The trust of our customers is important to us. That is why we take the issue of data protection seriously and ensure appropriate security. It is a matter of course that we comply with the applicable provisions of the Federal Act on Data Protection (FADP), the Ordinance to the Federal Act on Data Protection (OFADP), the Telecommunications Act (TCA) and other applicable data protection provisions under Swiss or EU law, in particular the General Data Protection Regulation (GDPR).
In order for you to be aware of the personal data we collect from you, as well as the purposes for which we said data, please take note of the following information.
Controller of the website
The following is the controller of the website:
Primeo Management AG
c/o SwissCommerce Management GmbH
Data privacy
Chasseralstrasse 3
4900 Langenthal
Switzerland
Data processing when using the website (log file)
When you use our website, our servers temporarily store every access in a log file. The following data are processed without any action on your part and are stored until they are automatically deleted after 12 months at the latest:
IP adress
Name of the owner of the IP address range (usually the Internet access provider)
Date and time of access
Website from which access was made (referrer URL), if applicable, with the search word used
Name and URL of the retrieved file
Status code (e.g., error message)
Computer’s operating system
Browser used (type, version and language)
Transmission protocol used (e.g., HTTP/1.1)
Username from a registration/authentication
Data processing when using the contact form
If we are contacted using the contact form on the website, we collect the following data (mandatory*):
Title*
First name*
Last name*
E-mail adress*
Phone number*
Subject (order, invoice, other)*
Comment*
We only use these data to answer questions posed or to provide the services requested by the customer. By sending the message, the customer consents to the processing of the transmitted data. The processing takes place with consent, i.e., within the scope of the GDPR on the basis of Art. 6 para. 1 (a) GDPR. The customer may revoke their consent at any time by notifying us, without affecting the lawfulness of the processing carried out on the basis of the consent until the revocation. We only use the customer’s e-mail address to process the request. The data will subsequently be deleted unless the customer has consented to the further processing and use.
Data processing when posting a comment
When commenting/rating an article or a post, we collect personal data (name, e-mail address, comment text) only to the extent provided by the customer. The processing serves the purpose of enabling a comment and displaying comments. By submitting the comment, the customer consents to the processing of the transmitted data. Within the scope of the GDPR, the processing therefore takes place on the basis of Art. 6 para. 1 (a) GDPR with the customer’s consent. The customer may revoke their consent at any time by notifying us, without affecting the lawfulness of the processing carried out on the basis of the consent until the revocation. The personal data will then be deleted.
Data processing when registering for a customer account
You can order from our online shop as a guest or via a personal customer account. Certain services can only be purchased with a customer account.
If the customer registers for a customer account, we collect the following data (mandatory*):
Private client or company*
E-mail address*
Title*
First name*
Last name*
Password*
Phone number*
Date of birth*
Street name and house no.*
Additional address 1, Postcode*
Place*
Country*
We collect these data to open and manage the customer account, process the order(s) and provide the requested services. The data can be viewed and changed in the customer account at any time. In addition, the customer may request the complete deletion of their customer account by sending a request to us or initiating the deletion directly in their customer account. Within the scope of the GDPR, the processing takes place on the basis of Art. 6 para. 1 (a) GDPR with the customer’s consent.
Data processing for purchases in the online shop
We collect the following data for the processing of the purchasing agreement:
Private client or company
E-mail address
Title
First name
Last name
Billing address
(and, if different, the delivery address)
Login details, i.e., e-mail address and password (for registered customers)
Payment information (depends on the selected payment method)
The provision of further data is voluntary. If the customer is registered and has a customer account, we store the data for the next purchase. Within the scope of the GDPR, the processing takes place on the basis of Art. 6 para. 1 (b) GDPR and is necessary for the performance of a contract with the customer.
The data are transferred to, for example, the shipping companies and dropshipping providers selected by the customer, payment service providers, service providers for order processing and IT service providers. In all cases, we strictly comply with the legal requirements. The scope of the data transmission is limited to a minimum.
