Privacy policy

Thank you for visiting our website reka.ch and for your interest in our company.

The protection of your personal data, such as date of birth, name, telephone number, address, etc., is important to us.

The purpose of this privacy policy is to inform you about the processing of your personal data that we collect from you when you visit our site. Our data protection practices are in accordance with the legal regulations of the Swiss Federal Data Protection Act (FADP) and the EU's General Data Protection Regulation (GDPR). The following data protection declaration serves to fulfil the information obligations arising from the FADP and the GDPR. These can be found, for example, in Art. 19 ff. FADP as well as Art. 13 ff. of the GDPR.

Owner or responsible person

The controller within the meaning of Art. 5 let. j FADP or Art. 4 no. 7 GDPR is the person who alone or jointly with others decides on the purposes and means of the processing of personal data. The controller pursuant to Art. 4 No. 7 GDPR is also the recipient of the personal data within the meaning of Art. 4 No. 9 GDPR. Any third party recipient shall be identified separately.

With regard to our website, the owner or responsible person is:

Schweizer Reisekasse (Reka) Genossenschaft
Neuengasse 15
Postfach
3011 Bern
Switzerland
E-mail: datenschutz@reka.ch
Tel: +41 (0)31 329 66 33

Contact details of the person responsible for data protection (FADP) or the data protection officer (GDPR)

We have appointed a data protection advisor in accordance with Art. 10 FADP. This person also complies with the requirements of a data protection officer pursuant to Art. 37 GDPR. You can reach this person under the following contact details:

Neuengasse 15
Postfach
3011 Bern
Switzerland
E-mail: datenschutz@reka.ch

Provision of the website and creation of log files

Each time our website is accessed, our system automatically collects data and information from the device (e.g. computer, mobile phone, tablet, etc.) used to access it.

What personal data is collected and to what extent is it processed?

(1) Information about the browser type and version used;
(2) The operating system of the retrieval device;
(3) Host name of the accessing computer;
(4) The IP address of the retrieval device;
(5) Date and time of access;
(6) Websites and resources (images, files, other page content) accessed on our website;
(7) Websites from which the user's system accessed our website (referrer tracking);
(8) Message whether the retrieval was successful;
(9) Amount of data transmitted

This data is stored in the log files of our system. This data is not stored together with the personal data of a specific user, so that individual site visitors cannot be identified.

Legal basis for the processing of personal data

Personal data is processed in accordance with the principle of legality (Art. 6 para. 1 FADP) and the principle of good faith (Art. 6 para. 2 FADP or Art. 2 CC) as well as Art. 6 para. 1 lit. f GDPR (legitimate interest).

Purpose of data processing

The temporary (automated) storage of data is necessary for the course of a website visit in order to enable delivery of the website. The storage and processing of personal data is also carried out to maintain the compatibility of our website for as many visitors as possible and to combat abuse and eliminate malfunctions. For this purpose, it is necessary to log the technical data of the accessing computer in order to be able to react as early as possible to display errors, attacks on our IT systems and/or errors in the functionality of our website. In addition, we use the data to optimise the website and to generally ensure the security of our information technology systems.

Duration of storage

The deletion of the aforementioned technical data takes place as soon as they are no longer required to ensure the compatibility of the website for all visitors, but no later than 3 months after accessing our website.

Possibility of restriction, objection, correction and deletion

You may at any time request the restriction of processing pursuant to Art. 18 GDPR or object to processing pursuant to Art. 21 GDPR as well as request the correction or deletion of data pursuant to Art. 16 or 17 GDPR. You can find out which rights you have and how to exercise them in the lower section of this privacy policy.

Special functions of the website

Our site offers you various functions, during the use of which personal data is collected, processed and stored by us. We explain below what happens to this data:

Order form

• What personal data is collected and to what extent is it processed?

  The data you enter in the form fields, such as address, surname, first name, etc., will be processed by us to fulfil the purpose stated below.

• Legal basis for the processing of personal data

  Personal data is processed in accordance with the principle of legality (Art. 6 para. 1 FADP) and the principle of good faith (Art. 6 para. 2 FADP or Art. 2 CC) as well as Art. 6 para. 1 let. b FADP (implementation of (pre)contractual measures).

• Purpose of data processing

  The purpose of the data processing is to process your order so that we can fulfil or initiate the contract concluded with you.

• Duration of storage

  The data is deleted as soon as it is no longer required for processing the order and there are no longer any legal storage obligations. As a rule, the legislator provides for a retention obligation of 10 years.

• Possibility of objection, processing, correction and deletion

  You can restrict processing in accordance with Article 18 of the GDPR, object to processing in accordance with Article 21 of the GDPR and request correction or deletion of data in accordance with Article 16 or 17 of the GDPR at any time. You can find out which rights you have and how to exercise them in the lower section of this data protection declaration.

• Necessity of providing personal data

  The information in the order form is necessary for the conclusion of a contract. If you do not fill in the mandatory fields or do not fill them in completely, the order you have requested cannot be carried out.

Application form

• What personal data is collected and to what extent is it processed?

  The data you enter in the form fields of the application form and upload, if applicable, will be processed to fulfil the purpose stated below.

• Legal basis for the processing of personal data

  Personal data is processed in accordance with the principle of legality (Art. 6 para. 1 FADP) and the principle of good faith (Art. 6 para. 2 FADP or Art. 2 CC) as well as Art. 6 para. 1 lit. b FADP (implementation of (pre)contractual measures).

• Purpose of data processing

  The purpose of the data processing is to check and process the application documents uploaded by you via the form.

• Duration of storage

  The data is deleted as soon as the application has been processed and there is no longer a justified interest in storing the application data. Your application documents will therefore be deleted after 6 months at the latest if no employment relationship is established.

• Possibility of objection, processing, correction and deletion

  You can restrict processing in accordance with Article 18 of the GDPR, object to processing in accordance with Article 21 of the GDPR and request correction or deletion of data in accordance with Article 16 or 17 of the GDPR at any time. You can find out which rights you have and how to exercise them in the lower section of this data protection declaration.

• Necessity of providing personal data

  The information in the application form is required for sending and processing the application. If you do not fill in the required fields or do not fill them in completely, the application you have requested cannot be sent or processed.

Booking request form

• Scope of the processing of personal data

  We will process the data you enter in our booking request form (date, number of persons, etc.) to fulfil the following purpose.

• Legal basis for the processing of personal data

  Personal data is processed in accordance with the principle of legality (Art. 6 para. 1 FADP) and the principle of good faith (para. 2 FADP or Art. 2 CC) as well as Art. 6 para. 1 lit. b GDPR (implementation of (pre)contractual measures).

• Purpose of data processing

  A pre-contractual exchange of information is necessary in order to check your booking so that we can prepare for the possible conclusion of a contract at a later date.

• Duration of storage

  The data is deleted as soon as it is no longer required for processing the booking and there are no longer any legal retention obligations.

• Possibility of objection, processing, correction and deletion

  You can restrict processing in accordance with Article 18 of the GDPR, object to processing in accordance with Article 21 of the GDPR and request correction or deletion of data in accordance with Article 16 or 17 of the GDPR at any time. You can find out which rights you have and how to exercise them in the lower section of this data protection declaration.

• Necessity of providing personal data

  The information in the booking request form is required in order to process your booking properly. If you do not fill in the required fields or do not fill them in completely, we will not be able to process your booking request.

Contact form(s)

• What personal data is collected and to what extent is it processed?

  The data you have entered in our contact forms, which you have entered in the input mask of the contact form.

• Legal basis for the processing of personal data

  Personal data is processed in accordance with the principle of legality (Art. 6 para. 1 FADP) and the principle of good faith (Art. 6 para. 2 FADP or Art. 2 CC) as well as Art. 6 para. 1 lit. a FADP (consent through unambiguous confirmatory action or behaviour).

• Purpose of data processing

  We will only use the data collected via our contact form or contact forms for processing the specific contact request received through the contact form. Please note that in order to fulfil your contact request, we may also send you e-mails to the address you have provided. The purpose of this is so that you can receive confirmation from us that your enquiry has been correctly forwarded to us. However, the sending of this confirmation e-mail is not obligatory for us and is only for your information.

• Duration of storage

  After processing your request, the collected data will be deleted immediately, unless there are legal retention periods.

• Possibility of restriction, objection, correction and deletion

  You may at any time request the restriction of processing pursuant to Art. 18 GDPR or object to processing pursuant to Art. 21 GDPR as well as request the correction or deletion of data pursuant to Art. 16 or 17 GDPR. You can find out which rights you have and how to exercise them in the lower section of this privacy policy.

• Necessity of providing personal data

  The use of the contact forms is on a voluntary basis. You are not obliged to contact us via the contact form, but can also use the other contact options provided on our website. If you wish to use our contact form, you must fill in the fields marked as mandatory. If you do not fill in the required information on the contact form, you will either not be able to send the enquiry or we will not be able to process your enquiry due to a lack of information.

Login area / Registration

• Scope of personal data processing and personal data collected

  The registration and login details you have entered with us or have been provided to you.

• Legal basis for the processing of personal data

  Personal data is processed in accordance with the principle of legality (Art. 6 para. 1 FADP) and the principle of good faith (Art. 6 para. 2 FADP or Art. 2 CC) as well as Art. 6 para. 1 lit. b FADP (implementation of (pre)contractual measures).

• Purpose of data processing

  You have the option of using a separate login area on our website. In order for us to check your authorisation to use the protected area or the protected documents, you must enter your login data (e-mail or user name and password) in the corresponding form. If required, we can send you your login data or the option to reset the password by e-mail on request.

• Duration of storage

  The data collected will be stored for as long as you maintain a user account with us.

• Possibility of restriction, objection, correction and deletion

  You may at any time request the restriction of processing pursuant to Art. 18 GDPR or object to processing pursuant to Art. 21 GDPR as well as request the correction or deletion of data pursuant to Art. 16 or 17 GDPR. You can find out which rights you have and how to exercise them in the lower section of this privacy policy.

• Necessity of providing personal data

  Certain pages and their contents are not publicly accessible. Via the login area on our site, certain users can gain access to the protected area. The use of the content protected by the login area is not possible without entering personal data. If you wish to use our login area, you must fill in the fields marked as mandatory (user name and password). The entry of the data requires the existence of a user account. Registration is not possible if the data you have entered is incorrect. If the data you enter is incorrect or not entered at all, the protected area cannot be used. However, the rest of the site can still be used without a login.

Newsletter registration form

• What personal data is collected and to what extent is it processed?

