VALBELLA RESORT AG, Voa Selva 4, 7077 Valbella, Switzerland (hereinafter also referred to as “Resort”, “we”, “us” or “our”), collects and processes personal data relating to you or other individuals (so-called “third parties”). In this Privacy Policy, we use the term “data” as a synonym for “personal data”.
In this Privacy Policy, we describe how we process your data when you use valbellaresort.ch, other websites operated by us, or our apps (hereinafter collectively referred to as the “Website”), when you purchase our services or products, when you otherwise interact with us in connection with a contract, communicate with us, or have any other dealings with us. Where appropriate, we will inform you of additional data processing activities not mentioned in this Privacy Policy through timely written notification. In addition, we may inform you separately about the processing of your data, for example in consent forms, contractual terms, additional privacy notices, forms, or other communications.
If you provide us with data about other persons such as family members, colleagues, etc., we assume that you are authorized to do so and that such data is accurate. By providing data about third parties, you confirm this. Please also ensure that these third parties have been informed about this Privacy Policy.
This Privacy Policy is designed to comply with the requirements of the EU General Data Protection Regulation (“GDPR”), the Swiss Federal Act on Data Protection (“FADP”), and the revised Swiss Federal Act on Data Protection (“revFADP”). However, whether and to what extent these laws apply depends on the specific circumstances of each case.
Your trust is important to us. We therefore take data protection seriously and ensure appropriate security through organizational and technical measures. Our employees receive regular training on data protection matters.
Responsible Entity and Contact
For any data protection concerns and for the exercise of your rights in accordance with Article 14 revFADP, you may contact us at:
Valbella Resort AG
Voa Selva 4
CH-7077 Valbella
privacy@valbellaresort.ch
Additional Appointments
We have appointed the following additional representatives:
EU Data Protection Representative in accordance with Article 27 GDPR
KIRKBI A/S
Koldingvej 2
DK-7190 Billund
GDPR@KIRKBI.com
You may also contact this representative regarding data protection matters.
1.1. General
All personal data recorded as part of the registration or created during the use of the technology and protected by the Federal Data Protection Act ("DSG") or Regulation (EU) 2016/679 (General Data Protection Regulation; "GDPR") will be protected and used exclusively for the purpose of fulfilling the contract, unless, in particular in accordance with this privacy policy, you have given your express consent to further use or the applicable law allows it.
We can collect master data from you (company name, name, address, email, etc.), personal data about the services you have purchased, your payment transaction data, your online preferences, and your customer feedback. We use this personal data to communicate with you, conclude and conduct business with you, operate the technology, for billing, for market research, and for marketing, e.g. to analyse our customer base or to contact you by mail, telephone, email, or text messages.
We may collect personal data about your creditworthiness in order to protect ourselves against payment defaults. Your browsing and usage data will then be collected. This includes, for example, the IP address, the information which device, browser and browser version you visited the technology with and when, which operating system you are using, from which website or app you have accessed our technology via a link, and which elements of the technology you use and how. This personal data is saved together with the IP address of your access device information. They are used to correctly display and optimise our technology, protect it against attacks or other legal violations, and personalise the technology for you.
1.2. Use of technology
When you visit our website, our servers temporarily save each access in a log file. The following user and device data, as well as personal data, are recorded without any action on your part and stored by our host (ISP - Internet Service Provider):
This data is collected and processed for the purpose of facilitating the use of our website (establishing a connection), ensuring long term system security and stability, and allowing for our website to be optimised, as well as for internal statistical purposes. This is our legitimate interest in the data processing.
The IP address is also evaluated together with the other data in the event of attacks on the network infrastructure or other unauthorised or improper website uses for clarification and defence and, if necessary, used in criminal proceedings for identification and civil and criminal proceedings against the users concerned. This is our legitimate interest in the data processing.
1.3. Use of our contact forms
You have the option of using a contact form to get in touch with us. For this purpose, we require the following data:
We will mark the mandatory entries (*). If this information is not made available, it may hinder the provision of our services. The provision of personal data in other fields is voluntary. The provision of other information is optional and has no influence on the use of our technology.
