The responsible body in terms of data protection laws, in particular the EU General Data Protection Regulation (GDPR), is:
Impact Summit Gstaad Association
Phone: +41 33 748 63 36
In cooperation with our hosting providers, we make every effort to protect the databases as well as possible against unauthorized access, loss, misuse or falsification.
We would like to point out that data transmission on the Internet (e.g. communication by e-mail) can have security gaps. A complete protection of data against access by third parties is not possible.
By using this website, you consent to the collection, processing and use of data in accordance with the following description. This website can generally be visited without registration. Data such as pages accessed or names of files accessed, date and time are stored on the server for statistical purposes without this data being directly related to your person. Personal data, in particular name, address or e-mail address are collected as far as possible on a voluntary basis. No data will be passed on to third parties without your consent.
Processing of personal data
Personal data is any information that relates to a specific or identifiable person. A data subject is a person about whom personal data is processed. Processing includes any handling of personal data, regardless of the means and procedures used, in particular the storage, disclosure, acquisition, deletion, storage, modification, destruction and use of personal data.
We process personal data in accordance with Swiss data protection law. Furthermore, to the extent and insofar as the EU GDPR is applicable, we process personal data in accordance with the following legal bases in connection with Art. 6 (1) GDPR:
Consent (Art. 6 para. 1 p. 1 lit. a. GDPR) - The data subject has given his or her consent to the processing of personal data relating to him or her for a specific purpose or purposes.
Performance of a contract and pre-contractual requests (Art. 6 para. 1 p. 1 lit. b. GDPR) - Processing is necessary for the performance of a contract to which the data subject is party or for the performance of pre-contractual measures taken at the data subject's request.
Legal obligation (Art. 6 (1) p. 1 lit. c. GDPR) - Processing is necessary for compliance with a legal obligation to which the controller is subject.
Protection of vital interests (Art. 6 (1) p. 1 lit. d. GDPR) - Processing is necessary to protect the vital interests of the data subject or another natural person.
Legitimate interests (Art. 6 (1) p. 1 lit. f. GDPR) - Processing is necessary to protect the legitimate interests of the controller or a third party, unless such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require the protection of personal data.
Application procedure as a pre-contractual or contractual relationship (Art. 9 (2) (b) GDPR) - Insofar as special categories of personal data within the meaning of Art. 9 (1) GDPR (e.g. health data, such as severely disabled status or ethnic origin) are requested from applicants as part of the application procedure, so that the controller or the data subject can exercise his or her rights under labor law and social security and social protection law and fulfill his or her obligations in this regard, they are processed in accordance with Art. 9 (2) (b) GDPR. rights under employment law and social security and social protection law and to comply with his or her obligations in this regard, their processing is carried out in accordance with Art. 9(2)(b). GDPR, in case of protection of vital interests of the applicants or other persons according to Art. 9 para. 2 lit. c. GDPR or for the purposes of preventive health care or occupational medicine, for the assessment of the employee's ability to work, for medical diagnostics, care or treatment in the health or social sector or for the management of systems and services in the health or social sector pursuant to Art. 9 para. 2 lit. h. GDPR. In the case of a communication of special categories of data based on voluntary consent, their processing is based on Art. 9 para. 2 lit. a. GDPR.
We process personal data for the duration required for the respective purpose or purposes. In the case of longer-lasting retention obligations due to legal and other obligations to which we are subject, we restrict the processing accordingly.
Relevant legal basis
We take appropriate technical and organizational measures in accordance with the legal requirements, taking into account the state of the art, the implementation costs and the nature, scope, circumstances and purposes of the processing, as well as the different probabilities of occurrence and the extent of the threat to the rights and freedoms of natural persons, in order to ensure a level of protection appropriate to the risk.
The measures include, in particular, safeguarding the confidentiality, integrity and availability of data by controlling physical and electronic access to the data as well as access to, input of, disclosure of, assurance of availability of and segregation of the data. Furthermore, we have established procedures to ensure the exercise of data subjects' rights, the deletion of data, and responses to data compromise. Furthermore, we already take the protection of personal data into account during the development or selection of hardware, software as well as procedures in accordance with the principle of data protection, through technology design and through data protection-friendly default settings.
Transmission of personal data
In the course of our processing of personal data, it may happen that the data is transferred to or disclosed to other bodies, companies, legally independent organizational units or persons. Recipients of this data may include, for example, service providers commissioned with IT tasks or providers of services and content that are integrated into a website. In such cases, we comply with the legal requirements and, in particular, conclude appropriate contracts or agreements that serve to protect your data with the recipients of your data
Data processing in third countries
If we process data in a third country (i.e., outside the European Union (EU), the European Economic Area (EEA)) or the processing takes place in the context of the use of third-party services or the disclosure or transfer of data to other persons, entities or companies, this will only be done in accordance with legal requirements.
