Date: July 2022
1) Information on the collection of personal data and contact details of the data controller
1.1 We are pleased that you are visiting our website and thank you for your interest. In the following, we inform you about how your personal data is handled when you use our website. Personal data is any data which can be used to personally identify you.
1.2 The controller responsible for data processing on this website within the meaning of the General Data Protection Regulation (GDPR) is DICOTA SCHWEIZ AG, Churerstrasse 20, 8808 Pfäffikon SZ, Switzerland, tel.: +41 55 416 50 30, fax: +41 55 416 50 39, email: firstname.lastname@example.org. The controller is the natural or legal person who alone or jointly with others determines the purposes and means of personal data processing.
2) Data collection when visiting our website
When you use our website for information purposes only, i.e. if you do not register or otherwise transmit information to us, we only collect the data that your browser transmits to our server ( “server log files”). When you visit our website, we collect the following data, which is needed for technical reasons in order for us to display the website to you:
– Our visited website
– Date and time at the time of access
– Amount of data sent in bytes
– Browser used
– Operating system used
– IP address used (in anonymised form, if applicable)
The processing is carried out in accordance with Article 6 (1) (f) of the GDPR on the basis of our legitimate interest in improving the stability and functionality of our website. The data will not be passed on or used in any other way. However, we reserve the right to retrospectively check server log files if there are concrete indications of illegal use.
Within the scope of the use of our website, you are not subject to automated decision-making within the meaning of Article 22 of the GDPR.
To make our website more attractive to visitors and to enable the use of certain functions, we use “cookies” on various pages. These are small text files which are stored on your end device. We distinguish between cookies that are absolutely necessary to provide the service you have requested (necessary cookies) and cookies for which this is not the case (other cookies).
We may work with advertising partners who help us to make our website more interesting for you. For this purpose, cookies from partner companies are also saved on your hard drive when you visit our website (third-party cookies). If we work with advertising partners, as previously mentioned, you will be informed individually and separately about the use of such cookies and the scope of the information collected in each case within the paragraphs below.
Please note that you can change your browser settings such that you are informed about cookies being saved and can decide whether to accept them individually or reject them in certain cases or in general. Each browser differs in the way it manages cookie settings. This is described in the help menu of each browser, which explains how you can change your cookie settings. You can find these for the respective browsers by clicking on the following links:
Internet Explorer: http://windows.microsoft.com/de-DE/windows-vista/Block-or-allow-cookies
Please note that if you do not accept cookies, the functionality of our website may be restricted.
3.1 Mandatory cookies
Cookies are absolutely necessary if you cannot use the requested service without them. The legal basis for the use of these cookies under data protection law is Article 6 (1) (b) of the GDPR.
– Google Tag Manager
3.2 Other cookies
For “other cookies”, the legal basis for data processing is the consent you have given. You can withdraw this at any time with effect for the future. If consent is withdrawn or not given, processing will not take place.
– Google Analytics
– Usercentrics Consent Management platform
Personal data is collected if you get in touch with us (e.g. via a contact form or by email). If a contact form is used, the data collected can be seen in the respective contact form. This data is stored and used exclusively for the purpose of responding to your request or contacting you and the associated technical administration. The legal basis for processing this data is our legitimate interest in responding to your request pursuant to Article 6 (1) (f) of the GDPR. If the purpose of you getting in touch is to conclude a contract, the legal basis for processing is Article 6 (1) (b) of the GDPR. Your data will be erased after your request has been processed. This is the case if it is clear from the circumstances that the matter in question has been conclusively clarified and provided that there are no statutory retention obligations to the contrary.
5) Registration on the portal or forum
You can register on our website by providing personal data. The personal data processed for registration is indicated on the input screen used for registration. We use the “double opt-in procedure” for registration, i.e. your registration is only complete once you have confirmed it by clicking on the link contained in a confirmation email sent to you for this purpose. If we do not receive confirmation from you within 24 hours, your registration will be automatically erased from our database. Providing the following data is mandatory, as it is necessary to sufficiently identify you: first name, last name, company name, email address, country. You can provide all other information voluntarily via our portal.
If you use our portal, we store your data which we require to fulfil the contract, including any information on the method of payment, until you delete your access in a final way. Furthermore, we store any data you provide on a voluntary basis for the duration of your portal use, unless you delete it beforehand. You can manage and change all details in the protected customer area. The legal basis is Article 6 (1) (b) of the GDPR.
In addition, we store all content published by you (such as public posts, notice board entries, guestbook entries, etc.) in order to operate the website. The legal basis for this is Article 6 (1) (a) of the GDPR. If you delete your account, your public statements, especially in the forum, will remain visible to all readers, but your account will no longer be accessible. All other data will be erased in this case. The consent you have given can be withdrawn at any time with effect for the future.
