Below you will find our information on data protection. We ask you to read through it carefully, as we want you to know what happens to your data with us.
Every person is entitled to protection of their privacy as well as protection against misuse of their personal data (Art. 13 BV, Federal Act on Data Protection (CH)). MORYAK strictly complies with these provisions. It doesn't matter to us whether you live in Switzerland, the EU or anywhere else in the world: The protection of your data has special priority for us. Therefore, even though we are based in Switzerland, we comply with the EU Data Protection Regulation (DSGVO) 2016/679.
This data protection information concerns data processing by:
Abbreviated to “MORYAK” in the following.
A data protection officer is not required in the present case, as fewer than 9 people are regularly involved in the processing of data as defined in Art. 4 of the GDPR.
2. Collection and storage of personal data as well as the manner and purpose of their use
2.1 When visiting our website
The server on which our website is hosted belongs to Hostpoint AG and is located in Switzerland. As with any connection to a web server, this server automatically logs and stores certain technical data in what is called a log file. The following information is automatically collected during this process and stored until it is automatically deleted:
- IP address of the requesting computer/device
- date and time of access
- name and URL of the file retrieved
- website from which the access is made (referrer URL)
- the browser used and, if applicable, your computer’s operating system and the name of your access provider.
To the extent that we process personal data during this process, we do so for the following purposes:
- to ensure the establishment of a trouble-free connection of the website
- to ensure that our website provides a convenient user experience
- to evaluate system security and stability, and
- for other administrative purposes
The legal basis for this is Art. 6(1)(1) f of the GDPR. Our legitimate interest derives from the purposes of data collection listed above. Under no circumstances do we use the data collected to draw conclusions about you as an individual.
We use fonts from Google LLC "Google" (Google Fonts) on our website. In order to integrate the fonts from Google Fonts into the website, your browser establishes a connection to the Google server. In the process, the IP address of your device is transmitted to Google. Google logs records of font file queries and protects this data from unauthorised access. Google analyses aggregated data in order to optimise Google Fonts and to identify which websites use Google Fonts. You can find more information on Google Fonts here: https://fonts.google.com. Information about how Google handles personal data can be found here.
2.2 When booking our services
When registering for our programmes via our booking form, you must first of all provide us with the following data:
- First name and surname
- Telephone number
- Email address
We also ask you to provide us with details of any second person with whom you would like to register for the programme in question. Of course, we assume that this person has informed us about your planned registration and agrees that you pass on their data to us. Please note that we cannot accept surprise registrations from third parties.
In order to be able to complete the registration, you must confirm that you have read our terms and conditions, that you can swim and that you meet the minimum requirements in terms of fitness, paddling experience, etc. specified in the program description. This information is mandatory as it is relevant to safety.
We will also ask you for your age or date of birth and – if you order paddling material from us – for your height, weight, clothing size, shoe size, etc. We need this information in order to put together the material you need in the correct sizes.
Also, we will ask you a few questions about your previous paddling experience, and
gather information about your fitness and other (sports-related) background. We need this data primarily to be able to better assess whether you are fit and experienced enough for the program you have chosen. This is common practice and contributes to safety on our tours.
On submitting your registration, we will receive your personal data directly by email. We then manually enter this data into our customer database in our accounting program bexio. This customer database is located on bexio's GDPR-compliant servers in Switzerland and meets the highest security standards.
We store our customer data for ten years, starting from your most recent customer activity. After this, we delete it. This deletion takes place once a year, at the end of the year. Exception: if claims against you are pending, proceedings are underway, or legal regulations force us to keep your data for longer, we reserve the right to keep your data for longer than ten years.
Shortly before the start of your booked program, we will send you the link to another online questionnaire, which we use to collect information about your state of health, certain fears (panic under water) and your personal fitness. When you send the questionnaire, your data will be sent to us automatically by email to an account intended only for this purpose, to which only the Moryak team has access. The email with your details will remain saved until the end of the program, after which we will delete it promptly. In addition, we do not store the data anywhere.
