Hotel Lauberhorn Grindelwald



beni & conny kaufmann
obere gletschertalstrasse 41
3818 Grindelwald

>> contact



The content of our website has been compiled with meticulous care and to the best of our knowledge. However, we cannot assume any liability for the up-to-dateness, completeness or accuracy of any of the pages. Our website contains links to the websites of third parties (“external links”). As the content of these websites is not under our control, we cannot assume any liability for such external content. The content and works published on this website are governed by the copyright law.


Hotel Lauberhorn AG, Obere Gletscherstrasse 41, 3818 Grindelwald manages the Hotel Lauberhorn and is the operator of the website and is therefore responsible for the collection, processing and use of your personal data and for ensuring that data processing complies with applicable data protection legislation. Your trust is important to us, which is why we take the issue of data protection seriously and ensure appropriate security. It goes without saying that we comply with the legal provisions of the Federal Data Protection Act (FADP), the Ordinance to the Federal Data Protection Act (FADP), the Telecommunications Act (TCA) and any other applicable data protection provisions of Swiss or EU law, in particular the General Data Protection Regulation (GDPR).

So that you know what personal data we collect from you and for what purposes we use it, please take note of the information below.


Data processing in connection with our website

When you visit our website, our servers temporarily store every access in a log file. The following technical data is recorded without your intervention, as is generally the case with every connection to a web server, and is stored by us until it is automatically deleted:

  • the IP address of the requesting computer
  • the name of the owner of the IP address range (usually your Internet access provider)
  • the date and time of the access
  • the website from which the access was made (referrer URL), if applicable with the search word used
  • the name and URL of the file accessed
  • the status code (e.g. error message)
  • the operating system of your computer
  • the browser you use (type, version and language)
  • the transmission protocol used (e.g. HTTP/1.1)
  • your username from a registration/authentication

The collection and processing of this data is done for the purpose of enabling the use of our website (connection establishment), to ensure system security and stability on a permanent basis and to enable the optimization of our internet offer as well as for internal statistical purposes. This is our legitimate interest in data processing within the meaning of Art. 6 para. 1 lit. f DSGVO.

The IP address is also evaluated together with the other data in the event of attacks on the network infrastructure or other unauthorized or abusive website use for the purpose of clarification and defense and, if necessary, used in the context of criminal proceedings for identification and civil and criminal action against the users concerned. This is our legitimate interest in data processing within the meaning of Art. 6 Para. 1 lit. f DSGVO.

This data cannot be directly assigned to specific persons. A combination of this data with other data sources is not made. We reserve the right to check this data retrospectively if we become aware of concrete indications of illegal use. These data as well as all data of this website are stored by our hosting provider Hostpoint AG, Neue Jonastrasse 60, 8640 Rapperswil-Jona, whose privacy policy you can read at >> here


SSL encryption
This site uses SSL encryption for security reasons and to protect the transmission of confidential content, such as requests that you send to us as the site operator. You can recognize an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line. If SSL encryption is activated, the data you transmit to us cannot be read by third parties.


Use of the contact form
You have the possibility to use a contact form to get in touch with us. For this we need the following mandatory information:

  • First and last name
  • E-mail address
  • Message

We use this data as well as a telephone number voluntarily provided by you only to be able to answer your contact request in the best possible and personalized way. The processing of this data is therefore necessary within the meaning of Art. 6 para. 1 lit. b DSGVO for the implementation of pre-contractual measures or is in our legitimate interest pursuant to Art. 6 para. 1 lit. f DSGVO.


Opening a customer account
To make bookings on our website, you can order as a guest or open a customer account. When registering for a customer account, we compulsorily collect the following data:

  • First and last name
  • Postal address
  • Telephone number
  • E-Mail address

The collection of this and other data voluntarily provided by you (e.g. company name) is for the purpose of providing you with password-protected direct access to your basic data stored with us. You can view your previous and current bookings or manage or change your personal data..

The legal basis for processing the data for this purpose is the consent you have given us in accordance with Art. 6 (1) lit. a DSGVO.


