Data Privacy Statement of Limatec AG
In this Data Privacy Statement, we at Limatec AG, Kreuzlingerstrasse 71, 8590 Romanshorn, Switzerland, (hereafter Limatec, we or us) explain how we collect and otherwise process personal data. This is not an exhaustive description; if need be, other data privacy statements, general terms and conditions, and similar documents govern specific matters. Personal data is defined as any data concerning an identified or identifiable individual.
When you provide us with personal data of other individuals (e.g. family members, data concerning col-leagues), please ensure that these individuals are familiar with this Data Privacy Statement, and only share their personal data with us if you are permitted to do so and if that personal data is accurate.
This Data Privacy Statement is based on the EU General Data Protection Regulation (GDPR). Even though the GDPR is a Regulation of the European Union, it is important for us. Switzerland’s Federal Act on Data Protection (FADP) is strongly influenced by EU law and, under certain circumstances, compa-nies outside the European Union or EEA must abide by the GDPR.
1. Controller / Data protection officer / Representative
Verantwortlich für die Datenbearbeitungen, die wir hier beschreiben, ist
The controller for data processing, which we describe here, is
Küchen- und Haushaltstechnik
8590 Romanshorn, Switzerland
Telephone: +41 (0)71 466 75 40
If you wish to raise any concerns regarding data protection law, please write to us at the following con-tact address: firstname.lastname@example.org or send a fax to 0041(0) 71 466 75 49
2. Collection and processing of personal data
We primarily process personal data which we receive, as part of our business relationships with our cus-tomers and other business partners, from them and from other stakeholders, and we process data that we collect from users of the websites, apps and other applications we operate.
To the extent permitted, we also obtain certain data from publicly available sources (e.g. debt collection registers, land registers, commercial registers, the press, the internet) or receive such data from authori-ties or other third parties (e.g. credit insurers, statistical offices). In addition to the data you provide di-rectly to us, there are categories of personal data concerning yourself that we receive from third parties, in particular information from public registers, information we learn of in connection with official and court proceedings, information relating to your professional duties and activities (e.g. which assist us in concluding transactions and transacting business with your employer); information about you in corre-spondence and discussions with third parties; credit rating information (insofar we transact business with you personally); information about you that is provided to us by people close to you (family, advisers, legal representatives, etc.), which assists us in concluding and executing contracts with you or with your involvement (e.g. references, your address for deliveries, powers of attorney); information regarding compliance with statutory requirements such as export restrictions and the combating of money launder-ing; information from banks, insurance companies, our sales partners and other contracting parties in relation to the use of services or their provision by you (e.g. payments made, purchases made); infor-mation from the media and internet regarding yourself (where this is appropriate in the specific case, e.g. in relation to an application, press review, marketing/sales, etc.); your addresses and, where appropriate, interests and other sociodemographic data (for marketing); data in connection with use of the website (e.g. IP address, MAC address of the smartphone or computer); and finally, information regarding your device and its settings, cookies, the date and time of the visit, pages and content retrieved, functions used, the referring website, location data).
3. Purposes of data processing and the legal bases
We primarily use the personal data we collect in order to conclude contracts and transact business with our customers and business partners, in particular as part of the trade in kitchens, household appliances and electrical products and other related activities with our customers, and the purchase of products and services from our suppliers and subcontractors, as well as in order to fulfil our statutory obligations in Switzerland and abroad. When you engage in activities for such a customer or business partner, you in the position you hold and your personal data may, of course, also be involved.
