Ristorante NIDO AG
Spitalgasse 47-51
3001 Bern

Tel.: 031 320 12 12

Design / realisation:
furrerhugi ag
Schauplatzgasse 39
3011 Bern

Privacy Policy

1. Data controller and content of this Privacy Policy
We, NIDO Ristorante AG (Spitalgasse 47-51, 3011 Bern, Schweiz), are the operator of the website (the “Website”). Unless otherwise stated, we are responsible for the data processing listed in this Privacy Policy.

When it comes to data protection, we are primarily guided by the legal requirements of Swiss data protection law, in particular, the Federal Act on Data Protection (“FADP”) and the EU General Data Protection Regulation (“GDPR”), the provisions of which may apply in individual cases. In order for you to know what personal data we collect from you and for what purposes we use it, please take note of the information below.

2. Your contact for data protection
If you have any questions about data protection or would like to exercise your rights, please contact our data protection contact by sending an email to the following address:

Alternatively, you can contact us by post at the following address:
NIDO Ristorante AG
Spitalgasse 47 – 51
3011 Bern

3. When you visit our Website (log file data)
When you visit our Website, the servers of our hosting provider store each instance of access in a log file for a maximum period of 12 months. The following information is collected and stored until we automatically delete it:

  • The IP address of the computer making the request
  • The date and time of access
  • The name and URL of the file retrieved
  • The website from which our website was accessed (referrer URL), possibly with the search term used
  • The operating system of your computer and the browser you use (incl. type, version and language setting)
  • Device type, in the event of access from a mobile phone
  • The city or region from which the website was accessed
  • The name of your Internet access provider

This data is processed for the purpose of enabling use of our website, permanently ensuring system security and stability, and error and performance analysis. It also enables us to optimise our website.

In the event of an attack on the network infrastructure of the website or where there is suspicion of other unauthorised or abusive use of the website, the IP address and other data will be evaluated for clarification and defence and, if necessary, used for identification in the context of criminal proceedings and for civil and criminal proceedings against the users concerned.

Our legitimate interest in data processing within the meaning of Art. 6 (1) (f) GDPR consists in the purposes described above.

4. Use of one of our options for making contact
If you contact us via our contact addresses and channels (e.g., by email or telephone), your personal data will be processed. The data you have provided to us will be processed, e.g., the name of your company, your name, your role, your email address or telephone number, and your concern. In addition, the time of receipt of the request is also documented.

We only process this data in order to respond to your query in the best possible way. The legal basis for this data processing is our legitimate interest within the meaning of Art. 6 (1) (f) GDPR in responding to your query or, if your query is aimed at concluding or transacting a contract, the execution of the contract within the meaning of Art. (1) (b) GDPR.

5. Use of your data for marketing purposes
Central data storage and analysis in the CRM system
If clear assignment to your person is possible, we will store the data outlined in this Privacy Policy, i.e., in particular, your personal data, the instances of contact you have made, and your surfing behaviour on our website, in a central database and link it.

This serves the efficient management of the data and allows us to respond adequately to your concerns. The legal basis for this data processing is our legitimate interest within the meaning of Art. 6 (1) (f) GDPR in the efficient management of data.

The legal basis for this processing is our legitimate interest within the meaning of Art. 6 (1) (f) GDPR in the use of third-party providers.

We evaluate this data in order to further develop our website in line with needs and to display and suggest information that is as relevant to you as possible. The legal basis for this data processing is our legitimate interest within the meaning of Art. 6 (1) (f) GDPR in the implementation of marketing measures.

6. Newsletter
If you register for our newsletter, we will collect the following data; mandatory information is marked accordingly (e.g., with an asterisk):

  • Name
  • Email address*
  • [Further data]

To avoid misuse and ensure that the owner of an email address has indeed given consent, we use the so-called double opt-in procedure for registration. After submitting your registration, you will receive an email from us containing a confirmation link.

In order to definitively register for the newsletter, you must click on this link. If you do not click on the confirmation link within the specified period, your data will be deleted, and our newsletter will not be delivered to the address provided.

By registering, you consent to the processing of this data in order to receive messages from us about us. We will use your data to send emails until you revoke your consent. You can revoke your consent at any time via the unsubscribe link in all our newsletters.

