Privacy policy

Last update: 15.02.2024

I. General information

1. Introductory remarks

With this data protection declaration, Camping Jungfrau AG (hereinafter "Camping Jungfrau", "we" or "us") explains to its customers, users, business partners, applicants, authorities and other persons involved ("you") how personal data is collected and processed in the company. Responsible handling of your personal data is very important to us. 

You may only disclose personal data of third parties to us if you are authorised to do so and the personal data is correct. We ask you to ensure that the persons concerned are aware of this privacy policy. 

We alternate between the masculine and feminine form in this privacy policy. All other gender designations are also to be understood under the respective designation. 

We may amend this privacy policy at any time and without prior notice. The current version published on our website applies in each case.  

2. Responsible for data protection matters

Responsible for the content of this privacy policy and for the data processing described is 

Camping Jungfrau AG 
In the Weid  
Lauterbrunnen 
datenschutz@campingjungfrau.swiss 

For natural persons with a simple residence in countries of the European Economic Area (EEA) including the European Union (EU) and the Principality of Liechtenstein as well as for the country-specific supervisory authorities provided for in the GDPR, we designate the following person as EU data protection representative in accordance with Art. 27 GDPR: 

Lodgyslife Services AG 
Dornbachstrasse 1a 
61352 Bad Homburg v.d. Höhe 
E-mail: datenschutz@logdyslife.com 

3. Terminology 

By way of introduction, we clarify the most important terms used below for better understanding. In this respect, we adhere to the definitions of the Swiss Data Protection Act. 

• Personal data (GDPR: personal data): all information relating to an identified or identifiable natural person. 
• Data subjects: natural persons about whom data is processed; 
• particularly sensitive personal data (GDPR: special categories of personal data): (1) data concerning religious, philosophical, political or trade union beliefs or activities, (2) data concerning health, privacy or racial or ethnic origin, (3) genetic data, (4) biometric data uniquely identifying a natural person, (5) data relating to administrative or criminal prosecutions or sanctions and (6)data relating to social assistance measures. 
• Processing (GDPR: processing): any handling of personal data, regardless of the means and procedures used, in particular the collection, storage, retention, use, modification, disclosure, archiving, erasure or destruction of data. 
• Controller: private individual or federal body that decides, alone or together with others, on the purposes and means of processing. 
• Processor (GDPR: processor): private person or federal body that processes personal data on behalf of the controller. 

4. Legal basis for data processing

This Privacy Policy complies with the requirements of the Swiss Federal Act on Data Protection ("FADP") and the associated Ordinance ("DPO") as well as the General Data Protection Regulation of the European Union ("GDPR"). The type and scope of the applicable legislation depends on the individual case. Foreign data protection law is only applied insofar as this is mandatory under the applicable law and only for the data processing processes and persons affected. 

We comply with the applicable data protection regulations when processing personal data. 

The processing of personal data must not unlawfully violate the personality of the persons concerned. For this reason, such data processing must comply with the processing principles of data protection law and/or must be legitimised by a justification. In particular, we are legitimised to process personal data if the processing: 

• is based on a legal basis The  
  processing of personal data may be required or legitimised by law (e.g. statutory retention obligations). 
• is necessary for the fulfilment of a contract with the data subject or for pre-contractual measures The  
  main part of the processing of personal data in our company takes place in the context of the fulfilment of contractual obligations (e.g. booking of pitches or rental properties; organisation of banquets, birthday and anniversary celebrations, etc., which are held in our restaurant; table reservations in the restaurant, employment of staff) 
• is necessary for the purposes of the legitimate interests pursued by us or by a third party  
  A legitimate interest on our part exists in particular if the processing of personal data is necessary for the purposes described in Section 7 as well as the disclosure of data in accordance with section 10 and the associated objectives. 
• is based on consent  
  Insofar as the processing of personal data is based on your consent, we will inform you of this separately and transparently. You can revoke your consent at any time with effect for the future using the functions provided for this purpose (e.g. unsubscribe link for newsletters) or by sending us a written message (see contact point in the previous section). 2). After receiving your cancellation, we will cease the data processing concerned, unless we can base the processing on another justification. 
• is necessary to comply with domestic and foreign legal regulations. 

