is generally possible without providing personal data. However, if you wish to make use of services via our website, it may be necessary to process personal data. In cases where there is no legal basis for such processing, we will always obtain your formal consent.
The processing of personal data, such as your name, address, telephone number or e-mail address, is always carried out in full compliance with the General Data Protection Regulation and the country-specific data protection regulations applicable in Switzerland. With this carefully formulated data protection declaration, we intend to provide the public with comprehensive information about the type, purpose and scope of the personal data we collect, use and process. We would also like to make you fully aware of the rights to which you are entitled through this privacy policy.
We, as the entity responsible for processing, have implemented a variety of organizational and technical measures to ensure the most comprehensive protection possible for personal data processed via this website. Nevertheless, there is always the possibility of security gaps in Internet-based data transmissions, meaning that absolute protection cannot be guaranteed. For this reason, you are free to transmit personal data to us by alternative means, such as by post or telephone.
General notes and mandatory information
Responsible body The controller within the meaning of the General Data Protection Regulation, other data protection laws applicable in the Member States of the European Union and other provisions of a data protection nature is
A+B Brush Technology AG Bleikenstrasse 92 9630 Wattwil T +41 (0)71 987 61 00
The controller is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data (e.g. names, e-mail addresses, etc.).
Data protection officer required by law We have appointed a data protection officer for our company. Thomas Nüesch
Any data subject can contact our data protection officer directly at any time with any questions or suggestions regarding data protection.
Withdrawal of consent to data processing The execution of data processing operations requires express consent. Consent that has already been given can be revoked at any time. All you need to do is send an informal e-mail to the company. The legality of the data processing carried out until the revocation remains unaffected by the revocation.
Right to lodge a complaint with the competent supervisory authority In the event of breaches of data protection law, you have the right to lodge a complaint with the competent supervisory authority. The competent supervisory authority for data protection issues is the data protection officer of the canton of St. Gallen, in which our company is based. A list of data protection officers and their contact details can be found at the following link: https://www.sg.ch/sicherheit/datenschutz.html
Right to data portability Data subjects have the right to have data that is processed automatically by A+B Bürsten-Technik AG on the basis of their consent or for the performance of a contract transmitted to themselves or to a third party in a commonly used, machine-readable format, provided that the data is available in such a format. If the data subject requests the direct transfer of the data to another controller, this will only take place if it is technically feasible.
SSL or TLS encryption This site uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as orders or inquiries sent to us as the site operator. An encrypted connection can be recognized by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in the browser line. If SSL or TLS encryption is activated, the data that is transmitted cannot be read by third parties.
Information, blocking, deletion Within the framework of the applicable legal provisions, data subjects have the right to obtain information free of charge at any time about their stored personal data, its origin, recipients and the purpose of data processing. If necessary, there is also a right to correction, blocking or deletion of this data. Data subjects can contact the company at any time at the address given above or in the legal notice if they have any queries in this regard or other questions on the subject of personal data.
Objection to advertising e-mails We hereby object to the use of contact data published as part of our obligation to provide a legal notice for the purpose of sending unsolicited advertising and information material. The operators of this website expressly reserve the right to take legal action in the event of the unsolicited sending of advertising information, such as spam e-mails.
Data acquisition
Hosting METANET AG Josefstrasse 218 8005 Zurich Switzerland
The hosting services we use serve to provide infrastructure and platform services, database services, computing capacity, security services, storage space and technical maintenance services that are necessary for the operation of our online services.
As part of these activities, we or our hosting provider process inventory data, contact data, content data, contract data, usage data as well as meta and communication data of customers, interested parties and visitors to this online offering on our behalf.
Basis: The basis for data processing is Art. 6 para. 1 lit. b GDPR, which allows us to process data for the fulfillment of a contract or pre-contractual measures.
Order processing contract: We have concluded an order processing agreement with Metanet AG, in which Metanet AG undertakes to protect our customers' data and not to pass it on to third parties.
Cookies Some of the Internet pages use cookies. These cookies do not cause any damage to the user's computer and do not contain any viruses. They are used to make the website more user-friendly, effective and secure. Cookies are small text files that are stored on the computer and managed by the browser. By using cookies, we can offer more user-friendly services that would not be possible without the use of cookies. Cookies enable us to provide information and offers on our website according to the interests of the users. They also help us to recognize users when they visit our website again. The purpose of this recognition is to facilitate the use of our website.
Most of the cookies we use are so-called „session cookies“. They are automatically deleted as soon as the visit ends. Other cookies remain stored on the user's end device until they are deleted. These cookies enable us to recognize the user's browser on a subsequent visit.
The user can set his browser so that he is informed about the setting of cookies and only allows cookies in individual cases, rejects the acceptance of cookies for certain cases or generally excludes them. In addition, the user can set the browser so that cookies are automatically deleted when the browser is closed. However, deactivating cookies may limit the functionality of this website.
Cookies that are required to carry out the electronic communication process or to provide certain functions requested by the person concerned (e.g. shopping cart function) are stored in accordance with Article 6(1)(f) of the General Data Protection Regulation (GDPR). The company has a legitimate interest in the storage of such cookies in order to ensure the technically error-free and optimized provision of its services. If other cookies (e.g. cookies for analyzing surfing behavior) are stored, these are treated separately in this privacy policy.
Cookie declaration of consent and logging The „Cookie Script“ service from Objectis Ltd, Laisves St. 60, LT-05120 Vilnius, Lithuania, is used to check and log cookie consent and to continuously check the cookies used by the organization.
Cookie Script stores the following personal and non-personal data:
The IP address of the end user in anonymized form (the last three digits are set to „0“).
Date and time of consent.
User agent of the end user's browser.
The URL from which the consent was sent.
An anonymous, random and encrypted key.
The consent status of the end user, which serves as proof of consent.
Basis: Data processing is carried out in accordance with Article 6(1)(f) of the General Data Protection Regulation (GDPR). Our legitimate interest lies in the legally compliant design of our website, including compliance with legal obligations in the area of data protection.
Order processing contract: There is an order processing contract with Objectis Ltd. in which Objectis Ltd. undertakes to protect the customer's data and not to pass it on to third parties.
Deletion of the data: The data is automatically deleted after 30 days.
Server log files The website automatically collects and stores information in so-called server log files, which are automatically transmitted to the operator by the user's browser. This information includes
Browser type and browser version
Operating system used
Referrer URL
Host name of the accessing computer
Time of the server request
IP address
Other similar data and information used for security purposes in the event of attacks on the information technology systems.
This data is not merged with other data sources. When using this general data and information, no conclusions are drawn about the user.Rather, this information is used for this purpose:
To deliver the content of the website correctly.
To optimize the content of the website and the advertising for it.
To ensure the long-term functionality of the information technology systems and the technology of the website.
to provide law enforcement authorities with the information necessary for prosecution in the event of a cyber attack.
This anonymously collected data and information is evaluated statistically and serves to increase data protection and data security in the company in order to ensure an optimal level of protection for the processed personal data. The anonymous data from the server log files are stored separately from all personal data provided by the user.
Data processing is carried out in accordance with Article 6(1)(b) of the General Data Protection Regulation (GDPR), which permits the processing of data for the performance of a contract or pre-contractual measures.
Contact form Users have the option of contacting the company (e.g. via a contact form, email, telephone or social media channels). When users contact the company, their details are processed to handle the contact request and process it. The information may be stored in a CRM system (Customer Relationship Management) or a similar inquiry organization system. The personal data transmitted is derived from the respective input form used to make contact and from additional data transmitted. The personal data entered is collected and stored exclusively for internal purposes and for the company's own purposes. The company may arrange for the data to be passed on to one or more processors who also use the personal data exclusively for internal purposes that are attributable to the use of the company.
By registering on the website, the IP address assigned by the Internet service provider (ISP) and the date and time of registration are also stored. This data is stored to protect against misuse of the services and enables the company to investigate criminal offenses if necessary. The storage of this data is therefore necessary to protect the company. This data is not passed on to third parties unless there is a legal obligation to pass it on or it is used for criminal prosecution.
Data processing is carried out in accordance with Article 6(1)(b) of the General Data Protection Regulation (GDPR), which permits the processing of data for the performance of a contract or pre-contractual measures.
The data entered by the users in the contact form will remain with the company until the users request deletion, revoke their consent to storage or the purpose for data storage no longer applies (e.g. after processing of the inquiry has been completed). Mandatory statutory provisions, in particular retention periods, remain unaffected.
Social media, plugins and tools
Social media The company maintains online presences in social networks and platforms in order to communicate with the customers, interested parties and users active there and to inform them about the services offered. It should be noted that user data may be processed outside the European Union. This may result in risks for users, as it may be more difficult to enforce their rights, for example. In the case of US providers that are certified under the Privacy Shield, it should be noted that they undertake to comply with EU data protection standards. As a rule, user data is also processed for market research and advertising purposes. Usage profiles can be created based on the usage behavior and the resulting interests of the users. These usage profiles can in turn be used to place advertisements within and outside the platforms that correspond to the interests of the users. For these purposes, cookies are generally stored on the user's computer, in which the user's usage behavior and interests are stored. In addition, data that is independent of the devices used by the users (especially if the users are members of the respective platforms and are logged in there) can also be stored in the user profiles. The processing of users' personal data is based on the company's legitimate interest in effective information and communication with users in accordance with Article 6(1)(f) of the General Data Protection Regulation (GDPR). If the users are asked by the providers of the platforms for consent to the data processing described, the processing is based on Article 6(1)(a) and Article 7 of the GDPR. For a detailed description of the respective processing and the possibilities of objection (opt-out), please refer to the information provided by the providers, which can be accessed via the links below. In the case of requests for information and the assertion of user rights, it should also be noted that these can be asserted most effectively with the providers themselves. Only the providers have access to the users' data and can take appropriate measures and provide information. Should users nevertheless require assistance, they can contact the company.
Integration of third-party services and content (plugins) As part of the online offer, content or services from third-party providers are used for legitimate interests (i.e. the interest in analysis, optimization and economic operation as well as an appealing presentation of the online offer in accordance with Article 6 paragraph 1 lit. f of the General Data Protection Regulation), for example to integrate videos or contributions. Such integration always requires that the third-party providers perceive the IP address of the user, as otherwise they cannot send the content to the browser. The IP address is therefore required to display this content.
Care is taken to only use content where the respective providers only use the user's IP address to deliver the content. Third-party providers may also use so-called pixel tags (invisible graphics, also known as „web beacons“) for statistical or marketing purposes. These „pixel tags“ can be used to analyze information such as visitor traffic on the pages of this website. The pseudonymous information may also be stored in cookies on the user's device and contain technical information about the browser and operating system, referring websites, time of visit and other information about the use of the online offer and may be linked to such information from other sources.
Google Maps We integrate the maps of the “Google Maps” service of the provider Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, or Google Ireland Limited, Gordon House, Barrow Street Dublin 4, Ireland.
The processed data may include, in particular, IP addresses and location data of users, which, however, are not collected without their consent (usually in the context of the settings of the mobile devices). The data may be processed in the USA.
More information on the handling of user data: Privacy policy of Google https://www.google.de/intl/de/policies/privacy/.
The use of Google Maps is in the interest of an appealing presentation of our online offers and to make it easy to find the places we have indicated on the website. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR.
Instagram Functions and content of the Instagram service, offered by Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA, may be integrated into our online offering.
This may include various elements such as images, videos, texts and buttons with which users can express their interest in content, follow the authors of the content or subscribe to our posts. If the users are members of the Instagram platform, Instagram can assign access to this content and functions to their profiles.
The use of Instagram is based on Art. 6 para. 1 lit. a GDPR.
LinkedIn Functions and content of the LinkedIn service, offered by LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland, may be used within our online offering.
This may include various elements such as images, videos, texts and buttons with which users can express their interest in content, follow the authors of the content or subscribe to our posts. If the users are members of the LinkedIn platform, LinkedIn can assign access to this content and functions to their profiles. We may also integrate scripts and measures that enable us to perform marketing and statistical functions on LinkedIn.
More information on how LinkedIn handles user data: LinkedIn privacy policy
The use of LinkedIn is based on Art. 6 para. 1 lit. a GDPR.
XING Functions and content of the XING social network may be integrated on our website. The provider of this service is New Work SE, Am Strandkai 1, 20457 Hamburg, Germany.
These may be buttons, logos or other elements that allow users to interact with our content on XING, for example by sharing or following it. If you are logged in to XING, XING can assign the visit to our website to your user account. In addition, certain analysis and marketing functions can be activated by the integration, which enable us to carry out statistical evaluations.
The integration of XING takes place on the basis of Art. 6 para. 1 lit. a GDPR.
TikTok Account / TikTok Videos We use a TikTok account and can integrate videos from the “TikTok” platform of the provider TikTok Inc. 10100 Venice Blvd, Culver City, CA 90232, USA.
We would like to point out that TikTok may use its own tracking tools and refer you to TikTok's privacy policy.
Further information on the handling of user data: Privacy policy of TikTok https://www.tiktok.com/legal/privacy-policy?lang=de.
The use of TikTok is based on Art. 6 para. 1 lit. a GDPR.
YouTube We integrate the videos of the “YouTube” platform of the provider Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, or Google Ireland Limited, Gordon House, Barrow Street Dublin 4, Ireland.
If one of our pages equipped with a YouTube plugin is visited, a connection to the YouTube servers is established. This tells the YouTube server which pages are being visited. If you are logged into your YouTube account, YouTube can assign your surfing behavior directly to your personal profile. This can be prevented by logging out.
The use of YouTube is based on Art. 6 para. 1 lit. a GDPR.
Analysis tools and advertising
Google Analytics This website uses functions of the web analysis service Google Analytics. The provider is Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
Google Analytics uses „cookies“, which are text files placed on the user's computer, to help the website analyze how users use the site. The information generated by the cookie about the use of this website is usually transferred to a Google server in the USA and stored there.
IP anonymization: The IP anonymization function is activated on this website. This means that the IP address of users within the member states of the European Union or in other signatory states to the Agreement on the European Economic Area is shortened before being transmitted to the USA. In exceptional cases, the full IP address is transmitted to a Google server in the USA and truncated there. On behalf of the operator of this website, Google will use this information to evaluate the use of the website, to compile reports on website activity and to provide other services relating to website activity and internet usage. The IP address transmitted by Google Analytics will not be merged with other Google data.
Demographic characteristics: This website uses the „demographic characteristics“ function of Google Analytics to create reports that contain information about the age, gender and interests of site visitors. This data comes from interest-based advertising from Google and visitor data from third-party providers and cannot be assigned to a specific person. The „demographic characteristics“ function can be deactivated at any time via the ad settings in the Google account.
Further information on the handling of user data by Google Analytics: Google's privacy policy. https://support.google.com/analytics/answer/6004245?hl=de
Browser Plugin: Google Analytics cookies are stored on the basis of Art. 6 para. 1 lit. a GDPR. An order processing contract has been concluded with Google and the German data protection authority requirements for the use of Google Analytics are fully implemented.
Users can prevent the storage of cookies by selecting the appropriate settings in their browser software. Please note that in this case it is possible that not all functions of this website can be used in full. In addition, the collection of the data generated by the cookie and related to the use of the website (including the IP address) to Google and the processing of this data by Google can be prevented by downloading and installing the browser plugin under the link provided. https://tools.google.com/dlpage/gaoptout?hl=de
Google Analytics Remarketing We use the functions of Google Analytics Remarketing in conjunction with the cross-device functions of Google Ads and Google DoubleClick. The provider is Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
This function makes it possible to connect the advertising target groups created with Google Analytics Remarketing with the cross-device functions of Google Ads and Google DoubleClick. This means that personalized advertising messages that have been adapted based on previous usage and surfing behavior on a specific device (e.g. cell phone) can also be displayed on another of the devices used (e.g. tablet or PC). If the user has given their consent, Google links the web and app browsing history to the Google account in order to be able to display these personalized advertising messages on every device on which the Google account is logged in. To support this function, Google Analytics temporarily collects Google-authenticated IDs of users, which are linked to our Google Analytics data in order to define and create target groups for cross-device advertising.
Further information and the privacy policy: Google's privacy policy. https://www.google.com/policies/technologies/ads/
The aggregation of the data collected in your Google Account is based exclusively on the consent that the user can give or withdraw from Google (Art. 6 para. 1 lit. a GDPR). In the case of data collection processes that are not merged in the user's Google account (e.g. because the user does not have a Google account or has objected to the merging), the collection of data is based on Art. 6 para. 1 lit. f GDPR. The legitimate interest arises from the fact that we have an interest in the anonymized analysis of website visitors for advertising purposes.
You can permanently object to cross-device remarketing/targeting by deactivating personalized advertising in your own Google account.
Google Ads and Google Conversion Tracking This website uses Google Ads. Ads is an online advertising program of Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States (“Google”).
We use conversion tracking as part of the use of Google Ads. When a user clicks on an ad placed by Google, a cookie is set for conversion tracking. These cookies are small text files that are stored on the user's computer by the Internet browser. They lose their validity after 30 days and are not used to personally identify the user. If the user visits certain pages of this website and the cookie has not yet expired, Google and we can recognize that the user clicked on the ad and was redirected to this page. The user can set his browser so that he is informed about the setting of cookies and only allows cookies in individual cases, rejects the acceptance of cookies for certain cases or in general and activates the automatic deletion of cookies when closing the browser. If cookies are deactivated, this may impair the functionality of this website. Each Google Ads customer receives a different cookie, and the cookies cannot be tracked via the websites of Ads customers. The information collected using conversion cookies is used to generate conversion statistics for Ads customers who have opted for conversion tracking. Customers receive information about the total number of users who clicked on their ad and were redirected to a page with a conversion tracking tag. However, they do not receive any information that can be used to personally identify users.
More information about Google Ads and Google Conversion Tracking: Google's privacy policy https://www.google.de/policies/privacy/
The storage of “conversion cookies” takes place on the basis of Art. 6 para. 1 lit. a GDPR.
If a user does not wish to participate in tracking, they can object to this use by deactivating the Google Conversion Tracking cookie via the Internet browser under user settings.
Meta Pixel Within our online offer, the so-called „meta pixel“ of the social network Meta, which is operated by Meta Inc, 1 Hacker Way, Menlo Park, CA 94025, USA, or if you are based in the EU, Meta Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland („Meta“), is used.
With the help of the meta pixel, Meta is able to determine visitors to the online offering as a target group for ad placement (Facebook and Instagram ads). The meta pixel is therefore used to only display ads placed by us to Meta users who have shown an interest in our online offering or who have certain characteristics (e.g. interests in certain topics or products determined on the basis of the websites visited) that we transmit to Meta (so-called „custom audiences“). By using the meta pixel, we want to ensure that our ads correspond to the potential interest of users and are not perceived as annoying. The meta pixel also enables us to analyze the effectiveness of the ads for statistical and market research purposes by determining whether users were redirected to our website after clicking on a Facebook ad (so-called „conversion“).
Meta processes the data in accordance with Meta's Data Usage Policy. Accordingly, general information on the display of Meta Ads can be found in Meta's Data Usage Policy. https://www.facebook.com/policy.php
Special information and details on the meta pixel: https://www.facebook.com/business/help/651294705016616
The use of the meta pixel and the storage of “conversion cookies” is based on Art. 6 para. 1 lit. a GDPR.
For the processing of data for which Meta acts as a commissioned data processor, we have concluded a commissioned data processing agreement with Meta, in which we oblige Meta to protect our customers' data and not to pass it on to third parties.
The collection by the Meta pixel and the use of the data to display ads can be objected to by the user. To determine which types of advertisements should be displayed within Meta, the relevant Meta page can be visited, where the instructions for setting usage-based advertising can be followed. These settings apply across platforms for all devices, including desktop computers and mobile devices.
TikTok Pixel The „TikTok pixel“ of the social network TikTok, which is operated by TikTok Technology Limited, 10 Earlsfort Terrace, Dublin, D02 T380, Ireland („TikTok“), is used within our online offering.
With the help of the TikTok pixel, TikTok is able to identify visitors to the online offer as a target group for the display of advertising (so-called „TikTok ads“). We therefore use the TikTok pixel to display TikTok ads only to TikTok users who have shown an interest in our online offering or who have certain characteristics (such as interests in certain topics or products determined on the basis of websites visited) that we transmit to TikTok (so-called „custom audiences“). By using the TikTok pixel, we also want to ensure that our TikTok ads correspond to the potential interests of users and are not perceived as annoying. In addition, the TikTok pixel enables us to monitor the effectiveness of TikTok ads for statistical and market research purposes by allowing us to determine whether users are redirected to our website after clicking on a TikTok ad (so-called „conversion“).
The use of the TikTok Pixel and the storage of “conversion cookies” is based on Art. 6 para. 1 lit. a GDPR.
For the processing of data for which TikTok acts as a commissioned data processor, we have concluded a commissioned data processing agreement with TikTok, in which we oblige TikTok to protect our customers' data and not to pass it on to third parties.
Newsletter
The following information serves to explain the newsletter data protection, including the contents of our newsletter, the registration, dispatch and statistical evaluation procedure as well as the rights to object. By subscribing to our newsletter, you agree to receive it and to the procedures described.
Content of the newsletter: We only send newsletters, emails and other electronic notifications containing advertising information (hereinafter referred to as „newsletters“) with the consent of the recipient or with legal permission. If the contents of the newsletter are specifically described in the context of a registration, these are decisive for the user's consent. In addition, our newsletters contain information about our services and our company.
Double opt-in and logging: Registration for our newsletter takes place in accordance with the so-called double opt-in procedure. After registering, you will receive an e-mail asking you to confirm your registration. This confirmation is necessary in order to prevent someone from registering with someone else's e-mail address. Subscriptions to the newsletter are logged in order to be able to prove the registration process in accordance with legal requirements. This includes storing the time of registration and confirmation as well as the IP address. Changes to your data stored by the mailing service provider are also logged.
Login data: To subscribe to the newsletter, it is sufficient to enter your e-mail address. Optionally, we ask for your name so that we can address you personally in the newsletter.
Cancellation/revocation: You can unsubscribe from our newsletter at any time by revoking your consent. You will find a link to unsubscribe from the newsletter at the end of each newsletter. We may store the unsubscribed e-mail addresses for up to three years on the basis of our legitimate interests before deleting them in order to be able to prove that consent was previously given. The processing of this data is limited to the purpose of a possible defense against claims. An individual request for deletion is possible at any time, provided that the former consent is confirmed at the same time.
MailChimp To send our newsletter, we use the services of MailChimp to send newsletters. The provider is Rocket Science Group LLC, 675 Ponce De Leon Ave NE, Suite 5000, Atlanta, GA 30308, USA.
MailChimp is a service with which, among other things, the sending of newsletters can be organized and analyzed. If the data is entered for the purpose of receiving the newsletter (e.g. e-mail address), it is stored on MailChimp's servers in the USA.
MailChimp analysis With the help of MailChimp, we can analyze our newsletter campaigns. When you open an email sent with MailChimp, a file contained in the email (so-called web beacons) connects to MailChimp's servers in the USA. This makes it possible to determine whether a newsletter message has been opened and which links, if any, have been clicked on. In addition, technical information is collected (e.g. time of access, IP address, browser type and operating system). This information cannot be assigned to the respective newsletter recipient. It is used exclusively for the statistical analysis of newsletter campaigns. The results of these analyses can be used to better tailor future newsletters to the interests of the recipients.
Privacy policy of MailChimp: https://mailchimp.com/legal/terms/
EU-U.S. Data Privacy Framework: MailChimp is certified in accordance with the “EU-U.S. Data Privacy Framework”. The “Privacy Framework” is an agreement between the European Union (EU) and the USA, which is intended to ensure compliance with European data protection standards in the USA.
Conclusion of a data processing agreement: We have concluded a so-called „Data Processing Agreement“ with MailChimp, in which we oblige MailChimp to protect our customers' data and not to pass it on to third parties. This agreement can be viewed here.
Objection to data collection: If an analysis by MailChimp is not desired, the newsletter must be unsubscribed. A corresponding link is provided in every newsletter message to make this possible. Alternatively, you can unsubscribe from the newsletter directly on the website. The data is processed on the basis of the consent of the person concerned in accordance with Article 6(1)(a) of the General Data Protection Regulation (GDPR). Consent can be withdrawn at any time by unsubscribing from the newsletter. The revocation does not affect the lawfulness of the data processing that has already taken place. The data stored by us for the purpose of the newsletter subscription will be stored by us until you unsubscribe from the newsletter and deleted from both our servers and the MailChimp servers after you unsubscribe. Other data stored by us that was used for other purposes (e.g. email addresses for the member area) remains unaffected by this.
Data processing by employees, infrastructure, software & tools
Employees' laptops and workstations are protected by comprehensive data carrier encryption and are managed centrally. Care is taken to ensure that updates are installed on our employees' devices, and workstations and devices are regularly checked for malware.
Office365 We use Office365 from Microsoft for the collection, processing and use of personal and non-personal data. The provider is Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA
EU-U.S. Data Privacy Framework / Swiss-US Privacy Shield
Microsoft is certified in accordance with the “EU-U.S. Data Privacy Framework” / «Swiss-US Privacy Shield». The “Privacy Framework” is an agreement between the European Union (EU) and the USA, or Switzerland and the USA, which is intended to ensure compliance with European and Swiss data protection standards in the USA.
The basis for data processing is Art. 6 para. 1 lit. b GDPR, which allows us to process data for the fulfillment of a contract or pre-contractual measures.
We have concluded an order processing agreement with Microsoft in which we oblige Microsoft to protect our customers' data and not to pass it on to third parties.
Penta Software For the internal processing of personal data, we use the services of Penta Technologies, Inc, PO Box 210, Brookfield, WI 53008, USA.
Penta is a cloud-based platform for managing business and project data. If you interact with integrated functions or access Penta via our website, certain personal data such as your IP address, device information or usage behavior may be collected and transmitted to Penta. This is usually for the technical provision, analysis or improvement of the services offered.
The use of Penta is based on your consent in accordance with Art. 6 para. 1 lit. a GDPR.
Infoniqa For the internal processing of personal data, we use the services of Infoniqa Switzerland Software and Services AG, Platz 10, 6039 Root D4, Switzerland.grow.infoniqa.com+3Infoniqa+3Infoniqa+3
Infoniqa offers cloud-based software solutions in the areas of personnel management, payroll processing and financial administration. When using the corresponding functions - for example through forms, applicant portals or linked content - personal data such as IP address, technical information or usage behavior may be transmitted to Infoniqa and processed there. This processing takes place for the technical provision, analysis and optimization of the services offered.
Personal data is processed in accordance with the revised Swiss Data Protection Act (revDSG) and - where applicable - the EU General Data Protection Regulation (GDPR). Infoniqa is committed to processing your data securely and in compliance with the law.
The integration of Infoniqa services is - depending on the context - based on your consent in accordance with Art. 6 para. 6 revDSG or Art. 6 para. 1 lit. a GDPR.
Data processing of customer and contract data
Customer data is processed as part of the contractual services, which include conceptual and strategic consulting, campaign planning, software and design development/consulting or maintenance, implementation of campaigns and processes/handling, server administration, data analysis/consulting services and training services.
This involves processing inventory data (e.g. customer master data such as names or addresses), contact data (e.g. email, telephone numbers), content data (e.g. text entries, photographs, videos), contract data (e.g. subject matter of the contract, term), payment data (e.g. bank details, payment history) as well as usage and metadata (e.g. as part of the evaluation and performance measurement of marketing measures).
In principle, no special categories of personal data are processed unless they are part of commissioned processing.
Data subjects include customers, interested parties and their customers, users, website visitors, employees and third parties.
The processing serves the provision of contractual services, billing and customer service. The legal basis for the processing results from:
The data required for the establishment and fulfillment of the contractual services are collected and the necessity of their provision is emphasized. Data will only be passed on to third parties if this is necessary in the context of an order.
When processing data transmitted as part of an order, we act in accordance with the instructions of the client and the legal requirements for order processing in accordance with Article 28 GDPR.
The data will be deleted as soon as statutory warranty and comparable obligations have expired. The necessity of retaining the data is reviewed every three years; in the case of statutory retention obligations, the data is deleted after their expiry (6 years in accordance with Section 257 (1) HGB, 10 years in accordance with Section 147 (1) AO).
In the case of data disclosed to us by the client as part of an order, we delete the data in accordance with the order specifications - usually after completion of the order.
The collection, processing and use of personal data is limited to what is necessary for the establishment, structuring or amendment of the legal relationship (inventory data). This is done on the basis of Article 6(1)(b) GDPR, which permits the processing of data for the performance of a contract or pre-contractual measures.
Rights in relation to personal data
Access, rectification and portability: You have the right to request information about the personal data stored by us. You also have the right to have incomplete, inaccurate or outdated personal data corrected. To the extent required by applicable law, you may also request that personal data provided be transmitted to us or to other companies.
Contradiction: There is a right to object to the use or disclosure of personal data that is not required by law, to fulfill a contractual obligation or to serve our legitimate interests. If an objection is lodged, we will work together to find an acceptable solution. In addition, consent to the processing of personal data can be withdrawn at any time, provided it is based on consent.
Deletion: The right to erasure of personal data exists within the framework of the statutory provisions. This applies, for example, if the data is outdated, the processing is unnecessary or unlawful, the consent for processing has been revoked or if we should follow a justified objection to the processing.
In certain circumstances, it may be necessary for us to retain personal data in accordance with our legal obligations or to process it for the enforcement, exercise or defense of legal claims. Legal retention periods remain unaffected.