6) Use of customer data for direct advertising
6.1 Subscription to our email newsletter
If you subscribe to our email newsletter, we will regularly send you information about our offers. The only mandatory information for sending the newsletter is your email address. The provision of further data is voluntary and will be used to address you personally. We use the “double opt-in procedure” to send our newsletter. This means that we will only send you an email newsletter once you have expressly confirmed that you consent to receiving newsletters. We will then send you a confirmation email asking you to confirm that you wish to receive the newsletter in future by clicking on a corresponding link.
6.2 Sending the email newsletter to existing customers
If you have provided us with your email address when purchasing goods or services, we may periodically email you offers for similar goods or services to those you have already purchased from our range. In accordance with Section 7 (3) of the Act Against Unfair Competition (Gesetz gegen den unlauteren Wettbewerb, UWG), we do not need to obtain separate consent from you for this. In this respect, data processing is carried out solely on the basis of our legitimate interest in personalised direct advertising in accordance with Article 6 (1) (f) of the GDPR. If you have initially objected to the use of your email address for this purpose, we will not send you any emails. You are entitled to object to the use of your email address for the aforementioned advertising purpose at any time with effect for the future by notifying the responsible controller named at the start of this policy. You will only incur transmission costs in line with the basic rates. After receiving your objection, the use of your email address for advertising purposes will cease immediately with effect for the future.
6.3 Sending newsletters via Sendinblue
Our email newsletter is sent via the technical service provider Sendinblue GmbH, Köpenicker Str. 126, 10179 Berlin, Germany, to whom we pass on the data you provided when registering for the newsletter. This disclosure is in accordance with Article 6 (1) (f) of the GDPR and serves our legitimate interest in using a newsletter system that is effective in terms of advertising and is both secure and user-friendly. The data you enter for the purpose of receiving the newsletter (e.g. email address) is stored on Sendinblue’s servers in the EU.
Sendinblue uses this information to send and statistically evaluate the newsletter on our behalf. For evaluation purposes, the emails sent contain “web beacons” or tracking pixels, which are single-pixel image files stored on our website. This makes it possible to determine whether a newsletter message has been opened and which links, if any, have been clicked on. In addition, technical information is collected (e.g. time of retrieval, IP address, browser type and operating system).
The data is collected exclusively pseudonymously and is not linked to your other personal data; any direct personal references are excluded. This data is used exclusively to statistically analyse newsletter campaigns. The results of these analyses can be used to better adapt future newsletters to the interests of newsletter recipients. If you wish to object to data analysis for statistical evaluation purposes, you must unsubscribe from the newsletter.
Furthermore, Sendinblue may use this data itself in accordance with Article 6 (1) (f) of the GDPR on the basis of its own legitimate interest in the design and optimisation of the service in line with demand, as well as for market research purposes—to determine which countries recipients come from, for example. However, Sendinblue does not use the data of our newsletter recipients to write to them itself or to pass such data on to third parties.
We have concluded a commissioned processing agreement with Sendinblue, through which we oblige Sendinblue to protect our customers’ data and not to pass it on to third parties.
6.4 – Advertising by post mail
Based on our legitimate interest in personalised direct advertising, we reserve the right to store your first name and surname, your postal address and—insofar as we have received this additional information from you as part of the contractual relationship—your title, academic degree, year of birth and your occupational, industry or business designation in accordance with Article 6 (1) (f) of the GDPR and to use this information to send you interesting offers and information about our products by post.
You can object to the storage and use of your data for this purpose at any time by sending a message to the controller.
7) Use of social media: Videos
Use of YouTube videos
This website uses the YouTube embedding function to display and play videos from the provider “YouTube”, which belongs to Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”).
This process uses the privacy-enhanced mode which, according to information provided by the provider, initiates the storage of user information only when the video/s is/are played back. If the playback of embedded YouTube videos is started, the provider “YouTube” saves cookies to collect information regarding user behaviour. According to information provided by “YouTube”, this information is used to collect video statistics, improve user friendliness and prevent misuse, among other things. If you are logged in to Google, your data will be directly assigned to your account when you click on a video. If you do not want this to be associated with your YouTube profile, you must log out before clicking on the button.
Regardless of whether the embedded videos are played, a connection to the Google network is established each time this website is accessed, which may trigger further data processing operations, over which we have no control.
Insofar as legally required, we have obtained your consent for the processing of your data as described above in accordance with Article 6 (1) (a) of the GDPR. You can withdraw your consent at any time with effect for the future. To exercise your withdrawal, disable this service in the “Cookie Consent Tool” provided on the website.
8) Web analytics services
Google (Universal) Analytics
This website uses Google (Universal) Analytics, a web analytics service provided by Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”). Google (Universal) Analytics uses “cookies”. “Cookies” are text files that are stored on your end device and allow your use of the website to be analysed. The information generated by the cookie regarding your use of the website (including your IP address) will be transmitted to and stored by Google on servers in the United States.