5. Categories of personal data 

Depending on the services you use and the respective relationship between you and us, we process the following categories of personal data in particular: 

• Master data (e.g. title, surname, first name, date of birth, address, gender, contact information, language, user names, copies of and details from official documents, etc.) 
• Contract data (e.g. information regarding the initiation, conclusion, processing, administration and termination of contracts between you and us, information in connection with job applications [see also the following section 15], interaction history, financial and payment information such as creditworthiness, information in connection with the enforcement of claims, bank details, etc.). 
• Communication data (e.g. content exchanged via the respective communication channel, type, time and, if applicable, location of the communication that took place, marginal data, etc.) 
• Behavioural and transaction data (e.g. in connection with the use of our website, visits to our locations, participation in events, competitions and surveys, use of electronic communication channels, etc.). 
• Technical data (e.g. IP addresses, device IDs, details of the devices and applications you use and their settings, the internet provider you use, user names, passwords [as hash values], information in connection with 2-factor authentication, log data, time and, if applicable, approximate location when using our services, etc.). 
• Marketing data (e.g. information on personal preferences and interests, subscriptions and unsubscriptions to newsletters, content of marketing correspondence) 
• Image and sound recordings (e.g. recordings of telephone and video conference calls [only after prior notification and, if necessary, with your consent], recordings in connection with customer events). 

6. Origin of the data

To a large extent, we collect personal data directly from you as the data subject. In particular, this includes master data, contract data, communication data, marketing data, behavioural data and transaction data. Such personal data is collected as part of the initiation and processing of business relationships and the use of our services. 

We may also collect personal data about you ourselves or automatically or derive it from existing data. This includes, in particular, behavioural and transaction data as well as technical data. 

Finally, we also receive personal data from third parties to the extent permitted by law. Such third parties include, in particular, persons from your environment (e.g. family members, fellow travellers), business partners, insurance companies, banks, authorities, official bodies, courts, parties and their legal representatives in the context of legal disputes, etc. We may also collect personal data from public sources (e.g. credit agencies, social media). 

7. Purposes of data processing 

We process the data collected in order to fulfil our legal and contractual obligations towards you and third parties. This includes in particular the establishment, administration and processing of contractual relationships, such as 

• the rental of pitches and properties on our campsite 
• Organisation of banquets, birthday and anniversary celebrations, etc., which are held in our restaurant 
• Table reservations in the restaurant 
• Employment of employees 
• the purchase of other goods and services on our campsite 

We also process the data collected to ensure communication with you, to provide and improve the services, services and information you have requested, to manage your use of and access to our services, services and information, to maintain our business relationship with you, to carry out advertising and marketing measures (insofar as we are authorised to do so, e.g. with your consent), to monitor the performance of our offering, to enforce legal claims or defend ourselves against them, to detect, prevent or clarify illegal activities, to monitor the performance of our offering, to enforce legal claims or to defend ourselves against them. to monitor and improve the performance of our offering, to enforce or defend ourselves against legal claims, to detect, prevent or investigate illegal activities, to ensure compliance with laws and recommendations of domestic and foreign authorities and internal regulations ("compliance"), to generally guarantee our operations (in particular IT, website, etc.) and to ensure administrative processes (e.g. data archiving, accounting, master data maintenance, quality assurance). 

8. Processing time for personal data  

We process your personal data for as long as we are legally obliged to do so (e.g. retention and archiving obligations) or our legitimate business interests require this (e.g. enforcement of or defence against claims, ensuring IT security) or as long as the purpose of collecting your data makes it necessary or the retention is technically required. In the case of contracts, data is generally stored for the duration of the contractual relationship and the statutory retention periods beyond this (usually 10 years). 

This may result in your personal data or extracts thereof having to be stored for several years after the end of the contractual relationship between you and us. If your personal data is no longer required for the above-mentioned purposes, it will be deleted or anonymised as far as possible. 

In certain cases, we may also store your personal data for longer - based on your consent (e.g. job applications that we hold pending). 

9. Data security

To secure your data, we maintain technical and organisational security measures in accordance with the current state of the art. 

Communication via our website is encrypted using the SSL/TLS encryption protocol. 

We would like to point out that even encrypted data transmission on the Internet always involves security risks. Complete protection of data against access by third parties cannot be guaranteed. 

