Datenschutzerklärung

LEGAL INFORMATION

Last update on 22 November 2024

Data Privacy

Data Security

General Notice

Based on Article 13 of the Swiss Federal Constitution and the data protection regulations of the Swiss Federation (Data Protection Act, DSG), every individual has the right to privacy and protection against misuse of their personal data.

We, Kaphiy GmbH, respect the privacy of all customers who use our online presence and take the protection of your personal data very seriously. We prioritize user and customer data protection and are committed to treating the information you provide with the utmost care and responsibility. This commitment extends to our partnerships with third parties; however, we do not assume any liability for third-party actions unless specified otherwise. We use the information you provide solely for communication purposes with you as our customer.

In cooperation with our hosting providers, we take all reasonable technical and organizational measures to protect our databases from unauthorized access, loss, misuse, or falsification. However, please note that data transmission over the Internet (e.g., communication by email) may have security vulnerabilities, making complete protection of data from third-party access impossible.

Processing of Personal Data

Personal data refers to any information relating to an identified or identifiable person. Processing includes any handling of personal data, including storage, disclosure, modification, destruction, and use of data.

We process personal data in accordance with Swiss data protection laws. Furthermore, as applicable, we process personal data under the EU General Data Protection Regulation (GDPR) in accordance with Art. 6 (1) GDPR as follows:

● lit. a) Processing based on the data subject’s consent.

● lit. b) Processing to fulfill a contract or pre-contractual measures.

● lit. c) Processing to meet a legal obligation within the applicable laws.

● lit. d) Processing to protect the vital interests of the data subject or another individual.

● lit. f) Processing to protect legitimate interests, such as providing our website, ensuring information security, and enforcing legal claims.

We process personal data only as long as needed for the specified purpose(s). When legal or other retention obligations apply, we restrict processing accordingly.

Privacy Policy for Cookies

We use “cookies” on www.kaphiy.ch to improve our offerings and enhance your user experience. Cookies are small data files with configuration information that help us optimize your experience. The information in cookies does not allow us to identify you personally. You may disable cookie storage in your browser settings.

Third-Party Services / Google Analytics

We use Google Analytics, a web analytics service by Google Inc. (“Google”), which employs “cookies” to analyze user interactions with our website. Data generated by cookies is usually sent to and stored on Google’s servers in the United States.

This usage is in our legitimate interest under Art. 6 para. 1 p. 1 lit. f GDPR.

Google complies with the EU-U.S. Privacy Shield Framework. For further details, refer to Privacy Shield Information.

We have enabled IP anonymization on this site, ensuring that your IP address is shortened within the European Union or other countries within the European Economic Area before being transmitted to Google. Only in rare cases will the full IP address be transmitted and anonymized in the U.S. Google uses this information to evaluate site usage, compile reports, and provide other services related to website and internet activity. The IP address collected will not be merged with other Google data. You may opt-out of cookies via your browser settings, although this may affect website functionality.

To prevent data transfer to Google, you may install the browser plugin at: Google Opt-Out Plugin.

Social Plugins

Kaphiy GmbH may integrate plugins from social networks (e.g., Facebook, Twitter) on its website. Plugins only become active when clicked on, at which point they may transmit data to the respective social network. If you are logged into these networks while browsing, they may associate your activity with your account. Refer to each platform’s privacy policy for details on data handling.

You can recognize the plugins by the respective network logo, supplemented, for example, by the pictogram of a clenched fist with a raised, upward pointing thumb or the addition of “Recommendation”, “Like”, “Comment” or “Like”. Simply by calling up our website, no direct connection is established with the servers of the social networks by the Internet browser you are using and data is forwarded. The “Like” button only becomes active when you hover over it with your cursor and click on it after the information that appears afterwards that the “Like” button only becomes active when you click on it. Then you can make your recommendation with a second click. If you have activated the “Like” button, it will transmit various data to the social network. This may include:

● a) Date and time of your visit to the website.

● b) URL of the website the visitor is on.

● c) URL of the website that the visitor had previously visited.

● d) Browser used

● e) Operating system used

● f) IP address of the visitor

If you are logged into Facebook, and Twitter in parallel while visiting our site, it is not excluded that the provider assigns the visit to your network account. If you use the plugin functions (e.g. clicking the “Like” button, submitting a comment), this information is also transmitted from your browser directly to the respective social network and stored there if necessary. The purpose and scope of the data collection and the further processing and use of the data by the networks can be found in the privacy notices of Facebook [http://www.facebook.com/policy.php], Twitter [http://twitter.com/privacy] and Google [http://www.google.com/intl/de/policies/privacy/].

SSL Encryption

Our website employs SSL encryption to secure data transmission. You can recognize this by the “https://” in the URL and a lock icon in your browser. This encryption ensures that data you transmit cannot be accessed by unauthorized parties.

Server Log Files

We gather information about you whenever you use our website. This includes automatically collecting details about your usage patterns and interactions with us, as well as recording data about your computer or mobile device. Additionally, we collect, store, and utilize data related to each visit to our website, commonly referred to as server log files. These access data include:

● Name and URL of the file accessed

● date and time of the retrieval

● amount of data transferred

● message about successful retrieval (HTTP response code)

● browser type and browser version

● operating system

● Referer URL (i.e. the previously visited page)

● Web pages that are called up by the user’s system via our website

● Internet service provider of the user

● IP address and the requesting provider

We use this log data without attribution to your person or other profiling for statistical analysis for the purpose of operating, securing and optimizing our website, but also to anonymously record the number of visitors to our website (traffic) and the extent and type of use of our website and services, as well as for billing purposes to measure the number of clicks received from cooperation partners. Based on this information, we can provide personalized and location-based content and analyze traffic, search for and fix errors, and improve our services.

