Data protection

EN

Privacy policy

We appreciate your visit to our website zug-tourismus.ch and your interest in our association.

The protection of your personal data, such as date of birth, name, telephone number, address, etc., is important to us.

The purpose of this privacy policy is to inform you about the processing of your personal data that we collect from you. Our data protection practices comply with the legal provisions of the Swiss Federal Act on Data Protection (FADP) and the EU General Data Protection Regulation (GDPR). The following privacy policy serves to fulfill the information obligations arising from the FADP and the GDPR. These can be found, for example, in Art. 19 ff. FADP and Art. 13 ff. of the GDPR.

Owner or responsible party

The controller within the meaning of Art. 5(j) FADP or Art. 4(7) GDPR is the person who alone or jointly with others determines the purposes and means of the processing of personal data. The controller pursuant to Art. 4 no. 7 GDPR is also the recipient of the personal data within the meaning of Art. 4 no. 9 GDPR. Any third-party recipients are identified separately.

With regard to data protection, the controller or responsible party is:

Zug Tourism
Bahnhofplatz
6300 Zug
Switzerland
E-Mail: info@zug.ch
Phone: 041 723 68 00

Data processing for events 

Data is collected with your consent as part of physical events (e.g. competitions, contests or promotional events)

.

What personal data is collected and to what extent is it processed?

Personal data is collected, which is collected from you using the form provided. This includes, among other things:

(1)    Surname and first name
(2)    address
(3)    Date of birth
(4)    e-mail address
(5)    Telephone number
(6)    ...

The data will be processed as part of the corresponding event

Legal basis for the processing of personal data

Personal data is processed in accordance with the principle of lawfulness (Art. 6 para. 1 FADP) and the requirement of good faith (Art. 6 para. 2 FADP and Art. 2 Swiss Civil Code) and Art. 6 para. 1 lit. a GDPR (consent by unambiguous affirmative action or conduct).

Purpose of the data processing

The processing of the collected data is essential for the implementation of the corresponding events. It is necessary, for example, to draw a winner in competitions or to provide individualized offers at promotional events.

Duration of storage

The aforementioned personal data will be deleted as soon as it is no longer required for the organization of the events, but no later than 12 months after the event. If the data is subsequently required for statistical purposes, it will be anonymized so that no subsequent identification of individual persons is possible.

Restriction, objection, rectification and erasure options

You can request the restriction of processing in accordance with Art. 18 GDPR or object to processing in accordance with Art. 21 GDPR and request the rectification or erasure of data in accordance with Art. 16 or 17 GDPR at any time. You can find out which rights you are entitled to and how to assert them at the bottom of this privacy policy.
 

Providing the website and creating log files

Each time our website is accessed, our system automatically collects data and information from the device accessing it (e.g. computer, cell phone, tablet, etc.).

What personal data is collected and to what extent is it processed?

(1) Information about the browser type and version used;
(2) The operating system of the accessing device;
(3) Host name of the accessing computer;
(4) The IP address of the accessing device;
(5) Date and time of access;
(6) Websites and resources (images, files, other page content) that were accessed on our website;
(7) Websites from which the user's system came to our website (referrer tracking);
(8) Notification of whether the retrieval was successful;
(9) Amount of data transferred

This data is stored in the log files of our system. This data is not stored together with the personal data of a specific user, so that individual site visitors cannot be identified.

Legal basis for the processing of personal data

Personal data is processed in accordance with the principle of lawfulness (Art. 6 para. 1 FADP) and the requirement of good faith (Art. 6 para. 2 FADP and Art. 2 CC) as well as Art. 6 para. 1 lit. f GDPR (legitimate interest).

Purpose of data processing

The temporary (automated) storage of data is necessary for the course of a website visit in order to enable delivery of the website. Personal data is also stored and processed to maintain the compatibility of our website for as many visitors as possible and to combat misuse and troubleshooting. For this purpose, it is necessary to log the technical data of the accessing computer in order to be able to react as early as possible to display errors, attacks on our IT systems and/or errors in the functionality of our website. We also use the data to optimize the website and to generally ensure the security of our IT systems.

Duration of storage

The aforementioned technical data is deleted as soon as it is no longer required to ensure the compatibility of the website for all visitors, but no later than 3 months after our website is accessed.

Possibility of restriction, objection, correction and deletion

You can request the restriction of processing in accordance with Art. 18 GDPR or object to processing in accordance with Art. 21 GDPR and request the rectification or erasure of data in accordance with Art. 16 or 17 GDPR at any time. You can find out which rights you are entitled to and how to assert them at the bottom of this privacy policy.

Special functions of the website

Our website offers you various functions that collect, process and store personal data when you use them. Below we explain what happens to this data:

Application form

  • What personal data is collected and to what extent is it processed?

    The data you enter in the form fields of the application form and upload, if applicable, will be processed to fulfill the purpose stated below.

  • Legal basis for the processing of personal data

    Personal data is processed in accordance with the principle of lawfulness (Art. 6 para. 1 FADP) and the requirement of good faith (Art. 6 para. 2 FADP and Art. 2 CC) and Art. 6 para. 1 lit. b GDPR (implementation of (pre)contractual measures)

  • Purpose of data processing

    The purpose of data processing is to review and process the application documents you upload via the form.

  • Duration of storage

    The data will be deleted as soon as the application has been processed and there is no longer a legitimate interest in storing the application data. Your application documents will therefore be deleted after 6 months at the latest if no employment relationship is established.

  • Option to object, edit, correct and delete

    You can restrict processing at any time in accordance with Art. 18 GDPR, object to processing in accordance with Art. 21 GDPR and request the correction or deletion of data in accordance with Art. 16 or 17 GDPR. You can find out which rights you are entitled to and how to exercise them at the bottom of this privacy policy.

  • Requirement to provide personal data

    The information in the application form is necessary for sending and processing the application. If you do not fill in the mandatory fields or do not fill them in completely, your application cannot be sent or processed.