In connection with an order and the requested services, if the customer has a customer account, we also process the following data:
Information about the products ordered
Data about the ordering, purchasing and payment behaviour
Unless otherwise specified in this Privacy Policy or unless the customer has specifically consented to this, we will only use the above data for the purpose of executing the contract, namely to process orders, deliver the ordered products and ensure correct payment.
Newsletter
Anyone can subscribe to our newsletter on our website. Registration is required for this purpose. As part of the registration process, we collect the following data (mandatory*):
E-mail address*
After entering the aforementioned information, registration for our newsletter is initiated. Regardless of the contract processing, we use the customer’s e-mail address exclusively for our own advertising purposes to send newsletters, provided the customer has expressly agreed to this. Within the scope of the GDPR, processing is carried out on the basis of Art. 6 para. 1 (a) GDPR with the customer’s consent. The customer may revoke their consent at any time by notifying us, without affecting the lawfulness of the processing carried out on the basis of the consent until the revocation. The customer can unsubscribe from the newsletter at any time by using the corresponding link in the newsletter or by notifying us. Their e-mail address will then be removed from the mailing list.
The customer’s data are passed on to a service provider for e-mail marketing as part of order processing. No data are disclosed to any other third parties.
Our newsletter contains a web beacon or similar technical measure (tracking pixels). A web beacon is a 1x1 pixel, invisible graphic that is linked to the user ID of the respective newsletter subscriber. The web beacon provides us with the following information about the newsletter dispatch:
Address file used
Subject and number of newsletters sent
Information about which addresses have or have not received the newsletter, and which addresses have failed to receive the newsletter
Information about which addresses have opened the newsletter
Information about which addresses have unsubscribed
Technical information (e.g., access time, IP address, browser type and operating system)
This information is used for the statistical analysis of our newsletter campaigns. The results of these analyses can be used to better tailor future newsletters to the recipients’ interests. The web beacon is deleted when the newsletter is deleted.
To prevent the use of a web beacon, if this is not already the case by default, the mail program can be set so that no HTML is displayed in messages. The following pages explain how this feature can be set in the most common e-mail programs.
Use of the customer’s e-mail address to inform them about the shipping status
The shipping company provides us with the tracking data of the order to inform us about the shipping status We send this tracking data to the customer to the e-mail address provided by the customer. This serves the purpose of informing the customer about the order status of their order. Within the scope of the GDPR, the processing takes place on the basis of Art. 6 para. 1 (b) GDPR and is necessary for the performance of a contract with the customer.
Central storage
We store the data specified in the abovementioned paragraphs in a central electronic data processing system (so-called CRM). The customer-specific data are systematically collected, linked and evaluated for the purpose of processing inquiries and providing our services.
Disclosure of data to third parties
We only disclose personal data if the customer has expressly consented to this, if there is a legal obligation to do so, or if this is necessary to enforce our rights, in particular to enforce claims arising from the contractual relationship. In addition, we disclose data to third parties if this is necessary for the use of the website or to process the contract. The use of the data disclosed for this purpose by the third parties is strictly limited to the stated purposes.
We may also have personal data processed by corporate subsidiaries or third parties for the aforementioned purposes. These companies include marketing and market research companies, service providers that carry out the technical operation of our information technology for us (outsourcing partners, maintenance service providers, hosting service providers, cloud service providers), analysis services (see Section 16), financial service providers, debt collection companies, lawyers and authorities. If we commission corporate subsidiaries or third parties to process personal data, these companies are carefully selected and must take appropriate security measures to guarantee the confidentiality and security of the personal data.
Transmission of personal data abroad
We may disclose personal data to the following categories of recipients: our service providers (e.g., banks, insurance companies, consultants, IT providers, service providers in the marketing sector, debt collection agencies and credit agencies, etc.); dealers, suppliers, subcontractors and other business partners; within the scope of legal obligations, domestic and foreign authorities, social and private insurers, official bodies or courts; other parties in potential or actual administrative and legal proceedings. These recipients may be based in Switzerland or abroad. In particular, you must expect your data to be transferred to all countries in which the service providers we use, and their subcontractors, are located.