This is also our legitimate interest according to Art 6 para. 1 p. 1 f) DSGVO.

We reserve the right to review the log data retrospectively if there is a justified suspicion of unlawful use based on concrete indications. We store IP addresses in the log files for a limited period of time if this is required for security purposes or necessary for the provision of services or the billing of a service, e.g. if you use one of our offers. After cancellation of the order process or after receipt of payment, we delete the IP address if it is no longer required for security purposes. We also store IP addresses if we have a concrete suspicion of a criminal offense in connection with the use of our website. We also store the date of your last visit as part of your account (e.g. when registering, logging in, clicking links, etc.).

External Payment Service Providers

External Payment Service Providers

Customers can choose from the following payment methods, subject to the restrictions outlined in Section 8.1 of our General Terms and Conditions (GTCs):

● Stripe (https://stripe.com/ch/privacy)

● Snipcart

● Credit Card: Visa, MasterCard, or American Express

● ApplePay, Googlepay, Twint, Paypal

In the context of contract fulfillment, we rely on external payment service providers in accordance with the Swiss Data Protection Ordinance and, where applicable, Article 6(1)(b) of the EU General Data Protection Regulation (EU-GDPR). Additionally, these providers are used based on our legitimate interests under the Swiss Data Protection Ordinance and, where necessary, Article 6(1)(f) of the EU-GDPR to ensure secure and efficient payment options for our users.

The data processed by payment service providers may include personal information such as names, addresses, bank details (e.g., account or credit card numbers), passwords, TANs, checksums, contract information, transaction amounts, and recipient details. This information is required to execute transactions. However, the data entered is exclusively processed and stored by the payment service providers; we, as the website operator, do not receive access to sensitive bank or credit card information. We only obtain confirmation of payment (approval or rejection).

In certain cases, payment service providers may transfer data to credit agencies for identity and creditworthiness verification. For more details, please refer to the terms and privacy policies of the respective payment providers.

The terms, conditions, and privacy policies of the respective payment service providers apply to all payment transactions and can be accessed via their websites or transaction platforms. These policies provide additional information, including how to exercise rights such as revocation or access to data.

Order Processing in the Online Store with Customer Accounts

We process customer data in accordance with the Federal Data Protection Act (DSG) and the EU-GDPR during the ordering process in our online store to facilitate product and service selection, order placement, payment, and delivery or execution.

The data we process includes master data (e.g., name, address), communication data, contract details, and payment information. This applies to customers, prospective customers, and other business partners. The purpose of data processing is to provide contractual services, manage billing, handle delivery, and offer customer support.

We use session cookies (e.g., to store shopping cart contents) and persistent cookies (e.g., to save login status) to optimize the ordering process.

Processing is based on Article 6(1)(b) (contract execution) and Article 6(1)(c) (legal archiving requirements) of the GDPR. Mandatory information is necessary to establish and fulfill contractual obligations. Data is shared with third parties only when required for delivery, payment, or as permitted by law. Data processing in third countries occurs only if necessary for contract fulfillment (e.g., customer-requested delivery or payment).

Customers can create optional user accounts to view their orders. Required information for registration is provided during the process. User accounts are private and not indexed by search engines. Upon account termination, data related to the account is deleted unless retention is required for legal or tax purposes under Article 6(1)(c) GDPR. Customers are responsible for saving their data before account termination.

We store IP addresses and timestamps during registration, account updates, and the use of our online services. This storage is based on our legitimate interests and those of users to prevent abuse and unauthorized access. This data is not shared with third parties unless required for legal compliance or the enforcement of our claims under Article 6(1)(c) GDPR.

Data is deleted after the expiration of legal warranty and similar obligations. Retention is periodically reviewed. Data required for legal archiving is deleted after the relevant retention periods expire.

Newsletter Data

When you subscribe to our newsletter, the email address you provide will be used with your consent for our marketing purposes until you choose to unsubscribe. After subscribing, you will receive a confirmation email to verify your subscription and ensure that you have personally requested to receive our newsletter.

You can withdraw your consent to the storage of your data, including your email address, and its use for sending the newsletter at any time. This can be done, for example, by clicking the “unsubscribe” link included in each newsletter.

Disclosure of Personal Data

We share your data with a select few partner companies to facilitate the processing of your order. For example, we may share your payment details with your bank if necessary and provide your address to our contracted shipping partners, such as Swiss Post, DPD, GLS, DHL, or Deutsche Post, for the delivery of your order. Beyond this, we do not share or resell your data to third parties unless you have explicitly consented to such disclosure.

Right to Information, Deletion, and Blocking

Under Swiss law, you may request information on your stored data or ask for corrections or deletion. For requests, email us at info@kaphiy.ch

Revocation of Consent

You may revoke consent for data use for promotional purposes at any time by emailing us at info@kaphiy.ch

Epilogue

Our data protection policies may evolve with changes in business practices and laws. Future updates will be reflected here.

Status: 2024

Transparent handling of personal data is very important to us. This privacy policy provides information on what personal data we collect, for what purpose and to whom we pass it on. We regularly review and update this privacy policy to ensure the highest level of transparency.

What data we collect

General personal data

We process your general personal data. Personal data is any type of information that relates to an identifiable natural person. The natural person is identifiable if conclusions can be drawn about the identity of the person from the available information.

Example: Your name, IP address and home address are personal data.