We oblige our employees and business partners to maintain secrecy and confidentiality and to comply with the applicable data protection regulations. 

10. Disclosure of personal data to third parties 

Where legally permissible and necessary, we may also pass on certain personal data to third parties as part of our business activities. Where permitted, these third parties process your personal data either on our behalf (processor), in joint responsibility with us or on their own responsibility. These include, among others: 

• Group companies (in particular Camping Lodge AG): These group companies may use the transmitted data for the same purposes as we do (see section 7). 
• our service providers, such as banks, insurance companies, IT providers, debt collection companies, credit agencies, cleaning companies, advertising service providers, lawyers, external consultants, trustees, auditors, etc. 
• Business partners, such as insurance companies, sales partners, suppliers, etc. 
• Domestic and foreign authorities, official bodies and courts 
• Other parties in the context of administrative and court proceedings 
• Parties involved in corporate transactions (e.g. purchase, sale or merger of companies, business units, etc.) 
• Other third parties who are necessary to fulfil the purpose of the respective data processing 

Where necessary, we have concluded corresponding contracts with these third parties . In the event that contract processors are engaged, they undertake to comply with the data protection and data security provisions. Furthermore, they may only process personal data in accordance with our instructions. They also grant us comprehensive rights of inspection and control as well as rights of access, rectification and erasure. 

11. Disclosure of personal data abroad  

We generally process and store personal data in Switzerland and in the European Union (EU) or the European Economic Area (EEA). In certain cases, however, we may also disclose personal data to service providers and recipients located outside this area or process personal data outside this area, in principle in any country in the world. In particular, you must expect personal data to be disclosed to all countries in which the service providers we use and their subcontractors are located (in particular the USA). 

By taking appropriate measures, we ensure compliance with the legal requirements. Specifically, there is an adequacy decision by the competent authority. In the absence of such a decision, the transfer of personal data takes place on the basis of suitable guarantees (in particular standard contractual clauses approved by the European Commission and the Federal Data Protection and Information Commissioner [FDPIC]) or there are exceptions for certain situations (contract processing, law enforcement abroad, etc.) or we obtain your express consent. 

12. Your rights as a data subject 

Insofar as the legal requirements are met and no legal exceptions apply, you as the data subject have the following rights in particular: 

• to receive information on request as to whether and, if so, which personal data we process about you 
• Correction of incorrect or incomplete personal data 
• deletion or anonymisation of your personal data, provided this does not conflict with a legal obligation to retain data 
• on data portability 
• to revoke your consent to the processing of your personal data with effect for the future 
• to object to the processing of your personal data. 

Please note that these rights may be restricted or excluded in specific individual cases (e.g. to protect third parties or business secrets). 

In order to assert your rights as a data subject or if you have any questions about this privacy policy and the processing procedures described therein, you can contact the data protection officer listed in section 2 above. 

If you believe that your data has been processed unlawfully, we would be grateful if you could contact us directly. Alternatively, you can lodge a complaint with the supervisory authority responsible for you. The supervisory authority for data protection in Switzerland is the Federal Data Protection and Information Commissioner (FDPIC). In the EU, the complaint must be submitted to the respective national data protection authority. 

II. Supplementary information in connection with selected data processing 

13. Processing of personal data in the context of the use of our website and the services offered on it

13.1. Website hosting provider 

Our website is hosted by an external service provider (hoster). The personal data collected in the course of using the website is stored on the hoster's servers. This includes, in particular, server log files (e.g. name and URL of the accessed file, date and time of access, data volume, web browser and web browser version, operating system, the domain name of your internet provider, the so-called referrer URL (the page from which you accessed our website), the IP address), contact requests, meta and communication data, contract data, contact data, names, website accesses and other data. 

Our hoster will only process your data to the extent necessary to fulfil its performance obligations and follow our instructions with regard to this data. We have concluded an order processing contract with the hoster. 

Within the scope of the GDPR, the associated processing of your personal data is carried out either for the purpose of initiating and fulfilling a contract (Art. 6 para. 1 lit. b GDPR) or based on our legitimate interest (Art. 6 para. 1 lit. f GDPR) in providing a user-friendly, secure and efficient website in cooperation with a professional provider. 

