1. controller and content of this privacy policy
We, NIDO Ristorante AG (Spitalgasse 47-51, 3011 Bern, Switzerland), are the operator of the website www.nido-ristorante.ch ("Website") and your contractual partner for services purchased from us. Unless otherwise stated, we are responsible for the data processing listed in this privacy policy.
We base our data protection policy primarily on the statutory provisions of Swiss data protection law, in particular the Federal Act on Data Protection ("FADP") and the EU General Data Protection Regulation ("GDPR"), the provisions of which may apply in individual cases. Please take note of the following information so that you know what personal data we collect from you and for what purposes we use it.
2. contact person for data protection
If you have any questions about data protection or wish to exercise your rights, please contact our contact person for data protection by sending an e-mail to the following address: info@nido-ristorante.ch
Alternatively, you can contact us by post at the following address:
NIDO Ristorante AG
Data protection
Spitalgasse 47 - 51
3011 Bern
Switzerland
3. when you visit our website (log file data)
When you visit our website, the servers of our hosting provider store every access in a log file for a maximum period of 12 months. The following data is recorded and stored by us until it is automatically deleted:
This data is processed for the purpose of enabling the use of our website, ensuring system security and stability in the long term and for error and performance analysis. It also enables us to optimize our website.
In the event of an attack on the network infrastructure of the website or in the event of suspicion of other unauthorized or abusive website use, the IP address and other data will be evaluated for clarification and defense and, if necessary, used in the context of criminal proceedings for identification and for civil and criminal proceedings against the users concerned.
Our legitimate interest in data processing within the meaning of Art. 6 para. 1 lit. f GDPR lies in the purposes described above.
4. use of one of our contact options
If you contact us via our contact addresses and channels (e.g. by e-mail or telephone), your personal data will be processed. The data that you have provided to us will be processed, e.g. the name of your company, your name, your function, your e-mail address or telephone number and your request. In addition, the time of receipt of the request is documented.
We process this data exclusively in order to answer your inquiry in the best possible way. The legal basis for this data processing is our legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR in answering your inquiry or, if your inquiry is aimed at the conclusion or execution of a contract, the execution of the contract within the meaning of Art. 6 para. 1 lit. b GDPR.
5. processing of orders
We carry out the orders you request from us. We collect the following data, among others, to fulfill the order:
We process this data as part of the provision of our services in order to interact with you, to process your order in the best possible way for you, to communicate with you, to invoice the services provided and to administer and maintain the customer relationship with you. As part of the provision of services, we may also obtain data about you from other sources, for example by consulting publicly accessible sources in order to update your details.
Insofar as this is necessary for the fulfillment of the contract, we will also pass on the required information to any third-party service providers (e.g. hosting providers).
The legal basis for this processing is the performance of the contract within the meaning of Art. 6 para. 1 lit. b GDPR.
6. applications
You have the opportunity to apply to us spontaneously or in response to a specific job advertisement via a corresponding e-mail address. We process the following data:
We use this and other data that you provide voluntarily to review your application and carry out the application process. Application documents of unsuccessful applicants will be deleted at the end of the application process, unless you explicitly consent to a longer retention period or we are legally obliged to retain them for a longer period. The legal basis for the review of your application and the handling of the application process is the implementation of pre-contractual measures within the meaning of Art. 6 para. 1 lit. b GDPR
7. use of your data for marketing purposes
7.1 Central data storage and analysis in the CRM system
If a clear assignment to your person is possible, we will store and link the data described in this privacy policy, i.e. in particular your personal data, your contacts, your contract data and your surfing behavior on our website in a central database.
This serves the efficient management of customer data and allows us to respond adequately to your concerns and enables the efficient provision of the services you require and the processing of the associated contracts.
The legal basis for this data processing is our legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR in the efficient management of customer data.
We use the software for this purpose. The legal basis for this processing is our legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR in the use of third-party services.
7.2 Newsletter
When you register for our newsletter, we collect the following data, whereby mandatory information is marked accordingly (e.g. with an asterisk):
To avoid misuse and to ensure that the owner of an e-mail address has actually given their consent, we use the double opt-in procedure for registration.
