data protection
In this privacy policy we inform you about how we handle your personal data as a visitor to our website and newsletter subscriber and explain your rights in connection with the processing of personal data in our organization.
scope
This privacy policy applies to all processing activities related to personal data:
Visit our website
contact
Cookies
Social-Media
Newsletter
Events
Sponsorship
Members area
Depending on the data processing, in addition to the applicable Swiss law (Federal Data Protection Act (DSG) of September 25, 2020, SR 235.1), European data protection law (Regulation (EU) 2016/679 (General Data Protection Regulation)) may also or exclusively apply.
This privacy policy does not apply to linked websites of other providers or websites from which links to our website are provided.
Contact details of the responsible persons
Contact details of the Swiss supervisory authority
Federal Data Protection and Information Commissioner
Feldeggweg 1
CH - 3003 Bern
Phone: +41 58 462 43 95
Contact form: https://www.edoeb.admin.ch/edoeb/de/home/der - edoeb/kontakt/kontakt formular.html
Processing activities
Depending on your relationship with us, we process different personal data about you for different purposes and based on different legal bases.
Visit our website
Data processing - When you visit our website, the browser used on your device automatically sends information to the server of our website. This information is temporarily stored in a so-called log file.
Personal data The following information is collected without your intervention and stored until it is automatically deleted:
IP address of the requesting computer
Date and time of access
Name and URL of the retrieved file
Website from which access is made (referrer URL)
Browser type and version as well as other information transmitted by the browser, such as the operating system of your computer, the name of your access provider, your geographical origin, language settings, etc.
Purpose
The said data will be processed for the following purposes:
Ensuring a smooth connection to the website
Ensuring comfortable use of our website
Evaluation of system security and stability as well as for other administrative purposes
To improve and further develop our service
Legal basis
The legal basis for this data processing is our private interest in accordance with Art. 31 Para. 1 DSG or Art. 6 Para. 1 Clause 1 Letter f GDPR. This data is collected and evaluated for statistical purposes and to improve the quality of the website. Under no circumstances do we use the data collected to draw conclusions about you or to create user profiles using this data.
need
This information is necessary for the website to function.
Retention period
After your session has ended, the session cookies are deleted, but we retain the log in accordance with legal requirements.
Contact
Data processing
If you have any questions, you can contact us via our email address.
personal data
The following information must be provided:
Salutation
First and last names
Valid Email Address
Company name (optional)
Address (optional)
Membership (voluntary)
Your message
Purpose
The said data will be processed for the following purposes:
Answering your request
contact
Legal basis
This data processing is carried out on the basis of contractual or pre-contractual measures in accordance with Art. 31 Para. 2 lit. a DSG or Art. 6 Para. 1 S. 1 lit. b GDPR.
need
This processing activity is not necessary for the functionality of the website
Retention period
The data stored for the purpose of answering your inquiry and contacting you will be deleted after 2 years, unless we are required to retain the data for 5 or 10 years.
Cookies
Transfer of data to third parties
Data processing Your personal data will not be transferred to third parties for purposes other than those listed and to other contractors and their subcontractors.
Third parties are technology providers for the optimal operation of the websites and social media presences as well as for offering the services listed above.
Cross-border disclosure to third countries without adequate data protection levels
Data processing No disclosure will take place in third countries without an adequate level of data protection or only under the contractual obligation to comply with a sufficient level of data protection (EU standard clauses).
Personal data will only be transferred to third countries if the data protection requirements of Art. 16 DSG or Art. 44 ff. GDPR are met.
A third country is a country outside Switzerland or the European Economic Area (EEA) in which Swiss data protection law or the European GDPR is not directly applicable. A third country is considered unsafe if, according to the Federal Council or the EU Commission, the country does not have an adequate level of data protection.
Data privacy frameworks exist between the EU and the USA and between Switzerland and the USA. These frameworks ensure that data is transferred to the USA in accordance with the GDPR or DSG and that data is processed accordingly, in which all rights under EU law or Swiss law of the data subject can be preserved. Whether the specific data processor in the USA participates in this framework can be clarified on the website: https://www.dataprivacyframework.gov/s/. In addition, you will find further information on the processing of user data in the specific data protection declarations of the data processor. In this data protection information, we inform you when and how we transfer personal data to the USA or other unsafe third countries.
