01 CONTACT ADDRESS
Responsibility for the processing of personal data:
Strasser AG Thun
We will indicate if there are other responsible parties for the processing of personal data in individual cases.
02 PROCESSING OF PERSONAL DATA
Personal data refers to all information relating to a specific or identifiable person. A data subject is an individual about whom personal data is processed. Processing encompasses any handling of personal data, regardless of the means and methods used, including the storage, disclosure, acquisition, collection, deletion, retention, alteration, destruction, and utilization of personal data.
Nature, Scope and Purpose
We process those personal data that are necessary to provide our offering in a permanent, user-friendly, secure, and reliable manner. Such personal data may fall into categories including inventory and contact details, browser and device data, content data, meta or marginal data, and usage data, location data, sales, contract, and payment data. We process personal data for the duration necessary for the respective purpose(s) or as legally required. Personal data that is no longer required for processing will be anonymized or deleted. Individuals whose data we process generally have a right to deletion.
We primarily process personal data with the consent of the data subject, unless processing is permissible for other legal reasons, such as fulfilling a contract with the data subject and related pre-contractual measures, safeguarding our overriding legitimate interests, where processing is apparent from the circumstances, or after prior information.
In this context, we particularly process information voluntarily and directly provided to us by a data subject when contacting us – for example, through postal mail, email, contact form, social media, or telephone – or when registering for a user account. We may store such information in an address book or using similar tools. If you transmit personal data to us via third parties, you are obligated to ensure data protection vis-à-vis such third parties and to ensure the accuracy of such personal data.
Furthermore, we process personal data that we receive from third parties, obtain from publicly accessible sources, or collect in providing our services, as long as such processing is permissible for legal reasons.
Processing of Personal Data by Third Parties, Including Abroad
We may entrust third parties, both domestically and internationally, to process personal data on our behalf, either individually or in collaboration. Such third parties primarily include service providers whose offerings we utilize. We ensure an adequate level of data protection even when involving these third parties. Typically, these third parties are located within Switzerland and the European Economic Area (EEA).
However, such third parties might also be situated in other countries and territories around the world, as long as their data protection laws guarantee an adequate level of data protection according to the assessment of the Federal Data Protection and Information Commissioner (FDPIC), or if other conditions, such as contractual agreements (including Standard Contractual Clauses) or certification, ensure an adequate level of data protection. In exceptional cases, such third parties might be located in a country without adequate data protection if the necessary data protection requirements, like explicit consent from the data subject, are fulfilled.
Rights of Data Subjects
Individuals whose personal data we process have rights according to Swiss data protection law. These rights include the right to obtain information about the processing of their data, as well as the right to correct, delete, or restrict the processing of their personal data.
Data subjects whose personal data we process also have the right to lodge a complaint with a competent supervisory authority. The supervisory authority for data protection in Switzerland is the Federal Data Protection and Information Commissioner (FDPIC).
We implement appropriate and suitable technical and organizational measures to ensure data protection, especially data security. However, the processing of personal data on the internet, despite such measures, can still have potential security vulnerabilities. Thus, we cannot guarantee absolute data security.
Access to our online services is facilitated through transport encryption (SSL / TLS, notably via Hypertext Transfer Protocol Secure, abbreviated as HTTPS). Most browsers indicate transport encryption with a padlock icon in the address bar.
Access to our online services is subject to general and suspicion-independent mass surveillance, as well as other monitoring by security authorities in Switzerland, the European Union (EU), the United States of America (USA), and other countries. We have limited direct influence over the handling of personal data by intelligence agencies, police authorities, and other security agencies.
03 WEBSITE USAGE
Cookies cannot execute programs or transmit malicious software such as trojans and viruses. When you visit our website, cookies may be stored in your browser temporarily as “session cookies” or for a specific period as so-called “persistent cookies.” “Session cookies” are automatically deleted when you close your browser. Persistent cookies have a specific storage duration. They notably enable your browser to be recognized during your next visit to our website, facilitating actions like measuring our website’s reach. However, persistent cookies can also be used for online marketing purposes.