After submitting your registration, you will receive an e-mail from us containing a confirmation link. To definitively register for the newsletter, you must click on this link.
If you do not click on the confirmation link within the specified period, your data will be deleted and our newsletter will not be sent to the specified address.
By registering, you consent to the processing of this data in order to receive news from us about our company, our offers and related products and services. We will continue to use your data to send you emails until you withdraw your consent.
You can unsubscribe at any time using the unsubscribe link in all our newsletters.
Our newsletters may contain a web beacon or 1×1 pixel (tracking pixel) or similar technical aids. A web beacon is an invisible graphic that is linked to the user ID of the respective newsletter subscriber. For each newsletter sent, we receive information about which addresses have not yet received the email, which addresses it was sent to and which addresses failed to receive it. We also see which addresses have opened the email, for how long and which links they have clicked on. Finally, we also receive information about which addresses have unsubscribed.
We use this data for statistical purposes and to optimize the newsletter in terms of frequency, timing, structure and content of the emails. This enables us to better tailor the information and offers in our emails to the individual interests of the recipients.
The web beacon is deleted when you delete the e-mail. To prevent the use of the web beacon in our newsletters, please configure your email program so that HTML is not displayed in messages. You can find information on how to configure this setting in the help sections of your email software, e.g. here for Microsoft Outlook.
By subscribing to the newsletter, you also consent to the statistical analysis of user behaviour for the purpose of optimizing and adapting the newsletter. This consent constitutes our legal basis for the processing of data within the meaning of Art. 6 para. 1 lit. a GDPR.
We use the email marketing software CleverReach GmbH & Co. KG
//CRASH Building, Schafjückenweg 2, 26180 Rastede, Germany to send the newsletter. Your data is therefore stored in a CleveReach database, which allows CleveReach to access your data. The legal basis for this processing is our legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR in the use of third-party services.
8. cookies
Cookies are information files that your web browser stores on the hard disk or memory of your end device when you visit our website. Cookies are assigned identification numbers that identify your browser and allow the information contained in the cookie to be read.
Cookies help, among other things, to make your visit to our website easier, more pleasant and more meaningful. We use cookies for various purposes that are technically necessary for your desired use of the website. For example, cookies perform other technical functions necessary for the operation of the website, such as load balancing, i.e. the distribution of the performance load of the site to various web servers in order to reduce the load on the servers. Finally, we also use cookies as part of the design and programming of our website, e.g. to enable the uploading of scripts or codes.
The legal basis for this data processing is our legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR in the provision of a user-friendly and up-to-date website.
Most Internet browsers accept cookies automatically. Details on the services and data processing associated with the individual cookies can be found in the following sections of this privacy policy.
You can configure your browser so that no cookies are stored on your end device or so that a message always appears when you receive a new cookie. On the following pages you will find explanations of how you can configure the processing of cookies in selected browsers.
If you deactivate cookies, you may not be able to use all the functions of our website.
9. tracking, web analysis and other tools
9.1 General information on tracking
We use the tools listed below for the purpose of designing and continuously optimizing our website to meet your needs. In this context, pseudonymized user profiles are created and cookies are used. The information generated by the cookie about your use of this website is generally transmitted to a server of the service provider together with the log file data listed in section 3, where it is stored and processed. By processing the data, we receive the following information, among other things:
The provider will use this information on our behalf to evaluate the use of the website, to compile reports on website activity for us and to provide other services relating to website activity and internet usage for the purposes of market research and the needs-based design of these websites.
The legal basis for this processing with the following tools is your consent within the meaning of Art. 6 para. 1 lit. a GDPR, unless otherwise stated. You can withdraw your consent or refuse processing at any time by rejecting or deactivating the relevant cookies in the settings of your web browser or by making use of the service-specific options described below.
Please refer to the provider's data protection information for the further processing of the data by the respective provider as the (sole) controller under data protection law, in particular any disclosure of this information to third parties such as authorities on the basis of national statutory provisions.
