Privacy policy
The responsible body within the meaning of the data protection laws, in particular the EU General Data Protection Regulation (DSGVO), is:
andfrank ag
Nico Strässle
Walzmühlestrasse 49a
8500 Frauenfeld
Telephone: +41 (0)56 648 28 00
echokurs@swisscardio.ch| www.andfrank.ch
General information
Based on Article 13 of the Swiss Federal Constitution and the data protection regulations of the Swiss Confederation (Data Protection Act, DSG), every person has the right to protection of their privacy as well as protection against misuse of their personal data. The operators of these pages take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the legal data protection regulations as well as this data protection declaration.
In cooperation with our hosting providers, we make every effort to protect the databases as well as possible against unauthorised access, loss, misuse or falsification.
We would like to point out that data transmission on the Internet (e.g. communication by e-mail) can have security gaps. Complete protection of data against access by third parties is not possible.
By using this website, you consent to the collection, processing and use of data in accordance with the following description. This website can generally be visited without registration. Data such as pages accessed or the name of the file accessed, date and time are stored on the server for statistical purposes without this data being directly related to your person. Personal data, in particular name, address or e-mail address, are collected on a voluntary basis as far as possible. The data will not be passed on to third parties without your consent.
Processing of personal data
Personal data is any information relating to an identified or identifiable person. A data subject is a person about whom personal data is processed. Processing includes any handling of personal data, regardless of the means and procedures used, in particular the storage, disclosure, acquisition, deletion, storage, modification, destruction and use of personal data.
We process personal data in accordance with Swiss data protection law. Furthermore, we process personal data in accordance with the following legal bases in connection with Art. 6 Para. 1 DSGVO – insofar as and to the extent that the EU-DSGVO is applicable:
- Consent (Art. 6 para. 1 p. 1 lit. a. DSGVO) – The data subject has given his/her consent to the processing of personal data relating to him/her for a specific purpose or purposes.
Performance of a contract and pre-contractual enquiries (Art. 6 para. 1 p. 1 lit. b. DSGVO) – Processing is necessary for the performance of a contract to which the data subject is party or for the performance of pre-contractual measures taken at the data subject’s request. - Legal obligation (Art. 6 para. 1 p. 1 lit. c. DSGVO) – Processing is necessary for compliance with a legal obligation to which the controller is subject.
- Protection of vital interests (Art. 6 para. 1 p. 1 lit. d. DSGVO) – Processing is necessary to protect the vital interests of the data subject or another natural person.
- Legitimate interests (Art. 6 para. 1 p. 1 lit. f. DSGVO) – Processing is necessary to protect the legitimate interests of the controller or a third party, unless such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require the protection of personal data.
- Application procedure as a pre-contractual or contractual relationship (Art. 9(2)(b) GDPR) – Insofar as special categories of personal data within the meaning of Art. 9(1) GDPR (e.g. health data, such as severely disabled status or ethnic origin) are requested from applicants as part of the application procedure, so that the controller or the data subject can fulfil the duties incumbent on him or her under employment law and the law on the protection of personal data.
- If the data protection officer or the data subject asks for data from job applicants (e.g. health data such as severely disabled person or ethnic origin) so that the data protection officer or the data subject can exercise his or her rights under labour law and social security law and fulfil his or her obligations in this respect, the data is processed in accordance with Article 9(2)(b) of the GDPR. DSGVO, in the case of the protection of vital interests of the applicants or other persons pursuant to Art. 9 para. 2 lit. c. DSGVO or for the purposes of preventive health care or occupational medicine, for the assessment of the employee’s fitness for work, for medical diagnostics, care or treatment in the health or social sector or for the management of systems and services in the health or social sector pursuant to Art. 9 para. 2 lit. h. DSGVO. In the case of a communication of special categories of data based on voluntary consent, their processing is based on Art. 9 para. 2 lit. a. DSGVO.
We process personal data for the duration required for the respective purpose or purposes. In the case of longer-term retention obligations due to legal and other obligations to which we are subject, we restrict processing accordingly.
