Disclaimer

 

Responsible:
Swiss Entrepreneurs & Startup Association
Bundesgasse 35
3001 Bern

 

Data protection officer:
Simon Enderli
simon.enderli@swissef.ch

 

Any person concerned can contact our data protection officer directly at any time with any questions or suggestions regarding data protection.

 

Status: October 27, 2020

 

1. Basic information on data processing and legal bases


1.1. This data protection declaration explains to you the type, scope and purpose of the processing of personal data within our online offer and the associated websites, functions and content (hereinafter collectively referred to as “online offer” or “website”).

1.2. We refer to the definitions in Art. 4 of the EU General Data Protection Regulation (GDPR) for the terms used, such as "personal data", pseudonymisation, consent, person responsible or their "processing".

1.3. The terms used, such as "user", are to be understood as gender-neutral.

1.4. We process personal data of users only in compliance with the relevant data protection regulations (Swiss data protection law and, in the case of application of Art. 3 EU GDPR, the EU GDPR). This means that user data will only be processed if there is legal permission. In other words, in particular if data processing is necessary or required by law to provide our contractual services (e.g. processing orders) and online services.

1.5. Persons under the age of 18 should not transmit any personal data to us without the consent of their parents or legal guardians. We do not request any personal data from children and young people. We do not knowingly collect such data and do not pass them on to third parties.

 

2. Collection of access data and log files


2.1. We collect a series of general data and information each time the website is accessed by a person or an automated system. These general data and information are stored in the server's log files. The name of the accessed website, file, date and time of access, amount of data transferred, notification of successful access, browser type and version, the user's operating system, referrer URL (the previously visited page), IP address and the requesting provider can be recorded. If users leave comments or other contributions, their IP addresses are saved.

2.2. For security reasons (e.g. to investigate acts of abuse or fraud), log file information is stored for a maximum of one month and then deleted. Data, the further storage of which is necessary for evidence purposes, are excluded from deletion until the respective incident has been finally clarified.

 

3. Transfer of data to third parties and third party providers


3.1. Data that was logged when our website was accessed is only transmitted to third parties if we are obliged to do so by law, contract or court decision, or on the basis of legitimate interests.
If you order information material, brochures or products, we will only use the personal information you have entered within our company or, if necessary, pass it on to the company commissioned to process the order. A transfer to third parties, for commercial or non-commercial purposes, will not take place without your express consent.

3.2. If we use subcontractors to provide our services, we take suitable legal precautions as well as appropriate technical and organizational measures to ensure the protection of personal data in accordance with the relevant statutory provisions.

3.3. If, within the scope of this data protection declaration, content, tools or other means are used by other providers (hereinafter jointly referred to as "third-party providers") and their registered office is in a third country, it is to be assumed that data will be transferred to the third-party providers' registered offices. Third countries are countries in which the GDPR is not directly applicable, i.e. in principle countries outside the EU or the European Economic Area. The transfer of data to third countries takes place either if there is an adequate level of data protection, the consent of the user or other legal permission.

 

4. Data processing in the context of the provision of contractual services


4.1. We process inventory data (e.g., names and addresses as well as contact details of users), contract data (e.g., services used, names of contact persons, payment information) for the purpose of fulfilling our contractual obligations and services in accordance with. Art. 6 para. 1 lit b. GDPR.

 

5. Contact


5.1. When contacting us (using the contact form or email), the information provided by the user is used to process the contact request and to process it in accordance with. Art. 6 para. 1 lit. b) GDPR processed.

 

6. Cookies & range measurement


6.1. Cookies are information that is transferred from our web server or third party web servers to the user's web browser and stored there for later retrieval. Cookies can be small files or other types of information storage.

6.2. If users do not want cookies to be stored on their computer, they are asked to deactivate the corresponding option in the system settings of their browser. Saved cookies can be deleted in the system settings of the browser. The exclusion of cookies can lead to functional restrictions of this online offer.

6.3. You can use cookies for range measurement and advertising purposes via the deactivation page of the network advertising initiative (http://optout.networkadvertising.org/) and also the US website (http://www.aboutads.info/choices ) or the European website (http://www.youronlinechoices.com/uk/your-ad-choices/).

 

7. Google Analytics


7.1. We use Google Analytics (with anonymization function) on this website. Google Analytics is a web analysis service. Web analysis is the gathering, collection and evaluation of data on the behavior of visitors to websites. A web analysis service collects, among other things, data on which website a person concerned came to a website (so-called referrer), which sub-pages of the website were accessed or how often and for how long a sub-page was viewed. A web analysis is mainly used to optimize a website and for the cost-benefit analysis of Internet advertising.

The anonymization function means that your IP address is shortened and thus anonymized before it is transmitted to the USA. This means that under no circumstances can Google associate your IP address with other Google data.

The operating company of the Google Analytics component is Google Inc., 1600 Amphitheater Pkwy, Mountain View, CA 94043-1351, USA.

7.2. Google is certified under the Privacy Shield Agreement and thus offers a guarantee to comply with European data protection law (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).

7.3. Google will use this information on our behalf to evaluate the use of our online offer by users, to compile reports on the activities within this online offer and to provide us with other services related to the use of this online offer and the internet. In doing so, pseudonymous user profiles can be created from the processed data.

7.4. We only use Google Analytics with activated IP anonymization. This means that the IP address of the user is shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. The full IP address is only transmitted to a Google server in the USA and shortened there in exceptional cases.

7.5. The IP address transmitted by the user's browser will not be merged with other Google data. Users can prevent the storage of cookies by setting their browser software accordingly; Users can also prevent Google from collecting the data generated by the cookie and relating to their use of the online offer and from processing this data by downloading and installing the browser plug-in available under the following link: tools.google.com / dlpage / gaoptout .

7.6. You can find more information about the use of data by Google, setting and objection options on the Google website: www.google.com/intl/de/policies/privacy/partners (“Use of data by Google when you use our partners' websites or apps”) , www.google.com/policies/technologies/ads (“Use of data for advertising purposes”), www.google.de/settings/ads (“Manage information that Google uses to show you advertisements”).
Further information and the applicable data protection provisions of Google can be found at www.google.de/intl/de/policies/privacy/ and at www.google.com/analytics/terms/de.html .
Further information on Google Analytics can be found under this link: www.google.com/intl/de_de/analytics/

 

8. Integration of services and content from third parties


8.1. We use content or service offers from third-party providers within our online offer on the basis of our legitimate interests (ie interest in the analysis, optimization and economic operation of our online offer within the meaning of Art. 6 Para. 1 lit. Integrate services such as videos or fonts (hereinafter uniformly referred to as "content"). This always presupposes that the third-party providers of this content perceive the IP address of the users, since they would not be able to send the content to their browser without the IP address. The IP address is therefore required to display this content. We strive to only use content whose respective providers only use the IP address to deliver the content. Third-party providers can also use so-called pixel tags (invisible graphics, also known as "web beacons") for statistical or marketing purposes. The «pixel tags» can be used to evaluate information such as visitor traffic on the pages of this website. The pseudonymous information can also be stored in cookies on the user's device and contain, among other things, technical information about the browser and operating system, referring websites, visiting time and other information about the use of our online offer, and can also be linked to such information from other sources.

8.2. The following illustration provides an overview of third-party providers and their content, along with links to their data protection declarations, which contain further information on the processing of data and, in some cases already mentioned here, possibilities of objection (so-called opt-out):

 

9. Rights of the data subject


9.1. Every person concerned has the right to request confirmation from us as to whether we are processing personal data relating to them.

9.2. Any person affected by the processing of personal data can request information from us free of charge (a fee may be charged in the event of repeated or improper assertion) about the personal data we have stored about them. We also provide the following information:

  • the processing purposes

  • the categories of personal data that are processed

  • the recipients or categories of recipients to whom the personal data have been disclosed or are still being disclosed, in particular to recipients in third countries or to international organizations

  • if possible, the planned duration for which the personal data will be stored or, if this is not possible, the criteria for determining this duration

  • the existence of a right to correction or deletion of personal data concerning you or to restriction of processing by the person responsible or a right to object to this processing

  • the existence of a right of appeal to a supervisory authority

  • if the personal data are not collected from the data subject: All available information on the origin of the data

  • the existence of automated decision-making including profiling and - at least in these cases - meaningful information about the logic involved and the scope and intended effects of such processing for the data subject


Furthermore, the data subject has the right to information as to whether personal data has been transmitted to a third country or to an international organization. If this is the case, the data subject has the right to receive information about the appropriate guarantees in connection with the transmission.

9.3. Every person affected by the processing of personal data has the right to request the immediate correction of incorrect personal data concerning them. Furthermore, the data subject has the right, taking into account the purposes of the processing, to request the completion of incomplete personal data - including by means of a supplementary declaration.

9.4. Any person affected by the processing of personal data has the right to demand that the personal data relating to them be deleted immediately, provided there are legal reasons for the deletion and the processing is not necessary.

9.5. Every person affected by the processing of personal data has the right to request the controller to restrict processing if one of the following conditions is met:

  • The correctness of the personal data is contested by the data subject for a period of time that enables the person responsible to check the correctness of the personal data.

  • The processing is unlawful, the person concerned refuses to delete the personal data and instead requests that the use of the personal data be restricted.

  • The person responsible no longer needs the personal data for the purposes of processing, but the data subject needs them to assert, exercise or defend legal claims.

  • The person concerned has lodged an objection to the processing and it has not yet been determined whether the legitimate reasons of the person responsible outweigh those of the person concerned.

9.6. Every person affected by the processing of personal data has the right to receive the personal data concerning them, which the person concerned has provided to a responsible person, in a structured, common and machine-readable format or to request that it be transmitted to another responsible person . Provided that the data is processed using automated procedures.

9.7. Every person affected by the processing of personal data has the right to object at any time to the processing of personal data concerning them for reasons that arise from their particular situation.

9.8. Any person affected by the processing of personal data has the right to withdraw consent to the processing of personal data at any time.
If a data subject wishes to exercise one or more data subject rights, they can contact our data protection officer at any time (see here).

 

10. Deletion of data


10.1. The data stored by us will be deleted as soon as it is no longer required for its intended purpose and the deletion does not conflict with any statutory retention requirements. If the user data is not deleted because it is required for other and legally permissible purposes, its processing will be restricted. In other words, the data is blocked and not processed for other purposes. This applies, for example, to user data that must be kept for commercial or tax law reasons.

 

11. Right to Object


11.1. Users can object to the future processing of their personal data in accordance with the legal requirements at any time. The objection can in particular be made against processing for direct marketing purposes.

 

12. Security Measures


12.1. We take organizational, contractual and technical security measures according to the state of the art to ensure that the provisions of data protection laws are complied with and to protect the data processed by us against accidental or deliberate manipulation, loss, destruction or against access by unauthorized persons.

 

13. Changes to the privacy policy


13.1. In the course of the further development of our website and the implementation of new technologies, changes to this data protection declaration may become necessary. We therefore recommend that you read this data protection declaration again from time to time.

13.2. Users are asked to inform themselves regularly about the content of the data protection declaration.

 

Swiss Entrepreneurs & Startup Association

Bundesgasse 35
3001 Bern