The data controller within the meaning of data protection regulations, in particular the EU General Data Protection Regulation (GDPR), is:
SemioticTransfer AG
Bruggerstrasse 69
CH-5400 Baden
Phone: +41 56 470 40 40
E-mail: contact@semiotictransfer.ch
Website: https://www.semiotictransfer.ch
General Note
Based on Article 13 of the Swiss Federal Constitution and the data protection provisions of the Swiss Confederation (Swiss Federal Act on Data Protection, FADP), every individual has the right to protection of their privacy as well as protection from misuse of their personal data. The operators of this website take the protection of users’ personal data very seriously. We keep users’ personal data confidential in accordance with the statutory data protection regulations and this privacy policy.
In cooperation with our hosting providers, we make every effort to protect the database insofar as possible against unauthorized access, loss, misuse or falsification.
We would like to point out that data transmission online (e.g. when communicating via email) may be subject to security lapses. Total protection of the data against access by third parties is not possible.
By using this website, the user consents to the collection, processing and use of data as described below. In principle, this website can be visited without the user having to register on the site. In the process, data such as pages visited or names of file accessed, and date and time are stored on the server for statistical purposes without this data being directly related to the user personally. Personal data, in particular names, addresses or email addresses, are collected on a voluntary basis as far as possible. The data will not be passed on to third parties without the user’s consent.
Processing of personal data
Personal data is any information that relates to an identified or identifiable individual. A data subject is an individual in relation to whom personal data is processed. Processing includes any handling of personal data, regardless of the means and procedures used, in particular the storage, disclosure, acquisition, deletion, storage, modification, destruction and use of personal data.
We process personal data in accordance with Swiss data protection law. In other respects, we process – to the extent and insofar as the EU GDPR is applicable – personal data in accordance with the following legal bases in connection with Art. 6(1) GDPR:
- Consent (Art. 6(1)(a) GDPR) – the data subject has given consent to the processing of their personal data for one or more specific purposes.
- Contract performance and pre-contractual requests (Art. 6(1)(b) GDPR) – processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract.
- Legal obligation (Art. 6(1)(c) GDPR) – processing is necessary for compliance with a legal obligation to which the controller is subject.
- Protection of vital interests (Art. 6(1)(d) GDPR) – processing is necessary in order to protect the vital interests of the data subject or of another natural person.
- Legitimate interests (Art. 6(1)(f) GDPR) – processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data.
- Application procedure as a pre-contractual or contractual relationship (Art. 9(2)(b) GDPR) – Insofar as special categories of personal data within the meaning of Art. 9(1) GDPR (e.g. health data, such as severely disabled status or ethnic origin) are requested from applicants in the context of the application procedure so that the controller or the data subject can exercise the rights arising from labor law and social security and social protection law and fulfill their obligations in this regard, they are processed in accordance with Art. 9(2)(b) GDPR. However, in the case of the protection of vital interests of the applicants or other persons in accordance with Art. 9(2)(c) GDPR or for the purposes of preventive healthcare or occupational medicine, for the assessment of an employee’s fitness, to work, for medical diagnostics, care or treatment in the health or social sector, or for the management of systems and services in the health or social sector, they are processed in accordance with Art. 9(2)(h) GDPR. In the case of communication of special categories of data based on voluntary consent, processing is based on Art. 9(2)(a) GDPR.
We process personal data for the duration required for the relevant purpose(s). In the case of longer-term storage obligations due to legal and other obligations to which we are subject, we restrict processing accordingly.
Relevant Legal Bases
In accordance with Art. 13 GDPR, we are obliged to inform users of the legal basis of our data processing. Unless the legal basis is stated in the privacy policy, the following applies: The legal basis to obtain consent is Art. 6(1)(a) and Art. 7 GDPR. For processing to fulfill our services, to implement contractual measures and to respond to inquiries, the legal basis is Art. 6(1)(b) GDPR, for processing to fulfill our legal obligations, Art. 6(1)(c) GDPR is the legal basis, and for processing to protect our legitimate interests, Art. 6(1)(f) GDPR is the legal basis. In the event that vital interests of the data subject or another natural person make it necessary to process personal data, Art. 6(1)(d) GDPR serves as the legal basis.
