Privacy & Security

Imprint

Responsible for the content:

Eat Unique GmbH
Birsigstrasse 109
4054 Basel
Switzerland

Email: hallo@eatunique.ch
Phone: +41 76 320 22 77

Data protection

We are pleased about your visit to our website eatunique.ch and your interest in our company.

The protection of your personal data, such as date of birth, name, telephone number, address, etc., is important to us.

The purpose of this privacy policy is to inform you about the processing of your personal data that we collect from you when you visit our website. Our data protection practices are in line with the legal provisions of the Swiss Federal Data Protection Act (DSG) and the EU General Data Protection Regulation (GDPR). The following privacy policy serves to fulfill the information obligations under the DSG and the GDPR. These can be found, for example, in Art. 19 ff. DSG and Art. 13 ff. of the GDPR.

Owner or responsible person

The person responsible within the meaning of Art. 5(j) DSG or Art. 4 No. 7 GDPR is the person who, alone or jointly with others, decides on the purposes and means of processing personal data. The person responsible according to Art. 4 No. 7 GDPR is also the recipient of the personal data within the meaning of Art. 4 No. 9 GDPR. Any third-party recipient is identified separately.

With regard to our website, the owner or person responsible is:

Eat Unique GmbH

Birsigstrasse 109

4054 Basel

Switzerland

Email: hallo@eatunique.ch

Phone: +41 76 320 22 77

Provision of the website and creation of log files

Each time our website is accessed, our system automatically records data and information from the device used to access it (e.g. computer, mobile phone, tablet, etc.).

What personal data is collected and to what extent is it processed?

(1) Information about the browser type and version used;

(2) The operating system of the retrieval device;

(3) Hostname of the accessing computer;

(4) The IP address of the access device;

(5) Date and time of access;

(6) Websites and resources (images, files, other page content) accessed on our website;

(7) Websites from which the user's system accessed our website (referrer tracking); (8) notification as to whether the retrieval was successful;

(9) Amount of data transferred

This data is stored in the log files of our system. This data is not stored together with personal data of a specific user, so that individual site visitors cannot be identified.

Legal basis for the processing of personal data

Personal data is processed in accordance with the principle of legality (Art. 6 Para. 1 DSG) and the principle of good faith (Art. 6 Para. 2 DSG or Art. 2 ZGB) as well as Art. 6 Para. 1 lit. f GDPR (legitimate interest).

Purpose of data processing

The temporary (automated) storage of data is necessary for the process of a website visit in order to enable the website to be delivered. The storage and processing of personal data is also carried out to maintain the compatibility of our website for as many visitors as possible and to combat misuse and eliminate faults. For this purpose, it is necessary to log the technical data of the retrieving computer in order to be able to react as quickly as possible to display errors, attacks on our IT systems and/or errors in the functionality of our website. In addition, the data helps us to optimize the website and to generally ensure the security of our information technology systems.

Duration of storage

The aforementioned technical data will be deleted as soon as they are no longer required to ensure the compatibility of the website for all visitors, but no later than 3 months after our website is accessed.

Possibility of restriction, objection, correction and deletion

You can request the restriction of processing in accordance with Art. 18 GDPR or object to processing in accordance with Art. 21 GDPR at any time, as well as request the correction or deletion of data in accordance with Art. 16 or 17 GDPR. You can find out what rights you are entitled to and how you can assert them at the bottom of this data protection declaration.

Special features of the website

Our site offers you various functions, and when you use them we collect, process and store personal data. Below we explain what happens to this data:

Order form

What personal data is collected and to what extent is it processed?

The data you enter in the form fields, such as address, surname, first name, etc., will be processed by us to fulfill the purpose stated below.

Legal basis for the processing of personal data

The processing of personal data is carried out in accordance with the principle of legality (Art. 6 Para. 1 DSG) and the principle of good faith (Art. 6 Para. 2 DSG or Art. 2 ZGB) as well as Art. 6 Para. 1 Letter b GDPR (implementation of (pre)contractual measures).

Purpose of data processing

The purpose of data processing is to process your order so that we can fulfil or initiate the contract concluded with you.

Duration of storage

The data will be deleted as soon as it is no longer required to process the order and there are no longer any legal retention periods. As a rule, the law stipulates a retention period of 10 years.

Opportunity to object, edit, correct and delete

You can restrict processing at any time in accordance with Art. 18 GDPR, object to processing in accordance with Art. 21 GDPR and request correction or deletion of data in accordance with Art. 16 or 17 GDPR. You can find out what rights you are entitled to and how you can assert them at the bottom of this data protection declaration.

Necessity of providing personal data

The information in the order form is necessary to conclude a contract. If you do not fill in the mandatory fields or do not fill them in completely, your desired order cannot be processed.

Contact form(s)

What personal data is collected and to what extent is it processed?

The data you have entered into our contact forms, which you have entered into the input mask of the contact form.

Legal basis for the processing of personal data

The processing of personal data is carried out in accordance with the principle of legality (Art. 6 Para. 1 DSG) and the principle of good faith (Art. 6 Para. 2 DSG or Art. 2 ZGB) as well as Art. 6 Para. 1 lit. a GDPR (consent through a clear confirming action or behavior).

Purpose of data processing

We will only use the data collected via our contact form or forms to process the specific contact request received via the contact form. Please note that in order to fulfill your contact request, we may also send you emails to the address provided. The purpose of this is to enable you to receive confirmation from us that your request has been correctly forwarded to us. However, sending this confirmation email is not mandatory for us and is only for your information.

Duration of storage

After your request has been processed, the data collected will be deleted immediately, unless there are statutory retention periods.

Possibility of restriction, objection, correction and deletion

Necessity of providing personal data

The use of the contact forms is voluntary. You are not obliged to contact us via the contact form, but can also use the other contact options provided on our website. If you would like to use our contact form, you must fill in the fields marked as mandatory. If you do not fill in the necessary information on the contact form, you will either not be able to send the request or we will not be able to process your request due to insufficient information.

Login area / registration

Scope of processing of personal data and personal data collected

The registration and login data you have entered with us or that we have provided to you.

