Privacy Policy

With this Privacy Policy, we inform you about the processing of personal data in connection with our activities and operations, including our website under the domain name aparthotel-davos.ch. In particular, we explain for what purpose, how, and where we process which personal data. We also inform about the rights of individuals whose data we process.

For individual or additional activities and operations, we may publish further privacy policies or other data protection information.

We are subject to Swiss law as well as any applicable foreign law, in particular that of the European Union (EU) with the European General Data Protection Regulation (GDPR).

The European Commission recognized in its decision of 26 July 2000 that Swiss data protection law ensures an adequate level of data protection. In its report of 15 January 2024, the European Commission confirmed this adequacy decision.

1. Contact Addresses
- 1.1 Data Protection Officer or Data Protection Advisor
- 1.2 Data Protection Representative in the European Economic Area (EEA)
2. Terms and Legal Bases
- 2.1 Terms
- 2.2 Legal Bases
3. Type, Scope, and Purpose of Processing Personal Data
4. Disclosure of Personal Data
5. Communication
6. Applications
7. Data Security
8. Personal Data Abroad
9. Rights of Data Subjects
- 9.1 Data Protection Claims
- 9.2 Legal Remedies
10. Use of the Website
11. Notifications and Communications
12. Social Media
13. Third-Party Services
14. Extensions for the Website
15. Success and Reach Measurement
16. Final Notes on the Privacy Policy

1. Contact Addresses

The controller within the meaning of data protection law is:

Muchetta Immo-Invest AG
Aussergasse 18
7494 Davos Wiesen
Switzerland

muchetta@aparthotel-davos.ch

In individual cases, third parties may be responsible for processing personal data, or joint responsibility with third parties may exist. We will gladly provide information about the respective responsibility upon request by affected persons.

1.1 Data Protection Officer or Data Protection Advisor

We have the following Data Protection Officer or Data Protection Advisor as a contact point for data subjects and authorities in relation to data protection inquiries:

Sylvia Bärtschi
Muchetta Immo-Invest AG
Aussergasse 18
7494 Davos Wiesen
Switzerland

sylvia.baertschi@aparthotel-davos.ch

1.2 Data Protection Representative in the European Economic Area (EEA)

We have the following data protection representative in accordance with Art. 27 GDPR:

VGS Datenschutzpartner GmbH
Am Kaiserkai 69
20457 Hamburg
Germany

muchetta@aparthotel-davos.ch

The data protection representative serves as an additional contact point for data subjects and authorities in the European Union (EU) and the rest of the European Economic Area (EEA) for inquiries relating to the GDPR.

2. Terms and Legal Bases

2.1 Terms

Data Subject: A natural person whose personal data we process.

Personal Data: All information relating to an identified or identifiable natural person.

Special Categories of Personal Data: Data relating to trade union, political, religious, or ideological views and activities; data relating to health, privacy, or membership of an ethnic group or race; genetic data; biometric data that uniquely identifies a natural person; data concerning criminal and administrative sanctions or prosecutions; and data concerning social welfare measures.

Processing: Any handling of personal data, regardless of the methods and procedures used, such as querying, matching, adjusting, archiving, retaining, reading, disclosing, obtaining, collecting, recording, deleting, revealing, sorting, organizing, storing, altering, disseminating, linking, destroying, and using personal data.

European Economic Area (EEA): Member states of the European Union (EU) as well as the Principality of Liechtenstein, Iceland, and Norway.

2.2 Legal Bases

We process personal data in accordance with Swiss law, in particular the Federal Act on Data Protection (Data Protection Act, FADP) and the Ordinance on Data Protection (Data Protection Ordinance, DPO).

