Privacy Policy

Privacy Policy

With this Privacy Policy, we explain which personal data we process in connection with our activities and operations, including our website snvsolutions.ch. In particular, we explain for what purposes, how, and where we process personal data. We also inform you about the rights of individuals whose data we process. For individual or additional activities and operations, further privacy policies and other legal documents such as General Terms and Conditions (GTC), Terms of Use, or Participation Conditions may apply.

We are subject to Swiss data protection law and, where applicable, to foreign data protection law, in particular the European Union (EU) General Data Protection Regulation (GDPR). The European Commission recognizes that Swiss data protection law ensures an adequate level of protection.

1. Contact Addresses

Controller responsible for processing personal data:
SNV Group GmbH
Willenhofstrasse 13
8182 Hochfelden
info@snvsolutions.ch

We will point out if, in individual cases, other controllers are responsible for processing personal data.

2. Terms and Legal Bases

2.1 Terms

“Personal data” means all information relating to an identified or identifiable natural person. A “data subject” is a person whose personal data we process. “Processing” means any handling of personal data, regardless of the means and procedures used, for example querying, matching, adapting, archiving, storing, reading, disclosing, procuring, recording, collecting, deleting, making available, organizing, saving, altering, distributing, linking, erasing and using personal data.

The European Economic Area (EEA) comprises the Member States of the European Union (EU) as well as Liechtenstein, Iceland and Norway. Under the GDPR, processing refers to the processing of personal data.

2.2 Legal Bases

We process personal data in accordance with Swiss data protection law, in particular the Federal Act on Data Protection (FADP) and the Ordinance on Data Protection (DPO). Where and to the extent the GDPR applies, we process personal data on at least one of the following legal bases:

  • Art. 6(1)(b) GDPR: processing necessary for the performance of a contract with the data subject or to take steps prior to entering into a contract.
  • Art. 6(1)(f) GDPR: processing necessary for the purposes of the legitimate interests pursued by us or by a third party, provided such interests are not overridden by the interests or fundamental rights and freedoms of the data subject. Legitimate interests include, in particular, our interest in operating and communicating about our activities in a sustainable, user-friendly, secure and reliable manner, ensuring information security, preventing misuse, enforcing our legal claims and complying with Swiss law.
  • Art. 6(1)(c) GDPR: processing necessary for compliance with a legal obligation under applicable law of an EEA Member State.
  • Art. 6(1)(e) GDPR: processing necessary for the performance of a task carried out in the public interest.
  • Art. 6(1)(a) GDPR: processing based on the data subject’s consent.
  • Art. 6(1)(d) GDPR: processing necessary to protect the vital interests of the data subject or of another natural person.

3. Nature, Scope and Purpose

We process those personal data that are necessary to operate our activities in a sustainable, user-friendly, secure and reliable way. Such personal data may fall in particular into the following categories: basic and contact data, browser and device data, content data, meta/telemetry and usage data, location data, sales data, as well as contract and payment data.

We process personal data for as long as necessary for the relevant purpose(s) or as required by law. Personal data that are no longer required will be anonymized or deleted.

We may have personal data processed by third parties. We may process personal data jointly with third parties or transfer them to third parties. Such third parties are in particular specialized providers whose services we use. We ensure data protection with such third parties as well.

As a rule, we process personal data only with the consent of the data subjects. Where and to the extent processing is permissible for other legal reasons, we may refrain from obtaining consent. For example, we may process personal data without consent to perform a contract, to comply with legal obligations, or to safeguard overriding interests.

In this context, we process in particular information that a data subject voluntarily transmits to us when contacting us — e.g., by post, email, instant messaging, contact form, social media or phone — or when registering for a user account. We may store such information in an address book or similar tools. If we receive data about other persons, the transmitting persons are obliged to ensure data protection towards those persons and to ensure the accuracy of the personal data.

We also process personal data that we receive from third parties, obtain from publicly accessible sources, or collect in the course of our activities and operations, where and to the extent such processing is legally permissible.

