Madritsch Gastroconcepts

The responsible entity within the meaning of data protection laws, in particular the EU General Data Protection Regulation (GDPR), is:

Sarah Madritsch

Im Tiergarten 39

8055 Zürich

Switzerland

s.madritsch@mgcgastro.com

Authorized representative: Sarah Madritsch

GENERAL NOTICE

Based on Article 13 of the Swiss Federal Constitution and the data protection provisions of the Confederation (Data Protection Act, DSG), every person has the right to protection of their privacy and protection against misuse of their personal data. The operators of these pages take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with legal data protection regulations as well as this privacy policy.

In cooperation with our hosting providers, we strive to protect the databases as well as possible from unauthorized access, loss, misuse, or falsification. We point out that data transmission on the Internet (e.g., when communicating via email) can have security gaps. Complete protection of data from access by third parties is not possible.

By using this website, you agree to the collection, processing, and use of data according to the following description. This website can generally be visited without registration. Data such as accessed pages or names of retrieved files, date and time are stored on the server for statistical purposes without this data being directly related to your person. Personal data, in particular name, address, or email address, are collected on a voluntary basis wherever possible. Without your consent, data will not be passed on to third parties.

PROCESSING OF PERSONAL DATA

Personal data is all information that relates to a specific or identifiable person. A data subject is a person about whom personal data is processed. Processing includes any handling of personal data, regardless of the means and procedures used, in particular the storage, disclosure, acquisition, deletion, storage, modification, destruction, and use of personal data.

We process personal data in accordance with Swiss data protection law. Furthermore, we process - insofar as and to the extent that the EU GDPR is applicable - personal data according to the following legal bases in connection with Art. 6 Para. 1 GDPR:

Consent (Art. 6 Para. 1 S. 1 lit. a. GDPR) - The data subject has given their consent to the processing of personal data concerning them for a specific purpose or several specific purposes.
Contract performance and pre-contractual inquiries (Art. 6 Para. 1 S. 1 lit. b. GDPR) - Processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract.
Legal obligation (Art. 6 Para. 1 S. 1 lit. c. GDPR) - Processing is necessary for compliance with a legal obligation to which the controller is subject.
Protection of vital interests (Art. 6 Para. 1 S. 1 lit. d. GDPR) - Processing is necessary in order to protect the vital interests of the data subject or of another natural person.
Legitimate interests (Art. 6 Para. 1 S. 1 lit. f. GDPR) - Processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data.

In cases where special categories of personal data within the meaning of Art. 9 Para. 1 GDPR (e.g., health data, such as severe disability status or ethnic origin) are requested from applicants during the application process, so that the controller or the data subject can exercise their rights arising from employment law and social security and social protection law and fulfill their respective obligations, their processing takes place according to Art. 9 Para. 2 lit. b. GDPR, in case of protection of vital interests of applicants or other persons according to Art. 9 Para. 2 lit. c. GDPR or for purposes of preventive medicine or occupational medicine, for assessing the working capacity of the employee, for medical diagnosis, care or treatment in the health or social sector or for administration of systems and services in the health or social sector according to Art. 9 Para. 2 lit. h. GDPR. In case of voluntary consent-based disclosure of special categories of data, their processing is based on Art. 9 Para. 2 lit. a. GDPR.

We process personal data for the duration required for the respective purpose or purposes. In case of longer retention obligations due to legal and other obligations to which we are subject, we restrict processing accordingly.

LEGAL BASIS FOR DATA PROCESSING

In accordance with Art. 13 GDPR, we inform you of the legal bases of our data processing. If the legal basis is not mentioned in the privacy policy, the following applies: The legal basis for obtaining consent is Art. 6 Para. 1 lit. a and Art. 7 GDPR, the legal basis for processing to fulfill our services and carry out contractual measures as well as answering inquiries is Art. 6 Para. 1 lit. b GDPR, the legal basis for processing to fulfill our legal obligations is Art. 6 Para. 1 lit. c GDPR, and the legal basis for processing to protect our legitimate interests is Art. 6 Para. 1 lit. f GDPR. In case vital interests of the data subject or another natural person require processing of personal data, Art. 6 Para. 1 lit. d GDPR serves as the legal basis.

