DE FR EN
phone +41 31 720 56 56 phone Jobs Downloads
You are here:

About this website

Privacy policy

In this privacy policy, we would like to inform you about what personal data we process for what purpose, how and where, particularly in connection with our ffag.ch website and our other services. We will also inform you about the rights of persons whose data we process in this privacy policy.

Special, supplementary or other privacy policies and other legal documents such as general terms and conditions (GTCs), terms of use or terms and conditions of participation may apply to individual or additional offerings or services.

1. Contact addresses

Controller responsible for the processing of personal data:

Frei Fördertechnik AG
Schwarzbachstrasse 26, 3113 Rubigen

j.blatter@ffag.ch

Should there be other data controllers for the processing of personal data in individual cases, we will point this out.

Data protection officer

Our data protection officer is available as a contact for data subjects and supervisory authorities for queries relating to data protection:

Jan Blatter
Schwarzbachstrasse 26, 3113 Rubigen

j.blatter@ffag.ch

2. Processing personal data

2.1 Terms and definitions

Personal data means any information relating to an identified or identifiable person. A data subject is a person whose personal data is processed. Processing means any use of personal data, regardless of the means and procedures used, and in particular storing, disclosure, collection, recording, deleting, saving, changing and erasing.

The European Economic Area (EEA) encompasses the European Union (EU) as well as the Principality of Liechtenstein, Iceland and Norway. The General Data Protection Regulation (GDPR) defines the processing of personal data as the processing of personal data relating to a specific natural person.

2.2 Legal bases

We process personal data in accordance with Swiss data protection law, in particular the Swiss Federal Act on Data Protection (DSG) and the Swiss Ordinance to the Federal Act on Data Protection (VDSG).

To the extent that the General Data Protection Regulation (GDPR) applies, we process personal data in accordance with at least one of the following legal bases:

  • Art. 6 (1)(b) of the GDPR (in German) – processing necessary to the performance of a contract to which the data subject is a party or in order to take steps before entering into a contract.
  • Art. 6 (1)(f) of the GDPR – processing necessary for the purposes of the legitimate interests pursued by us or a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject. Specifically, these legitimate interests are: our interest in reliably providing our online services at all times in a user-friendly, secure and reliable form, and being able to advertise our online services when necessary; information security, protection from misuse and unauthorised use; assertion of our own legal rights; and compliance with Swiss law.
  • Art. 6(1)(c) of the GDPR – processing necessary for compliance with a legal obligation to which we are subject under laws applicable to member states of the European Economic Area (EEA).
  • Art. 6(1)(e) of the GDPR – processing necessary for the performance of a task carried out in the public interest.
  • Art. 6(1)(a) of the GDPR – processing subject to the consent of the data subject.
  • Art, 6(1)(d) of the GDPR – processing necessary in order to protect the vital interests of the data subject or of another natural person.

2.3 Type, scope and purpose

We process all personal data necessary to permanently provide our website in a user-friendly, secure and reliable way. This personal data may fall into the categories of inventory and contact data, browser and device data, content data, meta/application data and usage data, location data, and sales, contract and payment data.

We process personal data for any period necessary for the respective purpose or purposes, or as required by law. If processing is no longer necessary for personal data, it is anonymized or erased. If we process someone’s personal data, they have a fundamental right to erasure.

We strictly only process personal data with the data subject’s consent, unless processing is permitted for other legal reasons, for example to perform a contract to which the data subject is a party, to take corresponding steps prior to entering into a contract or to safeguard our overriding legitimate interests because processing is evident from the circumstances or following prior notice.

In this context, we particularly process information data subjects transmit to us personally and on a voluntary basis when they contact us, for example by post, email or telephone, via a contact form or via social media, or when registering for a user account. As examples, we may store such information in an address book, a customer relationship management system (CRM system) or using comparable resources. If you transmit data to us that concerns other persons, you are obliged to guarantee data protection for such persons and you are obliged to ensure the accuracy of such personal data.

We also process personal data that we receive from third parties, obtain from publicly accessible sources or collect when providing our website, insofar as and to the extent that such processing is permitted by law.

2.4 Processing of personal data by third parties, including processing abroad

We may have personal data processed by commissioned third parties, we may process personal data together with third parties and with the assistance of third parties, and we may transmit data to third parties. Such third parties particularly include providers whose services we use. We also guarantee adequate data protection for such third parties.

