Privacy Policy
With this privacy policy, we provide information about the processing of personal data in connection with our activities and operations, including our website under the domain name
For individual or additional activities and operations, we may publish further privacy policies or other information on data protection.
We are subject to Swiss law and, where applicable, foreign law, such as in particular that of the European Union (EU) with the European General Data Protection Regulation (GDPR).
The European Commission recognized by decision of July 26, 2000, that Swiss data protection law ensures adequate data protection. By report of January 15, 2024, the European Commission confirmed this adequacy decision.
Table of Contents
- 1. Contact Addresses
- 2. Terminology and Legal Basis
- 3. Nature, Scope, and Purpose of the Processing of Personal Data
- 4. Disclosure of Personal Data
- 5. Communication
- 6. Data Security
- 7. Personal Data Abroad
- 8. Rights of Data Subjects
- 9. Use of the Website
- 10. Social Media
- 11. Third-Party Services
- 12. Website Extensions
- 13. Performance and Reach Measurement
- 14. Final Provisions Regarding the Privacy Policy
1. Contact Addresses
The responsible party within the meaning of data protection law is:
SIGN
SIGN
c/o Amberg Infra 7D AG
Trockenloostrasse 21
8105 Regensdorf-Watt
Switzerland
In individual cases, third parties may be responsible for the processing of personal data, or there may be joint responsibility with third parties. We are happy to provide data subjects with information about the respective responsibility upon request.
2. Terminology and Legal Basis
2.1 Terminology
Data subject: Natural person about whom we process personal data.
Personal data: Any information relating to an identified or identifiable natural person.
Sensitive personal data: Data concerning trade union, political, religious, or philosophical views and activities; data concerning health, the intimate sphere, or affiliation with an ethnic group or race; genetic data; biometric data that uniquely identifies a natural person; data concerning criminal and administrative sanctions or prosecutions; and data concerning social assistance measures.
Processing: Any handling of personal data, regardless of the means and procedures used, such as querying, matching, adapting, archiving, storing, reading, disclosing, obtaining, recording, collecting, deleting, revealing, sorting, organizing, saving, modifying, distributing, linking, destroying, and using personal data.
European Economic Area (EEA): Member states of the European Union (EU) as well as the Principality of Liechtenstein, Iceland, and Norway.
2.2 Legal Basis
We process personal data in accordance with Swiss law, in particular the Federal Act on Data Protection (Data Protection Act, FADP) and the Ordinance on Data Protection (Data Protection Ordinance, DPO).
We process personal data-if and to the extent that the European General Data Protection Regulation (GDPR) is applicable-in accordance with at least one of the following legal bases:
- Art. 6 para. 1 lit. b GDPR for the necessary processing of personal data to fulfill a contract with the data subject and to carry out pre-contractual measures.
- Art. 6 para. 1 lit. f GDPR for the necessary processing of personal data to protect legitimate interests-including the legitimate interests of third parties-unless the fundamental freedoms and rights as well as the interests of the data subject prevail. Such interests include, in particular, the permanent, humane, secure, and reliable exercise of our activities and operations, ensuring information security, protection against misuse, enforcement of our own legal claims, and compliance with Swiss law.
- Art. 6 para. 1 lit. c GDPR for the necessary processing of personal data to fulfill a legal obligation to which we are subject under any applicable law of member states in the European Economic Area (EEA).
- Art. 6 para. 1 lit. e GDPR for the necessary processing of personal data to perform a task that is in the public interest.
- Art. 6 para. 1 lit. a GDPR for the processing of personal data with the consent of the data subject.
- Art. 6 para. 1 lit. d GDPR for the necessary processing of personal data to protect the vital interests of the data subject or another natural person.
- Art. 9 para. 2 et seq. GDPR for the processing of special categories of personal data, in particular with the consent of the data subjects.
The European General Data Protection Regulation (GDPR) refers to the processing of personal data as the processing of personal data and the processing of sensitive personal data as the processing of special categories of personal data (Art. 9 GDPR).
