Privacy policy - information right, right of access, right to be forgotten

General notes

Based on Article 13 of the Swiss Federal Constitution and the data protection provisions of the Swiss Confederation (Data Protection Act, DSG), every person has the right to protection of their privacy as well as protection against misuse of their personal data. The operators of these pages take the protection of your personal data very seriously. We feel particularly committed to the protection of personal data. The website of CyberWehr RMS GmbH is subject to Swiss data protection law, in particular, according to the revised Federal Data Protection Act (revDSG), as well as any applicable foreign data protection law such as the General Data Protection Regulation (GDPR) of the European Union (EU). The EU recognizes the adequacy of Swiss data protection law to the European level of data protection.

In cooperation with our hosting providers, we make every effort to protect the databases as well as possible from unauthorized access, loss, misuse or forgery.

We would like to point out that data transmission on the Internet (e.g. communication by e-mail) can have security gaps. A complete protection of data against access by third parties is not possible.

Your contact:

The responsible party within the meaning of the data protection laws, in particular the EU General Data Protection Regulation (GDPR), is:

Company: CyberWehr RMS GmbH / Company: Monika Wehr

Alte Landstrasse 109, 8803 Rüschlikon

Contact data protection: +41 79 348 55 63 - info@cyberwehr-rms.ch

Datenschutzexperte

General data processing information

Personal data of our users is only collected if you provide it to us or if it is necessary for the provision of a functional website and our content and services. Personal data is only collected and used with the user’s consent. No personal data is collected beyond this. Any processing of your personal data that goes beyond the scope of the legal permissions will only take place based on your express consent.

We do not use your personal data for other purposes unrelated to the core service and do not share your data with third parties.

Processing Purpose:

Contract execution, consulting

Legal basis:

Art.6 para.1 lit.b of the GDPR/revDPA Art. 37. This also applies to processing operations that are necessary for the implementation of pre-contractual measures.

Category of recipients:

Public bodies in the case of overriding legal provisions, external service providers or other contractors.

Third country transfers:

No processors outside the European Union are used.

Data deletion/storage time:

The duration of data storage is based on the statutory retention periods and is usually 10 years.

 

Specific information on further data processing procedures

Data concerned:

Data provided for the performance of the contract; if applicable, any additional data for processing on the basis of your express consent.

Purpose of processing:

Contract execution, including offers, orders, sales and invoicing, quality assurance.

Third country transfers:

Public authorities in the case of overriding legal provisions.
External service providers or other contractors, including for data processing and hosting, shipping, transport and logistics. Other external bodies insofar as the data subject has given consent or a transfer is permissible for overriding interest.

Third country transfers:

No processors outside the European Union are used.

Duration of data retention:

The duration of data storage depends on the statutory retention obligations and is usually 10 years.

The personal data of the data subject shall be deleted or blocked as soon as the purpose of storage ceases to apply. Storage may also take place if this has been provided for by the European or national legislator in Union regulations, laws or other provisions to which the controller is subject. Data will also be blocked or deleted if a storage period prescribed by the aforementioned standards expires, unless there is a need for further storage of the data for the conclusion or performance of a contract.

As a user, you have the possibility and the right in accordance with revised Data Protection Act Switzerland (DPA) and GDPR to request information, correction, revocation of consent to the processing of personal data or the deletion of data stored about you at any time.

 

Right to complain to a supervisory authority

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular, in the Member State of your place of residence, place of work or place of the alleged infringement, if you consider that the processing of personal data relating to you infringes the revDSG or the GDPR.

The supervisory authority to which the complaint has been submitted shall inform the complainant of the status and outcome of the complaint, including the possibility of a judicial remedy.

Specific information about the website

Rights of data subjects

Right to confirmation

Every data subject has the right to request confirmation as to whether personal data relating to him or her are being processed. If you wish to exercise this right of confirmation, you may contact the Data Protection Officer at any time.

 

Right of access

Any person with personal data affected by the processing has the right to obtain information about the personal data stored about him or her and a copy of this information at any time. In any case, the person will be provided with the following information:

  • the purposes of processing
  • the categories of personal data processed
  • the recipients to whom the personal data have been or will be disclosed
  • if possible, the planned period for which the personal data will be stored or, if this is not possible, the criteria for determining this period
  • the existence of a right to rectification or erasure of the respective personal data; the existence of a right to restriction of processing by the controller or a right to object to such processing
  • the existence of a right of appeal to a supervisory authority
  • if the personal data is not collected from the data subject: any available information about the origin of the data.

Furthermore, the data subject has the right to be informed whether personal data have been transferred to a third country or to an international organization. If this is the case, the data subject also has the right to obtain information about the appropriate safeguards in connection with the transfer.

Contact the Data Protection Officer to exercise the right of information.

