Data transmitted to us by via contact forms is used exclusively in-house and for its intended purpose. Personal data is handled in confidentiality and is neither sold nor disclosed to third parties. Participation in surveys or competitions is voluntary. The results of surveys are used internally and are not disclosed to third parties.
We store the data we collect on especially secure servers in our security zone. Access to these servers is limited to a few authorised individuals, who are responsible for handling the data for technical, commercial or editorial reasons. We take extensive technical and operational safety precautions to ensure that the data stored is not lost or misused and these safety precautions are constantly revised to take account of the latest technological developments. The very structure of internet, however, means that these data protection regulations may be disregarded by persons or institutions outside of our control. In particular, data that is shared without encryption (e.g., via email) can be read by third parties. We have no control over this due to the internet’s technical structure. It is the sole responsibility of the user to protect the data he or she sends over the internet from misuse by codification or any other method. On the internet, e-mails are forwarded via many different servers, and there are numerous ways to access, change, delete, copy or otherwise amend this information without authorisation. You may also contact us via phone, fax or post.
If you click on links to external websites, you will leave our website. We are not responsible for the data protection regulations of external, linked websites. We also decline all legal responsibility and responsibility for the content of external websites and their links. If you find an invalid link, please send us an email. We hereby declare explicitly that we have no influence on the design and content of linked pages. We therefore expressly disclaim any responsibility for the content of such sites, nor do we express any approval thereof. This applies to all links and all content on the linked sites, whether the links are in text or banner format.
Your computer automatically transmits the following data is to our server when you visit our website:
This data is recorded in log files in order to statistically analyse our website’s use and continue to improve our online offering. A personal analysis of this data is not possible, as it exclusively consists of generalised usage data. We are very careful to ensure that usage data is not linked to personal details. The data will not be used for personal analysis.
Cookies and session IDs are generated to differentiate each user that visits our website. This data is impersonal and of a technical nature. You are able to configure your browser so that you will be informed every time a cookie is to be generated, so that you can decide on a case-by-case basis whether to accept or reject the cookie. However, if you do not accept a cookie, this may mean that you will no longer be able to use certain functions on our website.
Emails are generally transmitted in non-encrypted form with the attendant risk that this data may be intercepted and read by third parties.
The new rules which apply since the new European General Data Protection Regulation (GDPR) came into force on 25 May 2018 are also applicable to companies headquartered in Switzerland, in certain cases. We abide by these regulations as long as they are applicable to us. In particular, they give individuals more control over their personal data, meaning that companies are more obliged than ever to respect data protection regulations. More details are available via the legal regulation document, which is accessible via the following link: http://eur-lex.europa.eu/eli/reg/2016/679/oj. If GDPR does not apply to any specific case, we shall follow the other relevant legislation.
The most important rights according to GDPR are listed below.
If personal data is collected, the data subject has the right to obtain a series of information regarding the data collection, in particular which data is collected and for which purposes.
GDPR accords to the data subject the right to obtain from the controller confirmation as to whether or not personal data concerning him or her are being processed. Where that is the case, GDPR defines different rights (e.g., the right to obtain a copy of the data).
The data subject shall have the right to obtain from the controller without undue delay the rectification of inaccurate personal data concerning him or her. Taking into account the purposes of the processing, the data subject shall have the right to have incomplete personal data completed, including by means of providing a supplementary statement.
The data subject shall have the right to obtain from the controller the erasure of personal data concerning him or her without undue delay and the controller shall have the obligation to erase personal data without undue delay where one of the grounds listed in GDPR applies, for example that the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed.
The data subject shall have the right to obtain from the controller restriction of processing in any of the cases specified by GDPR. In the event that such a restriction is obtained, the data may continue to be stored, but not processed.
According to GDPR, all recipients to whom personal data have been disclosed are to be notified of any rectification or erasure of personal data or restriction of processing, unless this proves impossible or involves disproportionate effort.
The data subject shall have the right to receive the data which he or she has provided to a controller, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller, for example in order to change service provider. This right, however, may only be exercised where the data processing is based on the consent of the data subject or on a contract.
The data subject shall also have the right to object, on grounds relating to his or her particular situation, at any time to processing of personal data concerning him or her, including profiling based on those provisions. The controller shall no longer process the personal data unless the controller demonstrates compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject or for the establishment, exercise or defence of legal claims. Where personal data are processed for direct marketing purposes, the data subject shall have the right to object at any time to processing of personal data concerning him or her for such marketing, which includes profiling to the extent that it is related to such direct marketing.
The data subject shall have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning him or her or similarly significantly affects him or her.
When the personal data breach is likely to result in a high risk to the rights and freedoms of natural persons, the controller shall communicate the personal data breach to the data subject without undue delay.