3. Nature, Scope, and Purpose of the Processing of Personal Data
We process the personal data that is necessary to carry out our activities and operations permanently, humanely, securely, and reliably. The processed personal data may fall into the categories of browser and device data, content data, communication data, metadata, usage data, master data including inventory and contact data, location data, transaction data, contract data, and payment data. Furthermore, the personal data may constitute sensitive personal data.
We also process personal data that we receive from third parties, obtain from publicly accessible sources, or collect in the course of our activities and operations, provided that such processing is permissible.
We process personal data, where necessary, with the consent of the data subjects. In many cases, we can process personal data without consent, for example, to fulfill legal obligations or to protect overriding interests. We may also request consent from data subjects even if their consent is not required.
We process personal data for the duration required for the respective purpose. We anonymize or delete personal data, in particular depending on statutory retention and limitation periods.
4. Disclosure of Personal Data
We may disclose personal data to third parties, have it processed by third parties, or process it jointly with third parties. Such third parties may, for example, be specialized providers whose services we use.
In the context of our activities and operations, we may disclose personal data in particular to banks and other financial service providers, authorities, educational and research institutions, consultants and lawyers, interest groups, IT service providers, cooperation partners, credit and economic information agencies, logistics and shipping companies, marketing and advertising agencies, media, parent, sister, and subsidiary companies, organizations and associations, social institutions, telecommunications companies, insurance companies, and payment service providers.
5. Communication
We process personal data to communicate with individuals as well as with authorities, organizations, and companies. In doing so, we process in particular data that a data subject transmits to us when contacting us, for example by post or email. We may store such data in an address book or with comparable tools.
Third parties who transmit data to us about other persons are obliged to ensure the data protection of these data subjects independently. In particular, they must ensure that such data is correct and may be transmitted.
6. Data Security
We take appropriate technical and organizational measures to ensure data security appropriate to the respective risk. With our measures, we ensure in particular the confidentiality, availability, traceability, and integrity of the processed personal data, without being able to guarantee absolute data security.
Access to our website and our other digital presence is via transport encryption (SSL / TLS, in particular with the Hypertext Transfer Protocol Secure, abbreviated HTTPS). Most browsers warn against visiting a website without transport encryption.
Our digital communication is subject-as is fundamentally any digital communication-to mass surveillance without cause or suspicion by security authorities in Switzerland, the rest of Europe, the United States of America (USA), and other countries. We cannot exert any direct influence on the corresponding processing of personal data by intelligence services, police departments, and other security authorities. We also cannot rule out that a data subject is specifically monitored.
7. Personal Data Abroad
We fundamentally process personal data in Switzerland and the European Economic Area (EEA). However, we may also export or transmit personal data to other states, in particular to process it there or have it processed there.
We may export personal data to all states on Earth and elsewhere in the universe, provided that the law there ensures adequate data protection according to the decision of the Swiss Federal Council and-if and to the extent that the General Data Protection Regulation (GDPR) is applicable-also according to the decision of the European Commission.
We may transmit personal data to states whose law does not ensure adequate data protection, provided that data protection is guaranteed for other reasons, in particular on the basis of standard data protection clauses or with other appropriate guarantees. Exceptionally, we may export personal data to states without adequate or appropriate data protection if the special data protection requirements are met, for example the express consent of the data subjects or a direct connection with the conclusion or execution of a contract. We are happy to provide data subjects with information about any guarantees upon request or provide a copy of any guarantees.
8. Rights of Data Subjects
8.1 Data Protection Claims
We grant data subjects all claims in accordance with applicable law. Data subjects have the following rights in particular:
- Information: Data subjects can request information as to whether we process personal data about them and, if so, what personal data it is. Data subjects also receive the information necessary to assert their data protection claims and ensure transparency. This includes the processed personal data as such, but also, among other things, information on the purpose of processing, the duration of storage, any disclosure or export of data to other states, and the origin of the personal data.