SECURITY MEASURES

We take appropriate technical and organizational measures in accordance with legal requirements, taking into account the state of the art, implementation costs, and the nature, scope, circumstances, and purposes of processing as well as the different probabilities of occurrence and extent of threat to the rights and freedoms of natural persons, to ensure a level of protection appropriate to the risk.

The measures include, in particular, securing the confidentiality, integrity, and availability of data by controlling physical and electronic access to the data as well as access, input, transmission, securing availability, and their separation. Furthermore, we have established procedures that ensure the exercise of data subject rights, deletion of data, and responses to data threats. We also consider the protection of personal data already during the development or selection of hardware, software, and procedures according to the principle of data protection by design and by privacy-friendly default settings.

TRANSMISSION OF PERSONAL DATA

In the course of our processing of personal data, it happens that the data is transmitted to other entities, companies, legally independent organizational units, or persons, or disclosed to them. Recipients of this data may include, for example, service providers commissioned with IT tasks or providers of services and content that are integrated into a website. In such cases, we observe legal requirements and conclude appropriate contracts or agreements that serve to protect your data with the recipients of your data.

DATA PROCESSING IN THIRD COUNTRIES

If we process data in a third country (i.e., outside the European Union (EU), the European Economic Area (EEA)) or if processing takes place in the context of using third-party services or disclosure or transmission of data to other persons, entities, or companies, this is done only in accordance with legal requirements.

Subject to express consent or contractually or legally required transmission, we only process data in third countries with a recognized level of data protection, contractual obligation through so-called standard protection clauses of the EU Commission, in the presence of certifications or binding internal data protection regulations (Art. 44 to 49 GDPR, EU Commission information page: https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection_de).

This website uses cookies. Cookies are text files that contain data from visited websites or domains and are stored by a browser on the user's computer. A cookie primarily serves to store information about a user during or after their visit within an online offering. The stored information may include, for example, language settings on a website, login status, a shopping cart, or the place where a video was watched. We also count other technologies that fulfill the same functions as cookies under the term cookies (e.g., when user information is stored using pseudonymous online identifiers, also referred to as "user IDs").

The following cookie types and functions are distinguished:

