Privacy policy

The data controller responsible for this website as defined by data protection legislation, in particular the EU General Data Protection Regulation (GDPR), is:

PKSU Saurer Vorsorgeeinrichtung
Thomas Baumer
Geschäftsleiter
Schlossgasse 4
9320 Arbon
T +41 71 447 00 30
thomas.baumer@pksu.ch

General notice

Every person has the right to protection of their privacy as well as protection against misuse of their personal data on the basis of Article 13 of the Swiss Federal Constitution and the data protection laws of the Swiss Confederation (Data Protection Act, DSG). The operators of these pages take the protection of your personal data very seriously. We will treat your personal data as confidential in accordance with the legal data protection regulations as well as this privacy policy.

In cooperation with our hosting providers, we make every effort to protect the databases as much as possible against unauthorised access, loss, misuse or falsification.

Please note that data transmission on the Internet (e.g., communication by e-mail) may have security gaps. It is not possible to provide complete protection of data against access by third parties.

By using this website, you consent to the collection, processing, and use of data in accordance with the following description. This website can generally be visited without registration.

Information such as pages accessed or the name of the file accessed, date and time is stored on the server for statistical purposes without this data being directly related to you personally. Personal data, in particular your name, address and e-mail address, are collected on a voluntary basis as far as possible. The data will not be passed on to third parties without your consent.

Processing of personal data

Personal data is any information relating to an identified or identifiable person. A data subject is a person about whom personal data is processed. Processing includes any handling of personal data, regardless of the means and procedures used, in particular the storage, disclosure, acquisition, deletion, storage, modification, destruction and use of personal data.

We process personal data in accordance with Swiss data protection legislation. In addition, we process personal data in accordance with the following legal bases in connection with Article 6 Para. 1 GDPR – as far as and to the extent that the EU GDPR is applicable:

  • Consent (Article 6 para. 1 p. 1 lit. a. GDPR) – The data subject has given their consent to the processing of personal data relating to them for a specific purpose or
  • Performance of a contract and pre-contractual enquiries (Article 6 para. 1 p. 1 b. GDPR) – Processing is necessary for the performance of a contract to which the data subject is party or for the performance of pre-contractual measures taken at the data subject’s request.
  • Legal obligation (Article 6 para. 1 p. 1 lit. c. GDPR) – Processing is necessary for compliance with a legal obligation to which the controller is subject.
  • Protection of vital interests (Article 6 para. 1 p. 1 lit. d. GDPR) – Processing is necessary to protect the vital interests of the data subject or another natural
  • Legitimate interests (Article 6 para. 1 p. 1 lit. f. GDPR) – Processing is necessary to protect the legitimate interests of the controller or a third party unless such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require the protection of personal data.
  • Application procedure as a pre-contractual or contractual relationship (Article 9 2 lit. b GDPR) – Insofar as special categories of personal data as defined by Article 9 para. 1 GDPR (e.g., health data, such as severely disabled status or ethnic origin) are requested from applicants so that the controller or the data subject can exercise the rights accruing to them under employment law and social security and social protection law and fulfil their obligations in this respect, the processing of this data is carried out in accordance with Article 9 para. 2 lit. b. GDPR. GDPR, in the case of the protection of vital interests of the applicants or other persons pursuant to Article 9 para. 2 lit. c. GDPR or for the purposes of preventive health care or occupational medicine, for the assessment of the employee’s fitness for work, for medical diagnostics, care or treatment in the health or social sector or for the management of systems and services in the health or social sector pursuant to Article 9 para. 2 lit. h. GDPR. In the case of a communication of special categories of data based on voluntary consent, where these are processed this is based on Article 9 para. 2 lit. a. GDPR.

We process personal data for the duration required for the respective purpose or purposes. In the case of longer-term retention obligations due to legal and other obligations to which we are subject, we restrict processing accordingly.