For cookies used for measuring success and reach or for advertising purposes, a general opt-out option is available for numerous services through the Network Advertising Initiative (NAI), YourAdChoices (Digital Advertising Alliance), or Your Online Choices (European Interactive Digital Advertising Alliance, EDAA).
Server log files
For each access to our website, we may record the following information if they are transmitted from your browser to our server infrastructure or can be determined by our web server: Date and time including time zone, Internet Protocol (IP) address, access status (HTTP status code), operating system including user interface and version, browser including language and version, specific sub-page of our website accessed including data volume transferred, and the last webpage visited in the same browser window (referer or referrer).
We store such information, which may also include personal data, in server log files. This data is necessary to provide our online service permanently, user-friendly, and reliably, and to ensure data security, particularly the protection of personal data, even with the involvement or assistance of third parties.
We may use pixel tags on our website, also referred to as web beacons. Pixel tags, including those from third parties whose services we use, are small, usually invisible images that are automatically retrieved when you visit our website. Pixel tags can collect the same information as server log files.
04 SOCIAL MEDIA
We maintain a presence on social media platforms and other online platforms to communicate with interested individuals and provide information about our offerings. In this context, personal data may be processed outside of Switzerland and the European Economic Area (EEA).
05 SUCCESS AND REACH MEASUREMENT
We use Google Analytics to analyze how our website is used, which allows us to measure the reach of our website and the success of third-party links on our website. This is a service provided by the American Google LLC. For users in the European Economic Area (EEA) and Switzerland, the Irish Google Ireland Limited is responsible.
Google attempts to track individual visitors to our website even when they use different browsers or devices (Cross-Device Tracking), utilizing cookies as well. Google Analytics requires your Internet Protocol (IP) address, which is, however, not merged with other Google data.
In any case, we anonymize your Internet Protocol (IP) address before analysis by Google. As a result, your complete IP address is generally not transmitted to Google in the USA.
Google Tag Manager
We use Hotjar to analyze how our website is used. Hotjar allows us to record visitor behavior on our website, such as mouse movements and clicks or other inputs. Cookies and other technologies are used for this purpose, capturing user behavior and details like screen size, anonymized Internet Protocol (IP) address, and approximate location (country). Hotjar, a service provided by Hotjar Ltd. in Malta, claims to store the collected data in a pseudonymized user profile.
06 THIRD PARTY SERVICES
We utilize third-party services to provide our offering in a permanent, user-friendly, secure, and reliable manner. These services also enable us to embed content into our website. Such services – for example, hosting and storage services, video services, and payment services – require your Internet Protocol (IP) address, as otherwise, they cannot transmit the corresponding content. Such services may be located outside of Switzerland and the European Economic Area (EEA), as long as adequate data protection measures are in place.
For their own security-related, statistical, and technical purposes, third parties whose services we use may also aggregate, anonymize, or pseudonymize data related to our offering, as well as from other sources – including cookies, log files, and pixel tags.
We utilize third-party services to access the necessary digital infrastructure for our offering. This includes specialized providers offering hosting and storage services, for instance.
Audio and Video Conferences
We use Google Ads (formerly AdWords) to advertise our offerings specifically on the Google search engine and other locations across the internet, such as other websites. This targeted advertising can be based on various factors, including search queries. Google Ads is a service provided by the American Google LLC. For users in the European Economic Area (EEA) and Switzerland, the Irish Google Ireland Limited is responsible. Cookies are used in Google Ads. Google employs various domain names, notably doubleclick.net, googleadservices.com, and googlesyndication.com, for Google Ads.
Our goal with such advertising is to reach individuals who are interested in or already using our online offerings. To achieve this, we transmit relevant information, which may also be personally identifiable, to Google (remarketing). Additionally, we can determine the success of our advertising, meaning whether it leads to visits on our website (conversion tracking).
07 WEBSITE EXTENSION
08 FINAL PROVISION