Relevant legal basis
In accordance with Art. 13 DSGVO, we inform you of the legal basis for our data processing. If the legal basis is not stated in the data protection declaration, the following applies: The legal basis for obtaining consent is Art. 6(1)(a) and Art. 7 DSGVO, the legal basis for processing to fulfil our services and carry out contractual measures and respond to enquiries is Art. 6(1)(b) DSGVO, the legal basis for processing to fulfil our legal obligations is Art. 6(1)(c) DSGVO, and the legal basis for processing to protect our legitimate interests is Art. 6(1)(f) DSGVO. In the event that vital interests of the data subject or another natural person make processing of personal data necessary, Art. 6 (1) (d) DSGVO serves as the legal basis.
Security measures
We take appropriate technical and organisational measures in accordance with the law, taking into account the state of the art, the costs of implementation and the nature, scope, circumstances and purposes of the processing, as well as the different probabilities of occurrence and the extent of the threat to the rights and freedoms of natural persons, in order to ensure a level of protection appropriate to the risk.
The measures include, in particular, ensuring the confidentiality, integrity and availability of data by controlling physical and electronic access to the data as well as access to, entry into, disclosure of, assurance of availability of and segregation of the data. We also have procedures in place to ensure the exercise of data subjects’ rights, the deletion of data and responses to data compromise. Furthermore, we already take the protection of personal data into account in the development or selection of hardware, software and procedures in accordance with the principle of data protection, through technology design and through data protection-friendly default settings.
Transmission of personal data
In the course of our processing of personal data, it may happen that the data is transferred to other bodies, companies, legally independent organisational units or persons or that it is disclosed to them. The recipients of this data may include, for example, service providers commissioned with IT tasks or providers of services and content that are integrated into a website. In such cases, we comply with the legal requirements and, in particular, conclude appropriate contracts or agreements that serve to protect your data with the recipients of your data.
Data processing in third countries
If we process data in a third country (i.e., outside the European Union (EU), the European Economic Area (EEA)) or the processing takes place in the context of the use of third-party services or the disclosure or transfer of data to other persons, bodies or companies, this will only be done in accordance with the legal requirements.
Subject to express consent or contractually or legally required transfer, we only process the data in third countries with a recognised level of data protection, contractual obligation through so-called standard protection clauses of the EU Commission, in the presence of certifications or binding internal data protection regulations (Art. 44 to 49 DSGVO, information page of the EU Commission: https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection_de).
Privacy policy for cookies
This website uses cookies. Cookies are text files that contain data from visited websites or domains and are stored by a browser on the user’s computer. The primary purpose of a cookie is to store information about a user during or after their visit within an online service. Stored information may include, for example, language settings on a website, login status, a shopping cart or where a video was watched. The term cookie also includes other technologies that perform the same functions as cookies (e.g. where user details are stored using pseudonymous online identifiers, also known as “user IDs”).
The following cookie types and functions are distinguished:
- Temporary cookies (also: session cookies): Temporary cookies are deleted at the latest after a user has left an online offer and closed his browser.
Permanent cookies: Permanent cookies remain stored even after the browser is closed. For example, the login status can be saved or preferred content can be displayed directly when the user visits a website again. Likewise, the interests of users used for range measurement or marketing purposes can be stored in such a cookie. - First-party cookies: First-party cookies are set by ourselves.
- Third-party cookies (also: third-party cookies): Third-party cookies are mainly used by advertisers (so-called third parties) to process user information.
- Necessary (also: essential or absolutely necessary) cookies: Cookies may be absolutely necessary for the operation of a website (e.g. to store logins or other user input or for security reasons).
- Statistical, marketing and personalisation cookies: Furthermore, cookies are usually also used in the context of range measurement and when a user’s interests or behaviour (e.g. viewing certain content, using functions, etc.) on individual websites are stored in a user profile. Such profiles are used, for example, to show users content that matches their potential interests. This process is also referred to as “tracking”, i.e. tracking the potential interests of users. Insofar as we use cookies or “tracking” technologies, we will inform you separately in our data protection declaration or in the context of obtaining consent.
