Search results

Current topics

«Das Ausländerstimmrecht würde in Vals auch heute wieder angenommen»

Privacy Policy

With this Privacy Policy, we inform you about the personal data we process in connection with our activities and operations, including our naturmetropole.ch website. We provide detailed information about the purposes, methods, and locations of our data processing activities. We also inform individuals whose data we process about their rights.

Additional privacy policies and other legal documents such as Terms and Conditions (T&C), Terms of Use, or participation conditions may apply to specific or additional activities and operations.

We are subject to Swiss data protection law as well as any applicable foreign data protection laws, particularly those of the European Union (EU) with the European General Data Protection Regulation (GDPR).

The European Commission recognized with a decision on 26 July 2000, that Swiss data protection law ensures adequate data protection. The European Commission confirmed this adequacy decision in a report from 15 January 2024.

1. Contact Addresses

Responsible for the processing of personal data:

Marke graubünden c/o Quant AG
Via Nova 37
7017 Flims Dorf
Switzerland

marke@graubuenden.ch

In individual cases, there may be other responsible parties for data processing or joint responsibility with at least one other party.

1.1 Data Protection Officer or Data Protection Advisor

We have appointed the following data protection officer or data protection advisor as a point of contact for affected individuals and authorities for inquiries related to data protection:

Andrea Beerli
Marke graubünden c/o Quant AG
Via Nova 37
7017 Flims Dorf
Switzerland

marke@graubuenden.ch

1.2 Data Protection Representation in the European Economic Area (EEA)

We have the following data protection representation according to Art. 27 GDPR:

VGS Datenschutzpartner GmbH
Am Kaiserkai 69
20457 Hamburg
Germany

marke@graubuenden.ch

The data protection representation serves as an additional point of contact for affected individuals and authorities in the European Union (EU) and the rest of the European Economic Area (EEA) regarding inquiries related to the GDPR.

2. Terms and Legal Bases

2.1 Terms

Personal data are all information related to an identified or identifiable natural person. An affected person is an individual whose personal data we process.

Processing includes any handling of personal data, regardless of the means and methods used, such as querying, matching, adjusting, archiving, storing, retrieving, disclosing, obtaining, recording, collecting, deleting, revealing, ordering, organizing, storing, modifying, distributing, linking, destroying, and using personal data.

The European Economic Area (EEA) includes the member states of the European Union (EU), as well as the Principality of Liechtenstein, Iceland, and Norway.

The General Data Protection Regulation (GDPR) refers to the processing of personal data as the processing of personal data and the processing of special categories of personal data as the processing of special categories of personal data (Art. 9 GDPR).

2.2 Legal Bases

We process personal data in accordance with Swiss data protection law, especially the Federal Act on Data Protection (Data Protection Act, FADP) and the Ordinance on Data Protection (Data Protection Ordinance, DPO).

Where and to the extent that the General Data Protection Regulation (GDPR) is applicable, we process personal data based on at least one of the following legal bases:

  • Art. 6 para. 1 lit. b GDPR for the necessary processing of personal data for the performance of a contract with the data subject or to carry out pre-contractual measures.
  • Art. 6 para. 1 lit. f GDPR for the necessary processing of personal data to safeguard the legitimate interests of us or a third party, provided that the fundamental freedoms and rights and interests of the data subject do not prevail. Legitimate interests include our interest in being able to carry out our activities and operations in a sustainable, user-friendly, secure, and reliable manner, ensuring information security, protecting against misuse, enforcing our own legal claims, and compliance with Swiss law.
  • Art. 6 para. 1 lit. c GDPR for the necessary processing of personal data to fulfill a legal obligation to which we are subject according to the applicable law of member states in the European Economic Area (EEA).
  • Art. 6 para. 1 lit. e GDPR for the necessary processing of personal data for the performance of a task carried out in the public interest.
  • Art. 6 para. 1 lit. a GDPR for the processing of personal data with the consent of the data subject.
  • Art. 6 para. 1 lit. d GDPR for the necessary processing of personal data to protect the vital interests of the data subject or another natural person.

