Privacy policy
Privacy policy
Thank you for visiting our website eatunique.ch and for your interest in our company.
The protection of your personal data, such as date of birth, name, telephone number, address, etc., is important to us.
The purpose of this privacy policy is to inform you about the processing of your personal data that we collect when you visit our website. Our data protection practices comply with the statutory provisions of the Swiss Federal Act on Data Protection (FADP) and the EU General Data Protection Regulation (GDPR). The following privacy policy serves to fulfil the information obligations arising from the FADP and the GDPR. These can be found, for example, in Art. 19 ff. DSG and Art. 13 ff. of the GDPR.
Owner or controller
The controller within the meaning of Art. 5(j) FADP and Art. 4(7) GDPR is the person who alone or jointly with others determines the purposes and means of the processing of personal data. The controller pursuant to Art. 4 No. 7 GDPR is also the recipient of the personal data within the meaning of Art. 4 No. 9 GDPR. Any third-party recipients are identified separately.
With regard to our website, the owner or controller is
Eat Unique GmbH
Birsigstrasse 109
4054 Basel
Switzerland
E-mail: hallo@eatunique.ch
Phone: +41 76 320 22 77
Provision of the website and creation of log files
Each time our website is accessed, our system automatically collects data and information from the device accessing it (e.g. computer, mobile phone, tablet, etc.).
What personal data is collected and to what extent is it processed?
(1) Information about the browser type and version used;
(2) The operating system of the accessing device;
(3) Host name of the accessing computer;
(4) The IP address of the accessing device;
(5) Date and time of access;
(6) Websites and resources (images, files, other page content) that were accessed on our website;
(7) Websites from which the user's system reached our website (referrer tracking); (8) Notification of whether the retrieval was successful;
(9) Amount of data transferred
This data is stored in the log files of our system. This data is not stored together with the personal data of a specific user, so that individual site visitors cannot be identified.
Legal basis for the processing of personal data
Personal data is processed in accordance with the principle of lawfulness (Art. 6 para. 1 FADP) and the principle of good faith (Art. 6 para. 2 FADP and Art. 2 CC) as well as Art. 6 para. 1 lit. f GDPR (legitimate interest).
Purpose of the data processing
The temporary (automated) storage of data is necessary for the course of a website visit in order to enable the website to be delivered. Personal data is also stored and processed to maintain the compatibility of our website for as many visitors as possible and to combat misuse and troubleshooting. For this purpose, it is necessary to log the technical data of the accessing computer in order to be able to react as early as possible to display errors, attacks on our IT systems and/or errors in the functionality of our website. We also use the data to optimise the website and to generally ensure the security of our IT systems.
Duration of storage
The aforementioned technical data is deleted as soon as it is no longer required to ensure the compatibility of the website for all visitors, but no later than 3 months after our website is accessed.
Restriction, objection, rectification and erasure options
You can request the restriction of processing in accordance with Art. 18 GDPR or object to processing in accordance with Art. 21 GDPR and request the rectification or erasure of data in accordance with Art. 16 or 17 GDPR at any time. You can find out which rights you are entitled to and how to assert them at the bottom of this privacy policy.
Special functions of the website
Our website offers you various functions that collect, process and store personal data when you use them. We explain below what happens to this data:
Order form
What personal data is collected and to what extent is it processed?
The data you enter in the form fields, e.g. address, surname, first name, etc., will be processed by us to fulfil the purpose stated below.
Legal basis for the processing of personal data
Personal data is processed in accordance with the principle of lawfulness (Art. 6 para. 1 FADP) and the requirement of good faith (Art. 6 para. 2 FADP and Art. 2 Swiss Civil Code) and Art. 6 para. 1 let. b GDPR (implementation of (pre)contractual measures).
Purpose of the data processing
The purpose of data processing is to process your order so that we can fulfil or initiate the contract concluded with you.
Duration of storage
The data is deleted as soon as it is no longer required for processing the order and there are no longer any statutory retention obligations. As a rule, the legislator stipulates a retention period of 10 years.
Objection, processing, correction and deletion options
You can restrict processing at any time in accordance with Art. 18 GDPR, object to processing in accordance with Art. 21 GDPR and request the rectification or erasure of data in accordance with Art. 16 or 17 GDPR. You can find out which rights you are entitled to and how to assert them at the bottom of this privacy policy.
Necessity of providing personal data
The information in the order form is required to conclude a contract. If you do not fill in the mandatory fields or do not fill them in completely, the order you have requested cannot be processed.
Contact form(s)
What personal data is collected and to what extent is it processed?
The data entered by you in our contact forms, which you have entered in the input mask of the contact form.
Legal basis for the processing of personal data
Personal data is processed in accordance with the principle of lawfulness (Art. 6 para. 1 FADP) and the requirement of good faith (Art. 6 para. 2 FADP and Art. 2 Swiss Civil Code) and Art. 6 para. 1 lit. a GDPR (consent by unambiguous affirmative action or behaviour).
Purpose of the data processing
We will only use the data collected via our contact form or via our contact forms to process the specific contact enquiry received via the contact form. Please note that we may also send you emails to the address provided in order to fulfil your contact request. The purpose of this is so that you can receive confirmation from us that your enquiry has been forwarded to us correctly. However, sending this confirmation e-mail is not mandatory for us and is only for your information.
Duration of storage
Once your enquiry has been processed, the data collected will be deleted immediately, provided there are no statutory retention periods.
Restriction, objection, rectification and erasure options
You can request the restriction of processing in accordance with Art. 18 GDPR or object to processing in accordance with Art. 21 GDPR and request the rectification or erasure of data in accordance with Art. 16 or 17 GDPR at any time. You can find out which rights you are entitled to and how to assert them at the bottom of this privacy policy.
Necessity of providing personal data
The contact forms are used on a voluntary basis. You are not obliged to contact us via the contact form, but can also use the other contact options provided on our website. If you wish to use our contact form, you must complete the fields labelled as mandatory. If you do not complete the required information on the contact form, you will either not be able to send the enquiry or we will not be able to process your enquiry due to a lack of information.
Login area / Registration
Scope of the processing of personal data and personal data collected
The registration and login data entered by you or provided to you.
Legal basis for the processing of personal data
Personal data is processed in accordance with the principle of lawfulness (Art. 6 para. 1 FADP) and the principle of good faith (Art. 6 para. 2 FADP and Art. 2 CC) and Art. 6 para. 1 lit. b GDPR (implementation of (pre)contractual measures).
Purpose of the data processing
You have the option of using a separate login area on our website. So that we can check your authorisation to use the protected area or the protected documents, you must enter your login data (e-mail or user name and password) in the corresponding form. If required, we can send you your login details or the option to reset your password by e-mail on request.
Duration of storage
The data collected will be stored for as long as you maintain a user account with us.
