Data Protection Declaration
This data protection declaration serves as information on the processing of personal data in connection with our arbenz-riskservice.ch website and our other online offers.
1. Contact details
BODY RESPONSIBLE FOR THE ONLINE SERVICES
Arbenz + Partner AG
2. PROCESSING OF PERSONAL DATA
‘Personal data’ means any information relating to an identified or identifiable natural person. A ‘data subject’ is a person about whom personal information is processed. ‘Processing’ includes any operations performed on personal data, regardless of the means and procedures used, especially storing, disclosing, obtaining, collecting, deleting, saving, modifying, destroying, and using personal data.
2.2 LEGAL BASES
We process personal data in accordance with Swiss data protection law, in particular the Federal Act on Data Protection (DSG) and the Ordinance to the Federal Act on Data Protection (VDSG).
2.3 NATURE, SCOPE AND PURPOSE
We process personal data that are required to provide our online offer in a long-term, user-friendly, secure and reliable manner. Such personal data may fall into the categories of inventory and contact data, content data, usage data and application data, as well as contract data and payment data.
We process personal data for the duration that is necessary for the respective purpose(s), or for the legally required term. Personal data which are no longer required for processing will be anonymised or deleted.
In principle, we only process personal data with the data subject’s consent, unless processing is permitted for other legal reasons, for example to fulfil a contract with the data subject and for appropriate pre-contractual measures to protect our main legitimate interests because the processing is obvious from the circumstances or from prior information.
Within this scope, in particular, we process information that a data subject voluntarily discloses when making contact - for example, by post, email, via the contact form, social media or telephone - or when registering for a user account. We may store such information in an address book, in a Customer Relationship Management (CRM) system, or using similar means. If you provide us with personal data via third parties, you are obliged to ensure the privacy of such third parties and to ensure the correctness of such personal data.
We also process personal data obtained from third parties, from publicly accessible sources, or from our online offers and services, if and to the extent that such processing is legally permissible.
2.4 PROCESSING OF PERSONAL DATA BY THIRD PARTIES FROM ABROAD
We may have personal data processed by third parties, in particular, by contractors, or work together with third parties, have third parties assist us, or transmit data to third parties. These third parties are generally suppliers and other service providers. We also ensure and guarantee appropriate data protection if data are processed by third parties.
Generally, these third parties are located in Switzerland as well as in the European Union (EU) or in the European Economic Area (EEA). Third parties may, however, also be located in other countries and on other continents, as long as their data protection law ensures adequate data protection in accordance with the Federal Data Protection and Information Commissioner (FDPIC), or for other reasons, such as a corresponding contractual agreement, especially based on standard contractual clauses or relevant certification. Regarding third parties that are in the United States of America (USA), certification under the Privacy Shield can ensure appropriate data protection. In exceptional cases, a third party may be in a country without adequate data protection, provided the data protection requirements, such as the explicit consent of the data subject, are fulfilled.
3. RIGHTS OF DATA SUBJECTS
Data subjects, whose personal data we process, have certain rights under Swiss data protection law. These rights include the right to information and the right to correction, deletion or blocking of the personal data that are processed.
Data subjects, whose personal data we process, have a right to appeal to a competent supervisory authority. The supervisory authority for data protection in Switzerland is the Federal Data Protection and Information Commissioner (FDPIC).
4. DATA SECURITY
We take all appropriate technical and organizational measures to ensure data protection and, in particular, data security. However, despite such measures, the processing of personal data on the Internet can always have security loopholes. For this reason, we cannot guarantee absolute data security.
Access to our online offer takes place by means of transport encryption (SSL/TLS with HTTPS).
Access to our online offer is - as is the case with any Internet use - subject to groundless, “suspicion-free” mass monitoring as well as other means of surveillance by security authorities in Switzerland, the European Union (EU), the United States of America (USA) and other countries. We have no direct influence on the processing of personal data by intelligence services, police forces and other security agencies.
5. USING THE WEBSITE
When you visit our website, cookies can be stored temporarily in your browser as so-called “session cookies” or as permanent cookies for a certain period. "Session cookies" are automatically deleted when you close your browser. Permanent cookies allow our website to recognise your browser the next time you visit it, to measure, for example, the reach of our website. Permanent cookies can also be used for online marketing methods.
You can deactivate or delete cookies, in whole or in part, in your browser settings at any time. Without cookies, not all aspects of our online offer may be available to you. We kindly ask for your consent to use such cookies, if and to the extent necessary.
For cookies used for analytics or advertising purposes, there is a general opt-out function possible for several services via the Networking Advertising Initiative, YourAdChoices (Digital Advertising Alliance) and/or Your Online Choices (European Interactive Digital Advertising Alliance, EDAA).
5.2 LOG FILES
We may collect the data listed below every time you access our website, if these are transmitted by your browser to our server infrastructure or they can be identified by our web server: date and time including time zone, Internet Protocol (IP) address, access status (HTTP status code), operating system including user interface and version, browser including language and version, accessed individual page and transmitted data volume, last accessed website (referrer).
We store this information, which can also be personal data, in log files. We require this information for the provision of our online service in a permanent, user-friendly and reliable manner, as well as to safeguard data security — also via third parties or with the help of third parties — and, in particular, to ensure the protection of personal data.
5.3 TRACKING PIXELS
We may use tracking pixels on our website. Tracking pixels are also referred to as web beacons. Tracking pixels - also via third parties whose services we use - are small images that are retrieved when you visit our website. The same information can be recorded using tracking pixels as with server log files.
6. THIRD-PARTY SERVICES
We may use third-party services for the provision of our online services in a permanent, user-friendly and reliable manner. Such services also serve to embed content in our online offer. Services of this nature - such as hosting and storage services, video services, as well as payment services - require your Internet Protocol (IP) address since they cannot otherwise deliver the respective content. Such services may be located outside Switzerland, the European Union (EU) or the European Economic Area (EEA), provided that adequate data protection is ensured.
For security-related, statistical and technical purposes, third-party services may also aggregate, anonymise or pseudonymise data — including cookies, log files and tracking pixels — in connection with our online offer and from other sources. These data are not used to directly contact data subjects in connection with our online offer.
6.3 SUCCESS AND REACH MEASUREMENTS
We use Google Analytics as a tool to analyse how our website is used, for example by measuring the reach of our website and the success of third-party links on our website. This is a service of the American Google LLC; the Irish company Google Ireland Limited is responsible for users in the European Economic Area (EEA) and Switzerland.
Google also attempts to collect data on individual visitors to our website when they use different browsers or devices (cross-device tracking). For this purpose, cookies are used. Google Analytics requires your Internet Protocol (IP) address, but it will not be merged with other Google data.
We always have your Internet Protocol (IP) address anonymised prior to analysis by Google. As a result, your full IP address is generally not transmitted to Google in the USA.
7. FINAL PROVISIONS
We may amend and supplement this data protection declaration at any time. We will inform you about any such amendments and supplements in a suitable manner, particularly through publishing the current data protection declaration on our website.