  By registering for the newsletter on our website, we receive the e-mail address entered by you in the registration field and, if applicable, further contact data, provided that you communicate this to us via the newsletter registration form.

• Legal basis for the processing of personal data

  Personal data is processed in accordance with the principle of legality (Art. 6 para. 1 FADP) and the principle of good faith (Art. 6 para. 2 FADP or Art. 2 CC) as well as Art. 6 para. 1 lit. a FADP (consent through unambiguous confirmatory action or conduct).

• Purpose of data processing

  The data recorded in the registration mask of our newsletter will be used by us exclusively for sending our newsletter, in which we inform you about all our services and our news. After registration, we will send you a confirmation e-mail containing a link that you must click to complete the registration for our newsletter (double opt-in). By doing so, you give your consent to data processing in accordance with Art. 6 para. 6 FADP.

• Duration of storage

  You can unsubscribe from our newsletter at any time by clicking on the unsubscribe link, which is also included in every newsletter. Your data will be deleted by us immediately after unsubscribing, provided that there are no legal retention obligations. Likewise, your data will be deleted by us immediately in the event that your subscription is not completed. We reserve the right to delete without giving reasons and without prior or subsequent information.

• Possibility of restriction, objection, correction and deletion

  You may at any time request the restriction of processing pursuant to Art. 18 GDPR or object to processing pursuant to Art. 21 GDPR as well as request the correction or deletion of data pursuant to Art. 16 or 17 GDPR. You can find out which rights you have and how to exercise them in the lower section of this privacy policy.

• Necessity of providing personal data

  If you would like to use our newsletter, you must fill in the fields marked as mandatory and confirm your e-mail address by clicking on the double opt-in link. The newsletter registration details are necessary in order to be able to make use of the newsletter offer. The information is used exclusively for sending our newsletter. If you do not fill in the mandatory fields, we will not be able to provide you with our newsletter service.

Advertising block

If you have booked Reka holiday offers or draw Reka money, we will regularly provide you with suitable information and offers in electronic and/or analogue form on the basis of your collected data. If you do not wish to receive this information and offers, but still wish to receive Reka services, you can place an advertising block on your electronic and analogue address. With an advertising block, you will only receive information that we are obliged to communicate to you (e.g. changes to the GTC).

Processing of personal data in connection with a journey / holiday stay (REKA holidays)

Purpose of the data processing

For the purpose of booking, carrying out a trip/holiday stay and optimising your travel/accommodation experience, Reka processes personal data from you within the scope of the following activities:

• Reservation;
• Booking;
• Rebooking;
• Cancellation;
• Check-in management;
• Communicating with you regarding the trip/rental;
• Dealing with irregularities/complaints;
• Improving Reka's offers (e.g. customer surveys);
• Recommendations to third parties;
• Gift vouchers;
• Securing payment transactions.

Data transfer to third parties

If you book a holiday offer that is not provided by Reka (e.g. Centerparcs, Pradas Resort), the customer and booking data required to process the holiday stay will be passed on by Reka to the contractual partner. Reka accepts no responsibility for the handling of your data by the contractual partner and draws your attention to the fact that the contractual partner may also use the data passed on to it for its own marketing purposes.

Data disclosure to authorities

For legal and regulatory reasons, it is necessary that we collect certain information from our customers and forward it to authorities in the country of the travel stay. This concerns, for example, the processing of spa and tourism taxes or the obligation to report guest stays. For this purpose, in addition to the personal data (surname, first name, address) of the booking person and the stay data (e.g. arrival, departure), we collect, among other things, birth data, gender, citizenship, travel document data, contact data, etc. of the travel participants.

Processing of personal data in connection with the withdrawal and use of means of payment (REKA money)

Purpose of the data processing

For the purpose of issuing Reka Money to you, processing payment transactions and optimising your experience of using Reka Money, Reka processes your personal data within the scope of the following activities:

• Opening a customer portfolio and customer accounts. (To do this, we receive the necessary data from your employer, the company or organisation through which you draw Reka Money, or from you directly;
• Sending you documents so that you can pay in your Reka Money withdrawal quota and managing your payments;
• Issuing and replacing Reka-Cards;
• Delivery of Reka-Checks and Reka-Rail-Checks;
• Management of your customer accounts (credits, debits, adjustment entries);
• Payment processing between you and the merchant (use of your Reka money);
• Communication with you as a customer regarding your account details and payment transactions as well as the processing of irregularities/complaints ;
• as a financial intermediary, Reka is subject to various legal obligations (e.g. Money Laundering Act, relevant FINMA circulars, tax laws). In order to fulfil these obligations, we collect and process data for identity and age verification, fraud and money laundering prevention, the fulfilment of control and reporting obligations under tax law and archiving obligations.

Data transfer to third parties

Reka works with third-party companies for the purpose of providing contractual services. These companies only receive the data required by Reka for the fulfilment of the contract assigned to them and have signed a data protection and security agreement with Reka. These are

• the company entrusted with the production and handling of the Reka Card and PIN mailing;
• various contractors of bulk mailings (e.g. Reka money quota letters and payment slips).

Data disclosure to authorities

For legal and regulatory reasons relating to the Money Laundering Act, the regulation of the Financial Market Authority and tax laws, it may be necessary for us to forward certain client data to the relevant competent authority. This only takes place in individual cases, e.g. in the case of justified suspicions of money laundering or specific requests from tax authorities.

Processing of personal data in connection with REKA social offers

Special provisions

If you participate in a social offer provided by Reka (e.g. Holidays for 200 Swiss francs, Mum plus), the regulations in the section "Processing of personal data in connection with a trip / holiday (Reka holidays)" apply. In addition to the data described there, Reka collects data to check your eligibility for our social offers. This includes information on income and assets (tax data). This data collected by us is deleted no later than 3 years after a booking or rejection of your application and any paper copies are securely destroyed.

Use case profile in the customer portal

• purpose of the profile in the customer portal The profile in the customer portal enables you to manage and keep track of your Reka payment means accounts and your Reka Cards (e.g. change PIN, block cards) and to manage your holidays booked with Reka. It is opened when you open a customer portfolio (see also the section entitled "Processing of personal data in connection with the withdrawal and use of means of payment (REKA money)").
• 2. personal data collected for the creation and operation of the profile When you open a profile in the customer portal, personal data, in particular your surname, first name, address and e-mail address, are requested. Depending on your needs, you can store further information in your profile: Your mobile phone number (SMS-TAN procedure), coordinates of owners of a partner card, etc. If you decide not to store certain information in your profile (e.g. mobile phone number), certain functions or processes may not be available to you. Reka is entitled to process the data you disclose in the course of using the profile in order to fulfil the contractual obligations arising therefrom and to operate the profile.
• 3 Passing on data to third parties Reka shall not pass on to third parties the data disclosed by you in your profile in the customer portal and/or during the use of a function of the profile and which arises during the use of the profile. The exception to this is third-party companies that provide services on behalf of Reka for the processing of online account services.
• 4 Marketing measures and personalised advertising
• a. Analysis activities For this purpose, Reka processes your personal data collected during registration and use of the profile for the purpose of analysing customer behaviour.
• b. Individualised information and offers When you open a profile in the customer portal, we compile and evaluate your consumption and usage behaviour data in order to be able to offer you relevant and individualised information and offers tailored to your interests (e.g. additional services when booking Reka holidays, special offers for Reka Money users). By opening a profile, you consent to us offering you such information and offers.
• c. Market research As part of market research, Reka may invite you to participate in surveys to improve our services and products.
• d. Electronic and analogue communication By opening a profile in the customer portal, you give us permission to send you information, recommendations and offers from Reka that are suitable for you. This is done electronically, such as z. E.g. by e-mail, telephone, SMS, instant messaging or analogue by letter.

Disclosure of information to third parties

Personal data is processed in accordance with the principle of legality (Art. 6 para. 1 FADP) and the principle of good faith (Art. 6 para. 2 FADP and Art. 2 CC).

The disclosure of information to third parties depends on the scope of the activities or offers of our website or our business model described below.

As a matter of principle, we only keep your information for as long as necessary and treat it confidentially. Exceptions to this are the transfer of personal data to debt collection service providers, to public bodies and authorities and to private individuals, who have a right to it due to legal regulations, court decisions or official orders as well as the transfer to authorities for the purpose of initiating legal proceedings or for law enforcement purposes if our legally protected rights are attacked.

Automatic identity and credit check for shipping on account or online payment

• What personal data is collected and to what extent is it processed?

  If you choose the payment method purchase on account or order online using a payment service, you will be asked during the ordering process to consent to the transmission of the data required for the processing of the payment and an identity and credit check. First name and surname, street, house number, postcode, town, date of birth, as well as the data related to your order.

• Legal basis for the processing of personal data

  Personal data is processed in accordance with the principle of legality (Art. 6 para. 1 FADP) and the principle of good faith (Art. 6 para. 2 FADP and Art. 2 CC).

  In direct connection with the conclusion or performance of a contract (Art. 31 para. 2 let. a FADP), there is an overriding interest in obtaining information about the identity of a contracting party. Directly in connection with the conclusion of a contract, personal data may be processed for the purpose of checking creditworthiness, provided that the personal data is not particularly sensitive or involves high-risk profiling, the data is disclosed to third parties only if they require the data for the conclusion or performance of a contract with the data subject, the data is not more than ten years old and the data subject is of legal age (Art. 31 para. 2 let. c. FADP). See also Art. 6 para. 1 lit. b GDPR (implementation of (pre)contractual measures).

• Purpose of data processing

  For the purpose of checking identity and creditworthiness, we transmit data to credit agencies and receive information and, if necessary, creditworthiness information from them. We receive information and, if applicable, creditworthiness information from these agencies on the basis of mathematical-statistical procedures, the calculation of which includes, among other things, address data (so-called score values). When using online payment services, we transmit your details to the corresponding partners and receive information from them to release the order for dispatch.

• Duration of storage

  We will store the relevant data for the processing of the payment for as long as it is necessary for the execution of the transaction. Insofar as the data is subject to statutory retention obligations, it will be deleted after the retention obligation has expired.

• Possibility of restriction, objection, correction and deletion as well as information

  You can restrict processing at any time in accordance with Art. 18 GDPR, object to processing in accordance with Art. 21 GDPR and request correction or deletion of data in accordance with Art. 16 or 17 GDPR. In accordance with Art. 25 FADP, you can request information at any time about whether personal data about you is being processed. You can thus at any time view the information that is necessary to enable you to assert your rights under the Data Protection Act and to ensure transparent data processing. If the information stored about you is incorrect, we will delete it and, if necessary, consult with the data protection advisor. You can find out which rights you are entitled to and how to assert them in the lower section of this data protection declaration.

