We process various personal data on our website () and in the course of our business activities, which we would like to inform you about below. Personal data is any information that relates to you (e.g. name, address, e-mail address, telephone number) and can identify you directly or indirectly (e.g. via the Internet). If you have any data protection concerns, please contact us at the address given at the end of this data protection declaration (see section 10).
This privacy statement is designed to meet the requirements of data protection in Switzerland. Please note that we may review and amend it from time to time. The version published on this website is the current version.
If you provide us with data of third parties (e.g. family members, customers, etc.), you confirm with your transmission that you are authorised to do so, that this data is correct and that the third parties concerned are aware of this data protection statement.
1. Personal data that we process
First and foremost, we process the personal data about you that you provide to us yourself or that we collect from users when they visit our website and use our app.
In addition, we may also obtain personal data about you from third party sources for the purposes set out in section 2, in particular:
from clients or your employer with whom we are in contact (e.g. your contact details and details relating to their job functions and activities) so that we can, for example, conclude and process business with your employer with your assistance
orders and related information we receive from third parties to enable us to enter into or perform contracts with you, for example to supply products or services to you
documents relating to you and powers of attorney
Credit reports from credit agencies or authorities, certificates and references
Extracts from publicly accessible registers (e.g. commercial register)
If you contact us via the contact form on our website, the e-mail address or telephone number provided, we collect marginal data of the communication in addition to the information you provide to us. This includes the manner and the place and time of the communication.
Your online activities (including activities on social media). For example, when you use our website, we collect technical data to ensure the functionality and security of these offerings. This data also includes logs recording the use of our systems. As part of the technical data, in addition to the IP and MAC addresses of the devices used, we also collect information about the operating system of your terminal device, the date, region and time of use and the type of browser you use to access our website. This can help us to transmit the correct formatting of the website and serves to promote a smooth connection, the comfortable use of the website, the evaluation of system security and stability as well as other administrative purposes. In order to ensure the functionality of these offers, we may also assign an individual code to you or your end device (e.g. in the form of a cookie, see section 3). We then collect and process usage data, in particular the websites you visit, your interest in content, file names of accessed files, times of access, functions used and location information. We usually process this data using tracking technology or cookies (see sections 3 and 4).
2. Purposes for which we process your personal data
In addition to the purposes which we will notify you of separately if required, we process your personal data for the following purposes:
Communicating with you and the third parties mentioned in section 1.
Concluding and processing contracts with you (including carrying out application procedures and entering into employment relationships) and the third parties named in section 1
Operation of the infrastructure (including our website)
Marketing to promote our services (e.g. mailings, events) and relationship management
Market research and product development, in particular for the planning, development and improvement of our offering (including products and services)
Compliance with regulatory requirements such as laws, industry standards, directives, etc.
Maintaining security (e.g. crime and fraud prevention, access controls and monitoring of our website)
Risk management and prudent corporate governance (e.g. operational organisation and corporate development)
Enforcement and defence of claims and regulatory proceedings.
Where we ask for your consent for certain processing, we will inform you separately about the relevant purposes of the processing. You may revoke your consent at any time with future effect by notifying us in writing (by post) or, where not otherwise stated or agreed, by email; our contact details can be found in section 10 below. Once we have received notification of the withdrawal of your consent, we will no longer process your data for the purposes to which you originally consented, unless we have another legal basis for doing so (e.g. legal obligation or overriding interest). The revocation of your consent does not affect the lawfulness of the processing carried out on the basis of the consent until the revocation.
On our website, we use technologies with which we and third parties engaged by us can recognise you during your use and, under certain circumstances, track you over several visits. Essentially, this is so that we can distinguish your access (via your system) from access by other users, so that we can ensure the functionality of the website and carry out evaluations and personalisation. We do not want to infer your identity in the process. However, even without registration data, the technologies used are designed in such a way that you are recognised as an individual visitor each time you access the site, for example by our server (or the servers of third parties) assigning you or your browser a specific recognition number (so-called "cookie"). Cookies help in many ways to make your visit to our website easier, more pleasant and more meaningful.
