The responsible body within the meaning of the data protection laws, in particular the EU Data Protection Basic Regulation (DSGVO):
Portrait Photography: Boris Baldinger, www.boris-baldinger.com
Web Design: iCON10T
In cooperation with our hosting providers, we make every effort to protect the databases as well as possible against unauthorized access, loss, misuse or forgery.
We would like to point out that data transmission on the Internet (e.g. communication by e-mail) can have security gaps. A complete protection of data against access by third parties is not possible.
By using this website, you agree to the collection, processing and use of data in accordance with the following description. This website can be visited without registration. Data such as pages called up or the name of the file called up, date and time are stored on the server for statistical purposes without these data being directly related to your person. Personal data, in particular name, address or e-mail address are collected on a voluntary basis as far as possible. The data will not be passed on to third parties without your consent.
Processing of personal data
Personal data is all information that relates to an identified or identifiable person. A data subject is a person about whom personal data is processed. Processing includes any handling of personal data, irrespective of the means and procedures applied, in particular the retention, disclosure, acquisition, deletion, storage, modification, destruction and use of personal data.
We process personal data in accordance with Swiss data protection law. In other respects, we process personal data – insofar and to the extent that the EU DSGVO is applicable – in accordance with the following legal principles in connection with Art. 6 Para. 1 DSGVO:
lit. a) Processing of personal data with the consent of the person concerned.
lit. b) Processing of personal data for the purpose of fulfilling a contract with the data subject and for the implementation of appropriate pre-contractual measures.
lit. c) Processing of personal data for the fulfilment of a legal obligation to which we are subject under any applicable law of the EU or under the applicable law of any country in which the DPA is applicable in whole or in part.
lit. d) Processing of personal data to protect the vital interests of the data subject or of another natural person.
lit. f) Processing of personal data for the purpose of safeguarding the legitimate interests of us or of third parties, except where such interests are overridden by fundamental freedoms and rights or by the interests of the data subject. Legitimate interests include in particular our commercial interest in being able to provide our website, information security, the enforcement of our own legal claims and compliance with Swiss law.
We process personal data for the duration necessary for the purpose or purposes in question. In the case of longer-term storage obligations due to legal and other obligations to which we are subject, we restrict processing accordingly.
This website uses SSL/TLS encryption for security reasons and to protect the transmission of confidential content, such as requests that you send to us as the site operator. You can recognise an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line.
If the SSL or TLS encryption is activated, the data that you transmit to us cannot be read by third parties.
The provider of this website automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:
Browser type and browser version
Operating system used
Host name of the accessing computer
Time of the server request
These data cannot be assigned to specific persons. A consolidation of this data with other data sources is not carried out. We reserve the right to subsequently check this data if we become aware of concrete indications of illegal use.
Services from third parties
This website may use Google Maps for embedding maps, Google Invisible reCAPTCHA for protection against bots and spam and YouTube for embedding videos.
Google is committed to ensuring an appropriate level of data protection in accordance with the American-European and the American-Swiss Privacy Shield.
If you send us enquiries via the contact form, your details from the enquiry form, including the contact data you provide there, will be stored by us for the purpose of processing the enquiry and in the event of follow-up questions. We will not pass on this data without your consent.
If you would like to receive the newsletter offered on this website, we need an e-mail address from you as well as information that allows us to verify that you are the owner of the e-mail address provided and that you agree to receive the newsletter. Further data will not be collected. We use these data exclusively for sending the requested information and do not pass them on to third parties.
You can revoke your consent to the storage of the data, the e-mail address and its use for sending the newsletter at any time, for example by clicking on the “unsubscribe” link in the newsletter.
For the comment function on this website, in addition to your comment, information on the time of the creation of the comment, your e-mail address and, if you are not anonymous, the user name you have chosen are stored.
Storage of the IP address
Our comment function stores the IP addresses of users who post comments. Since we do not check comments on our site before they are activated, we need this data in order to be able to take action against the author in the event of legal violations such as insults or propaganda.
Subscribe to comments
As a user of the site, you can subscribe to comments after logging in. You will receive a confirmation email to check if you are the owner of the email address you entered. You can unsubscribe at any time via a link in the info mails.
You have the right to receive information free of charge at any time about your stored personal data, its origin and recipients and the purpose of data processing, as well as the right to correct, block or delete this data. For this purpose, as well as for further questions regarding personal data, you can contact us at any time at the address given in the imprint.
The use of contact data published within the scope of the imprint obligation for the transmission of not expressly requested advertising and information material is hereby contradicted. The operators of the website expressly reserve the right to take legal action in the event of unsolicited sending of advertising information, such as spam e-mails.
Services subject to charges
In order to provide services that are subject to a charge, we will ask you for additional data, such as payment details, so that we can execute your order. We store this data in our systems until the legal retention periods have expired.