Legal basis for the processing of personal data

The processing of personal data is carried out in accordance with the principle of legality (Art. 6 Para. 1 DSG) and the principle of good faith (Art. 6 Para. 2 DSG or Art. 2 ZGB) as well as Art. 6 Para. 1 lit. b GDPR (implementation of (pre)contractual measures).

Purpose of data processing

You have the option of using a separate login area on our website. So that we can check your authorization to use the protected area or the protected documents, you must enter your login details (email or user name and password) in the corresponding form. If required, we can send you your login details or the option to reset your password by email upon request.

Duration of storage

The data collected will be stored as long as you maintain a user account with us.

Possibility of restriction, objection, correction and deletion

Necessity of providing personal data

Certain pages and their content are not publicly accessible. Certain users can gain access to the protected area via the login area on our site. Using the content protected by the login area is not possible without entering personal data. If you want to use our login area, you must fill in the fields marked as mandatory (user name and password). Entering the data requires that you have a user account. You cannot log in if the data you have entered is incorrect. If you enter the data incorrectly or do not enter it at all, the protected area cannot be used. The rest of the site can still be used without logging in.

Newsletter registration form

What personal data is collected and to what extent is it processed?

By registering for the newsletter on our website, we receive the email address you entered in the registration field and, if applicable, other contact details, provided you provide them to us via the newsletter registration form.

Legal basis for the processing of personal data

The processing of personal data is carried out in accordance with the principle of legality (Art. 6 Para. 1 DSG) and the principle of good faith (Art. 6 Para. 2 DSG or Art. 2 ZGB) as well as Art. 6 Para. 1 lit. a GDPR (consent through a clear confirming action or behavior).

Purpose of data processing

The data entered in the registration form for our newsletter will be used exclusively to send our newsletter, in which we inform you about all our services and our latest news. After registration, we will send you a confirmation email containing a link that you must click to complete the registration for our newsletter (double opt-in). By doing so, you give your consent to data processing in accordance with Art. 6 Para. 6 DSG.

Duration of storage

You can unsubscribe from our newsletter at any time by clicking on the unsubscribe link that is included in every newsletter. Your data will be deleted immediately after you unsubscribe, unless there are legal retention requirements. Likewise, if you have not completed your registration, your data will be deleted immediately. We reserve the right to delete your data without giving reasons and without prior or subsequent information.

Possibility of restriction, objection, correction and deletion

Necessity of providing personal data

If you would like to use our newsletter, you must fill in the fields marked as mandatory and confirm your email address by clicking on the double opt-in link. The details for newsletter registration are necessary in order to be able to use the newsletter offer. The information is used exclusively to send our newsletter. If you do not fill in the mandatory fields, we cannot provide you with our newsletter service.

Disclosure of information to third parties

The processing of personal data is carried out in accordance with the principle of legality (Art. 6 para. 1 DSG) and in accordance with the principle of good faith (Art. 6 para. 2 DSG or Art. 2 ZGB).

The transfer of information to third parties depends on the scope of the activities or offers of our website or our business model described below.

As a general rule, we only keep your information for as long as necessary and treat it confidentially. Exceptions to this are the transfer of personal data to debt collection service providers, to public bodies and authorities, and to private individuals who are entitled to it due to legal provisions, court decisions or official orders, as well as the transfer to authorities for the purpose of initiating legal proceedings or for law enforcement purposes if our legally protected rights are attacked.

Statistical evaluation of visits to this website - Webtracker

When you access this website or individual files on the website, we collect, process and store the following data: IP address, website from which the file was accessed, name of the file, date and time of access, amount of data transferred and notification of the success of the access (so-called web log). We use this access data exclusively in a non-personalized form for the continuous improvement of our internet offering and for statistical purposes.

Any personal data will be processed in accordance with the principle of legality (Art. 6 Para. 1 DSG) and in accordance with the principle of good faith (Art. 6 Para. 2 DSG or Art. 2 ZGB). We also use the following web trackers to evaluate visits to this website:

Custom Audiences

We use the Custom Audiences service from Meta Platforms Ireland Ltd., Merrion Road, D04 X2K5 Dublin 4, Ireland, email: impressum-support@support.facebook.com , website: https://facebook.com/ on our website . According to the assessment of Swiss authorities, processing takes place in safe third countries. The list of Swiss states and further information can be found under the following link:
https://www.edoeb.admin.ch/edoeb/de/home/datenschutz/handel-und-wirtschaft/uebermittlung-ins-ausland.html . Personal data is also transferred to the USA. With regard to the transfer of personal data to the USA, there is an adequacy decision on the EU-US Data Privacy Framework of the EU Commission within the meaning of Art. 45 GDPR (hereinafter: DPF - https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60- be03fcb0fddf_en ). The operator of the service is certified within the framework of the DPF, so that the usual level of protection of the GDPR applies to the transfer.

The legal basis for the transmission of personal data is your consent in accordance with Art. 6 Para. 6 DSG or Art. 31 Para. 2 DSG and in accordance with Art. 6 Para. 1 lit. a GDPR or Art. 9 Para. 2 lit. a GDPR, which you have given on our website.

Facebook Custom Audience is an advertising tool from Facebook that can be used to target advertising campaigns to page visitors.

The parent company’s certification under the EU-US Data Privacy Framework can be found at https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt0000000GnywAAC .

You can revoke your consent at any time. Further information on revoking your consent can be found either in the consent itself or at the end of this privacy policy.

Further information on the handling of the transferred data can be found in the provider's privacy policy at https://www.facebook.com/about/privacy .

The provider also offers an opt-out option at https://www.facebook.com/about/privacy .

Facebook Connect

We use the Facebook Connect service on our site from Meta Platforms Ireland Ltd., Merrion Road, D04 X2K5 Dublin 4, Ireland, email: impressum-support@support.facebook.com , website: https://www.facebook.com/ . According to the assessment of the Swiss authorities, processing takes place in safe third countries. The list of Swiss states and further information can be found under the following link: https://www.edoeb.admin.ch/edoeb/de/home/datenschutz/handel-und-wirtschaft/uebermittlung-ins-ausland.html . Personal data is also transferred to the USA. With regard to the transfer of personal data to the USA, there is an adequacy decision on the EU-US Data Privacy Framework of the EU Commission within the meaning of Art. 45 GDPR (hereinafter: DPF - https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60- be03fcb0fddf_en ). The operator of the service is certified under the DPF, so that the usual level of protection of the GDPR applies to the transmission.