Restriction, objection, correction and deletion options
You can request the restriction of processing in accordance with Art. 18 GDPR or object to processing in accordance with Art. 21 GDPR and request the rectification or erasure of data in accordance with Art. 16 or 17 GDPR at any time. You can find out which rights you are entitled to and how to assert them at the bottom of this privacy policy.
Necessity of providing personal (PII) data
Certain pages and their content are not publicly accessible. Certain users can gain access to the protected area via the login area on our website. It is not possible to use the content protected by the login area without entering personal data. If you wish to use our login area, you must complete the fields labelled as mandatory (user name and password). The entry of the data requires the existence of a user account. It is not possible to log in if the data you have entered is incorrect. If you enter the data incorrectly or not at all, the protected area cannot be used. However, the rest of the site can still be used without logging in.
Newsletter registration form
What personal data is collected and to what extent is it processed?
When you register for the newsletter on our website, we receive the email address you enter in the registration field and, if applicable, other contact details if you provide them to us via the newsletter registration form.
Legal basis for the processing of personal data
Personal data is processed in accordance with the principle of lawfulness (Art. 6 para. 1 FADP) and the principle of good faith (Art. 6 para. 2 FADP and Art. 2 Swiss Civil Code) and Art. 6 para. 1 lit. a GDPR (consent by clear affirmative action or behaviour).
Purpose of the data processing
The data entered in the registration form for our newsletter will be used by us exclusively for sending our newsletter, in which we provide information about all our services and news. After you have registered, we will send you a confirmation e-mail containing a link that you must click in order to complete your registration for our newsletter (double opt-in). By doing so, you give your consent to data processing in accordance with Art. 6 para. 6 FADP.
Duration of storage
You can unsubscribe from our newsletter at any time by clicking on the unsubscribe link, which is also included in every newsletter. Your data will be deleted by us immediately after you unsubscribe, provided there are no statutory retention obligations. We will also delete your data immediately if you do not complete your registration. We reserve the right to delete your data without giving reasons and without prior or subsequent information.
Restriction, objection, correction and deletion options
You can request the restriction of processing in accordance with Art. 18 GDPR or object to processing in accordance with Art. 21 GDPR and request the rectification or erasure of data in accordance with Art. 16 or 17 GDPR at any time. You can find out which rights you are entitled to and how to assert them at the bottom of this privacy policy.
Necessity of providing personal data
If you would like to use our newsletter, you must complete the fields labelled as mandatory and confirm your email address by clicking on the double opt-in link. The newsletter registration details are necessary in order to be able to make use of the newsletter offer. The information is used exclusively for sending our newsletter. If you do not complete the mandatory fields, we will not be able to provide you with our newsletter service.
Disclosure of information to third parties
Personal data is processed in accordance with the principle of lawfulness (Art. 6 para. 1 FADP) and the principle of good faith (Art. 6 para. 2 FADP and Art. 2 Swiss Civil Code).
The disclosure of data to third parties depends on the scope of the activities or offers of our website or our business model described below.
In principle, we only keep your data for as long as necessary and treat it confidentially. Exceptions to this are the transfer of personal data to debt collection service providers, to public bodies and authorities as well as to private individuals who are entitled to it due to legal provisions, court decisions or official orders as well as the transfer to authorities for the purpose of initiating legal proceedings or for criminal prosecution purposes if our legally protected rights are attacked.
Statistical analysis of visits to this website - web tracker
We collect, process and store the following data when this website or individual files on the website are accessed IP address, website from which the file was retrieved, name of the file, date and time of retrieval, amount of data transferred and notification of the success of the retrieval (so-called web log). We use this access data exclusively in a non-personalised form for the continuous improvement of our website and for statistical purposes.
Any personal data is processed in accordance with the principle of lawfulness (Art. 6 para. 1 FADP) and the principle of good faith (Art. 6 para. 2 FADP and Art. 2 Swiss Civil Code). We also use the following web trackers to analyse visits to this website
Custom Audiences
We use the Custom Audiences service of Meta Platforms Ireland Ltd, Merrion Road, D04 X2K5 Dublin 4, Ireland, e-mail: impressum-support@support.facebook.com, website: https://facebook.com/ on our website. According to the assessment of Swiss authorities, the processing takes place in secure third countries. The list of countries in Switzerland and further information can be found at the following link
https://www.edoeb.admin.ch/edoeb/de/home/datenschutz/handel-und-wirtschaft/uebermittlung-ins-ausland.html. Personal data is also transferred to the USA. With regard to the transfer of personal data to the USA, there is an adequacy decision on the EU-US Data Privacy Framework of the EU Commission within the meaning of Art. 45 GDPR (hereinafter: DPF - https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60- be03fcb0fddf_en ). The operator of the service is certified under the DPF, so that the usual level of protection of the GDPR applies to the transfer.
The legal basis for the transfer of personal data is your consent in accordance with Art. 6 para. 6 GDPR or Art. 31 para. 2 GDPR and Art. 6 para. 1 lit. a GDPR or Art. 9 para. 2 lit. a GDPR, which you have given on our website.
Facebook Custom Audience is an advertising tool from Facebook that can be used to target advertising campaigns to site visitors.
You can access the certification of the parent company within the framework of the EU-US Data Privacy Framework at https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt0000000GnywAAC.
You can withdraw your consent at any time. You can find more information on revoking your consent either in the consent itself or at the end of this privacy policy.
Further information on the handling of the transferred data can be found in the provider's privacy policy at https://www.facebook.com/about/privacy.
The provider also offers an opt-out option at https://www.facebook.com/about/privacy
Facebook Connect
We use the Facebook Connect service provided by Meta Platforms Ireland Ltd, Merrion Road, D04 X2K5 Dublin 4, Ireland, email: impressum-support@support.facebook.com, website: https://www.facebook.com/ on our website. According to the assessment of Swiss authorities, the processing takes place in secure third countries. The list of countries in Switzerland and further information can be found at the following link https://www.edoeb.admin.ch/edoeb/de/home/datenschutz/handel-und-wirtschaft/uebermittlung-ins-ausland.html. Personal data is also transferred to the USA. With regard to the transfer of personal data to the USA, there is an adequacy decision on the EU-US Data Privacy Framework of the EU Commission within the meaning of Art. 45 GDPR (hereinafter: DPF - https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60- be03fcb0fddf_en ). The operator of the service is certified under the DPF, so that the usual level of protection of the GDPR applies to the transfer.
The legal basis for the transfer of personal data is your consent in accordance with Art. 6 para. 6 FADP or Art. 31 para. 2 FADP and Art. 6 para. 1 lit. a GDPR or Art. 9 para. 2 lit. a GDPR, which you have given on our website.
Facebook Connect allows users to use their Facebook profile to simplify login to other web services.
You can view the certification under the EU-US Data Privacy Framework at
https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt0000000GnywAAC.
You can withdraw your consent at any time. You can find more information on revoking your consent either in the consent itself or at the end of this privacy policy.