Transferred data

You often provide us with your personal data yourself. Whenever you enter your personal data and transmit it to us, it is deemed to have been provided to us. The transmission of data to us is basically voluntary, but in some cases it is mandatory in order to be able to use our offers.

Example: You enter your data in a contact form or sign up for a newsletter.

Data collected

When you use our services, we sometimes collect their data without your active participation. This data is usually data about your device and data about user behavior.

Example: We collect data about the operating system of the device you used to access our website.

Product development

We strive to continuously improve our offer. For this purpose, we use your personal data for the development and improvement of our products and services.

Example: We collect data about visitor behavior on the website in order to constantly improve the user experience.

Data transfer

We share your personal data with companies that can decide for themselves how to use the data. Most often, this is done because it is necessary to comply with legal requirements, when an outstanding debt is transferred to a collection agency, or when to detect fraudulent activity.

Example: A legal requirement obliges us to pass on your data to an authority.

Financial data

In order to make use of our services, you may be required to provide your financial information. We use these to carry out the processing of a transaction.

Example: You enter your credit card details in our online store.

Worldwide

We work with providers from all over the world to process your personal data. This allows us to benefit from the global offering and access the best and most reliable services. Under certain circumstances, the country to which the data is exported does not have the same data protection standard as Switzerland.

Example: We use the services of a cloud provider such as Google, which is based in the USA.

What services we use

Meta Pixel

https://www.facebook.com

ANALYTICS

On our website, we use the Meta Pixel of the provider Meta Platforms Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, with headquarters at Meta Platforms Inc, 1601 Willow Road Menlo Park, CA 94025, USA, both together "Meta".

What data do we process?

The Meta Pixel is an analysis service for websites to collect information about the use of the website. In particular, the following information can be collected:

● IP address

● Technical information such as browser, operating system or screen resolution

● Interactions on the website

● Duration of the visit

● Time and date of the website visit

● Referrer URL

The IP address is anonymised by the meta pixel so that a personal reference is no longer possible. When a visitor visits our website for the first time, the meta pixel can generate an identifier to recognise the visitor when they visit the website again.

For what purpose do we process the data?

Your IP address is used to determine your approximate location. We can use the information obtained from this to measure the relevance of our offers in different regions. We also use the IP address to determine where website visitors have come to our website from. The technical information is processed so that the website can be displayed satisfactorily on every device. The interactions, duration, time and date are collected so that we can use this data to evaluate and optimise our marketing campaigns and offers. We can also use this data to determine how visitors interact with our website, i.e. which content is popular with which visitors. The referrer URL is processed for the purpose of measuring the effectiveness and analysing various marketing channels. In addition, the data collected with the meta pixel can be used to show our meta adverts only to those people who are interested in our offers or have similar interests. For this purpose, we may forward certain personal data to Meta to form target groups to whom our personalised advertising is to be sent. Meta may use this data for its own advertising purposes. This use of your data cannot be influenced by us as the website operator. The data collected using this service will not be used by us to identify you personally. However, Meta can establish a connection to your respective Meta account, if you have one.

On what basis do we process the data?

The legal basis for the processing is your consent in accordance with Art. 6 para. 1 lit. a GDPR.

Who do we share the data with?

The transfer of data by us is governed by our statements on data transfer. As Meta is a transnational company, your data may be transferred anywhere in the world. In particular, it may be transferred to Meta's headquarters in the USA. A country where the legislation does not guarantee adequate data protection.

Google Tag Manager

https://tagmanager.google.com

ANALYTICS

We use Google Tag Manager on our website, a service of the provider Google Ireland Ltd, Google Building Gordon House, Barrow St, Dublin 4, Ireland with headquarters at Google LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA, both together "Google".

Google Tag Manager is a service for centralised management of various tracking tags (e.g. Facebook Pixel, Google Analytics, Hotjar etc.). Google Tag Manager itself does not collect any data. The tags that collect the data that we manage using Google Tag Manager are listed in this privacy policy.

Google Web Fonts

https://fonts.google.com

ANALYTICS

How does Google Web Fonts work?

We use so-called web fonts on our website for the uniform display of fonts, which are provided by Google. When you call up one of our pages, your browser loads the required web fonts into your browser cache in order to display texts and fonts correctly.

What information do you share with us and how is it used?

The browser you use establishes a connection to Google's servers. This enables Google to know that our website has been accessed via your IP address. If your browser does not support web fonts, a standard font is used by your computer.

Why are we allowed to use Google Web Fonts?

Google Web Fonts are used in the interest of a uniform and appealing presentation of our online offers. For more information on Google Web Fonts, see the Google Web Fonts FAQs: https://developers.google.com/fonts/faq.

Zoho

https://www.zoho.com/

MARKETING

Zoho is a suite of online tools and applications designed to help businesses and organizations manage various aspects of their operations, such as customer relationship management, online marketing, finance, project management, and more. On a website, Zoho may be used in various ways, such as:

Customer Relationship Management (CRM): Zoho offers a comprehensive CRM system that helps businesses manage their customer interactions and data. This can be integrated into a website to track and analyze customer interactions and provide personalized experiences.
Forms and Surveys: Zoho Forms allows webmasters to create customized forms and surveys that can be embedded on their website. This can be useful for collecting feedback, conducting market research, and creating lead generation forms.
Email Marketing: Zoho Campaigns is an email marketing tool that allows businesses to easily create, send, and track email campaigns. This can be integrated with a website to manage email lists and send targeted emails to subscribers.
E-commerce: Zoho Commerce is an e-commerce platform that enables businesses to sell products and services online. It can be integrated into a website to create an online store, manage inventory, and process payments.
Live Chat: Zoho SalesIQ is a live chat software that enables businesses to communicate with website visitors

TikTok Pixel

https://www.tiktok.com

ANALYTICS

TikTok Pixel is a tracking code that can be embedded on a website to track user interactions and conversions from TikTok ads. It helps businesses measure the effectiveness of their TikTok advertising campaigns by providing data on website visits, purchases, and other actions taken by users who clicked on TikTok ads. This data can then be used to optimize ad campaigns, retarget potential customers, and improve overall marketing strategies.