3. Type, Scope, and Purpose

We process those personal data that are required to be able to carry out our activities and operations in a sustainable, user-friendly, secure, and reliable manner. Such personal data can fall into categories such as inventory and contact data, browser and device data, content data, meta or marginal data, usage data, location data, sales data, as well as contract and payment data.

We process personal data for the duration necessary for the respective purpose or purposes or as required by law. Personal data that are no longer necessary to be processed are anonymized or deleted.

We may have personal data processed by third parties. We may process personal data together with third parties or transfer them to third parties. Such third parties are especially specialized providers whose services we use. We also ensure data protection with such third parties.

We generally process personal data only with the consent of the data subjects. If and to the extent that processing is permitted on other legal grounds, we may forego obtaining consent. For example, we may process data without consent in order to fulfill a contract, comply with legal obligations, or safeguard overriding interests.

We also process personal data that we receive from third parties, obtain from publicly accessible sources, or collect during the performance of our activities and operations, provided that such processing is permitted for legal reasons.

4. Communication

We process personal data in order to be able to communicate with third parties. In this context, we process in particular data transmitted by a data subject when making contact, for example by postal mail or email. We may store such data in an address book or with similar tools.

Third parties transmitting data about other persons are required to ensure data protection towards such affected persons. This includes ensuring the accuracy of the transmitted personal data.

5. Data Security

We implement appropriate technical and organizational measures to ensure data security appropriate to the risk level. Our measures are designed to ensure the confidentiality, availability, traceability, and integrity of the processed personal data, although absolute data security cannot be guaranteed.

Access to our website and other online presences is secured through transport encryption (SSL / TLS, especially with the Hypertext Transfer Protocol Secure, abbreviated HTTPS). Most browsers indicate transport encryption with a small padlock in the address bar.

Our digital communication is – like essentially all digital communication – subject to mass surveillance without cause or suspicion by security authorities in Switzerland, the rest of Europe, the United States of America (USA), and other countries. We have no direct control over the respective processing of personal data by intelligence services, police stations, and other security authorities. We also cannot exclude the possibility that certain individuals are subject to targeted surveillance.

6. Personal Data Abroad

We generally process personal data in Switzerland and the European Economic Area (EEA). However, we may also export or transmit personal data to other countries, particularly to process or have them processed there.

We may export personal data to any country and territory on Earth as well as elsewhere in the universe, provided that the local law ensures adequate data protection according to a decision by the Swiss Federal Council and – where and to the extent the General Data Protection Regulation (GDPR) is applicable – according to a decision by the European Commission.

We may transmit personal data to countries whose laws do not ensure adequate data protection, provided that data protection is guaranteed by other means, in particular based on standard data protection clauses or other suitable guarantees. Exceptionally, we may export personal data to countries without adequate or suitable data protection if specific data protection requirements are met, such as the explicit consent of the affected individuals or a direct connection with the conclusion or performance of a contract. We are happy to provide affected individuals with information about any guarantees or provide a copy of any guarantees upon request.

7. Rights of Affected Individuals

7.1 Data Protection Rights

We grant all rights to affected individuals according to applicable data protection law. In particular, affected individuals have the following rights:

  • Access: Affected individuals can request information on whether we are processing personal data about them and, if so, which personal data. Furthermore, affected individuals receive information necessary to assert their data protection rights and ensure transparency. This includes the processed personal data itself, as well as information about the purpose of processing, the duration of storage, any disclosure or export of data to other countries, and the source of the personal data.
  • Correction and Restriction: Affected individuals can correct inaccurate personal data, complete incomplete data, and request the restriction of their data processing.
  • Deletion and Objection: Affected individuals can have personal data deleted ("right to be forgotten") and object to the processing of their data with future effect.
  • Data Release and Data Transfer: Affected individuals can request the release of personal data or the transfer of their data to another controller.

