Privacy Policy

With this privacy policy, we inform you about the processing of personal data in connection with our activities and operations, including our hotel-staila.ch website. In particular, we explain for what purposes, how, and where we process personal data. We also inform about the rights of individuals whose data we process.

For specific or additional activities and operations, further privacy policies or other data protection information may apply.

We are subject to Swiss data protection law and, where applicable, foreign data protection law, including that of the European Union (EU) with the European General Data Protection Regulation (GDPR).

On July 26, 2000, the European Commission recognized that Swiss data protection law ensures an adequate level of data protection. On January 15, 2024, the European Commission confirmed this adequacy decision.

1. Contact Details

Responsible for processing personal data:

Staila SA
Hotel Landgasthof Staila
Via cumünala 27
7533 Fuldera

info@hotel-staila.ch

In individual cases, third parties may be responsible for processing personal data, or there may be joint responsibility with third parties.

1.1 Data Protection Officer

We have the following data protection officer as a contact point for data subjects and authorities regarding data protection queries:

Irène Hohenegger-Heini
Hotel Landgasthof Staila
Via cumünala 27
7533 Fuldera

info@hotel-staila.ch

1.2 Data Protection Representation in the European Economic Area (EEA)

We have the following data protection representation according to Art. 27 GDPR:

VGS Datenschutzpartner GmbH
Am Kaiserkai 69
20457 Hamburg
Germany

info@hotel-staila.ch

The data protection representation serves as an additional contact point for data subjects and authorities in the European Union (EU) and the rest of the European Economic Area (EEA) regarding GDPR-related queries.

2. Terms and Legal Bases

2.1 Terms

Data Subject: Natural person whose personal data we process.

Personal Data: All information relating to an identified or identifiable natural person.

Special Categories of Personal Data: Data concerning union, political, religious, or ideological views and activities, health, private life, ethnicity, or race, genetic data, biometric data uniquely identifying a person, criminal and administrative sanctions or prosecutions, and social assistance measures.

Processing: Any operation with personal data, regardless of the methods and procedures applied, such as querying, aligning, modifying, archiving, storing, reading, disclosing, acquiring, recording, collecting, deleting, revealing, sorting, organizing, storing, changing, distributing, linking, destroying, and using personal data.

European Economic Area (EEA): Member states of the European Union (EU), along with Liechtenstein, Iceland, and Norway.

2.2 Legal Bases

We process personal data in accordance with Swiss data protection law, such as the Federal Act on Data Protection (Data Protection Act, DPA) and the Data Protection Ordinance (Data Protection Ordinance, DPO).

Where the European General Data Protection Regulation (GDPR) applies, we process personal data under at least one of the following legal bases:

Art. 6(1)(b) GDPR for processing personal data necessary to perform a contract with the data subject or to take pre-contractual measures.
Art. 6(1)(f) GDPR for processing personal data to protect legitimate interests – including those of third parties – unless such interests are overridden by the fundamental rights and freedoms of the data subject. Such interests particularly include the continuous, user-friendly, secure, and reliable execution of our activities and operations, ensuring information security, protecting against misuse, enforcing our own legal claims, and complying with Swiss law.
Art. 6(1)(c) GDPR for processing personal data necessary to comply with a legal obligation to which we are subject, as applicable under the laws of the EEA member states.
Art. 6(1)(e) GDPR for processing personal data necessary for the performance of a task carried out in the public interest.
Art. 6(1)(a) GDPR for processing personal data with the consent of the data subject.
Art. 6(1)(d) GDPR for processing personal data necessary to protect the vital interests of the data subject or another natural person.
Art. 9(2) et seq. GDPR for processing special categories of personal data, particularly with the consent of the data subject.

The European General Data Protection Regulation (GDPR) designates the processing of personal data as the processing of personal data, and the processing of special categories of personal data as processing special categories of personal data (Art. 9 GDPR).

3. Nature, Scope, and Purpose of Data Processing

We process personal data only as needed to carry out our activities and operations sustainably, user-friendly, securely, and reliably. The personal data processed may fall into categories such as browser and device data, content data, communication data, metadata, usage data, master data, including inventory and contact data, location data, transaction data, contract data, and payment data.

We also process personal data received from third parties, obtained from publicly accessible sources, or collected during our activities and operations, as permitted by law.

We process personal data when necessary, with the consent of the data subject. In many cases, we can process personal data without consent, such as to fulfill legal obligations or protect overriding interests. We may also request consent from data subjects when not required.

