Privacy Policy
This privacy policy applies to all Internet sites operated by KünzlerBachmann Verlag AG, including the Holding site.
This text has been machine translated. We assume no liability for the correctness of the translation. For any legal claims, the text of the German version applies. You can find the original German version here.
Content
1.1 What is this privacy statement about?
1.2 Who is responsible for processing your data?
1.3 What data do we process from you?
1.4 How long do we process your data?
1.5 For what purposes do we process your data?
1.6 On what basis do we process your data?
1.7 What applies to profiling and automated individual decisions?
1.8 Who do we disclose your data to?
1.9 Does your personal data also end up abroad?
1.12 Can this DS declaration be changed?
2 Additional information for (potential) contractors
2.1 What data do we process and for how long?
2.2 For what purpose do we process your data?
2.3 Who do we disclose your data to?
2.4 Does your personal data also end up abroad?
3 Additional information for newsletter subscribers
3.1 What data do we process and for how long?
3.2 For what purpose do we process your data?
3.3 Do we use online tracking as part of our newsletters?
3.4 Who do we disclose your data to?
3.5 Does your personal data also end up abroad?
4 Additional information for website visitors (incl. social media)
4.1 What data do we process and for how long?
4.3 What data do we process on our pages in social networks?
4.4 For what purpose do we process your data?
4.5 To whom do we disclose data?
4.6 Do your personal data also end up abroad?
5 Additional information for applicants
5.1 What data do we process and for how long?
5.2 For what purpose do we process your data?
5.3 Who do we share your data with?
5.4 Does your data end up abroad?
1. general information
1.1 What is this privacy statement about?
It is possible that we will process personal data about you (you can find out exactly who "we" are below). This may be the case, for example, if:
- you purchase products or services from us, B. via our online store.
- you offer or sell us your own products or services
- you are interested in our products or services and therefore contact us
- we obtain data about you because we want to acquire you, your company or your employer as a customer
- you visit one of our websites in order to obtain information about us, our products and our services there
- you subscribe to one of our newsletters so that you can stay up to date
- you find out about us or connect with us on a social media platform
- You apply to us for a vacant position and send us personal information such as a resume.
- we obtain data about you in order to integrate this data into our marketing databases and make it available to our customers
- ...
In the following, we refer to "applications" when referring to this (non-exhaustive) list of possible touchpoints and the associated data acquisitions and processing.
With this privacy policy, we would like to inform you about what we do with your data in the various applications and what data this may be. Or expressed in data protection jargon: We create transparency about our data processing, the purposes we pursue with it and other important points that are necessary so that you can exercise your corresponding rights.
As you can see from the above list of applications, there are many different ways to obtain and process data. Depending on which of the applications apply to you, different information is therefore also relevant for you. In order to make things clearer for you, we have divided our data protection declaration into the following aspects or "applications":
General information
- This is information that applies to all applications, such as "who is responsible for data processing?"
- However, summarizing, superordinate information is also conveyed here, which can then be concretized in the individual applications and made more tangible with examples
- For example, under the general information, all possible categories of data recipients are mentioned (e.g. IT service providers) and, depending on requirements, we then go into more concrete detail on individual categories or also individual recipients further below in the respective applications
Additional information for (potential) contractors
- This information may affect you if we have a direct business relationship with you or if we (or you) wish to establish such a relationship
- On the one hand, this can be when we (would like to) offer or sell you our products or services, i.e. when we may count you among our customers or interested parties
- But this can also go in the other direction, so if you offer or sell us your products or services
- Basic information can be found in the "General information", here in the "Information for (potential) contract partners" this information is concretized or expanded with regard to the corresponding contract applications
Additional information for newsletter subscribers
- This information may be relevant to you if you have subscribed or wish to subscribe to one of our newsletters
- Here you can find out how we process your data as part of a newsletter subscription and what you can do if you do not want this (anymore)
- Basic information can be found under "General Information", here under "Information for Newsletter Subscribers" this information is specified or extended with regard to the corresponding newsletter applications
Additional information for website visitors (incl. social media)
- This aspect may be of interest to you if you would like to visit one of our websites
- However, it can also affect them if you want to find out about us or connect with us on a social media platform
- You can find out here what data we obtain in the process and how we process it
- Basic information can be found in the "General information", here in the "Information for website visitors (incl. social media)" this information is specified in relation to the corresponding web or social media applications or
Additional information for applicants
- You may be interested in this aspect if you would like to apply for a job with us and provide us with information about yourself (e.g. your resume)
- You can find out here how we can process your information and data in the context of an application
- Basic information can be found in the "General Information", here in the "Information for Applicants" this information is concretized or extended with regard to the corresponding application applications
This Privacy Policy is designed to meet the requirements of the Swiss Data Protection Act ("DPA"), the new revised Swiss Data Protection Act ("nDSG") and the EU General Data Protection Regulation ("GDPR"). However, whether and to what extent these laws are applicable always depends on the specific individual case.
1.2 Who is responsible for processing your data?
KünzlerBachmann Verlag AG ("KBV", "we", "us") is responsible for the data processing mentioned in this data protection declaration, unless otherwise communicated in individual cases. If you have any questions or if you wish to exercise your data protection-related rights (in particular the right to information), you can contact us at this address:
KünzlerBachmann Verlag AG
Zürcherstrasse 601
CH-9015 St. Gallen
datenschutz@kbverlag.ch
Data protection advisor according to Art. 10 nDSG and data protection officer according to Art. 37 ff. DSGVO :
KünzlerBachmann Verlag AG
Andreas Knöpfli
Zürcherstrasse 601
CH-9015 St. Gallen
datenschuz@kbverlag.ch
1.3 What data do we process from you?
We may process different categories of data about you, with current information and, where applicable, previous information if individual details change (for example, if you change your address). The main categories are as follows:
Technical data: When you use our website or other electronic offers, we may collect the IP address of your end device and other technical data. In order to ensure the functionality of these offers and possibly also to record your behavior, we may also assign an individual code to you or your end device (e.g. in the form of a cookie, see section 4.2.4). In the context of user accounts, registrations, the processing of contracts or the provision of our products and services, technical data may be linked with other data categories (and thus possibly with your person).