We process personal data – where and to the extent that the European General Data Protection Regulation (GDPR) applies – in accordance with at least one of the following legal bases:

Art. 6 para. 1 lit. b GDPR for the processing of personal data necessary for the performance of a contract with the data subject and for carrying out pre-contractual measures.
Art. 6 para. 1 lit. f GDPR for the processing of personal data necessary to safeguard legitimate interests – including the legitimate interests of third parties – provided that the fundamental freedoms, fundamental rights, and interests of the data subject do not prevail. Such interests include, in particular, the permanent, user-friendly, secure, and reliable conduct of our activities and operations, ensuring information security, protection against misuse, enforcement of our own legal claims, and compliance with Swiss law.
Art. 6 para. 1 lit. c GDPR for the processing of personal data necessary to comply with a legal obligation to which we are subject under applicable law of member states in the European Economic Area (EEA).
Art. 6 para. 1 lit. e GDPR for the processing of personal data necessary for the performance of a task carried out in the public interest.
Art. 6 para. 1 lit. a GDPR for the processing of personal data with the consent of the data subject.
Art. 6 para. 1 lit. d GDPR for the processing of personal data necessary to protect the vital interests of the data subject or another natural person.
Art. 9 para. 2 ff. GDPR for the processing of special categories of personal data, in particular with the consent of the data subjects.

The European General Data Protection Regulation (GDPR) refers to the processing of personal data as the processing of personal data and the processing of special categories of personal data as the processing of special categories of personal data (Art. 9 GDPR).

3. Type, Scope, and Purpose of Processing Personal Data

We process those personal data that are necessary in order to carry out our activities and operations on a permanent, user-friendly, secure, and reliable basis. The processed personal data may, in particular, fall into the categories of browser and device data, content data, communication data, metadata, usage data, master data including inventory and contact data, location data, transaction data, contract data, and payment data. Personal data may also include special categories of personal data.

We also process personal data that we receive from third parties, obtain from publicly accessible sources, or collect in the course of our activities and operations, to the extent such processing is permissible.

We process personal data, where required, with the consent of the data subjects. In many cases, however, we may process personal data without consent, for example in order to comply with legal obligations or to safeguard overriding interests. We may also seek the consent of data subjects where their consent is not necessary.

We process personal data for the duration required for the respective purpose. We anonymize or delete personal data in particular depending on statutory retention and limitation periods.

4. Disclosure of Personal Data

We may disclose personal data to third parties, have it processed by third parties, or process it jointly with third parties. Such third parties may include, for example, specialized providers whose services we use.

In the course of our activities and operations, we may in particular disclose personal data to banks and other financial service providers, authorities, educational and research institutions, advisors and lawyers, interest groups, IT service providers, cooperation partners, credit and business information agencies, logistics and shipping companies, marketing and advertising agencies, media, parent, sister, and subsidiary companies, organizations and associations, social institutions, telecommunications companies, insurance companies, and payment service providers.

5. Communication

We process personal data in order to communicate with individuals as well as with authorities, organizations, and companies. In doing so, we process in particular data that a data subject provides to us when making contact, for example by postal mail or email. We may store such data in an address book or using comparable tools.

Third parties who provide us with data about other individuals are required to ensure data protection for those affected individuals independently. In particular, they must ensure that such data are accurate and may be transmitted.

We use selected services from suitable providers to enable and improve communication with individuals and other communication partners. With such services, we may also manage and otherwise process the data of the data subjects beyond direct communication.

6. Applications

We process personal data about applicants to the extent necessary to assess their suitability for an employment relationship or for the subsequent performance of an employment contract. The required personal data result in particular from the requested details, for example in the context of a job advertisement. We may publish job advertisements with the help of suitable third parties, for example in electronic and print media or on job portals and job platforms.

We also process personal data that applicants provide voluntarily or publish, in particular as part of cover letters, CVs, and other application documents as well as online profiles.

We process – where and to the extent that the General Data Protection Regulation (GDPR) applies – personal data about applicants, in particular pursuant to Art. 9 para. 2 lit. b GDPR.

7. Data Security

We take appropriate technical and organizational measures to ensure data security that is adequate to the respective risk. With our measures, we ensure in particular the confidentiality, availability, traceability, and integrity of the processed personal data, but we cannot guarantee absolute data security.

