Responsible in terms of data protection law, in particular the EU General Data Protection Regulation (GDPR) is:
Pia I. Voigt
Based on Article 13 of the Swiss Federal Constitution and the data protection provisions of the Confederation (Data Protection Act, DSG), every person has the right to privacy and protection against misuse of their personal data. The operators of these pages take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this data protection declaration.
In cooperation with our hosting providers, we strive to protect the databases as well as possible from outside access, loss, misuse or counterfeiting.
We would like to point out that data transmission over the Internet (e.g. when communicating by email) can have security gaps. It is not possible to completely protect data from third-party access.
By using this website, you agree to the collection, processing and use of data as described below. This website can generally be visited without registration. Data such as pages viewed or the name of the file accessed, date and time are stored on the server for statistical purposes without this data being directly related to you. Personal data, in particular name, address or email address, are collected on a voluntary basis as far as possible. Without your consent, the data will not be passed on to third parties.
Processing of personal data
Personal data is all information that relates to a specific or identifiable person. A data subject is a person who is used to process personal data. Editing includes all handling of personal data, regardless of the means and procedures used, in particular the storage, disclosure, procurement, deletion, storage, modification, destruction and use of personal data.
We process personal data in accordance with Swiss data protection law. In addition, we process – insofar as and insofar as the EU GDPR is applicable – personal data in accordance with the following legal bases in connection with Art.:
- lit. a) Processing of personal data with the consent of the data subject.
- lit. b) Processing of personal data to fulfill a contract with the data subject and to carry out corresponding pre-contractual measures.
- lit. c) Processing of personal data to fulfill a legal obligation to which we are subject in accordance with any applicable EU law or in accordance with any applicable law of a country in which the GDPR is fully or partially applicable.
- lit. d) Processing of personal data in order to protect the vital interests of the data subject or another natural person.
- lit. f) Processing of personal data in order to safeguard the legitimate interests of us or third parties, provided that the fundamental freedoms and fundamental rights as well as the interests of the data subject do not outweigh them. Legitimate interests are, in particular, our business interest in being able to provide our website, information security, the enforcement of our own legal claims and compliance with Swiss law.
We process personal data for the duration that is necessary for the respective purpose or purposes. In the case of longer-term storage obligations due to legal and other obligations to which we are subject, we restrict processing accordingly.
Data protection declaration for SSL / TLS encryption
This website uses SSL / TLS encryption for security reasons and to protect the transmission of confidential content, such as inquiries that you send to us as the website operator. You can recognize an encrypted connection by the fact that the address line of the browser changes from “http: //” to “https: //” and by the lock symbol in your browser line.
If SSL or TLS encryption is activated, the data that you transmit to us cannot be read by third parties.
Data transfer security (without SSL)
Please note that data that is transmitted via an open network such as the Internet or an email service without SSL encryption can be viewed by everyone. You can recognize an unencrypted connection by the fact that the address line of the browser shows “http: //” and no lock symbol is displayed in your browser line. Information that is transmitted over the Internet and content received online may be transmitted via third-party networks. We cannot guarantee the confidentiality of messages or documents that are transmitted via such open networks or third-party networks.
If you disclose personal information through an open or third-party network, you should be aware that your data may be lost or third parties may access this information and, consequently, may collect and use the data without your consent. In many cases the individual data packets are transmitted encrypted, but not the names of the sender and the recipient. Even if the sender and the recipient live in the same country, data transfer via such networks is often and without controls also via third countries, i.e. also about countries that do not offer the same level of data protection as your home country. We assume no responsibility for the security of your data during transmission via the Internet and do not accept any liability for indirect or direct losses. We ask you to use other means of communication if you consider it necessary or reasonable for security reasons.
Despite extensive technical and organizational security precautions, data may be lost or intercepted and / or manipulated by unauthorized persons. As far as possible, we take suitable technical and organizational security measures to prevent this from happening within our system. However, your computer is outside the security area that we can control. It is your responsibility as a user to inform yourself about the necessary safety precautions and to take appropriate measures in this regard. As the website operator, we are in no way liable for any damage that you may incur as a result of data loss or manipulation.