Further information on the handling of the transferred data can be found in the provider's privacy policy at https://www.facebook.com/about/privacy.
The provider also offers an opt-out option at https://www.facebook.com/about/privacy
Google
We use the Google service provided by Google Ireland Limited, Gordon House, Barrow Street, 4 Dublin, Ireland, e-mail: support-deutschland@google.com, website: https://www.google.com/ on our website. According to the assessment of Swiss authorities, the processing takes place in secure third countries. The list of countries in Switzerland and further information can be found at the following link
https://www.edoeb.admin.ch/edoeb/de/home/datenschutz/handel-und-wirtschaft/uebermittlung-ins-ausland.html. Personal data is also transferred to the USA. With regard to the transfer of personal data to the USA, there is an adequacy decision on the EU-US Data Privacy Framework of the EU Commission within the meaning of Art. 45 GDPR (hereinafter: DPF - https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60- be03fcb0fddf_en ). The operator of the service is certified under the DPF, so that the usual level of protection of the GDPR applies to the transfer.
The legal basis for the transfer of personal data is your consent in accordance with Art. 6 para. 6 DSG or Art. 31 para. 2 DSG and Art. 6 para. 1 lit. a DSGVO or Art. 9 para. 2 lit. a DSGVO, which you have given on our website.
We use Google to be able to load additional Google services on the website. The service is used to provide other Google services, such as the required data processing for the provision of streams and fonts and relevant Google search content. It is technically required in order to be able to exchange the site visitor's information already available to Google between the Google services and to be able to provide the site visitor with customised content adapted to their Google account.
The service or we collect the following data for processing: Background data stored in the Google user account or with other Google services about the site visitor, background data for the provision of Google services such as streaming data or advertising data, data about the site user's interaction with Google search, information about the end device used, the IP address and the user's browser and other data from Google services for the provision of Google services related to our website.
If the service is activated on our website, our website establishes a connection to the servers of Google Ireland Limited and transmits the required data. As part of order processing, personal data may also be transmitted to the servers of Google LLC, 1600 Amphitheatre Parkway, 94043 Mountain View, United States. When using the Google service on our website, Google may transmit and process information from other Google services in order to provide background services for the display and data processing of the services provided by Google. For this purpose, data may also be transferred to the Google services Google Apis, Doubleclick, Google Cloud, Google Ads and Google Fonts in accordance with the Google Privacy Policy. You can access the certification under the EU-US Data Privacy Framework at https://www.dataprivacyframework.gov/s/participant-search/participant-detail? id=a2zt000000001L5AAI&status=Active.
You can withdraw your consent at any time. You can find more information on revoking your consent either in the consent itself or at the end of this privacy policy.
Further information on the handling of the transferred data can be found in the provider's privacy policy at https://policies.google.com/privacy.
The provider also offers an opt-out option at https://support.google.com/My-Ad-Center-Help/answer/12155451?hl=de.
Google Ads
We use the Google Ads service provided by Google Ireland Limited, Gordon House, Barrow Street, 4 Dublin, Ireland, e-mail: support-deutschland@google.com, website: https://www.google.com/ on our website. According to the assessment of Swiss authorities, the processing takes place in secure third countries. The list of countries in Switzerland and further information can be found at the following link
https://www.edoeb.admin.ch/edoeb/de/home/datenschutz/handel-und-wirtschaft/uebermittlung-ins-ausland.html. Personal data is also transferred to the USA. With regard to the transfer of personal data to the USA, there is an adequacy decision on the EU-US Data Privacy Framework of the EU Commission within the meaning of Art. 45 GDPR (hereinafter: DPF - https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60- be03fcb0fddf_en ). The operator of the service is certified under the DPF, so that the usual level of protection of the GDPR applies to the transfer.
The legal basis for the transfer of personal data is your consent in accordance with Art. 6 para. 6 GDPR or Art. 31 para. 2 GDPR and Art. 6 para. 1 lit. a GDPR or Art. 9 para. 2 lit. a GDPR, which you have given on our website.
Google Ads is an advertising system with which we can place adverts on external websites on the Internet to inform our customers about our services. Google Ads displays adverts on external websites that are individually tailored to our clientele and lead to our website according to parameters set by us. If the site visitor clicks on the Google Ads advert, they are taken to our website. In order to be able to measure the success and remuneration of Google Ads advertisements, Google Ads measures the success of the advertising measure when our website is accessed. Our website processes the data provided by Google Ads in order to be able to analyse and improve our advertising measures and to calculate any remuneration that may be due.
The service or we collect the following data for processing: Data on the advertising interests of site visitors, interactions of site visitors with adverts relating to our website, data on visits to our website by site visitors who have previously clicked on Google Ads adverts and reached our website, data on the end device used, the IP address and browser of the user and other data from Google services for the provision and refinement of Google adverts relating to our website.
If the service is activated on our website, our website establishes a connection to the servers of Google Ireland Limited and transmits the required data. As part of order processing, personal data may also be transmitted to the servers of Google LLC, 1600 Amphitheatre Parkway, 94043 Mountain View, United States. When Google Ads are used on our website, Google may transmit and process information from other Google services in order to provide background services for the improvement and individualisation of Google advertising. For this purpose, data may also be processed by other Google services such as Google Apis, Google Cloud, Google Ads, Google Analytics, Google Tag Manager, Google Marketing Platform and Google Fonts in accordance with the Google Privacy Policy under Google's own data protection responsibility. You can access the certification under the EU US Data Privacy Framework at https://www.dataprivacyframework.gov/s/participant-search/participant detail?id=a2zt000000001L5AAI&status=Active.
You can revoke your consent at any time. You can find more information on revoking your consent either in the consent itself or at the end of this privacy policy.
Further information on the handling of the transferred data can be found in the provider's privacy policy at https://policies.google.com/privacy.
The provider also offers an opt-out option at https://support.google.com/My-Ad-Center-Help/answer/12155451?hl=de.
Google Analytics
Scope of the processing of personal data
On our website we use the web tracking service of Google Ireland Ltd, Gordon House, Barrow Street, 4 Dublin, Ireland, e-mail: support-deutschland@google.com, website: https://www.google.com/ (hereinafter: Google Analytics). As part of web tracking, Google Analytics uses cookies that are stored on your computer and that enable an analysis of the use of our website and your surfing behaviour (so-called tracking). We carry out this analysis on the basis of the Google Analytics tracking service in order to constantly optimise our website and make it more accessible. When you use our website, data, in particular your IP address and your user activities, are transmitted to servers of Google Ireland Limited. We carry out this analysis on the basis of Google's tracking service in order to constantly optimise our website and make it more accessible. We also require web tracking for security reasons. Web tracking allows us to track whether third parties are attacking our website. The information from the web tracker enables us to take effective countermeasures and protect the personal data we process from these cyber attacks. By activating IP anonymisation within the Google Analytics tracking code of this website, your IP address is anonymised by Google Analytics before transmission. This website uses a Google Analytics tracking code that has been extended by the operator gat._anonymizeIp(); to enable only anonymised collection of IP addresses (so-called IP masking).
