Privacy Policy | Schaltag AG

As of February 2025

General remark

Data protection concerns personal data. This is all information that relates to an identified or identifiable natural person, the so-called data subject. For example, this is personal information such as name, postal and e-mail addresses and telephone numbers.

purpose and scope

Protecting privacy in the processing of personal data and the security of all business data is an important concern for the switch day. We process personal data responsibly and in accordance with the legal provisions of the Swiss Federal Act on Data Protection (DSG) and the EU General Data Protection Regulation (GDPR). We consider the protection of your data protection rights as part of our social responsibility. This data protection regulation applies to the switching day, the companies controlled by it and their executive organs and employees. The individual companies are responsible for compliance with this guideline and the respective national data protection laws. If national regulations provide for a higher level of protection for personal data, these apply primarily to this directive.

Controller and his EU representative

Responsible within the meaning of the EU General Data Protection Regulation (GDPR) is:

Schaltag AG
Industriestrasse 8
8307 Effretikon
Switzerland

Telephone: +41 52 354 27 27
E-mail:
Website: https://www.schaltag.com/de/

Represented by Dominik Hanslin, Managing Director

EU data protection representative according to Art. 27 GDPR

Schaltag CZ sro
Moravska 1571
562 01 Usti nad Orlici
Czech Republic

Telephone: +420 465 562 600
E-mail:
Website: www.schaltag.cz

Represented by Lucie Horská, Managing Director

Data Protection Officer

Data protection officer of the person responsible:

Birgit Hofmann
Industriestrasse 8
8307 Effretikon
Switzerland

lawfulness of processing

In accordance with Art. 13 GDPR, we will inform you of the legal basis for our data processing. If the legal basis is not mentioned in the data protection declaration, the following applies:

The legal basis for obtaining consent is Article 6(1)(a) and Article 7 GDPR,
- The legal basis for the processing of our services and implementation of contractual measures as well as answering inquiries is Art. 6 Para. 1 lit. b GDPR,
the legal basis for processing to fulfill our legal obligations is Article 6 (1) (c) GDPR and
the legal basis for processing to safeguard our legitimate interests is Article 6 (1) (f) GDPR.
In the event that vital interests of the data subject or another natural person require the processing of personal data, Article 6 Paragraph 1 lit. d GDPR serves as the legal basis.

data processing

Personal data is all information that relates to a specific or identifiable person. A data subject is a person about whom personal data is processed. Processing includes any handling of personal data, regardless of the means and procedures used, in particular the storage, disclosure, procurement, deletion, storage, modification, destruction and use of personal data.
We process personal data in accordance with Swiss data protection law. In addition, we process personal data in accordance with the following legal bases in connection with Art. 6 Para. 1 GDPR - insofar as and insofar as the EU GDPR is applicable:

Consent (Art. 6 Para. 1 S. 1 lit. a. GDPR) - The person concerned has given their consent to the processing of their personal data for a specific purpose or several specific purposes.
Fulfillment of contract and pre-contractual inquiries (Art. 6 Para. 1 S. 1 lit. b. DSGVO) - The processing is necessary for the fulfillment of a contract to which the data subject is a party, or for the implementation of pre-contractual measures which are required at the request of the data subject take place.
Legal obligation (Art. 6 Para. 1 S. 1 lit. c. GDPR) - The processing is necessary to fulfill a legal obligation to which the person responsible is subject.
Protection of vital interests (Art. 6 Para. 1 S. 1 lit. d. GDPR) - Processing is necessary to protect vital interests of the data subject or another natural person.
Legitimate interests (Art. 6 Para. 1 S. 1 lit. f. GDPR) - Processing is necessary to safeguard the legitimate interests of the person responsible or a third party, unless the interests or fundamental rights and freedoms of the data subject, which protect personal Data require prevail.
Application procedure as a pre-contractual or contractual relationship (Art. 9 Para. 2 lit. b GDPR) - Insofar as special categories of personal data within the meaning of Art. 9 Para. 1 GDPR (e.g. health data, such as severe disability or ethnic origin) are requested from applicants so that the person responsible or the person concerned can exercise the rights arising from labor law and the law of social security and social protection and fulfill his or her obligations in this regard, their processing takes place in accordance with Art. 9 para 2 letter b. GDPR, in the case of protecting the vital interests of applicants or other persons in accordance with Art. 9 (2) lit. c. DSGVO or for the purposes of health care or occupational medicine, for the assessment of the employee's ability to work, for medical diagnostics, care or treatment in the health or social area or for the administration of systems and services in the health or social area in accordance with Art. 9 Paragraph 2 lit. h. GDPR. In the case of a notification of special categories of data based on voluntary consent, their processing takes place on the basis of Article 9 Paragraph 2 lit. GDPR.