Subject to express consent or contractually or legally required transfer, we process data only in third countries with a recognized level of data protection, contractual obligation by so-called standard protection clauses of the EU Commission, in the presence of certifications or binding internal data protection regulations (Art. 44 to 49 GDPR, information page of the EU Commission: https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection_de).
The following cookie types and functions are distinguished:
Temporary cookies (also: session cookies): temporary cookies are deleted at the latest after a user has left an online offer and closed his browser.
Permanent cookies: Permanent cookies remain stored even after the browser is closed. For example, the login status can be saved or preferred content can be displayed directly when the user visits a website again. Likewise, the interests of users used for reach measurement or marketing purposes can be stored in such a cookie.
First-party cookies: First-party cookies are set by ourselves.
Third-party cookies (also: third-party cookies): Third-party cookies are mainly used by advertisers (so-called third parties) to process user information.
Necessary (also: essential or absolutely necessary) cookies: Cookies may be absolutely necessary for the operation of a website (e.g. to store logins or other user input or for security reasons).
Storage period: Unless we provide you with explicit information on the storage period of permanent cookies (e.g. in the context of a so-called cookie opt-in), please assume that the storage period can be up to two years.
Types of data processed: Usage data (e.g. websites visited, interest in content, access times), meta/communication data (e.g. device information, IP addresses).
Data subjects: Users (e.g., website visitors, users of online services).
Legal basis: Consent (Art. 6 para. 1 p. 1 lit. a. GDPR), Legitimate Interests (Art. 6 para. 1 p. 1 lit. f. GDPR).
Data transmission security (without SSL)
Please note that data transmitted over an open network such as the Internet or an e-mail service without SSL encryption can be viewed by anyone. You can recognize an unencrypted connection by the fact that the address line of the browser shows "http://" and no lock symbol is displayed in your browser line. Information transmitted over the Internet and content received online may be transmitted over third-party networks. We cannot guarantee the confidentiality of any communications or materials transmitted over such open or third-party networks.
If you disclose personally identifiable information over an open network or third-party networks, you should be aware that your information may be lost or potentially accessed by third parties and, as a result, the information may be collected and used without your consent. While in many cases the individual data packets are transmitted in encrypted form, the names of the sender and recipient are not. Even if the sender and the recipient reside in the same country, the data transfer via such networks often takes place without controls even via third countries, i.e. also via countries that do not offer the same level of data protection as your country of domicile. We assume no responsibility for the security of your data during transmission over the Internet and disclaim any liability for direct or indirect losses. We ask you to use other means of communication should you consider this necessary or reasonable for security reasons.
Despite extensive technical and organizational security precautions, it is possible that data may be lost or intercepted and/or manipulated by unauthorized persons. As far as possible, we take appropriate technical and organizational security measures to prevent this within our system. However, your computer is outside the security perimeter under our control. It is your responsibility as a user to inform yourself about the necessary security precautions and to take appropriate measures in this regard. As the website operator, we are in no way liable for any damage that you may suffer as a result of data loss or manipulation.
Data that you enter in online forms may be passed on to third parties for the purpose of order processing and may be viewed and possibly processed by them.
The provider of this website automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:
browser type and browser version
Operating system used
Host name of the accessing computer
Time of the server request
This data cannot be assigned to specific persons. This data is not merged with other data sources. We reserve the right to check this data retrospectively if we become aware of specific indications of illegal use.
Third party services
This website may use Google Maps for embedding maps, Google Invisible reCAPTCHA for protection against bots and spam, and YouTube for embedding videos.
Google has undertaken to ensure adequate data protection in accordance with the US-European and the US-Swiss Privacy Shield.
If you send us inquiries via the contact form, your data from the inquiry form, including the contact data you provided there, will be stored by us for the purpose of processing the inquiry and in case of follow-up questions. We do not pass on this data without your consent.
If you would like to receive the newsletter offered on this website, we require an e-mail address from you as well as information that allows us to verify that you are the owner of the specified e-mail address and agree to receive the newsletter. Further data will not be collected. We use this data exclusively for sending the requested information and do not pass it on to third parties.
You can revoke your consent to the storage of the data, the e-mail address and their use for sending the newsletter at any time, for example via the "unsubscribe link" in the newsletter.
