DATA PRIVACY NOTICE
DATA PRIVACY NOTICE TIERKREMATORIUM ROSENGARTEN AG
Tierkrematorium ROSENGARTEN AG attaches great importance to the protection of your personal data. In this data protection declaration we explain how we collect and process personal data. We treat your personal data confidentially and in accordance with the statutory data protection regulations. This is not an exhaustive description. Personal data means all information that relates to a specific or identifiable person.
If you provide us with personal data of other persons (e.g. customers, employees or acquaintances), please ensure that these persons are familiar with this data protection declaration. Only share their personal data with us if you are permitted to do so and if this personal data is correct.
This data protection declaration is based on the Swiss Data Protection Act (DSG) and the EU General Data Protection Regulation (DSGVO).
1. Who is responsible for data protection at our company? Who is our EU representative?
Our company Tierkrematorium ROSENGARTEN AG, Fänn-West 10, CH-6403 Küssnacht am Rigi, e-mail: info@rosengarten-tierkrematorium.ch and ROSENGARTEN GmbH, Devern 13, D-49635 Badbergen are responsible for data processing (DSG or Art. 13 No. 1 lit. a DSGVO). If you have any concerns regarding data protection, please send them by post or e-mail to the above address.
Our representative in the EU area is ROSENGARTEN GmbH, Devern 13, D-49635 Badbergen, e-mail: info@mein-rosengarten.de (Art. 27 DSGVO).
2. How do we collect and process personal data?
We primarily process personal data that we receive from our customers and other business partners in the course of our business relationship with them and other persons involved in it, or that we collect from their users when operating our website and other applications.
On the one hand, your data is collected when you provide it to us. This may, for example, be data that you enter in a contact form.
Other data is collected automatically or with your consent by our IT systems when you visit the website. This is mainly technical data (e.g. internet browser, operating system or time of page view). This data is collected automatically as soon as you enter this website.
Insofar as this is permitted, we also take certain data from publicly accessible sources (e.g. debt collection registers, land registers, commercial registers, press, Internet) or receive this data from authorities and other third parties (DSG or Art. 14 DSGVO). In addition to the data about you that you give us directly, the categories of personal data that we receive about you from third parties include, in particular, information from public registers, information that we learn in connection with official and judicial proceedings, information in connection with your professional functions and activities (so that we can, for example, conduct business with your company with your help). (e.g. so that we can conclude and process transactions with your employer with your help), information about you in correspondence and meetings with third parties, creditworthiness information (insofar as we process transactions with you personally), information about you that people close to you (family, advisors, legal representatives, etc.) give us so that we can conclude contracts with you. ) so that we can conclude or process contracts with you or involving you (e.g. references, your address for deliveries, powers of attorney, information on compliance with legal requirements, information from banks, insurance companies, sales and other contractual partners of ours on the use or provision of services by you (e.g. payments made, purchases made). (e.g. payments made, purchases made), personal data from the media and the Internet (where this is appropriate in a specific case, e.g. as part of a job application, for marketing purposes), your addresses and, where applicable, interests and other socio-demographic data (for marketing), data in connection with the use of the website (cf. 2.1.).
Our website is hosted by Hetzner Online GmbH, based in 91710 Gunzenhausen, Germany, which also processes the above data as an order processor. The data protection declaration of Hetzner Online GmbH can be found here.
2.1 What happens during the purely informational use of our website?
If you use our website purely for information purposes, i.e. if you do not register as a user or otherwise transmit information, we collect the so-called server log data from you: IP address, date and time of the request, time zone difference to Greenwich Mean Time (GMT), content of the request (specific page), access status/HTTP status code, amount of data transferred in each case, website from which the request comes, browser, operating system and its interface, language and version of the browser software. We receive this data via cookies and directly from your browser. The purpose of this processing is the technically error-free presentation and optimisation of our website - for this purpose, the server log files must be recorded. The legal basis for this is DSG or Art. 6 para. 1 sentence 1 lit. f DSGVO, according to which the processing of personal data is possible even without the consent of the data subject if the processing is necessary to protect the legitimate interests of the controller or a third party, unless the interests or fundamental rights and freedoms of the data subject which require the protection of personal data prevail, in particular if the data subject is a child. The aforementioned purposes are in our interest. Insofar as we use cookies, we refer to our explanations under point 3.
2.1.1 SSL or TLS encryption
For security reasons and to protect the transmission of confidential content, such as orders or enquiries that you send to us as the site operator, this site uses SSL or TLS encryption. You can recognise an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in your browser line. If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.
2.1.2 Encrypted payment transactions on this website
If there is an obligation to transmit your payment data (e.g. account number in the case of direct debit authorisation) to us after the conclusion of a contract with costs, this data is required for payment processing.