We will of course comply with the legal requirements for the transmission of personal data to third parties. These third parties are subject to the same data protection obligations as we are. If the level of data protection in a country does not correspond to that in Switzerland, we contractually ensure that the protection of personal data corresponds to that in Switzerland at all times.
Notice on data transmission to the USA
For the sake of completeness, we inform users of our website that there are surveillance measures in place in the USA by US authorities, which generally allow the storage of all personal data of all persons whose data has been transmitted from Switzerland to the US. This is done without any differentiation, limitation or exception based on the purpose pursued, and without any objective criterion that would make it possible to restrict the access to the data by the US authorities and their subsequent use to very specific, strictly limited purposes that can justify the interference with both access to and use of these data. In addition, we point out that there are no legal remedies available in the USA for the data subjects from Switzerland to allow them to obtain access to the data concerning them and to obtain their rectification or erasure, or that there is no effective judicial protection against general rights of access by US authorities. We would also like to point out that there are no legal remedies available in the USA for data subjects from Switzerland that would allow them to gain access to the data concerning them and to ensure their correction or deletion, or that there is no effective legal protection against general access rights of US authorities. To the extent that we have explained in this Privacy Policy that the recipients of data are located in the USA, we will ensure that their data are adequately protected by our partners, either by entering into contractual arrangements with these companies or by ensuring that these companies are certified under the Swiss-US-Privacy Shield.
Transmission of data to payment service providers, debt collection agencies and for credit checks
We disclose personal data to a commissioned debt collection agencies if our payment claim has not been settled despite a previous dunning notice. Within the scope of the GDPR, disclosure takes place on the basis of Art. 6 para. 1 (f) GDPR due to our overriding legitimate interest in the effective assertion or enforcement of our payment claim.
In the case of advance outlays, e.g., in the case of payment on account or direct debit, we reserve the right to obtain credit information on the basis of mathematical-statistical procedures using the CRIF AG, Hagenholzstrasse 81, CH-8050 Zürich. For this purpose, we transmit the personal data needed for a credit check to said company and use the information we receive about the statistical probability of default in payment to make a well-informed decision on the basis, execution or termination of the contractual relationship. The credit report may include probability values (score values) that are calculated on the basis of scientifically accepted mathematical-statistical methods and in which the calculation includes, inter alia, address data. The interests of the customer worthy of protection are taken into account in accordance with the statutory provisions. The data processing serves the purpose of credit verification for the conclusion of a contract. Within the scope of the GDPR, the processing takes place on the basis of Art. 6 para. 1 (f) GDPR based on our overriding legitimate interest in protecting ourselves against default in payment in cases of advance outlays. Affected customers have the right, for reasons arising from their particular situation, to object at any time to the processing of their personal data based on Art. 6 para. 1 (f) GDPR by notifying us. The provision of the data is necessary for the conclusion of the contract with the payment method requested by the customer. Failure to do so means that the contract cannot be concluded with the payment method selected by the customer.
Cookies
Our website uses cookies. Cookies are small text files that are stored in the Internet browser or by the Internet browser on a user’s computer system. When a user visits a website, a cookie may be stored on the user’s operating system. This cookie contains a characteristic string of characters that enables the browser to be uniquely identified when the website is called up again.
We use these cookies to make our offer more user-friendly, effective and secure. Furthermore, cookies enable our systems to recognise the browser even after a page change and to offer our services to the customer. Some features of our website cannot be accessed without the use of cookies. For these particular features, it is necessary for the browser to be recognised even after a page change.
Within the scope of the GDPR, disclosure takes place on the basis of Art. 6 para. 1 (f) GDPR based on our overriding legitimate interest in ensuring the optimal functionality of the website and the user-friendly and effective design of our offer.