Safety Measures
We take appropriate technical and organizational measures to ensure a level of protection appropriate to the risk in accordance with the legal requirements, taking into account state of the art, implementation costs and the nature, scope, circumstances and purposes of the processing, as well as the different probabilities of occurrence, and the extent of the threat to the rights and freedoms of natural persons.
The measures include, in particular, ensuring the confidentiality, integrity and availability of data by controlling physical and electronic access to the data as well as access to, input of, disclosure of, assurance of availability of and segregation of the data. Furthermore, we have established procedures to ensure the exercise of data subjects’ rights, the deletion of data, and responses to compromised data. Furthermore, we already take the protection of personal data into account during the development or selection of hardware, software and processes through technology design and data protection-friendly default settings in accordance with the principle of data protection.
Transfer of Personal Data
In the course of processing personal data, the data may be transferred or disclosed to other entities, companies, legally independent organizational units or individuals. The recipients of this data may include, for example, service providers commissioned with IT tasks or providers of services and content integrated into a website. In such cases, we comply with the legal requirements and, in particular, conclude appropriate contracts or agreements that serve to protect the user’s data vis-à-vis the recipients of such data.
Data Processing in Third Countries
If we process data in a third country (i.e. outside the European Union (EU) or the European Economic Area (EEA)) or in the context of the use of third-party services or the disclosure or transfer of data to other individuals, entities or companies, this will only be done in accordance with the legal requirements.
Subject to express consent or contractually or legally required transfer, we process the data only in third countries with a recognized level of data protection, contractual obligation by so-called standard protection clauses of the EU Commission, in the presence of certifications or binding internal data protection rules (Arts. 44 to 49 GDPR, information page of the EU Commission: https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection).
Privacy Policy for Cookies
This website uses cookies. Cookies are text files that contain data from websites or domains visited and are stored by a browser on the user’s computer. A cookie is primarily used to store information about a user during or after a visit as part of an online offer. Stored information may include, for example, language settings on a website, login status, a shopping cart, or videos watched. The term cookies also includes other technologies that perform the same functions as cookies (e.g. when user information is stored using pseudonymous online identifiers, also known as user IDs)
The cookie types and functions are as follows:
- Temporary cookies (also session cookies): Temporary cookies are deleted at the latest after a user has left an online offer and closed their browser.
- Permanent cookies: Permanent cookies remain stored even after the browser is closed. For example, the login status can be saved or preferred content can be displayed directly when a user visits the website again. Likewise, the interests of users used for reach measurement or marketing purposes may be stored in such a cookie.
- First-party cookies: We use first-party cookies.
- Third-party cookies Third-party cookies are mainly used by advertisers (so-called third parties) to process user information.
- Necessary (also essential or vital) cookies: Cookies may be absolutely necessary for the operation of a website (e.g. to store logins or other user input or for security reasons).
- Statistical, marketing and personalization cookies: Cookies are also generally used in the context of reach measurement and when a user’s interests or behavior (e.g. viewing certain content, using functions, etc.) on individual websites are stored in a user profile. Such profiles are used, for example, to show users content that matches their potential interests. This process is also known as tracking, i.e. following the interests of users. Insofar as we use cookies or tracking technology, we will inform users separately in our privacy policy or when obtaining consent.
Notes on legal bases: The legal basis on which we process the user’s personal data using cookies depends on whether or not we ask for consent. If this applies and the user consents to the use of cookies, the legal basis for the processing of their data is the consent granted. Otherwise, the data processed with the help of cookies is processed on the basis of our legitimate interests (e.g. in the business operation of our online offer and its improvement) or, if the use of cookies is necessary to fulfill our contractual obligations.
Storage period: Unless we provide users with explicit information about the storage period of permanent cookies (e.g. in the context of a cookie opt-in), please assume that this period can last up to two years.
