Privacy Policy Matterhorn App
This privacy policy applies to the processing of your data when you use the Matterhorn app (hereinafter the "App").
The App is operated by Zermatt Tourism, Bahnhofplatz 5, 3920 Zermatt (“we”, "us”, “our”). Zermatt Tourism is therefore also responsible for ensuring that data processing always complies with the applicable laws. You can contact us with your questions about the processing of your data at any time:
Zermatt Tourism
Bahnhofplatz 5
CH - 3920 Zermatt
Email: datenschutz@zermatt.swiss
Zermatt Tourism has also appointed a representative in the European Union pursuant to Article 27 of the GDPR and a United Kingdom representative pursuant to Article 27 of the UK GDPR, to whom you can send queries via email or by writing to the following address:
EU representative:
Swiss Infosec (Deutschland) GmbH
Unter den Linden 24
10117 Berlin
Deutschland
E-Mail-Adresse: zermatt-tourismus.dataprivacy@swissinfosec.de
UK representative:
Swiss GRC UK Limited
The Nova Centre
1 Purser Road
Northampton
NN1 4PG
England
E-Mail-Adresse: zermatt-tourismus.dataprivacy@swissgrc.uk.com
Protection of your personal data is extremely important to us. We take data protection seriously and are careful about keeping your data secure. We follow all of the applicable legal rules, especially those of the Swiss Federal Act on Data Protection (FADP) and the associated ordinance, as well as provisions of the Telecommunications Act (TCA). Where applicable, we also observe the provisions of the European Union's General Data Protection Regulation (GDPR).
It is important to us that you know what personal data we collect, how we do this, how we process this data and for what purposes this is done. Therefore, we ask that you read the following information carefully.
The interactive Matterhorn app is your mobile, personalised travel companion, helping you to have a perfect holiday in Zermatt, whether in summer or winter.
When you use the App, the following data that you provide can be processed: name, customer address data, contact information, language, means of payment, travel information, transaction data and transaction history, booking details when purchasing tickets, information about reservations (restaurant, date, time, changes and cancellations) and location data. Your data is linked to a profile which we create for you and is stored in our central database. Your data is also stored in the App database, which is hosted by a third-party provider, and will be deleted on deletion of your profile, which you can initiate yourself at any time in the settings.
If you do not want to send location data, please disable the GPS function on your device by refusing permission for use of the function when you first install the App or by subsequently adjusting your device and App settings. Please note that the GPS function must be enabled if you wish to use the SOS function or Peak Track.
When using the App, additional information is collected every time you open it. This consists of data about the App version, your device, network, operating system, screen information, location (provided that the GPS function is enabled) and IP address.
We only collect and process the data required to use, operate and support the App, make reservations, purchase e‑tickets or forward information in the event of an emergency (SOS function).
3.1 Usage, operation and support for the App
You can decide whether or not to create a profile. Creating a profile allows you to make reservations and bookings more easily.
Anonymous personal and travel data as well as statistical data (e.g. sales revenue, number of journeys) are processed to further develop and improve the App.
Anonymous tracking information is collected and sent to third‑party providers for analysis.
Anonymous crash reports are collected and transmitted to a third‑party provider to analyse and correct technical errors.
Such processing is based on our legitimate interests (Art. 6(1)(f) GDPR).
3.2 Reservations
If you book a hotel, event, restaurant or other service, we require your personal data to manage and process your reservation (Art. 6(1)(b) GDPR) or based on our legitimate interests (Art. 6(1)(f) GDPR).
Double‑bookings are prevented for your benefit and that of our partners.
Credit‑card details entered during a restaurant booking are not stored but sent directly to the restaurant.
Data may also be used for analytics and personalised advertising (Art. 6(1)(f) GDPR).
3.3 Buying e‑tickets
We process your personal data to manage your ticket purchase (Art. 6(1)(b) GDPR / Art. 6(1)(f) GDPR).
ZBAG and MGBahn/GGB have access and process data per their privacy policies.
Legal basis: fulfilling the contract (Art. 6(1)(b) GDPR).
3.4 Peak Track
Peak Track is an independent feature that automatically records ski activity such as vertical metres, kilometres skied and lifts used. You can compare results with others and participate in competitions.
Movement and usage data are processed to enable the feature and display personal statistics.
Creating a Peak Track profile constitutes consent to this processing. GPS must be enabled and data‑protection consent granted.
Legal basis: consent (Art. 6(1)(a) GDPR).
3.5 SOS function
You can trigger the SOS function voluntarily in emergencies. Based on your selection and confirmation, you can call 144 and two emails are sent automatically (to Zermatt Tourism and the SOS centre).
If logged in, your name, email, language, phone and location are shared. If not logged in, only location and timestamp are sent.
Legal basis: consent (Art. 6(1)(a) GDPR) and vital interests (Art. 6(1)(d) GDPR).
For specific purposes such as analytics, customer contact, registration and authentication, handling payments, infrastructure monitoring, creating and managing backups, hosting and back‑end infrastructure, tag management, location‑based interactions, user database management, and performance testing, we work with various external service providers.
Evaluation, analysis and monitoring of the App
We work with third parties who may process your personal data within or outside Switzerland, the EEA or the UK, including the USA. They provide us with statistics from app marketplaces (Apple, Google, etc.).
