Pri­va­cy policy

With this pri­va­cy pol­i­cy we inform you about the pro­cess­ing of per­son­al data in con­nec­tion with our Activ­i­ties and oper­a­tions includ­ing our lacrisalide.ch-Web­site. In par­tic­u­lar, we pro­vide infor­ma­tion on why, how and where we process which per­son­al data. We also pro­vide infor­ma­tion about the rights of per­sons whose data we process.

Fur­ther data pro­tec­tion dec­la­ra­tions or oth­er infor­ma­tion on data pro­tec­tion may apply to indi­vid­ual or addi­tion­al activ­i­ties and operations.

We are sub­ject to Swiss data pro­tec­tion law as well as any applic­a­ble for­eign data pro­tec­tion law, in par­tic­u­lar that of the Euro­pean Union (EU) with the Euro­pean Gen­er­al Data Pro­tec­tion Reg­u­la­tion (GDPR).

The Euro­pean Com­mis­sion rec­og­nized with Deci­sion of July 26, 2000that Swiss data pro­tec­tion law guar­an­tees ade­quate data pro­tec­tion. With Report from Jan­u­ary 15, 2024 the Euro­pean Com­mis­sion con­firmed this ade­qua­cy decision.

1. con­tact addresses

Respon­si­bil­i­ty for the pro­cess­ing of per­son­al data:

Wolf­gang Küng
Via Bernar­do Pey­er 7
6866 Meride
Switzerland

info@lacrisalide.ch

In indi­vid­ual cas­es, third par­ties may be respon­si­ble for the pro­cess­ing of per­son­al data or there may be joint respon­si­bil­i­ty with third parties.

2. terms and legal bases

2.1 Terms

Per­son con­cerned: Nat­ur­al per­son about whom we process per­son­al data.

Per­son­al data: All Infor­ma­tion relat­ing to an iden­ti­fied or iden­ti­fi­able nat­ur­al person.

Par­tic­u­lar­ly sen­si­tive per­son­al data: Data con­cern­ing trade union, polit­i­cal, reli­gious or philo­soph­i­cal opin­ions and activ­i­ties, data con­cern­ing health, pri­va­cy or racial or eth­nic ori­gin, genet­ic data, bio­met­ric data unique­ly iden­ti­fy­ing a nat­ur­al per­son, data con­cern­ing crim­i­nal or admin­is­tra­tive sanc­tions or pros­e­cu­tions, and data con­cern­ing social assis­tance measures.

Edit: Every Han­dling of per­son­al data, inde­pen­dent the means and pro­ce­dures used, such as the retrieval, com­par­i­son, adap­ta­tion, archiv­ing, stor­age, read­ing, dis­clo­sure, pro­cure­ment, col­lec­tion, record­ing, era­sure, dis­clo­sure, struc­tur­ing, orga­ni­za­tion, stor­age, mod­i­fi­ca­tion, dis­sem­i­na­tion, link­ing, destruc­tion and use of per­son­al data.

Euro­pean Eco­nom­ic Area (EEA): Mem­ber States of the Euro­pean Union (EU) as well as the Prin­ci­pal­i­ty of Liecht­en­stein, Ice­land and Norway.

2.2 Legal basis

We process per­son­al data in accor­dance with Swiss data pro­tec­tion law, in par­tic­u­lar the Fed­er­al Act on Data Pro­tec­tion (Data Pro­tec­tion Act, DSG) and the Ordi­nance on data pro­tec­tion (Data Pro­tec­tion Reg­u­la­tion, DSV).

