Data protection Finntent.com

 

Data protection statement www.finntent.com c/o ESKO.SWISS GmbH

Introduction:

Finntent.com is a brand of ESKO.SWISS GmbH, Industriestrasse 5, 8610 Uster, Schweiz. ESKO.SWISS GmbH is the operator of the web page www.finntent.com and the online shop www.finntent.com as well as the services offered on the web page. ESKO.SWISS GmbH is responsible for the collection, processing and use of your personal data and the compatibility of data processing with the applicable data protection law, with the Ordinance on the Federal Data Protection Act (VDSG), and the European Data Protection Act.

 

We’re pleased that you are interested in our company. ESKO.SWISS GmbH places a particularly high priority on protection of data. The use of our website and the online shop www.finntent.com is generally possible without the submission of personal data. However, if an individual wishes to use the services offered by our firm via our website, it may be necessary to process personal data. If the processing of personal data is necessary and no legal basis is provided for the said processing, we will generally request the approval of the data subject.

The processing of personal data such as the name, address, email address or telephone number of the data subject is carried out in accordance with the statutory data protection provisions and with the country-specific data protection data protection provisions that govern ESKO.SWISS GmbH. Our firm wishes to inform the public by means of this data protection declaration about the nature, scope and purpose of the personal data that we record, use and process. The data subjects will also be informed about their rights by means of this data protection declaration.

As the data controller, Finntent.com c/o ESKO.SWISS GmbH has implemented various technical and organizational measures in order to guarantee complete protection of the personal data processed via this Website as far as possible. However, Internet based data transfers may present security flaws, which means that absolute protection cannot be guaranteed. Therefore, each data subject will have the right to transmit personal data to us by alternative means, for example by telephone under the number +41 (0)44 942 44 00.

  • Definitions

The data protection declaration of the website www.finntent.com is based on the terms used by the Swiss and European legislators for the adoption of the General Data Protection Regulation (GDPR) and the Federal Data Protection Act of the Swiss Confederation. Our data protection declaration is intended to be clear and easy to understand both for the public and for our customers and business partners. In order to guarantee this, we would like to explain the concepts used at the outset.

We use the following concepts among others in this data protection declaration:

  1. a) Personal data
    Personal data is all information which relates to an identified or identifiable individual (referred to hereinafter as the “data subject”). An individual is considered to be identifiable if they can be identified directly or indirectly, in particular by means of association with identifying information such as a name, a reference number, location data, an on-line reference or one or more specific characteristics which express the physical, physiological, genetic, psychological, economic, cultural or social identity of this individual.
  2. b) Data subject
    A data subject is any identified or identifiable individual whose personal data is processed by the responsible party.
  3. c) Processing
    Processing is any procedure carried out with or without the help of automated processes or any such series of procedures relating to personal data such as collection, recording, organization, ordering, storing, adaptation, amendment, reading, retrieval, use, disclosure by means of transmission, circulation or any other form of provision, comparison, linking, limitation, deletion or destruction.
  4. d) Limitation of processing
    The limitation of processing is the marking of saved personal data with the aim of limiting its processing in the future.
  5. e) Profiling
    Profiling is any kind of automated processing of personal data which consists of this personal data being used to evaluate specific personal aspects concerning an individual, and in particular to analyze or predict aspects relating to the work performance, economic situation, health, personal preferences, interests, reliability, behavior, residence or relocation of this individual.
  6. f) Pseudonymization
    Pseudonymization is the processing of personal data in such a way that the personal data can no longer be associated with a specific individual without additional information, insofar as this additional information is kept separately and is subject to technical and organizational measures which guarantee that the personal data cannot be associated with an identified or identifiable individual.
  7. g) Data controller
    The data controller is a natural or legal entity, authority, facility or other body which makes decisions concerning the processing of personal data either independently or in cooperation with other parties. 
  8. h) Processor
    The processor is a natural or legal entity, authority, facility or other body which processes personal data on behalf of the data controller.
  9. i) Recipient
    A recipient is a natural or legal entity, authority, facility or other body which has been provided with personal data which may or may not be a third party. 
  10. j) Third party
    A third party is a natural or legal entity, authority, facility or other body apart from the data subject, the data controller, the processor and individuals authorized under the direct responsibility of the data controller or processor to process personal data.
  11. k) Consent
    Consent is any statement of intent provided on a voluntary basis by the data subject for the specific case involved in an informed, unambiguous manner in the form of a declaration or other clear, affirmative act whereby the data subject states that they agree to the processing of their personal data.
  12. Name and address of the data controller (responsible entity) 

The data controller (responsible entity) in the context of Swiss federal law governing data protection and the General Data Protection Regulation, other data protection laws applicable in the member states of the European Union and other provisions with of a data protection character is the:

ESKO.SWISS GmbH, Industriestrasse 5, 8610 Uster Schweiz.

Tel: +41 (0)44 942 44 00
E-Mail: info@finntent.com
Website: www.finntent.com

 

  1. Cookies
    Cookie policy – www.finntent.com

Cookies consist of portions of code installed in the browser that assist the Owner in providing the Service according to the purposes described. Some of the purposes for which Cookies are installed may also require the User’s consent.

Where the installation of Cookies is based on consent, such consent can be freely withdrawn at any time following the instructions provided in this document.

Technical Cookies and Cookies serving aggregated statistical purposes

Activity strictly necessary for the functioning of the Service

This Application uses Cookies to save the User’s session and to carry out other activities that are strictly necessary for the operation of this Application, for example in relation to the distribution of traffic.

Activity regarding the saving of preferences, optimization, and statistics

This Application uses Cookies to save browsing preferences and to optimize the User’s browsing experience. Among these Cookies are, for example, those used for the setting of language and currency preferences or for the management of first party statistics employed directly by the Owner of the site.

Other types of Cookies or third parties that install cookies

Some of the services listed below collect statistics in an anonymized and aggregated form and may not require the consent of the User or may be managed directly by the Owner – depending on how they are described – without the help of third parties.

If any third party operated services are listed among the tools below, these may be used to track Users’ browsing habits – in addition to the information specified herein and without the Owner’s knowledge. Please refer to the privacy policy of the listed services for detailed information.

Analytics

The services contained in this section enable the Owner to monitor and analyze web traffic and can be used to keep track of User behavior.

FACEBOOK ADS CONVERSION-TRACKING (FACEBOOK, INC.)

Facebook Ads conversion tracking is an analytics service provided by Facebook, Inc. that connects data from the Facebook advertising network with actions performed on this Website.

Personal Data processed: Cookies; Usage Data.
Place of processing: United States – Privacy Policy – Opt Out. Privacy Shield participant.

GOOGLE ANALYTICS (GOOGLE INC.)

