Privacy statement
Important legal information
Bar Palladio Jaipur, Barbara Miolini, Via Torelli 61, 23100 Sondrio / Italy (hereinafter also referred to as "we") is the operator of the website www.bar-palladio.com and www.caffe-palladio.com (hereinafter referred to as "our website") and responsible for the collection, processing and use of your personal data.
This privacy policy is intended to inform you of the personal data and information we collect from you on our website and for what purpose we use and evaluate it. We assure you that we take your privacy and data protection seriously, we train our employees and pay attention to appropriate data protection security (with organizational and technical measures). All personal data protected by the FADP and GDPR, which arise during the use of our website or are recorded in the context of the registration, are used exclusively for the fulfillment of the contract, unless you expressly consent for further use or the applicable law legitimizes this.
When dealing with your data, we always comply with the applicable law – we comply with the legal provisions of the totally revised Swiss Federal Act on Data Protection (FADP), the implementing provisions in the new Ordinance to the Federal Act on Data Protection (DPO) and the new Ordinance on Data Protection Certifications. Furthermore, we comply with the Telecommunications Act (TCA) and any other applicable data protection provisions of Swiss or EU law, in particular the EU General Data Protection Regulation (GDPR).
By using our website, you agree to the following terms and conditions.
Responsible body
The responsible body for data protection is:
Bar Palladio Jaipur
Barbara Miolini
Via Torelli 61
23100 Sondrio / Italy
info@bar-palladio.com
Disclaimer
Despite the greatest possible care, we assume no liability for the correctness, accuracy, up-to-dateness, reliability and completeness of the information published on our website.
We disclaim all liability (including negligence and liability to third parties) arising out of actual or potential damages, whether material or immaterial, arising out of the access to our website, arising out of the use or inability to use elements of our website, arising through misuse of the connection, through technical malfunctions, through viruses or arising from linking to other websites. We exclude any liability for damages caused by auxiliary persons.
All offers are to be understood as non-binding. We reserve the right to modify, supplement or delete parts of the pages or the entire offer without prior notice.
Liability for links to other websites
To provide you with further useful information, our website contains links to third-party websites or extracts from third-party websites within our website. How these providers handle the personal information collected on their website is beyond our control and responsibility. We also assume no liability for the access, content, functioning and use of these websites. The access to a website via these links or excerpts is at your own risk.
Copyright
The entire content of our website is protected by copyright or other rights and belongs exclusively to us or the designated legal owners. The elements on our website are freely accessible only for browsing purposes. The full or partial reproduction, modification, use or redistribution of any part of our website requires the prior written consent of the copyright holder.
Anyone who commits a copyright infringement without the consent of the respective rights holder may be liable to prosecution and may be liable to damages.
Collection, processing and use of your personal data
Personal data is any information that is used to identify you and which can be traced back to you (e.g., name, postal address, telephone number, e-mail address).
A data subject is someone whose personal data is processed. Processing includes all actions with personal data, such as in particular the storage, disclosure, collection, procurement, deletion, storage, modification, destruction and use of personal data. We process personal data in accordance with the statutory data protection regulations.
Unless otherwise stated in the following sections, no personal data is collected, processed or used when you visit or use our website. We only ask you for personal information where this is necessary for communication with you or for the execution of services offered.
Through the use of analysis and tracking tools, however, we receive certain technical information that is generated on the basis of the data transmitted by your browser (such as browser type and version, operating system used, web pages visited on our site including dwell time). This information is evaluated exclusively for statistical purposes.
When accessing our websites (www.bar-palladio.com / www.caffe-palladio.com)
When you visit our website, our servers temporarily store every access in a log file. As with every connection to a web server, the following data is automatically collected and stored by our hoster (Internet service provider):
- IP address of the requesting computer
- Date and time of access
- Name and URL of the retrieved file
- Website from which access was made
- Operating system of the requesting computer
- Browser used (type, version and language)
- Country from which the access was made
The collection and processing of this data will enable the use of our website (connection establishment), which will ensure system security and stability and enable the further development of our online offering as well as internal statistical evaluations. This is our legitimate interest in the data processing. In the event of unauthorized or abusive website use, the IP address can be evaluated together with other data for clarification. When visiting our website, we also use so-called pixels and cookies for the use of web analysis services.