Data security
Data processing
We take appropriate measures to ensure that your personal data cannot be viewed or stolen by third parties without permission. In particular, we ensure that only authorized persons have access to this data through appropriate technical (e.g. firewall, password protection, SSL encryption, etc.) and organizational (e.g. restriction of authorized persons, training of authorized persons, etc.) measures. Our data processing and our security measures are continuously improved in line with technological developments.
personal data
Personal data is any information relating to an identified or identifiable natural person, including name, address, telephone number, email or IP address.
Purpose
We use SSL encryption for security reasons and to protect the transmission of confidential content, such as the requests you send to us as the website operator. You can recognize an encrypted connection by the fact that the address line of the browser is
“http://” changes to “https://” and by the lock symbol in your browser line.
If SSL encryption is activated, the data you send to us cannot be read by third parties.
Retention period
Data processing
We retain your personal data for as long as we consider necessary or appropriate to comply with applicable laws or as long as it is necessary for the purposes for which it was collected. We delete your personal data as soon as it is no longer required and in any case after the expiry of the legally prescribed maximum retention period of five or ten years. Data that is no longer required and for which there is no legal obligation to retain it will be destroyed once the purpose and justification no longer apply.
personal data
In detail, we keep your data for the following period:
We retain data that we process pursuant to law for the statutory retention period, for example if labor law, social security law, tax law or the Commercial Records Ordinance so requires;
We retain data that we need to fulfill a contract for at least the duration of the contract and for a maximum of 10 years thereafter, unless we need the data to assert our rights;
We retain data that we process to protect our legitimate interests for a maximum of ten years after the end of the contractual relationship, unless we need the data to assert our rights.
Your rights
As a data subject, you may assert various claims against us in accordance with the applicable national and international law.
To fulfill these claims, we may process your personal data again.
Depending on the applicable law, data subjects may exercise the following rights:
• to request information about your personal data processed by us. In particular, information pursuant to Art. 25 DSG or Art. 15 GDPR may contain information: o about the purposes of processing o the category of personal data
the categories of recipients to whom your data have been or will be disclosed
the planned storage period o the existence of a right to rectification, erasure, restriction of processing or objection o the existence of a right to lodge a complaint
the origin of your data, if it was not collected by us
and the existence of automated decision-making, including profiling, and, where appropriate, meaningful information on its details
to immediately request the correction of inaccurate or completion of your personal data stored by us (Art. 6
Paragraph 5 DSG or Art. 16 GDPR);
to request the restriction of the processing of your personal data if you contest the accuracy of the data, the processing is unlawful but you refuse to delete it and we no longer need the data, but you require it to assert, exercise or defend legal claims or you have objected to the processing in accordance with Art. 21 GDPR (Art. 32 para. 4 DSG or Art. 18 GDPR);
To receive your personal data that you have provided to us in a structured, common and machine-readable format or to request that it be transmitted to another controller (Article 20 GDPR);
to request the deletion of your personal data stored by us, unless the processing is necessary to exercise the right to freedom of expression and information, to fulfil a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims (Art. 32 Para. 2 lit. c DSG or Art. 17 GDPR);
To revoke your consent to us at any time. This means that we may no longer continue the data processing based on this consent in the future (Art. 30 Para. 2 lit. b DSG or Art. 7 Para. 3 GDPR);
Object to processing if your personal data is processed on the basis of legitimate interests in accordance with Art. 6 Paragraph 1 Clause 1 Letter f of GDPR (Art. 21 GDPR) and if there are reasons for doing so that arise from your particular situation or if the objection is directed against direct advertising. In the latter case, you have a general right of objection, which we will implement without specifying a particular situation;
to complain to a supervisory authority (see above) (Art.
49 DSG or Art. 77 GDPR).
Current status and changes to this privacy policy
We reserve the right to change this privacy policy at any time or to adapt it to new processing methods. The current privacy policy can be accessed at any time at www.apexcybersolutions.ch.