Facebook Connect allows users to use their Facebook profile to simplify registration with other web services.

You can obtain certification under the EU-US Data Privacy Framework at

https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt0000000GnywAAC .

You can revoke your consent at any time. Further information on revoking your consent can be found either in the consent itself or at the end of this privacy policy.

Further information on the handling of the transferred data can be found in the provider's privacy policy at https://www.facebook.com/about/privacy .

The provider also offers an opt-out option at https://www.facebook.com/about/privacy .

Google

We use the Google service provided by Google Ireland Limited, Gordon House, Barrow Street, 4 Dublin, Ireland, email: support-deutschland@google.com , website: https://www.google.com/ on our website . According to the assessment of Swiss authorities, processing takes place in safe third countries. The list of Swiss states and further information can be found under the following link:

https://www.edoeb.admin.ch/edoeb/de/home/datenschutz/handel-und-wirtschaft/uebermittlung-ins-ausland.html . Personal data is also transferred to the USA. With regard to the transfer of personal data to the USA, there is an adequacy decision on the EU-US Data Privacy Framework of the EU Commission within the meaning of Art. 45 GDPR (hereinafter: DPF - https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60- be03fcb0fddf_en ). The operator of the service is certified within the framework of the DPF, so that the usual level of protection of the GDPR applies to the transfer.

We use Google to load additional Google services onto the website. The service is used to provide additional Google services, such as the data processing required to provide streams and fonts and relevant Google search content. It is technically required to be able to exchange the information already available to Google about the site visitor between Google services and to be able to provide the site visitor with individual content tailored to their Google account.

For the processing itself, the service or we collect the following data: Background data stored in the Google user account or in other Google services about the site visitor, background data for the provision of Google services such as streaming data or advertising data, data about the site user's use of Google search, information about the device used, the user's IP address and browser and other data from Google services for the provision of Google services related to our website.

If the service is activated on our website, our website establishes a connection to the servers of the company Google Ireland Limited and transfers the required data. As part of the order processing, personal data may also be transferred to the servers of the company Google LLC, 1600 Amphitheatre Parkway, 94043 Mountain View, United States. When the Google service is used on our website, Google may transmit and process information from other Google services in order to provide background services for the display and data processing of the services provided by Google. For this purpose, data may also be transferred to the Google services Google Apis, Doubleclick, Google Cloud, and Google Ads and Google Fonts in accordance with the Google privacy policy. You can access the certification within the framework of the EU-US Data Privacy Framework at https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt000000001L5AAI&status=Active .

You can revoke your consent at any time. Further information on revoking your consent can be found either in the consent itself or at the end of this privacy policy.

Further information on the handling of the transferred data can be found in the provider's privacy policy at https://policies.google.com/privacy .

The provider also offers an opt-out option at https://support.google.com/My-Ad-Center-Help/answer/12155451?hl=de .

Google Ads

We use the Google Ads service from Google Ireland Limited, Gordon House, Barrow Street, 4 Dublin, Ireland, email: support-deutschland@google.com , website: https://www.google.com/ on our website . According to the assessment of the Swiss authorities, processing takes place in safe third countries. The list of Swiss states and further information can be found under the following link:

Google Ads is an advertising system that we can use to place advertisements on external websites to inform our customers about our services. Google Ads displays advertisements on external websites that are tailored to our customer base and lead to our website, based on parameters we set. If the site visitor clicks on the Google Ads advertisement, they are taken to our website. In order to measure the success and remuneration of Google Ads advertisements, Google Ads measures the success of the advertising measure when our website is accessed. Our website processes the data provided by Google Ads in order to be able to analyze and improve our advertising measures, and to calculate any remuneration that may be incurred.

For the processing itself, the service or we collect the following data: data on the advertising interests of site visitors, interactions of site visitors with advertising in relation to our website, data on the visits to our website by site visitors who have previously clicked on Google Ads advertising and reached our website, data on the device used, the IP address and the browser of the user and other data from Google services for the provision and refinement of Google advertising in relation to our website.

If the service is activated on our website, our website establishes a connection to the servers of the company Google Ireland Limited and transfers the required data. As part of the order processing, personal data may also be transferred to the servers of the company Google LLC, 1600 Amphitheatre Parkway, 94043 Mountain View, United States. When Google Ads is used on our website, Google may transmit and process information from other Google services in order to provide background services for the improvement and customization of Google advertising. For this purpose, data may also be processed by other Google services such as Google APIs, Google Cloud, Google Ads, Google Analytics, Google Tag Manager, Google Marketing Platform and Google Fonts in accordance with the Google Privacy Policy under Google's own data protection responsibility. You can access the certification within the framework of the EU US Data Privacy Framework at https://www.dataprivacyframework.gov/s/participant-search/participant detail?id=a2zt000000001L5AAI&status=Active .

You can revoke your consent at any time. Further information on revoking your consent can be found either in the consent itself or at the end of this privacy policy.

Further information on the handling of the transferred data can be found in the provider's privacy policy at https://policies.google.com/privacy .

The provider also offers an opt-out option at https://support.google.com/My-Ad-Center-Help/answer/12155451?hl=de .

Google Analytics

Scope of processing of personal data

On our website we use the web tracking service of the company Google Ireland Ltd., Gordon House, Barrow Street, 4 Dublin, Ireland, email: support-deutschland@google.com , website: https://www.google.com/ (hereinafter: Google Analytics). As part of web tracking, Google Analytics uses cookies that are stored on your computer and that enable an analysis of the use of our website and your surfing behavior (so-called tracking). We carry out this analysis on the basis of the Google Analytics tracking service in order to constantly optimize our internet offering and make it more available. When you use our website, data such as your IP address and your user activities are transferred to servers of the company Google Ireland Limited. We carry out this analysis on the basis of the Google tracking service in order to constantly optimize our internet offering and make it more available. We also need web tracking for security reasons. Web tracking enables us to track whether third parties are attacking our website. The information from the web tracker enables us to take effective countermeasures and protect the personal data we process from these cyber attacks. By activating IP anonymization within the Google Analytics tracking code of this website, your IP address will be anonymized by Google Analytics before transmission. This website uses a Google Analytics tracking code that has been extended by the operator gat._anonymizeIp(); to only allow anonymous collection of IP addresses (so-called IP masking).