Using our online shop
Please note that the following data is stored with us for the purpose of simpler purchasing and for the purpose of contract execution:
- First and last name
- Postal address
- E-mail address
- Means of payment of the buyer
- IP address of the requesting computer (as part of cookies)
- Telephone number (optional)
The data you provide is required to fulfill the contract or to carry out pre-contractual measures. Without this data, we cannot conclude the contract with you. A transfer of data to third parties does not take place, with the exception of the transmission of debit/credit card data to the processing bank/payment service provider for the purpose of debiting the purchase price, with the exception of the transmission of data to the transport company/shipping company commissioned by us to deliver the goods and with the exception of the transmission of data to our trustee to fulfill our tax obligations.
Sharing of your data with third parties
We would like to assure you that we will only share your personal information if there is a legal obligation, if you have expressly consented or if we have a legitimate interest (for example, to enforce our rights). We only disclose your data to third parties as far as this is within the scope of using the website for the provision of the services requested by you (for example, hosters or companies with whom we offer the offers on our website (e.g., for bookings, purchase, rent, etc .)) as well as for the analysis of your user behavior.
When sharing data with third parties, we provide sufficient contractual guarantees that such a third party protects the personal data in accordance with legal requirements and uses the personal data exclusively in our interest.
Transfer of personal data abroad
For the purpose of the data processing listed in this privacy policy, we are permitted to also transfer your personal data to third parties (contracted service providers) abroad. They are obliged to maintain the same level of data protection as we have. If the level of data protection in a country does not correspond to that of Switzerland or the EU, we contractually ensure that the protection of your personal data meets the level of protection in Switzerland or in the EU at all times.
Note on data transfer to the USA
Users who are residing or having their registered office in Switzerland should note that in the USA surveillance measures by the US authorities are in place which generally allow the storage of all personal data of any individual whose data were transmitted from Switzerland to the USA. This is done without any differentiation, restriction or exception on the basis of the objective pursued and without any objective criteria that would limit the US authorities' access to the data and its subsequent use to very specific, strictly limited purposes that would justify the intervention associated with access to and use of these data. We also point out that in the United States there are no legal remedies available for data subjects from Switzerland allowing them to access their data or request that it be rectified or erased and that no effective legal protection against the general access rights of the US authorities exists. We explicitly inform the data subjects about this legal and factual situation in order to enable them to make a properly informed decision on giving their consent to the use of their data.
We inform users residing in an EU Member State that from the EU's point of view, the US does not have an adequate level of data protection, partly due to the issues mentioned in this section. With regard to US-based recipients of data (such as Facebook, Twitter) referred to in this data privacy policy, we ensure, either by means of contractual arrangements with those companies or by ensuring that they are certified under the EU or Swiss-US Privacy Shield, that your data are adequately protected while in the custody of our partners.
Data security
In order to ensure the security of your personal data (for example, against manipulation, against loss and against unauthorized access by third parties), we have implemented a large number of technical and organizational security measures and are constantly developing these. However, we cannot guarantee absolute data security. Our employees and the service companies commissioned by us have been obliged by us to secrecy and to comply with the data protection regulations.
You should always keep your information confidential and close the browser window when you stop communicating with us, especially if you use the computer together with other users.
SSL/TLS encryption
For security reasons and to protect the transmission of confidential information (e.g., in the payment process or when sending us orders or requests), our website uses SSL/TLS encryption. You can recognize an encrypted connection when the address line of the browser changes from "http://" to "https://" and when you see the lock symbol in your browser line. If SSL or TLS encryption is enabled, the data you submit to us cannot be read by third parties.
