Piz Mitgel Management AG
Direktion: Martin Luzzi
7460 Surses / Savognin
Telefon: +41 81 684 11 61
Concept, implementation: Piz Mitgel Management, page design by Crown ADAM AG
Photos: © Copyright 2021 Thomas Kiewning / BK Media Solutions, © Copyright 2023, 2024 Duncan Pond, Savognin Tourism Association, Bivio Albulatal, Fotolia, Unsplash, Pixabay.
For specific or additional activities and operations, additional privacy policies and other legal documents such as Terms and Conditions (T&Cs), Usage Terms, or Participation Terms may apply.
We are subject to Swiss data protection law and potentially applicable foreign data protection law, such as the European Union’s (EU) General Data Protection Regulation (GDPR). The European Commission recognizes that Swiss data protection law ensures adequate data protection.
1. Contact Address
Responsible for the processing of personal data:
Piz Mitgel Management AG
We will indicate if there are other responsible parties for the processing of personal data in individual cases.
1.1 Data Protection Officers or Advisors
We have the following data protection officer or advisor as a point of contact for individuals and authorities for inquiries related to data protection:
Piz Mitgel Management AG
1.2 Data Protection Representation in the European Economic Area (EEA)
We have the following data protection representation in accordance with Article 27 GDPR:
VGS Datenschutzpartner GmbH
Am Kaiserkai 69
The data protection representation serves as an additional point of contact for inquiries related to the GDPR for affected individuals and authorities in the European Union (EU) and the rest of the European Economic Area (EEA).
2. Terms and Legal Bases
Personal data refers to any information that relates to a specific or identifiable natural person. An affected individual is a person whose personal data we process.
Processing includes any handling of personal data, regardless of the means and methods used, such as querying, matching, adapting, archiving, retaining, extracting, disclosing, acquiring, recording, collecting, deleting, revealing, organizing, storing, modifying, distributing, linking, destroying, and using personal data.
The European Economic Area (EEA) includes the Member States of the European Union (EU) as well as the Principality of Liechtenstein, Iceland, and Norway. The General Data Protection Regulation (GDPR) refers to the processing of personal data as the processing of personal data.
2.2 Legal Bases
We process personal data – if and to the extent the General Data Protection Regulation (GDPR) is applicable – based on at least one of the following legal bases:
- Art. 6(1)(b) GDPR for the necessary processing of personal data to fulfill a contract with the affected individual and to carry out pre-contractual measures.
- Art. 6(1)(f) GDPR for the necessary processing of personal data to safeguard our legitimate interests or those of third parties, unless the fundamental rights and freedoms of the affected individual prevail. Legitimate interests include, in particular, our interest in conducting our activities and operations in a permanent, user-friendly, secure, and reliable manner and communicating about them, ensuring information security, protecting against abuse, enforcing our own legal claims, and complying with Swiss law.
- Art. 6(1)(c) GDPR for the necessary processing of personal data to fulfill a legal obligation to which we are subject under potentially applicable law of Member States in the European Economic Area (EEA).
- Art. 6(1)(e) GDPR for the necessary processing of personal data to perform a task carried out in the public interest.
- Art. 6(1)(a) GDPR for the processing of personal data with the consent of the affected individual.
- Art. 6(1)(d) GDPR for the necessary processing of personal data to protect the vital interests of the affected individual or another natural person.
3. Nature, Scope and Purpose
We process those personal data that are necessary to perform our activities and operations in a permanent, user-friendly, secure, and reliable manner. Such personal data may particularly fall into categories of inventory and contact data, browser and device data, content data, metadata, and usage data, location data, sales data, as well as contract and payment data.
We process personal data for the duration, necessary for the respective purpose(s) or as legally required. Personal data that is no longer required will be anonymized or deleted.
We may have personal data processed by third parties. We may process personal data jointly with third parties or transmit it to third parties. Such third parties may include specialized providers whose services we use. We ensure data protection with these third parties as well.
