Privacy Policy

1. Introduction

This Privacy Policy relates to the use of our online offering at www.swissgetal.ch (hereinafter referred to as the “Web Shop”). We would like to point out that Swiss law, in particular, the Federal law on data protection is applicable for the data processing that is carried out within the framework of the Web Shop.

2. Responsibility

Cellcare Lab AG, Bahngässli 16, 3172 Niederwangen, near Bern, is responsible for processing personal data in the context of the Web Shop.

3. Purposes of data processing

We process personal data for the purpose and in the context of the following interests of ours:

 

– processing orders for products from our range;

– offering products from our range based on personal preferences;

– advertising the products from our range, performed by us as a company;

– supporting our business processes;

– Collecting statistics on the use and occupancy rates of the Web Shop; and

– Ensuring the the Web Shop functions from a technical perspective.

4. Means of data processing

We use the following tools to process personal data:

 

Server infrastructure (hosting): Hostpoint

Content Management System (CMS): WordPress

Data Protection Software: WP GDPR Compliance Plugin

Online shop software: WooCommerce

Newsletter software: Mailchimp for WooCommerce

Contact form software:  Contact Form 7

Search support software: Yoast SEO

Wish list: YITH WooCommerce Wishlist

Card software Google Maps

Web analysis: Google Analytics

Social media: Facebook, Instagram

Payment software: WooCommerce Stripe, WooCommerce PayPal Checkout

 

Cookies

We sometimes use so-called Cookies in order to be able to deploy the above tools. Certain cookies are deleted after you close your web browser (so-called session cookies), while others remain for a longer period of time (so-called persistent cookies). You can delete saved cookies at any time via the settings dialog of your web browser and can configure in detail how your web browser generally deals with cookies.

 

The following data is typically stored in cookies: log-in information, language settings, entered search terms, information about the number of requests and the use of individual website features. You can see which data categories we process for each tool in the table under section 5 (data streams).

5. Data streams

When one uses the tools shown, the following categories of personal data are processed by us in Switzerland. They may also be processed, at home and abroad, by the order data processors we use, who are listed below:

 

Contact details (first and last name, address, email address, telephone number, password):
Hostpoint AG (Switzerland)

 

Contract data (ordered products, invoice and payment data, etc.):
Hostpoint AG (Switzerland)

 

Usage and analysis data (number of visits, viewed products, etc.):
Google LLC, Facebook Inc. (Irland, USA)

 

Communication data (URL, IP address, time of access, browser, operating system, etc.):
Hostpoint AG, Facebook Inc.
(Switzerland, USA)

 

All of our order data processors abroad guarantee a level of data protection equivalent to that of Switzerland (see statements by the Federal Data Protection and Information Commissioner on Data transfer abroad; in particular the list of countries and the Swiss-US Privacy Shield framework).

6. Data retention

We only store your personal data for as long as is necessary to fulfil the purposes under section 3 (“Purposes of data processing”). After completing your orders, we may store your data for evidentiary purposes, or for security or advertising purposes, for a certain period of time before we delete it.

 

Contact details (first and last name, address, email address, telephone number, password):
Without user account: max. 10 years since your last order.
With user account: unlimited.

 

Contract data (ordered products, invoice and payment data, etc.):
Max. 10 years since your last order.

 

Usage and analysis data (number of visits, viewed products, etc.):
Without user account: max. 3 months since you last visited the Web Shop.
With user account: max. 12 months.

 

Communication data (URL, IP address, time of access, browser, operating system, etc.):
Only while visiting the Web Shop, thereafter anonymised and unlimited.

7. Consent

If you use the Web Shop, you consent to the processing of communication data, as these are absolutely necessary in order to make Web Shop available. In order to process your usage and analysis data, we require your express consent. You can give us this by selecting the appropriate option in the data protection banner that is displayed when you visit the Web Shop.

 

We ask you for your express consent to the processing of contact and contract data when you place an order or wish to open a customer account.

 

Before you give your consent, we give you the opportunity to read and save this Privacy Policy and, if applicable, our General Terms and Conditions of Business.

 

You can revoke your consent in full at any time. Please notify us of such revocation by writing to our postal address provided in section 2 (“Responsibility”) or by email to datenschutz@swissgetal.ch.

8. Data protection rights

We guarantee the following data protection rights:

 

– Right to free information about the data processing

– Right to have incorrect data corrected

– Right to have data that is no longer required erased

– Right to restrict the data processing

– Right to object to the data processing

– Right to issuance of data and data transfer

– Right to revoke your consent

 

For a description of the exact scope of the rights listed, we make reference to the relevant data protection regulations, in particular, the Federal Law on Data Protection..

 

If you would like to assert one or more of your rights under data protection law, please send an appeal in writing, with brief substantiation, together with a copy of your official ID to our postal address provided under section 2 (“Responsibility”) or by email to datenschutz@swissgetal.ch. We will inform you as soon as possible as to whether, and in what form, we can comply with your request, communicating the relevant reasons. We will also send you our decision in writing by post or email.

 

If you do not agree with our decision, you can file a regulatory complaint with the Federal Data Protection and Information Commissioner or file a lawsuit against us with the competent civil court.

9. Information Security

We protect your data against manipulation, loss, destruction or access by unauthorised persons by implementing technical and organisational measures at all times that comply with customary commercial technological practices (“Good Practices”). All communication carried out via the Web Shop is encrypted with SSL and your data is also stored in encrypted form wherever possible. Nevertheless, we would like to point out that there is no absolute security in complex IT systems and on the Internet. In the unlikely event that a security breach occurs, we will immediately inform the Federal Data Protection and Information Commissioner if, as a result, your fundamental rights have been exposed to high risks. We will also inform you directly if necessary.