Google Analytics is a web analysis service provided by Google Inc. (“Google”). Google utilizes the Data collected to track and examine the use of this Website, to prepare reports on its activities and share them with other Google services.
Google may use the Data collected to contextualize and personalize the ads of its own advertising network.

Personal Data processed: Cookies; Usage Data.
Place of processing: United States – Privacy Policy – Opt Out. Privacy Shield participant.

GOOGLE ANALYTICS WITH IP ANONYMIZATION (GOOGLE INC.)

Google Analytics is a web analysis service provided by Google Inc. (“Google”). Google utilizes the Data collected to track and examine the use of this Application, to prepare reports on its activities and share them with other Google services.
Google may use the Data collected to contextualize and personalize the ads of its own advertising network.
This integration of Google Analytics anonymizes your IP address. It works by shortening Users’ IP addresses within member states of the European Union or in other contracting states to the Agreement on the European Economic Area. Only in exceptional cases will the complete IP address be sent to a Google server and shortened within the US.

Personal Data processed: Cookies; Usage Data.
Place of processing: United States – Privacy Policy – Opt Out. Privacy Shield participant.

  • REMARKETING AND BEHAVIOURAL TARGETING

This type of service allows this Website and its partners to inform, optimize and serve advertising based on past use of this Website by the User.
This activity is performed by tracking Usage Data and by using Cookies, information that is transferred to the partners that manage the remarketing and behavioral targeting activity. 

In addition to any opt out offered by any of the services below, the User may opt out of a third-party service’s use of cookies by visiting the Network Advertising Initiative opt-out page.

FACEBOOK CUSTOM AUDIENCE (FACEBOOK, INC.)

Facebook Custom Audience is a remarketing and behavioral targeting service provided by Facebook, Inc. that connects the activity of this Website with the Facebook advertising network.

Personal Data processed: Cookies; Usage Data.
Place of processing: United States – Privacy Policy – Opt Out. Privacy Shield participant.

FACEBOOK REMARKETING (FACEBOOK, INC.)

Facebook Remarketing is a remarketing and behavioral targeting service provided by Facebook, Inc. that connects the activity of this Website with the Facebook advertising network.

Personal Data processed: Cookies; Usage Data.
Place of processing: United States – Privacy Policy – Opt Out. Privacy Shield participant.

TWITTER REMARKETING (TWITTER, INC.)

Twitter Remarketing is a remarketing and behavioral targeting service provided by Twitter, Inc. that connects the activity of this Website with the Twitter advertising network.

Personal Data processed: Cookies; Usage Data.
Place of processing: United States – Privacy Policy – Opt Out. Privacy Shield participant.

LINKEDIN WEBSITE RETARGETING (LINKEDIN CORPORATION)

Linkedin Website Retargeting is a remarketing and behavioural targeting service provided by Linkedin Corporation that links  the activity of this website with the advertising network Linkedin.

Personal Data processed: Cookies; Usage Data.
Place of processing: United States – Privacy Policy – Opt Out. Privacy Shield participant.

ADWORDS REMARKETING (GOOGLE INC.)

Google AdWords conversion tracking is an analytics service provided by Google Inc. that connects data from the Google AdWords advertising network with actions performed on this Website.

Personal Data processed: Cookies; Usage Data.
Place of processing: United States – Privacy Policy – Opt Out. Privacy Shield participant.

REMARKETING WITH GOOGLE ANALYTICS FOR DISPLAY ADVERTISEMENTS (GOOGLE INC.)

Google Analytics für Anbieter von Display-Werbung is a remarketing and behavioral targeting service provided by Google LLC that connects the tracking activity performed by Google Analytics and its Cookies with the Google Ads advertising network and the Doubleclick Cookie.

Personal Data processed: Cookies; Usage Data.
Place of processing: United States – Privacy Policy – Opt Out. Privacy Shield participant.

TAG MANAGEMENT

This type of service helps the Owner to manage the tags or scripts needed on this Application in a centralized fashion.
This results in the Users’ Data flowing through these services, potentially resulting in the retention of this Data. 

GOOGLE TAG MANAGER (GOOGLE LLC)

Google Tag Manager is a service from Google LLC for the management of tags.

Personal Data processed: Cookies; Usage Data.
Place of processing: United States – Privacy Policy – Opt Out. Privacy Shield participant.

HOW CAN I GIVE CONSENT TO OR WITHDRAW MY CONSENT FROM THE INSTALLATION OF COOKIES?

 

In addition to what is specified in this document, the User can manage preferences for Cookies directly from within their own browser and prevent – for example – third parties from installing Cookies.
Through browser preferences, it is also possible to delete Cookies installed in the past, including the Cookies that may have saved the initial consent for the installation of Cookies by this website.
Users can, for example, find information about how to manage Cookies in the most commonly used browsers at the following addresses: Google Chrome, Mozilla Firefox, Apple Safari and Microsoft Internet Explorer.

With regard to Cookies installed by third parties, Users can manage their preferences and withdrawal of their consent by clicking the related opt-out link (if provided), by using the means provided in the third party’s privacy policy, or by contacting the third party.

Notwithstanding the above, the Owner informs that Users may follow the instructions provided on the subsequently linked initiatives by the EDAA (EU), the Network Advertising Initiative (US) and the Digital Advertising Alliance (US), DAAC (Canada), DDAI (Japan) or other similar services. Such initiatives allow Users to select their tracking preferences for most of the advertising tools. The Owner thus recommends that Users make use of these resources in addition to the information provided in this document.

Since the installation of third-party Cookies and other tracking systems through the services used within this website cannot be technically controlled by the Owner, any specific references to Cookies and tracking systems installed by third parties are to be considered indicative. In order to obtain complete information, the User is kindly requested to consult the privacy policy for the respective third-party services listed in this document.

Given the objective complexity surrounding the identification of technologies based on Cookies, Users are encouraged to contact the Owner should they wish to receive any further information on the use of Cookies by this website.

OWNER AND DATA CONTROLLER

Finntent.com c/o ESKO.SWISS GmbH, Industriestrasse 5, 8610 Uster, Schweiz

E-Mail address of owner: info@finntent.com

Definitions and legal references

PERSONAL DATA (USER DATA)

Any information that directly, indirectly, or in connection with other information — including a personal identification number — allows for the identification or identifiability of a natural person.

USAGE DATA

Information collected automatically through this website (or third-party services employed in this website), which can include: the IP addresses or domain names of the computers utilized by the Users who use this website, the URI addresses (Uniform Resource Identifier), the time of the request, the method utilized to submit the request to the server, the size of the file received in response, the numerical code indicating the status of the server’s answer (successful outcome, error, etc.), the country of origin, the features of the browser and the operating system utilized by the User, the various time details per visit (e.g., the time spent on each page within the Application) and the details about the path followed within the Application with special reference to the sequence of pages visited, and other parameters about the device operating system and/or the User’s IT environment.

USER

The individual using this website who, unless otherwise specified, coincides with the Data Subject.

DATA SUBJECT

The natural person to whom the Personal Data refers.

PROCESSOR (OR DATA PROCESSOR)

Natural or legal person, public authority, agency or other body that processes personal data on behalf of the person responsible, as described in this data protection declaration.

 

RESPONSIBLE PARTY (OR PROVIDER, SOMETIMES ALSO OWNER)

The natural or legal person, public authority, agency or other body which alone or jointly with others determines the purposes and means of the processing of personal data and the means used for that purpose, including the security measures relating to the operation and use of this application. Unless otherwise specified, the controller is the natural or legal person through whom this application is offered.

THIS APPLICATION

The hardware or software tool with which the personal data of the user is collected and processed.

SERVICE

The service provided by this Application as described in the relative terms (if available) and on this site/application.

SWITZERLAND OR EUROPEAN UNION (CH OR EU)

Unless otherwise stated, all references in this Privacy Policy to the Swiss Confederation and to the European Union and to all current Member States of the European Union and the European Economic Area (EEA) are to the Swiss Confederation and to the European Union. 

COOKIE

Cookies are Trackers consisting of small sets of data stored in the User’s browser.

LEGAL NOTICE

This privacy statement has been prepared based on provisions of multiple legislations, including the Decree of the Federal Law governing Data Protection, including Art. 13/14 of Regulation (EU) 2016/679 (General Data Protection Regulation).

This privacy policy relates solely to this Application, if not stated otherwise within this document.

Last update: 22.02.2023

  1. COLLECTION OF GENERAL DATA AND INFORMATION

The web page www.finntent.com collects a series of general data and information when a data subject or automated system calls up the website. This general data and information are stored in the server log files. Collected may be (1) the browser types and versions used, (2) the operating system used by the accessing system, (3) the website from which an accessing system reaches our website (so-called referrers), (4) the sub-websites, (5) the date and time of access to the Internet site, (6) an Internet protocol address (IP address), (7) the Internet service provider of the accessing system, and (8) any other similar data and information that may be used in the event of attacks on our information technology systems.

When using these general data and information, the www.finntent.com does not draw any conclusions about the data subject. Rather, this information is needed to (1) deliver the content of our website correctly, (2) optimize the content of our website as well as its advertisement, (3) ensure the long-term viability of our information technology systems and website technology, and (4) provide law enforcement authorities with the information necessary for criminal prosecution in case of a cyber-attack. Therefore, ESKO.SWISS GmbH analyzes anonymously collected data and information statistically, with the aim of increasing the data protection and data security of our enterprise, and to ensure an optimal level of protection for the personal data we process. The anonymous data of the server log files are stored separately from all personal data provided by a data subject.

  1. RESERVATIONS/BOOKINGS/INQUIRIES VIA OUR WEBPAGE, BY CORRESPONDENCE OR BY TELEPHONE CALL

If you make bookings either via our website, by correspondence (e-mail or letter post) or by telephone call, we require the following data to process the contract:

  • First and last name
  • postal address
  • Your telephone number
  • language
  • credit card information
  • E-mail address

We will only use this data and other information voluntarily provided by you (height, weight, date of birth, etc.) to process the contract, unless otherwise stated in this data protection declaration or you have given your separate consent. We will process the data by name in order to record your booking as requested, to provide the booked services, to contact you in the event of any uncertainties or problems and to ensure correct payment.

The legal basis for data processing for this purpose is the fulfilment of a contract in accordance with Art. 6 para. 1 lit. b DSGVO and Art. 28-28l Civil Code of the Swiss Confederation.

Data processing for the fulfilment of legal reporting obligations

If you buy or rent goods from ESKO.SWISS GmbH, we may need the following information from you:

  • First and last name
  • postal address
  • telephone number
  • language
  • credit card information
  • E-mail Address
  • Rental period 
  • Height, weight, date of birth and shoe size
  • Official identification card and number

We collect this information to comply with legal reporting requirements. Insofar as we are obliged to do so under the applicable regulations, we forward this information to the competent police authority.

Our legitimate interest within the meaning of Art. 6 para. 1 lit. f DSGVO and the Ordinance to the Federal Act on Data Protection of the Swiss Confederation (VDSG) lies in the fulfilment of the legal requirements.

STORAGE AND EXCHANGE OF DATA WITH THIRD PARTIES

We store the data provided (figure or paragraph) in a central electronic data processing system (ERP). In this process, the data in question is systematically recorded and linked for the purpose of processing your bookings and handling contractual services. We base the processing of this data within the framework of the software on our legitimate interest within the meaning of Art. 6 Para. 1 lit. f DSGVO and on the Federal Data Protection Act of the Swiss Confederation. The webpage www.finntent.com is hosted in Switzerland on Swiss servers.

RETENTION PERIOD

We only store personal data for as long as is necessary to use the tracking services mentioned above as well as further processing within the scope of our legitimate interest. Contractual data will be retained by us for longer as required by legal retention obligations. Retention obligations that require us to retain data result from regulations on registration law, on accounting and from tax law. According to these regulations, business communication, concluded contracts and accounting vouchers must be kept for up to 10 years in accordance with the Code of Obligations of the Swiss Confederation. As far as we no longer need this data to perform the services for you, the data will be blocked. This means that the data may then only be used for accounting and tax purposes.

DISCLOSURE TO THIRD PARTIES

Finally, if you make a credit card payment on the website, we will pass on your credit card information to your credit card issuer and to the credit card acquirer. If you choose to pay by credit card, you will be asked to provide all mandatory information. The legal basis for passing on the data is the fulfilment of a contract in accordance with Art. 6 Para. 1 lit. b DSGVO and the Swiss Code of Obligations. Regarding the processing of your credit card information by these third parties, we ask you to also read the general terms and conditions as well as the privacy policy of your credit card issuer.

  1. SUBSCRIBING TO OUR NEWSLETTERS

On the website of www.finntent.com, users are given the opportunity to subscribe to our enterprise’s newsletter. The input mask used for this purpose determines what personal data are transmitted, as well as when the newsletter is ordered from the controller.

ESKO.SWISS GmbH informs its customers and business partners regularly by means of a newsletter about enterprise offers. The enterprise’s newsletter may only be received by the data subject if (1) the data subject has a valid e-mail address and (2) the data subject registers for the newsletter shipping. A confirmation e-mail will be sent to the e-mail address registered by a data subject for the first time for newsletter shipping, for legal reasons, in the double opt-in procedure. This confirmation e-mail is used to prove whether the owner of the e-mail address as the data subject is authorized to receive the newsletter.

