Privacy Policy

Piz Mitgel Management AG

Director: Renske van der Woude

Stradung 31

7460 Surses / Savognin

Telephone: +41 81 684 11 61

E-Mail: willkommen@pizmitgel.ch

Concept, implementation: Piz Mitgel Management, page design by Crown ADAM AG

Photos: © Copyright 2021 Thomas Kiewning / BK Media Solutions, © Copyright 2023, 2024 Duncan Pond, Savognin Tourism Association, Bivio Albulatal, Fotolia, Unsplash, Pixabay.

Privacy Policy

With this privacy policy, we inform you about the processing of personal data in connection with our activities and operations, including our website under the domain name pizmitgel.ch. We specifically explain for what purposes, how, and where we process which personal data. We also provide information about the rights of individuals whose data we process.

For individual or additional activities and operations, we may publish further privacy policies or additional information on data protection.

We are subject to Swiss data protection law and, where applicable, foreign data protection law, particularly that of the European Union (EU) under the European General Data Protection Regulation (GDPR).

The European Commission recognized with its decision of July 26, 2000 that Swiss data protection law provides adequate protection. In its report of January 15, 2024, the European Commission confirmed this adequacy decision.

1. Contact Addresses

Responsible for processing personal data:

Piz Mitgel Management AG
Stradung 31
7460 Savognin
Switzerland

willkommen@pizmitgel.ch

In individual cases, third parties may be responsible for processing personal data, or there may be joint responsibility with third parties.

1.1 Data Protection Officer or Data Protection Consultant

We have the following data protection officer or consultant as a contact point for affected individuals and authorities regarding data protection inquiries:

Renske van der Woude
Piz Mitgel Management AG
Stradung 31
7460 Savognin
Switzerland

direktion@pizmitgel.ch

1.2 Data Protection Representation in the European Economic Area (EEA)

We have the following data protection representation in accordance with Art. 27 GDPR:

VGS Datenschutz­partner GmbH
Am Kaiserkai 69
20457 Hamburg
Germany

willkommen@pizmitgel.ch

The data protection representation serves as an additional contact point for affected individuals and authorities in the European Union (EU) and the European Economic Area (EEA) regarding GDPR-related inquiries.

2. Terms and Legal Bases

2.1 Terms

Affected Person: A natural person about whom we process personal data.

Personal Data: All information relating to an identified or identifiable natural person.

Special Categories of Personal Data: Data on trade union, political, religious, or philosophical views and activities, data on health, private life, or ethnicity or race, genetic data, biometric data uniquely identifying a natural person, data on criminal and administrative penalties or prosecutions, and data on social assistance measures.

Processing: Any handling of personal data, regardless of the methods and procedures used, such as querying, comparing, adjusting, archiving, storing, reading, disclosing, acquiring, collecting, deleting, exposing, ordering, organizing, saving, changing, distributing, linking, destroying, and using personal data.

European Economic Area (EEA): Member states of the European Union (EU), as well as the Principality of Liechtenstein, Iceland, and Norway.

2.2 Legal Bases

We process personal data in accordance with Swiss data protection law, specifically the Federal Act on Data Protection (Data Protection Act, DPA) and the Data Protection Ordinance (Data Protection Ordinance, DPO).

We process – to the extent that the European General Data Protection Regulation (GDPR) is applicable – personal data in accordance with at least one of the following legal bases:

  • Art. 6 para. 1 lit. b GDPR for necessary processing of personal data to fulfill a contract with the affected person and to carry out pre-contractual measures.
  • Art. 6 para. 1 lit. f GDPR for necessary processing of personal data to protect legitimate interests – including the legitimate interests of third parties – provided that the basic rights and freedoms, as well as the interests of the affected person, do not outweigh. Such interests include the sustainable, humane, secure, and reliable operation of our activities, ensuring information security, protecting against abuse, enforcing legal claims, and complying with Swiss law.
  • Art. 6 para. 1 lit. c GDPR for necessary processing of personal data to comply with a legal obligation to which we are subject under applicable law of EEA member states.
  • Art. 6 para. 1 lit. e GDPR for necessary processing of personal data to carry out a task in the public interest.
  • Art. 6 para. 1 lit. a GDPR for the processing of personal data with the consent of the affected person.
  • Art. 6 para. 1 lit. d GDPR for necessary processing of personal data to protect the vital interests of the affected person or another natural person.
  • Art. 9 para. 2 ff. GDPR for the processing of special categories of personal data, in particular with the consent of affected individuals.

The European General Data Protection Regulation (GDPR) designates the processing of personal data as the processing of personal data and the processing of particularly sensitive personal data as the processing of special categories of personal data (Art. 9 GDPR).