Payment transactions via the common means of payment (Visa/MasterCard, PostFinance card, direct debit) are made exclusively via an encrypted SSL or TLS connection. You can recognise an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in your browser line.
With encrypted communication, your payment data that you transmit to us cannot be read by third parties.
2.2 What happens when you use our contact forms?
If you communicate with us via our contact forms, we collect the following data:
Salutation, surname, first name, e-mail address, telephone number, content of the message, if applicable, whether a callback is desired, if applicable, order of the desired flyers, which you enter via the contact form.
Your details from the enquiry form, including the contact details you provide there, are stored with us for the purpose of processing the enquiry and in the event of follow-up questions. The data you enter in the contact form will remain with us until you request us to delete it, revoke any consent you may have given for it to be stored, or until the purpose for storing the data no longer applies (e.g. after we have completed processing your enquiry; in this case within 6 months of completion at the latest). Legal or contractual retention periods remain reserved.
Insofar as a specific contractual relationship is involved, whether in connection with the initiation, implementation or termination, the legal basis for processing is the DSG or Art. 6 para. 1 lit. b DSGVO. In all other cases, the processing is based on our legitimate interest in the effective processing of the enquiries addressed to us (DSG or Art. 6 para. 1 lit. f DSGVO) or on your consent (DSG or Art. 6 para. 1 lit. a DSGVO) if this has been requested. The consent can be revoked at any time. Communication outside of a contractual relationship is in our mutual interest.
2.3 Request by e-mail or telephone
If you contact us by e-mail or telephone, your enquiry including all resulting personal data (usually name, first name, telephone number, e-mail address, your enquiry) will be stored and processed by us for the purpose of processing your request.
This data is processed on the basis of the DSG or Art. 6 para. 1 lit. b DSGVO if your enquiry is related to the fulfilment of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, processing is based on our legitimate interest in the effective processing of the enquiries addressed to us (DSG or Art. 6 para. 1 lit. f DSGVO) or on your consent (DSG or Art. 6 para. 1 lit. a DSGVO) if this has been requested; consent can be revoked at any time.
The data you send us via contact requests will remain with us until you request us to delete it, revoke your consent to store it or the purpose for storing the data no longer applies (e.g. after your request has been processed). Mandatory statutory provisions - in particular statutory retention periods - remain unaffected.
2.4 Integration of third-party services and content
Within our online offer, we use content or service offers from third party providers on the basis of our legitimate interests (i.e. interest in the analysis, optimisation and economic operation of our online offer within the meaning of the DSG or Art. 6 para. 1 lit. f. DSGVO) or on the basis of your consent (DSG or Art. 6 para. 1 lit. a DSGVO). DSGVO) or on the basis of your consent (DSG or Art. 6 para. 1 lit. a DSGVO), insofar as this has been requested, content or service offers from third-party providers in order to integrate their content and services, such as videos or map functions.
2.4.1 Adobe Fonts
This website uses web fonts from Adobe for the uniform display of certain fonts. The provider is Adobe Systems Incorporated, 345 Park Avenue, San Jose, CA 95110-2704, USA (Adobe).
When you call up this website, your browser loads the required fonts directly from Adobe in order to be able to display them correctly on your end device. In doing so, your browser establishes a connection to Adobe's servers in the USA. This enables Adobe to know that this website has been accessed via your IP address. According to Adobe, no cookies are stored when providing the fonts.
The storage and analysis of the data is based on DSG or Art. 6 Para. 1 lit. f DSGVO. The website operator has a legitimate interest in the uniform presentation of the typeface on its website. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of DSG or Art. 6 para. 1 lit. a DSGVO. The consent can be revoked at any time.
Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://www.adobe.com/de/privacy/eudatatransfers.html.
More information on Adobe Fonts can be found at: https://www.adobe.com/de/privacy/policies/adobe-fonts.html.
You can find Adobe's privacy policy at: https://www.adobe.com/de/privacy/policy.html
2.5 What personal data do we process from you when you ask us for a quote or conclude a contract with us?
If you request a quote from us and/or conclude a contract with us, we usually process the following personal data from you:
Name,
first name,
address,
e-mail address,
telephone number,
other information to answer the enquiry or fulfil the contract,
which you provide to us in the context of your enquiry and/or cooperation.
The justification for this data processing lies in the initiation and/or fulfilment of the contract (DSG or Art. 6 para. 1 lit. b DSGVO). We process this data until the purpose deriving from the legitimate interest has been fulfilled, at the longest until the end of the statutory retention period.