Weglot

https://weglot.com/

CMS

Weglot is a language translation tool that is used to dynamically translate a website into multiple languages. It allows website owners to create a multilingual website without having to manually translate content or create multiple versions of their site. Weglot works by detecting the user's language preference and displaying the corresponding translated version of the website in real-time. It also offers customization options and SEO integration to improve the user experience and visibility of the translated content.

Klaviyo

https://www.klaviyo.com/

ANALYTICS

On our website we use Klaviyo, a service of the provider Klaviyo Ltd, 49 Southwark Bridge Rd, London, SE19HH, UK, with headquarters at Klaviyo Inc, 125 Summer St., Boston, MA 02110, USA, both together "Klaviyo".

What data do we process?

Klaviyo is an analytics service for websites, a newsletter marketing service and a tool for managing customer relationships. In particular, the following information can be collected:

● IP address

● Time and date of the website visit

● Technical information such as browser, operating system or screen resolution

● Interactions on the website

● Referrer URL

● Duration of the visit

● Contact details (in particular name and e-mail address)

● Registration source and time of registration for the newsletter

● Interactions with the newsletters

When a visitor visits our website for the first time, Klaviyo can generate an identifier to recognise the visitor when they visit the website again. If you have not registered for our newsletter, the information on newsletter marketing by Klaviyo is not relevant for you.

For what purpose do we process this data?

Your IP address is used to determine your approximate location. We can use the information obtained from this to measure the relevance of our offers in different regions. We also use the IP address to determine where website visitors have come to our website from. The technical information is processed so that the website can be displayed satisfactorily on every device. The interactions, duration, time and date are collected so that we can use this data to evaluate and optimise our marketing campaigns and offers. We can also use this data to determine how visitors interact with our website, i.e. which content is popular with which visitors. The referrer URL is processed for the purpose of measuring the effectiveness and analysing various marketing channels. The data collected is not used to identify you personally. We process the contact details, source and time of registration and the interactions with the newsletter for the purpose of personalising and measuring the success of our newsletter. The contact details are also required in order to send the newsletter.

On what basis do we process the data?

The legal basis for the processing is your consent in accordance with Art. 6 para. 1 lit. a GDPR.

Who do we pass the data on to?

The transfer of data by us is governed by our statements on data transfer. As Klaviyo is a transnational company, your data may be transferred from Klaviyo to anywhere in the world. In particular, it may be transferred to Klaviyo's headquarters in the USA. A country in which the legislation does not guarantee adequate data protection.

Zoho PageSense

https://www.zoho.com/pagesense/

ANALYTICS

Zoho PageSense is a website optimization tool that helps website owners analyze and improve the performance of their website. It offers various features such as heatmaps, A/B testing, funnel analysis, and visitor recordings, which allow website owners to track user behavior, identify areas of improvement, and make data-driven decisions to optimize their website for better user engagement and conversion rates. Zoho PageSense also offers real-time analytics and reports to help website owners understand how visitors are interacting with their website and make necessary changes to improve the overall user experience.

PrivacyBee

https://www.privacybee.io/

DATA PROTECTION

We use PrivacyBee on our website, a service provided by PrivacyBee AG, Laupenstrasse 1, 3008 Bern, Switzerland. PrivacyBee is used to recognize all data protection-relevant services and to generate an individual privacy policy for the website.

What data do we process?
PrivacyBee is a service for generating data protection declarations, which are then integrated into our website via JavaScript. The following data is processed for the provision of this service:

● IP address

● Browser type and version

● Operating system

● Date and time of access to our privacy policy

For what purpose do we process the data? The collection of this data enables us to display the privacy policy correctly on your end device configuration and to ensure that the content is correct and up to date.

Who do we share the data with?
The transfer of data by us is based on our statements on data transfer. The data collected through the use of PrivacyBee remains with PrivacyBee.

How can you prevent the processing of your data?
To prevent PrivacyBee from processing your data, you can disable JavaScript in your browser. Please note, however, that if you deactivate JavaScript, you may not be able to use all the functions of our website to their full extent. We do not offer a specific opt-out option for the PrivacyBee service itself, as the service is essential for the provision of our privacy policy.

Privacy policy

Last update on 21 November 2024

1.) What do we do?

Kaphiy GmbH (Eistrasse 5a Malters 6102 ,Switzerland) operates the website Kaphiy.ch (hereinafter referred to as "we").

The protection of your personal data is very important to us. In this privacy policy, we provide you with transparent and comprehensible information about what data we collect via our website and how we handle it.

For this reason, we use the icons of the PRIVACY ICONS association, among others. They are intend-ed to help you get a quick overview of how we process your data.

2.) What do we inform about?

● Who is responsible for data processing;

● What data is collected;

● The purpose for which this data is collected;

● The legal basis on which we collect this data;

● To whom we pass on this data;

● How you can object to data processing;

● What rights you have and how you can assert them.