Statistical analysis of visits to this website - Webtracker

We collect, process and store the following data when this website or individual files on the website are accessed: IP address, website from which the file was accessed, name of the file, date and time of access, amount of data transferred and report on the success of the access (so-called web log). We use this access data exclusively in non-personalised form for the continuous improvement of our website and for statistical purposes.

Any personal data is processed in accordance with the principle of legality (Art. 6 para. 1 FADP) and the principle of good faith (Art. 6 para. 2 FADP and Art. 2 CC). We also use the following web trackers to evaluate visits to this website:

• AdvertServe

  We use the service AdvertServe of the company Renegade Internet, Inc., PO BOX 5203, PA 16105 New Castle, United States on our website.

  Your personal data will be transferred to so-called insecure third countries which do not guarantee adequate data protection through their legislation. Your data will only be transferred if appropriate data protection is guaranteed. This can be guaranteed by:

  • contracts under international law
  • Data protection clauses in a contract between the controller or processor and his contractual partner, which have been notified in advance to the FDPIC
  • specific safeguards drawn up by the competent federal body and communicated in advance to the FDPIC
  • Standard data protection clauses which the FDPIC has approved, issued or recognised in advance, or
  • binding internal company data protection regulations which have been approved in advance by the FDPIC or by an authority responsible for data protection in a state which guarantees adequate protection

  If such guarantees do not exist, your data may only be disclosed if you have given your consent, if the disclosure is directly related to the conclusion or performance of a contract, or if the disclosure is necessary in the context of the enforcement of claims before courts and authorities or to protect public interests. From the EU's perspective, the data processing takes place in a third country for which there is no adequacy decision by the EU Commission. Therefore, the usual level of protection for the GDPR cannot be guaranteed for the transfer, as it cannot be ruled out that in the third country, e.g. authorities can access the collected data.your data can only be transferred to these third countries if it is ensured that the personal data are sufficiently protected at the recipient's. This can be done through the use of standard contractual clauses, in the case of data transfers within a corporate group through so-called Binding Corporate Rules, through an obligation to comply with codes of conduct that have been declared generally applicable by the Commission or through certification of the processing operation.

  The legal basis for the transmission of personal data is your consent pursuant to Art. 6 para. 6 FADP or Art. 31 para. 2 FADP and pursuant to Art. 6 para. 1 lit. a GDPR or Art. 9 para. 2 lit. a GDPR, which you have given on our website.

  The service is a plugin that we need to be able to show you all the content on our website. The service may also be used for tracking and/or advertising integration.

  You can revoke your consent at any time. You will find more information on revoking your consent either with the consent itself or at the end of this privacy policy.

  For further information on the handling of transmitted data, please refer to the provider's privacy policy at https://www.advertserve.com/privacy-policy/.

• CrazyEgg

  We use on our site the service CrazyEgg of the company Crazy Egg, Inc, 16220 E. Ridgeview Lane, 90638 La Mirada, United States, e-mail: privacy@crazyegg.com, website: https://www.crazyegg.com/. Your personal data will be transferred to so-called insecure third countries which do not guarantee adequate data protection through their legislation. Your data will only be transferred if appropriate data protection is guaranteed. This can be guaranteed by:

  • contracts under international law
  • Data protection clauses in a contract between the controller or processor and his contractual partner, which have been notified in advance to the FDPIC
  • specific safeguards drawn up by the competent federal body and communicated in advance to the FDPIC
  • Standard data protection clauses which the FDPIC has approved, issued or recognised in advance, or
  • binding internal company data protection regulations which have been approved in advance by the FDPIC or by an authority responsible for data protection in a state which guarantees adequate protection

  If such guarantees do not exist, your data may only be disclosed if you have given your consent, if the disclosure is directly related to the conclusion or performance of a contract, or if the disclosure is necessary in the context of the enforcement of claims before courts and authorities or to protect public interests. From the EU's perspective, the data processing takes place in a third country for which there is no adequacy decision by the EU Commission. Therefore, the usual level of protection for the GDPR cannot be guaranteed for the transfer, as it cannot be ruled out that in the third country, e.g. authorities can access the collected data.your data can only be transferred to these third countries if it is ensured that the personal data are sufficiently protected at the recipient's. This can be done through the use of standard contractual clauses, in the case of data transfers within a corporate group through so-called Binding Corporate Rules, through an obligation to comply with codes of conduct that have been declared generally applicable by the Commission or through certification of the processing operation.

  The legal basis for the transmission of personal data is your consent pursuant to Art. 6 para. 6 FADP or Art. 31 para. 2 FADP and pursuant to Art. 6 para. 1 lit. a GDPR or Art. 9 para. 2 lit. a GDPR, which you have given on our website.

  The service is a plugin that we need to be able to show you all the content on our website. The plugin makes our website more attractive and better to experience for our site visitors.

  You can revoke your consent at any time. You will find more information on revoking your consent either with the consent itself or at the end of this privacy policy.

  For further information on the handling of transmitted data, please refer to the provider's privacy policy at https://www.crazyegg.com/privacy.

  The provider also offers an opt-out option at https://www.crazyegg.com/opt-out..

• Custom Audiences

  We use on our site the service Custom Audiences of the company Meta Platforms Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, 2 Dublin, Ireland, e-mail: impressum-support@support.facebook.com, website: http://facebook.com/. According to the assessment of Swiss authorities, the processing takes place in safe third countries. You can find the list of countries in Switzerland and further information at the following link: https://www.edoeb.admin.ch/edoeb/de/home/datenschutz/handel-und-wirtschaft/uebermittlung-ins-ausland.html. Personal data is also transferred to the U.S. With regard to the transfer of personal data to the U.S., there is an adequacy decision on the EU-US Data Privacy Framework of the EU Commission within the meaning of Art. 45 of the GDPR (hereinafter: DPF - https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en ). The operator of the service is certified under the DPF, so that the usual level of protection of the GDPR applies to the transfer.

  The legal basis for the transmission of personal data is your consent pursuant to Art. 6 para. 6 FADP or Art. 31 para. 2 FADP and pursuant to Art. 6 para. 1 lit. a GDPR or Art. 9 para. 2 lit. a GDPR, which you have given on our website.

  Facebook Custom Audience is an advertising tool from Facebook that can be used to run targeted advertising campaigns to page visitors.

  You can access the parent company's certification under the EU-US Data Privacy Framework at https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt0000000GnywAAC.

  You can revoke your consent at any time. You will find more information on revoking your consent either with the consent itself or at the end of this privacy policy.

  For further information on the handling of transmitted data, please refer to the provider's privacy policy at https://www.facebook.com/about/privacy.

  The provider also offers an opt-out option at https://www.facebook.com/about/privacy.

• Facebook Connect

  We use on our site the service Facebook Connect of the company Meta Platforms Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, 2 Dublin, Ireland, e-mail: impressum-support@support.facebook.com, website: http://www.facebook.com/. According to the assessment of Swiss authorities, the processing takes place in safe third countries. You can find the list of countries in Switzerland and further information at the following link: https://www.edoeb.admin.ch/edoeb/de/home/datenschutz/handel-und-wirtschaft/uebermittlung-ins-ausland.html. Personal data is also transferred to the U.S. With regard to the transfer of personal data to the U.S., there is an adequacy decision on the EU-US Data Privacy Framework of the EU Commission within the meaning of Art. 45 of the GDPR (hereinafter: DPF - https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en ). The operator of the service is certified under the DPF, so that the usual level of protection of the GDPR applies to the transfer.

  The legal basis for the transmission of personal data is your consent pursuant to Art. 6 para. 6 FADP or Art. 31 para. 2 FADP and pursuant to Art. 6 para. 1 lit. a GDPR or Art. 9 para. 2 lit. a GDPR, which you have given on our website.

  Via Facebook Connect, users can use their Facebook profile to simplify logging in to other web services.

  You can access the certification under the EU-US Data Privacy Framework at https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt0000000GnywAAC.

  You can revoke your consent at any time. You will find more information on revoking your consent either with the consent itself or at the end of this privacy policy.

  For further information on the handling of transmitted data, please refer to the provider's privacy policy at https://www.facebook.com/about/privacy.

  The provider also offers an opt-out option at https://www.facebook.com/about/privacy.

• Google

  We use on our site the service Google of the company Google Ireland Limited, Gordon House, Barrow Street, 4 Dublin, Ireland, e-mail: support-deutschland@google.com, website: http://www.google.com/. According to the assessment of Swiss authorities, the processing takes place in safe third countries. You can find the list of countries in Switzerland and further information at the following link: https://www.edoeb.admin.ch/edoeb/de/home/datenschutz/handel-und-wirtschaft/uebermittlung-ins-ausland.html. Personal data is also transferred to the U.S. With regard to the transfer of personal data to the U.S., there is an adequacy decision on the EU-US Data Privacy Framework of the EU Commission within the meaning of Art. 45 of the GDPR (hereinafter: DPF - https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en ). The operator of the service is certified under the DPF, so that the usual level of protection of the GDPR applies to the transfer.

  The legal basis for the transmission of personal data is your consent pursuant to Art. 6 para. 6 FADP or Art. 31 para. 2 FADP and pursuant to Art. 6 para. 1 lit. a GDPR or Art. 9 para. 2 lit. a GDPR, which you have given on our website.

  We use Google in order to be able to load further services from Google on the website. The service is used to provide further Google services, such as the data processing required for the provision of streams and fonts and relevant Google search content. It is technically required in order to be able to exchange the site visitor's information already available to Google between the Google services and to be able to provide the site visitor with individual content adapted to his or her Google account.

  For the processing itself, the service or we collect the following data: Background data stored in the Google user account or at other Google services about the page visitor, background data for the provision of Google services such as streaming data or advertising data, data about the page user's use of Google search, details of the terminal device used, the IP address and the user's browser and other data from Google services for the provision of Google services related to our website.

  If the service is activated on our website, our website establishes a connection to the servers of Google Ireland Limited and transfers the required data. As part of the order processing, personal data may also be transmitted to the servers of the company Google LLC, 1600 Amphitheatre Parkway, 94043 Mountain View, United States. when using the Google service on our website, Google may transmit and process information from other Google services in order to provide background services for the display and data processing of the services provided by Google. For this purpose, data may also be transferred to the Google services Google Apis, Doubleclick, Google Cloud, and Google Ads and Google Fonts in accordance with the Google privacy policy. You can access the certification under the EU-US Data Privacy Framework at https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt000000001L5AAI&status=Active.