Relevant legal basis

In accordance with Article 13 GDPR, we inform you of the legal basis for our data processing. If the legal basis is not stated in the privacy policy, the following applies: The legal basis for obtaining consent is Article 6 para. 1 lit. a and Article 7 GDPR, the legal basis for processing to fulfil our services and carry out contractual measures and respond to enquiries is Article 6 para. 1 lit. b GDPR, the legal basis for processing to fulfil our legal obligations is Article 6 para. 1 lit. c GDPR and the legal basis for processing to protect our legitimate interests is Article 6 para.1 lit. f GDPR. In the event that vital interests of the data subject or another natural person make processing of personal data necessary, Article 6 para. 1 lit, d GDPR serves as the legal basis.

Security measures

We take appropriate technical and organisational measures in accordance with the law, considering the latest technology, the costs of implementation and the nature, scope, circumstances and purposes of the processing, as well as the different likelihoods of occurrence and the extent of the threat to the rights and freedoms of natural persons, so as to ensure a level of protection that is appropriate to the risk.

The measures include safeguarding the confidentiality, integrity and availability of data by controlling physical and electronic access to the data as well as access to, entry into, disclosure of, assurance of availability of and segregation of the data. We also have procedures in place to ensure the exercise of data subjects’ rights, the deletion of data and responses to data compromise. In addition, we already take the protection of personal data into account in the development or selection of hardware, software and procedures in accordance with the principle of data protection, through technology design and through default settings that promote data protection.

Transmission of personal data

During our processing of personal data, the data may be transferred to or disclosed to other bodies, companies, legally independent organisational units or individuals. The recipients of this data may include, for example, service providers who have been instructed to carry out IT tasks or providers of services and content that are integrated into a website. In such cases, we observe the legal requirements and arrange appropriate contracts or agreements with anyone who receives your data that serve to protect your data.

Data processing in third countries

If we process data in a third country (i.e., outside the European Union (EU), the European Economic Area (EEA)) or the processing takes place in the context of using third-party services or disclosing or transferring data to other persons, entities or companies, this will only be done in accordance with legal requirements.

Subject to express consent or contractually or legally required transfer, we only process the data in third countries where there is a recognised level of data protection, contractual obligation through what are known as the standard protection clauses of the EU Commission, where there are certifications or binding internal data protection regulations (Article 44 to 49 GDPR, information page of the EU Commission:

https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection_de).

Privacy policy for cookies

This website uses cookies. Cookies are text files that contain data from websites or domains you have visited and are stored by a browser on the user’s computer. A cookie is mainly used to store information about a user during or after their visit within an online service. Stored information may include information such as language settings on a website, login status, a shopping cart or where a video was watched. The term cookies also include other technologies that perform the same functions as cookies (e.g., when user details are stored using pseudonymous online identifiers, also known as “user IDs”).

The different types of cookies and functions are classified as follows:

  • Temporary cookies (these are also known as session cookies): Temporary cookies are deleted after a user has left an online offer and closed their browser at the
  • Permanent cookies: Permanent cookies remain stored even after the browser is For example, the login status can be saved or preferred content can be displayed directly when the user visits a website again. In a similar way, the interests of users can be stored in this type of cookie and used for measuring reach or other marketing purposes.
  • First-party cookies: First-party cookies are set by
  • Third-party cookies: Third-party cookies are mainly used by advertisers (which are known as third parties) to process user information.
  • Necessary (or essential) cookies: Cookies may be necessary for the operation of a website (e.g., to store logins or other user input or for security reasons).
  • Statistical, marketing and personalisation cookies: In addition, cookies are usually also used in the context of measuring reach and when a user’s interests or behaviour (e.g., viewing certain content, using functions, etc.) on individual websites are stored in a user profile. Such profiles are used, for example, to display content to users that corresponds to their potential interests. This process is also referred to as “tracking”, e., tracking the potential interests of users. As far as we use cookies or “tracking” technologies, we will inform you separately in our privacy policy or in the context of obtaining consent.

Notes on legal basis: The legal basis on which we process your personal data using cookies depends on whether we ask you for consent. If this is the case and you consent to the use of cookies, the legal basis for processing your data is the consent given. Otherwise, the data processed with the aid of cookies is processed based on our legitimate interests (e.g., in the business operation of our online offer and making improvements) or, if the use of cookies is necessary to fulfil our contractual obligations.

Retention period: Unless we provide you with explicit information on the storage period of permanent cookies (e.g., in the context of what is known as a cookie opt-in), please assume that the storage period can be up to two years.

General information on withdrawal and objection (opt-out): Depending on whether the processing is based on consent or legal permission, you have the option to revoke any consent you have given at any time or to object to the processing of your data by cookie technologies (collectively referred to as an “opt-out”). You can initially declare your objection by changing your browser settings, e.g., by deactivating the use of cookies (although this may also restrict the functionality of our online offer). An objection to the use of cookies for online marketing purposes can also be declared using a variety of services, especially in the case of tracking, via the https://optout.aboutads.info and https://www.youronlinechoices.com/ websites. In addition, you can obtain further instructions on how to object within the scope of the information on the service providers and cookies used.

The processing of cookie data based on consent: We use a cookie consent management procedure in which the consent of users to the use of cookies or to the processing and providers mentioned in the cookie consent management procedure can be obtained and managed and revoked by users. The declaration of consent is stored so there is no need to repeat the request and to be able to prove the consent in accordance with the legal obligation. The storage can take place on the server side and/or in a cookie (which are known as opt-in cookies or with the use of comparable technologies) to be able to assign the consent to a user or their device. Subject to individual information on the providers of cookie management services, the following information applies: The duration of the storage of consent may be up to two years. This is where, a pseudonymous user identifier is created and stored with the time of consent, information on the scope of consent (e.g., which categories of cookies and/or service providers) as well as the browser, system and end device used.

  • Types of data being processed: usage data (e.g., websites visited, interest in content, access times), meta/communication data (e.g., device information, IP addresses).
  • Data subjects: users (e.g., website visitors, users of online services).
  • Legal basis: consent (Article 6 para. 1 p. 1 lit. a. GDPR), Legitimate Interests (Article 6 1 p. 1 lit. f. GDPR).

Privacy policy for SSL/TLS encryption

This website uses SSL/TLS encryption for security reasons and to protect the transmission of confidential content, such as enquiries that you send to us as the site operator. You can recognise an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line.

If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.

Privacy policy for server log files

The operator of this website automatically collects and stores information in what are known as server log files, which your browser automatically transmits to us. These are:

  • browser type and browser version
  • operating system being used
  • referrer URL
  • host name of the accessing computer
  • time of the server request

This data cannot be assigned to specific individuals. This data is not merged with any other data sources. We reserve the right to check this data retrospectively if we become aware of specific indications of illegal use.

Third party services

This website may use Google Maps for embedding maps, Google Invisible reCAPTCHA for protection against bots and spam and YouTube for embedding videos.

These services provided by American Google LLC use cookies, among other things and as a result, data is transferred to Google in the USA, although we assume that no personal tracking takes place in this context solely using our website.

Google has agreed to ensure adequate data protection in accordance with the US-European and the US-Swiss Privacy Shield.

Further information can be found in Google’s privacy policy.