3) Definition of terms

3.1 What is personal data?

Personal data is all information that relates to an identified or identifiable natural person. This includes, for example, name, address, date of birth, e-mail address or telephone number as well as the IP ad-dress. Personal data also includes data about personal preferences such as leisure activities or memberships.

3.2 What are special categories of personal data?

Special categories of personal data are:

● Data on religious, ideological, political or trade union views or activities;

● Data relating to health, privacy, racial or ethnic origin, sex life and sexual orientation;

● Data on administrative or criminal prosecutions and sanctions, as well as data on social assistance measures;

● Genetic data and biometric data that uniquely identify a person.

If necessary and if you disclose this data to us yourself, we may process data belonging to a special category of personal data. In this case, their processing is subject to stricter confidentiality.

3.3 What is the processing of personal data?

Processing is any handling of personal data, regardless of the means and procedures used, in particular the procurement, storage, retention, use, modification, disclosure, archiving, erasure or destruction of personal data.

3.4 What is the disclosure of personal data?

This is the transmission or making available of personal data, e.g. publication or disclosure to a third party.

4. Contact

If you have any questions or concerns about the protection of your data by us, you can contact our data protection officer:

Kaphiy GmbH
nicolas Fischer
Eistrasse 5a, 6102 Malters
nicolas.fischer@kaphiy.ch

5.Data security

We will keep your data secure and take all reasonable steps to protect your data from loss, access, misuse or alteration.

Our contractual partners and employees who have access to your data are obliged to comply with data protection regulations. In some cases, it will be necessary for us to pass on your enquiries to our affiliated companies as part of order processing. Your data will also be treated confidentially in these cases.

Within our website, we use the SSL (Secure Socket Layer) method in conjunction with the highest level of encryption supported by your browser.

6. Rights of data subjects

Right to information

You can request information about the data we have stored about you at any time. Please send your request for information together with credible proof of identity to nicolas.fischer@kaphiy.ch

The information will be provided in writing or in another form, including electronically if necessary. If you so request, we can also provide you with the information verbally, provided that you can prove your identity in another form. If you submit the request for information electronically, we will provide the information in a standard electronic format, unless you specify otherwise.

As a rule, information is provided free of charge. If additional copies are requested, a reasonable fee may be charged.

The right to obtain a copy of the processed data must not adversely affect the rights and freedoms of other persons.

In the event of manifestly unfounded or excessive requests for information, we reserve the right to re-fuse to provide information within the limits of the law or to charge an appropriate fee.

The processing of your application is subject to the statutory deadline of one month. Due to the complexity and high number of requests, we may extend this period by a further two months if necessary. You will be informed of the extension within one month of submitting the request for information. You will also be informed of the reasons for the extension.

6.2 Cancellation and rectification

You have the option of requesting the deletion, correction or completion of your data at any time, provided that there are no statutory retention obligations or a legal authorisation requirement to the contrary.

Please note that the exercise of your rights may be in conflict with contractual agreements and may have corresponding effects on the execution of the contract (e.g. premature cancellation of the contract or cost consequences).

6.3 Restriction of processing

You also have the right to request a restriction of processing if you dispute the accuracy of this data, the processing is unlawful, the data is no longer required or you have objected to the processing.

If the processing of the data is restricted, it may only be stored. Further processing may only take place with your consent, for the establishment, exercise or defence of legal claims, for the protection of the rights of another person or for reasons of important public interest. You will be notified if the restriction is lifted.

6.4 Right to data portability

You have the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller without hindrance from us to which the personal data have been provided, where the processing is based on consent pursuant to point (a) of Article 6(1) or point (a) of Article 9(2) GDPR or on a contract pursuant to point (b) of Article 6(1) GDPR and the processing is carried out by automated means. You also have the right to request that the personal data be transmitted directly by us to another controller, insofar as this is technically feasible.

6.5 Right of objection

If you have given your consent to the processing of your data, you can revoke this at any time. Such a revocation affects the permissibility of the processing of your personal data after you have expressed your objection to us.

Insofar as we base the processing of your personal data on the balancing of interests, you can object to the processing. This is the case if, in particular, the processing is not necessary for the fulfilment of a contract with you, which is described by us in the following description of the functions. When exercising such an objection, we ask you to explain the reasons why we should not process your personal data as we have done. In the event of your justified objection, we will examine the situation and will either discontinue or adapt the data processing or show you our compelling reasons worthy of protection on the ba-sis of which we will continue the processing.

You can object to the processing of your personal data for advertising and data analysis purposes at any time. You can contact us about your objection to advertising using the contact details provided in this privacy policy.

6.6 Right of appeal

You also have the right to complain to a data protection supervisory authority about the processing of your personal data by us.

7. General principles

What data do we process from you and from whom do we receive this data?

First and foremost, we process personal data that you transmit to us or that we collect when operating our website. We may also receive personal data about you from third parties. This may include the following categories:

● Personal master data (name, address, date of birth, etc.);

● Contact details (mobile phone number, e-mail address, etc.);

● Financial data (e.g. account details);

● Online identifiers (e.g. cookie identifiers, IP addresses);

This data can come from the following sources:

● Information from publicly accessible sources (e.g. media, Internet);

● Information from public registers (e.g. commercial register, debt collection register, land register);

● Information in connection with official or legal proceedings;

● Information regarding your professional functions and activities (e.g. professional networks);

● Information about you in correspondence and meetings with third parties;

● Credit information (insofar as we process personal transactions with you);

● Information about you that people from your environment give us so that we can conclude or process contracts with you;

● Data in connection with the use of the website.

