Privacy policy - information right, right of access, right to be forgotten
General notes
Based on Article 13 of the Swiss Federal Constitution and the data protection provisions of the Swiss Confederation (Data Protection Act, DSG), every person has the right to protection of their privacy as well as protection against misuse of their personal data. The operators of these pages take the protection of your personal data very seriously. We feel particularly committed to the protection of personal data. The website of CyberWehr RMS GmbH is subject to Swiss data protection law, in particular, according to the revised Federal Data Protection Act (revDSG), as well as any applicable foreign data protection law such as the General Data Protection Regulation (GDPR) of the European Union (EU). The EU recognizes the adequacy of Swiss data protection law to the European level of data protection.
In cooperation with our hosting providers, we make every effort to protect the databases as well as possible from unauthorized access, loss, misuse or forgery.
We would like to point out that data transmission on the Internet (e.g. communication by e-mail) can have security gaps. A complete protection of data against access by third parties is not possible.
Your contact:
The responsible party within the meaning of the data protection laws, in particular the EU General Data Protection Regulation (GDPR), is:
Company: CyberWehr RMS GmbH / Company: Monika Wehr
Alte Landstrasse 109, 8803 Rüschlikon
Contact data protection: +41 79 348 55 63 - info@cyberwehr-rms.ch
General data processing information
Personal data of our users is only collected if you provide it to us or if it is necessary for the provision of a functional website and our content and services. Personal data is only collected and used with the user’s consent. No personal data is collected beyond this. Any processing of your personal data that goes beyond the scope of the legal permissions will only take place based on your express consent.
We do not use your personal data for other purposes unrelated to the core service and do not share your data with third parties.
Processing Purpose:
Contract execution, consulting
Legal basis:
Art.6 para.1 lit.b of the GDPR/revDPA Art. 37. This also applies to processing operations that are necessary for the implementation of pre-contractual measures.
Category of recipients:
Public bodies in the case of overriding legal provisions, external service providers or other contractors.
Third country transfers:
No processors outside the European Union are used.
Data deletion/storage time:
The duration of data storage is based on the statutory retention periods and is usually 10 years.
Specific information on further data processing procedures
Data concerned: | Data provided for the performance of the contract; if applicable, any additional data for processing on the basis of your express consent. |
Purpose of processing: | Contract execution, including offers, orders, sales and invoicing, quality assurance. |
Third country transfers: | Public authorities in the case of overriding legal provisions. |
Third country transfers: | No processors outside the European Union are used. |
Duration of data retention: | The duration of data storage depends on the statutory retention obligations and is usually 10 years. |
The personal data of the data subject shall be deleted or blocked as soon as the purpose of storage ceases to apply. Storage may also take place if this has been provided for by the European or national legislator in Union regulations, laws or other provisions to which the controller is subject. Data will also be blocked or deleted if a storage period prescribed by the aforementioned standards expires, unless there is a need for further storage of the data for the conclusion or performance of a contract.
As a user, you have the possibility and the right in accordance with revised Data Protection Act Switzerland (DPA) and GDPR to request information, correction, revocation of consent to the processing of personal data or the deletion of data stored about you at any time.
Right to complain to a supervisory authority
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular, in the Member State of your place of residence, place of work or place of the alleged infringement, if you consider that the processing of personal data relating to you infringes the revDSG or the GDPR.
The supervisory authority to which the complaint has been submitted shall inform the complainant of the status and outcome of the complaint, including the possibility of a judicial remedy.
Specific information about the website
Rights of data subjects
Right to confirmation
Every data subject has the right to request confirmation as to whether personal data relating to him or her are being processed. If you wish to exercise this right of confirmation, you may contact the Data Protection Officer at any time.
Right of access
Any person with personal data affected by the processing has the right to obtain information about the personal data stored about him or her and a copy of this information at any time. In any case, the person will be provided with the following information:
- the purposes of processing
- the categories of personal data processed
- the recipients to whom the personal data have been or will be disclosed
- if possible, the planned period for which the personal data will be stored or, if this is not possible, the criteria for determining this period
- the existence of a right to rectification or erasure of the respective personal data; the existence of a right to restriction of processing by the controller or a right to object to such processing
- the existence of a right of appeal to a supervisory authority
- if the personal data is not collected from the data subject: any available information about the origin of the data.
Furthermore, the data subject has the right to be informed whether personal data have been transferred to a third country or to an international organization. If this is the case, the data subject also has the right to obtain information about the appropriate safeguards in connection with the transfer.
Contact the Data Protection Officer to exercise the right of information.
Right to rectification
Every person affected by the processing of personal data has the right to demand that inaccurate personal data concerning him or her be corrected without delay. Furthermore, the data subject has the right, considering the purposes of the processing, to request that incomplete personal data be completed, including by means of a supplementary declaration.
Contact the Data Protection Officer to exercise the right of rectification.
Right to erasure (right to be forgotten)
Any person affected by the processing of personal data has the right to demand from the controller of this website that the personal data concerning him or her be erased immediately, provided that one of the following reasons applies and insofar as the processing is not necessary:
- The personal data have been collected or otherwise processed for such purposes for which they are no longer necessary.
- The data subject revokes the consent on which the processing was based and there is no other legal basis for the processing
- The data subject objects to the processing on grounds relating to his or her particular situation and there are no overriding legitimate grounds for the processing, or, in the case of direct marketing and related profiling, the data subject objects to the processing
- The personal data are processed unlawfully
- The erasure of the personal data is necessary for compliance with a legal obligation under Union or Member State law to which the controller is subject
- The personal data have been collected in relation to information society services offered directly to a child
If one of the above reasons applies and you wish to arrange for the deletion of personal data stored by the operator of this website, you can contact our data protection officer at any time. The data protection officer of this website will arrange for the deletion request to be complied with immediately.
