1. Contact Information
Responsible entity for the processing of personal data:
bc medien ag
onlinedruck.ch by bc medien ag
We will provide notice in cases where there are different responsible entities for the processing of personal data on a case-by-case basis.
2. Terms and Legal Bases
Personal data refers to any information relating to a specific or identifiable natural person. A data subject is an individual about whom we process personal data.
Processing encompasses all actions taken with personal data, regardless of the means and methods, such employed as querying, comparing, adapting, archiving, retaining, extracting, disclosing, obtaining, capturing, collecting, deleting, revealing, organizing, arranging, storing, modifying, distributing, linking, destroying, and using personal data.
1.2 Legal Bases
We process personal data in accordance with Swiss data protection law, especially the Federal Data Protection Act (Datenschutzgesetz, DSG), and the Ordinance to the Federal Data Protection Act (Datenschutzverordnung, DSV).
2. Type, Scope, and Purpose
We process the personal data that is required to enable us to carry out our activities and operations in a permanent, user-friendly, secure and reliable manner. Such personal data may in particular fall into the categories of inventory and contact data, browser and device data, content data, meta or marginal data and usage data, location data, sales data and contract and payment data.
We process personal data for the duration that is necessary for the respective purpose(s) or as required by law. Personal data that is no longer required for processing will be anonymized or deleted.
We may have third parties process personal data on our behalf. We may also jointly process or transmit personal data with third parties. These third parties particularly include specialized providers whose services we use. We ensure data protection is maintained with these third parties as well.
As a matter of principle, we only process personal data with the consent of the persons concerned. If and insofar as the processing is permitted for other legal reasons, we may waive the requirement to obtain consent. For example, we may process personal data without consent in order to fulfil a contract, to comply with legal obligations or to protect overriding interests.
Within this context, we primarily process information that a data subject voluntarily provides to us when making contact – for example, through postal mail, email, instant messaging, contact forms, social media, or telephone – or when registering for a user account. We may store such information, for instance, in an address book, a Customer Relationship Management (CRM) system, or similar tools. If we receive data about other individuals from third parties, these transmitting individuals are obligated to ensure data protection for these individuals and to verify the accuracy of this personal data.
We also process personal data that we receive from third parties, obtain from publicly available sources or collect in the course of our activities and operations, if and to the extent that such processing is permitted for legal reasons.
We process personal data about applicants to the extent necessary for assessing suitability for an employment relationship or for the subsequent execution of an employment contract. The necessary personal data primarily arise from the information provided, for example, within the context of a job advertisement. Furthermore, we process personal data voluntarily disclosed or published by applicants, notably as part of cover letters, resumes, and other application documents, as well as online profiles.
4. Personal Data Abroad
We primarily process personal data in Switzerland. However, we may also disclose or export personal data to other countries, especially to process or have them processed there.
We may disclose personal data to all countries and territories on Earth as well as elsewhere in the universe, provided that the local laws in accordance with a decision of the Swiss Federal Council ensure adequate data protection.
We may disclose personal data to countries that do not provide adequate data protection under their laws, as long as suitable data protection is ensured through other means. Suitable data protection can, for example, be ensured through appropriate contractual agreements, based on standard data protection clauses, or with other appropriate safeguards. Exceptionally, we can export personal data to countries without adequate or suitable data protection if the specific data protection requirements are met, such as obtaining explicit consent from the data subjects or when there is a direct link to the conclusion or performance of a contract. Upon request, we are willing to provide data subjects with information about any guarantees in place or provide copies of such guarantees.
6. Rights of Data Subjects
6.1 Data Protection Claims
We grant data subjects all claims in accordance with applicable data protection law. Data subjects, in particular, possess the following rights:
We may postpone, limit, or refuse the exercise of data subjects' rights within legally permissible bounds. We may inform data subjects about any requirements that need to be fulfilled for the exercise of their data protection claims. For instance, we may partially or completely deny providing information with reference to trade secrets or the protection of other individuals. Similarly, we may partially or completely refuse the deletion of personal data with reference to statutory retention obligations.
In exceptional cases, we may impose costs for the exercise of these rights. We will inform data subjects in advance about any potential costs.
We are obligated to identify data subjects who request information or assert other rights through appropriate measures. Data subjects are obligated to cooperate in this identification process.
6.2 Right to complain
Data subjects have the right to enforce their data protection claims through legal proceedings or to lodge a complaint with a competent data protection supervisory authority. The data protection supervisory authority for private controllers and federal agencies in Switzerland is the Federal Data Protection and Information Commissioner (FDPIC).
7. Data Security
We implement appropriate technical and organizational measures to ensure data security commensurate with the respective risk. However, we cannot guarantee absolute data security.
Access to our website is secured using transport encryption (SSL/TLS), especially with the Hypertext Transfer Protocol Secure (HTTPS). Most browsers indicate transport encryption with a padlock icon in the address bar.
Our digital communication, like any digital communication, is subject to mass surveillance without cause or suspicion, as well as other forms of monitoring by security authorities in Switzerland, across Europe, the United States of America (USA), and other countries. We have no direct control over the processing of personal data by intelligence agencies, law enforcement, and other security authorities.
8. Use of the Website
Cookies can be stored in the browser temporarily as "session cookies" or for a specific duration as so-called permanent cookies. "Session cookies" are automatically deleted when the browser is closed. Permanent cookies have a specified storage period. Cookies allow, among other things, a browser to be recognized on the next visit to our website, enabling measurements of website reach, for example. However, permanent cookies can also be used for online marketing purposes.