Booking on the website, by correspondence or by phone call
If you make bookings either via our website, by correspondence (email or letter post) or by telephone call, we require the following mandatory data for the processing of the contract:

  • Salutation
  • First and last name
  • Postal Address
  • Telephone number
  • Language
  • Credit Card information
  • E-mail address

We will only use this data and other information voluntarily provided by you (e.g. expected arrival time, motor vehicle registration plate, preferences, remarks) to process the contract, unless otherwise stated in this privacy policy or you have separately consented to this. We will process the data by name in order to record your booking as requested, to provide you with the booked services, to contact you in case of ambiguities or problems and to ensure correct payment. The legal basis of data processing for this purpose is the fulfillment of a contract according to Art. 6 para. 1 lit. b DSGVO.


Booking portal Simple Booking
You can make a room reservation or booking directly through this website. This is done through an external provider. When using the booking links you will be taken to Simple Booking redirected. Here it goes to the Privacy Simple Bookings.


Cookies – Tracking Tools
For the purpose of demand-oriented design and continuous optimization of our website, we use the web analytics service of Google Analytics. In this context, pseudonymized usage profiles are created and small text files that are stored on your computer (“cookies”) are used.

The information generated by the cookie about your use of this website is transmitted to the servers of the providers of these services, stored there and processed for us. In addition to the data listed under item 1, we may thereby receive the following information:

  • Navigation path that a visitor follows on the site
  • the time spent on the site or sub-page
  • the sub-page on which the website is left
  • the country, region or city from which access is made
  • terminal device (type, version, color depth, resolution, width and height of the browser window)
  • Returning or new visitor

The information is used to evaluate the use of the website, to compile reports on website activity and to provide other services related to the use of the website and the Internet for the purposes of market research and demand-oriented design of this website. This information may also be transferred to third parties if this is required by law or if third parties process this data on our behalf.

Disable Google Services (Browser Plugin)


Google Analytics

The provider of Google Analytics is Google Inc, a company of the holding company Alphabet Inc, based in the USA. Before the data is transmitted to the provider, the IP address is truncated by activating IP anonymization (“anonymizeIP”) on this website within the member states of the European Union or in other contracting states to the Agreement on the European Economic Area. The anonymized IP address transmitted by your browser as part of Google Analytics will not be merged with other data from Google. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. In these cases, we ensure through contractual guarantees that Google Inc. maintains a sufficient level of data protection. According to Google Inc., in no case will the IP address be associated with other data concerning the user. For more information about the web analytics service used, please visit the Google Analytics website. Instructions on how to prevent the processing of your data by the web analysis service can be found at


IP anonymization
We have activated the IP anonymization function on this website. This means that your IP address is shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area before being transmitted to the USA. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage to the website operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with other data from Google.


Browser Plugin
You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. In addition, you can prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) to Google, as well as the processing of this data by Google, by using the link available under the following Browser-Plugin download & install

You can find more information on the handling of user data at Google Analytics Privacy


Order data processing
We have concluded an order data processing agreement with Google and fully implement the strict requirements of the data protection authorities when using Google Analytics.


Google Fonts
Google Fonts are used on this website. For technical reasons, however, your IP address must be transmitted to Google so that the fonts can be transferred to your browser. You can find more information from Google about Google Fonts here.
Update: Since July 1, 2023, the Google Fonts of our websites are loaded locally from our web server


Google reCaptcha
We use Google’s reCaptcha service to determine whether a human or a computer is making a particular entry in our contact or newsletter form. Google uses the following data to check whether you are a human or a computer: IP address of the terminal device used, the website you visit with us on which the captcha is embedded, the date and duration of the visit, the recognition data of the browser and operating system type used, Google account if you are logged in to Google, mouse movements on the reCaptcha areas and tasks that require you to identify images. The legal basis for the described data processing is Art. 6 (1) lit. f of the General Data Protection Regulation. There is a legitimate interest on our side in this data processing to ensure the security of our website and to protect us from automated entries (attacks).