Data that you enter in online forms can be passed on to commissioned third parties for order processing and viewed by them and processed if necessary.
Data protection declaration for server log files
The provider of this website automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:
- Browser type and version
- Operating system used
- Referrer URL
- Host name of the accessing computer
- Time of the server request
This data cannot be assigned to specific people. This data is not merged with other data sources. We reserve the right to check this data retrospectively if we become aware of specific indications of illegal use.
Third party services
This website uses Google Maps for embedding maps, Google Invisible reCAPTCHA for protection against bots and spam and YouTube for embedding videos.
Google is committed to ensuring adequate data protection in accordance with the American-European and American-Swiss Privacy Shield.
Further information can be found in Google’s data protection declaration.
Data protection declaration for contact form
If you send us inquiries using the contact form, your details from the inquiry form, including the contact details you provided there, will be stored by us for the purpose of processing the inquiry and in the event of follow-up questions. We will not pass on this data without your consent.
Data protection declaration for newsletter data
If you would like to receive the newsletter offered on this website, we need an e-mail address from you as well as information that allows us to verify that you are the owner of the e-mail address provided and that you agree to receive the newsletter , Further data is not collected. We only use this data to send the requested information and do not pass it on to third parties.
You can revoke your consent to the storage of the data, the e-mail address and their use for sending the newsletter at any time, for example via the “unsubscribe” link in the newsletter.
Data protection declaration for comment function on this website
For the comment function on this website, in addition to your comment, information about the time the comment was created, your email address and, if you do not post anonymously, the user name you selected will be saved.
Storage of the IP Address
Our comment function stores the IP addresses of users who write comments. Since we do not check comments on our site before they are activated, we need this data in order to be able to act against the author in the event of legal violations such as insults or propaganda.
Subscribe to comments
As a user of the site, you can subscribe to comments after registration. You will receive a confirmation email to verify that you are the owner of the email address you provided. You can unsubscribe from this function at any time via a link in the info emails.
Data protection declaration for right to information, deletion, blocking
You have the right to free information about your stored personal data, its origin and recipient and the purpose of data processing as well as the right to correct, block or delete this data at any time. You can contact us at any time at the address given in the imprint if you have any further questions about personal data.
Data protection declaration for objection to advertising mails
We hereby object to the use of contact data published within the scope of the imprint obligation for sending unsolicited advertising and information material. The operators of the pages expressly reserve the right to take legal action in the event that unsolicited advertising information is sent, such as spam emails.
We will ask for additional data to provide services that are subject to a charge, e.g. Payment details to process your order or To be able to carry out your order. We store this data in our systems until the statutory retention periods have expired.
Use of Google Maps
This website uses the Google Maps API to visually display geographic information. When using Google Maps, Google also collects, processes and uses data about the use of map functions by visitors. You can find more information about data processing by Google in the Google data protection information. There you can also change your personal data protection settings in the data protection center.
You can find detailed instructions on how to manage your own data in connection with Google products here.
Use of Google reCAPTCHA
This website uses the reCAPTCHA service from Google Inc. (1600 Amphitheater Parkway, Mountain View, CA 94043, USA; “Google”). The purpose of the query is to differentiate whether the input is made by a human or by automated, mechanical processing. The query includes sending the IP address and any other data required by Google for the reCAPTCHA service to Google. For this purpose, your input will be transmitted to Google and used further there. However, Google will shorten your IP address beforehand within member states of the European Union or in other signatory states to the Agreement on the European Economic Area. The full IP address will only be transmitted to a Google server in the USA and abbreviated there in exceptional cases. Google will use this information on behalf of the operator of this website to evaluate your use of this service. The IP address transmitted by your browser as part of reCaptcha will not be merged with other Google data. Your data may also be transferred to the United States. An adequacy decision of the European Commission, the “Privacy Shield”, exists for data transfers to the USA. Google participates in the “Privacy Shield” and has submitted to the requirements. By pressing the query, you consent to the processing of your data. Processing is based on Art. 6 (1) lit. a GDPR with your consent. You can revoke your consent at any time without affecting the lawfulness of the processing carried out based on your consent until the revocation.