You can programme your browser to block or deceive certain cookies or alternative techniques, or to delete existing cookies. You can also enhance your browser with software that blocks tracking by certain third parties. You will find further information on this on the help pages of your browser (usually under the keyword "data protection"). On the following pages you will find explanations on how to configure the processing of cookies in the most common browsers:
Microsoft Edge - should link to - https://www.microsoft.com/en-us/edge?ep=49&form=MA13IV&es=15
Mozilla Firefox - should link to - https://www.mozilla.org/de/?v=2
Google Chrome - should link to - https://www.google.com/intl/de/chrome/
Please note that disabling cookies may prevent you from using all the features of our website.
4.Third-party services that are integrated on our website
4.1 Tracking tools that we use
In order to provide our service in a durable, user-friendly, secure and reliable manner, we use third-party services. They may also be used to embed content on our website. These services require your (IP) address in order to be able to transmit the corresponding content.
4.1.1 Google Analytics
We use Google Analytics, a web analytics service provided by Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland or Google Inc, 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA. Google Analytics uses methods that enable an analysis of the use of our website, e.g. cookies. These generate information about your use of the website, such as.
Navigation path of visitors to our website
The time spent on the website (including sub-pages)
The sub-page on which the website is left
The country, region or city from which our website is accessed
The terminal device used (type, version, colour depth, resolution, width and height of the browser window)
Browser provider (including version) and the operating system used
Whether the visitor is a returning or new visitor
The website visited before coming to our website (referrer URL)
Host name of the accessing computer (IP address)
Time of the server request
This information is transferred to Google servers in the USA and stored there. In doing so, the IP address is shortened by activating IP anonymisation ("anonymizeIP") on our website before transmission within the Member States of the European Union or in other contracting states of the Agreement on the European Economic Area, as well as in Switzerland. The anonymised IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. In these cases, we ensure that Google maintains a sufficient level of data protection through contractual guarantees, in particular by agreeing to the EU standard contractual clauses and additional measures.
We use this information to evaluate the use of our website, to compile reports on website activity and to provide other services associated with website and internet use for the purposes of market research and demand-oriented design of our website. Google may transfer this information to third parties where required to do so by law, or where such third parties process the information on Google's behalf. According to Google, under no circumstances will the IP address be associated with other data relating to the user.
The legal basis for processing the data for the above purposes is your consent, which you give us by clicking on the cookie banner. You can revoke your consent at any time (see section 10).
We use Google Signals. This captures additional information in Google Analytics about users who have activated personalised ads (interests and demographics) and ads can be delivered to these users in cross-device remarketing campaigns.
The recorded data is stored together with the randomly generated user ID, which enables the evaluation of pseudonymous user profiles. This user-related data is automatically deleted after 14 months. Other data remains stored in aggregated form indefinitely.
4.1.2 Google reCAPTCHA
Our website uses Google's reCAPTCHA to check whether data entry (e.g. in a contact form) is made by a human or by an automated programme. For this purpose, the behaviour of the website's users is analysed on the basis of various characteristics. For the analysis, reCAPTCHA evaluates various information, in particular the IP address, the time the user spends on our website or the mouse movements made by the user. The data collected during the analysis is transmitted to Google.
4.1.3 Google Tag Manager
To manage cookies and pixels for tracking tools and other tools, we use Google Tag Manager on our website, a service provided by Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland and Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA, respectively. The Tag Manager tool is a cookie-less domain and does not collect any personal data. However, it triggers other tags that may in turn collect personal data. If you have deactivated a tag at the main or cookie level, this will remain in place for all tracking tags implemented with Google Tag Manager.