General information on revocation and opting out: Depending on whether the processing is based on consent or legal permission, users have the option to revoke any consent given or to object to the processing of the user’s data by cookie technologies at any time (collectively referred to as opting out). The user may initially object by means of the browser settings, e.g. by deactivating the use of cookies (however, this may also limit the functionality of our online offer). Users may also object to the use of cookies for online marketing purposes by means of a variety of services, in particular in the case of tracking, through the websites: https://optout.aboutads.info and https://www.youronlinechoices.com/. In addition, users can receive further instructions on how to object in the context of the information on the service providers and cookies used.
Processing of cookie data on the basis of consent: We use a cookie consent management procedure, under which the consent of users to the use of cookies, or the processing and providers referred to in the cookie consent management procedure, can be obtained and managed and revoked by users. The declaration of consent is stored so that it does not have to be repeated and the consent can be proven in accordance with the legal obligation. Consent may be stored by servers and/or in a cookie (opt-in cookie, or with the help of comparable technologies), in order to be able to assign the consent to a user or their device. Subject to individual information on the providers of cookie management services, the following information applies: The duration of the storage of consent can last up to two years. A pseudonymous user identifier is created and stored with the time of consent, information on the scope of consent (e.g. which categories of cookies and/or service providers), as well as the browser, system, and end device used.
- Types of data processed: Usage data (e.g. web pages visited, interest in content, access times), meta/communication data (e.g. device information, IP addresses).
- Data subjects: Users (e.g. website visitors, users of online services).
- Legal basis: Consent (Art. 6(1)(a) GDPR); legitimate interests (Art. 6(1)(f) GDPR).
Privacy Policy for SSL/TLS Encryption
This website uses SSL/TLS encryption for security reasons and to protect the transmission of confidential content, such as the inquiries users send to us in our capacity as site operator. Users can recognize an encrypted connection by the fact that the browser address bar changes from “http://” to “https://” and via the lock symbol in the browser toolbar.
If SSL or TLS encryption is activated, the data users transmit to us cannot be read by third parties.
Privacy Policy for Server Log Files
The website automatically collects and stores information in server log files, which the user’s browser automatically transmits to us. These are:
- Browser type and version
- Operating system used
- Referrer URL
- Host name of the accessing computer
- Time of the server request
This data cannot be assigned to specific individuals. This data is not merged with other data sources. We reserve the right to check this data retrospectively if we become aware of specific indications of unlawful use.
Third-Party services
This website may use Google Maps for embedding maps, Google Invisible reCAPTCHA for protection against bots and spam, and YouTube for embedding videos.
These services of the U.S.-based company Google LLC use, inter alia, cookies and, as a result, data is transferred to Google in the USA, although we assume that no personal tracking takes place in this context solely through the use of our website.
Google has committed to ensuring adequate data protection in accordance with the U.S.-European and U.S.-Swiss Privacy Shields.
Further information can be found in Google’s privacy policy.
Privacy Policy for Contact Form
If inquiries are sent via the contact form, the information provided, including the contact data entered, will be stored by us for the purpose of processing the inquiry and in case of follow-up questions. We will not share this data without the user’s consent.
Privacy Policy for Newsletter Data
For users who would like to receive the newsletter offered on this website, we require an email address as well as data that allows us to verify that the subscriber is the true owner of the email address provided and genuinely wishes to receive the newsletter. No other data is collected. We use this data exclusively for sending the requested information and do not pass it on to third parties.
Users can revoke their consent to the storage of the data, the email address and receipt of the newsletter at any time, for example via the «unsubscribe link» in the newsletter.
Services Incurring Costs
For the provision of services incurring costs, we will ask for additional data such as payment details in order to be able to fulfill orders. We store this data in our systems until the statutory retention periods have expired.
Google Ads
This website uses Google conversion tracking. If a user accesses our website via an ad placed by Google, Google Ads will add a cookie on the user’s computer. The conversion-tracking cookie is added when a user clicks on an ad placed by Google. These cookies lose their validity after 30 days and are not used for personal identification. If the user visits certain pages of our website and the cookie has not yet expired, we, together with Google, detect that the user clicked on the ad and was redirected to this page. Each Google Ads customer receives a different cookie. Cookies cannot be tracked across Google Ads customers’ websites. The information collected using the conversion cookie is used to create conversion statistics for Ads customers who have opted in to conversion tracking. Customers learn the total number of users who clicked on their ad and were redirected to a page tagged with a conversion tracking tag. However, they do not receive any information that could personally identify users.
