Privacy Policy
We at Hürlemann AG (Albisriederstrasse 253, 8047 Zürich, Schweiz) take data protection very seriously. The following declaration gives you information about the collection and storage of personal data, and ways in which such data may come to be used. Hürlemann AG (hereinafter referred to as ‘Hürlemann’) is the responsible party as understood by data protection legislation, and is responsible for processing your data. This declaration applies to all services and activities offered and carried out by us.
We collect and process personal data carefully and only to the extent permitted by law.
In the following we explain which policies we comply with and for what purposes we collect and process personal data via this website and other ways and applications operated by us or affiliated companies.
We collect certain personal data so that we can provide our services to you. Within the scope of communication and data collection, the following data is stored by us or by third party companies that provide the corresponding services also in accordance with the applicable legislation:
- Registration data,
- Data that you have shared with social media services for sharing with the company,
- Activity data,
- If you have registered for a newsletter, we will keep you informed about relevant developments and offers. If you are directed to our websites via a link in the newsletter, you also grant us permission to process and use your IP address together with geodata, web beacons or similar technologies in order to check whether the offers submitted to you in the course of this communication meet your requirements. In addition, we process and use the e-mail address you provide to send you personalized offers in connection with the newsletter. If you no longer wish to receive the newsletter, you can unsubscribe at any time in the newsletter itself,
- we do not collect any financial data from external service providers in the field of payments.
The purpose of this data capture is,
- to communicate with you,
- to provide the business services and functions,
- to give you the opportunity to comment on content,
- to minimize the risk of fraud,
- to be able to provide and improve our services in a contractual and targeted manner,
- the use of the data for marketing purposes,
- the use for research purposes, for example to develop new products and services,
- to comply with applicable legislation and case law and to be able to respond to requests from administrative or other state authorities,
- to provide the possibility of sharing on social media,
- to protect the company and third parties.
As a company having its registered office in Zürich, Switzerland, we comply with the Swiss data protection legislation, in particular with the Federal Act on Data Protection in its current version. In the context of the European General Data Protection Regulation regulations apply which may also be relevant for companies and service providers domiciled in Switzerland. As far as these provisions may be applicable for us, we comply with these provisions.
For the avoidance of doubt, we have no influence on the online monitoring and data processing by Swiss and international security and other authorities that have the corresponding competences.
The most important of the applicable data protection regulations are listed below.
Personal data and its processing
Personal data are all items of information that relate to an identified or identifiable natural person. Personal data form the basis for identifying or contacting a data subject. Processing includes any handling of personal data, in particular the storage, disclosure, procurement, collection, deletion, storage, modification, destruction and use of personal data.
We process information that a data subject voluntarily and personally provides to us when contacting us - for example, by letter, e-mail, contact form, registering to a user account, social media or phone. All information may be stored in physical and digital address books, in a customer relationship management program or other tools. We may also store and process data we receive legally from third parties, or which are publicly available, as far as the processing of such data is in compliance with the applicable data regulations according to the relevant Swiss and European legislation.
Automatically transmitted data relating to online use
When you visit our website, your browser automatically sends us, for technical reasons, certain details relating to your use of the site, along with what are known as ‘server log files’. The following information, for example, will be communicated to us: - Date and time of access - URL address of the referring website - File you have accessed - Quantity of data transmitted - Host name of the computer making contact (IP address) - Your browser type and version - Your operating system. This information is only used by us for purposes connected with the technical administration of our website, for protecting ourselves against illicit actions in connection with the site and in some cases for purposes of statistical evaluation. We reserve the right to scrutinize these records subsequently, if we have concrete grounds to justify the supposition that illicit actions have taken place.
SSL encryption
In order to ensure the security of your data during transmission, we use encryption techniques (like SSL for example) based on HTTPS.
Right to information
Where personal data are collected, the data subjects are to be provided with a range of information regarding the collection of data, in particular what data are collected and for what purpose.
Right of access by the data subject
The person affected by the data processing is entitled to demand a confirmation that personal data are processed by him or that this is not the case. Where data is processed, the Swiss and European legislation establish various rights (e.g. the right to obtain a copy of the data).
Right to rectification
The data subject has the right to request the data processor to rectify any inaccurate personal data concerning him/her without delay. Taking into account the purposes of the processing, the data subject has the right to request the completion of incomplete personal data, including by means of a supplementary declaration.
Right to erasure ("right to be forgotten")
The data subject has the right to request that personal data relating to him/her be deleted immediately and the personal data must be deleted immediately if one of the reasons listed in the Swiss or European legislation applies, for example that the data are no longer necessary for the purpose for which they were collected.
Right to restriction of processing
In certain cases, the data subject has the right to restrict the processing of data. If such a restriction is requested, the data may only be retained, but may no longer be processed.
Right of notification
All recipients to whom personal data have been disclosed must be informed of any correction or deletion of personal data or any restriction on processing, unless this proves impossible or involves disproportionate effort.
Right to data transferability
The data subject has the right to receive the data that he/she has provided in a structured, common and machine-readable format and has the right to transfer this data to another data controller, for example to change the service provider. However, this right can only be exercised if the data processing is based on the consent of the data subject or on a contract.