7.2 Under what conditions do we process your data?

We process your data in accordance with the applicable data protection laws, in particular the GDPR. The processing is carried out for the purposes specified in this privacy policy. We pay attention to transparency and proportionality.

The processing of your data is lawful as long as a GDPR authorisation is fulfilled. The following are possible grounds for authorisation:

● Your consent (Art. 6 para. 1 lit. a GDPR);

● The fulfilment of a contract or pre-contractual measures (Art. 6 para. 1 lit. b GDPR);

● The fulfilment of legal obligations to which we are subject (Art. 6 para. 1 lit. c GDPR);

● The protection of vital interests of the data subject or another natural person (Art. 6 para. 1 lit. d GDPR);

● The performance of a task carried out in the public interest or in the exercise of official authority vested in the controller (Art. 6 para. 1 lit. e GDPR);

● Our legitimate interests, provided that your interests do not outweigh ours (Art. 6 para. 1 lit. f GDPR).

It may be necessary for you to provide us with certain personal data so that we can fulfil our contractual obligations. Without such data, we are normally unable to fulfil a contract.

Under normal circumstances, the website cannot be used if certain information to secure data traffic, such as your IP address, is not disclosed.

7. 3 In which cases can we pass on your data to third parties?

a. Principle

We may need to use the services of third parties or affiliated companies and commission them to process your data (so-called processors). The categories of recipients are as follows:

● Accounting, fiduciary and auditing company;

● Consultancy firms (legal advice, taxes, etc.);

● IT service provider (web hosting, support, cloud services, website design, etc.);

● Payment service provider;

● Provider of tracking, conversion and advertising services.

We ensure that these third parties and our affiliated companies comply with the requirements of data protection and treat your personal data confidentially.

We may also be obliged to disclose your personal data to authorities.

b. Passing on to partners and co-operation companies

We sometimes work together with different companies and partners who place their offers on our web-site. It is recognisable to you that this is a third-party offer (marked as "advertising").

If you take advantage of such an offer, we will transfer your personal data to the relevant partner or co-operation company (e.g. name, function, communication, etc.) whose offer you wish to take advantage of. These partners and co-operation companies are independently responsible for the personal data they receive. Once the data has been transmitted, the data protection provisions of the respective part-ner apply.

c. Transfer abroad

Under certain circumstances, your personal data may be transferred to companies abroad as part of order processing. These companies are obliged to protect data to the same extent as we are. The transfer may take place worldwide.

If the level of data protection does not correspond to that of the EEA area, we carry out a prior risk assessment and contractually ensure that the same level of protection is guaranteed as in the EEA area (e.g. by means of the standard contractual clauses of the EU Commission or other legally prescribed measures). If our risk assessment is negative, we will take additional technical measures to protect your data. You can access the EU Commission's standard contractual clauses at the following link.

7. 4 How long do we store your data?

We only store personal data for as long as is necessary to fulfil the individual purposes for which the da-ta was collected.

We store contract data for longer, as we are obliged to do so by law. In particular, we must store business communications, concluded contracts and accounting documents for up to 10 years. If we no longer need such data from you to provide the services, the data will be restricted for further processing and we will only use it for accounting and tax purposes.

8. Individual data processing operations

Provision of the website and creation of log files

If you merely visit collamin.ch, i.e. if you do not register or otherwise disclose information, only the data that your browser automatically transmits to our server will be collected. The data is technically necessary for the operation of the website.

What data do we process?

The following data in particular is processed for the provision of the website and the creation of log files:

● Name of the internet service provider

● IP address

● Technical information such as browser, operating system or screen resolution

● the date and time of access

● Referrer URL

This data cannot be assigned to a specific person and is not merged with other data sources.

For what purpose do we process the data?

The log files are processed in order to guarantee the functionality of the website and to ensure the security of our information technology systems.

On what basis do we process the data?

The legal basis for this data processing is our legitimate interest in accordance with Art. 6 para. 1 lit. f GDPR. Our legitimate interests are set out in the purpose of the data processing.

Who do we pass the data on to?

The forwarding of data by us is based on our statements on data forwarding.

How can you prevent data processing?

The data is only stored for as long as is necessary to fulfil the purpose for which it was collected. Accordingly, the data is deleted at the end of each session. The storage of log files is absolutely necessary for the operation of the website; you therefore have no option to object to this unless you do not visit our website.

8.2 Contact us

You can contact us in several ways. If you contact us and provide personal data, we will process your data. This refers to any verbal, written or other form of contact with us.

What data do we process? When you contact us, we process any data that you provide to us. This includes in particular:

● Name

● E-mail address

● Content and timing of their contact

● Contact details

It may happen that you have to provide certain mandatory data in order to contact us, for example when contacting us via a contact form or if you request a callback.

For what purpose do we process the data?

The purpose for which we use the data is determined by the nature of the contact. However, we never use the data for unforeseeable or unexpected purposes. The most common purposes are communication and feedback, customer service and the processing of business enquiries.

On what basis do we process the data?

The legal basis for this data processing is our legitimate interest in accordance with Art. 6 para. 1 lit. f GDPR. Our legitimate interests are set out in the purpose of the data processing.

Who do we share the data with?

The forwarding of data by us is governed by our statements on data forwarding. If the purpose of your contact requires us to pass on your data to third parties, we will pass on the data to the extent necessary.

How can you prevent data processing?

Insofar as you contact us, data processing cannot be prevented. Consequently, you must refrain from contacting us if you do not want your data to be processed.

