The St. Moritz Experience AG, Champfèr - St. Moritz - Engadin Contact  »Deutsch  »
NEWS  » ABOUT US  » INCENTIVE & MEETING SERVICES  » ACTION & FUN  » FILM & PHOTO SERVICES  » REFERENCES  » PARTNER/LINKS  » PHOTO GALLERY  »
PRIVACY STATEMENT

Important legal information

The St. Moritz Experience AG, Via Suot Chesas 8 a, CH-7512 Champfèr (hereinafter also referred to as "we") is the operator of the website www.stmoritz-experience.ch (hereinafter referred to as "our website") and responsible for the collection, processing and use of your personal data.

This privacy policy is intended to inform you of the personal data and information we collect from you on our website and for what purpose we use and evaluate it. We assure you that we take your privacy and data protection seriously, we train our employees and pay attention to appropriate data protection security (with organizational and technical measures). All personal data protected by the FADP and GDPR, which arise during the use of our website or are recorded in the context of the registration, are used exclusively for the fulfillment of the contract, unless you expressly consent for further use or the applicable law legitimizes this.

When dealing with your data, we always comply with the applicable law – we comply with the legal provisions of the totally revised Swiss Federal Act on Data Protection (FADP), the implementing provisions in the new Ordinance to the Federal Act on Data Protection (DPO) and the new Ordinance on Data Protection Certifications. Furthermore, we comply with the Telecommunications Act (TCA) and any other applicable data protection provisions of Swiss or EU law, in particular the EU General Data Protection Regulation (GDPR).

By using our website, you agree to the following terms and conditions.

Responsible body

The responsible body for data protection is:

The St. Moritz Experience AG
Via Suot Chesas 8 a
CH-7512 Champfèr – St. Moritz
info@stmoritz-experience.ch

Disclaimer

Despite the greatest possible care, we assume no liability for the correctness, accuracy, up-to-dateness, reliability and completeness of the information published on our website.

We disclaim all liability (including negligence and liability to third parties) arising out of actual or potential damages, whether material or immaterial, arising out of the access to our website, arising out of the use or inability to use elements of our website, arising through misuse of the connection, through technical malfunctions, through viruses or arising from linking to other websites. We exclude any liability for damages caused by auxiliary persons.

All offers are to be understood as non-binding. We reserve the right to modify, supplement or delete parts of the pages or the entire offer without prior notice.

Liability for links to other websites

To provide you with further useful information, our website contains links to third-party websites or extracts from third-party websites within our website. How these providers handle the personal information collected on their website is beyond our control and responsibility. We also assume no liability for the access, content, functioning and use of these websites. The access to a website via these links or excerpts is at your own risk.

Copyright

The entire content of our website is protected by copyright or other rights and belongs exclusively to us or the designated legal owners. The elements on our website are freely accessible only for browsing purposes. The full or partial reproduction, modification, use or redistribution of any part of our website requires the prior written consent of the copyright holder.

Anyone who commits a copyright infringement without the consent of the respective rights holder may be liable to prosecution and may be liable to damages.

Collection, processing and use of your personal data

Personal data is any information that is used to identify you and which can be traced back to you (e.g., name, postal address, telephone number, e-mail address).

A data subject is someone whose personal data is processed. Processing includes all actions with personal data, such as in particular the storage, disclosure, collection, procurement, deletion, storage, modification, destruction and use of personal data. We process personal data in accordance with the statutory data protection regulations.

Unless otherwise stated in the following sections, no personal data is collected, processed or used when you visit or use our website. We only ask you for personal information where this is necessary for communication with you or for the execution of services offered.

Through the use of analysis and tracking tools, however, we receive certain technical information that is generated on the basis of the data transmitted by your browser (such as browser type and version, operating system used, web pages visited on our site including dwell time). This information is evaluated exclusively for statistical purposes.