Further information on Google reCAPTCHA and the associated data protection declaration can be found at: https://www.google.com/privacy/ads/
External payment service providers
This website uses external payment service providers, the platforms of which users and we can carry out payment transactions. For example about
- PostFinance (https://www.postfinance.ch/en/detail/rechtliches-barrierefreiheit.html)
- Visa (https://www.visa.com/nutzungsbedingungen/visa-privacy-center.html)
- Mastercard (https://www.mastercard.ch/en-ch/datenschutz.html)
- American Express (https://www.americanexpress.com/en/content/privacy-policy-statement.html)
- Paypal (https://www.paypal.com/en/webapps/mpp/ua/privacy-full)
- Bexio AG (https://www.bexio.com/en-CH/datenschutz)
- Payrexx AG (https://www.payrexx.ch/site/assets/files/2592/datenschutzerklaerung.pdf)
- Apple Pay (https://support.apple.com/en-ch/ht203027)
- Stripe (https://stripe.com/ch/privacy)
- Klarna (https://www.klarna.com/en/datenschutz/)
- Skrill (https://www.skrill.com/en/fusszeile/datenschutzrichtlinie/)
- Giropay (https://www.giropay.de/rechtliches/datenschutz-agb/) etc.
As part of the performance of contracts, we use the payment service providers on the basis of the Swiss data protection regulation and, if necessary, Art. 6 Para. 1 lit. b. EU GDPR. In addition, we use external payment service providers based on our legitimate interests in accordance with Swiss data protection regulation and, if necessary, according to Art. 6 para. 1 lit. f. EU GDPR in order to offer our users effective and secure payment options.
The data processed by the payment service providers include inventory data, such as the name and address, bank details, such as Account numbers or credit card numbers, passwords, TANs and checksums as well as the contract, sums and recipient-related information. The information is required to complete the transactions. However, the data entered will only be processed and saved by the payment service providers. We as the operator do not receive any information about (bank) account or credit card, only information about the confirmation (acceptance) or rejection of payment. The data may be transmitted by the payment service provider to credit agencies. The purpose of this transmission is to verify identity and creditworthiness. We refer to the terms and conditions and data protection information of the payment service providers.
The terms and conditions and the data protection notices of the respective payment service providers apply to the payment transactions, which can be called up on the respective website or transaction applications. We also refer to these for further information and assertion of cancellation, information and other data subject rights.
Newsletter – Mailchimp
The newsletter is sent by the mail service provider ‘MailChimp’, a newsletter mailing platform of the US provider Rocket Science Group, LLC, 675 Ponce De Leon Ave NE # 5000, Atlanta, GA 30308, USA. You can view the data protection regulations of the shipping service provider here. The Rocket Science Group LLC d / b / a MailChimp is certified under the Privacy Shield Agreement and thus offers a guarantee to comply with the European level of data protection (PrivacyShield). The shipping service provider is based on our legitimate interests. Art. 6 para. 1 lit. f GDPR and an order processing contract in accordance with 28 para. 3 sentence 1 GDPR.
The shipping service provider can store the recipient’s data in pseudonymous form, i.e. use without assignment to a user, to optimize or improve their own services, e.g. use for technical optimization of the dispatch and presentation of the newsletter or for statistical purposes. However, the shipping service provider does not use the data of our newsletter recipients to write to them themselves or to pass the data on to third parties.
Using Adobe Typekit
We use Adobe Typekit for the visual design of our website. Typekit is a service of Adobe Systems Software Ireland Ltd. which gives us access to a font library. To integrate the fonts we use, your browser must establish a connection to an Adobe server in the USA and download the font required for our website. This gives Adobe the information that our website has been accessed from your IP address. Further information on Adobe Typekit can be found in Adobe’s data protection information, which you can access here: www.adobe.com/ch_de/privacy/policies/typekit.html
Order processing in the online shop with customer account
We process our customers’ data in accordance with the data protection regulations of the federal government (data protection law, DSG) and the EU GDPR, in the context of the ordering processes in our online shop, to enable you to select and order the selected products and services, as well as their payment and delivery or execution.