Access to our website and our other digital presence takes place by means of transport encryption (SSL / TLS, in particular with the Hypertext Transfer Protocol Secure, abbreviated HTTPS). Most browsers warn against visiting a website without transport encryption.

Our digital communication is subject – as is generally the case with any digital communication – to mass surveillance without cause and suspicion by security authorities in Switzerland, in the rest of Europe, in the United States of America (USA), and in other countries. We have no direct influence on the corresponding processing of personal data by intelligence services, police authorities, and other security agencies. Nor can we rule out that an affected person is specifically monitored.

8. Personal Data Abroad

We generally process personal data in Switzerland and in the European Economic Area (EEA). However, we may also export or transfer personal data to other countries, in particular to process it there or have it processed there.

We may export personal data to all countries on Earth and elsewhere in the universe, provided that the law applicable there guarantees adequate data protection according to the decision of the Swiss Federal Council and – where and to the extent that the General Data Protection Regulation (GDPR) applies – also according to the decision of the European Commission.

We may transfer personal data to countries whose laws do not guarantee adequate data protection, provided that data protection is guaranteed for other reasons, in particular on the basis of standard data protection clauses or with other suitable safeguards. In exceptional cases, we may export personal data to countries without adequate or appropriate data protection if the special data protection requirements are met, for example with the explicit consent of the data subjects or in direct connection with the conclusion or execution of a contract. Upon request, we will be happy to provide data subjects with information about any guarantees or provide a copy of any such guarantees.

9. Rights of Data Subjects

9.1 Data Protection Claims

We grant data subjects all rights under applicable law. In particular, data subjects have the following rights:

Access: Data subjects may request information as to whether we process personal data about them and, if so, which personal data. Data subjects also receive the information necessary to assert their data protection rights and to ensure transparency. This includes the processed personal data as such, but also information about the purpose of processing, the duration of storage, any disclosure or transfer of data to other countries, and the origin of the personal data.
Rectification and Restriction: Data subjects may have incorrect personal data corrected, incomplete data completed, and the processing of their data restricted.
Opportunity to present their own position and human review: Data subjects may, in the case of decisions based solely on automated processing of personal data that have legal effects on them or significantly affect them (automated individual decisions), present their own position and request review by a human.
Erasure and Objection: Data subjects may have personal data erased (“right to be forgotten”) and object to the processing of their data with effect for the future.
Data Portability: Data subjects may request the release of personal data or the transfer of their data to another controller.

We may defer, restrict, or refuse the exercise of data subjects’ rights within the legally permissible framework. We may inform data subjects of any conditions that must be met to exercise their data protection rights. For example, we may refuse disclosure in whole or in part with reference to confidentiality obligations, overriding interests, or the protection of other persons. Likewise, we may refuse the deletion of personal data, in particular with reference to statutory retention obligations, in whole or in part.

We may provide for costs for the exercise of rights in exceptional cases. We will inform data subjects in advance of any such costs.

We are obliged to identify data subjects who request information or assert other rights by appropriate measures. Data subjects are obliged to cooperate.

9.2 Legal Remedies

Data subjects have the right to enforce their data protection rights in court or to lodge a report or complaint with a data protection supervisory authority.

The data protection supervisory authority for private controllers and federal bodies in Switzerland is the Federal Data Protection and Information Commissioner (FDPIC).

European data protection supervisory authorities are organized as members of the European Data Protection Board (EDPB). In some member states of the European Economic Area (EEA), data protection supervisory authorities have a federal structure, in particular in Germany.

10. Use of the Website

10.1 Cookies

We may use cookies. Cookies – our own cookies (first-party cookies) as well as cookies from third parties whose services we use (third-party cookies) – are data stored in the browser. Such stored data does not have to be limited to traditional text-form cookies.

