1. General
This privacy policy informs you about the data processing that occurs when you visit this website and perform an action proposed on the website, e.g. subscribe to the newsletter.
We reserve the right to adapt this data protection information from time to time so that it always corresponds to the actual and legal circumstances. Please check the data protection information regularly when visiting our website.
The processing of your data is subject to Swiss law and, in certain areas, to the General Data Protection Regulation of the European Union (GDPR) and the United Kingdom (UK GDPR; hereinafter referred to uniformly as GDPR).
2. Meanings of terms
The terminology used in Swiss data protection law and in the GDPR, which is differentiated in some cases, is used uniformly in this data protection declaration. The terms are to be understood in the specific case in accordance with the relevant legal regulations.
We use the term “data” in this privacy statement synonymously with “personal data” or “personal information”.
3. Person responsible for data processing
The person responsible for the data processing described in this privacy policy is:
Granovit SA
Treize Cantons 2A
CH – 1522 Lucens
online@granovit.ch
4. Contact information
You can contact us regarding your data protection concerns and to exercise your rights under section 11 as follows:
Granovit SA
Kliba Nafag
Rinaustrasse 380
CH – 4303 Kaiseraugst
online@granovit.ch
5. Data processing
When you visit our website, online identifiers such as the IP address or cookies are automatically collected.
When you contact us, for example by filling out a contact form, contacting us by email or phone, or commenting using features provided on the website, we collect the data you provide and exchange with us, including the boundary data of the communication.
We collect and use data about your behaviour and preferences to better tailor our offers to you.
When you purchase a product, we process all the data you provide that is necessary for the processing of the contract, such as personal master data, contact data and payment data.
Finally, to the extent permitted by law, we receive data from publicly available sources, authorities or other third parties (e.g. internet analysis services, etc.).
6. Processing purposes
We process your data for the following purposes:
- Provision of the website
- Contract processing
- General communication with you
- Marketing and relationship management
- Improvement and development of our offer
- Analysis and optimisation of the use of the website
- Security purposes
- Compliance with legal or regulatory requirements
7. Basis for data processing
Your data is processed in accordance with the Swiss Data Protection Act and, in certain areas, the General Data Protection Regulation of the European Union (GDPR) and the United Kingdom (UK GDPR; hereinafter referred to uniformly as GDPR).
If we process data based on consent, we will inform you separately in each case, stating the relevant purposes. You can revoke your consent at any time with effect for the future. You can revoke your consent by contacting us in writing. You will find the contact information in section 4.
Insofar as the GDPR applies, we process your data on the legal basis of Art. 6 para. 1 lit. a) GDPR (consent), Art. 6 para. 1 lit. b) GDPR (fulfilment of a contract), Art. 6 para. 1 lit. c) GDPR (legal obligation) or Art. 6 para. 1 lit. f) GDPR (legitimate interests).
8. Disclosure of data to third parties
With regard to the provisions set out in section 6, we also transfer your data to service providers such as IT providers, logistics companies, payment providers or providers of the tools listed below.
Furthermore, we also transmit data to authorities if we have a legal obligation to do so.
9. Data transmission abroad
Regarding data transfer to third parties, it is possible that your data will be processed not only in Switzerland. If the legal level of data protection in the corresponding recipient country does not correspond to the level of data protection in Switzerland, we will take appropriate measures to ensure that a transfer may take place, e.g. by concluding the standard contractual clauses of the European Union, or that another legally provided option exists, e.g. by fulfilling a contractual obligation for you or by you giving us your consent.
10. Note on data transfers to the USA
For the sake of completeness, we would like to point out for users resident or domiciled in Switzerland that there are surveillance measures in place in the USA by US authorities which generally allow the storage of all personal data of all persons whose data has been transferred from Switzerland to the USA. This is done without any differentiation, limitation or exception based on the objective pursued and without any objective criterion that would make it possible to limit the access of the US authorities to the data and their subsequent use to very specific, strictly limited purposes that are capable of justifying the intrusion associated with both access to and use of this data. Furthermore, we would like to point out that in the USA, there are no legal remedies available to data subjects from Switzerland that would allow them to gain access to the data concerning them and to obtain their correction or deletion, and that there is no effective judicial legal protection against general access rights of US authorities. We explicitly draw the attention of the data subject to this legal and factual situation so that they can make an appropriately informed decision to consent to the use of their data.
We would like to point out to users residing in a member state of the EU that the USA does not have a sufficient level of data protection from the perspective of the European Union – among other things due to the issues mentioned in this section. Insofar as we have explained in this privacy statement that recipients of data (such as Google) are based in the USA, we will ensure either through contractual arrangements with these companies or by ensuring that these companies are certified under the EU or Swiss-US Privacy Shield that your data is protected with our partners with an appropriate level.
11. Duration of data processing
In principle, data is deleted as soon as the purpose has been fulfilled and there are no longer any legal retention obligations.
12. Data security
We have taken technical and organisational measures, which are regularly reviewed and adapted to technical progress, to protect your data from loss, access, misuse or alteration.
13. Your rights
As a data subject, you have the following rights in connection with the processing of your data relevant under data protection law:
- Right to information about what data we store about you and how we process it
- Right to rectify your data
- Right to delete or restrict your data
- Right to object to data processing
- Right to data portability, e. to request the return of certain data in a common format or their transfer to another controller
- Right of appeal to a supervisory authority
The contact information of the Federal Data Protection and Information Commissioner can be found here: https://www.edoeb.admin.ch/edoeb/en/home/deredoeb/kontakt.html.
