Data protection declaration

It is important to us to explain to you trans­par­ently what happens to your data on this website. Please read the following privacy policy:

In this privacy policy, we, Pierre and Esther Mischler
(here­in­after referred to as we or us), explain how we collect and other­wise process personal data. This is not an exhaustive descrip­tion; other data protec­tion declar­a­tions [or general terms and condi­tions, condi­tions of parti­cip­a­tion and similar docu­ments] may regu­late specific matters. Personal data refers to all inform­a­tion relating to an iden­ti­fied or iden­ti­fi­able person.

If you provide us with personal data of other persons (e.g. family members, data of work colleagues), please ensure that these persons are aware of this privacy policy and only provide us with their personal data if you are author­ised to do so and if this personal data is correct.

This Privacy Policy is designed to meet the require­ments of the EU General Data Protec­tion Regu­la­tion ("GDPR"), the Swiss Data Protec­tion Act ("DPA") and the revised Swiss Data Protec­tion Act ("revDSG"). However, whether and to what extent these laws are applic­able depends on the indi­vidual case.

1. Controller / Data protec­tion officer / repres­ent­ative

The controller does not have a data protec­tion officer pursuant to Art. 37 GDPR:

Pierre & Esther Mischler are respons­ible for the data processing described here. If you have any data protec­tion concerns, you can send them to us at the following contact address Pierre & Esther Mischler, 371 Dalabyggð, Iceland / info@­mys­tic­lightlodge.com

2. Collec­tion and processing of personal data

We primarily process the personal data that we receive from our customers and other busi­ness part­ners as part of our busi­ness rela­tion­ship with them and other persons involved or that we collect from their users when oper­ating our websites, apps and other applic­a­tions.

Insofar as this is permitted, we also obtain certain data from publicly access­ible sources (e.g. press, Internet), from author­ities and other third parties. In addi­tion to the data that you provide to us directly, the categories of personal data that we receive about you from third parties include, in partic­ular, inform­a­tion from public registers, inform­a­tion that we learn in connec­tion with offi­cial and legal proceed­ings, inform­a­tion in connec­tion with your profes­sional func­tions and activ­ities (so that we can, for example to conclude and process trans­ac­tions with your employer with your help), inform­a­tion about you in corres­pond­ence and meet­ings with third parties, cred­it­wor­thi­ness inform­a­tion (insofar as we conduct busi­ness with you person­ally), inform­a­tion from banks, insur­ance companies, sales and other contrac­tual part­ners of ours on the util­isa­tion or provi­sion of services by you (e.g. payments made, purchases made, etc.). e.g. payments made, purchases made), inform­a­tion about you from the media and the internet (if this is appro­priate in a specific case, e.g. as part of an applic­a­tion, press review, marketing/sales, etc.), your addresses and, if applic­able, interests and other socio-demo­graphic data (for marketing), data in connec­tion with the use of the website (e.g. IP address, MAC address of the smart­phone or computer, inform­a­tion about your device and settings, cookies, date and time of the visit, pages and content accessed, func­tions used, refer­ring website, loca­tion data).

3. Purposes of data processing and legal basis

We use the personal data we collect primarily to conclude and process our contracts with our customers and busi­ness part­ners, in partic­ular in the context of the produc­tion and distri­bu­tion of medi­ation projects and the promo­tion of aesthetic educa­tion in the context of the performing arts with our customers and the purchase of products and services from our suppliers and subcon­tractors, as well as to fulfil our legal oblig­a­tions at home and abroad. If you work for such a customer or busi­ness partner, your personal data may of course also be affected in this func­tion.