We process personal data for the duration necessary for the respective purpose. We anonymize or delete personal data, particularly considering legal retention and limitation periods.

4. Disclosure of Personal Data

We may disclose personal data to third parties, have them processed by third parties, or jointly process them with third parties. These third parties primarily consist of specialized providers whose services we use.

We may disclose personal data, for example, to banks and other financial service providers, authorities, educational and research institutions, consultants and lawyers, interest groups, IT service providers, cooperation partners, credit and economic information services, logistics and shipping companies, marketing and advertising agencies, media, organizations and associations, social institutions, telecommunications companies, and insurers.

5. Communication

We process personal data to communicate with third parties. In this context, we process data provided by a data subject when contacting us, for example, by letter or email. We may store such data in an address book or similar tools.

Third parties transmitting data about other individuals must ensure data protection for these data subjects, including ensuring the accuracy of the transmitted personal data.

6. Data Security

We take appropriate technical and organizational measures to ensure data security commensurate with the respective risk. With our measures, we particularly ensure the confidentiality, availability, traceability, and integrity of the processed personal data, while we cannot guarantee absolute data security.

Access to our website and other online presence occurs via transport encryption (SSL / TLS, especially with Hypertext Transfer Protocol Secure, abbreviated HTTPS). Most browsers warn before visiting websites without transport encryption.

Our digital communication is subject – like virtually all digital communication – to mass surveillance without cause or suspicion by security authorities in Switzerland, other parts of Europe, the United States of America (USA), and other countries. We have no direct influence on the respective processing of personal data by intelligence services, police authorities, and other security authorities. We cannot exclude the possibility that a data subject may be specifically monitored.

7. Personal Data Abroad

We process personal data primarily in Switzerland and the European Economic Area (EEA). However, we may also export or transmit personal data to other countries, particularly to process it there or have it processed.

We may export personal data to all countries on Earth and elsewhere in the universe if the applicable law in those locations, according to the decision of the Swiss Federal Council and – where the GDPR applies – also according to the decision of the European Commission, ensures an adequate level of data protection.

We may transfer personal data to countries whose laws do not ensure adequate data protection if other reasons guarantee data protection, particularly based on standard data protection clauses or other suitable safeguards. Exceptionally, we may export personal data to countries without adequate or appropriate data protection if the specific data protection requirements are met, such as the explicit consent of the data subject or a direct connection with the conclusion or fulfillment of a contract. We are happy to provide information upon request about any guarantees or provide copies of any guarantees.

8. Rights of Data Subjects

8.1 Data Protection Claims

We grant data subjects all rights in accordance with applicable data protection law. In particular, data subjects have the following rights:

Access: Data subjects may request information about whether we process their personal data and, if so, which personal data is involved. Data subjects also receive the information necessary to assert their data protection rights and ensure transparency. This includes the personal data processed as such, but also details such as the purpose of processing, retention duration, any disclosure or transfer of data to other countries, and the source of the personal data.
Correction and Restriction: Data subjects may correct incorrect personal data, complete incomplete data, and restrict the processing of their data.
Deletion and Objection: Data subjects may request the deletion of personal data (“right to be forgotten”) and object to the processing of their data with future effect.
Data Release and Transfer: Data subjects may request the release of personal data or the transfer of their data to another controller.

We may postpone, restrict, or deny the exercise of data subjects’ rights within the legally permissible scope. We may inform data subjects about any prerequisites for exercising their data protection rights. For example, we may refuse access entirely or partially by referring to confidentiality obligations, overriding interests, or the protection of other persons. We may also refuse to delete personal data entirely or partially, particularly with reference to statutory retention obligations.

We may exceptionally impose costs for exercising rights. We will inform data subjects in advance of any potential costs.

We are obligated to take reasonable measures to verify the identity of data subjects who request access or exercise other rights. Data subjects must cooperate.

8.2 Legal Protection

Data subjects have the right to enforce their data protection rights through legal action or file a complaint with a data protection supervisory authority.

The data protection supervisory authority for private controllers and federal authorities in Switzerland is the Federal Data Protection and Information Commissioner (FDPIC).

European data protection supervisory authorities are organized as members of the European Data Protection Board (EDPB). In some EEA member states, data protection supervisory authorities have a federal structure, particularly in Germany.

9. Use of the Website

9.1 Cookies

We may use cookies. Cookies – our own (first-party cookies) as well as cookies from third parties whose services we use (third-party cookies) – are data stored in the browser. Such stored data is not necessarily limited to traditional text-based cookies.