Cookies are stored on the customer’s computer. The customer therefore has full control over the use of cookies. By selecting the appropriate technical settings in the Internet browser, the customer can be notified before cookies are set and can decide whether to accept them individually, and prevent the storage of cookies and the transmission of the data they contain. Cookies that have already been stored can be deleted at any time. However, in this case, we would like to point out to our customers that they may then not be able to use all the functions of our website to their full extent.
The links below provide information on how to manage (and disable) cookies on the most common browsers:
Analytical services, advertising and communication
The data processing measures described below in this section, in particular the setting of cookies, are carried out if we request the customer’s consent within the scope of the GDPR on the basis of Art. 6 para. 1 (a) GDPR. If we do not obtain the customer’s consent, the data processing takes place within the scope of the GDPR on the basis of Art. 6 para. 1 (f) GDPR based on our overriding legitimate interest in making the website responsive and targeted, e.g., by using analytical and statistical tools, to target page visitors with interest-based advertising, e.g., for conversion tracking to direct customer communication, e.g., for live chat tools. The customer has the right, on grounds arising from their particular situation, to object at any time to such processing of their personal data. In the case of data processing based on their consent, the customer may revoke their consent at any time, without affecting the lawfulness of the processing carried out on the basis of the consent until the revocation.
Adobe Analytics
We use the services of Adobe Analytics (Adobe Systems Software Ireland Limited, 6 Riverwalk, Naas Road, Dublin 24, Ireland) to automatically collect data on the use of our websites when you visit them. We obtain information on how our website is used and gain knowledge about the surfing behaviour of users in order to understand the relevance of the content and optimise the offer.
Google Marketing Platform
This website uses the Google Marketing Platform (formerly known as DoubleClick), a web analytics service provided by Google. This optimises the interaction with Google AdWords. It sets cookies when you view an advertisement or click on an advertising banner from us that is located on partner websites. This is done in order to display more interesting banners to you. The cookie allows us to record certain data about how your browser interacts with a particular advertisement. It also records whether you have viewed an ad, clicked on it, and whether a purchase or registration has taken place. The information stored in the cookie locally (on the user or client side) about the use of our websites is transmitted to Google servers and stored there.
Google Analytics
We use Google Analytics on our website, a web analysis service of Google Inc, 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA, or Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”). Google Analytics uses methods that enable the use of the website to be analysed, such as cookies. The following information, for example, generated by the cookie about the use of our website is usually transmitted to a Google server in the USA and stored there:
Browsing path that a visitor takes on the website
Time spent on the website or a subpage
The subpage from which the website is left
The country, region or city from which access is made
End device (type, version, colour depth, resolution, width and height of the browser window)
Returning or new visitor
Browser type/version
Operating system used
Referrer URL (i.e., the previously visited website)
Hostname of the accessing computer (IP address)
Time of server request
In this case, the IP address is truncated by activating IP anonymization (“anonymizeIP”) on this website before transmission within the member states of the European Union or in other contracting states of the Agreement on the European Economic Area or Switzerland. According to Google, the masked IP address transmitted by the browser as part of Google Analytics is not merged with other Google data. Only in exceptional cases is the full IP address transmitted to a Google server in the USA and truncated there. In these cases, we use contractual guarantees to ensure that Google complies with an adequate level of data protection.
The information is used to evaluate the use of the website, to compile reports on the activities on the website, and to provide further services associated with the use of the website and the Internet for the purposes of market research and demand-oriented design of the website. This information may also be transferred to third parties if required by law or if third parties process these data on our behalf.
The collection of the data generated by the cookie relating to the use of the website (including the IP address) and its transmission to Google, as well as the processing of these data by Google, can be prevented by downloading and installing the browser plug-in available at the following link: https://tools.google.com/dlpage/gaoptout?hl=en.
Boxalino
We use the web analysis service Boxalino from Boxalino AG (Hertistrasse 27a, 8304 Wallisellen, Switzerland) on our website.