9.2 Google Analytics on www.nido-ristorante.ch
We use the web analysis service Google Analytics from Google Ireland Limited (Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland) or Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; EU standard contractual clauses) ("Google"). The data described in section 10.1 about the use of the website may be transmitted to Google's servers in the USA for the processing purposes explained. The IP address is shortened on this website before transmission within Switzerland, member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there.
Users can prevent Google from collecting the data generated by the cookie and relating to the use of the website by the user concerned (including the IP address) and from processing this data by Google by downloading and installing the browser plug-in.
Further information on data protection at Google can be found here.
9.3 Google Maps on www.nido-ristorante.ch
We use Google Maps API (Application Programming Interface, "Google Maps") from Google on our website for the visual display of geographical information (site plans).
By using Google Maps, information about the use of our website, including your IP address, is transmitted to a Google server in the USA and stored there.
It is possible to deactivate the Google Maps service and prevent the transfer of data to Google by deactivating JavaScript in your browser. However, we would like to point out that you will not be able to use the map display in this case.
You can find more information about the collection, processing and use of your data by Google and your rights in this regard in the privacy policy and in the additional terms of use for Google Maps and Google Earth.
9.4 LinkedIn Insight tag
We use the LinkedIn Insight tag from LinkedIn Unlimited Company (Wilton Place, Dublin 2, Ireland) for conversion tracking on our website. The LinkedIn Insight tag enables us to statistically record the use of our website in order to optimize it.
With conversion tracking, a cookie is set on your device by LinkedIn when you visit our website by clicking on a LinkedIn ad. Conversion tracking is used to compile statistics and not to identify you personally.
We only want to know which LinkedIn ads or interactions bring users to our website. This information allows us to better control the placement of banner ads, for example, and place them on specific websites on the Internet.
You can prevent the storage of cookies by selecting the appropriate browser settings. Further information on the collection and use of your data by LinkedIn can be found in their privacy policy.
9.5 Adobe Fonts on www.nido-ristorante.ch
On our website, we use Adobe Fonts from Adobe Systems Inc. (345 Park Avenue, San Jose, CA 95110-2704, USA; EU standard contractual clauses) ("Adobe") for the uniform display of certain fonts.
When you access the website, your browser loads the required fonts directly from Adobe in order to display our website correctly on your device. In doing so, your browser establishes a connection to Adobe's servers in the USA. This gives Adobe knowledge that our website has been accessed via your IP address.
According to Adobe, no cookies are stored when the fonts are provided.
The storage and analysis of the data is based on our legitimate interest in a uniform presentation of the typeface on our website within the meaning of Art. 6 para. 1 lit. f GDPR.
You can find more information about Adobe Fonts here and in Adobe's privacy policy.
10 Our social media presence
On our website you will find links to our presence on the following social networks:
If you click on the social network icons, you will be automatically redirected to our profile in the respective network. This establishes a direct connection between your browser and the server of the respective social network.
This provides the network with the information that you have visited our website with your IP address and clicked on the link.
If you click on a link to a network while you are logged into your user account with the network in question, the content of our website can be linked to your profile so that the network can assign your visit to our website directly to your account.
If you wish to prevent this, you should log out before clicking on the relevant links. A connection between your access to our website and your user account takes place in any case if you log in to the respective network after clicking on the link.
The respective provider is responsible under data protection law for the associated data processing. Please therefore refer to the information on the network's website.
The legal basis for any processing attributed to us is our legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR in the use and advertising of our social media presence.
11. social plugins on www.nido-ristorante.ch
You can use social plugins from the providers listed below on our website:
We use social plugins to make it easier for you to share content from our website. The social plugins help us to increase the visibility of our content on social networks and thus contribute to better marketing.
The plugins are deactivated on our websites by default and therefore do not send any data to the social networks when you simply visit our website. To increase data protection, we have integrated the plugins in such a way that a connection to the networks' servers is not automatically established.
Your browser only establishes a direct connection to the servers of the respective social network when you activate the plugins and thus give your consent to data transmission and further processing by the providers of the social networks.
