Privacy policy
With this data protection declaration we inform you which personal data we process in connection with our https://trefinanz.ch-Website and our other services. In particular, we provide information on what personal data we process, for what purpose, how and where. This data protection statement also informs you about the rights of persons whose data we process. For individual or additional offers and services, further data protection declarations as well as other legal documents such as general terms and conditions (GTC), terms of use or conditions of participation may apply.
1. contact addresses
Responsibility for the processing of personal data:
Trefinanz AG
Hinterbergstrasse 26
6312 Steinhausen
info@trefinanz.ch
We point out if there are other persons responsible for the processing of personal data in individual cases.
2 Processing of personal data 2.1 Definitions
Personal data is any information relating to an identified or identifiable person. A data subject is a person about whom personal data is processed. Processing includes any handling of personal data, regardless of the means and procedures used, in particular the storage, disclosure, acquisition, collection, deletion, storage, modification, destruction and use of personal data.
2.2 Legal basis
We process personal data in accordance with Swiss data protection law, in particular the Federal Data Protection Act (FADP) and the Ordinance to the Federal Data Protection Act (FDPA).
2.3 Type, scope and purpose
We process the personal data required to provide our services in a permanent, user-friendly, secure and reliable manner. Such personal data may in particular fall into the categories of inventory and contact data, browser and device data, content data, meta or marginal data and usage data, location data, sales, contract and payment data. We process personal data for the period of time necessary for the relevant purpose(s) or as required by law. Personal data whose processing is no longer required is anonymised or deleted. Persons whose data we process generally have the right to have their data deleted. In principle, we only process personal data with the consent of the data subject, unless the processing is permitted for other legal reasons, for example to fulfil a contract with the data subject and for corresponding pre-contractual measures, to protect our overriding legitimate interests, because the processing is evident from the circumstances or after prior information. In this context, we process in particular information that a data subject provides to us voluntarily and of his or her own accord when contacting us - for example, by letter, email, contact form, social media or telephone - or when registering for a user account. We may store such information, for example, in an address book or with comparable tools. If you transmit personal data to us via third parties, you are obliged to guarantee data protection vis-à-vis such third parties and to ensure the accuracy of such personal data. We also process personal data that we receive from third parties, obtain from publicly accessible sources or collect in the course of providing our services, if and to the extent that such processing is permitted for legal reasons.
2.4 Processing of personal data by third parties, including abroad
We may have personal data processed by commissioned third parties or process it jointly with third parties or with the help of third parties or transmit it to third parties. Such third parties are in particular providers whose services we use. We also ensure appropriate data protection for such third parties. Such third parties are generally located in Switzerland and the European Economic Area (EEA). However, such third parties may also be located in other states and territories on earth as well as elsewhere in the universe, provided that their data protection law guarantees adequate data protection in the opinion of the Federal Data Protection and Information Commissioner (FDPIC), or if adequate data protection is guaranteed for other reasons, such as through a corresponding contractual agreement, in particular on the basis of standard contractual clauses, or through a corresponding certification. Exceptionally, such a third party may be located in a country without adequate data protection, provided that the requirements under data protection law, such as the express consent of the data subject, are met.
3. Rights of data subjects
Affected persons whose personal data we process have the rights under Swiss data protection law. This includes the right to information as well as the right to correction, deletion or blocking of the processed personal data. Affected persons whose personal data we process have a right of appeal to a competent supervisory authority. The supervisory authority for data protection in Switzerland is the Federal Data Protection and Information Commissioner (FDPIC).
4. Data Security
We take appropriate and appropriate technical and organizational measures to ensure data protection and, in particular, data security. However, despite such measures, the processing of personal data on the Internet can always have security gaps. We can therefore not guarantee absolute data security. Our online offer is accessed using transport encryption (SSL / TLS, in particular with the Hypertext Transfer Protocol Secure, abbreviated as HTTPS). Most browsers mark transport encryption with a padlock in the address bar. Access to our online offer is subject - as is basically all Internet use - to mass surveillance without cause and suspicion, as well as other surveillance by security authorities in Switzerland, the European Union (EU), the United States of America (USA) and others states. We have no direct influence on the corresponding processing of personal data by secret services, police stations and other security authorities.
5. Use of the Website 5.1 Cookies
We may use cookies. Cookies – our own cookies (first-party cookies) as well as cookies from third parties whose services we use (third-party cookies) – are data that are stored in your browser. Such stored data need not be limited to traditional text-form cookies. Cookies cannot run programs or transmit malware such as Trojans and viruses. When you visit your browser, cookies can be stored temporarily as "session cookies" or for a certain period of time as so-called permanent cookies. "Session cookies" are automatically deleted when you close your browser. Permanent cookies have a certain storage period. In particular, cookies make it possible to recognize your browser the next time you visit our website and thus, for example, to measure the reach of our website. However, permanent cookies can also be used for online marketing, for example. You can completely or partially deactivate or delete cookies in your browser settings at any time. Without cookies, our website may no longer be fully available. If and to the extent necessary, we actively ask for your express consent to the use of cookies. In the case of cookies used to measure success and reach or for advertising, a general objection ("opt-out") via AdChoices (Digital Advertising Alliance of Canada), the Network Advertising Initiative (NAI), YourAdChoices is required for numerous services (Digital Advertising Alliance) or Your Online Choices (European Interactive Digital Advertising Alliance, EDAA).