Temporary cookies (also: session cookies) Temporary cookies are deleted at the latest after a user leaves an online offering and closes their browser.
Permanent cookies: Permanent cookies remain stored even after closing the browser. For example, login status can be saved or preferred content can be displayed directly when the user visits a website again. Likewise, user interests used for reach measurement or marketing purposes can be stored in such a cookie.
First-Party-Cookies: First-party cookies are set by us ourselves.
Third-party cookies: Third-party cookies are mainly used by advertisers (so-called third parties) to process user information.
Necessary (also: essential or absolutely required) cookies Cookies may be absolutely necessary for the operation of a website
Statistics, marketing and personalization cookies Furthermore, cookies are usually also used in the context of reach measurement and when a user's interests or behavior (e.g., viewing certain content, using functions, etc.) on individual websites are stored in a user profile. Such profiles serve to show users, for example, content that corresponds to their potential interests. This process is also called "tracking," i.e., tracking the potential interests of users. If we use cookies or "tracking" technologies, we inform you separately in our privacy policy or in the context of obtaining consent.
Notes on legal bases The legal basis on which we process your personal data using cookies depends on whether we ask you for consent. If this applies and you consent to the use of cookies, the legal basis for processing your data is the declared consent. Otherwise, data processed using cookies is processed on the basis of our legitimate interests (e.g., in the commercial operation of our online offering and its improvement) or, if the use of cookies is necessary to fulfill our contractual obligations.
Storage duration If we do not provide you with explicit information about the storage duration of permanent cookies (e.g., as part of a so-called cookie opt-in), please assume that the storage duration can be up to two years.
General notes on revocation and objection (opt-out) Depending on whether processing is based on consent or legal permission, you have the opportunity at any time to revoke given consent or object to the processing of your data by cookie technologies (collectively referred to as "opt-out"). You can initially declare your objection through your browser settings, e.g., by deactivating the use of cookies (whereby the functionality of our online offering may also be restricted). An objection to the use of cookies for online marketing purposes can also be declared through a variety of services, especially in the case of tracking, via the websites https://optout.aboutads.info and https://www.youronlinechoices.com/. In addition, you can receive further objection notices in the context of information about the service providers and cookies used.
Processing of cookie data based on consent We use a cookie consent management procedure, within which users' consent to the use of cookies, or the processing and providers mentioned in the context of the cookie consent management procedure, can be obtained, managed, and revoked by users. The consent declaration is stored so that its query does not have to be repeated and consent can be proven according to legal obligation. Storage can be server-side and/or in a cookie (so-called opt-in cookie, or using comparable technologies) to be able to assign consent to a user or their device. Subject to individual information about cookie management service providers, the following notes apply: The duration of storage of consent can be up to two years. A pseudonymous user identifier is formed and stored with the time of consent, information about the scope of consent (e.g., which categories of cookies and/or service providers), and the browser, system, and device used.
Types of data processed Usage data (e.g., visited websites, interest in content, access times), meta/communication data (e.g., device information, IP addresses).
Data subjects Users (e.g., website visitors, users of online services).
Legal bases Consent (Art. 6 Para. 1 S. 1 lit. a. GDPR), Legitimate interests (Art. 6 Para. 1 S. 1 lit. f. GDPR).

This website uses SSL/TLS encryption for security reasons and to protect the transmission of confidential content, such as requests that you send to us as the site operator. You can recognize an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in your browser line. When SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.

DATA TRANSMISSION SECURITY (WITHOUT SSL)

Please note that data transmitted over an open network such as the Internet or an email service without SSL encryption can be viewed by anyone. You can recognize an unencrypted connection by the fact that the browser's address line shows "http://" and no lock symbol is displayed in your browser line. Information transmitted over the Internet and content received online may be transmitted via third-party networks. We cannot guarantee the confidentiality of communications or documents transmitted over such open networks or third-party networks.

Despite extensive technical and organizational security precautions, data may possibly be lost or intercepted and/or manipulated by unauthorized persons. We take appropriate technical and organizational security measures as far as possible to prevent this within our system. However, your computer is outside the security area we can control. It is up to you as a user to inform yourself about the necessary security precautions and to take appropriate measures in this regard. As website operators, we are in no way liable for damages that may arise from data loss or manipulation. Data that you provide in online forms may be passed on to commissioned third parties for order processing and viewed and possibly processed by them.

The provider of this website automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:

Browser type and browser version
Operating system used
Referrer URL
Hostname of the accessing computer
Time of server request

This data cannot be assigned to specific persons. This data is not merged with other data sources. We reserve the right to check this data retrospectively if we become aware of concrete indications of illegal use.

THIRD-PARTY SERVICES

This website may use Google Maps for embedding maps, Google Invisible reCAPTCHA for protection against bots and spam, and YouTube for embedding videos.

These services of the American Google LLC use cookies and consequently data is transmitted to Google in the USA, whereby we assume that no personal tracking takes place solely through the use of our website in this context.

Google has committed to ensuring adequate data protection according to the American-European and American-Swiss Privacy Shield.

Further information can be found in Google's privacy policy.

If you send us inquiries via the contact form, your information from the inquiry form, including the contact data you provided there, will be stored with us for the purpose of processing the inquiry and in case of follow-up questions. We do not pass on this data without your consent.

