Privacy Protection

Privacy Policy


Virtual City Tours GmbH
Wängibadstrasse 6
8914 Aeugst am Albis



With this data protection declaration we inform you about the processing of personal data in the context of the use of our Internet pages. The abbreviation GDPR stands for EU General Data Protection Regulation and refers to persons in the EU who visit our site (hereinafter referred to as "persons from the EU"). The abbreviation FADP stands for Federal Act on Data Protection and refers to persons in Switzerland who visit our website (hereinafter "persons from Switzerland").


Name and Address of the Controller 

Responsible in the sense of the data protection legislation and other regulations with data protection character is the:

Virtual City Tours GmbH
Wängibadstrasse 6
8914 Aeugst am Albis


Our Data Protection Officer

We have appointed a data protection officer in our company. You can reach him or her at the following contact details:

Legal Tech SPOC UG (limited liability)
– Data Protection Officer –
Stormarnstrasse 47
22844 Norderstedt


EU Representative 

Legal Tech SPOC UG (limited liability)
– Data Protection Officer –
Stormarnstrasse 47
22844 Norderstedt


General Rights 

Right to Information 

In accordance with Art. 8 FADP / Art. 15 GDPR, you have the right to request confirmation from us as to whether personal data relating to you is being processed by us. If this is the case, you have the right to be informed about this personal data and to receive further information as mentioned in Art. 8 FADP / Art. 15 GDPR.


Right to Rectification 

In accordance with Art. 5 FADP / Art. 16 GDPR, you have the right to demand that we immediately correct any incorrect personal data that concerns you. Taking into account the purposes of the processing, you also have the right to request the completion of incomplete personal data - also by means of a supplementary declaration.


Right of Cancellation 

EU citizens have the right to ask us to delete personal data concerning them immediately. We are obliged to delete personal data without delay, provided that the relevant requirements of Art. 17 GDPR are met. For details, please refer to Art. 17 GDPR. Persons from Switzerland also have the possibility to demand the deletion of data in the cases provided for by law, for example if data is no longer necessary / required or if the consent for processing has been revoked. 


Right to Restrict Processing

In accordance with Article 18 of the GDPR, persons from the EU have the right, under certain conditions, to request us to restrict the processing of your personal data. This right can be exercised if

. the accuracy of the data in question is disputed;
. you object to the deletion of the data;
. the data are no longer needed for the original purpose but cannot yet be deleted for legal reasons;
. the decision on your objection to the processing is pending.

"Restriction" means that your personal data may be processed, with the exception of storage, only with your consent or for the purpose of exercising or defending legal claims or protecting the rights of another natural or legal person or for reasons of substantial public interest. You must be informed before the restriction is lifted.


Right to Data Transferability

According to Art. 20 GDPR, persons from the EU have the right to receive the personal data concerning them which they have provided to us in a structured, common and machine-readable format and they have the right to transfer this data to another responsible person without hindrance from us, provided that the processing is based on consent pursuant to Article 6 paragraph 1 letter a GDPR or Article 9 paragraph 2 letter a GDPR or on a contract pursuant to Article 6 paragraph 1 letter b GDPR and the processing is carried out using automated procedures.


Right of Objection 

According to Art. 21 GDPR, persons from the EU have the right to object to the processing of personal data relating to them which has been carried out on the basis of Art. 6 para. 1 lit. e or lit. f D GDPR; this also applies to profiling based on these provisions.

If we process your personal data for the purpose of direct marketing, you have the right to object at any time to the processing of personal data concerning you for the purpose of such marketing, including profiling, insofar as it is connected with such direct marketing.

If you wish to exercise a right to which you are entitled, please contact us as data controller at the contact details above given or use one of the other methods we offer to send your message. 

If you have any questions about your rights, please contact us.


Right of Appeal Supervisory Authority

Under Art. 77 GDPR, persons from the EU have the right to lodge a complaint with the supervisory authority, without prejudice to other administrative or judicial remedies. This right exists in particular in the Member State in which they are resident, in their place of work or in the place where the infringement is suspected if they consider that the processing of personal data concerning them is contrary to the GDPR.

Persons from Switzerland may avail themselves of the legal remedies provided for in Art. 15 / 25 / 27 / 29 FADP.


General Functionalities 

Server Log Files

When you call up our website, the company commissioned by us to operate the website processes and stores not only technical information on the terminal device used by you (operating system, screen resolution and other, non-personal features) and the browser (version, language settings), but in particular the public IP address of the computer with which you visit our website, including the date and time of access. The IP address is a unique numerical address under which your terminal device sends or retrieves data to the Internet. As a rule, we or our service provider do not know who is behind an IP address unless you provide us with data that enables us to identify you while you are using our website. Furthermore, a user may be identified if legal action is taken against him/her (e.g. in the event of attacks against our website) and we obtain knowledge of his/her identity during the course of the investigation. As a rule, therefore, you do not need to worry that we can assign your IP address to you.

Our service provider uses the processed data in a non-personalised manner for statistical purposes so that we can trace which end devices are used with which settings for visiting our website and, if necessary, optimise them for this purpose. These statistics contain no personal data. The basis for the compilation of the statistics is our interest in the improvement and economic operation of our business (legal basis: Art. 6 para. 1 lit. f GDPR or Art. 13 para. 1 FADP).

