Privacy policy

Thank you for visiting our website naoo.com and for your interest in our company.

The protection of your personal data, such as date of birth, name, telephone number, address, etc., is important to us.

The purpose of this privacy policy is to inform you about the processing of your personal data that we collect from you when you visit our website. Our data protection practice is in accordance with the legal regulations of the Swiss Federal Law on Data Protection (DSG) and the EU's General Data Protection Regulation (DSGVO). The following data protection declaration serves to fulfill the information obligations arising from the DSG and the DSGVO. These can be found, for example, in Art. 8 ff. DSG as well as Art. 13 ff. of the DSGVO.

Owner or responsible person

The owner or controller within the meaning of Art. 3 letter i DSG or Art. 4 No. 7 DSGVO is the person who alone or jointly with others decides on the purposes and means of the processing of personal data. The controller under Art. 4 No. 7 GDPR is also the recipient of the personal data within the meaning of Art. 4 No. 9 GDPR. Any third-party recipient will be identified separately.

With regard to our website, the owner or responsible person is:

naoo AG
Widenstrasse 5
6317 Oberwil b. Zug
Switzerland
E-mail: hi@naoo.com
Phone: 044 202 94 94

Provision of the website and creation of log files

Each time our website is accessed, our system automatically collects data and information from the respective retrieving device (e.g. computer, cell phone, tablet, etc.).

What personal data is collected and to what extent is it processed?

(1) Information about the browser type and version used;
(2) The operating system of the retrieval device;
(3) Host name of the accessing computer;
(4) The IP address of the retrieval device;
(5) Date and time of access;
(6) Websites and resources (images, files, other page content) that were accessed on our website;
(7) Websites from which the user's system accessed our Internet site (referrer tracking);
(8) Message as to whether the retrieval was successful;
(9) Volume of data transferred

This data is stored in the log files of our system. A storage of this data together with personal data of a concrete user does not take place, so that an identification of individual site visitors does not take place.

Legal basis for the processing of personal data

The processing of personal data is carried out according to the principle of legality (Art. 4 DSG) and according to the requirement of good faith (Art. 2 ZGB) as well as Art. 6 para. 1 lit. f DSGVO (legitimate interest).

Purpose of data processing

The temporary (automated) storage of the data is necessary for the course of a website visit to enable delivery of the website. The storage and processing of personal data is also carried out to maintain the compatibility of our website for as many visitors as possible and to combat abuse and troubleshooting. For this purpose, it is necessary to log the technical data of the accessing computer in order to be able to react as early as possible to display errors, attacks on our IT systems and/or errors in the functionality of our website. In addition, we use the data to optimize the website and to generally ensure the security of our information technology systems.

Duration of storage

The deletion of the aforementioned technical data takes place as soon as they are no longer needed to ensure the compatibility of the website for all visitors, but no later than 3 months after accessing our website.

Possibility of objection and deletion

You can object to the processing at any time pursuant to Art. 21 DSGVO and request deletion of the data pursuant to Art. 17 DSGVO. You can find out which rights you have and how to exercise them in the lower section of this privacy policy.

Special functions of the website

Our site offers you various functions, during the use of which personal data is collected, processed and stored by us. Below we explain what happens with this data:

Contact form(s)

• What personal data is collected and to what extent is it processed?

  The data you entered in our contact forms, which you entered in the input mask of the contact form.

• Legal basis for the processing of personal data

  The processing of personal data is carried out according to the principle of legality (Art. 4 DSG) and according to the requirement of good faith (Art. 2 ZGB) as well as Art. 6 para. 1 lit. a DSGVO (consent through clear confirming action or behavior).

• Purpose of data processing

  We will use the data recorded via our contact form or via our contact forms only for processing the specific contact request received through the contact form. Please note that in order to fulfill your contact request, we may also send you e-mails to the address provided. The purpose of this is so that you can receive confirmation from us that your request has been correctly forwarded to us. However, the sending of this confirmation e-mail is not obligatory for us and is only for your information.

• Duration of storage

  After processing your request, the collected data will be deleted immediately, unless there are legal retention periods.

• Possibility of objection and deletion

  You can object to the processing at any time pursuant to Art. 21 DSGVO and request deletion of the data pursuant to Art. 17 DSGVO. You can find out which rights you have and how to exercise them in the lower section of this privacy policy.

• Necessity of providing personal data

  The use of the contact forms is on a voluntary basis. You are not obliged to contact us via the contact form, but can also use the other contact options provided on our site. If you wish to use our contact form, you must fill in the fields marked as mandatory. If you do not fill in the required information of the contact form, you will either not be able to send the request or we will not be able to process your request due to lack of information.

Newsletter subscription form

• What personal data is collected and to what extent is it processed?

  By registering for the newsletter on our website, we receive the e-mail address entered by you in the registration field and, if applicable, further contact data, provided that you communicate this to us via the newsletter registration form.

• Legal basis for the processing of personal data

  The processing of personal data is carried out according to the principle of legality (Art. 4 DSG) and according to the requirement of good faith (Art. 2 ZGB) as well as Art. 6 para. 1 lit. a DSGVO (consent through clear confirming action or behavior).

• Purpose of data processing

  The data recorded in the registration mask of our newsletter will be used by us exclusively for sending our newsletter, in which we inform you about all our services and our news. After registration, we will send you a confirmation e-mail containing a link that you must click to complete the registration for our newsletter (double opt-in).

• Duration of storage

  Our newsletter can be unsubscribed at any time by clicking on the unsubscribe link, which is also included in every newsletter. Your data will be deleted by us immediately after unsubscribing, provided that there are no legal retention obligations. Likewise, your data will be deleted by us immediately in the event that your subscription is not completed. We reserve the right to delete without giving reasons and without prior or subsequent information.

• Possibility of objection and deletion

  You can object to the processing at any time pursuant to Art. 21 DSGVO and request deletion of the data pursuant to Art. 17 DSGVO. You can find out which rights you have and how to exercise them in the lower section of this privacy policy.

• Necessity of providing personal data

  If you would like to use our newsletter, you must fill in the fields marked as mandatory and confirm the e-mail address by clicking on the double opt-in link. The newsletter registration details are necessary in order to be able to make use of the newsletter offer. The information is used exclusively for sending our newsletter. If you do not fill in the mandatory fields, we will not be able to provide you with our newsletter service.

Disclosure of information to third parties

Personal data is processed in accordance with the principle of legality (Art. 4 FADP) and the principle of good faith (Art. 2 CC).

The disclosure of information to third parties depends on the scope of activities or offers of our website or our business model described below.

In principle, we keep your information only as long as necessary and treat it confidentially. Exceptions to this are the transfer of personal data to debt collection service providers, to public bodies and authorities and to private individuals, who have a claim to it on the basis of legal provisions, court decisions or official orders as well as the transfer to authorities for the purpose of initiating legal proceedings or for law enforcement purposes if our legally protected rights are attacked.

Statistical analysis of visits to this website - Webtracker

We collect, process and store the following data when this website or individual files on the website are accessed: IP address, website from which the file was accessed, name of the file, date and time of access, amount of data transferred and report on the success of the access (so-called web log). We use this access data exclusively in non-personalized form for the continuous improvement of our Internet offering and for statistical purposes.

The processing of any personal data is carried out in accordance with the principle of legality (Art. 4 DSG) and the requirement of good faith (Art. 2 ZGB). We also use the following web trackers to evaluate visits to this website:

• Adobe Typekit

  We use on our site the Adobe Typekit service of the company Adobe Systems Software Ireland Limited, 4-6 Riverwalk Citywest Business Campus, 24 Dublin, Ireland, e-mail: contact.de@adobe.com, website: http: //www.adobe.com/de. The processing takes place in safe third countries according to the assessment of Swiss authorities. The list of countries for Switzerland can be found at the following link: https://www.edoeb.admin.ch/edoeb/de/home/datenschutz/handel-und-wirtschaft/uebermittlung-ins-ausland.html. The transfer of personal data also takes place to the USA. With regard to the transfer of personal data to the USA, there is an adequacy decision on the EU-US Data Privacy Framework of the EU Commission within the meaning of Art. 45 DSGVO (hereinafter: DPF - https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en). The operator of the service is certified under the DPF, so that the usual level of protection of the DSGVO applies to the transfer.

