Privacy Policy
Preamble
We value the protection of your privacy and personal data. Therefore, with this privacy policy, we inform you about the processing of your personal data. This ensures that you can browse our website securely, knowing that we handle your data only in accordance with this privacy policy and legal regulations. The policy transparently outlines the types of personal data affected, how, to what extent, and for what purpose they are processed by us. This comprehensive privacy policy applies to all processing activities conducted by us. You are not obligated to provide us with personal data. However, if you choose not to do so, we may not be able to address and process your request according to your interests.
Personal data includes all information relating to an identified or identifiable individual.
- Controller Below are details of the controller according to the applicable data protection laws, as well as contact information for privacy-related inquiries:
Sprachkunst Fabienne Müller Maneggpromenade 80 8041 Zurich Switzerland Represented by: Fabienne Müller Email: info@sprachkunst.ch
This privacy policy informs data subjects about the purposes, scope, and nature of the processing of personal data by the above-mentioned controller. The controller is the natural person who alone or jointly with others decides on the means and purposes of processing personal data. The controller is the entity to whom you can address questions and assert your rights, with the right to receive a response.
We take data protection seriously and therefore collaborate with certified data protection consultants. However, we are not legally obliged to appoint a data protection consultant and have not done so. If you have any questions about data protection, we are available to provide detailed information via the contact details provided.
Legal Bases for Data Processing
We process personal data of users from Switzerland according to the Swiss Federal Data Protection Act (DSG neu CH), which came into effect on September 1, 2023. Unlike the GDPR, under the DSG neu CH, the processing of personal data is generally permitted without a legal basis. However, for the sake of consistency, the term “legal basis” is used in the text at various points, even though it is not necessary under Swiss law, but reference is made to the appropriate provision of the DSG neu CH. We adhere to the principles outlined in Article 6 of the DSG neu CH, which include processing in good faith and for a specific and recognizable purpose, proportionality of processing, and the destruction or anonymization of personal data once the purpose of processing is fulfilled and processing is no longer necessary.
As this privacy policy may also be used across borders, the following equivalent terms from the GDPR are used:
GDPR Term DSG neu CH Equivalent Processing Processing Personal data Personal data Legitimate interest Predominant interest Special categories of personal data Particularly sensitive personal data Transfer of personal data Disclosure of personal data
- Type and Purpose of Processing Personal Data, as well as Data Collection and Storage General Information
Depending on your use of our services, we process different types of personal data for different purposes. These purposes may include providing our website, managing our IT infrastructure, implementing security measures, office procedures, organizational management, and marketing. Furthermore, the purpose of processing may involve fulfilling contractual obligations, including providing contractually owed services, as well as communication, management, and response to inquiries, and/or conducting contests. For these purposes, we process various types of data, primarily inventory, usage, content, and/or metadata, as well as payment, contact, communication, location, other contractual, and/or procedural data, as well as event data. The types of processed data are always limited depending on the corresponding purpose. The following categories of individuals may be affected by the processing of personal data by us: users and interested parties; customers, applicants, business and other contractual partners; other communication partners, participants in contests or similar competitions, and members. The respective purposes, types of data, and affected individuals are also detailed below.
2.1 General and Beyond-Website Data Processing
When Visiting “https://sprachkunst.ch” Server Log Files When accessing our website, the following data is automatically processed to establish a connection between your device and our website smoothly and to display the website properly:
- IP address
- Name and address of the visited website and files
- Access time
- Message about successful retrieval
- Operating system and browser used
- Referrer URL
- Internet provider
The processed personal data also serves to optimize and ensure the security of the website and information technology systems. The legal basis for processing this data is our legitimate interest, which allows the processing of personal data to safeguard the legitimate interests of the controller. The legitimate interests arise from the reasons stated above. The data is deleted as soon as it is no longer needed, which occurs at the end of the session, unless there are legitimate interests in further storage (e.g., unlawful access).
