Privacy policy
Based on Article 13 of the Swiss Federal Constitution and the data protection regulations of the federal government (Data Protection Act, DSG), every person has the right to protection of their privacy and protection against misuse of their personal data. We comply with these regulations. Personal data is treated as strictly confidential and is neither sold nor passed on to third parties.
Data protection has a particularly high priority for us. In principle, our website can be used without providing any personal data. However, if a data subject wants to use special company services via our website, processing of personal data could become necessary. If the processing of personal data is necessary and there is no legal basis for such processing, we generally obtain the consent of the person concerned.
The processing of personal data, such as the name, address, e‑mail address, or telephone number of a data subject is always in line with the General Data Protection Regulation (GDPR), and in accordance with the country-specific data protection regulations that apply to us. By means of this data protection declaration, our company would like to inform the public about the type, scope and purpose of the personal data we collect, use and process. Furthermore, data subjects are informed of the rights to which they are entitled by means of this data protection declaration.
We have implemented numerous technical and organizational measures to ensure the most complete protection possible for the personal data processed via this website. Nevertheless, Internet-based data transmissions can generally have security gaps, so that absolute protection cannot be guaranteed. For this reason, every person concerned is free to transmit personal data to us in alternative ways, for example by telephone.
The protection of your privacy is important to us. WALDIS Tresore AG attaches great importance to compliance with the relevant data protection regulations. We process your personal data in accordance with the processing principles set out in Art. 6 to 8 FADP. In this privacy policy, we provide you with comprehensive information about how we handle your personal data as a visitor to our website and explain your rights in connection with the processing of personal data in our company.
You will be informed about any relevant right of objection in our chapter “VII. Your rights”.
A. Scope of application
This privacy policy applies to all processing activities in connection with personal data:
- Visiting our website
- Contacting us
- Filling out one of the contact forms
- Management/updating of electronic locks
- Cookies
- Social Media
We regulate the processing of personal data of our employees exclusively within the framework of our employee contracts and with you as our customer within the framework of our contracts.
Depending on the data processing, in addition to the applicable Swiss law (Federal Act on Data Protection (FADP) of 25 September 2020, SR 235.1), European data protection law (Regulation (EU) 2016/679 (General Data Protection Regulation)) may also or exclusively apply.
Linked websites of other providers or websites that link to our website are not covered by this privacy policy.
B. Contact details of the responsible persons
WALDIS Tresore AG
Hofwisenstrasse 20
8153 Rümlang
E‑Mail: info@tresore.ch
Phone: +41 43 211 12 00
C. Contact details of the Swiss supervisory authority
Eidgenössischer Datenschutz- und Öffentlichkeitsbeauftragter
Feldeggweg 1
CH — 3003 Bern
Phone: +41 58 462 43 95
Contact form: https://www.edoeb.admin.ch/edoeb/de/home/deredoeb/kontakt/kontaktformular_datenschutz.html
Depending on your relationship with us, we process different personal data about you for different purposes and based on different legal bases.
A. Visiting our website
Data processing
When you visit our website, the browser used on your device automatically sends information to the server of our website. This information is temporarily stored in a so-called log file.
Personal data
The following information is collected without any action on your part and stored until it is automatically deleted:
- IP address of the requesting computer
- Name of the owner of the IP address range (usually your Internet access provider)
- Date and time of access
- Website from which the access was made (referrer URL), if applicable with the search term used
- Name and URL of the retrieved file
- Status code (e.g. error message)
- Amount of data sent in bytes
- Operating system of your computer
- Transmission protocol used (e.g. http/1.1)
- If applicable, your user name from a registration/authentication
- Browser used (type, version and language).
Purpose
The data in question is processed for the following purposes
- Ensuring a smooth connection to the website
- Ensuring a comfortable use of our website
- To analyse system security and stability and for other administrative purposes
- To improve and further develop our business and services
Service provider
Our website is hosted by Hostpoint AG, Neue Jonastrasse 60, 8640 Rapperswil-Jona, Switzerland (“Hostpoint”) The host has access to the website and thus to your personal data in the event of support.
Justification reason
There is a legitimate interest in the processing of your personal data pursuant to Art. 6 para. 1 sentence 1 lit. f GDPR.
Necessity
This information is necessary for the functioning of the website.
Retention period
At the end of your session, the session cookies are deleted, but we retain the log file in accordance with legal requirements.
B. Contacting us
Data processing
On our website, we offer you the opportunity to contact us directly by e‑mail or telephone. The reason for contacting us may be questions about bookings, payments and invoices, technical questions or questions on other topics or even feedback.