We also ask you to provide a contact person who we will only contact in an emergency affecting you. It is imperative that you ask this person for permission before we contact you. We never store the addresses of emergency contacts. With the deletion of the email with your details after the end of the program, this contact information will also be deleted.
Please note: Providing medical information is always voluntary, but is important to us because it gives us quick access to it in the event of an accident or medical emergency. This is common practice and contributes to safety on our tours.
Both the Paddling Experience Questionnaire and the Medical Questionnaire are online forms hosted on our website server located in Switzerland.
3. Group conversations by email
MORYAK will never disclose your email address, telephone number or other personal information to third parties, except in the following cases, and subject to your consent:
On the questionnaire sent to you following registration, you will be asked to tick whether you agree to us using your email address in group conversation with the other programme participants. Participation in these group conversations is entirely voluntary; we usually use them before the programme begins to clarify organisational details about travel, accommodation, etc., to answer questions about content, or to exchange other important information. Therefore, they are very useful for us and are usually also found to be very useful by the participants. However, before you make your choice, you should be aware that MORYAK has no control over what the other participants do with your email address.
If you give us your consent to use your email address in the group conversation, we will only share it with the other group participants and the guide team responsible, never with anyone else.
4. Photography, image rights, sharing photos
Before the start of each programme, we will ask you to give us your explicit consent, by ticking the box and signing the form,
- to be permitted to photograph you (e.g. out on the water or during group activities in camp etc.),
- to be allowed to share these photos with the other group participants after the end of the programme,
- To store photos of you in our photo database, whether taken by us or provided by other group participants,
- To be able to use pictures of you in which you may be recognisable, whether taken by us or provided to us by other group members, for our website and for promotional purposes,
- To use pictures of you on our Facebook page and on Instagram, regardless of whether they were taken by us or provided to us by other group participants.
MORYAK has no influence over whether other group participants take pictures of you, nor over what they do with these pictures.
MORYAK will never sell or transfer your data to third parties, except in the following cases, which are in accordance with Art. 6(1) of the GDPR:
- If, in accordance with Art. 6(1) (a) of the GDPR, you have given us your express permission;
- To protect your vital interests in accordance with Art. 6(1) (d) DSGVO of the GDPR (e.g. in the event of an accident);
- If, in accordance with Art. 6(1) (f) of the GDPR, it is necessary to pass on the data in order to assert, exercise, or defend of legal claims and there is no reason to assume that you have an overriding interest, which is worthy of protection, in the non-disclosure of your data;
- If, according to Art. 6(1) (c) of the GDPR, we are legally obliged to pass on the data;
- If, according to Art. 6(1) (b) of the GDPR, is necessary in order to handle contractual relationships and general organisational matters together with you (e.g. in the context of the implementation of a programme).
We send out an informative newsletter up to six times a year, which you will receive by email after you have voluntarily registered. The legal basis for processing the data is your consent, Art. 6 (1) (a) GDPR.
We use Swiss Newsletter, a service of mailXpert GmbH, Schulstrasse 37, 8050 Zurich, to send our newsletter. The Swiss Newsletter servers are located in Switzerland, data is not transferred abroad.
You can register for our newsletter via a separate registration form on our website. After registering for our newsletter, the data requested during the registration process (your e-mail address and your name) will be processed by mailXpert GmbH. In addition, your IP address and the date of your registration along with the time will be saved. According to the terms and conditions of mailXpert GmbH, we may include your address in our mailing list as long as we have an active business relationship with you – this means if you have received services from us within the last two years. Of course, you can object to this and unsubscribe from our newsletter at any time.
You can revoke your consent to the newsletter dispatch at any time with effect for the future in accordance with Art. 7 Para. 3 DSGVO. All you have to do is click on the unsubscribe link contained in every newsletter.
Even though our cookies are absolutely harmless, we want to make sure that you have been informed about them, and that you can decide what you will allow and what you will not.
You will find an automatically generated and updated list of cookies used by this website here. If you wish to delete one of the cookies we have put on your computer, or all of them, simply click on "Delete" or "Delete All Cookies".
We use the following analysis tools on our website:
At present, none.
In order to respect your privacy as much as we can, we have set our website settings to anonymise all requests to third party servers.