Cookies may be stored in the browser temporarily as “session cookies” or for a certain period as so-called permanent cookies. “Session cookies” are automatically deleted when the browser is closed. Permanent cookies have a defined storage period. Cookies make it possible, in particular, to recognize a browser during a subsequent visit to our website and thereby, for example, measure the reach of our website. Permanent cookies may also be used, for example, for online marketing.

Cookies may be deactivated, restricted, or deleted in full or in part in the browser settings at any time. Browser settings often also allow for automated deletion and other management of cookies. Without cookies, our website may no longer be fully available. We actively request – at least if and insofar as required under applicable law – your explicit consent to the use of cookies.

For cookies used for performance and reach measurement or for advertising, a general objection (“opt-out”) is possible for numerous services through AdChoices (Digital Advertising Alliance of Canada), the Network Advertising Initiative (NAI), YourAdChoices (Digital Advertising Alliance), or Your Online Choices (European Interactive Digital Advertising Alliance, EDAA).

10.2 Logging

We may log at least the following information for every access to our website and other digital presence, provided it is transmitted to our digital infrastructure during such access: date and time including time zone, IP address, access status (HTTP status code), operating system including user interface and version, browser including language and version, specific subpage of our website accessed including transmitted data volume, last website visited in the same browser window (referer).

We log such information, which may also constitute personal data, in log files. This information is necessary to be able to provide our digital presence on a permanent, user-friendly, and reliable basis. This information is also necessary to ensure data security – including by third parties or with the help of third parties.

10.3 Tracking Pixels

We may integrate tracking pixels into our digital presence. Tracking pixels are also referred to as web beacons. Tracking pixels – including those from third parties whose services we use – are typically small, invisible images or JavaScript scripts that are automatically retrieved when accessing our digital presence. Tracking pixels can capture at least the same information as logged in log files.

11. Notifications and Communications

11.1 Performance and Reach Measurement

Notifications and communications may contain web links or tracking pixels that record whether an individual communication has been opened and which web links were clicked. Such web links and tracking pixels can also record the use of notifications and communications on a personal basis. We require this statistical recording of usage for performance and reach measurement in order to send notifications and communications effectively and user-friendly, as well as on a permanent, secure, and reliable basis, tailored to the needs and reading habits of the recipients.

11.2 Consent and Objection

You must generally consent to the use of your email address and your other contact details, unless the use is permitted for other legal reasons. For obtaining double-confirmed consent, we may use the “double opt-in” procedure. In this case, you will receive a message with instructions for double confirmation. We may log obtained consents, including IP address and timestamp, for evidentiary and security reasons.

You may generally object at any time to receiving notifications and communications such as newsletters. With such an objection, you may at the same time object to the statistical recording of usage for performance and reach measurement. Necessary notifications and communications in connection with our activities and operations remain reserved.

11.3 Service Providers for Notifications and Communications

We send notifications and communications with the help of specialized service providers.

In particular, we use:

Mailchimp: communication platform; provider: The Rocket Science Group LLC DBA Mailchimp (USA) as a subsidiary of Intuit Inc. (USA); information on data protection: privacy statement (Intuit), including “Country and Region-Specific Terms”, “Mailchimp Privacy FAQs”, “Mailchimp and European Data Transfers”, “Security”, cookie policy, “Privacy Rights Requests”, “Legal Terms”.

We are present on social media platforms and other online platforms to communicate with interested parties and to provide information about our activities and operations. In connection with such platforms, personal data may also be processed outside Switzerland and the European Economic Area (EEA).

The general terms and conditions (GTC), terms of use, privacy policies, and other provisions of the individual platform operators also apply. These provisions in particular inform data subjects about their rights directly vis-à-vis the respective platform, including, for example, the right of access.

For our social media presence on Facebook, including the so-called Page Insights, we are – if and insofar as the General Data Protection Regulation (GDPR) applies – jointly responsible with Meta Platforms Ireland Limited (Ireland). Meta Platforms Ireland Limited is part of the Meta Companies (including in the USA). Page Insights provide insights into how visitors interact with our Facebook presence. We use Page Insights in order to be able to provide our social media presence on Facebook effectively and user-friendly.