4. Personal Data Abroad

We generally process personal data in Switzerland and in the EEA. However, we may also export or transfer personal data to other countries, in particular to process them there or have them processed there.

We may transfer personal data to countries and territories worldwide as well as elsewhere in the universe if the law there ensures an adequate level of protection according to the decision of the Swiss Federal Council and — where and to the extent the GDPR applies — according to a decision of the European Commission.

We may transfer personal data to countries whose laws do not ensure adequate protection, provided that protection is ensured for other reasons, in particular on the basis of standard data protection clauses or other appropriate safeguards. In exceptional cases, we may export personal data to countries without adequate or appropriate protection if the specific data protection requirements are met, e.g., the explicit consent of the data subjects or a direct connection with the conclusion or performance of a contract. We will gladly provide information about any safeguards or provide a copy upon request.

5. Rights of Data Subjects

5.1 Data Protection Rights

We grant data subjects all rights under applicable data protection law. In particular, data subjects have the following rights:

  • Access: to know whether we process personal data about them and, if so, which personal data, and to obtain the information needed to assert their rights and ensure transparency (e.g., purposes, storage period, disclosure/export to other countries, source of data).
  • Rectification and Restriction: to correct inaccurate data, complete incomplete data, and restrict processing.
  • Erasure and Objection: to have personal data deleted (“right to be forgotten”) and to object to processing with effect for the future.
  • Data Portability: to receive personal data or have them transferred to another controller.

We may defer, restrict or refuse the exercise of rights within the legally permissible framework. We may indicate any prerequisites for exercising rights (e.g., refuse access with reference to trade secrets or the protection of other persons; refuse deletion due to statutory retention obligations). We may exceptionally charge costs and will inform in advance of any such costs. We are obliged to identify data subjects who request access or exercise other rights with appropriate measures. Data subjects must cooperate.

5.2 Right to Lodge a Complaint

Data subjects have the right to pursue their data protection claims in court or to lodge a complaint with a competent supervisory authority. The supervisory authority for private controllers and federal bodies in Switzerland is the Federal Data Protection and Information Commissioner (FDPIC). Where and to the extent the GDPR applies, data subjects have the right to lodge a complaint with a competent European data protection supervisory authority.

6. Data Security

We take appropriate technical and organizational measures to ensure data security appropriate to the respective risk. However, we cannot guarantee absolute data security. Access to our website is via transport encryption (SSL/TLS, in particular HTTPS). Most browsers indicate transport encryption with a padlock in the address bar.

Our digital communications are — like most digital communications — subject to mass and other surveillance by security authorities in Switzerland, in the rest of Europe, in the United States of America (USA) and in other countries, without cause or suspicion. We have no direct influence on the relevant processing of personal data by intelligence services, police authorities and other security authorities.

7. Use of the Website

7.1 Cookies

We may use cookies. Cookies — our own (“first-party”) and those of third parties whose services we use (“third-party”) — are data stored in the browser. Such data need not be limited to traditional text cookies. Cookies may be stored temporarily as “session cookies” or for a certain period as “persistent cookies”. Session cookies are automatically deleted when the browser is closed. Persistent cookies have a defined storage period. Cookies enable, in particular, the recognition of a browser on subsequent visits and allow, for example, measuring reach. Persistent cookies may also be used for online marketing.

Cookies can be disabled in whole or in part and deleted at any time in the browser settings. Without cookies, our website may not be fully available. Where required, we actively request explicit consent to the use of cookies.

For cookies used for analytics/measurement or advertising, you may opt out for many services via AdChoices (Canada), the Network Advertising Initiative (NAI), YourAdChoices (DAA) or YourOnlineChoices (EDAA).

7.2 Server Log Files

For each access to our website, we may collect the following data, insofar as transmitted by your browser to our server infrastructure or determined by our web server: date and time including time zone, IP address, access status (HTTP status code), operating system including user interface and version, browser including language and version, individual sub-page accessed including amount of data transferred, and the last website accessed in the same browser window (referrer). We store such data, which may be personal, in server log files. These data are necessary to provide our website on a sustainable, user-friendly and reliable basis and to ensure data security — including by third parties or with the help of third parties.