Furthermore, we process your personal data and that of other individuals to the extent permitted and where we deem appropriate, including for the following purposes in which we (and, in some cases, third parties) have a legitimate interest corresponding to the Purpose:
- The supply and further development of our offers, services and websites, apps and other platforms on which we are present;
- communication with third parties and the processing of their enquiries (e.g. applications, media en-quiries);
- the examination and optimisation of processes for demand analysis for the purpose of addressing customers directly and the collection of personal data from publicly available sources for the pur-pose of customer acquisition;
- advertising and marketing (including the staging of events) insofar as you have not objected to the use of your data (if we send promotional material to you as an existing customer, you may object to this at any time and we will then place you on a list of people to whom such material will no longer be sent);
- market and opinion research, media monitoring;
- the establishment and defence of legal claims in connection with legal disputes and official pro-ceedings;
- the prevention and investigation of offences and other misconduct (e.g. by carrying out internal investigations, analysing data to combat fraud);
- securing our operations, including our IT, websites, apps and other platforms;
- video surveillance to uphold our company rules, and other measures (e.g. access controls, visitors lists, network and mail scanners, telephone records) to ensure IT, building and facility security and the safeguarding of our employees and other persons and of valuable items entrusted to our care;
- purchase and sale of business units, companies or parts of companies, and other corporate trans-actions, and in connection with these the transfer of personal data, as well as measures for busi-ness management, and to the extent necessary for compliance with statutory and regulatory obliga-tions and our company’s own internal regulations.
If you have granted us a consent to process your personal data for certain purposes (for example, when registering to receive newsletters or agreeing to the carrying out of background checks), we process your personal data within the framework of and based on that consent insofar as we have no other legal basis and require such a basis. A consent that has been granted can be withdrawn at any time. This has no effect on data processing that has already taken place, however.
4. Cookies / tracking and other technologies in relation to use of our websites
By using our websites and granting your consent to receive newsletters and other marketing e-mails, you agree to the use of these techniques. If you do not wish to do so, you must set your browser and e-mail program accordingly.
Google Analytics or other statistics services
We sometimes use Google Analytics or similar services on our websites. These services are provided by third parties which may be located in another country (in the case of Google Analytics, this is Google LLC in the USA, www.google.com), with which we can measure and analyse usage of the website (not in relation to individuals). Permanent cookies, placed by the service provider, are also used to that end. The service provider does not receive any personal data from us (nor does it retain any IP addresses), but it can track your use of the website, combine that information with data from other websites you have visited and which are also tracked by that service provider, and use what it has learned for its own pur-poses (e.g. to manage advertising). If you have registered with the service provider itself, the service provider can also identify you. The service provider will then process your personal data under its own responsibility and in accordance with its data protection policy. The service provider only informs us how our respective website is used (no information about you personally).
Objecting to data collection You can prevent Google Analytics from collecting your data by click-ing on the following link. An opt-out cookie is set that prevents the collection of your data when you visit this website in future. Click here to deactivate Google Analytics
Social media plugins
We also use plugins from social networks such as Twitter, Facebook and Google+ on our websites. You can always see that this is the case (generally from corresponding symbols). We have configured these elements so that they are deactivated until you activate them. If you activate them (by clicking them), the operators of the respective social networks can recognise that you are on our website, and where you are on the website, and can use that information for their own purposes. The operator will then process your personal data under its own responsibility and in accordance with its data protection policy. We do not receive any information about you.
5.Data transfer and data transmission to other countries
Within the framework of our business operations and for the purposes listed in section 3, to the extent permitted and where we deem appropriate, we also disclose data to third parties either because they process it on our behalf or because they intend to use it for their own purposes. In such cases, data is transferred in particular to the following:
- Dienstleister von uns (wie z.B. Banken, Versicherungen), einschliesslich Auftragsbearbeitern (wie z.B. IT-Provider);
- wholesalers and retailers, suppliers, subcontractors and other business partners
- authorities, government agencies and courts in Switzerland and abroad;
- the media
- the public, including visitors to websites and social media;
- competitors, industry organisations, associations, organisations and other bodies;
- purchasers or potential purchasers of business units, companies or other parts of LIMATEC;
- other parties in possible or actual legal proceedings;
all are recipients .