Further information about the type, scope, and purpose of data processing, information about the rights of data subjects, as well as the contact details of Facebook and Facebook’s data protection officer can be found in the Facebook privacy policy. We have entered into the so-called “Controller Addendum” with Facebook and have in particular agreed that Facebook is responsible for ensuring the rights of data subjects. For the so-called Page Insights, the relevant information can be found on the page “Information about Page Insights”, including “Information about Page Insights Data”.

13. Third-Party Services

We use services from specialized third parties in order to be able to carry out our activities and operations on a permanent, user-friendly, secure, and reliable basis. With such services, we can embed functions and content into our website, among other things. In the case of such embedding, the services used necessarily record at least temporarily the IP addresses of the users for technical reasons.

For necessary security-related, statistical, and technical purposes, third parties whose services we use may process data in connection with our activities and operations in an aggregated, anonymized, or pseudonymized form. This may include, for example, performance or usage data in order to be able to provide the respective service.

In particular, we use:

Google Services: Providers: Google LLC (USA) / Google Ireland Limited (Ireland), partly for users in the European Economic Area (EEA) and Switzerland; general information on data protection: “Privacy and Security Principles”, “More information on how Google uses personal data”, Privacy Policy, “Google’s commitment to comply with applicable data protection laws”, “Privacy Guide for Google Products”, “How we use data from sites or apps that use our services”, Cookie Policy, “Ads you can control” (settings for personalized advertising).

13.1 Digital Infrastructure

We use services from specialized third parties to obtain the digital infrastructure required in connection with our activities and operations. This includes, for example, hosting and storage services from selected providers.

In particular, we use:

exigo: Hosting; provider: exigo ag (Switzerland); data protection information: Privacy Policy, “Data Protection / Security”.
METANET: Hosting; provider: METANET AG (Switzerland); data protection information: Privacy Policy, “Legal Information” including “Technical and Organizational Measures”.
WordPress.com: Blog hosting and website builder; providers: Automattic Inc. (USA) / Aut O’Mattic A8C Ireland Ltd. (Ireland) for users in Europe, among others; data protection information: Privacy Policy, Cookie Policy.

13.2 Maps

We use services from third parties to embed maps into our website.

In particular, we use:

Google Maps, including Google Maps Platform: mapping service; provider: Google; Google Maps-specific information: “How Google uses location information”.

13.3 Fonts

We use services from third parties to embed selected fonts as well as icons, logos, and symbols into our website.

In particular, we use:

Google Fonts: fonts; provider: Google; Google Fonts-specific information: “Your Privacy and Google Fonts”, “Privacy and Data Collection” (Google Fonts).

13.4 E-Commerce

We operate e-commerce and use third-party services to successfully offer services, content, or goods.

13.5 Payments

We use specialized service providers to process payments securely and reliably. The legal texts of the individual providers, such as general terms and conditions (GTC) or privacy policies, also apply to payment processing.

In particular, we use:

Nexi: credit card payment processing; providers: Nexi S.p.A. (Italy) and other companies of the Nexi Group; data protection information: Privacy Policy, “Data Protection Information for Cardholders”.
PostFinance: payment processing; provider: PostFinance AG (Switzerland); data protection information: “Legal Notice and Accessibility”, “Data Protection” (including privacy policies).
Worldline: payment processing, in particular with mobile payment solutions; providers: Worldline SA (France), Worldline Schweiz AG (Switzerland), and other Worldline companies worldwide (including the USA); data protection information: Privacy Policy, “Responsible Disclosure Program”, Cookie Policy.

13.6 Advertising

We use the option of placing targeted advertising with third parties, such as social media platforms and search engines, for our activities and operations.

With such advertising, we particularly aim to reach individuals who are already interested in or might be interested in our activities and operations (remarketing and targeting). For this purpose, we may transmit relevant – possibly also personal – data to third parties that enable such advertising. We may also determine whether our advertising is successful, in particular whether it leads to visits to our website (conversion tracking).