This website uses Google Analytics, a web analytics service of Google Ireland Limited. If the controller responsible for data processing on this website is located outside the European Economic Area or Switzerland, then Google Analytics data processing is carried out by Google LLC. Google LLC and Google Ireland Limited are hereinafter referred to as "Google."

Using the statistics obtained, we can improve our offering and make it more interesting for you as a user. This website also uses Google Analytics for cross-device analysis of visitor flows, which is carried out via a user ID. If you have a Google user account, you can deactivate the cross-device analysis of your usage in the settings there under "My Data," "Personal Data."

The legal basis for using Google Analytics is Art. 6 Para. 1 S. 1 lit. f DS-GVO. The IP address transmitted by your browser as part of Google Analytics is not merged with other Google data. We point out that Google Analytics on this website has been extended with the code "_anonymizeIp();" to ensure anonymized collection of IP addresses. This means IP addresses are processed in shortened form, so personal reference can be excluded. Insofar as the data collected about you has personal reference, this is immediately excluded and the personal data is thus immediately deleted.

Only in exceptional cases is the full IP address transmitted to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activities, and to provide other services related to website usage and internet usage to the website operator.

Google Analytics uses cookies. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there. You can prevent the storage of cookies by setting your browser software accordingly; however, we point out that in this case you may not be able to use all functions of this website to their full extent. You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) to Google as well as the processing of this data by Google by downloading and installing the browser plugin available under the following link: Disable Google Analytics.

You can also prevent the use of Google Analytics by clicking on this link: Disable Google Analytics. This will store a so-called opt-out cookie on your data carrier, which prevents the processing of personal data by Google Analytics. Please note that if you delete all cookies on your device, these opt-out cookies will also be deleted, meaning you must set the opt-out cookies again if you want to continue preventing this form of data collection. The opt-out cookies are set per browser and computer/device and must therefore be activated separately for each browser, computer, or other device.

This website uses so-called web fonts provided by Google for uniform display of fonts. When you call up a page, your browser loads the required web fonts into its browser cache to display texts and fonts correctly. If your browser does not support web fonts, a standard font from your computer is used.

Further information about Google Web Fonts can be found at https://developers.google.com/fonts/faq and in Google's privacy policy: https://www.google.com/policies/privacy/

COPYRIGHTS

The copyright and all other rights to content, images, photos, or other files on the website belong exclusively to the operator of this website or the specifically named rights holders. Written consent from the copyright holder must be obtained in advance for the reproduction of all files. Anyone who commits a copyright infringement without the consent of the respective rights holder may be liable to prosecution and possibly damages.

GENERAL DISCLAIMER

All information on our website has been carefully checked. We strive to keep our information offering current, accurate in content, and complete. Nevertheless, the occurrence of errors cannot be completely excluded, so we cannot guarantee completeness, accuracy, and timeliness of information, including journalistic-editorial content. Liability claims for damages of a material or ideal nature caused by the use of the information provided are excluded, unless there is demonstrable intentional or grossly negligent fault.

The publisher may change or delete texts at their own discretion and without notice and is not obligated to update the content of this website. Use of or access to this website is at the visitor's own risk. The publisher, their clients, or partners are not responsible for damages such as direct, indirect, incidental, specifically determinable in advance, or consequential damages allegedly arising from visiting this website and therefore assume no liability.

The publisher also assumes no responsibility and liability for the content and availability of third-party websites that can be reached via external links from this website. The operators of the linked pages are exclusively responsible for the content of the linked pages. The publisher hereby expressly distances itself from all third-party content that may be criminally or civilly relevant or violate good morals.

CHANGES

We may adapt this privacy policy at any time without prior notice. The version currently published on our website applies. Insofar as the privacy policy is part of an agreement with you, we will inform you of the change by email or other appropriate means in case of an update.

QUESTIONS TO THE DATA PROTECTION OFFICER

If you have questions about data protection, please write us an email or contact the person responsible for data protection listed at the beginning of the privacy policy directly in our organization.