Gehriggroup

Language

Privacy policy

Version of 23.05.2018

This data protection declaration explains the procurement and further processing of personal data by GEHRIG GROUP AG and its subsidiaries (hereinafter all together GEHRIG GROUP AG), insofar as they are not covered by other data protection declarations or they arise from the circumstances or are regulated by law. Personal data means any information relating to an identified or identifiable person.

Section I of this privacy policy explains how GEHRIG GROUP AG processes personal data. Section II contains specific explanations for individual areas of activity (e.g. customer service, newsletter, etc.).

In the interests of better readability, the masculine form of the term is used throughout, which refers to all male as well as all female and other persons.

General section

1. controller, data protection officer

Each website (including online stores and mini-sites for special promotions), each presence in social networks, multimedia portals, chatbots and each app of GEHRIG GROUP AG (each a website) has - insofar as personal data is obtained - a controller within GEHRIG GROUP AG within the meaning of Art. 4 para. 7 of the European General Data Protection Regulation (GDPR) (or comparable provisions in other applicable data protection laws). Unless otherwise stated on the website (in the legal notice, the terms of use, etc.) or below in Section II, this is GEHRIG GROUP AG.

If communication with GEHRIG GROUP AG takes place via other channels (e-mail, letter, telephone, etc.), the respective group company or branch is the controller, unless the communication takes place as part of an activity for which GEHRIG GROUP AG has defined a specific controller in this privacy policy or otherwise.

Insofar as a GEHRIG GROUP AG company or branch discloses personal data to another GEHRIG GROUP AG company or branch for its own purposes, the latter also becomes the controller within the meaning of Art. 4 para. 7 GDPR. A list of all GEHRIG GROUP AG companies and branches can be found here.

GEHRIG GROUP AG has not appointed a data protection officer within the meaning of Art. 37 GDPR. Any data protection inquiries, claims or information should be addressed to the following contact: privacy@gehriggroup.ch.

The representative in the case of companies and branches of GEHRIG GROUP AG not located in the EU or EEA within the meaning of Art. 27 GDPR is GEHRIG GROUP AG Bäulerwisenstrasse 1, 8152 Glattbrugg, Switzerland.

2. processing of personal data

GEHRIG GROUP AG collects and processes the personal data of

registered or unregistered visitors to GEHRIG GROUP AG websites;
contact persons and employees of suppliers, dealers, vendors and providers of products and product parts of GEHRIG GROUP AG;
customers, buyers and recipients/beneficiaries or interested parties of GEHRIG GROUP AG products and services (including warranty, repair and service services) or their contact persons and employees;
Contact persons and employees of business partners and affiliated companies, employment agencies and recruitment agencies (as well as placed employees) and other commercial and economic partners;
recipients of the GEHRIG GROUP AG newsletter;
Participants in market research and opinion surveys conducted by GEHRIG GROUP AG;
Participants in the courses, seminars and other events offered by GEHRIG GROUP AG;
Users of the WIFI offered by GEHRIG GROUP AG in the sales stores, showrooms, business premises and other locations;
Participants from registration or use of applications in connection with Internet-enabled (IoT) end devices
purchasers and users of GEHRIG GROUP AG customer and loyalty cards; and
registered participants in GEHRIG GROUP AG customer programs;

(all together hereinafter referred to as business partners).

The personal data of the business partners are generally collected directly from the data subjects when using the websites, when requesting or using products or services, submitting reviews and reports, participating in market or other surveys, in stores, sales outlets, showrooms or at events of GEHRIG GROUP AG or of authorized dealers of GEHRIG GROUP AG or in direct communication with GEHRIG GROUP AG via e-mail, telephone or other means.

However, they can also be collected indirectly, namely when transactions are carried out for the benefit of a business partner or for delivery to this business partner by another business partner, on the recommendation of third parties (e.g. recommendation by acquaintances of the business partner) or by obtaining or purchasing additional information from third-party data sources (e.g. social media, address dealers).

