünden c/o Quant AG
Via Rudi Dadens 12
7018 Flims Waldhaus
Switzerland
We have the following data protection representation according to Art. 27 GDPR:
VGS Datenschutzpartner GmbH
Am Kaiserkai 69
20457 Hamburg
Germany
The data protection representation serves affected individuals and authorities in the European Union (EU) and in the rest of the European Economic Area (EEA) as an additional contact point for inquiries related to the GDPR.
Personal data are all details that relate to a specific or identifiable natural person. An affected person is a person whose personal data we process.
Processing includes every handling of personal data, regardless of the means and methods used, for example querying, matching, adjusting, archiving, retaining, reading, disclosing, obtaining, recording, collecting, deleting, revealing, arranging, organizing, storing, altering, distributing, linking, destroying, and using personal data.
The European Economic Area (EEA) includes the Member States of the European Union (EU) as well as the Principality of Liechtenstein, Iceland, and Norway. The General Data Protection Regulation (GDPR) refers to the processing of personal data as the processing of personal information.
We process personal data in accordance with Swiss data protection law, in particular the Federal Act on Data Protection (Data Protection Act, DPA) and the Ordinance on Data Protection (Data Protection Ordinance, DPO).
We process – if and to the extent that the General Data Protection Regulation (GDPR) applies – personal data in accordance with at least one of the following legal bases:
We process those personal data that are necessary to be able to carry out our activities and functions permanently, user-friendly, safely and reliably. Such personal data can in particular fall into the categories of inventory and contact data, browser and device data, content data, meta or marginal data and usage data, location data, sales data, and contract and payment data.
We process personal data for the duration that is necessary for the respective purpose or purposes or as required by law. Personal data whose processing is no longer necessary are anonymized or deleted.
We can have personal data processed by third parties. We can process personal data together with third parties or transfer it to third parties. Such third parties are in particular specialized providers whose services we use. We also ensure data protection with such third parties.
We process personal data primarily only with the consent of the affected persons. If and to the extent that processing is permitted for other legal reasons, we can waive obtaining consent. For example, we can process personal data without consent to fulfill a contract, to comply with legal obligations or to safeguard overriding interests.
In this context, we process in particular information that an affected person voluntarily transmits to us when making contact – for example by regular mail, email, instant messaging, contact form, social media or phone. We can store such information, for example, in an address book or with comparable tools. If we receive data about other people, the transmitting persons are obliged to ensure data protection towards these people and to ensure the accuracy of this personal data.
We also process personal data that we obtain from third parties, procure from publicly accessible sources or collect in the course of our activities and functions, provided that such processing is permitted for legal reasons.
We process personal data primarily in Switzerland and the European Economic Area (EEA). However, we may also export or transfer personal data to other countries, especially for processing or having them processed there.
We can export personal data to all countries and territories on Earth and elsewhere in the universe, provided that the local law, according to the decision of the Swiss Federal Council, ensures adequate data protection and – if and as far as the General Data Protection Regulation (GDPR) applies – according to the decision of the European Commission ensures adequate data protection.
We may transfer personal data to countries whose law does not ensure adequate data protection, if data protection is ensured for other reasons, especially based on standard data protection clauses or other appropriate guarantees. Exceptionally, we can export personal data to countries without adequate or suitable data protection if the special data protection requirements are met, for example, the explicit consent of the affected individuals or a direct connection with the conclusion or execution of a contract. Upon request, we are happy to inform affected individuals about any guarantees or provide a copy of any guarantees.
We grant affected individuals all rights according to the applicable data protection law. Specifically, affected individuals have the following rights:
We may delay, limit, or deny the exercise of the rights of affected individuals within the legally permissible framework. We may point out any prerequisites that may need to be met for the exercise of their data protection rights. For instance, we can completely or partially deny information, citing business secrets or the protection of other individuals. Similarly, we may refuse to delete personal data, referring to statutory retention obligations.