Legal basis for the processing of personal data
The legal basis for data processing is your consent in our information banner regarding the use of cookies and web tracking (consent through clear confirmatory action or behaviour) in accordance with Art. 13 para. 1 FADP and Art. 6 para. 1 lit. a GDPR.
Purpose of the data processing
Google will use this information on our behalf to analyse your visit to this website, to compile reports on website activity and to provide us with other services relating to website activity and internet usage. We also require web tracking for security reasons. Web tracking enables us to track whether third parties are attacking our website. The information from the web tracker enables us to take effective countermeasures and protect the personal data we process from these cyberattacks.
Duration of storage
Google will store the data relevant for the provision of web tracking for as long as it is necessary to fulfil the booked web service. Data collection and storage is anonymised. If there is any personal reference, the data will be deleted immediately, provided that it is not subject to any statutory retention obligations. In any case, the deletion takes place after expiry of the retention obligation.
Objection and deletion options
You can prevent the collection and forwarding of personal data to Google (in particular your IP address) and the processing of this data by Google by deactivating the execution of script code in your browser or activating the "Do Not Track" setting in your browser. You can also prevent Google from collecting the data generated by the Google cookie and relating to your use of the website (including your IP address) and from processing this data by Google by downloading and installing the browser plug-in available at the following link (http://tools.google.com/dlpage/gaoptout?hl=de). You can find Google's security and data protection principles at https://policies.google.com/privacy.
Google Tag Manager
What personal data is collected and to what extent is it processed?
On our website, we use the Google Tag Manager service provided by Google Ireland Ltd, Gordon House, Barrow Street, 4 Dublin, Ireland, e-mail: support-deutschland@google.com, website:
https://www.google.com/ (hereinafter: Google Tag Manager). Google Tag Manager provides a technical platform for executing and controlling other web services and web tracking programmes in a bundled manner by means of so-called "tags". In this context, Google Tag Manager stores cookies on your computer and, if web tracking tools are executed using Google Tag Manager, analyses your surfing behaviour (so-called "tracking"). This data sent by individual tags integrated into Google Tag Manager is merged, stored and processed by Google Tag Manager under a standardised user interface. All integrated "tags" are listed separately in this privacy policy. You can find more information on data protection for the tools integrated in Google Tag Manager in the relevant section of this privacy policy. When using our website with activated integration of Google Tag Manager tags, data such as your IP address and your user activities are transmitted to servers of Google Ireland Limited. With regard to the web services integrated via Google Tag Manager, the regulations in the respective section of this privacy policy apply. The tracking tools used in Google Tag Manager ensure that the IP address is anonymised by Google Tag Manager before transmission by anonymising the IP address in the source code. Google Tag Manager only enables the anonymised collection of IP addresses (so-called IP masking).
Legal basis for the processing of personal data
The legal basis for data processing is your consent in our information banner regarding the use of cookies and web tracking (consent through clear confirmatory action or behaviour) in accordance with Art. 13 para. 1 FADP and Art. 6 para. 1 lit. a GDPR.
Purpose of the data processing
On our behalf, Google will use the information obtained via Google Tag Manager to analyse your visit to this website, to compile reports on website activity and to provide us with other services relating to website activity and internet usage.
Duration of storage
Google will store the data relevant to the function of Google Tag Manager for as long as is necessary to fulfil the booked web service. Data collection and storage is anonymised. If there is any personal reference, the data will be deleted immediately, provided that it is not subject to any statutory retention obligations. In any case, the deletion takes place after expiry of the retention obligation.
Objection and deletion options
You can prevent the collection and forwarding of personal data to Google (in particular your IP address) and the processing of this data by Google by deactivating the execution of script code in your browser, installing a script blocker in your browser or activating the "Do Not Track" setting in your browser. You can also prevent Google from collecting the data generated by the Google cookie and relating to your use of the website (including your IP address) and from processing this data by Google by downloading and installing the browser plug-in available at the following link https://tools.google.com/dlpage/gaoptout?hl=de. You can find Google's security and data protection principles at https://policies.google.com/privacy.
Gstatic
We use the Gstatic service provided by Google Ireland Limited, Gordon House, Barrow Street, 4 Dublin, Ireland, e-mail: support-deutschland@google.com, website: https://www.google.com/ on our website. According to the assessment of Swiss authorities, the processing takes place in secure third countries. The list of countries in Switzerland and further information can be found at the following link
https://www.edoeb.admin.ch/edoeb/de/home/datenschutz/handel-und-wirtschaft/uebermittlung-ins-ausland.html. Personal data is also transferred to the USA. With regard to the transfer of personal data to the USA, there is an adequacy decision on the EU-US Data Privacy Framework of the EU Commission within the meaning of Art. 45 GDPR (hereinafter: DPF - https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60- be03fcb0fddf_en ). The operator of the service is certified under the DPF, so that the usual level of protection of the GDPR applies to the transfer.
The legal basis for the transfer of personal data is your consent in accordance with Art. 6 para. 6 GDPR or Art. 31 para. 2 GDPR and Art. 6 para. 1 lit. a GDPR or Art. 9 para. 2 lit. a GDPR, which you have given on our website.
Gstatic is a background service used by Google to retrieve static content in order to reduce bandwidth usage and load required catalogue files in advance. In particular, the service loads background data for Google Fonts and Google Maps.
As part of order processing, personal data may also be transmitted to the servers of Google LLC, 1600 Amphitheatre Parkway, 94043 Mountain View, United States. You can view the certification under the EU-US Data Privacy Framework at
https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt000000001L5AAI&status=Active.
You can withdraw your consent at any time. You can find more information on revoking your consent either in the consent itself or at the end of this privacy policy.
Further information on the handling of the transferred data can be found in the provider's privacy policy at https://policies.google.com/privacy.
The provider also offers an opt-out option at https://support.google.com/My-Ad-Center-Help/answer/12155451?hl=de.
klaviyo
We use the klaviyo service provided by Klaviyo, Inc, 125 Summer St Floor 7 , 02110 Boston, United States, e-mail: privacy@klaviyo.com, website: https://www.klaviyo.com/ on our website. Your personal data is transferred to so-called insecure third countries that do not guarantee adequate data protection through their legislation. Your data will only be passed on if suitable data protection is guaranteed. This can be guaranteed in particular by
international treaties
data protection clauses in a contract between the controller or processor and their contractual partner, which have been communicated to the FDPIC in advance
specific safeguards drawn up by the competent federal body and notified in advance to the FDPIC standard data protection clauses approved, issued or recognised in advance by the FDPIC or binding corporate rules on data protection approved in advance by the FDPIC or by a data protection authority of a state that guarantees adequate protection
If such guarantees are not in place, your data may only be disclosed if you have given your consent, the disclosure is directly related to the conclusion or fulfilment of a contract, or the disclosure is necessary to enforce claims before courts and authorities or to protect public interests. Personal data is also transferred to the USA. With regard to the transfer of personal data to the USA, there is an adequacy decision on the EU-US Data Privacy Framework of the EU Commission within the meaning of Art. 45 GDPR (hereinafter: DPF -
https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en ). The operator of the service is certified under the DPF, so that the usual level of protection of the GDPR applies to the transfer.