3. Do we use cookies or similar tracking technologies?
We use "cookies" and similar technologies on our website to identify your browser or device. A cookie is a small file that is sent to your computer or automatically stored on your computer or mobile device by the web browser you use when you visit our website. This allows us to recognise you when you return to this website, even if we do not know who you are. In addition to cookies that are only used during a session and deleted after your visit to the website ("session cookies"), cookies can also be used to store user settings and other information for a certain period of time (e.g. two years) ("permanent cookies"). However, you can set your browser to reject cookies, save them for one session only or otherwise delete them prematurely. Most browsers are preset to accept cookies. We use persistent cookies to remember user preferences (e.g. language, autologin) so that we can better understand how you use our services and content. Certain of the cookies are set by us and certain are also set by contractors we work with. If you block cookies, certain functionalities (e.g. forms, login process) may no longer work.
By using our website or after having given your consent, you agree to the use of these technologies. If you do not want this, you can set your browser accordingly and/or revoke your consent.
If cookies are used by third-party companies or for analysis purposes, we will inform you about this separately within the framework of this data protection declaration and, if necessary, request your consent.
3.1 How do we use Google Analytics?
We may use Google Analytics, a web analytics service provided by Google LLC ("Google"), on our website. Google Analytics uses "cookies", which are text files placed on your computer, to help the website analyse how users use the site. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there. In the event that IP anonymisation is activated on this website, however, your IP address will be shortened by Google beforehand. Only in exceptional cases will the full IP address be transferred to a Google server in the USA and shortened there. The service provider does not receive any personal data from us (and does not retain any IP addresses), but can track your use of the website, combine this information with data from other websites that you have visited and which are also tracked by the service provider, and use this knowledge for its own purposes (e.g. controlling advertising). If you have registered with the service provider yourself, the service provider also knows you. The service provider is then responsible for processing your personal data in accordance with its data protection regulations. The service provider only informs us how our respective website is used (no information about you personally).
The legal basis and revocation option for this data processing is your consent (DSG or Art. 6 Para. 1 lit. a DSGVO). You can revoke your consent at any time with effect for the future by calling up the cookie settings and changing your selection there. We delete the data after 14 months at the latest.
The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.
You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) by Google and the processing of this data by Google by downloading and installing the browser plug-in available at the following link: http://tools.google.com/dlpage/gaoptout?hl=de.
We use Google Analytics to analyse and regularly improve the use of our website. The statistics obtained enable us to improve our offer and make it more interesting for you as a user. Google LLC also processes your personal data in the USA and has therefore agreed to standard contractual clauses according to which the transfer to the USA is justified after a risk assessment has been carried out (DSG or Art. 46 DSGVO).
Information of the third-party provider: Google LLC (formerly known as Google Inc.),1600 Amphitheatre Parkway, Mountain View, California 94043, USA. Terms of use: http://www.google.com/analytics/terms/de.html, overview of data protection: https://policies.google.com/?hl=de as well as the privacy policy: https://policies.google.com/privacy?hl=de .
3.1.1 Google-Signal
We use Google signals. When you visit our website, Google Analytics collects, among other things, your location, search history and YouTube history, as well as demographic data (visitor data). This data can be used for personalised advertising with the help of Google signals. If you have a Google account, the visitor data from Google Signal will be linked to your Google account and used for personalised advertising messages. The data is also used to create anonymised statistics on the user behaviour of our users.
3.1.2 Google Analytics E-Commerce Measurement
This website uses the "e-commerce measurement" function of Google Analytics. With the help of e-commerce measurement, the website operator can analyse the purchasing behaviour of website visitors to improve its online marketing campaigns. This involves recording information such as orders placed, average order values, shipping costs and the time from viewing to purchasing a product. This data can be summarised by Google under a transaction ID that is assigned to the respective user or their device.
3.2 Google Ads
The website operator uses Google Ads. Google Ads is an online advertising programme of Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.
Google Ads enables us to display advertisements in the Google search engine or on third-party websites when the user enters certain search terms on Google (keyword targeting). Furthermore, targeted advertisements can be played on the basis of the user data available at Google (e.g. location data and interests) (target group targeting). As the website operator, we can evaluate this data quantitatively by analysing, for example, which search terms have led to the display of our advertisements and how many advertisements have led to corresponding clicks.
The use of this service is based on your consent in accordance with DSG or Art. 6 para. 1 lit. a DSGVO. This consent can be revoked at any time.
Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://policies.google.com/privacy/frameworks and https://privacy.google.com/businesses/controllerterms/mccs/.
3.3 Google Ads Remarketing
This website uses the functions of Google Ads Remarketing. The provider is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.
With Google Ads Remarketing, we can assign people who interact with our online offer to specific target groups in order to subsequently display interest-based advertising to them in the Google advertising network (remarketing or retargeting).