During the registration for the newsletter, we also store the IP address of the computer system assigned by the Internet service provider (ISP) and used by the data subject at the time of the registration, as well as the date and time of the registration. The collection of this data is necessary in order to understand the (possible) misuse of the e-mail address of a data subject at a later date, and it therefore serves the aim of the legal protection of the controller.

The personal data collected as part of a registration for the newsletter will only be used to send our newsletter. In addition, subscribers to the newsletter may be informed by e-mail, as long as this is necessary for the operation of the newsletter service or a registration in question, as this could be the case in the event of modifications to the newsletter offer, or in the event of a change in technical circumstances. There will be no transfer of personal data collected by the newsletter service to third parties. The subscription to our newsletter may be terminated by the data subject at any time. The consent to the storage of personal data, which the data subject has given for shipping the newsletter, may be revoked at any time. For the purpose of revocation of consent, a corresponding link is found in each newsletter. It is also possible to unsubscribe from the newsletter at any time directly on the website of the controller, or to communicate this to the controller in a different way.

  1. NEWSLETTER TRACKING

The newsletter of www.finntent.com contains so-called tracking pixels. A tracking pixel is a miniature graphic embedded in such e-mails, which are sent in HTML format to enable log file recording and analysis. This allows a statistical analysis of the success or failure of online marketing campaigns. Based on the embedded tracking pixel, the ESKO.SWISS GmbH may see if and when an e-mail was opened by a data subject, and which links in the e-mail were called up by data subjects.

Such personal data collected in the tracking pixels contained in the newsletters are stored and analyzed by the controller in order to optimize the shipping of the newsletter, as well as to adapt the content of future newsletters even better to the interests of the data subject. These personal data will not be passed on to third parties. Data subjects are at any time entitled to revoke the respective separate declaration of consent issued by means of the double-opt-in procedure. After a revocation, these personal data will be deleted by the controller. www.finntent.com c/o ESKO.SWISS GmbH automatically regards a withdrawal from the receipt of the newsletter as a revocation.

  1. CONTACT POSSIBILITY VIA OUR INTERNET PAGE

The website of www.finntent.com contains information that enables a quick electronic contact to our enterprise, as well as direct communication with us, which also includes a general address of the so-called electronic mail (e-mail address). If a data subject contacts the controller by e-mail or via a contact form, the personal data transmitted by the data subject are automatically stored. Such personal data transmitted on a voluntary basis by a data subject to the data controller are stored for the purpose of processing or contacting the data subject. There is no transfer of this personal data to third parties.

  1. ROUTINE ERASURE AND BLOCKING OF PERSONAL DATA

The data controller shall process and store the personal data of the data subject only for the period necessary to achieve the purpose of storage, or as far as this is granted by the European legislature or other legislatures in laws or regulations to which the controller is subject to.

If the storage purpose is not applicable, or if a storage period prescribed by the European legislature  or another competent legislature  expires, the personal data are routinely blocked or erased in accordance with legal requirements.

  1. RIGHTS OF THE DATA SUBJECT
  2. a) Right to confirmation

Every data subject has the right, granted by the Swiss Confederation and by the European Directives and Regulations, to obtain confirmation from the controller as to whether personal data concerning him or her are being processed. If a data subject wishes to exercise this right of confirmation, he or she may, at any time, contact any employee of the controller.

  1. b) Right of access

Any person affected by the processing of personal data has the right granted by Swiss law and by the European Directives and Regulations to obtain at any time from the controller, free of charge, information about the personal data stored about him or her and a copy of that information. Furthermore, Swiss law and the European Directives and Regulations have granted the data subject access to the following information:

 

  • the purposes of the processing
  • the categories of personal data processed
  • the recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular in the case of recipients in third countries or international organisations
  • if possible, the planned duration for which the personal data will be stored or, if this is not possible, the criteria for determining this duration
  • the existence of the right to obtain the rectification or erasure of personal data concerning him or her, or the restriction of processing by the controller, or the right to object to such processing
  • the existence of a right of appeal to a supervisory authority
  • if the personal data are not collected from the data subject: Any available information on the origin of the data
  • the existence of automated decision-making, including profiling, pursuant to Article 22(1) and (4) of the GDPR and – at least in these cases – meaningful information about the logic involved and the scope and intended effects of such processing for the data subject.

Furthermore, the data subject shall have the right to obtain information as to whether personal data have been transferred to a third country or to an international organisation. If this is the case, the data subject shall also have the right to obtain information on the appropriate safeguards in relation to the transfer.

If a data subject wishes to exercise this right of access, he or she may contact an employee of the controller at any time.

  1. c) Right of rectification

Any person affected by the processing of personal data has the right granted by the European Directive and Regulation to request the immediate rectification of any inaccurate personal data concerning him or her. Furthermore, the data subject has the right to request the completion of incomplete personal data, including by means of a supplementary declaration, taking into account the purposes of the processing.

If a data subject wishes to exercise this right of rectification, he or she may, at any time, contact any employee of the controller.

  1. d) Right of erasure (“Right to be forgotten”)

Any person concerned by the processing of personal data has the right, granted by the Swiss Confederation and European Directives and Regulations, to obtain from the controller the erasure without delay of personal data concerning him or her, where one of the following reasons applies and to the extent that processing is no longer necessary:

  • The personal data were collected or otherwise processed for such purposes for which they are no longer necessary.
  • The data subject withdraws his/her consent on which the processing was based pursuant to Art. 6(1)(a) DS-GVO or Art. 9(2)(a) DS-GVO and there is no other legal basis for the processing.
  • The data subject objects to the processing pursuant to Art. 21(1) DS-GVO and there are no overriding legitimate grounds for the processing, or the data subject objects to the processing pursuant to Art. 21(2) DS-GVO. The personal data have been processed unlawfully.
  • The erasure of the personal data is necessary for compliance with a legal obligation under the Federal Data Protection Act of the Swiss Confederation and Union law or the law of the Member States to which the controller is subject.
  • The personal data was collected in relation to information society services offered pursuant to Article 8(1) DS-GVO.

If one of the aforementioned reasons applies, and a data subject wishes to arrange for the deletion of personal data stored by ESKO.SWISS GmbH and its enterprises and brands, he or she may, at any time, contact any employee of the controller. The employee of ESKO.SWISS GmbH will arrange for the erasure request to be complied with immediately.

If the personal data has been made public by the ESKO.SWISS GmbH, and our company as the controller is obliged to delete the personal data pursuant to Art. 17 Para. 1 DS-GVO, ESKO. SWISS GmbH shall implement reasonable measures, including technical measures, taking into account the available technology and the costs of implementation, in order to inform other data controllers which process the published personal data that the data subject has requested from those other data controllers to erase all links to or copies or replications of the personal data, unless the processing is necessary. The employee of ESKO.SWISS GmbH will arrange the necessary in individual cases.