The legal basis for the transfer of personal data is your consent pursuant to Art. 6 para. 6 GDPR or Art. 31 para. 2 GDPR and pursuant to Art. 6 para. 1 lit. a GDPR or Art. 9 para. 2 lit. a GDPR, which you have given on our website.
The service enables us to collect and analyse customer data and use it to contact our customers in a targeted manner by sending e-mails about price discounts, e-mails with updates on the dispatch of ordered goods or abandoned shopping cart e-mails, among other things.
You can view the certification under the EU-US Data Privacy Framework at
https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt00000012uf9AAA.
You can revoke your consent at any time. You can find more information on revoking your consent either in the consent itself or at the end of this privacy policy.
Further information on the handling of the transferred data can be found in the provider's privacy policy at https://www.klaviyo.com/legal/privacy-notice.
Integration of external web services and processing of data outside the EU
We use active content from external providers, so-called web services, on our website. By accessing our website, these external providers may receive personal information about your visit to our website. Data may be processed outside of Switzerland and the EU. You can prevent this by installing an appropriate browser plugin or deactivating the execution of scripts in your browser. This may result in functional restrictions on websites that you visit.
We use the following external web services:
Amazon AWS
We use the Amazon AWS service of Amazon Web Services EMEA SARL, 38 Avenue John F. Kennedy, 1855 Luxembourg, Luxembourg, e-mail: privacyshield@amazon.com, website: https://aws.amazon.com/. According to the Swiss authorities, the processing takes place in secure third countries. The list of countries in Switzerland and further information can be found at the following link https://www.edoeb.admin.ch/edoeb/de/home/datenschutz/handel-und-wirtschaft/uebermittlung-ins-ausland.html. Personal data is also transferred to the USA. With regard to the transfer of personal data to the USA, there is an adequacy decision on the EU-US Data Privacy Framework of the EU Commission within the meaning of Art. 45 GDPR (hereinafter: DPF - https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60- be03fcb0fddf_en ). The operator of the service is certified under the DPF, so that the usual level of protection of the GDPR applies to the transfer.
The legal basis for the transfer of personal data is our legitimate interest in processing in accordance with Art. 6 para. 1 lit. f GDPR. Our legitimate interest lies in achieving the purpose described below.
Amazon AWS is a cloud computing service from Amazon that is used to load our website or individual elements of our website. The separate AWS cloud enables us to download our website and its services from faster servers.
With regard to processing, you have the right to object as set out in Art. 21 GDPR. Further information can be found at the end of this privacy policy.
Further information on the handling of the transferred data can be found in the provider's privacy policy at https://aws.amazon.com/de/privacy/?nc1=f_pr
CloudFlare
We use the CloudFlare service from Cloudflare, Inc, 101 Townsend St, 94107 San Francisco, United States, email: support@cloudflare.com, website: https://www.cloudflare.com/de-de/ on our website. Your personal data is transferred to so-called insecure third countries that do not guarantee adequate data protection through their legislation. Your data will only be passed on if suitable data protection is guaranteed. This can be guaranteed in particular by
international treaties
data protection clauses in a contract between the controller or processor and their contractual partner, which have been communicated to the FDPIC in advance
specific safeguards drawn up by the competent federal body and notified in advance to the FDPIC standard data protection clauses approved, issued or recognised in advance by the FDPIC or binding corporate rules on data protection approved in advance by the FDPIC or by a data protection authority of a state that guarantees adequate protection
If such guarantees are not in place, your data may only be disclosed if you have given your consent, the disclosure is directly related to the conclusion or fulfilment of a contract, or the disclosure is necessary to enforce claims before courts and authorities or to protect public interests. Personal data is also transferred to the USA. With regard to the transfer of personal data to the USA, there is an adequacy decision on the EU-US Data Privacy Framework of the EU Commission within the meaning of Art. 45 GDPR (hereinafter: DPF - https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en ). The operator of the service is certified under the DPF, so that the usual level of protection of the GDPR applies to the transfer.
The legal basis for the transfer of personal data is our legitimate interest in processing in accordance with Art. 6 para. 1 lit. f GDPR. Our legitimate interest lies in achieving the purpose described below.
Cloudflare is a content delivery network that provides security functions in addition to distributing the website across several servers. Cloudflare also acts as a reverse proxy for our website.
You can view the certification under the EU-US Data Privacy Framework at
https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt0000000GnZKAA0.
With regard to processing, you have the right to object as set out in Art. 21 GDPR. Further information can be found at the end of this privacy policy.
Further information on the handling of the transferred data can be found in the provider's privacy policy at https://www.cloudflare.com/privacypolicy/.
Google Cloud APIs
We use the Google Cloud APIs service provided by Google Ireland Limited, Gordon House, Barrow Street, 4 Dublin, Ireland, e-mail: support-deutschland@google.com, website: https://www.google.com/. According to the assessment of Swiss authorities, the processing takes place in secure third countries. The list of countries in Switzerland and further information can be found at the following link
https://www.edoeb.admin.ch/edoeb/de/home/datenschutz/handel-und-wirtschaft/uebermittlung-ins-ausland.html. Personal data is also transferred to the USA. With regard to the transfer of personal data to the USA, there is an adequacy decision on the EU-US Data Privacy Framework of the EU Commission within the meaning of Art. 45 GDPR (hereinafter: DPF - https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60- be03fcb0fddf_en ). The operator of the service is certified under the DPF, so that the usual level of protection of the GDPR applies to the transfer.
The legal basis for the transfer of personal data is your consent in accordance with Art. 6 para. 6 DSG or Art. 31 para. 2 DSG and Art. 6 para. 1 lit. a DSGVO or Art. 9 para. 2 lit. a DSGVO, which you have given on our website.
We use Google APIs to be able to load additional Google services on the website. Google Apis is a collection of interfaces for communication between the various Google services used on your website. The service is used in particular to display Google Fonts fonts and to provide the Google Maps map.
The service or we collect the following data for processing: IP address
If the service is activated on our website, our website establishes a connection to the servers of Google Ireland Limited and transmits the required data. As part of order processing, personal data may also be transmitted to the servers of Google LLC, 1600 Amphitheatre Parkway, 94043 Mountain View, United States. When using the Google service on our website, Google may transmit and process information from other Google services in order to provide background services for the display and data processing of the services provided by Google. For this purpose, data may also be transferred to the Google services Google Cloud, Google Maps, Google Ads and Google Fonts in accordance with the Google data protection declaration under the data protection responsibility of Google. You can view the certification under the EU-US Data Privacy Framework at
https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt000000001L5AAI&status=Active.
