This Data Protection Declaration tells you about how we collect and use personal data when you use our Internet pages.The abbreviation GDPR stands for the EU General Data Protection Regulation and applies to persons in the EU who visit our website (referred to in the following as “persons from the EU”). The abbreviation DAP stands for the Swiss Federal Data Protection Act and applies to persons in Switzerland who visit our website (referred to in the following as “persons from Switzerland”).
The following party is responsible in the sense of the data protection legislation and other data protection regulations of a regulatory nature:
Phone: +41 31 534 07 06
Right of access to information
According to article 8 DPA and article 15 GDPR you have the right to demand confirmation from us about whether or not we collect and process personal data about you. If this is the case, you are entitled to information about this personal data and to further information as stated in article 8 DPA and article 15 GDPR.
Right to rectification
According to article 5 DPA and article 16 GDPR, you have the right to demand of us that any personal data we hold about you that is incorrect should be immediately rectified. Taking into account the purpose of data collection and processing, you further also have the right to demand that any incomplete personal data is completed – including by means of a supplementary declaration.
Right of erasure
Persons from the EU have the right to demand of us that we immediately delete personal data about you. We are obliged to immediately delete personal data if the corresponding requirements set out in article 17 GDPR are met. We refer to article 17 GDPR for more details. In the cases set out by law, persons from Switzerland also have the right to demand the deletion of data, for example if data is no longer required or necessary, or if the consent to process said data has been withdrawn.
Disclosure of data to third parties
We will never disclose personal data that has been shared with us to third parties, particularly not for advertising purposes.
However, we do work with third parties as part of running these Internet pages and as part of our efforts to provide products and services. It is possible that these parties could gain knowledge of personal data in the process. We choose our service providers with great care – particularly with regard to data protection and data security – and put in place all measures required for reliable data processing in line with applicable data protection regulations.
Data processing in Switzerland / in the EU
We always process data in Switzerland (data transmission on conclusion of a contract, server log files, contact forms, registration, cookies). The EU has set out definitions for adequate protection of personal data in Switzerland in Commission Decision 2000/518/EC. By contrast, some of our service providers whose plugins and tools we use process data outside the EU in some cases. This is disclosed as part of this Data Protection Declaration during the relevant explanations of the plugins/tools that are used. The appropriate level of data protection is ensured as part of the participation in the so-called “Privacy Shield” and in the data protection and data security measures put in place by the service provider.
Right to restriction of processing
In accordance with article 18 GDPR, provided certain requirements are met persons from the EU have the right to demand from us that the way in which your personal data is processed is restricted.
Right to data portability
According to article 20 GDPR you have the right to receive a copy of your personal data that you have made available to us in a structured, standard and machine-readable format, and you have the right to transmit this data to another responsible party without obstruction or hindrance by us, provided the processing is based on consent granted in accordance with article 6 paragraph 1 a) GDPR or article 9 paragraph 2 a) GDPR, or on a contract in accordance with article 6 paragraph 1 b) GDPR, and the processing is performed by automated means.
Right of objection
According to article 21 GDPR, you have the right to object against any processing of your personal data that takes place on the basis of article 6 paragraph 1 letter e or f GDPR; this also applies to profiling based on these regulations.
In cases where we process your personal data for the purpose of direct marketing, you have at all times the right to object against the processing of your personal data for the purpose of such marketing; this also applies to profiling to the extent that it is linked to such direct marketing.
If you wish to exercise any of your due rights, please contact us as the responsible party using the contact data stated above, or use one of the other methods of communication we offer to send us this notification. If you have any questions about this, please get in touch with us.
Right of appeal to the regulatory authority
In accordance with article 77 GDPR, persons from the EU have the right to appeal to the regulatory authority, regardless of any other regulatory or judicial legal remedies. This right applies in particular in the member state of your place of residence, your workplace or the location of the supposed infringement if you believe that the processing of the personal data relating to you is in breach of the rulings set out in GDPR. Persons from Switzerland have recourse to the judicial remedies set out in articles 15 / 25 / 27 / 29 DPA.