When accessing our website (www.stmoritz-experience.ch)

When you visit our website, our servers temporarily store every access in a log file. As with every connection to a web server, the following data is automatically collected and stored by our hoster (Internet service provider):

  • IP address of the requesting computer
  • Date and time of access
  • Name and URL of the retrieved file
  • Website from which access was made
  • Operating system of the requesting computer
  • Browser used (type, version and language)
  • Country from which the access was made

The collection and processing of this data will enable the use of our website (connection establishment), which will ensure system security and stability and enable the further development of our online offering as well as internal statistical evaluations. This is our legitimate interest in the data processing. In the event of unauthorized or abusive website use, the IP address can be evaluated together with other data for clarification. When visiting our website, we also use so-called pixels and cookies for the use of web analysis services.

Sharing of your data with third parties

We would like to assure you that we will only share your personal information if there is a legal obligation, if you have expressly consented or if we have a legitimate interest (for example, to enforce our rights). We only disclose your data to third parties as far as this is within the scope of using the website for the provision of the services requested by you (for example, hosters or companies with whom we offer the offers on our website (e.g., for bookings, purchase, rent, etc .)) as well as for the analysis of your user behavior.

When sharing data with third parties, we provide sufficient contractual guarantees that such a third party protects the personal data in accordance with legal requirements and uses the personal data exclusively in our interest.

Transfer of personal data abroad

For the purpose of the data processing listed in this privacy policy, we are permitted to also transfer your personal data to third parties (contracted service providers) abroad. They are obliged to maintain the same level of data protection as we have. If the level of data protection in a country does not correspond to that of Switzerland or the EU, we contractually ensure that the protection of your personal data meets the level of protection in Switzerland or in the EU at all times.

Note on data transfer to the USA

Users who are residing or having their registered office in Switzerland should note that in the USA surveillance measures by the US authorities are in place which generally allow the storage of all personal data of any individual whose data were transmitted from Switzerland to the USA. This is done without any differentiation, restriction or exception on the basis of the objective pursued and without any objective criteria that would limit the US authorities' access to the data and its subsequent use to very specific, strictly limited purposes that would justify the intervention associated with access to and use of these data. We also point out that in the United States there are no legal remedies available for data subjects from Switzerland allowing them to access their data or request that it be rectified or erased and that no effective legal protection against the general access rights of the US authorities exists. We explicitly inform the data subjects about this legal and factual situation in order to enable them to make a properly informed decision on giving their consent to the use of their data.

We inform users residing in an EU Member State that from the EU's point of view, the US does not have an adequate level of data protection, partly due to the issues mentioned in this section. With regard to US-based recipients of data (such as Facebook, Twitter) referred to in this data privacy policy, we ensure, either by means of contractual arrangements with those companies or by ensuring that they are certified under the EU or Swiss-US Privacy Shield, that your data are adequately protected while in the custody of our partners.

Data security

In order to ensure the security of your personal data (for example, against manipulation, against loss and against unauthorized access by third parties), we have implemented a large number of technical and organizational security measures and are constantly developing these. However, we cannot guarantee absolute data security. Our employees and the service companies commissioned by us have been obliged by us to secrecy and to comply with the data protection regulations.

You should always keep your information confidential and close the browser window when you stop communicating with us, especially if you use the computer together with other users.

SSL/TLS encryption

For security reasons and to protect the transmission of confidential information (e.g., in the payment process or when sending us orders or requests), our website uses SSL/TLS encryption. You can recognize an encrypted connection when the address line of the browser changes from "http://" to "https://" and when you see the lock symbol in your browser line. If SSL or TLS encryption is enabled, the data you submit to us cannot be read by third parties.

Cookies

By using cookies, we can provide users of our website with more user-friendly services that would not be possible without the cookie setting. Cookies are information files that your Internet browser automatically saves to your computer's hard drive when you visit our website. Cookies neither damage the hard disk of your computer nor are personal data transmitted by these cookies.

For example, we use cookies to temporarily store your selected services and submissions when filling out a form on the website, so that you do not have to repeat the entry when you access another subpage. As another example we would like to mention the cookie of an online shopping cart. The online shop remembers the items that you have placed in the virtual shopping cart via a cookie. Cookies may also be used in order to be able to recognize you as a registered user after registering on the website without having to log in again when accessing another subpage.

Cookies are stored in the browser either as "session cookies" or "permanent cookies". "Session cookies" delete themselves automatically when the browser is closed. Permanent cookies have a specific storage period. They enable the browser to be recognized the next time you visit our website and are used, for example, to measure reach.

In general, you can object to the use of cookies for online marketing purposes, in particular tracking, in general (so-called "opt-out"). This is possible, for example, via the following US service https://optout.aboutads.info/?c=2&lang=EN or the EU website https://www.youronlinechoices.com. Detailed information on the opt-out options can be found at the respective providers and their data protection provisions. In addition, the storage of cookies can be prevented by deactivating them in the browser settings. Please note that this may impair certain functions of our online offering.

Tracking tools

Through the use of tracking tools, your surfing behavior is monitored for the purpose of the needs-based design and continuous optimization of our website. In this context, pseudonymized usage profiles are created and small text files stored on your computer ("cookies") are used.

For this purpose, third-party entrepreneurs can also use permanent cookies or similar technologies. The third-party entrepreneur does not receive any personal data from us, but can track your use of our website, combine this information with data from other websites that you have visited and are also tracked by the third-party entrepreneur, and use these findings for their own purposes (e.g., advertising).

The processing of your personal data by the third-party entrepreneur then takes place in the responsibility of the service provider according to its data protection regulations. The following tracking tools are used on our website:

Google Analytics with IP anonymization

We use Google Analytics on our website, a web analytics service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google"). We use Google Analytics with activation of IP anonymization ("anonymizeIP").

Google Analytics uses cookies that are stored on your computer, allowing us to analyze the website usage. The following information generated by these cookies, including your anonymized IP address, is transmitted to Google:

  • Returning or new visitor
  • Length of time spent on the website or subpage
  • Navigation path that you follow on the site
  • The subpage on which the website will be left
  • The country, region or city from where access is made
  • Terminal device (type, version, color depth, resolution, width and height of the browser window)

Google will process this information in order to evaluate your use of our website, to compile reports on website activity for us, and to provide other services related to website activity and Internet usage. Google will also transfer this information to third parties if required by law or if third parties process this data on behalf of Google. Google does not claim to link your IP address to any other data provided by Google. For more information, see the Google Analytics Privacy Policy: https://support.google.com/analytics/answer/6004245?hl=en

You can prevent the installation of cookies by configurating your browser software accordingly. We point out, however, that you may not be able to use all the features of our website if you do so. Instructions on how to prevent the processing of your data by the web analytics service Google Analytics can be found at https://tools.google.com/dlpage/gaoptout?hl=en

Google Tag Manager

We use the Google Tag Manager from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google"). With the help of this Google service, website tags can be managed via an interface. The Google Tag Manager tool only implements tags, i.e. no cookies are used and no personal data is collected. The Google Tag Manager takes care of triggering other tags, which in turn may collect data. However, Google Tag Manager does not access this data. If a deactivation has been made at the domain or cookie level, this remains in place for all tracking tags implemented with Google Tag Manager.

For more information, see Google's privacy policy: https://policies.google.com/privacy and at https://marketingplatform.google.com/about/analytics/tag-manager/use-policy

Legal basis for the processing of personal data

Our processing of personal data is carried out within the framework of Swiss data protection law, in particular in accordance with the Federal Act on Data Protection (Data Protection Act, FADP) and the Ordinance on Data Protection (Data Protection Ordinance, DPO). If and to the extent that the General Data Protection Regulation (GDPR) is applicable, the processing of personal data is carried out in accordance with the GDPR legal basis.

In general, the following articles serve as legal bases for the processing of personal data by us:

Article 13 (2) (a) FADP (processing directly related to the implementation of pre-contractual measures or the performance of a contract, corresponds to Article 6 (1) (b) EU GDPR).