Right to object
The data subject shall also have the right to object at any time, for reasons arising from his or her particular situation, to certain processing of personal data relating to him or her, including profiling based on these provisions. Subsequently, the data may no longer be processed, unless the data processor can prove compelling reasons for the processing which are worthy of protection and which outweigh the interests, rights and freedoms of the data subject, or the processing serves to assert, exercise or defend legal claims. Where personal data are processed for direct marketing purposes, the data subject shall have the right to object at any time to the processing of personal data concerning him/her for the purposes of such advertising, including profiling in so far as it is related to such direct marketing.
Right to waive an automated decision in individual cases
In addition, the data subject has the right not to be subject to a decision based exclusively on automated processing, including profiling, which has legal effect against him or her or significantly affects him or her in a similar manner.
Right to be informed of data protection violations
Should the provisions on the protection of personal data be violated, the person affected by the violation will be informed, provided that this entails a legally sufficient risk for personal rights and freedoms.
Complaints
Data subjects whose personal data we process have a right of administrative complaint to the competent supervisory authority. The supervisory authority for data protection in Switzerland is the Federal Data Protection and Information Commissioner (FDPIC).
Special protection for children
Furthermore, the applicable legislation also provides special protection for children. For example, in the case of services offered directly to a child, consent to the processing of the child's data must be given or authorised by the holder of parental responsibility, whereby the age limit in question may be defined differently in the various countries within the scope of application of the GDPR.
Organizational and Technical measures for data security
We protect personal data through appropriate technical and organizational security measures and store them on secure servers. The website is protected against manipulation by the usual state-of-the-art measures and against access, modification or distribution by unauthorized persons. This includes taking data protection aspects into account as early as the planning phase of our services ("privacy by design"), and our new products or services are offered with data protection-friendly default settings ("privacy by default").
Transfer of data to third parties
We are entitled to pass on your personal data to service providers for the purposes of the contract. These are, for example, cloud service providers, other providers of services relevant to the provision of corporate services, including, for example, IT service providers, consultants and lawyers and state authorities. These third parties are also obliged to comply with the legal provisions on data protection. A complete list of the data processors involved can be requested from us.
Third Party Tools:
Cookies
Some of our webpages make use of cookies, which serve the purpose of making our website more user-friendly, effective and secure. Cookies are small text files which are deposited on your terminal device and stored by your browser. Most of the cookies we use are ‘session cookies’. These are automatically deleted at the end of your visit. Other cookies remain on your terminal device until you delete them. These cookies make it possible for us to recognize your browser the next time you visit us. You can adjust the settings of your browser in such a way that you will be informed about the placement of cookies, and allow them only in individual cases, or you can decline to accept them in specific cases or decline them altogether. You can also activate the automatic deletion of cookies when you close your browser. When cookies are disabled, you may not be able to use the full functionality of our website.
Use of YouTube plug-ins
YouTube videos may be embedded on some of our webpages. The operator of the plug-ins in this case is YouTube LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. If you visit a page which has a YouTube plug-in, it sets up a link to the YouTube servers. As a result, YouTube learns what pages you are visiting. If you are logged in to your YouTube account, YouTube can associate your surfing practices with you personally. You can prevent this by logging out of your YouTube account before you visit our site.
When a YouTube video starts, the provider places cookies on your computer which collect indications of user behaviour.
If you have disabled the storage of cookies for the Google AdWords program, you will be able to watch YouTube videos without worrying about cookies of this kind. YouTube does however also store non-personal use information on other cookies. If you want to prevent this, you need to block the storage of cookies in your browser settings.
Further information about data protection on YouTube may found in the data protection declaration of the provider at: https://www.google.de/intl/de/policies/privacy/.
Audio- and Video Communication
We may also use third-party tools to communicate with you. In particular, Google Meet/ZOOM/Microsoft TEAMS. Therefore, the privacy policies of such third parties apply, too. If you communicate with us by e-mail and other electronic communication tools, we assume that you consent to such ways of communication.
Hosting- and Storage Services
We may use infrastructure of third parties for hosting and storage services. In particular EXXAS, which stores the data in the territory of Switzerland.
Furthermore, we also use software of Microsoft for such purposes, and in such cases, Microsoft’s privacy policies apply, too.
Social Media
Other third party services which may be embedded or we may link to are
X (formerly known as Twitter, see its privacy policy here: https://twitter.com/en/privacy),
Meta/Facebook/Instagram, see its privacy policy here: https://www.facebook.com/privacy/policy/,
and Pinterest (see its privacy policy here: https://policy.pinterest.com/e...).
Links to other websites
This Privacy Statement only applies to our own website. Our website may however include links to external websites not bound by the content of this declaration. If you use a link to leave our website, you would be recommended to pay careful attention to the data protection policy of any website you visit.
Changes to our terms and conditions of data protection
We hereby reserve the right to modify this Privacy Statement on occasion, in order to comply at all times with current legal requirements, or in order to incorporate changes in our services in the context of the declaration, e.g. if new services are introduced. When you visit us or get in touch with us again thereafter, the data processing will be subject to the terms of the Privacy Statement in the new version.
If you have any questions or requests regarding this privacy statement and the processing of data, please contact the responsible person at Hürlemann AG:
Hürlemann AG
Britta Herold
Albisriederstrasse 253
8047 Zürich
Schweiz
E-mail: herold@huerlemann.com
Version of 1 September 2023