Imprint Terms
and Conditions
Data Protection
Code of Conduct
and Conditions
Data Protection
Code of Conduct
Privacy Policy | Schaltag AG
As of February 2025
General note
Data protection concerns personal data. This is any information relating to an identified or identifiable natural person, the so-called data subject. Examples include personal details such as name, postal and email addresses, and telephone numbers.Purpose and scope
Protecting privacy when processing personal data and ensuring the security of all business data is of paramount importance to Schaltag. We process personal data responsibly and in accordance with the legal provisions of the Swiss Federal Act on Data Protection (FADP) and the EU General Data Protection Regulation (GDPR). We consider safeguarding your data protection rights to be part of our social responsibility. This data protection policy applies to Schaltag, its controlled companies, and their management bodies and employees. Each company is responsible for compliance with this policy and the respective national data protection laws. Where national regulations provide for a higher level of protection for personal data, these take precedence over this policy.The person responsible and his EU representative
The responsible party within the meaning of the EU General Data Protection Regulation (GDPR) is:Schaltag AG
Industriestrasse 8
8307 Effretikon
Switzerland
Telephone: +41 52 354 27 27
E-mail:
Website: https://www.schaltag.com/de/
Represented by Dominik Hanslin, Managing Director
EU Data Protection Representative pursuant to Article 27 GDPR
Schaltag CZ sroMoravska 1571
562 01 Ústí nad Orlicí
Czech Republic
Telephone: +420 465 562 600
E-mail:
Website: www.schaltag.cz
Represented by Lucie Horská, Managing Director
Data Protection Officer
Data Protection Officer of the controller:Birgit Hofmann
Industriestrasse 8
8307 Effretikon
Switzerland
Lawfulness of processing
In accordance with Article 13 of the GDPR, we inform you of the legal bases for our data processing. If the legal basis is not specified in the privacy policy, the following applies:- The legal basis for obtaining consent is Art. 6 para. 1 lit. a and Art. 7 GDPR
- - The legal basis for processing data to fulfill our services and implement contractual measures, as well as to answer inquiries, is Article 6(1)(b) GDPR
- The legal basis for processing to fulfill our legal obligations is Article 6(1)(c) GDPR and
- The legal basis for processing to protect our legitimate interests is Art. 6 para. 1 lit. f GDPR.
- In the event that the processing of personal data is necessary to protect the vital interests of the data subject or of another natural person, Article 6(1)(d) GDPR serves as the legal basis.
Data processing
Personal data is any information relating to an identified or identifiable natural person. A data subject is a person whose personal data is processed. Processing includes any handling of personal data, regardless of the means and procedures used, in particular the retention, disclosure, collection, erasure, storage, alteration, destruction, and use of personal data.We process personal data in accordance with Swiss data protection law. Furthermore, to the extent that the EU GDPR is applicable, we process personal data in accordance with the following legal bases pursuant to Article 6(1) GDPR:
- Consent (Art. 6 para. 1 sentence 1 lit. a. GDPR) - The data subject has given consent to the processing of his or her personal data for one or more specific purposes.
- Contractual performance and pre-contractual inquiries (Art. 6 para. 1 sentence 1 lit. b. GDPR) - The processing is necessary for the performance of a contract to which the data subject is a party or in order to take steps at the request of the data subject prior to entering into a contract.
- Legal obligation (Art. 6 para. 1 sentence 1 lit. c. GDPR) - The processing is necessary for compliance with a legal obligation to which the controller is subject.
- Protection of vital interests (Art. 6 para. 1 sentence 1 lit. d GDPR) - The processing is necessary to protect the vital interests of the data subject or of another natural person.
- Legitimate interests (Art. 6 para. 1 sentence 1 lit. f. GDPR) - Processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data.
- Application process as a pre-contractual or contractual relationship (Art. 9 para. 2 lit. b GDPR) - Insofar as special categories of personal data within the meaning of Art. 9 para. 1 GDPR (e.g., health data, such as severe disability or ethnic origin) are requested from applicants during the application process so that the controller or the data subject can exercise their rights and fulfill their obligations under employment law and social security and social protection law, their processing is carried out in accordance with Art. 9 para. 2 lit. b GDPR, in the case of protecting the vital interests of the applicants or other persons in accordance with Art. 9 para. 2 lit. c GDPR, or for purposes of preventive or occupational medicine, for assessing the employee's fitness for work, for medical diagnosis, the provision of health or social care or treatment, or for the management of health or social care systems and services in accordance with Art. 9 para. 2 lit. h GDPR. In the case of the disclosure of special categories of data based on voluntary consent, their processing is carried out on the basis of Art. 9 para. 2 lit. a. GDPR.
