Privacy

Privacy statement relating to personal data processing and the use of our website

Dear Customer,

Our customer operates in the real estate agency sector. In addition to traditional real estate agency services, our company is specialized in the short term lease of properties in a number of European locations. Thanks to our network of trusted partners, we offer our customers a number of services (such as drivers, limousines, etc.), food and management services (chefs, waiters, housekeepers, etc.)

Since the General Data Protection Regulation came into force on 25 May 2018 (known as "GDPR" or Regulation 2016/679 – hereinafter the "GDPR"), the European Union has strengthened the rights of individuals resident in the EU in relation to the processing of their personal data. There is currently a broad review of the Ordinance on the federal data protection legislation underway in Switzerland whose full review process was completed at the end of 2020, which is expected to afford data subjects the same rights as GDPR to customers residing in Switzerland. The new Swiss Data Protection Law and the Swiss Data Protection Law decree are expected to come into force at the end of 2022, start of 2023.

Should the GDPR apply to CLD SWISS Sagl by virtue of the non-European Union provisions set forth therein, it should be borne in mind that CLD SWISS Sagl is at all times required to comply with federal law, specifically, but not solely, the Swiss Data Protection Law.

In order to provide our services, we need to obtain some personal data from our customers. This privacy statement – which is provided under Article 13 of GDPR - is aimed at providing you with all the necessary information that protects customer and website user rights.

 

  1. Who we are
  2. Which data we collect and why
  3. Consent
  4. Your rights
  5. Safety measures (how we protect your data)
  6. Data retention periods
  7. Transferring your data to third parties and abroad
  8. Cookies, analysis and tracing systems, social media plug ins, external links
  9. Minors
  10. General provisions
  11. Exclusively informational purpose, exclusion of liability, comments and feedback
  12. Changes to this privacy statement
  13. Misunderstanding and discrepancies in interpretation

 

  1. Who we are

    CDL SWISS SAGL, Strada Cantonale, Stabile n. 218, 6563 Mesocco, hereinafter referred to as the "Company", is responsible for managing the websites www.wevillas.ch, www.wevillas.com, www.villasbuy.ch and www.villasbuy.com. The Company acts as controller for the processing of personal data via those websites.

  2. Which data we collect and why

    We need to collect personal data from our Customers and from website users in order to provide our services.
    Part of that data is automatically transmitted by the device you use when connecting with our website. If you would like to block that automatic transfer, then you need to disable the transfer of personal data via your browser.
    Other data is provided directly by Customers in order to receive information, newsletters or other communications relating to our services, proposals or offers available on the website.
    1. Data collected via our server when you access our website:

    • Date and time of access;

    • IP number for your computer;

    • The browser you are using via your device;

    • The country connecting with our server and information on language, screen, position, etc.;

    • Your operating system;

    • Your Internet service provider

    2. Data that you provide when registering with our website:

    • Name and surname;

    • Address;

    • E-mail address;

    • Telephone number;

    • Fax number, if any;

    • Preferred language;

    • Credit card details and/or other payment details;

    • Date of birth

    3. Data you provide for communicating with the Company:

    • Name and surname;

    • Preferred language;

    • E-mail address;

    • E-mail address;

    4. Data processing must be lawful and this implies that it is underpinned by the Data Controller’s right to process the data in question. This right may be exercised with regard to contractual relations (or otherwise in order to perform an agreement between the parties, the Data Controller requires the client’s personal data), or otherwise with regard to a legal obligation (in certain areas, the Data Controller is legally required to obtain certain data, for example for tax purposes) or it may be based on the Data Controller’s legitimate interest. Lastly, data processing may be carried out subject to consent granted by the data subject (see C. below). In our case, except for marketing and advertising campaign communications by means of which we inform our clients of the objects available at any one time, all the other personal data collected is needed primarily for discharging our contractual obligations and hence it is not necessary for the Data Controller to obtain the client’s consent, which is implicit.

  3. Consent

    The GDPR defines consent as: “any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her”.

    Domestic data protection law will specify that: “consent is valid if given freely and unequivocally after being duly informed. Express consent is required for the processing of personal data that requires special protection or for profiling”.

    Consent must always be granted expressly with respect to particularly sensitive personal data, such as for example data regarding religious beliefs, ethnicity, political affiliations, etc. Our Company does not collect this type of information given that it is not needed in order to provide our services. For less sensitive data, consent may be granted freely by any means, for example via mere confirmation, or it can be assumed to have been granted if the data in question is mandatory for the provision of our services. In that case, your request for services from our Company will imply that you agree with the Company using your data in order to provide you with the requested service (for example, payment details, delivery address, etc.).
    Other data is required for marketing purposes and is expressly collected for that purpose. Please note that you can deny your consent to data processing for that purpose and you may simply withdraw your consent if you had granted it in the past.

