Discover more
With this Privacy Policy, we inform you about the personal data we process in connection with our activities and operations, including our naturmetropole.ch website. We provide detailed information about the purposes, methods, and locations of our data processing activities. We also inform individuals whose data we process about their rights.
Additional privacy policies and other legal documents such as Terms and Conditions (T&C), Terms of Use, or participation conditions may apply to specific or additional activities and operations.
We are subject to Swiss data protection law as well as any applicable foreign data protection laws, particularly those of the European Union (EU) with the European General Data Protection Regulation (GDPR).
The European Commission recognized with a decision on 26 July 2000, that Swiss data protection law ensures adequate data protection. The European Commission confirmed this adequacy decision in a report from 15 January 2024.
Responsible for the processing of personal data:
Marke graubünden c/o Quant AG
Via Nova 37
7017 Flims Dorf
Switzerland
In individual cases, there may be other responsible parties for data processing or joint responsibility with at least one other party.
We have appointed the following data protection officer or data protection advisor as a point of contact for affected individuals and authorities for inquiries related to data protection:
Andrea Beerli
Marke graubünden c/o Quant AG
Via Nova 37
7017 Flims Dorf
Switzerland
We have the following data protection representation according to Art. 27 GDPR:
VGS Datenschutzpartner GmbH
Am Kaiserkai 69
20457 Hamburg
Germany
The data protection representation serves as an additional point of contact for affected individuals and authorities in the European Union (EU) and the rest of the European Economic Area (EEA) regarding inquiries related to the GDPR.
Personal data are all information related to an identified or identifiable natural person. An affected person is an individual whose personal data we process.
Processing includes any handling of personal data, regardless of the means and methods used, such as querying, matching, adjusting, archiving, storing, retrieving, disclosing, obtaining, recording, collecting, deleting, revealing, ordering, organizing, storing, modifying, distributing, linking, destroying, and using personal data.
The European Economic Area (EEA) includes the member states of the European Union (EU), as well as the Principality of Liechtenstein, Iceland, and Norway.
The General Data Protection Regulation (GDPR) refers to the processing of personal data as the processing of personal data and the processing of special categories of personal data as the processing of special categories of personal data (Art. 9 GDPR).
We process personal data in accordance with Swiss data protection law, especially the Federal Act on Data Protection (Data Protection Act, FADP) and the Ordinance on Data Protection (Data Protection Ordinance, DPO).
Where and to the extent that the General Data Protection Regulation (GDPR) is applicable, we process personal data based on at least one of the following legal bases:
We process those personal data that are required to be able to carry out our activities and operations in a sustainable, user-friendly, secure, and reliable manner. Such personal data can fall into categories such as inventory and contact data, browser and device data, content data, meta or marginal data, usage data, location data, sales data, as well as contract and payment data.
We process personal data for the duration necessary for the respective purpose or purposes or as required by law. Personal data that are no longer necessary to be processed are anonymized or deleted.
We may have personal data processed by third parties. We may process personal data together with third parties or transfer them to third parties. Such third parties are especially specialized providers whose services we use. We also ensure data protection with such third parties.
We generally process personal data only with the consent of the data subjects. If and to the extent that processing is permitted on other legal grounds, we may forego obtaining consent. For example, we may process data without consent in order to fulfill a contract, comply with legal obligations, or safeguard overriding interests.
We also process personal data that we receive from third parties, obtain from publicly accessible sources, or collect during the performance of our activities and operations, provided that such processing is permitted for legal reasons.
We process personal data in order to be able to communicate with third parties. In this context, we process in particular data transmitted by a data subject when making contact, for example by postal mail or email. We may store such data in an address book or with similar tools.
Third parties transmitting data about other persons are required to ensure data protection towards such affected persons. This includes ensuring the accuracy of the transmitted personal data.
We implement appropriate technical and organizational measures to ensure data security appropriate to the risk level. Our measures are designed to ensure the confidentiality, availability, traceability, and integrity of the processed personal data, although absolute data security cannot be guaranteed.
Access to our website and other online presences is secured through transport encryption (SSL / TLS, especially with the Hypertext Transfer Protocol Secure, abbreviated HTTPS). Most browsers indicate transport encryption with a small padlock in the address bar.