Furthermore, the advertising target groups created with Google Ads Remarketing can be linked to Google's cross-device functions. In this way, interest-based, personalised advertising messages that have been adapted to you depending on your previous usage and surfing behaviour on one end device (e.g. mobile phone) can also be displayed on another of your end devices (e.g. tablet or PC).
If you have a Google account, you can object to personalised advertising at the following link: https://www.google.com/settings/ads/onweb/.
The use of this service is based on your consent in accordance with DSG or Art. 6 para. 1 lit. a DSGVO. This consent can be revoked at any time.
Further information and the data protection provisions can be found in Google's data protection declaration at: https://policies.google.com/technologies/ads?hl=de.
3.4 Google Conversion-Tracking
This website uses Google Conversion Tracking. The provider is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.
With the help of Google conversion tracking, Google and we can recognise whether the user has performed certain actions. For example, we can evaluate which buttons on our website were clicked how often and which products were viewed or purchased particularly frequently. This information is used to create conversion statistics. We learn the total number of users who clicked on our ads and what actions they took. We do not receive any information with which we can personally identify the user. Google itself uses cookies or comparable recognition technologies for identification purposes.
The use of this service is based on your consent in accordance with DSG or Art. 6 para. 1 lit. a DSGVO. This consent can be revoked at any time.
You can find more information on Google conversion tracking in Google's privacy policy: https://policies.google.com/privacy?hl=de.
3.5 Google DoubleClick
This website uses functions of Google DoubleClick. The provider is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland, (hereinafter "DoubleClick").
DoubleClick is used to display interest-based advertisements to you throughout the Google advertising network. The ads can be targeted to the interests of the respective viewer with the help of DoubleClick. For example, our ads may be displayed in Google search results or in banner ads associated with DoubleClick.
In order to be able to display interest-based advertising to users, DoubleClick must be able to recognise the respective viewer and associate the web pages visited, clicks and other information on user behaviour with them. For this purpose, DoubleClick uses cookies or comparable recognition technologies (e.g. device fingerprinting). The information collected is combined into a pseudonymous user profile in order to display interest-based advertising to the relevant user.
The use of this service is based on your consent according to DSG or Art. 6 para. 1 lit. a DSGVO. This consent can be revoked at any time.
For further information on how to object to the advertisements displayed by Google, please refer to the following links: https://policies.google.com/technologies/ads and https://adssettings.google.com/authenticated.
3.6 Elfsight Google Reviews Widget
Functions of the Google Reviews plugin service are integrated on our pages. These functions are offered by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Our Google Reviews plugin uses Elfsight, LLC, Yerevan, Paronyana str., 19/3, 201, 0015, Armenia, as the service provider. When loading the images and the reviews, Google and Elfsight can read out or store the user's IP. If the user is logged in to his Google account at the time of the download, Google may be able to assign the user's profile. Further information on this can be found in the privacy policy of Google https://www.google.de/policies/privacy/ and Elfsight, LLC https://elfsight.com/privacy-policy/.
3.7 Google Tag Manager
We use the Google Tag Manager. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
The Google Tag Manager is a tool with the help of which we can integrate tracking or statistical tools and other technologies on our website. The Google Tag Manager itself does not create user profiles, does not store cookies and does not perform any independent analyses. It only serves to manage and play out the tools integrated via it. However, the Google Tag Manager records your IP address, which may also be transmitted to the parent company Google LLC in the USA.
The Google Tag Manager is used on the basis of legitimate interest according to DSG or Art. 6 para. 1 lit. f DSGVO. The website operator has a legitimate interest in a quick and uncomplicated integration and management of various tools on his website. If a corresponding consent has been requested, the processing is carried out on the basis of DSG or Art. 6 para. 1 lit. a DSGVO. The consent can be revoked at any time.
3.8 How do we use Google Maps?
We use the Google Maps service on our website. This allows us to show you interactive maps directly on the website and enables you to use the map function conveniently.
By visiting our website and using Google Maps via our map link, Google receives the information that you have accessed the corresponding sub-page of our website. In addition, the data mentioned below will be transmitted. This takes place regardless of whether Google provides a user account via which you are logged in or whether no user account exists. If you are logged in to Google, your data will be directly assigned to your account. If you do not wish your data to be associated with your Google profile, you must log out before activating the button. Google stores your data as usage profiles and uses them for the purposes of advertising, market research and/or the needs-based design of its website. Such an evaluation is carried out in particular (even for users who are not logged in) to provide needs-based advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles, and you must contact Google to exercise this right.