  The legal basis for the transmission of personal data is your consent pursuant to Art. 4 para. 5 DSG or Art. 13 para. 2 DSG and pursuant to Art. 6 para. 1 lit. a DSGVO or Art. 9 para. 2 lit. a DSGVO, which you have given on our website.

  We use the Adobe Typekit service to include attractive fonts on our site and to provide you with a better-looking version of our website. The service may also be used on our website if other Adobe services are loaded on our website that require Adobe Typekit fonts to run. This is the case, for example, if our website uses Adobe services that require Adobe Typekit to run.

  For processing itself, the service or we collect the following data: Font data, IP address of the page visitor, font usage statistics, and other data from Adobe services related to our website.

  If the service is activated on our website, our website establishes a connection to the servers of the company Adobe Systems Software Ireland Limited and transfers the required data. As part of the order processing, personal data may also be transmitted to the servers of the company Adobe Inc., 345 Park Avenue, San Jose, California 95110-2704, USA. When using the Google service on our website, Adobe may transmit and process information from other Adobe services in order to provide background services for the display and data processing of the services provided by Google. This may include data transfer to Adobe's Document Cloud, Creative Cloud, and Acrobat services in accordance with the Adobe Privacy Policy. You can access certification under the EU-US Data Privacy Framework at https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt0000000TNo9AAG.

  You can revoke your consent at any time. You can find more information about revoking your consent either with the consent itself or at the end of this privacy policy.

  For more information on the handling of transmitted data, please refer to the provider's privacy policy at http://www.adobe.com/de/privacy.html.

  The provider also offers an opt-out option at https://www.adobe.com/de/privacy/opt-out.html.

• Custom Audiences

  We use the Custom Audiences service of the company Meta Platforms Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, 2 Dublin, Ireland, e-mail: impressum-support@support.facebook.com, website: http: //facebook.com/ on our site. According to the assessment of Swiss authorities, the processing takes place in safe third countries. The list of countries of Switzerland can be found at the following link: https://www.edoeb.admin.ch/edoeb/de/home/datenschutz/handel-und-wirtschaft/uebermittlung-ins-ausland.html. The transfer of personal data also takes place to the USA. With regard to the transfer of personal data to the USA, there is an adequacy decision on the EU-US Data Privacy Framework of the EU Commission within the meaning of Art. 45 DSGVO (hereinafter: DPF - https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en). The operator of the service is certified under the DPF, so that the usual level of protection of the DSGVO applies to the transfer.

  The legal basis for the transmission of personal data is your consent pursuant to Art. 4 para. 5 DSG or Art. 13 para. 2 DSG and pursuant to Art. 6 para. 1 lit. a DSGVO or Art. 9 para. 2 lit. a DSGVO, which you have given on our website.

  Facebook Custom Audience is an advertising tool from Facebook that can be used to target advertising campaigns to page visitors.

  You can access the parent company's certification under the EU-US Data Privacy Framework at https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt0000000GnywAAC.

  You can revoke your consent at any time. You can find more information about revoking your consent either with the consent itself or at the end of this privacy policy.

  For more information on the handling of transmitted data, please refer to the provider's privacy policy at https://www.facebook.com/about/privacy.

  The provider also offers an opt-out option at https://www.facebook.com/about/privacy.

• Facebook Connect

  We use the Facebook Connect service of the company Meta Platforms Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, 2 Dublin, Ireland, e-mail: impressum-support@support.facebook.com, website: http: //www.facebook.com/ on our site. According to the assessment of Swiss authorities, the processing takes place in safe third countries. The list of countries of Switzerland can be found at the following link: https://www.edoeb.admin.ch/edoeb/de/home/datenschutz/handel-und-wirtschaft/uebermittlung-ins-ausland.html. The transfer of personal data also takes place to the USA. With regard to the transfer of personal data to the USA, there is an adequacy decision on the EU-US Data Privacy Framework of the EU Commission within the meaning of Art. 45 DSGVO (hereinafter: DPF - https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en). The operator of the service is certified under the DPF, so that the usual level of protection of the DSGVO applies to the transfer.

  The legal basis for the transmission of personal data is your consent pursuant to Art. 4 para. 5 DSG or Art. 13 para. 2 DSG and pursuant to Art. 6 para. 1 lit. a DSGVO or Art. 9 para. 2 lit. a DSGVO, which you have given on our website.

  Through Facebook Connect, users can use their Facebook profile to simplify logging into other web services.

  Certification under the EU-US Data Privacy Framework is available at https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt0000000GnywAAC.

  You can revoke your consent at any time. You can find more information about revoking your consent either with the consent itself or at the end of this privacy policy.

  For more information on the handling of transmitted data, please refer to the provider's privacy policy at https://www.facebook.com/about/privacy.

  The provider also offers an opt-out option at https://www.facebook.com/about/privacy.

• Google

  We use on our site the service Google of the company Google Ireland Limited, Gordon House, Barrow Street, 4 Dublin, Ireland, e-mail: support-deutschland@google.com, website: http: //www.google.com/. According to the assessment of Swiss authorities, the processing takes place in safe third countries. The list of countries of Switzerland can be found at the following link: https://www.edoeb.admin.ch/edoeb/de/home/datenschutz/handel-und-wirtschaft/uebermittlung-ins-ausland.html. The transfer of personal data also takes place to the USA. With regard to the transfer of personal data to the USA, there is an adequacy decision on the EU-US Data Privacy Framework of the EU Commission within the meaning of Art. 45 DSGVO (hereinafter: DPF - https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en). The operator of the service is certified under the DPF, so that the usual level of protection of the DSGVO applies to the transfer.

  The legal basis for the transmission of personal data is your consent pursuant to Art. 4 para. 5 DSG or Art. 13 para. 2 DSG and pursuant to Art. 6 para. 1 lit. a DSGVO or Art. 9 para. 2 lit. a DSGVO, which you have given on our website.

  We use Google to be able to reload further services from Google on the website. The service is used to provide additional Google services, such as the required data processing in the provision of streams and fonts and relevant content of Google search. It is technically required in order to be able to exchange the site visitor's information already available to Google between the Google services and to be able to provide the site visitor with individual content adapted to his Google account.

  For the processing itself, the service or we collect the following data: Background data stored in the Google user account or other Google services about the page visitor, background data for the provision of Google services such as streaming data or advertising data, data about the page user's interaction with Google search, information about the terminal device used, the IP address and the user's browser and other data from Google services for the provision of Google services related to our website.

  If the service is activated on our website, our website establishes a connection to the servers of the company Google Ireland Limited and transfers the required data. As part of the order processing, there may also be a transmission of personal data to the servers of the company Google LLC, 1600 Amphitheatre Parkway, 94043 Mountain View, United States. When using the Google service on our website, Google may transmit and process information from other Google services in order to provide background services for the display and data processing of the services provided by Google. For this purpose, data may also be transferred to the Google services Google Apis, Doubleclick, Google Cloud, and Google Ads and Google Fonts in accordance with the Google privacy policy. You can access the certification under the EU-US Data Privacy Framework at https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt000000001L5AAI&status=Active.

  You can revoke your consent at any time. You can find more information about revoking your consent either with the consent itself or at the end of this privacy policy.

  For more information on the handling of transmitted data, please refer to the provider's privacy policy at https://policies.google.com/privacy.

  The provider also offers an opt-out option at https://support.google.com/My-Ad-Center-Help/answer/12155451?hl=de.

