Privacy Policy.

SHARKPROJECT International, based in Switzerland, is responsible for the website sharkproject.org. As we operate both in the non-EU area and in the EU area, we are subject to different requirements depending on which data is collected from which persons from which area. Click here for our corresponding privacy policy:

Data protection declaration EU

1. Introduction and contact details of the controller

1.1 We are pleased that you are visiting our website and thank you for your interest. In the following, we will inform you about how we handle your personal data when you use our website. Personal data in this context is all data that can be used to personally identify you.

1.2 The controller in charge of data processing on this website, within the meaning of the General Data Protection Regulation (GDPR), is SHARKPROJECT Merchandising e.V., Rebhaldenstrasse 2, 8910 Affoltern am Albis, Switzerland, Tel.: +41 44 3115941, E-Mail: shop@sharkproject.org. The controller is the natural or legal person who, alone or jointly with others, determines the purposes and means of the processing of personal data.

2. Data collection when you visit our website

2.1 If you use our website for information purposes only, i.e. if you do not register or otherwise provide us with information, we only collect the data that your browser transmits to the page server (so-called ‘server log files’). When you visit our website, we collect the following data, which is technically necessary for us to display the website:

Our visited website
Date and time of access
Amount of data sent in bytes
Source/reference from which you came to the page
Browser used
Operating system used
IP address used (if applicable: in anonymised form)

The processing is carried out in accordance with Art. 6 para. 1 lit. f DSGVO based on our legitimate interest in improving the stability and functionality of our website. The data will not be passed on or used in any other way. However, we reserve the right to check the server log files retrospectively if there are specific indications of unlawful use.

2.2 This website uses SSL or TLS encryption for security reasons and to protect the transmission of personal data and other confidential content (e.g. orders or enquiries to the controller). You can recognise an encrypted connection by the character string ‘https://’ and the lock symbol in your browser line.

3. Hosting & content delivery network

We use a provider that provides its services itself or through selected subcontractors exclusively on servers within the European Union to host our website and display the page content. All data collected on our website is processed on these servers.

We have concluded an order processing contract with the provider that ensures the protection of our site visitors' data and prohibits unauthorised disclosure to third parties.

4. Cookies

We use cookies, i.e. small text files that are stored on your end device, to make visiting our website more attractive and to enable the use of certain functions. Some of these cookies are automatically deleted again after closing the browser (so-called ‘session cookies’), while some of these cookies remain on your end device for longer and enable the storage of page settings (so-called ‘persistent cookies’). In the latter case, you can see the storage period in the overview of the cookie settings of your web browser.

If personal data is also processed by individual cookies we use, the processing is carried out in accordance with Art. 6 (1) point b GDPR, either for the execution of the contract or in accordance with Art. 6 (1) point f GDPR to safeguard our legitimate interests in the best possible functionality of the website and a customer-friendly and effective design of the page visit.

You can adjust the settings on your browser so that you are informed when cookies are set and can decide whether to accept them on a case-by-case basis, or to exclude the acceptance of cookies in certain cases or in general.

Please note that if you do not accept cookies, the functionality of our website may be limited.

5. Contact

When you contact us (e.g. using the contact form or by email), personal data is processed solely for the purpose of processing and responding to your request and only to the extent necessary to do so.

The legal basis for the processing of this data is our legitimate interest in answering your request in accordance with Art. 6 (1) point f GDPR. If your contact is aimed at concluding a contract, the additional legal basis for the processing is Art. 6 (1) point b GDPR. Your data will be deleted if it can be inferred from the circumstances that the matter in question has been conclusively clarified and provided that there are no legal storage obligations to the contrary.

6. Data processing when opening a customer account

In accordance with Art. 6 (1) point b GDPR, personal data transmitted by you to us when opening a customer account will continue to be collected and processed to the extent necessary in each case. The required data for opening an account can be found on the input mask of the corresponding form on our website.

You can delete your customer account at any time by sending a message to the above address of the controller. After deletion of your customer account, your data will be deleted, provided that all contracts concluded through it have been fully processed, there are no legal retention periods to the contrary and we have no legitimate interest in further storage.

7. Use of customer data for direct advertising

7.1 Registration for our email newsletter

If you register for our email newsletter, we will regularly send you information about our offers. The only information required to send the newsletter is your email address. The provision of further data is voluntary and is used to address you personally. We use the so-called double opt-in procedure for sending the newsletter, which ensures that you only receive the newsletter after you have expressly confirmed your consent to receive the newsletter by clicking on a verification link sent to the specified email address.
By activating the confirmation link, you give us your consent to use your personal data in accordance with Art. 6 (1) point a GDPR. In doing so, we store your IP address entered by the Internet Service Provider (ISP) as well as the date and time of registration in order to be able to trace any possible misuse of your e-mail address at a later point in time. The data collected by us when registering for the newsletter is used strictly for the intended purpose.

You can unsubscribe from the newsletter at any time via the link provided in the newsletter or by sending a message to the controller named at the beginning. After you have successfully unsubscribed, your email address will be immediately deleted from our newsletter distribution list, unless you have expressly consented to further use of your data or we reserve the right to use the data in a manner that goes beyond the scope permitted by law and about which we inform you in this statement.