For more information on the purpose and scope of data collection and its processing by the plug-in provider, please refer to the provider's privacy policy. There you will also receive further information on your rights in this regard and setting options for protecting your privacy: https://safety.google/privacy/privacy-controls/ Google LLC also processes your personal data in the USA and has therefore agreed to standard contractual clauses according to which the transfer to the USA is justified after a risk assessment has been carried out (DSG or Art. 46 DSGVO).
The legal basis is DSG or Art. 6 para. 1 sentence 1 lit. f DSGVO, according to which the processing of personal data is possible even without the consent of the data subject if the processing is necessary to protect the legitimate interests of the controller or a third party, unless the interests or fundamental rights and freedoms of the data subject, which require the protection of personal data, prevail, in particular if the data subject is a child. Here, we invoke our interest in direct marketing in accordance with the DPA and recital 47 of the GDPR.
4. How do we use social media?
We maintain online presences within social networks and platforms in order to be able to communicate with the customers, interested parties and users active there and to inform them about our services there. When visiting the respective networks and platforms, the terms and conditions and data protection declarations of the respective operators (responsible parties) apply.
Unless otherwise stated within the scope of our data protection declaration, we process the data of the
users if they communicate with us within the social networks and platforms, e.g. write posts on our online presences or send us messages.
We may also use so-called plug-ins from social networks such as Facebook, Instagram and, where applicable, YouTube on our website. This is apparent to you in each case (typically via corresponding icons). We have configured these elements so that they are deactivated by default. If you activate them (by clicking on them), the operators of the respective social networks can register that you are on our website and where, and can use this information for their purposes. The processing of your personal data is then the responsibility of this operator according to their data protection regulations. We do not receive any information about you from them.
4.1 YouTube - Service from Google
We have integrated YouTube videos into our online offer, which are stored on http://www.YouTube.com and can be played directly from our website. These are all integrated in "extended data protection mode", i.e. according to YouTube, no data about you as a user is transmitted to YouTube if you do not play the videos. Only when you play the videos will the data mentioned in paragraph (2) be transmitted. We have no influence on this data transmission.
By visiting the website, YouTube receives the information that you have called up the corresponding sub-page of our website. In addition, the data mentioned below is transmitted. This occurs regardless of whether YouTube provides a user account via which you are logged in or whether no user account exists. If you are logged in to Google, your data will be directly assigned to your account. If you do not want your data to be associated with your YouTube profile, you must log out before activating the button. YouTube stores your data as usage profiles and uses them for the purposes of advertising, market research and/or designing their website to meet your needs. Such an evaluation is carried out in particular (even for users who are not logged in) to provide needs-based advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles, and you must contact YouTube to exercise this right.
For more information on the purpose and scope of data collection and its processing by
YouTube can be found in their data protection declaration: https://policies.google.com/privacy?hl=de. There you will also find further information on your rights and setting options to protect your privacy: https://privacy.google.com/take-control.html?categories_activeEl=sign-in. Google also processes your personal data in the USA and has therefore agreed to standard contractual clauses according to which the transfer to the USA is justified after a risk assessment has been carried out (DSG or Art. 46 DSGVO).
The legal basis is Art. 6 para. 1 sentence 1 lit. f DSGVO, according to which the processing of personal data is possible even without the consent of the data subject if the processing is necessary to protect the legitimate interests of the controller or a third party, unless the interests or fundamental rights and freedoms of the data subject which require the protection of the personal data prevail, in particular if the data subject is a child. Here, we invoke our interest in direct marketing in accordance with the DPA and recital 47 of the GDPR.
4.2 Facebook Benutzerdefinierte Zielgruppen - Analysetool von Facebook
Über unsere Website setzen wir die Remarketing-Funktion „Custom Audiences“ der Facebook Ireland Ltd. in Irland („Facebook“) ein. Dadurch können Nutzer der Website im Rahmen des Besuchs des sozialen Netzwerkes Facebook oder anderer das Verfahren ebenfalls nutzende Websites interessenbezogene Werbeanzeigen („Facebook-Ads“) dargestellt werden. Wir verfolgen damit das Interesse, Ihnen Werbung anzuzeigen, die für Sie von Interesse ist, um unsere Website für Sie interessanter zu gestalten. Aufgrund der eingesetzten Marketing-Tools wird Ihr Browser automatisch eine direkte Verbindung mit dem Server von Facebook aufbauen. Wir haben keinen Einfluss auf den Umfang und die weitere Verwendung der Daten, die durch den Einsatz dieses Tools durch Facebook erhoben werden und informieren Sie daher entsprechend unserem Kenntnisstand: Durch die Einbindung von Facebook Custom Audiences erhält Facebook die Information, dass Sie die entsprechende Website unseres Internetauftritts aufgerufen haben, oder eine Anzeige von uns angeklickt haben. Sofern Sie bei einem Dienst von Facebook registriert sind, kann Facebook den Besuch Ihrem Account zuordnen. Selbst wenn Sie nicht bei Facebook registriert sind bzw. sich nicht eingeloggt haben, besteht die Möglichkeit, dass der Anbieter Ihre IP-Adresse und weitere Identifizierungsmerkmale in Erfahrung bringt und speichert. Die
Deaktivierung der Funktion „Facebook Custom Audiences“ ist für eingeloggte Nutzer unter https://www.facebook.com/settings/?tab=ads#_ möglich. Weitere Informationen zur Datenbearbeitung durch Facebook erhalten Sie unter https://www.facebook.com/about/privacy . Meta bearbeitet Ihre Personendaten auch in den USA und hat den Standardvertragsklauseln zugestimmt, wonach die Übermittlung nach Vornahme einer Risikoabschätzung in die USA gerechtfertigt ist (DSG resp. Art. 46 DSGVO). Sie können die Einwilligung jederzeit widerrufen, dies durch formlose Mitteilung an unsere Kontaktadressen gemäss Ziff. 1.