• Google Ads

  We use the Google Ads service of the company Google Ireland Limited, Gordon House, Barrow Street, 4 Dublin, Ireland, e-mail: support-deutschland@google.com, website: http: //www.google.com/ on our site. According to the assessment of Swiss authorities, the processing takes place in safe third countries. The list of countries of Switzerland can be found at the following link: https://www.edoeb.admin.ch/edoeb/de/home/datenschutz/handel-und-wirtschaft/uebermittlung-ins-ausland.html. The transfer of personal data also takes place to the USA. With regard to the transfer of personal data to the USA, there is an adequacy decision on the EU-US Data Privacy Framework of the EU Commission within the meaning of Art. 45 DSGVO (hereinafter: DPF - https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en). The operator of the service is certified under the DPF, so that the usual level of protection of the DSGVO applies to the transfer.

  The legal basis for the transmission of personal data is your consent pursuant to Art. 4 para. 5 DSG or Art. 13 para. 2 DSG and pursuant to Art. 6 para. 1 lit. a DSGVO or Art. 9 para. 2 lit. a DSGVO, which you have given on our website.

  Google Ads is an advertising system that allows us to place advertisements on external websites on the Internet to inform our customers about our services. Google Ads displays advertising tailored to our clientele on external websites according to parameters set by us, which leads to our website. If the site visitor clicks on the Google Ads advertisement, he or she is taken to our website. In order to be able to measure the Google Ads advertisements in terms of their success and remuneration, Google Ads carries out a measurement of the success of the advertising measure when our website is called up. our website processes the data provided by Google Ads in order to be able to analyze and improve our advertising measures and to calculate any remuneration that may be due.

  For the processing itself, the service or we collect the following data: Data on advertising interests of site visitors, interactions of site visitors with advertisements related to our website, data on the call to our website by site visitors who have previously clicked on Google Ads advertisements and arrived at our website, data on the terminal device used, the IP address and the browser of the user and other data from Google services for the provision and refinement of Google advertising related to our website.

  If the service is activated on our website, our website establishes a connection to the servers of the company Google Ireland Limited and transfers the required data. As part of the order processing, there may also be a transmission of personal data to the servers of the company Google LLC, 1600 Amphitheatre Parkway, 94043 Mountain View, United States. When Google Ads are used on our website, Google may transmit and process information from other Google services in order to provide background services for the improvement and individualization of Google advertising. For this purpose, data may also be processed by other Google services such as Google Apis, Google Cloud, Google Ads, Google Analytics, Google Tag Manager, Google Marketing Platform and Google Fonts in accordance with the Google privacy policy under Google's own responsibility under data protection law. You can access the certification under the EU-US Data Privacy Framework at https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt000000001L5AAI&status=Active.

  You can revoke your consent at any time. You can find more information about revoking your consent either with the consent itself or at the end of this privacy policy.

  For more information on the handling of transmitted data, please refer to the provider's privacy policy at https://policies.google.com/privacy.

  The provider also offers an opt-out option at https://support.google.com/My-Ad-Center-Help/answer/12155451?hl=de.

• Google Analytics

  • Scope of the processing of personal data

    On our site, we use the web tracking service of the company Google Ireland Ltd, Gordon House, Barrow Street, 4 Dublin, Ireland, e-mail: support-deutschland@google.com, website: http: //www.google.com/ (hereinafter: Google Analytics). As part of web tracking, Google-Analytics uses cookies that are stored on your computer and enable an analysis of the use of our website and your surfing behavior (so-called tracking). We carry out this analysis based on the tracking service of Google Analytics in order to constantly optimize our website and make it more available. In the course of using our website, data, such as in particular your IP address and your user activities, are transmitted to servers of the company Google Ireland Limited. We carry out this analysis on the basis of Google's tracking service in order to constantly optimize our Internet offering and make it more available. Likewise, we need the web tracking for security reasons. Web tracking allows us to track whether third parties are attacking our website. The information from the web tracker enables us to take effective countermeasures and protect the personal data processed by us from these cyber attacks. By enabling IP anonymization within the Google Analytics tracking code of this website, your IP address will be anonymized by Google Analytics before transmission. This website uses a Google Analytics tracking code that has been extended by the operator gat._anonymizeIp(); to enable only anonymized collection of IP addresses (so-called IP masking).

  • Legal basis for the processing of personal data

    The legal basis for the data processing is, according to Art. 13 para. 1 DSG or Art. 6 para. 1 lit. a DSGVO, your consent in our information banner regarding the use of cookies and web tracking (consent through clear confirming action or behavior).

  • Purpose of data processing

    On our behalf, Google will use this information for the purpose of evaluating your visit to this website, compiling reports on website activity and providing us with other services relating to website activity and internet usage. Likewise, we need the web tracking for security reasons. Web tracking allows us to track whether third parties are attacking our website. The information from the web tracker allows us to take effective countermeasures and protect the personal data we process from these cyberattacks.

  • Duration of storage

    Google will store the data relevant for the provision of web tracking for as long as it is necessary to fulfill the booked web service. The data collection and storage is anonymized. If there is a reference to a person, the data will be deleted immediately, insofar as this is not subject to any statutory retention obligations. In any case, the deletion takes place after the expiration of the retention obligation.

  • Possibilities of objection and deletion

    You can prevent the collection and forwarding of personal data to Google (esp. your IP address) as well as the processing of this data by Google by deactivating the execution of script code in your browser or activating the "Do Not Track" setting of your browser. You can also prevent the collection of data generated by the Google cookie and related to your use of the website (including your IP address) to Google and the processing of this data by Google by downloading and installing the browser plug-in available at the following link(http://tools.google.com/dlpage/gaoptout?hl=de). Google's security and privacy policy can be found at https://policies.google.com/privacy.

• Google Analytics (Google Signals)

  We use on our site the service Google Analytics (Google Signals) of the company Google Ireland Ltd, Gordon House, Barrow Street, 4 Dublin, Ireland, e-mail: support-deutschland@google.com, website: http: //www.google.com/. According to the assessment of Swiss authorities, the processing takes place in safe third countries. The list of countries of Switzerland can be found at the following link: https://www.edoeb.admin.ch/edoeb/de/home/datenschutz/handel-und-wirtschaft/uebermittlung-ins-ausland.html. The transfer of personal data also takes place to the USA. With regard to the transfer of personal data to the USA, there is an adequacy decision on the EU-US Data Privacy Framework of the EU Commission within the meaning of Art. 45 DSGVO (hereinafter: DPF - https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en). The operator of the service is certified under the DPF, so that the usual level of protection of the DSGVO applies to the transfer.

  The legal basis for the transmission of personal data is your consent pursuant to Art. 4 para. 5 DSG or Art. 13 para. 2 DSG and pursuant to Art. 6 para. 1 lit. a DSGVO or Art. 9 para. 2 lit. a DSGVO, which you have given on our website.

  Google Analytics is a web tracker that analyzes the behavior of page visitors and their interactions with our website and provides us with evaluations and forecasts about the content and products of our website and their popularity (so-called tracking). We have integrated Google Analytics so that the service can compile an analysis of page users' browsing behavior. For this purpose, Google collects the page interactions of page visitors with our website and, if applicable, existing information resulting from the reading of cookies or other storage technologies and processes it statistically for us. Google Analytics uses data processing technologies that allow tracking of individual page visitors and their interaction across devices and session-independent with other Google services such as the Google Ads advertising network. Data from other Google services is also used to fill data gaps and generate comprehensive statistics on the content of our website by means of machine learning technologies, modeled statistics and forecasting functions. If Google Analytics is activated on our website, the data determined by Google Analytics is transferred to servers of the company Google Ireland Limited. As part of the order processing, personal data may also be transmitted to the servers of the parent company Google LLC, 1600 Amphitheatre Parkway, 94043 Mountain View, United States. The transfer of personal data also takes place to the USA. We carry out the analysis by Google Analytics in order to constantly optimize our Internet offer and make it more available. This is a so-called range measurement.

  For the processing itself, the service or we collect the following data: Data on the interactions of page visitors with the content of the website, data on the handling of the services presented on our website, data from external Google services, if they interact with our website such as advertising data or data on behavior in relation to advertising, data on the rough geographical origin, the browser used, operating system, as well as other information on the terminal device used, if necessary, across devices and session-independent.

  Google Analytics will store the data relevant for the provision of web tracking for as long as it is necessary to fulfill the booked web service. The data collection and storage is anonymized. Insofar as individual interactions of site visitors make it possible to subsequently establish a personal reference to specific actions, we will delete the collected data when the purpose has been achieved. The data will be deleted at the latest when it is not subject to any statutory retention obligations. As a rule, we will delete this data after 12 months at the latest.

  You can revoke your consent at any time. You can find more information about revoking your consent either with the consent itself or at the end of this privacy policy.

  For more information on the handling of transmitted data, please refer to the provider's privacy policy at https://policies.google.com/privacy.

  The provider also offers an opt-out option at https://tools.google.com/dlpage/gaoptout?hl=de.

• Google Tag Manager

  • What personal data is collected and to what extent is it processed?

    On our site we use the service Google Tag Manager of the company Google Ireland Ltd, Gordon House, Barrow Street, 4 Dublin, Ireland, e-mail: support-deutschland@google.com, website: http: //www.google.com/ (hereinafter: Google Tag Manager). Google Tag Manager provides a technical platform for executing and bundling other web services and web tracking programs by means of so-called "tags". In this context, Google Tag Manager stores cookies on your computer and analyzes your surfing behavior (so-called "tracking"), insofar as web tracking tools are executed by means of Google Tag Manager. This data sent by individual tags embedded in Google Tag Manager is aggregated, stored and processed by Google Tag Manager under a unified user interface. All integrated "tags" are listed separately again in this privacy policy. You can find more information on the data protection of the tools integrated in Google Tag Manager in the respective section of this data protection declaration. In the course of using our website with activated integration of tags from Google Tag Manager, data, such as in particular your IP address and your user activities, are transmitted to servers of the company Google Ireland Limited. With regard to the web services integrated by means of Google Tag Manager, the regulations in the respective section of this data protection declaration apply. The tracking tools used in Google Tag Manager ensure through IP anonymization of the source code that the IP address is anonymized by Google Tag Manager before transmission. In doing so, Google Tag Manager is only enabled to record IP addresses anonymously (so-called IP masking).

  • Legal basis for the processing of personal data

    The legal basis for the data processing is, according to Art. 13 para. 1 DSG or Art. 6 para. 1 lit. a DSGVO, your consent in our information banner regarding the use of cookies and web tracking (consent through clear confirming action or behavior).

  • Purpose of data processing

    On our behalf, Google will use the information obtained by means of Google Tag Manager to evaluate your visit to this website, to compile reports on website activity and to provide us with other services related to website activity and internet usage.

  • Duration of storage

    Google will store the data relevant for the function of Google Tag Manager for as long as it is necessary to fulfill the booked web service. The data collection and storage is anonymized. If there is a reference to a person, the data will be deleted immediately, as long as it is not subject to any legal retention obligations. In any case, the deletion takes place after the expiration of the retention obligation.

  • Possibility of objection and deletion

    You can prevent the collection and forwarding of personal data to Google (in particular your IP address) as well as the processing of this data by Google by deactivating the execution of script code in your browser, installing a script blocker in your browser or activating the "Do Not Track" setting of your browser. You can also prevent the collection of data generated by the Google cookie and related to your use of the website (including your IP address) to Google, as well as the processing of this data by Google, by downloading and installing the browser plug-in available under the following link http://tools.google.com/dlpage/gaoptout?hl=de. Google's security and privacy policy can be found at https://policies.google.com/privacy.

• Gstatic

  We use on our site the service Gstatic of the company Google Ireland Limited, Gordon House, Barrow Street, 4 Dublin, Ireland, e-mail: support-deutschland@google.com, website: http://www.google.com/. According to the assessment of Swiss authorities, the processing takes place in safe third countries. The list of countries of Switzerland can be found at the following link: https://www.edoeb.admin.ch/edoeb/de/home/datenschutz/handel-und-wirtschaft/uebermittlung-ins-ausland.html. The transfer of personal data also takes place to the USA. With regard to the transfer of personal data to the USA, there is an adequacy decision on the EU-US Data Privacy Framework of the EU Commission within the meaning of Art. 45 DSGVO (hereinafter: DPF - https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en). The operator of the service is certified under the DPF, so that the usual level of protection of the DSGVO applies to the transfer.

  The legal basis for the transmission of personal data is your consent pursuant to Art. 4 para. 5 DSG or Art. 13 para. 2 DSG and pursuant to Art. 6 para. 1 lit. a DSGVO or Art. 9 para. 2 lit. a DSGVO, which you have given on our website.

  Gstatic is a background service used by Google to retrieve static content in order to reduce bandwidth usage and preload required catalog files. In particular, the service loads background data for Google Fonts and Google Maps.

  As part of the order processing, personal data may also be transmitted to the servers of the company Google LLC, 1600 Amphitheatre Parkway, 94043 Mountain View, United States. You can access the certification under the EU-US Data Privacy Framework at https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt000000001L5AAI&status=Active.

  You can revoke your consent at any time. You can find more information about revoking your consent either with the consent itself or at the end of this privacy policy.

  For more information on the handling of transmitted data, please refer to the provider's privacy policy at https://policies.google.com/privacy.

  The provider also offers an opt-out option at https://support.google.com/My-Ad-Center-Help/answer/12155451?hl=de.

• fathom

  We use on our site the service fathom of the company Conva Ventures Inc, BOX 37058 Millstream PO, V9B 0E8 Victoria, BC, Canada. According to the assessment of Swiss authorities, the processing takes place in safe third countries. Switzerland's list of countries can be found at the following link: https://www.edoeb.admin.ch/edoeb/de/home/datenschutz/handel-und-wirtschaft/uebermittlung-ins-ausland.html. Processing also takes place in a third country outside the EU. For this third country there is an adequacy decision of the Commission. On the page of the EU Commission (link: https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/adequacy-decisions_de) you will find an up-to-date list with all adequacy decisions.

  The legal basis for the transmission of personal data is your consent pursuant to Art. 4 para. 5 DSG or Art. 13 para. 2 DSG and pursuant to Art. 6 para. 1 lit. a DSGVO or Art. 9 para. 2 lit. a DSGVO, which you have given on our website.

  The service helps us to evaluate the use of our website. This allows us to improve our content and make our website more attractive. We can also reach new target groups through the service.

  You can revoke your consent at any time. You can find more information about revoking your consent either with the consent itself or at the end of this privacy policy.

  For more information on the handling of transmitted data, please refer to the provider's privacy policy at https://usefathom.com/privacy.

Integration of external web services and processing of data outside the EU

On our website, we use active content from external providers, so-called web services. By calling up our website, these external providers may receive personal information about your visit to our website. This may involve the processing of data outside of Switzerland and the EU. You can prevent this by installing an appropriate browser plugin or disabling the execution of scripts in your browser. This may result in functional restrictions on Internet pages that you visit.

We use the following external web services:

• Amazon

  We use on our site the service Amazon of the company Amazon Digital Germany GmbH (Domagkstr. 28, 80807 Munich), as well as the following companies: Amazon Europe Core S.à.r.l., Amazon EU S.à.r.l, Amazon Services Europe S.à.r.l. and Amazon Media EU S.à.r.l., all four located at:, 38, avenue John F. Kennedy, L-1855 Luxembourg, Luxembourg, email: privacyshield@amazon.com, website: https://amazon.com/. According to the assessment of Swiss authorities, the processing takes place in safe third countries. The list of countries of Switzerland can be found at the following link: https://www.edoeb.admin.ch/edoeb/de/home/datenschutz/handel-und-wirtschaft/uebermittlung-ins-ausland.html. The transfer and processing of personal data takes place exclusively on servers in the European Union.

  The legal basis for the transmission of personal data is your consent pursuant to Art. 4 para. 5 DSG or Art. 13 para. 2 DSG and pursuant to Art. 6 para. 1 lit. a DSGVO or Art. 9 para. 2 lit. a DSGVO, which you have given on our website.

  The Amazon REST API is used to reload data from our Amazon account on our website.

  You can revoke your consent at any time. You can find more information about revoking your consent either with the consent itself or at the end of this privacy policy.

  For more information on the handling of transmitted data, please refer to the provider's privacy policy at https://www.amazon.de/gp/help/customer/display.html/ref=footer_privacy?ie=UTF8&nodeId=201909010.

• Amazon AWS

  We use the Amazon AWS service of the company Amazon Web Services EMEA SARL, 38 Avenue John F. Kennedy, 1855 Luxembourg, Luxembourg, e-mail: privacyshield@amazon.com, website: http: //aws.amazon.com/ on our site. According to the assessment of Swiss authorities, the processing takes place in safe third countries. The list of countries of Switzerland can be found at the following link: https://www.edoeb.admin.ch/edoeb/de/home/datenschutz/handel-und-wirtschaft/uebermittlung-ins-ausland.html. From the EU's perspective, the data processing takes place in a third country for which there is no adequacy decision by the EU Commission. Therefore, the usual level of protection for the GDPR cannot be guaranteed for the transfer, as it cannot be ruled out that in the third country, e.g. authorities can access the collected data.

  The legal basis for the transmission of personal data is our legitimate interest in processing pursuant to Art. 6 (1) lit. f DSGVO. Our legitimate interest lies in the achievement of the purpose described below.

  Amazon AWS is a cloud computing offering from Amazon through which our site or individual elements of our site are reloaded. The separate AWS cloud enables us to download our website and its services from faster servers.

  With regard to the processing, you have the right of objection listed in Art. 21 DSGVO. You can find more information at the end of this privacy policy.

  For more information on the handling of transmitted data, please refer to the provider's privacy policy at https://aws.amazon.com/de/privacy/?nc1=f_pr.

• Amazon CloudFront (CDN)

  We use on our site the service Amazon CloudFront (CDN) of the company Amazon Web Services EMEA SARL, 38 avenue John F. Kennedy, L-1855 Luxembourg, Luxembourg, e-mail: privacyshield@amazon.com, website: https: //aws.amazon.com/de/cloudfront/. According to the assessment of Swiss authorities, the processing takes place in safe third countries. Switzerland's list of countries can be found at the following link: https://www.edoeb.admin.ch/edoeb/de/home/datenschutz/handel-und-wirtschaft/uebermittlung-ins-ausland.html. From the EU's perspective, the data processing takes place in a third country for which there is no adequacy decision by the EU Commission. Therefore, the usual level of protection for the GDPR cannot be guaranteed for the transfer, as it cannot be ruled out that in the third country, e.g. authorities can access the collected data.

  The legal basis for the transmission of personal data is our legitimate interest in processing pursuant to Art. 6 (1) lit. f DSGVO. Our legitimate interest lies in the achievement of the purpose described below.

  Amazon CloudFront CDN is a content delivery network that mirrors our content across multiple servers to ensure optimal accessibility worldwide.

  With regard to the processing, you have the right of objection listed in Art. 21 DSGVO. You can find more information at the end of this privacy policy.

  For more information on the handling of transmitted data, please refer to the provider's privacy policy at https://aws.amazon.com/de/privacy/?nc1=f_pr.

• Datadog

  We use on our site the service Datadog of the company Datadog, Inc., 620 8th Avenue, Floor 45, 10018 New York, United States, e-mail: privacy@datadoghq.com, website: https: //www.datadoghq.com/. Your personal data is transferred to so-called unsafe third countries. In doing so, we have obligated the partners involved with suitable bases to comply with data protection laws applicable in Switzerland (usually EU standard contractual clauses) in accordance with Art. 6 para. 2 let. a DSG. You have given your consent to this or there is a direct connection between the state and the conclusion of the contract. From the EU's perspective, the data processing takes place in a third country for which there is no adequacy decision by the EU Commission. Therefore, the usual level of protection for the GDPR cannot be guaranteed for the transfer, as it cannot be ruled out that in the third country, e.g. authorities can access the collected data.

  The legal basis for the transmission of personal data is our legitimate interest in processing pursuant to Art. 6 (1) lit. f DSGVO. Our legitimate interest lies in the achievement of the purpose described below.

  The service is used to monitor important movements and operations in the security and cloud areas of various applications.

  With regard to the processing, you have the right of objection listed in Art. 21 DSGVO. You can find more information at the end of this privacy policy.

  For more information on the handling of transmitted data, please refer to the provider's privacy policy at https://www.datadoghq.com/legal/privacy/.

• Google Cloud APIs

  We use the Google Cloud APIs service of the company Google Ireland Limited, Gordon House, Barrow Street, 4 Dublin, Ireland, e-mail: support-deutschland@google.com, website: http: //www.google.com/ on our site. According to the assessment of Swiss authorities, the processing takes place in safe third countries. The list of countries of Switzerland can be found at the following link: https://www.edoeb.admin.ch/edoeb/de/home/datenschutz/handel-und-wirtschaft/uebermittlung-ins-ausland.html. The transfer of personal data also takes place to the USA. With regard to the transfer of personal data to the USA, there is an adequacy decision on the EU-US Data Privacy Framework of the EU Commission within the meaning of Art. 45 DSGVO (hereinafter: DPF - https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en). The operator of the service is certified under the DPF, so that the usual level of protection of the DSGVO applies to the transfer.

  The legal basis for the transmission of personal data is your consent pursuant to Art. 4 para. 5 DSG or Art. 13 para. 2 DSG and pursuant to Art. 6 para. 1 lit. a DSGVO or Art. 9 para. 2 lit. a DSGVO, which you have given on our website.

  We use Google APIs to be able to reload additional services from Google on the website. Google Apis is a collection of interfaces for communication between the various Google services used on your website. The service is used in particular to display the Google Fonts fonts and to provide the Google Maps map.

  For the processing itself, the service or we collect the following data: IP address

  If the service is activated on our website, our website establishes a connection to the servers of the company Google Ireland Limited and transfers the required data. As part of the order processing, there may also be a transmission of personal data to the servers of the company Google LLC, 1600 Amphitheatre Parkway, 94043 Mountain View, United States. When using the Google service on our website, Google may transmit and process information from other Google services in order to provide background services for the display and data processing of the services provided by Google. For this purpose, data may also be transferred to the Google services Google Cloud, Google Maps, Google Ads and Google Fonts in accordance with the Google privacy policy under the data protection responsibility of Google. You can access the certification under the EU-US Data Privacy Framework at https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt000000001L5AAI&status=Active.

  You can revoke your consent at any time. You can find more information about revoking your consent either with the consent itself or at the end of this privacy policy.

  For more information on the handling of transmitted data, please refer to the provider's privacy policy at https://policies.google.com/privacy.

  The provider also offers an opt-out option at https://support.google.com/My-Ad-Center-Help/answer/12155451?hl=de.

• Google Fonts

  We use the Google Fonts service of the company Google Ireland Limited, Gordon House, Barrow Street, 4 Dublin, Ireland, e-mail: support-deutschland@google.com, website: http: //www.google.com/ on our site. According to the assessment of Swiss authorities, the processing takes place in safe third countries. The list of countries of Switzerland can be found at the following link: https://www.edoeb.admin.ch/edoeb/de/home/datenschutz/handel-und-wirtschaft/uebermittlung-ins-ausland.html. The transfer of personal data also takes place to the USA. With regard to the transfer of personal data to the USA, there is an adequacy decision on the EU-US Data Privacy Framework of the EU Commission within the meaning of Art. 45 DSGVO (hereinafter: DPF - https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en). The operator of the service is certified under the DPF, so that the usual level of protection of the DSGVO applies to the transfer.

  The legal basis for the transmission of personal data is your consent pursuant to Art. 4 para. 5 DSG or Art. 13 para. 2 DSG and pursuant to Art. 6 para. 1 lit. a DSGVO or Art. 9 para. 2 lit. a DSGVO, which you have given on our website.

  We use the Google Fonts service to be able to integrate attractive fonts on our website in order to be able to show you our website in a visually better version. The service may also be used on our website if other Google services are reloaded on our website that require Google Fonts fonts to run. This is the case, for example, if our website uses Google services that require Google Fonts to run.

  For the processing itself, the service or we collect the following data: Data on fonts, IP address of the page visitor, statistics on the use of fonts and other data from Google services related to our website.

  If the service is activated on our website, our website establishes a connection to the servers of the company Google Ireland Limited and transfers the required data. As part of the order processing, there may also be a transmission of personal data to the servers of the company Google LLC, 1600 Amphitheatre Parkway, 94043 Mountain View, United States. When using the Google service on our website, Google may transmit and process information from other Google services in order to provide background services for the display and data processing of the services provided by Google. For this purpose, data may also be transferred to the Google services Google Apis, Google Cloud and Google Ads in accordance with the Google privacy policy. You can access the certification under the EU-US Data Privacy Framework at https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt000000001L5AAI&status=Active.

  You can revoke your consent at any time. You can find more information about revoking your consent either with the consent itself or at the end of this privacy policy.

  For more information on the handling of transmitted data, please refer to the provider's privacy policy at https://policies.google.com/privacy.

  The provider also offers an opt-out option at https://support.google.com/My-Ad-Center-Help/answer/12155451?hl=de.

• Google reCaptcha

  We use the Google reCaptcha service of the company Google Ireland Limited, Gordon House, Barrow Street, 4 Dublin, Ireland, e-mail: support-deutschland@google.com, website: http: //www.google.com/ on our site. According to the assessment of Swiss authorities, the processing takes place in safe third countries. The list of states of Switzerland can be found at the following link: https://www.edoeb.admin.ch/edoeb/de/home/datenschutz/handel-und-wirtschaft/uebermittlung-ins-ausland.html. The transfer of personal data also takes place to the USA. With regard to the transfer of personal data to the USA, there is an adequacy decision on the EU-US Data Privacy Framework of the EU Commission within the meaning of Art. 45 DSGVO (hereinafter: DPF - https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en). The operator of the service is certified under the DPF, so that the usual level of protection of the DSGVO applies to the transfer.

  The legal basis for the transmission of personal data is your consent pursuant to Art. 4 para. 5 DSG or Art. 13 para. 2 DSG and pursuant to Art. 6 para. 1 lit. a DSGVO or Art. 9 para. 2 lit. a DSGVO, which you have given on our website.

  If Google reCaptcha is activated on our website, the data determined by Google reCaptcha is transmitted to servers of the company Google Ireland Limited. As part of the order processing, personal data may also be transmitted to the servers of the parent company Google LLC, 1600 Amphitheatre Parkway, 94043 Mountain View, United States. Based on specific characteristics and an analysis of the page behavior, the service recognizes whether the input made is an automated input by means of a program (so-called bot) or a human. The service has three different levels. Either the service automatically recognizes that the input is not automated by a bot or it lets the user select a captcha checkbox. A third option is the display of small image or voice tasks / text tasks that must be solved by the site visitor. Google reCaptcha is a capcha service used on our website for security reasons to exclude bots (robot programs) from interacting on our website. Google reCaptcha verifies on our behalf that only humans and not bots can use our website. In particular, this enables us to protect the special functions of our website (e.g. contact forms or other input options such as the login area) from improper page access.

  For the processing itself, the service or we collect the following data: User behavior (e.g. mouse gestures or input behavior), IP address, browser data, computer information.

  If you wish to use the Google reCaptcha protected input options of our website, you must allow the use of Google reCaptcha and, if necessary, solve corresponding captchas. Unless you complete the captcha or allow the use of Google reCaptcha, you will not be able to use the form protected by the captcha. Alternatively, you can always use our other contact options (e.g. mail or email). You can access the certification under the EU-US Data Privacy Framework at https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt000000001L5AAI&status=Active.

  You can revoke your consent at any time. You can find more information about revoking your consent either with the consent itself or at the end of this privacy policy.

  For more information on the handling of transmitted data, please refer to the provider's privacy policy at https://policies.google.com/privacy.

  The provider also offers an opt-out option at https://support.google.com/My-Ad-Center-Help/answer/12155451?hl=de.

• HubSpot Forms by HubSpot

  We use the service HubSpot Forms by HubSpot of the company HubSpot, Inc, 25 First Street, 2141 Cambridge, United States, e-mail: privacy@hubspot.com, website: https: //www.hubspot.de/ on our site. Your personal data is transferred to so-called unsafe third countries. In doing so, we have obligated the partners involved with suitable bases to comply with data protection laws applicable in Switzerland (usually EU standard contractual clauses) in accordance with Art. 6 para. 2 let. a DSG. You have given your consent to this or there is a direct connection between the state and the conclusion of the contract. The transfer of personal data also takes place to the USA. With regard to the transfer of personal data to the USA, there is an adequacy decision on the EU-US Data Privacy Framework of the EU Commission within the meaning of Art. 45 DSGVO (hereinafter: DPF - https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en). The operator of the service is certified under the DPF, so that the usual level of protection of the DSGVO applies to the transfer.

  The legal basis for the transmission of personal data is your consent pursuant to Art. 4 para. 5 DSG or Art. 13 para. 2 DSG and pursuant to Art. 6 para. 1 lit. a DSGVO or Art. 9 para. 2 lit. a DSGVO, which you have given on our website.

  With the help of hsforms we can provide you with surveys and forms on our website in an easy way.

  Certification under the EU-US Data Privacy Framework is available at https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt0000000TN8pAAG.

  You can revoke your consent at any time. You can find more information about revoking your consent either with the consent itself or at the end of this privacy policy.

  For more information on the handling of transmitted data, please refer to the provider's privacy policy at https://legal.hubspot.com/de/privacy-policy.

• Hubspot

  We use the service Hubspot of the company HubSpot, Inc, 25 First Street, 2141 Cambridge, United States, e-mail: hubspotgermany@hubspot.com, website: https: //www.hubspot.de/ on our site. Your personal data is transmitted to so-called unsafe third countries. In doing so, we have obligated the partners involved with suitable bases to comply with data protection laws applicable in Switzerland (usually EU standard contractual clauses) in accordance with Art. 6 para. 2 let. a DSG. You have given your consent to this or there is a direct connection between the state and the conclusion of the contract. The transfer of personal data also takes place to the USA. With regard to the transfer of personal data to the USA, there is an adequacy decision on the EU-US Data Privacy Framework of the EU Commission within the meaning of Art. 45 DSGVO (hereinafter: DPF - https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en). The operator of the service is certified under the DPF, so that the usual level of protection of the DSGVO applies to the transfer.

  The legal basis for the transmission of personal data is our legitimate interest in processing pursuant to Art. 6 (1) lit. f DSGVO. Our legitimate interest lies in the achievement of the purpose described below.

  HubSpot is a CRM platform for marketing, sales and service. The service provides us with tools for social media marketing, content management, web analytics, customer service, and search engine optimization, among others.

  Certification under the EU-US Data Privacy Framework is available at https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt0000000TN8pAAG.

  With regard to the processing, you have the right of objection listed in Art. 21 DSGVO. You can find more information at the end of this privacy policy.

  For more information on the handling of transmitted data, please refer to the provider's privacy policy at https://legal.hubspot.com/de/privacy-policy.