This WebSite uses features from Facebook Inc, 1601 S. California Ave, Palo Alto, CA 94304, USA . When you access our pages with Facebook plug-ins, a connection is established between your browser and the Facebook servers. Data is already being transferred to Facebook in the process. If you have a Facebook account, this data can be linked to it. If you do not want this data to be linked to your Facebook account, please log out of Facebook before visiting our site. Interactions, especially the use of a comment function or clicking a “Like” or “Share” button are also transferred to Facebook. You can learn more at https://de-de.facebook.com/about/privacy.
Functions of the service Instagram are integrated on our pages. These functions are offered by Instagram Inc, 1601 Willow Road, Menlo Park, CA, 94025, USA integrated. If you are logged in to your Instagram account, you can link the content of our pages to your Instagram profile by clicking the Instagram button. This allows Instagram to associate your visit to our sites with your account. We would like to point out that we, as the provider of the pages, have no knowledge of the content of the transmitted data or its use by Instagram.
This website uses functions of the LinkedIn network. Provider is the LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA. Each time you access one of our pages that contains LinkedIn features, a connection to LinkedIn’s servers is established. LinkedIn is notified that you have visited our sites using your IP address. When you click on LinkedIn’s “Recommend” button and are logged into your LinkedIn account, LinkedIn is able to track your visit to our site to you and your account. We would like to point out that we, as the provider of these pages, have no knowledge of the content of the transmitted data or its use by LinkedIn.
External payment service providers
This website uses external payment service providers, through whose platforms the users and we can carry out payment transactions. For example via
American Express (https://www.americanexpress.com/de/content/privacy-policy-statement.html)
Bexio AG (https://www.bexio.com/de-CH/datenschutz)
Payrexx AG (https://www.payrexx.ch/site/assets/files/2592/datenschutzerklaerung.pdf)
Apple Pay (https://support.apple.com/de-ch/ht203027)
Giropay (https://www.giropay.de/rechtliches/datenschutz-agb/) etc.
Within the framework of the performance of contracts, we appoint payment service providers on the basis of the Swiss Data Protection Ordinance and, where necessary, Art. 6 para. 1 lit. b. EU-DSGVO. Furthermore, we use external payment service providers on the basis of our legitimate interests in accordance with the Swiss Data Protection Ordinance and, where necessary, Art. 6 para. 1 lit. f. EU-DSGVO in order to offer our users an effective and secure payment option.
The data processed by the payment service providers include inventory data, such as name and address, bank data, such as account numbers or credit card numbers, passwords, TANs and checksums, as well as contract, sum and recipient related data. These details are required to carry out the transactions. However, the data entered is only processed by the payment service providers and stored by them. We as the operator do not receive any information on (bank) account or credit card, but only information to confirm (accept) or reject the payment. Under certain circumstances, the payment service providers may transmit the data to credit agencies. The purpose of this transmission is to check identity and creditworthiness. In this regard, we refer to the general terms and conditions and data protection notices of the payment service providers.
The terms and conditions and data protection notices of the respective payment service providers, which are available on the respective website or transaction application, apply to payment transactions. We also refer to these for further information and the assertion of rights of revocation, information and other rights of affected persons.
The newsletters are sent via the dispatch service provider ‘Wix.com’. The mail-order service provider may use the recipient’s data in pseudonymous form, i.e. without allocation to a user, to optimise or improve its own services, e.g. for technical optimisation of the dispatch and presentation of the newsletters or for statistical purposes. However, the dispatch service provider does not use the data of our newsletter recipients to write to them itself or to pass the data on to third parties.
This website uses plugins from the Google operated YouTube site. The operator of the pages is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. When you visit one of our sites equipped with a YouTube plugin, a connection to the servers of YouTube is established. This tells the YouTube server which of our pages you have visited.
If you are logged in to your YouTube account, you allow YouTube to assign your surfing behavior directly to your personal profile. You can prevent this by logging out of your YouTube account.
We process the data of our customers in accordance with the data protection regulations of the Federal Republic of Germany (Data Protection Act, DSG) and the EU-DSGVO within the scope of our contractual services.
For this purpose, we process inventory data (e.g., customer master data, such as names or addresses), contact data (e.g., e-mail, telephone numbers), content data (e.g., text entries, etc.), contract data (e.g., subject matter of the contract, duration), payment data (e.g., bank details, payment history), usage and meta data (e.g., within the scope of the evaluation and performance measurement of marketing measures). Those affected include our customers, interested parties and their customers, users, website visitors or employees as well as third parties. The purpose of the processing is to provide contractual services, billing and our customer service. The legal basis of the processing is derived from Art. 6 para. 1 lit. b DSGVO (contractual services), Art. 6 para. 1 lit. f DSGVO (analysis, statistics, optimisation, security measures). We process data which are necessary for the justification and fulfilment of the contractual services and point out the necessity of their disclosure. Disclosure to external parties will only be made if it is necessary within the scope of a contract. When processing the data provided to us within the scope of an order, we act in accordance with the instructions of the client and the legal requirements of order processing in accordance with Art. 28 DSGVO and do not process the data for any other purposes than those specified in the order.