The data processing serves the purpose of analysing our website and its visitors. To this end, Boxalino, on behalf of the operator of this website, will use the information collected to evaluate the behaviour on the website, to compile reports on website activities, and to provide other services to the website operator related to the use of the website and the Internet. Boxalino uses cookies that allow an analysis of the customer’s use of the website. The customer may at any time prevent the setting of cookies by our website, as already described above, by implementing the corresponding setting in the Internet browser used, and thus reject the setting of cookies permanently.
For Switzerland, there is an adequacy decision of the European Union, which certifies that Switzerland has an equivalent level of data protection to the EU. The applicable data protection provisions of Boxalino can be found at http://www.boxalino.com/de/impressum/.
Mouseflow
We use the analysis tool of Mouseflow ApS (Flaesketorvet 68, 1711 Copenhagen, Denmark; “Mouseflow”) on our website. The data processing serves the purpose of analysing this website and its visitors. For this purpose, data are collected and stored for marketing and optimisation purposes. These data can be used to create user profiles under a pseudonym. For this purpose, cookies may be used.
The Mouseflow web tracking tool records randomly selected individual visits (only with an anonymised IP address). This creates a log of mouse movements and clicks with the intention of randomly playing back individual website visits and deriving potential improvements for the website. The cookies allow the recognition of the Internet browser. The data collected using Mouseflow technologies will not be used to personally identify the visitor to this website and will not be merged with personal data about the bearer of the pseudonym without the separately granted consent of the data subject.
In order to prevent the collection and storage of data by Mouseflow across devices, the customer can set an opt-out cookie here https://www.mouseflow.com/opt-out/. Opt-out cookies prevent the future collection of data when visiting this website. The customer must opt-out on all systems and devices used in order for this to have a comprehensive effect. If the customer deletes the opt-out cookie, requests are again transmitted to Mouseflow.
Use of the remarketing or “Similar target groups” function provided by Google
We use the remarketing or “Similar target groups” function of Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; “Google”) on our website.
If the customer has their habitual residence in the European Economic Area or Switzerland, Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland) is the controller responsible for their data. Google Ireland Limited is therefore the affiliated company of Google, which is responsible for the processing of the data and compliance with applicable data protection laws.
The application serves the purpose of analysing visitor behaviour and visitor interests.
Google uses cookies to analyse website usage, which forms the basis for the creation of interest-based advertisements. The cookies record visits to the website as well as collect anonymised data about the use of the website. Personal data of visitors to the website are not stored. If the customer subsequently visits another website in the Google Display Network, they will be shown advertisements that are highly likely to include previously accessed product and information areas.
The customer can permanently deactivate the use of cookies by Google by following the link below and downloading and installing the plug-in provided there: https://support.google.com/ads/answer/7395996?hl=en
Alternatively, the customer can prevent the use of cookies by third-party providers by accessing the deactivation page of the Network Advertising Initiative at https://www.networkadvertising.org/choices/ and implementing the further information on opt-out there.
We use the online advertising program “Google Ads” on our website and, in this context, conversion tracking. Google conversion tracking is an analytics service provided by Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; “Google”).
If the customer has their habitual residence in the European Economic Area or Switzerland, Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland) is the controller responsible for their data. Google Ireland Limited is therefore the affiliated company of Google, which is responsible for the processing of the data and compliance with applicable data protection laws.
When the customer clicks on an ad placed by Google, a cookie for conversion tracking is stored on their computer. These cookies have a limited validity, do not contain personal data, and are therefore not used for personal identification. If the customer visits certain pages of our website and the cookie has not yet expired, both Google and our company can recognise that the customer has clicked on the ad and has been redirected to that page. Every Google Ads customer receives a different cookie. Thus, it is not possible for cookies to be tracked through the websites of Ads customers.
The information collected through the conversion cookie is used for the purpose of compiling conversion statistics. This tells us the total number of users who clicked on one of our ads and were redirected to a page with a conversion tracking tag. However, we do not receive any information that allows users to be personally identified.