• Legally ok legal text snippet and modules

  We use on our site the service Legally ok legal text snippet and modules of the company Legally ok GmbH, Schochenmühlestrasse 6, 6340 Baar, Switzerland, e-mail: hello@legally-ok.com, website: https: //www.legally-ok.com/. Processing takes place exclusively in Switzerland in accordance with the data protection legislation applicable there. Processing also takes place in a third country outside the EU. For this third country, there is an adequacy decision of the Commission. On the page of the EU Commission (link: https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/adequacy-decisions_de) you will find an up-to-date list of all adequacy decisions.

  The legal basis for the transmission and processing is Art. 13 para. 1 DSG and Art. 6 para. 1 lit. c DSGVO. The use of the service supports us in meeting our legal obligations.

  With the help of the service, contents of our legal texts are reloaded on our website. The current legal texts are reloaded via the integration on our site. This integration may also be used to reload additional technical modules with regard to the legal texts or legally required elements.

  You can find out what rights you have with regard to processing at the end of this privacy statement.

  For more information on the handling of transmitted data, please refer to the provider's privacy policy at https://www.legally-ok.com/datenschutz/.

• SQUARESPACE

  We use on our site the service SQUARESPACE of the company Squarespace Ireland Ltd, Le Pole House, Ship Street Great, 8 Dublin, Ireland, e-mail: privacy@squarespace.com, website: https: //de.squarespace.com/. According to the assessment of Swiss authorities, the processing takes place in safe third countries. The list of countries of Switzerland can be found at the following link: https://www.edoeb.admin.ch/edoeb/de/home/datenschutz/handel-und-wirtschaft/uebermittlung-ins-ausland.html. The transfer of personal data also takes place to the USA. With regard to the transfer of personal data to the USA, there is an adequacy decision on the EU-US Data Privacy Framework of the EU Commission within the meaning of Art. 45 DSGVO (hereinafter: DPF - https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en). The operator of the service is certified under the DPF, so that the usual level of protection of the DSGVO applies to the transfer.

  The legal basis for the transmission of personal data is our legitimate interest in processing pursuant to Art. 6 (1) lit. f DSGVO. Our legitimate interest lies in the achievement of the purpose described below.

  The service is the technical system behind our website to operate our website. We need the integration so that we can display our website to you.

  You can access the parent company's certification under the EU-US Data Privacy Framework at https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt0000000GnjcAA.

  With regard to the processing, you have the right of objection listed in Art. 21 DSGVO. You can find more information at the end of this privacy policy.

  For more information on the handling of transmitted data, please refer to the provider's privacy policy at https://de.squarespace.com/privacy/.

• Stripe

  We use the Stripe service of the company Stripe Payments Europe Limited, The One Building, 1, Grand Canal Street Lower , D02 HD59 Dublin, Ireland, e-mail: privacy@stripe.com, website: https: //stripe.com/ on our site. According to the assessment of Swiss authorities, the processing takes place in safe third countries. The list of countries of Switzerland can be found at the following link: https://www.edoeb.admin.ch/edoeb/de/home/datenschutz/handel-und-wirtschaft/uebermittlung-ins-ausland.html. From the EU's perspective, the data processing takes place in a third country for which there is no adequacy decision by the EU Commission. Therefore, the usual level of protection for the GDPR cannot be guaranteed for the transfer, as it cannot be ruled out that in the third country, e.g. authorities can access the collected data.

  The legal basis for the transmission of personal data is, according to Art. 13 para. 2 let. a DSG and Art. 6 para. 1 lit. b DSGVO, the contract already concluded or to be concluded between you and us.

  The plugin allows us to implement the services of Stripe, an online payment service provider that allows businesses and individuals to accept payments over the Internet, on our website. This simplifies and automates payment processes.

  You can access the parent company's certification under the EU-US Data Privacy Framework at https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt0000000TQOUAA.

  You can find out what rights you have with regard to processing at the end of this privacy statement.

  For more information on the handling of transmitted data, please refer to the provider's privacy policy at https://stripe.com/de/privacy.

• Weglot

  We use on our site the service Weglot of the company Weglot, 7 cité Paradis, 75010 Paris , France, e-mail: privacy@weglot.com, website: https: //weglot.com/de/. According to the assessment of Swiss authorities, the processing takes place in safe third countries. The list of countries of Switzerland can be found at the following link: https://www.edoeb.admin.ch/edoeb/de/home/datenschutz/handel-und-wirtschaft/uebermittlung-ins-ausland.html. The transfer and processing of personal data takes place exclusively on servers in the European Union.

  The legal basis for the transmission of personal data is your consent pursuant to Art. 4 para. 5 DSG or Art. 13 para. 2 DSG and pursuant to Art. 6 para. 1 lit. a DSGVO or Art. 9 para. 2 lit. a DSGVO, which you have given on our website.

  The service is a plugin that we need to make the website available in different languages.

  You can revoke your consent at any time. You can find more information about revoking your consent either with the consent itself or at the end of this privacy policy.

  For more information on the handling of transmitted data, please refer to the provider's privacy policy at https://weglot.com/de/privacy/.

• Social Plug-In - "Facebook by META

  • What personal data is collected and to what extent is it processed?

    On our website, we have integrated a social plug-in of the social network "Facebook by META", which is operated by Meta Platforms Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, 2 Dublin, Ireland, e-mail: impressum-support@support.facebook.com, website: http: //www.facebook.com/ ("Facebook by META"). When you access a page that contains such a plug-in, your browser automatically establishes a background connection to the servers of Facebook by META. The content of the plug-in is transmitted by Facebook by META directly to your browser and only integrated into our site. Through this integration, Facebook by META receives the information that your browser has loaded a specific page of our website. This also applies if you do not have a Facebook by META profile or are not currently logged in to Facebook by META. This information (including your IP address) is transmitted by your browser directly to a Facebook by META server in Ireland and stored there. If you are logged in to Facebook by META, Facebook by META can directly assign your visit to our website to your Facebook by META profile. If you interact with the plug-ins, for example by clicking the "Like" button or posting a comment, this information is also transmitted directly to a Facebook by META server and stored there. The information is also published on your Facebook by META profile and displayed to your Facebook by META contacts that you have enabled for this purpose.

  • Legal basis for the processing of personal data

    Relevant are Art. 4 ff. DSG as well as Art. 6 para. 1 lit. a DSGVO (if you have registered with "Facebook by META") and Art. 6 para. 3 DSG as well as Art. 6 para. 1 lit. f DSGVO (if you have not registered with Facebook by META). Insofar as the processing is carried out on the basis of Art. 6 para. 1 sentence 1 lit. f DSGVO, the legitimate interest of the page operator is to enable user interaction with the content of the page operator on Facebook by META.

  • Purpose of data processing

    The primary purpose of the data collection is to offer you a possibility of social interaction linked to Facebook by META and thus to make our website interactive. The scope of data collection and the further processing and use of the data you leave behind by Facebook by META, as well as your rights in this regard and setting options for protecting your privacy, can be found in the privacy policy of Facebook by META: https://www.facebook.com/about/privacy

  • Duration of storage

    Facebook by META will store the data relevant for the provision of the web service for as long as it is necessary. Insofar as the data is subject to statutory retention obligations, it will be deleted after the retention obligation has expired.

  • Possibility of objection and deletion

    If you do not want the Facebook by META social plug-in to run, you can also prevent it from running by installing an appropriate addon or script blocker. If you do not want Facebook by META to assign the data collected via our website to your Facebook by META profile, you must log out of Facebook by META before visiting our website. The options for objection and removal are also based on the general regulations on the right of objection and deletion under data protection law described below in this data protection declaration.

• Social Plug-In - "TikTok

  • What personal data is collected and to what extent is it processed?

