Suter Inox AG (hereinafter referred to as “Suter”) as the provider and Data Controller of the website www.suter.ch, takes the obligation for data protection very seriously. The website is organised such that only the necessary personal data is collected, processed and used. Under no circumstances will personal data be rented out or sold to third parties for advertising purposes. Personal data is not used for advertising or marketing purposes without the express consent of the visitor.
In connection with its business activities, Suter also processes data of individuals domiciled in the European Union (EU). In this case, Suter will also comply with the legal regulations of the EU, particularly the provisions of the General Data Protection Regulation (GDPR) insofar as these differ in some cases from the provisions of the Swiss data protection regulation. Therefore, we refer below to both the relevant Swiss rules of law (FADP) and to the applicable EU rules of law (GDPR).
At Suter, only those individuals have access to personal data who require such data to carry out their responsibilities within the Data Controller, who understand the legal provisions of data protection, and who are bound to comply with these in accordance with the applicable legal provisions (Art. 5 of the General Data Protection Regulation of the EU (EU-GDPR) and Art. 4, 5 and 7 of the Swiss Federal Act on Data Protection (FADP)). The collection, processing, use and transfer of the collected personal data take place according to Art. 6, clause 1 EU-GDPR and Art. 12, 13 FADP only to the extent necessary for the performance of a contractual relationship between SUTER as the Data Controller and a visitor as the party concerned.
Change of purpose of processing and use of data
Anonymous data collection
In principle, you may visit the web pages of the Data Controller without informing us who you are. We only obtain the name of your Internet service provider, the website from where you are visiting, and our web pages that you have viewed. This information is analysed for statistical purposes. As an individual user you will remain anonymous.
Collection and processing of personal data
Personal data is collected only if you voluntarily provide it to us, for example to register for the newsletter. In doing so, the Data Controller complies with the regulations according to Art. 5 and 6 EU-GDPR and Art. 4, 5, 7, 12 and 13 FADP. In connection with the Data Controller’s personalised services your registered data will be processed, subject to your consent, for purposes of sending you our newsletter, and for the arrangement of the offered electronic services, as needed. You have the option to object to having your personal data stored at any time. In this case, please send an e-mail to: firstname.lastname@example.org with the subject line "Remove personal data".
Export and processing of data in nations outside of the European Economic Area
If an export of your personal data should take place in nations outside of the European Economic Area and in Switzerland, Suter will ensure that the data importer processes such data only on the basis of a security level which is equivalent to the FADP’s level of data protection for Suter as the Data Controller.
If you are logged into Google or if you have a YouTube account, personal data may be exported to the USA. For more details and how to prevent such a data export, please read the section on the “Use of YouTube plugins”.
The service providers employed by the Data Controller are domiciled and operate their IT infrastructure only within the European Economic Area. This also applies to the possible use of cloud-based services. The agreements that have been entered with the service providers comply with the data protection and data security regulations of the FADP and the EU-GDPR. Even in the event that external service providers should be involved, Suter remains the Data Controller responsible for data processing.
Use and disclosure of personal data
Without your consent, the personal data collected in connection with the Data Controller’s web pages will be used only for the performance of the contract and to handle your inquiries. In addition, the Data Controller will use your data for advertising purposes and market research only if you have granted prior consent. In other respects, the data will not be disclosed to any other third parties. Of course, you may withdraw your consent at any time with effect for the future.
The Data Controller uses so-called cookies to individually structure and optimise the customer’s online experience and online time. A cookie is a text file which is either temporarily filed in the main memory of the computer (session cookie) or stored on the hard disk (permanent cookie). Cookies may contain information on the user’s previous access to the respective server or information on previously viewed products and services. Cookies are not used to run programmes or load viruses to your computer. The primary purpose of cookies is to make customised options available to the customer to make the use of the service as convenient as possible.
The Data Controller uses both session cookies and permanent cookies.
The Data Controller predominantly uses session cookies. These are not stored on the customer’s hard disk. They are deleted when you leave the browser. Session cookies are used for login authentication and for load balancing (balancing of system load).
In addition, the Data Controller uses permanent cookies to store the personal user options that a customer enters when using the Data Controller’s services in order to personalise and improve the service. The permanent cookies ensure that the customer’s personal settings are available next time he/she visits the Data Controller’s web pages. Aside from this, the service providers that the Data Controller has instructed to analyse the user behaviour use permanent cookies to be able to identify returning users. The data transferred by the cookie is always stored anonymously by these services. An assignment to the customer’s IP address is not provided.
Prevention of cookies
The visitor has the option to refuse the setting of cookies at any time. This generally occurs by selecting the respective option in the browser settings or by additional programmes. More details are available from the help function of the customer’s browser. The customer’s decision to deactivate the cookies may reduce the performance of the service and can have a negative effect when the services of the Data Controller are used.
Use of analysis programmes
The Data Controller carries out analyses, or has these carried out, regarding the behaviour of its customers in the use of the service. Anonymous or pseudo-anonymous user profiles are established for this purpose. The sole purpose of establishing user profiles is to continuously improve the service of the Data Controller. In connection with web analyses, the Data Controller also uses Google Analytics, a web analysis service from Google Inc. (Google), which the Data Controller uses with the extension “_anonymizeIp()“. This abbreviates the IP addresses to exclude a direct reference to a particular individual. An objection to the data collection and storage taking place in this connection can be made at any time, with effect for the future. To do so, please contact Google directly >>
Google requires its users, such as the Data Controller, to include the following instructions in their privacy policies. Suter is complying with this request by providing the text below:
"Google Analytics uses so-called cookies, which are text files stored on your computer to enable an analysis of your use of the website. The information generated by the cookies regarding your use of this website (including your IP address) is transferred to a Google server in the USA where it is stored. Google will use this information to analyse your use of the website, to establish reports about the website activities for the website operators and to provide other services related to the use of the website and the Internet. Google may also transfer this information to third parties, provided that this is required by law or if third parties are processing such data on behalf of Google. However, Google will never link your IP address to other data from Google. You may prevent the installation of cookies by a setting available in your browser software. However, we wish to point out that in this case you may not be able to fully use all of the functions of this website. By using this website you agree to the handling of your data collected by Google in the manner and for the purpose described above.”
If you do not wish Instagram to assign the data collected via our website directly to your Instagram account you have to log out of Instagram prior to visiting our website. You may also completely prevent the loading of Instagram plugins with add-ons for your browser, e.g. with the script blocker “NoScript” (http://noscript.net/).
Use of Vimeo Plugins
The Data Controller uses the provider Vimeo to include videos. Vimeo is operated by Vimeo Inc., headquartered at 555 West 18th Street, New York, NY 10011, USA.
On its website, the Data Controller uses plugins from provider Vimeo. If you access our website which is provided with a Vimeo plugin, a connection is established with the servers of Vimeo. Through this connection the Vimeo server is notified of the websites you have visited. If you are logged in as a member of Vimeo, Vimeo assigns this information to your personal user account. If you use the plugin, for example, if you click on the start button of a video, this information is also assigned to your user account.
You may prevent such assignment by signing out of your Vimeo user account and deleting the respective cookies before you use our website.
Further information on data processing and details regarding data protection by Vimeo is available at vimeo.com/privacy.
Further information and contacts
For any further questions you may have regarding “Data protection by the Data Controller”, please contact the data protection officer of our company. You may inquire which of your data has been stored by us. In addition, you may send information, request deletions and corrections of your data at any time by letter or e-mail to the following address: email@example.com. Comments and suggestions are always welcome.
Suter Inox AG © May 2018
CONCARDIS Data protection information (PDF)