4.2 Other tools and plugins we use
4.2.1 Google Maps
We use Google Maps API (Application Programming Interface, "Google Maps") from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland or Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA on our website for the visual display of geographical information (maps). By using Google Maps, information about the use of our website, including the IP address of the website user, is transmitted to a Google server in the USA and stored there.
On our website, we use plugins from YouTube, a video portal of YouTube LLC, 901 Cherry Ave, San Bruno, CA 94066, USA, a subsidiary of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. We use this plugin to improve the user experience through videos.
Each time you visit a page that offers one or more YouTube video clips, a direct connection is established between your browser and a YouTube server in the USA. In the process, information about your visit and your IP address are stored. By interacting with the YouTube plugins (e.g. clicking the start button), this information is also transmitted to YouTube and stored by YouTube. If you have a YouTube user account and do not want YouTube to collect data about you via this website and link it to your membership data stored with YouTube, you must log out of YouTube before visiting this website.
In addition, YouTube calls up the Google Analytics analysis tool via an iFrame in which the video is called up (see section 4.1.1). This is YouTube's own tracking, to which we have no access. You can prevent tracking by Google Analytics by using the deactivation tools that Google offers for some Internet browsers.
4.2.3 Google Web Fonts
For the uniform display of fonts, we use so-called web fonts on our website, a service of Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland or Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA. When you call up a page, your browser loads the required web fonts into your browser cache in order to display texts and fonts correctly. This transmits to the Google server which of our web pages you have visited. The IP address of the browser of the end device of the visitor to these Internet pages is also stored by Google. If your browser does not support web fonts, a standard font from your computer will be used.
4.2.4 Social media plugin
We have integrated the social media plugin of the following provider on our website: Facebook Inc, 1601 S. California Ave, Palo Alto, CA 94304, USA. You can recognise the social media plugin by the logo. You can find more information about Facebook at: https://de-de.facebook.com/privacy/explanation.
To ensure data protection on our website, we only use this plugin together with the so-called "Shariff" solution. This application prevents the plugin integrated on our website from transmitting data to the provider when you first enter the website. A direct connection to the provider's server is only established when you activate the plugin by clicking on the associated button and thereby granting your consent. As soon as you activate the plugin, the provider receives the information that you have visited our website with your IP address. If you are logged into your Facebook account at the same time, the provider can assign your visit to our website to your user account. To prevent this, you should log out before clicking on the plugin. Please note, however, that an assignment is made in any case if you log into the corresponding network after clicking on the plugin.
With your express consent, we will send you our newsletter or similar communications regularly to the e-mail address you have provided.
To receive our newsletter, it is sufficient to provide your e-mail address. When registering for our newsletter, your data will only be used for this purpose. Subscribers can also be informed about relevant information regarding the service or the registration by e-mail, such as changes in the newsletter offer or technical aspects.
For a successful subscription, we use the "double-opt-in" procedure to ensure that the subscription really comes from the e-mail address holder. In doing so, we track the request for the newsletter, the sending of a confirmation e-mail and the receipt of the requested response. No other data is collected and this is only used to send the newsletter and is not passed on to third parties.
You can withdraw your consent to the storage of your data and its use for sending the newsletter at any time. There is an unsubscribe link in every newsletter. You can also unsubscribe at any time on this website or inform us via the contact option provided at the end of these notes.
4.2.6 Google Optimize
We use Google Optimize, a website optimisation tool, on our website. The service provider is the American company Google Inc. For the European area, the company Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible for all Google services. Google also processes your data in the USA, among other places. We would like to point out that according to the opinion of the European Court of Justice, there is currently no adequate level of protection for the transfer of data to the USA. This may be associated with various risks for the legality and security of data processing. As a basis for data processing with recipients based in third countries (outside the European Union, Iceland, Liechtenstein, Norway, i.e. in particular in the USA) or a transfer of data there, Google uses so-called standard contractual clauses (= Art. 46. para. 2 and 3 DSGVO). Standard Contractual Clauses (SCC) are templates provided by the EU Commission and are intended to ensure that your data comply with European data protection standards even if they are transferred to third countries (such as the USA) and stored there. Through these clauses, Google undertakes to comply with the European level of data protection when processing your relevant data, even if the data is stored, processed and managed in the US. These clauses are based on an implementing decision of the EU Commission. You can find the decision and the corresponding standard contractual clauses, among others, here https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de">https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de
The Google Ads Data Processing Terms, which refer to the standard contractual clauses, can be found at https://business.safety.google/intl/de/adsprocessorterms/.