    On our website, we have integrated a social plug-in of the social network "TikTok", which is operated by TikTok Technology Limited, 10 Earlsfort Terrace, D02 T380 Dublin, Ireland, e-mail: reports@tiktok.com, website: https: //www.tiktok.com/ ("TikTok"). When you access a page that contains such a plug-in, your browser automatically establishes a background connection to TikTok's servers. The content of the plug-in is transmitted by TikTok directly to your browser and only integrated into our site. Through this integration, TikTok receives the information that your browser has loaded a specific page of our website. This also applies if you do not have a TikTok profile or are not currently logged in to TikTok. This information (including your IP address) is transmitted by your browser directly to a TikTok server in Ireland and stored there. If you are logged in to TikTok, TikTok can directly associate your visit to our website with your TikTok profile. If you interact with the plug-ins, for example by clicking the "Like" button or posting a comment, this information is also transmitted directly to a TikTok server and stored there. The information is also published on your TikTok profile and displayed to your TikTok contacts that you have enabled for this purpose.

  • Legal basis for the processing of personal data

    Relevant are Art. 4 ff. DSG as well as Art. 6 para. 1 lit. a DSGVO (if you have registered with "TikTok") and Art. 6 para. 3 DSG as well as Art. 6 para. 1 lit. f DSGVO (if you have not registered with TikTok). Insofar as the processing is carried out on the basis of Art. 6 para. 1 p. 1 lit. f DSGVO, the legitimate interest of the site operator is to enable user interaction with the content of the site operator at TikTok.

  • Purpose of data processing

    The primary purpose of the data collection is to offer you a possibility of social interaction linked with TikTok and thus to make our website interactive. The scope of the data collection and the further processing and use of the data left by you by TikTok as well as your rights in this respect and setting options for the protection of your privacy can be found in the data protection information of TikTok: https://www.tiktok.com/legal/privacy-policy?lang=de-DE

  • Duration of storage

    TikTok will store the data relevant for the provision of the web service for as long as it is necessary. As far as the data is subject to legal storage obligations, the deletion will take place after the expiration of the storage obligation.

  • Possibility of objection and deletion

    If you do not want the social plug-in from TikTok to run, you can also prevent it from running by installing an appropriate addon or script blocker. If you do not want TikTok to assign the data collected via our website to your TikTok profile, you must log out of TikTok before visiting our website. The options for objection and removal are otherwise governed by the general regulations on the right of objection and deletion under data protection law described below in this privacy policy.

Data security and data protection, communication by e-mail

Your personal data is protected by technical and organizational measures during collection, storage and processing in such a way that it is not accessible to third parties. In the case of unencrypted communication by e-mail, we cannot guarantee complete data security on the transmission path to our IT systems, so that we recommend encrypted communication or the postal service for information requiring a high level of confidentiality.

Duration of data storage and rights of the data subject

Duration of storage

We store personal data only to the extent and for as long as this is necessary to fulfill the purposes for which the personal data was collected, we have a legitimate overriding interest in the storage or are legally obliged to do so.

Right to information

You have the right to request confirmation as to whether we are processing personal data about you. If this is the case, you have a right to information about the data specified in 8 ff. DSG or Art. 15 para. 1 DSGVO named information, as far as the information cannot be refused, restricted or postponed by the owner of the data collection (cf. Art. 9 f. DSG or Art. 15 para. 4 DSGVO). We will also be happy to provide you with a copy of the data.

Correction claim

In accordance with Art. 5 Para. 2 DSG or Art. 16 DSGVO, you have the right to have any incorrect personal data stored with us (such as address, name, etc.) corrected at any time. You can also request a completion of the data stored with us at any time. A corresponding adjustment will be made immediately.

Right to deletion

Pursuant to Art. 17 (1) DSGVO, you have the right to request that we delete the personal data we have collected about you if

• the data is either no longer needed;
• due to the revocation of your consent, the legal basis for processing has ceased to exist without replacement;
• there are no longer any justified reasons for processing;
• your data is processed unlawfully;
• a legal obligation requires this.

According to Art. 17 (3) of the GDPR, the right does not exist if

• the processing is necessary for the exercise of the right to freedom of expression and information;
• Your data has been collected on the basis of a legal obligation;
• the processing is necessary for reasons of public interest;
• the data is necessary for the assertion, exercise or defense of legal claims.

Right to restrict processing

According to Art. 18 (1) DSGVO, you have the right in individual cases to request the restriction of the processing of your personal data.

This is the case when

• the accuracy of the personal data is disputed by you;
• the processing is unlawful and you do not consent to its deletion;
• the data is no longer required for the processing purpose, but the collected data is used for the assertion, exercise or defense of legal claims;
• an objection to the processing pursuant to Art. 21 (1) DSGVO has been filed and it is still unclear which interests prevail.

Right of revocation

If you have given us express consent to process your personal data (Art. 4 para. 5 DSG and Art. 13 para. 2 let. a DSG; Art. 6 para. 1 lit. a DSGVO or Art. 9 para. 2 lit. a DSGVO), you may revoke this consent at any time. Please note that the legality of the processing carried out on the basis of the consent up to the revocation is not affected by this. Information for which we are legally obligated to retain data will be deleted after expiry of the deadline.

Right to object

Pursuant to Art. 21 DSGVO, you have the right to object at any time to the processing of personal data relating to you that has been collected on the basis of Art. 6 Para. 1 lit. f DSGVO (in the context of a legitimate interest). If you have given us express consent to process your personal data (Art. 4 para. 5 DSG and Art. 13 para. 2 let. a DSG), you may revoke this consent at any time. Please note that the lawfulness of the processing carried out on the basis of the consent up to the revocation is not affected by this. You only have this right if there are special circumstances that speak against the storage and processing. Information for which we are legally obligated to store will be deleted after the expiry of the deadline.

How do you exercise your rights?

You can exercise your rights at any time by contacting us using the contact details below:

naoo AG
Widenstrasse 5
6317 Oberwil b. Zug
Switzerland
E-mail: hi@naoo.com
Phone: 044 202 94 94

Right to data portability

Pursuant to Art. 20 DSGVO, you have a right to the transmission of the personal data concerning you. The data will be provided by us in a structured, common and machine-readable format. The data can be sent either to you or to a person responsible named by you.

We will provide you with the following data upon request:

• Data collected on the basis of consent (Art. 13 para. 1 DSG as well as Art. 6 para. 1 let. a DSGVO);
• Data that we have received from you in the context of existing contracts (Art. 13 para. 2 let. a DSG as well as Art. 6 para. 1 let. b DSGVO and Art. 9 para. 2 let. a DSGVO);
• Data that has been processed as part of an automated procedure.

We will transfer the personal data directly to a responsible party of your choice as far as this is technically feasible. Please note that we may not transfer data that interferes with the overriding interests of third parties pursuant to Art. 9 (1) b DSG or Art. 20 (4) DSGVO, or only to a limited extent.

Notifications to the FDPIC and possibility of legal action

Pursuant to Art. 29 FADP, data subjects have a right of appeal to a competent supervisory authority for data protection. The supervisory authority for data protection in Switzerland is the Federal Data Protection and Information Commissioner (FDPIC).

For further information, please refer to the contact form of the FDPIC: https://www.edoeb.admin.ch/edoeb/de/home/der-edoeb/kontakt/kontaktformular.html

If you suspect that your data is being processed unlawfully on our website, you may seek judicial clarification of the issue in accordance with Art. 15 of the Data Protection Act. As a rule, a lawsuit in accordance with Art. 28 ff. ZGB should be sought. If you are affected by the processing of data by federal bodies, the procedure is governed by Art. 25 FADP. In this case, you can also contact the FDPIC (see reference to the contact form above).

Right of appeal to the supervisory authority pursuant to Art. 77 (1) DSGVO

If you suspect that your data is being processed illegally on our site, you can of course bring about a judicial clarification of the issue at any time. In addition, any other legal option is open to you. Independently of this, you have the option of contacting a supervisory authority in accordance with Art. 77 (1) DSGVO. The right of complaint pursuant to Art. 77 DSGVO is available to you in the EU Member State of your place of residence, your place of work and/or the place of the alleged infringement, i.e. you can choose the supervisory authority to which you turn from the places mentioned above. The supervisory authority to which the complaint has been submitted will then inform you of the status and outcome of your submission, including the possibility of a judicial remedy pursuant to Art. 78 GDPR.