7.2 Shopping basket reminders by email

If you stop shopping with us before completing your order, you have the option of receiving a one-time email reminder of the contents of your virtual shopping basket.
The only mandatory information for sending this reminder is your email address. The provision of further data is voluntary and will be used if necessary to address you personally. We use the so-called double opt-in procedure for sending e-mails, which ensures that you only receive a notification when you have expressly confirmed your consent by clicking on a verification link sent to the specified e-mail address.

By activating the confirmation link, you give us your consent to use your personal data in accordance with Art. 6 (1) point a GDPR for sending a shopping cart reminder. In doing so, we store your IP address entered by the Internet Service Provider (ISP) as well as the date and time of registration in order to be able to trace any possible misuse of your e-mail address at a later point in time. The data collected by us when registering for our e-mail notification service is used strictly for the intended purpose.

You can unsubscribe from the shopping cart reminders at any time by sending a message to the controller named at the beginning. After you have unsubscribed, your e-mail address will be immediately deleted from our mailing list set up for this purpose, unless you have expressly consented to further use of your data or we reserve the right to use data beyond this, which is permitted by law and about which we inform you in this statement.

8. Data processing for order fulfilment

8.1 Insofar as it is necessary for the fulfilment of the contract for delivery and payment purposes, the personal data collected by us will be passed on to the commissioned transport company and the commissioned credit institution in accordance with Art. 6 (1) point b GDPR.

If we owe you updates for goods with digital elements or for digital products on the basis of a corresponding contract, we process the contact data you provided when placing the order (name, address, email address) in order to personally inform you of upcoming updates within the legally prescribed period and in accordance with our legal information obligations pursuant to Art. 6 (1) point c GDPR, using a suitable means of communication (e.g. by post or email). Your contact details will be used strictly for the purpose of providing information about updates that we owe and will only be processed by us to the extent necessary for the respective information.

In order to process your order, we also work together with the following service provider(s), who support us in whole or in part in the execution of concluded contracts. Certain personal data is transmitted to these service providers in accordance with the following information.

8.2 We work with external shipping partners to fulfil our contractual obligations to our customers. We will pass on your name and delivery address and, if necessary for delivery, your telephone number, to a shipping partner selected by us solely for the purpose of delivering goods in accordance with Article 6(1)(b) of the GDPR.

9. Web analysis services

Google Analytics 4

This website uses Google Analytics 4, a web analysis service provided by Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (‘Google’), which enables an analysis of your use of our website.

By default, when you visit the website, Google Analytics 4 sets cookies, which are stored as small text files on your device and collect certain information. The scope of this information also includes your IP address, which is, however, shortened by Google by the last digits in order to exclude a direct personal reference.

The information is transferred to Google servers and processed there. In this context, transfers to Google LLC based in the USA are also possible.

Google uses the collected information on our behalf to analyse your use of the website, to compile reports on website activity for us and to provide other services relating to website activity and internet usage. The abbreviated IP address transmitted by your browser as part of Google Analytics is not merged with other Google data. The data collected as part of the use of Google Analytics 4 is stored for a period of two months and then deleted.

All the processing described above, in particular the setting of cookies on the end device used, will only take place if you have given us your express consent to do so in accordance with Art. 6 (1) point a GDPR.

Without your consent, Google Analytics 4 will not be used during your visit to the site. You can revoke your consent at any time with effect for the future. To exercise your right of revocation, please deactivate this service using the ‘Cookie-Consent-Tool’ provided on the website.

We have concluded a data processing agreement with Google that ensures the protection of our site visitors' data and prohibits unauthorised disclosure to third parties.
Further legal information on Google Analytics 4 can be found at

Demographic data

Google Analytics 4 uses the special function ‘demographic data’ and can use it to generate statistics that provide information about the age, gender and interests of site visitors. This is done by analysing advertising and information from third-party providers. This makes it possible to identify target groups for marketing activities. However, the collected data cannot be assigned to a specific person and is deleted after being stored for a period of two months.

Google Signals

As an extension to Google Analytics 4, Google Signals can be used on this website to create cross-device reports. If you have activated personalised ads and linked your devices to your Google account, Google can, subject to your consent to the use of Google Analytics in accordance with Art. 6 (1) point a GDPR, analyse your usage behaviour across devices and create database models, including for cross-device conversions. We do not receive any personal data from Google, only statistics. If you wish to stop the cross-device analysis, you can disable the ‘Personalised advertising’ function in your Google Account settings. To do this, follow the instructions on this page: https://support.google.com/ads/answer/2662922?hl=de. Further information about Google Signals can be found at the following link: https://support.google.com/analytics/answer/7532985?hl=de.

UserIDs

As an extension to Google Analytics 4, the ‘UserIDs’ function can be used on this website. If you have consented to the use of Google Analytics 4 in accordance with Art. 6 (1) point a GDPR, set up an account on this website and log in to this account on various devices, your activities, including conversions, can be analysed across devices.
For data transfers to the US, the provider has joined the EU-US Data Privacy Framework, which ensures compliance with the European data protection level on the basis of an adequacy decision by the European Commission.

10. Site functionalities

10.1 Youtube

This website uses plugins to display and play videos from the following provider: Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland
Data may also be transmitted to: Google LLC, USA.