Cookies
By using cookies, we can provide users of our website with more user-friendly services that would not be possible without the cookie setting. Cookies are information files that your Internet browser automatically saves to your computer's hard drive when you visit our website. Cookies neither damage the hard disk of your computer nor are personal data transmitted by these cookies.
For example, we use cookies to temporarily store your selected services and submissions when filling out a form on the website, so that you do not have to repeat the entry when you access another subpage. As another example we would like to mention the cookie of an online shopping cart. The online shop remembers the items that you have placed in the virtual shopping cart via a cookie. Cookies may also be used in order to be able to recognize you as a registered user after registering on the website without having to log in again when accessing another subpage.
Cookies are stored in the browser either as "session cookies" or "permanent cookies". "Session cookies" delete themselves automatically when the browser is closed. Permanent cookies have a specific storage period. They enable the browser to be recognized the next time you visit our website and are used, for example, to measure reach.
In general, you can object to the use of cookies for online marketing purposes, in particular tracking, in general (so-called "opt-out"). This is possible, for example, via the following US service https://optout.aboutads.info/?c=2&lang=EN or the EU website https://www.youronlinechoices.com. Detailed information on the opt-out options can be found at the respective providers and their data protection provisions. In addition, the storage of cookies can be prevented by deactivating them in the browser settings. Please note that this may impair certain functions of our online offering.
Tracking tools and social media plugins
Through the use of tracking tools, your surfing behavior is monitored for the purpose of the needs-based design and continuous optimization of our website. In this context, pseudonymized usage profiles are created and small text files stored on your computer ("cookies") are used.
For this purpose, third-party entrepreneurs can also use permanent cookies or similar technologies. The third-party entrepreneur does not receive any personal data from us, but can track your use of our website, combine this information with data from other websites that you have visited and are also tracked by the third-party entrepreneur, and use these findings for their own purposes (e.g., advertising).
The processing of your personal data by the third-party entrepreneur then takes place in the responsibility of the service provider according to its data protection regulations. The following tracking tools are used on our website:
Google Analytics with IP anonymization
We use Google Analytics on our website, a web analytics service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google"). We use Google Analytics with activation of IP anonymization ("anonymizeIP").
Google Analytics uses cookies that are stored on your computer, allowing us to analyze the website usage. The following information generated by these cookies, including your anonymized IP address, is transmitted to Google:
- Returning or new visitor
- Length of time spent on the website or subpage
- Navigation path that you follow on the site
- The subpage on which the website will be left
- The country, region or city from where access is made
- Terminal device (type, version, color depth, resolution, width and height of the browser window)
Google will process this information in order to evaluate your use of our website, to compile reports on website activity for us, and to provide other services related to website activity and Internet usage. Google will also transfer this information to third parties if required by law or if third parties process this data on behalf of Google. Google does not claim to link your IP address to any other data provided by Google. For more information, see the Google Analytics Privacy Policy: https://support.google.com/analytics/answer/6004245?hl=en
You can prevent the installation of cookies by configurating your browser software accordingly. We point out, however, that you may not be able to use all the features of our website if you do so. Instructions on how to prevent the processing of your data by the web analytics service Google Analytics can be found at https://tools.google.com/dlpage/gaoptout?hl=en
Google Tag Manager
We use the Google Tag Manager from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google"). With the help of this Google service, website tags can be managed via an interface. The Google Tag Manager tool only implements tags, i.e. no cookies are used and no personal data is collected. The Google Tag Manager takes care of triggering other tags, which in turn may collect data. However, Google Tag Manager does not access this data. If a deactivation has been made at the domain or cookie level, this remains in place for all tracking tags implemented with Google Tag Manager.