Processed Data:
Communication and procedural data (e.g., IP addresses),
Usage data (e.g., access times),
Data Subjects: Users,
Processing Purposes: Providing an optimal online presence, IT infrastructure; security measures
Legal Bases: Legitimate interest in providing an online offering (in accordance with Art. 6 and 8 DSG neu CH), consent of participants (Art. 31 para. 1 DSG neu CH) Guarantees: Data processing agreement and, if data transfer to third countries occurs, the application of EU standard contractual clauses and possibly additionally the certification of the host/provider according to the EU-US Data Privacy Framework DPF. When processing personal data from Switzerland in the EU/European Economic Area (EEA) or the United Kingdom (UK), the Swiss Federal Council currently ensures adequate data protection in accordance with Article 16(1) of the new Swiss Data Protection Act (DSG), allowing the export of personal data from Switzerland to these countries.
Regarding our website, we also refer to the privacy policy of the hosting provider Hostinger International Ltd, 61 Lordou Vironos Street, 6023 Larnaca, Cyprus: [link to privacy policy].
Task execution according to rules or statutes If you are a member or in a similar relationship with us, such as a supporter or business partner, we process personal data when performing our tasks and receiving contributions or other benefits. This may also include our legitimate interest, for example, in organizational tasks. The specific data processed in this context depends on the respective membership or other contractual relationship. In general, it includes master and contact data (name, address, telephone number, email address), payment data (bank details, invoices), and other contract data (duration, subject matter).
We process this data for as long as it is necessary for the respective statutory purposes. This also includes any warranty and liability obligations. After these purposes cease to exist, we delete the data except for those for which legal retention obligations exist. Processed data: Contract data (e.g., subject matter of the contract), contact details (e.g., email address), payment data, inventory data (e.g., name, address) Data subjects: Users, members, contractual and business partners Processing purposes: Ensuring contractual services/obligations, communication and contact inquiries, administration Legal bases: legitimate interest (in accordance with Article 6 and 8 of the new Swiss DSG)
Cookies If we use so-called cookies – small text files – to operate this website, they are stored on your device and are intended, for example, to ensure the functionality of the website or to enable an analysis of website usage. In this case, personal data is processed. Details about individual cookies such as the respective legal basis (e.g., consent or legitimate interest), storage period, or revocation and objection options are then listed in detail in the cookie management below. Regarding the use of cookies, users generally have a right to object or the option to deactivate them in the browser settings. However, we would like to point out that this may result in some functions of the website not being fully available.
If we use cookies, this is done either on the basis of your consent or on the basis of legitimate interest, for example, to improve our website functions, or to fulfil contractual obligations if a cookie is necessary, for example, for the conclusion of a contract. Cookies are stored for different lengths of time. Some cookies are only temporary and are deleted when you close your browser or app. Other cookies are permanently stored on your device. You can delete the cookies permanently stored on your device at any time on your own. Alternatively, please refer to the cookie management tool for automatic deletion times.
The selection of cookies for analysis/statistics or advertising can be adjusted by you at any time via the cookie settings.
Opt-In and Opt-Out
When you first visit this website, you can generally agree to the use of cookies or consent to the use of different cookies in a customized way or refuse them.
If you consent to the use of cookies that require consent, we store your declaration of consent so that we do not have to request it again on your next website visit; for storage periods, we refer to our cookie consent management. In addition to the declaration, your IP address, the browser you use, and the model of the end device you use may also be stored. You can revoke your declaration(s) of consent at any time.
If cookies are used, we hereby inform you that data on your end devices will be processed by these cookies in accordance with Art. 45c lit. b FMG CH. The processing serves the purpose described above. You can refuse the processing of cookies requiring consent at any time.
Processed data: IP address, declaration of consent, browser, used end device
Data subjects: Users Processing purposes: Ensuring contractual services/obligations, functioning online offers, effective and targeted advertising measures
Legal bases: legitimate interests in functioning online offers and effective and targeted advertising measures (Art. 6 and 8 of the new Swiss DSG), consent (Art. 31 para. 1 of the new Swiss DSG)
Plugins and embedded functions
We integrate functions and content from external providers, hereinafter referred to as “third-party providers”, into our online platform. These include, for example, graphics, videos, or interactive maps, referred to as “content”.
The processing of users’ IP addresses by the third-party providers is necessary for the display of this content or functions. The transmission of this content to users’ browsers is not possible without the use of the IP address. We make every effort to only integrate content from providers that use the IP address exclusively for the delivery of content. The third-party providers may also use “pixel tags” (invisible graphics or “web beacons”) for statistical or marketing purposes. These “pixel tags” can be used to evaluate information such as visitor traffic to our pages.