Personal data
The following personal data may be collected:
- First name and surname, company
- Your e‑mail or telephone number
- Information that you provide in writing or verbally
Purpose
The data in question is processed for the following purposes:
- Answering your enquiry
- Contacting you
Service providers
We use the following software and service providers to process your enquiry by email or telephone:
- Our email system runs via Microsoft Outlook from Microsoft Ireland Operations Ltd (“Microsoft”), South County Busi-ness Park, One Microsoft Place, D18P521, Leopardstown, Ireland, and is operated via a Microsoft Exchange Server. When an e‑mail is sent, Microsoft has access to the sender and the content of the message.
- Our telephone system is operated by e.e.com elektroanlagen ag, Hertistrasse 29, 8304 Wallisellen, in conjunction with the MiVoice Office 400 telephone software from Mitel Networks Corporation (“Mitel”) 350 Legget Drive, Ottawa, Ontario, Canada. Mitel has access to your telephone number through the call transfer and records parts of the call as part of the “Voice over IP” (VOIP) process so that the content of the call is not lost in the event of an interruption.
You can find more information on the handling of personal data in the respective data privacy statements of the service providers:
Microsoft: https://privacy.microsoft.com/de-de/privacystatement
Mitel: https://www.mitel.com/legal/policies
Legal basis
This data processing is carried out on the basis of contractual or precontractual measures in accordance with Art. 31 para. 2 lit. a FADP or Art. 6 para. 1 sentence 1 lit. b GDPR.
Necessity
This processing activity is not necessary for the functionality of the website.
Data transfers to third countries
Due to the use of MS Office, your personal data is also processed by Microsoft through the parent company in the USA. Microsoft Corp. is a participant in the EU‑U.S. and Swiss‑U.S. Data Privacy Frameworks. This means that your personal data can be transferred to Microsoft in the USA without the need for additional guarantees.
Due to the use of MiVoice Office 400, your personal data will be processed by Mitel Networks Coporation in Canada. Canada is listed as a country with adequate data protection in Annex 1 to the Ordinance of 31 August 2022 on Data Protection (Data Protection Ordinance, DPO; SR 235.11), which is why your personal data can be transferred to Mitel in Canada without the need for additional guarantees.
Retention period
We are subject to a statutory retention period of 10 years for the storage of business records. In order to provide ongoing and additional service, we may retain our customers’ data beyond this period.
C. Various contact forms
Data processing
We offer you the opportunity to contact us via forms on our website for a wide range of concerns. You can use the contact form to send us your general enquiry or use the specific forms to book your appointment with us, give us feedback or request support. Your completed form will be sent to our e‑mail address info@tresore.ch.
We use the following software and service providers to process your enquiry via the contact form:
— Our email system runs via Microsoft Outlook from Microsoft Ireland Operations Ltd (“Microsoft”), South County Business Park, One Microsoft Place, D18P521, Leopardstown, Ireland, and is operated via a Microsoft Exchange Server. When an e‑mail is sent, Microsoft has access to the sender and the content of the message.
Personal data
The following information must be provided:
- First name and surname
- Company name
- Valid e‑mail address
- Telephone number
- Message / Feedback / Evaluation
- Type of problem (support form only)
- Desired showroom (online appointment booking only)
- Desired date and time (online appointment booking only)
- Various details about the product and service (evaluation form only)
Purpose
The data in question is processed for the following purposes:
- Answering your enquiry
- Contacting you
Legal basis
This data processing is carried out on the basis of contractual or pre-contractual measures in accordance with Art. 31 para. 2 lit. a FADP or Art. 6 para. 1 sentence 1 lit. b GDPR. The provision of your data is voluntary.
Necessity
This processing activity is not necessary for the functionality of the website.
Data transfer to third countries
Due to the use of MS Office, your personal data is also processed by Microsoft through the parent company in the USA. Microsoft Corp. is a participant in the EU‑U.S. and Swiss‑U.S. Data Privacy Frameworks. This means that your personal data can be transferred to Microsoft in the USA without the need for additional guarantees.
Retention period
The data stored for the purpose of answering your enquiry and contacting you will be deleted after processing has been completed, unless we are legally obliged to retain the data for 5 or 10 years.
D. Processing of customer orders
Data processing
We use the SelectLine system from SelectLine Software AG, Achslenstrasse 15, 9016 St. Gallen, Switzerland, to process our customer orders. As soon as we have received your order, your data is entered into our system and processed in our project and production department or our logistics department. The SelectLine system is used for administration, financial accounting, order processing, archiving of data and organisation of our production and deliveries and is hosted on our own servers. You can find further information on data protection at SelectLine Software AG at: https://www.selectline.ch/de/impressum.html
Your payment is recorded via our e‑banking system. Your personal data is then supplemented by your payment information in our system.
We may pass on your personal data to payment, transport, construction, architecture, general or crane companies for the execution and realisation of projects. We may forward your data to authorities and courts to obtain authorisation or similar or to protect our and your interests and legal claims.
Personal data
We process the following data to fulfil your order:
- Surname, first name
- Your address
- Telephone number
- e‑mail address
- Payment information
- Order or order information
Purpose
The purpose of processing your data is to process and deliver your order and to enforce any legal claims.
