GOLD TO GO AG, Küssnacht am Rigi, Switzerland (“we”, “us”, “our”). We are responsible for the data processing described herein.
Should there be any inconsistencies between this data privacy statement and our other applicable contractual or business terms and conditions with respect to any data privacy issues, the provisions of this data privacy statement shall prevail.
In this data privacy statement we will provide you (e.g. as a client, contractor, employee, job applicant or visitor to our website) with comprehensive information about our data processing methods. Furthermore, by means of this data privacy statement, you and, respectively, the data subjects are informed about the rights to which data subjects are entitled. This data privacy statement is directed at all persons who contact us and transmit information to us.
2 Collection and processing of personal data
"Personal Data" means information relating to persons or that we can otherwise associate with persons. Personal Data herein means personal data of you as a natural person or of employees, clients, contractors, target groups, agencies, applicants, website visitors and consumers and their affiliated companies.
The personal data collected is diverse. In particular, we collect the following automatically or manually registered personal data within the scope described above:
- Personal data: surname and first name(s); date of birth and age; gender; residential address; marital status; hometown/citizenship(s); billing address; credit card and account information; language preferences; telephone and fax number(s); e-mail address(es); company/ies; position(s) and function(s); creditworthiness and registry information; business connection; professional background information (e.g. CV, school or work certificates, diplomas, etc.).
- Client activity data: contract data (including content of contract, date of contract, contracting party); session data related to physical meetings and visits to our website (including duration and frequency of visits, language and country preferences).
- Browser and computer operating system information, internet protocol addresses, search terms and search results, ratings given; communications via telephone, fax, e-mail, voicemail, text messaging (SMS), picture messaging (MMS), video messaging, instant messaging, website contact form, etc.
If you provide us with personal data of other persons (e.g. family members, data of work colleagues), please make sure that these persons are aware of this data privacy statement and only share their personal data with us if you are allowed to do so and if this personal data is correct.
Processing of personal data according to this data privacy statement refers to any handling of personal data. This includes, for example, the collection, storage, management, use, transmission, disclosure or deletion of personal data.
3 Protection of personal data
We have technical and organisational security procedures in place to maintain the security of personal data and to protect personal data against unauthorised or unlawful processing and/or again accidental loss, modification, disclosure or unauthorised access.
Nevertheless, you should always be aware that the transmission of any data via the internet and other electronic means entails certain security risks, and that we cannot guarantee the security of any data transmitted in this manner.
If you disclose personally identifiable information through an open or third-party network, you should be aware that your data may be lost or potentially accessed by third parties and, as a result, the data may be collected and used without your consent.
4 Retention period
We retain personal data for as long as we consider necessary or appropriate to comply with applicable laws or as long as it is necessary for the purposes for which it was collected.
In this regard, it is possible that personal data will be retained for the time during which claims can be asserted against our company (i.e. in particular during the statutory period of limitation) and insofar as we are otherwise required to do so by law or by legitimate business interests (e.g. for purposes of evidence and documentation).
As soon as your personal data is no longer required for the above-mentioned purposes, it will be deleted or anonymised as a matter of principle and as far as possible. For operational data (e.g. system logs, logs), shorter retention periods of twelve months or less generally apply.
5 Rights of data subjects
Within the scope of applicable law, data subjects have the right to know whether and, if so, which personal data we process about them, and may request a copy.
Within the scope of the applicable law, data subjects further have the right to correct or supplement their personal data, to object to the processing of their personal data or (under certain circumstances) to request the deletion of their personal data. Data subjects may also object to the processing of certain personal data and may demand that data processing be restricted. It should be noted that the restriction or deletion of personal data may, among other things, result in our inability to fulfill orders or to send communications and invitations. You also have the right to receive your personal data on a computer-readable medium and to transmit it to a third party.
The exercise of such rights usually requires that you clearly prove your identity (e.g. by means of a copy of your ID card, in cases where your identity is otherwise not clear respectively cannot be verified). To assert your rights, you can contact us at the address given in section 6.
Data subjects have the right to assert their data protection rights at any time. If data subjects do not agree with our data processing, they can report this to the Federal Data Protection and Information Commissioner (FDPIC) and/or the competent supervisory authorities in the EU.
6 Contact options
If data subjects wish to assert their rights with respect to their personal data, have questions or, respectively, concerns about the processing of personal data, or have other questions in connection with data protection, they may contact us as follows: GOLD TO GO AG, Bodenstrasse 23, Herr Peter Steiner, 6403 Küssnacht am Rigi, Schweiz, T +41 xxx, www.goldtogo.ag.
We reserve the right to correspond electronically (especially by e-mail) in this regard. We will respond to or address any questions or concerns as soon as possible after receipt.
Please note that we may not provide information on processed personal data if this is prohibited by mandatory law.