Alternatively, the customer can prevent the use of cookies by third-party providers by accessing the deactivation page of the Network Advertising Initiative at https://www.networkadvertising.org/choices/ and implementing the further information on opt-out there.
The customer will then not be included in the conversion tracking statistics.
We use the remarketing function “Custom Audiences” provided by Facebook Inc. (1601 S. California Ave, Palo Alto, CA 94304, USA; “Facebook”) on our website.
The purpose of the application is to target visitors to the website with interest-based advertising on the Facebook social network.
We use the “Facebook Pixel” function in this case. The Facebook remarketing tag was implemented on the website for this purpose. This tag establishes a direct connection to the Facebook servers when visiting the website. This tells the Facebook server which of our pages the customer has visited. Facebook links this information to the customer’s personal Facebook user account. When the customer visits the social network Facebook, personalised, interest-based Facebook ads are displayed to the customer.
We also use the “Custom Audiences via customer list” function. This involves uploading the customer’s e-mail address to Facebook. The upload process is encrypted.
The customer can disable the “Custom Audiences” remarketing feature here.
For more information about Facebook’s collection and use of data, the rights and options for protecting privacy in this regard, please refer to Facebook’s privacy policy at https://www.facebook.com/about/privacy/.
Use of Bing Ads
We use Bing Ads provided by the Microsoft Corporation (Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA; “Microsoft”) on our website.
When clicking on an ad displayed by Microsoft Bing Ads, a conversion tracking cookie is stored on the customer’s computer. This cookie has a limited validity and is not used for personal identification. If the customer visits certain pages of our website and the cookie has not yet expired, both Microsoft and our company can recognise that the customer has clicked on the ad and has been redirected to that page.
The information collected through the conversion cookie is used for the purpose of compiling conversion statistics. We find out the total number of users who clicked on one of our ads and were redirected to a page with a conversion tracking tag. However, it is not possible to personally identify these users.
The customer can prevent the storage of cookies by selecting the appropriate technical settings in their browser software; however, we would like to point out to our customers that in this case they may not be able to use all the functions of this website to their full extent.
The customer will subsequently not be included in the conversion tracking statistics.
We use “Minubo” provided by minubo GmbH (Grosser Burstah 31, 20457 Hamburg) on our website. The application evaluates the most important e-commerce indicators (order values, orders, returns, cancellations, customer data, etc.) and provides them to us in the form of statistics. For this purpose, the collected data from other systems/tools such as Google Analytics (see section on Google Analytics) are merged and summarised.
With regard to the opt-out options, please refer to the above information on Google Analytics and the opt-out option mentioned there.
Use of Profity
We offer the customer vouchers from the e-commerce network Profity of the provider adfocus GmbH, Theilerstrasse 7, 6300 Zug, Switzerland, after completion of the order process. Profity is a voucher network through which partner shops can set up and send vouchers to their customers. In order to provide our customers with this access, we include a corresponding notice from adfocus when completing orders on our website, which allows the transmission of data. The data are only transmitted to adfocus after the customer has completed their purchase and clicked on the Profity banner. In this case, adfocus collects in particular the following data, which are stored in databases and log files: date and time including time zone, Internet protocol (IP) address, access status (HTTP status code), operating system (including version), browser (including language), individual page accessed, amount of data transmitted, presumed location and last accessed website (referrer), as well as other information about origin including pathway from individual partner shops to Profity. Within the scope of the GDPR, the described processing of data takes place in accordance with Art. 6 para. 1 (f) GDPR based on the legitimate interest in the targeted advertising of the user by third party advertisers, of which the user may benefit by using the vouchers.
For Switzerland, there is an adequacy decision of the European Union, which certifies that Switzerland has an equivalent level of data protection to the EU.
Further information about the nature, scope and purpose of the data processing is available in Profity’s privacy policy: https://www.profity.ch/about/privacy .