We process personal data for the duration necessary for the respective purpose or purposes. In the case of longer-lasting storage obligations due to legal and other obligations to which we are subject, we restrict processing accordingly.

Recipients of personal data

In the company, only those people have access to their personal data that they need for the purposes mentioned. External recipients only receive your personal data if there is a legal basis or your consent.

Data transfer to third countries

If we process data in a third country (ie outside the European Union (EU), the European Economic Area (EEA)) or the processing within the framework of the use of third-party services or the disclosure or transmission of data to other persons, bodies or companies takes place, this is only done in accordance with the legal requirements. Subject to express consent or contractually or legally required transmission, we only process the data in third countries with a recognized level of data protection, contractual obligation through so-called standard protection clauses of the EU Commission, if there are certifications or binding internal data protection regulations (Art. 16 DSG, Art. 44 bis 49 GDPR, information page of the EU Commission: https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection_de).

cookies

Our website uses cookies. Cookies are text files that contain data from visited websites or domains and are stored by a browser on the user's computer. A cookie primarily serves to save the information about a user during or after visiting an online offer. The stored information can include, for example, the language settings on a website, login status, a shopping cart or the place where a video was watched. The concept of cookies also includes other technologies that fulfill the same functions as cookies (e.g. if the user is stored by pseudonym online drawings, also referred to as "user IDs").

The following cookie types and functions are distinguished:

Temporary cookies (also: session or session cookies): Temporary cookies are deleted at the latest after a user has left an online offer and closed his browser.
Permanent cookies: Permanent cookies remain stored even after the browser is closed. For example, the login status can be saved or preferred content can be displayed directly when the user visits a website again. Likewise, the interests of users, which are used to measure reach or for marketing purposes, can be stored in such a cookie.
First-party cookies: First-party cookies are set by us.
Third-party cookies (also: third-party cookies): Third-party cookies are mainly used by advertisers (so-called third parties) to process user information.
Necessary (also: essential or absolutely necessary) cookies: On the one hand, cookies can be absolutely necessary for the operation of a website (e.g. to save logins or other user entries or for security reasons).
Statistics, marketing and personalization cookies: Cookies are also usually used to measure range and when the interests of a user or his behavior (e.g. viewing certain content, using functions, etc.) on individual websites in a user profile get saved. Such profiles are used to show users, for example, content that corresponds to their potential interests. This process is also known as "tracking", ie tracking the potential interests of users. If we use cookies or "tracking" technologies, we will inform you separately in our data protection declaration or when obtaining consent.

Notes on legal bases: The legal basis on which we process your personal data using cookies depends on whether we ask for your consent. If this is the case and you consent to the use of cookies, the legal basis for the processing of your data is the declared consent. Otherwise, the data processed with the help of cookies will be processed on the basis of our legitimate interests (e.g. in the commercial operation of our online offer and its improvement) or if the use of cookies is necessary to fulfill our contractual obligations.

Storage period: If we do not provide you with any explicit information on the storage period of permanent cookies (e.g. as part of a so-called cookie opt-in), please assume that the storage period can be up to two years.