We process personal data for the duration necessary for the respective purpose(s). Where longer retention periods are required due to legal or other obligations to which we are subject, we restrict processing accordingly.
Recipients of personal data
Within the company, only those individuals who need your personal data for the stated purposes have access to it. External recipients only receive your personal data if there is a legal basis for doing so or if you have given your consent.Data transfer to third countries
If we process data in a third country (i.e., outside the European Union (EU) and the European Economic Area (EEA)) or if processing takes place in the context of using third-party services or disclosing or transferring data to other persons, bodies, or companies, this is done only in accordance with legal requirements. Subject to explicit consent or where transfer is required by contract or law, we process data only in third countries with a recognized level of data protection, contractual obligations through so-called standard contractual clauses of the EU Commission, certifications, or binding internal data protection regulations (Art. 16 GDPR, Art. 44 to 49 GDPR, EU Commission information page: https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection_de).Cookies
Our website uses cookies. Cookies are text files that contain data from visited websites or domains and are stored by a browser on the user's computer. A cookie primarily serves to store information about a user during or after their visit to an online service. The stored information can include, for example, language settings on a website, login status, items in a shopping cart, or the point at which a video was paused. We also include other technologies that perform the same functions as cookies in the term "cookies" (e.g., when user data is stored using pseudonymous online identifiers, also known as "user IDs").The following cookie types and functions are distinguished:
- Temporary cookies (also known as session cookies): Temporary cookies are deleted at the latest after a user leaves an online service and closes their browser.
- Persistent cookies: Persistent cookies remain stored even after the browser is closed. This allows, for example, login status to be saved or preferred content to be displayed directly when the user revisits a website. Similarly, user interests, which are used for audience measurement or marketing purposes, can be stored in such a cookie.
- First-party cookies: First-party cookies are set by us.
- Third-party cookies: Third-party cookies are mainly used by advertisers (so-called third parties) to process user information.
- Necessary (also: essential or absolutely required) cookies: Cookies may be absolutely necessary for the operation of a website (e.g. to save logins or other user input, or for security reasons).
- Statistics, marketing, and personalization cookies: Cookies are also typically used for audience measurement and when a user's interests or behavior (e.g., viewing specific content, using certain functions, etc.) on individual websites are stored in a user profile. Such profiles are used to show users content that matches their potential interests. This process is also known as "tracking," i.e., monitoring users' potential interests. If we use cookies or tracking technologies, we will inform you separately in our privacy policy or when obtaining your consent.
Information on the legal basis: The legal basis for processing your personal data using cookies depends on whether we ask for your consent. If so, and you consent to the use of cookies, the legal basis for processing your data is your explicit consent. Otherwise, data processed using cookies is processed based on our legitimate interests (e.g., in the efficient operation and improvement of our online services) or, if the use of cookies is necessary to fulfill our contractual obligations.
Storage period: Unless we provide you with explicit information on the storage period of persistent cookies (e.g., as part of a so-called cookie opt-in), please assume that the storage period can be up to two years.
General information on revocation and objection (opt-out): Depending on whether processing is based on consent or legal permission, you have the right to revoke any consent you have given or to object to the processing of your data by cookie technologies at any time (collectively referred to as "opt-out"). You can initially declare your objection via your browser settings, e.g., by disabling the use of cookies (although this may also restrict the functionality of our online services). An objection to the use of cookies for online marketing purposes can also be declared via a variety of services, especially in the case of tracking, through the websites https://optout.aboutads.info and https://www.youronlinechoices.com/. You can also find further information on how to object in the details provided about the service providers and cookies used.
Processing of cookie data based on consent: We use a cookie consent management process to obtain, manage, and revoke user consent for the use of cookies and the processing activities and providers mentioned within the cookie consent management process. The consent declaration is stored to avoid having to request it again and to be able to demonstrate consent in accordance with legal requirements. Storage can be server-side and/or in a cookie (so-called opt-in cookie, or using comparable technologies) to assign the consent to a user or their device. Subject to individual information regarding the providers of cookie management services, the following applies: The storage period for consent can be up to two years. A pseudonymous user identifier is created and stored along with the time of consent, information on the scope of the consent (e.g., which categories of cookies and/or service providers), and the browser, operating system, and device used.
- Types of data processed: Usage data (e.g. websites visited, interest in content, access times), meta/communication data (e.g. device information, IP addresses).
- Affected persons: Users (e.g., website visitors, users of online services).
- Legal basis: Consent (Art. 6 para. 1 sentence 1 lit. a. GDPR), Legitimate interests (Art. 6 para. 1 sentence 1 lit. f. GDPR).
Web analytics
Privacy policy for SSL/TLS encryption
This website uses SSL/TLS encryption for security reasons and to protect the transmission of confidential information, such as inquiries you send to us as the website operator. You can recognize an encrypted connection by the fact that the browser's address bar changes from http:// to https:// and by the padlock icon in your browser's address bar. When SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.Data transmission security (without SSL)
Please note that data transmitted over an open network such as the internet or an email service without SSL encryption is visible to everyone. You can recognize an unencrypted connection by the fact that the browser's address bar displays http:// but no padlock icon is shown. Information transmitted over the internet and content received online may be transmitted via third-party networks. We cannot guarantee the confidentiality of messages or documents transmitted via such open or third-party networks.When you disclose personal information via an open network or third-party networks, you should be aware that your data may be lost or that third parties could potentially access this information and consequently collect and use the data without your consent. While in many cases individual data packets are transmitted in encrypted form, the names of the sender and recipient are not. Even if the sender and recipient reside in the same country, data transmission via such networks often occurs without oversight via third countries, i.e., countries that do not offer the same level of data protection as your country of residence. We assume no responsibility for the security of your data during transmission over the internet and disclaim all liability for direct and indirect losses. We urge you to use other means of communication if you deem this necessary or advisable for security reasons. Despite extensive technical and organizational security measures, data may still be lost or intercepted and/or manipulated by unauthorized parties. We implement appropriate technical and organizational security measures to prevent this within our system to the extent possible. Your computer is currently outside of our controlled security perimeter. It is your responsibility as the user to inform yourself about the necessary security precautions and to take appropriate measures. As the website operator, we are in no way liable for any damages that may arise from data loss or manipulation. Data that you enter in online forms may be shared with and viewed by authorized third parties for order processing purposes, and may be processed by them.
Privacy policy for server log files
The provider of this website automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. This information includes:- Browser type and browser version
- Operating system used
- Referrer URL
- Hostname of the accessing computer
- Time of server request
This data will not be combined with other data sources. We reserve the right to review this data subsequently if we become aware of concrete indications of unlawful use.
MailShare
Content from websites and social networks can also be shared via email (so-called MailShare). When an email is sent using this function, the data protection regulations of the respective email provider apply (e.g., Gmail, GMX, Hotmail, etc., or, depending on the case, an employer's email address). The email data entered by the user for the MailShare function is not stored by Schaltag.Integrated third-party services/social media plug-ins and social networks
Our website integrates content and services from other providers, such as Facebook, Twitter, YouTube, and Google (Google Ads, Google Analytics, and Google Tag Manager), using social media plugins. These providers may use cookies. Schaltag has no control over the data collected by these social networks via their respective plugins. The respective privacy policies of these providers provide information on the purpose and scope of data collection, further processing and use of the data by the social network, as well as your rights and privacy settings.Social plug-ins from Meta (Facebook/Instagram)
Facebook is operated by Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. If your habitual residence is not in the European Union or Switzerland, then Meta Park, 1 Facebook Wy, Menlo Park, California, USA, applies. Meta's privacy policy can be found at the following link: https://www.facebook.com/policy.Social plugins from YouTube
YouTube is operated by Google Ireland Limited; Gordon House; Barrow Street; Dublin 4; Ireland. If you are habitually resident outside the European Union or Switzerland, then Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, applies. YouTube's privacy policy can be found at the following link: https://policies.google.com/privacy?hl=de&gl=de.Social plug-ins from «X»
X (formerly Twitter) is operated by X Corp., 865 FM-1209, Bastrop, Texas 78602, USA. X's privacy policy can be found at the following link: https://X.com/de/privacy.LinkedIn social plugins
LinkedIn is operated by LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA. LinkedIn's privacy policy can be found at the following link: https://www.linkedin.com/legal/privacy-policy.Google's social plug-ins
Google services are operated by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, if you are habitually resident in the European Economic Area or Switzerland. If you are habitually resident in the UK or the USA, please contact Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Google's privacy policy can be found at the following link: https://policies.google.com/privacy?hl=de&gl=de.Privacy policy for contact form
If you send us inquiries via the contact form, your information from the inquiry form, including the contact details you provided, will be stored by us for the purpose of processing the inquiry and in case of follow-up questions. We will not share this data without your consent.Privacy policy for newsletter data
If you wish to subscribe to Schaltag's newsletter, we require your email address and information that allows us to verify that you are the owner of the email address provided and that you consent to receiving the newsletter. No further data is collected. We use this data exclusively for sending the requested information and do not share it with third parties.You can revoke your consent to the storage of your data, email address and its use for sending the newsletter at any time, for example via the "unsubscribe link" in the newsletter.
Contractual services
We process data from our contractual and business partners, e.g., customers and prospective customers (collectively referred to as "contractual partners"), within the framework of contractual and similar legal relationships, as well as related measures and in the context of communication with the contractual partners (or in the pre-contractual phase), e.g., to answer inquiries. We process this data to fulfill our contractual obligations, to safeguard our rights, and for the purposes of the administrative tasks associated with this information, as well as for business organization. We only disclose contractual partner data to third parties in accordance with applicable law to the extent that this is necessary for the aforementioned purposes, to fulfill legal obligations, or with the consent of the data subjects (e.g., to participating telecommunications, transport, and other support services, as well as subcontractors, banks, tax and legal advisors, payment service providers, or tax authorities). Contractual partners are informed about further forms of processing, e.g., for marketing purposes, within the framework of this privacy policy. We inform our contractual partners which data is required for the aforementioned purposes before or during data collection, e.g., in online forms, through special markings (e.g., colors) or symbols (e.g., asterisks, etc.), or personally. We delete the data after the expiry of statutory warranty periods and comparable obligations, i.e., generally after 4 years, unless the data is stored in a customer account, e.g., as long as it must be retained for legal reasons (e.g., for tax purposes, generally 10 years). Data disclosed to us by the contractual partner within the scope of an order is deleted according to the order specifications, generally after the order has ended. Insofar as we use third-party providers or platforms to provide our services, the terms and conditions and privacy policies of the respective third-party providers or platforms apply to the relationship between users and these providers. Customer account: Contractual partners can create an account within our online service (e.g., customer or user account, hereinafter referred to as "customer account"). If registration of a customer account is required, contractual partners will be informed of this, as well as the information required for registration. Customer accounts are not public and cannot be indexed by search engines. During registration, as well as subsequent logins and use of the customer account, we store the customer's IP address along with the access times in order to verify registration and prevent any misuse of the customer account. If customers have terminated their customer account, the data relating to the customer account will be deleted, unless its retention is required for legal reasons. It is the customer's responsibility to back up their data after terminating their customer account.Analyses and market research
For business reasons, to identify market trends, and to understand the needs of our contractual partners and users, we analyze the data we have on business transactions, contracts, inquiries, etc. The group of data subjects may include contractual partners, prospective customers, customers, visitors, and users of our online services. These analyses are conducted for the purposes of business evaluations, marketing, and market research (e.g., to identify customer groups with different characteristics). Where available, we may consider the profiles of registered users, including their information such as details of services used. These analyses are solely for our internal use and will not be disclosed externally, unless they are anonymous analyses with aggregated, i.e., anonymized, data. Furthermore, we respect user privacy and process data for analytical purposes as pseudonymously as possible and, where feasible, anonymously (e.g., as aggregated data). For example, we use Google Analytics on our website, which allows us to anonymously track the total number of visits, the number of users, and much more. Furthermore, we use Google Ads to attract potential customers who are searching for our products online. However, even here, connections to our website are established without collecting any personal customer data, thus ensuring the highest possible level of customer privacy. This also applies to the Google Tag Manager, which allows a user account to be created based on the customer's Google account, subject to their confirmation.Business communication via Microsoft Teams and SharePoint
We use Microsoft Teams for standard business communication, such as online meetings and video conferences. If online meetings are to be recorded, we will inform you before they begin and request your verbal consent beforehand. If necessary for the purpose of documenting the content of an online meeting, we will save the chat content. Microsoft Teams is a service of Microsoft Ireland Operations, Ltd. Various types of data are processed when using Microsoft Teams. The scope of the data also depends on the information you provide before or during your participation in an online meeting.The following personal data are processed:
- User information: Display name, email address, profile picture (optional), preferred language
- Meeting metadata: e.g., date, time, meeting ID, phone number, location
- Text, audio, and video data: You may have the option to use the chat function in an online meeting. In this case, the text you enter will be processed and displayed in the online meeting.
To enable video display and audio playback, data from your device's microphone and webcam will be processed for the duration of the meeting. You can disable or mute your camera or microphone at any time using the Microsoft Teams application. The Microsoft Teams privacy policy can be found at the following link: https://learn.microsoft.com/de-de/microsoftteams/teams-privacy.
Data security
Schaltag takes the necessary technical and organizational measures (TOMs) to ensure an appropriate level of protection and to safeguard your data, which we manage, from the risks of accidental or unlawful destruction, loss, manipulation, alteration, unauthorized disclosure, or unauthorized access. We continuously adapt these security measures to technological developments.Processing of particularly sensitive data
The processing of particularly sensitive personal data may only take place if this is required or permitted by law. Schaltag may process such data if the data subject has expressly consented to the processing, or if the processing is strictly necessary to establish, exercise, or defend legal claims against the data subject.Data minimization and storage duration
The collection and storage of personal data must be adequate, relevant, and limited to what is necessary for the purposes of processing. Data may only be stored for as long as it is necessary for the purpose for which it was collected, or until you have effectively objected to the processing of your data or effectively withdrawn your consent. If any statutory retention periods apply, the data will be archived for the prescribed duration. If, after the statutory retention period has expired, there is no longer a need to store the data, it will be deleted.Data subject rights
Right to confirmation
Every data subject has the right to request confirmation from the website operator as to whether personal data concerning them is being processed. If you wish to exercise this right of confirmation, you can contact the data protection officer at any time.Right to information
Any individual whose personal data is being processed has the right to obtain, at any time and free of charge, information from the operator of this website about the personal data stored concerning them and a copy of this information. Furthermore, information may be provided regarding the following:- the processing purposes
- the categories of personal data that are processed
- the recipients to whom the personal data have been or will be disclosed
- If possible, the planned duration for which the personal data will be stored, or, if this is not possible, the criteria used to determine that duration
- the existence of a right to rectification or erasure of personal data concerning them or to restriction of processing by the controller or a right to object to such processing
- the existence of a right to lodge a complaint with a supervisory authority
- If the personal data are not collected from the data subject: all available information about the source of the data
If you wish to exercise this right to information, you can contact our data protection officer at any time.
Right to rectification
Every data subject has the right to request the immediate rectification of inaccurate personal data concerning him or her. Furthermore, taking into account the purposes of the processing, the data subject has the right to request the completion of incomplete personal data, including by means of a supplementary statement.If you wish to exercise this right to rectification, you can contact our data protection officer at any time.
Right to erasure (right to be forgotten)
Any person whose personal data is being processed has the right to request from the controller of this website that the personal data concerning him or her be erased without undue delay, provided that one of the following grounds applies and the processing is not necessary:- The personal data were collected or otherwise processed for purposes for which they are no longer necessary.
- The data subject withdraws their consent on which the processing was based, and there is no other legal basis for the processing.
- The data subject objects to the processing on grounds relating to his or her particular situation and there are no overriding legitimate grounds for the processing, or the data subject objects to the processing in the case of direct marketing and related profiling.
- The personal data was processed unlawfully.
- The erasure of personal data is necessary for compliance with a legal obligation under Union or Member State law to which the controller is subject.
- The personal data was collected in relation to information society services offered directly to a child.
Right to restriction of processing
Any person whose personal data is being processed has the right to request from the controller of this website the restriction of processing if one of the following conditions is met:- The accuracy of the personal data is contested by the data subject, for a period enabling the controller to verify the accuracy of the personal data.
- The processing is unlawful, the data subject refuses to have their personal data erased and requests instead the restriction of its use.
- The controller no longer needs the personal data for the purposes of processing, but the data subject needs it for the establishment, exercise or defense of legal claims.
- The data subject has objected to the processing on grounds relating to his or her particular situation, and it is not yet clear whether the legitimate grounds of the controller override those of the data subject.
Right to data portability
Every data subject has the right to receive the personal data concerning him or her in a structured, commonly used and machine-readable format. He or she also has the right to have this data transmitted to another controller, provided the legal requirements are met.Furthermore, the data subject has the right to have the personal data transmitted directly from one controller to another, where technically feasible and provided that this does not adversely affect the rights and freedoms of other persons.
To assert your right to data portability, you can contact the data protection officer appointed by the operator of this website at any time.
Right to object
Any person whose personal data is being processed has the right to object, on grounds relating to his or her particular situation, at any time to processing of personal data concerning him or her.The operator of this website will no longer process your personal data if you object to its processing, unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves the purpose of establishing, exercising or defending legal claims. To exercise your right to object, you can contact the data protection officer of this website directly.
Right to withdraw consent under data protection law
Every person whose personal data is being processed has the right to withdraw their consent to the processing of their personal data at any time.If you wish to exercise your right to withdraw your consent, you can contact our data protection officer at any time.