13.2. Mail provider

Our mail servers are hosted by an external service provider (hoster). The personal data collected in the course of mail traffic is stored on the hoster's servers. This may include IP addresses, meta and communication data, contact data, names and other data. 

Our hoster will only process your data to the extent necessary to fulfil its performance obligations and follow our instructions with regard to this data. We have concluded an order processing contract with the hoster. 

Within the scope of application of the GDPR, the associated processing of your personal data is carried out either for the purpose of initiating and fulfilling a contract (Art. 6 para. 1 lit. b GDPR) or based on our legitimate interest (Art. 6 para. 1 lit. f GDPR) in processing the enquiries and communication content addressed to us and in providing secure, fast and efficient e-mail communication in cooperation with a professional provider. 

13.3. Cookies 

Our Internet pages use so-called "cookies". Cookies are small text files and do not cause any damage to your end device. They are stored on your device either temporarily for the duration of a session (session cookies) or permanently (permanent cookies). Session cookies are automatically deleted at the end of your visit. Permanent cookies remain stored on your end device until you delete them yourself or they are automatically deleted by your web browser. 

In some cases, cookies from third-party companies may also be stored on your end device when you use our website (third-party cookies). These enable us or you to use certain services of the third-party company (e.g. cookies for processing payment services). 

Cookies have various functions. Many cookies are technically necessary, as certain website functions would not work without them (e.g. displaying videos). Other cookies are used to evaluate user behaviour or display advertising. 

When you visit our website for the first time, you can select your preference regarding the use of cookies via the cookie banner, whereby the storage of technically necessary cookies cannot be prevented. If you do not agree to the storage of such cookies, please do not visit our website. You can change your preferences regarding the use of cookies at any time via XY on our website. 

You can configure your browser so that no cookies are stored on your computer or so that a message always appears when you receive a new cookie. On the following pages you will find explanations of how you can configure the processing of cookies in the most common browsers: 

• Microsoft's Windows Internet Explorer 
• Microsoft's Windows Internet Explorer Mobile 
• Mozilla Firefox 
• Google Chrome for desktop 
• Google Chrome for Mobile 
• Apple Safari for Desktop 
• Apple Safari for Mobile 

If cookies are deactivated, the functionality of this website may be restricted. 

We use cookies to carry out the electronic communication process, to provide certain functionalities or to optimise our website (technically necessary cookies). Within the scope of the GDPR, we store technically necessary cookies on the basis of our legitimate interest (Art. 6 para. 1 lit. f GDPR). If consent to the storage of cookies and comparable recognition technologies has been requested, the processing is based on your consent (Art. 6 para. 1 lit. a GDPR). Consent can be revoked at any time with effect for the future. 

13.4. Tracking & Analytik 

13.4.1. Google 

Our website uses Google Analytics, Google Ads, Google Maps, Google Tag Manager, Google reCAPTCHA from Google Inc. For the European area, the company Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible for all Google services (hereinafter "Google"). 

In addition to the following explanations, you will find further information on data protection at Google in the Google data protection declaration: https://policies.google.com/privacy. 

We have concluded an order processing contract with Google. 

Within the scope of application of the GDPR, this data is processed on the basis of our legitimate interest (Art. 6 para. 1 lit. f GDPR) in an appealing website and in increasing our reach or based on your consent (Art. 6 para. 1 lit. a GDPR). Consent can be revoked at any time with effect for the future. 

Google Analytics 

We use functions of the web analysis service Google Analytics on our website. Google Analytics uses "cookies", which are text files placed on your computer, to help the website analyse how users use the site (see section 13.3). The information generated by the cookie about your use of this website is usually transferred to a Google server in the USA and stored there. However, due to the activation of IP anonymisation on these websites, your IP address will be shortened beforehand by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area and Switzerland. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and truncated there. On behalf of the operator of this website, Google will use this information to analyse your use of the website, to compile reports on website activity and to provide the website operator with other services relating to website activity and internet usage. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data. 

The purpose of the data processing is to analyse the use of the website and to compile reports on activities on the website. Based on the use of the website and the Internet, further related services are then to be provided. The processing is based on the legitimate interest of the website operator. 