Booking request form

  • Scope of the processing of personal data

    We will process the data you enter in our booking request form (date, number of persons, etc.) to fulfill the following purpose

    .

  • Legal basis for the processing of personal data

    The processing of personal data is based on the principle of lawfulness (Art. 6 para. 1 FADP) and the requirement of good faith (para. 2 FADP and Art. 2 CC) as well as Art. 6 para. 1 lit. b GDPR (implementation of (pre-)contractual measures)

  • Purpose of data processing

    A pre-contractual exchange of information is necessary to check your booking so that we can prepare a possible subsequent conclusion of a contract

  • Duration of storage

    The data is deleted as soon as it is no longer required for processing the booking and there are no longer any statutory retention obligations.

  • Option to object, process, correct and delete

    You can restrict processing at any time in accordance with Art. 18 GDPR, object to processing in accordance with Art. 21 GDPR and request the correction or deletion of data in accordance with Art. 16 or 17 GDPR. You can find out which rights you are entitled to and how to exercise them at the bottom of this privacy policy.

  • Requirement to provide personal data

    The information in the booking request form is required in order to process your booking properly. If you do not fill in the mandatory fields or do not fill them in completely, we will not be able to process your booking request.

Contact form(s)

  • What personal data is collected and to what extent is it processed?

    The data you enter in our contact forms, which you have entered in the input mask of the contact form.

  • Legal basis for the processing of personal data

    The processing of personal data is carried out in accordance with the principle of lawfulness (Art. 6 para. 1 FADP) and the requirement of good faith (Art. 6 para. 2 FADP and Art. 2 CC) as well as Art. 6 para. 1 lit. a GDPR (consent by unambiguous affirmative action or conduct).

  • Purpose of data processing

    We will only use the data collected via our contact form or via our contact forms to process the specific contact request received via the contact form. Please note that we may also send you emails to the address provided in order to fulfill your contact request. The purpose of this is so that you can receive confirmation from us that your request has been forwarded to us correctly. However, sending this confirmation email is not mandatory for us and is for your information only.

  • Duration of storage

    After your request has been processed, the data collected will be deleted immediately, provided that there are no statutory retention periods.

  • Possibility of restriction, objection, correction and deletion

    You can request the restriction of processing in accordance with Art. 18 GDPR or object to processing in accordance with Art. 21 GDPR and request the rectification or erasure of data in accordance with Art. 16 or 17 GDPR at any time. You can find out which rights you are entitled to and how to assert them at the bottom of this privacy policy.

  • Requirement to provide personal data

    The contact forms are used on a voluntary basis. You are not obliged to contact us via the contact form, but can also use the other contact options provided on our website. If you wish to use our contact form, you must complete the fields marked as mandatory. If you do not complete the required information on the contact form, you will either not be able to send the request or we will not be able to process your request due to a lack of information.

Form for newsletter registration

  • What personal data is collected and to what extent is it processed?

    By registering for the newsletter on our website, we receive the email address you enter in the registration field and, if applicable, other contact details if you provide them to us via the newsletter registration form.

  • Legal basis for the processing of personal data

    The processing of personal data is based on the principle of lawfulness (Art. 6 para. 1 FADP) and on the requirement of good faith (Art. 6 para. 2 FADP and Art. 2 CC) as well as Art. 6 para. 1 lit. a GDPR (consent by unambiguous affirmative action or conduct).

  • Purpose of data processing

    The data entered in the registration form for our newsletter will be used by us exclusively for sending our newsletter, in which we provide information about all our services and news. After registration, we will send you a confirmation e-mail containing a link that you must click in order to complete your registration for our newsletter (double opt-in). By doing so, you give your consent to data processing in accordance with Art. 6 para. 6 FADP.

  • Duration of storage

    You can unsubscribe from our newsletter at any time by clicking on the unsubscribe link, which is also included in every newsletter. Your data will be deleted by us immediately after you unsubscribe, provided there are no statutory retention obligations. Your data will also be deleted by us immediately if your registration is not completed. We reserve the right to delete your data without giving reasons and without prior or subsequent information.

  • Possibility of restriction, objection, correction and deletion

    You can request the restriction of processing in accordance with Art. 18 GDPR or object to processing in accordance with Art. 21 GDPR and request the rectification or erasure of data in accordance with Art. 16 or 17 GDPR at any time. You can find out which rights you are entitled to and how to assert them at the bottom of this privacy policy.

  • Requirement to provide personal data

    If you would like to use our newsletter, you must fill in the fields marked as mandatory and confirm your e-mail address by clicking on the double opt-in link. The newsletter registration details are required in order to make use of the newsletter offer. The information is used exclusively for sending our newsletter. If you do not complete the mandatory fields, we will not be able to provide you with our newsletter service.

Appointment booking form

  • Scope of the processing of personal data

    The data you enter in our appointment booking form

    .

  • Legal basis for the processing of personal data

    Personal data is processed in accordance with the principle of lawfulness (Art. 6 para. 1 FADP) and the requirement of good faith (Art. 6 para. 2 FADP and Art. 2 CC) and Art. 6 para. 1 lit. b GDPR (implementation of (pre)contractual measures)

  • Purpose of data processing

    We will only use the data collected via our appointment booking form to process appointment requests received via the appointment booking form.

  • Duration of storage

    Your appointment booking will be deleted by us immediately after 12 months have elapsed since the appointment was scheduled, provided there are no statutory retention obligations. We reserve the right to delete without giving reasons and without prior or subsequent information.

  • Possibility of restriction, objection, correction and deletion

    You can request the restriction of processing in accordance with Art. 18 GDPR or object to processing in accordance with Art. 21 GDPR and request the rectification or erasure of data in accordance with Art. 16 or 17 GDPR at any time. You can find out which rights you are entitled to and how to assert them at the bottom of this privacy policy.