Cookies may be temporarily stored in the browser as “session cookies” or for a specific period as “persistent cookies.” “Session cookies” are automatically deleted when the browser is closed. Persistent cookies have a specific storage duration. Cookies allow a browser to be recognized the next time a user visits our website, enabling us, for example, to measure the reach of our website. Persistent cookies may also be used for online marketing.

Cookies can be entirely or partially deactivated and deleted in the browser settings at any time. Without cookies, our website may not be available in full. We actively seek explicit consent for the use of cookies – at least where and when necessary.

For cookies used for success and reach measurement or for advertising purposes, a general opt-out is available for numerous services via the AdChoices (Digital Advertising Alliance of Canada), the Network Advertising Initiative (NAI), YourAdChoices (Digital Advertising Alliance), or Your Online Choices (European Interactive Digital Advertising Alliance, EDAA).

9.2 Logging

We may log at least the following data for every access to our website and other online presence, provided such data is transmitted to our digital infrastructure during such access: date and time, including time zone, IP address, access status (HTTP status code), operating system, including user interface and version, browser, including language and version, specific sub-page of our website accessed, including the volume of data transmitted, and the last website accessed within the same browser window (referrer).

We log such data, which may also be personal data, in log files. This information is necessary to ensure the continuous, user-friendly, and reliable availability of our online presence and to ensure data security – either by ourselves or with the help of third parties.

9.3 Web Beacons

We may integrate web beacons into our online presence. Web beacons, also known as tracking pixels, are usually small, invisible images or JavaScript scripts that are automatically retrieved when our online presence is accessed. Web beacons can capture at least the same data as log files.

10. Notifications and Announcements

10.1 Success and Reach Measurement

Notifications and announcements may contain hyperlinks or web beacons that track whether a notification has been opened and which links have been clicked. These hyperlinks and web beacons may also track the usage of notifications and announcements on an individual basis. We need this statistical tracking to measure success and reach, to send notifications and announcements effectively and user-friendly based on the preferences and reading habits of recipients, as well as to send them securely, reliably, and sustainably.

10.2 Consent and Objection

You must generally consent to the use of your email address and other contact information, except where such use is permitted on other legal grounds. For collecting a double opt-in consent, we may use the “double opt-in” procedure. In this case, you will receive a message with instructions for double confirmation. We may log collected consents, including IP address and timestamp, for evidence and security purposes.

You can generally object to receiving notifications and announcements, such as newsletters, at any time. By objecting, you may also object to statistical tracking for success and reach measurement. Excluded are necessary notifications and announcements in connection with our activities and operations.

10.3 Service Providers for Notifications and Announcements

We send notifications and announcements with the help of specialized service providers.

In particular, we use:

Mailchimp: Communication platform; Provider: The Rocket Science Group LLC DBA Mailchimp (USA), a subsidiary of Intuit Inc. (USA); Privacy information: Privacy Statement (Intuit), including “Country and Region-Specific Terms,” “Frequently Asked Questions about Mailchimp Privacy”, “Mailchimp and European Data Transfers”, “Security”, Cookie Policy, “Privacy Rights Requests”, “Legal Terms”.

We are present on social media platforms and other online platforms to communicate with interested parties and inform them about our activities and operations. Personal data may be processed outside Switzerland and the European Economic Area (EEA) in connection with these platforms.

The terms and conditions, usage policies, privacy policies, and other regulations of each platform’s operator apply. These regulations inform data subjects about their rights directly with the platform, such as the right to access.

For our social media presence on Facebook including so-called page insights – where the General Data Protection Regulation (GDPR) applies – we are jointly responsible with Meta Platforms Ireland Limited (Ireland). Meta Platforms Ireland Limited is part of the Meta Companies (including the USA). Page insights provide information about how visitors interact with our Facebook presence. We use page insights to provide our social media presence on Facebook effectively and user-friendly.

Further information about the nature, scope, and purpose of data processing, information about the rights of data subjects, and the contact details of Facebook and its data protection officer can be found in the Facebook Privacy Policy. We have entered into a “Controller Addendum” with Facebook, specifying that Facebook is responsible for ensuring the rights of data subjects. For page insights, corresponding information can be found on the “Information about Page Insights” page, including “Information about Page Insights Data”.

12. Services of Third Parties

We use the services of specialized third parties to carry out our activities and operations sustainably, user-friendly, securely, and reliably. These services allow us, among other things, to embed functions and content into our website. For such embedding, the services used necessarily capture at least temporarily the IP addresses of users for technical reasons.