For the comment function on this website, in addition to your comment, information on the time of creation of the comment, your e-mail address and, if you do not post anonymously, the username you have chosen will be stored.
Storage of the IP address
Our comment function stores the IP addresses of users who post comments. Since we do not check comments on our site before they are activated, we need this data to be able to take action against the author in the event of legal violations such as insults or propaganda.
Subscribing to comments
As a user of the site, you can subscribe to comments after registering. You will receive a confirmation email to verify that you are the owner of the email address provided. You can unsubscribe from this function at any time via a link in the info emails.
Rights of data subjects
Right to confirmation
Every data subject has the right to request confirmation from the website operator as to whether personal data concerning him or her are being processed. If you wish to exercise this right of confirmation, you may contact the data protection officer at any time.
Right of access
Every person affected by the processing of personal data has the right to receive information free of charge from the operator of this website at any time about the personal data stored about him or her and a copy of this information. Furthermore, information may be provided about the following, if applicable:
the purposes of processing
the categories of personal data processed
the recipients to whom the personal data have been or will be disclosed
if possible, the planned duration for which the personal data will be stored or, if this is not possible, the criteria for determining this duration
the existence of a right to obtain the rectification or erasure of personal data concerning him or her, or the restriction of processing by the controller, or a right to object to such processing
the existence of a right of appeal to a supervisory authority
if the personal data are not collected from the data subject: Any available information about the origin of the data.
Furthermore, the data subject has the right to be informed whether personal data have been transferred to a third country or to an international organization. If this is the case, the data subject also has the right to obtain information about the appropriate safeguards in connection with the transfer.
If you would like to exercise this right to information, you can contact our data protection officer at any time.
Right to rectification
Every person affected by the processing of personal data has the right to demand that inaccurate personal data concerning him or her be corrected without delay. Furthermore, the data subject has the right, taking into account the purposes of the processing, to request that incomplete personal data be completed, including by means of a supplementary declaration.
If you wish to exercise this right of rectification, you may contact our data protection officer at any time.
Right to erasure (right to be forgotten)
Any person affected by the processing of personal data has the right to demand from the controller of this website that the personal data concerning him or her be erased immediately, provided that one of the following reasons applies and insofar as the processing is not necessary:
The personal data have been collected or otherwise processed for such purposes for which they are no longer necessary.
The data subject revokes the consent on which the processing was based and there is no other legal basis for the processing
The data subject objects to the processing on grounds relating to his or her particular situation and there are no overriding legitimate grounds for the processing, or the data subject objects to the processing in the case of direct marketing and related profiling
The personal data have been processed unlawfully
The erasure of the personal data is necessary for compliance with a legal obligation under Union or Member State law to which the controller is subject
The personal data has been collected in relation to information society services provided directly to a child
If one of the above reasons applies and you wish to arrange for the deletion of personal data stored by theoperator of this website, you can contact our data protection officer at any time. The data protection officer of this website will arrange for the erasure request to be complied with immediately.
Right to restriction of processing
Any person concerned by the processing of personal data has the right to obtain from the controller of this website the restriction of processing if one of the following conditions is met:
The accuracy of the personal data is contested by the data subject, for a period enabling the controller to verify the accuracy of the personal data
The processing is unlawful, the data subject objects to the erasure of the personal data and requests instead the restriction of the use of the personal data
The controller no longer needs the personal data for the purposes of the processing, but the data subject needs it for the assertion, exercise or defense of legal claims
The data subject has objected to the processing on grounds relating to his or her particular situation, and it is not yet clear whether the legitimate interests of the controller override those of the data subject
If one of the aforementioned conditions is met, you can request the restriction of personal data stored by the operator of this website at any time by contacting our data protection officer. The data protection officer of this website will arrange the restriction of the processing.
Right to data portability
Every person affected by the processing of personal data has the right to receive the personal data concerning him or her in a structured, common and machine-readable format. He or she also has the right to have this data transferred to another controller if the legal requirements are met.
Furthermore, the data subject has the right to obtain that the personal data be transferred directly from one controller to another controller, insofar as this is technically feasible and insofar as this does not adversely affect the rights and freedoms of other persons.
In order to assert the right to data portability, you may at any time contact the data protection officer appointed by the operator of this website.
Right to object
Any person affected by the processing of personal data has the right to object at any time, on grounds relating to his or her particular situation, to the processing of personal data concerning him or her.
The operator of this website shall no longer process the personal data in the event of the objection, unless we can demonstrate compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject, or if the processing serves the purpose of asserting, exercising or defending legal claims.
To exercise the right to object, you may directly contact the Data Protection Officer of this website.
