Introduction
Thank you for visiting our website. Louis Widmer SA (hereinafter referred to as “Louis Widmer”, “we” or “us”) places utmost importance on the security of user data and compliance with data protection regulations. Please read on to find out how we process your personal data on our website.
Responsible body and data protection officer
Responsible body:
Louis Widmer SA
Rietbachstrasse 5
8952 Schlieren
Tel.: +41 (0) 43 433 77 00
Email: info@louis-widmer.com
Data protection officer:
Louis Widmer GmbH
Email: datenschutz@louis-widmer.com
Terms
The technical terms used in this privacy policy are to be understood as defined in Art. 4 GDPR.
Information on data processing
Automated data processing (log files, etc.)
It is not necessary to disclose any information about the user’s person when visiting our website. However, every time a user visits our website, we automatically store access data (server log files), such as the name of the internet service provider, operating system, the website from where the user reached our website, date and duration of the user's visit, or the name of the requested file, as well as the IP address of the computer used, the latter for security reasons, e.g. for recognising attacks on our website, for a period of seven days. This data is analysed exclusively for improving our website content. It cannot be used for drawing any conclusions about the user's person. We do not compile this data with other data sources.
We process and use the data for the following purposes: provision and improvement of our website, prevention and recognition of errors / malfunction as well as misuse of the website.
Legal basis: legitimate interest, pursuant to Art. 6 para. 1 lit. f) GDPR
Legitimate interests: ensuring the functionality and error-free and secure operation of the website and adapting this website to the requirements of users.
Consent Management Tool
We use a consent management procedure on our online offering in order to be able to store and manage the consent given by visitors to our online offering in a verifiable manner in accordance with the requirements of the GDPR. At the same time, visitors to our online offering can manage the consents and preferences they have given or revoke their consent via the service we have integrated.
The consent status is stored on the server and/or in a cookie (known as an opt-in cookie) or a comparable technology in order to be able to assign the consent to a user or their device. The time at which consent was given is also recorded.
Categories of data subjects: Website visitors who use the consent management tool
Categories of data: User data (e.g. websites visited, interest in content, access times), meta and communication data (e.g. device information, IP addresses)
Purposes of processing: Fulfilment of accountability obligations, consent management
Legal basis: legal obligation (Art. 6 para. 1 lit. c) GDPR in conjunction with Art. 7 GDPR)
Manage/revoke consent
usercentrics
Recipient: Usercentrics GmbH, Sendlinger Straße 7, 80331 Munich, Germany
Data protection: https://usercentrics.com/privacy-policy/
Use of cookies (general information, functionality, opt-out links, etc.)
We use cookies on our website to create a more attractive website and to enable certain user functions. The use of cookies serves our legitimate interest in providing users with the most pleasant website visit possible and is based on Art. 6 (1) lit. f) GDPR. Cookies are standard internet technology for storing and accessing login and other user information for all website users. Cookies are small text files that are stored on the device. They enable us, amongst other things, to store user settings so that our website can be displayed in the correct format for the user’s device. Some of the cookies used by us are deleted again at the end of the browser session, in other words once the user closes the browser (session cookies). Other cookies remain on the user's device and enable us or our partner companies to recognise the browser on the user's next visit (persistent cookies).
The browser settings can be adjusted so that the user is informed about the installation of cookies so that the user can decide whether to accept them or block them for specific events or in general. The user can also delete cookies at a later date so as to delete files that have been stored on the user's computer by the website. The deactivation of cookies (opt-out) can lead to restricted functionality of our website.
Categories of data subjects: Website visitors, users of online services
Opt-out:
Internet Explorer:
https://support.microsoft.com/de-de/help/17442
Firefox:
https://support.mozilla.org/en-US/kb/how-do-i-turn-do-not-track-feature
Google Chrome:
https://support.google.com/chrome/answer/95647?hl=en-GB&sjid=13300170504380280444-EU
Safari
https://support.apple.com/de-ch/105082
Legal basis: Consent (Art. 6 para. 1 lit. a) GDPR); legitimate interests (Art. 6 para. 1 lit. f) GDPR)
The relevant legal basis is specified for each tool.