In addi­tion, we also process personal data of you and other persons, where permitted and where we deem it appro­priate, for the following purposes in which we (and some­times third parties) have a legit­imate interest corres­ponding to the purpose:

  • Offering and further devel­oping our products, services and websites, apps and other plat­forms on which we are present;
  • Commu­nic­a­tion with third parties and processing their enquiries (e.g. job applic­a­tions, media enquiries)
  • Advert­ising and marketing (including the organ­isa­tion of events), provided you have not objected to the use of your data (if we send you advert­ising as an existing customer, you can object to this at any time and we will then place you on a black­list against further advert­ising mail­ings);
  • Asser­tion of legal claims and defence in connec­tion with legal disputes and offi­cial proceed­ings;
  • Preven­tion and invest­ig­a­tion of crim­inal offences and other miscon­duct (e.g. conducting internal invest­ig­a­tions, data analyses to combat fraud);
  • Ensuring our oper­a­tions, in partic­ular IT, our websites, apps and other plat­forms;

If you have given us your consent to process your personal data for specific purposes (e.g. when you register to receive news­let­ters), we will process your personal data within the scope of and based on this consent, unless we have another legal basis and require one. Consent that has been granted can be revoked at any time, but this has no effect on data processing that has already taken place.

4. Cookies / tracking and other tech­no­lo­gies in connec­tion with the use of our website

Cookies and tracking tech­no­lo­gies:

We typic­ally use "cookies" and similar tech­no­lo­gies on our websites to identify your browser or device. A cookie is a small file that is sent to your computer or auto­mat­ic­ally stored on your computer or mobile device by the web browser you use when you visit our website. This enables us to recog­nise you when you return to this website, even if we do not know who you are. In addi­tion to cookies that are only used during a session and are deleted after your visit to the website ("session cookies"), cookies can also be used to store user settings and other inform­a­tion for a certain period of time (e.g. two years) ("permanent cookies"). However, you can set your browser so that it rejects cookies, only saves them for one session or other­wise deletes them prema­turely. Most browsers are preset to accept cookies.

We use permanent cookies, including the "PHP session ID", which every web server uses and is neces­sary for the website to func­tion, and the "htac­cess check". This cookie is neces­sary for our content manage­ment system (CMS) to func­tion. If you block cookies, certain func­tion­al­ities (such as language selec­tion) may no longer work. 

By using our websites and agreeing to receive news­let­ters and other marketing e-mails, you consent to the use of these tech­no­lo­gies. If you do not want this, you must set your browser or e-mail programme accord­ingly.

Social media plug-ins:

We also use so-called plug-ins from social networks such as Face­book and Instagram on our websites. This is visible to you in each case (typic­ally via corres­ponding icons). We have configured these elements so that they are deac­tiv­ated by default. If you activate them (by clicking on them), the oper­ators of the respective social networks can register that you are on our website and where and can use this inform­a­tion for their purposes. The processing of your personal data is then the respons­ib­ility of this oper­ator in accord­ance with its data protec­tion provi­sions. We do not receive any inform­a­tion about you from them.

5. Data disclosure and data transfer abroad

As part of our busi­ness activ­ities and for the purposes set out in section 3, we also disclose data to third parties, where permitted and where we deem it appro­priate, either because they process it for us or because they wish to use it for their own purposes. This applies in partic­ular to the following parties:

  • Service providers of ours (external, such as banks, insur­ance companies), including contract processors (such as IT providers);
  • Dealers, suppliers, subcon­tractors and other busi­ness part­ners;
  • customers;
  • domestic and foreign author­ities, offi­cial bodies or courts;
  • media;
  • the public, including visitors to websites and social media;
  • compet­itors, industry organ­isa­tions, asso­ci­ations, organ­isa­tions and other bodies;
  • other parties in poten­tial or actual legal proceed­ings; all joint recip­i­ents

These recip­i­ents are partly domestic, but can be anywhere in the world. In partic­ular, you should expect your data to be trans­ferred to all coun­tries in which Verein Voveure National is repres­ented (Switzer­land) as well as to other coun­tries in Europe and the USA where the service providers we use are located (such as Host­point, Tally, Dropbox, Notion, Google, Face­book, Instagram).

