Our online offer is governed by Swiss data protection law as well as possibly applicable foreign data protection law, in particular that of the European Union (EU) with the General Data Protection Regulation (GDPR). The EU acknowledges that Swiss data protection law guarantees adequate data protection.
1. Contact addresses
Responsible for the online offer:
Unter Tannen 6
2. Processing of personal data
Personal data are all data that refer to an identified or identifiable person. An affected person is a person about whom personal data is processed. Processing includes any handling of personal data, independently of the means and procedures used, in particular the storage, disclosure, acquisition, collection, erasure, saving, modification, destruction and use of personal data.
2.2 Legal bases
Insofar as the General Data Protection Regulation (GDPR) is applicable, we process personal data in accordance with at least one of the following legal bases:
- Article 6 paragraph 1 letter b GDPR
- Article 6 paragraph 1 letter f GDPR
- Article 6 paragraph 1 letter c GDPR
- Article 6 paragraph 1 letter e GPDR
- Article 6 paragraph 1 letter a GDPR
- Article 6 paragraph 1 letter d GPDR
2.3 Type, scope and purpose
We process the personal data that is required in order to provide our online services in a permanent, user-friendly, secure and reliable way. Such personal data may fall into the categories of inventory and contact data, content data, meta or marginal data as well as usage data, location data, contract data and payment data.
We process personal data during the period which is necessary for the respective purpose or purposes or as required by law. Personal data whose processing is no longer necessary will be anonymized or deleted.
We process personal data basically only with the consent of the person concerned, unless the processing is permitted for other legal reasons, for example to fulfil a contract with the person concerned and for corresponding pre-contractual measures to protect our overriding legitimate interests, because the processing is apparent from the circumstances or after prior information.
In this context, we particularly process information that a person concerned transmits to us voluntarily and personally when making contact, for example by letter post, e-mail, contact form, social media or telephone or when registering for a user account. We may, for example, store such information in an address book or with comparable tools. If you transmit personal data to us via third parties, you are obliged to guarantee data protection against such third parties and to ensure the accuracy of such personal data.
We also process personal data that we receive from third parties, obtain from publicly accessible sources or collect when providing our online services, if and to the extent such processing is permitted by law.
2.4 Processing of personal data by third parties, including abroad
We may process personal data jointly with third parties as well as with the help of third parties and transfer them to third parties. Such third parties are in particular providers whose services we make use of. We also ensure adequate data protection for such third parties.
Such third parties are principally located in Switzerland and the European Economic Area (EEA), including the European Union (EU) and the Principality of Liechtenstein. However, such third parties may also be located in other countries, provided that their data protection laws guarantee adequate data protection in accordance with the assessment of the Federal Data Protection and Information Commissioner (FDPIC) and – if and to the extent that the General Data Protection Regulation (GDPR) is applicable – in accordance with the assessment of the European Commission – or if adequate data protection is guaranteed for other reasons, such as an appropriate contractual agreement, in particular on the basis of standard contractual clauses, or through appropriate certification.For third parties in the United States of America (USA), certification in accordance with the Privacy Shield can guarantee adequate data protection. Exceptionally, such a third party may be located in a country without adequate data protection, provided that the data protection requirements, such as the explicit consent of the person concerned, are met.
3. Rights of affected persons
Affected persons whose personal data we process have the rights according to Swiss data protection law. This includes the right of information as well as the right of correction, deletion or blocking of the processed personal data.
Affected persons whose personal data we process may – insofar as and to the extent that the General Data Protection Regulation (GDPR) is applicable – obtain confirmation free of charge as to whether we process their personal data and, if so, request information on the processing of their personal data, restrict the processing of their personal data, exercise their right to data transfer and correct, delete (“right to be forgotten”), block or complete their personal data.
Affected persons whose personal data we process may – insofar as and to the extent that the General Data Protection Regulation (GDPR) is applicable – revoke their consent at any time with effect for the future and object to the processing of their personal data at any time.
Affected persons whose personal data we process have the right to appeal to a competent supervisory authority. The supervisory authority for data protection in Switzerland is the Federal Data Protection and Information Commissioner (FDPIC).
4. Data security
We take appropriate technical and organisational measures to ensure data protection and, in particular, data security. However, despite such measures, the processing of personal data on the internet can always be vulnerable to security gaps. We cannot therefore guarantee absolute data security.