If a user does not wish to participate, the adding of a cookie required for this can be refused, e.g. by means of a browser setting that generally deactivates the automatic adding of cookies or by setting the browser so that cookies from the domain “googleleadservices.com” are blocked.
Please note that users should not delete the opt-out cookies if they do not want any measurement data to be recorded. If all the cookies in the browser have been deleted, the relevant opt-out cookie should be added again.
Use of Google Remarketing
This website uses Google Inc’s Remarketing function, which is used to present online advertisements to visitors within the Google advertising network. A cookie is stored in the visitor’s browser, which means the visitor can be recognized when visiting websites that belong to Google’s advertising network. On these pages, the visitor may be presented with advertisements that relate to content that the visitor has previously accessed on websites that use Google’s Remarketing function.
According to its own information, Google does not collect any personal data during this process. If a user does not wish to use Google’s Remarketing function, this can in principle be deactivated by adjusting the settings at http://www.google.com/settings/ads. Alternatively, users may deactivate the use of cookies for online advertising via the ad network by following the instructions at http://www.networkadvertising.org/managing/opt_out.asp .
Use of Google reCAPTCHA
We use «Google reCAPTCHA» (hereinafter «reCAPTCHA») on our websites. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, hereinafter «Google». The purpose of reCAPTCHA is to verify whether data is entered on our websites (e.g. in a contact form) by a human or by an automated program. For this purpose, reCAPTCHA analyzes the behavior of the visitor based on various characteristics. This analysis starts automatically as soon as a user visits the website. For analysis, reCAPTCHA evaluates various information (e.g. IP address, time spent by the visitor on the website, or via mouse movements made by the user). The data collected during the analysis is forwarded to Google. The reCAPTCHA analyses run completely in the background. Visitors are not made aware that such analysis is taking place.
The legal basis for data processing is Art. 6(1)(f) GDPR. The website operator has a legitimate interest in protecting its web offerings from abusive automated spying and from spam. For more information about Google’s reCAPTCHA and privacy policy, please see the following links: https://www.google.com/intl/policies/privacy/ and https://policies.google.com/terms
Privacy Policy for Google Analytics
This website uses Google Analytics, a web analytics service provided by Google Ireland Limited. If the data controller on this website is located outside the European Economic Area or Switzerland, Google Analytics data processing is carried out by Google LLC. Google LLC and Google Ireland Limited are hereinafter referred to as «Google».
The statistics obtained enable us to improve our offer and make it more attractive for our users. This website also uses Google Analytics for cross-device analysis of visitor flows, which is performed via a user ID. If a user has a Google user account, the cross-device analysis of the usage in the settings may be deactivated under «personal data» in «My Data».
The legal basis for the use of Google Analytics is Art. 6(1)(f) GDPR. The IP address transmitted by the browser as part of Google Analytics is not merged with other data from Google. We would like to point out that on this website Google Analytics has been extended by the «_anonymizeIp();» code to ensure anonymized collection of IP addresses. This means that IP addresses are processed in an abbreviated form, which means that they cannot be traced back to a specific individual. Insofar as the data collected regarding users is of a personal nature, this is immediately excluded and the personal data immediately deleted.
Only in exceptional cases is the full IP address transmitted to a Google server in the USA and abbreviated there. On behalf of this website operator, Google will use this information for the purpose of evaluating users’ use of the website, compiling reports on website activity and providing other services relating to website activity and Internet usage to the website operator.
Google Analytics uses cookies. The information generated by the cookie about the user’s use of this website is usually transmitted to a Google server in the USA and stored there. Users may refuse the use of cookies by selecting the appropriate settings on their browser, however they should be aware that in this case the full functionality of this website may not be available. Users may also prevent the collection of data generated by the cookie and related to the use of the website (including their IP address) to Google and the processing of this data by Google by downloading and installing the browser plugin available at the following link: Deactivate Google Analytics.