4.2.7 Facebook Conversion API
We use Facebook Conversions API, a server-side event tracking tool, on our website. The service provider is the American company Meta Platforms Inc. Meta Platforms Ireland Limited (4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland) is responsible for the European region. Facebook also processes your data in the USA. We would like to point out that according to the opinion of the European Court of Justice, there is currently no adequate level of protection for the transfer of data to the USA. This may entail various risks for the legality and security of data processing.
4.2.8 Microsoft Advertising Remarketing and Microsoft Clarity
This technology involves the setting of cookies that evaluate how you use our website and enable your browser to be recognised when you visit websites that belong to the Microsoft advertising network.
Data processing purposes:
We use this technology to present you with interest-based advertisements on other websites in the Microsoft advertising network. The advertisements relate to content that you have previously viewed on our websites.
Bing Conversion Tracking ("UET", also called Microsoft Advertising Universal Event Tracking): We use Microsoft Advertising Universal Event Tracking, a service provided by Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA ("Microsoft"). When you access our websites via Microsoft Ads, a cookie is set on your computer. In addition, a UET tag is integrated on our web pages. This is a code which, in combination with the cookie, stores pseudonymised data about the use of the website. The tag, in combination with the cookie, collects pseudonymised data to track what actions you take on our websites after clicking on a Microsoft Ads advertisement. The data collected includes the time spent on the website, which areas of the website were accessed and which ad you used to access the website. In addition, Microsoft may track your usage patterns across multiple electronic devices through cross-device tracking. The information collected is transferred to a Microsoft server in the US. Microsoft is certified under the EU-US Privacy Shield.
Bing Webmaster Tools: Microsoft's Bing Webmaster Tools store cookies and so-called beacons on your computer. Beacons or tracking pixels are small invisible graphics that can be used to register whether a website has been accessed.
Purposes of data processing:
Microsoft Advertising Universal Event Tracking: UET enables us to track your activity on our websites when you have accessed our websites through Microsoft Ads advertisements and enable us to improve our service. Cross-device tracking allows Microsoft to display personalised ads.
Bing Webmaster Tools: This tool allows Microsoft to provide its Bing services and optimise search results.
We use Microsoft Advertising Tracking if you have consented to it. We obtain your consent when you call up our web pages via the cookie banner at the bottom of the web pages.
Storage period and control options:
The data is stored by Microsoft for a maximum period of 180 days. You can prevent the collection and processing of data by deactivating the setting of cookies. This may restrict the functionality of the websites under certain circumstances. You can deactivate cross-device tracking under the following link https://account.microsoft.com/privacy/ad-settings/signedout?ru=https%3A%2F%2Faccount.microsoft.com%2Fprivacy%2Fad-settings.
4.2.9 Linkedin Insight Tag
We use the conversion tracking tool LinkedIn Insight Tag on our website. The service provider is the American company LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA. The company LinkedIn Ireland Unlimited (Wilton Place, Dublin 2, Ireland) is responsible for the data protection-relevant aspects in the European Economic Area (EEA), the EU and Switzerland.