If you have any questions about data protection, please send an email to online@granovit.ch.
14. Personal data processing
14.1 Provision and use of the website
The following data is collected when you visit our website:
- IP address
- Date of access
- Time of access
- Access duration
- Country from which accessed
- Browser type
- Referrer URL
- Browser type used
- Operating system of the computer
- Name of the access provider
- Referral and exit pages
When you fill out the contact form, the data you provide on a voluntary basis will be processed.
We host our website with Infomaniak in Switzerland. Infomaniak Network SA, Rue Eugène-Marziano 25, 1227 Les Acacias, Geneva, Switzerland, provides us with the technical infrastructure and data storage for our website.
By choosing Infomaniak as our hosting provider, we aim to ensure that your data is stored in a secure and trustworthy environment. Infomaniak is committed to complying with applicable data protection laws and to taking appropriate security measures to protect your data.
Please note that Infomaniak, as the hosting provider, has access to the stored data but is subject to strict confidentiality and security regulations.
Detailed information can be found here: https://www.infomaniak.com/en/legal/general-data-protection-regulation
14.2 Cookies
This website uses cookies. Cookies are small pieces of data that are stored in the website visitor’s browser. Cookies are used for the security of this website, to measure system effectiveness and to provide an optimal visitor experience. Cookies can be used to track your movements and actions on this website.
You can configure cookies on your end device via the cookie banner and in your browser settings. Please note that if cookies are completely deactivated, it may no longer be possible to use all the functions of this website.
<a href=”#” class=”cky-banner-element”>Cookie Settings</a>
14.3 Analysis services
We use the services of third-party companies to analyse browsing behaviour. By means of the analysis services, we measure the use of the website and evaluate it, or have it measured and evaluated. For this purpose, the third-party companies may also use permanent cookies or similar technologies. The third-party company may track your use of our website, combine this information with data from other websites you have visited that are also tracked by the third-party company, and use these insights for its own purposes (e.g. controlling advertising).
We currently use Google Analytics as an analysis tool. The storage of cookies can be prevented by a corresponding setting in your browser software. You can also prevent the collection of data generated by the cookie and related to your use of the online offer to Google and the processing of this data by Google by downloading and installing the browser plugin available at the following link: https://tools.google.com/dlpage/gaoptout?hl=en.
14.4 Google services
14.4.1 Google Fonts
This website uses Google Fonts from the American company Google LLC. For users who have their habitual residence in the European Economic Area or Switzerland, Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland is responsible for processing the data. When loading the page, your browser loads the fonts directly from the Google servers. Your IP address is transmitted to Google in the process and may be stored there. The use of these fonts serves to ensure a uniform presentation. You can find more information in Google’s privacy policy. You can deactivate the use of fonts in the browser settings, but this may affect the display.
14.4.2 Google Maps and Google Maps forms
This website uses Google Maps and Google Maps forms of the American Google LLC. For users who have their habitual residence in the European Economic Area or Switzerland, Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland is responsible for processing the data. In the process, information about usage, including your IP address, is collected, transmitted and stored by Google. The use serves to ensure user-friendly presentation and interaction. You can find more information in Google’s privacy policy.
14.4.3 Google Analytics
This website uses Google Analytics, a web analytics service provided by the American company Google LLC. For users who have their habitual residence in the European Economic Area or Switzerland, Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland is responsible for processing the data. Google Analytics uses cookies to enable analysis of your use of the website. Google Analytics is used to continuously improve our website and to optimise your user experience. The information generated by the cookies is stored on Google servers worldwide. Google is a certified company under the Swiss-U.S. Privacy Shield Framework as well as the EU-U.S. Privacy Shield Framework, whereby the company has committed itself to comply with the Swiss and European data protection laws. [If IP anonymisation is activated, which is recommended] Google Analytics is only used for this website with IP anonymisation activated. This means that the IP address of users is shortened and only in exceptional cases is the full IP address transmitted to a Google server in the USA. The user-related data is automatically deleted after 26 months.
You can find further information on the privacy policy of Google Ireland Limited here: https://policies.google.com/privacy?hl=en
You can deactivate Google Analytics here: https://tools.google.com/dlpage/gaoptout?hl=en
14.4.4 Google reCAPTCHA
To ensure security on our website, we use the Google reCAPTCHA captcha service provided by the American company Google LLC. For users who have their habitual residence in the European Economic Area or Switzerland, Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland is responsible for processing the data. The reCAPTCHA service protects websites from spam software and from abuse by non-human users. To this end, Google reCAPTCHA analyses behaviour on our website on the basis of various characteristics. The storage period depends on the respective type of data and cannot be determined.
You can find further information on the privacy policy of Google Ireland Limited here: https://policies.google.com/privacy?hl=en
14.5 Typekit fonts
We use Typekit fonts on our website, a service provided by Adobe Systems Software Ireland Limited, 4-6 Riverwalk, Citywest Business Campus, Dublin 24, Ireland. When the page is loaded, the fonts are directly loaded from the Typekit servers. In this process, your IP address is transferred to Adobe and may be stored there. This usage is for the purpose of ensuring a consistent presentation of our website.
—
For questions regarding data protection, please send an email to online@granovit.ch.