Notes on legal basis: The legal basis on which we process your personal data using cookies depends on whether we ask you for consent. If this is the case and you consent to the use of cookies, the legal basis for processing your data is the consent given. Otherwise, the data processed with the help of cookies is processed on the basis of our legitimate interests (e.g. in the business operation of our online offer and its improvement) or, if the use of cookies is necessary to fulfil our contractual obligations.
Storage period: If we do not provide you with explicit information on the storage period of permanent cookies (e.g. in the context of a so-called cookie opt-in), please assume that the storage period can be up to two years.
General information on revocation and objection (opt-out): Depending on whether the processing is based on consent or legal permission, you have the option at any time to revoke any consent you have given or to object to the processing of your data by cookie technologies (collectively referred to as “opt-out”). You can initially declare your objection by means of your browser settings, e.g. by deactivating the use of cookies (whereby this may also restrict the functionality of our online offer). An objection to the use of cookies for online marketing purposes can also be declared by means of a variety of services, especially in the case of tracking, via the https://optout.aboutads.info and https://www.youronlinechoices.com/websites. In addition, you can obtain further instructions on how to object within the scope of the information on the service providers and cookies used.
Processing of cookie data on the basis of consent: We use a cookie consent management procedure in which the consent of users to the use of cookies, or to the processing and providers mentioned in the cookie consent management procedure, can be obtained and managed and revoked by users. The declaration of consent is stored in order not to have to repeat the request and to be able to prove the consent in accordance with the legal obligation. The storage can take place on the server side and/or in a cookie (so-called opt-in cookie or with the help of comparable technologies) in order to be able to assign the consent to a user or their device. Subject to individual information on the providers of cookie management services, the following information applies: The duration of the storage of consent can be up to two years. Here, a pseudonymous user identifier is created and stored with the time of consent, information on the scope of consent (e.g. which categories of cookies and/or service providers) as well as the browser, system and end device used.
- Types of data processed: Usage data (e.g. websites visited, interest in content, access times), meta/communication data (e.g. device information, IP addresses).
- Data subjects: Users (e.g. website visitors, users of online services).
- Legal basis: Consent (Art. 6 para. 1 p. 1 lit. a. DSGVO), Legitimate Interests (Art. 6 para. 1 p. 1 lit. f. DSGVO).
Privacy policy for SSL/TLS encryption
This website uses SSL/TLS encryption for security reasons and to protect the transmission of confidential content, such as enquiries that you send to us as the site operator. You can recognise an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line.
If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.
We use the “Real Cookie Banner” consent tool to manage the cookies and similar technologies used (tracking pixels, web beacons, etc.) and the relevant consents. Details on how “Real Cookie Banner” works can be found at https://devowl.io /de/rcb/datenverarbeitung/.
The legal basis for the processing of personal data in this context is Art. 6 (1) (c) GDPR and Art. 6 (1) (f) GDPR. Our legitimate interest is the management of the cookies and similar technologies used and the relevant consents.
The provision of personal data is neither contractually required nor necessary for the conclusion of a contract. You are not obliged to provide the personal data. If you do not provide the personal data, we cannot manage your consents.
Third party services
This website may use Google Maps for embedding maps, Google Invisible reCAPTCHA for protection against bots and spam and YouTube for embedding videos.
These services of the American Google LLC use cookies, among other things, and as a result, data is transferred to Google in the USA, although we assume that no personal tracking takes place in this context solely through the use of our website.
Google has undertaken to ensure adequate data protection in accordance with the US-European and the US-Swiss Privacy Shield.
Further information can be found in Google’s privacy policy.
Data protection declaration for objection advertising e-mails
We hereby object to the use of contact data published within the framework of the imprint obligation for the purpose of sending advertising and information material that has not been expressly requested. The operators of the pages expressly reserve the right to take legal action in the event of the unsolicited sending of advertising information, for example by spam e-mails.
Chargeable services
For the provision of chargeable services, we request additional data, such as payment details, in order to be able to execute your order. We store this data in our systems until the statutory retention periods have expired.