7 Owner of the data collection
The owner of the data collection is GOLD TO GO AG.
8 Art der Sammlung von Personendaten
We collect personal data that is transmitted to us in particular in the following constellations: in connection with the initiation of a contractual relationship; in connection with the provision of our contractual services; if you (or your corporate bodies/employees, respectively) communicate with us; if you ask us to send you notices, newsletters or other information; if you register for an event; if you apply for a job with us; and if you visit our website and, for example, use the contact form.
In certain cases, we supplement personal data with information that we have gathered from publicly available sources (such as the internet).
9 Time of collection of personal data
We collect personal data when we are in contact with you or data subjects, respectively. The situations are varied. For example, we collect personal data in the following circumstances: you purchase our products (e.g. technical equipment) or services (e.g. installation, commissioning, or maintenance services); you are interested in a collaboration, financing solution or investment; you attend our courses, seminars or training sessions; you receive a newsletter or advertisement about our services; you communicate with us via telephone, fax, e-mail, voicemail, text messaging (SMS), picture messaging (MMS), video messaging, instant messaging, etc. ; you use or communicate with us or third parties via our website (in particular via the contact form); you visit our premises; your mobile phone connects to the WLAN provided by us in our business premises; you contact us on special occasions such as events, promotional events, etc.; you apply for a job with us by mail, e-mail or other electronic means of communication.
10 Purpose of the processing of personal data
We process personal data for various purposes. These purposes can be grouped into different categories. In particular, we may process personal data in whole or in part for one or more of the following purposes:
- Processing purposes in connection with our contractual obligations, services, creation, implementation and termination of orders, including invoicing, financing solutions and cooperations; organisation and implementation of courses, seminars or training sessions; assertion of legal claims and defense in connection with legal disputes and official procedures; verification of client creditworthiness.
- Processing purposes in connection with client communication, business communication by mail and by telephone, fax, e-mail, voicemail, text messaging (SMS), picture messaging (MMS), video messaging, instant messaging, website contact form, etc.; communication, for example to send you newsletters and information about us, to send you invitations to events, courses, conferences and lectures, and to manage our contacts database.
- Processing purposes in connection with special activities and occasions such as events, promotional events, etc. and insurance purposes.
- Processing purposes in connection with direct marketing.
- Use of insights from the analysis of client behavior for the continuous improvement of all service offerings.
- Individualised and personalised adaptation of offers as well as advertising on our website, apps for mobile devices or on our channels on internet platforms respectively social networks.
- Processing purposes in connection with job applications; communication and verification of job applications.
11 Legal basis of the processing of personal data
We base the processing of personal data primarily on the fulfillment of the order agreement in accordance with the order. Furthermore, we rely on our legitimate interests to remain in contact with you as a business partner, to carry out pre-contractual measures, to perform contracts as agreed, to manage the contractual relationship and to communicate with you to inform you about our activities and events.
We consider our legitimate interests to be in line with the regulations and the rights of data subjects.
In the case of a job application, we rely on your consent as the legal basis for processing your personal data. You may withdraw this consent at any time.
Besides, we process personal data on the basis of the consent of the data subject or on the legal basis.
12 Storage of personal data
GOLD TO GO AG is a Swiss company and all your personal data is basically processed in Switzerland and stored exclusively on servers in Switzerland.
13 Transfer of personal data
We may disclose personal data to our affiliated companies or third parties, in order to make use of technical, organisational or other services which we need to meet the said purposes or our other business activities. This, in particular, involves the following entities:
- service providers of us (such as banks, insurance companies), including order processors (such as IT providers);
- dealers, manufacturers, suppliers, auxiliary persons (such as, in particular, lawyers and law firms and experts consulted in Switzerland and abroad) and other business partners;
- clients and, respectively, principals as well as affiliated companies and their counterparties in Switzerland and abroad;
- domestic and foreign authorities, official agencies or courts as well as arbitration tribunals;
- media, public, including visitors to websites and social media;
- competitors, industry organisations, associations, organisations and other bodies;
- any counterparties or interested parties in corporate transactions; other parties in potential or actual legal proceedings.
These recipients are partly in Switzerland, but may be in any country in the world. In particular, the data may be transferred to countries in which our clients, their affiliated companies, counterparties or business partners, as well as service providers or experts engaged, are located or in which our clients and their group companies were involved in proceedings. If we transfer data to a country without adequate legal data protection, we ensure an adequate level of protection as required by law by using corresponding contracts (namely on the basis of the so-called standard contractual clauses of the European Commission) or so-called Binding Corporate Rules or rely on the legal exceptions of consent, the performance of a contract, the establishment, exercise or enforcement of legal claims, overriding public interests, published personal data or because it is necessary to protect the integrity of the data subjects.