Right to restriction of processing
Any person concerned by the processing of personal data has the right to obtain from the controller of this website the restriction of processing if one of the following conditions is met:
- The accuracy of the personal data is contested by the data subject for a period enabling the controller to verify the accuracy of the personal data
- The processing is unlawful, the data subject objects to the erasure of the personal data and requests instead the restriction of the use of the personal data
- The controller no longer needs the personal data for the purposes of processing, but the data subject needs it to assert, exercise or defend legal claims
- The data subject has objected to the processing on grounds relating to his or her particular situation, and it is not yet clear whether the legitimate interests of the controller override those of the data subject
If one of the conditions mentioned applies and you would like to request the restriction of stored personal data, you can contact our data protection officer at any time. The data protection officer of this website will arrange the restriction of the data processing.
Right to data portability
Every person affected by the processing of personal data has the right to receive the personal data concerning him or her in a structured, common, and machine-readable format. He or she also has the right to have this data transferred to another controller if the legal requirements are met. Upon request, the personal data may be transferred directly from the controller to another controller, insofar as this is technically feasible and insofar as this does not adversely affect the rights and freedoms of other persons.
Contact the data protection officer to exercise the right to data portability.
Right to object
Every person affected by the processing of personal data has the right to object at any time to the processing of personal data concerning him or her.
In the event of the objection, we will no longer process the personal data, unless we can demonstrate compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject, or if the processing serves the purpose of asserting, exercising or defending legal claims.
Contact the Data Protection Officer to exercise the right to object.
Right to revoke consent granted under data protection law
Every person affected by the processing of personal data has the right to revoke a given consent to the processing of personal data at any time.
To assert your right to revoke consent, you may contact our data protection officer at any time.
Specific details on the use of webinar software
Data concerned: : | Data provided for the use of the webinar software (esp. first name, last name, e-mail address; optional: sound transmission; optional: image transmission; optional: questions when using chat functions); to the extent technically necessary, processing of data from your system to establish the connection with the provider of the conference software. |
Purpose of processing: | Implementation of webinars. |
Categories of recipients: | Public bodies in case of overriding legal provisions. External service providers or other contractors, including for data processing and hosting. Other external bodies insofar as the data subject has given consent or a transfer is permissible for overriding interest. |
Third country transfers: | If processors are used outside the European Union (here: United States of America), standard contractual clauses are concluded with the service provider. |
Duration of data storage: | The technical data is deleted if it is no longer required. The duration of the data storage depends on the legal storage obligations and is usually 10 years. |
Contact form and e-mail contact
Our website contains a contact form that can be used for electronic contact. If a user makes use of this option, only the data entered in the input mask will be transmitted to us and stored, which you as the user make available to us. The processing of the personal data from the input mask serves us solely to process the contact.
Use of own "cookies
This website uses its own „cookies“ in order to increase the user-friendliness. „Cookies“ are data records that are sent from the web server to the user’s browser and stored there for later retrieval. No personal data is stored in our own „cookies“. You can generally prevent the use of „cookies“ if you prohibit the storage of „cookies“ in your browser.
Usage data Server log files
The provider of this website automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:
- browser type and browser version
- Operating system used
- referrer URL
- Host name of the accessing computer
- Time of the server request
This data cannot be assigned to specific persons. This data is not merged with other data sources. We reserve the right to check this data retrospectively if we become aware of concrete indications of illegal use.
Privacy policy for SSL/TLS encryption
This website uses SSL/TLS encryption for security reasons and to protect the transmission of confidential content, such as requests that you send to us as the site operator. You can recognize an encrypted connection by the fact that the address line of the browser changes from „http://“ to „https://“ and by the lock symbol in your browser line.
If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.
You can recognize the call from LinkedIn, LinkedIn, 2029 Stierlin Courtm, Mountain View, CA 94043 USA, by the „in“ sign on a blue background. If you activate our „in“ button as part of the 2-click solution, a connection to the LinkedIn server will be established and the LinkedIn plugin will be reloaded on the respective website. The content of the „in“ button will be transmitted by LinkedIn directly to your browser and integrated into the website. It is possible that your IP address is transmitted in this way to LinkedIn in the USA. For the purpose and scope of data collection and further processing and use of the data by LinkedIn, and your rights and privacy preferences in relation thereto, please refer to LinkedIn’s privacy policy (http://www.linkedin.com/legal/privacy-policy) regarding the „in“ button. If you are a LinkedIn member and do not want LinkedIn to collect information about you and link it to your LinkedIn membership information when you click the „in“ button on our site, you must log out of LinkedIn before visiting our site.
You can recognize the call to XING, XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany, by the „x“ or „xing“ sign on a green background. If you activate our „XING“ button as part of the 2-click solution, a connection is established with the XING server and the XING Share Button functions (in particular the calculation/display of the counter value) are reloaded on the respective website. XING does not store any personal data about you when you call up this website. In particular, XING does not store IP addresses. There is also no evaluation of your usage behavior through the use of cookies in connection with the „XING Share Button“. The current data protection information for the „XING Share Button“ and additional information can be found on this website: https://www.xing.com/app/share?op=data_protection.
Rüschlikon, May 5th, 2021
CyberWehr RMS GmbH
Alte Landstrasse 109
8803 Rüschlikon (ZRH), Switzerland
2020 © All rights reserved by CyberWehr