This website is subject to Swiss data protection law, in particular the Federal Act on Data Protection (FADP) and any applicable foreign data protection laws such as the General Data Protection Regulation (GDPR) of the European Union (EU). The EU recognises that Swiss data protection law safeguards data adequately.
Access to our website involves the use of transport encryption (SSL/TLS).
In principle, it is possible to use our website without disclosing any personal data. However, it may become necessary to process personal data if a data subject requests special services from our company via our website. If processing personal data is necessary but there is no legal basis for doing so, we generally ask the data subject for permission.
Personal data (e.g. name, address, email address, phone number) is always processed in compliance with statutory data protection regulations and by applying the principles of data minimisation and data avoidance. With this Privacy Policy, our company would like to inform the general public about the nature, scope and purpose of the personal data we collect, use and process. Furthermore, this Privacy Policy informs data subjects about their rights. The Privacy Policy applies regardless of the domains, systems, platforms and devices (e.g. desktop or mobile) that are used to run our online offers and the associated websites, functions and content.
As the controller, Rumpel SA has implemented a range of technical and organisational measures to ensure as seamless protection as possible of the personal data that is processed via this website. Nevertheless, security gaps may arise when data is transferred over the internet, and absolute protection can therefore not be guaranteed. For this reason, every data subject is free to use alternative means, such as a phone, to send us their personal data.
Contact details of the controller and the data protection officer
The controller (hereinafter referred to as the “Operator,” “we” or “us”) within the meaning of the law is
Rumpel SA
Bachmatten 8
CH-4435 Niederdorf/BL
+41 61 956 90 20
datenschutz@rumpel.ch
Enquiries regarding data protection can be sent by letter or email.
2. General information about data processing
For visitors accessing our website, we initially collect and use only the data specified in Section 3. Furthermore, we process our users’ personal data only as needed to run an efficient website and offer our content and services. As a rule, we collect and use our users’ personal data only after first obtaining their consent. Exceptions are possible in cases where prior consent cannot be obtained for circumstantial reasons and statutory requirements permit such processing.
2.1 Legal basis for processing personal data
Insofar as we obtain the data subject’s consent in connection with particular steps, we process this subject’s personal data in compliance with the legal basis provided under the Federal Act on Data Protection (FADP) or the EU General Data Protection Regulation (GDPR) to the extent applicable.
The Federal Act on Data Protection (FADP) and, if and to the extent applicable, the GDPR serves as the legal basis for processing the personal data necessary for performing a contract to which the data subject is a party. This also applies to processing steps that are required in connection with pre-contractual measures.
Insofar as personal data must be processed to fulfil a legal obligation of our company, the Federal Act on Data Protection (FADP) serves as the legal basis to the extent applicable.
If processing is necessary to safeguard a legitimate interest of our company or a third party and the data subject’s interests, basic rights and freedoms do not outweigh the initially mentioned interests, the Federal Act on Data Protection (FADP) serves as the legal basis for such processing if and to the extent applicable.
2.2 Data deletion and storage period
The data subject’s personal data will be deleted or blocked once the purpose for storing it ceases to apply. Data can be stored for longer periods as may be required by European or national legislators in the respective EU regulations, laws and other provisions that apply to the controller. Data is also blocked or deleted if a storage period prescribed by the norms mentioned above ends, unless further storage of the data is required for concluding or performing a contract.
3. Running the website and creating log files
Every time our website is accessed, our system automatically collects data and information from the accessing computer.
The following data is collected during this process:
- IP addresses
- The date and time
- Information such as the log type and version, desired action, status codes, as well as information about the transferred data (e.g. the size of a query or response)
- Error messages
- Application-specific information, such as message ID for emails or web accesses, details of the browser used (user agent string) or, if applicable, the page from which the visitor reached the website
The system must store the IP address temporarily to deliver the website to the user’s computer. For this, the user’s IP address must be stored for the duration of the session.
The log files contain IP addresses and other data that make it possible to identify the user; for example, in the case of a link from which a user accesses or switches websites that contains personal data.
The data is also stored in our system’s log files. Such data is not stored together with the user’s other personal data.
Such data is stored in log files to ensure the functionality of the website. In addition, we use the data to optimise the website and ensure the security of our IT systems. The data is not analysed for marketing purposes in this connection.