We may postpone, limit, or refuse the exercise of the rights of affected individuals within the legally permissible framework. We may point out any conditions that must be met for the exercise of their data protection rights. For example, we may partially or fully refuse access to information citing trade secrets or the protection of other persons. Similarly, we may partially or fully refuse the deletion of personal data citing legal retention obligations.

We may exceptionally charge for the exercise of rights. We will inform affected individuals in advance of any possible costs.

We are obligated to identify affected individuals who request information or assert other rights with reasonable measures. Affected individuals are required to cooperate.

7.2 Legal Protection

Affected individuals have the right to enforce their data protection claims through legal proceedings or to file a complaint with a competent data protection supervisory authority.

The data protection supervisory authority for complaints from affected individuals against private controllers and federal bodies in Switzerland is the Federal Data Protection and Information Commissioner (FDPIC).

European data protection supervisory authorities for complaints from affected individuals – where and to the extent the General Data Protection Regulation (GDPR) is applicable – are organized as members of the European Data Protection Board (EDPB). In some member states in the European Economic Area (EEA), the data protection supervisory authorities are federally structured, especially in Germany.

8. Website Use

8.1 Cookies

We may use cookies. Cookies – both our own cookies (First-Party Cookies) and cookies from third parties whose services we use (Third-Party Cookies) – are data stored in the browser. Such stored data do not have to be limited to traditional cookies in text form.

Cookies can be stored in the browser temporarily as "Session Cookies" or for a specific period as so-called permanent cookies. "Session Cookies" are automatically deleted when the browser is closed. Permanent cookies have a specified storage duration. Cookies, in particular, allow a browser to be recognized on the next visit to our website and thereby, for example, measure the reach of our website. However, permanent cookies can also be used for online marketing.

Cookies can be completely or partially disabled and deleted in the browser settings at any time. Without cookies, our website may not be fully available. We request – at least to the extent necessary – express consent for the use of cookies.

For cookies used for performance and reach measurement or for advertising, a general objection ("Opt-out") is possible for many services via AdChoices (Digital Advertising Alliance of Canada), the Network Advertising Initiative (NAI), YourAdChoices (Digital Advertising Alliance) or Your Online Choices (European Interactive Digital Advertising Alliance, EDAA).

8.2 Logging

We may log each access to our website and other online presences with at least the following information, provided it is transmitted to our digital infrastructure during such access: date and time including time zone, IP address, access status (HTTP status code), operating system including user interface and version, browser including language and version, individual sub-page of our website accessed including amount of data transferred, last website called in the same browser window (referrer or referrer).

We log such information, which can also constitute personal data, in log files. The information is necessary to be able to provide our online presence permanently, user-friendly, and reliably. The information is also necessary to ensure data security – also by third parties or with the help of third parties.

8.3 Tracking Pixels

We may integrate tracking pixels into our online presence. Tracking pixels are also known as web beacons. Tracking pixels – also from third parties whose services we use – are usually small, non-visible images or scripts formulated in JavaScript that are automatically retrieved when accessing our online presence. Tracking pixels can capture at least the same information as logged in log files.

9. Social Media

We are present on social media platforms and other online platforms to communicate with interested individuals and inform about our activities and operations. In connection with such platforms, personal data may also be processed outside of Switzerland and the European Economic Area (EEA).

The General Terms and Conditions (GTC), terms of use, privacy policies, and other provisions of the individual operators of these platforms also apply. These provisions specifically inform about the rights of affected individuals directly against the respective platform, which includes, for example, the right to information.

For our social media presence on Facebook including the so-called Page Insights, we are – where and to the extent the General Data Protection Regulation (GDPR) is applicable – jointly responsible with Meta Platforms Ireland Limited (Ireland). Meta Platforms Ireland Limited is part of the Meta companies (among others in the USA). Page Insights provide information on how visitors interact with our Facebook presence. We use Page Insights to effectively and user-friendly provide our social media presence on Facebook.

Further information about the type, scope, and purpose of data processing, information on the rights of affected individuals, and the contact details of Facebook as well as Facebook's data protection officer can be found in the Facebook Privacy Policy. We have concluded the so-called "Controller Addendum" with Facebook and thereby agreed, in particular, that Facebook is responsible for ensuring the rights of affected individuals. The corresponding information for the so-called Page Insights can be found on the page "Information about Page Insights" including "Information about Page Insights Data".

10. Services from Third Parties

We use services from specialized third parties to be able to carry out our activities and operations in a permanent, user-friendly, secure, and reliable manner. With such services, we can embed functions and content into our website. For such embedding, the services used technically need to capture at least temporarily the IP addresses of users.

For required security-related, statistical, and technical purposes, third parties whose services we use may process data related to our activities and operations in an aggregated, anonymized, or pseudonymized manner. This includes, for example, performance or usage data to be able to offer the respective service.

We particularly use:

10.1 Digital Infrastructure

We use services from specialized third parties to be able to use the necessary digital infrastructure related to our activities and operations. This includes, for example, hosting and storage services from selected providers.

10.2 Scheduling

We use services from specialized third parties to be able to schedule appointments online, for example, for meetings. In addition to this privacy policy, the directly visible conditions of the services used, such as terms of use or privacy policies, also apply.

We particularly use:

10.3 Online Collaboration

We use services from third parties to enable online collaboration. In addition to this privacy policy, the directly visible conditions of the services used, such as terms of use or privacy policies, also apply.

We particularly use:

10.4 Mapping Material

We use services from third parties to embed maps into our website.

10.5 Digital Audio and Video Content

We use services from specialized third parties to enable the direct playback of digital audio and video content such as music or podcasts.

We particularly use:

10.6 Advertising

We utilize the possibility to display targeted advertising on third-party platforms such as social media platforms and search engines for our activities and operations.

With such advertising, we especially aim to reach individuals who are already interested in our activities and operations or might be interested (Remarketing and Targeting). For this purpose, we may transmit corresponding – possibly also personal – information to third parties that enable such advertising. We can also determine whether our advertising is successful, meaning, in particular, whether it leads to visits to our website (Conversion Tracking).

Third parties where we advertise and where you as a user are registered may possibly associate the use of our website with your profile there.

We particularly use:

11. Performance and Reach Measurement

We try to determine how our online offerings are used. In this context, for example, we can measure the success and reach of our activities and operations as well as the impact of third-party links to our website. For instance, we can also test and compare how different parts or versions of our online offerings are used («A/B testing» method). Based on the results of performance and reach measurement, we can, in particular, correct errors, strengthen popular content, or make improvements to our online offerings.

For performance and reach measurement, the IP addresses of individual users are mostly stored. In this case, IP addresses are generally shortened («IP masking») to follow the principle of data minimization through the corresponding pseudonymization.

For performance and reach measurement, cookies may be used and user profiles created. Possible user profiles include, for example, visited individual pages or viewed content on our website, information on the size of the screen or browser window, and the – at least approximate – location. Generally, any user profiles are created exclusively in a pseudonymized manner and are not used for identifying individual users. Individual services of third parties, where users are registered, may possibly assign the use of our online offerings to the user account or profile at the respective service.

We particularly use:

  • fusedeck: Performance and reach measurement; Provider: Capture Media AG (Switzerland); Privacy information: "Data & Privacy", Privacy Policy.
  • Google Analytics: Performance and reach measurement; Provider: Google; Google Analytics-specific information: Measurement across various browsers and devices (Cross-Device Tracking) as well as with pseudonymized IP addresses, which are only exceptionally transferred in full to Google in the USA, "Privacy", "Browser Add-on to disable Google Analytics".
  • Google Tag Manager: Integration and management of other services for performance and reach measurement as well as further services from Google and third parties; Provider: Google; Google Tag Manager-specific information: "Data collected by Google Tag Manager"; additional privacy information can be found in the individual integrated and managed services.

