Responsible body within the meaning of data protection laws, in particular the EU General Data Protection Regulation (GDPR), is:
Based on Article 13 of the Swiss Federal Constitution and the data protection provisions of the federal government (Data Protection Act, DSG), every person has the right to the protection of their privacy and protection against misuse of their personal data. The operators of this website take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this data protection declaration.
In cooperation with our hosting providers, we strive to protect the databases as well as possible from unauthorized access, loss, misuse or falsification.
We point out that data transmission over the Internet (e.g. when communicating by e-mail) can have security gaps. A complete protection of the data against access by third parties is not possible.
By using this website you consent to the collection, processing and use of data as described below. This website can generally be visited without registration. Data such as pages accessed or the name of the file accessed, date and time are stored on the server for statistical purposes without this data being directly related to your person. Personal data, in particular name, address or email address, are collected on a voluntary basis as far as possible. The data will not be passed on to third parties without your consent.
Processing of personal data
Personal data is all information that relates to a specific or identifiable person. A data subject is a person about whom personal data is processed. Processing includes all handling of personal data, regardless of the means and procedures used, in particular the storage, disclosure, procurement, deletion, storage, modification, destruction and use of personal data.
We process personal data in accordance with Swiss data protection law. In addition, we process - to the extent and insofar as the EU GDPR is applicable - personal data in accordance with the following legal bases in connection with Art. 6 Para. 1 GDPR:
lit. a) Processing of personal data with the consent of the data subject.
lit. b) Processing of personal data to fulfill a contract with the data subject and to carry out corresponding pre-contractual measures.
lit. c) Processing of personal data to fulfill a legal obligation to which we are subject in accordance with any applicable EU law or in accordance with any applicable law of a country in which the GDPR is fully or partially applicable.
lit. d) Processing of personal data in order to protect the vital interests of the data subject or another natural person.
lit. f) Processing of personal data in order to safeguard the legitimate interests of us or of third parties, provided that the fundamental freedoms and rights and interests of the person concerned do not prevail. Legitimate interests are in particular our business interests in being able to provide our website, information security, the enforcement of our own legal claims and compliance with Swiss law.
We process personal data for the duration that is necessary for the respective purpose or purposes. In the case of longer storage obligations due to legal and other obligations to which we are subject, we limit the processing accordingly.
Data protection declaration for SSL / TLS encryption
This website uses SSL / TLS encryption for security reasons and to protect the transmission of confidential content, such as the inquiries that you send to us as the website operator. You can recognize an encrypted connection by the fact that the address line of the browser changes from "http: //" to "https: //" and by the lock symbol in your browser line. If SSL or TLS encryption is activated, the data that you transmit to us cannot be read by third parties.
Data protection declaration for the use of Google Web Fonts
This website uses so-called web fonts, which are provided by Google, for the uniform display of fonts. When you call up a page, your browser loads the required web fonts into your browser cache in order to display texts and fonts correctly. If your browser does not support web fonts, a standard font will be used by your computer. Further information about Google Web Fonts can be found at https://developers.google.com/fonts/faq and in Google's data protection declaration: https://www.google.com/policies/privacy/.
External payment service providers
This website uses external payment service providers, through whose platforms the user and we can carry out payment transactions. For example through
Six Payment Services (https://www.six-payment-services.com/de/services/legal/privacy-statement.html)
American Express (https://www.americanexpress.com/de/legal/online-datenschutzerklarung.html)
Bexio AG (https://www.bexio.com/de-CH/datenschutz)
Payrexx AG (https://www.payrexx.ch/site/assets/files/2592/datenschutzerklaerung.pdf)
Apple Pay (https://support.apple.com/de-ch/ht203027)
Giropay (https://www.giropay.de/rechtliches/datenschutzerklaerung) etc.
As part of the fulfillment of contracts, we use the payment service providers on the basis of the Swiss Data Protection Regulation and, if necessary, Article 6 (1) lit. b. EU GDPR. In addition, we use external payment service providers on the basis of our legitimate interests in accordance with the Swiss Data Protection Regulation and, if necessary, in accordance with Article 6 (1) (f) of the EU GDPR, in order to offer our users effective and secure payment options.
The data processed by the payment service provider includes inventory data, such as the name and address, bank data such as account numbers or credit card numbers, passwords, TANs and checksums as well as contract, sums and recipient-related information. The information is required to carry out the transactions. However, the data entered will only be processed and stored by the payment service providers. As the operator, we do not receive any information about your (bank) account or credit card, only information to confirm (accept) or reject the payment. Under certain circumstances, the data will be transmitted to credit agencies by the payment service provider. The purpose of this transmission is to check your identity and creditworthiness. For this we refer to the terms and conditions and data protection information of the payment service providers.
For payment transactions, the terms and conditions and the data protection information of the respective payment service provider apply, which can be accessed on the respective website or transaction applications. We refer to these for the purpose of further information and assertion of rights of revocation, information and other data subjects.
Audio and video conferences
We use audio and video conferencing services to communicate with our users and other people. In particular, we can use it to conduct audio and video conferences, virtual meetings and training courses such as webinars.