 

Right to rectification

Every person affected by the processing of personal data has the right to demand that inaccurate personal data concerning him or her be corrected without delay. Furthermore, the data subject has the right, considering the purposes of the processing, to request that incomplete personal data be completed, including by means of a supplementary declaration.

Contact the Data Protection Officer to exercise the right of rectification.

 

Right to erasure (right to be forgotten)

Any person affected by the processing of personal data has the right to demand from the controller of this website that the personal data concerning him or her be erased immediately, provided that one of the following reasons applies and insofar as the processing is not necessary:

  • The personal data have been collected or otherwise processed for such purposes for which they are no longer necessary.
  • The data subject revokes the consent on which the processing was based and there is no other legal basis for the processing
  • The data subject objects to the processing on grounds relating to his or her particular situation and there are no overriding legitimate grounds for the processing, or, in the case of direct marketing and related profiling, the data subject objects to the processing
  • The personal data are processed unlawfully
  • The erasure of the personal data is necessary for compliance with a legal obligation under Union or Member State law to which the controller is subject
  • The personal data have been collected in relation to information society services offered directly to a child

If one of the above reasons applies and you wish to arrange for the deletion of personal data stored by the operator of this website, you can contact our data protection officer at any time. The data protection officer of this website will arrange for the deletion request to be complied with immediately.

 

Right to restriction of processing

Any person concerned by the processing of personal data has the right to obtain from the controller of this website the restriction of processing if one of the following conditions is met:

  • The accuracy of the personal data is contested by the data subject for a period enabling the controller to verify the accuracy of the personal data
  • The processing is unlawful, the data subject objects to the erasure of the personal data and requests instead the restriction of the use of the personal data
  • The controller no longer needs the personal data for the purposes of processing, but the data subject needs it to assert, exercise or defend legal claims
  • The data subject has objected to the processing on grounds relating to his or her particular situation, and it is not yet clear whether the legitimate interests of the controller override those of the data subject

If one of the conditions mentioned applies and you would like to request the restriction of stored personal data, you can contact our data protection officer at any time. The data protection officer of this website will arrange the restriction of the data processing.

Right to data portability

Every person affected by the processing of personal data has the right to receive the personal data concerning him or her in a structured, common, and machine-readable format. He or she also has the right to have this data transferred to another controller if the legal requirements are met. Upon request, the personal data may be transferred directly from the controller to another controller, insofar as this is technically feasible and insofar as this does not adversely affect the rights and freedoms of other persons.

Contact the data protection officer to exercise the right to data portability.

Right to object

Every person affected by the processing of personal data has the right to object at any time to the processing of personal data concerning him or her.

In the event of the objection, we will no longer process the personal data, unless we can demonstrate compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject, or if the processing serves the purpose of asserting, exercising or defending legal claims.

Contact the Data Protection Officer to exercise the right to object.

Right to revoke consent granted under data protection law

Every person affected by the processing of personal data has the right to revoke a given consent to the processing of personal data at any time.

To assert your right to revoke consent, you may contact our data protection officer at any time.

 

Specific details on the use of webinar software

Data concerned:           :

Data provided for the use of the webinar software (esp. first name, last name, e-mail address; optional: sound transmission; optional: image transmission; optional: questions when using chat functions); to the extent technically necessary, processing of data from your system to establish the connection with the provider of the conference software.

Purpose of processing:

Implementation of webinars.

Categories of recipients:

Public bodies in case of overriding legal provisions. External service providers or other contractors, including for data processing and hosting. Other external bodies insofar as the data subject has given consent or a transfer is permissible for overriding interest.

Third country transfers:

If processors are used outside the European Union (here: United States of America), standard contractual clauses are concluded with the service provider.

Duration of data storage:

The technical data is deleted if it is no longer required. The duration of the data storage depends on the legal storage obligations and is usually 10 years.

Contact form and e-mail contact

Our website contains a contact form that can be used for electronic contact. If a user makes use of this option, only the data entered in the input mask will be transmitted to us and stored, which you as the user make available to us. The processing of the personal data from the input mask serves us solely to process the contact.

Use of own "cookies

This website uses its own “cookies” in order to increase the user-friendliness. “Cookies” are data records that are sent from the web server to the user’s browser and stored there for later retrieval. No personal data is stored in our own “cookies”. You can generally prevent the use of “cookies” if you prohibit the storage of “cookies” in your browser.

Usage data Server log files

The provider of this website automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:

  • browser type and browser version
  • Operating system used
  • referrer URL
  • Host name of the accessing computer
  • Time of the server request

This data cannot be assigned to specific persons. This data is not merged with other data sources. We reserve the right to check this data retrospectively if we become aware of concrete indications of illegal use.

Privacy policy for SSL/TLS encryption

This website uses SSL/TLS encryption for security reasons and to protect the transmission of confidential content, such as requests that you send to us as the site operator. You can recognize an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line.

If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.