  You can revoke your consent at any time. You will find more information on revoking your consent either with the consent itself or at the end of this privacy policy.

  For further information on the handling of transmitted data, please refer to the provider's privacy policy at https://policies.google.com/privacy.

  The provider also offers an opt-out option at https://support.google.com/My-Ad-Center-Help/answer/12155451?hl=de.

• Google Ads

  We use on our site the service Google Ads of the company Google Ireland Limited, Gordon House, Barrow Street, 4 Dublin, Ireland, e-mail: support-deutschland@google.com, website: http://www.google.com/. According to the assessment of Swiss authorities, the processing takes place in safe third countries. You can find the list of countries in Switzerland and further information at the following link: https://www.edoeb.admin.ch/edoeb/de/home/datenschutz/handel-und-wirtschaft/uebermittlung-ins-ausland.html. Personal data is also transferred to the U.S. With regard to the transfer of personal data to the U.S., there is an adequacy decision on the EU-US Data Privacy Framework of the EU Commission within the meaning of Art. 45 of the GDPR (hereinafter: DPF - https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en ). The operator of the service is certified under the DPF, so that the usual level of protection of the GDPR applies to the transfer.

  The legal basis for the transmission of personal data is your consent pursuant to Art. 6 para. 6 FADP or Art. 31 para. 2 FADP and pursuant to Art. 6 para. 1 lit. a GDPR or Art. 9 para. 2 lit. a GDPR, which you have given on our website.

  Google Ads is an advertising system that allows us to place advertisements on external websites on the Internet to inform our customers about our services. Google Ads displays advertisements on external websites that are individually tailored to our clientele and lead to our website according to parameters set by us. If the site visitor clicks on the Google Ads advertisement, he or she is taken to our website. In order to be able to measure the Google Ads advertisements in terms of their success and remuneration, Google Ads carries out a measurement of the success of the advertising measure when our website is called up. our website processes the data provided by Google Ads in order to be able to analyse and improve our advertising measures and to calculate any remuneration that may be due.

  For the processing itself, the service or we collect the following data: Data on page visitors' advertising interests, page visitors' interactions with advertisements related to our website, data on the visit to our website by page visitors who have previously clicked on Google Ads advertisements and arrived at our website, data on the terminal device used, the IP address and the user's browser and further data from Google services for the provision and refinement of Google advertisements related to our website.

  if the service is activated on our website, our website establishes a connection to the servers of Google Ireland Limited and transfers the required data. As part of the order processing, personal data may also be transmitted to the servers of the company Google LLC, 1600 Amphitheatre Parkway, 94043 Mountain View, United States. when Google Ads are used on our website, Google may transmit and process information from other Google services in order to provide background services for the improvement and individualisation of Google advertising. For this purpose, data may also be processed by other Google services such as Google Apis, Google Cloud, Google Ads, Google Analytics, Google Tag Manager, Google Marketing Platform and Google Fonts in accordance with the Google privacy policy under Google's own responsibility under data protection law. You can access the certification under the EU-US Data Privacy Framework at https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt000000001L5AAI&status=Active.

  You can revoke your consent at any time. You will find more information on revoking your consent either with the consent itself or at the end of this privacy policy.

  For further information on the handling of transmitted data, please refer to the provider's privacy policy at https://policies.google.com/privacy.

  The provider also offers an opt-out option at https://support.google.com/My-Ad-Center-Help/answer/12155451?hl=de.

• Google Analytics

  • Scope of the processing of personal data

    On our site we use the web tracking service of the company Google Ireland Ltd., Gordon House, Barrow Street, 4 Dublin, Ireland, email: support-deutschland@google.com, website: http://www.google.com/ (hereinafter: Google Analytics). Within the scope of web tracking, Google-Analytics uses cookies that are stored on your computer and enable an analysis of the use of our website and your surfing behaviour (so-called tracking). We carry out this analysis on the basis of the Google Analytics tracking service in order to constantly optimise our website and make it more accessible. When you use our website, data such as your IP address and your user activities in particular are transmitted to servers of Google Ireland Limited. We carry out this analysis on the basis of Google's tracking service in order to constantly optimise our website and make it more accessible. We also need the web tracking for security reasons. Web tracking allows us to track whether third parties are attacking our website. The information from the web tracker enables us to take effective countermeasures and protect the personal data we process from these cyber attacks. By activating IP anonymisation within the Google Analytics tracking code of this website, your IP address will be anonymised by Google Analytics before transmission. This website uses a Google Analytics tracking code that has been extended by the operator gat._anonymizeIp(); to enable only anonymised collection of IP addresses (so-called IP masking).

  • Legal basis for the processing of personal data

    The legal basis for data processing is your consent in our information banner regarding the use of cookies and web tracking (consent through clear confirming action or behaviour) in accordance with Art. 13 Para. 1 FADP and Art. 6 Para. 1 lit. a GDPR.

  • Purpose of data processing

    Google will use this information on our behalf for the purpose of evaluating your visit to this website, compiling reports on website activity and providing us with other services relating to website activity and internet usage. We also require web tracking for security reasons. Web tracking allows us to track whether third parties are attacking our website. The information from the web tracker allows us to take effective countermeasures and protect the personal data we process from these cyber attacks.

  • Duration of storage

    Google will store the data relevant to the provision of web tracking for as long as is necessary to fulfil the booked web service. The data collection and storage is anonymised. If there is a reference to a person, the data will be deleted immediately, insofar as this is not subject to any statutory retention obligations. In any case, the data will be deleted after expiry of the retention period.

  • Opposition and deletion options

    You can prevent the collection and forwarding of personal data to Google (in particular your IP address) and the processing of this data by Google by deactivating the execution of script code in your browser or activating the "Do Not Track" setting of your browser. You can also prevent the collection of data generated by the Google cookie and related to your use of the website (including your IP address) by Google and the processing of this data by Google by downloading and installing the browser plug-in available at the following link (http://tools.google.com/dlpage/gaoptout?hl=de). Google's security and privacy policy can be found at https://policies.google.com/privacy.

• Google Analytics (Google Signals)

  We use on our site the service Google Analytics (Google Signals) of the company Google Ireland Ltd., Gordon House, Barrow Street, 4 Dublin, Ireland, e-mail: support-deutschland@google.com, website: http://www.google.com/. According to the assessment of Swiss authorities, the processing takes place in safe third countries. You can find the list of countries in Switzerland and further information at the following link: https://www.edoeb.admin.ch/edoeb/de/home/datenschutz/handel-und-wirtschaft/uebermittlung-ins-ausland.html. Personal data is also transferred to the U.S. With regard to the transfer of personal data to the U.S., there is an adequacy decision on the EU-US Data Privacy Framework of the EU Commission within the meaning of Art. 45 of the GDPR (hereinafter: DPF - https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en ). The operator of the service is certified under the DPF, so that the usual level of protection of the GDPR applies to the transfer.

  The legal basis for the transmission of personal data is your consent pursuant to Art. 6 para. 6 FADP or Art. 31 para. 2 FADP and pursuant to Art. 6 para. 1 lit. a GDPR or Art. 9 para. 2 lit. a GDPR, which you have given on our website.

  Google Analytics is a web tracker that analyses the behaviour of page visitors and their interactions with our website and provides us with evaluations and forecasts about the content and products of our website and their popularity (so-called tracking). we have integrated Google Analytics so that the service can compile an analysis of the page users' surfing behaviour. For this purpose, Google collects the page interactions of page visitors with our website and, if applicable, existing information resulting from the reading of cookies or other storage technologies and processes it statistically for us. google Analytics uses data processing technologies that make it possible to track individual page visitors and their interaction across devices and sessions with other Google services such as the Google Ads advertising network. Data from other Google services are also used to close data gaps by means of machine learning technologies, modelled statistics and forecasting functions and to create comprehensive statistics on the content of our website. If Google Analytics is activated on our website, the data determined by Google Analytics are transmitted to servers of Google Ireland Limited. As part of the order processing, personal data may also be transmitted to the servers of the parent company Google LLC, 1600 Amphitheatre Parkway, 94043 Mountain View, United States. The transmission of personal data also takes place in the U.S.A. We carry out the analysis through Google Analytics in order to constantly optimise our internet offer and make it more available. This is a so-called reach measurement.

  For the processing itself, the service or we collect the following data: Data on the interactions of page visitors with the content of the website, data on the handling of the services presented on our website, data from external Google services, insofar as they interact with our website, such as advertising data or data on behaviour in relation to advertising, data on the rough geographical origin, the browser used, operating system as well as further information on the end device used, where applicable, across devices and independent of the session.

  Google Analytics will store the data relevant to the provision of web tracking for as long as it is necessary to fulfil the booked web service. The data collection and storage is anonymised. Insofar as individual interactions of site visitors make it possible to subsequently establish a personal reference to specific actions, we will delete the collected data when the purpose has been achieved. The data will be deleted at the latest when it is not subject to any legal retention obligations. As a rule, we will delete this data after 12 months at the latest.

  You can revoke your consent at any time. You will find more information on revoking your consent either with the consent itself or at the end of this privacy policy.

  For further information on the handling of transmitted data, please refer to the provider's privacy policy at https://policies.google.com/privacy.

  The provider also offers an opt-out option at https://tools.google.com/dlpage/gaoptout?hl=de.

• Google Maps

  We use on our site the service Google Maps of the company Google Ireland Limited, Gordon House, Barrow Street, 4 Dublin, Ireland, e-mail: support-deutschland@google.com, website: http://www.google.com/. According to the assessment of Swiss authorities, the processing takes place in safe third countries. You can find the list of countries in Switzerland and further information at the following link: https://www.edoeb.admin.ch/edoeb/de/home/datenschutz/handel-und-wirtschaft/uebermittlung-ins-ausland.html. Personal data is also transferred to the U.S. With regard to the transfer of personal data to the U.S., there is an adequacy decision on the EU-US Data Privacy Framework of the EU Commission within the meaning of Art. 45 of the GDPR (hereinafter: DPF - https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en ). The operator of the service is certified under the DPF, so that the usual level of protection of the GDPR applies to the transfer.

  The legal basis for the transmission of personal data is your consent pursuant to Art. 6 para. 6 FADP or Art. 31 para. 2 FADP and pursuant to Art. 6 para. 1 lit. a GDPR or Art. 9 para. 2 lit. a GDPR, which you have given on our website.