The pseudonymous information collected in this way can be stored in cookies on the users’ devices. These cookies contain technical information about the browser, operating system, referring websites, visit times, and other information about the use of our platform.
Processed data: Communication and procedure data (e.g., IP addresses), usage data (e.g., access times), content data, contact data, inventory data (e.g., names, addresses), location data; Event data (e.g., via Facebook Pixel, which can be transmitted to Facebook by us, these are processed due to audience targeting and do not contain actual content, contact information, or login information), the event data will be deleted by Facebook after a maximum storage period of 2 years
Data subjects: Users
Processing purposes: Ensuring contractual services/obligations, provision of online presence, creation of user profiles, collection of feedback, marketing measures
Legal bases: legitimate interest in effective and targeted advertising measures (in accordance with Art. 6 and 8 of the new Swiss DSG), consent (Art. 31 para. 1 of the new Swiss DSG)
Web analysis
Web analysis as part of digital analytics includes various methods for collecting and analyzing data about a company’s online presence. This data is used by the website operator to optimize the customer experience. Test procedures may also be used to test different versions of the online offer.
For these purposes, we can create usage profiles that contain pseudonymized data about usage processes. The information is stored on the end device or browser and retrieved from there. The data collected includes, among other things, visited websites, used functions, and technical details (e.g., the browser used). If users have consented to the collection of their location data by us or the service providers we use, this data may be collected.
IP addresses of users are also stored, but we use a method called IP masking. This pseudonymizes the IP address to protect user identity. In general, we do not store any personally identifiable information (such as email addresses or names) in web analysis, A/B testing, and optimization processes, only pseudonymized data. Neither the providers nor we know the identity of the users.
Processed data: Communication and procedural data (e.g., IP addresses), usage data (e.g., access times)
Data subjects: Users
Processing purposes: Generation of user profiles, audience measurement (e.g., determination of website visit frequency)
Legal basis: Legitimate interest in effective and targeted advertising measures (according to Art. 6 and 8 of the new DPA CH), consent (Art. 31 Para. 1 of the new DPA CH)
Security measures: IP masking
Guarantees: Data processing agreement and, if data transfer to third countries occurs, application of EU standard contractual clauses, as well as possibly additional certification of the host/provider according to the EU-US Data Privacy Framework DPF
Online marketing in general
We process personal data for the purposes of online marketing. These include the marketing of advertising space and the display of other advertising content based on potential customer interests, as well as the measurement of the effectiveness of these advertising measures. For this purpose, user profiles are created and stored in so-called “cookies” or similar files. These profiles contain information about the online networks used, visited websites, the viewed content, and also technical data of the devices used. User IP addresses are stored but truncated and pseudonymized through IP masking. We do not use clear data such as email addresses or names, but replace this data with pseudonyms. Neither the providers nor we have access to the identity of the users, only to the stored profile information. The profile information is usually stored in cookies or similar methods. When other websites are visited that use the same online marketing procedure, the cookies can also be read, supplemented, and processed there. Data may also be transmitted to the server of the provider of the online marketing process. Assignment of profiles to clear data may be possible in exceptional cases, for example, if it is an online marketing process of a social network, the user has an account there, and the network links this data together. We normally only have access to aggregated information about the success of our advertisements. Exceptionally, we analyze, as part of conversion measurements, which of our online marketing methods have led to certain actions, such as concluding a contract.
For storage periods, we refer to the Cookies section of this privacy policy.
Processed data: Communication and procedural data (e.g., IP addresses), usage data (e.g., access times)
Data Subjects: Users
Processing purposes: Tracking (use of cookies), audience measurement, conversion measurements, creation of user profiles, marketing measures
Legal basis: Legitimate interest in effective and targeted advertising measures (according to Art. 6 and 8 of the new DPA CH), consent (Art. 31 Para. 1 of the new DPA CH)
Security measures: IP masking
Objection options: We refer to the privacy policies of the respective providers as well as to the specified opt-out options. If there is no specific opt-out option available, you have the option to deactivate cookies in your browser settings. However, this could restrict certain functions of our online offering.