12. Final Provisions

We have created this Privacy Policy with the Privacy Policy Generator from Datenschutzpartner. The present privacy policy is an unofficial translation from the original German version.

We may amend and supplement this Privacy Policy at any time. We will inform about such amendments and supplements in an appropriate manner, especially by publishing the current Privacy Policy on our website.

Legal notice

Publisher and address:
The graubünden brand
Via Nova 37
7017 Flims Dorf
Switzerland
Tel. +41 (0)81 531 34 20

Contacts:
Gieri Spescha, Managing Director
Andrea Beerli, Project Manager

Concept, design and production:
Wirz Communications AG
Uetlibergstrasse 132
P.O. Box
8036 Zürich

default
Data protection

Privacy Policy “Graubünden Job Match” – Version dated 22 September 2025

Note: This English translation was created with the assistance of artificial intelligence. In case of discrepancies or interpretation issues, the original German version of this Privacy Policy shall prevail.

In this privacy policy, we explain how we, Graubünden Job Match, collect and otherwise process personal data. Personal data means all information relating to an identified or identifiable individual.

If you disclose or provide data to us about other persons (e.g., family members, representatives, counterparties, other related persons or colleagues), we assume that you are authorized to do so and that such data are correct.

This privacy policy is aligned with the requirements of the Swiss Federal Act on Data Protection (“FADP”). Although we follow the principles of the EU General Data Protection Regulation (“GDPR”), our processes are primarily governed by Swiss law.

1. Controller / Data Protection Officer / Representative

The controller responsible for the data processing described here is Graubünden Job Match c/o GastroGraubünden, Loëstrasse 161, 7000 Chur. Unless otherwise indicated in an individual case, you can address data protection matters to the following contact: info@graubuenden.jobs.

Our representative in the EEA pursuant to Art. 27 GDPR is: JOBN GmbH, FN 475010 w, Sillgasse 8a, 6020 Innsbruck.

2. Collection and Processing of Personal Data / Purposes of Processing and Legal Bases

We primarily process the personal data that we receive from our customers and other business partners (and the individualsinvolved) in the context of our business relationships, or that we collect from users when operating our websites, the app and other applications. If you use our services, our websites graubuenden-job-match, graubuenden.jobs and/or the “Graubuenden Job Match” app, or otherwise deal with us, we obtain and process various categories of your personal data.

Where permitted, we also obtain certain data from publicly accessible sources (e.g., debt collection registers, land registers, commercial registers, press, internet) or receive such data from other entities within the Tourism Alliance Graubünden, namely the associations GastroGraubünden, HotellerieSuisse Graubünden and Bergbahnen Graubünden.

In addition to the data you provide directly to us (e.g., when creating an account or entering a user profile), the categories of personal data we receive from third parties about you include in particular: information from public registers; information we learn in connection with administrative and court proceedings; information relating to your professional roles and activities; creditworthiness information (where we transact with you personally); information about you provided by persons in your environment (family, advisers, legal representatives, etc.); information from banks, insurers, distribution and other contracting partners regarding your use or provision of services; information about you from media and the internet (where appropriate in a given case, e.g., in the context of an application, press review, marketing/sales, etc.); your addresses and, where applicable, interests and other sociodemographic data (for marketing); data related to the use of the website and app (e.g., IP address, MAC address of your smartphone or computer, information about your device and settings, cookies, date and time of the visit, pages and content accessed, functions used, referring website, location data).

Specific categories of personal data that we process include:

• Contact details (name, email address, telephone number);

• Information in a user profile (“About me,” industries, availabilities, education, place of work, benefits, if applicable a photo);

• Payment information;

• Particularly sensitive personal data (e.g., health data) are processed only where necessary to fulfill our service (e.g., in connection with special requirements for a workplace) and where explicit consent is given or a legal basis permits such processing.