General information on revocation and objection (opt-out): Depending on whether the processing is based on consent or legal permission, you have the option at any time to revoke your consent or to object to the processing of your data by cookie technologies ( collectively referred to as "opt-out"). You can initially declare your objection using the settings in your browser, e.g. by deactivating the use of cookies (which can also limit the functionality of our online offer). An objection to the use of cookies for online marketing purposes can also be declared using a variety of services, especially in the case of tracking, via the websites https://optout.aboutads.info and https://www.youronlinechoices.com/ will. In addition, you can receive further objection notices as part of the information on the service providers and cookies used.

Processing of cookie data on the basis of consent: We use a cookie consent management procedure, in the context of which the user consents to the use of cookies or the processing mentioned in the context of the cookie consent management procedure and providers can be obtained and managed and revoked by the users. The declaration of consent is stored here so that the query does not have to be repeated and to be able to prove the consent in accordance with the legal obligation. The storage can take place on the server side and/or in a cookie (so-called opt-in cookie, or with the help of comparable technologies) in order to be able to assign the consent to a user or his device. Subject to individual information about the providers of cookie management services, the following information applies: The duration of the storage of the consent can be up to two years. A pseudonymous user identifier is created and stored with the time of the consent, information on the scope of the consent (e.g. which categories of cookies and/or service providers) and the browser, system and end device used.

Types of data processed: usage data (e.g. websites visited, interest in content, access times), meta/communication data (e.g. device information, IP addresses).
Affected persons: users (e.g. website visitors, users of online services).
Legal basis: consent (Art. 6 Para. 1 S. 1 lit. a. GDPR), legitimate interests (Art. 6 Para. 1 S. 1 lit. f. GDPR).

web analytics

Data protection declaration for SSL/TLS encryption

This website uses SSL/TLS encryption for security reasons and to protect the transmission of confidential content, such as requests that you send to us as the site operator. You can recognize an encrypted connection by the fact that the address line of the browser changes from http:// to https:// and by the lock symbol in your browser line. If SSL or TLS encryption is activated, the data that you transmit to us cannot be read by third parties.

Data transmission security (without SSL)

Please note that data that is transmitted via an open network such as the Internet or an email service without SSL encryption can be viewed for everyone. You can see an unencrypted connection from the fact that the address line of the browser http: // is not displayed but no lock symbol is displayed in your browser line. Information that is transmitted via the Internet and content received online can possibly be transmitted via the networks of third -party networks. We cannot guarantee the confidentiality of communications or documents that are transmitted via such open networks or networks by third -party providers.

If you announce personal information via an open network or networks of third -party providers, you should be aware of the fact that your data will be lost or that third parties potentially access this information and consequently collect and use the data without your consent. In many cases, the individual data packets are transmitted encrypted, but not the names of the sender and the recipient. Even if the sender and the recipient live in the same country, data transmission via such networks is common and without controls also via third countries, ie also over countries that do not offer the same level of data protection as their domicilland. We do not take responsibility for the safety of your data during the transmission via the Internet and reject any liability for indirect and immediate losses. We ask you to use other means of communication, you should consider this to be necessary or reasonable for reasons of security. Despite extensive technical and organizational security measures, data may be lost or intercepted and/or manipulated by unauthorized persons. As far as possible, we meet suitable technical and organizational security measures to prevent this within our system. However, your computer is outside the security area that we control. As a user, it is up to you to find out about the necessary safety precautions and to take suitable measures in this regard. As a website operator, we are not liable for damage that can result from data loss or manipulation. Data that you specify in online forms can be passed on to commissioned third parties and viewed by them and at best processed.

Data protection declaration for server log files

The provider of this website automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:

Browser type and browser version
operating system used
Referrer URL
Host name of the accessing computer
Time of server request

This data cannot be assigned to certain people.

This data is not merged with other data sources. We reserve the right to check this data retrospectively if we become aware of specific indications for illegal use.

MailShare

Contents of websites and social networks can also be shared by email (so-called mail shape). If an email is sent via this function, the data protection regulations of the respective mail provider (e.g. Gmail, GMX, Hotmail, etc. or depending on the case are the email of an employer). The e-mail data entered by the user for the mail-share function are not saved from switching day.

Embedded third-party services/social media plug-ins and social networks

On our website, with the help of so-called social media plug-ins, content and services from other providers, e.g. Facebook, Twitter and YouTube and Google (Google Ads, Google Analytics and Google Tag Manager) are integrated, which in turn can use cookies. Schaltag has no influence on the data collected by social networks on the respective plug-ins. From the respective data protection information, the purpose and scope of the survey, the further processing and use of the data by the social network as well as the rights and attitudes concerned can be removed to protect your privacy of the provider.

Meta Social Plugins (Facebook/Instagram)

Facebook is operated by the Meta Plattforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbor, Dublin 2, Ireland. If you have your habitual stay in the European Union or Switzerland, Meta Park, 1 Facebook WY, Menlo Park, California, USA. The data protection information from Meta can be found at the following link: https://www.facebook.com/policy.

YouTube Social Plugins

YouTube is operated by Google Ireland Limited; Gordon House; Barrow Street; Dublin 4; Ireland. If you have your habitual stay outside the European Union or Switzerland, then Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA applies. The data protection information from YouTube can be found at the following link: https://policies.google.com/privacy?hl=de&gl=de.

Social plug-ins from «X»

X (formerly Twitter) is operated by X Corp., 865 FM-12209, BASTROP, TEXAS 78602, USA. You can find the data protection information from X at the following link: https://x.com/de/privacy.

LinkedIn social plugins

LinkedIn is operated by LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA. LinkedIn's privacy policy can be found under the following link: https://www.linkedin.com/legal/privacy-policy.

Social plug-ins from Google

Google is operated by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, if you have your habitual stay in the European Evaluation Remedies or Switzerland. If you have your habitual stay in UK or America, then contact Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA. You can find Google's data protection information at the following link: https://policies.google.com/privacy?hl=de&gl=de.

Privacy Policy for Contact Form

If you send us inquiries via the contact form, your details from the inquiry form, including the contact details you provided there, will be stored by us for the purpose of processing the inquiry and in the event of follow-up questions. We do not pass on this data without your consent.

Data protection declaration for newsletter data

If you would like to receive the newsletter offered by Schaltag, we need an e-mail address from you as well as information that allows us to verify that you are the owner of the e-mail address provided and that you agree to receive the newsletter. Further data is not collected. We use this data exclusively for sending the requested information and do not pass it on to third parties.
You can revoke your consent to the storage of the data, the e-mail address and their use for sending the newsletter at any time, for example via the "unsubscribe link" in the newsletter.

Contractual Services

We process the data of our contractual and business partners, e.g. customers and interested parties (collectively referred to as "contractual partners") within the framework of contractual and comparable legal relationships and related measures and within the framework of communication with the contractual partners (or pre-contractual), e.g respond. We process this data to fulfill our contractual obligations, to safeguard our rights and for the purposes of the administrative tasks associated with this information and the corporate organization. We only pass on the data of the contractual partners to third parties within the framework of the applicable law to the extent that this is necessary for the aforementioned purposes or to fulfill legal obligations or with the consent of the persons concerned (e.g. to telecommunications, transport and other auxiliary services involved as well as subcontractors, banks, tax and legal advisors, payment service providers or tax authorities). The contractual partners will be informed about other forms of processing, e.g. for marketing purposes, within the scope of this data protection declaration. We inform the contractual partners which data is required for the aforementioned purposes before or during data collection, e.g. in online forms, by means of special markings (e.g. colours) or symbols (e.g. asterisks or similar), or personally. We delete the data after statutory warranty and comparable obligations have expired, i.e. generally after 4 years, unless the data is stored in a customer account, e.g. for as long as it has to be kept for legal archiving reasons (e.g. for tax purposes usually 10 years). We delete data disclosed to us by the contractual partner as part of an order in accordance with the specifications of the order, generally after the end of the order. Insofar as we use third-party providers or platforms to provide our services, the terms and conditions and data protection notices of the respective third-party providers or platforms apply in the relationship between the users and the providers. Customer account: Contractual partners can create an account within our online offer (e.g. customer or user account, "customer account" for short). If it is necessary to register a customer account, contractual partners will be informed of this as well as of the information required for registration. Customer accounts are not public and cannot be indexed by search engines. As part of the registration and subsequent registrations and uses of the customer account, we save the IP addresses of the customers together with the access times in order to be able to prove the registration and to prevent any misuse of the customer account. If customers have terminated their customer account, the data relating to the customer account will be deleted, subject to their retention being required for legal reasons. It is the customer's responsibility to back up their data upon termination of the customer account.

Analysis and market research

For business reasons, market tendencies and to be able to recognize the wishes of the contractual partners and users, we analyze the data available to us on business processes, contracts, inquiries, etc., whereby the group of people concerned can fall contractual partners, interested parties, customers, visitors and users of our online offer. The analyzes are carried out for the purpose of business evaluations, marketing and market research (e.g. for determining customer groups with different properties). If available, we can take into account the profiles of registered users, including your information, for example, for example. The analyzes alone serve us and are not revealed externally, unless it is anonymous analyzes with summarized, i.e. anonymized values. We also take into account the privacy of the users and process the data for the analysis purposes as pseudonymous as possible and, if feasible, anonymously (e.g. as a merged data). The Google Analytics is switched on at the switching day, with which we experience the total number of access to our website, the number of users and much more on anonymous basis. With the help of Google Ads, we also try to draw the possible customers' attention to ourselves who are looking for our products online. But here too, the connections to our website are made without claiming customers' personal data in order to ensure the most possible data protection. This also applies to the Google Tag Manager with which a user account based on the Google Accounts can be created due to the confirmation by the customer.

Business communication via Microsoft Teams and SharePoint

We use Microsoft Teams to carry out the usual business communication, such as online meetings or video conferences. If online meetings are to be recorded, we will inform you of this before the start and ask for your verbal consent in advance. If it is necessary for the purpose of logging the content of an online meeting, we will save the chat content. Microsoft Teams is a service of Microsoft Ireland Operations, Ltd. When using Microsoft Teams, different types of data are processed. The scope of the data also depends on what information you provide before or when you participate in an "online meeting".

The following personal data are subject to processing:

User information: display name, email address, profile picture (optional), preferred language
Meeting metadata: e.g. B. Date, time, meeting ID, phone number, location
Text, audio and video data: You may have the option of using the chat function in an online meeting. In this case, the text you enter will be processed in order to display it in the online meeting.

In order to enable the display of video and the playback of audio, the data from the microphone of your end device and from a video camera on the end device are processed for the duration of the meeting. You can switch off or mute the camera or microphone yourself at any time via the Microsoft Teams applications. You can find Microsoft Teams’ data protection information under the following link: https://learn.microsoft.com/de-de/microsoftteams/teams-privacy.

data security

Schaltag takes the necessary technical and organizational measures (TOMs) to ensure an appropriate level of protection and to protect your data managed by us from the risks of unintentional or unlawful destruction, loss, manipulation, modification, unauthorized disclosure or unauthorized access. We constantly adapt the corresponding security measures to technological developments.

Processing of particularly sensitive data

The processing of particularly protective personal data may only be carried out if this is required or permitted by law. Processing of such data through the switching day may be permissible if the person concerned has expressly consented to the processing, the processing is imperative to exercise or defend legal claims towards the person concerned.

Data minimization and storage duration

The collection and storage of personal data must be adequate and relevant to the purpose and limited to what is reasonable in relation to the purposes of the processing. Storage may only take place for as long as it is necessary for the purpose or you have not effectively objected to the processing of your data or effectively revoked your consent. If there are any statutory retention periods, they will be archived for the prescribed period. If there is no need to store it after the statutory retention period has expired, your data will be deleted.

data subject rights

right to confirmation

Every data subject has the right to request confirmation from the operator of the website as to whether personal data relating to data subjects are being processed. If you would like to make use of this right of confirmation, you can contact the data protection officer at any time.

right to information

Each person affected by the processing has the right to receive free information from the operator of this website at any time about the personal data stored for him and a copy of this information. Furthermore, information can also be provided via the following information:

the processing purposes
the categories of personal data being processed
the recipients to whom the personal data have been disclosed or will be disclosed
if possible, the planned duration for which the personal data will be stored or, if this is not possible, the criteria used to determine that duration
the existence of a right to correction or deletion of the personal data concerning you or to restriction of processing by the person responsible or a right to object to this processing
the existence of a right of appeal to a supervisory authority
If the personal data is not collected by the data subject: all available information about the origin of the data

Furthermore, the data subject has a right to information as to whether personal data has been transmitted to a third country or to an international organization. If this is the case, the person concerned has the right to receive information about the appropriate guarantees in connection with the transmission.

If you would like to make use of this right to information, you can contact our data protection officer at any time.

Right to Rectification

Every person affected by the processing of personal data has the right to demand the immediate correction of incorrect personal data concerning them. Furthermore, the data subject has the right, taking into account the purposes of the processing, to request the completion of incomplete personal data - also by means of a supplementary declaration.

If you would like to make use of this right to rectification, you can contact our data protection officer at any time.

Right to erasure (right to be forgotten)

Any person affected by the processing of personal data has the right to demand from the person responsible for this website that the personal data concerning them be deleted immediately if one of the following reasons applies and if the processing is not necessary:

The personal data were collected for such purposes or otherwise processed for which they are no longer necessary.
The data subject revokes their consent on which the processing was based and there is no other legal basis for the processing.
The data subject objects to the processing for reasons arising from their particular situation and there are no overriding legitimate reasons for the processing, or the data subject objects to the processing in the case of direct advertising and associated profiling .
The personal data was processed unlawfully.
Erasure of the personal data is necessary to fulfill a legal obligation in Union or Member State law to which the controller is subject.
The personal data were collected in relation to information society services offered, made directly to a child.

If one of the above reasons applies and you wish to have personal data stored by the operator of this website deleted, you can contact our data protection officer at any time. The data protection officer of this website will ensure that the request for deletion is complied with immediately.

Right to restriction of processing

Any person affected by the processing of personal data has the right to request that the person responsible for this website restrict the processing if one of the following conditions is met:

The accuracy of the personal data is contested by the data subject for a period enabling the controller to verify the accuracy of the personal data.
The processing is unlawful, the data subject refuses to have the personal data deleted and instead requests that the use of the personal data be restricted.
The person responsible no longer needs the personal data for the purposes of processing, but the data subject needs them to assert, exercise or defend legal claims.
The data subject has lodged an objection to the processing for reasons that arise from their particular situation and it is not yet clear whether the legitimate reasons of the person responsible outweigh those of the data subject.

If one of the above conditions is met and you wish to request the restriction of personal data stored by the operator of this website, you can contact our data protection officer at any time. The data protection officer of this website will arrange for the restriction of processing.

Right to data portability

Every person affected by the processing of personal data has the right to receive the personal data concerning them in a structured, common and machine-readable format. You also have the right to have this data transmitted to another person responsible if the legal requirements are met.

Furthermore, the data subject has the right to have the personal data transmitted directly from one person responsible to another person responsible, insofar as this is technically feasible and provided that this does not affect the rights and freedoms of other persons.

To assert the right to data transferability, you can contact the data protection officer appointed by the operator of this website at any time.

right to object

Every person affected by the processing of personal data has the right to object at any time to the processing of personal data relating to them for reasons that arise from their particular situation.

The operator of this website will no longer process the personal data in the event of an objection, unless we can demonstrate compelling legitimate grounds for the processing which outweigh the interests, rights and freedoms of the data subject, or if the processing is necessary for the assertion, exercise or defense of legal claims. To exercise the right to object, you can contact the data protection officer of this website directly.

Right to withdraw consent under data protection law

Every person affected by the processing of personal data has the right to revoke a given consent to the processing of personal data at any time.

If you would like to assert your right to revoke your consent, you can contact our data protection officer at any time.

Miscellaneous

This data protection guideline comes into force with effect from September 1, 2023. Schaltag reserves to adapt the current circumstances from time to time from time to time. The version of February 2025 now applies.