Furthermore, users can also prevent the use of Google Analytics by clicking on this link: Deactivate Google Analytics. This saves an opt-out cookie on the user’s data carrier, which prevents the processing of personal data by Google Analytics. Users should note that if all cookies on a terminal device are deleted, these opt-out cookies will also be deleted, i.e. the opt-out cookies should be added again if this form of data collection is to be prevented in future. The opt-out cookies are added to each browser and computer/end device and must therefore be activated separately for each browser, computer or other end device.
Privacy Policy for the Use of Google Web Fonts
This website uses web fonts provided by Google for the uniform display of fonts. When users click on a page, the user’s browser loads the required web fonts into its browser cache in order to display texts and fonts correctly. If the user’s browser does not support web fonts, a default font is used by the user’s computer.
For more information on Google Web Fonts, please visit https://developers.google.com/fonts/faq and see Google’s privacy policy: https://www.google.com/policies/privacy/
Google Tag Manager
Google Tag Manager is a solution that allows us to manage website tags via an interface and integrate Google Analytics and other Google marketing services into our online offer, for example. The Tag Manager itself which implements the tags does not process any of the user’s personal data. With regard to the processing of users’ personal data, reference is made to the following information on Google services. User guidelines: https://www.google.com/intl/de/tagmanager/use-policy.html.
Privacy Policy for the Use of Hotjar
This website uses the services of Hotjar to improve the user experience. Hotjar Ltd is a European company based in Malta (Hotjar Ltd, Level 2, St Julians Business Centre, 3, Elia Zammit Street, St Julians STJ 1000, Malta, Europe). Mouse clicks as well as mouse and scroll movements may be recorded. Likewise, keystrokes performed on this website can be recorded. Personalized information is not included in this process. Hotjar uses a tracking code to collect and transmit users’ data. Upon any visit to our website, the Hotjar tracking code automatically collects data based on the user’s activity and stores it on Hotjar servers (in Ireland). In addition, the cookies placed on the user’s computer or device by the website also collect data. For more information on how Hotjar works, users can visit this page: https://www.hotjar.com/privacy.
If users wish to object to the collection of data by Hotjar (opt-out) they should click here: https://www.hotjar.com/opt-out.
Privacy Policy for LinkedIn
We use the marketing services of the social media company LinkedIn, LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland («LinkedIn») within the context of our online offer.
These use cookies, which are text files that are stored on the user’s computer. This allows us to analyze the user’s use of the website. For example, we can measure the success of our ads and show users products they were previously interested in.
For example, this includes information about the operating system, the browser, the website the user previously visited (referrer URL), the offers the user clicked on, and the date and time of the user’s visit to our website.
The information generated by the cookie about the user’s use of this website is transferred pseudonymously to a LinkedIn server in the USA and stored there. Accordingly, LinkedIn does not store the name or email address of each user. Rather, the above data is only assigned to the individual for whom the cookie was generated. This does not apply if the user has allowed LinkedIn to process data without pseudonymization or has their own LinkedIn account.
Users may refuse the use of cookies by selecting the appropriate settings on their browser; however, they should be aware that in this case the full functionality of this website may not be available. Users may also object to the use of their data directly via LinkedIn: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.
We use LinkedIn Analytics to analyze and improve the use of our website from time to time. The statistics obtained enable us to improve our offer and make it more attractive for our users. All LinkedIn companies have adopted the standard contractual clauses to ensure that the traffic to the U.S. and Singapore necessary for the development, operation, and maintenance of the Services occurs in a lawful manner. If we ask users for consent, the legal basis for the processing is Art. 6(1)(a) GDPR. Otherwise, the legal basis for the use of LinkedIn Analytics is Art. 6(1)(f) GDPR.
Information of the third-party provider: LinkedIn Ireland Unlimited Company Wilton Place, Dublin 2 Ireland; User Agreement and Privacy Policy.
