Data Protection Policy
Andermatt Swiss Alps AG, Gotthardstrasse 2, 6490 Andermatt is the operator of the website www.andermatt-swissalps.ch and is thus responsible for the collection, processing, and use of your personal data and for the compatibility of data processing with applicable data protection law.
1. Data Protection Policy
This Data Protection Policy was prepared and published by Andermatt Swiss Alps AG, Gotthardstrasse 2, 6490 Andermatt, Switzerland, registered in the Commercial Register of the Canton of Uri under the number CHE-113.632.552. You will also find information on our Group companies on this website. If, in the following, the term „Andermatt Swiss Alps“ is used, it also refers to the following companies in addition to Andermatt Swiss Alps AG:
- Bellevue Hotel & Appartment Management AG (The Chedi Andermatt)
Hotel 4b Management AG (Radisson Blu Reussen Andermatt)
We, i.e. the named companies of the Group, are jointly responsible in terms of data protection law for the collection, processing and use of your personal data and for data processing that is in conformity with the law. Unless otherwise stated below, the entire Andermatt Swiss Alps Group (hereinafter referred to as “Andermatt Swiss Alps”) is always meant.
The term “personal data” means all information that relates to an identified or identifiable natural person. This includes information that makes it possible to draw conclusions about your identity (e.g. information such as name, postal address, email address, and phone numbers).
Because your trust is important to us, we take data protection very seriously and pay special attention to security. We comply with the statutory provisions of the Swiss Federal Act on Data Protection (Bundesgesetz über den Datenschutz, DSG), the Swiss Ordinance to the Federal Act on Data Protection (Verordnung zum Bundesgesetz über den Datenschutz, VDSG), the Swiss Telecommunications Act (Fernmeldegesetz, FMG), and all other applicable data protection provisions of Swiss or EU law, including the EU General Data Protection Regulation (GDPR).
We ask that you take note of the following information so that you will know what personal data we collect from you and the purposes for which we use them. Please note that the following information will be reviewed and amended from time to time. We therefore recommend that you read this Data Protection Policy regularly. Furthermore, for individual instances of data processing listed below, other companies are responsible under data protection law, either solely or jointly with us, meaning that in such cases, the data protection policies of those providers may also be relevant.
2. Contact details of the data controller and the EU representative
If you have any questions about data protection or would like to exercise your rights, please contact our data protection officer:
Andermatt Swiss Alps AG
Datenschutz
Gotthardstrasse 2
6490 Andermatt
Schweiz
datenschutz@andermatt-swissalps.ch
Our EU representative in accordance with Article 27 GDPR is:
MLL EU-GDPR GmbH
Ganghoferstrasse 33
DE – 80339 Munich
andermattswissalpsag@mll-gdpr.com
A. Data processing on the websites
3. Accessing our websites (and associated microsites)
To enable you to establish a connection to our websites or to any microsites, your browser transfers certain data to the servers of our hosting provider, which temporarily records every access in a log file. The following data will be collected without any action on your part and stored by us until it is automatically deleted:
- the IP address of the computer submitting the request,
- the name of the owner of the IP address range,
- the date and time of your request,
- your operating system,
- the name and URL of the retrieved data,
- the website from which our domain was accessed,
- the country from which our websites were accessed,
- the status code,
- the browser that you are using, and
- the transmission protocol being used.
These data are collected and processed for the purpose of facilitating the use of our websites, ensuring continuous system security and stability, and facilitating the optimisation of our website, as well as for statistical purposes.
In addition, in the event of attacks on the network infrastructure or other unauthorised use or misuse of our websites, the IP address is analysed together with other data for the purpose of investigation and defence and, if necessary, is also used in connection with criminal proceedings for the purpose of identifying the user in question and holding him or her civilly or criminally liable.
The purposes described above are to be considered our legitimate interest in data processing within the meaning of Article 6(1)(f) GDPR.
4. Use of our contact form
The contact form feature on our websites enables you to get in contact with us at various points (e.g. for general contact, asking for advice or booking requests). For this feature, we require the following information; mandatory information is marked with an asterisk (*):
- salutation*,
- first and last name*,
- mailing address,
- phone number,
- email address*,
- message*.
We use these data, as well as data voluntarily provided by you, only so that we can respond to your contact enquiry as best as possible and in a personalised manner. The processing of these data is therefore necessary in order to take steps prior to entering into a contract within the meaning of Article 6(1)(b) GDPR or is to be considered our legitimate interest within the meaning of Article 6(1)(f) GDPR.
