This privacy policy provides information about the personal data we process in connection with our activities and operations, including our CapCognition website. In particular, we provide information on why, how and where we process personal data. We also provide information about the rights of persons whose data we process.
Further data protection declarations and other legal documents such as General Terms and Conditions (GTC), Terms of Use or Conditions of Participation may apply to individual or additional activities and operations.
We are subject to Swiss data protection law as well as any applicable foreign data protection law, in particular that of the European Union (EU) with the General Data Protection Regulation (GDPR). The European Commission recognizes that Swiss data protection law ensures adequate data protection.
Responsibility for the processing of personal data:
CapCognition KLG
Usterstrasse 40c
8308 Illnau
info@capcognition.com
We would like to point out if there are other controllers for the processing of personal data in individual cases.
2.1 Definitions
Personal data is any information relating to an identified or identifiable person. A data subject is a person about whom personal data is processed.
Processing includes any handling of personal data, regardless of the means and procedures used, in particular the storage, disclosure, procurement, collection, erasure, storage, modification, destruction and use of personal data.
The European Economic Area (EEA) comprises the member states of the European Union (EU) as well as the Principality of Liechtenstein, Iceland and Norway. The General Data Protection Regulation (GDPR) defines the processing of personal data as the processing of personal data.
2.2 Legal bases
We process personal data in accordance with Swiss data protection law, in particular the Federal Act on Data Protection (FADP) and the Ordinance to the Federal Act on Data Protection (OFADP).
We process various categories of data about you. The most important categories are as follows:
3.1 Technical data
When you use our website or other electronic services, we collect the IP address of your end device and other technical data to ensure the functionality and security of these services. This data also includes logs in which the use of our systems is recorded. We generally store technical data for 6 months. To ensure the functionality of these offers, we can also assign you or your end device an individual code. The technical data itself does not allow any conclusions to be drawn about your identity. However, in the context of user accounts, registrations, access controls or the processing of contracts, it may be linked to other categories of data (and thus possibly to your person).
3.2 Registration data
Certain offers and services can only be used with a user account or registration, which can be done directly with us or via our external login service providers. In doing so, you must provide us with certain data and we collect data on the use of the offer or service. We generally retain registration data for 12 months after the end of the use of the service or the termination of the user account.
3.3 Communication data
If you are in contact with us via the contact form, by e-mail, telephone, letter or other means of communication, we collect the data exchanged between you and us, including your contact details and the marginal data of the communication. If we want or need to establish your identity, we collect data to identify you (e.g. a copy of an identity document). We generally store this data for 12 months from the last exchange with you. This period may be longer if this is necessary for reasons of proof or to comply with legal or contractual requirements or for technical reasons. E-mails in personal mailboxes and written correspondence are generally stored for at least 10 years.
3.4 Master data
We define master data as the basic data that we require in addition to the contract data (see below) for the processing of our contractual and other business relationships or for marketing and advertising purposes, such as name, contact details and information, e.g. about your role and function, your bank details, your date of birth or customer history. We process your master data if you are a customer or other business contact or work for one (e.g. as a contact person of the business partner), or because we want to contact you for our own purposes or the purposes of a contractual partner (e.g. in the context of marketing and advertising). We receive master data from you yourself (e.g. when you make a purchase or register), from bodies for which you work, or from third parties such as our contractual partners, associations and address dealers and from publicly accessible sources such as public registers or the Internet (websites, etc.). As a rule, we store this data for 10 years from the last exchange with you, but at least from the end of the contract. This period may be longer if this is necessary for reasons of proof or to comply with legal or contractual requirements or for technical reasons. In the case of pure marketing and advertising contacts, the period is normally much shorter, usually no more than 2 years from the last contact.
3.5 Contract data
This is data that arises in connection with the conclusion or processing of a contract, e.g. information about contracts and the services to be provided or provided, as well as data from the run-up to the conclusion of a contract, the information required or used for processing and information about reactions. We generally collect this data from you, from contractual partners and from third parties involved in the execution of the contract, but also from third-party sources (e.g. providers of credit rating data) and from publicly accessible sources. As a rule, we store this data for 10 years from the last contractual activity, but at least from the end of the contract. This period may be longer if this is necessary for reasons of proof or to comply with legal or contractual requirements or for technical reasons.
You provide us with much of the data mentioned in this section 3 yourself (e.g. via forms, in the context of communication with us, in connection with contracts, when using the website, etc.). You are not obliged to do so, subject to individual cases. If you wish to conclude contracts with us or make use of services, you must also provide us with data as part of your contractual obligation under the relevant contract, in particular master data, contract data and registration data. When using our website, the processing of technical data is unavoidable.
Insofar as this is not inadmissible, we also take data from publicly accessible sources or receive data from authorities and other third parties.
No personal data is collected when you visit our website. We may store your access data anonymously in order to provide you with improved offers. This includes the website from which you came to us and the name of your Internet service provider.
In connection with our contracts, the website, our services and products, our legal obligations or otherwise to protect our legitimate interests, we also transfer your personal data to third parties, in particular to the following categories of recipients:
5.1 Public authorities
We may disclose personal data to offices, courts and other authorities in Switzerland and abroad if we are legally obliged or entitled to do so or if this appears necessary to protect our interests.
5.2 Contractual partners including customers
This initially refers to customers (e.g. service recipients) and other contractual partners of ours, because this data transfer arises from these contracts. If you work for such a contractual partner yourself, we may also transfer data about you to them in this context. The recipients also include contractual partners with whom we cooperate.
We take appropriate technical and organizational measures to ensure data security appropriate to the respective risk. However, we cannot guarantee absolute data security.
Our website is accessed using transport encryption (SSL / TLS, in particular with the Hypertext Transfer Protocol Secure, abbreviated to HTTPS). Most browsers indicate transport encryption with a padlock in the address bar.
Our digital communication - like all digital communication in general - is subject to mass surveillance without cause or suspicion and other surveillance by security authorities in Switzerland, the rest of Europe, the United States of America (USA) and other countries. We cannot directly influence the corresponding processing of personal data by secret services, police forces and other security authorities.
7.1 Cookies
We may use cookies. Cookies - our own cookies (first-party cookies) as well as cookies from third parties whose services we use (third-party cookies) - are data that are stored in the browser. Such stored data need not be limited to traditional cookies in text form.
Cookies can be stored in the browser temporarily as "session cookies" or for a certain period of time as so-called permanent cookies. "Session cookies" are automatically deleted when the browser is closed. Permanent cookies have a specific storage period. In particular, cookies make it possible to recognize a browser the next time it visits our website and thus, for example, to measure the reach of our website. However, permanent cookies can also be used for online marketing, for example.
Cookies can be completely or partially deactivated and deleted at any time in the browser settings. Without cookies, our website may no longer be fully available. We actively request your express consent to the use of cookies - at least if and to the extent necessary.
For cookies that are used to measure success and reach or for advertising, a general objection ("opt-out") is possible for numerous services via AdChoices (Digital Advertising Alliance of Canada), the Network Advertising Initiative (NAI), YourAdChoices (Digital Advertising Alliance) or Your Online Choices (European Interactive Digital Advertising Alliance, EDAA).
7.2 Server log files
We may collect the following information for each access to our website, provided that this information is transmitted by your browser to our server infrastructure or can be determined by our web server: Date and time including time zone, Internet Protocol (IP) address, access status (HTTP status code), operating system including user interface and version, browser including language and version, individual sub-page of our website accessed including amount of data transferred, last website accessed in the same browser window (referer or referrer).
We store such information, which may also constitute personal data, in server log files. The information is required to provide our website in a permanent, user-friendly and reliable manner and to ensure data security and thus in particular the protection of personal data - also by third parties or with the help of third parties.
8.1 Consent and objection
You must always expressly consent to the use of your e-mail address and other contact addresses, unless the use is permitted for other legal reasons. Wherever possible, we use the "double opt-in" procedure to obtain consent, i.e. you will receive an e-mail with a web link that you must click on to confirm, so that no misuse by unauthorized third parties can occur. We may log such consents, including the Internet Protocol (IP) address, date and time, for reasons of proof and security.
You can object to receiving notifications and communications such as newsletters at any time. With such an objection, you can also object to the statistical recording of usage for measuring success and reach. Necessary notifications and communications in connection with our activities and operations remain reserved.
8.2 Contact form
Data transmitted via the contact form, including your contact details, will be stored in order to process your request or to be available for follow-up questions. This data will not be passed on without your consent.
The data entered in the contact form will be processed exclusively on the basis of your consent (Art. 6 para. 1 lit. a GDPR). You can withdraw your consent at any time. An informal notification by e-mail is sufficient for revocation. The legality of the data processing operations carried out until the revocation remains unaffected by the revocation.
Data transmitted via the contact form will remain with us until you ask us to delete it, revoke your consent to storage or there is no longer any need to store the data. Mandatory statutory provisions - in particular retention periods - remain unaffected.
9.1 Digital infrastructure
We use the services of specialized third parties in order to be able to use the necessary digital infrastructure in connection with our activities and operations. This includes, for example, hosting and storage services from selected providers.
We use:
- Hosttech
9.2 Fonts
We use third-party services to embed selected fonts, icons, logos and symbols on our website.
We use:
- Google Fonts
- Icons from Mobirise
9.3 Payments
We use specialized service providers to process our customers' payments securely and reliably. The legal texts of the individual service providers, such as general terms and conditions or data protection declarations, also apply to the processing of payments.
We use:
- Saferpay Worldline
9.4 Google Analytics
These Internet pages (hereinafter referred to as web pages or website) use Google Analytics, a web analysis service provided by Google Inc (hereinafter referred to as Google). Google Analytics uses "cookies", which are text files placed on your computer, to help the website analyze how users use the site. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there. However, due to the activation of IP anonymization on these websites, your IP address will be shortened by Google beforehand within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and truncated there. Google will use this information on behalf of the operator of this website for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage to the website operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.
The purpose of data processing is to evaluate the use of the website and to compile reports on website activity. Based on the use of the website and the Internet, further associated services are then to be provided. The processing is based on the legitimate interest of the website operator.
You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by Google by downloading and installing the browser plug-in available at the following link: https://tools.google.com/dlpage/gaoptout?hl=de
10.1 Withdrawal of your consent to data processing
Some data processing operations are only possible with your express consent. You can withdraw your consent at any time. An informal notification by e-mail is sufficient for the revocation. The legality of the data processing carried out until the revocation remains unaffected by the revocation.
10.2 Right to information, correction, blocking, deletion
You have the right to free information about your stored personal data, the origin of the data, its recipients and the purpose of the data processing and, if necessary, a right to correction, blocking or deletion of this data at any time within the framework of the applicable legal provisions. You can contact us at any time at the email address info@capcognition.com with regard to this and other questions on the subject of personal data.
10.3 Final provisions
We may amend and supplement this privacy policy at any time. We will inform you of such amendments and additions in an appropriate form, in particular by publishing the current privacy policy on our website.