You can withdraw your consent at any time. You can find more information on revoking your consent either in the consent itself or at the end of this privacy policy.
Further information on the handling of the transferred data can be found in the provider's privacy policy at https://policies.google.com/privacy.
The provider also offers an opt-out option at https://support.google.com/My-Ad-Center-Help/answer/12155451?hl=de.
Google Fonts
We use the Google Fonts service provided by Google Ireland Limited, Gordon House, Barrow Street, 4 Dublin, Ireland, email: support-deutschland@google.com, website: https://www.google.com/ on our website. According to the assessment of Swiss authorities, the processing takes place in secure third countries. The list of countries in Switzerland and further information can be found at the following link
https://www.edoeb.admin.ch/edoeb/de/home/datenschutz/handel-und-wirtschaft/uebermittlung-ins-ausland.html. Personal data is also transferred to the USA. With regard to the transfer of personal data to the USA, there is an adequacy decision on the EU-US Data Privacy Framework of the EU Commission within the meaning of Art. 45 GDPR (hereinafter: DPF - https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60- be03fcb0fddf_en ). The operator of the service is certified under the DPF, so that the usual level of protection of the GDPR applies to the transfer.
The legal basis for the transfer of personal data is your consent in accordance with Art. 6 para. 6 GDPR or Art. 31 para. 2 GDPR and Art. 6 para. 1 lit. a GDPR or Art. 9 para. 2 lit. a GDPR, which you have given on our website.
We use the Google Fonts service to integrate attractive fonts on our website in order to display our website to you in a visually improved version. The service may also be used on our website if other Google services are loaded on our website that require Google Fonts fonts for execution. This is the case, for example, if our website uses Google services that require Google Fonts to run.
The service or we collect the following data for processing: Data on fonts, IP address of the site visitor, statistics on the use of fonts and other data from Google services related to our website.
If the service is activated on our website, our website establishes a connection to the servers of Google Ireland Limited and transmits the required data. As part of order processing, personal data may also be transmitted to the servers of Google LLC, 1600 Amphitheatre Parkway, 94043 Mountain View, United States. When using the Google service on our website, Google may transmit and process information from other Google services in order to provide background services for the display and data processing of the services provided by Google. For this purpose, data may also be transferred to the Google services Google Apis, Google Cloud and Google Ads in accordance with the Google Privacy Policy. You can access the certification under the EU-US Data Privacy Framework at https://www.dataprivacyframework.gov/s/participant-search/participant-detail? id=a2zt000000001L5AAI&status=Active.
You can withdraw your consent at any time. You can find more information on revoking your consent either in the consent itself or at the end of this privacy policy.
Further information on the handling of the transferred data can be found in the provider's privacy policy at https://policies.google.com/privacy.
The provider also offers an opt-out option at https://support.google.com/My-Ad-Center-Help/answer/12155451?hl=de.
Sentry
On our website, we use the Sentry service provided by Functional Software, Inc. dba Sentry, 45 Fremont Street, 8th Floor, , CA 94105 San Francisco, United States, e-mail: compliance@sentry.io, Website: https://sentry.io/. Your personal data will be transferred to so-called insecure third countries that do not guarantee adequate data protection through their legislation. Your data will only be passed on if suitable data protection is guaranteed. This can be guaranteed in particular by
international treaties
data protection clauses in a contract between the controller or processor and their contractual partner that have been communicated to the FDPIC in advance specific guarantees that have been drawn up by the competent federal body and communicated to the FDPIC in advance standard data protection clauses that have been approved, issued or recognised by the FDPIC in advance or binding internal company data protection regulations that have been approved in advance by the FDPIC or by a data protection authority of a country that guarantees adequate protection
If such guarantees are not in place, your data may only be disclosed if you have given your consent, the disclosure is directly related to the conclusion or fulfilment of a contract, or the disclosure is necessary to enforce claims before courts and authorities or to protect public interests. Personal data is also transferred to the USA. With regard to the transfer of personal data to the USA, there is an adequacy decision on the EU-US Data Privacy Framework of the EU Commission within the meaning of Art. 45 GDPR (hereinafter: DPF - https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en ). The operator of the service is certified under the DPF, so that the usual level of protection of the GDPR applies to the transfer.
The legal basis for the transfer of personal data is your consent in accordance with Art. 6 para. 6 GDPR or Art. 31 para. 2 GDPR and Art. 6 para. 1 lit. a GDPR or Art. 9 para. 2 lit. a GDPR, which you have given on our website.
The service collects stack traces and information from our site in order to identify and rectify errors and crashes. It also collects data about the website visitors concerned.
You can view the certification under the EU-US Data Privacy Framework at
https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt0000000YdenAAC.
You can withdraw your consent at any time. You can find more information on revoking your consent either in the consent itself or at the end of this privacy policy.
Further information on the handling of the transferred data can be found in the provider's privacy policy at https://sentry.io/privacy/.
Shopify
On our website, we use the Shopify service provided by Shopify International Limited, Victoria Buildings, 2nd Floor, 1-2 Haddington Road, D04 XN32 Dublin, Ireland, e-mail: hilfe@shopify.de, website: https://www.shopify.de/. According to the assessment of Swiss authorities, the processing takes place in secure third countries. The list of countries in Switzerland and further information can be found at the following link
https://www.edoeb.admin.ch/edoeb/de/home/datenschutz/handel-und-wirtschaft/uebermittlung-ins-ausland.html. Processing also takes place in a third country outside the EU. The Commission has issued an adequacy decision for this third country. On the website of the EU Commission (Link: https://ec.europa.eu/info/law/law-topic/data protection/international-dimension-data-protection/adequacy-decisions_en) you will find a current list of all adequacy decisions.
The legal basis for the transfer of personal data is the contract already concluded or to be concluded between you and us in accordance with Art. 31 para. 2 let. a FADP and Art. 6 para. 1 let. b GDPR.
Shopify's CRM enables us to operate our shop and make it available to you. The rights to which you are entitled with regard to processing can be found at the end of this privacy policy.
Further information on the handling of the transferred data can be found in the provider's privacy policy at https://www.shopify.de/legal/datenschutz.
teads.tv
We use the teads.tv service provided by Teads Deutschland GmbH, Poststr. 6, 20354 Hamburg, Germany, e-mail: dpo@teads.com, website: https://www.teads.com/ on our website. According to the assessment of Swiss authorities, the processing takes place in secure third countries. The list of countries in Switzerland and further information can be found at the following link: https://www.edoeb.admin.ch/edoeb/de/home/datenschutz/handel-und wirtschaft/uebermittlung-ins-ausland.html. The transfer and processing of personal data takes place exclusively on servers in the European Union.