8. 3 Cookies

Our website uses cookies. Cookies are text files that are stored on the operating system of your device with the help of the browser when you visit our website. Cookies do not cause any damage to your computer and do not contain viruses. Some cookies are technically necessary for the website to function. Most of the cookies we use are so-called "session cookies". They are automatically deleted at the end of your visit. Other cookies remain stored on your end device until you delete them or their expiry date.

For what purpose do we process the data?

We use cookies so that we can use the data collected to make our website more user-friendly, effective and secure. In particular, we use cookies to save your preferences (e.g. language and location set-tings), to ensure the fast provision and attractive presentation of website content (e.g. through the use of fonts and content delivery networks) and to analyse the use of this website for statistical evaluation and continuous improvement (usually using third-party cookies). The purposes for which we use the (technically unnecessary) cookies in detail can be found in the following explanations in this privacy pol-icy.

On what legal basis do we process the data?

The legal basis for this processing is your consent in accordance with Art. 6 para. 1 lit. a GDPR. Insofar as technically necessary cookies are concerned, our legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR forms the legal basis.

Who do we pass the data on to?

The forwarding of data by us is governed by our statements on data forwarding. In addition, the follow-ing information on individual data processing in this privacy policy must be observed.

How can you prevent data processing?

A cookie banner is displayed when the website is accessed. Cookies that require your consent in accordance with Art. 6 para. 1 lit. a GDPR are only activated if you give your consent. If you refuse con-sent, no data will be collected by the cookies requiring consent.

You cannot prevent the collection of data by cookies, which we use on the basis of our legitimate inter-est in accordance with Art. 6 para. 1 lit. f GDPR, by using the cookie banner. These cookies, which are technically necessary for the operation of the website, are stored on your computer. You can delete them completely or deactivate or restrict their transmission by changing the settings in your browser. If you deactivate these cookies, you may no longer be able to use all functions of the website to their full extent.

Instructions for the most common browsers can be found here:

For cookies that are used to measure success and reach or for advertising, a general objection ("opt-out") is possible for numerous services via the Network Advertising Initiative (NAI), YourAdChoices (Digital Advertising Alliance) or Your Online Choices (European Interactive Digital Advertising Alliance, EDAA)

8.4 Newsletter

You can subscribe to our newsletter via our website. The newsletter provides you with information about new articles, events and offers. We measure the success and reach of our newsletter.

What data do we process?

We collect the following data in particular in order to send the newsletter and measure its success and reach:

● IP address

● Contact details

● Date and time of registration

● Technical information such as browser, operating system or screen resolution

● Interactions with the newsletter

The IP address is usually anonymized so that a personal reference is no longer possible.

For what purpose do we use the data?

We use the data collected to send the newsletter, for verification and for the salutation. We store your data, in particular the IP address used at the time of registration and the date and time, to log the registration and to be able to detect misuse. This data is stored for as long as you are registered for the newsletter. We also use the IP address to determine your approximate location. We can use the information obtained from this to measure the relevance of our offers in different regions and segment advertising campaigns. The technical information is used to display the newsletter correctly on every de-vice. The interactions, time and date are collected so that we can use this data to evaluate and optimise our marketing campaigns and offers. We can also use this data to determine how subscribers interact with our newsletter.

On what legal basis do we process the data?

The legal basis for this processing is your consent in accordance with Art. 6 para. 1 lit a GDPR. By entering the data to subscribe to the newsletter, you consent to the data processing.

Who do we pass the data on to?

We pass on your data to contracted service providers for the purpose of technical processing and measuring the success and reach of the newsletter. Some of these service providers have servers all over the world. It is therefore possible that the data collected may be transferred by our service providers throughout the world. Our statements on data transfer also apply.

How can you prevent data processing?

You can unsubscribe from the newsletter at any time by confirming the unsubscribe link in an email you receive from us. Alternatively, you can unsubscribe by sending us an e-mail.

8.5 Comments

You have the option of commenting on certain content on our website.

What data do we process?

To publish a comment, you must provide us with the following information:

● Content of the commentary

● Name

● E-mail address (will not be published)

For what purpose do we process the data?

The content of the comment must be collected in order for the comment to be possible at all. The name is collected for the purpose of being able to assign a rating to a specific user. If you do not want your name to be published, we ask you to use an alias name. We use the e-mail address to verify you or to contact you if your comment is responded to, or to contact you if a third party objects to your comment as unlawful. To prevent the unauthorised use of e-mail addresses and to ensure the security of your data, we use the so-called double opt-in procedure, i.e. you will receive an e-mail in which you must confirm that you are the owner of this e-mail address and wish to receive the notifications. You can un-subscribe from the notifications at any time by clicking on the link contained in the e-mail. We will store your personal data, including your e-mail address, the time you registered for the service and your IP address, until you unsubscribe from the notification service.

On what legal basis do we process the data?

The legal basis for this processing is your consent in accordance with Art. 6 para. 1 lit a GDPR. By publishing a comment, you consent to the data processing.

Who do we pass the data on to?

The forwarding of data by us is based on our statements on data forwarding.

How can you prevent data processing?

You can only prevent the collection of your data via the comment function by not publishing a comment. If you wish to publish a comment, data processing cannot be prevented.

8.6 Online shop

You can place orders for our range in our online shop.

What data do we receive?

You can place orders for our products in our online shop. When you place an order, we collect the fol-lowing data in particular:

● Name

● E-mail address

● Delivery and billing address

● Telephone number

We also process all other data that you provide during the ordering process. If you pay by online payment service, all data required for payment processing will also be processed.

For what purpose do we process the data?