7.3 Web Beacons (Tracking Pixels)

We may use tracking pixels (web beacons) on our website — including from third parties whose services we use. These are small, usually invisible images that are automatically retrieved when visiting our website. With tracking pixels, the same information as in server log files can be collected.

8. Social Media

We are present on social media platforms and other online platforms in order to communicate with interested persons and to inform about our activities and operations. In connection with such platforms, personal data may also be processed outside Switzerland and the EEA. The terms and conditions, terms of use, privacy policies and other provisions of the respective platform operators apply. These provisions inform, in particular, about the rights of data subjects directly vis-à-vis the respective platform, including the right of access.

For our Facebook presence, including so-called Page Insights, we are — where and to the extent the GDPR applies — jointly responsible with Meta Platforms Ireland Limited (Ireland), part of the Meta companies (including in the USA). Page Insights provide information on how visitors interact with our Facebook presence. We use Page Insights to provide our Facebook presence effectively and in a user-friendly manner. Further information on the nature, scope and purpose of data processing, the rights of data subjects and contact details of Facebook and its data protection officer can be found in Facebook’s Privacy Policy. We have concluded the “Controller Addendum” with Facebook and agreed that Facebook is responsible for enabling data subject rights. For Page Insights, see Information about Page Insights including Information about Page Insights Data.

9. Third-Party Services

We use services from specialized third parties to operate our activities sustainably, in a user-friendly, secure and reliable way. With such services, we can embed functions and content into our website. For technical reasons, the services used temporarily collect at least the IP addresses of users. For necessary security-related, statistical and technical purposes, third parties may process data in an aggregated, anonymized or pseudonymized manner, e.g., performance or usage data, to provide the respective service. In particular, we use:

Google services. Providers: Google LLC (USA) / Google Ireland Limited (Ireland) for users in the EEA and Switzerland. General data protection information: Safety and security principles, Privacy Policy, “Google’s commitment to applicable data protection laws”, “Privacy Guide for Google products”, “How we use data from sites or apps that use our services” (Google statements), “Types of cookies and other technologies used by Google”, “Personalized advertising” (enable/disable/settings).

9.1 Digital Infrastructure

We use services from specialized third parties to obtain the digital infrastructure we need in connection with our activities and operations. These include, for example, hosting and storage services from selected providers. In particular, we use: Hosting: Hetzner AG (Germany). Privacy: Privacy Policy and “Technical and Organizational Measures”.

9.2 Maps

We use third-party services to embed maps in our website, in particular: Google Maps including the Google Maps Platform (provider: Google). Maps-specific information: How Google uses location information.

9.3 Digital Audio and Video Content

We use specialized third-party services to enable direct playback of digital audio and video content (e.g., videos). In particular: YouTube (provider: Google). YouTube-specific information: Privacy & Safety Center, Your data on YouTube.

10. Analytics and Reach Measurement

We seek to understand how our online offering is used. We may measure the success and reach of our activities and the impact of third-party links to our website. We may also test and compare how different parts or versions of our online offering are used (A/B testing). Based on analytics results, we can fix errors, strengthen popular content, or improve our offering. In most cases, IP addresses of individual users are stored for analytics. IP addresses are generally shortened (“IP masking”) to follow the principle of data minimization. Cookies may be used and user profiles created. Any user profiles created are generally pseudonymized and not used to identify individual users. Where users are logged in to certain third-party services, those services may associate the use of our offering with the user account/profile.

We use in particular: Google Analytics (cross-device measurement; IP addresses usually pseudonymized and only in exceptional cases fully transferred to Google in the USA). See Privacy and the Browser Add-on to disable Google Analytics. Google Tag Manager: embedding and management of other analytics and third-party services; see Tag Manager and Data captured with Google Tag Manager; further privacy information is provided by the integrated services.

11. Final Provisions

This Privacy Policy was created using a privacy generator. We may amend and supplement this Privacy Policy at any time. We will inform about such changes in an appropriate manner, in particular by publishing the current Privacy Policy on our website.

Scroll to Top