Legitimate interests: Storage of opt-in preferences, display of the website, ensuring the functionality of the website, maintaining user status across the entire website, recognition for subsequent website visitors, user-friendly online offering, ensuring chat function
Hosting (including content delivery network)
Our online offering is hosted by an external service provider. Personal data of visitors to our online offering, in particular so-called log files, are stored on our service provider's servers. This may also include data that is generated or collected during the active use of our online offering. By using a specialised service provider, we can provide our online offering securely and efficiently. The data is not processed by the hosting provider we use for its own purposes.
We also use a so-called Content Delivery Network (CDN) to provide the content of our online offering more quickly. When visitors to our online offering access content such as graphics, scripts or other content, these are provided quickly and optimally using regionally and internationally distributed servers. When the files are retrieved, a connection to the servers of a CDN provider is established, whereby personal data of visitors to our online offering is processed, such as the IP address, browser data or the so-called user agent.
Categories of data subjects: Website visitors
Categories of data: User data (e.g. websites visited, interest in content, access times), meta and communication data (e.g. device information, IP addresses)
Purposes of processing: Proper design of our online offering
Legal basis: Consent (Art. 6 para. 1 lit. a) GDPR)
Legitimate interests: Proper presentation and optimisation of the website, faster accessibility of the website, avoidance of downtime, high scalability
Amazon Web Services
Recipient: Amazon.com, Inc., 2021 Seventh Ave, Seattle, Washington 98121, USA
Data protection: https://www.amazon.de/gp/help/customer/display.html?ndeId=201909010&ref_=footer_privacy
Legal basis: Consent (Art. 6 para. 1 lit. a) GDPR)
Guarantees used: https://aws.amazon.com/compliance/?nc1=h_ls
Cloudflare
Recipient: Cloudflare Germany GmbH, Rosental 7, 80331 Munich, Germany
Data protection: https://www.cloudflare.com/privacypolicy/
Legal basis: Consent (Art. 6 para. 1 lit. a) GDPR)
Online marketing
In order to continuously increase our reach and popularity of our website content, we process personal data within the scope of online marketing activities, particularly with regard to potential interest and measuring the effectiveness of our marketing activities.
Relevant information is stored in cookies or similar methods are used for measuring the effectiveness of our marketing activities and recognising potential interests. The data stored in the cookies may include accessed contents, website contents visited, settings and functions and systems used. However, clearly identifiable user data is not regularly processed for the above purposes. The data is then modified so that neither we nor the provider of the tool used know the real identity of the user. The thus modified data is regularly stored in user profiles.
If user profiles are stored, when visiting other website contents that use the same online marketing method, the data can be read, added to and completed on the server of the online marketing provider.
We can determine the success of our advertisements on the basis of compiled data made available to us by the provider of the online marketing method (conversion measurement). This conversion measurement enables us to trace if a marketing activity led to the visitor of our website content deciding to purchase the advertised product. This analysis indicates the success of our online marketing activities.
Categories of data subjects: Website visitors, users of online services, interested parties, communication partners, business and contracting partners
Categories of data: User data (e.g. web pages visited, interest in contents, access times), meta and communication data (e.g. device information, IP addresses), location data, contact details, content data (e.g. text entries, photographs, videos)
Purposes of processing: Marketing (partially also based on interests and behaviour), conversion measurement, target group creation, click tracking, developing marketing strategies and increasing campaign efficiency
Legal basis: Consent (Art. 6 para. 1 lit. a) GDPR); legitimate interests (Art. 6 para. 1 lit. f) GDPR)