Your data is mainly used for the purpose of processing and fulfilling your order. We may also need the data in order to identify you as our customer, to correspond with you, to issue invoices, to assert any claims and to manage our customer data. We may also use the data for advertising and marketing pur-poses within the scope of our legitimate interest. We are also obliged by commercial and tax law to store your address, payment and order data for a period of ten years.

On what legal basis do we process the data?

The legal basis for the processing of your personal data as part of the ordering process is the fulfilment of a contract in accordance with Art. 6 para. 1 lit. b GDPR. We may also use the data for advertising and marketing purposes within the scope of our legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR and within the scope of your consent pursuant to Art. 6 para. 1 lit. a GDPR.

Who do we share your data with?

Your data will be treated confidentially and will only be passed on to third parties within the scope of con-tract processing and if necessary. If you purchase physical goods from us, your name and address must be transmitted to the suppliers for the purpose of delivery. If you pay by online payment service, the data will be passed on to the online payment service. If necessary, we may also pass on the required data to debt collection agencies. The collection agencies are acting on our behalf and may not use the transmitted data for their own purposes. Please also note our information on data transfer.

How can you prevent data processing? The data processing described here only takes place if you place an order with us in the online shop. If you do not place an order, your data will not be processed.

8.7 Tracking pixel

We may use tracking pixels on our website or in our emails. Tracking pixels are also known as web beacons. Tracking pixels are small, usually invisible images that are automatically retrieved when you visit our website or open our emails.

What data do we process?

Counting pixels can be used to collect the same data as log files. In addition, movement profiles of the entire session can be collected. In particular, tracking pixels are used by third parties whose services we use. Detailed information about these third-party services is provided below in this statement.

For what purpose do we process the data? Tracking pixels are used by various tracking services to analyse the use of this website and for statistical evaluation and continuous improvement. Tracking pixels can also be used for email tracking.

On what legal basis do we process the data?

The legal basis for the dissemination is your consent in accordance with Art. 6 para. 1 lit a GDPR.

Who do we pass the data on to?

The transfer of data by us is based on our statements on data transfer. Please also note the information in this privacy policy on the individual tracking services.

How can you prevent data processing? To prevent data processing using tracking pixels, you can install suitable browser extensions such as uBlockOrigin and block external graphics in your e-mail programme or by not giving your consent for processing.

8.8 Meta Pixel

What data do we process?

The Meta Pixel is an analysis service for websites to collect information about the use of the website. In particular, the following information can be collected:

● IP address

● Technical information such as browser, operating system or screen resolution

● Interactions on the website

● Duration of the visit

● Time and date of the website visit

● Referrer URL

For what purpose do we process the data?

On what basis do we process the data?

The legal basis for the processing is your consent in accordance with Art. 6 para. 1 lit. a GDPR.

Who do we share the data with?

8.9 Google Tag Manager

8.10 Google Web Fonts

How does Google Web Fonts work?

What information do you share with us and how is it used?

Why are we allowed to use Google Web Fonts?

8.11 Zoho

Customer Relationship Management (CRM): Zoho offers a comprehensive CRM system that helps businesses manage their customer interactions and data. This can be integrated into a website to track and analyze customer interactions and provide personalized experiences.
Forms and Surveys: Zoho Forms allows webmasters to create customized forms and surveys that can be embedded on their website. This can be useful for collecting feedback, conducting market research, and creating lead generation forms.
Email Marketing: Zoho Campaigns is an email marketing tool that allows businesses to easily create, send, and track email campaigns. This can be integrated with a website to manage email lists and send targeted emails to subscribers.
E-commerce: Zoho Commerce is an e-commerce platform that enables businesses to sell products and services online. It can be integrated into a website to create an online store, manage inventory, and process payments.
Live Chat: Zoho SalesIQ is a live chat software that enables businesses to communicate with website visitors

8.12 TikTok Pixel

8.13 Weglot

8. 14 Klaviyo

What data do we process?

Klaviyo is an analytics service for websites, a newsletter marketing service and a tool for managing customer relationships. In particular, the following information can be collected:

● IP address

● Time and date of the website visit

● Technical information such as browser, operating system or screen resolution

● Interactions on the website

● Referrer URL

● Duration of the visit

● Contact details (in particular name and e-mail address)

● Registration source and time of registration for the newsletter

● Interactions with the newsletters

For what purpose do we process this data?

Your IP address is used to determine your approximate location. We can use the information obtained from this to measure the relevance of our offers in different regions. We also use the IP address to determine where website visitors have come to our website from. The technical information is processed so that the website can be displayed satisfactorily on every device. The interactions, duration, time and date are collected so that we can use this data to evaluate and optimise our marketing campaigns and offers. We can also use this data to determine how visitors interact with our website, i.e. which content is popular with which visitors. The referrer URL is processed for the purpose of measuring the effectiveness and analysing various marketing channels. The data collected is not used to identify you personally. We process the contact details, source and time of registration and the interactions with the newsletter for the purpose of personalising and measuring the success of our newsletter. The contact details are also required in order to send the newsletter.

On what basis do we process the data?

The legal basis for the processing is your consent in accordance with Art. 6 para. 1 lit. a GDPR.

Who do we pass the data on to?

8.15 Zoho PageSense

8.16 PrivacyBee

● IP address

● Browser type and version

● Operating system

● Date and time of access to our privacy policy

Who do we share the data with?
The transfer of data by us is based on our statements on data transfer. The data collected through the use of PrivacyBee remains with PrivacyBee.

9. Does our privacy policy always remain the same?

We may change this privacy policy at any time. The changes will be published on kaphiy.ch, you will not be informed separately.