Our digital communication is – like essentially all digital communication – subject to mass surveillance without cause or suspicion by security authorities in Switzerland, the rest of Europe, the United States of America (USA), and other countries. We have no direct control over the respective processing of personal data by intelligence services, police stations, and other security authorities. We also cannot exclude the possibility that certain individuals are subject to targeted surveillance.
We generally process personal data in Switzerland and the European Economic Area (EEA). However, we may also export or transmit personal data to other countries, particularly to process or have them processed there.
We may export personal data to any country and territory on Earth as well as elsewhere in the universe, provided that the local law ensures adequate data protection according to a decision by the Swiss Federal Council and – where and to the extent the General Data Protection Regulation (GDPR) is applicable – according to a decision by the European Commission.
We may transmit personal data to countries whose laws do not ensure adequate data protection, provided that data protection is guaranteed by other means, in particular based on standard data protection clauses or other suitable guarantees. Exceptionally, we may export personal data to countries without adequate or suitable data protection if specific data protection requirements are met, such as the explicit consent of the affected individuals or a direct connection with the conclusion or performance of a contract. We are happy to provide affected individuals with information about any guarantees or provide a copy of any guarantees upon request.
We grant all rights to affected individuals according to applicable data protection law. In particular, affected individuals have the following rights:
We may postpone, limit, or refuse the exercise of the rights of affected individuals within the legally permissible framework. We may point out any conditions that must be met for the exercise of their data protection rights. For example, we may partially or fully refuse access to information citing trade secrets or the protection of other persons. Similarly, we may partially or fully refuse the deletion of personal data citing legal retention obligations.
We may exceptionally charge for the exercise of rights. We will inform affected individuals in advance of any possible costs.
We are obligated to identify affected individuals who request information or assert other rights with reasonable measures. Affected individuals are required to cooperate.
Affected individuals have the right to enforce their data protection claims through legal proceedings or to file a complaint with a competent data protection supervisory authority.
The data protection supervisory authority for complaints from affected individuals against private controllers and federal bodies in Switzerland is the Federal Data Protection and Information Commissioner (FDPIC).
European data protection supervisory authorities for complaints from affected individuals – where and to the extent the General Data Protection Regulation (GDPR) is applicable – are organized as members of the European Data Protection Board (EDPB). In some member states in the European Economic Area (EEA), the data protection supervisory authorities are federally structured, especially in Germany.
We may use cookies. Cookies – both our own cookies (First-Party Cookies) and cookies from third parties whose services we use (Third-Party Cookies) – are data stored in the browser. Such stored data do not have to be limited to traditional cookies in text form.
Cookies can be stored in the browser temporarily as "Session Cookies" or for a specific period as so-called permanent cookies. "Session Cookies" are automatically deleted when the browser is closed. Permanent cookies have a specified storage duration. Cookies, in particular, allow a browser to be recognized on the next visit to our website and thereby, for example, measure the reach of our website. However, permanent cookies can also be used for online marketing.
Cookies can be completely or partially disabled and deleted in the browser settings at any time. Without cookies, our website may not be fully available. We request – at least to the extent necessary – express consent for the use of cookies.
For cookies used for performance and reach measurement or for advertising, a general objection ("Opt-out") is possible for many services via AdChoices (Digital Advertising Alliance of Canada), the Network Advertising Initiative (NAI), YourAdChoices (Digital Advertising Alliance) or Your Online Choices (European Interactive Digital Advertising Alliance, EDAA).
We may log each access to our website and other online presences with at least the following information, provided it is transmitted to our digital infrastructure during such access: date and time including time zone, IP address, access status (HTTP status code), operating system including user interface and version, browser including language and version, individual sub-page of our website accessed including amount of data transferred, last website called in the same browser window (referrer or referrer).
We log such information, which can also constitute personal data, in log files. The information is necessary to be able to provide our online presence permanently, user-friendly, and reliably. The information is also necessary to ensure data security – also by third parties or with the help of third parties.
We may integrate tracking pixels into our online presence. Tracking pixels are also known as web beacons. Tracking pixels – also from third parties whose services we use – are usually small, non-visible images or scripts formulated in JavaScript that are automatically retrieved when accessing our online presence. Tracking pixels can capture at least the same information as logged in log files.
We are present on social media platforms and other online platforms to communicate with interested individuals and inform about our activities and operations. In connection with such platforms, personal data may also be processed outside of Switzerland and the European Economic Area (EEA).