This website uses Google (Universal) Analytics exclusively with the extension “_anonymizeIp()”, which ensures anonymisation of the IP address by shortening it and excludes any direct personal references. By extension, your IP address will be shortened by Google beforehand within the member states of the European Union or in other states party to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google LLC server in the USA and shortened there. Google will use this information on our behalf for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet use. The IP address transmitted by your browser as part of Google (Universal) Analytics is not merged with other Google data.
Google Analytics also facilitates the creation of statistics with statements regarding the age, gender and interests of site visitors on the basis of interest-based advertising evaluation and with the involvement of third-party information via a special feature—“demographics”. This facilitates the definition and differentiation of user groups of the website for the purpose of targeting marketing measures. However, data sets collected via “demographics” cannot be assigned to a specific person.
Details on processing triggered by Google Analytics and Google’s handling of data from websites can be found here: https://policies.google.com/technologies/partner-sites
All processing described above, in particular the saving of Google Analytics cookies to read out information on the end device used, will only be carried out if you have given us your explicit consent to do so in accordance with Article 6 (1) of the GDPR. Without this consent, Google Analytics will not be used during your visit to the site.
You can withdraw your consent at any time with effect for the future. To exercise your withdrawal, please disable this service via the “Cookie Consent Tool” provided on the website. We have concluded a commissioned processing agreement with Google to use Google Analytics, which obliges Google to protect the data of our site visitors and to not pass it on to third parties.
More information on Google (Universal) Analytics can be found here: https://policies.google.com/privacy?hl=de&gl=de
9) Tools and miscellaneous
We also use the reCAPTCHA feature from Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”) on this website. The main purpose of this feature is to differentiate between whether an entry is being made by a natural person or if misuse by machines and automated processing is taking place. The service includes sending the IP address and, if applicable, further data required by Google for the reCAPTCHA service to Google and is carried out in accordance with Article 6 (1) (f) of the GDPR on the basis of our legitimate interest in establishing individual personal responsibility online and preventing misuse and spam. The use of Google reCAPTCHA may also result in the transmission of personal data to Google LLC servers in the USA.
Insofar as legally required, we have obtained your consent for the processing of your data as described above in accordance with Article 6 (1) (a) of the GDPR. You can withdraw your consent at any time with effect for the future. To exercise your right of withdrawal, please follow the procedure described above.
10) Data subject rights
10.1 The applicable data protection law grants you the following data subject rights (rights of access and intervention) vis-à-vis the controller with regard to the processing of your personal data, where reference is made to the stated legal basis for the respective exercise prerequisites:
– right of access pursuant to Article 15 of the GDPR;
– right to rectification pursuant to Article 16 of the GDPR;
– right to erasure pursuant to Article 17 of the GDPR;
– right to restriction of processing pursuant to Article 18 of the GDPR;
– right to data portability pursuant to Article 20 of the GDPR; and
– right to lodge a complaint pursuant to Article 77 of the GDPR.
10.2 Right to object
If we process your personal data within the context of balancing interests on the basis of our overriding legitimate interest, you have the right to object to this processing with effect for the future on grounds arising from your particular situation at any time.
If you exercise your right to object, we will stop processing the data concerned. However, we reserve the right to further processing if we can demonstrate compelling legitimate grounds for the processing which override your interests, fundamental rights and freedoms, or if the processing serves the purpose of asserting, exercising or defending legal claims.
If your personal data is processed by us for the purpose of direct marketing, you have the right to object at any time to the processing of personal data relating to you. You can exercise the objection as described above.
If you exercise your right to object, we will stop processing the data concerned for direct marketing purposes.
11) Duration of personal data storage
The duration of personal data storage is determined on the basis of the respective legal basis, the purpose of processing and—if relevant—additionally on the basis of the respective statutory retention period (e.g. retention periods under commercial and tax law).
When processing personal data on the basis of explicit consent pursuant to Article 6 (1) (a) of the GDPR, this data is stored until the data subject withdraws their consent, unless there are statutory retention obligations.
If there are statutory retention periods for data that is processed within the scope of legal or quasi-legal obligations on the basis of Article 6 (1) (b) of the GDPR, this data will be routinely erased after the retention periods have expired, provided that it is no longer required for the fulfilment of the contract or the initiation of the contract and/or there is no justified interest on our part in continuing to store it.
When processing personal data on the basis of Article 6 (1) (f) of the GDPR, this data is stored until the data subject exercises their right to object pursuant to Article 21 (1) of the GDPR, unless we can demonstrate compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject, or the processing serves to assert, exercise or defend legal claims.
When processing personal data for the purpose of direct marketing on the basis of Article 6 (1) (f) of the GDPR, this data is stored until the data subject exercises their right to object pursuant to Article 21 (2) of the GDPR.
Unless otherwise indicated in the other information in this policy on specific processing situations, stored personal data is otherwise erased when it is no longer necessary for the purposes for which it was collected or otherwise processed.