Use of Google Analytics

This website uses Google Analytics, a web analytics service provided by Google Ireland Limited.
The statistics obtained enable us to improve our offer and make it more interesting for you as a user. This website also uses Google Analytics for a cross-device analysis of visitor flows, which is carried out via a user ID. If you have a Google user account, you can deactivate the cross-device analysis of your usage in the settings there under “My data”, “Personal data”.
The legal basis for the use of Google Analytics is Art. 6 para. 1 p. 1 lit. f GDPR. The IP address transmitted by your browser as part of Google Analytics will not be merged with other data from Google. We would like to point out that on this website Google Analytics has been extended by the code “_anonymizeIp();” to ensure anonymized collection of IP addresses. This means that IP addresses are processed in abbreviated form, which means that they cannot be linked to a specific person. If the data collected about you is related to a person, this is immediately excluded and the personal data is deleted immediately.
Only in exceptional cases will the full IP address be transferred to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage to the website operator. For the exceptional cases in which personal data is transferred to the USA, Google has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.
Google Analytics uses cookies. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there. You may refuse the use of cookies by selecting the appropriate settings on your browser, however, please note that if you do this you may not be able to use the full functionality of this website. You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) to Google and the processing of this data by Google by downloading and installing the browser plugin available at the following link: Disable Google Analytics.
In addition, you can also prevent the use of Google Analytics by clicking on this link: Disable Google Analytics. This will save a so-called opt-out cookie on your data carrier, which prevents the processing of personal data by Google Analytics. Please note that if you delete all cookies on your terminal device, these opt-out cookies will also be deleted, i.e. you will have to set the opt-out cookies again if you wish to continue to prevent this form of data collection. The opt-out cookies are set per browser and computer/end device and must therefore be activated separately for each browser, computer or other end device.

Google Ads

This website uses Google Conversion Tracking. If you have reached our website via an ad placed by Google, Google Ads will set a cookie on your computer. The conversion tracking cookie is set when a user clicks on an ad placed by Google. These cookies lose their validity after 30 days and are not used for personal identification. If the user visits certain pages of our website and the cookie has not yet expired, we and Google can recognize that the user clicked on the ad and was redirected to this page. Each Google Ads customer receives a different cookie. Cookies can therefore not be tracked across Ads customers’ websites. The information obtained using the conversion cookie is used to create conversion statistics for Ads customers who have opted in to conversion tracking. Clients learn the total number of users who clicked on their ad and were redirected to a page tagged with a conversion tracking tag. However, they do not receive any information that can be used to personally identify users.

If you do not wish to participate in the tracking, you can refuse the setting of a cookie required for this – for example, by means of a browser setting that generally deactivates the automatic setting of cookies or by setting your browser so that cookies from the domain “googleleadservices.com” are blocked.

Please note that you may not delete the opt-out cookies as long as you do not want any measurement data to be recorded. If you have deleted all your cookies in the browser, you must set the respective opt-out cookie again.

Google Web Fonts

This website uses so-called web fonts provided by Google for the uniform display of fonts. When you call up a page, your browser loads the required web fonts into its browser cache in order to display texts and fonts correctly. If your browser does not support web fonts, a standard font is used by your computer.

You can find more information on Google Web Fonts at https://developers.google.com/fonts/faq and in Google’s privacy policy: https://www.google.com/policies/privacy/ 

LINKEDIN

You can recognize the call from LinkedIn, LinkedIn, 2029 Stierlin Courtm, Mountain View, CA 94043 USA, by the “in” sign on a blue background. If you activate our “in” button as part of the 2-click solution, a connection to the LinkedIn server will be established and the LinkedIn plugin will be reloaded on the respective website. The content of the “in” button will be transmitted by LinkedIn directly to your browser and integrated into the website. It is possible that your IP address is transmitted in this way to LinkedIn in the USA. For the purpose and scope of data collection and further processing and use of the data by LinkedIn, and your rights and privacy preferences in relation thereto, please refer to LinkedIn’s privacy policy (http://www.linkedin.com/legal/privacy-policy) regarding the “in” button. If you are a LinkedIn member and do not want LinkedIn to collect information about you and link it to your LinkedIn membership information when you click the “in” button on our site, you must log out of LinkedIn before visiting our site.

XING

You can recognize the call to XING, XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany, by the “x” or “xing” sign on a green background. If you activate our “XING” button as part of the 2-click solution, a connection is established with the XING server and the XING Share Button functions (in particular the calculation/display of the counter value) are reloaded on the respective website. XING does not store any personal data about you when you call up this website. In particular, XING does not store IP addresses. There is also no evaluation of your usage behavior through the use of cookies in connection with the “XING Share Button”. The current data protection information for the “XING Share Button” and additional information can be found on this website: https://www.xing.com/app/share?op=data_protection.

Rüschlikon, May 5th, 2021

CyberWehr RMS GmbH

Alte Landstrasse 109

8803 Rüschlikon (ZRH), Switzerland

2020 © All rights reserved by CyberWehr