We process — if and inso­far as the Euro­pean Gen­er­al Data Pro­tec­tion Reg­u­la­tion (GDPR) is applic­a­ble — per­son­al data or per­son­al data in accor­dance with at least one of the fol­low­ing legal bases:

  • Art. 6 para. 1 lit. b GDPR for the nec­es­sary pro­cess­ing of per­son­al data for the per­for­mance of a con­tract with the data sub­ject and for the imple­men­ta­tion of pre-con­trac­tu­al measures.
  • Art. 6 para. 1 lit. f GDPR for the nec­es­sary pro­cess­ing of per­son­al data in order to pro­tect legit­i­mate inter­ests — includ­ing the legit­i­mate inter­ests of third par­ties — except where such inter­ests are over­rid­den by the fun­da­men­tal free­doms and rights and inter­ests of the data sub­ject. Such inter­ests are, in par­tic­u­lar, the per­ma­nent, humane, secure and reli­able per­for­mance of our activ­i­ties and oper­a­tions, the guar­an­tee of infor­ma­tion secu­ri­ty, pro­tec­tion against mis­use, the enforce­ment of our own legal claims and com­pli­ance with Swiss law.
  • Art. 6 para. 1 lit. c GDPR for the pro­cess­ing of per­son­al data nec­es­sary for com­pli­ance with a legal oblig­a­tion to which we are sub­ject under any applic­a­ble law of Mem­ber States of the Euro­pean Eco­nom­ic Area (EEA).
  • Art. 6 para. 1 lit. e GDPR for the pro­cess­ing of per­son­al data nec­es­sary for the per­for­mance of a task car­ried out in the pub­lic interest.
  • Art. 6 para. 1 lit. a GDPR for the pro­cess­ing of per­son­al data with the con­sent of the data subject.
  • Art. 6 para. 1 lit. d GDPR for the nec­es­sary pro­cess­ing of per­son­al data in order to pro­tect the vital inter­ests of the data sub­ject or of anoth­er nat­ur­al person.
  • Art. 9 para. 2 ff. GDPR for the pro­cess­ing of spe­cial cat­e­gories of per­son­al data, in par­tic­u­lar with the con­sent of the data subjects.

The Euro­pean Gen­er­al Data Pro­tec­tion Reg­u­la­tion (GDPR) refers to the pro­cess­ing of per­son­al data as the pro­cess­ing of per­son­al data and the pro­cess­ing of par­tic­u­lar­ly sen­si­tive per­son­al data as the pro­cess­ing of spe­cial cat­e­gories of per­son­al data (Art. 9 GDPR).

3. nature, scope and pur­pose of the pro­cess­ing of per­son­al data

We process the per­son­al data that required in order to car­ry out our activ­i­ties and oper­a­tions in a sus­tain­able, peo­ple-friend­ly, secure and reli­able man­ner. The per­son­al data processed may fall into the cat­e­gories of brows­er and device data, con­tent data, com­mu­ni­ca­tion data, meta­da­ta, usage data, mas­ter data includ­ing inven­to­ry and con­tact data, loca­tion data, trans­ac­tion data, con­tract data and pay­ment data.

We also process per­son­al data that we receive from third par­ties, obtain from pub­licly acces­si­ble sources or col­lect in the course of our activ­i­ties and oper­a­tions, inso­far as such pro­cess­ing is per­mit­ted for legal reasons.

Where nec­es­sary, we process per­son­al data with the con­sent of the data sub­jects. In many cas­es, we may process per­son­al data with­out con­sent, for exam­ple to ful­fill legal oblig­a­tions or to pro­tect over­rid­ing inter­ests. We may also ask data sub­jects for their con­sent if their con­sent is not required.

We process per­son­al data for Dura­tionrequired for the respec­tive pur­pose. We anonymize or delete per­son­al data in par­tic­u­lar depend­ing on statu­to­ry reten­tion and lim­i­ta­tion periods.

4. dis­clo­sure of per­son­al data

We may process per­son­al data dis­close to third par­tiesby third par­ties or joint­ly with third par­ties. Such third par­ties are, in par­tic­u­lar, spe­cial­ized providers whose ser­vices we use.