Legitimate interests: optimisation and further development of the website, increase in profits, customer loyalty and acquisition of new customers
Google Tag Manager
Recipient: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland
Data protection: https://policies.google.com/privacy
Opt-out link: https://tools.google.com/dlpage/gaoptout?hl=en or https://myaccount.google.com/
Legal basis: Legitimate interest (Art. 6 para. 1 lit. f) GDPR)
Legitimate interests: Coordination of different tools, optimisation and further development of the website, ease of use and presentation
Guarantees used: https://policies.google.com/privacy/frameworks?hl=en
Google Analytics
Recipient: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland
Data protection: https://policies.google.com/privacy
Opt-out link: https://tools.google.com/dlpage/gaoptout?hl=en or https://myaccount.google.com/
Legal basis: Consent (Art. 6 para. 1 lit. a) GDPR)
Guarantees used: https://policies.google.com/privacy/frameworks?hl=en
Google Ads
Recipient: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland
Data protection: https://policies.google.com/privacy
Opt-out link: https://tools.google.com/dlpage/gaoptout?hl=en or https://myaccount.google.com/
Legal basis: Consent (Art. 6 para. 1 lit. a) GDPR)
Guarantees used: https://policies.google.com/privacy/frameworks?hl=en
Google Doubleclick
Recipient: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland
Data protection: https://policies.google.com/privacy
Opt-out link: https://tools.google.com/dlpage/gaoptout?hl=en or https://myaccount.google.com/
Legal basis: Consent (Art. 6 para. 1 lit. a) GDPR)
Guarantees used: https://policies.google.com/privacy/frameworks?hl=en
Google Adsense with personalised ads
Recipient: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland
Data protection: https://policies.google.com/privacy
Opt-out link: https://tools.google.com/dlpage/gaoptout?hl=en or https://myaccount.google.com/
Legal basis: Consent (Art. 6 para. 1 lit. a) GDPR)
Guarantees used: https://policies.google.com/privacy/frameworks?hl=en
Google AdSense with non-personalised ads
Recipient: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland
Data protection: https://policies.google.com/privacy
Opt-out link: https://tools.google.com/dlpage/gaoptout?hl=en or https://myaccount.google.com/
Legal basis: Legitimate interest (Art. 6 para. 1 lit. f) GDPR)
Legitimate interests: Increase in profits, customer loyalty and acquisition of new customers
Guarantees used: https://policies.google.com/privacy/frameworks?hl=en
Plyr
Service used: Plyr via GitHub
Data protection: https://sampotts.me/
Opt-out link: https://docs.github.com/en/site-policy/privacy-policies/github-general-privacy-statement
Usercentrics
Service used: Usercentrics GmbH, Sendlinger Straße 7, 80331 Munich, Germany
Data protection: https://usercentrics.com/privacy-policy/
Opt-out: datenschutz@usercentrics.com
trbo
Recipient: trbo GmbH, Leopoldstr. 41, 80802 Munich, Germany
Data protection: https://www.trbo.com/privacy-policy/
Social media presence
We maintain profiles on social networks and career platforms in order to exchange information with registered users and to communicate with them in an uncomplicated manner.
Social network user data is sometimes used for market research with the purpose of subsequent advertising. User profiles may be created and used that record user behaviour, such as users’ stated interests, in order to adjust advertisements to meet the interests of target groups. Cookies a regularly stored on users’ devices for this purpose, sometimes regardless of them being registered users of the social network or not.
When using social media platforms, we also use the related messenger services to communicate with users in an uncomplicated manner. We herewith point out that the security of individual services may depend on the user’s account settings. Even if end-to-end encryption is used, the service provider can draw conclusions about the fact that users are communicating with us and the time this takes places and may also record location data.
Depending on the location from where the social network is being operated, the user data may be processed outside the European Union and/or outside the European Economic Area. This may result in risks to users, as it may be difficult for them to enforce their rights, for instance.
