Data protection policy

2. Processing of Personal Data

2.1 Terms 

Personal data is all information that relate to a specific or identifiable person. An affected person is a person about whom personal data is processed. Processing includes all handling of personal data, regardless of the means used and procedures, in particular the storage, disclosure, procurement, collection, deletion, storage, modification, destruction and use of personal data. 

 

The European Economic Area (EEA) comprises the European Union (EU) as well as the Principality of Liechtenstein, Iceland and Norway. The General Data Protection Regulation (GDPR) describes the processing of personal data as processing of personal data.

 

​2.2 Legal Bases 

We process personal data in accordance with Swiss data protection law, in particular the Federal Act on Data Protection (FADP) and the Ordinance to the Federal Act on Data Protection. 

 

If and to the extent that the General Data Protection Regulation (GDPR) is applicable, we process personal data in accordance with at least one of the following legal bases:

 

• Art. 6 para. 1 lit. b GDPR for the necessary processing of personal data to fulfill a contract with the affected person and to carry out measures prior to entering into a contract.

• Art. 6 para. 1 lit. f GDPR for the necessary processing of personal data in order to safeguard the legitimate interests of us or of third parties, provided that the fundamental freedoms and rights and interests of the affected person do not outweigh the prior. Legitimate interests are, in particular, our interest in making our offer permanent, user-friendly, secure and reliable and being able to advertise it if necessary, information security and protection against misuse and unauthorized use, the enforcement of our own legal claims and the compliance with Swiss law.

• Art. 6 para. 1 lit. c GDPR for the processing of personal data required to fulfill a legal obligation to which we are subject in accordance with any applicable law of member states in the European Economic Area (EEA).

• Art. 6 para. 1 lit. e GDPR for the processing of personal data required to carry out a task that is in the public interest.

• Art. 6 para. 1 lit. a GDPR for the processing of personal data with the consent of the affected person.

• Art. 6 para. 1 lit. d GDPR for the necessary processing of personal data in order to protect the vital interests of the affected person or another natural person.

​

​2.2 Type, Scope and Purpose

We process the personal data that are required to provide our offer in a permanent, user-friendly, secure and reliable manner. Such personal data can fall into the categories of inventory and contact data, browser and device data, content data, meta or marginal data and usage data, location data, sales, contract and payment data.

 

We process personal data for the duration that is required for the respective purpose or purposes or that is required by law. Personal data that are no longer required to be processed are anonymized or deleted. Persons whose data we process have a right to deletion as a matter of principle.

 

In principle, we only process personal data with the consent of the affected person, unless the processing is permitted for other legal reasons, for example to fulfill a contract with the affected person and for corresponding measures prior to entering into a contract, in order to safeguard our predominant legitimate interests, because the processing is evident from the circumstances or after prior information.

 

In this context, we process information that an affected person voluntarily transmits to us when contacting us - for example by post, email, contact form, social media or telephone - or when registering for a user account. We can save such information, for example in an address book or with comparable resources. If you transmit personal data to us via third parties, you are obliged to guarantee data protection vis-à-vis such third parties and to ensure the accuracy of such personal data.

 

We also process personal data that we receive from third parties, obtain from publicly accessible sources or collect when making our offer available, if and to the extent that such processing is permissible for legal reasons.

 

​2.4. Processing of personal data by third parties, including abroad

We can have personal data processed by commissioned third parties or process personal data in collaboration with third parties or with the help of third parties or transmit them to third parties. Such third parties are in particular providers whose services we make use of. We also guarantee adequate data protection for such third parties.

 

Such third parties are generally located in Switzerland and in the European Economic Area (EEA). Such third parties can also be located in other states and territories on the Earth and elsewhere in the universe, provided that their data protection law guarantees adequate data protection according to the assessment of the Federal Data Protection and Information Commissioner and - if and insofar as the General Data Protection Regulation (GDPR) is applicable - according to the European Commission, or if, for other reasons, such as a corresponding contractual agreement, in particular on the basis of standard contractual clauses, or a corresponding certification, adequate data protection is guaranteed. As an exception, such a third party can be located in a country without adequate data protection, provided that the data protection requirements, such as the express consent of the person concerned, are met.

