Data Privacy Statement
1. Scope of Data Privacy Statement
This Data Privacy Statement sets out the steps we have taken to meet the data privacy requirements as stipulated by Swiss and EU law and other applicable provisions on the collection, storage, use and transfer (“processing”) of personal data.
This Statement describes how we process the personal data that we received from you via a website or application. This Statement applies exclusively to personal data collected by Derap AG, e.g. via websites, email or other online tools and applications.
The Swiss Federal Act on Data Protection (FADP) and, supplementary to it, if applicable, the relevant provisions of the European General Data Protection Regulation (GDPR) apply.
2. Processing of personal data; type, purpose and use
When you visit our website www.derap-ag.ch, information is temporarily stored on our servers in log files. This is information that the browser on your device sends automatically, notably:
• IP address
• date and time of the request
• time zone difference to Greenwich Mean Time (GMT)
• content requested (specific page)
• access status / HTTP status code
• the quantity of data transferred
• the web page from which the request was sent
• operating system and its interface
• language and version of the browser software
We process this data for the following purposes
Personal data consists of all the information that relates to an identified or identifiable person. The data subject is a person about whom personal data is processed. Processing includes any operation on personal data, regardless of the means or processes used, in particular the storage, disclosure, procurement, deletion, saving, modification, destruction and use of personal data.
We process the personal data that we require in order to provide our products and services in an effective, user-friendly, sustainable, secure and reliable way.
As a matter of principle, we process personal data only once the data subject has given their consent, unless it is permissible for other reasons, e.g. to fulfil a contract with the data subject and for the respective precontractual measures in order to protect our preponderant justified interests because the processing is evident in the circumstances, or on the basis of preceding information. Within this scope, we process, in particular, information that the data subject transmits themselves when making contact – for example via letter, e-mail, contact form, telephone or social media – and may store these details in a customer relationship management system (CRM), in online shop software or similar.
We only process personal data for the duration required for the respective purpose or the respective purposes. If we are subject to legal and other obligations requiring us to store data for an extended period, we restrict processing accordingly.
We may outsource the processing of personal data to a third party, domestically or abroad. The provider of this service processes the personal data on our behalf. We make sure that these service providers guarantee adequate data privacy.
We are present on various social media and other online platforms to communicate with existing and prospective customers and to inform them about our products. The General Terms and Conditions (GTC), data privacy policies and other provisions of the respective platform operators apply.
Legal basis for processing personal data
We process personal data in accordance with the Swiss Federal Act on Data Protection (FADP) and other applicable data privacy laws (e.g. GDPR).
3. Processing of personal data
Derap AG collects and processes the personal data of
- users of our websites, whether they are registered with Derap AG or not;
- contact persons and employees of suppliers, dealers, sales agents and vendors of Derap AG products and product parts;
- existing or prospective customers, buyers and recipients/beneficiaries of Derap AG products and services or their contact persons and employees;
- contact persons and employees of business partners and associated companies and other commercial and economic partners;
- subscribers of Derap AG newsletters;
- participants in market research and opinion polls conducted by Derap AG;
- participants in the courses, seminars and other events offered by Derap AG;
- users of the wifi service offered at business premises and other locations;
(subsequently collectively referred to as Business Partners).
As a rule, Business Partners’ personal data is collected directly from the data subjects when they use the website, request or use products or services, submit reviews and reports, take part in market or other surveys or Derap AG events or enter into direct communication with Derap AG via e-mail, telephone or other means.
It can, however, also be collected indirectly, namely when transactions in favour of a Business Partner or a delivery to this partner by another Business Partner are effected on the recommendation of a third party (e.g. recommendation by the Business Partner’s contacts) or by obtaining or purchasing supplementary details from third-party data sources (e.g. social media, address brokers).