Third parties with whom we advertise and with whom you as a user are registered may possibly assign the use of our website to your profile there.

In particular, we use:

Google Ads: search engine advertising; provider: Google; Google Ads-specific information: advertising based, among other things, on search queries, whereby various domain names – in particular doubleclick.net, googleadservices.com, and googlesyndication.com – are used for Google Ads, Privacy Policy for Advertising, “Manage ads directly through Ads”.
Meta Ads: social media advertising on Facebook and Instagram; providers: Meta Platforms Ireland Limited (Ireland) and other Meta companies (including in the USA); data protection information: targeting, including retargeting, in particular with the Meta Pixel and with Custom Audiences, including Lookalike Audiences, Privacy Policy, “Ad Preferences” (login required).

14. Website Extensions

We use extensions for our website in order to utilize additional functions. We may use selected services from suitable providers or operate such extensions on our own digital infrastructure.

In particular, we use:

Google reCAPTCHA: spam protection (distinguishing between desired content from humans and unwanted content from bots and spam); provider: Google; Google reCAPTCHA-specific information: “What is reCAPTCHA?”.

15. Success and Reach Measurement

We strive to measure the success and reach of our activities and operations. In this context, we may also measure the effectiveness of third-party references or test how different parts or versions of our digital presence are used (“A/B testing” method). Based on the results of success and reach measurement, we may in particular correct errors, strengthen popular content, or make improvements.

For success and reach measurement, the IP addresses of individual users are in most cases recorded. In this case, IP addresses are generally shortened (“IP masking”) in order to follow the principle of data minimization through the corresponding pseudonymization.

In success and reach measurement, cookies may be used and user profiles created. Such user profiles may include, for example, the individual pages visited or content viewed on our digital presence, information about the size of the screen or browser window, and the – at least approximate – location. As a rule, any user profiles created are exclusively pseudonymized and not used to identify individual users. Certain third-party services where users are registered may possibly assign the use of our online offering to the user account or profile with the respective service.

In particular, we use:

Google Marketing Platform: success and reach measurement, in particular with Google Analytics; provider: Google; Google Marketing Platform-specific information: measurement also across different browsers and devices (cross-device tracking) with pseudonymized IP addresses, which are only exceptionally transmitted in full to Google in the USA, Privacy Policy for Google Analytics, “Browser add-on to deactivate Google Analytics”.
Google Tag Manager: integration and management of Google and third-party services, in particular for success and reach measurement; provider: Google; Google Tag Manager-specific information: Privacy Policy for Google Tag Manager; further information on data protection can be found in the individual services integrated and managed.

16. Final Notes on the Privacy Policy

We created this privacy policy with the privacy policy generator from Datenschutzpartner . The present privacy policy is an unofficial translation from the original German version.

We may update this privacy policy at any time. We will inform about updates in an appropriate manner, in particular by publishing the current privacy policy on our website.

Cookie	Duration	Description
_GRECAPTCHA	1 year	This cookie is set by Google. In addition to certain standard Google cookies, reCAPTCHA sets a necessary cookie (_GRECAPTCHA) when running for the purpose of providing its risk analysis.
cli_user_preference	1 year	Preserves cookie consents for the current domain.
cookielawinfo-checkbox-analytics	1 year	The cookie is set by GDPR cookie consent to record the user's consent for the "analytics" category cookies.
cookielawinfo-checkbox-functional	1 year	The cookie is set by GDPR cookie consent to record user consent for the "Functional" category cookies.
cookielawinfo-checkbox-necessary	1 year	The cookie is set by GDPR cookie consent to record the user's consent for the "Necessary" category cookies.
CookieLawInfoConsent	1 year	The cookie is set by the GDPR Cookie Consent plugin and records the standard button status of the relevant category & the status of the CCPA. It only works in coordination with the primary cookie.
pll_language	1 year	The cookie is used by Polylang to remember the language selected by the user when returning to the website and also to preserve the language information when it is not otherwise available.
rc::a	Persistent	This cookie is used to distinguish between humans and bots. This is beneficial for the website to create valid reports on the usage of their website.
rc::b	Session	This cookie is used to distinguish between humans and bots.
rc::c	Session	This cookie is used to distinguish between humans and bots.
SEARCH_SAMESITE	4 months	This cookie is used to prevent the browser from sending this cookie along with cross-site requests.
viewed_cookie_policy	1 year	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not the user has consented to the use of cookies. It does not store any personal data.
what-input	Session	Is used internally to differentiate between the different input types of the devices.
what-intent	Session	Is used internally to differentiate between the different input types of the devices.
wordpress_test_cookie	Session	This cookie is used by WordPress to check if cookies are enabled in the browser.