Google Maps
This website uses the Google Maps API, a map service provided by Google Inc (“Google”), to display an interactive map. By using GoogleMaps, information about your use of this website (including your IP address) may be transmitted to and stored by Google on servers in the United States. Google may transfer the information obtained through Analytics & Maps to third parties where required to do so by law, or where such third parties process the information on Google’s behalf. Google will not associate your IP address with any other data held by Google.

Nevertheless, it would be technically possible for Google to identify at least individual users on the basis of the data received. It would be possible that personal data and personality profiles of users of the website could be processed by Google for other purposes over which we have and can have no influence. This and the fact that data is transmitted to the USA is problematic for data protection reasons. You have the option of deactivating the Google Maps service in a simple manner and thus preventing the transfer of data to Google: To do so, deactivate JavaScript in your browser. However, we would like to point out that in this case you will not be able to use the map display. By using this website and not deactivating the JavaScript function, you expressly declare, in awareness of the data protection issues, that you agree to the processing of the data collected about you by Google in the manner and for the purpose described above.

Click here for the privacy policy of Google


Our website uses plugins from the YouTube site operated by Google. The operator of the pages is YouTube, LLC, 901 Cherry Ave, San Bruno, CA 94066, USA. When you visit one of our pages equipped with a YouTube plugin, a connection to the YouTube servers is established. This tells the YouTube server which of our pages you have visited. If you are logged into your YouTube account, you enable YouTube to assign your surfing behavior directly to your personal profile. You can prevent this by logging out of your YouTube account. For more information on the handling of user data, please see YouTube’s privacy policy at Google


Data processing in connection with your stay

Data processing for the fulfillment of legal reporting obligationsn
Upon arrival at our hotel, we may require the following information from you and your companions:

  • First and last name
  • Postal address and canton
  • Date of birth
  • Place of birth
  • Nationality
  • Official identification card and number
  • Arrival and departure date
  • Room number

We collect this information in order to fulfill legal reporting obligations, which arise in particular from the hospitality industry or police law. Insofar as we are obliged to do so under the applicable regulations, we forward this information to the competent police authority.

Our legitimate interest within the meaning of Art. 6 (1) lit. f DSGVO lies in the fulfillment of the legal requirements.


Recognition of purchased services
If you obtain additional services during your stay (e.g. make use of the mini-bar or the pay-TV offer), we will record the subject of the service and the time of the service for billing purposes. The processing of this data is necessary in terms of Art. 6 para. 1 lit. b DSGVO to process the contract with us.


Storage & exchange with third parties

Booking platforms
If you make bookings via a third-party platform, we receive various personal information from the respective platform operator. As a rule, this is the data listed in section 5 of this privacy policy. In addition, inquiries about your booking may be forwarded to us. We will process this data by name in order to record your booking as requested and to provide the booked services. The legal basis of data processing for this purpose is the fulfillment of a contract according to Art. 6 para. 1 lit. b DSGVO. Finally, we may be informed by the platform operators about disputes in connection with a booking. In the process, we may also receive data about the booking process, which may include a copy of the booking confirmation as proof of the actual booking completion. We process this data to protect and enforce our claims. This is our legitimate interest within the meaning of Art. 6 para. 1 lit. f DSGVO.

Please also note the privacy policy of the respective provider.


Central storage and linking of data
We store the data specified in items 2-5 and 8-10 in a central electronic data processing system. The data concerning you is thereby systematically recorded and linked for the purpose of processing your bookings and handling the contractual services. For this purpose, we use software from Rebag Data AG, Einsiedlerstrasse 533, P.O. Box 426, CH-8810 Horgen. We base the processing of this data within the framework of the software on our legitimate interest within the meaning of Art. 6 Para. 1 lit. f DSGVO in customer-friendly and efficient customer data management.


Retention period
We store personal data only as long as it is necessary to use the tracking services mentioned above as well as the further processing within the scope of our legitimate interest. We retain contractual data for a longer period, as this is required by statutory retention obligations. Retention obligations that require us to retain data result from regulations on registration law, on accounting and from tax law. According to these regulations, business communication, concluded contracts and accounting vouchers must be kept for up to 10 years. As far as we do not need these data any more for the execution of the services for you, the data are blocked. This means that the data may then only be used for accounting and tax purposes.