Legal basis for the processing of personal data

The legal basis for data processing is your consent in our information banner regarding the use of cookies and web tracking (consent through clear confirming action or behavior) in accordance with Art. 13 Para. 1 DSG or Art. 6 Para. 1 lit. a GDPR.

Purpose of data processing

On our behalf, Google will use this information to evaluate your visit to this website, compile reports on website activity and provide us with other services relating to website activity and internet usage. We also require web tracking for security reasons. Web tracking enables us to track whether third parties are attacking our website. The information from the web tracker enables us to take effective countermeasures and protect the personal data we process from these cyber attacks.

Duration of storage

Google will store the data relevant to the provision of web tracking for as long as it is necessary to provide the booked web service. The data is collected and stored anonymously. If personal references do exist, the data will be deleted immediately unless they are subject to statutory retention periods. In any case, deletion will occur after the retention period has expired.

Objection and deletion options

You can prevent the collection and forwarding of personal data to Google (in particular your IP address) as well as the processing of this data by Google by deactivating the execution of script code in your browser or activating the "Do Not Track" setting on your browser. You can also prevent Google from collecting the data generated by the Google cookie and relating to your use of the website (including your IP address) and from processing this data by Google by downloading and installing the browser plug-in available under the following link ( http://tools.google.com/dlpage/gaoptout?hl=de ). Google's security and data protection principles can be found at https://policies.google.com/privacy .

Google Tag Manager

What personal data is collected and to what extent is it processed?

On our website we use the Google Tag Manager service of the company Google Ireland Ltd., Gordon House, Barrow Street, 4 Dublin, Ireland, email: support-deutschland@google.com , website:

https://www.google.com/ (hereinafter: Google Tag Manager). Google Tag Manager offers a technical platform for running other web services and web tracking programs using so-called "tags" and for controlling them in a bundled manner. In this context, Google Tag Manager stores cookies on your computer and, if web tracking tools are run using Google Tag Manager, analyzes your surfing behavior (so-called "tracking"). This data sent by individual tags integrated in Google Tag Manager is merged, stored and processed by Google Tag Manager under a uniform user interface. All integrated "tags" are listed separately again in this data protection declaration. You can find more information on the data protection of the tools integrated in Google Tag Manager in the respective section of this data protection declaration. When you use our website with activated integration of tags from Google Tag Manager, data such as your IP address and your user activities are transferred to servers of the company Google Ireland Limited. With regard to the web services integrated using Google Tag Manager, the regulations in the respective section of this data protection declaration apply. The tracking tools used in Google Tag Manager ensure that the IP address is anonymized by Google Tag Manager before transmission by means of IP anonymization of the source code. This only allows Google Tag Manager to record IP addresses anonymously (so-called IP masking).

Legal basis for the processing of personal data

Purpose of data processing

On our behalf, Google will use the information obtained through Google Tag Manager to evaluate your visit to this website, to compile reports on website activities and to provide us with other services relating to website activity and internet usage.

Duration of storage

Google will store the data relevant to the function of Google Tag Manager for as long as it is necessary to provide the booked web service. The data is collected and stored anonymously. If personal references do exist, the data will be deleted immediately, provided that they are not subject to any statutory retention periods. In any case, deletion will occur after the retention period has expired.

Possibility of objection and deletion

You can prevent the collection and forwarding of personal data to Google (in particular your IP address) as well as the processing of this data by Google by deactivating the execution of script code in your browser, installing a script blocker in your browser or activating the "Do Not Track" setting in your browser. You can also prevent Google from collecting the data generated by the Google cookie and relating to your use of the website (including your IP address) and from processing this data by Google by downloading and installing the browser plug-in available under the following link https://tools.google.com/dlpage/gaoptout?hl=de . Google's security and data protection principles can be found at https://policies.google.com/privacy .

Gstatic

We use the Gstatic service from Google Ireland Limited, Gordon House, Barrow Street, 4 Dublin, Ireland, email: support-deutschland@google.com , website: https://www.google.com/ on our website . According to the assessment of Swiss authorities, processing takes place in safe third countries. The list of Swiss states and further information can be found under the following link:

Gstatic is a background service used by Google to retrieve static content in order to reduce bandwidth usage and pre-load required catalog files. In particular, the service loads background data for Google Fonts and Google Maps.

As part of the order processing, personal data may also be transmitted to the servers of Google LLC, 1600 Amphitheatre Parkway, 94043 Mountain View, United States. You can find certification under the EU-US Data Privacy Framework at

https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt000000001L5AAI&status=Active .

You can revoke your consent at any time. Further information on revoking your consent can be found either in the consent itself or at the end of this privacy policy.

Further information on the handling of the transferred data can be found in the provider's privacy policy at https://policies.google.com/privacy .

The provider also offers an opt-out option at https://support.google.com/My-Ad-Center-Help/answer/12155451?hl=de .

klaviyo

We use the klaviyo service from Klaviyo, Inc., 125 Summer St Floor 7 , 02110 Boston, United States, email: privacy@klaviyo.com , website: https://www.klaviyo.com/ . Your personal data will be transferred to so-called unsafe third countries that do not guarantee adequate data protection through their legislation. Your data will only be passed on if appropriate data protection is guaranteed. This can be guaranteed in particular by:

international treaties

Data protection clauses in a contract between the controller or processor and its contractual partner, which have been communicated to the FDPIC in advance

specific guarantees drawn up by the competent federal body and communicated in advance to the FDPIC; standard data protection clauses previously approved, issued or recognised by the FDPIC; or binding corporate data protection rules previously approved by the FDPIC or by a competent data protection authority of a State ensuring adequate protection

If such guarantees are not available, your data may only be disclosed if you have given your consent to this, the disclosure is directly related to the conclusion or execution of a contract, or the disclosure is necessary in the context of enforcing claims before courts and authorities or to protect public interests. Personal data is also transferred to the USA. With regard to the transfer of personal data to the USA, there is an adequacy decision on the EU-US Data Privacy Framework of the EU Commission within the meaning of Art. 45 GDPR (hereinafter: DPF -

https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en ). The operator of the service is certified under the DPF, so that the usual level of protection of the GDPR applies to the transmission.