When you visit a page on our website that contains such a plugin, your browser establishes a direct connection to the provider’s servers to load the plugin. In doing so, certain information, including your IP address, is transmitted to the provider.

If the playback of embedded videos is started via the plugin, the provider also uses cookies to collect information about user behaviour, to create playback statistics and to prevent abusive behaviour.

If you are logged into a user account with the provider while visiting our site, your data will be directly assigned to your account when you click on a video. If you do not want the information to be associated with your account, you must log out before clicking the play button.

All of the aforementioned processing, in particular the setting of cookies for reading information on the end device used, will only take place if you have given us your express consent to do so in accordance with Art. 6 (1) point a GDPR. You can revoke your consent at any time with effect for the future by deactivating this service using the ‘Cookie-Consent-Tool’ provided on the website.

For data transfers to the USA, the provider has joined the EU-US Data Privacy Framework, which ensures compliance with the European data protection level on the basis of an adequacy decision by the European Commission.

10.2 Google Maps

This website uses an online map service provided by the following provider: Google Maps (API) from Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (‘Google’).

Google Maps is a web service for displaying interactive maps to visually display geographic information. By using this service, our location is displayed to you and it is easier for you to find us.

When you access a subpage that has an embedded Google Maps map, information about your use of our website (such as your IP address) is transmitted to and stored by Google on servers in the United States. This happens regardless of whether Google provides a user account that you are logged in to or whether a user account exists. If you are logged in to Google, your information will be directly associated with your account. If you do not want this information to be associated with your Google profile, you must log out before activating the button. Google stores your data (even for users who are not logged in) as user profiles and evaluates them.

The collection, storage and analysis are carried out in accordance with Art. 6 (1) point f GDPR on the basis of Google’s legitimate interest in the insertion of personalised advertising, market research and/or the demand-oriented design of Google websites. You have the right to object to the creation of these user profiles, but you must contact Google to exercise this right. If you do not agree to the future transmission of your data to Google when using Google Maps, you also have the option of completely deactivating the Google Maps web service by switching off the JavaScript application in your browser. Google Maps and thus the map display on this website cannot then be used.

Insofar as legally required, we have obtained your consent for the processing of your data as described above in accordance with Art. 6 (1) point a GDPR. You can withdraw your consent at any time with effect for the future. To exercise your right of withdrawal, please follow the procedure described above for lodging an objection.
For data transfers to the US, the provider has joined the EU-US Data Privacy Framework, which ensures compliance with the European data protection level on the basis of an adequacy decision by the European Commission.

Further information on Google’s privacy policy can be found here: https://business.safety.google/intl/de/privacy/.

10.3 Google Maps API

In order to enable the verification of certain entries in the address form of our webshop’s order process for input errors in real time, we use the services of the following provider: Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland. Data may also be transmitted to: Google LLC, USA.

The provider validates the address entered, verifies the spelling and adds any missing data. Correct alternative suggestions are displayed for addresses that are not unique. For this purpose, the address data you have entered is transmitted to the provider, stored and evaluated there.

This processing is carried out in accordance with Art. 6 Para. 1 lit. f GDPR on the basis of our legitimate interest in the proper collection of the customer’s correct address data for the conscientious fulfilment of our contractual delivery obligations and to prevent problems with the execution of the contract.

The provider processes the data concerned separately and does not merge it with other data sets, and deletes it as soon as its status or correctness has been confirmed, but no later than 30 days.

For data transfers to the US, the provider has joined the EU-US Data Privacy Framework, which ensures compliance with the European data protection level on the basis of an adequacy decision by the European Commission.

Further information on Google’s privacy policy can be found here: https://business.safety.google/intl/de/privacy/.

10.4 Google Forms

We use the services of the following provider to conduct surveys or for online forms: Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, Ireland.
In addition to a transmission of data to the above-mentioned provider location, data can also be transmitted to: Google LLC, USA.

The provider enables us to design and evaluate surveys and online forms. In addition to the personal data that you enter in the forms, information about your operating system, browser, date and time of your visit, referrer URL and your IP address is also collected, transmitted to the provider and stored on the provider’s servers.
The storage of the information you enter in the forms is password-protected to ensure that third-party access is excluded and that only we can evaluate the data for the purpose stated in the form.

When processing personal data that is necessary for the fulfilment of a contract with you (this also applies to processing operations that are necessary for the implementation of pre-contractual measures), Art. 6 para. 1 lit. b DSGVO serves as the legal basis. If you have given us consent to process your data, the processing is carried out on the basis of Art. 6 para. 1 lit. a DSGVO. Consent that has been granted can be withdrawn at any time with effect for the future.

We have concluded a data processing agreement with the provider that ensures the protection of our site visitors' data and prohibits unauthorised disclosure to third parties.
For data transfers to the US, the provider has joined the EU-US Data Privacy Framework, which ensures compliance with the European data protection level on the basis of an adequacy decision by the European Commission.

Further information on Google’s privacy policy can be found here: https://business.safety.google/intl/de/privacy/.