We only use this data to respond to your contact request in the best possible and personalised way. Therefore, processing this data is necessary to carry out pre-contractual measures or is in our legitimate interest. You can inform us at any time that you no longer wish this voluntarily disclosed personal data to be processed (see Section 6 "Your rights" below).
1.4. Registration for our newsletter
You can subscribe to our newsletter on our website. Registration is required for this. The following data must be submitted as part of the registration:
The email address is essential for sending the newsletter. You can voluntarily submit salutation and name so we can address you personally. By registering, you give your consent to process the specified data for the regular dispatch of the newsletter to the address you indicated and for the statistical analysis of user behaviour and the optimisation of the newsletter. We are entitled to commission third parties with the technical processing of advertising measures and to disclose your data for this purpose. At the end of each newsletter, there is a link that you can use to unsubscribe from the newsletter at any time. After unsubscribing, your personal data will be deleted.
We use third-party email marketing services to send our newsletter. Our newsletter can therefore contain so-called web beacons (tracking pixel) or similar technical means. A web beacon is a 1x1 pixel, an invisible graphic associated with the user ID of the respective newsletter subscriber. This pixel is only activated when you display the newsletter images. The use of appropriate services allows for the analysis of whether our newsletter emails have been opened. In addition, it can also be used to record and evaluate the click behaviour of newsletter recipients. We use this data for statistical purposes and to optimise the newsletter in terms of content and structure. This allows us to better align the information and offers in our newsletter with the interests of our readers. The tracking pixel is deleted when you delete the newsletter. To prevent tracking pixels in our newsletter, please set your email program in such a way that no HTML is displayed in messages.
1.5. Booking through technology, by correspondence, or by phone
If you make bookings either via our technology, by correspondence (email or mail), or by phone call, we need the following data to process the contract:
We will only use this data and other information voluntarily provided by you (e.g. expected arrival time, license plate, preferences, comments) to process the contract unless otherwise stated in this privacy policy or you have not given your separate consent. We will process the data by name to record your booking as requested, provide the services booked, contact you should questions or problems arise, and ensure correct payment. The legal basis for data processing for this purpose is the performance of a contract.
1.6. Use of your data for advertising purposes
a. Creation of pseudonymised usage profiles
In order to be able to provide you with personalised services and information on our technology (on-site targeting), we use and analyse the data that we collect about you when you visit the website. So-called cookies may also be used for the corresponding processing (see section 1.7 below). The usage data is only merged with pseudonymised, but never with non-pseudonymised personal data. To facilitate personalised marketing in social networks, we use so-called remarketing pixels on the technology. If you have an account with a social network and are logged in there at the time of the page visit, this pixel links the page visit to your account. You can make further settings for advertising in the respective social networks in your user profile.
b. Retargeting
We use retargeting technologies on the technology. Your user behaviour is analysed on our technologies in order to be able to offer you advertising tailored to your individual needs on partner websites. Your user behaviour is recorded in a pseudonymised manner. Most retargeting technologies work with cookies (see section 1.7 "Cookies" below). You can prevent retargeting at any time by rejecting or deactivating the relevant cookies in the menu bar of your web browser. You can also request an opt-out for the other advertising and retargeting tools mentioned on the Digital Advertising Alliance website at optout.aboutads.info.
c. Remarketing and retargeting technologies used
The following remarketing pixels are used on our technology:
Meta Pixel
We use the Meta remarketing pixel on our technology, a service provided by Meta Inc., 1601 S California Ave, Palo Alto, California 94304, USA ("Meta"). If you have a Meta account and are logged in when you visit the page, this pixel links the visit to your account. The data generated this way is transmitted to Meta Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA, and processed there. This way, the behaviour of the site visitors can be tracked after they have been redirected to the provider's website by clicking on a Meta ad. This allows the effectiveness of Meta advertisements to be analysed for statistical and market research purposes and future advertising measures to be optimised.