The service enables us to collect, evaluate and use customer data to contact our customers in a targeted manner, for example by sending emails about discounts, emails with updates on the shipping of ordered goods or abandoned shopping cart emails.

You can obtain certification under the EU-US Data Privacy Framework at

https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt00000012uf9AAA .

You can revoke your consent at any time. You can find more information about revoking your consent either in the consent itself or at the end of this privacy policy.

Further information on the handling of the transferred data can be found in the provider's privacy policy at https://www.klaviyo.com/legal/privacy-notice .

Integration of external web services and processing of data outside the EU

We use active content from external providers, so-called web services, on our website. When you access our website, these external providers may receive personal information about your visit to our website. This may involve processing data outside of Switzerland and the EU. You can prevent this by installing a corresponding browser plug-in or by deactivating the execution of scripts in your browser. This may result in functional restrictions on the websites you visit.

We use the following external web services:

Amazon AWS

We use the Amazon AWS service from Amazon Web Services EMEA SARL, 38 Avenue John F. Kennedy, 1855 Luxembourg, Luxembourg, email: privacyshield@amazon.com , website: https://aws.amazon.com/ on our website . According to the assessment of the Swiss authorities, processing takes place in safe third countries. The list of Swiss states and further information can be found under the following link: https://www.edoeb.admin.ch/edoeb/de/home/datenschutz/handel-und-wirtschaft/uebermittlung-ins-ausland.html . Personal data is also transferred to the USA. With regard to the transfer of personal data to the USA, there is an adequacy decision on the EU-US Data Privacy Framework of the EU Commission within the meaning of Art. 45 GDPR (hereinafter: DPF - https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60- be03fcb0fddf_en ). The operator of the service is certified under the DPF, so that the usual level of protection of the GDPR applies to the transmission.

The legal basis for the transmission of personal data is our legitimate interest in processing in accordance with Art. 6 (1) (f) GDPR. Our legitimate interest lies in achieving the purpose described below.

Amazon AWS is a cloud computing offering from Amazon, through which our site or individual elements of our site are reloaded. The separate AWS cloud enables us to download our website and its services from faster servers.

With regard to processing, you have the right to object as set out in Art. 21 GDPR. You can find more information at the end of this privacy policy.

Further information on the handling of the transferred data can be found in the provider's privacy policy at https://aws.amazon.com/de/privacy/?nc1=f_pr .

CloudFlare

We use the CloudFlare service from Cloudflare, Inc., 101 Townsend St, 94107 San Francisco, United States, email: support@cloudflare.com , website: https://www.cloudflare.com/de-de/ on our website . Your personal data will be transferred to so-called unsafe third countries that do not guarantee adequate data protection through their legislation. Your data will only be passed on if appropriate data protection is guaranteed. This can be guaranteed in particular by:

international treaties

Data protection clauses in a contract between the controller or processor and its contractual partner, which have been communicated to the FDPIC in advance

If such guarantees are not available, your data may only be disclosed if you have given your consent, the disclosure is directly related to the conclusion or execution of a contract, or the disclosure is necessary in the context of enforcing claims before courts and authorities or to protect public interests. Personal data is also transferred to the USA. With regard to the transfer of personal data to the USA, there is an adequacy decision on the EU-US Data Privacy Framework of the EU Commission within the meaning of Art. 45 GDPR (hereinafter: DPF - https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en ). The operator of the service is certified within the framework of the DPF, so that the usual level of protection of the GDPR applies to the transfer.

Cloudflare is a so-called content delivery network that not only splits the website across multiple servers but also provides security features. Cloudflare also acts as a reverse proxy for our website.

You can obtain certification under the EU-US Data Privacy Framework at

https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt0000000GnZKAA0 .

With regard to processing, you have the right to object as set out in Art. 21 GDPR. You can find more information at the end of this privacy policy.

Further information on the handling of the transferred data can be found in the provider's privacy policy at https://www.cloudflare.com/privacypolicy/ .

Google Cloud APIs

We use the Google Cloud APIs service from Google Ireland Limited, Gordon House, Barrow Street, 4 Dublin, Ireland, email: support-deutschland@google.com , website: https://www.google.com/ on our website . According to the assessment of Swiss authorities, processing takes place in safe third countries. The list of Swiss states and further information can be found under the following link:

We use Google APIs to load additional Google services onto the website. Google APIs are a collection of interfaces for communication between the various Google services used on your website. The service is used in particular to display Google Fonts and to provide the Google Maps map.

For processing purposes, the service or we collect the following data: IP address

If the service is activated on our website, our website establishes a connection to the servers of the company Google Ireland Limited and transfers the required data. As part of the order processing, personal data may also be transferred to the servers of the company Google LLC, 1600 Amphitheatre Parkway, 94043 Mountain View, United States. When using the Google service on our website, Google may transfer and process information from other Google services in order to provide background services for the display and data processing of the services provided by Google. For this purpose, data may also be transferred to the Google services Google Cloud, Google Maps, Google Ads and Google Fonts in accordance with the Google privacy policy under Google's data protection responsibility. You can find certification under the EU-US Data Privacy Framework at

https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt000000001L5AAI&status=Active .

You can revoke your consent at any time. Further information on revoking your consent can be found either in the consent itself or at the end of this privacy policy.

Further information on the handling of the transferred data can be found in the provider's privacy policy at https://policies.google.com/privacy .

The provider also offers an opt-out option at https://support.google.com/My-Ad-Center-Help/answer/12155451?hl=de .