10.5 Microsoft Forms

We use the services of the following provider to conduct surveys or for online forms: Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA
The provider enables us to design and analyse surveys and online forms. In addition to the personal data that you enter in the forms, information about your operating system, browser, date and time of your visit, referrer URL and your IP address is also collected, transmitted to the provider and stored on the provider’s servers.

The storage of the information you enter in the forms is password-protected to ensure that third-party access is excluded and that only we can evaluate the data for the purpose stated in the form.

When processing personal data that is necessary for the fulfilment of a contract with you (this also applies to processing operations that are necessary for the implementation of pre-contractual measures), Art. 6 para. 1 lit. b DSGVO serves as the legal basis. If you have given us consent to process your data, the processing is carried out on the basis of Art. 6 (1) point a GDPR. Consent that has been given can be withdrawn at any time with effect for the future.

We have concluded a data processing agreement with the provider that ensures the protection of our site visitors' data and prohibits unauthorised disclosure to third parties.
For data transfers to the US, the provider has joined the EU-US Data Privacy Framework, which ensures compliance with the European level of data protection on the basis of an adequacy decision by the European Commission.

10.6 Applications for job postings by email

On our website, we advertise current vacancies in a separate section, for which interested parties can apply by e-mail to the provided contact address.

Applicants must provide all personal data necessary for a well-founded assessment, including general information such as name, address and contact details, as well as performance-related evidence and, if applicable, health-related information. Details of the application can be found in the job advertisement.

After receipt of the application by e-mail, the data will be stored and evaluated exclusively for the purpose of processing the application. If we have any questions, we will either use the applicant’s e-mail address or telephone number. The processing is carried out on the basis of Art. 6 (1) point b GDPR (or Art. 26 (1) Federal Data Protection Act (BDSG)), in which the completion of the application procedure is considered to be the initiation of an employment contract.

Insofar as special categories of personal data within the meaning of Art. 9 (1) GDPR (e.g. health data such as information on severely disabled status) are requested from applicants as part of the application process, the processing is carried out in accordance with Art. 9 (2) point b GDPR so that we can exercise the rights arising from labour law and social security and social protection law and fulfil our obligations in this regard.

Cumulatively or alternatively, the processing of special categories of data may also be based on Article 9(1)(h) of the GDPR if it is carried out for the purposes of preventive or occupational medicine, for the assessment of the applicant’s ability to work, for medical diagnosis, for the provision of care or treatment in the health or social field or for the management of health or social care systems and services.

If the applicant is not selected or if an applicant withdraws his application prematurely, the data submitted by him/her and all electronic correspondence, including the application email, will be deleted after a corresponding notification at the latest after 6 months. This period is based on our legitimate interest in answering any follow-up questions regarding the application and, if necessary, in being able to fulfil our obligations to provide evidence under the regulations for the equal treatment of applicants.

In the event of a successful application, the data provided will be processed on the basis of Art. 6 (1) point b GDPR (for processing in Germany in conjunction with Section 26 (1) of the German Federal Data Protection Act (BDSG)) for the purpose of implementing the employment relationship.

10.7 Online applications using a form

We advertise current vacancies in a separate section of our website, where interested parties can apply using a corresponding form.

Applicants must provide all personal data required for a well-founded assessment, including general information such as name, address and contact details, as well as performance-related evidence and, if applicable, health-related information. Details of the application can be found in the job advertisement.

When the form is sent, the applicant data is encrypted using state-of-the-art technology and transmitted to us, stored by us and evaluated exclusively for the purpose of processing the application. The processing is carried out on the basis of Art. 6 (1) point b GDPR (or Art. 26 (1) Federal Data Protection Act (BDSG)), in which the completion of the application process is considered to be the initiation of an employment contract.

Cumulatively or alternatively, the processing of special categories of data may also be based on Article 9(1)(h) of the GDPR if it is carried out for the purposes of preventive or occupational medicine, for the assessment of the applicant’s ability to work, for medical diagnosis, for the provision of care or treatment in the health or social sector or for the management of systems and services in the health or social sector.

If the applicant is not selected or withdraws his application prematurely, his data submitted on forms and all electronic correspondence including the application email will be deleted after 6 months at the latest after notification. This period is based on our legitimate interest in answering any follow-up questions regarding the application and, if necessary, to be able to fulfil our obligations to provide evidence under the regulations for the equal treatment of applicants.

In the event of a successful application, the data provided will be processed on the basis of Art. 6 para. 1 lit. b DSGVO (in the case of processing in Germany in conjunction with § 26 para. 1 BDSG) for the purpose of implementing the employment relationship.

11. Tools and other

11.1 Bexio

We use the cloud-based accounting software service from the following provider for our accounting: bexio AG, Alte Jonastrasse 24, 8640 Rapperswil-Jona, Switzerland
The provider processes incoming and outgoing invoices as well as, if applicable, our company’s bank transactions in order to automatically record invoices, match them to the transactions and create the financial accounting from this in a partially automated process.

Insofar as personal data is also processed in this context, the processing is carried out on the basis of our legitimate interest in the efficient organisation and documentation of our business transactions.