The data collected is anonymous for us as the operator of this website; we cannot draw any conclusions about the user's identity. However, the data is stored and processed by Meta, so a connection to the respective user profile is possible, and Meta can use the data for its own advertising purposes in accordance with the Meta data usage guidelines. This enables Meta to place advertisements on Meta pages as well as outside of Meta.
As the website operator, we cannot influence this use of the data. You will find further information on protecting your privacy in Metas privacy policy: www.facebook.com/about/privacy/. You can also deactivate the "Custom Audiences" remarketing function in the advertising settings area. To do this, you have to be logged in to Meta.
X Pixel
We use Twitter's remarketing pixel on our technology, a service provided by Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA ("Twitter"). If you have a Twitter account and are logged in when you visit the page, this pixel links the visit to the page with your account. You can change your privacy settings on Twitter in the account settings at twitter.com/account/settings. Further information can be found in Twitter's privacy policy at twitter.com/privacy.
Google AdWords und Google Doubleclick
We use Google AdWords and Google DoubleClick, two services of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (register number: 368047) ("Google"), to place advertisements based on the use of previously visited websites.
For this purpose, Google uses the so-called DoubleClick cookie, which enables your browser to be recognised when you visit other websites. The information generated by the cookie about your visit to this technology (including your IP address) will be transmitted to and stored by Google on servers in the United States (for additional information on the transfer of personal data to the USA, see section 4.3 "Transmission of personal data abroad").
Google will use this information to evaluate your use of the technology with regard to the advertisements to be placed, to compile reports on website activity and advertisements for the website operator and to provide other services relating to website activity and internet usage. Google may also transfer this information to third parties if this is required by law or if third parties process this data on behalf of Google. According to Google, however, your IP address will in no case be associated with other Google data.
Further information on Google AdWords and Google DoubleClick is available at: marketingplatform.google.com/about/enterprise/, as well as on data protection at Google in general: www.google.de/intl/de/policies/privacy
Google Tag Manager
We also use Google Tag Manager to manage the usage-based advertising services. The Tag Manager tool is a cookieless domain and does not collect any personal data. Rather, the tool triggers other tags, which in turn may collect data. If you have deactivated it at the domain or cookie level, it will remain in effect for all tracking tags implemented with Google Tag Manager. Further information on data protection at Google, in general, can be found at www.google.de/intl/de/policies/privacy.
TYPO3
Our website is operated using the content management system TYPO3 of the TYPO3 Association. This system is used for the technical provision and management of the content on our website.
When you access our website, certain data is processed for technical reasons, in particular your IP address, the date and time of the request, browser type, and the pages accessed. This processing is necessary to ensure the functionality, stability, and security of our website.
The processing is based on Art. 6 para. 1 lit. f GDPR. Our legitimate interest lies in the secure and reliable provision of our website. Further information about TYPO3 can be found at: https://typo3.org
Brevo
We use the service Brevo (formerly Sendinblue), provided by Sendinblue GmbH, Köpenicker Str. 126, 10179 Berlin, Germany, to send our newsletters. If you subscribe to our newsletter, your email address and, where applicable, your name will be stored and processed for the purpose of sending the newsletter. Brevo also allows us to analyse the performance of our newsletters (e.g. open and click rates) in order to improve our content and offers.
The processing is based on your consent in accordance with Art. 6 para. 1 lit. a GDPR. You may withdraw your consent at any time via the unsubscribe link included in every newsletter or by contacting us. Further information on data protection at Brevo can be found at: https://www.brevo.com/de/legal/privacypolicy/
Picflow
We use the service Picflow provided by Picflow AG, Hardturmstrasse 161, 8005 Zurich, Switzerland, to provide and enable the download of image material. Through Picflow, we provide media files such as press images in online galleries. In this context, technical data as well as information about accesses and downloads may be processed to ensure the functionality, security, and proper use of the gallery.