    2. In so far as our data processing is based solely on consent, should you withdraw your consent, all data processing operations shall be terminated. Bearing in mind that the only data processing operations performed by us on this basis relate to web marketing, in the event that you withdraw your consent to data processing, with immediate effect, all information relating to the mailing list and any personalized choices etc shall be permanently removed from our systems.

    3. Our personnel is available if you have any doubts or queries regarding the processing of personal data. See Section D below if you wish to make a request.

  4. Your rights

    If the GDPR applies, you have the right to request that your data is:

    • updated, rectified or (in the event data is incomplete) integrated;

    • erased, if:
      - your data is no longer required for the purpose for which it was collected or processed;
      - you have withdrawn your consent or objected to processing;
      - your data was processed unlawfully or has to be erased to comply with law;

    • limited in terms of processing, if:
      - your data is inaccurate or processed unlawfully or if you have objected to its processing;
      - even if the Company no longer needs it for processing, it is necessary for the Company to protect your statutory rights;

    • transferred to another controller (“right to portability”), if the processing is on a consent basis and processed automatically.

     

    transferred to another controller (“right to portability”), if the processing is on a consent basis and processed automatically.
    In accordance with applicable law, you are entitled to contact the competent authorities (in Switzerland the Federal Data Protection and Information Commissioner and in other countries, the national Data Protection Authorities).

  5. Safety measures (how we protect your data)

    The Company implements appropriate technical and organizational measures to protect your personal data from unauthorized processing and data loss. The technical systems are maintained adequately taking into account the constant developments in technology.

    In order to avoid unlawful processing or data loss, we advise our customers and our users to use updated systems and not to share sensitive information with third parties, such as credit card details, user names or passwords.

    In order to guarantee a high quality service, excellent products and the discretion that we are known for, the Company has strengthened its corporate policies so that your personal data is accessible solely by the personnel effectively needed to process your requests.

  6. Data retention periods

    Customer personal data is processed and retained in accordance with the principle of the time strictly required to provide the services requested by the Customer (contractual basis) or in accordance with law (legal basis). In particular, the data is stored for the entire duration of the contractual relationship between the Customer and the Company for accounting and legal purposes (for example, in the event of litigation brought by or against the Company). In any event, in the event the Company no longer has legal grounds for storing the data, they will be anonymized or respectively erased.

  7. Transfer of your data to third parties and abroad

    1.In order to provide the services, in some circumstances the Company has to provide your personal data to third parties (outsourcing), in particular in relation to the management of the website, sending out newsletters and for profiling or marketing purposes. Moreover, the data must be sent to our partners with respect to leased and sold items.
    2. In general, the Company mainly carries out its business in Switzerland and Europe. The information is therefore exchanged with partners subject to GDPR, the FADP and guarantee the protection of personal data.
    3. Under the GDPR, users resident in Europe are guaranteed the protection of their personal data as the GDPR applies outside resident states.
    4. With respect to the communication of personal data in the United States of America, note that the transfer is managed in accordance with GDPR provisions and FADP respectively. We wish to inform Customers that the United States of America, as with other countries in the world, does not offer an adequate protection of personal data. In order to offer sufficient protection, recipients of the data must be obliged either by contract or by specific programmes to offer an adequate protection of personal data. If in order to perform a contract with you, we need to send your data to the US, we will ask you for your express consent and if you deny said consent, we will not be able to perform the request and/or the contract.
    5. In any event, only the personal data that is strictly required to provide the requested services is processed.

  8. Cookies, analysis and tracing systems, social media plug ins, external links and the use of videos on You Tube

    1. Cookies are small bundles of data, a kind of ID tag, which your device exchanges with our server when you surf our website. The information stored in cookies makes it easier and more efficient to use the website. Cookies are saved automatically on your device via your internet browser and make it possible to trace your choices and your settings, so that each time you visit the website again in the future, the experience is more efficient. Your browser settings control cookies and can even be set to block them. You can also partially or totally delete cookies and be informed when a system is trying to exchange cookies. Please note that your navigation experience will be adversely affected without cookies and some services might not work properly or not at all.
    2. Our website has a tracing system, which allows us to collect all the necessary information for the management and implementation of the website. Cookies are used in this case as well, including for the tracing offered by third parties, such as for example Google Analytics (see comprehensive list).
    3. In order to allow our Customers a choice in how to stay in contact with the Company, we also communicate via social media. Our website is fitted with plugins, which allow users to activate communications with their chosen social media. Only then, at the express request of the Customer, will there be an exchange of data to use the relevant social media outlet.
    4. Our website offers links to external websites that are of help in the provision of our services. The Company does not constantly monitor said websites, hence we invite you to read their terms and conditions relating to personal data protection before using them. The Company will not be held liable for the content of said website or for their implementation of personal data protection. In any event, unless expressly instructed otherwise, the Company shall not provide said websites with personal data.