Use of Google Maps
This website uses the services of Google Maps. This enables us to show you interactive maps directly on the website and allows you to use the map function conveniently. By visiting the website, Google receives the information that you have called up the corresponding sub-page of our website. This takes place regardless of whether Google provides a user account via which you are logged in or whether no user account exists. If you are logged in to Google, your data will be directly assigned to your account. If you do not wish your data to be associated with your Google profile, you must log out before activating the button. Google stores your data as usage profiles and uses them for the purposes of advertising, market research and/or the needs-based design of its website. Such an evaluation is carried out in particular (even for users who are not logged in) to provide needs-based advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles, and you must contact Google to exercise this right. Further information on the purpose and scope of data collection and processing by Google, as well as further information on your rights in this regard and settings options for protecting your privacy, can be found at: www.google.de/intl/de/policies/privacy.
Google Ads
This website uses Google conversion tracking. If you have accessed our website via an ad placed by Google, Google Ads will set a cookie on your computer. The conversion tracking cookie is set when a user clicks on an ad placed by Google. These cookies lose their validity after 30 days and are not used for personal identification. If the user visits certain pages of our website and the cookie has not yet expired, we and Google can recognise that the user clicked on the ad and was redirected to this page. Each Google Ads customer receives a different cookie. Cookies cannot therefore be tracked across Ads customers’ websites. The information obtained using the conversion cookie is used to create conversion statistics for Ads customers who have opted in to conversion tracking. Clients learn the total number of users who clicked on their ad and were redirected to a page tagged with a conversion tracking tag. However, they do not receive any information that can be used to personally identify users.
If you do not wish to participate in the tracking, you can reject the setting of a cookie required for this – for example, by means of a browser setting that generally deactivates the automatic setting of cookies or by setting your browser in such a way that cookies from the domain “googleleadservices.com” are blocked.
Please note that you may not delete the opt-out cookies as long as you do not want any measurement data to be recorded. If you have deleted all your cookies in the browser, you must set the respective opt-out cookie again.
Use of Google Remarketing
This website uses the remarketing function of Google Inc. The function is used to present interest-based advertisements to website visitors within the Google advertising network. A so-called “cookie” is stored in the browser of the website visitor, which makes it possible to recognise the visitor when he or she visits websites that belong to the Google advertising network. On these sites, the visitor can be presented with advertisements that relate to content that the visitor has previously accessed on websites that use Google’s remarketing function.
According to its own information, Google does not collect any personal data during this process. However, if you do not wish to use Google’s remarketing function, you can deactivate it in principle by making the appropriate settings at http://www.google.com/settings/ads. Alternatively, you can deactivate the use of cookies for interest-based advertising via the advertising network initiative by following the instructions at http://www.networkadvertising.org/managing/opt_out.asp.
Use of Google reCAPTCHA
We use “Google reCAPTCHA” (hereinafter “reCAPTCHA”) on our websites. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, hereinafter “Google”. The purpose of reCAPTCHA is to check whether the data input on our websites (e.g. in a contact form) is made by a human or by an automated programme. For this purpose, reCAPTCHA analyses the behaviour of the website visitor on the basis of various characteristics. This analysis begins automatically as soon as the website visitor enters the website. For the analysis, reCAPTCHA evaluates various information (e.g. IP address, time spent by the website visitor on the website or mouse movements made by the user). The data collected during the analysis is forwarded to Google. The reCAPTCHA analyses run entirely in the background. Website visitors are not informed that an analysis is taking place.
The data processing is based on Art. 6 para. 1 lit. f DSGVO. The website operator has a legitimate interest in protecting its web offers from abusive automated spying and from SPAM. For more information on Google reCAPTCHA and Google’s privacy policy, please see the following links: https://www.google.com/intl/de/policies/privacy/ and https://policies.google.com/terms?hl=de.
Privacy Policy for Google Analytics
This website uses Google Analytics, a web analytics service provided by Google Ireland Limited. If the data controller on this website is located outside the European Economic Area or Switzerland, then the Google Analytics data processing is carried out by Google LLC. Google LLC and Google Ireland Limited are hereinafter referred to as “Google”.