The processing is based on our legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR in providing media content efficiently and in a user-friendly manner. Further information on data protection at Picflow can be found at: https://help.picflow.com/en/collections/3116271-terms-policies
1.7. Cookies
We use cookies in our technology. Cookies are information files that your web browser automatically saves on your computer's hard drive when you visit or use our technology. Cookies help in many ways to make your visit to our website easier, more pleasant, and more meaningful.
The most common types of cookies are explained below:
Cookies neither damage your computer's hard drive nor is personal user data transmitted to us by these cookies. We use cookies, for example, to better tailor the information, offers, and advertising displayed to you to your interests. This use does not mean that we receive new personal data about you as an online visitor.
Most internet browsers automatically accept cookies. However, you can configure your browser to store no cookies on your computer, or you are always notified when you receive a new cookie. Please refer to the links below for help with commonly used browsers.
Deactivating cookies may mean that you cannot use all the functions of our website.
1.8. Tracking-Tools
a. General
We use so-called tracking tools on our website. These tracking tools monitor your surfing behaviour on our website. This monitoring takes place for the purpose of the needs-based design and continuous optimisation of our website. In this context, pseudonymised usage profiles are created, and small text files stored on your computer (so-called cookies) are used.
The third-party entrepreneur does not receive any personal data from us, but can track your use of our website, combine this information with data from other websites that you have visited and are also tracked by the third-party entrepreneur, and use this information for their own purposes (e.g. advertising management). Third-party entrepreneurs can also use permanent cookies, pixel tags, or similar technologies for this purpose. The processing of your personal data by the third-party company is then the responsibility of the service provider in accordance with their privacy policy.
b. Tracking tools used
The following tracking tools are used:
Google Analytics
Google Analytics is a service from Google. We use Google Analytics on our website in order to be able to create an anonymous analysis of website usage. To do this, a cookie is set, and the session's log data is sent to Google. Further information on Google Analytics is available at: marketingplatform.google.com/about/enterprise/, as well as general data protection at Google: www.google.de/intl/de/policies/privacy.
MyFonts
We use MyFonts technology to optimise the presentation of the website. MyFonts is a service from MyFonts Inc, 600 Unicorn Park Drive, Woburn, MA 01801, USA. MyFonts will write a cookie for statistical purposes. You can find more information about the web analysis service used on the MyFonts website. Further information on data protection at MyFonts can be found at www.myfonts.com/legal/website-use-privacy-policy.
ReCaptcha
ReCaptcha is a service from Google. We use ReCaptcha to determine whether a person or a computer makes a certain entry in our form. Google uses the following data to check whether you are a person or a computer: IP address of the device you are using, the website you are visiting and on which the captcha is integrated, the date and duration of the visit, the identification data of the browser and operating system type used, Google account if you are logged into Google, mouse movements on the reCaptcha areas and tasks for which you have to identify images. There is a legitimate interest on our part in this data processing to ensure the security of our website and to protect us from automated input (attacks).
Looker Studio
Our company uses Looker Studio (formerly Google Data Studio), a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, for data visualization and reporting. Looker Studio enables us to combine and display data from various sources—particularly analytics and marketing tools such as Google Analytics or Google Ads—in reports and dashboards. In this context, personal data such as IP addresses, usage data, or technical information may also be processed.
The processing is carried out solely for the purpose of analysing the use of our website and optimising our online services and marketing activities, and is based on your consent in accordance with Art. 6 para. 1 lit. a GDPR via our cookie or consent banner. Further information on Google’s privacy practices can be found at:https://policies.google.com/privacy
2.1. Data processing to meet legal reporting requirements
Upon arrival at our resort, we need the following information from you and your fellow travellers:
We collect this information to fulfil legal reporting obligations, particularly from hospitality or police law. As far as we are obliged to do so under the applicable regulations, we will forward this information to the responsible police authority.
2.2. Documentation of services received
If you receive additional services during your stay (e.g. visit a restaurant or use the mini-bar, etc.), the object of the service, as well as the time at which the service was received, will be recorded for billing purposes.