  On our behalf, Google will use the information obtained via Google Maps to show you the map. Using Google Maps, you can find us faster and more accurately than with a simple non-interactive map. Likewise, the relevant data will be used to associate site visitors who view our Google Maps map, possibly with the aid of the Google advertising ID, and to link them with physical visits and calls to further contact information listed on Google. In this way, Google can make an assessment of the expected visitor flows.

  For the processing itself, the service or we collect the following data: Data required for the visualisation and display of location data in the form of a map, such as in particular IP address, information from Google background services such as Google Apis, search terms, IP address, coordinates, start location and destination when using the route planner, location data, Google advertising ID, Android advertising ID.

  We have concluded a joint processing agreement with Google with regard to Google Maps. You can find the content at https://privacy.google.com/intl/de/businesses/mapscontrollerterms/. if the service is activated on our website, our website establishes a connection to the servers of the company Google Ireland Limited and transfers the required data. As part of the order processing, personal data may also be transmitted to the servers of the company Google LLC, 1600 Amphitheatre Parkway, 94043 Mountain View, United States. when using the Google service on our website, Google may transmit and process information from other Google services in order to provide background services for the display and data processing of the services provided by Google. For this purpose, data processing may also be carried out by the Google services Google Apis, Google Cloud and Google Fonts in accordance with the Google data protection declaration under the data protection responsibility of Google. You can access the certification under the EU-US Data Privacy Framework at https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt000000001L5AAI&status=Active.

  You can revoke your consent at any time. You will find more information on revoking your consent either with the consent itself or at the end of this privacy policy.

  For further information on the handling of transmitted data, please refer to the provider's privacy policy at https://policies.google.com/privacy.

  The provider also offers an opt-out option at https://support.google.com/My-Ad-Center-Help/answer/12155451?hl=de.

• Google Tag Manager

  • What personal data is collected and to what extent is it processed?

    On our site, we use the Google Tag Manager service of the company Google Ireland Ltd., Gordon House, Barrow Street, 4 Dublin, Ireland, e-mail: support-deutschland@google.com, website: http://www.google.com/ (hereinafter: Google Tag Manager). Google Tag Manager offers a technical platform for executing and bundling other web services and web tracking programmes by means of so-called "tags". In this context, Google Tag Manager stores cookies on your computer and analyses your surfing behaviour (so-called "tracking"), insofar as web tracking tools are executed using Google Tag Manager. This data sent by individual tags integrated in Google Tag Manager is merged, stored and processed by Google Tag Manager under a uniform user interface. All integrated "tags" are listed separately again in this data protection declaration. You can find more information on the data protection of the tools integrated in Google Tag Manager in the respective section of this data protection declaration. When you use our website with the integration of Google Tag Manager tags activated, data, such as your IP address and your user activities in particular, are transmitted to servers of Google Ireland Limited. With regard to the web services integrated by means of Google Tag Manager, the regulations in the respective section of this data protection declaration apply. The tracking tools used in Google Tag Manager ensure that the IP address is anonymised by Google Tag Manager before transmission by means of IP anonymisation of the source code. In doing so, Google Tag Manager is only enabled to record IP addresses anonymously (so-called IP masking).

  • Legal basis for the processing of personal data

    The legal basis for data processing is your consent in our information banner regarding the use of cookies and web tracking (consent through clear confirming action or behaviour) in accordance with Art. 13 Para. 1 FADP and Art. 6 Para. 1 lit. a GDPR.

  • Purpose of data processing

    On our behalf, Google will use the information obtained by means of the Google Tag Manager to evaluate your visit to this website, to compile reports on website activity and to provide us with other services related to website and internet usage.

  • Duration of storage

    Google will store the data relevant to the function of Google Tag Manager for as long as is necessary to fulfil the booked web service. The data collection and storage is anonymised. If there is a reference to a person, the data will be deleted immediately, insofar as this is not subject to any legal obligations to retain data. In any case, the data will be deleted after expiry of the retention period.

  • Possibility of objection and deletion

    You can prevent the collection and forwarding of personal data to Google (in particular your IP address) and the processing of this data by Google by deactivating the execution of script code in your browser, installing a script blocker in your browser or activating the "Do Not Track" setting of your browser. In addition, you can prevent the collection of the data generated by the Google cookie and related to your use of the website (incl. your IP address) by Google as well as the processing of this data by Google by downloading and installing the browser plug-in available at the following link http://tools.google.com/dlpage/gaoptout?hl=de. Google's security and privacy policy can be found at https://policies.google.com/privacy.

• Gstatic

  We use on our site the service Gstatic of the company Google Ireland Limited, Gordon House, Barrow Street, 4 Dublin, Ireland, e-mail: support-deutschland@google.com, website: http://www.google.com/. According to the assessment of Swiss authorities, the processing takes place in safe third countries. You can find the list of countries in Switzerland and further information at the following link: https://www.edoeb.admin.ch/edoeb/de/home/datenschutz/handel-und-wirtschaft/uebermittlung-ins-ausland.html. Personal data is also transferred to the U.S. With regard to the transfer of personal data to the U.S., there is an adequacy decision on the EU-US Data Privacy Framework of the EU Commission within the meaning of Art. 45 of the GDPR (hereinafter: DPF - https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en ). The operator of the service is certified under the DPF, so that the usual level of protection of the GDPR applies to the transfer.

  The legal basis for the transmission of personal data is your consent pursuant to Art. 6 para. 6 FADP or Art. 31 para. 2 FADP and pursuant to Art. 6 para. 1 lit. a GDPR or Art. 9 para. 2 lit. a GDPR, which you have given on our website.

  Gstatic is a background service used by Google to retrieve static content in order to reduce bandwidth usage and preload required catalogue files. In particular, the service loads background data for Google Fonts and Google Maps.

  As part of the order processing, personal data may also be transferred to the servers of the company Google LLC, 1600 Amphitheatre Parkway, 94043 Mountain View, United States. You can access the certification under the EU-US Data Privacy Framework at https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt000000001L5AAI&status=Active.

  You can revoke your consent at any time. You will find more information on revoking your consent either with the consent itself or at the end of this privacy policy.

  For further information on the handling of transmitted data, please refer to the provider's privacy policy at https://policies.google.com/privacy.

  The provider also offers an opt-out option at https://support.google.com/My-Ad-Center-Help/answer/12155451?hl=de.

• Microsoft Advertising

  We use on our site the service Microsoft Advertising of the company Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park, Leopardstown, 18 Dublin , Ireland, e-mail: kunden@microsoft.com, website: https://www.microsoft.com/. According to the assessment of Swiss authorities, the processing takes place in safe third countries. You can find the list of countries in Switzerland and further information at the following link: https://www.edoeb.admin.ch/edoeb/de/home/datenschutz/handel-und-wirtschaft/uebermittlung-ins-ausland.html. Personal data is also transferred to the U.S. With regard to the transfer of personal data to the U.S., there is an adequacy decision on the EU-US Data Privacy Framework of the EU Commission within the meaning of Art. 45 of the GDPR (hereinafter: DPF - https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en ). The operator of the service is certified under the DPF, so that the usual level of protection of the GDPR applies to the transfer.

  The legal basis for the transmission of personal data is your consent pursuant to Art. 6 para. 6 FADP or Art. 31 para. 2 FADP and pursuant to Art. 6 para. 1 lit. a GDPR or Art. 9 para. 2 lit. a GDPR, which you have given on our website.

  Microsoft processes information about your interactions and activities to analyse your usage patterns in order to serve you targeted benefit- and interest-based advertising on the Microsoft Bing search engine and the Microsoft Audience Network using the UET-tag, which uses cookies to track your activities. The information collected is also used to target usage and interest-based advertising based on your usage. Details of the personal data processed in this way can be found at https://help.ads.microsoft.com/#apex/ads/de/53056/2/#exp6949. This data is stored for 390 days.

  The certification of the parent company Microsoft under the EU-US Data Privacy Framework can be found at https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt0000000KzNaAA.

  You can revoke your consent at any time. You will find more information on revoking your consent either with the consent itself or at the end of this privacy policy.

  For further information on the handling of transmitted data, please refer to the provider's privacy policy at https://privacy.microsoft.com/de-de/privacystatement.

  The provider also offers an opt-out option at https://optout.networkadvertising.org/.

• OneSignal

  We use on our site the service OneSignal of the company OneSignal, Inc, 2850 S Delaware St Suite 201, 94403 San Mateo, United States, e-mail: privacy@OneSignal.com, website: https://onesignal.com/. Your personal data will be transferred to so-called insecure third countries which do not guarantee adequate data protection through their legislation. Your data will only be transferred if appropriate data protection is guaranteed. This can be guaranteed by:

  • contracts under international law
  • Data protection clauses in a contract between the controller or processor and his contractual partner, which have been notified in advance to the FDPIC
  • specific safeguards drawn up by the competent federal body and communicated in advance to the FDPIC
  • Standard data protection clauses which the FDPIC has approved, issued or recognised in advance, or
  • binding internal company data protection regulations which have been approved in advance by the FDPIC or by an authority responsible for data protection in a state which guarantees adequate protection

  If such guarantees do not exist, your data may only be disclosed if you have given your consent, if the disclosure is directly related to the conclusion or performance of a contract, or if the disclosure is necessary in the context of the enforcement of claims before courts and authorities or to protect public interests. Personal data is also transferred to the U.S. With regard to the transfer of personal data to the U.S., there is an adequacy decision on the EU-US Data Privacy Framework of the EU Commission within the meaning of Art. 45 of the GDPR (hereinafter: DPF - https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en ). The operator of the service is certified under the DPF, so that the usual level of protection of the GDPR applies to the transfer.

  The legal basis for the transmission of personal data is your consent pursuant to Art. 6 para. 6 FADP or Art. 31 para. 2 FADP and pursuant to Art. 6 para. 1 lit. a GDPR or Art. 9 para. 2 lit. a GDPR, which you have given on our website.

  We use OneSignal to send you push messages. The purpose of sending push messages is to facilitate communication with you as a user of our website and to show you activities and communication within your browser. The data is also used for analysis purposes, e.g. to better adapt push messages to user interests.

  For the processing itself, the service or we collect the following data: User ID, IP address, browser information, data on usage behaviour, user interactions with the website

  You can access the certification under the EU-US Data Privacy Framework at https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt00000008wTNAAY.

  You can revoke your consent at any time. You will find more information on revoking your consent either with the consent itself or at the end of this privacy policy.

  For further information on the handling of transmitted data, please refer to the provider's privacy policy at https://onesignal.com/privacy_policy.