3. Purposes of Data Processing and Legal Bases

We use the personal data we collect primarily to conclude and fulfill our contracts with our customers and business partners—particularly in the context of employment intermediation and providing a job platform with our customers—and to procure products and services from our suppliers and subcontractors, as well as to comply with our legal obligations in Switzerland and abroad. If you act for such a customer or business partner, your personal data may also be processed in that capacity.

The processing of personal data is lawful, carried out in good faith, and proportionate to a specific purpose that is recognizable to the data subject. Personal data are deleted or anonymized as soon as they are no longer required for the processing purpose.

Beyond this, we process personal data about you and other persons, where permitted and as appears appropriate, for the following purposes, in which we (and sometimes third parties) have a legitimate interest corresponding to the purpose (Art. 31 para. 2 FADP). In particular, we may collect and otherwise process such data for the following purposes:

• Communication: We process personal data so that we can communicate with you and third parties by email, telephone, post, or otherwise (e.g., to respond to inquiries). For this, we process in particular the content of the communication, your contact details and communication metadata, as well as image and audio recordings of (video) calls. For employment intermediation, it is also necessary that we communicate with potential employers and share the necessary personal data.

• Initiation and conclusion of contracts: For entering into a contract with you or with your client or employer, we may collect and process in particular your name, contact details, powers of attorney, declarations of consent, information about third parties, contract content, and any other data that you provide to us or that we obtain from public sources or third parties.

• Administration and performance of contracts: We collect and process personal data so that we can fulfill our contractual obligations towards our customers and other contracting partners and provide and enforce contractual services.

• Advertising and marketing (including holding events): We process your personal data unless you have objected to the use of your data (if we send you advertising as an existing customer, you can object at any time; we will then place you on a blocking list for further marketing communications).

• Operation of our website and other digital offerings: To operate our website securely and stably, we collect technical data such as IP address, details about the operating system and settings of your device, the region, time and type of use. We also use cookies and similar technologies.

• Security purposes and access controls: We collect and process personal data to ensure and continuously improve the appropriate security of our IT and other infrastructure (e.g., buildings). This includes, for example, monitoring and controlling electronic access to our IT systems and physical access to our premises (also using procedures that process biometric data), analyses and tests of our IT infrastructures.

• Compliance with laws, directives and recommendations of authorities, and internal regulations: We collect and process personal data to comply with applicable laws (e.g., anti-money laundering, tax obligations ), self-regulations, certifications, industry standards, our corporate governance, and for internal as well as external investigations.

If you have given us consent to process your personal data for specific purposes (e.g., when you sign up to receive potential newsletters or to transmit your application data to potential employers), we process your personal data based on and within the scope of this consent, to the extent we have no other legal basis and require one. Consent given may be withdrawn at any time; this does not affect data processing that has already taken place (Art. 6 para. 6 FADP).

4. Cookies/Tracking and Other Technologies in Connection with the Use of Our Website and App

We typically use “cookies” and comparable techniques on our websites and apps that can identify your browser or your device. A cookie is a small file that is sent to your computer or is automatically stored by the web browser used on your computer or mobile device when you visit our website or install the app. When you visit this website again or use our app, we can recognize you in this way even if we do not know who you are.

By using our websites and apps and consenting to receive newsletters and other marketing emails, you agree to the use of these techniques. If you do not wish this, you must adjust your browser or email program accordingly, or uninstall the app if it cannot be adjusted via the settings.