2.3. Guest surveys
Our guests have the opportunity to give us feedback on our services and their experiences. This serves to develop and improve our guest services further. For this purpose, provided email addresses are transmitted to the company "Medallia Ltd." in Palo Alto, CA, USA. For more information, see Medallia Ltd.'s privacy policy.
2.4. Use of guest WLAN
We operate the WLAN network provided in our hotel. The following data can be processed: [IP address, MAC address of your device and the specified name]. In addition, certain usage data can be stored, such as websites visited, date and time, and the IP address.The legal basis for processing this data for this purpose is our legitimate interest in providing WLAN access during your stay and/or your consent to use our WLAN. A given consent can be revoked at any time with effect for the future.
In the following, we provide information about the scope, purpose, and use of the personal data collected during the application process. We assure you that the collection, processing, and use of the data will be carried out in accordance with the applicable data protection laws and all other statutory provisions and that the data will be treated with strict confidentiality.
3.1. Recruitee
Our company uses the e-recruiting software Recruitee, provided by Recruitee B.V., Keizersgracht 313, 1016 EE Amsterdam, Netherlands, to manage and process job applications. The personal data you submit as part of your application is collected, stored, and processed through this platform. Recruitee provides the technical infrastructure for this purpose and processes the data on our behalf in accordance with applicable data protection regulations.
Access to your data is restricted to employees of Valbella Resort and responsible managers involved in the respective recruitment process. No automated decision-making takes place. In addition to our own provisions, the terms and privacy policy of Recruitee apply. These can be found at: https://recruitee.com/privacy-policy
3.2. Marseco
Our company works with the e-recruiting system "cvmanager", which is operated by the company PowerSearch Management Consulting. The company is located at Rätusstrasse 23, CH - 7000 Chur, Switzerland (UID: CHE-106.838.373). The cvmanager takes over the data storage of application documents and offers processes for the processing of these data within the framework of commissioned data processing. Neither machine analysis in detail (profiling) nor automated data processing procedures for decision-making (matching) are used in the processing of personal data by cvmanager. The security and confidentiality of the applicant data are therefore guaranteed. Further information and the data protection guidelines regarding the cvmanager can be found on the website: marseco.ch/datenschutz/
3.3. Scope and purpose of the data collection
If you send us an application, we process the associated personal data (e.g. contact and communication data, application documents, notes in the context of job interviews, etc.), as far as it is necessary for the decision on the establishment of an employment relationship. The processing of this data is necessary to implement pre-contractual measures or is in our legitimate interest. You can inform us at any time that you no longer want this voluntarily provided personal data to be processed.
The personal data will only be passed on to persons within our company who are involved in processing the application. If the application is successful, the data submitted will be stored in our data processing systems for the purpose of conducting the employment relationship.
3.4. Processing of the data for applicants that were not hired
We reserve the right to store your application documents for a maximum of two years, even after the application process has been completed so that we can contact you to possibly fill other positions. If you do not agree with this practice, please let us know.
4.1. General information
Plugins are small additional programs that extend the functions of web applications. The plugins described in detail below are used on our technology.
Social media plugins are deactivated by default on our website whenever possible and therefore do not send any data. You can activate the plugins by clicking the corresponding social media button. If these plugins are activated, your browser establishes a direct connection with the servers of the respective social network as soon as you access one of our websites or use our technology. The content of the plugin is transmitted directly from the social network to your browser, which integrates it into the website. The plugins can be deactivated again with one click.
4.2. Used plugins
a. Meta plugins (like & share button)
Meta plugins are integrated into our technology. You can recognise the Meta plugins by the Meta logo or the "Like" button on our website. You can find an overview of the Meta plugins at https://developers.facebook.com/docs/plugins/.