We process personal data only with the consent of the affected individual unless processing is permitted for other legal reasons. Processing without consent may be permissible, for example, to fulfill a contract with the affected individual and related pre-contractual measures, to safeguard our overriding legitimate interests, if processing is evident from the circumstances, or after prior information.
In this context, we particularly process information voluntarily provided by an affected individual when making contact – for example, via postal mail, email, instant messaging, contact forms, social media, or phone – or when registering for a user account. We may store such information, for example, in an address book or similar tools. If we receive data about other individuals, the transmitting individuals are obligated to ensure data protection for these individuals and ensure the accuracy of this personal data. We also process personal data received from third parties, obtained from publicly accessible sources, or collected during the exercise of our activities and operations,
to the extent and as long as such processing is legally permissible.
4. Personal Data Abroad
We generally process personal data generally and the European Economic Area (EEA). However, we may also export or transmit personal data to other states, particularly for processing.
We can export personal data to all countries and territories on Earth and elsewhere in the Universe where the local law, according to a decision of the Swiss Federal Council, ensures adequate data protection and, if applicable under the General Data Protection Regulation (GDPR), provides adequate data protection according to a decision of the European Commission. .
We may transmit personal data to states where local law does not ensure adequate data protection, provided data protection is ensured for other reasons, particularly based on standard data protection clauses or other suitable safeguards. In exceptional cases, we may export personal data to states without adequate or suitable data protection if specific data protection requirements are met, such as the explicit consent of affected individuals or a direct connection to the conclusion or performance of a contract. Upon request, we will gladly provide affected individuals with information about possible safeguards or provide a copy of any safeguards.
5. Rights of Affected Individuals
5.1 Data Protection Claims
We grant affected individuals all rights under the applicable data protection law. Affected individuals, in particular, have the following rights:
- Access: Affected individuals can request information about whether we process personal data about them and, if so, what personal data it is. Affected individuals will also receive the necessary information to assert their data protection claims and ensure transparency. This includes the processed personal data itself, but also information about the processing purpose, storage duration, potential disclosure or transfer of data to other countries, and the origin of the personal data, among other things.
- Rectification and Restriction: Affected individuals can correct inaccurate personal data, complete incomplete data, and request the restriction of the processing of their data.
- Erasure and Objection: Affected individuals can request the erasure of personal data (“right to be forgotten”) and object to the processing of their data for the future.
- Data Disclosure and Data Portability: Affected individuals can request the disclosure of personal data or the transfer of their data to another controller.
We can defer, limit, or refuse the exercise of the rights of affected individuals within the legally permissible framework. We can inform affected individuals of any requirements that must be fulfilled for the exercise of their data protection claims. For example, we may refuse to provide information entirely or partially with reference to trade secrets or the protection of other individuals. Similarly, we may refuse the erasure of personal data entirely or partially with reference to legal retention obligations.
We can exceptionally stipulate costs for the exercise of rights. We will inform affected individuals in advance of any potential costs.
We are obligated to identify affected individuals who request information or assert other rights with appropriate measures. Affected individuals are obligated to cooperate.
5.2 Right to Lodge a Complaint
Affected individuals have the right to enforce their data protection claims in court or lodge a complaint with a competent data protection supervisory authority.
The data protection supervisory authority for private controllers and federal entities in Switzerland is the Federal Data Protection and Information Commissioner (FDPIC).
Affected individuals also have the right to lodge a complaint with a competent European data protection supervisory authority , to the extent the General Data Protection Regulation (GDPR) is applicable.
6. Data Security
We implement appropriate technical and organizational measures to ensure data security that is proportionate to the respective risk. However, we cannot guarantee absolute data security.
Access to our website is secured using transport encryption (SSL / TLS, especially with the Hypertext Transfer Protocol Secure, abbreviated HTTPS). Most browsers indicate transport encryption with a padlock icon in the address bar.
Our digital communication is subject – like generally – to mass surveillance without cause or suspicion, as well as other surveillance by security authorities in Switzerland, the rest of Europe, the United States of America (USA), and other countries. We have no direct control over the processing of personal data by intelligence services, police authorities, and other security agencies.