The legal basis for the transfer of personal data is your consent in accordance with Art. 6 para. 6 DSG or Art. 31 para. 2 DSG and Art. 6 para. 1 lit. a DSGVO or Art. 9 para. 2 lit. a DSGVO, which you have given on our website.
The service enables interaction with various social media sites on our website.
You can withdraw your consent at any time. You can find more information on revoking your consent either in the consent itself or at the end of this privacy policy.
Further information on the handling of the transferred data can be found in the provider's privacy policy at https://teads.tv/privacy-policy/.
Social plug-in - "Facebook by META"
What personal data is collected and to what extent is it processed?
On our website, we have integrated a social plug-in of the social network "Facebook by META", which is operated by Meta Platforms Ireland Ltd, Merrion Road, D04 X2K5 Dublin 4, Ireland, e-mail: impressum support@support.facebook.com, website: https://www.facebook.com/ ("Facebook by META"). When you access a page that contains such a plug-in, your browser automatically establishes a background connection to the Facebook by META servers. The content of the plug-in is transmitted by Facebook by META directly to your browser and only integrated into our site. Through this integration, Facebook by META receives the information that your browser has loaded a specific page of our website. This also applies if you do not have a Facebook by META profile or are not currently logged in to Facebook by META. This information (including your IP address) is transmitted by your browser directly to a Facebook by META server in Ireland and stored there. If you are logged in to Facebook by META, Facebook by META can directly associate your visit to our website with your Facebook by META profile. If you interact with the plug-ins, for example by clicking the "Like" button or leaving a comment, this information is also transmitted directly to a Facebook by META server and stored there. The information is also published on your Facebook by META profile and displayed to your Facebook by META contacts that you have activated for this purpose.
Legal basis for the processing of personal data
Relevant are Art. 6 ff. FADP and Art. 6 para. 1 lit. a GDPR (if you have registered with "Facebook by META") and Art. 6 para. 3 FADP and Art. 6 para. 1 lit. f GDPR (if you have not registered with Facebook by META). Insofar as the processing is carried out on the basis of Art. 6 para. 1 sentence 1 lit. f GDPR, the legitimate interest of the site operator is to enable users to interact with the content of the site operator on Facebook by META.
Purpose of the data processing
The primary purpose of data collection is to offer you a social interaction option linked to Facebook by META and thus to make our website interactive. The scope of the data collection and the further processing and use of the data you provide by Facebook by META as well as your rights in this regard and setting options for protecting your privacy can be found in Facebook by META's data protection information: https://www.facebook.com/about/privacy
Duration of storage
Facebook by META will store the data relevant for the provision of the web service for as long as necessary. If the data is subject to statutory retention obligations, it will be deleted after the retention obligation has expired.
Objection and deletion options
If you do not want the Facebook by META social plug-in to be executed, you can also prevent it from being executed by installing a corresponding add-on or script blocker. If you do not want Facebook by META to assign the data collected via our website to your Facebook by META profile, you must log out of Facebook by META before visiting our website. The right of access, rectification and erasure as well as the right to restriction of processing and the right to object are otherwise governed by the general provisions on the right to object and the right to erasure under data protection law described below in this privacy policy.
Social plug-in - "TikTok"
What personal data is collected and to what extent is it processed?
On our website, we have integrated a social plug-in of the social network "TikTok", which is operated by TikTok Technology Limited, 10 Earlsfort Terrace, D02 T380 Dublin, Ireland, e-mail: reports@tiktok.com, website: https://www.tiktok.com/ ("TikTok"). When you access a page that contains such a plug-in, your browser automatically establishes a background connection to the TikTok servers. The content of the plug-in is transmitted by TikTok directly to your browser and only integrated into our site. Through this integration, TikTok receives the information that your browser has loaded a specific page of our website. This also applies if you do not have a TikTok profile or are not currently logged in to TikTok. This information (including your IP address) is transmitted directly from your browser to a TikTok server in Ireland and stored there. If you are logged in to TikTok, TikTok can directly associate your visit to our website with your TikTok profile. If you interact with the plug-ins, for example by clicking the "Like" button or leaving a comment, this information is also transmitted directly to a TikTok server and stored there. The information is also published on your TikTok profile and displayed to your TikTok contacts that you have activated for this purpose.
Legal basis for the processing of personal data
Relevant are Art. 6 ff. FADP and Art. 6 para. 1 lit. a GDPR (if you have registered with "TikTok") and Art. 6 para. 3 FADP and Art. 6 para. 1 lit. f GDPR (if you have not registered with TikTok). Insofar as the processing is carried out on the basis of Art. 6 para. 1 sentence 1 lit. f GDPR, the legitimate interest of the site operator is to enable users to interact with the site operator's content on TikTok.
Purpose of the data processing
The primary purpose of data collection is to offer you the option of social interaction linked to TikTok and thus to make our website interactive. The scope of the data collection and the further processing and use of the data you provide by TikTok as well as your rights in this regard and setting options for protecting your privacy can be found in TikTok's data protection information: https://www.tiktok.com/legal/privacy-policy?lang=de-DE
Duration of storage
TikTok will store the data relevant to the provision of the web service for as long as is necessary. If the data is subject to statutory retention obligations, it will be deleted after the retention obligation has expired.
Objection and deletion option
If you do not want the TikTok social plug-in to be executed, you can also prevent it from being executed by installing a corresponding add-on or script blocker. If you do not want TikTok to assign the data collected via our website to your TikTok profile, you must log out of TikTok before visiting our website. The right to information, rectification and erasure as well as the right to restriction of processing and the right to object are otherwise governed by the general provisions on the right to object and the right to erasure under data protection law described below in this privacy policy.
Information on the use of cookies
Scope of the processing of personal data
We integrate and use cookies on various pages to enable certain functions of our website and to integrate external web services. Cookies are small text files that your browser can store on your access device. These text files contain a characteristic string of characters that uniquely identifies the browser when you return to our website. The process of saving a cookie file is also referred to as "setting a cookie". Cookies can be set both by the website itself and by external web services.
Legal basis for the processing of personal data
Relevant are Art. 6 ff. FADP (principles) and Art. 6 para. 1 lit. f GDPR (legitimate interest) or Art. 6 para. 1 lit. a or Art. 9 para. 2 lit. a GDPR (consent).
In general, in the case of cookies that are collected on the basis of a legitimate interest, our legitimate interest is to ensure the functionality of our website and the services integrated on it (technically necessary cookies). In addition, the cookies may increase their user-friendliness and enable a more personalised approach. Here we have weighed up your interests and our interests.
With the help of cookie technology, we can only identify, analyse and track individual website visitors if the website visitor has consented to the use of cookies in accordance with Art. 6 para. 6 FADP or Art. 6 para. 1 lit. a GDPR.
Purpose of the data processing
The cookies are set by our website or the external web services in order to maintain the full functionality of our website, to improve user-friendliness or to pursue the purpose stated with your consent. Cookie technology also enables us to recognise individual visitors by means of pseudonyms, e.g. individual or random IDs, so that we can offer more personalised services. Details are listed in the table below.