Categories of data subjects: Registered users and non-registered users of the social network
Categories of data: Master data (e.g. name, address), contact details (e.g. email address, telephone number), content data (e.g. text, photographs, videos), usage data (e.g. websites visited, interests, access times), meta and communication data (e.g. device information, IP address)
Purposes of processing: Expansion of reach, networking
Legal basis: Legitimate interests (Art. 6 para. 1 lit. f) GDPR), consent (Art. 6 para. 1 lit. a) GDPR)
Legitimate interests: Interaction and communication on social media presence, increase in profits, insights into target groups
Recipients: Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland
Data protection: https://help.instagram.com/519522125107875 and https://www.facebook.com/about/privacy
Opt-out link: https://www.instagram.com/accounts/login/?next=/accounts/privacy_and_security/
Guarantees used: https://www.facebook.com/help/566994660333381
Recipient: Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland
Data protection: https://www.facebook.com/privacy/explanation and https://www.facebook.com/legal/terms/page_controller_addendum
Opt-out link: https://www.facebook.com/policies/cookies/
Guarantees used: https://www.facebook.com/help/566994660333381
Recipient: LinkedIn Corporation, 1000 West Maude Avenue, Sunnyvale, CA 94085, USA
Data protection: https://www.linkedin.com/legal/privacy-policy
Opt-out link: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out
Guarantees used: https://linkedin.com/legal/l/dpa
TikTok
Recipient: TikTok Inc., 10100 Venice Blvd., Culver City, CA 90232, USA
Privacy policy: https://www.tiktok.com/legal/page/eea/privacy-policy/en
YouTube
Recipient: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland
Data protection: https://policies.google.com/privacy?hl=en&gl=en
Opt-out link: https://tools.google.com/dlpage/gaoptout?hl=en or https://myaccount.google.com/
Guarantees used: https://policies.google.com/privacy/frameworks?hl=en
Service used: Pinterest Inc., 808 Brannan Street San Francisco, CA 94103-490, USA
Data protection: https://policy.pinterest.com/en/privacy-policy
Opt-out link: https://help.pinterest.com/en/article/your-privacy-and-data-settings
Plug-ins and integrated third-party content
Our website contains integrated functions and contents that we purchase from third-party providers. videos, images, interfaces or posts (hereinafter referred to as contents) may be integrated, for instance.
In order to display contents to our website visitors, the respective third-party service provider processes data such as the user’s IP address so that the contents can be transmitted to, and displayed in, the browser. It is impossible to integrate third-party content without this processing activity.
In some instances, additional information is collected through pixel tags or web beacons, which provide the third-party provider with information on the use of the content or the traffic on our website, technical information on the user’s browser or operating system, time of visit or referrer URLs. The data thus collected is stored in cookies on the user’s device.
To protect the personal data of our website visitors, we have implemented certain security measures to prevent the automatic transfer of this data. This data is only transferred when users click on buttons and/or third-party contents.
Categories of data subjects: Users of the plug-in or integrated third-party content
Categories of data: Usage data (e.g. websites visited, interests, access time), meta and communication data (e.g. device information, IP address), contact data (e.g. email address, telephone number), master data (e.g. name, address)
Purposes of processing: Design of our online offering, increasing the reach of advertisements on social media, sharing posts and content, interest- and behaviour-based marketing, cross-device tracking
Legal basis: Consent (Art. 6 para. 1 lit. a) GDPR)
Recipient: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA
Data protection: https://policies.google.com/privacy?hl=en&gl=en
Opt-out link: https://tools.google.com/dlpage/gaoptout?hl=en or https://myaccount.google.com/
Legal basis: Consent (Art. 6 para. 1 lit. a) GDPR)
Guarantees used: https://policies.google.com/privacy/frameworks?hl=en
Google Fonts
Recipient: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland
Data protection: https://policies.google.com/privacy?hl=en-US
Opt-out link: https://tools.google.com/dlpage/gaoptout?hl=en
Legal basis: Consent (Art. 6 para. 1 lit. a) GDPR)
Guarantees used: https://policies.google.com/privacy/frameworks?hl=en
MyFonts
Recipient: Monotype Imaging Holdings Inc., Delaware and 600 Unicorn Park Drive, Woburn, MA 01801, USA
Data protection: https://www.monotype.com/legal/privacy-policy
Legal basis: Consent (Art. 6 para. 1 lit. a) GDPR)
Guarantees used: https://www.monotype.com/legal/privacy-policy/website-use-privacy-policy
YouTube
Recipient: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA
Data protection: https://policies.google.com/privacy?hl=en&gl=en
Opt-out link: https://tools.google.com/dlpage/gaoptout?hl=en or https://myaccount.google.com/
Legal basis: Consent (Art. 6 para. 1 lit. a) GDPR)
Guarantees used: https://policies.google.com/privacy/frameworks?hl=en
Plyr
Recipient: Plyr via GitHub
Data protection: https://sampotts.me/
Legal basis: Consent (Art. 6 para. 1 lit. a) GDPR)
Opt-out: https://docs.github.com/en/site-policy/privacy-policies/github-general-privacy-statement
Online conferences, meetings and webinars
We hold online conferences, meetings and/or webinars. We use the products of carefully selected third-party provider for this purpose.