Social media presence We have online presences in social networks. In this context, we process data of the respective users for informational purposes and for communication with them. Data processing may take place in third countries, which may make it more difficult to enforce data subjects’ rights. Details can be found in the respective section of this privacy policy as well as in the privacy policies of the social networks used.
The processing of data in the social network by the respective operator primarily serves the evaluation of user data and the placement of advertisements. Clusters can be formed from the collected information in order to display ads that are relevant to users’ interests. In order to enable this user tracking, cookies (small text files) are stored on users’ devices, which serve to assign and record the data. Data collection also takes place independently of the device used after logging into the respective social network.
Specific information on the forms of data processing of social networks and the respective objection options can be found in the individual privacy policies of the companies and in our clauses. Asserting the rights of data subjects is most effective directly with the operator. However, you can also contact us for this purpose.
Processed data: Communication and procedural data (e.g., IP addresses), content data, contact data (name, email address)
Data subjects: Users
Processing purposes: Collection of feedback, communication, marketing measures
Legal basis: Legitimate interest in effective and targeted advertising measures (according to Art. 6 and 8 of the new DPA CH)
Advertising communication
We process your contact data for the purpose of advertising communication, provided that you have given us your consent to do so. You can revoke this consent at any time. In this case, the data will be deleted, and you will no longer be contacted by us for advertising purposes.
Based on our legitimate interest, the data may be stored after revocation of your consent for the purpose of proving compliance with legal requirements. This storage serves exclusively to defend against possible claims. The data will be deleted in this case as soon as they are no longer needed for this purpose. This is the case as soon as the respective statutory limitation periods have expired. For data subjects from Switzerland, the data is usually deleted after one year. Furthermore, we refer to section 4 (Storage period and deletion of personal data) of this privacy policy.
The processing of this data serves exclusively to defend against possible claims. You can request deletion at any time. In this case, we will delete the stored data prematurely, provided you confirm at the same time that consent existed for the advertising communication.
Processed data: Contact data (e.g., email address), inventory data (e.g., name, address)
Data Subjects: Communication partners
Processing purposes: Direct marketing
Legal basis: Legitimate interest in effective and targeted advertising measures (according to Art. 6 and 8 of the new DPA CH), consent (Art. 31 Para. 1 of the new DPA CH)
2.2 Special data processing on “https://sprachkunst.ch“
Cloudflare
This website uses the Content Delivery Network (CDN) of Cloudflare Inc., 101 Townsend St. San Francisco, CA 94107, USA (“Cloudflare”). A CDN is a network of distributed servers that optimizes content for website users. This enables accelerated loading times and increases the security of the website. For this purpose, Cloudflare may collect and process data, in particular the IP address, website usage, and browser information, and store it in server log files. The possible data transfer to the USA is based on the standard contractual clauses provided by the European Commission.
The data transfer to the USA is based on the standard contractual clauses provided by the European Commission, which are also recognized by the Swiss Federal Data Protection and Information Commissioner (FDPIC) and therefore meet the requirements of Art. 16 Para. 2 lit. d of the new DPA CH. The same applies to other countries where, according to the new DPA CH, adequate data protection is not guaranteed.
The website operator’s necessary legitimate interest is not having to operate a CDN itself while still being able to provide a secure, fast, stable, and functional website. The principles according to Art. 6 and 8 of the new DPA CH are observed. If you give your consent and fall within the scope of the new Swiss Federal Data Protection Act (DSG), the disclosure of data to the USA is also lawful according to Article 17(1)(a) of the new DSG in conjunction with Article 31(1) of the new DSG in conjunction with the new Swiss Data Protection Ordinance (DSV).
Cloudflare acts as a data processor for the operator of the website, with whom Cloudflare has concluded a data processing agreement (DPA). This is a legally required contract that ensures that Cloudflare processes the personal data of website users only according to the instructions of the website operator and in compliance with the GDPR. You can object to this data processing. Whether the objection is successful will be determined within the framework of a balancing of interests.
For further information on data protection at Cloudflare, please visit: https://www.cloudflare.com/privacypolicy/.
For further information on standard contractual clauses, please visit: https://ec.europa.eu/info/law/law-topic/data-protection/international-di