Use of the Zendesk CRM system
We use the CRM system “Zendesk”, from the provider Zendesk, Inc., 989 Market Street #300, San Francisco, CA 94102, USA, in order to process users’ requests more quickly and efficiently (legitimate interest according to Art. 6 para. 1 (f) GDPR within its scope of application).
Zendesk (https://www.privacyshield.gov/participant?id=a2zt0000000TOjeAAG&status=Active).
Zendesk only uses user data for the technical processing of requests and does not pass these on to third parties. The use of Zendesk requires at least the provision of a correct e-mail address. Pseudonymous use is possible. In the course of processing service requests, it may be necessary to collect further data (name, address). The use of Zendesk is optional and serves to improve and accelerate our customer and user service.
If users do not consent to data collection and storage in Zendesk’s external system, we offer alternative contact options to submit service requests by fax or mail.
We use the services of Poptin on our website, with the data protection officer, Tomer Aharon, Street 18, Jerusalem Blvd, 7752311, Ashdod, Israel, which is a third-party provider, for the optimisation of conversion rates based on pop-ups. These are implemented by means of cookies. The Poptin cookies may be blocked together with the other marketing cookies. Further information on the nature, scope and purpose of the data processing is available in Poptin’s privacy policy at https://www.poptin.com/privacy-policy/ and the GDPR statement https://www.poptin.com/gdpr/.
Plugins
Use of YouTube
We use the function for embedding YouTube videos from Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; “YouTube”) on our website. YouTube is a company affiliated with Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; “Google”).
The function displays videos stored on YouTube in an iFrame on the website. In this case, the option “Enhanced data protection mode” is activated. As a result, no information about visitors to the website is stored by YouTube. Only when the customer views a video is information about said customer transmitted to YouTube and stored there. If necessary, the data will be transmitted to the USA.
Further information about the collection and use of data by YouTube and Google, as well as the rights and options for protecting privacy in this regard can be found in YouTube’s privacy notice (https://www.youtube.com/t/privacy).
Use of GoogleMaps
We use the function for embedding GoogleMaps maps from Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; “Google”) on our website.
If the customer has their habitual residence in the European Economic Area or Switzerland, Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland) is the controller responsible for their data. Google Ireland Limited is therefore the affiliated company of Google, which is responsible for the processing of the data and compliance with applicable data protection laws.
The function allows the visual representation of geographic information and interactive maps. Google also collects, processes and uses data from visitors to the websites when they access the pages in which GoogleMaps maps are integrated.
Within the scope of the GDPR, the processing takes place on the basis of Art. 6 para. 1 (f) GDPR based on the legitimate interest in making our website responsive and targeted.
Further information on the collection and use of the data by Google can be found in Google’s privacy policy at https://www.google.com/privacypolicy.html. It is also possible to change the settings in the data protection centre so that the customer can manage and protect their data processed by Google.
Use of Google reCAPTCHA
We use the service reCAPTCHA provided by Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; “Google”) on our website.
If the customer has their habitual residence in the European Economic Area or Switzerland, Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland) is the controller responsible for their data. Google Ireland Limited is therefore the affiliated company of Google, which is responsible for the processing of the data and compliance with applicable data protection laws. The query serves the purpose of distinguishing the input by a human or by automated, machine processing. For this purpose, the customer’s input is transmitted to Google and used there. In addition, the IP address and, if necessary, other data needed by Google for the reCAPTCHA service are transmitted to Google. These data are processed by Google within the European Union and, where appropriate, transmitted to the USA. Google has been certified under the US-EU “Privacy Shield” agreement and is thus committed to complying with the European data protection guidelines.
Within the scope of the GDPR, the processing takes place on the basis of Art. 6 para. 1 (f) GDPR based on the legitimate interest in protecting our website against automated spying, fraud and SPAM.
More information about Google reCAPTCHA and the corresponding privacy policy can be found at:
Our website contains links to social media networks. These are not plug-ins provided by the social media network, which already transmit data to the provider when the page is loaded without the user having any influence. The buttons for the social media networks merely contain a link to our presence on the relevant social media network. User data are not automatically transmitted to the social media network when the page is loaded.