During active use of such services, any data of the participants that is necessary for the purpose of communicating is processed and stored on the servers of the third-party providers used. User and meta data may also be processed in this context.
Categories of data subjects: Participants in the respective online service (conference, meeting, webinar)
Categories of data: Master data (e.g. name, address), contact details (e.g. email address, telephone number), content data (e.g. text entries, photographs, videos), meta and communication data (e.g. device information, IP addresses)
Purposes of processing: Processing of enquiries, increasing efficiency, promoting cross-company and cross-location cooperation
Legal basis: Consent (Art. 6 para. 1 lit. a) GDPR)
Cisco WebEx
Recipient: Cisco Systems, Inc., 170 West Tasman Dr., San Jose, CA 95134, USA
Data protection: https://www.cisco.com/c/de_ch/about/legal/privacy-full.html
Legal basis: Consent (Art. 6(1)(a) GDPR)
Guarantees applied: https://trustportal.cisco.com/c/dam/r/ctp/docs/dataprotection/cisco-master- data-protection-agreement.pdf
Microsoft Teams
Recipient: Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA
Data protection: https://www.microsoft.com/en-us/privacy/privacystatement
Opt-out link: https://account.microsoft.com/privacy/ad-settings/signedout?ru=https:%2F%2Faccount.microsoft.com%2Fprivacy%2Fad-settings
Legal basis: Consent (Art. 6 para. 1 lit. a) GDPR)
Guarantees used: https://www.microsoft.com/licensing/docs/view/Microsoft-Products-and-Services-Data-Protection-Addendum-DPA?year=2021
Chatbots
We offer our customers the opportunity to contact us via a chat function when visiting our online offering. We use a so-called chatbot for this purpose. Personal data is processed when the tool provided by us is actively used.
In some cases, it is possible to communicate via chat in the internal area of an online platform. In this case, the chat user's ID is processed.
Our chatbot offers visitors to our online offering the option of receiving information on a regular basis. This is only the case if the respective visitor has actively selected this option. It is possible to unsubscribe from this information at any time.
Categories of data subjects: Users of the chatbot
Categories of data: Master data (e.g. name, address), contact details (e.g. email address, telephone number), content data (e.g. text entries, photographs, videos), usage data (e.g. websites visited, interests, access times), meta and communication data (e.g. device information, IP addresses), location data
Purposes of processing: Processing of enquiries, increasing efficiency
Legal basis: Consent (Art. 6 para. 1 lit. a) GDPR)
trbo GmbH
Recipient: trbo GmbH, Leopoldstr. 41, 80802 Munich, Germany
Data protection: https://www.trbo.com/privacy-policy/
Legal basis: Consent (Art. 6 para. 1 lit. a) GDPR)
Newsletter and broad communication (with tracking, if applicable)
Users can subscribe to our newsletters or potential notifications (hereinafter referred to as newsletter) through various channels on our website. In accordance with legal provisions, we only send newsletters to recipients who agreed to receive the newsletter. We use a selected service provider for sending our newsletter.
An email address needs to be entered when subscribing to our newsletter. We may also collect additional data, such as name, that is required for addressing newsletter subscribers in person, for instance.
Our newsletter is only sent out once the double-opt in process has been completed. When visitors decide to subscribe to our newsletter on our website, they receive a confirmation email that serves to prevent and exclude the improper entry of incorrect email addresses through a simple, potentially accidental, click that triggers the newsletter to be sent. Users can unsubscribe from our newsletter again at any time with future effect. Each newsletter contains an unsubscribe link (opt-out link) at the bottom.
We are further obligated to keep proof that our subscribers actually wanted to receive the newsletter. We collect and store the UP address as well as date and time of subscribe and unsubscribe for this purpose.
Our newsletters are designed to provide us with findings about improvements, target groups and read behaviour of our subscribers. We use a web beacon or tracking pixel, which reacts to interactions with the newsletter and tells us, for example, which links in the newsletter have been clicked, if any, or at which time the newsletter has been read. We are able to allocate this information to individual subscribers for technical reasons.