External Payment Service Providers
This website uses external payment service providers through whose platforms users and we can make payment transactions. For example via:
- PostFinance (https://www.postfinance.ch/en/detail/legal-information-and-accessibility.html)
- Visa (https://usa.visa.com/legal/privacy-policy.html)
- Mastercard (https://www.mastercard.ch/de-ch/datenschutz.html)
- American Express (https://www.americanexpress.com/de/legal/online-datenschutzerklarung.html)
- Paypal (https://www.paypal.com/us/webapps/mpp/ua/privacy-full)
- Bexio AG (https://www.bexio.com/de-CH/datenschutz)
- Payrexx AG (https://www.payrexx.ch/site/assets/files/2592/datenschutzerklaerung.pdf)
- Apple Pay (https://support.apple.com/en-us/HT203027)
- Stripe (https://stripe.com/ch/privacy)
- Klarna (https://www.klarna.com/en-ch/privacy/)
- Skrill (https://www.skrill.com/en/footer/privacypolicy/)
- Giropay (https://www.giropay.de/rechtliches/datenschutzerklaerung) etc.
In the context of the performance of contracts, we use the payment service providers on the basis of the Swiss Data Protection Ordinance and, where necessary, Art. 6(1)(b) EU GDPR. In addition, we use external payment service providers on the basis of our legitimate interests pursuant to the Swiss Data Protection Ordinance and where necessary pursuant to Art. 6(1)(f) EU GDPR in order to offer our users effective and secure payment options.
The data processed by the payment service providers includes inventory data, such as the name and address, bank data, such as account numbers or credit card numbers, passwords, TANs and checksums, among others, as well as the contract, totals and recipient-related information. The information is necessary to carry out the transactions. However, the data entered is only processed by the payment service providers and stored with them. As the operator, we do not receive any information about (bank) account or credit card, merely information to confirm (accept) or reject the payment. Under certain circumstances, the data may be transmitted by the payment service providers to credit agencies. The purpose of this transmission is to check identity and creditworthiness. In this regard, we refer to the terms and conditions and data protection information of the payment service providers.
The terms and conditions and data protection information of the relevant payment service providers apply to the payment transactions, which can be accessed within the relevant website or transaction applications. We also refer to these for further information and assertion of revocation, information and other data subject rights.
Privacy Policy for YouTube
«YouTube» service functions are integrated into this website. «YouTube» is owned by Google Ireland Limited, a company incorporated and operated under the laws of Ireland, with its registered office at Gordon House, Barrow Street, Dublin 4, Ireland, which operates the Services in the European Economic Area and Switzerland.
Users’ legal agreement with «YouTube» consists of the terms and conditions which can be found at the following link: https://www.youtube.com/static?gl=de&template=terms&hl=de. These terms and conditions constitute a legally binding agreement between users and «YouTube» regarding the use of the services. Google’s privacy policy explains how «YouTube» treats and protects users’ personal data when they use the service.
General Disclaimer
All information on our website has been carefully checked. We make every effort to ensure that the information we provide is up-to-date, accurate and complete. Nevertheless, the occurrence of errors cannot be completely ruled out, which means that we cannot guarantee the completeness, accuracy and timeliness of information, including journalistic and editorial information. Liability claims regarding damage caused by the use of any information provided, including incomplete or incorrect data, will therefore be rejected.
The publisher may amend or delete texts at their own discretion and without notice and is not obliged to update any contents of this website. Use of or access to this website is at the visitor’s own risk. The publisher, its principals or partners are not responsible for any damage, including direct, indirect, incidental, consequential or special damage, alleged to have been caused by a visit to this website and consequently assume no liability for such damage.
The publisher also assumes no responsibility or liability for the content and availability of third-party websites that can be accessed via external links from this website. The operators of the linked pages are solely responsible for their content. The publisher expressly dissociates itself from all third-party content that may infringe under criminal or liability law or that may offend common decency.
Changes
We may amend this privacy policy at any time without notice. The current version published on our website applies. To the extent that the privacy policy is part of an agreement with the user, if we update it, we will notify the user of the amendment by email or other appropriate means.
Questions for the Data Protection Officer
Should users have any questions about data protection, they can email us or directly contact the individual responsible for data protection in our organization named at the beginning of the privacy policy.
Source: SwissAnwalt