3. Nature, Scope, and Purpose of Processing Personal Data

We process only the personal data necessary to enable our activities and operations sustainably, humanely, securely, and reliably. The processed personal data may fall into categories such as browser and device data, content data, communication data, metadata, usage data, master data, including inventory and contact data, location data, transaction data, contract data, and payment data.

We also process personal data obtained from third parties, publicly accessible sources, or data collected in the course of our activities and operations, provided that such processing is legally permissible.

We process personal data, if necessary, with the consent of affected individuals. We may process personal data in many cases without consent, such as to fulfill legal obligations or to protect overriding interests. We may also ask for consent from affected persons, even when consent is not required.

We process personal data for the duration necessary for the respective purpose. We anonymize or delete personal data, particularly based on statutory retention and limitation periods.

4. Disclosure of Personal Data

We may disclose personal data to third parties, have it processed by third parties, or jointly process it with third parties. Such third parties are mainly specialized service providers whose services we utilize.

We may disclose personal data, for example, to banks and other financial institutions, authorities, educational and research institutions, consultants and lawyers, advocacy groups, IT service providers, cooperation partners, credit agencies, logistics and shipping companies, marketing and advertising agencies, media, organizations, and associations, social institutions, telecommunications companies, and insurers.

5. Communication

We process personal data to communicate with third parties. In this context, we process data provided by an affected person when making contact, for example, by mail or email. We may store such data in an address book or comparable tools.

Third parties who transmit data about other people are required to ensure data protection for such affected individuals. This includes ensuring the accuracy of the transmitted personal data.

6. Applications

We process personal data about applicants as needed to assess suitability for employment or later execute an employment contract. Required personal data is typically determined by the information requested, such as in a job posting. We may post job openings with the help of suitable third parties, for example, in electronic or printed media or on job boards and platforms.

We also process personal data that applicants voluntarily provide or make public, especially in cover letters, resumes, other application documents, and online profiles.

We process – to the extent that the General Data Protection Regulation (GDPR) is applicable – personal data about applicants, particularly in accordance with Art. 9 para. 2 lit. b GDPR.

We may allow applicants to enter their information in our talent pool for future consideration for open positions. We may also use this information to maintain contact and provide updates. If we find that an applicant may be suitable for an open position based on their information, we may notify the applicant accordingly.

We use selected services from suitable third parties to post positions via e-recruiting and to manage applications.

7. Data Security

We implement appropriate technical and organizational measures to ensure data security commensurate with the risk level. Our measures particularly ensure the confidentiality, availability, traceability, and integrity of the processed personal data, though absolute data security cannot be guaranteed.

Access to our website and other online presence occurs via transport encryption (SSL / TLS, specifically with HTTPS). Most browsers warn against accessing sites without transport encryption.

Our digital communications are generally subject to mass surveillance by security agencies in Switzerland, other parts of Europe, the United States (USA), and other countries without specific suspicion. We have no direct influence over the processing of personal data by intelligence services, law enforcement agencies, and other security agencies, nor can we rule out targeted surveillance of an affected person.

8. Personal Data Abroad

We process personal data primarily in Switzerland and the European Economic Area (EEA). However, we may also transfer or transmit personal data to other countries, particularly for processing or having it processed there.

We may transfer personal data to all countries on Earth and elsewhere in the universe if the local law ensures adequate data protection as determined by a Swiss Federal Council decision and, where the GDPR is applicable, by a European Commission decision.

We may transfer personal data to countries without adequate data protection if data protection is otherwise ensured, especially through standard data protection clauses or other suitable safeguards. Exceptionally, we may export personal data to countries without adequate protection if specific data protection requirements are met, such as the explicit consent of affected individuals or a direct connection with the conclusion or performance of a contract. We are happy to provide affected persons with information about guarantees or a copy of any guarantees upon request.

9. Rights of Affected Individuals

9.1 Data Protection Claims

We grant affected individuals all rights under applicable data protection law. Affected persons have, in particular, the following rights:

  • Information: Affected persons can request information about whether we process personal data about them and, if so, what personal data is involved. Affected persons will also receive any other information required to assert their data protection rights and ensure transparency. This includes the personal data processed and information about processing purposes, retention periods, potential disclosure or export of data to other countries, and the source of personal data.
  • Correction and Restriction: Affected persons may correct incorrect personal data, complete incomplete data, and restrict the processing of their data.
  • Deletion and Objection: Affected persons may have their personal data deleted (“right to be forgotten”) and object to the processing of their data with effect for the future.
  • Data Release and Transfer: Affected persons can request the release of personal data or its transfer to another responsible party.