Such third parties are generally located in Switzerland and in the European Economic Area (EEA). However, such third parties may also be located in other states and territories and elsewhere in the universe provided that their data protection law guarantees adequate data protection in the view of the Swiss Federal Data Protection and Information Commissioner (FDPIC), or if adequate data protection is guaranteed on other bases, for example through a corresponding contractual agreement, particularly on the basis of standard contractual clauses, or through corresponding certification. In exceptional cases, such a third party may be located in a country that does not have adequate data protection, provided that the data protection requirements, such as the data subject’s explicit consent, are met.

3. The rights of data subjects

Data subjects whose personal data we process have certain rights according to Swiss data protection law. These include the right of access and the right to rectification, erasure or blocking of the personal data that has been processed.

Data subjects whose personal data we process may, if and to the extent that the General Data Protection Regulation (GDPR) applies, request (at no cost) a confirmation of whether we are processing their personal data, and if so, they have the right to information about how their personal data is processed, to restrict the processing of their personal data, to assert their right to data portability and to rectification, erasure (“Right to be forgotten”), blocking or completion of their personal data.

If and to the extent that the General Data Protection Regulation (GDPR) applies, data subjects whose personal data we process may at any time withdraw their consent with immediate effect or object to the processing of their personal data.

Data subjects whose personal data we process have the right to lodge a complaint with a supervisory authority. The supervisory authority for data protection in Switzerland is the Federal Data Protection and Information Commissioner (FDPIC).

4. Data security

We take appropriate and suitable technical and organizational measures to ensure data protection and data security in particular. However, the processing of personal data online may involve security vulnerabilities even though such measures have been taken. We cannot guarantee absolute data security.

Access to our website takes place via transport encryption (SSL/TLS, in particular with hypertext transfer protocol secure, abbreviated as HTTPS). Most browsers indicate transport encryption by showing a padlock in the address bar.

As with all internet use, access to our website is subject to unfounded mass surveillance without suspicion and other surveillance by security authorities in Switzerland, the European Union (EU), the United States of America (USA) and other countries. We do not have direct control over the processing of personal data by secret services, the police or other security authorities.

5. Website use

5.1 Cookies

We may use cookies on our website. Cookies – both our own cookies (first-party cookies) and cookies from third parties whose services we use (cookies from third parties or third-party cookies) – are data stored in your browser. Such stored data does not necessarily have to be limited to traditional cookies in text form. Cookies cannot run programs or transmit malware such as Trojans or viruses.

When you visit our website, cookies can be temporarily saved in your browser as ‘session cookies’ or for a set period of time as ‘permanent cookies’. ‘Session cookies’ are automatically deleted when you close your browser. Permanent cookies have a set storage period. In particular, they allow your browser to recognize our website when you visit us again and as a result, they measure the reach of our website, for example. However, permanent cookies can also be used for online marketing, for example.

You can fully or partially disable or delete cookies in your browser settings at any time. Without cookies, you may be unable to use our website to its full extent. If and to the extent necessary, we actively request your explicit consent to the use of cookies.

If cookies are used for success and reach measurement, or for advertising, it is possible to generally opt out of a number of services via the Network Advertising Initiative (NAI), YourAdChoices (Digital Advertising Alliance) or Your Online Choices (European Interactive Digital Advertising Alliance, EDAA).

5.2 Server log files

We may collect the following information each time you access our website, provided that this is transmitted from your browser to our server infrastructure or can be identified by our web server: date and time including time zone, Internet Protocol (IP) address, access status (HTTP status code), operating system including user interface and version, browser including language and version, individual sub-pages of our website accessed including the volume of data transmitted, last website accessed using the same browser window (referrer).

We store this information, which can also include personal data, in server log files. The information is necessary to permanently provide our website in a user-friendly and reliable way, and to be able to ensure data security and thus the protection of personal data in particular – including by third parties or with the assistance of third parties.

5.3 Tracking pixels

We may use tracking pixels on our website. Tracking pixels are also called web beacons. Tracking pixels – also from third parties whose services we use – are small, usually invisible images that are automatically retrieved when you visit our website. The same information can be collected with tracking pixels as is collected in server log files.

6. Notifications and messages

We may send notifications and messages such as newsletters by e-mail and via other communication channels such as instant messaging.

6.1 Success and outreach measurements

Notifications and messages can contain weblinks or tracking pixels that indicate whether an individual message has been opened and which weblinks were clicked (success measurement). These weblinks and tracking pixels can also record the use of notifications and messages. We require this statistical record of use including success and outreach measurement to offer notifications and messages based on the needs and reading habits of the receivers in an effective, user-friendly, sustainable, secure and reliable manner.