The processed data include master data (inventory data), communication data, contract data, payment data and the people affected by the processing include our customers, interested parties and other business partners. The processing is carried out for the purpose of providing contractual services in the context of operating an online shop, billing, delivery and customer services. Here we set session cookies, e.g. for the storage of the shopping cart content and permanent cookies, e.g. to save the login status.
Processing is based on Art. 6 Para. 1 lit. b (Execution of order processes) and c (Archiving required by law) GDPR. The information marked as required is required to justify and fulfill the contract. We only disclose the data to third parties in the context of delivery, payment or within the scope of legal permits and obligations. The data will only be processed in third countries if this is necessary for the fulfillment of the contract (e.g. at the customer’s request for delivery or payment).
Users can optionally create a user account, in particular by viewing their orders. As part of the registration, the required mandatory information is communicated to the users. The user accounts are not public and can be accessed by search engines, e.g. Google, not be indexed. If users have terminated their user account, their data will be deleted with regard to the user account, subject to their retention for commercial or tax law reasons in accordance with Art. 6 Para. 1 lit. c GDPR necessary. Information in the customer account remains until it is deleted with subsequent archiving in the event of a legal obligation. It is the responsibility of the users to back up their data before termination of the contract if the contract is terminated.
As part of the registration and renewed registration and use of our online services, we save the IP address and the time of the respective user action. The storage takes place on the basis of our legitimate interests, as well as the user’s protection against misuse and other unauthorized use. This data is not passed on to third parties, unless it is necessary to pursue our claims or there is a legal obligation to do so in accordance with. Art. 6 para. 1 lit. c GDPR.
The deletion takes place after expiry of statutory warranty and comparable obligations, the necessity of storing the data is checked at irregular intervals. In the case of statutory archiving obligations, deletion takes place after its expiration.
Notice regarding data transfers to the USA (United States of America)
For the sake of completeness, we would like to point out that for users based in Switzerland, there are surveillance measures by the US authorities, which generally enable the storage of all personal data from Switzerland – which has been transmitted to the USA.
This is done without differentiation, limitation or exception based on the objectives pursued and without an objective criterion that makes it possible to restrict the U.S. authorities’ access to the data and their later use to very specific, strictly limited purposes, which are those with access to to justify this data and the interventions associated with its use. In addition, we would like to point out that in the USA there are no legal remedies for data subjects from Switzerland that would allow access to the data relating to you and its correction or deletion, respectively. there is no effective judicial protection against general access rights of US authorities. We explicitly inform those affected of this legal and factual situation in order to make an appropriately informed decision on their consent to the use of their data.
We would like to point out to users residing in an EU member state that the USA does not have an adequate level of data protection from the perspective of the European Union.
The copyrights and all other rights to content, images, photos or other files on the website belong exclusively to the operator of this website or the specifically named rights holders. The written consent of the copyright holder must be obtained in advance for the reproduction of all files.
Anyone who commits a copyright infringement without the consent of the respective rights holder can be punished and, if necessary, liable to pay damages.
All information on this website has been carefully checked. We strive to offer our information in a current, correct and complete manner. Nevertheless, the occurrence of errors cannot be completely ruled out, which means that we cannot guarantee the completeness, accuracy and timeliness of information, including journalistic and editorial content. Liability claims based on material or immaterial damage caused by the use of the information offered are excluded unless there is evidence of willful or gross negligence.
The publisher can change or delete texts at his own discretion and without notice and is not obliged to update the content of this website. Use or access to this website is at the visitor’s own risk. The publisher, his clients or partners are not responsible for damage, such as direct, indirect, accidental, to be determined in advance or consequential damage, which allegedly resulted from visiting this website and therefore accept no liability for this.
The publisher also assumes no responsibility and liability for the content and availability of third-party websites that can be reached via external links on this website. The operators of the linked pages are solely responsible for their content. The publisher thus expressly distances himself from all third-party content that may be relevant under criminal law or liability law or that violates common decency.
Questions to the data protection officer
If you have any questions about data protection, please send us an email or contact the person responsible for data protection at the beginning of the data protection declaration in our organization.