    NAME

    DOMAIN

    DURATION

    MUID

    .bing.com

    13 months

    IDE

    .doubleclick.net

    13 months

    wd

    .facebook.com

    7 days

    reg_fb_gate

    .facebook.com

    At the end of the session

    sb

    .facebook.com

    2 years

    datr

    .facebook.com

    2 years

    reg_fb_ref

    .facebook.com

    At the end of the session

    fr

    .facebook.com

    3 months

    SAPISID

    .google.com

    2 years

    CONSENT

    .google.com

    20 years

    SID

    .google.com

    2 years

    NID

    .google.com

    6 months

    SSID

    .google.com

    2 years

    1P_JAR

    .google.com

    1 mese

    HSID

    .google.com

    2 years

    SIDCC

    .google.com

    4 months

    S

    .google.com

    At the end of the session

    AID

    .google.com

    2 years

    APISID

    .google.com

    2 years

    __cfduid

    .tawk.to

    1 anno

    pt_3a455f86

    .wevillas.com

    3 years

    _gid

    .wevillas.com

    1 giorno

    pt_s_3a455f86

    .wevillas.com

    At the end of the session

    __tawkuuid

    .wevillas.com

    6 months

    _ga

    .wevillas.com

    2 years

    home-search

    .wevillas.com

    At the end of the session

    cluster017

    .wevillas.com

    At the end of the session

    popup-1524

    .wevillas.com

    At the end of the session

    cluster017BAK

    .wevillas.com

    At the end of the session

    PHPSESSID

    .wevillas.com

    At the end of the session

    TawkConnectionTime

    .wevillas.com

    At the end of the session

  9. Minors

    Our Company does not collect or process the personal data of minors. However, given that we do not systematically collect personal data other than on the terms set out in this privacy statement and in accordance with law, we are not able to identify for example, the effective age of website visitors. If you believe that a minor in your care has provided us with their personal data without your consent, please inform us without delay in order to avoid that said minor receives our promotional messages, for example. Our personnel will then take the necessary action.

  10. General provisions

    Please note that the transmission of communications, documents and other information via e-mail is considered to be less reliable, safe and confidential than via letter or fax. We use modern technology to combat viruses and spam. We however recommend that customers use adequate antivirus protection and we cannot be held liable for any damage incurred via e-mail or the loss of e-mails. We reserve the right to reject e-mails with potentially dangerous attachments.

  11. Exclusively informational purpose, exclusion of liability, comments and feedback

    1. The sole purpose of the Site is to provide useful information to those persons who are interested in it. Under no circumstances whatsoever may the Site and/or the content of same and/or any references, links and cross-references constitute a binding offer, an invitation to tender and/or professional consultancy of any type. Under no circumstances may any Site content be construed as consultancy of any type or as a professional service. Under no circumstances whatsoever is CDL SWISS Sagl bound by the Site content, the links contained therein, all information and/or audio-visual document vis-à-vis users and/or third parties.
    2. To the maximum extent contemplated by applicable law, CDL SWISS Sagl declines any and all liability for any direct or consequential damage, loss of data, adverse financial effect, intangible losses and any and all other possible harm of any type, caused by the Site to individuals browsing and/or to third parties, with regard to the use of same, the information contained therein, availability or otherwise of the Site, any information and/or reference to it. Usage of the Sites is at the User's own risk.
    3. The above is also applicable to any comments, reviews and/or feedback left by other users or third parties.

  12. Amendments to this privacy statement

    The Company is entitled to update this privacy statement in order to provide adequate protection and compliance with law. For that reason, in particular in the event of changes to legislations, this privacy statement may be subject to review and amended.

    Please do not hesitate to contact us if you have any doubts or queries regarding the scope of this privacy statement.

  13. Misunderstanding and discrepancies in interpretation

    In the event of any miscomprehension or discrepancy between the Italian version of this privacy statement and versions in other languages, the Italian version shall prevail.

 

December 2021 Revision