Registration data: Certain offers and services can only be used with a user account or registration. In doing so, you must provide us with certain data and we collect data about the use of the offer or service.
Communication Data: If you are in contact with us via the contact form, by e-mail, telephone or chat, by letter or by any other means of communication, we collect the data exchanged between you and us, including your contact details and the marginal data of the communication. If we want or need to establish your identity (e.g., in the case of a request for information), we collect data to identify you (e.g., a copy of an identification document).
Master Data: We use the term master data to refer to basic data such as your name, address, contact details and other information, e.g. your role and function, date of birth or e-mail address, customer history, signature authorizations and consent forms. We receive master data from you yourself (e.g., as part of a registration or order), from entities for which you work, from third parties (e.g., postal mailing lists or credit reporting agencies), from other third-party sources such as public registers or the Internet (websites, social media, etc.).
Contract data: This is data that arises in connection with the conclusion or execution of a contract (e.g., information about the parties or about the services to be provided). This may also include data from the run-up to the conclusion of a contract that is required for initiation and processing. Application documents may also fall into this category. We generally collect contractual data from you, from contractual partners and from third parties involved in the execution of the contract, but also from third-party sources (e.g. providers of creditworthiness data) and from publicly accessible sources.
Behavioral and preference data: Depending on our relationship with you, we try to get to know you better. To do this, we collect, analyze and use data about your behavior and preferences. We do this, for example, by evaluating information about your navigation behavior on our website or by combining various data using statistical methods (machine learning) to derive your interests and preferences.
Other Data: We also collect data from you in other situations. In connection with official or judicial proceedings, for example, data is generated (such as files, evidence, etc.) that may also relate to you. We may obtain or produce photographs, videos and audio recordings in which you may be identifiable (such as at events, through security cameras, etc.). We may also collect data about who and when enters certain buildings or has corresponding access rights (incl. in the case of access controls, based on registration data or visitor lists, etc.), who participates in events or campaigns (e.g. competitions) and when, or who uses our infrastructure and systems.
You disclose much of the data mentioned in this section 1.3 yourself (e.g. via forms, in the course of communication with us, in connection with contracts and orders, when using the website, etc.). You are often not obliged to do so, subject to individual cases, e.g. in the context of legal obligations. However, if you wish to enter into contracts with us or claim services, you must provide us with data, in particular master data, contract data and registration data, as part of your contractual obligation under the relevant contract. When using our website, the processing of technical data is unavoidable. If you wish to gain access to certain systems or buildings, you must provide us with registration data.
Insofar as this is not inadmissible, we also take data from publicly accessible sources (e.g. telephone directory, debt collection register, land registers, commercial register, media or the Internet incl. social media) or receive data from authorities, companies or other third parties.
You can find more information on the processed data in the additional information on the individual applications under "What data do we process from you and for how long" (click to go directly to the relevant applications):
- Additional information for (potential) contractors
- Additional information for newsletter subscribers
- Additional information for website visitors (incl. social media)
- Additional information for applicants
1.4 How long do we process your data?
We process your data for as long as our processing purposes, the statutory retention periods and our legitimate interests in processing (including for documentation and evidence purposes) require or storage is technically necessary. Further information on the respective storage and processing duration can be found in each case with the individual applications or the associated data categories. If there are no legal or contractual obligations to the contrary, we delete or anonymize your data after the storage or processing period has expired as part of our normal processes.
For more information on the duration of data processing, please refer to the additional information on the individual applications under "What data do we process from you and for how long?"
- Additional information for (potential) contractors
- Additional information for newsletter subscribers
- Additional information for website visitors (incl. social media)
- Additional information for applicants
1.5 For what purposes do we process your data?
We process your data for some basic purposes, which we explain below (for further guidance on the purposes of each application, see the relevant sections below). These purposes represent legitimate interests of us and, where applicable, of third parties. You will find further information on the legal basis for our processing in section 1.6.
We process your data for communication with you.
We process data for the initiation, administration and processing of contractual relationships and employment relationships.
We process data for marketing purposes, for advertising and for relationship management.
We process data for market research, to improve services and processes, and for product development.
We may also process your data for security and access control purposes.
We process personal data to comply with laws, directives and recommendations from authorities and internal regulations ("Compliance").
We process data for the purposes of our risk management and as part of prudent corporate governance, including business organization and corporate development.
In the context of our marketing databases, we also process your data to make it available to our customers for their own purposes.
We may process your data for other purposes, e.g. as part of our internal processes and administration or for training and quality assurance purposes.
For more information on the purposes of data processing, please refer to the additional information on the individual applications under "For what purpose do we process your data?" (click to go directly to the corresponding applications):
- Additional information for (potential) contractors
- Additional information for newsletter subscribers
- Additional information for website visitors (incl. social media)
- Additional information for applicants
1.6 On what basis do we process your data?
One possible basis for data processing is your consent. If we ask you for your consent for certain processing, we will inform you separately about the corresponding purposes of the processing. You can revoke your consent at any time by written notice with effect for the future (our contact details can be found in section 1.2. (for revocation of your consent for online tracking, see section 4.2.4). Where you have a user account, revocation or contacting us may also be possible via the relevant website or other service. Once we have received notification of the withdrawal of your consent (minor delays are possible due to processing procedures), we will no longer process your data for the purposes to which you originally consented, unless we have another legal basis for doing so. The revocation of your consent does not affect the lawfulness of the processing carried out on the basis of the consent until the revocation.
Where we do not ask you for your consent for processing, we base the processing of your personal data on the fact that the processing is necessary for the initiation or execution of a contract with you (or the entity you represent) or that we or third parties (e.g. our customers) have a legitimate interest in doing so, in particular to pursue the purposes described in each case. This includes, for example, the processing of offers and contracts, marketing, the interest in better understanding the markets and target groups of our customers, the optimization of our website, the improvement of our services or the minimization of the risk of non-payment for us or our customers. However, this also includes compliance with legal regulations, insofar as their compliance is not already recognized as a legal basis by the respective applicable data protection law.
If, exceptionally, we receive sensitive data (e.g. health data, information on political, religious or ideological views), we may also process your data on the basis of other legal grounds, e.g. in the event of disputes due to the necessity of processing for a possible lawsuit or the enforcement or defense of legal claims.