Access to our online services is via transport encryption (SSL / TLS with HTTPS).
The access to our online service is governed – as principally every internet use – by the uninitiated and suspicious mass surveillance as well as other surveillance by security authorities in Switzerland, in the European Union (EU), in the United States of America (USA) and in other states. We cannot directly influence the appropriate processing of personal data by intelligence services, police forces and other security authorities.
5. Use of the website
When you visit our website, cookies can be stored temporarily in your browser as “session cookies” or for a certain period of time as so-called permanent cookies. “Session cookies” are automatically deleted when you close your browser. In particular, permanent cookies make it possible to recognise your browser the next time you visit our website and thus measure, for example, the range of our website. However, permanent cookies can also be used for online marketing, for example.
In the case of cookies that are used to measure success and reach or for advertising, a general opt-out is possible for numerous services via the Network Advertising Initiative (NAI), YourAdChoices (Digital Advertising Alliance) or Your Online Choices (European Interactive Digital Advertising Alliance, EDAA).
5.2 Server log files
We may collect the following information for each access to our website, provided that it is transmitted from your browser to our server infrastructure or can be determined by our web server: Date and time including time zone, Internet Protocol (IP) address, access status (HTTP status code), operating system including user interface and version, browser including language and version, pages viewed on our website including amount of data transferred, last page viewed in the same browser window (referrer).
We store such information, which can also represent personal data, in server log files. This information is required in order to provide our online services in a permanent, user-friendly and reliable manner and to ensure data security and thus in particular the protection of personal data – also by third parties or with the help of third parties.
5.3 Tracking pixel
We may use tracking pixels on our website. Tracking pixels are also referred to as web beacons. Tracking pixels – also from third parties whose services we use – are small images that are retrieved when you visit our website. Tracking pixels allow the same information to be collected as in server log files.
6. Notifications and messages
We may send notices and communications such as newsletters by e-mail and through other communication channels such as instant messaging.
6.1 Success and audience measurement
Notifications and messages can include web links or tracking pixels that record whether a single message has been opened and which web links have been clicked (performance measurement). Such web links and tracking pixels may also record the use of notifications and messages on a personal basis. We require this tracking of usage, including success and audience measurement, in order to provide effective, user-friendly, permanent, secure, and reliable notifications and communications based on the needs and reading habits of users.
6.2 Consent and objection
You must basically expressly consent to the use of your email address and other contact addresses, unless otherwise permitted by law. We use “double opt-in” for any consent to receive e-mails, i.e. you receive an e-mail with a web link which you must click to confirm so that no misuse by unauthorised third parties can take place. We may log such consents including Internet Protocol (IP) address and date and time for evidence and security reasons.
You can basically unsubscribe from notifications and communications such as newsletters at any time. We reserve the right to send notifications and messages that are absolutely necessary for our online services. By unsubscribing, you can in particular object to the statistical recording of usage, among other things for measuring success and reach.
7. Social media
We are present on social media platforms and other online platforms in order to communicate with interested people and to inform them about our online services. The General Terms and Conditions, data privacy policies and other terms and conditions of the individual providers of such online platforms apply as well.
8. Third party services
We may use third party services to provide our online services in a permanent, user-friendly, secure and reliable manner. Such services may also be used to embed content into our online offering. Such services – for example, hosting and storage services, video services, and payment services – require your Internet Protocol (IP) address, otherwise such services will not be able to transmit the relevant content. Such services may be located outside Switzerland and the European Economic Area (EEA), including the European Union (EU) and the Principality of Liechtenstein, insofar as adequate data protection is ensured.
For their own security-related, statistical and technical purposes, third parties, whose services we use, may also process data in connection with our online services and from other sources aggregated, anonymised or pseudonymised – including cookies, log files and tracking pixels. Such data will not be used to directly reach persons in connection with our online services.
We use payment service providers to process our customers’ payments securely and reliably. We only use payment service providers that provide adequate data protection. The processing is subject to the terms of the respective payment service provider, such as general terms and conditions or data privacy policies.
8.3 Success and audience measurement
We use the free open source software Matomo (formerly Piwik) on our own server infrastructure to measure the reach of our online offering. Cookies are also used. Your Internet Protocol (IP) address is anonymized before analysis.
9. extensions for the website
10. Final provisions