Specific services and technologies used:

• Google Analytics 4: We use Google Analytics 4 on our websites. This is a service of Google Ireland (Ireland), relying on Google LLC (USA) as a processor. It allows us to measure and evaluate website usage (not on a personal basis). Persistent cookies set by the provider are also used. We have configured the service so that visitors’ IP addresses are shortened by Google in Europe before being transferred to the USA and can therefore not be traced back. We have disabled the “Data sharing” and “Signals” settings. Although we can assume that the information we share with Google is not personal data for Google, it is possible that Google can draw conclusions about visitors’ identities, create personal profiles and link these data with the Google accounts of those individuals. If you have registered with the provider, the provider also knows you. The processing of your personal data by the provider is then carried out under the provider’s responsibility in accordance with its privacy policy. The provider only informs us how our website is used in each case (no information about you personally). Google Analytics 4 does not store the IP addresses of visitors to our website, but derives approximate geographic location data. User and event data are stored for 3 months if no new activity takes place within this period.

• Firebase: Firebase is a development platform for collecting, aggregating and evaluating data about the use and technical performance of our offering. In particular, Firebase captures app performance and app functionality.

• Meta Business Tools / Meta Pixel: For our website, we use Meta Business Tools provided by Meta Platforms Ireland Limited (Ireland). Processing takes place exclusively on the basis of your consent. Meta Pixel is a code that loads functions enabling Meta to track user actions on our website. The Meta Pixel can store your actions on our website in one or more cookies. The pixel collects information such as your IP address and user ID and compares it with the data in your Facebook account. Depending on interaction and user behavior, Meta uses different cookies.

• LinkedIn Insight Tag: We use LinkedIn’s Insight Tag on our website. The service provider is LinkedIn Corporation (USA) or, for the EEA and Switzerland, LinkedIn Ireland Unlimited (Ireland). By embedding this tracking tool, data can be sent to LinkedIn, stored and processed there. This helps us tailor our advertising to your interests and needs.

• Sentry: We use Sentry to collect information about the use of our offering. We use this information to improve our offering and to fix technical problems. The provider is Functional Software, Inc. (USA).

• CleverPush: For our app, we use CleverPush, a push notification service. The provider is CleverPush GmbH (Germany). To subscribe to push notifications, you must confirm your device’s query to receive notifications. This process is documented and stored by CleverPush, including the time of registration and the push token/device ID. The legal basis for this processing is your consent. CleverPush also performs statistical evaluations of push notifications, for which our legitimate interest forms the legal basis.

If social media plugins are used: We also use plugins from social networks such as Facebook, Twitter, YouTube, Pinterest or Instagram on our websites. This is apparent to you (typically through corresponding icons). We have configured these elements so that they are deactivated by default. If you activate them (by clicking), the operators of the respective social networks can register that you are on our website and where, and they can use this information for their own purposes. The processing of your personal data is then the responsibility of that operator in accordance with its privacy policy. We do not receive any information about you from the operator.

5. Data Disclosure and Data Transfer Abroad

We only disclose data if you have given your consent, if we are contractually or legally obliged to do so, or if this is necessary to enforce our rights. If we engage third parties, we take appropriate contractual measures and implement suitable technical and organizational safeguards to ensure that your data remain protected.

In the course of our business activities and for the purposes mentioned, we also disclose data to third parties, either because they process them on our behalf or because they need them for their own purposes. These third parties include in particular:

• Our service providers (JOBN GmbH, Graubünden Job Match, and external providers such as banks, insurers), including processors (e.g., IT providers, hosting services, email services, payment service providers, push notification services, etc.);

• Lawyers and authorities;

• Subcontractors, where services are (or may be) not provided by us;

Potential employers and candidates for the purpose of initiating employment contracts, if you consent;

• Competitors, industry organizations, associations, organizations and other bodies;

• Other affiliated companies of Graubünden Job Match.