Our newsletters may contain a web beacon or 1×1 pixels (tracking pixels) or similar technical aids. A web beacon is an invisible graphic that is linked to the user ID of the newsletter subscriber in question. For each newsletter sent, we receive information about which addresses have not yet received the email, to which addresses it has been sent, and for which addresses sending has failed. It also shows which addresses opened the email, for how long, and which links they clicked on.

Finally, we also receive information about which addresses have unsubscribed. We use this data for statistical purposes and to optimise the newsletters with respect to the frequency, time, structure and content of the emails. This allows us to better tailor the information and offers in our emails to the individual interests of the recipients.

The web beacon will be deleted when you delete the email. To prevent the use of the web beacon in our newsletters, please set your email program to not display HTML in messages. You will find information on how to configure this setting in the help sections of your email software, for example, here for Microsoft Outlook.

By registering for the newsletter, you also consent to the statistical evaluation of your user behaviour for the purpose of optimising and adapting the newsletter. This consent constitutes our legal basis for the processing of the data within the meaning of Art. 6 (1) (a) GDPR.

We use the email marketing software CleverReach from CleverReach GmbH & Co. KG (Schafjückenweg 2, 26180 Rastede, Germany; appropriate level of data protection according to Annex 1 to the Data Protection Ordinance (DPO)) to send the newsletter. Therefore, your data will be stored in a CleverReach database, which will enable CleverReach to access your data. The legal basis for this processing is our legitimate interest within the meaning of Art. 6 (1) (f) GDPR in the use of third-party providers.

8. Cookies
Cookies are information files that your web browser automatically stores on your device’s hard drive when you visit our Website. Cookies are assigned identification numbers that identify your browser and allow the information contained in the cookie to be read.
Among other things, cookies help to make your visit to our Website easier, more pleasant and more meaningful. We use cookies for various purposes that are necessary from a technical point of view in order for you to be able to use the Website as desired.

For example, cookies take care of other technical functions necessary for the operation of the website, such as load balancing, i.e., the distribution of the workload of the page to different web servers, in order to relieve the servers. Finally, we also use cookies within the context of the design and programming of our website, e.g., to enable uploading of scripts or codes.

The legal basis for this data processing is our legitimate interest within the meaning of Art. 6 para. (1) (f) GDPR in the provision of a user-friendly and up-to-date website.
Most Internet browsers accept cookies automatically. Details of the services and data processing associated with the individual cookies can be found in the following sections of this Privacy Policy.

You can configure your browser so that no cookies are stored on your device, or so that you are always notified before a new cookie is created. On the following pages, you will find explanations of how to configure the processing of cookies for selected browsers.

Disabling cookies may mean that you will not be able to use all the features of our Website.

9. Tracking, web analytics, and other tools
9.1 General information about tracking

We use the tools listed below for the purpose of the needs-based design and continuous optimisation of our website. In this context, pseudonymised user profiles are created, and cookies are used. The information generated by the cookie about your use of this website is usually transmitted together with the log file data listed in Section 3 to a server of the service provider and is stored and prepared there. Through preparing the data, we obtain the following information, among other things:

  • The navigation path that a visitor uses on the site (including viewed content and selected or purchased products)
  • Dwell time on the Website or subpage
  • The subpage you are on when you leave the Website
  • The country, region or city from which the Website was accessed
  • The terminal device (type, version, colour depth, resolution, width and height of the browser window)
  • Returning or new visitor

On our behalf, the provider will use this information to evaluate the use of the wWebsite, to compile evaluations on wWebsite activities for us, and to provide other services related to the use of the wWebsite and the Internet for the purposes of market research and needs-based design of these websites.

The legal basis for this processing with the below tools is your consent within the meaning of Art. 6 (1) (a) GDPR, unless otherwise stated. You can revoke your consent or refuse the processing at any time by rejecting or switching off the relevant cookies in the settings of your web browser or by making use of the service-specific options outlined below.

With respect to the further processing of the data by the provider in question as the (sole) data controller under data protection law, as well as, in particular, any disclosure of this information to third parties, such as authorities, on the basis of national legal regulations, please note the Privacy Policy of the provider.

9.2 Google Analytics
We use the web analytics service Google Analytics from Google Ireland Limited (Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland) or Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; EU Standard Contractual Clauses) (“Google”). In the process of this, the data outlined in Section 11.1 about the use of the wWebsite may be transmitted to Google’s servers in the United States for the processing purposes explained above. The IP address will be shortened on this wWebsite before transmission within Switzerland, member states of the European Union or other contracting states to the Agreement on the European Economic Area. Only in exceptional cases will IP addresses be transferred to a Google server in the USA and truncated there.