1.7 What applies to profiling and automated individual decisions?
We may use your data to automatically evaluate certain personal characteristics for the purposes described below ("profiling"). We do this, for example, when we want to determine preference data for us or our customers, but also to determine payment and credit risks or to perform statistical evaluations. For the same purposes, we may also create profiles, i.e. we may combine preference and other data to better understand you as a person with your different interests and other characteristics. We do this in the interest of our customers or in our own interest.
In certain situations, it may be necessary for us or our customers to automate certain decision-making processes for reasons of efficiency and that this has a legal effect on you or a possible disadvantage. This is referred to as "automated individual decisions". In this case, we or our customers (depending on who is responsible in the individual case) will inform you accordingly and provide for the measures required by applicable law.
1.8 Who do we disclose your data to?
In connection with our data processing activities and for the relevant purposes, we also transfer your personal data to third parties, in particular to the following categories of recipients:
- Group companies: A list of our group companies can be found here: kueba.ch. The group companies may use the data according to this privacy policy for the same purposes as we do (see section 1.5 and purposes of the individual applications).
- Service providers: We work with service providers in Germany and abroad who process data about you on our behalf or in joint responsibility with us or receive data about you from us in their own responsibility (e.g. IT and cloud providers, shipping companies, advertising service providers, login service providers, banks, credit rating and debt collection companies or credit agencies).
- Contractual partners: This initially refers to customers and other contractual partners of ours, because this data transfer arises from these contracts. If you work for such a contractual partner yourself, we may also transfer data about you to them in this context. The recipients further include contractual partners with whom we have
- Authorities: We may disclose personal data to offices, courts and other authorities in Germany and abroad if we are legally obliged or entitled to do so or if this appears necessary to protect our interests. The authorities are responsible for processing data about you that they receive from us.
- Other persons: Means other cases where the inclusion of third parties arises from the purposes set forth in Section 1.5 and the purposes of the individual applications
All these categories of recipients may in turn involve third parties, so that your data may also become accessible to them. We can restrict processing by certain third parties (e.g. IT providers), but not by other third parties (e.g. authorities, banks, etc.).
We also allow certain third parties to collect personal data from you on our website and at events organized by us (e.g. media photographers, providers of tools that we have embedded on our website, etc.). Insofar as we are not decisively involved in these data collections, these third parties are solely responsible for them. If you have any concerns and wish to assert your data protection rights, please contact these third parties directly.
You can find further information on the possible disclosure of personal data in the additional information on the individual applications under "To whom do we disclose your data?" (click to go directly to the corresponding applications):
- Additional information for (potential) contractors
- Additional information for newsletter subscribers
- Additional information for website visitors (incl. social media)
- Additional information for applicants
1.9 Does your personal data also end up abroad?
As explained in section 1.8, we also disclose data to other entities. These are not only located in Switzerland. Your data may therefore be processed both in Europe and in other countries, such as the USA.
Often, foreign recipients are located in a country with adequate legal data protection (see here from the perspective of Switzerland and here from the EU). If a recipient is located in a country without adequate legal data protection, we contractually obligate the recipient to comply with data protection (for this purpose, we normally use the standard contractual clauses of the European Commission), unless the recipient is already subject to a legally recognized set of rules to ensure data protection and we cannot rely on an exception provision. An exception may apply in particular in the case of legal proceedings abroad, but also in cases of overriding public interests or if the performance of a contract requires such disclosure, if you have consented or if it is a matter of data made generally available by you, the processing of which you have not objected to.
Please also note that data exchanged via the Internet is often routed via third countries. Your data may therefore end up abroad even if the sender and recipient are in the same country. You can find more information on the possible transfer of personal data abroad in the additional information on the individual applications under "Does your data also end up abroad?" (click to go directly to the corresponding applications):
- Additional information for (potential) contractors
- Additional information for newsletter subscribers
- Additional information for website visitors (incl. social media)
- Additional information for applicants
1.10 Who protects your data?
We take reasonable security measures to maintain the confidentiality, integrity and availability of your personal information, to protect it against unauthorized or unlawful processing, and to protect against the risks of loss, accidental alteration, unauthorized disclosure or access.
1.11 What rights do you have?
Applicable data protection law grants you the right to object to the processing of your data or to request its restriction under certain circumstances.
To help you control the processing of your personal data, you also have the following rights in connection with our data processing, depending on applicable data protection law:
- The right to request information from us as to whether and what data we process from you
- the right to have us correct data if it is inaccurate
- the right to request the deletion of data
- the right to request that we provide certain personal data in a commonly used electronic format
- The right to withdraw consent, insofar as our processing is based on your consent
- the right to receive, upon request, further information helpful for the exercise of these rights
- the right to express your point of view in the case of automated individual decisions (section 1.7) and to request that the decision be reviewed by a natural person
If you wish to exercise any of the above rights against us, you can contact us at any time via the contact details given in section 1.2. In order for us to be able to exclude misuse, we normally require clear identification from you (e.g. a copy of your ID card).
Please note that conditions, exceptions or restrictions apply to these rights under applicable data protection law (e.g., to protect third parties or trade secrets). We will inform you accordingly if necessary.
If you do not agree with our handling of your rights or data protection, please let us or our data protection officers (section 1.2) know. In particular, if you are located in the EEA, the United Kingdom or Switzerland, you also have the right to complain to the data protection supervisory authority in your country.
1.12 Can this DS declaration be changed?
This privacy policy is not part of any contract with you. We may amend this privacy policy at any time. The version published on this website is the current version.
Last updated: 19.3.2024
2 Additional information for (potential) contractors
This information may be relevant to you if you have a direct business relationship with us or if we (or you) wish to establish such a relationship. On the one hand, this may be if we offer you our products or services or if you have already placed an order with us, i.e. if we may count you as one of our customers or prospects. But it can also go in the other direction, if you offer us your products or services as a possible supplier or have already sold something.
We operate in both the B2B (business-to-business) and B2C (consumer) markets, so chances are you are in a relationship with us as a representative of a company or organization. In the following, we inform you about the data processing in the context of this existing (or even emerging) business relationship.
