Data protection information



1. Introduction


Below, we inform you, among other things, who is responsible for processing your data, what data we collect in connection with your visit to our website and use of our services, the purposes for which we process such data, and to whom we may disclose it. We also inform you of the duration of processing your data, the legal basis for processing (if applicable), and what rights you have regarding our processing of your data. This data protection notice applies to all your data already in our possession or that we may hold in the future. Please note that this data protection notice may be amended from time to time. The current, updated version published on our website always applies.


Personal data means any information relating to an identified or identifiable person (hereinafter "personal data"). This includes, in particular, information such as name, address, telephone number, email address, and possibly also IP addresses and device identifiers. In this privacy policy, the generic term "data" includes not only personal data but also non-personal and anonymised data. Processing means any handling of data, regardless of the procedures and means used, particularly the collection, storage, use, modification, disclosure, archiving, or deletion of data (hereinafter "processing").


If you provide us with personal data about other individuals, please ensure that they are aware of this data protection notice and only share their data with us if you are authorised to do so under applicable data protection law.


2. Name and address of the data controller


The data controller under this data protection notice is:


 Company name or business name: Il Barone Restaurant/Graceria/Pizzeria

Address: Viale Monte Verità 45, 6612 Ascona, Ticino, Switzerland

Telephone: 091 780 51 66

Email: info@ilbaroneristorante.ch



3. Categories of data processed

When you visit our website, use our services, and contact us, we collect certain data. We typically collect this data directly from you. The personal data we process may include the following:

  • Data collected or disclosed when you visit our website or use our services. This includes, among other things, your IP and MAC address or device ID, cookies, pages you visit and search terms you enter, text field entries, ratings, time and duration of visits, clicks, referring/exit URL, information on the time of use, browser and device type, operating system, and Internet service provider used, as well as the amount of data transferred.
  • Data exchanged during or in connection with contact with us, e.g., communication by letter, telephone, e-mail, contact form, etc. (in particular, name, contact details, gender, marital status, date of birth, job title, photo, employees, language, payment information).
  • Data (in particular, e-mail address and name) that is communicated when registering for a newsletter or downloading data (e.g. software).
  • Data communicated when creating a customer account for online shopping and in relation to orders placed (in particular, username, password, selected payment method, and delivery address).
  • Data relating to concluded offers and contracts (e.g., date, type, content, product, parties, duration, value, contract adjustments, payment information, contact details, contact persons, billing and correspondence addresses, customer feedback, cancellations, disputes, etc.).
  • Data communicated as part of the comments function (in particular, your email address, the username you choose if you do not comment anonymously, and your IP address).
  • Data that you provide when participating in prize games, surveys, and similar.

The aforementioned data is not always personal data. As a rule, we are unable to assign data generated when using our services without registration (e.g., a newsletter or in the online shop) to specific individuals by name. In certain cases, however, this may occur in combination with other data.

We draw your attention to the fact that the information you provide when using the contact form or the comments function may contain sensitive personal data (e.g., health data) that you provide to us voluntarily.


4. Purpose of the processing

The processing of personal data, to the extent permitted by applicable law, will be carried out in particular for the following purposes:

  • initiation, conclusion, fulfilment and execution of contracts;
  • offering, further developing and improving our offerings, developing new services, managing, maintaining, optimising and ensuring the security of our services and infrastructure;
  • managing users, our services, identity checks, logins and other authentication;
  • care, administration and development of our customer relationships, communication with customers and third parties, promotions, advertising and marketing, offering personalised services and relevant content;
  • quality control, statistics calculation;
  • compliance with legal and regulatory obligations and internal rules, law enforcement, civil, administrative, and criminal proceedings, complaints, combating abuse, investigations, and responding to inquiries from authorities and administrative services.


5. Legal basis

We use personal data for the above purposes on the basis of the following legal bases, to the extent required by applicable data protection law:

  • fulfilment of a contract;
  • fulfilment of legal obligations;
  • consent released to us or third parties;
  • our legitimate interests and those of third parties, in particular:
  • offer and provision of services;
  • advertising and marketing;
  • contact management and communication with users;
  • user management, identity checks, login;
  • compliance with legal and regulatory obligations, law enforcement, civil, administrative and criminal proceedings, complaints, investigations and response to requests from authorities.