11.2 Cookie consent tool

This website uses a so-called ‘cookie consent tool’ to obtain effective user consent for cookies and cookie-based applications that require consent. The ‘cookie consent tool’ is displayed to users when they visit the site in the form of an interactive user interface on which consent for certain cookies and/or cookie-based applications can be given by ticking the appropriate boxes. When the tool is used, all cookies/services requiring consent are only loaded if the respective user gives their consent by ticking the appropriate box. This ensures that such cookies are only set on the user’s device if consent has been given.

The tool sets technically necessary cookies to store your cookie preferences. Personal user data is generally not processed in this process.

If, in individual cases, personal data (such as the IP address) is processed for the purpose of storing, assigning or logging cookie settings, this is done in accordance with Art. 6 (1) point f GDPR, on the basis of our legitimate interest in a legally compliant, user-specific and user-friendly consent management for cookies and, consequently, in a legally compliant design of our website.

Another legal basis for the processing is also Article 6(1)(c) GDPR. As the controller, we are subject to the legal obligation to make the use of technically unnecessary cookies dependent on the respective user consent.

Where necessary, we have concluded a data processing agreement with the provider that ensures the protection of the data of our site visitors and prohibits unauthorised disclosure to third parties.

Further information about the operator and the setting options for the cookie consent tool can be found directly in the corresponding user interface on our website.

12. Rights of the data subject

12.1 The applicable data protection law grants you the following rights (rights of information and intervention) vis-à-vis the data controller with regard to the processing of your personal data, whereby reference is made to the stated legal basis for the respective conditions of exercise:

Right of access according to Art. 15 GDPR;
Right to rectification according to Art. 16 GDPR;
Right to erasure in accordance with Art. 17 GDPR;
Right to restriction of processing in accordance with Art. 18 GDPR;
Right to notification in accordance with Art. 19 GDPR;
Right to data portability in accordance with Art. 20 GDPR;
Right to withdraw consent granted in accordance with Art. 7 (3) GDPR;
Right to lodge a complaint in accordance with Art. 77 GDPR.

12.2 Right to object

If, in the context of a balancing of interests, we process your personal data on the basis of our predominant legitimate interest, you have the right at any any time, for reasons arising from your particular situation, to file an objection to this processing with effect for the future.

If you exercise your right to object, we will stop processing the data concerned. However, we reserve the right to continue processing if we can prove that there are compelling reasons for processing which are worthy of protection and which outweigh your interests, fundamental rights and freedoms, or for the establishment, exercise or defence of legal claims.

If we process your personal data for the purpose of direct marketing, you have the right to object at any time to the processing of your personal data for the purpose of such marketing. You can exercise the right to object as described above.

If you exercise your right to object, we will stop processing the data concerned for direct marketing purposes.

13. Duration of the storage of personal data

The duration of the storage of personal data is determined on the basis of the respective legal basis, the purpose of the processing and, if relevant, additionally on the basis of the respective legal retention period (e.g. commercial and tax law retention periods).

When processing personal data on the basis of express consent in accordance with Art. 6 (1) point a GDPR, the data concerned will be stored until you revoke your consent.
If there are statutory retention periods for data that is processed in the context of legal or similar obligations on the basis of Art. 6 (1) point b GDPR, this data is routinely erased after the retention period has expired if it is no longer required for the fulfilment or initiation of a contract and/or if we have no legitimate interest in further storage.
When processing personal data on the basis of Art. 6 (1) (f) GDPR, this data is stored until you exercise your right to object in accordance with Art. 21 (1) GDPR, unless we can demonstrate compelling legitimate grounds for the processing that outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.

When processing personal data for the purpose of direct marketing on the basis of Art. 6 (1) point f GDPR, this data is stored until you exercise your right of objection under Art. 21 (2) GDPR.

Unless otherwise indicated by the other information in this statement about specific processing situations, stored personal data will be deleted when it is no longer necessary for the purposes for which it was collected or otherwise processed.

Data protection declaration NON-EU

1. Introduction and contact details of the controller

1.2 The controller in charge of data processing on this website, within the meaning of the Swiss Data Protection Act (DSG), is SHARKPROJECT Merchandising e.V., Rebhaldenstrasse 2, 8910 Affoltern am Albis, Switzerland, Tel.: +41 44 3115941, E-Mail: shop@sharkproject.org. The controller of personal data is the natural or legal person who, alone or jointly with others, determines the purposes and means of the processing of personal data.

2. Data collection when you visit our website

2.1 If you use our website for information purposes only, i.e. if you do not register or otherwise provide us with information, we only collect the data that your browser transmits to our server (so-called ‘server log files’). When you visit our website, we collect the following data, which is technically necessary for us to display the website:

Our visited website
Date and time of access
Amount of data sent in bytes
Source/reference from which you came to the page
Browser used
Operating system used
IP address used (if applicable: in anonymised form)

The data will not be passed on or used in any other way. However, we reserve the right to check the server log files retrospectively if there are concrete indications of illegal use.

2.2 This website uses SSL or TLS encryption for security reasons and to protect the transmission of personal data and other confidential content (e.g. orders or requests to the controller). You can recognise an encrypted connection by the character string ‘https://’ and the lock symbol in your browser line.

3. Hosting & content delivery network

We have concluded an order processing contract with the provider that protects the data of our site visitors and prohibits the transfer of this data to third parties.