Cookie	Duration	Description
__cf_bm	30 min	Used to filter requests from bots.
_fbp	1 month	Contains a randomly generated user ID and the time of your first visit. Using this ID, Facebook can recognize recurring users on this website and merge the data from previous visits.
_ga	1 year	This cookie is installed by Google Analytics. The cookie is used to calculate visitor, session and campaign data and track website usage for website analytics report. The cookies store information anonymously and assign a randomly generated number to identify unique visitors.
_ga_126VYLCXDY	1 year	The cookie is set by Google Analytics and is used to store session status.
_gcl_au	3 months	The cookie is used by Google Tag Manager to track and save conversions.
_gid	1 day	This cookie is installed by Google Analytics. The cookie is used to store information about how visitors use a website and helps create an analytical report on how the website is performing. The data collected includes the number of visitors, the source they came from and the pages visited in an anonymous form.
_schn	Session	These cookies come from the Snapchat retargeting pixel and are set via the embedded videos from Vimeo. This pixel is used to retarget and match traffic from the social network.
_scid	13 months	These cookies come from the Snapchat retargeting pixel and are set via the embedded videos from Vimeo. This pixel is used to retarget and match traffic from the social network.
_tt_enable_cookie	13 months	These cookies come from the TikTok retargeting pixel and are set via the embedded videos from Vimeo. This pixel is used to measure and improve the performance of your advertising campaigns and to personalize the user experience (including ads).
_ttp	13 months	These cookies come from the TikTok retargeting pixel and are set via the embedded videos from Vimeo. This pixel is used to measure and improve the performance of your advertising campaigns and to personalize the user experience (including ads).
_uetsid	1 day	This cookie is used by Bing and is set via the embedded videos from Vimeo to collect anonymous information about how visitors use the website.
_uetvid	13 months	This cookie is used by Bing and is set via the embedded videos from Vimeo to collect anonymous information about how visitors use the website.
1P_JAR	1 month	This cookie collects website usage statistics and measures conversions. A conversion occurs, for example, when a user becomes a buyer. The cookie is also used to display relevant advertisements to users. Furthermore, the cookie can be used to prevent a user from seeing the same ad more than once.
AF_SYNC	1 week	This cookie collects information about your actions on websites that have embedded a Vimeo video.
afUserId	13 months	This cookie collects information about your actions on websites that have embedded a Vimeo video.
CONSENT	19 months	The cookie stores the status of a user's consent to the use of various Google services. CONSENT also serves security to screen users, prevent fraudulent credentials, and protect user data from unauthorized attacks.
DV	1 day	Once you have ticked the "I'm not a robot" box, this cookie will be set. The cookie is used by Google Analytics for personalized advertising. DV collects information in an anonymous form and is further used to make user distinctions.
NID	6 months	NID is used by Google to match advertisements to your Google search. With the help of the cookie, Google "remembers" your most frequently entered search queries or your previous interaction with advertisements. So you always get tailor-made advertisements. The cookie contains a unique ID to collect the user's personal settings for advertising purposes.
OptanonAlertBoxClosed	1 week	This cookie is set by embedded videos from Vimeo that use certain versions of OneTrust's cookie law compliance solution. It is set after visitors have seen a cookie information notice and, in some cases, only when they actively dismiss the notice. It allows the website not to display the message to a user more than once. The cookie does not contain any personal data.
OptanonConsent	1 year	This cookie is set by OneTrust's cookie compliance solution. It stores information about the categories of cookies the website uses and whether visitors have given or withdrawn their consent to the use of each category. This allows website owners to prevent cookies of any category from being set in the user's browser if consent is not given. It does not contain any information that can identify the site visitor.
player	10 months	This cookie is set by embedded videos from Vimeo and saves the user's preferences when playing. It enables the correct functionality of these videos.
vuid	14 months	This cookie is set by integrated Vimeo videos and collects data from users about their visit and the pages viewed.