Our service providers are contractually obligated to process personal data exclusively on our behalf and in accordance with our instructions. We also oblige our service providers to comply with technical and organisational measures that ensure the protection of personal data.
In the event of the sale of our business to another company or in the event of the restructuring of our business, personal data will be shared to enable you to continue to use our services. We also typically share personal data with potential principals when we consider a partial or complete sale or spin-off of a business. We take precautions to ensure that these potential principals take care of the security of the data.
5We may also disclose personal data if we consider it necessary to comply with applicable laws and regulations, in court proceedings, at the request of the competent courts and authorities or due to other legal obligations or to protect and defend our rights or property, respectively.
14.2 Which cookies do we use?
Most of the cookies we use are automatically deleted from your computer or mobile device after your browser session has ended (so-called session cookies).
In addition, we also use temporary or, respectively, permanent cookies. These remain stored on your computer or mobile device after the end of the browser session. When you revisit our website your preferred entries and settings are automatically recognised.
Depending on the type of cookie, these temporary or, respectively, permanent cookies remain stored on your computer or mobile device for between one month and ten years and are automatically deactivated after the end of the programmed period. They are used to make our website more user-friendly, effective and secure.
Most internet browsers accept cookies automatically. You may, however, instruct your browser not to accept any cookies or to prompt you each time before accepting a cookie from a website you visit. You may also delete cookies from your computer or mobile device at any time by using the appropriate function of your browser. If you decide not to accept our cookies or the cookies of our affiliated companies, you may not see certain information on our website and may not be able to use some features designed to enhance your visit.
14.3 Use of log files
Every time you access our website, certain usage data is transmitted to us by your internet browser for technical reasons and stored in protocol files, the so called log files. The usage data in question is the following: date and time of access to our website; name of the website accessed; IP address of your computer or mobile device; address of the website from which you accessed our website; volume of data transferred, as well as the name and version of your browser.
The analysis of the log files helps us to further improve our website and make it more user-friendly, to find and remove errors more quickly, and to control server capacities. Based on the log files, we can, for instance, determine the time when the use of our internet offers is particularly popular and make corresponding data volumes available to ensure the best possible use for you.
14.4 Use of web analysis tools
In order to continuously improve and optimise our website, we use so-called tracking technologies. Web analysis tools provide us with statistics and graphics that provide us with information about the use of our website. This involves data about the use of a website being transferred to the server used. Depending on the provider of a web analysis tool, these servers may be located abroad.
For the most frequently used web analysis tool, Google Analytics, this data is transferred including shortened IP addresses, which prevents the identification of individual devices. Google observes the data protection provisions of the "Swiss-U.S. Privacy Shield" Agreement and has registered with the U.S. Department of Commerce for the "Swiss-U.S. Privacy Shield"(information on the Swiss-U.S. Privacy Shield may be found at https://www.privacyshield.gov/Swiss-US-Privacy-Shield-FAQs.
The IP address transmitted by your browser as part of Google Analytics will not be merged with other data from Google. A transfer of this data by Google to third parties may only take place on the basis of legal regulations or as part of order data processing.
You may prevent the collection of data generated by cookies and related to your use of the website (including your IP address) at Google, as well as the processing of this data by Google, by downloading and installing the browser plugin available at the following link (http://tools.google.com/dlpage/gaoptout).
For more information about Google Analytics and data protection please visit: http://tools.google.com/dlpage/gaoptout or http://www.google.com/intl/de/analytics/privacyoverview.html.
14.5 Use of social plugins
Our website uses social plugins, e.g. from LinkedIn. The plugins are labelled with the logo of the provider.
When you call up a website which contains such a plugin, your browser establishes a direct connection with the provider's computers. The content of the plugin is transmitted by the provider site directly to your browser and integrated by it into the website. By integrating the plugins, the provider receives the information that you have accessed our website. If you are logged in to the provider at the same time, the provider can assign the visit to your profile. If you interact with the plugins - for example, by clicking the "Like" button or posting a comment - the corresponding information is transmitted from your browser directly to the provider and stored there.
Please refer to the data protection notices of the providers for the purpose and scope of data collection and the further processing of your data by the provider, as well as your respective rights and setting options to protect your privacy: LinkedIn Ireland Unlimited Company: LinkedIn Ireland Unlimited Company: https://www.linkedin.com/legal/privacy-policy; Facebook Ireland Ltd: https://www.facebook.com/privacy/explanation.
If you do not want the providers to collect data about you via these cookies, you may select the "block cookies from third-party providers” function in your browser settings. In such case, the browser will not send any cookies to the server for embedded content from other providers. With this setting, i other functions of our website may also no longer work.
15 Changes and inclusion of the data privacy statement
This data privacy statement may be amended at any time without prior notice. The current version published on our website applies. If you or, respectively, data subjects wish to refer to this data privacy statement, please ask us for the current version.