Some of these recipients are located in Switzerland; others may be abroad. In particular, you must expect your data to be transferred to other European countries and possibly to the USA, where the service providers we use are located (e.g., Google LLC for Google Analytics and Firebase, Functional Software, Inc. for Sentry, LinkedIn Corporation for LinkedIn Insight Tag, Meta Platforms Ireland Limited for Meta Pixel). If a recipient is located in a country without an adequate level of data protection (e.g., the USA, which has not been explicitly recognized as adequate by the Swiss Federal Council), we contractually oblige the recipient to comply with applicable data protection. For this purpose, we generally use the revised Standard Contractual Clauses of the European Commission, which are recognized by the Swiss Federal Data Protection and Information Commissioner (FDPIC) as an appropriate safeguard under Art. 16 para. 2 FADP, unless the recipient is already subject to a legally recognized data protection framework and we cannot rely on an exception. An exception may apply in particular in foreign legal proceedings, but also in cases of overriding public interests, where contract performance requires such disclosure, where you have consented, or where the data were generally made publicly accessible by you and you have not objected to their processing (Art. 17 FADP).

6. Retention Period for Personal Data

We process and store your personal data for as long as necessary to fulfill our contractual and legal obligations or otherwise for the purposes pursued with the processing; for example, for the duration of the entire business relationship (from initiation and execution to termination of a contract) and beyond in accordance with statutory retention and documentation obligations. It is possible that personal data will be retained for the period during which claims can be asserted against our company and as long as we are otherwise legally obliged to do so or legitimate business interests require this (e.g., for evidence and documentation purposes). As soon as your personal data are no longer required for the above purposes, they will, in principle and wherever possible, be deleted or anonymized. Shorter retention periods of twelve months or less generally apply to operational data (e.g., system logs).

7. Data Security

We take appropriate security measures to preserve the confidentiality, integrity and availability of your personal data, to protect them against unauthorized or unlawful processing, and to counter the risks of loss, accidental alteration, unwanted disclosure, or unauthorized access.

8. Obligation to Provide Personal Data

Within the context of our business relationship, you must provide the personal data necessary for initiating and conducting the business relationship and fulfilling the associated contractual obligations (you are generally not legally obliged to provide us with data). Without these data, we will generally not be able to conclude a contract with you (or the entity or person you represent) or to process it. The website also cannot be used if certain information necessary to ensure data traffic (such as the IP address) is not disclosed. Specifically, contact details are necessary for voluntarily creating an account. Information in a user profile (where fields are mandatory) is required for initiating and fulfilling a contract, and payment information is necessary to perform payments on our website/app.

9. Your Rights

Within the scope of the data protection law applicable to you and as provided therein (in particular under the Swiss FADP), you have the right to:

• Information/access (Art. 25 FADP) regarding the processing of your personal data;

• Rectification (Art. 32 FADP): to have inaccurate personal data corrected;

• Erasure or destruction (Art. 32 FADP) of personal data;

• Objection (Art. 37 FADP) to data processing, in particular to processing for direct marketing purposes, profiling carried out for direct marketing, and other legitimate interests in processing;

• Data portability (Art. 28 FADP): to obtain certain personal data in a commonly used electronic format or to have them transferred to another controller;

• Withdrawal of consent (Art. 6 para. 6 FADP).

Please note that prerequisites, exceptions or limitations apply to these rights (e.g., to protect third parties or trade secrets or due to a possible professional duty of confidentiality).

If you wish to exercise your rights, please contact us; our contact details can be found in Section 1.

Every data subject also has the right to enforce their claims in court or to lodge a complaint with the competent data protection authority. The competent authority in Switzerland is the Federal Data Protection and Information Commissioner (FDPIC) (edoeb.admin.ch).

10. Final Provisions

This privacy policy is not part of any contract with you. We may amend this privacy policy at any time. The version published on this page: graubuenden-job-match/dataprotection is the current version. If the privacy policy forms part of an agreement with you, we will inform you of any updates by email or in another appropriate manner.

 

Status: Draft of 22 September 2025

Hey Giachen, can you get alpine herb-flavoured cookies?

This website uses cookies to improve usability.

To the privacy policy