privacy

Data protection

The responsible body within the meaning of the data protection laws, in particular the EU General Data Protection Regulation (GDPR), is:

Schrader GmbH
Säntisstrasse 13
8599 Salmsach

Email: info@candy24.ch
Website: https://www.candy24.ch/

General remark

Based on Article 13 of the Swiss Federal Constitution and the data protection regulations of the Federal (Data Protection Act, DSG), every person is entitled to protection of their privacy and protection against misuse of their personal data. The operators of these pages take the protection of their personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this data protection declaration.

In cooperation with our hosting providers, we strive to protect the databases from strangers, losses, abuse or fake as much as possible.

We would like to point out that data transmission on the Internet (e.g. when communicating by email) can have security gaps. Complete protection of the data before access by third parties is not possible.

By using this website, you agree to the collection, processing and use of data according to the following description. This website can generally be visited without registration. Data such as the pages or names of the file accessed are saved, date and time for statistical purposes on the server without this data being directly related to yourself. Personal data, in particular the name, address or email address, will be collected on a voluntary basis as far as possible. Without your consent, the data will not be passed on to third parties.

Processing of personal data

Personal data is all information that relates to a specific or determinable person. A data subject is a person through which personal data are processed. Edit includes every handling of personal data, regardless of the agents and procedures applied, in particular storing, maintaining, procuring, deleting, storing, changing, changing and using personal data.

We process personal data in accordance with Swiss data protection law. Incidentally, we process-as far as the EU GDPR applicable-personal data according to the following legal basis in connection with Art. 6 Para. 1 GDPR:

  • Lit. a) Processing of personal data with the consent of the data subject.
  • Lit. b) Processing of personal data to fulfill a contract with the data subject and to carry out corresponding pre -contractual measures.
  • Lit. c) Processing of personal data on fulfilling a legal obligation, which we are subject to, according to the applicable law of the EU or in accordance with a country in which the GDPR is in whole or in part, we are subject to applicable law.
  • Lit. d) Processing of personal data to protect vital interests of the data subject or another natural person.
  • Lit. f) Processing of personal data in order to maintain the legitimate interests of us or from third parties, unless the basic freedoms and fundamental rights and interests of the data subject predominate. In particular, justified interests are our business interest to be able to provide our website, information security, enforcement of one's own legal claims and compliance with Swiss law.

We process personal data for those duration that is required for the respective purpose or the respective purposes. In the event of long -term retention obligations due to legal and other obligations that we are subject to, we limit the processing accordingly.

Data protection declaration for cookies

This site uses cookies. These are small text files that make it possible to store specific information related to the user on the user's end device while using the website. Cookies make it possible to determine the frequency of use and the number of users on the pages, to analyze the behavior of the side use, but also to make our offer more customer -friendly. Cookies are stored over the end of a browser session and can be called up again when visiting a page. If you do not want this, you should set your internet browser so that it refuses to accept cookies.

Data protection declaration for SSL encryption

This website uses SSL encryption for reasons of security and to protect confidential content, such as the inquiries that you send to us as site operators. You can see an encrypted connection from the fact that the address line of the browser from "http: //" changes to "https: //" and on the castle symbol in your browser line.

If the SSL encryption is activated, the data you transmit to us cannot be read by third parties.

Services of third parties

At best, this website use Google Maps for embedding cards, Google Invisible Recaptcha for protection against bots and spam as well as YouTube for embedding videos.

These services of the American Google LLC use, among other things, cookies and as a result, data are transferred to Google in the USA, whereby we assume that this framework does not take any personal tracking only by using our website.

Google has undertaken to ensure adequate data protection according to the American-European and American-Swiss privacy Shield.

Further information can be found in the Data protection declaration from Google.

Data protection declaration for contact form

If you send us inquiries by contact form, your information from the request form including the contact details you specified there will be stored for the purpose of processing the request and in the event of follow -up questions. We do not pass on this data without your consent.

Data protection declaration for newsletter data

If you would like to obtain the newsletter offered on this website, we need an email address from you and information that allows us to check that you are the owner of the specified email address and agree to the receipt of the newsletter . Further data is not collected. We only use this data to send the requested information and do not pass it on to third parties.

You can revoke the consent to storing the data, the e-mail address and its use to send the newsletter at any time, for example via the "Hire" link in the newsletter.

Data protection declaration for right to information, deletion, blocking

You have the right to free information about your stored personal data, its origin and recipient and the purpose of data processing as well as the right to correction, blocking or deleting this data. To do this, you can contact us at any time at the address given in the imprint on the subject of personal data.

Data protection declaration for objection advertising emails

The use of contact details published within the framework of the imprint obligation to send not expressly requested advertising and information material is hereby objected. The operators of the pages expressly reserve the right to take legal steps in the event of unsolicited sending of advertising formations, for example through spam emails.