4.3 Facebook Pixel - Analysis tool from Meta
By using Facebook Pixel, we analyse your click behaviour and your interactions with our Facebook posts. We learn from Facebook respectively Meta whether you as a user have visited our website and/or our Facebook page(s).
Processed data: Usage data, meta data; if users are registered with Facebook, the data is linked to their Facebook profiles and data belonging to them (in particular inventory data).
Type, scope, mode of processing: permanent cookies, third-party cookies, tracking, conversion measurement, interest-based marketing, profiling, cross-device tracking, custom audiences via websites.
This will allow us to target you directly as a Facebook user in the future and send you information that is tailored to your needs. With this information, we can measure our marketing strategies and optimise them accordingly. By default, the Facebook Pixel is not used in advanced data matching mode. For information on how your data is used when using the Facebook Pixel, please refer to the privacy policy of Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Irlnd at https://www.facebook.com/privacy . You can read about the specific data collected via the Facebook Pixel here: https://www.facebook.com/business/gdpr. Meta also processes your personal data in the USA and has agreed to the standard contractual clauses, according to which the transfer to the USA is justified after a risk assessment has been carried out (DSG or Art. 46 DSGVO).
The legal basis and revocation option for this data processing is your consent (DSG or Art.6 para.1 sentence 1 lit. a DSGVO). We delete the data after 14 months at the latest.
To prevent the collection of your data by means of the Facebook pixel, you can use the following
JavaScript code below or here: https://www.facebook.com/settings?tab=ads, http://www.youronlinechoices.com/uk/your-ad-choices/.
<script>
if (document.cookie.indexOf(fpdisableStr + '=true') > -1) {
document.write('<div class="text-center" style="margin-top:24px"><a onclick="activatePixelMDE()">Pixel aktivieren</a></div>');
}else {
document.write('<div class="text-center" style="margin-top:24px;margin-bottom:96px"><a on-click="fpOptout()">Pixel deaktivieren</a></div>');
}
</script>
5. Own services
5.1 How do we process your data when you apply?
We offer you the opportunity to apply to us (e.g. by e-mail, by post or via online application form). In the following, we inform you about the scope, purpose and use of your personal data collected as part of the application process. We assure you that the collection, processing and use of your data will be carried out in accordance with the applicable data protection laws and all other legal provisions and that your data will be treated in strict confidence.
If you send us an application, we process your associated personal data (e.g. contact and communication data, application documents, notes taken during interviews, etc.) insofar as this is necessary to decide on the establishment of an employment contract. The legal basis for this is Art. 328b OR (initiation and execution of an employment contract), DSG or Art. 6 para. 1 lit. b DSGVO (general contract initiation) and - if you have given your consent - DSG or Art. 6 para. 1 lit. a DSGVO. The consent can be revoked at any time. Your personal data will only be passed on within our company to persons who are involved in processing your application.
If the application is successful, the data you submitted will be stored in our data processing systems on the basis of Art. 328b OR for the purpose of implementing the employment contract.
If we are unable to make you a job offer, if you reject a job offer or withdraw your application, we reserve the right to retain the data you have submitted for up to 6 months from the end of the application process (rejection or withdrawal of the application) on the basis of our legitimate interests (DSG or Art. 6 para. 1 lit. f DSGVO). The data will then be deleted and the physical application documents destroyed. This storage serves in particular as evidence in the event of a legal dispute. If it is evident that the data will be required after the 6-month period has expired (e.g. due to an impending or pending legal dispute), the data will only be deleted when the purpose for further storage no longer applies.