The links lead to our appearances in the following networks:
Facebook von Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Irland,
Instagram vof Instagram Inc., 1601 Willow Road, Menlo Park, CA 94025, USA,
Twitter of Twitter Inc., 795 Folsom St., Suite 600, San Francisco, CA 94107, USA,
YouTube of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland.
When a link to one of our social media profiles is accessed, a direct connection is established between the browser and the server of the social network in question. This provides the network with the information that the customer has visited our website with their IP address and has accessed the link. If the customer accesses a link to a network while logged into their account with the network in question, the content of our site can be linked to their profile with the network, which means that the network can assign the visit to our website directly to their user account. If this is to be prevented, the customer should log out before activating the corresponding links. An assignment takes place in any case when the customer logs into the relevant network after clicking on the link.
Social plug-ins
We provide certain social media functionalities on our website. If the customer clicks on the relevant social network icons, they will be linked to the relevant social network in order to use the selected functionality, e.g.. to like content on Facebook. To do this, however, the customer must log in to their user account or already be logged in.
We provide plug-ins from the following social networks: Facebook of Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, Instagram of Instagram Inc., 1601 Willow Road, Menlo Park, CA 94025, USA
If one of the functions provided is selected and the symbol of the relevant social network is clicked, a direct connection is established between the browser and the server of the relevant social network. This provides the network with the information that the customer has visited our website with their IP address and has accessed the link. If the customer accesses a link to a social network while logged into their account on the social network, the contents of our website may be linked to their profile on the social network. This means that the social network can assign your visit to our website directly to your user account. If this is to be prevented, the customer should log out before clicking on such links. An assignment takes place in any case when the customer logs into the relevant network after clicking on the link.
The purpose and scope of the data collection and the further processing and use of the data by the respective social network, as well as the rights and options for privacy protection in this regard, can be found in the privacy policy of the social network.
Data security
We use suitable and appropriate technical and organisational security measures to protect the personal data stored by us against manipulation, partial or complete loss, and unauthorised access by third parties. Our security measures are continually adapted and improved in line with technological developments.
Access data should always be treated confidentially and the browser window should be closed when communication with us has ended, especially if the end device is shared with others. We take internal data protection very seriously. Our employees and the service companies commissioned by us have been obliged by us to maintain confidentiality and to comply with data protection regulations.
Storage duration
We only store personal data for as long as is necessary to achieve the abovementioned data processing purposes. Contract data are stored by us for longer as this is required by statutory retention obligations. Such statutory retention obligations arise, inter alia, from accounting regulations and tax regulations. According to these regulations, business communications, concluded contracts and accounting records are to be stored for up to 10 years. Insofar as we no longer need these data to perform the services for the customer, the data will be restricted. This means that the data can only be used for very specific purposes, such as accounting and tax purposes.
Rights of the data subject
The customer may object to the processing of data at any time. In addition, the customer has the following rights:
Right to be informed: The customer has the right to request access to their personal data stored with us at any time, free of charge, when we process them. This gives the customer the opportunity to check which personal data we process and that we use these in accordance with the applicable data protection regulations.
Right to rectification: The customer has the right to have incorrect or incomplete personal data corrected and to be informed about the correction.
Right to erasure: The customer has the right to have their personal data erased in certain circumstances. In individual cases, the right to erase may be excluded.
Right to restriction of processing: The customer has the right, under certain conditions, to request that the processing of their personal data be restricted.
Right to object: In principle, the customer has the right to withdraw consent at any time with effect for the future. Processing activities based on consent in the past are not rendered unlawful by the revocation.
Contact
If there are any questions about data protection on our website, if the customer would like information or would like to have their data deleted, we are happy to help. It is sufficient to send an e-mail to datenschutz@swiss-commerce.ch.
You can reach us by post/letter at the following address: