Data Protection Declaration
Data Protection Declaration PACK EASY AG
(Version: January 2024)
I. General information
1. Introductory remarks
With
this data protection declaration, PACK EASY AG (hereinafter referred to as
«PACK EASY», «we» or «us») explains to its customers, users, business partners,
applicants, authorities and other persons involved (hereinafter referred to as
«you») how personal data is collected and processed in the company. Responsible
handling of your personal data is very important to us.
You may
only disclose personal data of third parties to us if you are authorized to do
so and the personal data is correct. We ask you to ensure that the persons
concerned are aware of this data protection declaration.
We use
the feminine and masculine form alternately in this data protection
declaration. The respective designation also includes all other gender
designations. We may change this Privacy Policy at any time without notice. The
current version published on our website applies in each case.
2. Responsible authority
Responsible
for the content of this privacy policy and for the data processing described
is:
PACK
EASY AG
Hasliring 12
CH-6032 Emmen
Phone: + 41 41 269 80 88
E-Mail: customercare@packeasy.ch
3. Representation for date protection matters in
the EU
Insofar as
our data processing activities fall within the scope of the GDPR, we have
appointed the following representative pursuant to Art. 27 GDPR:
Pack
Easy Germany GmbH
Wallbrunnstrasse 24
DE-79539 Lörrach
Deutschland
Phone: + 41 41 269 80 88
E-Mail: customercare@packeasy.ch
4. Terms
For
better understanding, we would first like to clarify the most important terms
used in this privacy policy. In this regard, we adhere to the definitions of
terms from the Swiss Data Protection Act.
- Personal data:
all information relating to an identified or identifiable natural person.
- Data subjects:
natural persons about whom data are processed.
- Processing: any
handling of personal data, regardless of the means and procedures used, in
particular the acquisition, storage, retention, use, modification,
disclosure, archiving, deletion or destruction of data.
- Controller: a
private person of federal authority who, alone or together with others,
decides on the purpose and means of processing.
- Data processor: a private person or federal authority that processes personal data on behalf of the data controller
5. Legal bases
This
Privacy Policy complies with the requirements of the Swiss Federal Law on Data
Protection ("FADP") and the associated Ordinance ("DPA") as
well as the General Data Protection Regulation of the European Union
("GDPR"). The type and scope of the applicable legislation depends on
the individual case. Foreign data protection law is only applied insofar as
this is mandatory under the applicable law and only for the data processing
processes and persons affected by it.
We
comply with the applicable data protection policy when processing personal
data.
The processing of personal data must not unlawfully infringe the personality of
the persons concerned. For this reason, such data processing must comply with
the processing principles of data protection law and/or must be legitimized by
a justification. In particular we are legitimized to process personal data if
the processing:
- is based on a
legal basis. The processing of personal data may be required or
legitimized by law (e.g. statutory retention obligations).
- is necessary for
the performance of a contract with the data subject of for pre-contractual
measures. The essential part of the processing of personal data in our
company takes place within the framework of the fulfilment of contractual
obligations (e.g. processing of orders).
- is necessary for
the exercise of legitimate interests on our part or on the part of third
parties. A legitimate interest on our part exists in particular if the
processing of personal data takes place within the framework of the
purposes stated in point 8 as well as the disclosure of data in accordance
with point 10 and the associated objectives.
- is based in
consent. If the processing of personal data is based on your consent, we
will inform you of this separately and transparently. You can revoke your
consent with effect for the future at any time using the functions
provided for this purpose (e.g. unsubscribe link for newsletters) or by
notifying us in writing (cf. contact points under points 2 and 3 above).
Upon receipt of your revocation, we will cease the data processing
concerned, unless we can base the processing on another justifiable reason.
- Is necessary to comply with domestic and foreign legal provisions.
6. Categories of personal data
Depending
on the products and services you use and the respective relationship between
you and us, we process the following categories of personal data in particular:
- Master data: e.g.:
salutations, name, first name, gender, birth date, address and contact
data as address, phone number, E-Mail address, language, costumer number,
username, finance information.
- Contract data: e.g.: information
concerning initiation, conclusion, execution administration and
conditioning of contract between you and us, information in connection
with applications [consequently also the following point 15], interaction
history, finance and payment information as credit rating, information in
connection with the enforcement of claims, bank data.
- Communication
data: e.g.:
master data, contract data, communication content from written, electronic
and oral correspondence (incl. social media, posts and news, comments on websites,
etc.), survey data, information to time, location, type, etc. of
communication, proof of identity, marginal data.
- Behaviour and
transaction data: e.g. in connection with the use of our
website and our online shop, your visit to our sites, participation in
events, events, contests and surveys, your use of electronic communication
channels, your use of our website and online shop, your use of our website
and online shop, your visit to our sites, your participation in events,
contests and surveys, and your use of electronic communication channels
- Technical data: e.g. IP-address,
device IDs, details of the devices and applications you use and their settings,
internet provider you use, usernames, passwords [as hash values],
information in connection with 2-factor authentication, log data, time
and, if applicable, approximate location in the context of the use of our
products and services.
- Marketing data: e.g.
Informationen on personal preferences and interets, subscriptions and
unsubscriptions to newsletters, content of marketing correspondence.
7. Origin of data
To a
large extent, we collect personal data directly from you as the data subject.
This includes in particular master data, contractual data, communication data
and marketing data. The collection of such personal data takes place in the
context of the initiation and processing of business relationships and the use
of our products and services. If you provide us with information about other
people (e.g. family members, business colleagues, employees), you must ensure
that you are authorized to do so and that the information is accurate. In
addition, the persons concerned must be made aware of this privacy policy in
advance.
We may
also collect personal data about you ourselves or automatically or derive it
from existing data.
This
includes, in particular, behavioral and transaction data as well as technical
data.
Finally,
we also collect personal data from third parties insofar as this is permitted
by law. Such third parties include, in particular, persons from your
environment, business partners, insurance companies, banks, authorities,
official bodies, courts, parties and their legal representatives in the context
of legal disputes, etc. We may also collect personal data from public sources
(e.g. credit agencies, social media).
8. Purposes of data processing
We
process the data collected in order to fulfill our legal and contractual
obligations towards you and third parties. This includes in particular the
initiation (including contact requests), administration and processing of
contractual relationships.
We also
process the data collected to ensure communication with you, to provide and
improve the products and services you have requested, to manage your use of and
access to our products and services, to maintain our business relationship with
you, to carry out advertising and marketing measures (insofar as we are
authorized to do so, e.g. by obtaining your consent), to monitor and improve
the performance of our offering, to enforce legal claims or to defend ourselves
against them, and to ensure the security of our products and services. to
recognize, prevent or clarify illegal activities, to ensure compliance with
laws and recommendations of domestic and foreign authorities as well as
internal regulations ("compliance") and risk management, to generally
guarantee our operations (in particular IT, website, etc.) and to ensure
administrative processes (e.g. data archiving, accounting, master data
maintenance, quality assurance).
9. Processing duration of personal data
We process your personal data for as long as we are
legally obliged to do so (e.g. retention and archiving obligations) or our
legitimate business interests require this (e.g. enforcement of or defense
against claims, ensuring IT security) or as long as the purpose of collecting
your data makes it necessary or the retention is technically required. In the
case of contracts, the data is generally stored for the duration of the
contractual relationship and the additional statutory retention periods
(usually 10 years).
This may mean that your personal data or extracts
thereof must be stored for several years after the end of the contractual
relationship between you and us. If your personal data is no longer required
for the above-mentioned purposes, it will be deleted or anonymized as far as
possible.
In certain cases, we may retain your personal data
for longer - based on your consent (e.g. job applications that we have
pending).
10. Disclosure of personal data to third parties
Where
legally permissible and necessary, we may also disclose certain personal data
to third parties as part of our business activities. These third parties
process your personal data either on our behalf (processors), in joint
responsibility with us or on their own responsibility. These include, among
others:
·
our service providers, such as banks, insurance
companies, IT providers, mail order companies, debt collection companies,
credit agencies, cleaning companies, advertising service providers, lawyers,
external consultants, trustees, etc.
·
Business partners, such as sales partners,
suppliers, etc.
·
Domestic and foreign authorities, official bodies
and courts
·
Other parties in the context of administrative and
court proceedings
·
Parties involved in corporate transactions (e.g.
purchase, sale or merger of companies, business divisions, etc.)
·
Other third parties who are necessary to achieve
the purpose of the respective data processing
Where
necessary, we have concluded corresponding order processing contracts with our
service providers. In these contracts, they undertake to comply with data
protection and data security regulations. Furthermore, they may only process
personal data in accordance with our instructions. They also grant us
comprehensive rights of inspection and control as well as rights of access,
rectification and erasure.
11. Disclosure of personal data abroad
As a
rule, we process and store personal data in Switzerland and the European
Economic Area (EEA). In certain cases, however, we may also disclose personal
data to service providers and recipients located outside this area or process
personal data outside this area, in principle in any country in the world. In
particular, you must expect personal data to be disclosed to all countries in
which the service providers we use and their subcontractors are located (in
particular the USA).
By
taking appropriate measures, we ensure compliance with the legal requirements.
Specifically, there is an adequacy decision by the competent authority. In the
absence of such a decision, the transfer of personal data takes place on the
basis of suitable guarantees (in particular standard contractual clauses
approved by the European Commission and the Federal Data Protection and
Information Commissioner [FDPIC]) or there are exceptions for certain
situations (contract processing, legal enforcement abroad, etc.) or we obtain
your express consent.
12. Data security
To
secure your data, we maintain technical and organizational security measures in
accordance with the current state of the art.
Our
website uses SSL or TLS encryption for security reasons and to protect the
transmission of confidential content, such as orders or inquiries that you send
to us as the site operator. You can recognize an encrypted connection by the
fact that the address line of the browser changes from "http://" to "https://"
and by the lock symbol in your browser line.
If SSL
or TLS encryption is activated, the data you transmit to us cannot be read by
third parties. However, we would like to point out that even encrypted data
transmission on the Internet always involves security risks. Complete
protection of data against access by third parties cannot be guaranteed.
13. Rights of data subjects
Insofar
as the requirements of the applicable data protection law are met and no
statutory exceptions apply, you have the following rights in connection with
the processing of your personal data:
·
to receive information free of charge upon request
as to whether and, if so, which personal data we process about you
·
to have incorrect or incomplete personal data
corrected
·
to restrict the processing of your personal data
·
to blocking of your personal data
·
to erasure or anonymization of your personal data
·
to data portability
·
to withdraw your consent to the processing of your
personal data with effect for the future
·
to object to the processing of your personal data.
Please
note that these rights may be restricted or excluded in specific individual
cases (e.g. to protect third parties or business secrets).
To
assert your rights as a data subject or if you have any questions about this
privacy policy and the processing procedures described therein, you can contact
the offices listed in sections 2 and 3 above.
If you
believe that your data has been processed unlawfully, we would be grateful if
you could contact us directly. Alternatively, you can lodge a complaint with
the supervisory authority responsible for you. The supervisory authority for
data protection in Switzerland is the Federal Data Protection and Information
Commissioner (FDPIC). In the EU, the complaint must be submitted to the
respective national data protection authority.
II. Supplementary
information in connection with selected data processing
14. Processing of personal data in the context of
the use of our website, our online store and the services offered on it
14.1. Hosting
To
operate our online store and our website, we use the online platform of the
service provider Shopify International Limited, Victoria Buildings, 2nd Floor,
1-2 Haddington Road, Dublin 4, D04 XN32, Ireland (hereinafter
"Shopify"), for the purpose of hosting and displaying the online
store. All data collected on our website is processed on Shopify's servers.
In
particular, the hosting provider stores master data, contract data,
communication data, behavioral data, transaction data and technical data that
are transmitted or automatically generated by you when you use our website or
place orders via our website.
As part
of the use of Shopify's services, Shopify may transfer data to the USA and
Canada. Canada has an adequacy decision in terms of data protection (from the
perspective of both Switzerland and the EU). If the disclosure of data to the
USA cannot be legitimized by an adequacy decision, such disclosure will be
secured by including the standard contractual clauses approved by the competent
authorities.
Further
information on Shopify's data protection can be found on the following website:
https://www.shopify.com/legal/privacy Within
the scope of the GDPR, the associated processing of your personal data is based
on our legitimate interest (Art. 6 para. 1 lit. f GDPR) in the provision of a user-friendly
and modern online store and an appealing website. The website and online store
must be coordinated with each other, which can be achieved with two-sided
hosting or operation via Spotify.
14.2. Logfiles
When you access our website, information of a
general nature is automatically collected by means of a cookie. This
information (server log files) includes, for example, the type of web browser,
the operating system used, the domain name of your Internet service provider
and similar information. This is exclusively information that does not allow
any conclusions to be drawn about your person.
This information is technically necessary in order
to correctly deliver the website content you have requested and is mandatory
when using the Internet. It is processed for the following purposes in
particular:
·
Ensuring a smooth connection to the website
·
Ensuring the smooth use of our website,
·
Evaluating system security and stability and
·
For other administrative purposes.
We do not use your data to draw conclusions about
your person. Recipients of the data are only the controller and, if applicable,
processors. Anonymous information of this kind may be statistically evaluated
by us in order to optimize our website and the technology behind it.
Within the scope of the GDPR, the associated
processing of your personal data is based on our legitimate interest (Art. 6
para. 1 lit. f GDPR) in accordance with the aforementioned purposes.
14.3.
Cookies
When you visit our website, we may store information on your computer in the form of cookies. Many cookies contain a so-called cookie ID. A cookie ID is a unique identifier of the cookie. It consists of a string of characters through which websites and servers can be assigned to the specific Internet browser in which the cookie was stored. This enables the websites and servers visited to distinguish the individual browser of the data subject from other Internet browsers that contain other cookies. A specific Internet browser can be recognized and identified via the unique cookie ID.
Through the use of session cookies, the controller can provide the users of this website with a user-friendly service that would not be possible without the setting of cookies. Without consent, we only use technically necessary cookies on the legal basis of legitimate interest in accordance with Art. 6 para. 1 lit. f GDPR.
We only use personal cookies to improve our website or for marketing/advertising purposes with your consent. On your first visit, you can voluntarily consent to tracking or analysis via the cookie banner that appears. Your data may be passed on to partners or third-party providers. These cookies are only stored if you explicitly consent to this; the legal basis is then your consent in accordance with Art. 6 para. 1 lit. a GDPR.
14.4. Tracking-Tools
Our website
uses Google Analytics, Google Maps, Google Fonts, Google Ads, Google
Remarketing and Google Tag Manager from Google Inc. For the European area, the
company Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland)
is responsible for all Google services (hereinafter "Google").
In
addition to the following explanations, you will find further information on
data protection at Google in the Google data protection declaration:
https://policies.google.com/privacy.
We have
concluded a data processing agreement with Google.
Within
the scope of the GDPR, this data is processed on the basis of our legitimate
interest (Art. 6 para. 1 lit. f GDPR) in an appealing website and in increasing
our reach or based on your consent (Art. 6 para. 1 lit. a GDPR). Consent can be
revoked at any time with effect for the future.
Google Analytics
We use
functions of the web analysis service Google Analytics on our website. Google
Analytics uses "cookies", which are text files placed on your
computer, to help the website analyze how users use the site (see section 14.3
above). The information generated by the cookie about your use of this website
is usually transmitted to a Google server in the USA and stored there. However,
due to the activation of IP anonymization on these websites, your IP address
will be shortened by Google beforehand within member states of the European
Union or in other contracting states of the Agreement on the European Economic
Area and Switzerland. Only in exceptional cases will the full IP address be
transmitted to a Google server in the USA and shortened there. Google will use
this information on behalf of the operator of this website for the purpose of
evaluating your use of the website, compiling reports on website activity and
providing other services relating to website activity and internet usage to the
website operator. The IP address transmitted by your browser as part of Google
Analytics will not be merged with other Google data.
The
purpose of data processing is to evaluate the use of the website and to compile
reports on website activity. Based on the use of the website and the Internet,
further associated services are then to be provided. The processing is based on
the legitimate interest of the website operator.
You may
refuse the use of cookies by selecting the appropriate settings on your
browser, however please note that if you do this you may not be able to use the
full functionality of this website. You can also prevent Google from collecting
the data generated by the cookie and relating to your use of the website
(including your IP address) and from processing this data by Google by
downloading and installing the browser plug-in available under the following
link: Browser Add On to deactivate Google Analytics.
In
addition or as an alternative to the browser add-on, you can prevent tracking
by Google Analytics on our pages by clicking on this link. This will install an
opt-out cookie on your device. This will prevent Google Analytics from
collecting data for this website and for this browser in the future as long as
the cookie remains installed in your browser.
You can
find more information on how Google Analytics handles user data in Google's
privacy policy: https://support.google.com/analytics/answer/6004245?hl=de.
Google Maps
We use
Google Maps on our website to display interactive maps and to provide
directions. When you access a web page on our website that has integrated
Google Maps, your browser establishes a connection with the Google servers. In addition,
Google Maps sets cookies (see above under section 14.2). By using Google Maps,
various information (e.g. IP address, addresses entered, date and time of the
website visit) can be transmitted to Google servers in the USA.
You can
find more information about data processing by Google here:
https://policies.google.com/privacy?hl=de. You can also change your personal
data protection settings there in the data protection center. Detailed
instructions on managing your own data in connection with Google products can
be found here.
General
information about Google Maps can be found at: https://www.google.com/maps/about/#!/.
Google Fonts
We do not use Google Fonts on our website for the
uniform display of fonts.
Google Ads
We use the advertising tool Google Ads and the
associated Google conversion tracking to advertise our website and services. If
you have reached our website via an ad placed by Google, a cookie will be set
on your computer. The cookie for conversion tracking is set when a user clicks
on an ad placed by Google. These cookies lose their validity after 30 days and
are not used for personal identification. If the user visits certain pages of
our website and the cookie has not yet expired, we and Google can recognize
that the user clicked on the ad and was redirected to this page. Each Google
Ads customer receives a different cookie. Cookies can therefore not be tracked
via the websites of Ads customers. The information collected using the
conversion cookie is used to generate conversion statistics for Ads customers
who have opted for conversion tracking. Customers are told the total number of
users who clicked on their ad and were redirected to a page with a conversion
tracking tag. However, they do not receive any information that can be used to
personally identify users.
If you do not wish to participate in tracking, you
can refuse the setting of a cookie required for this - for example, by setting
your browser to generally deactivate the automatic setting of cookies (see
section 14.3 above) or by setting your browser to block cookies from the domain
"googleleadservices.com".
Please note that you may not delete the opt-out
cookies as long as you do not wish measurement data to be recorded. If you have
deleted all your cookies in the browser, you must set the respective opt-out
cookie again.
Google Remarketing
We use
the Google Remarketing function on our website. This function is used to
present interest-based advertisements to website visitors within the Google
advertising network. A so-called "cookie" is stored in the browser of
the website visitor (see the above explanations under section 14.3), which
makes it possible to recognize the visitor when he or she visits websites that
belong to the Google advertising network. On these pages, the visitor can be
presented with advertisements that relate to content that the visitor has
previously accessed on websites that use Google's remarketing function.
According
to its own information, Google does not collect any personal data during this
process. However, if you do not wish to use Google's remarketing function, you
can deactivate it by making the appropriate settings at http://www.google.com/settings/ads. Alternatively, you can
deactivate the use of cookies for interest-based advertising via the
advertising network initiative by following the instructions at http://www.networkadvertising.org/managing/opt_out.asp.
Google Tag Manager
We use
Google Tag Manager to centrally integrate and manage website tags. Website tags
are code snippets from e.g. GoogleAds or Google Analytics, with which we can
track and trace activities on our website. Google Tag Manager allows us to
manage website tags efficiently and effectively. You can find more information
about Google Tag Manager at: https://tagmanager.google.com/.
14.5. Embedded YouTube-Videos
We embed
YouTube videos on some of our websites. The operator of these pages is Google
Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4,
Ireland.
We use
YouTube in extended data protection mode, which, according to YouTube, only
initiates the storage of user information when the video is played. However,
the transfer of data to YouTube partners is not necessarily excluded by the
extended data protection mode.
As soon
as you start a YouTube video on our website, a connection is established to the
YouTube servers (possibly also in the USA). In this context, YouTube learns
which of our pages you have visited. If you are logged into your YouTube
account, you also enable YouTube to assign your surfing behavior directly to
your personal profile. You can prevent this by logging out of your YouTube
account.
Furthermore,
after starting a video, YouTube can store various cookies on your end device or
use comparable recognition technologies (e.g. device fingerprinting) (see above
under section 14.3). In this way, YouTube can obtain information about you.
According to YouTube, this serves, among other things, to record video
statistics, improve user-friendliness and prevent abusive behavior.
If
necessary, further data processing operations may be triggered after the start
of a YouTube video, over which we have no influence.
We have
concluded an order processing contract with Google.
Further
information about data protection at YouTube can be found in their privacy
policy at: https://policies.google.com/privacy.
Within
the scope of the GDPR, this data is processed on the basis of our legitimate
interest (Art. 6 para. 1 lit. f GDPR) in an appealing website or based on your
consent (Art. 6 para. 1 lit. a GDPR). Consent can be revoked at any time with effect
for the future.
14.6. Registration on our website
When
registering for the use of our personalized services, some personal data is
collected, such as name, address, contact and communication data such as
telephone number and e-mail address. If you are registered with us, you can
access content and services that we only offer to registered users. Registered
users also have the option of changing or deleting the data provided during
registration at any time. Of course, we will also provide you with information
about the personal data we have stored about you at any time. We will also be
happy to correct or delete this data at your request, provided there are no
statutory retention obligations to the contrary. To contact us in this regard,
please use the contact details provided in sections 2 and 3 above.
Within
the scope of the GDPR, the associated processing of your personal data is
carried out either for the purpose of initiating and fulfilling a contract
(Art. 6 para. 1 lit. b GDPR) or based on our legitimate interest (Art. 6 para.
1 lit. f GDPR) in providing a user-friendly and modern online store and an
appealing website or based on your consent (Art. 6 para. 1 lit. a GDPR).
Consent can be withdrawn at any time with effect for the future.
14.7. Newsletter
On our
website, we offer you the opportunity to subscribe to our newsletter, which we
use to inform you about our services at regular intervals.
In order
to send you the newsletter, we need your e-mail address and information that
allows us to verify that you are the owner of the e-mail address provided and
that you agree to receive the newsletter. This data is used exclusively for
sending the newsletter.
We use
the so-called double opt-in procedure to register for the newsletter. After
registering, you will receive an e-mail in which we ask you to confirm your
registration. Subscriptions to the newsletter are logged.
This
includes storing the time of registration and confirmation as well as the IP
address. Any changes to your stored data are also logged.
You can
revoke your consent to the storage of your personal data and its use for
sending the newsletter at any time. There is a corresponding link in every
newsletter.
We use
the services of Klaviyo, Inc, 125 Summer Street, Floor 6, Boston, MA, 02110,
United States, to process, send and analyze the newsletter. You can find more
information about Klaviyo's privacy policy here: https://www.klaviyo.com/legal/privacy.
We have
concluded an order processing contract with Klaviyo.
Within
the scope of the GDPR, the associated processing of your personal data is based
on our legitimate interest (Art. 6 para. 1 lit. f GDPR) in providing
appropriate information to our existing customers or based on your consent
(Art. 6 para. 1 lit. a GDPR). Consent can be withdrawn at any time with effect
for the future.
14.8. Comments function
When
users leave comments on our website, the time of their creation and the user
name previously selected by the website visitor are stored in addition to this
information. This is for our security, as we can be prosecuted for illegal
content on our website, even if it was created by users.
Within
the scope of the GDPR, the associated processing of your personal data is based
on your consent (Art. 6 para. 1 lit. a
GDPR). Consent can be revoked at any time with effect for the future.
14.9. Contact form
If you
contact us with questions of any kind by e-mail or contact form, you give us
your voluntary consent for the purpose of contacting you. This requires you to
provide a valid e-mail address. This is used to assign the request and
subsequently answer it. The provision of further data is optional. The
information you provide will be stored for the purpose of processing the
request and for possible follow-up questions. Once your inquiry has been dealt
with, your associated personal data will be automatically deleted, unless there
is a justification for further storage.
Within the scope of the GDPR, the associated processing of your personal data is carried out either for the purpose of initiating and fulfilling a contract (Art. 6 para. 1 lit. b GDPR) or based on our legitimate interest (Art. 6 para. 1 lit. f GDPR) in processing the inquiries addressed to us or based on your consent (Art. 6 para. 1 lit. a GDPR). Consent can be revoked at any time with effect for the future.
15. Processing of personal data of applicants
We
accept applications by post, e-mail or contact form. If necessary, we also work
together with other external partners (e.g. job portals and recruitment
agencies). Please also note the data protection notices of these partners. This
includes Professional.ch in particular. The provider is Yousty AG,
Limmatstrasse 21, 8005 Zurich. You can find their privacy policy here:
https://www.professional.ch/datenschutz.
We treat
your data as strictly confidential. Your personal data will only be passed on
within our company to persons who are entrusted with processing your
application.
We
process the personal data sent to us as part of your application and the
personal data collected during the application process, insofar as this is
necessary for the decision on the conclusion and execution of an employment
contract. This includes
Master
data (surname, first name, address, contact details, date of birth, marital
status, etc.) - Information about your educational, professional and personal
qualifications - Information that we have collected as part of the application
process (e.g. as part of assessments) - Other information that you have sent to
us in connection with your application.
We
process your personal data in this regard for as long as this is necessary for
the decision on your application. They will be deleted a maximum of six months
after the end of the application process, unless longer storage is legally
required or permitted or you have not consented to longer storage.
If an
employment relationship is established following the application process, your
application documents will be transferred to your personnel file.
16. Processing of personal data in the context of interaction with our
social media channels
16.1. General
We
maintain the publicly accessible profiles in social networks listed below. You
will find linked graphics to the respective networks on our platform. By
clicking on a corresponding graphic, you will be forwarded to the selected
social network. After forwarding, the network collects and processes your
information in the following context.
When you
visit our profiles on the social networks, personal data about you may be
collected. For example, if you are logged into your social network accounts and
visit our profile at the same time, the portal operator may be able to assign
this visit to your user account. However, even if you have logged out of your
account or if you do not have an account with the respective portal, your
personal data may be collected. Such data can be collected, for example, by
setting cookies or web beacons. Based on the data collected in this way, the
portal operators can create user profiles and show you interest-based
advertising. Further information on this can be found in the respective data
protection declarations of the portal operators.
The
purpose and scope of the data collection and the further processing and use of
the data by the respective social network as well as your rights in this regard
and setting options to protect your privacy can be found in the relevant data
protection regulations of the respective social network.
Within
the scope of the GDPR, social networks are used in the interest of an appealing
presentation of our online offers, to increase our reach and to promote our
products and services. This is our legitimate interest within the meaning of
Art. 6 para. 1 lit. f GDPR. If a corresponding consent has been requested, the
processing is carried out on the basis of Art. 6 para. 1 lit. a GDPR. Consent
can be revoked at any time with effect for the future.
16.2. Facebook
We use
selected tools from Facebook (e.g. Facebook fan page, Meta Business Suite). The
provider of these tools is Meta Platforms Ireland Limited, 4 Grand Canal
Square, Grand Canal Harbour, Dublin 2 Ireland.
With the
help of these tools, we want to optimize the customer experience by only
showing our services and products to those people who are interested in them.
To this end, Facebook collects certain information about visitors to our
website and social media platforms. Based on this, we receive analyses
regarding the way our website, services and products are used.
You can
object to receiving advertising tailored to you via this link:
www.facebook.com/settings?tab=ads.
Facebook
and we are considered jointly responsible for certain data processing (e.g.
Facebook fan page, Page Insights, etc.). Where necessary, we have therefore
entered into appropriate agreements with Facebook to regulate the rights and
obligations of both parties as joint controllers (see
www.facebook.com/legal/terms/page_controller_addendum). Further information on
data protection at Facebook can be found here: https://www.facebook.com/policy.php.
16.3. Instagram
We use
functions of the Instagram service. The provider is Meta Platforms Ireland
Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Ireland. If you
have a user account with Instagram, you can interact with us via Instagram. As
part of this interaction, we process the personal data you provide. You can
find more information on data protection at Instagram here: https://instagram.com/about/legal/privacy/.
16.4. YouTube
We
maintain a profile on YouTube and can also use it to embed videos on our
website or our apps. The operator of the pages is Google Ireland Limited
("Google"), Gordon House, Barrow Street, Dublin 4, Ireland. Further
information on the use of YouTube can be found in section 14.5 above.
16.5. TikTok
We use
functions and services of the TikTok service. This also includes the TikTok
pixel tool for the purpose of conversion tracking for advertisers. The provider
is TikTok Technology Limited, 10 Earlsfort Terrace, Dublin, D02 T380, Ireland.
If you have a user account with TikTok, you can interact with us via TikTok. As
part of this interaction, we process the personal data you provide. TikTok
processes various visitor data (e.g. IP address, end device information,
advertising ID, usage behavior). The information collected may also be made available
to us in the form of statistical evaluations (e.g. number of profile views,
information on followers, information on our videos). Further information on
data protection at TikTok can be found here: https://www.tiktok.com/legal/page/eea/privacy-policy/de-DE.
16.6. LinkedIn
We
maintain a profile on LinkedIn. The provider is LinkedIn Ireland Unlimited
Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland. You can find more
information on how LinkedIn handles your personal data in their privacy policy:
https://www.linkedin.com/legal/privacy-policy. LinkedIn uses advertising
cookies. If you wish to deactivate them, please follow this link: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.
16.7. Google My Business
We use
Google My business from Google Ireland Limited, Gordon House, Barrow Street,
Dublin 4, Ireland ("Google"). When you visit and interact with our
Google My Business entry, Google also records your IP address and other
information that is collected in the form of cookies on your end device. This
information is collected for statistical purposes. The data collected about you
in this context is processed by Google and may also be transferred to the USA.
Further information can be found in the Google privacy policy: https://policies.google.com/privacy.