For exam­ple, we may dis­close per­son­al data to banks and oth­er finan­cial ser­vice providers, pub­lic author­i­ties, edu­ca­tion­al and research insti­tu­tions, con­sul­tants and lawyers, inter­est groups, IT ser­vice providers, coop­er­a­tion part­ners, cred­it and busi­ness infor­ma­tion agen­cies, logis­tics and ship­ping com­pa­nies, mar­ket­ing and adver­tis­ing agen­cies, media, orga­ni­za­tions and asso­ci­a­tions, social insti­tu­tions, telecom­mu­ni­ca­tions com­pa­nies and insur­ance companies.

5. com­mu­ni­ca­tion

We process per­son­al data in order to be able to com­mu­ni­cate with third par­ties. In this con­text, we process in par­tic­u­lar data that a data sub­ject trans­mits when mak­ing con­tact, for exam­ple by post or e‑mail. We may store such data in an address book or with com­pa­ra­ble tools.

Third par­ties who trans­mit data about oth­er per­sons are oblig­ed to guar­an­tee data pro­tec­tion for such data sub­jects. Among oth­er things, the accu­ra­cy of the per­son­al data trans­mit­ted must be ensured.

6. data security

We take appro­pri­ate tech­ni­cal and orga­ni­za­tion­al mea­sures to ensure data secu­ri­ty appro­pri­ate to the respec­tive risk. With our mea­sures, we guar­an­tee in par­tic­u­lar the con­fi­den­tial­i­ty, avail­abil­i­ty, trace­abil­i­ty and integri­ty of the processed per­son­al data, with­out being able to guar­an­tee absolute data security.

Access to our web­site and our oth­er online pres­ence takes place using trans­port encryp­tion (SSL / TLSespe­cial­ly with the Hyper­text Trans­fer Pro­to­col Secure, abbre­vi­at­ed to HTTPS). Most browsers warn against vis­it­ing web­sites with­out trans­port encryption.

Our dig­i­tal com­mu­ni­ca­tion is — like in prin­ci­ple any dig­i­tal com­mu­ni­ca­tion — to mass sur­veil­lance with­out cause or sus­pi­cion by secu­ri­ty author­i­ties in Switzer­land, the rest of Europe, the Unit­ed States of Amer­i­ca (USA) and oth­er coun­tries. We can­not direct­ly influ­ence the cor­re­spond­ing pro­cess­ing of per­son­al data by secret ser­vices, police forces and oth­er secu­ri­ty author­i­ties. Nor can we rule out the pos­si­bil­i­ty that a data sub­ject may be sub­ject to tar­get­ed surveillance.

7. per­son­al data abroad

We process per­son­al data in prin­ci­ple in Switzer­land and the Euro­pean Eco­nom­ic Area (EEA). How­ev­er, we may also export or trans­fer per­son­al data to oth­er coun­tries, in par­tic­u­lar in order to process it or have it processed there.

We can trans­fer per­son­al data to all States and ter­ri­to­ries on earth export, pro­vid­ed that the local law accord­ing to Deci­sion of the Swiss Fed­er­al Coun­cil and — if and inso­far as the Gen­er­al Data Pro­tec­tion Reg­u­la­tion (GDPR) is applic­a­ble — also in accor­dance with Deci­sion of the Euro­pean Com­mis­sion ensures ade­quate data protection.

We may trans­fer per­son­al data to coun­tries whose laws do not guar­an­tee ade­quate data pro­tec­tion, pro­vid­ed that data pro­tec­tion is guar­an­teed for oth­er rea­sons, in par­tic­u­lar on the basis of stan­dard data pro­tec­tion claus­es or with oth­er suit­able guar­an­tees. Excep­tion­al­ly, we may export per­son­al data to coun­tries with­out ade­quate or appro­pri­ate data pro­tec­tion if the spe­cial require­ments under data pro­tec­tion law are met, for exam­ple the express con­sent of the data sub­jects or a direct con­nec­tion with the con­clu­sion or exe­cu­tion of a con­tract. Upon request, we will be hap­py to pro­vide data sub­jects with infor­ma­tion about any guar­an­tees or pro­vide a copy of any guarantees.