We delete the data after expiry of statutory warranty and comparable obligations. The necessity of storing the data is checked at irregular intervals. In the case of legal archiving obligations, the deletion takes place after their expiry. In the case of data that has been disclosed to us by the client within the scope of an order, we delete the data in accordance with the requirements of the order, in principle after the end of the order.
We process the data of our contractual partners and interested parties as well as other clients, customers, clients or contractual partners (uniformly referred to as “contractual partners”) in accordance with the data protection regulations of the Federal Republic of Germany (Data Protection Act, DSG) and the EU-DSGVO in accordance with Art. 6 Para. 1 lit. b. DSGVO in order to provide them with our contractual or pre-contractual services. The data processed in this context, the type, scope and purpose of such processing and the necessity of processing it, shall be determined by the underlying contractual relationship.
The processed data includes the master data of our contractual partners (e.g. names and addresses), contact data (e.g. e-mail addresses and telephone numbers) as well as contract data (e.g. services used, contract contents, contractual communication, names of contact persons) and payment data (e.g. bank details, payment history).
As a matter of principle, we do not process special categories of personal data, unless they are part of a commissioned or contractual processing.
We process data which are necessary for the justification and fulfilment of the contractual services and point out the necessity of their disclosure, if this is not evident to the contractual partners. Disclosure to external persons or companies will only be made if it is necessary within the scope of a contract. When processing the data provided to us within the scope of an order, we act in accordance with the instructions of the client and the legal requirements.
When using our online services, we may store the IP address and the time of the respective user action. The storage is based on our legitimate interests, as well as the interests of the users in protection against misuse and other unauthorized use. As a matter of principle, this data is not passed on to third parties, unless it is necessary to pursue our claims in accordance with Art. 6 Para. 1 lit. f. DSGVO or there is a legal obligation to do so in accordance with Art. 6 Paragraph 1 lit. c. DSGVO.
The data is deleted when the data is no longer required for the fulfilment of contractual or legal duties of care or for dealing with possible warranty and comparable duties, whereby the necessity of storing the data is checked at irregular intervals. In all other respects, the statutory storage obligations apply.
Administration, financial accounting, office organisation, contact management
We process data in accordance with the data protection regulations of the Federal Republic of Germany (Data Protection Act, DSG) and the EU-DSGVO within the framework of administrative tasks as well as the organisation of our operations, financial accounting and compliance with legal obligations, such as archiving. In doing so, we process the same data that we process within the scope of providing our contractual services. The basis for processing is Art. 6 para. 1 lit. c. DSGVO, Art. 6 para. 1 lit. f. DSGVO. Customers, interested parties, business partners and website visitors are affected by the processing. The purpose of and our interest in the processing lies in the administration, financial accounting, office organisation, archiving of data, i.e. tasks which serve to maintain our business activities, perform our tasks and provide our services. The deletion of data in relation to contractual services and contractual communication corresponds to the information mentioned in these processing activities.
In doing so, we disclose or transfer data to the financial administration, consultants, such as tax consultants or auditors, as well as other fee agencies and payment service providers.
Furthermore, we store information on suppliers, event organisers and other business partners on the basis of our business interests, e.g. for the purpose of contacting them at a later date. This data, which is mainly company-related, is stored permanently.
Note regarding data transmissions to the USA (United States of America)
For the sake of completeness, we would like to point out that users based in Switzerland are subject to monitoring measures by US authorities, which generally allow the storage of all personal data from Switzerland – which has been transferred to the USA.
This is done without differentiation, restriction or exception on the basis of the objectives pursued and without any objective criterion that would make it possible to limit the access of the US authorities to the data and their subsequent use to very specific, strictly limited purposes that could justify both access to the data and interference associated with its use. We also draw your attention to the fact that there are no legal remedies available in the USA for data subjects from Switzerland that would allow them to gain access to the data concerning them and to obtain its correction or deletion, or that there is no effective judicial protection against general access rights of US authorities. We explicitly draw the attention of the person concerned to this legal and factual situation in order to make an appropriately informed decision to consent to the use of his or her data.
Users residing in a member state of the EU are advised that the USA does not have a sufficient level of data protection from the perspective of the European Union.
Questions to the data protection officer
If you have any questions about privacy, please write us an e-mail or contact directly the responsible person in our organization listed at the beginning of this privacy statement.
Copyright © Patrycja Pielaszek, Kilchberg, 03.08.2020