Privacy Policy
Gemmi Holding AG, Gemmistrasse 14, 3954 Leukerbad, Switzerland, is the author of this Privacy Policy and the controller of the information (data) collected about you under this Privacy Policy. In all other respects, the General Terms and Conditions (GTC) of Gemmi Holding AG apply.
We know that the careful handling of your personal information is important to you. That is why we value your trust that Gemmi Holding AG will handle this information conscientiously. Gemmi Holding AG is responsible for the collection, processing, disclosure, storage, and protection of your personal information and ensures compliance with Swiss data protection law. This consent may be revoked at any time with future effect.
1. Contact Information
The data controller is:
Gemmi Holding AG
Gemmistrasse 14
3954 Leukerbad
Switzerland
+41 27 470 12 01
You can contact the Data Protection Officer of Gemmi Holding AG at: management@gemmi.ch
2. Type and Scope of Collection of Personal Data
when visiting our website (without logging in)
When you visit our website outside of the login-protected area, the web server technology we use automatically logs general technical visit information. This includes, among other things, the IP address of the device used (anonymized), information about the browser type, the Internet service provider, and the operating system used.
3. Data Security
We employ technical and organizational security measures in accordance with recognized market standards to protect personal data stored with us against accidental, unlawful, or unauthorized manipulation, deletion, alteration, access, disclosure, or use, as well as against partial or complete loss. The servers of Gemmi Holding AG are located in a multi-certified and secure data center in Switzerland. The connection to our servers is established using SSL encryption. We regularly perform backups of customer data. To prevent data loss even in extreme cases (e.g., destruction of the data center by an earthquake), the encrypted backups are stored in parallel across multiple data centers both domestically and abroad. Our security measures are continuously adapted and improved in line with technological developments. We assume no liability for the loss of data or for its disclosure to or use by third parties. Furthermore, we cannot guarantee the security of data transmission over the Internet; in particular, there is a risk of third-party access when data is transmitted via email. However, access is protected via HTTPS. If explicitly requested by the customer, the customer may opt for two-factor authentication at any time.
4. Purpose of Processing Personal Data / Recipients of the Data
We process the collected data to continuously improve the products and services you request, to manage your use of and desired access to our applications, products, and information, to maintain our business relationship with you, to monitor and improve the performance of our offerings, to detect, prevent, or investigate illegal activities, and to send you advertising, information, or marketing materials regarding products or services that we believe, based on the data, may be of interest to you. The data may also be transferred to partner companies and service providers, selected third-party companies, institutions, and/or legally authorized government authorities, both domestically and abroad, for processing and storage in connection with the aforementioned purposes. If the processing or storage of personal information takes place in countries that do not guarantee an adequate level of data protection compared to Swiss data protection law, we require the data processor to fully comply with the relevant provisions of the EU GDPR under a contractual obligation.
We have some of the aforementioned processes and services carried out by service providers commissioned in compliance with data protection regulations, which are based within the EU or Switzerland. These are companies in the categories of IT services, payment processing, printing services, billing,
debt collection and consulting, as well as sales and marketing, and service providers whom we engage within the framework of data processing agreements.
5. Cookies
Cookies help make your visit to our websites easier, more enjoyable, and more meaningful. Cookies are information files that your web browser automatically stores on your computer’s hard drive when you visit our website and use our services.
You can manage your browser’s security settings yourself and thereby block or disable the cookies we use; however, certain services of Gemmi Holding AG may then no longer be available (in full).
Tracking and Analysis Tools / Social Media
The use of our digital offerings is measured and evaluated using various technical systems, primarily from third-party providers such as Google Analytics. These measurements can be conducted both anonymously and on a personal basis. In doing so, it is possible that the collected data may be passed on by us or the third-party providers of such technical systems to third parties in Switzerland and abroad for processing. The most frequently used and best-known analytics tool is Google Analytics, a service provided by Google Inc. This means that the collected data may generally be transmitted to a Google server in the United States.
Our website uses Google Analytics, a web analytics service provided by Google Inc., located at 1600 Amphitheatre Parkway, Mountain View, CA 94043, U.S.A. (“Google”). Google Analytics uses so-called cookies, text files that are stored on your computer and enable an analysis of your use of the website. The information generated by the cookie about your use of the website (including your IP address) is transmitted to a Google server in the U.S. and stored there. Google will use this information to evaluate your use of the website, to compile reports on website activity for us, and to provide other services related to website and internet usage. Google may also transfer this information to third parties where required by law, or where such third parties process the data on Google’s behalf. Google will never associate your IP address with any other data held by Google.
If you do not want your website activity to be available to Google Analytics, you can install the browser add-on to disable Google Analytics [Link: support.google.com/analytics/answer/181881. This prevents activity data from being shared with Google Analytics via the JavaScript (ga.js, analytics.js, and dc.js) executed on websites.
