Privacy Policy
In this privacy policy, we, Nicole & Reto Bachofner, the operators of Norra Dellen Familjecamping, explain how we collect and otherwise process personal data. This is not an exhaustive description; other privacy policies or general terms and conditions, participation conditions, and similar documents may regulate specific matters. Personal data refers to all information relating to an identified or identifiable person.
If you provide us with personal data of other individuals (e.g., family members, data of colleagues), please ensure that these individuals are aware of this privacy policy and only share their personal data with us if you are allowed to do so and if this personal data is correct.
This privacy policy is designed to meet the requirements of the EU General Data Protection Regulation (“GDPR”), the Swiss Data Protection Act (“DPA”), and the revised Swiss Data Protection Act (“revDPA”). However, whether and to what extent these laws apply depends on the individual case.
Controller / Data Protection Officer / Representative Responsible for the data processing described here is: Norra Dellen Familjecamping Nicole & Reto Bachofner Rävnäset 101 824 78 Bjuråker Sweden Represented by: Nicole & Reto Bachofner If you have data protection concerns, you can contact us at the following address: info@norra-dellen-camping.se Our representative in the EEA pursuant to Art. 27 GDPR (if required) is: Norra Dellen Familjecamping, Nicole & Reto Bachofner Represented by: Nicole & Reto Bachofner
Collection and Processing of Personal Data
We primarily process the personal data that we receive from our customers and other business partners as part of our business relationship with them and other individuals involved, or that we collect from users when operating our websites, apps, and other applications.
To the extent permitted, we also obtain certain data from publicly available sources (e.g., debt collection registers, land registers, commercial registers, press, internet) or receive such data from other companies within Norra Dellen Familjecamping, authorities, and other third parties (such as credit agencies). In addition to the data you directly provide to us, the categories of personal data we receive from third parties about you include information from public registers, information we learn in connection with official and judicial proceedings, information related to your professional functions and activities (so that we can, for example, conclude and process transactions with your employer with your help), information about you in correspondence and meetings with third parties, credit reports (to the extent we conduct business with you personally), information about you provided by individuals in your environment (family, advisors, legal representatives, etc.) so that we can conclude or process contracts with you or involving you (e.g., references, your delivery address, powers of attorney, information on compliance with legal requirements such as anti-money laundering and export restrictions, information from banks, insurance companies, distribution and other contractual partners of ours for the use or provision of services by you (e.g., payments made, purchases made), information from media and the internet about your person (where this is indicated in the specific case, e.g., in the context of an application, press review, marketing/sales, etc.), your addresses and possibly interests and other socio-demographic data (for marketing), data related to the use of the website (e.g., IP address, MAC address of the smartphone or computer, information about your device and settings, cookies, date and time of the visit, pages and content accessed, features used, referring website, location data).
Purposes of Data Processing and Legal Bases
We use the personal data we collect primarily to conclude and process contracts with our customers and business partners, especially in the context of our core business with our customers and the purchase of products and services from our suppliers and subcontractors, as well as to comply with our legal obligations at home and abroad. If you act on behalf of such a customer or business partner, you may also be affected by this data processing in this function.
In addition, we process personal data from you and other individuals, to the extent permitted and as seems appropriate to us, also for the following purposes, for which we (and sometimes third parties) have a legitimate interest corresponding to the purpose:
• Offering and further developing our offers, services, and websites, apps, and other platforms on which we are present;
• Communication with third parties and processing of their inquiries (e.g., applications, media inquiries);
• Advertising and marketing (including holding events), unless you have objected to the use of your data (if we send you advertising as an existing customer, you can object to this at any time, and we will then add you to a blocking list for further advertising mailings);
• Market and opinion research, media monitoring;
• Enforcement of legal claims and defense in connection with legal disputes and official proceedings;
Prevention and investigation of crimes and other misconduct (e.g., conducting internal investigations, data analysis to combat fraud);
• Ensuring the operation of our business, in particular IT, our websites, apps, and other platforms;
• Video surveillance to protect property rights and other measures for IT, building, and plant security and protection of our employees and other persons and values belonging to us or entrusted to us (such as access controls, visitor lists, network and mail scanners, telephone recordings);
• Purchase and sale of business areas, companies, or parts of companies and other corporate transactions and the related transfer of personal data, as well as measures for business management and to the extent necessary to comply with legal and regulatory obligations as well as internal regulations of Norra Dellen Familjecamping.
If you have given us consent to process your personal data for specific purposes (for example, when registering to receive newsletters or conducting a background check), we will process your personal data within the scope of and based on this consent, provided we do not have another legal basis and we need one. Consent given can be revoked at any time, but this does not affect data processing already carried out.
Cookies / Tracking and other Technologies in Connection with the Use of our Website We typically use “cookies” and similar technologies on our websites to identify your browser or device. In addition to cookies used only during a session and deleted after your website visit (“session cookies”), cookies can also be used to store user settings and other information for a specific period (e.g., two years) (“persistent cookies”). However, you can configure your browser to reject cookies, only store them for one session, or delete them prematurely. Most browsers are set to accept cookies. If you block cookies, certain functionalities (such as language selection, shopping cart, ordering processes) may no longer work.