We may delay, restrict, or deny the exercise of affected individuals’ rights within legally permissible limits. We may inform affected individuals of conditions that must be met to exercise their data protection rights. For example, we may refuse information citing confidentiality obligations, overriding interests, or the protection of other individuals. We may also refuse to delete personal data, particularly with reference to statutory retention obligations, either in whole or in part.

We may exceptionally charge fees for exercising rights. We inform affected persons in advance of any fees.

We are required to take appropriate measures to identify affected persons requesting information or asserting other rights. Affected persons are required to cooperate in this process.

9.2 Legal Protection

Affected persons have the right to enforce their data protection rights through legal action or to file a complaint with a data protection supervisory authority.

The data protection supervisory authority for private controllers and federal agencies in Switzerland is the Swiss Federal Data Protection and Information Commissioner (FDPIC).

European data protection authorities are organized as members of the European Data Protection Board (EDPB). In some EEA countries, data protection supervisory authorities have a federal structure, particularly in Germany.

10. Use of the Website

10.1 Cookies

We may use cookies. Cookies – our own (first-party cookies) as well as third-party cookies – are data stored in the browser. Such stored data is not limited to traditional text-based cookies.

Cookies can be stored temporarily in the browser as “session cookies” or for a set period as “permanent cookies.” “Session cookies” are automatically deleted when the browser is closed. Permanent cookies have a set storage period. Cookies allow, in particular, for the browser to be recognized upon returning to our website, thus enabling the measurement of our website’s reach. Permanent cookies may also be used for online marketing.

Cookies can be deactivated or deleted entirely or partially in browser settings at any time. Without cookies, our website may not be fully available. We request explicit consent for the use of cookies – at least where necessary.

For cookies used for success and reach measurement or for advertising, many services provide a general objection (“opt-out”) through AdChoices (Digital Advertising Alliance of Canada), the Network Advertising Initiative (NAI), YourAdChoices (Digital Advertising Alliance), or Your Online Choices (European Interactive Digital Advertising Alliance, EDAA).

10.2 Logging

We may log at least the following information for each access to our website and other online presences if this information is transmitted to our digital infrastructure: date and time, including time zone, IP address, access status (HTTP status code), operating system, including user interface and version, browser, including language and version, individual sub-page of our website accessed, including transmitted data volume, and the last page visited in the same browser window (referrer).

We log such information, which may include personal data, in log files. This information is required to ensure the sustainable, user-friendly, and reliable availability of our online presence and to guarantee data security – including through third parties or with the help of third parties.

10.3 Tracking Pixels

We may integrate tracking pixels into our online presence. Tracking pixels, also known as web beacons, are typically small, invisible images or JavaScript scripts automatically retrieved when our online presence is accessed. Tracking pixels – also from third parties whose services we use – can capture at least the same information as in log files.

11. Notifications and Announcements

11.1 Success and Reach Measurement

Notifications and announcements may contain weblinks or tracking pixels that track whether a particular message has been opened and which links were clicked. Such links and tracking pixels may also record the usage of notifications and announcements on a personal basis. This statistical recording of usage is necessary for success and reach measurement, enabling us to send notifications and announcements effectively and sustainably based on recipients’ needs and reading habits, ensuring they are user-friendly, secure, and reliable.

11.2 Consent and Objection

In general, you must consent to the use of your email address and other contact details unless otherwise permitted by law. We may use a “double opt-in” procedure to obtain doubly confirmed consent, in which case you will receive a message with instructions for double confirmation. We may record consents obtained, including IP address and timestamp for proof and security purposes.

You may in general object to receiving notifications and announcements, such as newsletters, at any time. By doing so, you may also object to the statistical measurement of usage for success and reach measurement. Required notifications and announcements related to our activities and operations are reserved.

11.3 Service Providers for Notifications and Announcements

We send notifications and announcements with the help of specialized service providers.

We particularly use:

12. Social Media

We are present on social media platforms and other online platforms to communicate with interested parties and to provide information about our activities and operations. Personal data may also be processed outside Switzerland and the European Economic Area (EEA) in connection with these platforms.

The terms and conditions, privacy policies, and other provisions of the respective platform operators apply. These provisions particularly inform affected individuals of their rights directly with the respective platform, including the right to information.

For our social media presence on Facebook, including so-called page insights, we are – to the extent that the General Data Protection Regulation (GDPR) applies – jointly responsible with Meta Platforms Ireland Limited (Ireland). Meta Platforms Ireland Limited is part of the Meta Companies (including in the USA). Page insights provide insight into how visitors interact with our Facebook presence. We use page insights to make our Facebook social media presence effective and user-friendly.