The plugin establishes a direct connection between your browser and the Meta server when you visit our website. Meta receives the information that you have visited our website with your IP address. If you click the Meta "Like" button while you are logged into your Meta account, you can link the content of our pages to your Meta profile. This enables Meta to assign your visit to our website to your user account. We have no knowledge of the content of the transmitted data or their use by Meta. Further information can be found in Metas privacy policy at https://www.facebook.com/privacy/policy/?entry_point=data_policy_redirect&entry=0
If you do not want Meta to be able to assign your visit to our website to your Meta user account, please log out of your Meta user account.
b. X
X plugins are integrated into our technology. By using X and the "Retweet" function, your visit to our website will be linked to your X account and made known to other users. This data is also transmitted to X. We have no knowledge of the content of the data transmitted or how it is used by X. You can change your privacy settings on X in the account settings at https://x.com/settings/account. Further information can be found in X's privacy policy at https://x.com/de/privacy.
c. Instagram
Instagram plugins are integrated into our technology. The provider is Instagram Inc., 1601 Willow Road, Menlo Park, CA 94025, USA. If you are logged into your Instagram account, you can link the content of our pages to your Instagram profile by clicking the Instagram button. This enables Instagram to assign your visit to our website to your user account. We have no knowledge of the content of the data transmitted or how it is used by Instagram. For more information, see Instagram's privacy policy at instagram.com/about/legal/privacy/.
d. Pinterest
On this website, we use social plugins from the social network Pinterest, which is operated by Pinterest Inc., 808 Brannan Street, San Francisco, CA 94103-490, USA. When you visit a page that contains such a plugin, your browser establishes a direct connection to the Pinterest servers. The plugin transmits log data to the Pinterest server in the USA. This log data may contain your IP address, the address of the websites you have visited, which also contain Pinterest functions, the type and settings of the browser, the date and time of the request, your use of Pinterest and cookies. Further information can be found in the privacy policy of Pinterest.
e. LinkedIn
This website uses functions of the LinkedIn network. The provider is the LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA. Each time a page on this website that contains LinkedIn functions is accessed, a connection to the LinkedIn servers is established. LinkedIn is informed that you have visited this website with your IP address. If you click the LinkedIn "Recommend" button and are logged into your LinkedIn account, LinkedIn can assign your visit to this website to you and your user account. As the provider of the website, we would like to point out that we have no knowledge of the content of the data transmitted or of how it is used by LinkedIn. Further information can be found in LinkedIn's privacy policy.
f. Vimeo
On our technology, you will find films that are integrated from Vimeo. Vimeo is a product of Vimeo, Inc., 555 West 18th Street, New York, New York 10011, USA. The films are displayed using I-frame. This means that an external website is being accessed in the area of the website where the film is displayed. The data processing in this I-frame is beyond our control. For more information, see Vimeo's privacy policy.
g. TrustYou
On our website, we use the plugin from TrustYou Munich Center of Technology, Agnes-Pockels-Bogen 1, 80992 Munich. TrustYou is a service that collects hotel reviews and prepares them for reports. We use data from TrustYou in order to be able to offer our guests independent reviews of our service. Further information can be found in the data protection provisions of TrustYou.
h. TripAdvisor
Our website uses the social media plugin from TripAdvisor Inc., 400 1st Avenue, Needham, MA 02494 USA. TripAdvisor is an online travel company that collects user reviews of guest experiences and combines them with booking recommendations. We use the Tripadvisor widget to present opinions about us in a neutral way. TripAdvisor will place a cookie on your computer as soon as you access a page with the widget. Please see TripAdvisor's privacy policy for more information.
i. Google Maps
On our technology, you will find maps that are integrated from Google Maps. Google Maps is a product of Google. The maps are displayed using I-frame. This means that an external website is being accessed in that area of the website. The data processing in this I-frame is beyond our control. Google will assign access to your Google account. Further information can be found in Google's privacy policy.
j. HolidayCheck Plugin
We use the social media plugin from HolidayCheck Online Travel Agency, Bahnweg 8, CH-8598 Bottighofen, on our website. HolidayCheck is a service that collects reviews of hotels and prepares them for reports. We use data from HolidayCheck in order to be able to provide our visitors with independent reviews on the service. For further information, please see HolidayCheck's privacy policy.