For necessary security-related, statistical, and technical purposes, third parties whose services we use may process data aggregated, anonymized, or pseudonymized in connection with our activities and operations. This may include performance or usage data to provide the respective service.

In particular, we use:

Google Services: Providers: Google LLC (USA) / Google Ireland Limited (Ireland) partially for users in the European Economic Area (EEA) and Switzerland; General information about data protection: “Privacy and Security Principles”, “Information on how Google uses personal data”, Privacy Policy, “Google’s commitment to compliance with applicable data protection laws”, “Privacy Guide for Google Products”, “How we use data from websites or apps that use our services”, “Types of cookies and similar technologies that Google uses”, “Advertising you control” (“Personalized Advertising”).

12.1 Digital Infrastructure

We use the services of specialized third parties to access the necessary digital infrastructure for our activities and operations. This includes hosting and storage services from selected providers.

In particular, we use:

Hostpoint: Hosting; Provider: Hostpoint AG (Switzerland); Privacy information: Privacy Policy.
WordPress.com: Blog hosting and website builder; Providers: Automattic Inc. (USA) / Aut O’Mattic A8C Ireland Ltd. (Ireland) for users in Europe, among others; Privacy information: Privacy Policy, Cookie Policy.

12.2 Maps

We use the services of third parties to embed maps into our website.

In particular, we use:

Google Maps including Google Maps Platform: Map service; Provider: Google; Google Maps-specific information: “How Google uses location information”.

12.3 Digital Content

We use the services of specialized third parties to embed digital content into our website. Digital content includes in particular images and videos, music, and podcasts.

In particular, we use:

Vimeo: Video platform; Provider: Vimeo Inc. (USA); Privacy information: Privacy Policy, “Private Video Hosting”.

12.4 Payments

We use specialized service providers to process payments from our customers securely and reliably. The legal texts of the individual service providers, such as terms and conditions or privacy policies, apply additionally for payment processing.

In particular, we use:

PostFinance: Payment processing; Provider: PostFinance AG (Switzerland); Privacy information: “Legal Information and Accessibility”, “Privacy” (including privacy statements).
TWINT: Payment processing in Switzerland; Provider: TWINT AG (Switzerland); Privacy information: Privacy Policy, “Swiss Standards for Security”.
Worldline: Payment processing, especially with mobile payment solutions; Providers: Worldline SA (France), Worldline Switzerland AG (Switzerland), and other Worldline companies worldwide (including the USA); Privacy information: Privacy Policy, “Responsible Disclosure Program”, Cookie Notice.

13. Website Extensions

We use extensions for our website to enable additional functions. We may use selected services from suitable providers or such extensions on our digital infrastructure.

In particular, we use:

Google reCAPTCHA: Spam protection (distinguishing between legitimate content from humans and unwanted content from bots and spam); Provider: Google; Google reCAPTCHA-specific information: “What is reCAPTCHA?”.

14. Success and Reach Measurement

We strive to measure the success and reach of our activities and operations. In this context, we may also measure the impact of third-party notices or check how different parts or versions of our online offering are used (“A/B test” method). Based on the results of success and reach measurement, we can correct errors, strengthen popular content, or make improvements.

In most cases, the IP addresses of individual users are collected for success and reach measurement. IP addresses are generally shortened (“IP masking”) to follow the principle of data minimization through pseudonymization.

Cookies may be used for success and reach measurement, and user profiles may be created. Any user profiles created may include, for example, the specific pages visited or content viewed on our website, screen size or browser window details, and – at least approximately – location. Generally, any created user profiles are pseudonymized and not used to identify individual users. Some third-party services, where users are logged in, may associate the use of our online offering with the user account or profile on the respective service.

In particular, we use:

Google Marketing Platform: Success and reach measurement, particularly with Google Analytics; Provider: Google; Google Marketing Platform-specific information: Measurement across browsers and devices (cross-device tracking) with pseudonymized IP addresses, which are only exceptionally fully transmitted to Google in the USA, Google Analytics Privacy Policy, “Browser Add-on for Disabling Google Analytics”.
Google Tag Manager: Embedding and managing Google and third-party services, particularly for success and reach measurement; Provider: Google; Google Tag Manager-specific information: Google Tag Manager Privacy Policy; further information on data protection can be found in the individual embedded and managed services.

