Privacy Information Notice

Contact details of the person responsible for this website and the services offered on it:
Hotel Cristallo Arosa AG
Poststrasse 103
7050 Arosa
hotel@cristalloarosa.ch

Our representative in the EU is:
Sachverständigenbüro Mülot GmbH
Green way 80
48268 Greven
Germany

Website
When you access our website, we collect the IP address of the device you are using, the date and time of access, the name and URL of the file accessed, the website from which the access is made (referrer URL) and the browser you are using. This data is stored for a maximum of 6 months. Our website uses cookies (files or texts that are downloaded to your device when you access our website), whereby we only use functional and necessary cookies. This data collection serves to ensure a seamless connection and the optimal use of our website as well as the evaluation of the system's security and stability. These purposes justify our legitimate interest in data processing and, where necessary, constitute its legal basis.

Online booking
For online booking, you will be redirected to the SimpleBooking website of QNT s.r.l., via Lucca 52, Florence, Italy. You will find all further information in the privacy and cookie policy displayed in the footer of the booking window.

The legal basis required in the EU or EEA is the conclusion and performance of a contract with you and our legitimate interest in using an external service provider for the online booking.

Enquiries and bookings by e-mail and telephone
If you contact us by telephone or e-mail, we will take your name and telephone number or e-mail address. If you make a booking, we also collect the following data:

The personal or secondary data communicated to us by e-mail or telephone/video conference are also processed by the corresponding providers. The legal basis required in the EU or EEA is the conclusion and performance of a contract with you.

Payment on site
If you pay on site, our card payment service provider (Concardis Nets Schweiz AG) collects the name, amount and card details. The legal basis required in the EU or EEA is the performance of a contract with you and our legitimate interest in using an external service provider for payment processing.

Other data processing and recipients
Your data will also be processed by our external IT and server providers. The legal basis required in the EU or EEA is our legitimate interest in ensuring the IT security and operation of our company through external service providers.

Furthermore, data may be processed by the group companies GF Holding Group AG and Fluri Real Estate AG, which support us in administrative matters. The legal basis for this also lies in our legitimate interest in obtaining specialist support.

Retention period
In general, data is kept for 10 years. The processing serves on the one hand, to fulfil legal obligations (e.g. bookkeeping, payment of taxes) and, on the other hand, to process bookings (see above). Other data (e.g. enquiries) is usually deleted after 6 months.

Your rights
You have the right to request information about the personal data about you we have processed. You have the right to object to data processing by us. If we process your personal data on the basis of your consent, you have the right to revoke this consent at any time with effect for the future. Furthermore, you may - to the extent permitted by law - request the correction, deletion or restriction of the processing of your personal data. Finally, you have the right to complain to the competent data protection authority.