7. Website Use
Cookies can be stored in the browser temporarily as “session cookies” or for a specific period as so-called persistent cookies. “Session cookies” are automatically deleted when the browser is closed. Persistent cookies have a specific storage duration. Cookies enable, among other things, the recognition of a browser on the next visit to our website, allowing for the measurement of the website’s reach, for example. However, persistent cookies can also be used for online marketing.
For cookies used for performance and reach measurement or advertising, a general objection (“opt-out”) is possible for numerous services through the AdChoices (Digital Advertising Alliance of Canada), the Network Advertising Initiative (NAI), YourAdChoices (Digital Advertising Alliance) or Your Online Choices (European Interactive Digital Advertising Alliance, EDAA).
7.2 Server Log Files
We may record the following information for each access to our website, provided it is transmitted from your browser to our server infrastructure or can be determined by our web server: date and time including time zone, Internet Protocol (IP) address, access status (HTTP status code), operating system including user interface and version, browser including language and version, accessed individual sub-page of our website including transferred data volume, and the last visited website in the same browser window (referrer).
We store such information, which may also constitute personal data, in server log files. The information is necessary to provide our website on a permanent, user-friendly, and reliable basis and to ensure data security, particularly the protection of personal data – even through third parties or with the assistance of third parties.
7.3 Tracking Pixels
We may use tracking pixels on our website, also known as web beacons. Tracking pixels – including those from third parties whose services we use – are small, usually invisible images that are automatically retrieved when visiting our website. Tracking pixels can collect the same information as server log files.
8. Notifications and Messages
We send notifications and messages via email and other communication channels such as instant messaging or SMS.
8.1 Success and Reach Measurement
Notifications and messages may contain web links or tracking pixels that record whether an individual message has been opened and which web links were clicked. Such web links and tracking pixels may also collect usage data for notifications and messages. We require this statistical data collection for success and reach measurement in order to effectively and user-friendly send notifications and messages based on the recipients’ needs and reading habits, and to provide them permanently, securely, and reliably.
8.2 Consent and Objection
As a rule generally explicitly consent to the use of your email address and other contact information, unless such usage is permissible for other legal reasons. For obtaining consent, we use the “double opt-in” procedure whenever possible, meaning you receive an email with a link that you must click to confirm, ensuring protection against abuse by unauthorized third parties. We may log such consents, including Internet Protocol (IP) addresses, as well as date and time for evidence and security purposes.
As a rule generally object to receiving notifications and messages, such as newsletters, at any time. By making such an objection, you can also object to the statistical data collection for success and reach measurement. Necessary notifications and messages related to our activities and operations remain unaffected.
8.3 Notification Service Providers
We send notifications and messages using specialized service providers.
We particularly use:
9. Social Media
We maintain a presence on social media platforms and other online platforms to communicate with interested individuals and provide information about our activities and operations. In connection with such platforms, personal data may also be processed outside of Switzerland and the European Economic Area (EEA).
For our Facebook social media presence , including the so-called Page Insights, we are – if and to the extent the General Data Protection Regulation (GDPR) applies – jointly responsible with Meta Platforms Ireland Limited is part of the Meta group (including in the USA). Page Insights provide information about how visitors interact with our Facebook presence. We use Page Insights to effectively and user-friendly provide our Facebook social media presence.
10. Third-Party Services
We use services from specialized third parties to carry out our activities and operations permanently, user-friendly, securely, and reliably. Such services allow us to embed features and content into our website. For such embedding, the used services, for technical reasons, collect at least temporarily the internet protocol (IP) addresses of users.
For necessary security-related, statistical, and technical purposes, third parties whose services we use may process data related to our activities and operations in an aggregated, anonymized, or pseudonymized form. This includes, for example, performance or usage data to offer the respective service.
We particularly use:
10.1 Digital Infrastructure
We use services from specialized third parties to access the required digital infrastructure related to our activities and operations. This includes hosting and storage services from selected providers.
We particularly use:
10.2 Map Material
We use services from third parties to embed maps into our website.
We particularly use:
- Google Maps including Google Maps Platform: Map service; Provider: Google; Google Maps-specific information: “How Google Uses Location Information.”.
10.3 Digital Audio and Video Content
We use services from specialized third parties to enable the direct playback of digital audio and video content, such as music or podcasts.
We particularly use:
- YouTube: VVideo platform; Provider: Google; YouTube-specific information: “Privacy and Security Center,”, “My Data on YouTube.”
We use services from third parties to embed selected fonts as well as icons, logos, and symbols into our website.
We particularly use:
- Google Fonts: Fonts; Provider: Google; Google Fonts-specific information: “Privacy and Google Fonts,” “Privacy and Data Collection.”
We use specialized service providers to securely and reliably process payments from our customers. For payment processing, the legal texts of each service provider, such as terms and conditions (T&Cs) or privacy policies, also apply.
We particularly use:
We use the opportunity to display targeted advertising for our activities and operations with third parties, such as social media platforms and search engines.
We aim to reach individuals who are already interested in or may be interested in our activities and operations(remarketing and targeting). For this purpose, we may transmit relevant, potentially personal information to third parties that enable such advertising. We may also determine whether our advertising is successful, particularly whether it leads to visits to our website (Conversion Tracking).
Third parties where we advertise and where you are logged in as a user may associate the use of our online offering with your profile there.
We particularly use:
- Google Ads: Search engine advertising; Provider: Google; Google Ads-specific information: Advertising based on search queries, using various domain names – notably doubleclick.net, googleadservices.com, and googlesyndication.com – for Google Ads, “Advertising” (Google), “Why am I seeing a specific ad?”..
11. Success and Reach Measurement
We use services and programs to determine how our online offering is used. In this context, we can measure the success and reach of our activities and operations, as well as the impact of third-party links to our website. Additionally, we may experiment and compare how different versions of our online offering or parts of our online offering are used (“A/B testing” method). Based on the results of success and reach measurement, we can, in particular, fix errors, strengthen popular content, or make improvements to our online offering.
When using services and programs for success and reach measurement, individual user Internet Protocol (IP) addresses must be stored. IP addresses are generally truncated (“IP masking”) to pseudonymize them and follow the principle of data minimization to improve the data protection of users.
When using services and programs for success and reach measurement, cookies may be used, and user profiles may be created. User profiles may include visited pages or viewed content on our website, information about screen size or browser window, and the approximate location. Generally , user profiles are created in a pseudonymous form only. We do not use user profiles to identify individual users. Certain third-party services where users are logged in may potentially associate the use of our online offering with the user’s account or profile on that specific service.
We particularly use:
12. Video Surveillance
We use video surveillance for the prevention of crimes and the preservation of evidence in criminal cases, as well as for the exercise of our right of access. This is – to the extent and as long as the General Data Protection Regulation (GDPR) applies – based on overriding legitimate interests according to Art. 6(1)(f) GDPR. .
We store recordings from our video surveillance for as long as necessary for preserving evidence.
We may retain recordings due to legal obligations, to enforce our own legal claims, and in case of suspected crimes, as well as transmit them to relevant authorities, particularly courts or law enforcement agencies.
13. Final Provisions
We look forward to your visit.
Stradung 31 | 7460 Savognin| Switzerland
Directions to the Piz Mitgel Hotel
Please always use the complete address when entering it into your navigation system: 7460 Savognin, Strandung 31.
Zürich – Savognin – 164 km – 1:48 Std.
Chur – Savognin – 46,5 km – 0:39 Std
St. Moritz – Savognin – 38,6 km – 0:43 Std
Travel by public transportation
Nearest Airport is Zürich or St. Gallen Altenrhein Flughafen Zurich
Travel comfortably and climate-neutral with public transportation and let your luggage travel alone. We collaborate with the Swiss Federal Railways (SBB) and are happy to pick up or deliver your luggage to the nearest train station! Please contact us for further information.
Nearest bus stop.