Article 13 (1) FADP (consent of the data subject or obligation to process by law, corresponds to Article 6 (1) (a) EU GDPR).

Article 13 (1) FADP (corresponds to Article 6 (1) (f) EU GDPR) Processing of personal data in order to protect the legitimate interests of us or of third parties, provided that this does not override the fundamental freedoms and rights and interests of the data subject. These legitimate interests include, in particular, our business interest in being able to provide our website, information security, the enforcement of our own legal claims and compliance with Swiss law. Processing of your personal data by other companies within the group also takes place in accordance with Article 13 (1) FADP (corresponds to Article 6 (1) (f) EU GDPR).

Profiling and automated decision-making

No profiling or automated decision-making takes place either in our company or with third parties commissioned by us. Profiling is described as customer data that is processed automatically to evaluate personal aspects such as economic situation, health, interests, behavior etc.

Retention of data

We store personal data only as long as necessary, e.g. for tracking and analysis services in legitimate interest or legal obligations. We keep user account master data indefinitely, but you can request deletion. For unregistered orders, we delete master data after the warranty period or end of service, unless retention obligations apply. We retain contract data for up to 10 years in accordance with billing and tax regulations. After the end of use, data is blocked and used only for billing and tax purposes.

Rights of data subjects

Data subjects receive from us all the rights to which they are entitled under the applicable data protection provisions.

Right to confirmation and right to information: You have the right to receive information about whether and which personal data about you are processed by us. Furthermore, data subjects have the right to be provided with the necessary information to assert their claims under data protection law and to ensure transparency. This includes not only the personal data processed, but also information about the purpose of processing, the retention period, possible onward transfers or transfers of data to other countries and the origin of the personal data.

Right to rectification and right to restriction of processing: you have the right to have inaccurate personal data rectified, to have incomplete data completed and to have the processing of your data restricted.

Right to withdraw your consent to the processing of non-mandatory personal data and right to erasure: You have the right to request the erasure of your personal data ("right to be forgotten") and to revoke the future processing of your personal data.

Right to object: You may object to the processing of your personal data at any time.

Right to data disclosure and right to data portability: You have the right to request the disclosure of the personal data in question in a structured, common and machine-readable format or to request the transfer of your data to another data controller.

Personal data is processed for the period of time required for the specific purposes in question. If longer retention obligations exist due to legal or other obligations to which we are subject, we limit the processing accordingly.

As permitted by law, we reserve the right to defer, restrict or refuse the exercise of data subjects' rights. For example, we may legally refuse to delete if your personal data is still needed for the original purposes (e.g., if you continue to receive a service from us), if the processing is based on a compelling legal basis (e.g., legal accounting requirements), or if we have an overriding interest of our own (e.g., in the event of a dispute with the data subject).

We are required to ensure that individuals who request information or wish to exercise other rights are appropriately identified. Data subjects are obliged to cooperate.

Right of complaint to a data protection supervisory authority

Data subjects have the right to enforce their data protection claims through legal channels or to complain to a competent data protection supervisory authority. The supervisory authority for data protection in Switzerland is the Federal Data Protection and Information Commissioner (FDPIC).

Jurisdiction and applicable law

This privacy policy, along with any agreements stemming from or associated with it, are subject to Swiss law, unless the laws of another state is mandatory. Any legal disputes will be settled in the jurisdiction where the website operator is located, unless a different jurisdiction is legally mandated.

Final provisions

If individual parts of this privacy policy are found to be invalid, the validity of the remaining sections of the privacy policy remains unaffected. We reserve the right to modify this privacy policy to reflect changes to our website, offerings, or new legal or regulatory requirements. The current privacy policy is always published on our website.


Updated: September 2023

The St. Moritz Experience AG · CH-7512 Champfèr-St. Moritz
Phone +41 (0)81 833 77 14 · Fax +41 (0)81 832 22 93
info@stmoritz-experience.ch
Swiss Outdoor AssociationInternationale Vereinigung der Bergführerverbände - Canyoning