4. Cookies

We use cookies on various pages to make visiting our website more attractive and to enable the use of certain functions. These are small text files that are stored on your end device. Some of the cookies we use are deleted after the end of the browser session, i.e. when you close your browser (these are called session cookies). Other cookies remain on your device and enable us or our partner companies (third-party cookies) to recognise your browser the next time you visit (persistent cookies). If cookies are set, they collect and process certain user information such as browser and location data as well as IP address values to an individual extent. Persistent cookies are automatically deleted after a specified period, which may differ depending on the cookie.

In some cases, cookies are used to simplify the order process by saving settings (e.g. remembering the contents of a virtual shopping basket for a later visit to the website).
We may work together with advertising partners to help us make our website more interesting for you. For this purpose, cookies from partner companies are also stored on your hard drive when you visit our website (third-party cookies). If we work together with the aforementioned advertising partners, you will be individually and separately informed about the use of such cookies and the scope of the information collected in each case in the following paragraphs.

Please note that you can adjust your browser settings so that you are informed when cookies are set and can decide whether to accept them individually or to exclude the acceptance of cookies in certain cases or in general. Each browser differs in the way it manages cookie settings. This is described in the help menu of each browser, which explains how you can change your cookie settings. You can find these for the respective browser at the following links:

Microsoft Edge: https://support.microsoft.com/de-de/microsoft-edge/temporäres-zulassen-von-cookies-und-website-daten-in-microsoft-edge-597f04f2-c0ce-f08c-7c2b-541086362bd2
Firefox: https://support.mozilla.org/de/kb/cookies-erlauben-und-ablehnen
Chrome: http://support.google.com/chrome/bin/answer.py?hl=de&hlrm=en&answer=95647
Safari: https://support.apple.com/kb/ph21411?locale=de_DE
Opera: https://help.opera.com/en/latest/web-preferences/#cookies

Please note that if you do not accept cookies, the functionality of our website may be limited.

5. Contact

When you contact us (e.g. using a contact form or by email), personal data is collected. The data collected in the case of a contact form can be seen from the respective contact form. These data are stored and used solely for the purpose of answering your request or for establishing contact and for the associated technical administration. Your data will be deleted after the final processing of your request. This is the case if it can be inferred from the circumstances that the facts in question have been conclusively clarified and provided that there are no legal storage obligations to the contrary.

6. Data processing when opening a customer account and for contract processing

Personal data is collected and processed when you provide it to us for the purpose of executing a contract or opening a customer account. The data collected can be seen from the respective input forms. You can delete your customer account at any time by sending a message to our address. We store and use the data you provide for the purpose of processing the contract. After deletion of your customer account, your data will be blocked with due regard to tax and commercial law retention periods and deleted after these deadlines, unless we can prove an overriding interest for further processing within the meaning of Art. 31 para. 2 DSG or a justification under the law.

7. Use of your data for direct mail

Registering for our e-mail newsletter

By providing your personal data, you agree that we may use this data to send you newsletters.

We store your IP address entered by the Internet Service Provider (ISP) as well as the date and time of registration in order to be able to trace any possible misuse of your e-mail address at a later point in time. The data collected by us when registering for the newsletter is used exclusively for the purpose of advertising by means of the newsletter. You can unsubscribe from the newsletter at any time via the link provided in the newsletter or by sending us a message to that effect. After you have cancelled your subscription, your e-mail address will be immediately deleted from our newsletter distribution list, unless we can prove an overriding interest for further processing in accordance with Art. 31 para. 2 DSG or a justification under the law.

8. Data processing for order fulfilment

8.1 The personal data collected by us will be forwarded to the transport company commissioned with the delivery as part of the contract processing, insofar as this is necessary for the delivery of the goods. We will forward your payment data to the commissioned credit institution as part of the payment processing, insofar as this is necessary for the payment processing. If special service providers are used for the order processing, we will explicitly inform you of this below.

8.2 We work with external shipping partners to fulfil our contractual obligations to our customers. We will only pass on your name and delivery address to a shipping partner selected by us for the purpose of delivering the goods.

8.3 Use of payment service providers (payment services)

Mollie: If you choose a payment method from the payment service provider Mollie, payment will be processed by the payment service provider Mollie B.V., Keizersgracht 313, 1016 EE Amsterdam, Netherlands, to whom we will pass on the information you provided during the ordering process, together with information about your order (name, address, IBAN, BIC, invoice amount, currency and transaction number). Your data is shared exclusively for the purpose of processing the payment with the payment service provider Mollie and only to the extent necessary.

PayPal: When you pay via PayPal, credit card via PayPal, direct debit via PayPal or – if offered – ‘purchase on account’ or ‘payment by instalments’ via PayPal, we will pass on your payment data to PayPal (Europe) S.a.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter ‘PayPal’) as part of the payment processing. The transfer only takes place to the extent necessary for the payment processing.