Duration of storage
The cookies are stored in your browser until they are deleted or, in the case of a session cookie, until the session has expired.
Possibility of objection, revocation of consent and deletion
You can set your browser according to your wishes so that the setting of cookies is generally prevented. You can then decide on a case-by-case basis whether to accept cookies or accept cookies in principle. Cookies can be used for various purposes, e.g. to recognise that your access device is already connected to our website (permanent cookies) or to save recently viewed offers (session cookies). If you have expressly given us permission to process your personal data, you can revoke this consent at any time. Please note that this does not affect the lawfulness of the processing carried out on the basis of your consent until you withdraw it.
Data security and data protection, communication by e-mail
Your personal data is protected by technical and organisational measures during collection, storage and processing in such a way that it is not accessible to third parties. In the case of unencrypted communication by e-mail, we cannot guarantee complete data security on the transmission path to our IT systems, so we recommend encrypted communication or the postal service for information requiring a high level of confidentiality.
Duration of data storage and rights of the data subject
Duration of storage
We only store personal data to the extent and for as long as is necessary to fulfil the purposes for which the personal data was collected, if we have a legitimate overriding interest in storing it or if we are legally obliged to do so.
Right to information
You have the right to request confirmation as to whether we are processing your personal data. If this is the case, you have a right to information about the information specified in 25 et seq. FADP or Art. 15 para. 1 GDPR, provided that the information cannot be refused, restricted or postponed by the data controller (see Art. 26 f. FADP or Art. 15 para. 4 GDPR). We will also be happy to provide you with a copy of the data.
Right to rectification
In accordance with Art. 32 para. 1 FADP or Art. 16 GDPR, you have the right to demand that incorrectly stored personal data (e.g. address, name, etc.) be corrected, provided that this claim does not conflict with any legal obligation. You can also request the completion of the data stored by us at any time. A corresponding adjustment will be made immediately.
Right to cancellation
In accordance with Art. 17 para. 1 GDPR, you have the right to request that we erase the personal data collected about you if the data is either no longer required; the legal basis for the processing no longer applies due to the withdrawal of your consent; there are no longer legitimate reasons for the processing; your data is being processed unlawfully; a legal obligation requires this. The right does not exist in accordance with Art. 17 para. 3 GDPR if the processing is necessary for the exercise of the right to freedom of expression and information; your data has been collected on the basis of a legal obligation; the processing is necessary for reasons of public interest; the data is necessary for the assertion, exercise or defence of legal claims.
Right to restriction of processing
Pursuant to Art. 18 para. 1 GDPR, you have the right in individual cases to request the restriction of the processing of your personal data.
This is the case if the accuracy of the personal data is disputed by you; the processing is unlawful and you do not consent to erasure; the data is no longer required for the purpose of processing, but the data collected serves the assertion, exercise or defence of legal claims; an objection to the processing pursuant to Art. 21 para. 1 GDPR has been lodged and it is still unclear which interests prevail.
Right of cancellation
If you have given us your express consent to process your personal data (Art. 6 para. 6 FADP and Art. 31 para. 1 FADP; Art. 6 para. 1 lit. a GDPR or Art. 9 para. 2 lit. a GDPR), you can revoke this consent at any time. Please note that this does not affect the lawfulness of the processing carried out on the basis of the consent until revocation. Data for which we are legally obliged to retain will be deleted after the deadline has expired.
Right to object
In accordance with Art. 21 GDPR, you have the right to object at any time to the processing of personal data concerning you that has been collected on the basis of Art. 6 para. 1 lit. f GDPR (in the context of a legitimate interest). If you have given us your express consent to process your personal data (Art. 6 para. 6 GDPR and Art. 31 para. 1 GDPR), you can withdraw this consent at any time. Please note that this does not affect the lawfulness of the processing carried out on the basis of the consent until revocation. You only have this right if there are special circumstances that speak against storage and processing. Data for which we are legally obliged to store will be deleted after the deadline has expired.
How do you exercise your rights?
You can exercise your rights at any time by contacting us using the contact details below:
Eat Unique GmbH
Birsigstrasse 109
4054 Basel
Switzerland
E-mail: hello@eatunique.ch
Phone: +41 76 320 22 77
Right to data portability
In accordance with Art. 20 GDPR, you have the right to the transfer of personal data concerning you. We will provide the data in a structured, commonly used and machine-readable format. The data can be sent either to you yourself or to a controller named by you.
We will provide you with the following data on request:
Data collected on the basis of consent (Art. 31 para. 1 FADP and Art. 6 para. 1 let. a GDPR); data that we have received from you in the context of existing contracts (Art. 31 para. 2 let. a FADP and Art. 6 para. 1 let. b GDPR and Art. 9 para. 2 let. a GDPR);
Data that has been processed as part of an automated procedure.
We will transfer the personal data directly to a controller requested by you, insofar as this is technically feasible. Please note that we may not transfer data that interferes with the overriding interests of third parties in accordance with Art. 26 para. 1 let. b FADP or Art. 20 para. 4 GDPR, or only to a limited extent.
Notifications to the FDPIC and the right to lodge a complaint
Pursuant to Art. 49 FADP, data subjects can file a complaint with the supervisory authority if there are sufficient indications that data processing could violate data protection regulations. The supervisory authority for data protection in Switzerland is the Federal Data Protection and Information Commissioner (FDPIC).
Further information can be found in the FDPIC's contact form: https://www.edoeb.admin.ch/edoeb/de/home/deredoeb/kontakt.html
If you suspect that your data is being processed unlawfully on our website, you can bring about a judicial clarification of the issue in accordance with Art. 32 FADP. As a rule, an action under Art. 28 ff. ZGB should be sought. If you are affected by the processing of data by federal bodies, the procedure is governed by Art. 41 FADP. In this case, you can also contact the FDPIC (see reference to the contact form above).
Right to lodge a complaint with the supervisory authority pursuant to Art. 77 para. 1 GDPR
If you suspect that your data is being processed unlawfully on our website, you can of course bring about a judicial clarification of the issue at any time. You also have every other legal option. Irrespective of this, you have the option of contacting a supervisory authority in accordance with Art. 77 para. 1 GDPR. The right to lodge a complaint pursuant to Art. 77 GDPR is available to you in the EU Member State of your place of residence, your place of work and/or the place of the alleged infringement, i.e. you can choose the supervisory authority to which you turn from the above-mentioned places. The supervisory authority with which the complaint has been lodged will then inform you of the status and outcome of your complaint, including the possibility of a judicial remedy pursuant to Art. 78 GDPR.
Questions to the data protection officer
If you have any questions about data protection, please send us an email or contact the person responsible for data protection in our organisation listed at the beginning of the privacy policy directly.
Basel, 29.02.2024
Source: https://www.legally-ok.com/