  • Requirement to provide personal data

    The use of our appointment booking form is necessary if you would like to book an appointment with us online. You must provide certain mandatory information to book online. If you do not complete the mandatory information, your appointment booking cannot be accepted or processed.

Transmission of data to third parties

Personal data is processed in accordance with the principle of lawfulness (Art. 6 para. 1 FADP) and the principle of good faith (Art. 6 para. 2 FADP and Art. 2 Swiss Civil Code).

The disclosure of data to third parties depends on the scope of the activities or offers of our website or our business model described below.

In principle, we only keep your data for as long as necessary and treat it confidentially. Exceptions to this are the transfer of personal data to debt collection service providers, to public bodies and authorities and to private individuals who are entitled to it due to legal provisions, court decisions or official orders, as well as the transfer to authorities for the purpose of initiating legal proceedings or for law enforcement purposes if our legally protected rights are attacked.

Automatic identity and credit check for shipping on account or online payment

  • What personal data is collected and to what extent is it processed?

    If you choose the payment method purchase on account or order online using a payment service, you will be asked during the ordering process to consent to the transmission of the data required for processing the payment and for an identity and credit check. First and last name, street, house number, zip code, city, date of birth, as well as the data related to your order.

  • Legal basis for the processing of personal data

    The processing of personal data is carried out in accordance with the principle of lawfulness (Art. 6 para. 1 FADP) and the requirement of good faith (Art. 6 para. 2 FADP and Art. 2 CC).

  • In direct connection with the conclusion or performance of a contract (Art. 31 para. 2 let. a FADP), there is an overriding interest in obtaining information about the identity of a contracting party. Directly in the context of concluding a contract, personal data may be processed to check creditworthiness, provided that the data is neither particularly sensitive personal data nor high-risk profiling, the data is only disclosed to third parties if they need the data to conclude or execute a contract with the data subject, the data is not older than ten years and the data subject is of legal age (Art. 31 para. 2 let. c. FADP). See also Art. 6 para. 1 lit. b GDPR (implementation of (pre-)contractual measures)

    .

  • Purpose of data processing

    For the purpose of identity and credit checks, we transmit data to credit agencies (credit agencies) and receive information from them and, if necessary, creditworthiness information based on mathematical-statistical procedures, the calculation of which includes address data (so-called score values). When using online payment services, we transmit your details to the relevant partners and receive information from them to approve the order for shipping.

  • Duration of storage

    We will store the relevant data for processing the payment for as long as is necessary to complete the transaction. If the data is subject to statutory retention obligations, it will be deleted after the retention obligation has expired.

  • Restriction, objection, correction and deletion options as well as information

    You can restrict processing at any time in accordance with Art. 18 GDPR, object to processing in accordance with Art. 21 GDPR and request the rectification or erasure of data in accordance with Art. 16 or 17 GDPR. You can request information about whether your personal data is being processed at any time in accordance with Art. 25 FADP. This means that you can view the information required to assert your rights under the Data Protection Act and ensure transparent data processing at any time. If the information stored about you is incorrect, we will delete it and consult with the data protection advisor if necessary. You can find out what rights you are entitled to and how to assert them at the bottom of this privacy policy.

Statistical analysis of visits to this website - web tracker

We collect, process and store the following data when this website or individual files on the website are accessed IP address, website from which the file was retrieved, name of the file, date and time of retrieval, amount of data transferred and notification of the success of the retrieval (so-called web log). We use this access data exclusively in non-personalized form for the continuous improvement of our website and for statistical purposes.

The processing of any personal data is carried out in accordance with the principle of lawfulness (Art. 6 para. 1 FADP) and the principle of good faith (Art. 6 para. 2 FADP and Art. 2 Swiss Civil Code). We also use the following web trackers to analyze visits to this website:

  • Custom Audiences

    We use the Custom Audiences service of Meta Platforms Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, 2 Dublin, Ireland, on our website: impressum-support@support.facebook.com, Website: http://facebook.com/. According to the Swiss authorities, the processing takes place in safe third countries. You can find Switzerland's list of countries and further information at the following link: https://www.edoeb.admin.ch/edoeb/de/home/datenschutz/handel-und-wirtschaft/uebermittlung-ins-ausland.html. Personal data is also transferred to the USA. With regard to the transfer of personal data to the USA, there is an adequacy decision on the EU-US Data Privacy Framework of the EU Commission within the meaning of Art. 45 GDPR (hereinafter: DPF - https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en ). The operator of the service is certified under the DPF, so that the usual level of protection of the GDPR applies to the transmission.

    The legal basis for the transfer of personal data is your consent in accordance with Art. 6 para. 6 FADP or Art. 31 para. 2 FADP and Art. 6 para. 1 lit. a GDPR or Art. 9 para. 2 lit. a GDPR, which you have given on our website.

    Facebook Custom Audience is an advertising tool from Facebook that can be used to target advertising campaigns to site visitors.

    You can access the certification of the parent company under the EU-US Data Privacy Framework at https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt0000000GnywAAC.

    You can withdraw your consent at any time. You can find more information on revoking your consent either in the consent itself or at the end of this privacy policy.

    For more information on the handling of the transferred data, please refer to the provider's privacy policy at https://www.facebook.com/about/privacy.

    The provider also offers an opt-out option at https://www.facebook.com/about/privacy.

  • Facebook Connect

    We use the Facebook Connect service of Meta Platforms Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, 2 Dublin, Ireland, on our website: impressum-support@support.facebook.com, Website: http://www.facebook.com/. According to the Swiss authorities, the processing takes place in safe third countries. You can find Switzerland's list of countries and further information at the following link: https://www.edoeb.admin.ch/edoeb/de/home/datenschutz/handel-und-wirtschaft/uebermittlung-ins-ausland.html. Personal data is also transferred to the USA. With regard to the transfer of personal data to the USA, there is an adequacy decision on the EU-US Data Privacy Framework of the EU Commission within the meaning of Art. 45 GDPR (hereinafter: DPF - https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en ). The operator of the service is certified under the DPF, so that the usual level of protection of the GDPR applies to the transmission.

    The legal basis for the transfer of personal data is your consent in accordance with Art. 6 para. 6 FADP or Art. 31 para. 2 FADP and Art. 6 para. 1 lit. a GDPR or Art. 9 para. 2 lit. a GDPR, which you have given on our website.

    Users can use their Facebook profile via Facebook Connect to simplify logging in to other web services.

    You can access the certification under the EU-US Data Privacy Framework at https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt0000000GnywAAC.

    You can withdraw your consent at any time. You can find more information on revoking your consent either in the consent itself or at the end of this privacy policy.

    For more information on the handling of the transferred data, please refer to the provider's privacy policy at https://www.facebook.com/about/privacy.

    The provider also offers an opt-out option at https://www.facebook.com/about/privacy.

  • Google Ads

    We use the Google Ads service of Google Ireland Limited, Gordon House, Barrow Street, 4 Dublin, Ireland, on our website: support-deutschland@google.com, Website: http://www.google.com/. According to the Swiss authorities, processing takes place in safe third countries. You can find Switzerland's list of countries and further information at the following link: https://www.edoeb.admin.ch/edoeb/de/home/datenschutz/handel-und-wirtschaft/uebermittlung-ins-ausland.html. Personal data is also transferred to the USA. With regard to the transfer of personal data to the USA, there is an adequacy decision on the EU-US Data Privacy Framework of the EU Commission within the meaning of Art. 45 GDPR (hereinafter: DPF - https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en ). The operator of the service is certified under the DPF, so that the usual level of protection of the GDPR applies to the transmission.

    The legal basis for the transfer of personal data is your consent in accordance with Art. 6 para. 6 FADP or Art. 31 para. 2 FADP and Art. 6 para. 1 lit. a GDPR or Art. 9 para. 2 lit. a GDPR, which you have given on our website.

    Google Ads is an advertising system with which we can place advertisements on external websites on the Internet to inform our customers about our services. Google Ads displays advertisements on external websites that are individually tailored to our clientele and lead to our website according to parameters set by us. If the site visitor clicks on the Google Ads advertisement, they will be taken to our website. In order to be able to measure the success and remuneration of Google Ads advertisements, Google Ads measures the success of the advertising measure when our website is accessed. Our website processes the data provided by Google Ads in order to analyze and improve our advertising measures and to calculate any remuneration that may be due.

    For the processing itself, the service or we collect the following data Data on the advertising interests of site visitors, interactions of site visitors with advertisements relating to our website, data on visits to our website by site visitors who have previously clicked on Google Ads advertisements and reached our website, data on the end device used, the IP address and browser of the user and other data from Google services for the provision and refinement of Google advertising relating to our website.

    If the service is activated on our website, our website establishes a connection to the servers of Google Ireland Limited and transmits the required data. As part of order processing, personal data may also be transmitted to the servers of Google LLC, 1600 Amphitheatre Parkway, 94043 Mountain View, United States. When Google Ads are used on our website, Google may transmit and process information from other Google services in order to provide background services for the improvement and individualization of Google advertising. For this purpose, data may also be processed by other Google services such as Google Apis, Google Cloud, Google Ads, Google Analytics, Google Tag Manager, Google Marketing Platform and Google Fonts in accordance with the Google Privacy Policy under Google's own data protection responsibility. You can access the certification under the EU-US Data Privacy Framework at https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt000000001L5AAI&status=Active.

    You can withdraw your consent at any time. You can find more information on withdrawing your consent either in the consent itself or at the end of this privacy policy.

    For more information on the handling of the transferred data, please refer to the provider's privacy policy at https://policies.google.com/privacy.

    The provider also offers an opt-out option at https://support.google.com/My-Ad-Center-Help/answer/12155451?hl=de.

  • Google Analytics

    • Scope of the processing of personal data

      On our website we use the web tracking service of Google Ireland Ltd, Gordon House, Barrow Street, 4 Dublin, Ireland, e-mail: support-deutschland@google.com, Website: http://www.google.com/ (hereinafter: Google Analytics). Google Analytics uses cookies as part of web tracking, which are stored on your computer and which enable an analysis of the use of our website and your surfing behavior (so-called tracking). We carry out this analysis on the basis of the Google Analytics tracking service in order to constantly optimize our website and make it more accessible. When you use our website, data, in particular your IP address and your user activities, are transmitted to servers of Google Ireland Limited. We carry out this analysis on the basis of Google's tracking service in order to constantly optimize our website and make it more accessible. We also require web tracking for security reasons. Web tracking enables us to track whether third parties are attacking our website. The information from the web tracker enables us to take effective countermeasures and protect the personal data we process from these cyber attacks. By activating IP anonymization within the Google Analytics tracking code of this website, your IP address will be anonymized by Google Analytics before transmission. This website uses a Google Analytics tracking code that has been extended by the operator gat._anonymizeIp(); to enable only anonymized collection of IP addresses (so-called IP masking).

    • Legal basis for the processing of personal data

      In accordance with Art. 13 para. 1 FADP and Art. 6 para. 1 lit. a GDPR, the legal basis for data processing is your consent in our information banner regarding the use of cookies and web tracking (consent through clear confirmatory action or behavior).

    • Purpose of data processing

      On our behalf, Google will use this information for the purpose of evaluating your visit to this website, compiling reports on website activity and providing us with other services relating to website activity and internet usage. We also require web tracking for security reasons. Web tracking allows us to track whether third parties are attacking our website. The information from the web tracker enables us to take effective countermeasures and protect the personal data we process from these cyberattacks.

    • Duration of storage

      Google will store the data relevant for the provision of web tracking for as long as it is necessary to fulfill the booked web service. Data collection and storage is anonymized. If there is any personal reference, the data will be deleted immediately, provided that it is not subject to any statutory retention obligations. In any case, the deletion takes place after expiry of the retention obligation.

    • Options for objection and erasure

      You can prevent the collection and forwarding of personal data to Google (in particular your IP address) and the processing of this data by Google by deactivating the execution of script code in your browser or activating the "Do Not Track" setting in your browser. You can also prevent Google from collecting the data generated by the Google cookie and relating to your use of the website (including your IP address) and from processing this data by Google by downloading and installing the browser plug-in available at the following link (http://tools.google.com/dlpage/gaoptout?hl=de). You can find Google's security and data protection principles at https://policies.google.com/privacy.

  • Google Tag Manager

    • What personal data is collected and to what extent is it processed?

      On our website, we use the Google Tag Manager service provided by Google Ireland Ltd, Gordon House, Barrow Street, 4 Dublin, Ireland, email: support-deutschland@google.com, Website: http://www.google.com/ (hereinafter: Google Tag Manager). Google Tag Manager provides a technical platform for executing and controlling other web services and web tracking programs in a bundled manner by means of so-called "tags". In this context, Google Tag Manager stores cookies on your computer and, if web tracking tools are executed using Google Tag Manager, analyzes your surfing behavior (so-called "tracking"). This data sent by individual tags integrated in Google Tag Manager is merged, stored and processed by Google Tag Manager under a uniform user interface. All integrated "tags" are listed separately in this privacy policy. You can find more information on data protection for the tools integrated in Google Tag Manager in the relevant section of this privacy policy. When using our website with activated integration of Google Tag Manager tags, data, in particular your IP address and your user activities, are transmitted to servers of Google Ireland Limited. With regard to the web services integrated via Google Tag Manager, the regulations in the respective section of this privacy policy apply. The tracking tools used in Google Tag Manager ensure that the IP address is anonymized by Google Tag Manager before transmission by means of IP anonymization of the source code. In doing so, Google Tag Manager only enables the anonymized collection of IP addresses (so-called IP masking).

    • Legal basis for the processing of personal data

      In accordance with Art. 13 para. 1 FADP and Art. 6 para. 1 lit. a GDPR, the legal basis for data processing is your consent in our information banner regarding the use of cookies and web tracking (consent by clear confirmatory action or behavior).

    • Purpose of data processing

      On our behalf, Google will use the information obtained via Google Tag Manager to evaluate your visit to this website, to compile reports on website activity and to provide us with other services relating to website activity and internet usage

      .

    • Duration of storage

      Google will store the data relevant to the function of Google Tag Manager for as long as it is necessary to fulfill the booked web service. Data collection and storage is anonymized. If there is any personal reference, the data will be deleted immediately, provided that it is not subject to any statutory retention obligations. In any case, the deletion takes place after expiry of the retention obligation.

    • Option to object and deletion

      You can prevent the collection and forwarding of personal data to Google (in particular your IP address) and the processing of this data by Google by deactivating the execution of script code in your browser, installing a script blocker in your browser or activating the "Do Not Track" setting in your browser. You can also prevent Google from collecting the data generated by the Google cookie and relating to your use of the website (including your IP address) and from processing this data by Google by downloading and installing the browser plug-in available under the following link http://tools.google.com/dlpage/gaoptout?hl=de. You can find Google's security and data protection principles at https://policies.google.com/privacy.

    • Integration of external web services and processing of data outside the EU

    We use active content from external providers, so-called web services, on our website. When you visit our website, these external providers may receive personal information about your visit to our website. Data may be processed outside of Switzerland and the EU. You can prevent this by installing an appropriate browser plugin or deactivating the execution of scripts in your browser. This may result in functional restrictions on websites that you visit.

    We use the following external web services:

    • Fonts.com

      We use the Fonts.com service of Monotype Imaging Holdings Inc, 600 Unicorn Park Drive, 01801 Woburn, United States, e-mail on our site: info@fonts.com, Website: https://www.monotype.com/de. Your personal data will be transferred to so-called insecure third countries that do not guarantee adequate data protection through their legislation. Your data will only be passed on if suitable data protection is guaranteed. This can be guaranteed in particular by:

      • treaties under international law
      • data protection clauses in a contract between the controller or processor and their contractual partner, which have been communicated to the FDPIC in advance
      • specific guarantees drawn up by the competent federal body and communicated to the FDPIC in advance
      • standard data protection clauses that the FDPIC has approved, issued or recognized in advance or
      • binding internal company data protection regulations that have been approved in advance by the FDPIC or by an authority responsible for data protection in a country that guarantees adequate protection

      If such guarantees are not in place, your data may only be disclosed if you have given your consent, the disclosure is directly related to the conclusion or performance of a contract, or the disclosure is necessary for the enforcement of claims before courts and authorities or to safeguard public interests. From the perspective of the EU, the data processing takes place in a third country for which there is no adequacy decision by the EU Commission. Therefore, the usual level of protection for the GDPR cannot be guaranteed for the transfer, as it cannot be ruled out that authorities in the third country, for example, may access the data collected. Your data can only be transferred to these third countries if it is ensured that the personal data is adequately protected by the recipient. This can be done through the use of standard contractual clauses, in the case of data transfers within a group through so-called binding corporate rules, through an obligation to comply with rules of conduct that have been declared generally applicable by the Commission or through certification of the processing operation.

      The legal basis for the transfer of personal data is your consent pursuant to Art. 6 para. 6 FADP or Art. 31 para. 2 FADP and pursuant to Art. 6 para. 1 lit. a GDPR or Art. 9 para. 2 lit. a GDPR, which you have given on our website.

      The Fonts.net / Fonts.com service is used to load fonts onto our website in order to show you a visually improved version of the website.

      You can withdraw your consent at any time. You can find more information on withdrawing your consent either in the consent itself or at the end of this privacy policy.

      For more information on the handling of the transferred data, please refer to the provider's privacy policy at http://www.monotype.com/legal/privacy-policy.

      The provider also offers an opt-out option at http://www.monotype.com/legal/privacy-policy.

    • Legally ok legal text snippet and modules

      We use the service Legally ok legal text snippet and modules of the company Legally ok GmbH, Schochenmühlestrasse 6, 6340 Baar, Switzerland, E-Mail: hello@legally-ok.com, Website: https://www.legally-ok.com/. Processing takes place exclusively in Switzerland in accordance with the data protection legislation applicable there. Processing also takes place in a third country outside the EU. An adequacy decision by the Commission exists for this third country. On the page of the EU Commission (Link: https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/adequacy-decisions_de) you will find an up-to-date list of all adequacy decisions.

      The legal basis for the transmission and processing is Art. 31 para. 1 FADP and Art. 6 para. 1 lit. c GDPR. The use of the service helps us to comply with our legal obligations.

      The service is used to load content from our legal texts onto our website. The current legal texts are reloaded via the integration on our site. This integration may also be used to load additional technical modules with regard to the legal texts or legally required elements.

      What rights you have with regard to processing can be found at the end of this privacy policy.

      For more information on the handling of the transferred data, please refer to the provider's privacy policy at https://www.legally-ok.com/datenschutz/.

    • Mapbox

      We use the Mapbox service provided by Mapbox, Inc, 740 15th Street NW, 5th Floor, 20005 Washington D.C., United States, email: copyright@mapbox.com, Website: https://www.mapbox.com/. Your personal data will be transferred to so-called insecure third countries that do not guarantee adequate data protection through their legislation. Your data will only be passed on if suitable data protection is guaranteed. This can be guaranteed in particular by:

      • treaties under international law
      • data protection clauses in a contract between the controller or processor and their contractual partner, which have been communicated to the FDPIC in advance
      • specific guarantees drawn up by the competent federal body and communicated to the FDPIC in advance
      • standard data protection clauses that the FDPIC has approved, issued or recognized in advance or
      • binding internal company data protection regulations that have been approved in advance by the FDPIC or by an authority responsible for data protection in a country that guarantees adequate protection

      If such guarantees are not in place, your data may only be disclosed if you have given your consent, the disclosure is directly related to the conclusion or performance of a contract, or the disclosure is necessary for the enforcement of claims before courts and authorities or to safeguard public interests. From the perspective of the EU, the data processing takes place in a third country for which there is no adequacy decision by the EU Commission. Therefore, the usual level of protection for the GDPR cannot be guaranteed for the transfer, as it cannot be ruled out that authorities in the third country, for example, may access the data collected. Your data can only be transferred to these third countries if it is ensured that the personal data is adequately protected by the recipient. This can be done through the use of standard contractual clauses, in the case of data transfers within a group through so-called binding corporate rules, through an obligation to comply with rules of conduct that have been declared generally applicable by the Commission or through certification of the processing operation.

      The legal basis for the transfer of personal data is our legitimate interest in processing in accordance with Art. 6 para. 1 lit. f GDPR. Our legitimate interest lies in achieving the purpose described below.

      A map service is integrated on our website via Mapbox, which enables navigation and the display of our business locations.

      With regard to processing, you have the right to object as set out in Art. 21 GDPR. Further information can be found at the end of this privacy policy.

      Further information on the handling of transferred data can be found in the provider's privacy policy at https://www.mapbox.com/legal/privacy/.

    • Schönenberger Gärten

      We use on our site the service Schönenberger Gärten of the company Schönenberger Söhne AG, Brunnenmattstrasse 7, 6317 Oberwil b. Zug, Switzerland, e-mail: info@gartenbau-schoenenberger.ch, Website: https://www.gartenbau-schoenenberger.ch/. Processing takes place exclusively in Switzerland in accordance with the data protection legislation applicable there. Processing also takes place in a third country outside the EU. An adequacy decision by the Commission exists for this third country. On the page of the EU Commission (Link: https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/adequacy-decisions_de) you will find an up-to-date list of all adequacy decisions.

      The legal basis for the transfer of personal data is your consent in accordance with Art. 6 para. 6 DSG or Art. 31 para. 2 DSG and Art. 6 para. 1 lit. a DSGVO or Art. 9 para. 2 lit. a DSGVO, which you have given on our website.

      This service enables us to display information about our company, Schönberger Gärten, on our website. We also want to provide you with inspiration for your own garden through blog posts and sample images.

      You can withdraw your consent at any time. You can find more information on withdrawing your consent either in the consent itself or at the end of this privacy policy.

      For more information on the handling of the transferred data, please refer to the provider's privacy policy at https://www.gartenbau-schoenenberger.ch/datenschutz/.

    • Social plug-in - "Facebook by META"

      • What personal data is collected and to what extent is it processed?

        On our website, we have integrated a social plug-in of the social network "Facebook by META", which is operated by Meta Platforms Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, 2 Dublin, Ireland, email: impressum-support@support.facebook.com, Website: http://www.facebook.com/ ("Facebook by META"). When you access a page that contains such a plug-in, your browser automatically establishes a background connection to the Facebook by META servers. The content of the plug-in is transmitted by Facebook by META directly to your browser and only integrated into our site. Through this integration, Facebook by META receives the information that your browser has loaded a specific page of our website. This also applies if you do not have a Facebook by META profile or are not currently logged in to Facebook by META. This information (including your IP address) is transmitted by your browser directly to a Facebook by META server in Ireland and stored there. If you are logged in to Facebook by META, Facebook by META can directly associate your visit to our website with your Facebook by META profile. If you interact with the plug-ins, for example by clicking the "Like" button or leaving a comment, this information is also transmitted directly to a Facebook by META server and stored there. The information is also published on your Facebook by META profile and displayed to your Facebook by META contacts that you have activated for this purpose.

      • Legal basis for the processing of personal data

        Relevant are Art. 6 ff. FADP and Art. 6 para. 1 lit. a GDPR (if you have registered with "Facebook by META") and Art. 6 para. 3 FADP and Art. 6 para. 1 lit. f GDPR (if you have not registered with Facebook by META). Insofar as the processing is carried out on the basis of Art. 6 para. 1 sentence 1 lit. f GDPR, the legitimate interest of the website operator is to enable users to interact with the website operator's content on Facebook by META.

      • Purpose of data processing

        The primary purpose of data collection is to offer you a social interaction option linked to Facebook by META and thus to make our website interactive. The scope of the data collection and the further processing and use of the data you provide by Facebook by META as well as your rights in this regard and setting options for protecting your privacy can be found in Facebook by META's data protection information: https://www.facebook.com/about/privacy

      • Duration of storage

        Facebook by META will store the data relevant for the provision of the web service for as long as necessary. If the data is subject to statutory retention obligations, it will be deleted after the retention obligation has expired.

      • Option to object and erasure

        If you do not want the Facebook by META social plug-in to be executed, you can also prevent it from being executed by installing a corresponding add-on or script blocker. If you do not want Facebook by META to assign the data collected via our website to your Facebook by META profile, you must log out of Facebook by META before visiting our website. The right of access, rectification and erasure as well as the right to restriction of processing and the right to object are otherwise governed by the general provisions on the right to object and the right to erasure under data protection law described below in this privacy policy.

    Information on the use of cookies

    Scope of the processing of personal data

    We integrate and use cookies on various pages to enable certain functions of our website and to integrate external web services. Cookies are small text files that your browser can store on your access device. These text files contain a characteristic string of characters that uniquely identifies the browser when you return to our website. The process of saving a cookie file is also referred to as "setting a cookie". Cookies can be set both by the website itself and by external web services.

    Legal basis for the processing of personal data

    Relevant are Art. 6 ff. FADP (principles) and Art. 6 para. 1 lit. f GDPR (legitimate interest) or Art. 6 para. 1 lit. a or Art. 9 para. 2 lit. a GDPR (consent).

    Which legal basis is relevant can be found in the cookie table listed later in this section.

    In general, in the case of cookies that are collected on the basis of a legitimate interest, our legitimate interest is to ensure the functionality of our website and the services integrated into it (technically necessary cookies). In addition, the cookies may increase their user-friendliness and enable a more personalized approach. In this case, we have weighed up your interests against our interests.

    With the help of cookie technology, we can only identify, analyze and track individual website visitors if the website visitor has consented to the use of cookies in accordance with Art. 6 para. 6 DSG or Art. 6 para. 1 lit. a DSGVO.

    Purpose of data processing

    The cookies are set by our website or the external web services in order to maintain the full functionality of our website, to improve user-friendliness or to pursue the purpose stated with your consent. Cookie technology also enables us to recognize individual visitors by means of pseudonyms, e.g. individual or random IDs, so that we can offer more individual services. Details are listed in the table below

    Duration of storage

    The cookies listed below are stored in your browser until they are deleted or, in the case of a session cookie, until the session has expired. Details are listed in the following table:

    Consent . . . . . . .
    Cookie nameServerProviderPurposeLegal basisStorage durationType
    __cf_bm.fonts.netFonts.comThis cookie is used to confirm that the visitor comes from a known computer. This allows security barriers to be overcome and loading times to be accelerated.approx. 30 minutesConfiguration
    _fbp.zug-shop.ch, .chFacebook ConnectFacebook uses this cookie to display advertising products and assign advertising clicks to a userConsentapprox. 3 monthsMarketing
    _gazug-tourismus.ch, zug-shop.chGoogle AnalyticsThis cookie assigns an ID to a user so that the web tracker can summarize the user's actions under this IDConsentapprox. 24 monthsAnalytics
    _gazug-tourismus.ch, zug-shop.chGoogle AnalyticsThis cookie assigns an ID to a user so that the web tracker can summarize the user's actions under this IDConsentapprox. 24 monthsAnalytics
    _ga_*zug-tourismus.ch, zug-shop.chGoogle AnalyticsThis cookie stores a unique ID for a website visitor in connection with Google Analytics or Google Tag Manager and tracks how the visitor uses the websiteConsentapprox. 24 monthsAnalytics
    _gatzug-shop.chGoogle AnalyticsThis cookie is used to throttle the request rate of the web trackerConsentapprox. 70 secondsAnalytics
    _gat_UA-*zug-tourismus.chGoogle AnalyticsThis cookie is the tracking cookie from Google Analytics. This cookie stores a unique visitor ID, the date and time of the first visit, the start time of the active visit, and the number of all visits a unique visitor has made to the website.Consentapprox. 80 secondsAnalytics
    _gidzug-tourismus.ch, zug-shop.chGoogle AnalyticsThis cookie assigns an ID to a user so that the web tracker can summarize the user's actions under this IDConsentapprox. 24 hoursAnalytics
    enabledwww.zug-tourismus.chWebsite operatorThis cookie allows us to save individual comfort settings selected by you and to retain them for your current and future site visitsConsentSessionConfiguration

    Option to object, withdrawal of consent and deletion

    You can set your browser according to your wishes so that the setting of cookies is generally prevented. You can then decide on a case-by-case basis whether to accept cookies or accept cookies in principle. Cookies can be used for various purposes, e.g. to recognize that your access device is already connected to our website (permanent cookies) or to save recently viewed offers (session cookies). If you have expressly given us permission to process your personal data, you can revoke this consent at any time. Please note that this does not affect the lawfulness of the processing carried out on the basis of the consent until revocation.

    Data security and data protection, communication by email

    Your personal data is protected by technical and organizational measures during collection, storage and processing in such a way that it is not accessible to third parties. In the case of unencrypted communication by email, we cannot guarantee complete data security on the transmission path to our IT systems, so we recommend encrypted communication or the postal service for information requiring a high level of confidentiality.

    Duration of data storage and rights of the data subject

    Duration of storage

    We only store the personal data to the extent and for as long as this is necessary to fulfill the purposes for which the personal data was collected, we have a legitimate overriding interest in storing it or are legally obliged to do so.

    Right to information

    You have the right to request confirmation as to whether we are processing your personal data. If this is the case, you have a right to information about the personal data specified in 25 et seq. FADP or Art. 15 para. 1 GDPR, provided that the information cannot be refused, restricted or postponed by the data controller (see Art. 26 f. FADP or Art. 15 para. 4 GDPR). We will also be happy to provide you with a copy of the data.

    Right to rectification

    In accordance with Art. 32 para. 1 FADP or Art. 16 GDPR, you have the right to demand that incorrectly stored personal data (e.g. address, name, etc.) be corrected, provided that this claim does not conflict with any legal obligation. You can also request the completion of the data stored by us at any time. A corresponding adjustment will be made immediately.

    Right to erasure

    In accordance with Art. 17 para. 1 GDPR, you have the right to demand that we erase the personal data we have collected about you if

    • the data is either no longer required;
      • the legal basis for the processing no longer applies due to the withdrawal of your consent;there are no longer legitimate grounds for the processing;your data is being processed unlawfully;
    • a legal obligation requires this;

    In accordance with Art. 17 para. 3 GDPR, the right does not exist if

    • the processing is necessary for exercising the right of freedom of expression and information;
      • your data has been collected on the basis of a legal obligation;the processing is necessary for reasons of public interest;
    • the data is necessary for the establishment, exercise or defense of legal claims;

      • Right to restriction of processing

      In accordance with Art. 18 para. 1 GDPR, you have the right in individual cases to request the restriction of the processing of your personal data

      .

      This is the case if

      • the accuracy of the personal data is contested by you;
        • the processing is unlawful and you do not consent to erasure;
      • the data is no longer required for the purpose of processing, but the data collected serves the establishment, exercise or defense of legal claims;
        • an objection to the processing pursuant to Art. 21 para. 1 GDPR has been lodged and it is still unclear which interests prevail;

        Right to withdraw consent

        If you have given us your express consent to process your personal data (Art. 6 para. 6 FADP and Art. 31 para. 1 FADP; Art. 6 para. 1 lit. a GDPR or Art. 9 para. 2 lit. a GDPR), you can withdraw this consent at any time. Please note that this does not affect the lawfulness of the processing carried out on the basis of the consent until revocation. Data for which we are legally obliged to retain will be deleted after this period has expired.

        Right to object

        In accordance with Art. 21 GDPR, you have the right to object at any time to the processing of personal data concerning you that has been collected on the basis of Art. 6 para. 1 lit. f GDPR (in the context of a legitimate interest). If you have given us your express consent to process your personal data (Art. 6 para. 6 GDPR and Art. 31 para. 1 GDPR), you can withdraw this consent at any time. Please note that this does not affect the lawfulness of the processing carried out on the basis of the consent until revocation. You only have this right if there are special circumstances that speak against the storage and processing. Data for which we are legally obliged to store will be deleted after the deadline has expired.

        How do you exercise your rights?

        You can exercise your rights at any time by using the contact details below:

        Train Tourism
        Bahnhofplatz
        6300 Zug
        Switzerland
        E-Mail: info@zug.ch
        Phone: 041 723 68 00

        Right to data portability

        In accordance with Art. 20 GDPR, you have the right to the transfer of personal data concerning you. We will provide the data in a structured, commonly used and machine-readable format. The data can be sent either to you or to a controller designated by you.

        We will provide you with the following data on request:

        • Data collected on the basis of consent (Art. 31 para. 1 FADP and Art. 6 para. 1 let. a GDPR);
          • Data that we have received from you under existing contracts (Art. 31 para. 2 let. a FADP and Art. 6 para. 1 let. b GDPR and Art. 9 para. 2 let. a GDPR);
        • Data that has been processed as part of an automated procedure
          • .

        We will transfer the personal data directly to a controller of your choice, insofar as this is technically feasible. Please note that we are not permitted to transfer data that interferes with the overriding interests of third parties in accordance with Art. 26 para. 1 let. b FADP or Art. 20 para. 4 GDPR, or only to a limited extent.

        Mitteilungen an den EDÖB und Klagemöglichkeit

        According to Art. 49 FADP, data subjects can file a complaint with the supervisory authority if there are sufficient indications that data processing could violate data protection regulations. The supervisory authority for data protection in Switzerland is the Federal Data Protection and Information Commissioner (FDPIC).

        For further information, please refer to the FDPIC's contact form: https://www.edoeb.admin.ch/edoeb/de/home/deredoeb/kontakt.html

        If you suspect that your data is being processed unlawfully on our website, you can bring about a judicial clarification of the issue in accordance with Art. 32 FADP. As a rule, an action under Art. 28 ff. ZGB should be sought. If you are affected by the processing of data by federal bodies, the procedure is governed by Art. 41 FADP. In this case, you can also contact the FDPIC (see reference to the contact form above).

        Right to lodge a complaint with the supervisory authority pursuant to Art. 77 para. 1 GDPR

        If you suspect that your data is being processed unlawfully on our website, you can of course bring about a judicial clarification of the issue at any time. You also have every other legal option available to you. Irrespective of this, you have the option of contacting a supervisory authority in accordance with Art. 77 para. 1 GDPR. You have the right to lodge a complaint pursuant to Art. 77 GDPR in the EU Member State of your place of residence, your place of work and/or the place of the alleged infringement, i.e. you can choose the supervisory authority to which you turn from the above-mentioned places. The supervisory authority with which the complaint has been lodged will then inform you of the status and outcome of your complaint, including the possibility of a judicial remedy pursuant to Art. 78 GDPR.