Further information about the nature, scope, and purpose of data processing, information on affected individuals’ rights, and Facebook’s contact information, including its data protection officer, can be found in Facebook’s Privacy Policy. We have entered into the so-called Controller Addendum with Facebook, agreeing that Facebook is responsible for ensuring the rights of affected individuals. Relevant information on page insights can be found on the page Information on Page Insights and Information about Page Insights Data.

13. Third-Party Services

We use third-party services to sustainably, humanely, securely, and reliably conduct our activities and operations. With such services, we can integrate functions and content into our website. For technical reasons, the services used must, at least temporarily, capture users’ IP addresses.

For required security-relevant, statistical, and technical purposes, third parties whose services we use may process data in connection with our activities and operations in an aggregated, anonymized, or pseudonymized manner. These may include performance or usage data necessary to provide the respective service.

We particularly use:

13.1 Digital Infrastructure

We use third-party services to access the necessary digital infrastructure in connection with our activities and operations. These include hosting and storage services from selected providers.

We particularly use:

13.2 Mapping Material

We use third-party services to integrate maps into our website.

We particularly use:

13.3 Fonts

We use third-party services to integrate selected fonts as well as icons, logos, and symbols into our website.

We particularly use:

13.4 E-Commerce

We operate e-commerce and use third-party services to successfully offer services, content, or goods.

13.5 Payments

We use specialized service providers to process our customers’ payments securely and reliably. The terms and conditions and privacy policies of each provider apply to the processing of payments.

We particularly use:

14. Success and Reach Measurement

We aim to measure the success and reach of our activities and operations. This may include tracking the effectiveness of third-party links or checking how different parts or versions of our online offering are used (“A/B testing” method). Based on success and reach measurements, we can address issues, strengthen popular content, or make improvements.

Most success and reach measurements involve capturing users’ IP addresses. In such cases, IP addresses are generally shortened (“IP masking”) to comply with the principle of data minimization through pseudonymization.

Cookies may be used, and user profiles may be created as part of success and reach measurement. Any user profiles created may include individual pages visited or content viewed on our website, screen size or browser window information, and – at least approximately – location. User profiles are generally pseudonymized and not used to identify individual users. Individual third-party services where users are logged in may associate the use of our online offering with the user account or profile on the respective service.

We particularly use:

15. Video Surveillance

We use video surveillance for crime prevention, evidence in case of crime, exercising and asserting our legal claims, defense against third-party claims, and enforcing our house rules. To the extent that the General Data Protection Regulation (GDPR) is applicable, these are considered overriding legitimate interests in accordance with Art. 6 para. 1 lit. f GDPR, and for special categories of personal data with reference to Art. 9 para. 2 lit. f GDPR.

We store video surveillance footage as long as it is required for evidence or other purposes mentioned.

We may retain and transmit video surveillance footage to appropriate entities such as courts or law enforcement agencies if necessary for a stated purpose, in our otherwise legitimate overriding interest, or due to legal obligations.

16. Final Remarks on Privacy Policy

We created this privacy policy using the Data Protection Generator from Data Protection Partner . The present privacy policy is an unofficial translation from the original German version.

We may update this privacy policy at any time. We will inform you of updates in an appropriate manner, particularly by publishing the current privacy policy on our website.

We look forward to your visit.

I consent to Hotel Piz Mitgel using my contact details to contact me and respond to my message in accordance with their privacy policies.

9 + 5 =

Contact

Address

Stradung 31 | 7460 Savognin| Switzerland

eMail

willkommen@pizmitgel.ch

Phone

Directions to the Piz Mitgel Hotel

Please always use the complete address when entering it into your navigation system: 7460 Savognin, Strandung 31.

Zürich – Savognin – 164 km – 1:48 Std.

Chur – Savognin – 46,5 km – 0:39 Std

St. Moritz – Savognin – 38,6 km – 0:43 Std

Travel by public transportation

Nearest Airport is Zürich or St. Gallen Altenrhein Flughafen Zurich

Nearest train station: Tiefencastle https://www.sbb.ch
SWISS TRAVEL PASS | Gepäcktransport SBB

Travel comfortably and climate-neutral with public transportation and let your luggage travel alone. We collaborate with the Swiss Federal Railways (SBB) and are happy to pick up or deliver your luggage to the nearest train station! Please contact us for further information.

Nearest bus stop.

Savognin posta

Transportation providers

Taxi Giovanni

Tel: +41 78 742 75 87

Web search

Taxi Jäger

Tel: +41 78 609 56 96

Mail: jaegertrans@bluewin.ch

Surses Liner

Website

Tel: +41 76 410 31 31