The analysis of data by other tools used by the website owner is not prevented when you use the add-on. Data may still be sent to the website or to other web analytics services.
Integration of Third-Party Services / Social Media
Our digital offerings are linked in various ways to third-party functions and systems, such as through the integration of plug-ins from third-party social networks, including in particular Facebook, Twitter, etc. If you have a user account with these third parties, they may also be able to measure and evaluate your use of our digital offerings. In doing so, additional personal data, such as IP address, browser settings, and other parameters, may be transmitted to these third parties and stored there. We have no control over the use of such personal data collected by third parties and assume no responsibility or liability. Furthermore, Gemmi Holding AG has no detailed knowledge of what data is transmitted to third-party providers, where it is transmitted, or whether it is anonymized.
6. Automated Decisions
Gemmi Holding AG does not use profiling or automated decision-making techniques. Should Gemmi Holding AG use these procedures in individual cases, we will inform you separately, provided this is required by law.
7. Communication via Email
You may unsubscribe from electronic mailings at any time or adjust the type and scope of this marketing service.
8. Legal basis for processing
Your data is processed in accordance with Article 6(1)(b) of the GDPR for the purpose of fulfilling the contract. The subject matter of the contract is the services mentioned above.
Likewise, your data is processed, as described above, to safeguard the legitimate interests of Gemmi Holding AG (Article 6(1)(f) of the GDPR). These include improving products and services, monitoring and enhancing the performance of our offerings, and detecting, preventing, or investigating illegal activities.
In addition, data is processed in accordance with Article 6(1)(c) of the GDPR to fulfill legal obligations (e.g., retention and documentation requirements). This includes, in particular, your personal master data.
9. Duration of Storage
Gemmi Holding AG processes and stores your personal data for as long as you use the service. It should be noted that the contractual relationship is a continuing obligation that is designed to last for years.
If the data is no longer necessary for the fulfillment of contractual or legal obligations, it will be deleted on a regular basis, unless its—temporary—further processing is necessary for the following purposes:
Compliance with commercial and tax law retention obligations in Switzerland: Of particular note is the ten-year period for maintaining and retaining business records (OR 958f).
Compliance with commercial and tax law retention obligations in Germany: These include the German Commercial Code (HGB) and the German Fiscal Code (AO). The retention and documentation periods specified therein range from two to ten years.
Preservation of evidence within the framework of statutory limitation periods in Germany. According to Sections 195 et seq. of the German Civil Code (BGB), these limitation periods can be up to 30 years, with the standard limitation period being three years.
10. Access, Rectification, Erasure, Restriction, Consent
With regard to your personal data, you have the following rights if you are personally subject to the rights and obligations of the GDPR:
the right of access under Article 15 of the GDPR,
the right to rectification under Article 16 of the GDPR,
the right to erasure under Article 17 of the GDPR,
the right to restriction of processing under Article 18 of the GDPR,
the right to data portability under Article 20 of the GDPR, and
the right to object under Article 21 of the GDPR.
If you are asked to provide consent in connection with the services of Gemmi Holding AG, you grant this consent by checking the corresponding checkbox, thereby authorizing Gemmi Holding AG to collect, process, and use your personal data accordingly.
You may, of course, withdraw your consent at any time without affecting the lawfulness of the processing carried out on the basis of your consent prior to withdrawal. The withdrawal may be sent in writing to the address of Gemmi Holding AG mentioned above. However, an email to info@gemmi.ch is also sufficient. Please note, however, that some of the services and features will no longer be available to you thereafter.
The restrictions under Sections 34 and 35 of the BDSG apply to the right of access and the right to erasure. In addition, you have the right to lodge a complaint with a competent data protection authority (Article 77 of the GDPR, Section 40 of the BDSG).
11. Links to Other Websites
The Gemmi Holding AG website contains hyperlinks to third-party websites that are not operated or controlled by Gemmi Holding AG. Gemmi Holding AG is not responsible for their content or data protection practices.
Use of Data
The personal data you provide (such as your name, address, and email address) will be used by us as follows:
To book accommodation, you must provide your contact information. You are only required to fill in the marked fields (name, address, and email address, as well as the names and dates of birth of the travelers) and provide details regarding the inquiry (e.g., dates of stay). Additional information (such as telephone or fax numbers) is not mandatory.
The personal data you provide will be processed and used by the operator only to the extent necessary for handling the inquiry and/or providing the requested service. In the course of this data processing, the operator forwards the collected personal data to the following third parties:
zadego GmbH, easybooking department, Tschamlerstraße 4 A-6020 Innsbruck (A),
Tel: +43 5 0908, Email: office(at)easybooking.at, Easybooking Privacy Policy
Last updated: April 14, 2026