The statistics obtained enable us to improve our offer and make it more interesting for you as a user. This website also uses Google Analytics for a cross-device analysis of visitor flows, which is carried out via a user ID. If you have a Google user account, you can deactivate the cross-device analysis of your usage in the settings there under “My data”, “Personal data”.
The legal basis for the use of Google Analytics is Art. 6 para. 1 p. 1 lit. f DS-GVO. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data. We would like to point out that on this website Google Analytics has been extended by the code “_anonymizeIp();” in order to ensure anonymised collection of IP addresses. This means that IP addresses are processed in abbreviated form, which means that they cannot be linked to a specific person. If the data collected about you is related to a person, this is immediately excluded and the personal data is deleted immediately.
Only in exceptional cases will the full IP address be transferred to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage to the website operator.
Google Analytics uses cookies. The information generated by the cookie about your use of the website will be transmitted to and stored by Google on servers in the United States. You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. In addition, you can prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) to Google as well as the processing of this data by Google by downloading and installing the browser plugin available under the following link: Deactivate Google Analytics.
Furthermore, you can also prevent the use of Google Analytics by clicking on this link: Deactivate Google Analytics. This will save a so-called opt-out cookie on your data carrier, which prevents the processing of personal data by Google Analytics. Please note that if you delete all cookies on your terminal device, these opt-out cookies will also be deleted, i.e. you will have to set the opt-out cookies again if you wish to continue to prevent this form of data collection. The opt-out cookies are set per browser and computer/end device and must therefore be activated separately for each browser, computer or other end device.
Privacy policy for Google AdSense
We use Google AdSense on this website. This is an advertising programme of the company Google Inc. In Europe, the company Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible for all Google services. Google AdSense allows us to display advertisements on this website that are relevant to our theme.
Google AdSense uses cookies to serve ads that are relevant to users, to improve campaign performance reports or to prevent a user from seeing the same ads more than once. Google uses a cookie ID to record which ads are shown in which browser and can thus prevent them from being shown more than once. In addition, Google AdSense can use cookie IDs to record so-called conversions that are related to ad requests. This is the case, for example, when a user sees a Google Ads ad and later calls up the advertiser’s website with the same browser and buys something there. According to Google, Google Ads cookies do not contain any personal information.
Due to the marketing tools used, your browser automatically establishes a direct connection with Google’s server. Through the integration of Google Ads, Google receives the information that you have called up the corresponding part of our website or clicked on an advertisement from us. If you are registered with a Google service, Google can assign the visit to your account. Even if you are not registered with Google or have not logged in, it is possible that Google will obtain and store your IP address.
You can prevent participation in this tracking process in various ways:
- by adjusting your browser software settings accordingly; in particular, suppressing third-party cookies will result in you not receiving third-party ads;
- by disabling conversion tracking cookies by setting your browser to block cookies from the domain “www.googleadservices.com”, https://adssettings.google.com, which setting will be deleted when you delete your cookies;
- by disabling interest-based ads from the providers that are part of the self-regulatory campaign “About Ads”, via the link https://www.aboutads.info/choices, this setting being deleted when you delete your cookies;
- by permanently deactivating them in your Firefox, Internetexplorer or Google Chrome browsers at the link https://www.google.com/settings/ads/plugin. We would like to point out that in this case you may not be able to use all functions of this offer to their full extent.
The legal basis for the processing of your data is a balancing of interests, according to which the processing of your personal data described above is not opposed by any overriding interests on your part (Art. 6 para. 1 p. 1 lit. f DSGVO). Further information on Google Ads from Google can be found at https://ads.google.com/intl/de_DE/home/, as well as on data protection at Google in general: https://www.google.de/intl/de/policies/privacy. Alternatively, you can visit the website of the Network Advertising Initiative (NAI) at https://www.networkadvertising.org.
Privacy policy for the use of Google Web Fonts
This website uses so-called web fonts provided by Google for the uniform display of fonts. When you call up a page, your browser loads the required web fonts into its browser cache in order to display texts and fonts correctly. If your browser does not support web fonts, a standard font will be used by your computer.