5.2 Server Log Files
We can record the following information for each access to our website, provided that this is transmitted from your browser to our server infrastructure or can be determined by our web server: Date and time including time zone, Internet Protocol (IP) address, access status (HTTP status code), operating system including user interface and version, browser including language and version, individual sub-pages of our website called up including amount of data transferred, website last called up in the same browser window (referrer). We store such information, which may also represent personal data, in server log files. The information is required in order to provide our online offer in a permanent, user-friendly and reliable manner and to be able to ensure data security and thus in particular the protection of personal data - also by third parties or with the help of third parties.
5.3 Tracking Pixels
We may use web beacons on our website. Tracking pixels are also known as web beacons. Tracking pixels - also from third parties whose services we use - are small, usually invisible images that are automatically retrieved when you visit our website. The same information can be recorded with tracking pixels as in server log files.
6. Third Party Services
We use third-party services in order to be able to provide our offer permanently, user-friendly, securely and reliably. Such services may also be used to embed content on our website. Such services - for example hosting and storage services, video services and payment services - require your Internet Protocol (IP) address, otherwise such services cannot transmit the corresponding content. For their own security-relevant, statistical and technical purposes, third parties whose services we use can also process data in connection with our offer and from other sources - including cookies, log files and tracking pixels - in an aggregated, anonymous or pseudonymised form. In particular, we use: Google services: Providers: Google LLC (USA) / Google Ireland Limited (Ireland) for users in the European Economic Area (EEA) and Switzerland; General information on data protection: "Principles of data protection and security", "Privacy policy", "Google is committed to complying with applicable data protection laws", "Guide to data protection in Google products", "How we use data from websites or apps on or in which our services are used" (information from Google), "How Google uses cookies", "Personalized advertising" (activation / deactivation / settings).
6.1 Digital Infrastructure
We use third-party services in order to be able to use the digital infrastructure required for our offer. These include, for example, hosting and storage services from specialized providers.
6.2 Audio and Video Conferencing
We use audio and video conferencing services to communicate online. For example, we can use it to hold virtual meetings or online classes and webinars. In addition to this data protection declaration, any applicable conditions of the services used, such as terms of use or data protection declarations, also apply. Depending on the life situation in which you are taking part in an audio or video conference, we recommend that you mute the microphone by default and blur the background or display a virtual background. In particular, we use: Zoom: video conferencing; Provider: Zoom Video Communications Inc. (USA); Information on data protection: Data protection declaration, "Data protection at Zoom", "Legal Compliance Center".
6.3 Map Material
We use third party services to embed maps on our website. In particular, we use: Google Maps including Google Maps Platform: map service; Google Maps-specific data protection information: "How Google uses location information".
6.4 Audio Visual Media
We use third party services to enable the direct playback of audiovisual media such as music or videos on our website. In particular, we use: YouTube: videos; Provider: Google (including in the USA); YouTube-specific data protection information: “Privacy and Security Center”, “My data on YouTube”.
6.5 Fonts
We use third party services to embed selected fonts, icons, logos and symbols on our website. In particular, we use: Google Fonts: Fonts; Google Fonts-specific data protection information: "What does using the Google Fonts API mean for the privacy of my users?" ("What does using the Google Fonts API mean for the privacy of my users?").
7. Success and range measurement
We use services and programs to determine how our online offering is used. In this context, we can, for example, measure the success and reach of our online offer as well as the effect of third-party links on our website. However, we can also try out and compare how different versions of our online offering or parts of our online offering are used ("A/B test" method). Based on the results of the success and range measurement, we can in particular correct errors, strengthen content that is particularly popular or make improvements to our online offering. When using services and programs to measure success and reach, the Internet Protocol (IP) addresses of individual users must be saved. IP addresses are generally shortened in order to follow the principle of data economy through the corresponding pseudonymization and to improve the data protection of visitors to our website ("IP masking"). When using services and programs for success and range measurement, cookies can be used and user profiles can be created. User profiles include, for example, the pages visited or content viewed on our website, information on the size of the screen or browser window and the – at least approximate – location. In principle, user profiles are only created pseudonymised. We do not use user profiles to identify individual visitors to our website. Individual services for which you are registered as a user can, if necessary, assign the use of our online offer to your profile in the respective service, although you usually have to give your consent to this assignment in advance. In particular, we use: Google Analytics: success and range measurement; Google Analytics-specific information on data protection: measurement also across different browsers and devices (cross-device tracking) and with pseudonymised Internet Protocol (IP) addresses, which are only transmitted in full to Google in the USA in exceptional cases, "Privacy Policy", " Browser add-on to deactivate Google Analytics».
8. Final Provisions
We have created this data protection declaration with the data protection generator from data protection partner.
We can adapt and supplement this data protection declaration at any time. We will inform you about such adjustments and additions in a suitable form, in particular by publishing the current data protection declaration on our website.