Where third parties process your data for their own purposes, we are not responsible.
Advertising and campaigns
We use analytics tools to evaluate advertising and user activity for personalised campaigns. Processing may occur inside or outside Switzerland, the EEA or the UK, including the USA.
Where third parties process data for their own purposes, we are not responsible.
Such processing only takes place based on your consent (Art. 6(1)(a) GDPR).
Infrastructure monitoring
Error diagnostics may send device data, OS versions, timestamps, location country and language settings to third parties.
Processing supports app maintenance and is based on legitimate interests (Art. 6(1)(f) GDPR).
Registration and authentication
We use third‑party authentication services. These receive image, cookie, email, surname, password and IP address.
Processing serves security and correct account access.
Hosting and back‑end infrastructure
Hosting providers offer computing power, database storage and content delivery.
Back‑up creation and management
Cloud providers store long‑term backup data.
Payments handling
Bookings and payments may involve payment processors.
Credit‑card payments are handled via a provider in Switzerland.
We only share your personal data with third parties if:
(i) this is necessary to fulfil our contractual duties towards you (e.g. when buying an e‑ticket, we share your email address, name, date of birth if required, transaction data, transaction history or payment method with the relevant transport company; or when you reserve a hotel or restaurant, we forward the required booking details),
(ii) you have given your explicit consent (e.g. SOS function),
(iii) a legal obligation exists, or
(iv) it is required to assert our legal claims.
We may also transfer your data to third parties when necessary to provide services you requested or to analyse your user behaviour as described in section 4.
We also draw your attention to our use of Salesforce solutions (see www.salesforce.com).
Salesforce provides online tools such as CRM, customer service, community building, data analysis and app‑creation platforms. Data processed by the App may be combined with other data held by Zermatt Tourism and/or Zermatt Bergbahnen AG and stored in a unified (cloud) database.
For detailed privacy information from Salesforce, visit:
https://www.salesforce.com/company/privacy/
Some of the services we use are purchased from other countries, which means your personal data may also be transferred abroad. In particular, this concerns countries in which our service providers are located: EU member states and the United States.
Personal data is only transferred abroad when the applicable legal requirements are met. Third‑party providers located abroad are obliged to uphold data‑protection standards equivalent to ours.
If a country does not provide an adequate level of protection (such as the United States), we contractually ensure an equivalent level of data protection — by signing the EU Standard Contractual Clauses.
Par souci de transparence, nous souhaitons t’informer que lorsque tu es redirigé·e depuis l’appli vers les sites Internet www.matterhornparadise.ch et www.zermatt.ch, ou lorsque tu consultes ces sites depuis l’appli, des données personnelles te concernant peuvent également être traitées.
Pour ces traitements, les politiques de confidentialité disponibles sur ces sites Internet s’appliquent.
When you register with the Matterhorn App, we store your data for as long as your account exists and in accordance with our legal obligations.
We generally do not permanently store purely technical data about App usage.
We only retain personal data for as long as it is necessary:
- to use the tracking and analysis services mentioned above within the scope of our legitimate interests;
- to deliver the services described above which you have requested or for which you have provided consent;
- to meet our legal obligations.
Data relating to the conclusion or performance of a contract is stored for a longer period, as required by statutory retention obligations — for example, accounting and tax regulations.
Under these rules, business correspondence, contracts and accounting documents must be retained for up to 10 years.
Once this data is no longer required to provide services to you, it will be blocked, meaning it can only be used for accounting and tax purposes.
We have implemented appropriate technical and organisational security measures to protect the data we store against manipulation, partial or complete loss and unauthorised access by third parties.
Our security measures are continuously adapted and improved in line with technological developments.
We also take internal data protection very seriously.
Our employees and service providers are bound by confidentiality obligations and must comply with all applicable data‑protection regulations.
You can assert the following rights with regard to your personal data:
Revoke consent at any time.
If you have given consent to the processing of personal data, you may withdraw it at any time.Object to the processing of your data.
You have the right to object when data is processed on any legal basis other than your consent.Obtain information about the data being processed.
You have the right to know whether your data is being processed by Zermatt Tourism, to receive information about aspects of the processing, and in certain cases to obtain a copy of the data.Verify and rectify.
You have the right to verify the accuracy of your data and request it be updated or corrected.Request restriction of processing.
You have the right to request restriction of processing under certain circumstances.Request erasure.
You may request the deletion or removal of your personal data in certain circumstances.Obtain your data and transfer it to another controller.
You have the right to receive your data in a structured, commonly used and machine‑readable format and to have it transferred to another controller where technically feasible.Lodge a complaint.
You have the right to lodge a complaint with the competent supervisory authority.
In Switzerland, this is the Federal Data Protection and Information Commissioner.
You can contact us for these purposes via datenschutz@zermatt.swiss.
We may request proof of identity to process your request.
When you contact us, we will endeavour to respond as quickly as possible.
Please note that in some cases, legal or data‑protection‑related reasons may prevent us from fully granting these rights.
We reserve the right to make changes to this privacy policy at any time.
The current version of this privacy policy can always be accessed through the app.
We recommend that you check it regularly and verify the date of the latest update shown at the bottom of the page.
If changes affect the use of data based on your consent, Zermatt Tourism will seek renewed consent where required.
Last updated: 27/01/2026