Google Fonts

We use the Google Fonts service on our website from Google Ireland Limited, Gordon House, Barrow Street, 4 Dublin, Ireland, email: support-deutschland@google.com , website: https://www.google.com/ . According to the assessment of Swiss authorities, the processing takes place in safe third countries. The list of Swiss states and further information can be found under the following link:

We use the Google Fonts service to integrate attractive fonts on our site so that we can show you a visually better version of our website. The service may also be used on our website if other Google services are loaded onto our website that require Google Fonts to function. This is the case, for example, if our website uses Google services that require Google Fonts to function.

For processing purposes, the service or we collect the following data: data on fonts, IP address of the site visitor, statistics on the use of fonts and other data from Google services related to our website.

If the service is activated on our website, our website establishes a connection to the servers of the company Google Ireland Limited and transfers the required data. As part of the order processing, personal data may also be transferred to the servers of the company Google LLC, 1600 Amphitheatre Parkway, 94043 Mountain View, United States. When the Google service is used on our website, Google may transmit and process information from other Google services in order to provide background services for the display and data processing of the services provided by Google. For this purpose, data may also be transferred to the Google services Google Apis, Google Cloud and Google Ads in accordance with the Google privacy policy. You can find certification within the framework of the EU-US Data Privacy Framework at https://www.dataprivacyframework.gov/s/participant-search/participant-detail? id=a2zt000000001L5AAI&status=Active .

You can revoke your consent at any time. Further information on revoking your consent can be found either in the consent itself or at the end of this privacy policy.

Further information on the handling of the transferred data can be found in the provider's privacy policy at https://policies.google.com/privacy .

The provider also offers an opt-out option at https://support.google.com/My-Ad-Center-Help/answer/12155451?hl=de .

Sentry

We use the Sentry service from Functional Software, Inc. dba Sentry, 45 Fremont Street, 8th Floor, , CA 94105 San Francisco, United States, email: compliance@sentry.io , website: https://sentry.io/ . Your personal data will be transferred to so-called unsafe third countries that do not guarantee adequate data protection through their legislation. Your data will only be passed on if appropriate data protection is guaranteed. This can be guaranteed in particular by:

international treaties

Data protection clauses in a contract between the controller or the processor and its contractual partner which have been notified to the FDPIC in advance; specific guarantees which the competent federal body has drawn up and notified to the FDPIC in advance; standard data protection clauses which the FDPIC has previously approved, issued or recognised; or binding internal company data protection rules which have been previously approved by the FDPIC or by a data protection authority of a state which ensures adequate protection.

The service collects stack traces and information from our site to identify and resolve errors and crashes. This also includes data about the affected website visitors.

You can obtain certification under the EU-US Data Privacy Framework at

https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt0000000YdenAAC .

You can revoke your consent at any time. Further information on revoking your consent can be found either in the consent itself or at the end of this privacy policy.

Further information on the handling of the transferred data can be found in the provider's privacy policy at https://sentry.io/privacy/ .

Shopify

We use the Shopify service on our website from Shopify International Limited, Victoria Buildings, 2nd Floor, 1-2 Haddington Road, D04 XN32 Dublin, Ireland, email: hilfe@shopify.de , website: https://www.shopify.de/ . According to the assessment of the Swiss authorities, processing takes place in safe third countries. The list of Swiss states and further information can be found under the following link:

https://www.edoeb.admin.ch/edoeb/de/home/datenschutz/handel-und-wirtschaft/uebermittlung-ins-ausland.html . The processing also takes place in a third country outside the EU. There is an adequacy decision by the Commission for this third country. On the EU Commission website (link: https://ec.europa.eu/info/law/law-topic/data protection/international-dimension-data-protection/adequacy-decisions_de ) you will find a current list of all adequacy decisions.

The legal basis for the transmission of personal data is the contract already concluded or still to be concluded between you and us in accordance with Art. 31 Para. 2 Letter a DSG and Art. 6 Para. 1 Letter b GDPR.

Shopify's CRM enables us to operate our store and make it available to you. You can find out what rights you have with regard to processing at the end of this privacy policy.

Further information on the handling of the transferred data can be found in the provider's privacy policy at https://www.shopify.de/legal/datenschutz .

teads.tv

We use the teads.tv service from Teads Deutschland GmbH, Poststr. 6, 20354 Hamburg, Germany, email: dpo@teads.com , website: https://www.teads.com/ on our website . According to the assessment of Swiss authorities, data processing takes place in safe third countries. The list of Swiss states and further information can be found under the following link: https://www.edoeb.admin.ch/edoeb/de/home/datenschutz/handel-und wirtschaft/uebermittlung-ins-ausland.html . Personal data is transmitted and processed exclusively on servers in the European Union.

The service enables interaction with various social media sites on our website.

You can revoke your consent at any time. Further information on revoking your consent can be found either in the consent itself or at the end of this privacy policy.

Further information on the handling of the transferred data can be found in the provider's privacy policy at https://teads.tv/privacy-policy/ .

Social Plug-In – “Facebook by META”

What personal data is collected and to what extent is it processed?

On our website we have integrated a social plug-in from the social network “Facebook by META”, which is operated by Meta Platforms Ireland Ltd., Merrion Road, D04 X2K5 Dublin 4, Ireland, email: impressum support@support.facebook.com , website: https://www.facebook.com/ (“Facebook by META”). When you visit a page that contains such a plug-in, your browser automatically establishes a background connection to the Facebook by META servers. The content of the plug-in is transmitted directly to your browser by Facebook by META and only integrated into our page. Through this integration, Facebook by META receives the information that your browser has loaded a specific page on our website. This also applies if you do not have a Facebook by META profile or are not currently logged in to Facebook by META. This information (including your IP address) is transmitted from your browser directly to a Facebook by META server in Ireland and stored there. If you are logged in to Facebook by META, Facebook by META can directly associate your visit to our website with your Facebook by META profile. If you interact with the plug-ins, for example by clicking the "Like" button or leaving a comment, this information is also sent directly to a Facebook by META server and stored there. The information is also published on your Facebook by META profile and displayed to your Facebook by META contacts who you have authorized for this purpose.