Please also refer to the General Information (item 1) and, if required, the additional information for newsletter subscribers (item 3) and for website and social media visitors (item 4) as a basis.
2.1 What data do we process and for how long?
In relation to your role as a contractual partner, we process data which we explain below. You will find further information in sections 3.2 and 4.2 for the online area. Please also note the general information in section 1.3.
- Contract data: This is data that arises in connection with the initiation or conclusion of a contract, e.g. information about offers, order confirmations, orders or contracts and the services to be provided or provided. We generally collect this data directly from you, from contractual partners and from third parties involved in the processing of the contract, but also from third-party sources (e.g. providers of creditworthiness data) and from publicly accessible We generally retain this data for a maximum of 10 years from the last contractual activity, but at least from the end of the contract. This period may be longer, insofar as this is necessary for reasons of evidence or to comply with legal or contractual requirements or is technically required.
- Master Data: We refer to master data as the basic data that we require, in addition to contractual data, for the processing of our contractual and other business relationships or for marketing and advertising purposes. This includes, for example, your name, contact details and information about, for example, your role and function, date of birth, customer history or signature authorizations. We obtain master data from yourself (e.g., when you make a purchase or as part of a registration), from entities for which you work, or from third-party sources such as public registries or the Internet (websites, social media, etc.). We usually keep this data for a maximum of 10 years from the last exchange between us, but at least from the end of the contract. This period may be longer, insofar as this is necessary for reasons of evidence or to comply with legal or contractual requirements or is technically required.
- Communication Data: When you are in contact with us via the contact form, by email, via phone or chat, by letter, or via other means of communication, we collect the data exchanged between you and us, including your contact information and the boundary data of the communication. In addition, we may record video conferences or web seminars for documentation purposes. You will be informed when such recordings take place, e.g. by an appropriate announcement. If you do not wish to be recorded, please let us know or end your participation. If you just do not want your image to be recorded, please turn off your camera. As a rule, these recordings are also edited in such a way that only the speakers are visible and no personal data is recognizable from the participants. If we want or need to establish your identity, we collect data to identify you (e.g. a copy of an ID card). We usually keep this data for a maximum of 10 years. This period may be longer if this is necessary for reasons of evidence or to comply with legal or contractual requirements, or if it is technically required. E-mails in personal mailboxes, chats and written correspondence are generally stored for a maximum of10 years.
- Registration data: Certain offers (e.g. our webshop) can only be used with a user account or registration. In doing so, you must provide us with certain data and we collect data about the use of the offer or service. Access controls to certain facilities or occasions may also require registration data. We generally retain registration data for a maximum of 10 years after the end of the use of the service or the termination of the user account
- Behavioral and preference data: Depending on the exact relationship we have with you, we try to get to know you and better tailor our communications, products, services and offers to you. To do this, we collect and use data about your behavior and preferences. We do this, for example, by evaluating information about your behavior in our area, and we may also supplement this information with information from third-party sources. Based on this, we can, for example, calculate the probability that you will use certain services or behave in a certain way. The data processed for this purpose is partly already known to us (e.g. that you have used a service), or we obtain this data by recording your behavior (e.g. how you navigate on our website, for more information see section 4). We anonymize or delete this data when it is no longer meaningful for the purposes pursued, normally after a maximum of 10 years. This period may be longer if this is necessary for reasons of proof or to comply with legal or contractual requirements or if it is technically required. We describe how tracking works on our website in section 2.4.
- Other data: We may also collect data from you in other situations. In connection with official or judicial proceedings, for example, data is generated (such as files, evidence, etc.) that may also relate to you. We may obtain or produce photographs, videos and sound recordings in which you may be identifiable (such as at events, through security cameras, etc.). We may also collect data about who and when enters certain buildings or has corresponding access rights (incl. in the case of access controls, based on registration data or visitor lists, etc.), who participates in events or campaigns (e.g. competitions or special acquisition campaigns) and when, or who uses our infrastructure and systems. The retention period of this data depends on the purpose and is limited to what is necessary. This ranges from 1 month for security camera footage to reports of events with images that may be retained for several years or longer.
2.2 For what purpose do we process your data?
We process your data as a contractual partner for the purposes we explain below. You will find further information in sections 3.3 and 4.4 for the online area. These purposes represent legitimate interests of us and, if applicable, of third parties.
You will find further information on the legal basis for our processing in section 1.6. Please also refer to the general information in section 1.5.
We process your data for communication with you, in particular to respond to inquiries and to contact you in the event of queries. For this purpose, we use in particular communication data and master data and, in connection with offers and services used by you, also registration data. We may retain this data to document our communications with you, for training purposes, for quality assurance, and for follow-up inquiries. We process data for the establishment, administration and processing of contractual relationships.
We process data for marketing purposes and to maintain relationships, e.g. to send our customers and other contractual partners personalized advertising about products and services from us. This can take place, for example, in the form of newsletters and other regular contacts (electronically, by post, by telephone), via other channels for which we have your contact information, but also as part of individual marketing campaigns (e.g. events, competitions, etc.). In particular, we also send our newsletter to contractual partners whose contact information we have received as part of a sale and stored in our CRM system (see also 3). You can refuse such contacts at any time or refuse or revoke any consent that may be required in this context. In some cases, your consent allows us to target our online advertising on the Internet more specifically to you (see also section 4).
We further process your data for market research, to improve our services and operations, and for product development.
We may also process your data for security and access control purposes.
We process personal data to comply with laws, directives and recommendations from authorities and internal regulations ("Compliance").
We also process data for the purposes of our risk management and as part of a prudent
Corporate management, including business organization and corporate development.
We may process your data for other purposes, e.g. as part of our internal processes and administration or for training and quality assurance purposes.
2.3 Who do we disclose your data to?
In the context of contracts, our services and products, our legal obligations or otherwise to protect our legitimate interests and the other purposes listed in section 2.3, we also transfer your personal data to third parties, in particular to the categories of recipients listed in section 1.8.
2.4 Does your personal data also end up abroad?
As explained in Section 2.4, we also disclose data to other entities. These are not only located in Switzerland. Your data may therefore be processed both in Europe and in other countries. You will find more detailed information on the corresponding principles and measures in section 1.9.