You can find more information about Google Web Fonts at https://developers.google.com/fonts/faq and in Google’s privacy policy: https://www.google.com/policies/privacy/.
Google Tag Manager
Google Tag Manager is a solution with which we can manage so-called website tags via an interface and thus integrate Google Analytics and other Google marketing services into our online offering, for example. The tag manager itself, which implements the tags, does not process any personal data of the users. With regard to the processing of users’ personal data, please refer to the following information on Google services. Usage guidelines: https://www.google.com/intl/de/tagmanager/use-policy.html.
Privacy policy for Vimeo
Plugins of the video portal Vimeo of Vimeo, LLC, 555 West 18th Street, New York, New York 10011, USA are integrated on this website. Each time you visit a page that offers one or more Vimeo video clips, a direct connection is established between your browser and a Vimeo server in the USA. Information about your visit and your IP address are stored there. Through interactions with the Vimeo plugins (e.g. clicking the start button), this information is also transmitted to Vimeo and stored there. You can find the data protection declaration for Vimeo with more detailed information on the collection and use of your data by Vimeo in the Vimeo data protection declaration.
If you have a Vimeo user account and do not want Vimeo to collect data about you via this website and link it to your membership data stored with Vimeo, you must log out of Vimeo before visiting this website.
In addition, Vimeo calls up the Google Analytics tracker via an iFrame in which the video is called up. This is Vimeo’s own tracking, to which we have no access. You can prevent tracking by Google Analytics by using the deactivation tools that Google offers for some Internet browsers. You can also prevent the collection of data generated by Google Analytics and related to your use of the website (including your IP address) by Google and the processing of this data by Google by downloading and installing the browser plugin available at the following link:
https://tools.google.com/dlpage/gaoptout?hl=de
Note on data transfer to the USA
Among other things, tools from companies based in the USA are integrated on our website. If these tools are active, your personal data may be transferred to the US servers of the respective companies. We would like to point out that the USA is not a safe third country in the sense of EU data protection law. US companies are obliged to hand over personal data to security authorities without you as a data subject being able to take legal action against this. It can therefore not be ruled out that US authorities (e.g. intelligence services) process, evaluate and permanently store your data located on US servers for monitoring purposes. We have no influence on these processing activities.
Copyrights
The copyright and all other rights to the content, images, photos or other files on the website belong exclusively to the operator of this website or to the specifically named rights holders. The written consent of the copyright holder must be obtained in advance for the reproduction of any files.
Anyone who commits a copyright infringement without the consent of the respective copyright holder may be liable to prosecution and possibly to damages.
General disclaimer
All information on our website has been carefully checked. We make every effort to ensure that the information we provide is up-to-date, correct and complete. Nevertheless, the occurrence of errors cannot be completely ruled out, which means that we cannot guarantee the completeness, correctness and up-to-dateness of information, including journalistic and editorial information. Liability claims regarding damage caused by the use of any information provided, including any kind of information which is incomplete or incorrect, will therefore be rejected.
The publisher may change or delete texts at his own discretion and without notice and is not obliged to update the contents of this website. Use of or access to this website is at the visitor’s own risk. The publisher, its principals or partners are not responsible for damages, such as direct, indirect, incidental, consequential or punitive damages, allegedly caused by the use of this website and consequently assume no liability for such damages.
The publisher also accepts no responsibility or liability for the content and availability of third-party websites that can be accessed via external links on this website. The operators of the linked sites are solely responsible for their content. The publisher thus expressly distances itself from all third-party content that may be relevant under criminal or liability law or that may offend common decency.
Changes
We may amend this data protection declaration at any time without prior notice. The current version published on our website shall apply. Insofar as the data protection declaration is part of an agreement with you, we will inform you of the change by e-mail or other suitable means in the event of an update.
Questions to the data protection officer
If you have any questions about data protection, please write to us by e-mail or contact the data protection officer in our organisation listed at the beginning of this privacy statement directly.
Source: SwissAnwalt