6. Publication and transmission of data

We may publish and transmit data as follows:

 Processors

We may engage third parties to perform certain services (e.g., IT, application management, administration, shipping, etc.) and to process and store data (so-called "processors"). These processors may access personal data and process it on our behalf. In this regard, we require these processors to comply with data protection law and to process data only as we process it ourselves. Processors who may receive personal data may be located in any country, particularly Switzerland, Germany, Israel, and the United States.

 Contractors

We may share data with contractors (e.g., sales partners, service providers, financial institutions, etc.). This occurs, for example, to fulfil contractual obligations, to offer certain services, for collection and marketing purposes, to analyse usage and manage our services, systems, and infrastructure, and to process payments. Potential recipients may also include purchasers or interested parties in purchasing business units, companies, or parts thereof. Contractors may gain access to personal data and process it for their own purposes (e.g., to fulfil the contract or their own legal obligations). In this regard, they are required to comply with applicable data protection laws. Contractors who may receive personal data may be located in any country, particularly Switzerland, EU and EEA countries, and the United States.

 Transmission to authorities

In certain situations, we may disclose data to authorities, services, and other third parties. We do so when required to do so by official or regulatory bodies, or when we believe we are required to do so.


7. Duration of RETENTION

We store personal data as long as necessary for the purposes for which we collected it. Certain personal data is also subject to legally binding retention obligations of ten years or more, which we comply with. We may also store personal data for at least the duration of the applicable statute of limitations, which in many cases is five or ten years. Personal data generated in connection with the use of our services (e.g., reports, logs, analyses, etc.) and which are not subject to such retention or statute of limitations are generally deleted earlier, as soon as the interest in processing them ceases. The data may also be stored for longer in anonymised form. Unless expressly agreed to in a contractual agreement, we are not obligated to retain your data for a specific period.


8. Data security

We implement appropriate technical and organisational security measures to protect your data from accidental or intentional manipulation, partial or total loss, destruction, or unlawful access by third parties. Our security measures are constantly improved in line with technological developments.


9. Your rights (rights of the data subject)

Every data subject has the right to information regarding the personal data concerning them. The data subject also has the right to request from us the rectification, erasure, and restriction of data concerning them, as well as to object to such processing of personal data. The exercise of these rights generally requires the data subject to be able to unequivocally demonstrate their identity. If the processing of personal data is based on consent, the data subject may withdraw this consent at any time. The data subject has the right, in certain cases, to receive the data generated during the use of online services in a structured, commonly used, and machine-readable format that allows for further use and transmission. Requests relating to these rights should be sent to the above address. We reserve the right to limit the data subject's rights within the limits of currently applicable legislation, for example, to withhold complete information or delete data. We also draw your attention to the fact that by deleting your personal data, some or all of the services may no longer be usable or available.

Every data subject has the right to lodge a complaint with the competent data protection authority. For data controllers in Switzerland, this will be the Federal Data Protection and Information Commissioner. For data controllers in the Principality of Liechtenstein, this will be the Liechtenstein Data Protection Office.


 10. Cookies, web analyTICS and tracking tools

We use several common technologies to record, store, and analyse data when you visit our website and use our services.


These technologies specifically include cookies, which can identify your browser or device. A cookie is a small file that is sent to your computer or automatically stored by your browser on your computer or mobile device. If you visit a service again, that service can recognise your browser or device thanks to the cookie. Cookies can store user settings and other information. We use session cookies. These cookies are necessary for the basic functions of the services and are automatically deleted after you use our services. We also use temporary and permanent cookies that remain stored on your computer or mobile device for a longer period of time. The information collected through cookies allows us to improve our website and our services in line with customer needs and to provide you with personalised offers.


You can block the use of cookies or delete them in your browser settings. Please note that if you do not consent to cookies, you may not be able to fully utilise all features of a service. Deleting cookies will also delete any opt-out cookies you may have set. These opt-out cookies must then be reactivated when you visit the relevant service again. Otherwise, you will be recognised as a new user and your data will need to be collected again.


In addition to cookies, we use web analytics and tracking tools to evaluate and analyse the use of our website and services, to personalise services, and to display personalised offers and advertising. Data processing through these tools, which are mostly provided by third parties, is subject to their terms of use and data protection.

Cookie Declaration only loads on the live website. This message will disappear on the live website.



 11. Integration of third-party offers


We integrate third-party services and content into our websites that may allow you to interact with third parties (e.g., YouTube videos or online payments via a payment service provider). In this regard, any data you provide is transmitted to these third parties for processing and performing the relevant service or is processed directly by these third parties.


Please note that the data processing by these third parties is subject to their own data usage and data protection provisions.


Version 1.0.0