6.2 Consent and objection

In principle, you have to give your express consent for your e-mail address and your other contact addresses to be used, unless their use is permitted on other legal grounds. For any consent in the case of e-mails, we use a "double opt-in" procedure, i.e. you receive an e-mail with a weblink, which you then have to click. This prevents misuse by unauthorised third parties. We can record these consents including Internet Protocol (IP) addresses, dates and times for evidential and security reasons.

In principle, you can unsubscribe from notifications and messages, such as newsletters, at any time. This does not apply to notifications and messages that are absolutely necessary for our online pages. When unsubscribing, you can also object in particular to the recording of your use for statistical purposes, including for success and outreach measurement. This is subject to notifications and communications that are absolutely necessary for our offer.

7. Social Media

We are present on social media platforms and other online platforms to communicate with interested parties and to be able to inform you about our offering. Here, personal data may be processed outside Switzerland and the European Economic Area (EEA).

The general terms and conditions (GTCs), terms of use, privacy policies and other regulations of the individual operators of such online platforms apply respectively. These regulations particularly inform you about data subject rights, which especially include the right of access.

We bear joint responsibility for our social media presence on Facebook, incl. so-called page insights, together with Facebook Ireland Limited in Ireland, if and insofar the GDPR applies. The page insights show us how visitors interact with our Facebook page. We use page insights to make our social media presence on Facebook more effective and user-friendly.

Further information on the nature, scope and purpose of data processing as well as on the rights of affected persons and contact data for Facebook and for the Facebook data protection officer can be found in the Facebook privacy policy (“Data Policy”). We have signed the so-called “Controller Addendum” with Facebook, in which we agree, in particular, that Facebook shall be responsible for guaranteeing the rights of affected persons. Information relevant to the page insights can be found in the “Information about Page Insights” including the “Page insights addendum regarding the Controller” and “Information about Page Insights Data” of Facebook.

8. Success and reach measurement

We use services and programs to find out how our website is used. In this context, we can, for example, measure the success and reach of our website as well as how effective third-party links are on our website. We can also try out and compare how different versions of our website or parts of it are used (‘A/B testing’ method). Based on the findings of success and reach measurement, we can in particular fix errors, strengthen particularly popular content or make improvements to our website.

When using services and programs to measure success and reach, the Internet Protocol (IP) addresses of individual users have to be stored. IP addresses are strictly truncated to comply with the principle of data economy through corresponding pseudonymization and to improve data protection for visitors to our website (‘IP masking’).

When using services and programs to measure success and reach, cookies can be used and user profiles created. As an example, user profiles include the pages visited or content viewed on our website, information on the size of the screen or browser window and the – at least approximate – location. User profiles are strictly created in pseudonymized form. We do not use user profiles to identify individual visitors to our website. Individual services for which you are registered as a user may, if necessary, link the use of our website to your profile for the respective service. You usually have to give your prior consent to this.

In particular, we use:

9. Third-party services

We use services from third parties to permanently provide our website in a user-friendly, secure and reliable way. These services are also used to allow us to embed content into our website. These services – hosting and storage services, video services and payment services, for example – need your Internet Protocol (IP) address, as they would otherwise be unable to transmit the content. These services may be provided outside Switzerland and the European Economic Area (EEA), as long as adequate data protection is ensured.

For their own security-relevant, statistical and technical purposes, third parties whose services we use may also process data in connection with our website and from other sources – including cookies, log files and tracking pixels – in aggregated, anonymized or pseudonymized form.

9.1 Digital infrastructure

We use third-party services in order to make use of digital infrastructure for our website. As an example, this includes hosting and storage services provided by specialist providers.

In particular, we use:

9.2 Audiovisual media

We use third-party services to directly play audiovisual media such as music or videos on our website.

In particular, we use:

9.3 Fonts

We use third-party services to embed selected fonts, as well as icons, logos and symbols, into our website.

In particular, we use:

10. Extensions for the website

We use extensions for our website in order to be able to use additional functions.

In particular, we use:

11. Final provisions

We created this privacy policy using the data protection generator provided by Datenschutzpartner.

We may change and add to this privacy policy at any time. We will notify you of such changes and additions in a suitable form, in particular by publishing the respective current privacy policy on our website.

Frei Fördertechnik AGSchwarzbachstrasse 26 CH-3113 Rubigen T +41 31 720 56 56info@ffag.ch
© 2024 Frei Fördertechnik AG | Legal notice | Privacy policy