Categories of data subjects: Newsletter subscribers
Categories of data: Master data (e.g. name, address), contact details (e.g. email address, telephone number), meta and communication data (e.g. device information, IP address), usage data (e.g. interests, access times)
Purposes of processing: Marketing, customer retention and acquisition of new customers, analysis and evaluation of the success of the campaign
Legal basis: Consent (Art. 6 para. 1 lit. a) GDPR)
rapidmail GmbH
Recipient: rapidmail GmbH, Wentzingerstraße 21, 79106 Freiburg, Germany
Data protection: https://www.rapidmail.com/downloads/privacy-policy.pdf
Guarantees used: https://www.rapidmail.com/data-security
Advertising communication
We also use the data provided to us for advertising purposes, in particular to provide information about news from us or from our product portfolio via various channels. Any advertising communication on our part is carried out in accordance with the legal requirements and, if necessary, after obtaining consent.
If the recipients of our advertising do not wish to receive it, they can inform us of this at any time. We will be happy to comply with the corresponding request.
Categories of data subjects: Communication partners
Categories of data: Master data (e.g. name, address), contact details (e.g. email address, telephone number)
Purposes of processing: Direct marketing
Legal basis: Consent (Art. 6 para. 1 lit. a) GDPR), legitimate interests (Art. 6 para. 1 lit. f) GDPR)
Legitimate interests: Retaining existing contacts and acquiring new contacts or contractual partners
Prize draws and competitions
We hold prize draws and/or competitions on our website. We process the data of participants which is required for implementing the respective campaign. This also includes data that we require for notifying the winner and distributing prizes.
Depending on the type of campaign, posts by or about participants may be published, such as when reporting on the respective campaign or if a vote on a contribution sent in by a participant forms part of the campaign. The name of the participant is also published for this purpose. The exact data processed by us in each case depends on the specific campaign and on which data we are provided with by the participant.
The implementation of the respective campaign on one of our social media profiles is further subject to the terms and conditions and privacy policy of the respective network.
Categories of data subjects: Participants in the competition
Categories of data: Master data (e.g. name, address), contact details (e.g. email address, telephone number), content data (e.g. text entries, photos, videos)
Purposes of processing: Conducting the competition, including distributing prizes and announcing the winner in various media
Legal basis: Consent (Art. 6 para. 1 lit. a) GDPR)
Contact
Visitors can contact us directly or obtain information on various contact options on our website. We use a management tool for processing corresponding enquiries to maintain an overview of contact enquiries at all times.
If a visitor contacts us, we process the data of the person sending the query within the scope required for answering and/or processing the query. The processed data may vary depending on the channel through which a visitor has contacted us.
Categories of data subjects: Persons making enquiries
Categories of data: Master data (e.g. name, address), contact details (e.g. email address, telephone number), content data (e.g. text entries, photographs, videos), usage data (e.g. interests, access times), meta and communication data (e.g. device information, IP address).
Purposes of processing: Processing of enquiries
Legal basis: Consent (Art. 6 para. 1 lit. a) GDPR), fulfilment or initiation of a contract (Art. 6 para. 1 lit. b) GDPR)
rapidmail GmbH
Recipient: rapidmail GmbH, Wentzingerstraße 21, 79106 Freiburg, Germany
Data protection: https://www.rapidmail.com/downloads/privacy-policy.pdf
Guarantees used: https://www.rapidmail.com/data-security
Events
Visitors to our online offering have the opportunity to register for events. The information we collect and require for contract initiation and fulfilment is marked as mandatory. The provision of additional data is voluntary.
Categories of data subjects: Participants, interested parties
Categories of data: Master data (e.g. name, address), contact details (e.g. email address, telephone number), transaction data (bank details, invoices, payment history), contract data (e.g. subject matter of the contract, term)
Purposes of processing: Contract initiation and execution
Legal basis: Contract initiation and execution (Art. 6 para. 1 lit. b) GDPR), consent (Art. 6 para. 1 lit. a) GDPR)
Data
We transfer the person data of our website visitors for internal purposes (e.g. for internal management or to the HR department for meeting legal or contractual obligations). The data is only transferred or disclosed internally within the required scope in accordance with the relevant data protection regulations.
We may have to transfer personal data in order to perform agreements or fulfil legal obligations. Failure to provide us with the required data may result in us being unable to conclude an agreement with the data subject.