3 Additional information for newsletter subscribers
This information may be relevant for you if you receive, have subscribed to or would like to subscribe to one of our newsletters. Before you sign up for a newsletter subscription with us, you can find out here how we process your data in the context of such a newsletter subscription. This will enable you to make an informed decision as to whether you agree to the newsletter being sent and the associated data processing and whether you wish to consent to the sending of the newsletter. If you already receive one of our newsletters, you can also inform yourself here about the corresponding data processing (this may also be the case if you are a contractual partner, see also 2.3). If you subsequently no longer agree to this, you can withdraw your consent for the newsletter dispatch at any time.
By registering, you give us your consent to process the data provided for the regular dispatch of the newsletter to the address you have provided and for the statistical evaluation of usage behavior and the optimization of the newsletter (for more information, see section 3.3 and section 3.4).
Note: The terms "newsletter subscription" and "newsletter registration" mean the same thing to us in this context.
3.1 What data do we process and for how long?
If you would like to subscribe to our newsletter on one of our websites, you can normally do so by filling out a form with the following fields (alternative forms are possible):
- Salutation
- First and last name
- Address
- Zip code / Place
- E-mail address*
The information marked with * is mandatory if you want to receive our newsletter, the other fields are optional. After entering this information you can trigger the registration for our newsletter. We usually use the so-called "double opt-in" mechanism. This means: After sending the registration you will receive an e-mail from us, in which a confirmation link is included. In order to definitely register for the newsletter, you must confirm this link. This confirmation data may also be stored by us, e.g. date, time and your used IP address.
If we receive your e-mail address in connection with the sale of a product or service and you have not objected to this, we reserve the right to regularly send you offers from our product range by e-mail. This serves to protect our legitimate interests in addressing our customers in an advertising manner, which outweigh our interests in the context of a balancing of interests.
For each newsletter sent, we also store information on the address file used, the subject and the number of newsletters sent. In addition, it is possible to see which addresses have not yet received the newsletter or to which address it was sent and for which addresses the dispatch failed. You can also see which addresses have opened the newsletter. For this purpose, we use a so-called web beacon (more on this in section 3.4). Finally, we process the information about which addresses have unsubscribed.
We process your data for the newsletter dispatch until you revoke your consent. You can revoke your consent at any time. For this purpose, you will find an unsubscribe link in all newsletter emails. Additional contact details can be found under section 1.2.
We can also process anonymized or aggregated data without personal reference beyond your unsubscription. Please also note the general information on this issue in section 1.3.
3.2 For what purpose do we process your data?
In relation to our newsletters, we process your personal data in order to send you a personalized newsletter. This way you will receive relevant information and offers from us and we can address you personally (i.e. with your names).
Furthermore, we use your data for statistical purposes and to optimize the newsletter, e.g. in terms of content and structure. This enables us to better tailor the information and offers in our newsletter to the individual interests of the recipients.
Please also refer to the general information in section 1.5 for the purposes.
3.3 Do we use online tracking as part of our newsletters?
Yes, this is possible. Our newsletter may contain, for example, a so-called web beacon (tracking pixel) or similar technical means. A web beacon is a 1x1 pixel sized, invisible graphic that is associated with the user ID of the respective newsletter subscriber.
The web beacon is deleted when you delete the newsletter. To prevent the use of the web beacon in our newsletter, you can set your mail program (e.g. Outlook) so that no HTML is displayed in the messages.
Our newsletters often contain links to further sources of information. These can be, for example, our own or third-party websites or articles in social media. If you click on such a link, we may also register this and store your behavior. If the link leads to our own sources (e.g. one of our websites), we may under certain circumstances also track and analyze your behavior on this source. You can find out more about this under point 4. If a link leads to the website of a third party, it is also possible that this third party also evaluates your behavior on its website.
3.4 Who do we disclose your data to?
We use our own email marketing solution "XCampaign" to send our newsletters. The data is hosted by us in Switzerland or on servers at Super Network s.r.o. in Prague, Czech Republic.
We may also disclose your data incl. tracking information to further third parties, e.g. to contractual partners. Please also note the general information in section 1.8.
3.5 Does your personal data also end up abroad?
Yes, as explained in section 1.9, your data may also be transferred abroad. This also applies to data that we process as part of our newsletter.
4 Additional information for website visitors (incl. social media)
This aspect may be of interest to you when you visit one of our websites. However, it may also affect you if you want to find out about us or connect with us on social networks or a social media platform. In these cases, it is not always obvious what data (possibly in the background) is collected and processed about you. For this reason, we inform you in this chapter about these data processing operations. In this way, you can make an informed decision about whether and in what way you would like to interact with us via our websites or via a social media profile.
4.1 What data do we process and for how long?
The general information on the question "Which data do we process and for how long?" can be found under No. 1.3 and No.
1.4 of this privacy policy. Here in this section, we would like to answer this question a little more specifically for our data processing in the online area.
4.2.1 Log files
When visiting our websites, the server temporarily stores each access in a log file. Until automatic deletion, the IP address of the requesting computer, the date and time of access, the name and URL of the file accessed, the website from which access was made, the operating system of the computer used by the user and the owser used by the user, as well as the country from which the user accessed, are automatically obtained.
The collection and processing of this data is normally anonymized, i.e. without personal reference. However, in the event of an attack on our network infrastructure or suspicion of other unauthorized or abusive website use, the IP address may be evaluated for clarification and defense purposes and, if necessary, used in criminal proceedings to identify and take civil and criminal action against the users concerned.
4.2.2 Contact form
On certain pages of the website you will find a button or a link that will take you to our contact form. We use the data you enter to answer the questions you ask or to provide the services you request and, if necessary, to contact you by telephone.
Please also refer to the information for (potential) contract partners in item 0.
4.2.3 Third-party services
For certain digital services and infrastructures, we use the services of third parties. For example, we sometimes host our websites and other digital offerings with external service providers, including Nine, Metanet, AWS or Mailprofiler Development s.r.o., Reznicka 1332/7, Czech Republic. In this context, personal data may also be stored on Mailprofiler servers or at other service providers.
We also use third-party services to provide media and other display elements on our websites. For example, we embed videos via YouTube ("My data on YouTube") or VIMEO and use fonts from Google Fonts and Font Awesome.