  The provider also offers an opt-out option at https://onesignal.com/privacy_policy#section7.

• Segment

  We use on our site the service Segment of the company Segment.io, Inc, 100 California St Suite 700, CA 94111 San Francisco, United States, e-mail: privacy@segment.com, website: https://segment.com/. Your personal data will be transferred to so-called insecure third countries which do not guarantee adequate data protection through their legislation. Your data will only be transferred if appropriate data protection is guaranteed. This can be guaranteed by:

  • contracts under international law
  • Data protection clauses in a contract between the controller or processor and his contractual partner, which have been notified in advance to the FDPIC
  • specific safeguards drawn up by the competent federal body and communicated in advance to the FDPIC
  • Standard data protection clauses which the FDPIC has approved, issued or recognised in advance, or
  • binding internal company data protection regulations which have been approved in advance by the FDPIC or by an authority responsible for data protection in a state which guarantees adequate protection

  If such guarantees do not exist, your data may only be disclosed if you have given your consent, if the disclosure is directly related to the conclusion or performance of a contract, or if the disclosure is necessary in the context of the enforcement of claims before courts and authorities or to protect public interests. From the EU's perspective, the data processing takes place in a third country for which there is no adequacy decision by the EU Commission. Therefore, the usual level of protection for the GDPR cannot be guaranteed for the transfer, as it cannot be ruled out that in the third country, e.g. authorities can access the collected data.your data can only be transferred to these third countries if it is ensured that the personal data are sufficiently protected at the recipient's. This can be done through the use of standard contractual clauses, in the case of data transfers within a corporate group through so-called Binding Corporate Rules, through an obligation to comply with codes of conduct that have been declared generally applicable by the Commission or through certification of the processing operation.

  The legal basis for the transmission of personal data is your consent pursuant to Art. 6 para. 6 FADP or Art. 31 para. 2 FADP and pursuant to Art. 6 para. 1 lit. a GDPR or Art. 9 para. 2 lit. a GDPR, which you have given on our website.

  The service collects information about your user behaviour on our site and prepares this for us as part of a technical analysis of user behaviour.

  You can revoke your consent at any time. You will find more information on revoking your consent either with the consent itself or at the end of this privacy policy.

  For further information on the handling of transmitted data, please refer to the provider's privacy policy at https://segment.com/docs/legal/privacy/.

  The provider also offers an opt-out option at https://segment.com/docs/legal/privacy/.

• Youtube

  We use on our site the service Youtube of the company Google Ireland Limited, Gordon House, Barrow Street, 4 Dublin, Ireland, e-mail: support-deutschland@google.com, website: http://www.google.com/. According to the assessment of Swiss authorities, the processing takes place in safe third countries. You can find the list of countries in Switzerland and further information at the following link: https://www.edoeb.admin.ch/edoeb/de/home/datenschutz/handel-und-wirtschaft/uebermittlung-ins-ausland.html. Personal data is also transferred to the U.S. With regard to the transfer of personal data to the U.S., there is an adequacy decision on the EU-US Data Privacy Framework of the EU Commission within the meaning of Art. 45 of the GDPR (hereinafter: DPF - https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en ). The operator of the service is certified under the DPF, so that the usual level of protection of the GDPR applies to the transfer.

  The legal basis for the transmission of personal data is your consent pursuant to Art. 6 para. 6 FADP or Art. 31 para. 2 FADP and pursuant to Art. 6 para. 1 lit. a GDPR or Art. 9 para. 2 lit. a GDPR, which you have given on our website.

  Videos from the Youtube platform are integrated on our website via the Youtube service. Through the integration, we can show you videos directly on our website. In this way, visitors to our website can view information about our services without having to visit the Youtube platform.

  For the processing itself, the service or we collect the following data: Data for displaying the stream, data on videos clicked on, playlists created, ratings and comments, information on the terminal device used, the IP address and the user's browser and further data from Google services for providing the video in accordance with the Google privacy policy

  if YouTube is activated on our website and a video is played, our website establishes a connection to the servers of Google Ireland Limited and transmits the data required to display the stream or video. As part of the order processing, personal data may also be transmitted to the servers of Google LLC, 1600 Amphitheatre Parkway, 94043 Mountain View, United States. the transfer of personal data also takes place in the USA. With regard to the transfer of personal data to the USA, there is an adequacy decision on the EU-US Data Privacy Framework of the EU Commission within the meaning of Art. 45 of the GDPR (hereinafter: DPF - https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en). The operator of the service is certified under the DPF, so that the usual level of protection of the GDPR applies to the transmission. When displaying the Youtube videos on our website, Youtube may transmit and process information from other Google services in order to provide background services for the video, such as streaming data. For this purpose, data may also be transferred to the Google services Google Fonts, Google Apis, Google Video, Doubleclick. You can access the certification within the framework of the EU-US Data Privacy Framework at https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt000000001L5AAI&status=Active.

  You can revoke your consent at any time. You will find more information on revoking your consent either with the consent itself or at the end of this privacy policy.

  For further information on the handling of transmitted data, please refer to the provider's privacy policy at https://policies.google.com/privacy.

  The provider also offers an opt-out option at https://support.google.com/My-Ad-Center-Help/answer/12155451?hl=de.

Integration of external web services and processing of data outside the EU

On our website, we use active content from external providers, so-called web services. By calling up our website, these external providers may receive personal information about your visit to our website. This may involve the processing of data outside of Switzerland and the EU. You can prevent this by installing an appropriate browser plug-in or deactivating the execution of scripts in your browser. This may result in functional restrictions on Internet pages that you visit.

We use the following external web services:

• Amplitude

  We use on our site the service Amplitude of the company Amplitude, Inc., 501 2nd St #100, 94107 San Francisco, United States, e-mail: idan@amplitude.com, website: https://amplitude.com/. Your personal data will be transferred to so-called insecure third countries which do not guarantee adequate data protection through their legislation. Your data will only be transferred if appropriate data protection is guaranteed. This can be guaranteed by:

  • contracts under international law
  • Data protection clauses in a contract between the controller or processor and his contractual partner, which have been notified in advance to the FDPIC
  • specific safeguards drawn up by the competent federal body and communicated in advance to the FDPIC
  • Standard data protection clauses which the FDPIC has approved, issued or recognised in advance, or
  • binding internal company data protection regulations which have been approved in advance by the FDPIC or by an authority responsible for data protection in a state which guarantees adequate protection

  If such guarantees do not exist, your data may only be disclosed if you have given your consent, if the disclosure is directly related to the conclusion or performance of a contract, or if the disclosure is necessary in the context of the enforcement of claims before courts and authorities or to protect public interests. From the EU's perspective, the data processing takes place in a third country for which there is no adequacy decision by the EU Commission. Therefore, the usual level of protection for the GDPR cannot be guaranteed for the transfer, as it cannot be ruled out that in the third country, e.g. authorities can access the collected data.your data can only be transferred to these third countries if it is ensured that the personal data are sufficiently protected at the recipient's. This can be done through the use of standard contractual clauses, in the case of data transfers within a corporate group through so-called Binding Corporate Rules, through an obligation to comply with codes of conduct that have been declared generally applicable by the Commission or through certification of the processing operation.

  The legal basis for the transmission of personal data is your consent pursuant to Art. 6 para. 6 FADP or Art. 31 para. 2 FADP and pursuant to Art. 6 para. 1 lit. a GDPR or Art. 9 para. 2 lit. a GDPR, which you have given on our website.

  The service is a plugin that we need to be able to show you all the content on our website. The plugin makes our website more attractive and better to experience for our site visitors.

  You can revoke your consent at any time. You will find more information on revoking your consent either with the consent itself or at the end of this privacy policy.

  For further information on the handling of transmitted data, please refer to the provider's privacy policy at https://amplitude.com/privacy.

• Font Awesome

  We use on our site the service Font Awesome of the company Fonticons Inc., 6 Porter Road, Apartment 3R, MA 02140 Cambridge, United States, e-mail: hello@fontawesome.com, website: https://fontawesome.com/. Your personal data will be transferred to so-called insecure third countries which do not guarantee adequate data protection through their legislation. Your data will only be transferred if appropriate data protection is guaranteed. This can be guaranteed by:

  • contracts under international law
  • Data protection clauses in a contract between the controller or processor and his contractual partner, which have been notified in advance to the FDPIC
  • specific safeguards drawn up by the competent federal body and communicated in advance to the FDPIC
  • Standard data protection clauses which the FDPIC has approved, issued or recognised in advance, or
  • binding internal company data protection regulations which have been approved in advance by the FDPIC or by an authority responsible for data protection in a state which guarantees adequate protection

  If such guarantees do not exist, your data may only be disclosed if you have given your consent, if the disclosure is directly related to the conclusion or performance of a contract, or if the disclosure is necessary in the context of the enforcement of claims before courts and authorities or to protect public interests. From the EU's perspective, the data processing takes place in a third country for which there is no adequacy decision by the EU Commission. Therefore, the usual level of protection for the GDPR cannot be guaranteed for the transfer, as it cannot be ruled out that in the third country, e.g. authorities can access the collected data.your data can only be transferred to these third countries if it is ensured that the personal data are sufficiently protected at the recipient's. This can be done through the use of standard contractual clauses, in the case of data transfers within a corporate group through so-called Binding Corporate Rules, through an obligation to comply with codes of conduct that have been declared generally applicable by the Commission or through certification of the processing operation.

  The legal basis for the transmission of personal data is your consent pursuant to Art. 6 para. 6 FADP or Art. 31 para. 2 FADP and pursuant to Art. 6 para. 1 lit. a GDPR or Art. 9 para. 2 lit. a GDPR, which you have given on our website.

  Through the Font Awesome service, fonts are reloaded on our site in order to show you the page in a visually better version.

  You can revoke your consent at any time. You will find more information on revoking your consent either with the consent itself or at the end of this privacy policy.

  For further information on the handling of transmitted data, please refer to the provider's privacy policy at https://fontawesome.com/privacy.

• Google Cloud APIs

  We use on our site the service Google Cloud APIs of the company Google Ireland Limited, Gordon House, Barrow Street, 4 Dublin, Ireland, e-mail: support-deutschland@google.com, website: http://www.google.com/. According to the assessment of Swiss authorities, the processing takes place in safe third countries. You can find the list of countries in Switzerland and further information at the following link: https://www.edoeb.admin.ch/edoeb/de/home/datenschutz/handel-und-wirtschaft/uebermittlung-ins-ausland.html. Personal data is also transferred to the U.S. With regard to the transfer of personal data to the U.S., there is an adequacy decision on the EU-US Data Privacy Framework of the EU Commission within the meaning of Art. 45 of the GDPR (hereinafter: DPF - https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en ). The operator of the service is certified under the DPF, so that the usual level of protection of the GDPR applies to the transfer.