The IP address is further used so that you can technically access and use our website and to detect and defend against attacks against our service provider or our website. Unfortunately, there are always attacks to cause damage to the operators of websites or their users (e.g. preventing access, spying on data, spreading malware (e.g. viruses) or other illegal purposes). Such attacks would impair the proper functioning of the computer centre of the company commissioned by us, the use of our website or its functionality and the security of visitors to our website. The processing of the IP address, including the time of access, is carried out to defend against such attacks. Through our service provider, we pursue with this processing the legitimate interest to ensure the functionality of our website and to fend off illegal attacks against us and the visitors of our website. The basis for the processing is the improvement and economic operation of our business (legal basis: Art. 6 para. 1 lit. f D GDPR or Art. 13 para. 1 FADP).

The stored IP data is deleted (by anonymisation) when it is no longer required for the detection or defence of an attack.



We use cookies and comparable technologies (local storage) for the operation of our website, to ensure the technical functioning of our website, to understand how visitors use our website and to store preferences that a user has made in his/her browser. 

A cookie is a small text file that is stored on your terminal device when your browser calls up our website. If you call up our website later again, we can read out these cookies again. Cookies are stored for different lengths of time. You can set your browser to accept cookies at any time, but this may mean that our website no longer functions properly. You can also delete cookies independently at any time. If you don’t do this, we can specify when saving, how long a cookie should be saved on your computer. A distinction is made here between so-called session cookies and permanent cookies. Session cookies are deleted by your browser when you leave our website or exit the browser. Persistent cookies are saved for the duration of the time we specify when saving them.

We use cookies for the following purposes:

. Technically required cookies, which are mandatory for the use of the functions of our website (e.g. recognition of whether you have logged in). Without these cookies, certain functions could not be provided.
. Functional cookies, which are used to technically perform certain functions that you want to use.
. Analysis cookies, which are used to analyse your user behaviour.
. Cookies from third parties. Third-party cookies are stored by third parties whose functions we integrate into our website to enable certain functions. They can also be used to analyse user behaviour.

Most of the browsers used by our users allow you to set which cookies are to be stored and enable you to delete (certain) cookies. If you restrict the storage of cookies to certain websites or do not allow cookies from third party websites, this may under certain circumstances mean that our website can no longer be used to its full extent. Here you can find information on how to adjust the cookie settings for the most common browsers:

. Google Chrome (

. Internet Explorer (

. Microsoft Edge (

. Firefox (

. Safari Mobile (

. Safari Mac (


Contact Form 

If you send us a message using one of the contact options offered, we will use the data you provide us with to process your request. The basis for this is our justified interest in answering your request (legal basis: Art. 6 Para. 1 lit. f GDPR or Art. 13 Para. 1 FADP). If your enquiry serves the purpose of concluding a contract with us, a further basis for processing is the fulfilment of this contract (legal basis: Art. 6 para. 1 lit. b GDPR or Art. 13 para. 2 lit. a FADP). The data will be deleted after your request has been dealt with. If we are legally obliged to store the data for a longer period of time, the data will be deleted after expiry of the corresponding period.


Transfer of Data to Third Parties 

As a matter of principle, we do not pass on the personal data provided to us to third parties, i.e. in particular not to third parties for advertising purposes.

However, we work together with third parties for the operation of this website or for the provision of products / services. It may happen that such third parties become aware of personal data. We select our service providers carefully - especially with regard to data protection and data security - and take all measures required by data protection law for permissible data processing.


Place of Data Processing

We generally process data in Switzerland (data transfer upon conclusion of contract, server log files, contact form, registration, cookies). The EU has established an adequate level of data protection for Switzerland in Decision 2000/518/EC. However, some of our service providers, whose plug-ins and tools we use, process data outside the EU. This is disclosed in the context of this data protection declaration when explaining which plug-ins / tools are used.

The appropriate level of data protection is guaranteed within the framework of participation in the so-called "Privacy Shield" and the measures taken by the service provider for data protection and data security.



Analysis tool «Google Analytics»

We use Google Analytics, a service of Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland, as part of an order processing via the Google Tag Manager. Google uses a so-called "cookie" for this purpose. This is a small text file that is stored on your computer by your browser. By means of this cookie, Google receives information about which website you have called up and, in particular, the following information: browser type/version, operating system used, technical information about the operating system and the browser as well as the public IP address of the computer you are using. We use Google Analytics in such a way that your IP address is only used in anonymous form. This anonymisation is carried out after notification by Google in the European Union or a member state of the EEA. Only in exceptional cases will the full IP address be transferred to a Google server in the USA and only there will it be shortened. According to Google, the anonymisation takes place before the IP address is stored on a permanent data carrier for the first time. For details, we refer to the Google data protection declaration, available at


Google Analytics allows us to compile usage statistics for our website in a non-personal form, as well as demographic data on visitors and their user behaviour. We also compile statistics that help us to better understand how our website is found, in order to improve our search engine optimisation and our advertising measures. With this processing we pursue the legitimate interest to be able to improve our website and our advertising measures (legal basis GDPR: Art. 6 para. 1 f).


You can find information on how to object to the use of Google Analytics at


Google is a member of the Privacy Shield Convention and has concluded a contract with us for the processing of Google Analytics. The pseudonymous data is deleted after 14 months.


Adaptation of Data Protection Notices

We always keep this data protection information up to date. We therefore reserve the right to change them from time to time and to update them in the event of changes in the collection, processing or use of your data. The current version of the data protection declaration is always available at the following address