The content of the plugin is transmitted by the social network directly to your browser, which integrates it into the website. As a result, the respective provider receives the information that your browser has accessed the corresponding page of our website, even if you do not have an account with this social network or are not currently logged in to it.
This information (including your IP address) is transmitted directly from your browser to a server of the provider (usually in the USA) and stored there. We have no influence on the scope of the data that the provider collects with the plugin, although we can be considered jointly responsible with the providers to a certain extent from a data protection perspective.
If you are logged in to the social network, it can assign your visit to our website directly to your user account. If you interact with the plugins, the corresponding information is also transmitted directly to a server of the provider and stored there. The information may also be published on the social network and may be displayed to other users of the social network.
The provider of the social network may use this information for the purpose of placing advertisements and tailoring the respective offer to your needs.
For this purpose, usage, interest and relationship profiles may be created, e.g. to evaluate your use of our website with regard to the advertisements displayed to you on the social network, to inform other users about your activities on our website and to provide other services associated with the use of the social network.
The purpose and scope of the data collection and the further processing and use of the data by the providers of the social networks as well as your rights in this regard and setting options to protect your privacy can be found directly in the data protection information of the respective provider.
If you do not want the provider of the social network to assign the data collected via our website to your user account, you must log out of the social network before activating the plugins.
Your consent within the meaning of Art. 6 para. 1 lit. a GDPR forms the legal basis for the processing described. You can withdraw your consent at any time with effect for the future.
12. disclosure of data to third parties
Without the support of other companies, we would not be able to provide our services in the desired form. In order for us to be able to use the services of these companies, it is also necessary to pass on your personal data to a certain extent.
Such disclosure takes place in particular if this is necessary to fulfill the contract you have requested. The legal basis for this disclosure is the necessity to fulfill the contract within the meaning of Art. 6 para. 1 lit. b GDPR.
Data is also passed on to selected service providers and only to the extent necessary for the provision of the service. Various third-party service providers are already explicitly mentioned in this privacy policy. These are, for example, IT service providers (such as providers of software solutions) and consulting companies. Our legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR in obtaining third-party services forms the legal basis for this data transfer.
In addition, your data may be passed on, in particular to authorities, legal advisors or debt collection agencies, if we are legally obliged to do so or if this is necessary to protect our rights, in particular to enforce claims arising from the relationship with you.
Data may also be disclosed if another company intends to acquire our company or parts thereof and such disclosure is necessary to carry out due diligence or to complete the transaction.
The legal basis for this data transfer is our legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR in the protection of our rights and compliance with our obligations or the sale of our company.
13. transfer of personal data abroad
We are entitled to transfer your personal data to third parties abroad if this is necessary to carry out the data processing specified in this privacy policy.
The statutory provisions on the disclosure of personal data to third parties will of course be complied with. If the country in question does not have an adequate level of data protection, we ensure through contractual arrangements that your data is adequately protected by these companies.
14. retention periods
We only store personal data for as long as is necessary to carry out the processing described in this privacy policy within the scope of our legitimate interest.
In the case of contract data, storage is prescribed by statutory retention obligations. Requirements that oblige us to store data result from the provisions on accounting and from tax regulations.
According to these regulations, business communication, concluded contracts and accounting documents must be stored for up to 10 years. The data is deleted or anonymized as soon as there is no longer an obligation to retain it and there is no longer a legitimate interest in retaining it.
15. data security
We use suitable technical and organizational security measures to protect your personal data stored by us against loss and unlawful processing, in particular unauthorized access by third parties. Our employees and the service companies commissioned by us are obliged by us to maintain confidentiality and data protection.
In addition, these persons are only granted access to personal data to the extent necessary to fulfill their duties.
Our security measures are continuously adapted in line with technological developments.
However, the transmission of information via the Internet and electronic means of communication always involves certain security risks and we cannot provide an absolute guarantee for the security of information transmitted in this way.
16. your rights
If the legal requirements are met, you have the following rights as a data subject affected by data processing:
To exercise these rights, please use the contact details in section 2.
Status: October 2023