Right to revoke consent granted under data protection law
Every person affected by the processing of personal data has the right to revoke a given consent to the processing of personal data at any time.
If you wish to exercise your right to revoke consent, you may contact our data protection officer at any time.
Data protection declaration for objection advertising e-mails
We hereby object to the use of contact data published within the scope of the imprint obligation to send advertising and information material that has not been expressly requested. The operators of the pages expressly reserve the right to take legal action in the event of the unsolicited sending of advertising information, such as spam e-mails.
Use of Google Maps
This website uses the services of Google Maps. This enables us to display interactive maps directly on the website and allows you to use the map function conveniently. By visiting the website, Google receives the information that you have called up the corresponding sub-page of our website. This occurs regardless of whether Google provides a user account through which you are logged in or whether there is no user account. If you are logged in to Google, your data will be directly assigned to your account. If you do not want the assignment with your profile at Google, you must log out before activating the button. Google stores your data as usage profiles and uses them for the purposes of advertising, market research and/or demand-oriented design of its website. Such an evaluation is carried out in particular (even for users who are not logged in) to provide needs-based advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles, whereby you must contact Google to exercise this right. For more information on the purpose and scope of data collection and its processing by Google, in addition to further information on your rights in this regard and settings options for protecting your privacy, please visit: www.google.de/intl/de/policies/privacy.
Use of Google reCAPTCHA
We use "Google reCAPTCHA" (hereinafter "reCAPTCHA") on our websites. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, hereinafter "Google". The purpose of reCAPTCHA is to verify whether data entry on our websites (e.g. in a contact form) is made by a human or by an automated program. For this purpose, reCAPTCHA analyzes the behavior of the website visitor based on various characteristics. This analysis begins automatically as soon as the website visitor enters the website. For the analysis, reCAPTCHA evaluates various information (e.g. IP address, time spent by the website visitor on the website or mouse movements made by the user). The data collected during the analysis is forwarded to Google. The reCAPTCHA analyses run entirely in the background. Website visitors are not made aware that an analysis is taking place.
This website uses Google Analytics, a web analytics service provided by Google Ireland Limited. If the data controller on this website is located outside the European Economic Area or Switzerland, then Google Analytics data processing is carried out by Google LLC. Google LLC and Google Ireland Limited are hereinafter referred to as "Google".
The statistics obtained enable us to improve our offer and make it more interesting for you as a user. This website also uses Google Analytics for a cross-device analysis of visitor flows, which is carried out via a user ID. If you have a Google user account, you can deactivate the cross-device analysis of your usage in the settings there under "My data", "Personal data".
The legal basis for the use of Google Analytics is Art. 6 para. 1 p. 1 lit. f DS-GVO. The IP address transmitted by your browser as part of Google Analytics will not be merged with other data from Google. We would like to point out that on this website Google Analytics has been extended by the code "_anonymizeIp();" to ensure anonymized collection of IP addresses. This means that IP addresses are processed in abbreviated form, which means that they cannot be linked to a specific person. If the data collected about you is related to a person, this is immediately excluded and the personal data is deleted immediately.
Only in exceptional cases will the full IP address be transferred to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage to the website operator.
In addition, you can also prevent the use of Google Analytics by clicking on this link: Disable Google Analytics. This will save a so-called opt-out cookie on your data carrier, which prevents the processing of personal data by Google Analytics. Please note that if you delete all cookies on your terminal device, these opt-out cookies will also be deleted, i.e. you will have to set the opt-out cookies again if you wish to continue to prevent this form of data collection. The opt-out cookies are set per browser and computer/end device and must therefore be activated separately for each browser, computer or other end device.
This website uses functions of Facebook Inc, 1601 S. California Ave, Palo Alto, CA 94304, USA . When calling up our pages with Facebook plug-ins, a connection is established between your browser and the Facebook servers. In the process, data is already transmitted to Facebook. If you have a Facebook account, this data can be linked to it. If you do not want this data to be associated with your Facebook account, please log out of Facebook before visiting our site. Interactions, in particular the use of a comment function or the clicking of a "Like" or "Share" button are also passed on to Facebook. You can learn more at https://de-de.facebook.com/about/privacy.
On our website, functions of the service Instagram are integrated. These functions are offered by Instagram Inc, 1601 Willow Road, Menlo Park, CA, 94025, USA integrated. If you are logged into your Instagram account, you can link the content of our pages to your Instagram profile by clicking on the Instagram button. This allows Instagram to associate the visit to our pages with your user account. We would like to point out that we, as the provider of the pages, have no knowledge of the content of the transmitted data or its use by Instagram.