Legal basis
This data processing is carried out on the basis of contractual or pre-contractual measures in accordance with Art. 31 para. 2 lit. a FADP or Art. 6 para. 1 sentence 1 lit. b GDPR. The provision of your data is voluntary.
Necessity
Data processing is necessary for the processing of your order.
Retention period
For business documents, we are subject to a statutory retention period for your data in accordance with Art. 958 f. OR of 10 years.
E. Management/ updating of electronic locks
Data processing
Our safes are equipped with lock software from dormakaba Schweiz AG, Mühlebühlstrasse 2386 Wetzikon, Switzerland (“dormakaba”). By connecting our safes to a LAN connection using the dormakaba software, it is possible to manage various safes and locks centrally. You can find more information on this in dormakaba’s privacy policy at: www.dormakaba.com/ch-de/datenschutz
Personal data
We process the same data for this purpose as when processing an order (see section D above). We do not have access to your safe code by name.
Purpose
The purpose of using electronic locks from third-party providers and updating and managing them is to optimise the security of the safe and provide a modern security solution.
Legal basis
This data processing is carried out on the basis of contractual or pre-contractual measures in accordance with Art. 31 para. 2 lit. a FADP or Art. 6 para. 1 sentence 1 lit. b GDPR.
Necessity
Data processing is not necessary for the provision of our services as a safe deposit box provider.
Retention period
For business documents, we are subject to a statutory retention period for your data in accordance with Art. 958 f. OR of 10 years.
F. Cookies
1. General
Data processing
We use cookies on our website. These are small files that your browser automatically creates and that are stored on your end device (laptop, tablet, smartphone, etc.) when you visit our website.
Personal data
A cookie does not always mean that we can identify you.
Purpose
The use of cookies serves to statistically record the use of our website and to evaluate it for the purpose of optimisation and user-friendliness.
Legal basis
We process technically necessary cookies based on our overriding private interest. We only process cookies that are not technically necessary if we are authorised to do so in accordance with Art. Art. 31 para. 1 FADP or Art. 6 para. 1 sentence 1 lit. a GDPR if we have obtained your consent voluntarily.
Necessity
Cookies are automatically accepted in the default settings of most Internet browsers. If you do not wish to store cookies from our websites on your device, you can configure your browser settings so that you receive a warning before certain cookies are stored.
Please note that the partial or complete deactivation of cookies may result in you not being able to use all the functions of our websites.
Storage period
Cookies have different storage periods. If they are third-party cookies, we have no influence on the storage period.
2. Technically necessary cookies
Data processing
We use a logging cookie to save your personal user settings regarding cookies on our website.
Personal data No personal data is processed. Only the current status of your selected cookie setting is saved.
Purpose
The processing is carried out to re-identify your personal cookie settings on our website.
Legal basis
The processing is based on our overriding interest in accordance with Art. 31 para. 1 FADP or Art. 6 para. 1 sentence 1 lit. f GDPR.
Necessity
This cookie is necessary for the functionality of the website.
Storage period
The cookie is automatically deleted from your system after 12 months.
3. Google Tag Manager
Data processing
We use the Google Tag Manager (“GTM”) from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland on our website. GTM is a tag management system that integrates tags in a standardised manner via a user interface. Tags are short sections of source code that can track activities and access other systems in order to centrally control when certain systems are triggered. Google Analytics, Google Marketing Platforms (Double Click and Google Analytics) and Google Ads Remarketing are integrated into GTM. This means that GTM is merely an interface between the website and the analytics software. You can prevent the setting of tags in the cookie or domain settings at any time. Further information on these systems and their data processing can be found in the following sections.
Personal data
GTM ensures the activation of other tools, which in turn collect personal data. Depending on the integrated tool, GTM collects IP addresses of website visitors and passes them on to the analysis programmes. You will find more information on the individual data processing operations in the following sections.
Purpose
We process your personal data for marketing and analysis purposes. We evaluate your user behaviour, carry out conversion tracking, compile statistics and optimise our advertising channels and approaches.
Legal basis
The processing of your personal data takes place with your express consent in accordance with Art. 31 para. 1 FADP or Art. 6 para. 1 sentence 1 lit. a GDPR, which you have given via the cookie banner.
Necessity
This processing activity is not necessary for the functionality of the website.
Data transfer to third countries
Your personal data is generally processed by Google Ireland Limited in Ireland. However, personal data may also be transferred to the US parent company Google LLC. Google LLC is a participant in the EU‑U.S. and Swiss‑U.S. Data Privacy Frameworks. This means that your personal data may be transferred to Google LLC in the USA without any further guarantees being required. You can find Google’s privacy policy here: https://policies.google.com/privacy?hl=en
Storage period
Your data is stored on the end device for up to two years, unless it is renewed.
You can find out more about the retention period in Google’s privacy policy: https://policies.google.com/privacy#inforetaining
4. Double Click
Data processing
We use Google Marketing Platforms (“Double Click”) to show you targeted adverts and advertisements on various websites for our products (“Conversion Tracking”). Your surfing behaviour is evaluated by the permanent cookies stored, which allows individual advertising to be displayed. This service is provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
Personal data
The following personal data is processed:
- Click path
- Cookie IDs
- IP address
- Number of visits/users
- transactions
- Usage data
Purpose
We process your personal data for marketing and analysis purposes. We evaluate your user behavior, carry out conversion tracking, compile statistics and optimize our advertising channels and approaches.
Legal basis
Your personal data is processed with your express consent in accordance with Art. 31 para. 1 FADP or Art. 6 para. 1 sentence 1 lit. a GDPR, which you have given via the cookie banner.
Necessity
This processing activity is not necessary for the functionality of the website.
Data transfer to third countries Your personal data is generally processed by Google Ireland Limited in Ireland. However, personal data may also be transferred to the US parent company Google LLC. Google LLC is a participant in the EU‑U.S. and Swiss‑U.S. Data Privacy Frameworks. This means that your personal data may be transferred to Google LLC in the USA without any further guarantees being required. You can find Google’s privacy policy here: https://policies.google.com/privacy?hl=en
Storage period
Your data is stored on the end device for up to two years, unless it is renewed.
You can find out more about the retention period in Google’s privacy policy: https://policies.google.com/privacy#inforetaining
5. Google Ads
Data processing
The data controller has integrated Google Ads from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, on this website. Google Ads is an internet advertising service that allows advertisers to place ads both in Google’s search engine results and in the Google advertising network. Google Ads allows an advertiser to pre-define certain keywords that will be used to display an ad in Google’s search engine results only when the user uses the search engine to retrieve a keyword-relevant search result. In the Google advertising network, the ads are distributed on relevant websites using an automatic algorithm and taking into account the previously defined keywords.
Personal data
Conversion cookies are used to store personal data, such as the websites visited by the data subject. A randomly generated user ID is created in the process. Based on this ID, Google can recognize the user across different websites and display personalized advertising. Each time our website is visited, personal data, including the IP address of the internet connection used by the data subject, browser and device type and activities are therefore transmitted to Google in the USA.
Purpose
The purpose of Google Ads is to promote our website by displaying interest-relevant advertising on the websites of third-party companies and in the search engine results of the Google search engine and by displaying third-party advertising on our website.
Legal basis
The data processing takes place with your express consent in accordance with Art. 31 para. 1 FADP or Art. 6 para. 1 sentence 1 lit. a GDPR, which you have given via the cookie banner.
Necessity
The data mentioned is not necessary for the website functionality.
Data transfer to third countries Your data will be processed by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Personal data may also be transferred to the US parent company Google LLC. Google LLC is a participant in the EU‑U.S. and Swiss‑U.S. Data Privacy Frameworks. This means that your personal data can be transferred to Google in the USA without any additional guarantees being required. You can find more information on how Google Analytics handles user data in Google’s privacy policy at: https://support.google.com/analytics/answer/6004245?hl=de
Retention period
The retention period is based on the information in Google’s privacy policy, available at https://policies.google.com/privacy?hl=de#inforetaining
6. Google Analytics 4
Data processing
We use Google Analytics on our website, a web analytics service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”).
Cookies are used to create pseudonymous user profiles. The data is stored on the end device, anonymized and evaluated in the form of statistics.
With Google Ads remarketing (GA Audience), visitors to our website are added to lists that we can use to contact you again as a potential customer. As a user on the remarketing lists, we can place targeted ads for you.
Personal data
The following data is processed in connection with the Google Analytics web analysis service:
- Masked IP address of the requesting computer
- Click path
- Date and time of access
- Website from which access is made (referrer URL)
- Browser type and browser version
- IP addresses in exceptional cases
- Number of visits/users
- Statistics on the session
Extension of demographic characteristics and interests:
- Age: 18–24, 25–34, 35–44, 45–54, 55–64, 65+
- Gender: Male, Female
- Categories of common interests
- Segments with ready-to-buy target groups
- Other categories that provide the most specific view of user
Three permanent cookies from Google Analytics are used for this purpose (_gat, _gid, _ga), which are automatically deleted after a defined period of time. However, these cookies are only used with your consent via the cookie banner.
Please note that on this website Google Analytics has been extended by the code “gat._anonymizeIp();” in order to ensure anonymized collection of IP addresses (so-called IP masking). If anonymization is active, Google shortens IP addresses within Switzerland, which is why no conclusions can be drawn about your identity. Only in exceptional cases is the full IP address transmitted to a Google server in the USA and truncated there.
Purpose
We use Google Analytics to analyze errors and to continuously improve the offer on our websites by means of statistical evaluation.
Legal basis
The data processing takes place with your express consent in accordance with Art. 31 para. 1 FADP or Art. 6 para. 1 sentence 1 lit. a GDPR, which you have given via the cookie banner.
Necessity
This processing activity is not necessary for the functionality of the website.
Data transfer to third countries
Your data will be processed by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Personal data may also be transferred to the US parent company Google LLC. Google LLC is a participant in the EU‑U.S. and Swiss‑U.S. Data Privacy Frameworks. This means that your personal data can be transferred to Google LLC in the USA without any additional guarantees being required. You can find more information on how Google Analytics handles user data in Google’s privacy policy at: https://support.google.com/analytics/answer/6004245?hl=de
Storage period
Your data is stored on the end device for up to 14 months.
7. Integration of Instagram
Data processing
We operate our own public Instagram page through which you can communicate with us. For this purpose, we use the social media channel Instagram from Meta Platforms Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. We have our own Instagram profile under the name waldissafes. We have also placed Instagram social media buttons on our website so that you can easily link to our Instagram profile.
Your data will only be processed when you click on the Instagram social media button, click on embedded images or contact us on Instagram. The data collected is also anonymized and then used in the form of statistics. A recognizable marker is also set.
We are joint controllers with Meta Platforms Ireland Ltd. in accordance with Art. 26 GDPR, but only with regard to the collection and transmission of data. Meta Platforms Ireland Ltd. is solely responsible for the subsequent processing of the information by Meta.
We have concluded a joint controllership agreement to determine the respective responsibilities for fulfilling the obligations under the GDPR. Accordingly, we are responsible for informing the users of our website, while Meta is responsible for fulfilling requests regarding the rights of data subjects in accordance with Art. 15 to 21 GDPR. However, within the framework of joint responsibility, you can in principle assert your data subject rights against each of the joint controllers.
Meta processes the personal data in accordance with its data protection principles and declarations. Further information on how Meta processes personal data can be found in Meta’s privacy policy at
https://help.instagram.com/155833707900388
Personal data
If you contact us or click on the Instagram button, the following information will be collected from you
- User name or first and last name
- Possibly picture, data that you send us in the course of contacting us
- IP address, connection data, browser data and data about the content accessed When you click on the media button
By clicking on the button, you will be redirected to the provider’s website. We have no influence on the processing of personal data on third-party websites.
Purpose
The Instagram social media button is used to structure our website and is used to place other web content on our website. If you contact us via Instagram, we will process the data for the purpose of responding to your request.
Legal basis
The data processing via the click on the social media buttons is carried out with your express consent in accordance with Art. 31 para. 1 FADP or Art. 6 para. 1 sentence 1 lit. a GDPR, which you have given via the cookie banner.
If you contact us via our Instagram profile, we process your data to fulfill the contract or to take pre-contractual measures in accordance with Art. 31 para. 2 lit. a FADP or Art. 6 para. 1 lit. b GDPR and on the basis of our legitimate interest in accordance with Art. 31 para. 1 FADP or Art. 6 para. 1 lit. f GDPR to provide a communication option.
Necessity
The data mentioned is not necessary for the functionality of the website.
Data transfer to third countries
Your data will be processed by Meta Platforms Ireland Ltd. Personal data may also be transferred to the US parent company Meta Platforms Inc. Meta Platforms Inc. is a participant in the EU‑U.S. and Swiss‑U.S. Data Privacy Frameworks. This means that your personal data can be transferred to Meta in the USA without any further additional guarantees being required. You can find more information on how Meta handles user data in Meta’s privacy policy at
https://help.instagram.com/155833707900388?cms_id=155833707900388
Storage period
The cookies set are stored on the end device for up to 10 years. Data processed in connection with your contact via our Instagram profile will be deleted after 1 year, unless we have a retention obligation of 5 or 10 years for the communication.
8. Integration of Facebook
Data processing
We operate our own public Facebook page through which you can communicate with us. For this purpose, we use the Facebook social media channel of Meta Platforms Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. We have our own Facebook profile under the name Waldis Tresore. We have also placed social media buttons from Facebook on our website so that you can easily link to our Facebook profile
Your data will only be processed when you click on the Facebook social media button, click on embedded images or contact us on Instagram. The data collected is also anonymized and then used in the form of statistics. A recognizable marker is also set.
We are joint controllers with Meta Platforms Ireland Ltd. in accordance with Art. 26 GDPR, but only with regard to the collection and transmission of data. Meta Platforms Ireland Ltd. is solely responsible for the subsequent processing of the information by Meta.
We have concluded a joint controllership agreement to determine the respective responsibilities for fulfilling the obligations under the GDPR. Accordingly, we are responsible for informing the users of our website, while Meta is responsible for fulfilling requests regarding the rights of data subjects in accordance with Art. 15 to 21 GDPR. However, within the framework of joint responsibility, you can in principle assert your data subject rights against each of the joint controllers.
Meta processes the personal data in accordance with its data protection principles and declarations. For more information on how Meta processes personal data, please refer to Instagram’s privacy policy at
https://www.facebook.com/about/privacyshield
Personal data
If you contact us, the following information will be collected from you
- User name or first and last name
- Possible picture, data that you send us when you contact us.
- IP address, connection data, browser data and data on the content accessed When you click on the social media button
By clicking on the button, you will be redirected to the provider’s website. We have no influence on the processing of personal data on third-party websites.
Purpose
The Facebook social media button serves to structure our website and is used to place other web content on our website. If you contact us via Facebook, we will process the data for the purpose of responding to your request.
Legal basis
The data processing via the click on the social media buttons is carried out with your express consent in accordance with Art. 31 para. 1 FADP or Art. 6 para. 1 sentence 1 lit. a GDPR, which you have given via the cookie banner.
If you contact us via our Facebook profile, we process your data to fulfill the contract or to take pre-contractual measures in accordance with Art. 31 para. 2 lit. a FADP or Art. 6 para. 1 lit. b GDPR and on the basis of our legitimate interest in accordance with Art. 31 para. 1 FADP or Art. 6 para. 1 lit. f GDPR to provide a communication option.
Necessity
The aforementioned data is not necessary for the functionality of the website.
Data transfer to third countries Your data will be processed by Meta Platforms Ireland Ltd (Meta). Personal data may also be transferred to the US parent company Meta Platforms Inc. Meta Platforms Inc. is a participant in the EU‑U.S. and Swiss‑U.S. Data Privacy Frameworks. This means that your personal data can be transferred to Meta in the USA without any further additional guarantees being required. You can find more information on how Meta handles user data in Meta’s privacy policy at: https://www.facebook.com/about/privacyshield
Storage period
The cookies set are stored on the end device for up to 10 years. Data processed in connection with your contact via our Facebook profile will be deleted after 1 year, unless we are required to retain the communication for 5 or 10 years.
9. Integration of LinkedIn
Data processing
We operate our own public LinkedIn presence through which you can communicate with us. We use the social media channel LinkedIn Ireland Unlimited Company, Wilton Plaza, Gardner House, Dublin 2, Ireland. We have our own LinkedIn profile under the name WALDIS Tresore AG. We have also placed social media buttons from LinkedIn on our website so that you can easily link to our LinkedIn profile
Your data will only be processed when you click on the LinkedIn social media button, click on embedded images or contact us on LinkedIn. The data collected is also anonymized and then used in the form of statistics. A recognizable marker is also set.
Personal data
If you contact us, the following information will be collected from you:
- User behavior
- IP address
- Connection data
- Device and browser information
- Data about the content accessed when clicking on social media buttons
- User name or first and last name
- Possibly image, data that you send us in the context of contacting us
By clicking on the social media button, you will be redirected to the provider’s website. We have no influence on the processing of personal data on third-party websites.
You can find more information about LinkedIn’s data processing at: https://www.linkedin.com/legal/privacy-policy
Purpose
The social plug-ins serve to structure our website and are used to place other web content on our website. If you contact us via LinkedIn, we will process the data for the purpose of responding to your request.
Legal basis
The data processing via the click on the social media buttons is carried out with your express consent in accordance with Art. 31 para. 1 FADP or Art. 6 para. 1 sentence 1 lit. a GDPR, which you have given via the cookie banner.
If you contact us via our LinkedIn profile, we process your data to fulfill the contract or to carry out pre-contractual measures in accordance with Art. 31 para. 2 lit. a DSG or Art. 6 para. 1 lit. b DSGVO and on the basis of our legitimate interest in accordance with Art. 31 para. 1 DSG or Art. 6 para. 1 lit. f DSGVO to provide a communication option
Necessity
The data mentioned is not necessary for the functionality of the website.
Data transfer to third countries LinkedIn Ireland Unlimited also shares data with its affiliated companies such as LinkedIn Corporation (USA), LinkedIn Singapore and Microsoft Corporation (USA) in accordance with its privacy policy and is not a participant in the EU‑U.S. and Swiss‑U.S. Data Privacy Frameworks and it is also otherwise possible that LinkedIn may transfer data to third countries. Therefore, your data may be subject to a level of data protection during data transfer that is not comparable to that in Switzerland or the EU. If you consent to the processing by LinkedIn, you therefore also consent to your personal data being transferred to insecure third countries in accordance with Art. 17 FADP and Art. 49 para. 1 lit. a GDPR.
Storage period
The cookies set are stored on the end device for up to 10 years. Data processed in connection with your contact via our LinkedIn profile will be deleted after 1 year, unless we have a retention obligation of 5 or 10 years for the communication.
10. Integration of YouTube
Data processing
In order to make our website more interesting for you, we integrate video components from YouTube on our website. We also operate a YouTube channel under the name @WaldisTresoreAG The data from YouTube is processed by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
According to YouTube, your data — in particular which of our websites you have visited and device-specific information including the IP address — is only transmitted to the YouTube server in the USA in “extended data protection mode” when you watch the video.
If you are logged in to YouTube at the same time, this information will be assigned to your YouTube member account. You can prevent this by logging out of your member account before visiting our website.
Further information about YouTube can be found at https://www.youtube.com/howyoutubeworks/our-commitments/protecting-user-data/
Personal data
If the data subject is logged in to YouTube at the same time, YouTube recognizes which specific subpage of our website the data subject is visiting when a subpage containing a YouTube video is accessed. This information is collected by YouTube and Google and assigned to the respective YouTube account of the data subject
Purpose
Our interest lies in the smooth integration of the videos and the appealing design of our website.
Legal basis
The data processing takes place with your express consent in accordance with Art. 31 para. 1 FADP or Art. 6 para. 1 sentence 1 lit. a GDPR, which you have given by clicking on the YouTube button.
Necessity
The data mentioned is not necessary for the functionality of the website.
Data transfer to third countries
Ihre Daten werden dabei von Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland, bearbeitet. Dabei können Personendaten auch an die US-Muttergesellschaft Google LLC übertragen werden. Google LLC ist Teilnehmerin des EU‑U.S. uns Swiss‑U.S. Data Privacy Frameworks. Somit können Ihre Personendaten an Google in die USA übermittelt werden, ohne dass weitere zusätzliche Garantien erforderlich sind. Mehr Informationen zum Umgang mit Nutzerdaten bei Google Analytics finden Sie in der Datenschutzerklärung von Google unter: https://support.google.com/analytics/answer/6004245?hl=de
Retention period
The storage period is based on the information in Google’s data protection declaration, available at https://policies.google.com/privacy?hl=de#inforetaining
11. Integration of Google Maps
Data processing
On our website we use Google Maps (API) from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Google Maps is a web service for displaying interactive (land) maps in order to visualize geographical information. Using this service will show you our location and make it easier for you to find us.
Personal data
Information about your use of our website (such as your IP address) will only be transmitted to Google servers in the USA and stored there after you have given your consent via the cookie banner. This takes place regardless of whether Google provides a user account through which you are logged in or whether no user account exists. If you are logged in to Google, your data will be assigned directly to your account. If you do not wish your data to be associated with your Google profile, you must log out before activating the button. Google stores your data (even for users who are not logged in) as usage profiles and analyzes them.
You can find the Google Maps privacy policy here: https://policies.google.com/privacy?hl=de&gl=de
Purpose
The purpose of integrating Google Maps directly on our website is to make it easier to find our business premises and to simplify contact with the customer. For Google, data processing serves the purpose of displaying personalized advertising, market research and/or needs-based design of its website. We have no influence on the processing of personal data on third-party websites.
Legal basis
The processing is carried out with your express consent in accordance with Art. 31 para. 1 FADP or Art. 6 para. 1 sentence 1 lit. a GDPR.
Necessity
The data mentioned is not necessary for the functionality of the website.
Data transfer to third countries
Your data will be processed by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Personal data may also be transferred to the US parent company Google LLC. Google is a participant in the EU‑U.S. and Swiss‑U.S. Data Privacy Frameworks. This means that your personal data can be transferred to Google LLC in the USA without any additional guarantees being required. You can find more information on how Google Analytics handles user data in Google’s privacy policy at: https://support.google.com/analytics/answer/6004245?hl=de
Retention period
The retention period is based on the information on the different types of data in Google’s privacy policy, available at https://policies.google.com/privacy?hl=de&gl=de#inforetaining
12. Integration of Google Fonts
Data processing
Our website uses a font from Google Fonts, a font service operated by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
Personal data
Each time this website is accessed, files are loaded from a Google server to display the texts in a specific font. Your IP address may be transmitted to a Google server and stored as part of the usual weblog.
Purpose
The purpose of this data processing is the correct display of the text on the website.
Legal basis
The processing is carried out with your express consent in accordance with Art. 31 para. 1 FADP or Art. 6 para. 1 sentence 1 lit. a GDPR.
Necessity
The data mentioned is not necessary for the functionality of the website.
Data transfer to third countries
Your data will be processed by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Personal data may also be transferred to the US parent company Google LLC. Google LLC is a participant in the EU‑U.S. and Swiss‑U.S. Data Privacy Frameworks. This means that your personal data can be transferred to Google in the USA without any additional guarantees being required. You can find more information on how Google Analytics handles user data in Google’s privacy policy at: https://support.google.com/analytics/answer/6004245?hl=de
Retention period
The storage period is based on the information in Google’s data protection declaration, available at https://policies.google.com/privacy?hl=de#inforetaining
Data processing
Your personal data will not be transferred to third parties for purposes other than those listed or to contractors other than those listed and their subcontractors.
Third parties are technology providers for the optimal operation of the websites and social media presences and for the provision of the services listed above.
Data processing
There is no disclosure to third countries without an adequate level of data protection or only under the contractual obligation to comply with an adequate level of data protection (EU standard clauses).
Personal data is only transferred to third countries if the data protection requirements of Art. 6 FADP or Art. 44 et seq. GDPR are met.
A third country is a country outside Switzerland or the European Economic Area (EEA) in which Swiss data protection law or the European GDPR is not directly applicable. A third country is considered unsafe if, according to the FDPIC or the EU Commission, the country does not have an adequate level of data protection.
For data transfers between the EU and the USA and between Switzerland and the USA, US companies have the option of participating in the Data Privacy Framework. This framework ensures GDPR- or DSG-compliant data transfer to the USA and correspondingly compliant data processing, in which all rights under EU law or Swiss law of the data subject can be safeguarded. Whether the specific data processor in the USA participates in this framework can be clarified on the website: https://www.dataprivacyframework.gov/s/. In addition, you will find further information on the processing of user data in the specific data protection declarations of the data processor. In this data protection information, we inform you when and how we transfer personal data to the USA or other insecure third countries.
Data processing
We take appropriate measures to ensure that your personal data cannot be viewed or stolen by third parties without authorization. In particular, we take appropriate technical (e.g. firewall, password protection, SSL encryption, etc.) and organizational (e.g. restriction of authorized persons, training of authorized persons, etc.) measures to ensure that only authorized persons have access to this data. Our data processing and security measures are continuously improved in line with technological developments.
Personal data
Personal data is any information relating to an identified or identifiable natural person, including name, address, telephone number or e‑mail or IP address.
Purpose
We use SSL encryption for security reasons and to protect the transmission of confidential content, such as the requests you send to us as the site operator. You can recognize an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line.
If SSL encryption is activated, the data you transmit to us cannot be read by third parties.
Data processing
We will retain your personal data for as long as we deem necessary or appropriate to comply with applicable laws or for as long as it is necessary for the purposes for which it was collected. We delete your personal data as soon as it is no longer required and in any case after the legally prescribed maximum retention period of 5 or 10 years. Data that is no longer required and for which there is no legal obligation to retain it will be destroyed once the purpose and justification no longer apply.
Personal data
In detail, we store your data for the following period:
We retain data that we process by law for the statutory retention period, for example if required by labor, social security or tax law or the Ordinance on Business Records;
Data that we require for the performance of a contract is retained for at least the duration of the contract and for a maximum of 10 years thereafter, unless we require the data to assert our rights;
Data that we process to protect our legitimate interests will be retained for a maximum of ten years after the end of the contractual relationship, unless we need the data to assert our rights.
As a data subject, you may assert various claims against us in accordance with the applicable national and international law.
We may process your personal data again to fulfill these claims.
Depending on the applicable law, data subjects may assert the following rights:
- To request information about your personal data processed by us. In particular, information pursuant to Art. 25 FADP or Art. 15 GDPR may contain information
- about the purposes of processing
- the category of personal data
- the categories of recipients to whom your data has been or will be disclosed
- the planned storage period
- the existence of a right to rectification, erasure,
- restriction of processing or objection
- the existence of a right to lodge a complaint
- the origin of your data if it was not collected by us
the existence of automated decision-making, including profiling and, where applicable, meaningful information about its details
- to immediately request the correction of incorrect or incomplete personal data stored by us (Art. 6 para. 5 FADP and Art. 16 GDPR);
- to demand the restriction of the processing of your personal data if the accuracy of the data is disputed by you, the processing is unlawful, but you refuse to delete it and we no longer need the data, but you need it to assert, exercise or defend legal claims or you have objected to the processing in accordance with Art. 21 GDPR (Art. 32 para. 4 FADP or Art. 18 GDPR);
- to receive your personal data that you have provided to us in a structured, commonly used and machine-readable format or to request that it be transmitted to another controller (Art. 20 GDPR)
- to request the deletion of your personal data stored by us, unless the processing is necessary to exercise the right to freedom of expression and information, to fulfill a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims (Art. 32 para. 2 lit. c DSG or Art. 17 GDPR);
- to withdraw your consent once given to us at any time. As a result, we may no longer continue the data processing that was based on this consent in the future (Art. 30 para. 2 lit. b FADP and Art. 7 para. 3 GDPR);
- object to the processing if your personal data is processed on the basis of legitimate interests in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR (Art. 21 GDPR) and if there are reasons for this arising from your particular situation or if the objection is directed against direct advertising. In the latter case, you have a general right to object, which will be implemented by us without specifying a particular situation;
- to lodge a complaint with a supervisory authority (see above) (Art. 49 FADP or Art. 77 GDPR).
We reserve the right to change this privacy policy at any time or to adapt it to new processing methods. The current privacy policy can be accessed at any time at www.tresore.ch/datenschutz.