k. HotelCareer
We publish links to job advertisements on our site. Please note that these links forward to pages operated by YOURCAREERGROUP GmbH, Lindenstrasse 25, 8302 Kloten ("YOURCAREERGROUP GmbH"). YOURCAREERGROUP GmbH is responsible for these pages in terms of data protection. When you click on the respective link, your IP address is sent to YOURCAREERGROUP GmbH. The legal basis for the links is a legitimate interest that we have, namely a comprehensive provision of services to our users. Further information can be found in Hotelcareer's privacy policy.
l. Protel
Offers can be booked on our site via the Web Booking Engine (WBE) from Protel Hotelsoft ware GmbH, Europaplatz 8, 44269 Dortmund, Germany. As long as you do not access the booking engine, Protel will not be activated. Even though the WBE can be reached through the technology, it is still a separate system operated by Protel. You will therefore have to accept their own privacy policy for this part of the page. For further information on the WBE, please refer to Protel's privacy policy.
m. Simple Booking
For online reservations on our website, we use the booking system Simple Booking provided by QNT S.r.l., Via Lucca 52, 50143 Florence, Italy. During the booking process, personal data such as your name, email address, stay details, and, where applicable, payment information are processed in order to handle your reservation, fulfil the accommodation contract, and ensure communication regarding your booking.
The processing is carried out for the performance of a contract or in order to take steps prior to entering into a contract in accordance with Art. 6 para. 1 lit. b GDPR. Further information on data protection at Simple Booking can be found at: https://www.simplebooking.travel/privacy-policy.
n. Gastronovi
Gastronovi is a table reservation system from Gastronovi GmbH, Buschhöhe 6, 28357 Bremen, Germany. The table reservation automatically collects and saves information in so-called server log files, which are automatically transmitted to Gastronovi. These are browser type and version, operating system used, referrer URL, hostname of the accessing computer, and time of the server request. This data will not be merged with other data sources. The website operator has a legitimate interest in the technically error-free presentation and optimisation of his website - the server log files must be recorded for this purpose. Further information can be found in Gastronovi's privacy policy.
5.1. Booking via a third-party platform
If you make bookings via a third-party platform, we receive personal information from the respective platform operator. We will process this data by name in order to record your booking as requested and to provide the services you have booked. In addition, inquiries about your booking may be forwarded to us.
Finally, we may be informed by the platform operators about disputes in connection with a booking. In the process, we may also receive data on the booking process, including a copy of the booking confirmation as evidence of the actual booking. We process this data to fulfil a contract and to safeguard and enforce our claims.
Please also note the respective provider's privacy policy.
5.2. Data retention
We only process your personal data for as long as necessary for the respective purpose or as required by law. If you have set up an account with us, we will keep the master data provided without restriction. However, you can request the deletion of your account at any time (see below, item 6 "Your rights"). We will then delete the master data unless we are required to store it by law. In the case of an order without an account, your master data will be deleted after the end of the service as far as we are not obliged to store them by law. This deletion can take place immediately or as part of periodic deletions.
Contract data, which can also include personal data, will be stored by us until the statutory retention period of 10 years has expired. Obligations to retain data result from accounting regulations and tax regulations, as well as the obligation to retain electronic communication. If we no longer need this data to carry out services for you, the data will be locked. This means that the data may then only be used for accounting and tax purposes.
If we opt to refuse further business contacts with a data subject due to misuse, payment defaults, or other legitimate reasons, we store the corresponding personal data for five years in case of recurrence for ten years.
5.3. Disclosure of data to third parties
We disclose your personal data if you have given your express consent, if there is a legal obligation to do so, or if this is necessary to enforce our rights, in particular, to enforce claims arising from the relationship between you and VALBELLA RESORT AG (e.g. debt collection companies, authorities, or lawyers ). We disclose your data to third parties, as far as this is in the context of the use of the technology for the provision of the services you have requested and the advertising for them (e.g. outsourcing partners; hosting services; companies with whom we offer services on our technology [e.g. for bookings, rent, purchase, etc.]; companies that advertise on our behalf) as well as the analysis of your user behaviour is required.