Derap AG processes the following categories of personal data specifically:
Personal data and contact details: This includes particularly, but not conclusively, first and last name, home address, place of residence, telephone number, e-mail address, age, date of birth, gender, marital status, family members, details of any secondary contacts, photo, details of job function, details of prior business correspondence with these persons, details of business transactions, requests, offers, products and services, terms and contracts, details of the person’s professional or other interests;
Data relating to deliveries and sales as well as orders and purchases: this includes particularly, but not conclusively, payment methods, credit card details and other payment details, invoice and delivery address, products and services delivered and sold or ordered and purchased;
Data relating to the marketing of products and services: this includes particularly, but not conclusively, details about marketing activities such as newsletter subscriptions, newsletter opt-ins and opt-outs, documents received, invitations and attendance at events and special activities, personal preferences and interests, etc.;
Data relating to website use: this includes particularly, but not conclusively, the IP address and other identifiers (e.g. social media user name, MAC address of smartphone or computer, cookies, web beacons, pixel tags, log files, local shared objects (Flash cookies) or other technologies that collect personal details in an automated way), date and time of website visit or use, pages and content viewed, referring websites, etc.;
Data relating to communication: this includes particularly, but not conclusively, the preferred communication channel, correspondence, correspondence language and communication with Derap AG (including communication logs), etc.
4. Data transfer to third parties (including shared responsibilities and outsourced data processing)
Your data will be transferred to our partners (third parties) as necessary for order processing. If we transfer your data to an external service provider, technical and organizational measures are taken to ensure that the transfer is conducted in accordance with the legal data privacy provisions. If you provide us with personal or business-related data at your own initiative, we will not use, process or transfer it beyond the limitations set out in the law or in a declaration of consent. Furthermore, we will only transfer your data to external service providers if it is necessary for contract execution and if they agree to the relevant provisions of confidentiality and due care. Apart from this, we will only transfer your data if we are legally obliged to do so by an official or judicial order.
One of these uses of cookies is to help us to log frequency of use, the number of users and their behaviours on our website so that we make our website safer to use and the content more user-friendly. These cookies are automatically deleted when you leave the website.
In addition to this, we also use temporary cookies to optimize user-friendliness. These are stored on your device for a fixed duration. When you visit our website again to make use of our services, it automatically recognizes that you have visited before and remembers the information and settings you entered at the time, so that you do not have to enter them again.
You can configure your browser settings so that no cookies are stored on your computer. If you fully deactivate cookies, you may not be able to use the full functionality of our website.
6. Analysis tools
7. Social media plug-in
We use the social media plug-ins listed below on our website to raise the company’s profile. The underlying marketing purpose is regarded as a legitimate interest as set out in Art. 6 para. 1 page 1 (f) GDPR. The respective provider is responsible for ensuring data privacy. When you use these plug-ins, the resulting data processing is done with your consent.
If you use the services of these social networks independently or in connection with our website, the social media networks evaluate your use of the plug-in. In this case, the information is passed to the social networks via the plug-in.
Our website uses Google Maps services (e.g. in-screen or via interfaces / API). Google LLC, USA therefore may process information about your current location. Google uses various technologies to determine location, e.g. IP addresses, GPS and other sensors that may provide Google with information about nearby devices, WLAN access points or cell towers, for example. The purpose and scope of the collection, further processing and use of the data by Google as well as your rights in relation to it and your optional settings for the protection of your privacy can be found in the Google privacy statement at policies.google.com/privacy?hl=en&gl=de.
8. Information, deletion, correction
You can demand to be informed about the data we store about you at any time. To do this, please email a request for information to the address below. Proof of identity must also be sent to this address with the request.
We delete stored data when we no longer require it for the indicated purpose.
With regard to the deletion of data, please note that we are subject to certain legal duties which oblige us to retain specific data for a certain period. We must comply with these duties. If you request us to delete data that is subject to the retention obligation, we will block the data on our system and use it only to meet the legal retention obligation. Once the retention period has expired, we will comply with your request to delete the data.
9. Right of objection
If your personal data is being processed on the basis of justified interests, you have the right to object to the processing of your personal data provided that there are reasons arising from your special circumstances or because you object to direct marketing. In the latter case, you have a general right to object which we will comply with even if no special circumstances apply.
We will store your data securely and therefore take all reasonable measures to protect your data from loss, access, misuse or changes. Our employees and contract partners who have access to your data are contractually obligated to maintain confidentiality and to observe the data privacy provisions. In many instances, it will be necessary for us to pass on your requests to associated businesses. In these cases too, your data will be handled confidentially. Storage duration
11. Contact details
This Data Privacy Statement applies to data processing by:
The Federal Data Protection and Information Commissioner (FDPIC)
12. Validity and changes to this Data Privacy Statement
Any changes to this Data Privacy Statement will be published on this page. In this way, you can find out at any time about the data we store, and how we collect it and use it. You can save and/or print the Data Privacy Statement here. The latest Data Privacy Statement can be found at www.derap-ag.ch.
Heimberg, 30. September 2019