Legal basis for the processing of personal data

Relevant are Art. 6 ff. DSG and Art. 6 Para. 1 lit. a GDPR (if you have registered with “Facebook by META”) and Art. 6 Para. 3 DSG and Art. 6 Para. 1 lit. f GDPR (if you have not registered with Facebook by META). Insofar as the processing is carried out on the basis of Art. 6 Para. 1 S. 1 lit. f GDPR, the legitimate interest of the website operator is to enable users to interact with the website operator’s content on Facebook by META.

Purpose of data processing

The primary purpose of data collection is to offer you a social interaction option connected to Facebook by META and thus to make our website interactive. The scope of data collection and the further processing and use of the data you leave behind by Facebook by META as well as your rights and setting options to protect your privacy can be found in Facebook by META's privacy policy: https://www.facebook.com/about/privacy

Duration of storage

Facebook by META will store the data relevant to the provision of the web service for as long as necessary. If the data is subject to statutory retention periods, it will be deleted after the retention period has expired.

Possibility of objection and deletion

If you do not want the social plug-in from Facebook by META to be executed, you can prevent it from running by installing an appropriate add-on or script blocker. If you do not want Facebook by META to assign the data collected via our website to your Facebook by META profile, you must log out of Facebook by META before visiting our website. The right to information, correction and deletion as well as the right to restrict processing and the right to object are also governed by the general provisions on the right to object and the right to deletion under data protection law described below in this data protection declaration.

Social Plug-In – “TikTok”

What personal data is collected and to what extent is it processed?

On our website we have integrated a social plug-in from the social network “TikTok”, which is operated by TikTok Technology Limited, 10 Earlsfort Terrace, D02 T380 Dublin, Ireland, email: reports@tiktok.com , website: https://www.tiktok.com/ (“TikTok”). When you visit a page that contains such a plug-in, your browser automatically establishes a background connection to TikTok’s servers. The content of the plug-in is transmitted directly to your browser by TikTok and only integrated into our site. Through this integration, TikTok receives the information that your browser has loaded a specific page on our website. This also applies if you do not have a TikTok profile or are not currently logged into TikTok. This information (including your IP address) is transmitted from your browser directly to a TikTok server in Ireland and stored there. If you are logged into TikTok, TikTok can directly assign your visit to our website to your TikTok profile. If you interact with the plug-ins, for example by clicking the "Like" button or leaving a comment, this information is also transmitted directly to a TikTok server and stored there. The information is also published on your TikTok profile and displayed to your TikTok contacts who you have authorized for this purpose.

Legal basis for the processing of personal data

Relevant are Art. 6 ff. DSG as well as Art. 6 Para. 1 lit. a GDPR (if you have registered with “TikTok”) and Art. 6 Para. 3 DSG as well as Art. 6 Para. 1 lit. f GDPR (if you have not registered with TikTok). Insofar as the processing is carried out on the basis of Art. 6 Para. 1 S. 1 lit. f GDPR, the legitimate interest of the site operator is to enable users to interact with the site operator’s content on TikTok.

Purpose of data processing

The primary purpose of data collection is to offer you a social interaction option connected to TikTok and thus to make our website interactive. The scope of data collection and the further processing and use of the data you leave behind by TikTok as well as your rights and setting options to protect your privacy can be found in TikTok's privacy policy: https://www.tiktok.com/legal/privacy-policy?lang=de-DE

Duration of storage

TikTok will store the data relevant to the provision of the web service for as long as necessary. If the data is subject to statutory retention periods, it will be deleted after the retention period has expired.

Possibility of objection and deletion

If you do not want the TikTok social plug-in to run, you can also prevent it from running by installing an appropriate add-on or script blocker. If you do not want TikTok to assign the data collected via our website to your TikTok profile, you must log out of TikTok before visiting our website. The right to information, correction and deletion as well as the right to restrict processing and the right to object are also governed by the general provisions on the right of objection and the right to deletion under data protection law described below in this data protection declaration.

Information on the use of cookies

Scope of processing of personal data

We integrate and use cookies on various pages to enable certain functions of our website and to integrate external web services. So-called "cookies" are small text files that your browser can save on your access device. These text files contain a characteristic character string that uniquely identifies the browser when you return to our website. The process of saving a cookie file is also known as "setting a cookie". Cookies can be set both by the website itself and by external web services.

Legal basis for the processing of personal data

Relevant are Art. 6 ff. DSG (principles) as well as Art. 6 Para. 1 lit. f GDPR (legitimate interest) or Art. 6 Para. 1 lit. a or Art. 9 Para. 2 lit. a GDPR (consent).

In general, when cookies are collected based on a legitimate interest, our legitimate interest is to ensure the functionality of our website and the services integrated into it (technically necessary cookies). In addition, the cookies may increase its user-friendliness and enable a more personalized approach. Here we have weighed up your interests and our interests.

With the help of cookie technology, we can only identify, analyze and track individual website visitors if the website visitor has consented to the use of cookies in accordance with Art. 6 (6) DSG or Art. 6 (1) lit. a GDPR.

Purpose of data processing

The cookies are set by our website or the external web services to maintain the full functionality of our website, to improve user-friendliness or to pursue the purpose specified with your consent. Cookie technology also enables us to recognize individual visitors using pseudonyms, e.g. an individual or random ID, so that we can offer more personalized services. Details are listed in the table below.

Duration of storage

The cookies are stored in your browser until they are deleted or, in the case of a session cookie, until the session has expired.

Possibility of objection, revocation of consent and deletion

You can set your browser to generally prevent cookies from being placed. You can then decide on a case-by-case basis whether to accept cookies or to accept cookies in general. Cookies can be used for various purposes, e.g. to recognise that your access device is already connected to our website (permanent cookies) or to save the last offers you viewed (session cookies). If you have given us express permission to process your personal data, you can revoke this consent at any time. Please note that this does not affect the legality of the processing carried out on the basis of the consent until the revocation.

Data security and data protection, communication by email

Your personal data is protected by technical and organizational measures during collection, storage and processing so that it is not accessible to third parties. If you communicate unencrypted by email, we cannot guarantee complete data security during transmission to our IT systems, so we recommend encrypted communication or sending information that requires a high level of confidentiality by post.