GEHRIG GROUP AG processes the following categories of personal data in particular:

  • Personal data and contact information: This includes in particular, but is not limited to, first and last name, residential address, place of residence, telephone number, e-mail address, age, date of birth, gender, marital status, family members, details of any secondary contact, photo, details of function, details of previous business dealings with these persons, details of business transactions, inquiries, offers, quotations, conditions and contracts, details of professional or other interests of the persons;
  • Data in connection with delivery and sales as well as orders and purchases: This includes in particular, but is not limited to, payment details, credit card details and other payment details, billing and delivery address, products and services delivered and sold as well as ordered and purchased, information in connection with queries, complaints and differences regarding products and services or the contracts concluded for them, such as warranty and guarantee cases, withdrawals and disputes, information about business partners who are blocked for GEHRIG GROUP AG, etc.;
  • Data in connection with the marketing of products and services: This includes in particular, but is not limited to, details of marketing activities such as receipt of newsletters, newsletter opt-ins and opt-outs, documents received, invitations and participation in events and special activities (unless part of a customer program), personal preferences and interests, etc.
  • Data in connection with the use of the websites: This includes in particular, but is not limited to, IP address and other identifiers (e.g. user name on social media, MAC address of the smartphone or computer, cookies, web beacons, pixel tags, log files, local shared objects (Flash cookies) or other technologies that automatically collect personal data), date and time of the visit or use of the websites, pages and content accessed, referring websites, etc.;
  • Data in connection with communication: This includes in particular, but is not limited to, preferred communication channel, correspondence, correspondence language and communication with GEHRIG GROUP AG (including recordings of communication), etc.;
  • Data collected in connection with a customer program: Membership number, access data (including passwords), preferred language, customer program voucher number, date and duration of membership, payment data of the customer or any third party, details of the preferred party, number of visits to the websites, purchase history, products purchased, etc. (in addition to traditional customer loyalty programs, customer programs also include all website accounts, activities and events for which a business partner registers with their personal data and thus concludes a corresponding contract with GEHRIG GROUP AG);

(all together hereinafter referred to as business partner data).

3. purpose of processing and legal basis

GEHRIG GROUP AG may process the business partner data - to the extent permitted by applicable law - in particular, but not exclusively, for the following purposes:

In connection with products and services offered, conclusion of contracts (in particular purchase and sale of products and services), execution of contracts (in particular purchase, rental, test, delivery and acceptance agreements and contracts for participation in customer programs and events), maintenance and development of relationships with business partners, communication, customer service and support (in particular orders and inquiries), marketing, advertising and sales measures (including newsletters and sending of advertising material);
Administration of the users of the websites and other activities involving business partners, operation and further development of the websites (including the provision of functions that require identifiers or other personal data) and other IT systems, identity checks;
Quality control, market research, further development of products and services, preparation of statistics, budgets, records and management information and other reports on business partners, transactions and activities, offerings and other business aspects of GEHRIG GROUP AG for the purposes of managing and developing the company, its offerings and activities, project management;
Protection of business partners, employees and other persons and protection of GEHRIG GROUP AG's data, secrets and assets entrusted to it, security of GEHRIG GROUP AG's systems and buildings;
Compliance with the legal and regulatory requirements and internal rules of GEHRIG GROUP AG, pursuit and implementation of various rights, defense against legal claims, civil proceedings, complaints, combating abuse, for the purposes of legal investigations or proceedings and to respond to inquiries from authorities;
Sale or purchase of business divisions, companies or parts of companies and other corporate transactions and the associated transfer of business partner data;
For other purposes, insofar as a legal obligation requires processing or these were recognizable or indicated by the circumstances at the time of data collection;
(all together hereinafter referred to as processing purpose).

GEHRIG GROUP AG uses the business partner data for the processing purpose on the basis of the following legal bases:

  • Contract fulfillment;
  • Fulfillment of a legal obligation of GEHRIG GROUP AG;
  • Consent of the business partners (only insofar as processing is carried out on specific request and can be withdrawn at any time, namely the receipt of newsletters for which the business partners have registered);
  • Legitimate interests of GEHRIG GROUP AG, in particular the sale and delivery of products and services, also with regard to persons who are not directly contractual partners (e.g. persons receiving gifts);
  • Carrying out advertising and marketing;
  • Efficient and effective customer service, maintaining contacts and other communication with business partners, including outside of contract processing;
  • Tracking behavior, activities and needs, market studies of, with and about business partners;
  • Efficient and effective improvement of existing products and services and development of new products and services;
  • Efficient and effective protection of business partners and other persons and protection of GEHRIG GROUP AG's data, secrets and assets entrusted to it, security of GEHRIG GROUP AG's systems and buildings
  • Maintenance and secure, efficient and effective organization of business operations, including secure, efficient and effective operation and successful development of websites and other IT systems;
  • Sensible corporate management and development;
  • Successful sale or purchase of business units, companies or parts of companies and other corporate transactions;
  • Compliance with the legal and regulatory requirements and internal rules of GEHRIG GROUP AG;
    Interest in the prevention of fraud, misdemeanors and crimes as well as investigations in connection with such offenses and other inappropriate conduct, handling of legal claims and actions against GEHRIG GROUP AG, participation in legal proceedings and cooperation with authorities, and otherwise the assertion, exercise or defense of legal claims.

GEHRIG GROUP AG may process data of registered or unregistered visitors to the websites to the extent permitted by applicable data protection law, in particular for the purposes of operating and further developing the websites (including the provision of functions that require identifiers or other personal data), for statistical evaluations of the use of the websites and to combat misuse, for the purposes of legal investigations or proceedings and to respond to inquiries from authorities. It does this on the same basis as set out above for business partner data.

GEHRIG GROUP AG may process business partner data to the extent permitted by applicable data protection law, in particular for the purposes of concluding and processing contracts and other business relationships, marketing, advertising and sales measures, communication, invitations to events and participation in promotions for business partners, carrying out joint activities, compliance with legal and regulatory requirements and internal rules of GEHRIG GROUP AG, Enforcement of rights, defense against legal claims, civil proceedings, complaints, combating fraud and abuse, for the purposes of legal investigations or proceedings and to respond to inquiries from authorities, for the sale or purchase of business divisions, companies or parts of companies and other transactions under company law and the associated transfer of business partner data.

All processing purposes apply to the entire GEHRIG GROUP AG group, i.e. not just the company that originally obtained the personal data. All business partner data is obtained for the purposes of all GEHRIG GROUP AG companies.

4 Data disclosure and data transfer abroad

GEHRIG GROUP AG may disclose the business partner data to the following categories of third parties who process the business partner data for the processing purpose on behalf of GEHRIG GROUP AG or for their own purposes, to the extent permitted by applicable data protection law:

  • Service providers (within GEHRIG GROUP AG as well as externally, for example in the area of support and service), including contract processors;
  • Dealers, suppliers and other business partners;
  • Customers and purchasers of GEHRIG GROUP AG;
  • Local, national and foreign authorities and official bodies;
  • Media and private reporters;
  • The public, including visitors to GEHRIG GROUP AG websites and social media;
  • Industry organizations, associations, organizations and other bodies;
  • competitors;
  • Acquirers or parties interested in acquiring business units, companies or other parts of GEHRIG GROUP AG;
  • Other parties in potential or actual legal proceedings;
  • Other group companies of GEHRIG GROUP AG;

(all together hereinafter referred to as third parties).

GEHRIG GROUP AG may transfer business partner data within GEHRIG GROUP AG as well as to third parties to any country in the world, in particular to all countries in which GEHRIG GROUP AG is represented by group companies, branches or other offices and representatives as well as the countries in which the service providers of GEHRIG GROUP AG process their data. If data is transferred to a country without adequate data protection, GEHRIG GROUP AG will ensure adequate protection by using sufficient contractual guarantees, in particular on the basis of the EU standard contractual clauses, Binding Corporate Rules or based on the exception of consent, contract processing, the establishment, exercise or enforcement of legal claims, overriding public interests, the data published by the business partner or because it is necessary to protect the integrity of these persons. The business partner can obtain a copy of the contractual guarantees from the contact person named in Section I. 1. above or find out from them where such a copy can be obtained. GEHRIG GROUP AG reserves the right to black out such copies for reasons of data protection or confidentiality.

5 Data retention

GEHRIG GROUP AG generally stores contract-related business partner data for the duration of the contractual relationship and ten years beyond the termination of the contractual relationship, unless there are longer statutory retention obligations in individual cases, this is necessary for reasons of proof or there is another valid exceptional reason under applicable law, or earlier deletion is indicated (namely because the data is no longer required or GEHRIG GROUP AG is obliged to delete it).

Business documents, including communications, are stored for as long as GEHRIG GROUP AG has an interest in them (in particular for further business development, for an interest in evidence in the event of claims, documentation of compliance with certain legal and other requirements, an interest in non-personal evaluation) or is obliged to do so (contractually, by law or due to other requirements). Legal obligations regarding anonymization or pseudonymization of data, for example, remain reserved.

6. cookies, Google Analytics and social plug-ins

GEHRIG GROUP AG may use cookies on its websites. Cookies are a common technology in which the browser of the user of a website is assigned an identifier that is stored and presented on request. GEHRIG GROUP AG may use so-called session cookies, which are automatically deleted at the end of a visit to a website and serve to ensure that the server can maintain the connection to the user (and e.g. the contents of the shopping cart are not lost) when the user moves around a website. On the other hand, so-called permanent cookies, which are only deleted after a period defined for each website (e.g. two years after the last visit) and are used to save the user's default settings (e.g. language) over several sessions or to enable automatic login. By using the websites but also the corresponding functions (e.g. language selection, autologin), the user consents to the use of such permanent cookies. The user of a website can block the use of cookies in their browser or delete them there, although this may impair the use of the website under certain circumstances.

GEHRIG GROUP AG may also incorporate coding in newsletters and other marketing e-mails that it sends, to the extent permitted by applicable law, with which it can recognize whether the recipient has opened the e-mail and downloads the images contained therein. However, the recipient can block this in their email program. However, they consent to the use of this technology by agreeing to receive newsletters and other marketing emails.

If GEHRIG GROUP AG uses advertising from third parties on a website (e.g. banner advertising) or wants to place its own advertising on third-party sites, cookies from companies that specialize in displaying such advertising may also be used. They do not receive any personal data from GEHRIG GROUP AG, i.e. they only set a permanent cookie for the users of the websites in order to recognize them as such and only do this for the purposes of GEHRIG GROUP AG. In this way, it is possible for GEHRIG GROUP AG to display targeted advertising from GEHRIG GROUP AG to these persons on third-party websites. The operators of the third-party sites also do not receive any personal data from GEHRIG GROUP AG.

GEHRIG GROUP AG may use PIWIK (http://piwik.org), Google Analytics or similar services on its websites. This is a service provided by a third party, which may be located in any country in the world (in the case of Google Analytics by Google Inc. in the USA, www.google.com), with which GEHRIG GROUP AG can measure and evaluate the use of a website. Permanent cookies are also used for this purpose, which are set by the service provider. The service provider does not receive any personal data from GEHRIG GROUP AG (and also does not store any IP addresses), but can track the use of the websites by the user, combine this information with data from other sites that the user has visited and which are also tracked by the service provider, and use these findings for its own purposes (e.g. control of advertising). If the user has registered with the service provider himself, the service provider knows his identity. The processing of his personal data by the service provider then takes place under the responsibility of the service provider in accordance with its data protection regulations. GEHRIG GROUP AG receives information on the use of the websites from the service provider.

GEHRIG GROUP AG may integrate and use remarketing functions on the websites to advertise products and services of GEHRIG GROUP AG. This function is used to present interest-based advertisements from GEHRIG GROUP AG to visitors to the website as part of the advertising network. Cookies are again used for this purpose, which are set by the service provider. All data is collected anonymously so that no conclusions can be drawn about specific persons. The default settings of the GEHRIG GROUP AG websites are configured in such a way that the integrated technologies are deactivated. If a visitor to the GEHRIG GROUP AG websites is redirected to other providers, the data protection provisions of the relevant provider apply. Changes to the settings of the remarketing function can be made under the settings of the relevant service provider.

GEHRIG GROUP AG may integrate and use remarketing tags from Facebook, 1601 South California Avenue, Palo Alto, CA 94304, USA on websites. The default settings of the GEHRIG GROUP AG websites are configured so that the integrated remarketing tags are deactivated. After selecting and activating the remarketing tags, a direct connection is established between the website visitor's browser and the Facebook server. Facebook thus receives the IP address of the visitor and thus the information that the visitor has visited the corresponding website. This allows Facebook to assign the visitor to the GEHRIG GROUP AG website to any Facebook user account of the visitor to the GEHRIG GROUP AG website. GEHRIG GROUP AG may use such information to display Facebook Ads. If a visitor to the GEHRIG GROUP AG websites is redirected to Facebook, Facebook's data protection provisions apply. Further information can be found in Facebook's privacy policy at https://www.facebook.com/about/privacy/.

GEHRIG GROUP AG may also use so-called plug-ins (also add-ons) from social networks such as Facebook, Twitter, Whatsapp, LinkedIn, YouTube, Google+, Google Maps, Pinterest or Instagram or from business partners on the websites or integrate RSS feeds or graphics from other websites. The default settings of the websites are configured in such a way that the plug-ins and other integrated technologies are deactivated. The user must therefore activate them themselves. If they do so, the operators of the social networks and third-party services can establish a direct connection to the user while they are on the websites and know that they are there and can evaluate this information. The processing of his personal data by the operator of the social network is then the responsibility of this operator in accordance with its data protection regulations. GEHRIG GROUP AG does not receive any information from the operators of these social networks.

7 Rights of customers, visitors and partners

Every data subject has a right to information from GEHRIG GROUP AG about personal data relating to them. They also have the right to demand that GEHRIG GROUP AG correct, delete and restrict personal data relating to them and to object to such processing of personal data. If the processing of personal data is based on consent, the consent can be revoked by the data subject at any time. In EU/EEA member states, the data subject has the right in certain cases to receive the data generated when using online services in a structured, commonly used and machine-readable format that enables further use and transmission. Requests in connection with these rights should be addressed to the data protection officer or the contact person in accordance with Section I. 1 above. GEHRIG GROUP AG reserves the right to restrict the rights of the data subject within the framework of the applicable law and, for example, not to provide complete information or not to delete data.

If GEHRIG GROUP AG makes an automated decision concerning an individual person that has legal effects on the person concerned or significantly affects them in a similar way, the person concerned can speak to a responsible person at GEHRIG GROUP AG and request that the decision be reconsidered, or request an assessment by a person from the outset, insofar as the applicable law provides for this. In this case, the data subject may no longer be able to use certain automated services. The person will be informed of such decisions subsequently or separately in advance.

Every data subject has the right to lodge a complaint with the competent data protection authority.

8 Amendment of the privacy policy

GEHRIG GROUP AG may amend this privacy policy at any time without prior notice or notification. The current version published on the website shall apply.

If the data protection declaration is part of an agreement with business partners, GEHRIG GROUP AG may inform them of the change by e-mail or other suitable means in the event of an update. If no objection is received within 30 days, the new data protection declaration shall be deemed to have been agreed. If an objection is raised, GEHRIG GROUP AG may terminate the agreement extraordinarily and without notice.

Special section

The following statements supplement the statements in the general section for specific activities of GEHRIG GROUP AG. In the event of contradictions, the following statements take precedence over those in the general section.

1. online stores

In the online stores of GEHRIG GROUP AG, the creditworthiness of a CUSTOMER can be assessed automatically in order to offer the purchase on account on the basis of this decision, insofar as this payment option is offered at all. In these cases, creditworthiness is checked by means of a query to an external credit agency. This agency informs GEHRIG GROUP AG of the person's credit score, which it in turn determines using a non-public formula based on the information it has collected about the person's payment experience, their debt and bankruptcy history and any restrictions on their ability to act that are recorded. Under certain circumstances, there is no longer a billing option. If this happens, but the CUSTOMER does not wish to accept this, they can contact the following contact person: privacy@gehriggroup.ch.

The online stores of GEHRIG GROUP AG can also automatically decide on the conclusion of purchase contracts. However, GEHRIG GROUP AG does not consider this to be an automated individual decision within the meaning of Art. 22 GDPR. If a customer does not want such an automatic conclusion of a contract, they can purchase products and services from GEHRIG GROUP AG directly from GEHRIG GROUP AG and its dealers.

Any inquiries, claims or information under data protection law can be addressed to the following contact person: privacy@gehriggroup.ch.

2. points of sale

Points of sale include in particular, but are not limited to, trade fair stands, exhibition rooms, shopping, operating and manufacturing facilities where goods and services of GEHRIG GROUP AG are exhibited, demonstrated, offered, marketed, sold or where information, advice or recommendations are provided. Sales outlets also include corresponding locations of business partners. GEHRIG GROUP AG may collect personal data directly or via the business partners during visits to such points of sale. This includes in particular, but is not limited to, name, address, telephone number, e-mail, etc. Personal data will only be processed with the consent of the data subject or otherwise lawfully and only to the extent necessary or appropriate. It may be necessary for personal data to be passed on to third parties, but only if this is necessary or expedient for the provision of the desired service. Third parties are in particular, but not exclusively, administrative and technical personnel of a GEHRIG GROUP AG business partner. Personal data will only be processed and used for purposes other than those for which it was collected within the framework of the applicable legal regulations or with the consent of the data subject.

3. service

GEHRIG GROUP AG processes personal data in order to provide services in the context of ordering, delivery, installation, assembly, calibration, acceptance, warranty or guarantee cases, service and support, maintenance and servicing, other inquiries or the transmission of information material (newsletters, product information, events, etc.). This includes in particular, but is not limited to, name, address, telephone number, e-mail address, etc. Personal data is only processed insofar as this is necessary or useful for the provision of the respective service. Data is stored in the internal customer relationship system and is used for product, customer and quality control purposes. It may be necessary for personal data to be passed on to third parties, but only if this is necessary or expedient for the provision of the desired service. Third parties are in particular, but not exclusively, administrative and technical personnel of a GEHRIG GROUP AG distributor or another GEHRIG GROUP AG (service) contractual partner. Personal data will only be processed and used for purposes other than those for which it was collected within the framework of the applicable legal regulations or with the consent of the data subject."

4. newsletters and banner advertising

GEHRIG GROUP AG may send business partners newsletters and other commercial communication regarding its products and services. In the case of existing customers and business partners, GEHRIG GROUP AG reserves the right to do so without prior consent within the framework of the applicable law, but these customers and business partners can object to further mailings at any time. In other cases, GEHRIG GROUP AG will only undertake such communication after prior request by the business partners (e.g. newsletter registration via the website account). The sending of newsletters and other commercial communication can be canceled at any time via an account on the relevant website or via the link provided in each mailing. However, unsubscribing from one newsletter does not necessarily cancel other newsletters.

When visiting the websites, personalized advertising may be displayed via web banners. Any banner advertising shown to the business partner contains products from the websites that the business partner has already viewed in advance. The advertising is generated by GEHRIG GROUP AG using cookies (see I. Section 6 above).