You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by Google by downloading and installing the browser plug-in available at the following link: https://tools.google.com/dlpage/gaoptout. 

In addition or as an alternative to the browser add-on, you can prevent tracking by Google Analytics on our pages by clicking on this link. This will install an opt-out cookie on your device. This will prevent the collection by Google Analytics for this website and for this browser in the future as long as the cookie remains installed in your browser. 

You can find more information on how Google Analytics handles user data here: https://support.google.com/analytics/answer/6004245. 

Google Ads 

This website uses Google Conversion Tracking. If you have reached our website via an advert placed by Google, Google Adwords will set a cookie on your computer. The cookie for conversion tracking is set when a user clicks on an advert placed by Google. These cookies lose their validity after 30 days and are not used for personal identification. If the user visits certain pages of our website and the cookie has not yet expired, we and Google can recognise that the user clicked on the ad and was redirected to this page. Each Google AdWords customer receives a different cookie. Cookies can therefore not be tracked via the websites of AdWords customers. The information collected using the conversion cookie is used to generate conversion statistics for AdWords customers who have opted for conversion tracking. Customers are told the total number of users who clicked on their advert and were redirected to a page with a conversion tracking tag. However, they do not receive any information that can be used to personally identify users. 

If you do not wish to participate in tracking, you can refuse the setting of a cookie required for this - for example, by using a browser setting that generally deactivates the automatic setting of cookies or by setting your browser so that cookies from the domain "googleleadservices.com" are blocked. 

Please note that you must not delete the opt-out cookies as long as you do not wish measurement data to be recorded. If you have deleted all your cookies in the browser, you must set the respective opt-out cookie again. 

Google Maps 

We use Google Maps on our website to display interactive maps and to provide directions. When you call up a web page on our website that has integrated Google Maps, your browser establishes a connection with the Google servers. In addition, Google Maps sets cookies (see above under section 13.3). By using Google Maps, various information (e.g. IP address, addresses entered, date and time of the website visit) can be transmitted to Google servers in the USA. 

You can find more information about data processing by Google here: https://policies.google.com/privacy. You can also change your personal data protection settings there in the data protection centre. Detailed instructions on managing your own data in connection with Google products can be found here. 

General information about Google Maps can be found at: https://www.google.com/intl/de/maps/about/#!/. 

Google Tag Manager 

Google Tag Manager is a solution with which we can manage so-called website tags via an interface and thus, for example, integrate Google Analytics and other Google marketing services into our online offering. The Tag Manager itself, which implements the tags, does not process any personal user data. With regard to the processing of users' personal data, please refer to the following information on Google services. Usage guidelines: https://www.google.com/intl/de/tagmanager/use-policy.html. 

Google reCAPTCHA 

We use Google reCAPTCHA. The associated query serves the purpose of distinguishing whether entries (e.g. in the contact form) are made by a human or by automated, machine processing. The query includes sending the IP address and any other data required by Google for the reCAPTCHA service to Google. For this purpose, your input is transmitted to Google and used there. According to Google, your IP address will be shortened beforehand within the member states of the EU/EEA and Switzerland. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and truncated there. Google uses this information to analyse your use of the service. According to Google, the IP address transmitted by your browser as part of reCAPTCHA will not be merged with other Google data. By activating the query, you consent to this processing of your data, which means that the data processing is based on your consent. You can find more information about Google reCAPTCHA at: https://www.google.com/recaptcha/about/. 

13.4.2. Meta 

We use selected tools from Meta. The provider of these tools is Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Ireland (hereinafter "Meta"). 

In addition to the following explanations, you will find further information on data protection at Meta in the Meta data protection declaration: https://www.facebook.com/privacy/policy  

We use the Meta Pixel from Meta on our website. With the help of the meta pixel or comparable tools, we want to optimise the customer experience by only displaying our services and products to those people who are interested in them. To this end, Meta collects certain information about visitors to our website and social media platforms. Based on this, we receive analyses regarding the way our website, services and products are used. Specifically, target groups can be created for the display of adverts. It also allows us to track the effectiveness of adverts for statistical and market research purposes by seeing whether users have been redirected to our website after clicking on an advert (known as "conversion tracking"). 

You can object to receiving customised advertising via this link: www.facebook.com/settings?tab=ads.  