Disclosure to third parties
We only pass on your personal data if you have expressly consented to this, if there is a legal obligation to do so or if this is necessary to enforce our rights, in particular to enforce claims arising from the contractual relationship. In addition, we disclose your data to third parties to the extent necessary in the context of the use of the website and the execution of contracts (including outside the website), namely the processing of your bookings. A service provider to whom the personal data collected via the website is transferred or who has or may have access to it is our web host [name and address]. The website is hosted on servers in [country]. The data is passed on for the purpose of providing and maintaining the functionalities of our website. This is our legitimate interest within the meaning of Art. 6 para. 1 lit. f DSGVO.

Finally, when you pay by credit card on the website, we forward your credit card information to your credit card issuer and to the credit card acquirer. If you decide to pay by credit card, you will be asked to enter all mandatory information. The legal basis for the transfer of data is the fulfillment of a contract according to Art. 6 para. 1 lit. b DSGVO. Regarding the processing of your credit card information by these third parties, we ask you to also read the terms and conditions as well as the privacy policy of your credit card issuer.


Transfer of personal data abroad
We are also entitled to transfer your personal data to third companies (contracted service providers) abroad for the purpose of the data processing described in this privacy policy. These are obligated to data protection to the same extent as we ourselves. If the level of data protection in a country does not correspond to that in Switzerland or the European Union, we will ensure by contract that the protection of your personal data corresponds to that in Switzerland or the EU at all times.


More information

Right of access, rectification, erasure and restriction of processing; right to data portability
You have the right to request information about the personal data that we have stored about you. In addition, you have the right to have incorrect data corrected and the right to have your personal data deleted, insofar as this does not conflict with a legal obligation to retain the data or an authorization that allows us to process the data. You also have the right to demand that we return the data you have provided to us (right to data portability). Upon request, we will also transfer the data to a third party of your choice. You have the right to receive the data in a common file format. You can contact us for the aforementioned purposes via the e-mail address For the processing of your requests, we may, at our discretion, require proof of identity.


Data security
We use appropriate technical and organizational security measures to protect your personal data stored with us against manipulation, partial or complete loss and against unauthorized access by third parties. Our security measures are continuously improved in line with technological developments. You should always treat your access data confidentially and close the browser window when you have finished communicating with us, especially if you share a computer with others. We also take internal company data protection very seriously. Our employees and the service companies commissioned by us have been obligated by us to maintain confidentiality and to comply with the provisions of data protection law.


Note on data transfers to the USA
For the sake of completeness, we would like to point out for users who are resident or domiciled in Switzerland that there are surveillance measures in place in the USA by US authorities which generally allow the storage of all personal data of all persons whose data has been transferred from Switzerland to the USA. This is done without any differentiation, limitation or exception based on the objective pursued and without any objective criterion that would make it possible to limit the access of the U.S. authorities to the data and their subsequent use to very specific, strictly limited purposes that are capable of justifying the intrusion associated both with the access to these data and with their use. Furthermore, we would like to point out that in the U.S. there are no legal remedies available to data subjects from Switzerland that would allow them to obtain access to the data concerning them and to obtain its correction or deletion, or that there is no effective judicial legal protection against general access rights of U.S. authorities. We explicitly draw the attention of the data subject to this legal and factual situation so that he or she can make an appropriately informed decision to consent to the use of his or her data.

We would like to point out to users residing in a member state of the EU that the USA does not have a sufficient level of data protection from the perspective of the European Union – among other things due to the issues mentioned in this section. To the extent that we have explained in this Privacy Policy that recipients of data (such as Google) are based in the USA, we will ensure either through contractual arrangements with these companies or by ensuring that these companies are certified under the EU or Swiss-US Privacy Shield that your data is protected with our partners with an appropriate level.


Right to complain to a data protection supervisory authority

You have the right to complain to a data protection supervisory authority at any time.

Status: 31 July 2023