Exceptionally, we may charge for the exercise of rights. We will inform affected individuals in advance about any costs.
We are obligated to identify affected individuals who request information or assert other rights using appropriate measures. Affected individuals are obligated to cooperate.
Affected individuals have the right to enforce their data protection claims through legal means or file a complaint with a competent data protection supervisory authority.
The data protection supervisory authority for private controllers and federal bodies in Switzerland is the Federal Data Protection and Information Commissioner (FDPIC).
If and as far as the General Data Protection Regulation (GDPR) applies, affected individuals have the right to file a complaint with a competent European data protection supervisory authority.
We implement appropriate technical and organizational measures to ensure data security commensurate with the respective risk. However, we cannot guarantee absolute data security.
Access to our website is secured using transport encryption (SSL/TLS, especially with the Hypertext Transfer Protocol Secure, abbreviated as HTTPS). Most browsers signify transport encryption with a padlock icon in the address bar.
Our digital communication – like essentially all digital communication – is subject to mass surveillance without cause or suspicion, as well as other monitoring by security agencies in Switzerland, the rest of Europe, the United States of America (USA), and other countries. We cannot directly influence the processing of personal data by intelligence services, police departments, and other security authorities.
We may use cookies. Cookies - be it our own cookies (First-Party-Cookies) or cookies from third parties whose services we use (Third-Party-Cookies) – are data that gets stored in the browser. Such stored data need not be limited to traditional text cookies.
Cookies can be temporarily stored in the browser as "Session Cookies" or for a specific period as so-called permanent cookies. "Session Cookies" are automatically deleted when the browser is closed. Permanent cookies have a specific storage duration. Cookies, in particular, allow recognizing a browser on a subsequent visit to our website, thereby, for instance, measuring the reach of our website. Permanent cookies can also be used for online marketing.
Cookies can be disabled or deleted in the browser settings at any time, either entirely or partially. Without cookies, our website may not be fully available. We request - at least as far and as necessary - active explicit consent for the use of cookies.
For cookies used for success and reach measurement or advertising, a general objection ("Opt-out") for many services is available via AdChoices (Digital Advertising Alliance of Canada), the Network Advertising Initiative (NAI), YourAdChoices (Digital Advertising Alliance), or Your Online Choices (European Interactive Digital Advertising Alliance, EDAA).
For each access to our website, we may record the following details if transmitted by your browser to our server infrastructure or can be determined by our web server: Date and time including time zone, Internet Protocol (IP) address, access status (HTTP status code), operating system including user interface and version, browser including language and version, specific sub-page of our website accessed including the amount of data transferred, the last website accessed in the same browser window (referer or referrer).
We store such details, which can also constitute personal data, in server log files. These details are essential for us to provide our website continuously, user-friendly, and reliably and especially to ensure data security and, in particular, the protection of personal data – even by third parties or with the assistance of third parties.
We may use tracking pixels on our website. Tracking pixels are also referred to as web beacons. Tracking pixels – including those from third parties whose services we utilize – are small, typically invisible images, which are automatically retrieved when visiting our website. The same information as in server log files can be captured using tracking pixels.
We are present on social media platforms and other online platforms to communicate with interested parties and to inform about our activities. In connection with these platforms, personal data may be processed outside of Switzerland and the European Economic Area (EEA).
The general terms and conditions (GTC), privacy policies, and other provisions of the individual platform operators also apply. These provisions in particular inform about the rights of affected individuals directly with the respective platform, including, for example, the right to information.
For our Facebook social media presence, including the so-called page insights, we – to the extent the General Data Protection Regulation (GDPR) applies – share responsibility with Meta Platforms Ireland Limited (Ireland). Meta Platforms Ireland Limited is part of the Meta companies (among others in the USA). Page insights provide information on how visitors interact with our Facebook presence. We use page insights to make our Facebook presence more effective and user-friendly.