3.1 Legal basis for data processing
The Federal Act on Data Protection (FADP) provides the legal basis for temporarily storing data and log files if and to the extent applicable.
3.2 Duration of storage
The data remains in our systems for as long as necessary for operational purposes and up to the statutory or contractually stipulated deadlines. It is then deleted automatically. For most data, this is a maximum of six months.
3.3 Possibility of objection and removal
Collecting data to run the website and store it in log files is essential for managing the website. Consequently, users have no possibility of objecting.
4. Use of cookies
This website uses cookies. Cookies are files with information that our or a third-party’s web server installs and stores on a computer system via an internet browser.
Many websites and servers use cookies. Many cookies come with a cookie ID. A cookie ID is a unique identifier of the cookie. It consists of a string of characters through which websites and servers can be assigned to the specific internet browser in which the cookie has been installed. This makes it possible to distinguish the websites visited and servers used by data subjects in their browser from those in other internet browsers with different cookies. The unique cookie ID makes it possible to recognise and identify a specific internet browser.
By using cookies, we can provide the users of this website with more user-friendly services that would not be possible otherwise.
4.1 Technical or functional cookies
Some cookies ensure that certain parts of the website work correctly and that the user’s preferences are remembered. The use of functional cookies makes it easier for you to visit our website. The user data we thus collect is not used to create user profiles.
4.2 Analytical cookies
We also use analytical cookies on our website to optimise our users’ experience. Analysis cookies are used to improve the quality of our website and its content and to continuously optimise our offer.
4.3 Legal basis for data processing
The Federal Act on Data Protection (FADP) serves as the legal basis for processing personal data by means of technically necessary cookies.
The Federal Act on Data Protection (FADP) serves as the legal basis for processing personal data for analysis purposes by means of cookies if the user has given his or her consent.
4.4 Duration of storage, possibility of objection and removal
Technically necessary cookies are usually deleted when the session ends. This Privacy Policy informs users about the use of cookies during pseudonymous reach measurements.
Users can set their internet browser to block cookies from our website permanently. Furthermore, cookies that have been installed can be deleted at any time via an internet browser or other software programmes. The exclusion of cookies may restrict the functionality of our online offer.
5. Contact forms and email contact
Our website has forms for contacting us electronically. We will store the data that users enter into the respective fields of the forms they send us. By using the contact forms, users actively consent to having their personal data processed.
The following data will also be stored when the message is transmitted:
- The user’s IP address
- The date and time of registration
We process the personal data from the input screen solely for contacting you. A request for contact sent by email also constitutes the required legitimate interest in processing the data.
Other personal data processed during transmission serves to prevent misuse of the contact form and ensure that our IT systems work correctly.
No data is shared with third parties as part of this process. The data is used solely for processing the conversation.
5.1 Online job applications
Our website also lets you apply for a job with us. Digital applications enable us to collect and process application data electronically.
In the case of applications that result in an employment contract, we store the application data we received and use it for standard organisational and administrative purposes – naturally in compliance with broader legal obligations.
In the case of applications that are rejected, we automatically delete the respective data two months after sending the rejection notice. However, the data is not deleted if legal provisions stipulate a longer storage period of up to four months or until legal proceedings are concluded, e.g. for the purpose of providing evidence.
If express consent for the longer data storage period has been granted, e.g. for inclusion in a database for applicants or prospective customers, the data will be further processed based on this consent. Such consent can be revoked at any time.
5.2 Legal basis for data processing
The Federal Act on Data Protection (FADP) serves as the legal basis for processing data for which the user has given his or her consent.
The Federal Act on Data Protection (FADP) serves as the legal basis for processing the data transmitted in connection with sending email messages. The Federal Act on Data Protection (FADP) applies as an additional legal basis for processing if the email contact aims to conclude a contract.
5.3 Duration of storage
We process and store personal data for as long as necessary to fulfil our contractual and legal obligations or for other related purposes for the duration of the entire business relationship (e.g. from concluding, to performing, all the way to terminating a contract) as well as in accordance with the statutory retention and documentation obligations.