For the presentation of documents we use issuu.com. Our publications are displayed on this platform. Issuu uses various cookies.
For the playback of audiobooks and music, we use Soundcloud. Soundcloud utilizes various cookies.
We use Google Maps for the display of maps. This may also result in the transfer of certain data.
Third-party services are also used to protect our online offerings from abusive applications. For example, we protect our websites using the Google service reCaptcha.
For display advertising/marketing we use the Audienzz network. Details about privacy can be found here and here.
To render our web pages faster, we use Amazon Cloudfront and Route 53. AWS has implemented compliance measures for international data transfers. These apply to all global activities where AWS processes personal data of individuals in the EU. These measures are based on the EU Standard Contractual Clauses (SCCs). For more information, please click here.
4.2.4 Online tracking and online advertising (incl. cookies)
We use various technologies on our website that allow us and third parties we engage to recognize you when you use our website and to track your usage over multiple visits in some circumstances. In this section we inform you about this.
In essence, this means that we can distinguish access by you (via your system) from access by other users. In doing so, we do not want to infer your identity, even if we are able to do so insofar as we or third parties engaged by us are able to identify you through a combination with registration data. Even without registration data, however, the techniques used are such that you are recognized as an individual visitor each time you access a page, for example by our server (or the servers of third parties) assigning a so-called "cookie" to you or your browser.
Cookies are information files that your web browser stores on your computer's hard drive when you visit our website. Cookies can contain, for example, the following information:
- Browser type/version
- Operating system used
- Referrer URL (the previously visited page)
- Host name of the accessing computer (IP address)
- Time of the server request
- Device / Device type
We use such techniques on our website and allow certain third parties to do so as well. However, depending on the purpose of these techniques, we may ask for your consent before they are used. You can program your browser to block or deceive certain cookies or alternative techniques, or to delete existing cookies. You can also enhance your browser with software that blocks tracking by certain third parties.
You can find more information about this on the help pages of your browser (usually under the keyword "Privacy") or on the websites of the third parties that we list below.
The following types of cookies (the other techniques are included here) are distinguished:
Functional cookies (mandatory): Some cookies are necessary for the functioning of the website as such or certain functions. For example, they ensure that you can switch between pages without losing information entered in a form. They also ensure that you remain logged in. These cookies only exist temporarily ("session cookies"). If you block them, the website may not work. Other cookies are necessary so that the server can store decisions or entries made by you beyond one session (i.e. one visit to the website), if you request this function (e.g. selected language, given consent, the function for an automatic login, etc.). These cookies are often deleted when you end the session or close the browser. Otherwise, they have an expiration date of up to 24 months.
Statistical cookies: In order to optimize our website and the corresponding offers and to better adapt them to the needs of the users, we use cookies to record and analyze the use of our website, possibly even beyond the session. We often do this through the use of third-party analytics services (see, for example, section 4.2.5). Statistical cookies also have an expiration date of up to 24 months.
Details can be found on the websites of the third-party providers.
Marketing cookies: We and our advertising partners have an interest in targeting advertising, i.e., displaying it only to those who might be interested in it. For this purpose, we and our advertising contract partners also use cookies that can be used to record the content accessed or contracts concluded. This enables us and our advertising partners to display advertising that we believe will be of interest to you on our website, but also on other websites that display advertising from us or our advertising partners.
In addition to marketing cookies, we use other techniques to control online advertising on other websites and thereby reduce wastage. For example, we may transmit the e-mail addresses of our users, customers and other persons to whom we want to display advertising to operators of advertising platforms (e.g. social media, see section 4.3). If these persons are registered there with the same e-mail address (which the advertising platforms determine by matching), the operators show the advertising we place to these persons in a targeted manner (so-called custom audiences and lookalikes). The operators do not receive e-mail addresses of persons who are not already known. In the case of known email addresses, however, they learn that these people are connected to us and which content they have accessed.
4.2.5 Google Analytics, Ads and Tag Manager
We currently use the following solutions to analyze our online tracking and, in some cases, online advertising:
Google Analytics: The provider of the "Google Analytics" service is Google LLC. For the purposes of the GDPR and the DSG, Google Ireland Ltd. is responsible (both "Google"). Google thereby tracks the behavior of visitors to our website (duration, frequency of pages viewed, geographic origin of access, etc.) through statistical cookies (see above) and creates reports for us on the use of our website on this basis. Google provides us with reports and can therefore be considered our order processor. However, Google also processes data for its own purposes and may, under certain circumstances, draw conclusions about the identity of visitors based on the data collected, create personal profiles and link this data to the Google accounts of these individuals. You should assume this processing if you consent to the use of statistical cookies. Information on Google Analytics privacy can be found here and if you have a Google account, you can find more details about Google's processing here.
We also use Google Analytics advanced features on this website in addition to the standard features. The Google Analytics advertising features implemented on this website include:
- Reports on impressions in the Google Display Network;
- Google Analytics reports on performance by demographics and interests;
- Create remarketing audiences based on behavioral, demographic, and interest data and share those lists with Google Ads;
- Integrated services for which data is collected in Google Analytics for advertising purposes, including the collection of data via cookies for ad specifications and anonymous identifiers
- For this purpose, in addition to the data collected by the Google Analytics analysis tool, further data is collected via Google cookies for ad specifications and anonymous identifiers on accesses. We use this information to improve our web offerings.
You can disable Google Analytics advertising features via Ads Settings, Mobile App Ads Settings, other options such as NAI Consumer Disablement, or via Google browser add-on.
Our websites may also use the Google Tag Manager. The tool provides for the triggering of other programs and services, which in turn may collect data, especially for Google Analytics (see above). Google Tag Manager does not access this data. If a deactivation has been made at domain or cookie level, this remains in place for all tracking tags implemented with Google Tag Manager. Google's privacy notice for this tool can be found here.
4.2.6 Google Ads conversion tracking
We use the online advertising program "Google Ads" and as part of it the conversion tracking. The cookie for conversion tracking is set when a user clicks on an ad placed by Google. These cookies lose their validity after 30 days and are not used for personal identification. If the user visits certain pages of this website and the cookie has not yet expired, we and Google can recognize that the user clicked on the ad and was redirected to this page. Each Google Ads customer receives a different cookie. Cookies can therefore not be tracked across Ads customers' websites.