We transfer data to countries outside of Switzerland and the European Economic Area (third countries). We do so for the reasons stated above (transfer to other recipients). We transfer data for the sole purpose of fulfilling our contractual and legal obligations or on the basis of consent previously given by the data subject.
If we transfer data to a country outside of Switzerland and the EEA for the purpose of processing this data, we ensure that the processing activities planned by us are legitimate. For such case, we have concluded, among other things, standard contractual clauses, including a separate regulation for suitable technical and organisational measures, to protect the data subject’s data as best as possible. A copy of the guarantees used can be found under the respective services.
Storage period
We store the data of visitors to our online offering for as long as this is necessary to provide our services or if this has been provided for by European directives and regulations or other legislators in laws or regulations to which we are subject. In all other cases, we delete personal data after the purpose for which it was collected has been fulfilled, with the exception of data that we are required to store for legal reasons (e.g. we are obliged to retain documents such as contracts and invoices for a certain period of time due to tax and commercial law retention periods).
Automated decision-making
We do not use automated decision-making or profiling in accordance with Art. 22 GDPR.
Legal
The relevant legal bases are primarily derived from the GDPR. These are supplemented by national laws of the Member States and may be applicable in conjunction with or in addition to the GDPR.
Consent: Art. 6 para. 1 lit. a) GDPR serves as the legal basis for processing operations for which we have obtained consent for a specific processing purpose.
Contract performance: Art. 6 para. 1 lit. b) GDPR serves as the legal basis for processing operations that are necessary for the performance of a contract to which the data subject is party or for the implementation of pre-contractual measures taken at the request of the data subject.
Legal obligation: Art. 6 para. 1 lit. c) GDPR serves as the legal basis for processing operations that are necessary for the fulfilment of a legal obligation.
Vital interests: Art. 6 para. 1 lit. d) GDPR serves as the legal basis if the processing is necessary to protect the vital interests of the data subject or another natural person.
Public interest: Art. 6 para. 1 lit. e) GDPR serves as the legal basis for processing that is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.
Legitimate interest: Art. 6 para. 1 lit. f) GDPR serves as the legal basis for processing that is necessary to safeguard the legitimate interests of the controller or a third party, unless the interests or fundamental rights and freedoms of the data subject requiring the protection of personal data prevail, in particular if the data subject is a child.
Rights of data subjects
Right to information: Data subjects have the right under Art. 15 GDPR to request confirmation as to whether we are processing data relating to them. They may request information about this data, as well as the further information listed in Art. 15 para. 1 GDPR and a copy of their data.
Right to rectification: Data subjects have the right under Art. 16 GDPR to request the rectification or completion of data concerning them and processed by us.
Right to erasure: Data subjects have the right under Art. 17 GDPR to request the immediate erasure of data concerning them. Alternatively, they may request that we restrict the processing of their data in accordance with Art. 18 GDPR.
Right to data portability: Data subjects have the right under Art. 20 GDPR to request the provision of the data they have provided to us and to request its transfer to another controller.
Right to lodge a complaint: Data subjects also have the right to lodge a complaint with the supervisory authority responsible for them in accordance with Art. 77 GDPR.
Right to object: If personal data is processed on the basis of legitimate interests pursuant to Art. 6 para. 1 sentence 1 lit. f) GDPR, data subjects have the right to object to the processing of their personal data pursuant to Art. 21 GDPR, provided that there are reasons for this arising from their particular situation or the objection is directed against direct marketing. In the latter case, data subjects have a general right to object, which we will implement without specifying a particular situation.
Revocation
Some data processing operations are only possible with the express consent of the data subjects. You have the option of revoking consent already given at any time. To do so, simply send us an informal message or email to revocation.chatlouis-widmer.com. The legality of the data processing carried out until the revocation remains unaffected by the revocation.
External
Links Our website contains links to the online offers of other providers. We hereby point out that we have no influence on the content of the linked online offers and the compliance of their providers with data protection regulations. Changes
We reserve the right to amend this privacy policy at any time in the event of changes to our online offering and in compliance with the applicable data protection regulations so that it complies with legal requirements.
This privacy policy was created by DDSK GmbH.