4.2.10. Google Analytics Remarketing
Our websites use the functions of Google Analytics Remarketing in conjunction with the cross-device functions of Google Ads and Google DoubleClick. The provider is Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
This function makes it possible to link the advertising target groups created with Google Analytics Remarketing with the cross-device functions of Google Ads and Google DoubleClick. In this way, interest-based, personalised advertising messages that have been adapted to you depending on your previous usage and surfing behaviour on one end device (e.g. mobile phone) can also be displayed on another of your end devices (e.g. tablet or PC).
If you have given your consent, Google will link your web browsing history to your Google account for this purpose. In this way, the same personalised advertising messages can be displayed on every device on which you log in with your Google account.
To support this feature, Google Analytics collects Google-authenticated user IDs that are temporarily linked to our Google Analytics data to define and create audiences for cross-device ad targeting.
You can permanently object to cross-device remarketing/targeting by deactivating personalised advertising in your Google account; follow this link: https://www.google.com/settings/ads/onweb/.
The aggregation of the collected data in your Google account is based solely on your consent, which you can give or revoke at Google. The legitimate interest results from the fact that the website operator has an interest in the anonymised analysis of website visitors for advertising purposes.
Further information and the data protection provisions can be found in Google's data protection declaration at: https://www.google.com/policies/technologies/ads/.
4.2.11. Google Ads and Google Conversion Tracking
This website uses Google Ads. Google Ads is an online advertising programme of Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States ("Google").
Within the framework of Google Ads, we use so-called conversion tracking. When you click on an ad placed by Google, a cookie is set for conversion tracking. Cookies are small text files that the internet browser stores on the user's computer. These cookies lose their validity after 30 days and are not used to personally identify the user. If the user visits certain pages of this website and the cookie has not yet expired, Google and we can recognise that the user clicked on the ad and was redirected to this page.
Each Google Ads customer receives a different cookie. The cookies cannot be tracked across Ads customers' websites. The information obtained using the conversion cookie is used to create conversion statistics for Ads customers who have opted in to conversion tracking. Clients learn the total number of users who clicked on their ad and were redirected to a page tagged with a conversion tracking tag. However, they do not receive any information that can be used to personally identify users. If you do not wish to participate in the tracking, you can object to this use by easily deactivating the Google conversion tracking cookie via your internet browser under user settings. You will then not be included in the conversion tracking statistics.
The website operator has a legitimate interest in analysing user behaviour in order to optimise both its website and its advertising.
You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or generally and activate the automatic deletion of cookies when closing the browser. If you deactivate cookies, the functionality of this website may be limited.
4.2.12. Google BigQuery
We use the Google BigQuery database system for our website. The service provider is the American company Google Inc. Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible for all Google services in Europe.
Google also processes your data in the USA, among other places. We would like to point out that according to the opinion of the European Court of Justice, there is currently no adequate level of protection for the transfer of data to the USA. This may be associated with various risks to the lawfulness and security of the data processing.
Google uses so-called standard contractual clauses (= Art. 46. para. 2 and 3 DSGVO) as the basis for data processing for recipients located in third countries (outside the European Union, Iceland, Liechtenstein, Norway, i.e. in particular in the USA) or a data transfer there. Standard Contractual Clauses (SCC) are templates provided by the EU Commission and are intended to ensure that your data comply with European data protection standards even if they are transferred to third countries (such as the USA) and stored there. Through these clauses, Google undertakes to comply with the European level of data protection when processing your relevant data, even if the data is stored, processed and managed in the US. These clauses are based on an implementing decision of the EU Commission. You can find the decision and the corresponding standard contractual clauses here, among other places:
5. Links to third-party websites on our website
Third party websites are linked on our website.
We have no influence whatsoever on websites linked to our website and disclaim any liability for the visit and content of linked websites. With regard to data protection, we refer to the data protection declaration on the respective websites.
6. Data transfer (including data transfer abroad)
Within the scope of the purposes mentioned in section 2, we may also disclose your personal data to third parties, in particular to the following categories of recipients:
Service providers: we work with service providers who process personal data about you on our behalf or in joint responsibility with us or who receive data about you from us in their own responsibility, debt collection companies, shipping service providers and the third parties mentioned in section 4 who collect data about you via the website).