8. rights of data subjects

8.1 Data pro­tec­tion claims

We grant data sub­jects all rights in accor­dance with the applic­a­ble data pro­tec­tion law. Data sub­jects have the fol­low­ing rights in particular:

  • Infor­ma­tion: Data sub­jects can request infor­ma­tion as to whether we process per­son­al data about them and, if so, what per­son­al data is involved. Data sub­jects also receive the infor­ma­tion required to assert their data pro­tec­tion claims and ensure trans­paren­cy. This includes the processed per­son­al data as such, but also infor­ma­tion on the pur­pose of pro­cess­ing, the dura­tion of stor­age, any dis­clo­sure or export of data to oth­er coun­tries and the ori­gin of the per­son­al data.
  • Cor­rec­tion and restric­tion: Data sub­jects can have incor­rect per­son­al data cor­rect­ed, incom­plete data com­plet­ed and the pro­cess­ing of their data restricted.
  • Dele­tion and objec­tion: Data sub­jects can have their per­son­al data delet­ed (“right to be for­got­ten”) and object to the pro­cess­ing of their data with effect for the future.
  • Data out­put and data trans­mis­sion: Data sub­jects may request the dis­clo­sure of per­son­al data or the trans­fer of their data to anoth­er controller.

We may defer, restrict or refuse the exer­cise of the rights of data sub­jects to the extent per­mit­ted by law. We may inform data sub­jects of any require­ments that must be met in order to exer­cise their rights under data pro­tec­tion law. For exam­ple, we may refuse to pro­vide infor­ma­tion in whole or in part with ref­er­ence to con­fi­den­tial­i­ty oblig­a­tions or the pro­tec­tion of oth­er per­sons. For exam­ple, we may also refuse to delete per­son­al data in whole or in part with ref­er­ence to statu­to­ry reten­tion obligations.

We may be respon­si­ble for exer­cis­ing the rights excep­tion­al­ly Pro­vide for costs. We will inform affect­ed per­sons of any costs in advance.

We are oblig­ed to take appro­pri­ate mea­sures to iden­ti­fy data sub­jects who request infor­ma­tion or assert oth­er rights. Data sub­jects are oblig­ed to cooperate.

8.2 Legal protection

Data sub­jects have the right to enforce their data pro­tec­tion claims by tak­ing legal action or to lodge a com­plaint with a data pro­tec­tion super­vi­so­ry authority.

The data pro­tec­tion super­vi­so­ry author­i­ty for pri­vate con­trollers and fed­er­al bod­ies in Switzer­land is the Fed­er­al Data Pro­tec­tion and Infor­ma­tion Com­mis­sion­er (FDPIC).

Euro­pean data pro­tec­tion super­vi­so­ry author­i­ties are Mem­bers of the Euro­pean Data Pro­tec­tion Board (EDPB) is orga­nized. In some mem­ber states in the Euro­pean Eco­nom­ic Area (EEA), the data pro­tec­tion super­vi­so­ry author­i­ties are struc­tured fed­er­al­ly, espe­cial­ly in Ger­many.

9. use of the website

9.1 Cook­ies

We may use cook­ies. Cook­ies — our own cook­ies (first-par­ty cook­ies) as well as cook­ies from third par­ties whose ser­vices we use (third-par­ty cook­ies) — are data that are stored in the brows­er. Such stored data need not be lim­it­ed to tra­di­tion­al cook­ies in text form.

Cook­ies can be stored in the brows­er tem­porar­i­ly as “ses­sion cook­ies” or for a cer­tain peri­od of time as so-called per­ma­nent cook­ies. “Ses­sion cook­ies” are auto­mat­i­cal­ly delet­ed when the brows­er is closed. Per­ma­nent cook­ies have a spe­cif­ic stor­age peri­od. In par­tic­u­lar, cook­ies make it pos­si­ble to rec­og­nize a brows­er the next time it vis­its our web­site and thus, for exam­ple, to mea­sure the reach of our web­site. Per­ma­nent cook­ies can also be used for online mar­ket­ing, for example.