Users can prevent Google from collecting the data generated by the cookie and related to the use of the website by the user concerned (including the IP address) as well the processing of this data by Google by downloading and installing the browser plugin.
Click here for more information about data protection at Google.

9.3 Google Maps
We use Google Maps API (application programming interface, “Google Maps”) on our website to visually display geographical information (site maps). When Google Maps is used, information about the use of our wWebsite, including your IP address, will be transferred to a Google server in the USA and stored there.

It is possible to disable the Google Maps service and prevent data transfer to Google if you disable JavaScript in your browser. However, we would like to point out that, in this case, you will not be able to display maps.

More information about the collection, processing and use of your data by Google, as well as your rights in this regard, can be found in the Privacy Policy and additional terms of use for Google Maps or Google Earth.

9.4 LinkedIn Insight Tag
We use the LinkedIn Insight tag from LinkedIn Unlimited Company (Wilton Place, Dublin 2, Ireland) on our website for conversion tracking. The LinkedIn Insight Tag enables us to statistically record the use of our wWebsite in order to optimise it. In conversion tracking, a cookie is set on your device by LinkedIn when you visit our website as a result of clicking on a LinkedIn ad.

Conversion tracking is used to generate statistics and not to identify you as a person. We only want to know which LinkedIn ads or interactions bring users to our website. This information allows us to better control the placement of banner advertising, for example, and to place it on certain websites on the Internet in a targeted manner.

You can prevent the storage of cookies by making the appropriate settings in your browser. More information about the collection and use of your data by LinkedIn can be found in its Privacy Policy.

10. Our social media presence
On our wWebsite, you will find links to our presence on the following social networks:

  • Meta Platforms Inc., 1601 S California Ave, Palo Alto, CA 94304, USA
  • X Corp., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA
  • LinkedIn Unlimited Company, Wilton Place, Dublin 2, Ireland

If you click on the icons of these social networks, you will automatically be redirected to our profile in the network in question. In the process, a direct connection is established between your browser and the server of the social network in question.

As a result, the network receives the information that you have visited our wWebsite with your IP address and clicked on the link.

If you click on a link to a network while you are logged into your user account for the network in question, the content of our wWebsite may be linked to your profile, so that the network can directly associate your visit to our wWebsite with your account. If you want to prevent this, you should log out before clicking on the corresponding links.

A connection between your access to our wWebsite and your user account takes place in any case if you log in to the network in question after clicking on the link. The relevant provider is responsible (the controller) under data protection law for the associated data processing. Therefore, please refer to the information on the network’s website.

The legal basis for any processing attributed to us is our legitimate interest within the meaning of Art. 6 (1) (f) GDPR in the use and promotion of our social media presence.

11. Social plugins
You can use social plugins from the following providers on our website:

  • Meta Platforms Inc., 1601 S California Ave, Palo Alto, CA 94304, USA, Privacy Policy
  • X Corp., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA, Privacy Policy
  • LinkedIn Unlimited Company, Wilton Place, Dublin 2, Ireland, Privacy Policy

We use these social plugins to make it easier for you to share content from our website. These social plugins help us increase the visibility of our content on social networks and thus contribute to better marketing.

The plugins are disabled by default on our websites and, therefore, do not send any data to the social networks when you simply access our website.

To increase data protection, we have integrated the plugins in such a way that there is no automatic establishment of a connection to the servers of the networks. Your browser will only establish a direct connection to the servers of the social network in question if you activate the plugins and thereby give your consent to data transmission and further processing by the social network providers.
The content of the plugin will be transferred from the social network directly to your browser, which then embeds it in the website.

As a result, the relevant provider receives the information that your browser has accessed the corresponding page of our wWebsite, even if you do not have an account with this social network or are not currently logged in to it.

This information (including your IP address) will be transmitted from your browser directly to a provider server (usually in the USA) and stored there. We have no influence on the scope of the data that the provider collects with the plugin, though, to a certain extent, we can be regarded as jointly responsible (joint controllers) with the providers from a data protection point of view.