We only use services that guarantee adequate data protection. In addition to this data protection declaration, any conditions of the services used, such as conditions of use or data protection declarations, also apply.
In particular, we use Zoom, a service provided by the American Zoom Video Communications Inc. The rights under the European General Data Protection Regulation (GDPR) are also granted to users in Switzerland by Zoom. Further information on the type, scope and purpose of data processing can be found in the data protection guidelines and on the “Legal provisions and data protection” page from Zoom.
Order processing in the online shop with customer account
We process the data of our customers in accordance with the data protection regulations of the federal government (Data Protection Act, DSG) and the EU-DSGVO, as part of the order processes in our online shop, to enable them to select and order the selected products and services, as well as their payment and delivery , or to enable execution.
The processed data includes master data (inventory data), communication data, contract data, payment data and the persons affected by the processing include our customers, interested parties and other business partners. The processing takes place for the purpose of providing contractual services in the context of the operation of an online shop, billing, delivery and customer services. We use session cookies, e.g. for storing the contents of the shopping cart, and permanent cookies, e.g. for storing the login status.
The processing takes place on the basis of article 6, paragraph 1, letter b (execution of order processes) and c (legally required archiving) GDPR. The information marked as necessary is required for the establishment and fulfillment of the contract. We only disclose the data to third parties within the framework of delivery, payment or within the framework of legal permits and obligations. The data will only be processed in third countries if this is necessary for the fulfillment of the contract (e.g. at the customer's request for delivery or payment).
Users can optionally create a user account in which they can see their orders in particular. As part of the registration, the required mandatory information is communicated to the users. The user accounts are not public and cannot be indexed by search engines, e.g. Google. If users have terminated their user account, their data will be deleted with regard to the user account, subject to their retention is necessary for commercial or tax reasons in accordance with Art. 6 Paragraph 1 lit. c GDPR. Information in the customer account remains until it is deleted and then archived in the event of a legal obligation. It is up to the users to save their data in the event of termination before the end of the contract.
As part of the registration and renewed logins as well as the use of our online services, we save the IP address and the time of the respective user action. The storage takes place on the basis of our legitimate interests, as well as the users in protection against misuse and other unauthorized use. This data is generally not passed on to third parties unless it is necessary to pursue our claims or there is a legal obligation to do so in accordance with Article 6 (1) (c) GDPR.
The deletion takes place after the expiry of legal warranty and comparable obligations, the need to store the data is checked at irregular intervals. In the case of the statutory archiving obligations, the deletion takes place after their expiry.
We process the data of our contractual partners and interested parties as well as other clients, customers, clients, clients or contractual partners (uniformly referred to as "contractual partners") in accordance with the data protection regulations of the federal government (data protection act, DSG) and the EU-DSGVO according to Art. 6 Abs. 1 lit. b. GDPR in order to provide you with our contractual or pre-contractual services. The data processed here, the type, scope and purpose and the necessity of their processing are determined by the underlying contractual relationship.
The processed data includes the master data of our contractual partners (e.g. names and addresses), contact details (e.g. email addresses and telephone numbers) as well as contract data (e.g. services used, contract content, contractual communication, names of contact persons) and payment data (e.g. bank details, payment history ).
As a matter of principle, we do not process special categories of personal data, unless these are components of a commissioned or contractual processing.
We process data that are necessary for the establishment and fulfillment of the contractual services and point out the necessity of their disclosure, if this is not evident for the contractual partner. Disclosure to external persons or companies only takes place if it is required within the framework of a contract. When processing the data provided to us as part of an order, we act in accordance with the instructions of the client and the legal requirements.
When using our online services, we can save the IP address and the time of the respective user action. The storage takes place on the basis of our legitimate interests, as well as the interests of the users in protection against misuse and other unauthorized use. A transfer of this data to third parties does not take place, unless it is to pursue our claims acc. Art. 6 para. 1 lit. f. GDPR required or there is a legal obligation to do so in accordance with. Art. 6 para. 1 lit. c. GDPR.
The data will be deleted when the data is no longer required to fulfill contractual or statutory duties of care or to deal with any warranty or comparable obligations, whereby the need to store the data is checked at irregular intervals. In addition, the statutory retention requirements apply.
Note on data transfer to the USA
Our website includes tools from companies based in the USA. When these tools are active, your personal data can be passed on to the US servers of the respective companies. We would like to point out that the USA is not a safe third country within the meaning of EU data protection law. US companies are obliged to disclose personal data to security authorities without you as the person concerned being able to take legal action against this. It cannot therefore be ruled out that US authorities (e.g. secret services) will process, evaluate and permanently store your data on US servers for monitoring purposes. We have no influence on these processing activities.
We can adapt this data protection declaration at any time without prior notice. The current version published on our website applies. If the data protection declaration is part of an agreement with you, we will inform you of the change in the event of an update by e-mail or in another suitable manner.
Questions to the data protection officer
If you have any questions about data protection, please write us an email or contact the person responsible for data protection in our organization listed at the beginning of the privacy statement.
Berlingen, January 1st, 2021