We have concluded an order processing contract with Meta: https://www.facebook.com/legal/terms/dataprocessing  

Facebook and we are considered jointly responsible for certain data processing (e.g. Facebook fan page). Where necessary, we have therefore entered into corresponding agreements with Facebook to regulate the rights and obligations of both parties as joint controllers (see www.facebook.com/legal/terms/page_controller_addendum).  

Within the scope of application of the GDPR, this data is processed on the basis of our legitimate interest (Art. 6 para. 1 lit. f GDPR) in an appealing website and in increasing our reach or based on your consent (Art. 6 para. 1 lit. a GDPR). Consent can be revoked at any time with effect for the future. 

13.5. YouTube 

We operate a YouTube channel and embed videos from the YouTube platform on our website. The operator of the pages is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland. 

We use YouTube in extended data protection mode, which, according to YouTube, only initiates the storage of user information when the video is played. However, the transfer of data to YouTube partners is not necessarily excluded by the extended data protection mode. 

As soon as you start a YouTube video on our website, a connection is established to the YouTube servers (possibly also in the USA). In this context, YouTube learns which of our pages you have visited. If you are logged into your YouTube account, you also allow YouTube to associate your surfing behaviour directly with your personal profile. You can prevent this by logging out of your YouTube account. 

Furthermore, YouTube can store various cookies on your end device after starting a video or use comparable recognition technologies (e.g. device fingerprinting). In this way, YouTube can obtain information about you. According to YouTube, this serves, among other things, to record video statistics, improve user-friendliness and prevent abusive behaviour. 

After the start of a YouTube video, further data processing operations may be triggered over which we have no influence. 

We have concluded an order processing contract with Google. You can find more information here: https://www.youtube.com/t/terms_dataprocessing.  

Further information about data protection at YouTube can be found in their privacy policy at: https://policies.google.com/privacy. 

Within the scope of application of the GDPR, this data is processed on the basis of our legitimate interest (Art. 6 para. 1 lit. f GDPR) in a modern website and in increasing our reach or based on your consent (Art. 6 para. 1 lit. a GDPR). Consent can be revoked at any time with effect for the future. 

13.6. Newsletter 

On our website, we offer you the opportunity to subscribe to our newsletter, which we use to inform you about our services at regular intervals. 

In order to send you the newsletter, we need your e-mail address and information that allows us to verify that you are the owner of the e-mail address provided and that you agree to receive the newsletter. This data is used exclusively for sending the newsletter. 

We use the so-called double opt-in procedure to register for the newsletter. After registering, you will receive an e-mail in which we ask you to confirm your registration. Subscriptions to the newsletter are logged. This includes storing the time of registration and confirmation as well as the IP address. Any changes to your stored data are also logged. 

You can revoke your consent to the storage of your personal data and its use for sending the newsletter at any time. There is a corresponding link in every newsletter.  

We use the services of Microsoft Dynamics to process, send and analyse the newsletter. You can find their privacy policy here: https://learn.microsoft.com/de-de/dynamics365/customer-insights/journeys/privacy.  

Within the scope of application of the GDPR, the associated processing of your personal data is based on our legitimate interest (Art. 6 para. 1 lit. f GDPR) in providing appropriate information to our existing customers or based on your consent (Art. 6 para. 1 lit. a GDPR). Consent can be revoked at any time with effect for the future. 

13.7. Payment service provider

We use external payment service providers to process payments via our website. When you make a payment, your payment details are forwarded to the respective payment service provider via an interface on our website in order to process the payment. 

The data processed by the payment service providers includes master data such as name and address, bank details (including account numbers or credit card numbers), passwords, TANs and checksums as well as contract data. The information is required to carry out the transactions. However, the data entered is only processed by the payment service providers and stored by them. As the operator, we do not receive any information about the (bank) account or credit card, but only information to confirm (accept) or reject the payment. 

Payment service providers adhere to the standards set by PCI-DSS, which are managed by the PCI Security Standards Council. This is a joint effort by brands such as Visa, Mastercard, American Express and Discover. PCI-DSS requirements help to ensure the secure handling of payment information. 