When it is disclosed to third parties, we provide sufficient contractual guarantees that such a third party uses the personal data in accordance with the legal requirements and exclusively in our interest.If the technology contains links to third-party websites, VALBELLA RESORT AG no longer has any influence on the collection, processing, storage, or use of personal data by the third party after clicking on these links and assumes no responsibility for it.
5.4. Transmission of personal data abroad
We are entitled to transmit your personal data to third companies (commissioned service providers) abroad, provided this is necessary for the data processing described in this privacy policy. They are obliged to protect your data to the same extent as we are. If the level of data protection in a country does not correspond to the Swiss or European level, we contractually ensure that the protection of your personal data corresponds to that in Switzerland or the EU at all times.
6.1. Right to information, correction, deletion, and restriction of processing; Right to data portability, objection, and complaint
Upon request, we will provide each person concerned with information on whether and, if so, which personal data about them is being processed (right to confirmation, right to information). At your request:
To make a request to exercise a right described in this section, for example, if you no longer receive any email newsletters from us or want to delete your account, use the corresponding function on our website or contact our data protection officer or an employee according to the information at the beginning of this privacy policy.
If we cannot comply with a request, we will inform you of the reasons. For example, we may refuse deletion in a legally permissible manner if your personal data is still required for the original purposes (e.g. if you continue to receive a service from us), if the processing is legally mandatory (for example, on statutory accounting regulations), or if we have an overriding interest of our own (e.g. in the event of a legal dispute against the person concerned). If we assert an overriding interest in the processing of personal data against you, you still have the right to object to the processing, provided that your particular situation compared to other data subjects results in a different balance of interests (right to object). This could be the case, for example, if you are a person of public interest or if the processing creates the risk that you will be harmed by third parties. If you are not satisfied with our response to your request, you have the right to lodge a complaint with a competent supervisory authority, for example, in your country of residence or at the headquarters of VALBELLA RESORT AG (right to complain).
6.2. Possibility to opt out
If you do not agree that we analyse your usage data, you can opt out. The tracking is switched off by storing a so-called "opt-out cookie" on your system. If you ever delete all of your cookies, please note that the opt-out cookie will also be lost and may need to be renewed.
The list below is a compilation of opt-out options. Please note that these options sometimes also includes trackers used by our partners, which are not necessarily used on the website:
alternatively, you can install the Ghostery browser extension, which is available for every common browser.
7.1. Automated decision making/profiling
We (or the third parties commissioned by us) do not make any automated decisions that affect your personal data or have any legal effect on you or significantly similarly affect them.
7.2. Data security
We use suitable technical and organisational security measures to protect your personal data stored by us against manipulation, partial or complete loss and unauthorised access by third parties. Our security measures are continuously improved in line with technological developments. You should always treat your information confidentially and close the browser window when you have finished communicating with us, especially if you share your computer with others. We also take internal data protection very seriously. Our employees and the service companies commissioned by us have been bound by us to secrecy and to comply with data protection regulations.
7.3. Applicable law and jurisdiction
This privacy policy and the contracts concluded on the basis of or in connection with this policy are subject to Swiss law unless the law of another country is mandatory. The place of jurisdiction is the headquarters of VALBELLA RESORT AG unless another place of jurisdiction is mandatory.
7.4. Final provisions
Should individual parts of this privacy policy be or become ineffective, this does not affect the effectiveness of the rest of this policy. Due to the further development of our technology and offers or changed legal or official requirements, it may be necessary to change this privacy policy. The most current/applicable privacy policy is published on our technology.
This page was last changed on March 12, 2026. If you have any questions or comments about our legal information or privacy policy, please contact us at privacy@valbellaresort.ch or using the contact details listed at the beginning of this policy.