15. Final Provisions

We created this privacy policy with the Privacy Policy Generator from Datenschutzpartner. The present privacy policy is an unofficial translation from the original German version.

We may amend or supplement this privacy policy at any time. We will inform about such amendments and supplements in an appropriate manner, particularly by publishing the current privacy policy on our website.

Cookie	Duration	Description
_GRECAPTCHA	1 year	This cookie is set by Google. In addition to certain standard Google cookies, reCAPTCHA sets a necessary cookie (_GRECAPTCHA) when running for the purpose of providing its risk analysis.
cli_user_preference	1 year	Preserves cookie consents for the current domain.
cookielawinfo-checkbox-analytics	1 year	The cookie is set by GDPR cookie consent to record the user's consent for the "analytics" category cookies.
cookielawinfo-checkbox-functional	1 year	The cookie is set by GDPR cookie consent to record user consent for the "Functional" category cookies.
cookielawinfo-checkbox-necessary	1 year	The cookie is set by GDPR cookie consent to record the user's consent for the "Necessary" category cookies.
CookieLawInfoConsent	1 year	The cookie is set by the GDPR Cookie Consent plugin and records the standard button status of the relevant category & the status of the CCPA. It only works in coordination with the primary cookie.
pll_language	1 year	The cookie is used by Polylang to remember the language selected by the user when returning to the website and also to preserve the language information when it is not otherwise available.
rc::a	Persistent	This cookie is used to distinguish between humans and bots. This is beneficial for the website to create valid reports on the usage of their website.
rc::b	Session	This cookie is used to distinguish between humans and bots.
rc::c	Session	This cookie is used to distinguish between humans and bots.
SEARCH_SAMESITE	4 months	This cookie is used to prevent the browser from sending this cookie along with cross-site requests.
viewed_cookie_policy	1 year	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not the user has consented to the use of cookies. It does not store any personal data.
what-input	Session	Is used internally to differentiate between the different input types of the devices.
what-intent	Session	Is used internally to differentiate between the different input types of the devices.
wordpress_test_cookie	Session	This cookie is used by WordPress to check if cookies are enabled in the browser.

Cookie	Duration	Description
__cf_bm	30 min	Used to filter requests from bots.
_fbp	1 month	Contains a randomly generated user ID and the time of your first visit. Using this ID, Facebook can recognize recurring users on this website and merge the data from previous visits.
_ga	1 year	This cookie is installed by Google Analytics. The cookie is used to calculate visitor, session and campaign data and track website usage for website analytics report. The cookies store information anonymously and assign a randomly generated number to identify unique visitors.
_ga_126VYLCXDY	1 year	The cookie is set by Google Analytics and is used to store session status.
_gcl_au	3 months	The cookie is used by Google Tag Manager to track and save conversions.
_gid	1 day	This cookie is installed by Google Analytics. The cookie is used to store information about how visitors use a website and helps create an analytical report on how the website is performing. The data collected includes the number of visitors, the source they came from and the pages visited in an anonymous form.
_schn	Session	These cookies come from the Snapchat retargeting pixel and are set via the embedded videos from Vimeo. This pixel is used to retarget and match traffic from the social network.
_scid	13 months	These cookies come from the Snapchat retargeting pixel and are set via the embedded videos from Vimeo. This pixel is used to retarget and match traffic from the social network.
_tt_enable_cookie	13 months	These cookies come from the TikTok retargeting pixel and are set via the embedded videos from Vimeo. This pixel is used to measure and improve the performance of your advertising campaigns and to personalize the user experience (including ads).
_ttp	13 months	These cookies come from the TikTok retargeting pixel and are set via the embedded videos from Vimeo. This pixel is used to measure and improve the performance of your advertising campaigns and to personalize the user experience (including ads).
_uetsid	1 day	This cookie is used by Bing and is set via the embedded videos from Vimeo to collect anonymous information about how visitors use the website.
_uetvid	13 months	This cookie is used by Bing and is set via the embedded videos from Vimeo to collect anonymous information about how visitors use the website.
1P_JAR	1 month	This cookie collects website usage statistics and measures conversions. A conversion occurs, for example, when a user becomes a buyer. The cookie is also used to display relevant advertisements to users. Furthermore, the cookie can be used to prevent a user from seeing the same ad more than once.
AF_SYNC	1 week	This cookie collects information about your actions on websites that have embedded a Vimeo video.
afUserId	13 months	This cookie collects information about your actions on websites that have embedded a Vimeo video.
CONSENT	19 months	The cookie stores the status of a user's consent to the use of various Google services. CONSENT also serves security to screen users, prevent fraudulent credentials, and protect user data from unauthorized attacks.
DV	1 day	Once you have ticked the "I'm not a robot" box, this cookie will be set. The cookie is used by Google Analytics for personalized advertising. DV collects information in an anonymous form and is further used to make user distinctions.
NID	6 months	NID is used by Google to match advertisements to your Google search. With the help of the cookie, Google "remembers" your most frequently entered search queries or your previous interaction with advertisements. So you always get tailor-made advertisements. The cookie contains a unique ID to collect the user's personal settings for advertising purposes.
OptanonAlertBoxClosed	1 week	This cookie is set by embedded videos from Vimeo that use certain versions of OneTrust's cookie law compliance solution. It is set after visitors have seen a cookie information notice and, in some cases, only when they actively dismiss the notice. It allows the website not to display the message to a user more than once. The cookie does not contain any personal data.
OptanonConsent	1 year	This cookie is set by OneTrust's cookie compliance solution. It stores information about the categories of cookies the website uses and whether visitors have given or withdrawn their consent to the use of each category. This allows website owners to prevent cookies of any category from being set in the user's browser if consent is not given. It does not contain any information that can identify the site visitor.
player	10 months	This cookie is set by embedded videos from Vimeo and saves the user's preferences when playing. It enables the correct functionality of these videos.
vuid	14 months	This cookie is set by integrated Vimeo videos and collects data from users about their visit and the pages viewed.

Cookie	Duration	Description
__Secure-1SID, __Secure-1PAPISID, __Secure-1SIDCC, __Secure-3SID, __Secure-3PAPISID, __Secure-3SIDCC	1 year	These cookies are set by Google. They are used for targeting purposes to build a profile of the website visitor's interests so that relevant & personalized Google ads can be displayed.
__Secure-ENID	7 months	This cookie is set by Google to secure digitally signed and encrypted data from the unique Google ID and to store the last login time. The visitor is identified to prevent fraudulent use of login credentials and to protect visitor data from unauthorized parties.
_ga	1 year	This cookie is installed by Google Analytics. The cookie is used to calculate visitor, session and campaign data and track website usage for website analytics report. The cookies store information anonymously and assign a randomly generated number to identify unique visitors.
_ga_00YN42W93Z	1 year	The cookie is set by Google Analytics and is used to store session status.
_gat_gtag_UA-73973810-1	1 min	This is an identification cookie set by Google Analytics, where the identification element in the name contains the unique identity number of the account or website to which it relates. It is a variation of the _gat cookie used to limit the amount of data recorded by Google on high traffic websites.
_gcl_au	3 months	The cookie is used by Google Tag Manager to track and save conversions.
_gid	1 day	This cookie is installed by Google Analytics. The cookie is used to store information about how visitors use a website and helps create an analytical report on how the website is performing. The data collected includes the number of visitors, the source they came from and the pages visited in an anonymous form.
AEC	1 month	The cookie is set by Google and ensures that requests within a browser session are made by the user and not by other websites.
DSID	2 weeks	The cookie is used for advertising and is intended for users who register to use Google services. It is used to identify a logged-in user on non-Google sites and to store whether the user has consented to personalized advertising.
OTZ	2 weeks	Cookie used by Google Analytics, which enables an overall analysis of website visitors.
SAPISID, APISID, HSID, SSID, SIDCC, SID	1 year	These Google security cookies help to authenticate the user, prevent fraudulent use of login information and protect user data from unauthorized access.

Privacy Policy

1. Contact Details

1.1 Data Protection Officer

1.2 Data Protection Representation in the European Economic Area (EEA)

2. Terms and Legal Bases

2.1 Terms

2.2 Legal Bases

3. Nature, Scope, and Purpose of Data Processing

4. Disclosure of Personal Data

5. Communication

6. Data Security

7. Personal Data Abroad

8. Rights of Data Subjects

8.1 Data Protection Claims

8.2 Legal Protection

9. Use of the Website

9.1 Cookies

9.2 Logging

9.3 Web Beacons

10. Notifications and Announcements

10.1 Success and Reach Measurement

10.2 Consent and Objection

10.3 Service Providers for Notifications and Announcements

11. Social Media

12. Services of Third Parties

12.1 Digital Infrastructure

12.2 Maps

12.3 Digital Content

12.4 Payments

13. Website Extensions

14. Success and Reach Measurement

15. Final Provisions