If you are logged into the social network, it can directly associate your visit to our website with your user account. When you interact with the plugins, the corresponding information is also transmitted directly to a provider server and stored there. This information may also be published on the social network and may be displayed to other users of the social network in some circumstances. The provider of the social network may use this information for the purpose of placing advertisements as well as for the needs-based design of the offer in question. For this purpose, user, interest and relationship profiles could be created, e.g., to evaluate your use of our website with regard to the advertisements displayed to you on the social network, to inform other users about your activities on our Website, and to provide other services associated with the use of the social network.

With regard to the purpose and scope of the data collection and further processing and use of data by the providers of the social networks, as well as your rights in this regard and settings options to protect your privacy, please refer directly to the privacy policies of the relevant providers.

If you do not want the social network provider to associate the data collected via our website with your user account, you must log out of the social network before enabling the plugins. For the processing outlined, the legal basis is your consent within the meaning of Art. 6 (1) (a) GDPR. You may revoke your consent, with effect for the future, at any time.

12. Transfer of data to third parties
Without the support of other companies, we would not be able to provide our services in the desired form. In order for us to be able to use the services of these companies, it is also necessary to share your personal data to a certain extent. In the case of these transfers, the legal basis is the necessity to fulfil the contract within the meaning of Art. 6 (1) (b) GDPR or, if there is no contract, our legitimate interest within the meaning of Art. 6 (1) (f) GDPR in the procurement of third-party services.

Data will also be passed on to selected service providers, and only to the extent necessary to provide the service. Various third-party service providers are already explicitly mentioned in this Privacy Policy. In other respects, these include, e.g., IT service providers (such as providers of software solutions) and consulting companies. For this data transfer, the legal basis is our legitimate interest within the meaning of Art. 6 (1) (f) GDPR in the procurement of third-party services.

In addition, your data may be passed on to authorities, legal advisers or debt collection agencies, in particular, if we are legally obliged to do this or if it is necessary to protect our rights, in particular, to enforce claims arising from our relationship with you. For this data transfer, the legal basis is our legitimate interest within the meaning of Art. 6 (1) (f) GDPR in the protection of our rights.

13. Transfer of personal data abroad
We are entitled to transfer your personal data to third parties abroad, insofar as this is necessary to carry out the data processing mentioned in this Privacy Policy. When doing so, the legal requirements pertaining to the disclosure of personal data to third parties are, of course, complied with. If the country concerned does not have an adequate level of data protection, we ensure that your data is adequately protected at these companies by means of contractual provisions.

14. Retention periods
We only store personal data for as long as is necessary to carry out the processing outlined in this Privacy Policy within the scope of our legitimate interest. In the case of contractual data, its storage is prescribed by statutory retention obligations. Requirements that oblige us to store data result from accounting regulations and tax law provisions. According to these regulations, business communications, concluded contracts and accounting records, in particular, must be kept for up to 10 years. The data will be deleted or anonymised as soon as there is no longer any obligation to retain it and no longer any legitimate interest in retaining it.

15. Data security
We make use of suitable technical and organisational security measures to protect your personal data that is stored by us against loss and unlawful processing, in particular, unauthorised access by third parties. The service companies commissioned by us are obligated by us to maintain confidentiality and uphold data protection. In addition, these persons are only granted access to personal data to the extent necessary to fulfil their tasks.

Our security measures are continually adapted in line with technological developments. However, the transmission of information via the Internet and electronic means of communication always entails certain security risks, and we, too, cannot provide an absolute guarantee regarding the security of information transmitted in this way.

16. Your rights
If the legal requirements are met, you, as a data subject affected by data processing, have the following rights:

  • Right of access: you have the right to demand access to your personal data stored with us at any time and free of charge if we process it.
  • Right to rectification: you have the right to have incorrect or incomplete personal data rectified and to be informed of the rectification.
  • Right to erasure: you have the right to have your personal data erased in certain circumstances.
  • Right to restriction of processing: you have the right to demand that the processing of your personal data be restricted.
  • Right to data portability: you have the right to receive the personal data you have provided to us from us in a readable format free of charge.
  • Right to object: you can object to data processing at any time.
  • Right to withdraw consent: you fundamentally have the right to withdraw consent you have provided at any time. However, processing activities based on your consent in the past will not become unlawful as a result of you withdrawing your consent.
  • Right to lodge a complaint: you have the right to lodge a complaint with a competent supervisory authority, e.g., against the way in which your personal data is processed.

To exercise these rights, please use the contact details in Section 2.
Last updated: October 2023