Duration of data storage and rights of the data subject

Duration of storage

We only store personal data to the extent and for as long as this is necessary to fulfil the purposes for which the personal data was collected, we have a legitimate overriding interest in storing the data or we are legally obliged to do so.

Right to information

You have the right to request confirmation as to whether we process personal data concerning you. If this is the case, you have the right to information about the information specified in Sections 25 et seq. DSG or Art. 15 Para. 1 GDPR, provided that the information cannot be refused, restricted or postponed by the owner of the data collection (cf. Art. 26 et seq. DSG or Art. 15 Para. 4 GDPR). We will also be happy to provide you with a copy of the data.

Right to rectification

According to Art. 32 Para. 1 DSG or Art. 16 GDPR, you have the right to request that incorrectly stored personal data (such as address, name, etc.) be corrected, provided that this claim does not conflict with any legal obligation. You can also request that the data stored by us be completed at any time. The corresponding adjustment will be made immediately.

Right to erasure

According to Art. 17 Para. 1 GDPR, you have the right to have us delete the personal data collected about you if the data is either no longer required; the legal basis for processing has ceased to apply due to the revocation of your consent; there are no longer any legitimate reasons for processing; your data is being processed unlawfully; or a legal obligation requires this. According to Art. 17 Para. 3 GDPR, this right does not exist if processing is necessary to exercise the right to freedom of expression and information; your data was collected on the basis of a legal obligation; processing is necessary for reasons of public interest; or the data is necessary to assert, exercise or defend legal claims.

Right to restriction of processing

According to Art. 18 Para. 1 GDPR, you have the right in individual cases to request that the processing of your personal data be restricted.

This is the case if you contest the accuracy of the personal data; the processing is unlawful and you do not consent to deletion; the data is no longer required for the purpose of processing, but the data collected is used to assert, exercise or defend legal claims; an objection to the processing has been lodged in accordance with Art. 21 Para. 1 GDPR and it is still unclear which interests prevail.

Right of withdrawal

If you have given us your express consent to process your personal data (Art. 6 Para. 6 DSG and Art. 31 Para. 1 DSG; Art. 6 Para. 1 lit. a GDPR or Art. 9 Para. 2 lit. a GDPR), you can revoke this consent at any time. Please note that this does not affect the legality of the processing carried out on the basis of the consent until the revocation. Information that we are legally obliged to retain will be deleted after the deadline has expired.

Right to object

According to Art. 21 GDPR, you have the right to object at any time to the processing of personal data concerning you that has been collected on the basis of Art. 6 Paragraph 1 Letter f GDPR (within the scope of a legitimate interest). If you have given us your express consent to process your personal data (Art. 6 Paragraph 6 DSG and Art. 31 Paragraph 1 DSG), you can revoke this consent at any time. Please note that this does not affect the legality of the processing carried out on the basis of the consent until the revocation. You only have this right if there are special circumstances that speak against the storage and processing. Information that we are legally obliged to retain will be deleted after the deadline has expired.

How do you exercise your rights?

You can exercise your rights at any time by contacting the contact details below:

Eat Unique GmbH
Birsigstrasse 109
4054 Basel
Switzerland

Email: hello@eatunique.ch
Phone: +41 76 320 22 77

Right to data portability

According to Art. 20 GDPR, you have the right to have the personal data concerning you transmitted to us. We will provide the data in a structured, common and machine-readable format. The data can be sent either to you or to a person responsible named by you.

We will provide you with the following data upon request:

Data collected on the basis of consent (Art. 31 Para. 1 DSG and Art. 6 Para. 1 Letter a GDPR); data that we have received from you within the framework of existing contracts (Art. 31 Para. 2 Letter a DSG and Art. 6 Para. 1 Letter b GDPR and Art. 9 Para. 2 Letter a GDPR);

Data that has been processed as part of an automated procedure.

We will transfer the personal data directly to a responsible party of your choice, provided this is technically feasible. Please note that we are not permitted to transfer data that interferes with the overriding interests of third parties, or are only permitted to do so to a limited extent, in accordance with Art. 26 Para. 1 Letter b of the Data Protection Act or Art. 20 Para. 4 of the GDPR.

Notifications to the FDPIC and possibility of legal action

According to Art. 49 DSG, affected persons can file a complaint with the supervisory authority if there are sufficient indications that data processing could violate data protection regulations. The supervisory authority for data protection in Switzerland is the Federal Data Protection and Information Commissioner (FDPIC).

For further information, please use the contact form of the FDPIC: https://www.edoeb.admin.ch/edoeb/de/home/deredoeb/kontakt.html

If you suspect that your data is being processed unlawfully on our website, you can seek judicial clarification of the issue in accordance with Art. 32 DSG. As a rule, this can be done by filing a lawsuit in accordance with Art. 28 ff. of the Swiss Civil Code. If you are affected by the processing of your data by federal bodies, the procedure is governed by Art. 41 DSG. In this case, too, you can contact the FDPIC (see reference to the contact form above).

Right to lodge a complaint with the supervisory authority pursuant to Art. 77 Para. 1 GDPR

If you suspect that your data is being processed unlawfully on our website, you can of course seek judicial clarification of the issue at any time. In addition, any other legal option is open to you. Irrespective of this, you have the option of contacting a supervisory authority in accordance with Art. 77 Paragraph 1 GDPR. You have the right to lodge a complaint in accordance with Art. 77 GDPR in the EU member state of your residence, your place of work and/or the place of the alleged violation, i.e. you can choose the supervisory authority to contact from the locations mentioned above. The supervisory authority to which the complaint was submitted will then inform you of the status and results of your submission, including the possibility of a legal remedy in accordance with Art. 78 GDPR.

Questions to the Data Protection Officer

If you have any questions about data protection, please send us an email or contact the person responsible for data protection in our organization listed at the beginning of the data protection declaration.

Basel, 29.02.2024
Source: https://www.legally-ok.com/

Country/region

Language

Privacy & Security

Imprint

Data protection