Cookie	Duration	Description
__Secure-1SID, __Secure-1PAPISID, __Secure-1SIDCC, __Secure-3SID, __Secure-3PAPISID, __Secure-3SIDCC	1 year	These cookies are set by Google. They are used for targeting purposes to build a profile of the website visitor's interests so that relevant & personalized Google ads can be displayed.
__Secure-ENID	7 months	This cookie is set by Google to secure digitally signed and encrypted data from the unique Google ID and to store the last login time. The visitor is identified to prevent fraudulent use of login credentials and to protect visitor data from unauthorized parties.
_ga	1 year	This cookie is installed by Google Analytics. The cookie is used to calculate visitor, session and campaign data and track website usage for website analytics report. The cookies store information anonymously and assign a randomly generated number to identify unique visitors.
_ga_00YN42W93Z	1 year	The cookie is set by Google Analytics and is used to store session status.
_gat_gtag_UA-73973810-1	1 min	This is an identification cookie set by Google Analytics, where the identification element in the name contains the unique identity number of the account or website to which it relates. It is a variation of the _gat cookie used to limit the amount of data recorded by Google on high traffic websites.
_gcl_au	3 months	The cookie is used by Google Tag Manager to track and save conversions.
_gid	1 day	This cookie is installed by Google Analytics. The cookie is used to store information about how visitors use a website and helps create an analytical report on how the website is performing. The data collected includes the number of visitors, the source they came from and the pages visited in an anonymous form.
AEC	1 month	The cookie is set by Google and ensures that requests within a browser session are made by the user and not by other websites.
DSID	2 weeks	The cookie is used for advertising and is intended for users who register to use Google services. It is used to identify a logged-in user on non-Google sites and to store whether the user has consented to personalized advertising.
OTZ	2 weeks	Cookie used by Google Analytics, which enables an overall analysis of website visitors.
SAPISID, APISID, HSID, SSID, SIDCC, SID	1 year	These Google security cookies help to authenticate the user, prevent fraudulent use of login information and protect user data from unauthorized access.

Privacy Policy

Table of Contents

1. Contact Addresses

1.1 Data Protection Officer or Data Protection Advisor

1.2 Data Protection Representative in the European Economic Area (EEA)

2. Terms and Legal Bases

2.1 Terms

2.2 Legal Bases

3. Type, Scope, and Purpose of Processing Personal Data

4. Disclosure of Personal Data

5. Communication

6. Applications

7. Data Security

8. Personal Data Abroad

9. Rights of Data Subjects

9.1 Data Protection Claims

9.2 Legal Remedies

10. Use of the Website

10.1 Cookies

10.2 Logging

10.3 Tracking Pixels

11. Notifications and Communications

11.1 Performance and Reach Measurement

11.2 Consent and Objection

11.3 Service Providers for Notifications and Communications

12. Social Media

13. Third-Party Services

13.1 Digital Infrastructure

13.2 Maps

13.3 Fonts

13.4 E-Commerce

13.5 Payments

13.6 Advertising

14. Website Extensions

15. Success and Reach Measurement

16. Final Notes on the Privacy Policy