Google AdWords

This website uses Google Conversion tracking. If you have reached our website via a display connected by Google, Google AdWords set a cookie on your computer. The cookie for conversion tracking is set when a user clicks on a display connected by Google. These cookies lose their validity after 30 days and do not serve personal identification. If the user visits certain pages of our website and the cookie has not yet expired, we and Google can see that the user clicked on the display and has been forwarded to this page. Every Google AdWords customer receives a different cookie. Cookies cannot therefore be tracked on the websites of AdWords customers. The information obtained using the conversion cookies is used to create conversion statistics for AdWords customers who have chosen conversion tracking. Customers learn the total number of users who clicked on their ad and were forwarded to a page with a conversion tracking day. However, you do not receive any information with which users can be identified personally.

If you do not want to take part in tracking, you can reject the necessary setting of a cookies-for example by browser setting, which generally deactivates the automatic setting of cookies or set your browser so that cookies from the domain "Googleleadervices.com" are blocked.

Please note that you are not allowed to delete the opt-out cookies as long as you do not want measuring data. If you have deleted all of your cookies in the browser, you must put the respective opt-out cookie again.

Use of Google Remarketing

This website uses the remarketing function of Google Inc. The function serves to present website visitors within the Google advertising network interest-related advertisements. A so -called "cookie" is saved in the browser of the website visitor, which enables visitor to recognize the visitor if this website calls for the Google advertising network. On these pages, advertisements can be presented to the visitor that relate to content that the visitor has previously called up on websites that use Google's remarketing function.

According to its own statements, Google does not collect any personal data in this process. If you do not want Google's remarketing function, you can generally deactivate it by the corresponding settings under http://www.google.com/settings/ads make. Alternatively, you can deactivate the use of cookies for interest -related advertising via the advertising network initiative by http://www.networkadvertising.org/managing/opt_out.asp consequences.

Data protection declaration for Google Analytics

This website uses Google Analytics, a web analysis service from Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA. Google provides Google to deactivate Google Analytiscs https://tools.google.com/dlpage/gaoptout?hl=de A browser plug-in. Google Analytics uses cookies. These are small text files that make it possible to store specific information referred to the user on the user's end device. These enable an analysis of the use of our website offered by Google. The information collected by the cookie about the use of our pages (including your IP address) are usually transferred to a Google server in the USA and stored there. We would like to point out that Google Analytics on this website was expanded to include the code "Gat._anonymizeiP ();" to ensure anonymized recording of IP addresses (so-called IP-Masking). If anonymization is active, Google IP addresses are shortened within Member States of the European Union or in other contracting states of the Agreement on the European Economic Area, which is why no conclusions about their identity are possible. Only in exceptional cases is the full IP address transferred to a Google server in the USA and shortened there. Google observes the data protection regulations of the "Privacy Shield" agreement and is registered with the "Privacy Shield" program of the US Ministry of Trade and uses the information collected to evaluate the use of our websites, reports for us in this regard and other services related to us to provide. You can find out more at https://www.google.com/intl/de/analytics/privacyoverview.html.

Data protection declaration for Google Adsense

This website uses Google Adsense, a service for the integration of Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA. GoogleadSense uses so -called "cookies", text files that are stored on your computer and which enables an analysis of the use of the website. Google Adsense also uses so -called Web Beacons (invisible graphics). These web beacons can be used to evaluate information such as visitor traffic on these pages. The information generated by cookies and web beacons about the use of this website (including your IP address) and delivery of advertising shape are transmitted to a Google server in the USA and stored there. This information can be passed on by Google to Google's contractual partner. However, Google will not bring your IP address together with other data you have stored. You can prevent the installation of the cookies by setting your browser software; However, we would like to point out that in this case you may not be able to use all functions of this website fully. By using this website, you agree to process the data collected about you by Google in the manner described above and for the previously mentioned purpose.

Data protection declaration for Facebook

This website uses functions of Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA. When calling our pages with Facebook plug-ins, a connection between your browser and the Facebook servers is established. Data is already transferred to Facebook. If you have a Facebook account, this data can be linked. If you do not want this data to be assigned to your Facebook account, please log in to Facebook before visiting our website. Interactions, in particular the use of a comment function or clicking a "Like" or "Share" buttons, are also passed on to Facebook. You can find out more at https://de-de.facebook.com/about/privacy.

Data protection declaration for Instagram

Functions of the Instagram service are integrated on our pages. These functions are offered by Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA. If you are logged into your Instagram account, you can link the content of our pages with your Instagram profile by clicking the Instagram button. This allows Instagram to assign visiting our pages to your user account. We would like to point out that we, as the provider of the pages, receive no knowledge of the content of the data and its use by Instagram.