If a recip­ient is located in a country without adequate stat­utory data protec­tion, we contrac­tu­ally oblige the recip­ient to comply with the applic­able data protec­tion regu­la­tions (we use the revised standard contrac­tual clauses of the European Commis­sion, which are avail­able here: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?), unless the recip­ient is already subject to a legally recog­nised set of rules to ensure data protec­tion and we cannot rely on an exemp­tion clause. An excep­tion may apply in partic­ular in the case of legal proceed­ings abroad, but also in cases of over­riding public interests or if the fulfil­ment of a contract requires such disclosure, if you have given your consent or if the data in ques­tion has been made gener­ally access­ible by you and you have not objected to its processing.

6. Dura­tion of storage of personal data

We process and store your personal data for as long as it is neces­sary to fulfill our contrac­tual and legal oblig­a­tions or for other purposes pursued by the processing, i.e. for example for the dura­tion of the entire busi­ness rela­tion­ship (from initi­ation, processing to termin­a­tion of a contract) as well as in accord­ance with the legal reten­tion and docu­ment­a­tion oblig­a­tions. It is possible that personal data will be retained for the period in which claims can be asserted against our company and to the extent that we are other­wise legally obliged to do so or legit­imate busi­ness interests require this (e.g. for evid­en­tiary and docu­ment­a­tion purposes). As soon as your personal data is no longer required for the purposes mentioned above, it will gener­ally be deleted or anonym­ized as far as possible. For oper­a­tional data (e.g. system proto­cols, logs), shorter reten­tion periods of twelve months or less apply.

7. Data security

We take appro­priate tech­nical and organ­iz­a­tional security precau­tions to protect your personal data from unau­thor­ized access and misuse, such as issuing instruc­tions, IT and network security solu­tions, access controls and restric­tions, controls.

8. Oblig­a­tion to provide personal data

As part of our busi­ness rela­tion­ship, you must provide the personal data that is neces­sary for the estab­lish­ment and imple­ment­a­tion of a busi­ness rela­tion­ship and the fulfill­ment of the asso­ci­ated contrac­tual oblig­a­tions (you gener­ally do not have a legal oblig­a­tion to provide us with data). Without this data, we will gener­ally not be able to enter into or process a contract with you (or the entity or person you represent). The website cannot be used if certain inform­a­tion to ensure data traffic (such as IP address) is not disclosed.

9. Rights of the data subject

Within the frame­work of the data protec­tion law applic­able to you and to the extent provided for therein (such as in the case of the GDPR), you have the right to inform­a­tion, correc­tion, dele­tion, the right to restrict data processing and other­wise to object to our data processing, as well as to the release of certain personal data for the purpose of transfer to another loca­tion (so-called data port­ab­ility). Please note, however, that we reserve the right to enforce the restric­tions provided for by law, for example if we are obliged to store or process certain data, have an over­riding interest in doing so (to the extent that we are entitled to rely on this) or use them for the asser­tion of require­ments. If you incur any costs, we will inform you in advance. We have already provided inform­a­tion about the possib­ility of revoking your consent in Section 3. Please note that exer­cising these rights may conflict with contrac­tual agree­ments and this may have consequences such as early termin­a­tion of the contract or cost consequences. We will inform you in advance if this is not already contrac­tu­ally stip­u­lated.

The exer­cise of such rights gener­ally requires that you provide clear proof of your iden­tity (e.g. by providing a copy of your ID, where your iden­tity is other­wise not clear or cannot be veri­fied). To assert your rights, you can contact us at the address given in Section 1.

Every data subject also has the right to enforce their claims in court or to file a complaint with the respons­ible data protec­tion authority. The respons­ible data protec­tion authority in Switzer­land is the Federal Data Protec­tion and Inform­a­tion Commis­sioner (http://www.edoeb.admin.ch).

10. Changes

We may amend this privacy policy at any time without prior notice. The current version published on our website applies. To the extent that the Privacy Policy is part of an agree­ment with you, in the event of an update, we will inform you of the change by email or other appro­priate means.