The information collected using the conversion cookie is used to generate conversion statistics for Ads customers who have opted in to conversion tracking. Customers learn the total number of users who clicked on their ad and were redirected to a page tagged with a conversion tracking tag. However, they do not receive information that personally identifies users. Users who do not wish to participate in the tracking can easily deactivate the Google conversion tracking cookie via their internet browser under user settings. These users will not be included in the conversion tracking statistics. Learn more about Google's privacy policy.
4.2.7 Facebook Remarketing / Retargeting
Remarketing tags of the social network Facebook, 1601 South California Avenue, Palo Alto, CA 94304, USA are integrated on our pages. When you visit our pages, the remarketing tags establish a direct connection between your browser and the Facebook server. Facebook thereby receives the information that you have visited our site with your IP address. This allows Facebook to associate the visit to our pages with your user account. We can use the information obtained in this way to display Facebook Ads. We would like to point out that we, as the provider of the pages, have no knowledge of the content of the transmitted data or its use by Facebook. For more information on this, please refer to facebook's privacy policy at www.facebook.com/about/privacy/. If you do not want any data to be collected via Custom Audience, you can deactivate Custom Audiences here.
4.2.8 Adtraction
We use Adtraction for partner marketing. The operating company is Adtraction AB. The information generated by cookies about the use of this website (including your IP address) and the delivery of advertising formats is transferred to an Adtraction server and stored there. Adtraction will use this information for the purpose of evaluating your use of the website in relation to the advertisements, compiling reports on website activity and advertisements for website operators and providing other services relating to website and internet usage. Adtraction may also disclose this information to third parties if required to do so by law, or if such third parties process the information on Adtraction's behalf.
Partner marketing only works in conjunction with tracking to pay partners who promote our products and offers. When you click on a partner link, you show your interest in our products, which justifies a mutual legitimate interest of all parties to process the user's data. The data is deleted as soon as it is no longer needed for our logging purposes. The storage period of cookies ranges from 30 to 90 days. You can permanently prevent the setting of cookies at any time by making the appropriate settings in your browser, so that no cookie can be set. In addition, cookies already in use can be deleted at any time via the browser.
For more information about Adtraction's privacy policy, please visit:https://adtraction.com/about-us/privacy-policy
4.2.9 Vouchers and special offers (Profity)
As a thank-you for orders, we provide you with access to vouchers and special offers for purchasing and obtaining other services from other providers on the Internet via Profity, an offer from our partner adfocus GmbH, based in Baar, Switzerland. In order to provide you with this access, we include a corresponding notice from adfocus when you complete orders on our website via an encrypted connection, whereby data such as, in particular, your Internet Protocol (IP) address, which may represent personal data, is exchanged with adfocus. Any personal data exchanged in this context is used exclusively to be able to offer Profity permanently, securely and reliably (legal basis according to DSGVO, if and to the extent applicable: Art. 6 para. 1 let. b u. f DSGVO). Further information on the type, scope and purpose of data processing can be found in the Profity privacy policy.
4.3 What data do we process on our pages in social networks?
We may operate pages and other online presences ("fan pages", "channels", "profiles", etc.) on social networks and other platforms operated by third parties and collect the data about you described in section 1.3 and below there. We receive this data from you and the platforms when you come into contact with us via our online presence (e.g., when you communicate with us, comment on our content or visit our presences). At the same time, the platforms evaluate your use of our online presences and link this data with other data about you known to the platforms (e.g., about your behavior and preferences). The platforms also process this data for their own purposes under their own responsibility, in particular for marketing and market research purposes (e.g. to personalize advertising) and to control their platforms (e.g. which content they show you).
In addition, we may use social media plugins, e.g. from Facebook, Pinterest, Whatsapp or Twitter. These platforms have their own data protection regulations over which we have no influence.
If the user does not want any of these plugins to be loaded, it is recommended to log out of the corresponding social media service. Furthermore, various browsers can be set or supplemented with add-ons (e.g. Facebook blocker) so that the social media plugins are not loaded.
Content published by you yourself (e.g. comments on an announcement) may be redistributed by us (e.g. in our advertising on the platform or elsewhere). We or the operators of the platforms may also delete or restrict content from or to you in accordance with the usage guidelines (e.g. inappropriate comments).
For further information on the processing of the platform operators, please refer to the data protection notices of our platforms. There you can also find out in which countries they process your data, which rights of access, deletion and other data subjects you have and how you can exercise these or obtain further information.
The responsible body for the operation of the platform for users from Europe is Facebook Ireland Ltd, Dublin, Ireland. Their privacy policy is available here.
YouTube:
We use YouTube for our channels. The responsible entity and provider of the "YouTube" service is Google. For the purposes of the GDPR and the DSG, Google Ireland Ltd., Dublin, Ireland, is responsible. Their privacy policy is available here.
Linkedin:
Here we operate the site www.linkedin.com/company/kuenzlerbachmann-verlag/. The responsible party for operating the platform is LinkedIn Ireland Unlimited Company, Dublin, Ireland. Their privacy policy is available here , the cookie policy can be found here.
Instagram:
Here we operate the profile: https://www.instagram.com/spickmagazin/. The responsible party for operating the platform for users from Europe is Facebook Ireland Ltd, Dublin, Ireland. Their privacy policy is available here.
From time to time, we also place paid advertisements on these platforms. In order to address the appropriate target groups, we sometimes work with so-called custom audiences and lookalikes (see also section 4.2.4).
Vimeo:
We use the provider Vimeo, among others, for the integration of videos. Vimeo is operated by Vimeo, LLC with headquarters at 555 West 18th Street, New York, New York 10011.
On some of our Internet pages, we use plugins from the provider Vimeo. When you call up the Internet pages of our website that are provided with such a plugin - for example, our articles - a connection is established to the Vimeo servers and the plugin is displayed. This transmits to the Vimeo server which of our Internet pages you have visited. If you are logged in as a member of Vimeo, Vimeo assigns this information to your personal user account. When using the plugin, such as clicking on the start button of a video, this information is also assigned to your user account. You can prevent this assignment by logging out of your Vimeo user account before using our website and deleting the corresponding cookies from Vimeo. In addition, you also have the option in this case to deactivate cookies from third-party providers via the cookie settings integrated in the footer menu. However, you will then no longer be able to access the corresponding content via our website.