Longer storage may also take place if you have given your consent (DSG, Art. 6 para. 1 lit. a DSGVO) or if legal storage obligations prevent deletion.
6. Purposes of data processing and legal basis
We use the personal data we collect primarily to conclude and process our contracts with our customers and business partners (DSG or Art. 6 para. 1 lit. b DSGVO), so in particular to carry out the cremation of pets and horses with our customers and as part of the purchase of products and services from our suppliers and subcontractors, as well as to comply with our legal obligations at home and abroad. If you work for such a customer or business partner, your personal data may of course also be affected in this capacity.
In addition, we process personal data of you and other persons, to the extent permitted and deemed appropriate, also for the following purposes, in which we (and sometimes third parties) have a legitimate interest corresponding to the purpose:
Offering and further developing our offers, services, operating our website and other platforms on which we are present;
Communicating with third parties and processing their enquiries (e.g. applications, media enquiries);
Testing and optimisation of procedures for needs analysis for the purpose of direct customer contact as well as collection of personal data from publicly accessible sources for the purpose of customer acquisition;
Advertising and marketing (including the organisation of events), provided you have not objected to the use of your data (if we send you advertising as an existing customer, you can object to this at any time. We will then put you on a blocking list against further advertising mailings);
Assertion of legal claims and representation in connection with legal disputes and official proceedings;
Prevention and investigation of criminal offences and other misconduct (e.g. conducting internal investigations, data analysis to combat fraud);
Guaranteeing our operations, especially IT;
Purchase and sale of business units, companies or parts of companies and other transactions under company law and the associated transfer of personal data as well as measures for business management and insofar as necessary to comply with legal and regulatory obligations as well as internal regulations of Tierkrematorium ROSENGARTEN AG.
Insofar as you have given us consent to process your personal data for certain purposes (for example, when you register to receive newsletters), we process your personal data within the scope of and based on this consent, insofar as we have no other legal basis and we require such a basis. Consent given can be revoked at any time, but this has no effect on data processing that has already taken place.
7. If we carry out profiling (DSG or Art. 13 No. 2 lit. f DSGVO)
We process your personal data partly automatically with the aim of evaluating certain personal aspects (profiling). We use profiling in particular to be able to inform and advise you about products in a targeted manner. In doing so, we use evaluation tools that enable us to provide needs-based communication and advertising, including market and opinion research.
If profiling involves a high risk to the personality or fundamental rights of the data subject, we obtain your consent in advance for the use of these evaluation programmes (DSG or Art. 6 para. 1 lit. a DSGVO).
8. Who do we share the data with and is it transferred abroad?
Your personal data will be treated as strictly confidential and will not be sold to third parties.
Within the scope of our business activities and the purposes set out in section 5, we also disclose data to third parties or contract processors, insofar as this is permitted and appears to us to be appropriate, either because they process it for us in particular to fulfil our contracts, or because they want to use it for their own purposes (DSG or Art. 13 No. 1 lit. e DSGVO). This concerns the following bodies in particular:
- Service providers of ours (external partners such as tax advisors, auditors, banks, insurance companies), including order processors (such as IT providers);
- Dealers, suppliers, subcontractors and other business partners - does not apply to data subjects as customers;
- domestic and foreign authorities, official agencies or courts (in case of legal obligation);
- social media: only possible when the data subjects themselves participate on platforms of the corresponding social media* and indirectly to social media when clicking on the plug-ins;
- other parties in possible or actual legal proceedings (in case of statutory duty);
- Acquirers or parties interested in acquiring business units or the company of Tierkrematorium ROSENGARTEN AG;
all recipients together.
These recipients are partly in Switzerland and partly abroad. Your data may be transferred to the following countries outside Switzerland where our contractual partners are located, where we are represented or to foreign authorities or companies in exceptional cases (in the event of a legal obligation):
Contracting party, authority or company | Country | Adequate data protection,guarantee or exception according to DSG |
ROSENGARTEN GmbH | Germany | Adequate data protection |
Microsoft Enterprise Service | USA | Standard contractual clauses |
Google Ireland Limited | Irland (Datentransfer: USA) | Standard contractual clauses |
Meta Platforms Ireland Limited (inkl. Facebook Ireland Ltd. und Instagram)* | Ireland (data transfer: USA) | Standard contractual clauses |
Hetzner Online GmbH | Germany | Adequate data protection |
Amazon Web Services, Inc. | USA | Standard contractual clauses |
Adobe Systems Incorporated | USA | Standard contractual clauses |
If we transfer data to a country without adequate legal data protection, we ensure, as required by law, after a risk analysis and by using appropriate contracts (namely on the basis of the so-called standard contractual clauses of the European Commission, which can be found at
https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?uri=CELEX:32021D0914&locale=de
https://eur-lex.europa.eu/legal-content/DE/TXT/?uri=CELEX%3A32021D0915&locale-en=
are available or the model contracts of the Federal Data Protection and Information Commissioner at https://www.edoeb.admin.ch/edoeb/de/home/datenschutz/handel-und-wirtschaft/unternehmen/anmeldung-einer-datensammlung/mustervertrag-fuer-das-outsourcing-von-datenbearbeitungen-ins-au.html ) or so-called Binding Corporate Rules for an adequate level of protection or rely on the legal exceptions of consent, the execution of contracts, the establishment, exercise or enforcement of legal claims, overriding public interests, published personal data or because it is necessary to protect the integrity of the data subjects (cf. DSG or Art. 13 No. 1 lit. f DSGVO). You can obtain a copy of the aforementioned contractual guarantees at any time from the contact person named in point 1, unless already stated above. However, we reserve the right to black out copies for reasons of data protection law or confidentiality or to supply only excerpts.