Server log files
When you access our website, the company appointed by us to run the website will save, in additional to technical information about the terminal device you are using (operating system, screen resolution and other, non-personal characteristics) and the browser (version, language settings), in particular also the public IP address of the computer you use to access our site, along with the date and time of access. The IP address is a unique numerical address under which your terminal device sends or calls up information on the Internet. We and our service provider do not generally know who is behind an IP address, unless you share data when using our website that enables us to identify you. In addition, a user can be identified if legal proceedings are initiated against said user (e.g. in the event of attacks on our website) and we gain knowledge about his/her identity as part of the investigation procedure. In normal use you therefore do not need to worry that we might be able to link your IP address to you.
Our service provider uses the processed data for statistical, non-personal purposes to enable us to analyze which terminal devices are used with which settings during visits to our website, so that we can optimize the website settings if necessary. These statistics do not contain any personal data. The legal basis for the creation of statistics is article 6, paragraph 1 f) GDPR.
The IP address is further used to enable you to technically access and use our website, as well as to detect and protect against attacks on our service provider or our website. Unfortunately, the Internet sees frequent attacks designed to harm website operators or their customers (e.g. to prevent access, spy on data, distribute malware (e.g. viruses) or for other illegitimate purposes). Such attacks would impair the proper functioning of the computer centre of the company appointed by us, prevent proper use of the website and jeopardize the security of visitors to our website. We collect and process the IP address details and the access time to protect against such attacks. Via our service provider, we use this processing of data to safeguard our justified interests, to ensure that our website works correctly and to protect ourselves against illegal attacks against us and the visitors of our website. The legal basis for this type of data processing is article 6, paragraph 1 f) GDPR.
The saved IP data is deleted (through anonymization) once it is no longer required for the detection of or defense against an attack.
A cookie is a small text file that is saved on your terminal device by your browser when you access our website. If you access our website again at a later time, we can read these cookies again. Cookies are saved for different lengths of time. You can at all times change the settings in your browser to choose which cookies should be accepted, but changes to these settings can cause our website to no longer work properly for you. You can also delete cookies yourself at any time. If you do not do this, we can state when a cookie is saved how long it is to be saved on your computer. A distinction needs to be made here between so-called session cookies and permanent cookies. Session cookies are deleted by your browser when you leave our website or when you exit the browser. Permanent cookies are saved for the length of time stated by us during saving.
Most browsers that are used by our users allow them to select which cookies should be saved and enable them to delete (certain) cookies again. If you restrict the saving of cookies to certain websites or do not allow any cookies from third-party web page providers to be saved, this can, in some cases, prevent you from being able to make full use of all the functions that are otherwise available on our website.
If you use one of the available contact forms to send us a message, we will use the data you share with us to process your request. The legal basis for this is our justified interest in responding to your request in accordance with article 6, paragraph 1 f) GDPR. If your request serves the conclusion of a contract with us, then a further legal basis for processing this data is given in article 6, paragraph 1 b) GDPR. The data will be deleted once your query has been dealt with. In case we are required by law to store the data for a longer period than this, it will be deleted once the corresponding period has passed.
Job applications (including via e-mail)
We are delighted that you are interested in working for us and that you would like to apply for a job in our company or have already done so. In the following, we would like to inform you how we will use your personal data in connection with your application. We will collect and process the data you provide to us in connection with your application in order to examine your suitability for the job (or any other vacant positions in our company, if applicable) and to carry out the application process.
The legal basis for the processing of your personal data is the pursuit of legitimate interests in accordance with article 6, paragraph 1, letter f) GDPR. Our interests exist in the performance of the application process and, where applicable, in the assertion of or defense against claims. Data from applicants will be deleted within a period of 12 months if the application is unsuccessful.
If you are offered a job as a result of the application process, the data will be transferred from the applicant database to our HR information system.
Within the company, access to your data will always be restricted to only people who need to access the data to complete our proper application process.