The General Terms and Conditions (GTC), terms of use, privacy policies, and other provisions of the individual operators of these platforms also apply. These provisions specifically inform about the rights of affected individuals directly against the respective platform, which includes, for example, the right to information.
For our social media presence on Facebook including the so-called Page Insights, we are – where and to the extent the General Data Protection Regulation (GDPR) is applicable – jointly responsible with Meta Platforms Ireland Limited (Ireland). Meta Platforms Ireland Limited is part of the Meta companies (among others in the USA). Page Insights provide information on how visitors interact with our Facebook presence. We use Page Insights to effectively and user-friendly provide our social media presence on Facebook.
Further information about the type, scope, and purpose of data processing, information on the rights of affected individuals, and the contact details of Facebook as well as Facebook's data protection officer can be found in the Facebook Privacy Policy. We have concluded the so-called "Controller Addendum" with Facebook and thereby agreed, in particular, that Facebook is responsible for ensuring the rights of affected individuals. The corresponding information for the so-called Page Insights can be found on the page "Information about Page Insights" including "Information about Page Insights Data".
We use services from specialized third parties to be able to carry out our activities and operations in a permanent, user-friendly, secure, and reliable manner. With such services, we can embed functions and content into our website. For such embedding, the services used technically need to capture at least temporarily the IP addresses of users.
For required security-related, statistical, and technical purposes, third parties whose services we use may process data related to our activities and operations in an aggregated, anonymized, or pseudonymized manner. This includes, for example, performance or usage data to be able to offer the respective service.
We particularly use:
We use services from specialized third parties to be able to use the necessary digital infrastructure related to our activities and operations. This includes, for example, hosting and storage services from selected providers.
We use services from specialized third parties to be able to schedule appointments online, for example, for meetings. In addition to this privacy policy, the directly visible conditions of the services used, such as terms of use or privacy policies, also apply.
We particularly use:
We use services from third parties to enable online collaboration. In addition to this privacy policy, the directly visible conditions of the services used, such as terms of use or privacy policies, also apply.
We particularly use:
We use services from third parties to embed maps into our website.
We use services from specialized third parties to enable the direct playback of digital audio and video content such as music or podcasts.
We particularly use:
We utilize the possibility to display targeted advertising on third-party platforms such as social media platforms and search engines for our activities and operations.
With such advertising, we especially aim to reach individuals who are already interested in our activities and operations or might be interested (Remarketing and Targeting). For this purpose, we may transmit corresponding – possibly also personal – information to third parties that enable such advertising. We can also determine whether our advertising is successful, meaning, in particular, whether it leads to visits to our website (Conversion Tracking).
Third parties where we advertise and where you as a user are registered may possibly associate the use of our website with your profile there.
We particularly use:
We try to determine how our online offerings are used. In this context, for example, we can measure the success and reach of our activities and operations as well as the impact of third-party links to our website. For instance, we can also test and compare how different parts or versions of our online offerings are used («A/B testing» method). Based on the results of performance and reach measurement, we can, in particular, correct errors, strengthen popular content, or make improvements to our online offerings.
For performance and reach measurement, the IP addresses of individual users are mostly stored. In this case, IP addresses are generally shortened («IP masking») to follow the principle of data minimization through the corresponding pseudonymization.
For performance and reach measurement, cookies may be used and user profiles created. Possible user profiles include, for example, visited individual pages or viewed content on our website, information on the size of the screen or browser window, and the – at least approximate – location. Generally, any user profiles are created exclusively in a pseudonymized manner and are not used for identifying individual users. Individual services of third parties, where users are registered, may possibly assign the use of our online offerings to the user account or profile at the respective service.
We particularly use:
We have created this Privacy Policy with the Privacy Policy Generator from Datenschutzpartner. The present privacy policy is an unofficial translation from the original German version.
We may amend and supplement this Privacy Policy at any time. We will inform about such amendments and supplements in an appropriate manner, especially by publishing the current Privacy Policy on our website.
Legal notice
Publisher and address:
The graubünden brand
Via Nova 37
7017 Flims Dorf
Switzerland
Tel. +41 (0)81 531 34 20
Contacts:
Gieri Spescha, Managing Director
Andrea Beerli, Project Manager
Concept, design and production:
Wirz Communications AG
Uetlibergstrasse 132
P.O. Box
8036 Zürich