Cook­ies can be com­plete­ly or par­tial­ly deac­ti­vat­ed and delet­ed at any time in the brows­er set­tings. With­out cook­ies, our web­site may no longer be ful­ly avail­able. We active­ly request your express con­sent to the use of cook­ies — at least if and to the extent necessary.

9.2 Log­ging

We may log at least the fol­low­ing infor­ma­tion for each access to our web­site and our oth­er online pres­ence, inso­far as this infor­ma­tion is trans­mit­ted to our dig­i­tal infra­struc­ture dur­ing such access­es: Date and time includ­ing time zone, IP address, access sta­tus (HTTP sta­tus code), oper­at­ing sys­tem includ­ing user inter­face and ver­sion, brows­er includ­ing lan­guage and ver­sion, indi­vid­ual sub-pages of our web­site accessed includ­ing amount of data trans­ferred, last web­site accessed in the same brows­er win­dow (refer­rer).

We record such infor­ma­tion, which may also con­sti­tute per­son­al data, in log files. The infor­ma­tion is required to pro­vide our online pres­ence in a per­ma­nent, user-friend­ly and reli­able man­ner. The infor­ma­tion is also required to ensure data secu­ri­ty — also by third par­ties or with the help of third parties.

9.3 Track­ing pixels

We can inte­grate track­ing pix­els into our online pres­ence. Track­ing pix­els are also known as web bea­cons. Track­ing pix­els — includ­ing those from third par­ties whose ser­vices we use — are usu­al­ly small, invis­i­ble images or scripts writ­ten in JavaScript that are auto­mat­i­cal­ly retrieved when our online pres­ence is accessed. Track­ing pix­els can be used to col­lect at least the same infor­ma­tion as log files.

10. ser­vices of third parties

We use ser­vices from spe­cial­ized third par­ties in order to be able to car­ry out our activ­i­ties and oper­a­tions in a sus­tain­able, peo­ple-friend­ly, secure and reli­able man­ner. Among oth­er things, we can use such ser­vices to embed func­tions and con­tent in our web­site. In the case of such embed­ding, the ser­vices used col­lect the fol­low­ing data at least tem­porar­i­ly for tech­ni­cal­ly com­pelling rea­sons IP address­es of the users.

For nec­es­sary secu­ri­ty, sta­tis­ti­cal and tech­ni­cal pur­pos­es, third par­ties whose ser­vices we use may process data in con­nec­tion with our activ­i­ties and oper­a­tions in aggre­gat­ed, anonymized or pseu­do­nymized form. This is, for exam­ple, per­for­mance or usage data in order to be able to offer the respec­tive service.

Dig­i­tal infrastructure

We use the ser­vices of spe­cial­ized third par­ties in order to be able to use the nec­es­sary dig­i­tal infra­struc­ture in con­nec­tion with our activ­i­ties and oper­a­tions. These include, for exam­ple, host­ing and stor­age ser­vices from select­ed providers.

We use in particular:

11. exten­sions for the website

We use exten­sions for our web­site in order to be able to use addi­tion­al func­tions. We may use select­ed ser­vices from suit­able providers or use such exten­sions on our own dig­i­tal infrastructure.

We use in particular:

12. final provisions

We may amend and sup­ple­ment this pri­va­cy pol­i­cy at any time. We will pro­vide infor­ma­tion about such amend­ments and addi­tions in an appro­pri­ate form, in par­tic­u­lar by pub­lish­ing the cur­rent data pro­tec­tion dec­la­ra­tion on our website.

The Ital­ian, French and Eng­lish pri­va­cy pol­i­cy has been auto­mat­i­cal­ly trans­lat­ed with Deepl.

 

Nach oben scrollen