  1. e) Right to restriction of processing

Any person affected by the processing of personal data has the right, granted by the Federal Act on Data Protection of the Swiss Confederation and by the European Directives and Regulations, to obtain from the controller the restriction of processing if one of the following conditions is met:

  • the accuracy of the personal data is contested by the data subject for a period enabling the controller to verify the accuracy of the personal data.
  • The processing is unlawful, the data subject objects to the erasure of the personal data and requests instead the restriction of the use of the personal data.
  • The controller no longer needs the personal data for the purposes of the processing, but the data subject needs it for the assertion, exercise or defence of legal claims.
  • The data subject has objected to the processing pursuant to Article 21(1) of the GDPR and it is not yet clear whether the legitimate grounds of the controller override those of the data subject.

If one of the aforementioned conditions is met, and a data subject wishes to request the restriction of personal data stored by ESKO.SWISS GmbH, he or she may, at any time, contact any employee of the controller. The employee of ESKO.SWISS GmbH will arrange the restriction of the processing.

  1. f) Right to data portability

Every person affected by the processing of personal data has the right granted by the European Directive and Regulation to receive the personal data concerning him or her which has been provided by the data subject to a controller in a structured, commonly used and machine-readable format. The data subject shall also have the right to transmit such data to another controller without hindrance from the controller to whom the personal data were provided, provided that the processing is based on consent pursuant to Article 6(1)(a) of the GDPR or Article 9(2)(a) of the GDPR or on a contract pursuant to Article 9(2)(a) of the GDPR. Federal Act on Data Protection of the Swiss Confederation.

6(1)(b) of the GDPR and the processing is carried out with the aid of automated procedures, unless the processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller pursuant to the Federal Act on Data Protection of the Swiss Confederation.

Furthermore, when exercising the right to data portability in accordance with the Federal Act on Data Protection of the Swiss Confederation and Article 20(1) of the GDPR, the data subject has the right to have the personal data transferred directly from one controller to another controller, insofar as this is technically feasible and provided that this does not adversely affect the rights and freedoms of other persons.

In order to assert the right to data portability, the data subject may at any time contact any employee of the ESKO.SWISS GmbH.

  1. g) Right to object

Any data subject concerned by the processing of personal data has the right, granted by the European Directives and Regulations, to object at any time, on grounds relating to his or her particular situation, to processing of personal data concerning him or her carried out on the basis of Article 6(1)(e) or (f) of the DS-GVO. This also applies to profiling based on these provisions.

ESKO.SWISS GmbH shall no longer process the personal data in the event of the objection, unless we can demonstrate compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject, or for the assertion, exercise or defence of legal claims.

If ESKO.SWISS GmbH processes personal data for direct marketing purposes, the data subject shall have the right to object at any time to processing of personal data processed for such marketing. This also applies to the profiling, insofar as it is related to such direct marketing. If the data subject objects to ESKO.SWISS GMBH to the processing for direct marketing purposes, ESKO.SWISS GMBH will no longer process the personal data for these purposes.

In addition, the data subject has the right, on grounds relating to his or her particular situation, to object to processing of personal data concerning him or her which is carried out by ESKO.SWISS GMBH for scientific or historical research purposes, or for statistical purposes pursuant to Article 89(1) of the Data Protection Regulation (DS-GVO), unless such processing is necessary for the performance of a task carried out in the public interest.

In order to exercise the right to object, the data subject may directly contact any employee of ESKO.SWISS GmbH. The data subject is also free to exercise his/her right to object in connection with the use of information society services, notwithstanding Directive 2002/58/EC, by means of automated procedures using technical specifications.

  1. h) Automated decisions in individual cases including profiling

Any person concerned by the processing of personal data shall have the right, granted by the European Parliament and the Council, not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning him or her or similarly significantly affects him or her, unless the decision (1) is necessary for entering into, or the performance of, a contract between the data subject and the controller, or (2) is authorised by Union or Member State law to which the controller is subject, and that law provides for adequate measures to safeguard the data subject’s rights and freedoms and legitimate interests of the data subject, or (3) it is made with the explicit consent of the data subject.

If the decision (1) is necessary for entering into, or the performance of, a contract between the data subject and the data controller, or (2) it is made with the data subject’s explicit consent, ESKO.SWISS GmbH shall implement suitable measures to safeguard the data subject’s rights and freedoms and legitimate interests, which include at least the right to obtain the intervention of a data subject on the part of the controller, to express his or her point of view and to contest the decision.

If the data subject wishes to exercise the rights concerning automated decisions, he or she may, at any time, contact any employee of the controller.

  1. i) Right to withdraw consent under data protection law

Every person affected by the processing of personal data has the right granted by the European Directive and Regulation to withdraw consent to the processing of personal data at any time.

If the data subject wishes to exercise the right to withdraw consent, he or she may, at any time, contact any employee of the controller.

  1. DATA PROTECTION IN APPLICATIONS AND THE APPLICATION PROCEDURE

The controller collects and processes the personal data of applicants for the purpose of managing the application procedure. The processing may also be carried out by electronic means. This is in particular the case when an applicant submits relevant application documents to the controller by electronic means, for example by e-mail or via a web form located on the website. If the controller concludes an employment contract with an applicant, the transmitted data will be stored for the purpose of processing the employment relationship in compliance with the statutory provisions. If the controller does not conclude an employment contract with the applicant, the application documents are automatically deleted two months after the notification of the rejection decision, provided that no other legitimate interests of the controller conflict with such deletion. Other legitimate interest in this sense is, for example, a duty to provide evidence in proceedings under the General Equal Treatment Act (AGG).

  1. DATA PROTECTION CONDITIONS FOR APPLICATION AND USE OF FACEBOOK

On our website, we have integrated components of Facebook. Facebook is a social network. A social network is a place for social meetings on the internet, an online community, which usually allows users to communicate with each other and interact in a virtual space. A social network may serve as a platform for the exchange of opinions and experiences, or enable the internet community to provide personal or business-related information. Facebook allows social network users to include the creation of private profiles, upload photos, and network through friend requests.

The operating company of Facebook is Facebook, Inc., 1 Hacker Way, Menlo Park, CA 94025, United States. If a person lives outside of the United States or Canada, the controller is Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

With each call-up to one of the individual pages of our website, which is operated by us and into which a Facebook component (Facebook plug-ins) was integrated, the internet browser on the information technology system of the data subject is automatically prompted to download display of the corresponding Facebook component from Facebook through the Facebook component. An overview of all the Facebook Plug-ins may be accessed under https://developers.facebook.com/docs/plugins/. During the course of this technical procedure, Facebook is made aware of what specific sub-site of our website was visited by the you.

If you are logged in at the same time on Facebook, Facebook detects with every call-up to our website by you — and for the entire duration of their stay on our website — which specific sub-site of our website was visited by you. This information is collected through the Facebook component and associated with the respective Facebook account of the data subject. If you click on one of the Facebook buttons integrated into our website, e.g. the “Like” button, or if you submit a comment, then Facebook matches this information with the personal Facebook user account of the data subject and stores the personal data.

Facebook always receives, through the Facebook component, information about a visit to our website by you, whenever you are logged in at the same time on Facebook during the time of the call-up to our website. This occurs regardless of whether you click on the Facebook component or not. If such a transmission of information to Facebook is not desirable for you, then you may prevent this by logging off from your Facebook account before a call-up to our website is made.

The data protection guideline published by Facebook, which is available at https://facebook.com/about/privacy/, provides information about the collection, processing and use of personal data by Facebook. In addition, it is explained there what setting options Facebook offers to protect the privacy of the data subject. In addition, different configuration options are made available to allow the elimination of data transmission to Facebook. These applications may be used by you to eliminate a data transmission to Facebook.

  1. DATA PROTECTION CONDITIONS FOR APPLICATION AND USE OF GOOGLE ANALYTICS (WITH ANONYMIZER FUNCTION)

On our website, we have integrated the component of Google Analytics (with the anonymizer function). Google Analytics is a web analytics service. Web analytics is the collection, gathering, and analysis of data about the behavior of visitors to websites. A web analysis service collects, inter alia, data about the website from which a person has come (the so-called referrer), which sub-pages were visited, or how often and for what duration a sub-page was viewed. Web analytics are mainly used for the optimization of a website and in order to carry out a cost-benefit analysis of internet advertising.

The operator of the Google Analytics component is Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, United States.

For the web analytics through Google Analytics we use the application “_gat. _anonymizeIp”. By means of this application the IP address of the internet connection of the data subject is abridged by Google and anonymized when accessing our websites.

The purpose of the Google Analytics component is to analyze the traffic on our website. Google uses the collected data and information, inter alia, to evaluate the use of our website and to provide online reports, which show the activities on our websites, and to provide other services concerning the use of our internet site for us.

Google Analytics places a cookie on the information technology system of the data subject. The definition of cookies is explained above. With the setting of the cookie, Google is enabled to analyze the use of our website. With each call-up to one of the individual pages of this internet site, which is operated by the controller and into which a Google Analytics component was integrated, the internet browser on the information technology system of the data subject will automatically submit data through the Google Analytics component for the purpose of online advertising and the settlement of commissions to Google. During the course of this technical procedure, Google gains knowledge of information, such as the IP address of the data subject, which serves Google, inter alia, to understand the origin of visitors and clicks, and subsequently create commission settlements.

The cookie is used to store information, such as the access time, the location from which the access was made, and the frequency of visits of our website by you. With each visit to our website, such personal data, including the IP address of the internet access used by you, will be transmitted to Google in the United States of America. These personal data are stored by Google in the United States of America. Google may pass these personal data collected through the technical procedure to third parties.

You may, as stated above, prevent the setting of cookies through our website at any time by means of a corresponding adjustment of the internet browser used and thus permanently deny the setting of cookies. Such an adjustment to the internet browser used would also prevent Google Analytics from setting a cookie on the information technology system of the data subject. In addition, cookies already in use by Google Analytics may be deleted at any time via an internet browser or other software programs.

In addition, you have the possibility of objecting to a collection of data that are generated by Google Analytics, which is related to the use of our website, as well as the processing of this data by Google and the chance to preclude any such. For this purpose, you must download a browser add-on under the link https://tools.google.com/dlpage/gaoptout and install it. This browser add-on tells Google Analytics through a JavaScript, that any data and information about the visits of websites may not be transmitted to Google Analytics. The installation of the browser add-ons is considered an objection by Google. If the information technology system of the data subject is later deleted, formatted, or newly installed, then you must reinstall the browser add-ons to disable Google Analytics. If the browser add-on was uninstalled by you or any other person who is attributable to your sphere of competence, or is disabled, it is possible to execute the reinstallation or reactivation of the browser add-ons.

Further information and the applicable data protection provisions of Google may be retrieved under https://www.google.com/intl/en/policies/privacy/ and under http://www.google.com/analytics/terms/us.html. Google Analytics is further explained under the following Link https://www.google.com/analytics/.

  1. DATA PROTECTION PROVISIONS FOR USE AND APPLICATION OF GOOGLE ANALYTICS GOOGLE REMARKETING

On our website, we have integrated Google Remarketing services. Google Remarketing is a feature of Google AdWords, which allows a company to display advertising to internet users who have previously resided on the company’s website. The integration of Google Remarketing therefore allows a company to create user-based advertising and thus shows relevant advertisements to interested internet users.

The operating company of the Google Remarketing services is the Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, United States.

The purpose of Google Remarketing is the insertion of interest-relevant advertising. Google Remarketing allows us to display ads on the Google network or on other websites, which are based on individual needs and matched to the interests of internet users.

Google Remarketing sets a cookie on the information technology system of the data subject. The definition of cookies is explained above. With the setting of the cookie, Google enables a recognition of the visitor of our website if he calls up consecutive web pages, which are also a member of the Google advertising network. With each call-up to an internet site on which the service has been integrated by Google Remarketing, the internet browser of the data subject identifies automatically with Google. During the course of this technical procedure, Google receives information, such as the IP address or the surfing behavior of the user, which Google uses, inter alia, for the insertion of interest relevant advertising.

The cookie is used to store information, e.g. the websites visited by you. Each time you visit our website, personal data, including the IP address of the Internet access used by you, is transmitted to Google in the United States of America. These personal data are stored by Google in the United States of America. Google may pass these personal data collected through the technical procedure to third parties.

You may, as stated above, prevent the setting of cookies through our website at any time by means of a corresponding adjustment of the internet browser used and thus permanently deny the setting of cookies. Such an adjustment to the internet browser used would also prevent Google from setting a cookie on the information technology system of the data subject. In addition, cookies already in use by Google may be deleted at any time via an internet browser or other software programs.

You have the possibility of objecting to the interest-based advertising by Google. For this purpose, you must call up the link to www.google.de/settings/ads and make the desired settings on each Internet browser used by you.

Further information and the actual data protection provisions of Google may be retrieved under https://www.google.com/intl/en/policies/privacy/.

  1. DATA PROTECTION PROVISIONS FOR USE AND APPLICATION OF GOOGLE-ADWORDS

On our website, we have integrated Google AdWords. Google AdWords is a service for internet advertising that allows the advertiser to place ads in Google search engine results and the Google advertising network. Google AdWords allows an advertiser to pre-define specific keywords with the help of which an ad on Google’s search results is only then displayed, when the user utilizes the search engine to retrieve a keyword-relevant search result. In the Google Advertising Network, the ads are distributed on relevant web pages using an automatic algorithm, taking into account the previously defined keywords.

The operating company of Google AdWords is Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, UNITED STATES.

The purpose of Google AdWords is the promotion of our website by the inclusion of relevant advertising on the websites of third parties and in the search engine results of the search engine Google and an insertion of third-party advertising on our website.

If you reach our website via a Google ad, a conversion cookie is filed on the information technology system of the data subject through Google. The definition of cookies is explained above. A conversion cookie loses its validity after 30 days and is not used to identify you. If the cookie has not expired, the conversion cookie is used to check whether certain sub-pages, e.g, the shopping cart from an online shop system, were called up on our website. Through the conversion cookie, both Google and we can understand whether a person who reached an Ad-Words ad on our website generated sales, that is, executed or canceled a sale of goods.

The data and information collected through the use of the conversion cookie is used by Google to create visit statistics for our website. These visit statistics are used in order to determine the total number of users who have been served through AdWords ads to ascertain the success or failure of each AdWords ad and to optimize our AdWords ads in the future. Neither we nor other Google AdWords advertisers receive information from Google that could identify you.

The conversion cookie stores information, e.g. the website visited by you. Each time you visit our website, personal data, including the IP address of the internet access used by you, is transmitted to Google in the United States of America. These personal data are stored by Google in the United States of America. Google may pass these personal data collected through the technical procedure to third parties.
You may, at any time, prevent the setting of cookies by our website, as stated above, by means of a corresponding setting of the internet browser used and thus permanently deny the setting of cookies. Such a setting of the internet browser used would also prevent Google from placing a conversion cookie on the information technology system of the data subject. In addition, a cookie set by Google AdWords may be deleted at any time via the internet browser or other software programs.

You have a possibility of objecting to the interest-based advertisement of Google. Therefore, you must access from each of the browsers in use the link www.google.de/settings/ads and set the desired settings.

Further information and the applicable data protection provisions of Google may be retrieved under https://www.google.com/intl/en/policies/privacy/.

  1. DATA PROTECTION PROVISIONS FOR USE AND APPLICATION OF INSTAGRAM

On this website, the controller has integrated components of the service Instagram. Instagram is a service that may be qualified as an audiovisual platform, which allows users to share photos and videos, as well as disseminate such data in other social networks.

The operating company of the services offered by Instagram is Instagram LLC, 1 Hacker Way, Building 14 First Floor, Menlo Park, CA, UNITED STATES.

With each call-up to one of the individual pages of this Internet site, which is operated by the controller and on which an Instagram component (Insta button) was integrated, the Internet browser on the information technology system of the data subject is automatically prompted to the download of a display of the corresponding Instagram component of Instagram. During the course of this technical procedure, Instagram becomes aware of what specific sub-page of our website was visited by the data subject.

If the data subject is logged in at the same time on Instagram, Instagram detects with every call-up to our website by the data subject—and for the entire duration of their stay on our Internet site—which specific sub-page of our Internet page was visited by the data subject. This information is collected through the Instagram component and is associated with the respective Instagram account of the data subject. If the data subject clicks on one of the Instagram buttons integrated on our website, then Instagram matches this information with the personal Instagram user account of the data subject and stores the personal data.

Instagram receives information via the Instagram component that the data subject has visited our website provided that the data subject is logged in at Instagram at the time of the call to our website. This occurs regardless of whether the person clicks on the Instagram button or not. If such a transmission of information to Instagram is not desirable for the data subject, then he or she can prevent this by logging off from their Instagram account before a call-up to our website is made.

Further information and the applicable data protection provisions of Instagram may be retrieved under https://help.instagram.com/155833707900388 and https://www.instagram.com/about/legal/privacy/.

  1. DATA PROTECTION PROVISIONS FOR USE AND APPLICATION OF LINKEDIN

We have integrated components of the LinkedIn Corporation on our website. LinkedIn is a web-based social network that enables users with existing business contacts to connect and to make new business contacts. Over 400 million registered people in more than 200 countries use LinkedIn. Thus, LinkedIn is currently the largest platform for business contacts and one of the most visited websites in the world.

The operating company of LinkedIn is LinkedIn Corporation, 2029 Stierlin Court Mountain View, CA 94043, UNITED STATES. For privacy matters outside of the UNITED STATES LinkedIn Ireland, Privacy Policy Issues, Wilton Plaza, Wilton Place, Dublin 2, Ireland, is responsible.

With each call-up to one of the individual pages of this website, which is operated by us and on which a LinkedIn component (LinkedIn plug-in) was integrated, the internet browser on the information technology system of the Data Subject is automatically prompted to the download of a display of the corresponding LinkedIn component of LinkedIn. Further information about the LinkedIn plug-in may be accessed under https://developer.linkedin.com/plugins. During the course of this technical procedure, LinkedIn gains knowledge of what specific sub-page of our website was visited by you.

If you are logged in at the same time on LinkedIn, LinkedIn detects with every call-up to our website by you — and for the entire duration of your stay on our website — which specific sub-page of our website was visited by you. This information is collected through the LinkedIn component and associated with the respective LinkedIn account of the data subject. If you click on one of the LinkedIn buttons integrated on our website, then LinkedIn assigns this information to the personal LinkedIn user account of the data subject and stores the personal data.

LinkedIn receives information via the LinkedIn component that you have visited our website, provided that you are logged in at LinkedIn at the time of the call-up to our website. This occurs regardless of whether the person clicks on the LinkedIn button or not. If such a transmission of information to LinkedIn is not desirable for you, then you may prevent this by logging off from their LinkedIn account before a call-up to our website is made.

LinkedIn provides under https://www.linkedin.com/psettings/guest-controls the possibility to unsubscribe from e-mail messages, SMS messages and targeted ads, as well as the ability to manage ad settings. LinkedIn also uses affiliates such as Eire, Google Analytics, BlueKai, DoubleClick, Nielsen, Comscore, Eloqua, and Lotame. The setting of such cookies may be denied under https://www.linkedin.com/legal/cookie-policy. The applicable privacy policy for LinkedIn is available under https://www.linkedin.com/legal/privacy-policy. The LinkedIn Cookie Policy is available under https://www.linkedin.com/legal/cookie-policy.

  1. DATA PROTECTION PROVISIONS FOR USE AND APPLICATION OF TWITTER

On our website, we have integrated components of Twitter. Twitter is a multilingual, publicly accessible microblogging service on which users may publish and share so-called ‘tweets,’ e.g. short messages, which are limited to 140 characters. These short messages are available for everyone, including those who are not logged on to Twitter. The tweets are also displayed to so-called followers of the respective user. Followers are other Twitter users who follow a user’s tweets. Furthermore, Twitter allows you to address a wide audience via hashtags, links or retweets.

The operating company of Twitter is Twitter, Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, UNITED STATES.

With each call-up to one of the individual pages of our website, which is operated by us and on which a Twitter component (Twitter button) was integrated, the internet browser on the information technology system of the data subject is automatically prompted to download a display of the corresponding Twitter component of Twitter. Further information about the Twitter buttons is available under https://about.twitter.com/de/resources/buttons. During the course of this technical procedure, Twitter gains knowledge of what specific sub-page of our website was visited by you. The purpose of the integration of the Twitter component is a retransmission of the contents of this website to allow our users to introduce this web page to the digital world and increase our visitor numbers.

If you are logged in at the same time on Twitter, Twitter detects with every call-up to our website by you and for the entire duration of your stay on our website which specific sub-page of our website was visited by you. This information is collected through the Twitter component and associated with the respective Twitter account of the data subject. If you click on one of the Twitter buttons integrated on our website, then Twitter assigns this information to the personal Twitter user account of the data subject and stores the personal data.

Twitter receives information via the Twitter component that you have visited our website, provided that you are logged in on Twitter at the time of the call-up to our website. This occurs regardless of whether the person clicks on the Twitter component or not. If such a transmission of information to Twitter is not desirable for you, you may prevent this by logging off from your Twitter account before a call-up to our website is made.
The applicable data protection provisions of Twitter may be accessed under https://twitter.com/privacy?lang=en.

  1. DATA PROTECTION PROVISIONS FOR USE AND APPLICATION OF YOUTUBE

On our website, we have integrated components of YouTube. YouTube is an internet video portal that enables video publishers to set video clips and other users free of charge, which also provides free viewing, review and commenting on them. YouTube allows you to publish all kinds of videos, so you can access both full movies and TV broadcasts, as well as music videos, trailers, and videos made by users via the Internet portal.

The operating company of YouTube is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, UNITED STATES. YouTube, LLC is a subsidiary of Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, UNITED STATES.

With each call-up to one of the individual pages of our website, which is operated by us and on which a YouTube component (YouTube video) was integrated, the internet browser on the information technology system of the data subject is automatically prompted to download a display of the corresponding YouTube component. Further information about YouTube may be obtained under https://www.youtube.com/yt/about/. During the course of this technical procedure, YouTube and Google gain knowledge of what specific sub-page of our website was visited by the you.

If you are logged in on YouTube, YouTube recognizes with each call-up to a sub-page that contains a YouTube video, which specific sub-page of our internet site was visited by you. This information is collected by YouTube and Google and assigned to the respective YouTube account of the data subject.

YouTube and Google will receive information through the YouTube component that you have visited our website, if you at the time of the call to our website are logged in on YouTube; this occurs regardless of whether the person clicks on a YouTube video or not. If such a transmission of this information to YouTube and Google is not desirable for you, the delivery may be prevented if you log off from your own YouTube account before a call-up to our website is made.

YouTube’s data protection provisions, available at https://www.google.com/intl/en/policies/privacy/, provide information about the collection, processing and use of personal data by YouTube and Google.

  1. LEGAL BASIS FOR PROCESSING

Article 6 I lit. a DS-GVO serves as the legal basis for our company for processing operations in which we obtain consent for a specific processing purpose. If the processing of personal data is necessary for the performance of a contract to which the data subject is a party, as is the case, for example, with processing operations that are necessary for the delivery of goods or the provision of another service or consideration, the processing is based on Art. 6 I lit. b DS-GVO. 

The same applies to processing operations that are necessary for the implementation of pre-contractual measures, for example in the case of enquiries about our products or services. If our company is subject to a legal obligation by which the processing of personal data becomes necessary, such as for the fulfilment of tax obligations, the processing is based on Art. 6 I lit. c DS-GVO. In rare cases, the processing of personal data might become necessary in order to protect the vital interests of the data subject or another natural person. This would be the case, for example, if a visitor were to be injured on our premises and as a result his or her name, age, health insurance details or other vital information had to be passed on to a doctor, hospital or other third party. Then the processing would be based on Art. 6 I lit. d DS-GVO. 

Finally, processing operations could be based on Art. 6 I lit. f DS-GVO. Processing operations which are not covered by any of the aforementioned legal bases are based on this legal basis if the processing is necessary to protect a legitimate interest of our company or a third party, provided that the interests, fundamental rights and freedoms of the data subject are not overridden. Such processing operations are permitted to us in particular because they were specifically mentioned by the European legislature . In this respect, it took the view that a legitimate interest could be assumed if the data subject is a customer of the controller (recital 47, sentence 2 of the GDPR).

  1. LEGITIMATE INTERESTS IN PROCESSING PURSUED BY THE CONTROLLER OR A THIRD PARTY.

Where the processing of personal data is based on Article 6 I lit. f DS-GVO, our legitimate interest is the conduct of our business for the benefit of the welfare of all our employees and our shareholders.

  1. DURATION FOR WHICH THE PERSONAL DATA ARE STORED

The criterion for the duration of the storage of personal data is the respective statutory retention period, in principle 10 years. After expiry of this period, the corresponding data is routinely deleted, provided that it is no longer required for the fulfilment or initiation of the contract.

  1. LEGAL OR CONTRACTUAL REQUIREMENTS FOR THE PROVISION OF PERSONAL DATA; NECESSITY FOR THE CONCLUSION OF THE CONTRACT; OBLIGATION OF THE DATA SUBJECT TO PROVIDE PERSONAL DATA; POSSIBLE CONSEQUENCES OF FAILURE TO PROVIDE PERSONAL DATA

We would like to point out that the provision of personal data is sometimes required by law (e.g. tax regulations) or may also result from contractual regulations (e.g. information on the contractual partner). Sometimes, in order to conclude a contract, it may be necessary for a data subject to provide us with personal data that must subsequently be processed by us. For example, the data subject is obliged to provide us with personal data if our company concludes a contract with him or her. Failure to provide the personal data would mean that the contract with the data subject could not be concluded. Before providing personal data by the data subject, the data subject must contact one of our employees. Our employee will explain to the data subject on a case-by-case basis whether the provision of the personal data is required by law or by contract or is necessary for the conclusion of the contract, whether there is an obligation to provide the personal data and what the consequences of not providing the personal data would be.

  1. EXISTENCE OF AUTOMATED DECISION-MAKING

As a responsible company, we do not use automated decision making or profiling.

Our company thanks you for your interest. Should you have any further questions please feel free to contact us. Kind regards, ESKO.SWISS GmbH.