  The legal basis for the transmission of personal data is your consent pursuant to Art. 6 para. 6 FADP or Art. 31 para. 2 FADP and pursuant to Art. 6 para. 1 lit. a GDPR or Art. 9 para. 2 lit. a GDPR, which you have given on our website.

  We use Google APIs in order to be able to load additional services from Google on the website. Google Apis is a collection of interfaces for communication between the various Google services used on your website. The service is used in particular to display the Google Fonts fonts and to provide the Google Maps map.

  For the processing itself, the service or we collect the following data: IP address

  If the service is activated on our website, our website establishes a connection to the servers of Google Ireland Limited and transfers the required data. As part of the order processing, personal data may also be transmitted to the servers of the company Google LLC, 1600 Amphitheatre Parkway, 94043 Mountain View, United States. when using the Google service on our website, Google may transmit and process information from other Google services in order to provide background services for the display and data processing of the services provided by Google. For this purpose, data may also be transferred to the Google services Google Cloud, Google Maps, Google Ads and Google Fonts in accordance with the Google privacy policy under the data protection responsibility of Google. You can access the certification under the EU-US Data Privacy Framework at https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt000000001L5AAI&status=Active.

  You can revoke your consent at any time. You will find more information on revoking your consent either with the consent itself or at the end of this privacy policy.

  For further information on the handling of transmitted data, please refer to the provider's privacy policy at https://policies.google.com/privacy.

  The provider also offers an opt-out option at https://support.google.com/My-Ad-Center-Help/answer/12155451?hl=de.

• Google Fonts

  We use on our site the service Google Fonts of the company Google Ireland Limited, Gordon House, Barrow Street, 4 Dublin, Ireland, e-mail: support-deutschland@google.com, website: http://www.google.com/. According to the assessment of Swiss authorities, the processing takes place in safe third countries. You can find the list of countries in Switzerland and further information at the following link: https://www.edoeb.admin.ch/edoeb/de/home/datenschutz/handel-und-wirtschaft/uebermittlung-ins-ausland.html. Personal data is also transferred to the U.S. With regard to the transfer of personal data to the U.S., there is an adequacy decision on the EU-US Data Privacy Framework of the EU Commission within the meaning of Art. 45 of the GDPR (hereinafter: DPF - https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en ). The operator of the service is certified under the DPF, so that the usual level of protection of the GDPR applies to the transfer.

  The legal basis for the transmission of personal data is your consent pursuant to Art. 6 para. 6 FADP or Art. 31 para. 2 FADP and pursuant to Art. 6 para. 1 lit. a GDPR or Art. 9 para. 2 lit. a GDPR, which you have given on our website.

  We use the Google Fonts service to be able to integrate attractive fonts on our website in order to be able to show you our website in a visually better version. The service may also be used on our website if other Google services are reloaded on our website that require Google Fonts fonts to run. This is the case, for example, if our website uses Google services that require Google Fonts to run.

  For the processing itself, the service or we collect the following data: Data on fonts, IP address of the page visitor, statistics on the use of fonts and other data from Google services related to our website.

  If the service is activated on our website, our website establishes a connection to the servers of Google Ireland Limited and transfers the required data. As part of the order processing, personal data may also be transmitted to the servers of the company Google LLC, 1600 Amphitheatre Parkway, 94043 Mountain View, United States. when using the Google service on our website, Google may transmit and process information from other Google services in order to provide background services for the display and data processing of the services provided by Google. For this purpose, data may also be transferred to the Google services Google Apis, Google Cloud and Google Ads in accordance with the Google privacy policy. You can access the certification under the EU-US Data Privacy Framework at https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt000000001L5AAI&status=Active.

  You can revoke your consent at any time. You will find more information on revoking your consent either with the consent itself or at the end of this privacy policy.

  For further information on the handling of transmitted data, please refer to the provider's privacy policy at https://policies.google.com/privacy.

  The provider also offers an opt-out option at https://support.google.com/My-Ad-Center-Help/answer/12155451?hl=de.

• Google reCaptcha

  We use on our site the service Google reCaptcha of the company Google Ireland Limited, Gordon House, Barrow Street, 4 Dublin, Ireland, e-mail: support-deutschland@google.com, website: http://www.google.com/. According to the assessment of Swiss authorities, the processing takes place in safe third countries. You can find the list of countries in Switzerland and further information at the following link: https://www.edoeb.admin.ch/edoeb/de/home/datenschutz/handel-und-wirtschaft/uebermittlung-ins-ausland.html. Personal data is also transferred to the U.S. With regard to the transfer of personal data to the U.S., there is an adequacy decision on the EU-US Data Privacy Framework of the EU Commission within the meaning of Art. 45 of the GDPR (hereinafter: DPF - https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en ). The operator of the service is certified under the DPF, so that the usual level of protection of the GDPR applies to the transfer.

  The legal basis for the transmission of personal data is your consent pursuant to Art. 6 para. 6 FADP or Art. 31 para. 2 FADP and pursuant to Art. 6 para. 1 lit. a GDPR or Art. 9 para. 2 lit. a GDPR, which you have given on our website.

  If Google reCaptcha is activated on our website, the data determined by Google reCaptcha will be transmitted to servers of the company Google Ireland Limited. As part of the order processing, personal data may also be transmitted to the servers of the parent company Google LLC, 1600 Amphitheatre Parkway, 94043 Mountain View, United States. based on specific characteristics and an analysis of page behaviour, the service recognises whether the entries made are automated entries by means of a programme (so-called bot) or human. The service has three different levels. Either the service automatically recognises that the input is not automated by a bot or it lets the user select a captcha checkbox. A third option is the display of small image or voice tasks / text tasks that have to be solved by the site visitor. Google reCaptcha is a capcha service that is used on our website for security reasons to prevent bots (robot programs) from interacting with our website. Google reCaptcha verifies on our behalf that only humans and not bots can use our website. This enables us to protect the special functions of our website (e.g. contact forms or other input options such as the login area) from improper page access.

  For the processing itself, the service or we collect the following data: User behaviour (e.g. mouse gestures or input behaviour), IP address, browser data, computer information.

  If you wish to use the Google reCaptcha-protected input options on our website, you must allow the use of Google reCaptcha and, if necessary, solve the corresponding captchas. If you do not fill in the captcha or do not allow the use of Google reCaptcha, you will not be able to use the form protected by the captcha. Alternatively, you can always use our other contact options (e.g. post or email). You can access the certification under the EU-US Data Privacy Framework at https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt000000001L5AAI&status=Active.

  You can revoke your consent at any time. You will find more information on revoking your consent either with the consent itself or at the end of this privacy policy.

  For further information on the handling of transmitted data, please refer to the provider's privacy policy at https://policies.google.com/privacy.

  The provider also offers an opt-out option at https://support.google.com/My-Ad-Center-Help/answer/12155451?hl=de.

• Jsdelivr

  We use on our site the service Jsdelivr of the company Prospect One Sp., Krolweska 65A, 30-081 Krakow, Poland, e-mail: hello@prospectone.io, website: https://prospectone.io/. According to the assessment of Swiss authorities, the processing takes place in safe third countries. You can find the list of countries in Switzerland and further information at the following link: https://www.edoeb.admin.ch/edoeb/de/home/datenschutz/handel-und-wirtschaft/uebermittlung-ins-ausland.html. The transmission and processing of personal data takes place exclusively on servers in the European Union.

  The legal basis for the transmission of personal data is our legitimate interest in processing pursuant to Art. 6 para. 1 lit. f GDPR. Our legitimate interest lies in achieving the purpose described below.

  JSDelivr is a content delivery network that mirrors our content across different servers to ensure optimal accessibility worldwide.

  With regard to the processing, you have the right of objection listed in Art. 21 GDPR. You can find more information at the end of this privacy policy.

  For further information on the handling of transmitted data, please refer to the provider's privacy policy at https://www.jsdelivr.com/privacy-policy-jsdelivr-com.

• Legally ok Rechtstextsnippet und Module

  We use on our site the service Legally ok Rechtstextsnippet und Module of the company Legally ok GmbH, Schochenmühlestrasse 6, 6340 Baar, Switzerland, e-mail: hello@legally-ok.com, website: https://www.legally-ok.com/. Processing is carried out exclusively in Switzerland in accordance with the data protection legislation applicable there. The processing also takes place in a third country outside the EU. For this third country, there is an adequacy decision of the Commission. On the page of the EU Commission (link: https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/adequacy-decisions_de) you will find an up-to-date list of all adequacy decisions.

  The legal basis for the transmission and processing is Art. 31 para. 1 FADP and Art. 6 para. 1 lit. c GDPR. The use of the service helps us to comply with our legal obligations.

  With the help of the service, the contents of our legal texts are reloaded on our website. The respective current legal texts are reloaded via the integration on our page. This integration may also be used to reload further technical modules with regard to the legal texts or legally required elements.

  You can find out what rights you have with regard to processing at the end of this privacy statement.

  For further information on the handling of transmitted data, please refer to the provider's privacy policy at https://www.legally-ok.com/datenschutz/.

• LinkedIn

  We use on our site the service LinkedIn of the company LinkedIn Ireland Unlimited Company, Wilton Place, 2 Dublin, Ireland, e-mail: info_impressum@cs.linkedin.com, website: https://www.linkedin.com/. According to the assessment of Swiss authorities, the processing takes place in safe third countries. You can find the list of countries in Switzerland and further information at the following link: https://www.edoeb.admin.ch/edoeb/de/home/datenschutz/handel-und-wirtschaft/uebermittlung-ins-ausland.html. From the EU's perspective, the data processing takes place in a third country for which there is no adequacy decision by the EU Commission. Therefore, the usual level of protection for the GDPR cannot be guaranteed for the transfer, as it cannot be ruled out that in the third country, e.g. authorities can access the collected data.your data can only be transferred to these third countries if it is ensured that the personal data are sufficiently protected at the recipient's. This can be done through the use of standard contractual clauses, in the case of data transfers within a corporate group through so-called Binding Corporate Rules, through an obligation to comply with codes of conduct that have been declared generally applicable by the Commission or through certification of the processing operation.