We use the marketing services of the social network LinkedIn of LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland ("LinkedIn") within our online offer.
For example, information on the operating system, the browser, the website you previously visited (referrer URL), which websites the user visited, which offers the user clicked on, and the date and time of your visit to our website is collected.
The information generated by the cookie about your use of this website is transferred pseudonymously to a LinkedIn server in the USA and stored there. LinkedIn therefore does not store the name or email address of the respective user. Rather, the above-mentioned data is only assigned to the person for whom the cookie was generated. This does not apply if the user has allowed LinkedIn to process without pseudonymization or has a LinkedIn account.
We use LinkedIn Analytics to analyze and regularly improve the use of our website. The statistics obtained allow us to improve our offer and make it more interesting for you as a user. All LinkedIn companies have adopted the standard contractual clauses to ensure that the data traffic to the USA and Singapore necessary for the development, implementation and maintenance of the services takes place in a lawful manner. If we ask users for consent, the legal basis for processing is Art. 6 (1) lit. a GDPR. Otherwise, the legal basis for the use of LinkedIn Analytics is Art. 6 para. 1 p. 1 lit. f GDPR.
Newsletter - Mailchimp
The dispatch service provider may use the data of the recipients in pseudonymous form, i.e. without assignment to a user, to optimize or improve its own services, e.g. to technically optimize the dispatch and presentation of the newsletters or for statistical purposes. However, the dispatch service provider does not use the data of our newsletter recipients to write to them itself or to pass the data on to third parties.
Functions of the "YouTube" service are integrated on this website. "YouTube" is owned by Google Ireland Limited, a company incorporated and operated under the laws of Ireland with its registered office at Gordon House, Barrow Street, Dublin 4, Ireland, which operates the services in the European Economic Area and Switzerland.
Provision of our services according to statutes
We process the data of our members, supporters, interested parties, customers or other persons in accordance with the data protection regulations of the federal government (Data Protection Act, DSG) and the EU-GDPR in accordance with Art. 6 para. 1 lit. b. GDPR, insofar as we offer contractual services to them or act within the scope of existing business relationships, e.g. vis-à-vis members, or are ourselves recipients of services and benefits. Otherwise, we process the data of data subjects pursuant to Art. 6 para. 1 lit. f. GDPR on the basis of our legitimate interests, e.g. when administrative tasks or public relations are involved.
The data processed in this context, the type, scope and purpose and the necessity of their processing are determined by the underlying contractual relationship. In principle, this includes inventory and master data of persons (e.g., name, address, etc.), as well as contact data (e.g., e-mail address, telephone, etc.), contract data (e.g., services used, content and information provided, names of contact persons) and, if we offer payable services or products, payment data (e.g., bank details, payment history, etc.).
We delete data that is no longer required for the provision of the statutory purposes. This is determined according to the respective tasks and contractual relationships. In the case of business processing, we retain the data for as long as they may be relevant to the business transaction, as well as with regard to any warranty or liability obligations. The necessity of retaining the data is reviewed at irregular intervals. In all other respects, the statutory retention obligations apply.
The copyright and all other rights to the content, images, photos or other files on the website belong exclusively to the operator of this website or the specifically named rights holders. For the reproduction of any files, the written consent of the copyright holder must be obtained in advance.
Anyone who commits a copyright infringement without the consent of the respective copyright holder may be liable to prosecution and possibly to damages.
All information on our website has been carefully checked. We make every effort to ensure that the information we provide is up-to-date, correct and complete. Nevertheless, the occurrence of errors cannot be completely ruled out, which means that we cannot guarantee the completeness, correctness and up-to-dateness of information, including journalistic and editorial information. Liability claims regarding damage caused by the use of any information provided, including any kind of information which is incomplete or incorrect, will therefore be rejected.
The publisher may change or delete texts at his own discretion and without notice and is not obliged to update any contents of this website. The use of or access to this website is at the visitor's own risk. The publisher, its clients or partners are not responsible for damages, such as direct, indirect, incidental, consequential or punitive damages, allegedly caused by the visit of this website and consequently assume no liability for such damages.
The publisher also accepts no responsibility or liability for the content and availability of third-party websites that can be accessed via external links on this website. The operators of the linked sites are solely responsible for their content. The publisher thus expressly distances itself from all third-party content that may be relevant under criminal or liability law or that may be contrary to public morality.
We can adapt this data protection declaration at any time without prior notice. The current version published on our website shall apply. Insofar as the data protection declaration is part of an agreement with you, we will inform you of the change by e-mail or other suitable means in the event of an update.
Questions to the data protection officer