Personal data will be deleted once it has fulfilled the intended purpose and if deletion does not conflict with any retention obligations. In this connection it may be that personal data is stored for the period in which claims are brought against our company, that we are otherwise legally obliged to do so, or that other legitimate business interests (e.g. for evidential or documentation purposes) require such a step.
5.4 Possibility of objection and removal
Users can at any time revoke their consent to having their personal data processed. When contacting us by email (contact form), users can choose at any time to not have their personal data stored. In such a case, the conversation cannot be continued, and the revocation must be made by phone, whereby all personal data stored in the course of making the contact will be deleted.
6. Rights of the data subject
If your personal data is processed, you are a “data subject” within the meaning of the Federal Act on Data Protection (FADP) and, if and to the extent applicable, the GDPR, and you thus have the following rights vis-à-vis us as the controller. You can exercise your rights by contacting us and stating your request.
6.1 Right to rectification
Every data subject whose personal data is being processed has the right to have inaccurate personal data concerning him or her rectified immediately. Furthermore, the data subject also has the right, in consideration of the purpose of the processing step, to request incomplete personal data to be completed – also by means of a supplementary statement.
6.2 Right to restriction of processing
Every data subject whose personal data is being processed has the right to demand that the controller restrict processing if a prerequisite provided for by the legislator in the Federal Act on Data Protection (FADP) or, if and to the extent applicable, the GDPR applies and is met.
6.3 Right to erasure
Every data subject has the right to request the controller to delete personal data concerning him or her immediately if a ground in the Federal Act on Data Protection (FADP) or, if and to the extent applicable, the GDPR applies.
6.4 Right to data portability
Every data subject whose personal data is being processed has the right to receive in a structured, standard, and machine-readable format the personal data that concerns him or her and that a controller has prepared. The data subject also has the right to pass on such data to another controller without interference by the controller that has prepared it, provided that processing is based on consent obtained pursuant to the Federal Act on Data Protection (FADP) or, if and to the extent applicable, the GDPR or on a contract subject to the GDPR, and the processing is carried out by automated means.
6.5 Right to object
Every data subject whose personal data is being processed has the right, based on grounds relating to his or her particular situation, to object at any time to having personal data concerning him or her that is processed on the basis of the Federal Act on Data Protection (FADP) or, if and to the extent applicable, the GDPR. This also applies to profiling on the basis of these provisions.
The company can no longer process the personal data if there is an objection, unless we can demonstrate compelling legitimate grounds for doing so that override the interests, rights and freedoms of the data subject, or if such processing serves to assert, exercise or defend against claims.
If the company processes personal data for direct marketing purposes, the data subject has the right to object at any time to having his or her personal data used for such a purpose. This also applies to profiling if it relates to direct marketing in this connection. Such personal data will no longer be processed for these purposes if the data subject objects.
6.6 Right to revoke the declaration of consent under data protection law
Every data subject whose personal data is being processed has the right to have a declaration of consent under data protection law revoked at any time. The revocation of consent does not affect the legality of processing carried out on the basis of consent up to the time of revocation. However, we reserve the right to continue processing personal data if there are compelling legitimate grounds for doing so that outweigh the user’s interests, rights and freedoms or if such processing serves to assert, exercise or defend against claims.
6.7 Right to file complaints with a supervisory authority
Without prejudice to any other administrative or judicial remedy, you have the right to file a complaint with a supervisory authority, in particular in the Member State of your place of stay or work or where the alleged infringement occurred if you believe that processing your personal data violates the Federal Act on Data Protection (FADP) or, if and to the extent applicable, the GDPR.
7. Integration of third-party services and content
Our website incorporates content or services from third-party providers of other websites. The integration of content from third-party providers always requires such providers to receive the users’ IP address, without which they would not be able to send the content to the users’ browser. The IP address is therefore required for displaying this content. Furthermore, third-party content providers can install their own cookies and process user data for their own purposes. User profiles can be created from the processed data.
7.1 Data privacy provisions for Google Analytics
Our website uses the Google Analytics services of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter “Google”).
Google uses cookies. The information the cookie generates about the use of online offers is usually transmitted to and stored on a Google server in the US.
Google will use this information based on our instructions to evaluate how users use our website, compile reports on the activities within this website, and provide us with other services associated with website use and the internet. Doing so can involve creating pseudonymous user profiles from the processed data.