For cookies used for tracking success, measuring reach, or advertising, many services provide a general opt-out option through organizations such as AdChoices (Digital Advertising Alliance of Canada), the Network Advertising Initiative (NAI), YourAdChoices (Digital Advertising Alliance), or Your Online Choices (European Interactive Digital Advertising Alliance, EDAA).
8.2 Server Log Files
For each access to our website, we may collect the following information if they are transmitted by your browser to our server infrastructure or can be determined by our web server: date and time including time zone, Internet Protocol (IP) address, access status (HTTP status code), operating system including user interface and version, browser including language and version, accessed individual subpage of our website including transferred data volume, and the last webpage visited in the same browser window (referer or referrer).
We store such information, which can also constitute personal data, in server log files. This information is necessary to provide our website consistently, user-friendly, and reliably, as well as to ensure data security and particularly the protection of personal data – both by ourselves and third parties or with the assistance of third parties.
8.3 Tracking Pixels
We may use tracking pixels on our website, also known as web beacons. Tracking pixels, including those from third-party services we use, are small, usually invisible images that are automatically retrieved when visiting our website. Tracking pixels can capture the same information as server log files.
9. Notifications and Communications
We send notifications and communications via email and other communication channels such as instant messaging or SMS.
9.1 Success and Reach Measurement
Notifications and communications may contain web links or tracking pixels that capture whether an individual message has been opened and which web links have been clicked. Such web links and tracking pixels can capture the usage of notifications and communications on a personalized basis. We require this statistical tracking of usage for success and reach measurement in order to effectively and user-friendly send notifications and communications based on the needs and reading habits of recipients, while maintaining the provision of these messages consistently, securely, and reliably.
9.2 Consent and Objection
In general, you must explicitly consent to the use of your email address and other contact details, unless the use is permissible for other legal reasons. For obtaining consent, we aim to use the "Double Opt-in" procedure whenever possible. This means you will receive an email with a hyperlink that you must click to confirm, preventing misuse by unauthorized parties. We may log such consents, including Internet Protocol (IP) address, date, and time, for evidential and security purposes.
You can generally object to receiving notifications and communications, such as newsletters, at any time. By exercising this objection, you can simultaneously object to the statistical tracking of usage for success and reach measurement. Necessary notifications and communications related to our activities and operations remain unaffected by such objections.
9.3 Service Providers for Notifications and Communications
All transactional emails are sent through the mail platform of bc medien ag, except for the newsletter. We use the following service for newsletters:
10. Social Media
We maintain a presence on social media platforms and other online platforms to communicate with interested individuals and provide information about our activities and operations. In connection with such platforms, personal data may also be processed outside of Switzerland.
11. Third party services
We utilize services from specialized third parties to carry out our activities and operations consistently, user-friendly, securely, and reliably. Such services allow us to embed functions and content into our website, among other purposes. When embedding such content, the utilized services may, for technically necessary reasons, temporarily capture the Internet Protocol (IP) addresses of users.
For essential security, statistical, and technical purposes, third parties whose services we use may process data related to our activities and operations in an aggregated, anonymized, or pseudonymized form. This could include performance or usage data required to provide their respective services. We primarily utilize the following services:
11.1 Digital Infrastructure
We utilize services from specialized third parties to access the required digital infrastructure for our activities and operations. This includes, for example, hosting and storage services from selected providers.
11.2 Contact Options
We utilize services from selected providers to enhance communication with third parties, such as potential and existing customers.
We use services from third parties to embed selected fonts, icons, logos, and symbols into our website. Specifically, we utilize:
We engage in e-commerce activities and leverage services from third parties to effectively offer services, content, or goods.
We utilize specialized service providers to securely and reliably process payments from our customers. For payment processing, the legal texts of individual service providers such as General Terms and Conditions (GTC) or privacy policies apply. Specifically, we use:
We utilize the option to display targeted advertising for our activities and operations through third parties such as social media platforms and search engines.
We aim to reach individuals who are already interested in or may be interested in our activities and operations through such advertising, particularly utilizing remarketing and targeting techniques. To enable this, we may transmit relevant, potentially personal information to third parties who facilitate such advertising. Additionally, we can assess the effectiveness of our advertising, specifically whether it leads to visits on our website (conversion tracking).
Third parties with whom we advertise and where you are logged in as a user may associate the use of our website with your profile on their platform. Specifically, we use:
12. Extensions for the Website
We use extensions for our website to enable additional functionalities.
13. Success and Reach Tracking
We aim to assess how our online offerings are utilized. In this context, we may measure the success and reach of our activities and endeavors, as well as the impact of third-party links directing to our website. Furthermore, we may conduct experiments, such as comparing the usage of various parts or versions of our online offerings using methods like A/B testing. The insights garnered from success and reach measurements allow us to address errors, strengthen popular content, and enhance our online offerings.
For success and reach measurement, the Internet Protocol (IP) addresses of individual users are typically stored. However, these IP addresses are generally truncated (IP masking) to adhere to the principle of data minimization through pseudonymization.
Cookies might be employed in success and reach measurement, and user profiles could be created. Created user profiles may encompass information like specific pages visited or content viewed on our website, screen size or browser window dimensions, and, at the very least, an approximate location. In principle, any generated user profiles are solely pseudonymized and are not used for the identification of individual users. Certain third-party services, where users are logged in, may associate the usage of our online offerings with their user account or profile on the respective service. We specifically utilize:
14. Final Provisions
Münchenstein, in August 2023
bc medien ag