9. How long do we keep personal data? (DSG or Art. 13 No. 2 lit. a DSGVO)
We process and store your personal data for as long as it is necessary for the fulfilment of our contractual and legal obligations or otherwise for the purposes pursued with the processing, i.e. for example for the duration of the entire business relationship (from the initiation, processing to the termination of a contract) as well as beyond that in accordance with the statutory retention and documentation obligations (in principle 10 years for business books, accounting vouchers and VAT-relevant vouchers in accordance with Art. 958f OR, for certain documents 20 years or longer). In this context, it is possible that personal data will be retained for the time during which claims can be asserted against our company and insofar as we are otherwise legally obliged to do so or legitimate business interests require this (e.g. for evidence and documentation purposes). As soon as your personal data is no longer required for the above-mentioned purposes, it will be deleted or anonymised as a matter of principle and as far as possible. For operational data (e.g. system logs, logs), shorter retention periods of twelve months or less generally apply.
10. Do we guarantee sufficient data security?
We take appropriate technical and organisational security measures to protect your personal data from unauthorised access and misuse, such as IT and network security solutions, access controls and restrictions, encryption of data carriers and transmissions, and controls.
We always strive to ensure that no data breaches occur. However, should a data breach occur, we will ensure that we identify such a data breach at an early stage and, if necessary, report it immediately to you or to the competent supervisory authority (for Switzerland: Federal Data Protection and Information Commissioner), including the respective categories of data affected.
11. If there is an obligation to provide personal data (DSG or Art. 13 No. 2 lit. e DSGVO)
In the context of our business relationship, you must provide such personal data as is necessary for the establishment and performance of a business relationship and the fulfilment of the associated contractual obligations (you do not generally have a legal obligation to provide us with data). Without this data, we will generally not be able to enter into or perform a contract with you (or the entity or person you represent). Also, the website cannot be used if certain information to secure traffic (such as IP address) is not disclosed.
12. What rights do you have as a data subject?
Within the framework of the data protection law applicable to you and insofar as provided therein, you have the right to information, correction, deletion, the right to restrict data processing and otherwise to object to our data processing as well as to the surrender of certain personal data for the purpose of transfer to another body (so-called data portability):
For persons domiciled or resident in Switzerland: Federal Data Protection Act;
For persons domiciled or resident in the EU/EFTA: Art. 13 No. 2 lit. b DSGVO.
Please note, however, that we reserve the right to assert the restrictions provided for by law on our part, for example if we are obliged to retain or process certain data, have an overriding interest in doing so (insofar as we are entitled to invoke this) or require it for the assertion of claims. If you incur costs, we will inform you in advance. We have already informed you about the possibility of revoking your consent in section 3. Please note that exercising these rights may conflict with contractual agreements and may have consequences such as premature termination of the contract or costs. We will inform you in advance if this is not already contractually regulated.
If you wish to invoke your rights, we ask you to make your requests in such a way that we can clearly prove your identity (communication of your personal data and enclosure of a copy of your identity card or by means of alternatives that clearly identify you).
In addition, every data subject has the right to enforce his or her claims in court or to lodge a complaint with the competent data protection authority (FADP or Art. 13 No. 2 lit. d GDPR). The competent data protection authority in Switzerland is the Federal Data Protection and Information Commissioner (http://www.edoeb.admin.ch).
13. Changes
We may amend this privacy policy at any time without prior notice. The current version published on our website will apply. Insofar as the data protection declaration is part of an agreement with you, we will inform you of the change by e-mail or other suitable means in the event of an update.
14. Entry into force
This privacy policy comes into force on 28 July 2022.
Küssnacht am Rigi, 28 July 2022