Data Disclosure and Data Transfer
Abroad As part of our business activities and the purposes under section 3, to the extent permitted and appropriate, we also disclose data to third parties, whether because they process it for us or because they want to use it for their own purposes. This concerns, in particular, the following parties:
• Service providers (within Norra Dellen Familjecamping as well as externally, such as banks, insurance companies), including order processors (such as IT providers);
• Dealers, suppliers, subcontractors, and other business partners;
• National and foreign authorities, offices, or courts;
• Media as part of self-promotion;
• The public, including visitors to websites and social media;
• Competitors, industry organizations, associations, organizations, and other bodies;
• Acquirers or interested parties for the acquisition of business areas, companies, or other parts of Norra Dellen Familjecamping;
• Other parties in actual or potential legal proceedings;
all collectively referred to as recipients. These recipients are partly domestic but can be anywhere on earth. In particular, you must expect your data to be transmitted to all countries where Norra Dellen Familjecamping is represented by group companies, branches, or other offices, as well as to other countries in Europe and the USA, where the service providers we use are located (such as [Microsoft], [SAP], [Amazon], [Salesforce.com]). If a recipient is in a country without adequate legal data protection, we contractually obligate the recipient to comply with applicable data protection laws (we use the revised standard contractual clauses of the European Commission, which can be found here: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?), unless it is already subject to a legally recognized framework for ensuring data protection and we cannot rely on an exemption. An exception may apply, in particular, to legal proceedings abroad, but also in cases of overriding public interests or if contract processing requires such disclosure, if you have consented, or if it concerns data made generally accessible by you, the processing of which you have not objected to.
Duration of Personal Data Retention
We process and store your personal data for as long as necessary to fulfill our contractual and legal obligations or the purposes pursued with the processing, i.e., for example, for the duration of the entire business relationship (from initiation, execution to termination of a contract) and beyond in accordance with legal retention and documentation obligations. It is possible that personal data may be retained for the period in which claims can be asserted against our company and as long as we are otherwise legally obligated or have legitimate business interests in doing so (e.g., for evidence and documentation purposes). Once your personal data is no longer required for the purposes mentioned above, it will generally be deleted or anonymized as far as possible. For operational data (e.g., system logs), shorter retention periods of twelve months or less apply as a matter of principle.
Data Security
We take appropriate technical and organizational security measures to protect your personal data against unauthorized access and misuse, such as issuing instructions, training, IT and network security solutions, access controls and restrictions, encryption of data carriers and transmissions, pseudonymization, controls.
Obligation to Provide Personal Data
In the context of our business relationship, you must provide the personal data necessary to establish and conduct a business relationship and fulfill the associated contractual obligations (you generally do not have a legal obligation to provide us with data). Without this data, we will generally not be able to conclude a contract with you (or the entity or person you represent) or to process it. The website cannot be used if certain information necessary to ensure data traffic (such as IP address) is not disclosed.
Profiling and Automated Decision-Making In general, we do not use fully automated decision-making (as regulated, for example, in Art. 22 GDPR) to establish and conduct the business relationship and otherwise. Should we use such procedures in individual cases, we will inform you separately if required by law and inform you about the related rights.
Rights of the Data Subject
Subject to the applicable data protection law and to the extent provided for therein (such as under the GDPR), you have the right to information, correction, deletion, the right to restrict data processing and otherwise to object to our data processing, especially those for purposes of direct marketing, profiling carried out for direct marketing purposes, and other legitimate interests in processing, as well as the right to receive certain personal data for transfer to another location (so-called data portability). Please note, however, that we reserve the right to assert the legally provided restrictions ourselves, for example, if we are obliged to retain or process certain data, have a predominant interest in doing so (as far as we are allowed to rely on it), or need it to assert claims. If costs are incurred for you, we will inform you in advance. We have already informed you about the possibility of revoking your consent in section 3. Please note that exercising these rights may conflict with contractual agreements and may have consequences such as early contract termination or cost consequences. In such cases, we will inform you in advance, unless this is already contractually regulated.
Exercising such rights generally requires you to clearly prove your identity (e.g., by providing a copy of your identity card where your identity is not otherwise clear or can be verified). To exercise your rights, you can contact us at the address provided in section 1.
Furthermore, every data subject has the right to enforce their claims in court or to lodge a complaint with the competent data protection authority. The competent data protection authority in Switzerland is the Federal Data Protection and Information Commissioner (http://www.edoeb.admin.ch).
Changes
We reserve the right to adapt this privacy policy at any time without prior notice. The current version published on our website applies. If the privacy policy is part of an agreement with you, we will inform you of any changes by email or other appropriate means in the event of an update.
Source: This privacy policy is based on the template of the DSAT – Data Protection Self-Assessment Tool and has been adapted to the actual circumstances of the Norra Dellen Familjecamping website.
13. 05. 2024