- Correction and Restriction: Data subjects can have incorrect personal data corrected, incomplete data completed, and the processing of their data restricted.
- Opportunity for Own Viewpoint and Human Review: Data subjects can present their own viewpoint and request a review by a human being for decisions based exclusively on automated processing of personal data that have legal consequences for them or significantly affect them (automated individual decisions).
- Deletion and Objection: Data subjects can have personal data deleted (“right to be forgotten”) and object to the processing of their data with effect for the future.
- Data Release and Data Transfer: Data subjects can request the release of personal data or the transfer of their data to another responsible party.
We may postpone, restrict, or refuse the exercise of the rights of data subjects within the legally permissible framework. We can point out to data subjects any requirements that may need to be met for the exercise of their data protection claims. For example, we may refuse information in whole or in part with reference to confidentiality obligations, overriding interests, or the protection of other persons. We may also, for example, refuse the deletion of personal data in whole or in part, in particular with reference to statutory retention obligations.
We may exceptionally provide for costs for the exercise of rights. We inform data subjects in advance of any costs.
We are obliged to identify data subjects who request information or assert other rights using appropriate measures. Data subjects are obliged to cooperate.
8.2 Legal Protection
Data subjects have the right to enforce their data protection claims through legal action or to file a report or complaint with a data protection supervisory authority.
The data protection supervisory authority for private responsible parties and federal bodies in Switzerland is the Federal Data Protection and Information Commissioner (FDPIC).
European data protection supervisory authorities are organized as members of the European Data Protection Board (EDPB). In some member states in the European Economic Area (EEA), the data protection supervisory authorities have a federal structure, particularly in Germany.
9. Use of the Website
9.1 Cookies
We may use cookies. Cookies-both our own cookies (first-party cookies) and cookies from third parties whose services we use (third-party cookies)-are data stored in the browser. Such stored data need not be limited to traditional cookies in text form.
Cookies can be stored in the browser temporarily as “session cookies” or for a certain period as so-called permanent cookies. “Session cookies” are automatically deleted when the browser is closed. Permanent cookies have a specific storage duration. Cookies enable, in particular, the recognition of a browser the next time our website is visited, thereby allowing us, for example, to measure the reach of our website. However, permanent cookies can also be used for online marketing, for example.
Cookies can be completely or partially deactivated, restricted, or deleted in the browser settings at any time. Browser settings often also allow for automated deletion and other management of cookies. Without cookies, our website may no longer be available in its full scope. We actively request-at least if and to the extent required by applicable law-express consent for the use of cookies.
For cookies used for performance and reach measurement or for advertising, a general objection (“opt-out”) is possible for numerous services via AdChoices (Digital Advertising Alliance of Canada), the Network Advertising Initiative (NAI), YourAdChoices (Digital Advertising Alliance), or Your Online Choices (European Interactive Digital Advertising Alliance, EDAA).
9.2 Logging
For every access to our website and our other digital presence, we may log at least the following information, provided that it is determined or transmitted to our digital infrastructure as standard during such access: date and time including time zone, IP address, access status (HTTP status code), operating system including user interface and version, browser including language and version, individual subpage of our website accessed including the amount of data transferred, web page last accessed in the same browser window (referer or referrer).
We log such information, which may also constitute personal data, in log files. The information is necessary to provide our digital presence permanently, humanely, and reliably. The information is also necessary to ensure data security-also by third parties or with the help of third parties.
9.3 Tracking Pixels
We may integrate tracking pixels into our digital presence. Tracking pixels are also known as web beacons. Tracking pixels-including those from third parties whose services we use-are usually small, invisible images or scripts formulated in JavaScript that are automatically retrieved when accessing our digital presence. Tracking pixels can record at least the same information as logging in log files.
10. Social Media
We are present on social media platforms and other online platforms to communicate with interested persons and to provide information about our activities and operations. In connection with such platforms, personal data may also be processed outside Switzerland and the European Economic Area (EEA).
The general terms and conditions (GTC) and terms of use as well as privacy policies and other provisions of the individual operators of such platforms also apply in each case. These provisions provide information in particular about the rights of data subjects directly against the respective platform, which includes, for example, the right to information.
11. Third-Party Services
We use services from specialized third parties to carry out our activities and operations permanently, humanely, securely, and reliably. With such services, we can, among other things, embed functions and content into our website. In the case of such embedding, the services used record the IP addresses of users at least temporarily for technically compelling reasons.
For necessary security-related, statistical, and technical purposes, third parties whose services we use may process data in connection with our activities and operations in aggregated, anonymized, or pseudonymized form. This is, for example, performance or usage data to be able to offer the respective service.
We use in particular:
- Google Services: Providers: Google LLC (USA) / Google Ireland Limited (Ireland) partially for users in the European Economic Area (EEA) and Switzerland; General information on data protection: “Privacy & Security”, Privacy Policy, “More information on how Google uses personal data”, “Google is committed to complying with applicable data protection laws”, “Privacy guide in Google products”, “How we use data from websites or apps that use our services”, Cookie Policy, “Ads you can control” (settings for personalized advertising).
11.1 Digital Infrastructure
We use services from specialized third parties to utilize the required digital infrastructure in connection with our activities and operations. This includes, for example, hosting and storage services from selected providers.
We use in particular:
- Hostpoint: Hosting; Provider: Hostpoint AG (Switzerland); Information on data protection: Privacy Policy.
11.2 Digital Content
We use services from specialized third parties to embed digital content into our website. Digital content includes, in particular, image and video material, music, and podcasts.
We use in particular:
- YouTube: Video platform; Provider: Google; YouTube-specific information: “Privacy and Safety Center”, “Your data on YouTube”.
11.3 Fonts
We use third-party services to embed selected fonts as well as icons, logos, and symbols into our website.
We use in particular:
- Google Fonts: Fonts; Provider: Google; Google Fonts-specific information: “Your Privacy and Google Fonts”, “Privacy and Data Collection” (Google Fonts).
12. Website Extensions
We use extensions for our website to utilize additional functions. We may use selected services from suitable providers or use such extensions on our own digital infrastructure.
We use in particular:
- Google reCAPTCHA: Bot protection (distinguishing between desired human activities and undesired bot activities); Provider: Google; Google reCAPTCHA-specific information: “What is reCAPTCHA?”.
13. Performance and Reach Measurement
We attempt to measure the success and reach of our activities and operations. In this context, we can also measure the effect of third-party notices or check how different parts or versions of our digital presence are used (“A/B test” method). Based on the results of the performance and reach measurement, we can in particular fix errors, strengthen popular content, or make improvements.
For performance and reach measurement, the IP addresses of individual users are recorded in most cases. In this case, IP addresses are fundamentally shortened (“IP masking”) in order to follow the principle of data economy through the corresponding pseudonymization.
Cookies may be used and user profiles created for performance and reach measurement. Any user profiles created include, for example, the individual pages visited or content viewed on our digital presence, information on the size of the screen or browser window, and the-at least approximate-location. Fundamentally, any user profiles are created exclusively in pseudonymized form and are not used to identify individual users. Individual third-party services where users are logged in may be able to assign the use of our online offer to the user account or user profile at the respective service.
We use in particular:
- Google Marketing Platform: Performance and reach measurement, in particular with Google Analytics; Provider: Google; Google Marketing Platform-specific information: Measurement also across different browsers and devices (cross-device tracking) with pseudonymized IP addresses, which are only exceptionally transmitted in full to Google in the USA, Privacy Policy for Google Analytics, “Browser add-on to deactivate Google Analytics”.
14. Final Provisions Regarding the Privacy Policy
We have created this privacy policy with the Privacy Policy Generator from Datenschutzpartner .
We may update this privacy policy at any time. We will provide information about updates in an appropriate form, in particular by publishing the current privacy policy on our website.