​

​

3. Rights of affected Persons

Affected persons, whose personal data we process, dispose of the rights under Swiss data protection law. This includes the right to information and the right to correct, delete or block the personal data processed.

 

Affected persons whose personal data we process can - if and insofar as the General Data Protection Regulation (GDPR) is applicable - request a free confirmation as to whether we are processing their personal data and, if so, request information about the processing of their personal data, have the processing of their personal data restricted, exercise their right to data transferability and have their personal data corrected, deleted (“right to be forgotten”), blocked or completed.

 

Affected persons whose personal data we process can - if and insofar as the GDPR is applicable - revoke their consent at any time with effect for the future and object at any time to the processing of their personal data.

 

Betroffene Personen, deren Personendaten wir bearbeiten, verfügen über ein Beschwerderecht bei einer zuständigen Aufsichtsbehörde. Aufsichtsbehörde für den Datenschutz in der Schweiz ist der Eidgenössische Datenschutz- und Öffentlichkeitsbeauftragte (EDÖB).

Affected persons, whose personal data we process, have a right of appeal to a competent supervisory authority. The supervisory authority for data protection in Switzerland is the Federal Data Protection and Information Commissioner.

​

​

4. Data Security

We take appropriate and suitable technical and organizational measures to ensure data protection and, in particular, data security. However, despite such measures, the processing of personal data on the Internet can always have security gaps. We cannot therefore guarantee absolute data security.

​

Our online offering is accessed using transport encryption (SSL / TLS, in particular with the Hypertext Transfer Protocol Secure, abbreviated HTTPS). Most browsers indicate transport encryption with a padlock in the address bar.

​

Access to our online offering is subject - as is generally the case with all Internet use - to mass surveillance without any suspicion and other surveillance by security authorities in Switzerland, the European Union (EU), the United States of America (USA) and others States. We cannot directly influence the processing of personal data by secret services, police stations and other security authorities.

​

​

5. Use of the Website

5.1 Cookies

We can use cookies for our website. Cookies - our own cookies (first-party cookies) and cookies from third parties whose services we use (third-party cookies) - are data that are stored in your browser. Such stored data need not be limited to traditional cookies in text form. Cookies cannot run programs or transmit malware such as Trojans and viruses.

 

When you visit our website, cookies can be temporarily stored in your browser as "session cookies" or for a certain period of time as so-called permanent cookies. "Session cookies" are automatically deleted when you close your browser. Permanent cookies have a certain storage period. In particular, they enable your browser to be recognized the next time you visit our website and thus, for example, to measure the reach of our website. However, permanent cookies can also be used for online marketing, for example.

 

You can deactivate and delete cookies in whole or in part at any time in your browser settings. Without cookies, our website may no longer be fully available. If and to the extent necessary, we actively request your expressed consent for the use of cookies.

 

In the case of cookies that are used to measure success and reach or for advertising, a general objection ("opt-out") is possible via the Network Advertising Initiative (NAI), YourAdChoices (Digital Advertising Alliance) or Your Online Choices (European Interactive Digital Advertising Alliance, EDAA).

​

5.2 Server Log Files

We can collect the following information for every access to our website, provided this is transmitted from your browser to our server infrastructure or can be determined by our web server: Date and time including time zone, Internet Protocol (IP) address, access status ( HTTP status code), operating system including user interface and version, browser including language and version, accessed individual sub-pages of our website including transferred data volume, last website accessed in the same browser window (referrer).

 

We save such information, which can also represent personal data, in server log files. The information is required in order to make our online offer permanent, user-friendly and reliable and to ensure data security and, in particular, the protection of personal data - also by third parties or with the help of third parties.

​

5.3 Tracking pixels

We can use tracking pixels on our website. Tracking pixels are also known as web beacons. Tracking pixels - also from third parties whose services we use - are small, usually invisible images that are automatically retrieved when you visit our website. With tracking pixels, the same information can be recorded as in server log files.

​

​

6. Social Media

We are present on social media platforms and other online platforms in order to be able to communicate with interested people and to inform them about our offer. Personal data can also be processed outside of Switzerland and the European Economic Area (EEA).

 

The general terms and conditions and terms of use as well as data protection declarations and other provisions of the individual operators of such online platforms also apply. These provisions inform in particular about the rights of data subjects, including in particular the right to information.