For more information, see Google's privacy policy: https://policies.google.com/privacy and at https://marketingplatform.google.com/about/analytics/tag-manager/use-policy
YouTube
You will find YouTube clips embedded on our website. YouTube is owned by Google Ireland Limited, a company incorporated under the laws of Ireland with its registered office at Gordon House, Barrow Street, Dublin 4, Ireland. This company operates the Services in the European Economic Area and Switzerland. The movies are displayed using iframes. This means that a third-party web page is accessed in the area of the web page where the movie is displayed. The data processing in this iframe is beyond our control. If you are logged in to your YouTube account, YouTube will associate the watched video with your YouTube account. You can disable this if you log out of your YouTube account first. YouTube will write a cookie as soon as the page loads.
YouTube's Privacy Policy, available at https://policies.google.com/privacy?hl=en, identifies the collection, processing, and use of personal data by YouTube and Google.
Instagram feed
On our website we use a plugin from Instagram. Instagram's operating company is Instagram LLC, 1 Hacker Way, Building 14 First Floor, Menlo Park, CA, USA. The plugin is based on the JavaScript code "LightWidget". It shows thumbnails of our Instagram profile. When LightWidget is enabled, personal data may be transferred to Instagram or LightWidget.
When you visit a page on our website that contains such a plugin, your browser connects directly to Instagram's servers. The content of the plugin is transmitted by Instagram directly to your browser and integrated into the page. Through this integration, Instagram receives the information that your browser has accessed the corresponding page of our website, even if you do not have an Instagram profile or are currently not logged in to Instagram. This information (including your IP address) will be transmitted by your browser directly or via LightWidget to an Instagram server in the US and is stored there. We have no knowledge of the content and usage of the transmitted data and we do not store those data.
If you are logged in to Instagram, Instagram can instantly link your visit to our website with your Instagram account. If you interact with the plugins, for example by clicking on the "Instagram button" or by clicking on one of the pictures, this information will also be transmitted directly to an Instagram and/or LightWidget server and is stored there.
If you do not want Instagram to directly link the data collected through our website to your Instagram account, you'll need to log out of Instagram before visiting our website. To learn more about the purpose and scope of the data collection and the further processing and use of the data by Instagram, as well as your rights and options to protect your privacy, please refer to the privacy policy of Instagram and LightWidget: https://instagram.com/about/legal/privacy and https://lightwidget.com/privacy
Web Fonts (Google Fonts, Adobe Fonts, Monotype)
For the uniform presentation of fonts, our website uses so-called web fonts provided by Google, Adobe or Monotype. When you visit our website, your browser loads the required web fonts into your browser cache to correctly display texts and fonts. To do this, the browser you are using must connect to the Google, Adobe or Monotype servers. This will alert Google, Adobe or Monotype that our website has been accessed through your IP address. The use of web fonts is in the interest of a uniform and attractive presentation of our online offers. If your browser does not support web fonts, a default font will be used by your computer. For more information, please see the Google Privacy Policy: https://policies.google.com/privacy?hl=en, the Adobe Privacy Policy: https://www.adobe.com/privacy/policies/adobe-fonts.html and the Monotype Privacy Policy: https://www.fonts.com/info/legal/privacy
E-payment service provider
We have integrated e-payment modules from online payment service providers (such as PayPal) on our website. During the ordering process in our online shop, you can choose as payment option for instance "PayPal", your personal data will then automatically be transmitted to PayPal. By selecting this payment option, you consent to the transfer of personal data required for payment processing.
The transmitted personal data are usually first name, last name, postal address, e-mail address, IP address, telephone number or other data necessary for the payment and settlement of the purchase contract and personal data related to the respective order. You can retrieve the applicable data protection regulations from the respective online payment service provider.
https://www.paypal.com/webapps/mpp/ua/privacy-full
Legal basis for the processing of personal data
Our processing of personal data is carried out within the framework of Swiss data protection law, in particular in accordance with the Federal Act on Data Protection (Data Protection Act, FADP) and the Ordinance on Data Protection (Data Protection Ordinance, DPO). If and to the extent that the General Data Protection Regulation (GDPR) is applicable, the processing of personal data is carried out in accordance with the GDPR legal basis.
In general, the following articles serve as legal bases for the processing of personal data by us:
Article 13 (2) (a) FADP (processing directly related to the implementation of pre-contractual measures or the performance of a contract, corresponds to Article 6 (1) (b) EU GDPR).
Article 13 (1) FADP (consent of the data subject or obligation to process by law, corresponds to Article 6 (1) (a) EU GDPR).
Article 13 (1) FADP (corresponds to Article 6 (1) (f) EU GDPR) Processing of personal data in order to protect the legitimate interests of us or of third parties, provided that this does not override the fundamental freedoms and rights and interests of the data subject. These legitimate interests include, in particular, our business interest in being able to provide our website, information security, the enforcement of our own legal claims and compliance with Swiss law. Processing of your personal data by other companies within the group also takes place in accordance with Article 13 (1) FADP (corresponds to Article 6 (1) (f) EU GDPR).
Profiling and automated decision-making
No profiling or automated decision-making takes place either in our company or with third parties commissioned by us. Profiling is described as customer data that is processed automatically to evaluate personal aspects such as economic situation, health, interests, behavior etc.
Retention of data
We store personal data only as long as necessary, e.g. for tracking and analysis services in legitimate interest or legal obligations. We keep user account master data indefinitely, but you can request deletion. For unregistered orders, we delete master data after the warranty period or end of service, unless retention obligations apply. We retain contract data for up to 10 years in accordance with billing and tax regulations. After the end of use, data is blocked and used only for billing and tax purposes.
Rights of data subjects
Data subjects receive from us all the rights to which they are entitled under the applicable data protection provisions.
Right to confirmation and right to information: You have the right to receive information about whether and which personal data about you are processed by us. Furthermore, data subjects have the right to be provided with the necessary information to assert their claims under data protection law and to ensure transparency. This includes not only the personal data processed, but also information about the purpose of processing, the retention period, possible onward transfers or transfers of data to other countries and the origin of the personal data.
Right to rectification and right to restriction of processing: you have the right to have inaccurate personal data rectified, to have incomplete data completed and to have the processing of your data restricted.
Right to withdraw your consent to the processing of non-mandatory personal data and right to erasure: You have the right to request the erasure of your personal data ("right to be forgotten") and to revoke the future processing of your personal data.
Right to object: You may object to the processing of your personal data at any time.
Right to data disclosure and right to data portability: You have the right to request the disclosure of the personal data in question in a structured, common and machine-readable format or to request the transfer of your data to another data controller.
Personal data is processed for the period of time required for the specific purposes in question. If longer retention obligations exist due to legal or other obligations to which we are subject, we limit the processing accordingly.
As permitted by law, we reserve the right to defer, restrict or refuse the exercise of data subjects' rights. For example, we may legally refuse to delete if your personal data is still needed for the original purposes (e.g., if you continue to receive a service from us), if the processing is based on a compelling legal basis (e.g., legal accounting requirements), or if we have an overriding interest of our own (e.g., in the event of a dispute with the data subject).
We are required to ensure that individuals who request information or wish to exercise other rights are appropriately identified. Data subjects are obliged to cooperate.
Right of complaint to a data protection supervisory authority
Data subjects have the right to enforce their data protection claims through legal channels or to complain to a competent data protection supervisory authority. The supervisory authority for data protection in Switzerland is the Federal Data Protection and Information Commissioner (FDPIC).
Jurisdiction and applicable law
This privacy policy, along with any agreements stemming from or associated with it, are subject to Swiss law, unless the laws of another state is mandatory. Any legal disputes will be settled in the jurisdiction where the website operator is located, unless a different jurisdiction is legally mandated.
Final provisions
If individual parts of this privacy policy are found to be invalid, the validity of the remaining sections of the privacy policy remains unaffected. We reserve the right to modify this privacy policy to reflect changes to our website, offerings, or new legal or regulatory requirements. The current privacy policy is always published on our website.
Updated: September 2023