PayPal reserves the right to carry out a credit check for the payment methods credit card via PayPal, direct debit via PayPal or – if offered – ‘purchase on account’ or ‘payment by instalments’ via PayPal. For this purpose, your payment data may be passed on to credit reference agencies on the basis of PayPal’s legitimate interest in determining your solvency. PayPal uses the result of the credit check in relation to the statistical probability of non-payment for the purpose of deciding whether to provide the respective payment method. The credit report may contain probability values (so-called score values). Insofar as score values are included in the result of the credit report, these are based on a scientifically recognised mathematical-statistical procedure. The calculation of the score values includes, among other things, but not exclusively, address data. For further information on data protection, including information on the credit reference agencies used, please refer to PayPal’s data protection declaration: https://www.paypal.com/de/webapps/mpp/ua/privacy-full.

You can object to this processing of your data at any time by sending a message to PayPal. However, PayPal may still be entitled to process your personal data if this is necessary for the contractual processing of payments.

PostFinance: If you decide on a payment method from the payment service provider ‘PostFinance’, the payment will be processed by the payment service provider PostFinance AG ( Mingerstrasse 20, CH-3030 Bern, hereinafter referred to as Postfinance), to we will pass on the information you provided during the ordering process, together with the information about your order (name, address, account number, bank code, possibly credit card number, invoice amount, currency and transaction number). Your data will be passed on exclusively for the purpose of processing the payment with the payment service provider PostFinance and only to the extent necessary.

Six Payment: If you choose a payment method from the payment service provider Six Payment, the payment will be processed by the payment service provider Six Payment Services AG (Hardturmstrasse 201, CH-8021 Zurich, hereinafter ‘Six Payment’), to we will pass on the information you provided during the ordering process, together with information about your order (name, address, account number, sort code, possibly credit card number, invoice amount, currency and transaction number). Your data will be passed on solely for the purpose of processing the payment with the payment service provider Six Payment and only to the extent necessary.

TWINT: If you decide on a payment method from the payment service provider ‘TWINT’, the payment will be processed by the payment service provider TWINT AG (Stauffacherstrasse 31, CH-8004 Zurich, hereinafter ‘TWINT’), to whom we will pass on the information you provided during the ordering process, together with information about your order (name, address, account number, bank code, possibly credit card number, invoice amount, currency and transaction number). Your data will be passed on solely for the purpose of processing the payment with the payment service provider TWINT and only to the extent necessary.

9. Use of social media: social plugins

Instagram plugins

Our website uses social plugins (‘plugins’) from the online service Instagram, which is operated by Meta Platforms Ireland Limited, 4 Grand Canal Quay, Square, Dublin 2, Ireland (‘Instagram’). The plugins are labelled with an Instagram logo, for example in the form of an ‘Instagram camera’. An overview of the Instagram plugins and what they look like can be found here: http://blog.instagram.com/post/36222022872/introducing-instagram-badges.

When you visit a page of our website that contains such a plugin, your browser establishes a direct connection to Instagram’s servers. The content of the plugin is transmitted by Instagram directly to your browser and integrated into the page. This integration means that Instagram receives the information that your browser has accessed the corresponding page of our website, even if you do not have an Instagram profile or are not currently logged in to Instagram. This information (including your IP address) is transmitted directly from your browser to a Meta Platforms Inc. server in the United States and stored there.

If you are logged into Instagram, Instagram can immediately associate your visit to our website with your Instagram account. If you interact with the plugins, for example by pressing the ‘Instagram camera’ button, this information is also transmitted directly to an Instagram server and stored there. The information is also published on your Instagram account and displayed to your contacts there.

If you do not want Instagram to associate the data collected through our website directly with your Instagram account, you must log out of Instagram before visiting our website. You can also object to the loading of Instagram plugins and thus to the data processing operations described above with add-ons for your browser for the future, e.g. with the script blocker ‘NoScript’ (http://noscript.net/).

For information on the purpose and scope of data collection and the further processing and use of the data by Instagram, as well as your rights in this regard and setting options for protecting your privacy, please refer to Instagram’s data protection information: https://help.instagram.com/155833707900388/.

For the transmission of data to the USA, the provider relies on the standard contractual clauses of the Federal Data Protection and Information Commissioner (FDPIC), which are intended to ensure compliance with the Swiss level of data protection.

10. Use of social media: videos

Use of YouTube videos

This website uses the YouTube embedding function to display and play videos from the provider YouTube, which belongs to Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (‘Google’).

The advanced privacy mode is used here, which, according to the provider, only initiates the storage of user information when the video(s) are played. When embedded YouTube videos are played, the provider ‘YouTube’ uses cookies to collect information about user behaviour. According to information from ‘YouTube’, these are used, among other things, to collect video statistics, improve user-friendliness and prevent abusive practices. If you are logged into Google, your data will be directly associated with your account when you click on a video. If you do not want this information to be associated with your YouTube profile, you must log out before activating the button. Google stores your data (even for users who are not logged in) as user profiles and evaluates them. You have the right to object to the creation of these user profiles, but you must contact YouTube to exercise this right. When using YouTube, personal data may also be transmitted to the servers of Google LLC. in the USA.

Regardless of whether the embedded videos are played, a connection to the Google network is established each time this website is accessed, which may trigger further data processing operations without our influence.

Further information on data protection at ‘YouTube’ can be found in the provider’s data protection declaration at: https://www.google.de/intl/de/policies/privacy.

For the transmission of data to the USA, the provider relies on standard contractual clauses of the Swiss Federal Data Protection and Information Commissioner (FDPIC), which are intended to ensure compliance with the Swiss level of data protection.