​

​

7. Measurement of Success and Reach

Google Analytics

We use Google Analytics to analyze how our website is used, whereby we can also measure, for example, the reach of our website and the success of third-party links to our website. This is a service of the American Google LLC. Google Ireland Limited is responsible for users in the European Economic Area (EEA) and Switzerland.

 

Google also tries to record individual visitors to our website when they use different browsers or devices (cross-device tracking). Cookies are also used for this. Your Internet Protocol (IP) address is required for Google Analytics, but it is not merged with other Google data.

 

In any case, your Internet Protocol (IP) address will be anonymized by Google before analysis. As a result, your full IP address is generally not transmitted to Google in the USA.

 

Further information on the type, scope and purpose of data processing can be found in the principles for data protection and security and in the privacy declaration from Google, in the guidelines for data protection in Google products (including Google Analytics), in the information on how Google data from websites used on which Google services are used and in the information about cookies at Google. There is also the option of using the “browser add-on to deactivate Google Analytics” and objecting to personalized advertising.

​

​

8. Third Party Services

We use services from third parties in order to be able to provide our offer in a permanent, user-friendly, secure and reliable manner. Such services are also used to embed content in our website. Such services - for example hosting and storage services, video services and payment services - require your Internet Protocol (IP) address, since such services cannot otherwise transmit the corresponding content. Such services can be located outside Switzerland and the European Economic Area (EEA), provided that adequate data protection is guaranteed.

 

For their own security-relevant, statistical and technical purposes, third parties whose services we use can also process data in connection with our offer and from other sources - including cookies, log files and tracking pixels - aggregated, anonymized or pseudonymized.

​

8.1 Digital Infrastructure

We use services from third parties in order to be able to use the digital infrastructure required for our offer. These include, for example, hosting and storage services from specialized providers. $

In particular, we use:

​

Wix.com: Website Builder and Other Infrastructure; Provider: Wix.com (USA) / Ltd. Wix.com Inc. (USA) / Wix.com Ltd. (Israel) / Wix.com Luxembourg S.a.r.l. (Luxembourg); Information on data protection: Privacy policy , help center “Data protection” including “cookies”.

​

8.2 Audo- and Video-Conferences

We use audio and video conferencing services to be able to communicate with our customers and other people. We can use it to conduct audio and video conferences, virtual meetings, and training courses such as webinars, for example. In addition to this data protection declaration, any conditions of the services used such as conditions of use or data protection declarations also apply.

 

Wir verwenden insbesondere Zoom, einen Dienst der amerikanischen Zoom Video Communi- cations Inc. Die Rechte gemäss der europäischen Datenschutz-Grundverordnung (DSGVO) ge- währt Zoom auch gegenüber Nutzerinnen und Nutzern in der Schweiz. Weitere Angaben über Art, Umfang und Zweck der Datenbearbeitung finden sich in den Datenschutzrichtlinien sowie auf der Seite «Rechtliche Bestimmungen und Datenschutz» jeweils von Zoom.

In particular, we use Zoom, a service provided by the American Zoom Video Communications Inc. The rights under the European General Data Protection Regulation (GDPR) are also granted to users in Switzerland by Zoom. Further information on the type, scope and purpose of data processing can be found in the privacy statement and on the “Legal & Privacy” page from Zoom.

​

8.2 Social Media Functions and Social Media Content

For our website, we use the option of embedding functions and contents of LinkedIn with the help of plugins. For example, we can enable you to use the «Share» To use the LinkedIn function on our website. Cookies are also used here. For more information, see the LinkedIn plugins page.

 

The plugins are a service of LinkedIn Ireland Unlimited Company in Ireland or the American LinkedIn Corporation. If you are logged into LinkedIn as a user, LinkedIn can assign the use of our online offer to your profile. Further information on the type, scope and purpose of data processing can be found in the data protection guideline, in the cookie guideline and on the data protection portal of LinkedIn. It is also possible to object to personalized advertising.

​

​

9. Final Provisions

We can adapt and supplement this data protection declaration at any time. We will inform you about such adjustments and additions in a suitable form, in particular by publishing the current data protection declaration on our website.

​

​