Important legal information
LATESTA AG, P.O. Box 52, CH-7500 St. Moritz (hereinafter also referred to as "we") is the operator of the website regalin-stmoritz.shop (hereinafter referred to as the "website"), and is therefore responsible for the collection, processing and use of your personal data.
Your trust is important to us, which is why we take the issue of data protection seriously and ensure appropriate security with organisational and technical measures. We also train our employees.
When we use third parties to process personal information, the third party is carefully selected and must take reasonable security measures to ensure the confidentiality and security of your personal information.
LATESTA AG (Via Somplaz 1, 7500 St. Moritz, Switzerland, e-mail: firstname.lastname@example.org) is a responsible person in terms of the applicable data protection laws.
The contact details of our head of data protection is as follows: email@example.com
Copyright and trademark rights
The entire content of the regalin-stmoritz.shop website is protected by copyright. All rights belong to LATESTA AG or third parties. The elements on the regalin-stmoritz.shop website are freely accessible for browsing purposes only. Duplication of this material, or parts thereof, in any written or electronic form is permitted only with a specific mention of regalin-stmoritz.shop . Reproduction, transfer, amendment, linking or use of the regalin-stmoritz.shop website for public or commercial purposes is prohibited without our prior written consent. Please contact firstname.lastname@example.org. The various names and logos appearing on the regalin-stmoritz.shop site are generally registered and protected trademarks. No part of the regalin-stmoritz.shop is designed in such a way as to grant a licence or right to utilise a picture, registered mark or logo. Downloading or copying the regalin-stmoritz.shop website or parts thereof, confers no rights whatsoever in respect of the software or elements of the regalin-stmoritz.shop website. We reserve all rights in respect of all elements of the regalin-stmoritz.shop website with the exception of rights belonging to third parties.
Although we have taken all reasonable care to ensure the reliability of the information provided on this website, we cannot guarantee that it is accurate. regalin-stmoritz.shop information contained herein at the time of its publication, neither we nor our contractual partners can give any explicit or implicit assurance or warranty (including to third parties) with regard to the accuracy, reliability or completeness of the information on regalin-stmoritz.shop. Opinions and other information on the website regalin-stmoritz.shop may be changed at any time without notice. We assume no responsibility and make no guarantee that the functions on regalin-stmoritz.shop will run uninterrupted or that the website or the relevant server is free of viruses or other harmful components.
Limitation of Liability
If a contractual relationship exists between us and the user of regalin-stmoritz.shop or any other of our services, we are liable only for gross negligence or intentionally caused damage. We exclude any liability for damage caused by an auxiliary person. We are not liable for loss of profit, loss of data or other direct, indirect or consequential damages arising out of access to elements of regalin-stmoritz.shop or the use thereof or the impossibility of accessing or using them or links to other websites or technical faults.
Our employees are obliged to treat personal data confidentially.
Scope and purpose of collection, processing and use of personal data
What personal data we collect
We may collect personal data about received services, your payment details, your online preferences, and your customer feedback, including your company name, your name, address, email, and so on. We use this personal information to communicate with you, to conclude business with you and process transactions, to operate the technology, for billing purposes, to conduct market research as well as for marketing purposes, e.g. to analyse our customer base or to contact you by mail, email, or text messages.
We may collect personal information about your credit standing to protect us against payment default.
Your surfing and usage data will then be collected. This includes, for example, the IP address, the information as to which device, browser and browser version you used to visit the technology when, which operating system you use, from which website or app you accessed our technology via a link, and which elements of the technology you use and how. This personal data is stored together with the IP address of your access device. They serve to correctly present and optimize our technology, to protect it against attacks or other infringements and to personalize the technology for you.
When visiting regalin-stmoritz.shop
When visiting our website, our servers temporarily store every access in a log file. The following user and device data, as well as personal data, are collected without your intervention and stored by our host (ISP - Internet Service Provider):
- the IP address of the requesting computer
- the date and time of the access
- the name and URL of the retrieved file
- the website from which the access was made
- the operating system of your computer and the browser you are using
- the country from which you accessed and the language settings of your browser
The collection and processing of this data is carried out for the purpose of enabling the use of our website (establishment of a connection), ensuring system security and stability over the long term and enabling the optimization of our Internet offering as well as for internal statistical purposes. This is our legitimate interest in data processing. The IP address is used in particular to record the visitor's country of residence. In addition, the IP address is used in the event of attacks on the network infrastructure by regalin-stmoritz.shop for statistical purposes. In addition, when visiting our technology, we use so-called pixels and cookies to display personalised advertising and to use web analysis services.
When using our contact forms
You have the possibility to use a contact form to get in touch with us. The entry of the following personal data is mandatory:
- First name and last name
- Address (street, house number, town, postcode)
- telephone number
- email address
The mandatory entries are marked by (*). Failure to provide this information may hinder the provision of our services. The specification of personal data in other fields is voluntary. You can inform us at any time that you no longer consent to the processing of this voluntarily provided personal data (see heading “Your Rights”). Other information is optional and does not affect the use of our technology.
We only use this data to answer your contact request in the best possible and personalised way. You can inform us at any time that you no longer consent to the processing of this voluntarily provided personal data (see heading “Your Rights”).
Use of your data for advertising purposes
Creation of pseudonymised user profiles
Google Tag Manager
We also use Google Tag Manager to manage the usage-based advertising services. The tool Tag Manager itself is a cookieless domain and does not collect any personally identifiable information. Instead, the tool is responsible for triggering other tags that may collect data (see above). If you have opted out at the domain or cookie level, it will remain in effect for all tracking tags implemented with Google Tag Manager.
Sharing of your data with third parties
We share your personal data if you have expressly consented, there is a legal obligation, or if it is necessary for the enforcement of our rights, in particular for the enforcement of claims arising from the relationship between you and LATESTA AG (e.g. collection agencies, authorities, or lawyers). We may share your data with third parties as far as required in the context of the use of the technology for the provision of the desired services (e.g. outsourcing partners, web hosts, companies through which we offer the services on our technology (e.g. for bookings, rent, purchase, etc.), companies that advertise on our behalf) as well as the analysis of your user behaviour.
When sharing your data with third parties, we provide sufficient contractual guarantees that such a third party uses the personal data in accordance with legal requirements and exclusively in our interest.
If the technology contains links to third-party websites, LATESTA AG no longer has any influence on the collection, processing, storage, or use of personal data by the third party after clicking on these links and assumes no responsibility.
Transfer of personal data abroad
For reasons of completeness, we would like to point out that in the USA there are surveillance measures by US authorities which generally allow the storage of all personal data of all persons whose data has been transferred from Switzerland to the USA. This is done without differentiation, limitation or exception on the basis of the objective pursued and without an objective criterion that would allow the US authorities to restrict access to the data and subsequent use to very specific, strictly limited purposes that could justify the interference associated with both access to and use of the data. In addition, we would like to point out that in the USA there are no legal remedies available for the data subjects from Switzerland that would allow them to gain access to the data concerning them and to obtain its correction or deletion, or that there is no effective legal protection against general access rights of US authorities. We explicitly draw the attention of the data subject to this legal and factual situation in order to make an informed decision to consent to the use of his/her data. We also draw users' attention to the fact that both Switzerland and the European Union believe that the USA does not have an adequate level of data protection, partly because of the issues mentioned in this section. Where we have explained in this Privacy Statement that recipients of data (such as Google, Facebook or Twitter) are located in the United States, we will ensure that your data is protected at an appropriate level by our partners either through contractual arrangements with these companies or by ensuring that these companies are certified under the EU-US or Swiss US Privacy Shield.
We use appropriate technical and organisational security measures to protect your stored personal data against manipulation, partial or total loss, and against unauthorised access by third parties. Our security measures are continuously improved in line with technological developments. You should always keep your information confidential and close the browser window when you stop communicating with us, especially if you share the computer with others. We also take corporate privacy very seriously. We have obliged our employees and the service companies commissioned by us to secrecy and to comply with data protection regulations.
Session cookies are used during access to our website (e.g. the online shop) to assign information stored on the server side for each access clearly to you or your internet browser (e.g. so that the shopping cart content is not lost). Session cookies are deleted after closing your Internet browser. Permanent cookies are used to save your default settings (e.g. preferred language) over several independent accesses to our website, i.e. even after closing your Internet browser, or to enable automatic login. Permanent cookies are deleted according to the setting of your Internet browser (e.g. one month after the last visit). By using our website as well as the corresponding functions (e.g. language choice or autologin), you consent to the use of permanent cookies.
On our website, we use so-called tracking tools. These tracking tools will monitor your browsing behaviour on our website. This observation is made for the purpose of the needs-based design and continuous optimisation of our website. In this context, pseudonymized usage profiles are created and small text files stored on your computer (“cookies”).
For this purpose, third-party entrepreneurs can also use permanent cookies, pixel tags, or similar technologies. The third-party entrepreneur does not receive any personal data from us but can track your use of our website, combine this information with data from other websites that you have visited and are also tracked by the third-party entrepreneur, and use these findings for their own purposes (e.g. advertising). The processing of your personal data by the third-party entrepreneur then takes place in the responsibility of the service provider according to its data protection regulations.
The following tracking tools are used:
Google Analytics is a service of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. We use Google Analytics on our website in order to create anonymous evaluations of website usage. A cookie is set, and the session’s log data is sent to Google.
Automated decision making / profiling
We (or third parties commissioned by us) generally do not make automated decisions that affect your personal information or unlawfully affect or otherwise significantly affect you.
Legal basis for processing
The legal basis for the processing of personal data by us is generally laid down in Article 13 (2) (a) of the DSG and Article 13 (1) DSG. In cases where we wish to refuse to conclude contracts with data subjects in the future due to abuse, default, or similar legitimate reasons, we reserve the right, based on Article 13 (1) of the DSG to keep name, first name, address, and email address of a data subject as well as the personal data on the circumstances for the sake of our own interest. Processing of your personal data by other affiliates is also based on Article 13 (1) of the DSG.
Upon request, we provide information to each data subject as to whether and, if so, which personal data is being processed about them (right to confirmation, right to information). At your request:
- We waive all or part of the processing of personal data (right to revoke your consent to the processing of non-essential personal data, right “to be forgotten”). Your request to be forgotten will be shared with third parties we have previously shared your personal information with.
- We correct the corresponding personal data (right to rectify incorrect data).
- We restrict the processing of the relevant personal data (right to restriction of processing, in which case we will only save your personal data or use it to protect our legal rights or to protect the rights of another person).
- You will receive the relevant personal data in a structured, common and machine-readable format (right to data portability).
Storage of Data
We only process personal data for as long as necessary for the purpose or as required by law. If you have set up an account with us, we will store the specified master data without restriction. However, you can request the deletion of the account at any time (see heading “Your Rights”). We will delete the master data unless we are required by law to retain it. In the case of an order without an account, your master data will be deleted after the expiration of the guarantee period or the end of the service insofar as we are not obliged by law to retain it. This deletion can be carried out immediately or in the course of periodically carried out deletion runs.
Contract data, which may also include personal data, will be kept by us until the expiry of the statutory retention period of 10 years. Data retention obligations arise, among other things, from accounting regulations and tax regulations as well as the obligation to retain electronic communications. As far as we no longer need this data to carry out the services for you, the data will be blocked. This means that the data may then only be used for accounting purposes and tax purposes.
If we wish to refuse further business contacts with a data subject due to abuse, payment default, or other legitimate reasons, we will retain the corresponding personal data for a period of five years or, in the event of a recurrence, for ten years.
Possibility to Opt-out/Opt-in
If you do not agree with the fact that we evaluate your use data, you can switch this off. The tracking is switched off by placing a so-called "Opt-Out Cookie" on your system. If you delete all of your cookies once, you should note that the opt-out cookie will also be lost and may have to be renewed.
Please note that the list below is a list of opt-out options that sometimes includes trackers used by our partners that are not necessarily used on the website:
- Browser Add on to disable Google Analytics.
- Disabling the DoubleClick cookie
- Disabling Quandcast targeting
- Disable AddThis Targeting
- Opt-Out for IntelliAd Targeting
A good way to configure a large number of cookies can be found at youronlinechoices.com or at optout.aboutads.info or install the browser extension Ghostery, which is available for every common browser.
This page was last modified on 01.06.2019. If you have any questions or comments about our legal notices or data protection, please contact us at email@example.com.
The person in power has integrated components from PayPal on this website. PayPal is an online payment service provider. Payments are made through so-called PayPal accounts, which are virtual private or business accounts. In addition, PayPal has the ability to process virtual payments through credit cards if a user does not have a PayPal account. A PayPal account is managed via an email address, which is why there is no classic account number. PayPal makes it possible to initiate online payments to third parties or to receive payments. PayPal also takes on trustee functions and offers buyer protection services.
The European operating company of PayPal is PayPal (Europe) S.à.r.l. & Cie. S.C.A., 22-24 Boulevard Royal, 2449 Luxembourg, Luxembourg.
If the data subject selects "PayPal" as a payment option during the ordering process in our online shop, data of the data subject will be automatically transmitted to PayPal. By selecting this payment option, the data subject consents to the transfer of personal data required for the payment transaction.
The personal data transmitted to PayPal are usually first name, last name, address, email address, IP address, telephone number, mobile phone number or other data required for payment transaction. Personal data, which are in connection with the respective order, are also necessary for the execution of the purchase contract.
The purpose of the transmission of the data is payment transaction and fraud prevention. The person in power will provide PayPal with personally identifiable information, in particular if there is a legitimate interest in the transfer. Personal data exchanged between PayPal and the person in power may be transmitted by PayPal to credit reporting agencies. This transmission aims at the identity and credit check.
PayPal may disclose personal information to affiliates and service providers or subcontractors, to the extent necessary to fulfil the contractual obligations or to process the data on behalf of the customer.
The data subject has the option to revoke the consent to the handling of personal data against PayPal at any time. A revocation has no effect on personal data that must be processed, used or transmitted for (contractual) payment processing.
What information does Shopify collect from merchants’ customers and why?
Shopify collects the merchants’ customers’ name, email, shipping and billing address, payment details, company name, phone number, IP address, information about orders you initiate, information about the Shopify-supported merchant stores that you visit, and information about the device and browser you use.
- Shopify uses this information to provide the merchants with the Services, including supporting and processing orders, risk and fraud screening, authentication, and payments. Shopify also uses this information to improve the Services.
Shopify uses some of the personal information you provide to conduct some level of automated decision-making - for example, Shopify uses certain personal information (for example, IP addresses or payment information) to automatically block certain potentially fraudulent transactions for a short period of time.
When does Shopify collect this information?
Shopify collects this information when you use or access a store that uses our Services, such as when you visit a merchant’s site, place an order or sign up for an account on a merchant’s site.
Additionally, Shopify partners with third parties who provide Shopify information about merchants’ customers, for example to help screen out merchants associated with fraud.
When and why does Shopify share this information with third parties?
Shopify works with a variety of third parties and service providers to help provide the merchants with the Services and therefore may share personal information with them to support these efforts.
Shopify may also share your information under the following circumstances:
- to prevent, investigate, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, violations of our Terms of Service or any other agreement related to the Services, or as otherwise required by law.
- If the merchant whose store you visit or access directs us to transfer this information (for example, if they enable a third-party app that accesses customer personal information).
- to conform to legal requirements, or to respond to lawful court orders, subpoenas, warrants, or other requests by public authorities (including to meet national security or law enforcement requirements).
Personal information may also be shared with a company that acquires the Shopify business or the business of a merchant whose store you visit or access, whether through merger, acquisition, bankruptcy, dissolution, reorganization, or other similar transaction or proceeding.
Shopify is responsible for all onward transfers of personal information to third parties in accordance with the EU-U.S. Privacy Shield Framework, the Swiss-U.S. Privacy Shield Framework, and Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA).