Privacy Policy

We are happy about your visit to our website. We would like to inform you below about the processing of your personal data on our website.

Responsible body

A.Vogel AG Publishing House

Hätschen

CH-9053 Teufen AR

Tel: +41 (0)71 335 66 66

Email: info@verlag-avogel.ch

Data protection advisor

DDSK GmbH

Annalena Arndt

Dr-Klein-Str. 29, 88069 Tettnang

Tel: 07542 949 21 -00

Email: datenschutz@avogel.ch

Terms

The technical terms used in this Privacy Policy are to be understood as legally defined in Art. 4 GDPR and Art. 5 FADP. The terms "user" and "website visitor" are used synonymously in our Privacy Policy.

General information on data processing on the website

Automated data processing (log files etc.)

Our website can be visited without actively providing personal details. However, we automatically store access data (server log files), such as the name of the internet service provider, the operating system used, the website from which the user visits us, the date and duration of the visit or the name of the requested file, and for security reasons, e.g. to recognise attacks on our website, the IP address of the end device used for a period of 7 days. This data is not merged with other data sources. We process and use the data for the following purposes: Provision of the website, prevention and detection of errors/malfunctions and misuse of the website.

Data categories: Meta and communication data (e.g. IP address, date and time of access, time, type of HTTP request, website from which access is made (referrer URL), browser used and, if applicable, operating system of the accessing computer (user agent))

Purpose of the processing: Prevention and detection of errors/malfunctions, detection of misuse of the website

Legal basis: Legitimate interest pursuant to Art. 6 Para. 1f GDPR; overriding interests pursuant to Art. 31 Para. 1 FADP

Legitimate interests: Fraud prevention to detect misuse of the website

Required cookies (functionality, opt-out links, etc.)

In order to enable the use of the basic functions on our website and to provide the service requested by the user, we use so-called cookies on our website. Cookies are a standard internet technology for storing and retrieving information for website users. Cookies represent information and/or data that can e.g. be stored on the user's end device. With classic cookie technology, the user's browser is instructed to store certain information on the user's end device when a specific website is accessed.

Strictly necessary cookies are used to provide a tele-media service expressly requested by the user, e.g:

Cookies for error analysis and security purposes
Cookies for storing logins
Cookies for storing data in online forms if the form extends over several pages
Cookies for saving (language) settings
Cookies for storing items placed in the shopping basket by users in order to complete the purchase
Cookies for storing consent or revocation (opt-in, opt-out)

Some of the cookies used (so-called session cookies) are deleted again after the end of the browser session, i.e. after closing the browser.

Cookies can be deleted by users at a later date in order to remove data that the website has stored on the user's computer.

Opt-out:

Firefox: https://support.mozilla.org/de/kb/wie-verhindere-ich-dass-websites-mich-verfolgen

Google Chrome: https://support.google.com/chrome/answer/95647?hl=de

Microsoft Edge: https://support.microsoft.com/de-de/microsoft-edge/inprivate-browsen-in-microsoft-edge-cd2c9a48-0bc4-b98e-5e46-ac40c84e27e2

Opera: https://help.opera.com/en/latest/security-and-privacy/

Safari: https://support.apple.com/de-de/HT201265

Legal basis: Legitimate interests (Art. 6 Para. 1f GDPR, Art.31 Para.1 FADP), consent (Art. 6 Para. 1a GDPR, Art.31 Para.1 FADP)

Legitimate interests: Storage of opt-in preferences, ensuring the functionality of the website, maintaining user status across the entire website

Storage and processing of unnecessary information and data

Beyond the necessary scope, user data may be processed by means of cookies, similar technologies or application-related technologies, e.g. for the purpose of (cross-website) tracking or personalised advertising, etc. This may involve the transfer of data to third-party providers. Data may be transmitted to third-party providers. The storage and further processing of user data that is not absolutely necessary to provide the tele-media service is then carried out on the basis of consent within the meaning of Art. 6 Para. 1a GDPR, Art.31 Para.1 FADP.

Consent management platforms

We use a consent management process on our website to store and manage the consent given by website visitors in a verifiable manner in accordance with data protection requirements. The consent management platform we use helps us to recognise all cookies and tracking technologies and to manage them on the basis of consent status. At the same time, visitors to our website can use the consent management service we have integrated to manage the consents and preferences given (optional setting of cookies and other technologies that are not required) or revoke consent at any time using the button.

The status of the consent is stored on the server and/or in a cookie (so-called opt-in cookie) or a comparable technology in order to be able to assign the consent to a user or their device. The time of the declaration of consent is also recorded.

Data categories: Consent data (consent ID and number, time consent was given, opt-in or opt-out), meta and communication data (e.g. device information, IP addresses)
Purpose of the processing: Fulfilment of accountability, consent management
Legal basis: Legal obligation (Art. 6 Para. 1c) GDPR in conjunction with Art. 7 GDPR)

Usercentrics

Recipient: Usercentrics GmbH, Sendlinger Strasse 7, 80331 Munich, Germany
Third country transfer: Based on the adequacy decision of the FDPIC for Germany
Privacy Policy: https://usercentrics.com/de/datenschutzerklaerung/

Hosting (incl. content delivery network)

Our website is hosted by an external service provider. Data of visitors to our website, in particular so-called log files, are stored on the servers of our service provider. By using a specialised service provider, we can provide our website efficiently. The hosting provider we use does not process the data for its own purposes.

We also use a so-called content delivery network (CDN) in order to be able to provide the content of our website more quickly. When website visitors access graphics, scripts or other content, for example, these are provided quickly and optimised with the help of regionally and internationally distributed servers. When the files are retrieved, a connection is established to the servers of a CDN provider, whereby personal data of visitors to our website is processed, for example the IP address and browser data.

Data categories: User data (e.g. websites visited, interest in content, access times), meta and communication data (e.g. device information, IP addresses)
Purpose of the processing: Proper presentation and optimisation of the website, faster and location-independent accessibility of the website
Legal basis: Consent (Art. 6 Para. 1a GDPR, Art. 31 Para.1 FADP); legitimate interests (Art. 6 Para. 1f GDPR, Art. 31 Para. 1 FADP)
Legitimate interests: Avoidance of downtimes, high scalability, reduction of the bounce rate on the website

CloudFlare

Recipient: CloudFlare GmbH, Rosental 7, 80331 Munich, Germany
Legal basis: Consent (Art. 6 Para. 1a GDPR, Art. 31 Para.1 FADP)
Third country transfer: Based on the adequacy decision of the FDPIC for Germany
Privacy Policy: https://www.cloudflare.com/de-de/privacypolicy/

GoEast

Recipient: GoEast GmbH, Oberstrasse 222, CH-9014 St. Gallen, Switzerland
Legal basis: Consent (Art. 6 Para. 1a GDPR, Art. 31 Para.1 FADP)
Third country transfer: A third country transfer does not take place.
Privacy Policy: https://www.goeast.ch/#datenschutzerklaerung

Google APIs interface software

Recipient: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland
Legal basis: Consent (Art. 6 Para. 1a GDPR, Art. 31 Para.1 FADP)
Third country transfer: Based on the standard contractual clauses for third country transfers.
Privacy Policy: https://policies.google.com/privacy?hl=en-US

Google Static CDN

Recipient: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland
Legal Consent (Art. 6 Para. 1a GDPR, Art. 31 Para.1 FADP)
Third country transfer: Based on the standard contractual clauses for third country transfers.
Privacy Policy: https://policies.google.com/privacy?hl=en-US

Website support and consulting, web agency

We have commissioned a web agency to provide support and advice for services and applications on our website. This supports us in all activities associated with the design and functionality of our website. In this context, the web agency selected by us receives the access data for our website in order to make the necessary adjustments and changes, such as the design of forms or other programming activities.

Access to personal data, such as data from forms or log data of website visitors, cannot be ruled out. The web agency therefore acts as a so-called processor for us and works exclusively on our instructions. Data will not be processed for other purposes.

Data categories: Usage data (e.g. access times), meta and communication data (e.g. device information, IP addresses), contact data (e.g. email address), content data (e.g. text details), evaluation data from social media accounts (e.g. anonymised statistics)
Purpose of the processing: Support with web analysis and optimisation, analysis of user behaviour on the website (website interaction) for web optimisation and reach measurement, checking the website's capacity utilisation
Legal basis: Legitimate interests (Art. 6 Para. 1f GDPR, Art. 31 Para.1 FADP)
Legitimate interests: Support and assistance with website maintenance through high level of expertise, efficiency through outsourcing

Endopark New Media Communication

Recipient: Endopark New Media Communication, Rieterstrasse 7, 90419 Nuremberg
Third country transfer: The FDPIC has issued an adequacy decision for Germany.
Privacy Policy: https://www.endopark.de/datenschutzerklaerung/index.html

Web analysis and optimisation

We use procedures on our website to analyse user behaviour and to measure reach. For this purpose, information about the behaviour, interests or demographic information of visitors is collected in order to determine whether and where our website needs to be optimised or adapted (e.g. forms on the website, improved placement of buttons or call-to-action buttons, etc.).

We can also measure the click and scroll behaviour of website visitors. Among other things, this helps us to recognise at what time our website, its functions or content are most heavily frequented.

The collection of this data is made possible by the use of certain technologies (e.g. cookies). These are stored on users' end devices as part of client-side tracking when they visit our website.

We take precautions to protect the identity of our website visitors. We do not process any personal data of website visitors for the purposes described.

Website visitors are assigned an ID (identification code) when they visit the website so that they can be recognised when they return. The IDs and associated information are stored in user profiles. In addition, the IP addresses of website visitors are anonymised and the storage duration of cookies is reduced.

Data categories: Usage data (e.g. websites visited, interest in content, access times), demographic characteristics (age, gender), meta and communication data (e.g. device information, anonymised IP addresses, location data), contact data (e.g. email address), content data (e.g. text details)
Purpose of the processing: Checking the status of target achievement (success control) of all online activities: Analysis of user behaviour on the website (website interaction) for web optimisation and reach measurement, checking website capacity utilisation, lead evaluation, sales increase, budget control
Legal basis: Consent (Art. 6 Para. 1a GDPR, Art. 31 Para.1 FADP)

AdFlow Systems

Recipient: AdFlow Systems GmbH, Hauptstrasse 33, 82008 Unterhaching
Legal basis: Consent Art. 6 Para. 1a GDPR, Art. 31 Para.1 FADP
Third country transfer: Based on the adequacy decision of the FDPIC for Germany
Privacy Policy: https://www.adflow-systems.de/index.php/de/

Google: Activated Universal Analytics (GA4)

Google Optimise

Google Tag Manager

Xandr

Recipient: Xandr Inc, 28 West 23rd Street, Fl 4, New York, NY 10010, USA
Legal basis: Consent (Art. 6 Para. 1a GDPR, Art. 31 Para.1 FADP)
Third country transfer: Based on the standard contractual clauses for third country transfers.
Privacy Policy: https://about.ads.microsoft.com/en-us/solutions/xandr/platform-privacy-policy

Online marketing

Various services and processes are used on our website for the purpose of online marketing. We have also integrated the data collected here into our CMS. The CMS provider may also receive information about the data collected here.

Search engine marketing

We use search engine marketing methods. Search engine marketing includes all measures that are suitable for improving the visibility of our website in the organic or non-organic search results of search engines, increasing our reach and thus increasing traffic (visitor traffic) to our website. We can also use search engine marketing to generate new leads.

Search engine advertising can take place on various external platforms or websites. The adverts are shown to users in the form of text, display or video ads.

Using our tracking tool, we first create a campaign for search engine advertising and store various dimensions there that are to be recorded by the search engine provider we have selected, e.g. user location, device information and target groups (demographic characteristics). This enables us to gain further insights into the interests in our content/products and, if necessary, to recognise trends.

Key word advertising

In addition, our advert is linked to specific keywords (search terms) that we have defined in advance and a link. The advert then also appears to users who make a search query for a specific keyword that we have defined in advance. These are in connection with our products or services.

The process is implemented using a cookie or similar technology. When a visitor visits our website or searches for a specific keyword within the search engine used (e.g. Google), a cookie or similar technology is set on the website visitor's end device. This data may include, for example, user locations and device information that is transmitted to the search engine provider's server. The search engine provider aggregates this data and makes it available to us automatically in the form of a statistical analysis via a dashboard in our account with the search engine provider.

The statistics provide us with information about which of our adverts were clicked on, how often and at what prices. Because every click on an advert incurs costs for us, these clicks are recorded on external platforms and websites using our tracking tool. Recording is used for budget control. We cannot identify individual users on the basis of this information.

Conversion measurement (measurement of the success of our adverts)

We can determine the success of our adverts on the basis of summarised data made available to us by the search engine provider (so-called conversion measurement). This enables us to track whether a marketing measure has led to a so-called event (e.g. downloading a PDF or playing a video) or a conversion (e.g. purchase of a product or registration on our website). The evaluation is provided to us in the form of statistics via our tracking tool and serves to analyse the success of our online activities (success control). It helps us to derive measures to improve the customer journey.

Hint: Website visitor data (e.g. name and email address) can be assigned directly if they are logged into their account with the search engine provider. If an assignment via the profile is not desired, the website visitor must log out of the search engine provider before visiting our website.

Data categories: User and interaction data (e.g. websites visited, interest in content, access times), meta and communication data (e.g. device information, anonymised IP addresses), location data if applicable, contact data (e.g. email addresses)
Purpose of the processing: Increase in sales and reach, conversion measurement, target group formation, identification of trends for the development of marketing strategies
Legal basis: Consent (Art. 6 Para. 1a GDPR, Art. 31 Para.1 FADP)

AppNexus

Recipient: Xandr, 14 Bd de la Madeleine, 75008 Paris, France
Legal basis: Consent (Art. 6 Para. 1a GDPR, Art. 31 Para.1 FADP)
Third country transfer: Based on the adequacy decision of the FDPIC for France
Privacy Policy: https://policies.google.com/privacy?hl=en-US

Cludo.com

Recipient: Cludo, Frederikskaj 4, 2450 København, Denmark
Third country transfer: Based on the adequacy decision of the FDPIC for Denmark
Privacy Policy: https://www.cludo.com/privacy-policy

Google AdWords and conversion measurement

Google Ads

Social media presences

We maintain a company profile on social networks and career platforms in order to increase our visibility among potential customers and interested parties and to make our company visible to the public.

Social networks help us to increase our reach and actively promote interaction and communication with users. Activity and communication in social media play an important role in attracting new customers and employees. Relevant information about our company can be shared via social media and the website, events can be publicised and important short-term announcements and job vacancies can be communicated. They also help us to get in touch with users quickly and easily.

Social media platform operators create so-called user profiles based on the usage behaviour of users, for example the indication of interests (likes, shares). These are used to adapt adverts to the interests of target groups. When users are active on social media channels, cookies or other technologies are regularly stored on users' end devices, in some cases regardless of whether they are registered users of the social network.

Insights (statistics)

The data analysed by the social media platform operators is provided to us in the form of anonymised statistics, which means that it no longer contains any personal user data. We can use the statistics to recognise, for example, how often and at what time our social media profile was visited. It is currently not possible for fan page operators to switch off this function. We therefore have no influence on the extent to which the data is processed by social media platforms.

Social media messengers

In connection with the use of social media, we may use the associated messengers to communicate easily with users. The security of individual services may depend on the user's account settings. Even in the case of end-to-end encryption, the social media platform operator can draw conclusions about the fact that and when users communicate with us. Location data can also be recorded.

Depending on where the social network is operated, user data may be processed outside the European Union or outside the European Economic Area. This can result in risks for users because it makes it more difficult to enforce their rights.

Data categories: User names (e.g. last name, first name), contact data (e.g. email address), content data (e.g. text details, photographs, videos), usage and interaction data (e.g. websites visited, interests, likes, shares, access times), meta and communication data (e.g. device information, IP address, location data if applicable)
Purpose of the processing: Increasing reach, raising awareness, fast networking
Legal basis: Legitimate interests (Art. 6 Para. 1f GDPR, Art.31 Para.1 FADP), consent (Art. 6 Para. 1a GDPR, Art.31 Para.1 FADP)
Legitimate interests: Interaction and communication on social media presence, profit increase, insights into target groups

Instagram

Recipient: Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland
Opt-out link: https://www.instagram.com/accounts/login/?next=/accounts/privacy_and_security/
Third country transfer: Based on the standard contractual clauses for third country transfers.
Privacy Policy: https://help.instagram.com/519522125107875

Facebook

Recipient: Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland
Opt-out link: https://www.facebook.com/policies/cookies/
Third country transfer: Based on the standard contractual clauses for third country transfers.
Privacy Policy: https://www.facebook.com/privacy/explanation

Pinterest

Recipient: Pinterest Inc, 651 Brannan Street, San Francisco, CA 94103, USA
Opt-out link: https://policy.pinterest.com/de/cookies
Third country transfer: Based on the standard contractual clauses for third country transfers.
Privacy Policy: https://policy.pinterest.com/de/privacy-policy

TikTok

Recipient: TikTok Inc, 10100 Venice Blvd, Culver City, CA 90232, USA
Third country transfer: Based on the standard contractual clauses for third country transfers.
Privacy Policy: https://www.tiktok.com/legal/privacy-policy?lang=de

Recipient: X International Company, One Cumberland Place, Fenian Street Dublin 2, D02 AX07 Ireland
Opt-out link: https://help.x.com/de/rules-and-policies/x-cookies#privacy-options
Third country transfer: Based on the adequacy decision of the FDPIC for Ireland
Privacy Policy: https://twitter.com/de/privacy

YouTube

Recipient: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland
Third country transfer: Based on the standard contractual clauses for third country transfers.
Privacy Policy: https://policies.google.com/privacy?hl=de&gl=de

LinkedIn

Recipient: LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland
Third country transfer: Based on the adequacy decision of the FDPIC for Ireland
Privacy Policy: https://www.linkedin.com/legal/privacy-policy?trk=homepage-basic_footer-privacy-policy

Social media marketing

We use our social media channels to advertise our products and services. Our aim is to address a broad community that we cannot reach via traditional advertising channels, e.g. offline marketing (e.g. flyers).

Conversion measurement (measurement of the success of our adverts)

We can determine the success of our adverts on the basis of summarised data made available to us by the social media provider (so-called conversion measurement). This enables us to track whether a marketing measure has led to a so-called event (e.g. downloading a PDF or playing a video) or a conversion (e.g. purchase of a product or registration on our website). The evaluation is provided to us in the form of statistics via our tracking tool and serves to analyse the success of our online activities (success control). It helps us to derive measures to improve the customer journey.

Data categories: User and interaction data (e.g. websites visited, interests, access times), meta and communication data (e.g. device information, IP addresses, location data if applicable)
Purpose of the processing:Expansion of reach, reach analysis and statistical analyses
Legal basis:Consent (Art. 6 Para. 1a GDPR, Art. 31 Para.1 FADP)

Metricool

Recipient: METRICOOL SOFTWARE, SL C / Téllez, No. 12, Entreplanta H, 28007, Madrid, Spain
Legal basis: Consent (Art. 6 Para. 1a GDPR, Art. 31 Para.1 FADP)
Third country transfer: Based on the adequacy decision of the FDPIC for Spain
Privacy Policy: ; https://metricool.com/privacy-policy/

Facebook Pixel

Recipient: Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland
Legal basis: Consent (Art. 6 Para. 1a GDPR, Art. 31 Para.1 FADP)
Third country transfer: Based on the standard contractual clauses for third country transfers.
Privacy Policy: https://www.facebook.com/privacy/explanation

Plugins and integrated third-party content

Our website includes functions and elements that are obtained from third-party providers. These are, for example, videos, presentations, buttons, map services (maps) or contributions (hereinafter referred to as content). If this third-party content is accessed by website visitors (e.g. click, play, etc.), information and data are collected and linked to the website visitor's end device in the form of cookies or other technologies (e.g. pixels, Java Script commands or web assembly) and transmitted to the server of the third-party provider used. The third-party provider receives usage and interaction data from the website visitor and makes it available to us in the form of statistics via a dashboard. The statistics we receive contain dimensions and metrics and no clear user data.

It is not possible to load and display this third-party content without this editing process.

In order to protect the personal data of website visitors, we have taken protective measures to prevent the automatic transmission of this data to the third-party provider. This data is only transmitted when users actively use the buttons and click on the third-party content.

Data categories: User data (e.g. websites visited, interests, access times), meta and communication data (e.g. device information, IP addresses, location data if applicable)
Purpose of the processing:Sharing of posts and content, interest and behaviour-based marketing, evaluation of statistics, cross-device tracking, increasing the reach of advertisements in social media
Legal basis:Consent (Art. 6 Para. 1a GDPR, Art. 31 Para.1 FADP)

Google Maps

Pinterest

YouTube

Survey services (with data transmission)

We conduct surveys and polls (hereinafter "surveys") on our website from time to time. This helps us to improve our offerings and respond better to the needs of our customers. Participation in the survey is voluntary.

Data categories:Meta and communication data (e.g. device information, IP address), usage data (e.g. interests, access times), master data (e.g. name, address), contact data (e.g. email address, telephone number)
Purpose of the processing:Marketing, customer retention and new customer acquisition, improvement and optimisation of the offering
Legal basis: Consent (Art. 6 Para. 1a GDPR, Art. 31 Para.1 FADP)

Dotdigital.com

Recipient: dotdigital EMEA Limited, No. 1 London Bridge, London, SE1 9BG, Great Britain
Third country transfer: Based on the adequacy decision of the FDPIC for Great Britain
Privacy Policy: https://dotdigital.com/terms/privacy-policy/

Newsletter and broad communication (with tracking)

On our website, users have the option of subscribing to our newsletter or any notifications via various channels (hereinafter referred to as newsletter). We only send newsletters to recipients who have consented to receive the newsletter in accordance with the statutory provisions. We use a selected service provider to send our newsletter.

To subscribe to our newsletter, you must provide an email address. We may collect additional data, such as your name, in order to personalise our newsletter.

Our newsletter will only be sent after the double opt-in procedure has been completed. If website visitors decide to subscribe to our newsletter, they will receive a confirmation email, which serves to prevent the misuse of false email addresses and to exclude the possibility that a simple, possibly inadvertent click will trigger the sending of the newsletter. The subscription to our newsletter can be cancelled at any time for the future. An unsubscribe link (opt-out link) is included at the end of each newsletter.

We are also obliged to provide proof that our subscribers actually wanted to receive the newsletter. For this purpose, we collect and store the IP address and the time of registration and deregistration.

Newsletter tracking

Our newsletters are designed in such a way that we are able to gain insights into improvements, target groups or the reading behaviour of our subscribers. This enables us to use a so-called web beacon or tracking pixel, which reacts to interactions with the newsletter, for example whether links are clicked on, whether the newsletter is opened at all or at what time the newsletter is read. We can assign this information to individual subscribers for technical reasons.

Data categories: Master data (e.g. name, address), contact data (e.g. email address, telephone number), meta and communication data (e.g. device information, IP address), usage data (e.g. interests, access times)
Purpose of the processing: Marketing, customer retention and new customer acquisition, analysing and evaluating the success of the campaign
Legal basis:Consent (Art. 6 Para. 1a GDPR, Art. 31 Para.1 FADP)

Dotdigital.com

Advertising communication

We also use data provided to us, which we have received, for example, as part of an order, for advertising purposes, in particular to inform you on various channels about news from us or from our product portfolio. Advertising on our part takes place within the framework of the legal requirements and - if necessary - after obtaining consent. If the recipients of our advertising do not wish to receive it, they can inform us of this at any time and issue an objection or cancellation. The unsubscribe button in our email can be used for this purpose. Only those users who have not objected to receiving our advertising messages in advance will receive them.

We have commissioned a service provider to send out the advertising material. The latter acts exclusively on our instructions. The data will not be processed for purposes other than despatch.

Data categories: Master data (e.g. name, address), contact data (e.g. e-mail address, telephone number if applicable)
Purpose of the processing:Direct marketing
Legal basis:Consent (Art. 6 Para. 1a GDPR, Art. 31 Para.1 FADP), legitimate interests (Art. 6 Para. 1f GDPR, Art. 31 Para. 1 FADP)
Legitimate interests:Retention of existing and acquisition of new contacts or contractual partners, information about similar goods and services

Google Adwords

Competitions and contests

We use our online presence to organise competitions and/or contests. In doing so, we process the data of the campaign participants required for the realisation of the respective campaign. This also includes data that we need in order to inform the winner and pay out the prize.

Depending on the type of campaign, contributions by or about the campaign participants may be published, for example when reporting on the respective campaign or if a vote on a contribution submitted by the participant is part of the campaign. The name of the participant will also be published. Which data we process in individual cases depends on the specific action carried out and which data we receive from the participant.

The implementation of the respective action on our presence in a social network is also subject to the terms of use and data protection provisions of the respective network.

Data categories: Master data (e.g. name, address), contact data (e.g. email address, telephone number), content data (e.g. text entries, photos, videos)
Purpose of the processing: Realisation of the competition including prize distribution and announcement of the winner in various media
Legal basis:Consent (Art. 6 Para. 1a GDPR, Art. 31 Para.1 FADP)

Dotdigital.com

Events

On our website, visitors have the opportunity to register for events. The information collected by us and required for the initiation and fulfilment of the contract is marked as mandatory information. The provision of additional data is voluntary.

Categories of affected persons:Participants, interested parties
Data categories:Master data (e.g. name, address), contact data (e.g. email address, telephone number), transaction data (bank details, invoices, payment history), contract data (e.g. subject matter of the contract, term), meta and communication data (e.g. device information, IP addresses)
Purpose of the processing: Contract initiation and implementation
Legal basis:Contract initiation and implementation (Art. 6 Para. 1b GDPR, Art.31 Para. 2a FADP), consent (Art. 6 Para. 1a GDPR, Art.31 Para.1 FADP)

Dotdigital.com

eCommerce and payment methods

Online shop and orders

We offer our customers the opportunity to use our online shop on our website to purchase our products.

It is not necessary to register on our website to order or use fee-based transactions and services. The so-called guest order can be used for this purpose.

We collect the data required from users and buyers to initiate and fulfil the contract.

If users visit our online shop and place items in their shopping basket, cookies are stored on the user's device to ensure that the items remain in the shopping basket until the order process is completed. No data is transferred to third parties by cookies as part of the process. We have also not integrated any third-party elements via the shopping basket function.

Users or customers receive an automatically generated email from us after completion of the order process, which confirms the successful completion of the order. We may inform our customers separately by email about the status of their order (e.g. expected delivery date).

Data categories: Master data (e.g. name, address, country), contact data (e.g. email address), contract data (e.g. order history, payment data and means of payment), meta and communication data (e.g. device information, IP addresses), usage data (e.g. websites visited, interest in products/services, access times)
Purpose of the processing: Contract initiation and implementation
Legal basis: Contract initiation and implementation (Art. 6 Para. 1b GDPR, Art.31 Para. 2a FADP)

Payment service provider

In order to be able to make and receive payments or subsidies easily, we use various payment service providers in addition to banks and other credit institutions.

In order to make transactions particularly convenient and uncomplicated for visitors to our website, payments to us can also be made via payment service providers. The payment service providers process the data required for the transaction; when using the payment service provider, we do not receive any of the data that visitors to our website have provided to them. When using a payment service provider, we only receive information with confirmation or negative information about the payment.

Data categories: Master data (e.g. name, address), transaction data (bank details, invoices, payment history), contract data (e.g. subject matter of contract, term), meta and communication data (e.g. device information, IP address), contact data (e.g. email address, telephone number)
Purpose of the processing: Simplification of order and payment processing, outsourcing, data minimisation
Legal basis:Legitimate interests (Art. 6 Para. 1f GDPR; Art. 31 Para.1 FADP)
Legitimate interests: Simplification of work processes, resource-efficient fulfilment, market research, service provision

Diners Club

Recipient: card complete Service Bank AG, Lassallestrasse 3, 1020 Vienna, Austria
Third country transfer: Based on the adequacy decision of the FDPIC for Austria
Privacy Policy: https://www.dinersclub.de/datenschutz

Datatrans

Recipient: Datatrans AG, Kreuzbühlstrasse 26, 8008 Zurich, Switzerland
Third country transfer: Does not take place.
Privacy Policy: https://www.datatrans.ch/de/datenschutzbestimmungen/

Mastercard

Recipient: Mastercard Europe SA, Chaussée de Tervuren 198A, B-1410 Waterloo, Belgium
Third country transfer: Based on the adequacy decision of the FDPIC for Belgium
Privacy Policy: https://www.mastercard.de/de-de/datenschutz.html

Swiss Postfinance

Recipient: PostFinance AG, Mingerstrasse 20, 3030 Berne, Switzerland
Third country transfer: Does not take place.
Privacy Policy: https://www.postfinance.ch/de/detail/data.html

Visa

Recipient: Visa Europe Services Inc, 1 Sheldon Square, London W2 6TT, Great Britain
Third country transfer: Based on the adequacy decision of the FDPIC for Great Britain
Privacy Policy: https://www.visa.de/nutzungsbedingungen/visa-privacy-center.html

Internal area and digital services

Registration

We offer the option of creating a user account on our website. As part of the registration process, we collect the necessary data from interested visitors which we require in order to provide a user account and the associated functions.

To protect the use of the internal area, we collect the IP address and the time of access in order to prevent misuse of a user account and unauthorised use. We do not pass this data on to third parties unless this is necessary to pursue our claims or we are legally obliged to do so.

In addition, we have set up the so-called double opt-in procedure for initial registration. When users register for the first time, they will receive a confirmation link from us to the email address (user name) they have provided, which must be confirmed again separately by the user within a certain period of time. In this way, we ensure that the registration is actually carried out at the user's request and that misuse is avoided.

Protected login area

In order to protect user accounts from unauthorised access, logging in to the user account requires another measure in addition to entering the password, e.g. entering a code sent to a mobile device (multi-factor authentication). In this way, we ensure that the creation of the user account is protected and that misuse of the login process is avoided.

Data categories: Master data (e.g. name, address), contact data (e.g. email address, telephone number), login data (user name and password), possibly other content data (e.g. text entries), meta and communication data (e.g. device information, IP address), usage data (e.g. interests, access times)
Purpose of the processing: Contract fulfilment, customer loyalty
Legal basis: Contract initiation and implementation (Art. 6 Para. 1b GDPR, Art.31 Para. 2a FADP), consent (Art. 6 Para. 1a GDPR, Art.31 Para.1 FADP)

Contact

We offer website visitors the opportunity to contact us directly or to obtain information via various contact options. We use a management tool/our CRM system to process enquiries in order to have an overview of contacts made with us.

If you contact us, we process the data of the person making the enquiry to the extent necessary to answer or process the enquiry. The data processed may vary depending on the way in which contact is made with us.

Data categories: Master data (e.g. name, address), contact data (e.g. email address, telephone number), content data (e.g. text entries, photographs, videos), usage data (e.g. interests, access times), meta and communication data (e.g. device information, IP address).
Purpose of the processing: Processing of enquiries
Legal basis: Consent (Art. 6 Para. 1a GDPR, Art. 31 Para.1 FADP), contract fulfillment or initiation (Art. 6 Para. 1b GDPR, Art. 31 Para. 2a FADP)

Dotdigital.com

Recipient: dotdigital EMEA Limited, No. 1 London Bridge, London, SE1 9BG, Great Britain
Legal basis: Consent (Art. 6 Para. 1a GDPR, Art. 31 Para.1 FADP)
Third country transfer: Based on the adequacy decision of the FDPIC for Great Britain
Privacy Policy: https://dotdigital.com/terms/privacy-policy/

Downloads (whitepaper, product information)

We offer the possibility of making downloads on our website in order to provide our visitors with current information or information concerning them. In some cases, our visitors can download PDFs without this being recorded by our system.

In some cases, we collect personal data including IP address via a form before the download and make the provision of our free services dependent on subscription to our newsletter. In this case, a double opt-in procedure is used to obtain consent both for the processing of user data for the download and separately for the subscription to download-related mailings, each of which can be freely revoked independently of the other.

The download then takes place via a download link, which is made available to our users by email.

Data categories: Meta and communication data (e.g. device information, IP addresses), usage data (e.g. access time)
Purpose of the processing: Marketing, acquiring new customers, increasing sales
Legal basis: Consent (Art. 6 Para. 1a GDPR, Art. 31 Para.1 FADP)

Further information on data processing

Data transmission

We transmit the personal data of website visitors for internal purposes (e.g. for internal administration). The internal transfer or disclosure of data takes place to the extent necessary in compliance with the relevant data protection regulations.

It may be necessary for us to pass on personal data for the performance of contracts or to fulfil a legal obligation. If the data required in this respect is not provided to us, it may not be possible to conclude the contract with the data subject.

If your personal data is processed outside Switzerland, in so-called third countries (e.g. USA), we ensure that this is done in accordance with the requirements of Art. 44 et seq. GDPR, Art. 16 et seq. FADP. We take additional measures to ensure the highest possible level of protection for the personal data of data subjects. The guarantee applicable to the third country transfer is specified in our data protection declaration for the respective recipients.

We are a globally active company with headquarters in Switzerland. In the event that we transfer data to a country outside Switzerland for processing within the group, we ensure that the processing is legally permissible in the manner we intend. In this case, we have concluded standard contractual clauses including a separate regulation of suitable technical and organisational measures in order to protect the data of data subjects in the best possible way.

Legal basis: Legitimate interests (Art. 6 Para. 1f GDPR, Art. 31 Para.1 , FADP)
Legitimate interests: So-called small group privilege, centralised management and administration within the company to exploit synergy effects, save costs, increase effectiveness
Recipient: https://www.avogel.com

Order processing

Recipients used may work for us as so-called processors. We have concluded so-called "order processing contracts" with them in accordance with Art. 28 Para. 3 GDPR, Art. 9 FADP. This means that the processors may only process your personal data in a way that we have explicitly instructed them to do so. Processors take appropriate technical and organisational measures to process your data securely and in accordance with our instructions.

Storage period

We store the data of visitors for as long as this is necessary for the provision of our services or as long as this is provided for by another legislator in laws or regulations to which we are subject. In all other cases, we delete the personal data after the purpose has been fulfilled, with the exception of data that we must continue to store in order to fulfil legal obligations (e.g. we are obliged to retain documents such as contracts and invoices for a certain period of time due to retention periods under tax and commercial law).

Storage period for required cookies: max. 30 days

Storage period for unnecessary cookies/technologies:

After a maximum of 30 days and upon revocation by the data subject

Automated decision-making (including profiling)

We do not use automated decision-making or profiling in accordance with Art. 22 GDPR, Art. 21 FADP.

Rights of data subjects

Right to information: Pursuant to Art. 15 GDPR, Art. 25 FADP, data subjects have the right to request confirmation as to whether we are processing data concerning them. You can request information about this data as well as the further information listed in Art. 15 Para. 1 GDPR and a copy of your data.

Right to rectification: Pursuant to Art. 16 GDPR; Art. 32 Para. 1 FADP, data subjects have the right to request the rectification or completion of data concerning them and processed by us.

Right to cancellation:Data subjects have the right pursuant to Art. 17 GDPR, Art. 32 FADP to demand the immediate erasure of data concerning them. Alternatively, you can request that we restrict the processing of your data in accordance with Art. 18 GDPR; Art. 32 FADP.

Right to data portability: Pursuant to Art. 20 GDPR, Art. 28 FADP, data subjects have the right to request the provision of the data they have made available to us and to request that it be transferred to another controller.

Right to appeal:Data subjects also have the right to lodge a complaint with the supervisory authority responsible for them in accordance with Art. 77 GDPR, Art. 49 FADP.

Right to object:If personal data is processed on the basis of legitimate interests pursuant to Art. 6 Para. 1 Sentence 1f) GDPR, Art. 31 Para. 1 FADP, data subjects have the right to object to the processing of their personal data if there are reasons for doing so arising from their particular situation or if the objection is directed against direct advertising. In the latter case, data subjects have a general right to object, which we will implement without specifying a particular situation.

Revocation

Some data processing operations are only possible with the express consent of the data subjects. You have the option to revoke your consent at any time without giving reasons. All you need to do is send an informal message by email to: info@verlag-avogel.ch. Consent to data processing operations on our website can be adjusted and revoked directly in our Consent Manager. The legality of the data processing carried out until the revocation remains unaffected by the revocation.

External links

Our website contains links to the online offers of other providers. We would like to point out that we have no influence on the content of the linked websites and the compliance with data protection regulations by their providers.

Changes

We reserve the right to adapt the data protection information on our website at any time in the event of changes and in compliance with the applicable data protection regulations so that it complies with data protection requirements.

This Privacy Policy was created by

DDSK GmbH

www.ddsk.de