Some of these recipients are located in Switzerland, others may be in any other country. In particular, you must assume that your data may be transmitted to any country in which we have branches or other offices as well as other European countries and the USA, where the service providers we use are based (e.g. Microsoft). When we send data to a country without an appropriate level of statutory data protection, we use, as required by law, corresponding contracts (specifically based on standard contractual clauses of the European Commission, which can be viewed here, here and here) or binding corporate rules for an appropriate level of protection, or we base our actions on the statutory derogations of consent, contract execution, the establishment, exercise or enforcement of legal claims, overriding public interests, published personal data or because such data transfer is necessary to protect the integrity of individuals. You may, at any time, obtain from the contact person named under section 1 a copy of the aforementioned contractual guarantees insofar as they are not already stated above. However, we reserve the right to redact copies or only supply extracts from them for reasons of data privacy or on grounds of secrecy.
6. Duration of retention of personal data
We process and store your personal data for as long as is required to meet our contractual and statutory obligations or otherwise to fulfil the purposes pursued with the processing, i.e. for example for the duration of the whole business relationship (from its initiation, through its execution until completion of a contract) as well as, furthermore, in accordance with the statutory retention and documentation obligations. It may happen that personal data is retained for the period of time during which claims can be asserted against our company or during which we are subject to other statutory obligations or this is required by legitimate business interests (e.g. for evidential and documentary purposes). As soon as your personal data is no longer required for the aforementioned purposes, it is, if possible, erased or anonymised. Shorter retention periods of twelve months or less apply to operational data (e.g. system logs, logs).
7. Data security
We take appropriate organisational and technical security measures to protect your personal data against access by unauthorised persons and misuse. These measures include IT and network security solutions, access controls and restrictions, the encryption of data carriers and transmissions, pseudonymisation and checks,
8. Obligation to provide personal data
As part of our business relationship, you have to provide us with the personal data necessary to commence and carry out a business relationship and to meet the contractual obligations relating to it (you are not normally under a statutory obligation to provide us with data). Without that data, we are not usually in a position to conclude or execute a contract with you (or the body or person you represent). The website cannot be used either if certain information used to secure data communication (e.g. your IP address) is not disclosed.
Our processing of your personal data is partially automated. The aim of this is to assess certain personal aspects (profiling). We use profiling in particular in order to provide you with targeted information and advice about products. In so doing, we use analysis tools that assist us with communication and advertising based on your requirements, including market and opinion research.
10. Rights of the data subject
Under the data protection legislation applicable to you and insofar as is provided for therein (as, for example, in the case of the GDPR), you have the right to be provided with information, the right to rectification, to erasure, to the restriction of data processing and, otherwise, the right to object to our data processing as well as the right to have certain personal data released for the purposes of transfer to another party (data portability). Please note, however, that we reserve the right on our part to apply statutory restrictions, for example when we are obliged to retain or process certain data, have an overriding interest in it (insofar as we can rely on that) or need that data to establish claims. If this incurs costs for you, we will inform you in advance. In section 3 we have already informed you about the possibility to withdraw your consent. Please note that the exercise of these rights may be in conflict with contractual arrangements and this may have consequences such as premature termination of a contract or cost implications. If this is the case, we will inform you in advance where this is not already covered by a contract.
The exercise of such rights is generally based on the assumption that you can provide clear evidence of your identity (e.g. through a copy of your ID if your identity is otherwise not clear or cannot be verified by other means). To assert your rights, you can contact us at the address stated in section 1.
Moreover, every data subject has the right to enforce their claims through the courts or by submitting a complaint to the competent data protection authority. The competent data protection authority in Switzerland is the Federal Data Protection and Information Commissioner (http://www.edoeb.admin.ch).
We may amend this Data Privacy Statement at any time without notice. The most recent version published on our website applies. If the Data Privacy Statement forms part of an agreement with you and is updated, we will inform you about the change by e-mail or in another appropriate way.