The purpose and scope of the data collection and the further processing and use of the data by Vimeo, as well as your rights in this regard and setting options for protecting your privacy, can be found in Vimeo's privacy policy.
4.4 For what purpose do we process your data?
In principle, we process your data for the overriding purposes listed in section 1.5. Within the scope of our websites and social media profiles, we process your data in particular for the following purposes:
- To enable the use of the website (connection establishment), to ensure system security and stability on a permanent basis.
- To evaluate the use of our websites, to compile reports on website activity and to provide other services related to website and internet usage for the purposes of market research and demand-oriented design of these internet pages.
- In order to design and continuously optimize our websites and social media profiles in line with requirements
- In order to be able to address our (potential) customers personally and personalized and to offer them optimal, individual solutions
- To be able to answer contact requests
- For marketing and communication purposes
- to control online advertising on websites and social media platforms and thus reduce wastage
- In connection with Google Analytics, we partially use the "Audiences" functionality so that we can group our website users into certain audience groups (marketing target groups) with comparable profiles in the reports based on website usage and the usage profiles created.
4.5 To whom do we disclose data?
A list of the possible categories of data recipients can be found in section 1.8. Here in section 4.5, we also mention specific data recipients and, for a better overview, list once again the possible recipients already mentioned in the preceding section 4.4.
- Nine Internet Solutions (CH)
- METANET AG (CH)
- Amazon Web Services (CH/EU/US)
- Xcampaign / Mailprofiler Development s.r.o. (EU)
- Creditreform Egeli St. Gallen AG (CH)
- Google incl. YouTube (EU/USA)
- Facebook/META (EU/USA)
- Linkedin (EU/USA)
- Adtraction (CH/SWE)
Please note: When you visit our websites and our social media profiles, certain data may be passed on to the recipients listed above, but this does not necessarily have to be the case. This list is not exhaustive at all times, please consult the categories of data recipients in section 1.8.
4.6 Do your personal data also end up abroad?
Yes, as you can see in the list above, your data can also be transferred abroad, including to the USA. We would like to explain this in more detail using Google as an example:
Your data from the applications described above may be transferred to Google servers in the USA and stored there. In doing so, the IP address is shortened by activating IP anonymization ("anonymizeIP") on our websites before transmission within the member states of the European Union or in other contracting states of the Agreement on the European Economic Area or Switzerland. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there.
For the sake of completeness, we note that the U.S. authorities may carry out surveillance measures under U.S. legislation, under which the general storage of all data transferred from the European Union to the United States is possible. This is done without distinction, limitation or exception based on the objective pursued and without objective criteria that would allow limiting the access of the US authorities to personal data and their subsequent use to specific, strictly limited purposes that would justify the access to these data.
We would like to point out to users who are resident in a member state of the EU that the USA does not have a sufficient level of data protection from the point of view of the European Union. If we have explained in this privacy policy that recipients of data (such as Google) are based in the USA, we will take special measures to ensure that your data is protected at an appropriate level by our partners, insofar as this is within our power pursuant to Section 1.9.
5 Additional information for applicants
Are you interested in a position with us? That makes us very happy! If you apply to us, we will process your personal data. In this chapter, we would like to inform you about possible data processing in connection with an application.
Please also refer to the general information in section 1 of this privacy policy.
A note on the status: The current version of this privacy policy at the beginning of an application process applies in each case.
5.1 What data do we process and for how long?
When you apply for a job, we process the personal data we need to assess your suitability for the advertised position. This includes the following information in particular:
- the information collected in an online form, if any
- the information contained in submitted documents (e.g. in the cover letter, in the curriculum vitae, in certificates )
- if you were previously employed by us or applied for a job, we may use the information we already have as a result of this
- We may consult information from third-party sources as needed (such as information from official registers, information from job recruiters, reference information, and other job-related public information from the Internet, such as a LinkedIn or Facebook profile, as appropriate
If you provide us with particularly sensitive personal data as part of the application process (e.g. health data), we may also process such personal data.
You are not obliged to provide us with personal data. However, it is not normally possible to process an application without us collecting and processing the necessary personal data.
We store your personal data as long as it is necessary for the implementation of the specific application process or for compliance with legal requirements and as long as we have a legitimate interest in storing it, e.g. for documentation and preservation of evidence purposes and for the protection and defense of legal claims. If we can consider you for the position for which you have applied, we will also retain your personal data for the performance of the employment relationship. If no employment contract is concluded with you, your personal data will be deleted or made anonymous. In addition, we only store your personal data if you have consented to longer storage, e.g. to keep your application pending for any further job offers.
Further general information on the question "which data do we process and for how long" can be found in section 1.3 and section 1.4 of this privacy policy.
5.2 For what purpose do we process your data?
We process personal data in accordance with this privacy policy only for the purpose of receiving and reviewing application documents and your suitability for the position in question and, if applicable, preparing and concluding a contract. Depending on the job profile, this may also include checking references and conducting background checks. These processing operations are necessary for the preparation and, if applicable, the conclusion of an employment contract; for the fulfillment of legal obligations; for the exercise of rights; for the protection of the interest in particular of an orderly human resources management. We also use your personal data to be able to contact you again with regard to other positions or to forward your application to other companies in the Group if we are unable to offer you a suitable position. If required by law, we will obtain your consent to do so.
Further general information on the purpose of our data processing can be found in section 1.5.
5.3 Who do we share your data with?
In principle, only persons involved in filling this position have access to your personal data, in particular HR specialists and potential supervisors of the responsible company. We may also share your personal data with our service providers, especially IT service providers or external personnel offices. We take care through the selection of service providers and contractual agreements that data protection is also ensured by service providers.
Further general information on possible data recipients can be found in section 1.8 of this privacy policy.
5.4 Does your data end up abroad?
It is possible that your data will also be passed on to third parties abroad (e.g. group companies or service providers) in the context of your application or the above-mentioned purposes.
Further general information on the disclosure of personal data abroad can be found in section 1.9 of this privacy policy.