Further information about the type, scope, and purpose of data processing, information about the rights of affected individuals, as well as contact details of Facebook and the Facebook data protection officer can be found in the Facebook Privacy Policy. We have concluded the so-called "Addendum for Controllers" with Facebook and have agreed in particular that Facebook is responsible for ensuring the rights of affected individuals. Relevant information regarding page insights can be found on the "Page Insights Information" page including "Information about Page Insights Data".
We use services from specialized third parties to carry out our activities reliably, user-friendly, securely, and efficiently. With such services, we can, for instance, integrate functions and content into our website. Due to technical necessities, the services used at least temporarily capture the Internet Protocol (IP) addresses of users when embedding.
For necessary security-related, statistical, and technical purposes, third parties whose services we use may process data related to our activities in an aggregated, anonymized, or pseudonymized form. This includes performance or usage data to offer the respective service.
We especially use:
We use services from specialized third parties to be able to avail the necessary digital infrastructure in connection with our activities and tasks. This includes, for example, hosting and storage services from selected providers.
We use services from specialized third parties to be able to schedule appointments online, for instance, for meetings. In addition to this privacy policy, the respective terms of the services used, such as terms of use or privacy policies, also apply where directly visible.
We especially use:
We use specialized services for audio and video conferences to communicate online. With these services, we can, for example, hold virtual meetings or conduct online lessons and webinars. The legal texts of the individual services, such as privacy policies and terms of use, apply additionally for participating in audio and video conferences.
We recommend, depending on the situation, to mute the microphone by default when participating in audio or video conferences, as well as to blur the background or use a virtual background.
We especially use:
We use third-party services to enable online collaboration. In addition to this privacy policy, the directly visible terms of the services used, such as terms of use or privacy policies, also apply.
We particularly use:
We use third-party services to embed maps into our website.
We use services from specialized third parties to enable the direct playback of digital audio and video content, such as music or podcasts.
We particularly use:
We utilize the opportunity to display targeted advertisements for our activities and operations on third parties, such as social media platforms and search engines.
With such advertising, we specifically aim to reach individuals who are already interested in our activities and operations or who could potentially be interested (Remarketing and Targeting). For this, we may transmit corresponding - possibly also personal - data to third parties who enable such advertising. We can also determine whether our advertising is successful, particularly whether it leads to visits to our website (Conversion Tracking).
Third parties, where we advertise and where you are registered as a user, may potentially associate your use of our website with your profile there.
We specifically use:
We strive to determine how our online offering is used. In this context, we can, for example, measure the success and reach of our activities and operations as well as the impact of third-party links on our website. We can also experiment and compare how different parts or versions of our online offering are used (the "A/B-Test" method). Based on the results of success and reach measurement, we can, in particular, rectify errors, reinforce popular content, or make improvements to our online offering.
For success and reach measurement, the Internet Protocol (IP) addresses of individual users are stored in most cases. In this instance, IP addresses are fundamentally shortened ("IP-Masking") to comply with the principle of data economy through appropriate pseudonymization.
During success and reach measurement, cookies can be used, and user profiles may be created. Possible user profiles might include, for example, the individual pages visited or content viewed on our website, details about screen size or browser window, and the - at least approximate - location. Fundamentally, any user profiles created are exclusively pseudonymized and are not used to identify individual users. Specific third-party services, where users are registered, may possibly associate the use of our online offering with the user account or user profile of the respective service.
We specifically use:
We have created this privacy policy using the Data Protection Generator from Datenschutzpartner.
We can adjust and supplement this privacy policy at any time. We will inform about such adjustments and additions in an appropriate manner, especially by publishing the current privacy policy on our website.
Legal notice
Publisher and address:
The graubünden brand
Via Nova 37
7017 Flims Dorf
Switzerland
Tel. +41 (0)81 531 34 20
Contacts:
Gieri Spescha, Managing Director
Andrea Beerli, Project Manager
Concept, design and production:
Wirz Communications AG
Uetlibergstrasse 132
P.O. Box
8036 Zürich