We use as payment service provider: 

• Visa: The provider is Visa Europe Services Inc, 1 Sheldon Square, London W2 6TT, United Kingdom. Further information on their data protection practices can be found at: https://www.visaeurope.ch/de_CH/legal/global-privacy-notice.html. 
• Mastercard: The provider is Mastercard Europe SA, Chaussée de Tervuren 198A, B-1410 Waterloo, Belgium. Further information on their data protection practices can be found at: https://www.mastercard.ch/de-ch/datenschutz.html. 
• American Express: The provider is Swisscard AECS GmbH, Neugasse 18, 8810 Horgen. Further information on their data protection practices can be found at: https://www.swisscard.ch/de/rechtlichebedingungen-hinweise#datenschutz. 
• ApplePay: The provider is Apple Inc, Infinite Loop, Cupertino, California, USA. Further information on their data protection practices can be found at: https://www.apple.com/chde/legal/privacy. 

Within the scope of application of the GDPR, the associated processing of your personal data is carried out either for the purpose of initiating and fulfilling a contract (Art. 6 para. 1 lit. b GDPR) or based on our legitimate interest (Art. 6 para. 1 lit. f GDPR) in providing a secure, fast and efficient payment option in cooperation with professional providers. 

13.8. Links to other websites 

Our website contains hyperlinks to third-party websites that are not operated or controlled by us. We are not responsible for their content or data protection practices. 

14. Processing of personal data in the context of interaction with our social media channels 

14.1. General information 

We maintain the publicly accessible profiles in social networks listed below. In connection with the use of social networks, we would like to draw your attention to the following: 

When you visit our profiles on social networks, personal data may be collected about you. For example, if you are logged into your social network accounts and visit our profile at the same time, the portal operator can assign this visit to your user account. However, even if you have logged out of your account or if you do not have an account with the respective portal, your personal data may be collected. Such data can be collected, for example, by setting cookies. Based on the data collected in this way, the portal operators can create user profiles and show you interest-based advertising. Further information on this can be found in the respective data protection declarations of the portal operators. 

The use of social networks and the associated data processing is based on our legitimate interest. In particular, we want to present ourselves on the Internet and increase our reach. 

Within the scope of the GDPR, we use social networks in the interest of presenting our online services in an appealing manner, increasing our reach and advertising our services. This is our legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR. If a corresponding consent has been requested, the processing is carried out on the basis of Art. 6 para. 1 lit. a GDPR. Consent can be revoked at any time with effect for the future. 

14.2. Facebook 

We operate a profile on Facebook. The provider is Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Ireland (hereinafter "Facebook"). 

If you have a Facebook user account, you can interact with us via Facebook. As part of this interaction, we process the personal data you provide. 

You can find more information on data protection at Facebook here: https://www.facebook.com/policy.php.  

14.3. Instagram 

We operate a profile on Instagram. The provider is Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Ireland (hereinafter "Instagram"). 

If you have a user account with Instagram, you can interact with us via Instagram. As part of this interaction, we process the personal data you provide. 

Further information on data protection at Instagram can be found here: https://instagram.com/about/legal/privacy/. 

15. Processing of personal data of applicants 

We use the REFLINE recruiting tool as part of the recruitment process. The provider is Refline AG, Baarermattstrasse 10, 6340 Baar, Switzerland. The company's privacy policy can be found here. We have concluded an order processing contract with the provider. 

If necessary, we can also work with other external partners (e.g. job portals and recruitment agencies). In this case, please also note the data protection notices of these partners. 

We treat your data as strictly confidential. Your personal data will only be passed on to persons who are responsible for processing your application. 

We process the personal data sent to us as part of your application and the personal data collected as part of the application process, insofar as this is necessary for the decision on the conclusion and implementation of an employment contract. This includes 

• Master data (surname, first name, address, contact details, date of birth, marital status, etc.) 
• Information on your educational, professional and personal qualifications 
• Information that we have collected as part of the application process (e.g. as part of assessments) 
• Other information that you have sent to us in connection with your application 

We process your personal data in this regard for as long as this is necessary for the decision on your application. They will be deleted a maximum of six months after the end of the application process, unless longer storage is legally required or permitted or you have not consented to longer storage. 

If an employment relationship is established following the application process, your application documents will be transferred to your personnel file.