Authorities: We may pass on personal data to offices, courts and other authorities if this is necessary to process a contract or if we are legally obliged or entitled to do so or if this appears necessary to protect our legitimate interests. The authorities process data about you that they receive from us on their own responsibility;
Business partners: e.g. suppliers, customers, marketing and project partners;
Other persons: This refers to other cases where the involvement of third parties arises from the purposes set out in section 2, e.g. other parties to potential or actual legal proceedings, and acquirers or parties interested in acquiring divisions, companies or other parts of us.
All these categories of recipients may in turn involve third parties, so that your data may also become accessible to them. We can restrict processing by certain third parties (e.g. IT providers), but not by other third parties (e.g. authorities, banks, etc.).
The third parties to whom we transfer your personal data may also be located abroad, usually in other contracting states to the Agreement on the European Economic Area, but exceptionally in any country in the world (e.g. with regard to the tools we use in accordance with section 4). If a recipient is located in a country without adequate legal data protection, we contractually oblige the recipient to comply with the applicable data protection, e.g. by agreeing to the EU standard contractual clauses, insofar as it is not already subject to a legally recognised set of rules to ensure data protection and we cannot rely on an exemption provision. An exception may apply in particular in the case of legal proceedings abroad, but also in cases of overriding public interests or if the performance of a contract requires such disclosure, if you have given your consent or if the data in question has been made generally accessible by you and you have not objected to its processing.
Note on data transfers to the USA: Some of the third-party service providers mentioned in this data protection declaration are based in the USA (see point 4). In order to enable you to make an informed decision about consenting to the use of your data, we would like to explicitly draw your attention to the following legal and factual situation in the USA: The surveillance measures of authorities in the USA generally enable the storage of all personal data of all persons whose data has been transferred from Switzerland or the EU to the USA. This is done without differentiation, restriction or exception based on the objective pursued. There is no objective criterion that makes it possible to restrict the access of the authorities in the USA to the personal data and their subsequent use to very specific, strictly limited purposes that are capable of justifying the access to these data and the interference associated with their use. In the USA, data subjects from Switzerland or the EU have no legal remedies that allow them to obtain access to the personal data concerning them and to have it corrected or deleted, or no effective judicial legal protection against general access rights of authorities in the USA. From the perspective of the Swiss Confederation and the EU, the USA does not have an adequate level of data protection (in particular because of the legal and factual situation mentioned in this section). Insofar as we explain in this data protection declaration that recipients of data (such as Google) are based in the USA, we will ensure through contractual arrangements with these companies, as well as any additional appropriate guarantees required, that your data is protected with our partners with an appropriate level.
7. Data security
We take appropriate security measures to maintain the confidentiality, integrity and availability of your personal data, to protect it against unauthorised or unlawful processing and to protect it against the risks of loss, accidental alteration, unauthorised disclosure or access.
Data transmitted over an open network such as the Internet or an e-mail service is openly accessible, and we therefore cannot guarantee the confidentiality of messages or content transmitted through these channels. We ask you to be aware that third parties may access, collect and use for their purposes personal data that is shared over an open network.
8. Duration of retention of personal data
We process your data for as long as our processing purposes, the legal retention periods and our legitimate interests in processing for documentation and evidence purposes require or storage is technically necessary. In particular, business communication or concluded contracts, for example, must be stored for up to 10 years.
9. Your rights
The applicable data protection law grants you various rights, including the right to information, the right to correct incorrect data and the right to object. In addition, you can revoke your consent to the processing of your personal data at any time with effect for the future (see also section 2).
If you have any questions regarding your rights and how to exercise them, please contact us in writing or, unless otherwise stated or agreed, by e-mail; you will find our contact details in Section 10 below.
For data protection concerns, please contact:
digital M. GmbH i.G.