11. Web analysis services

Google Analytics 4

The information is transferred to Google servers and processed there. In this context, transfers to Google LLC based in the USA are also possible.

All the processing described above, in particular the setting of cookies on the end device used, will only take place if you have given us your express consent to do so.

We have concluded a data processing agreement with Google that ensures the protection of the data of our site visitors and prohibits unauthorised disclosure to third parties.

Further legal information about Google Analytics 4 can be found at

Demographic characteristics

Google Analytics 4 uses the special function ‘demographic characteristics’ and can use it to create statistics that provide information about the age, gender and interests of site visitors. This is done by analysing advertising and information from third-party providers. This allows target groups for marketing activities to be identified. However, the collected data cannot be assigned to a specific person and will be deleted after being stored for a period of two months.

Google Signals

As an extension to Google Analytics 4, Google Signals can be used on this website to create cross-device reports. If you have activated personalised ads and linked your devices to your Google account, Google can, subject to your consent to use Google Analytics, analyse your usage behaviour across devices and create database models, including for cross-device conversions. We do not receive any personal data from Google, only statistics. If you wish to stop the cross-device analysis, you can disable the ‘Personalised advertising’ function in your Google Account settings. To do this, follow the instructions on this page: https://support.google.com/ads/answer/2662922?hl=de. Further information about Google Signals can be found at the following link: https://support.google.com/analytics/answer/7532985?hl=de.

UserIDs

As an extension to Google Analytics 4, the ‘UserIDs’ function can be used on this website. If you have consented to the use of Google Analytics 4, set up an account on this website and log in to this account on different devices, your activities, including conversions, can be analysed across devices.

12. Tools and other

12.1 Bexio

12.2 Cookie consent tool

This website uses a so-called ‘cookie consent tool’ to obtain effective user consent for cookies and cookie-based applications that require consent. The ‘cookie consent tool’ is displayed to users when they visit the site in the form of an interactive user interface on which consent for certain cookies and/or cookie-based applications can be given by ticking the appropriate boxes. When the tool is used, all cookies/services requiring consent are only loaded if the respective user gives their consent by ticking the appropriate box. This ensures that such cookies are only stored on the user’s device if consent has been given.

The tool sets technically necessary cookies to store your cookie preferences. Personal user data is generally not processed in this process.

If, in individual cases, personal data (such as the IP address) is processed for the purpose of storing, assigning or logging cookie settings, this is done on the basis of our legitimate interest in a legally compliant, user-specific and user-friendly consent management for cookies and, consequently, in a legally compliant design of our website.

Furthermore, as the controller, we are subject to the legal obligation to make the use of technically unnecessary cookies dependent on the respective user consent.

Further information about the operator and the setting options for the cookie consent tool can be found directly in the corresponding user interface on our website.

12.3 Google Maps

On our website, we use Google Maps (API) from Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (‘Google’). Google Maps is a web service for displaying interactive maps to visually display geographic information. By using this service, our location is displayed to you and it is easier for you to find us.

When you access a subpage that has an embedded Google Maps map, information about your use of our website (such as your IP address) is transmitted to and stored by Google on servers in the United States. This may also result in a transmission to the servers of Google LLC. in the USA. This occurs regardless of whether Google provides a user account that you are logged in to or whether there is no user account. If you are logged into Google, your data will be directly associated with your account. If you do not want this information to be associated with your Google profile, you must log out before activating the button. Google stores your data (even for users who are not logged in) as user profiles and analyses them. You have the right to object to the creation of these user profiles; to exercise this right, you must contact Google.

If you do not agree to the future transmission of your data to Google in the context of using Google Maps, there is also the option of completely deactivating the Google Maps web service by switching off the JavaScript application in your browser. Google Maps and thus the map display on this website cannot then be used.

You can view Google’s terms of use at https://www.google.de/intl/de/policies/terms/regional.html, and the additional terms of use for Google Maps can be found at https://www.google.com/intl/de_US/help/terms_maps.html.

Detailed information on data protection in connection with the use of Google Maps can be found on the Google website (‘Google Privacy Policy’): https://business.safety.google/intl/de/privacy/ and https://www.google.de/intl/de/policies/privacy/.

13. Rights of the data subject

The applicable data protection law grants you the following rights (rights of information and intervention) vis-à-vis the data controller with regard to the processing of your personal data, whereby reference is made to the stated legal basis for the respective conditions of exercise:

Right of access according to Art. 25 DSG
Right to data disclosure or transfer according to Art. 28 DSG
Right to rectification in accordance with Art. 32 (1) DSG

14. Duration of storage of personal data

The duration of the storage of personal data is determined on the basis of the respective legal basis, the purpose of the processing and, if relevant, additionally on the basis of the respective statutory retention period (e.g. retention periods under the Swiss Code of Obligations).

When personal data is processed on the basis of express consent, the data concerned is stored until you revoke your consent.

If there are statutory retention periods for data, this data will be stored for the duration provided for by law.

Otherwise, personal data will be processed for as long as you do not expressly prohibit the processing, unless we can demonstrate an overriding interest in further processing within the meaning of Art. 31 para. 2 FADP or a justification under the law.