Further information can be found in the data protection declaration of Instagram: http://instagram.com/about/legal/privacy/

External payment service provider

This website uses external payment service providers, through whose platforms the users and we can make payment transactions. For example over

  • Postfinance (https://www.postfinance.ch/de/detail/rechtlichliche-barrierefreiheit.html)
  • Visa (https://www.visa.de/nutzungs conditions/visa-privacy-center.html)
  • Mastercard (https://www.mastercard.ch/de-ch/datenschutz.html)
  • American express (https://www.americanexpress.com/de/content/privacy-policy-statement.html)
  • PayPal (https://www.paypal.com/de/webapps/mpp/ua/privacy-full)
  • Bexio AG (https://www.bexio.com/de-ch/datenschutz)
  • PAYREXX AG (https://www.payrexx.ch/site/assets/files/2592/datenschutzerklaerung.pdf)
  • Apple Pay (https://support.apple.com/de-ch/ht203027)
  • Stripe (https://stripe.com/ch/privacy)
  • Klarna (https://www.klarna.com/de/datenschutz/)
  • Skrill (https://www.skrill.com/de/fusszeile/datenschutzlathine/)
  • Giropay (https://www.giropay.de/wechtliche/datenschutz-agb/) etc.

As part of the fulfillment of contracts, we set the payment service providers based on the Swiss Data Protection Ordinance and and, if necessary, Art. 6 Para. 1 lit. b. EU GDPR. In addition, we use external payment service providers based on our legitimate interests in accordance with Swiss Data Protection Ordinance and and, if necessary, in accordance with Art. 6 Para. 1 Lit. f. EU GDPR to offer our users effective and secure payment options.

The data processed by the payment service providers include inventory data, such as the name and address, bank details, such as account numbers or credit card numbers, passwords, tan and test sums as well as the contract, sums and recipient-related information. The information is required to carry out the transactions. However, the data entered is only processed by the payment service providers and stored in them. As the operator, we do not receive any information about (bank) account or credit card, but only information on confirmation (acceptance) or rejection of the payment. Under certain circumstances, the data is transmitted to economic information on the part of the payment service provider. This transmission aims for identity and credit check. To do this, we refer to the terms and conditions and data protection information from the payment service providers.

The terms and conditions and the data protection instructions of the respective payment service providers apply to the payment transactions, which can be called up within the respective website or transaction applications. We refer to this also for further information and assertion of cancellation, information and other affected rights.

Order processing in the online shop with customer account

We process the data of our customers in accordance with the data protection provisions of the Federal (Data Protection Act, DSG) and the EU GDPR, within the framework of the order processes in our online shop, to choose and order the selected products and services, as well as their payment and delivery , or to enable execution.

The processed data include master data (inventory data), communication data, contract data, payment data and the persons affected by the processing include our customers, interested parties and other business partners. The processing takes place for the purpose of providing contract services as part of the operation of an online shop, settlement, delivery and customer services. Here we use session cookies, e.g. for storing the shopping cart content and permanent cookies, e.g. for storing the login status.

The processing takes place on the basis of Art. 6 Para. 1 lit. B (implementation of order processes) and C (legally required archiving) GDPR. The information marked as necessary are required to justify and fulfill the contract. We only reveal the data compared to third parties as part of delivery, payment or within the framework of the legal permits and obligations. The data is only processed in third countries if this is necessary for the fulfillment of the contract (e.g. on customer requirements for delivery or payment).

Users can optionally create a user account by being able to view their orders in particular. As part of the registration, the necessary mandatory information will be communicated to the users. The user accounts are not public and cannot be indexed by search engines, e.g. Google. If users have terminated their user account, their data will be deleted with regard to the user account, and their storage is required subject to Art. 6 Para. 1 lit. c GDPR for commercial or tax reasons. Information remains in the customer account until they are deleted with subsequent archiving in the event of a legal obligation. It is the responsibility of the users to secure their data before the contract has been terminated.

As part of registration and re-registration as well as the use of our online services, we save the IP address and the time of the respective user story. The storage is based on our legitimate interests, as well as the user in protection against misuse and other unauthorized use. In principle, this data is not passed on to third parties, unless it is required to pursue our claims or there is a legal obligation in accordance with Art. 6 Para. 1 lit. c GDPR.

The deletion takes place at the expiry of legal warranty and comparable obligations, the necessity of the storage of the data is checked at irregular intervals. In the case of the statutory archiving obligations, the deletion takes place after the process.

Copyright

The copyright and all other rights to content, pictures, photos or other files on the website belong exclusively to the operator of this website or the specially mentioned rights holders. For the reproduction of all files, the written consent of the copyright carrier must be obtained in advance.

Anyone who commits a copyright infringement without the consent of the respective rights holder can make themselves punishable and at most liable for damages.

Changes

We can adjust this data protection declaration at any time without notice. The current version published on our website applies. If the data protection declaration is part of an agreement with you, we will inform you in the event of an update about the change by email or in a suitable way.

Questions to the data protection officer

If you have any questions about data protection, please send us an email or contact the person responsible for data protection at the beginning of the data protection declaration in our organization.

Winterthur, 09/16/2018
Source: Swissanwalt