We use Google Analytics only when IP anonymisation is activated. This means Google truncates the IP address of the users within EU Member States or in other contracting states of the Agreement on the European Economic Area as well as Switzerland. Only in exceptional cases will the full IP address be transmitted to a Google server in the US and truncated there.
The IP address that the user’s browser transmits will not be merged with other Google data. Users can download and install the browser plug-in via the link below and adjust their browser settings to prevent cookies from being installed and generating data for Google about their use of the online offer and enable Google to process this data: http://tools.google.com/dlpage/gaoptout?hl=en-GB
Further information on Google’s use of data for advertising purposes, settings and revocation options can be obtained on Google’s websites: https://www.google.com/intl/en-gb/policies/privacy/partners (“Google’s use of data when you use our partners’ websites or apps”), https://policies.google.com/technologies/ads?hl=en (“Data use for advertising purposes”), https://adssettings.google.de/anonymous?hl=en-gb (“Manage the information Google uses to show you ads”) and https://adssettings.google.de/anonymous?hl=en-gb (“Determine which ads Google can display”).
7.2 Google Tag Manager
We use the Tag Manager of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter “Google”) on our websites. Google Tag Manager allows marketers to manage website tags via an interface. According to Google, Tag Manager is a cookie-free domain and does not collect any personal data. It triggers other tags, which in turn collect personal data. According to Google, Tag Manager does not access this data. A setting that has been disabled at the domain or cookie level applies to all tracking tags implemented via Google Tag Manager.
We are legitimately interested in observing the legal basis for processing the data for this purpose.
The Google website has further information about how Google uses data and about settings and revocation options: https://marketingplatform.google.com
7.3 Matomo (formerly: PIWIK)
Our website uses Matomo (formerly: “PIWIK”), which is provided by GLOBONET GmbH, Toggenburgerstrasse 26, 9500 Wil. The software is open source and allows us to analyse how our website is used.
To collect this data, Matomo stores a cookie on the end device via the internet browser. This cookie is valid for one week.
We use Matomo with the “Automatically Anonymise Visitor IPs” function that truncates your IP address by two bytes to prevent it from being attributed to you or the internet connection you use.
Users can adjust their browser settings to prevent the cookie from being installed.
7.4 Data privacy provisions for Google Fonts
Our website uses the “Google Fonts” from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter “Google”).
These fonts are publicly available under the SIL Open Font License or the Apache License. Both are free software licenses. The fonts used on this website are integrated locally on our server instead of on the provider’s server, and no data is therefore stored or passed on to third-party providers. Further information on Google Fonts can be found at: https://developers.google.com/fonts/faq
7.5 Data privacy provisions for Google reCAPTCHA
We use the reCAPTCHA service of Google Inc. (hereinafter “Google”) to protect the queries you submit via the online form. The function enables the input by a person to be distinguished from fraudulent automated processing by a machine. The function sends the IP address and any other data that Google requires for the reCAPTCHA service to Google. For this purpose, your input will be transmitted to and used by Google. However, Google will first truncate your IP address within Member States of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the US and truncated there. Google will use this information to analyse your use of this service based on the instructions of this website’s operator. The IP address your browser transmits via reCAPTCHA will not be merged with other Google data. Such data is subject to separate data protection provisions of Google. For more information on Google’s Privacy Policy, please visit https://policies.google.com/privacy?hl=en-GB
7.6 OpenStreetMap
We use OpenStreetMap (hereinafter “OpenStreetMap”), a service of the OpenStreetMap Foundation, St John’s Innovation Centre, Cowley Road, Cambridge, CB 4 0 WS, United Kingdom, for instructions for reaching our premises.
OpenStreetMap installs a browser cookie on the end device when a user visits one of our websites that uses this service. User settings and data are thus processed to display the page or to ensure the functionality of the OpenStreetMap service. Through this process, OpenStreetMap can recognise the page from which the request originates and to which IP address the map of the route should be transmitted.
We are legitimately interested in optimising and running our website efficiently.
Users can prevent such a cookie from being installed by adjusting the settings in their browser. OpenStreetMap provides further information about how data is collected and used and about the rights and options for protecting privacy at https://wiki.osmfoundation.org/wiki/Privacy_Policy.