  The legal basis for the transmission of personal data is your consent pursuant to Art. 6 para. 6 FADP or Art. 31 para. 2 FADP and pursuant to Art. 6 para. 1 lit. a GDPR or Art. 9 para. 2 lit. a GDPR, which you have given on our website.

  When using the Linkedin plugin, we establish a connection to the Linkedin platform in order to give logged-in Linkedin members the opportunity to interact with us.

  You can revoke your consent at any time. You will find more information on revoking your consent either with the consent itself or at the end of this privacy policy.

  For further information on the handling of transmitted data, please refer to the provider's privacy policy at https://www.linkedin.com/legal/privacy-policy?trk=uno-reg-guest-home-privacy-policy.

  The provider also offers an opt-out option at https://www.linkedin.com/help/linkedin/answer/68763?lang=de.

• YUMPU

  We use on our site the service YUMPU of the company i-magazine AG, Gewerbestraße 3, 9444 Diepoldsau, Switzerland, e-mail: privacy@yumpu.com, website: https://www.yumpu.com/de. Processing is carried out exclusively in Switzerland in accordance with the data protection legislation applicable there. The processing also takes place in a third country outside the EU. For this third country, there is an adequacy decision of the Commission. On the page of the EU Commission (link: https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/adequacy-decisions_de) you will find an up-to-date list of all adequacy decisions.

  The legal basis for the transmission of personal data is your consent pursuant to Art. 6 para. 6 FADP or Art. 31 para. 2 FADP and pursuant to Art. 6 para. 1 lit. a GDPR or Art. 9 para. 2 lit. a GDPR, which you have given on our website.

  With the help of Yumpu, we can upload and display digital magazine content on our website.

  You can revoke your consent at any time. You will find more information on revoking your consent either with the consent itself or at the end of this privacy policy.

  For further information on the handling of transmitted data, please refer to the provider's privacy policy at https://www.yumpu.com/de/info/privacy_policy.

  The provider also offers an opt-out option at https://www.yumpu.com/de/info/privacy_policy.

• Social Plug-In - "Facebook by META"

  • What personal data is collected and to what extent is it processed?

    On our website we have integrated a social plug-in of the social network "Facebook by META", which is operated by the Meta Platforms Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, 2 Dublin, Ireland, e-mail: impressum-support@support.facebook.com, website: http://www.facebook.com/ ("Facebook by META"). When you call up a page that contains such a plug-in, your browser automatically establishes a background connection to the servers of Facebook by META. The content of the plug-in is transmitted directly to your browser by Facebook by META and only integrated into our site. Through this integration, Facebook by META receives the information that your browser has loaded a specific page of our website. This also applies if you do not have a Facebook by META profile or are not currently logged in to Facebook by META. This information (including your IP address) is transmitted by your browser directly to a server of Facebook by META in Ireland and stored there. If you are logged in to Facebook by META, Facebook by META can immediately assign your visit to our website to your Facebook by META profile. If you interact with the plug-ins, for example by clicking the "Like" button or posting a comment, this information is also transmitted directly to a server of Facebook by META and stored there. The information is also published on your Facebook by META profile and displayed to your Facebook by META contacts that you have activated for this purpose.

  • Legal basis for the processing of personal data

    Relevant are Art. 6 ff. FADP as well as Art. 6 para. 1 lit. a GDPR (if you have registered with "Facebook by META") and Art. 6 para. 3 FADP as well as Art. 6 para. 1 lit. f GDPR (if you have not registered with Facebook by META ). Insofar as the processing is carried out on the basis of Art. 6 para. 1 sentence 1 lit. f GDPR, the legitimate interest of the site operator is to enable user interaction with the content of the site operator at Facebook by META.

  • Purpose of data processing

    The primary purpose of the data collection is to offer you a possibility of social interaction linked to Facebook by META and thus to make our website interactive. The scope of data collection and the further processing and use of the data you leave behind by Facebook by META as well as your rights in this regard and setting options for protecting your privacy can be found in the data protection notes of Facebook by META: https://www.facebook.com/about/privacy

  • Duration of storage

    Facebook by META will store the data relevant for the provision of the web service for as long as it is necessary. Insofar as the data is subject to statutory retention obligations, it will be deleted after the retention obligation has expired.

  • Possibility of objection and deletion

    If you do not want the social plug-in from Facebook by META to run, you can also prevent it from running by installing an appropriate add-on or script blocker. If you do not want Facebook by META to assign the data collected via our website to your Facebook by META profile, you must log out of Facebook by META before visiting our website. The right to information, correction and deletion, as well as the right to restrict processing and the right to object, are also governed by the general regulations on the right to object and the right to deletion under data protection law described below in this data protection declaration.

Data security and data protection, communication by e-mail

Your personal data is protected by technical and organisational measures during collection, storage and processing so that it is not accessible to third parties. In the case of unencrypted communication by e-mail, we cannot guarantee complete data security on the transmission path to our IT systems, so we recommend encrypted communication or the postal service for information requiring a high level of confidentiality.

Duration of data storage and rights of the data subject

Duration of storage

We store personal data only to the extent and for as long as necessary to fulfil the purposes for which the personal data was collected, we have a legitimate overriding interest in retaining the data or are legally obliged to do so.

Right to information

You have the right to request confirmation as to whether we are processing personal data about you. If this is the case, you have the right to information on the data specified in 25 ff. FADP or Art. 15 para. 1 GDPR, insofar as the information cannot be refused, restricted or postponed by the owner of the data collection (cf. Art. 26 f. FADP or Art. 15 para. 4 GDPR). We will also be happy to provide you with a copy of the data.

Right of rectification

Pursuant to Art. 32 (1) FADP or Art. 16 GDPR, you have the right to demand that incorrect personal data (e.g. address, name, etc.) be corrected, provided that there is no legal obligation to the contrary. You can also request that the data stored by us be completed at any time. A corresponding adjustment will be made immediately.

Right to erasure

Pursuant to Article 17 (1) of the GDPR, you have the right to have us delete the personal data we have collected about you if

• the data is either no longer required;
• the legal basis for processing has ceased to exist without replacement due to the revocation of your consent;
• there are no longer any legitimate reasons for processing the data;
• Your data is being processed unlawfully;
• a legal obligation requires this.

Pursuant to Article 17 (3) of the GDPR, this right does not exist if

• the processing is necessary for the exercise of the right to freedom of expression and information;
• Your data has been collected on the basis of a legal obligation;
• processing is necessary for reasons of public interest;
• the data is necessary for the assertion, exercise or defence of legal claims.

Right to restrict processing

According to Art. 18 (1) GDPR, you have the right to request the restriction of the processing of your personal data in individual cases.

This is the case when

• the accuracy of the personal data is disputed by you;
• the processing is unlawful and you do not consent to its deletion;
• the data is no longer required for the purpose of processing, but the collected data is used for the assertion, exercise or defence of legal claims;
• an objection to the processing has been lodged pursuant to Art. 21 (1) GDPR and it is still unclear which interests prevail.

Right of withdrawal

If you have given us express consent to process your personal data (Art. 6 para. 6 FADP and Art. 31 para. 1 FADP; Art. 6 para. 1 lit. a GDPR or Art. 9 para. 2 lit. a GDPR), you may revoke this consent at any time. Please note that the lawfulness of the processing carried out on the basis of the consent up to the revocation is not affected by this. Information for which we are legally obliged to retain data will be deleted after expiry of the deadline.

Right to object

In accordance with Art. 21 of the GDPR, you have the right to object at any time to the processing of personal data relating to you that has been collected on the basis of Art. 6 (1) f of the GDPR (in the context of a legitimate interest). If you have given us express consent to process your personal data (Art. 6 para. 6 FADP and Art. 31 para. 1 FADP), you may revoke this consent at any time. Please note that the lawfulness of the processing carried out on the basis of the consent up to the revocation is not affected by this. You only have this right if there are special circumstances that speak against the storage and processing. Information for which we are legally obliged to store data will be deleted after expiry of the deadline.

How do you exercise your rights?

You can exercise your rights at any time by contacting us using the contact details below:

Schweizer Reisekasse (Reka) Genossenschaft
Neuengasse 15
Postfach
3011 Bern
Switzerland
E-mail: datenschutz@reka.ch
Tel: +41 (0)31 329 66 33

Right to data portability

Pursuant to Article 20 of the GDPR, you have a right to the transfer of personal data relating to you. We will provide the data in a structured, common and machine-readable format. The data can be sent either to you or to a person responsible named by you.

We will provide you with the following data upon request:

• Data collected on the basis of consent (Art. 31 para. 1 FADP as well as Art. 6 para. 1 let. a GDPR);
• Data that we have received from you in the context of existing contracts (Art. 31 para. 2 let. a FADP as well as Art. 6 para. 1 let. b GDPR and Art. 9 para. 2 let. a GDPR);
• Data that has been processed as part of an automated procedure.

We will transfer the personal data directly to a responsible person of your choice as far as this is technically feasible. Please note that we are not permitted to transfer data that interferes with the overriding interests of third parties, or only to a limited extent, pursuant to Art. 26 (1) b FADP or Art. 20 (4) GDPR.

Notifications to the FDPIC and possibility to file a complaint

Pursuant to Art. 49 FADP, data subjects may file a report with the supervisory authority if there are sufficient indications that a data processing operation could violate data protection regulations. The supervisory authority for data protection in Switzerland is the Federal Data Protection and Information Commissioner (FDPIC).

For further information, please consult the contact form of the FDPIC: https://www.edoeb.admin.ch/edoeb/de/home/deredoeb/kontakt.html

If you suspect that your data is being processed illegally on our website, you can seek clarification of the issue in court in accordance with Art. 32 FADP. As a rule, a lawsuit in accordance with Art. 28 ff. CC should be sought. If you are affected by the processing of data by federal bodies, the procedure is in accordance with Art. 41 FADP. In this case, you can also contact the FDPIC (see the reference to the contact form above).

Right of appeal to the supervisory authority pursuant to Art. 77 para. 1 GDPR

If you suspect that your data is being processed illegally on our site, you can of course have the issue clarified by the courts at any time. In addition, any other legal option is open to you. Irrespective of this, you have the option of contacting a supervisory authority in accordance with Article 77 (1) of the GDPR. The right of appeal pursuant to Art. 77 GDPR is available to you in the EU Member State of your place of residence, your place of work and/or the place of the alleged infringement, i.e. you can choose the supervisory authority to which you turn from the above-mentioned places. The supervisory authority to which the complaint has been submitted will then inform you of the status and outcome of your submission, including the possibility of a judicial remedy pursuant to Art. 78 GDPR.