Rights of data subjects

Right to confirmation
Every data subject has the right to request confirmation from the website operator as to whether personal data relating to them is being processed. You may contact the Data Protection Officer at any time if you wish to exercise this right of confirmation.
Right to access
 Every data subject affected by the processing of personal data has the right to receive information free of charge from the operator of this website at any time about the personal data stored about them and a copy of this information. In addition, information may be provided on the following, if applicable:

  • the purposes of processing
  • the categories of personal data being processed
  • the recipients to whom the personal information has been or will be disclosed
  • if possible, the planned duration for which the personal data will be stored or, if this is not possible, the criteria for determining this duration
  • the existence of the right to obtain the rectification or erasure of personal data concerning them or the restriction of processing by the controller or the right to object to such processing
  • the existence of a right of appeal to a supervisory authority
  • if the personal data is not being collected from the data subject: any available information on the origin of the

In addition, the data subject has the right to be informed whether personal data has been transferred to a third country or to an international organisation. If this is the case, the data subject also has the right to obtain information on the appropriate safeguards in connection with the transfer.

You can contact our data protection officer at any time if you would like to make use of this right to information.
Right to rectification
Any data subject affected by the processing of personal data has the right to obtain rectification without delay of inaccurate personal data relating to them. In addition, and taking into account the purposes of the processing, the data subject has the right to request that incomplete personal data be completed, including by means of a supplementary declaration.

You can contact our data protection officer at any time if you would like to make use of this right of rectification.
Right to erasure (right to be forgotten)
Every data subject affected by the processing of personal data has the right to demand from the data controller responsible for this website that the personal data concerning them be erased immediately, provided that one of the following reasons applies and insofar as no processing is necessary:

  • The personal data has been collected or otherwise processed for purposes for which it is no longer necessary
  • The data subject withdraws the consent on which the processing was based and there is no other legal basis for the processing
  • The data subject objects to the processing on grounds relating to their situation and there are no overriding legitimate grounds for the processing, or the data subject objects to the processing in the case of direct marketing and related profiling
  • The personal data has been processed unlawfully
  • The erasure of the personal data is necessary for compliance with a legal obligation under Union or Member State law to which the controller is subject
  • The personal data has been collected in relation to information society services provided directly to a child

You can contact our data protection officer at any time if one of the above reasons applies and you wish to arrange for the deletion of personal data stored by the operator of this website.

The data protection officer of this website will arrange for the deletion request to be complied with immediately.
Right to restriction of processing
 Any data subject affected by the processing of personal data has the right to obtain from the controller of this website the restriction of processing if one of the following conditions is met:

  • The accuracy of the personal data is contested by the data subject, for a period enabling the controller to verify the accuracy of the personal data
  • The processing is unlawful; the data subject objects to the erasure of the personal data and instead requests the restriction of the use of the personal data
  • The controller no longer needs the personal data for the purposes of the processing, but the data subject needs it to assert, exercise or defend legal claims
  • The data subject has objected to the processing on grounds relating to their situation and it is not yet clear whether the legitimate interests of the controller override those of the data subject

You can request the restriction of personal data stored by the operator of this website at any time by contacting our data protection officer if one of the conditions has been met. The data protection officer of this website will arrange the restriction of the processing.
Right to data portability
Every data subject affected by the processing of personal data has the right to receive the personal data concerning them in a structured, common and machine-readable format. They also have the right to have this data transferred to another controller if the legal requirements are met.

In addition, the data subject has the right to arrange for the personal data be transferred directly from one controller to another controller, as far as this is technically feasible and provided that the rights and freedoms of other persons are not affected by this.

You may contact the data protection officer appointed by the operator of this website at any time to assert the right to data portability.
Right of objection
Any data subject affected by the processing of personal data has the right to object at any time, on grounds relating to their situation, to the processing of personal data concerning them.

The operator of this website shall no longer process the personal data in the event of the objection, unless we can demonstrate compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject or if the processing serves the assertion, exercise or defence of legal claims.

You may make direct contact with the data protection officer of this website to exercise the right to object.
Right to revoke consent under data protection law
Every data subject affected by the processing of personal data has the right to revoke a given consent to the processing of personal data at any time.

You can contact our data protection officer at any time if you wish to exercise your right to revoke consent.

Chargeable services

We request additional data, such as payment details, for the provision of chargeable services so we can complete your order. We store this data in our systems until the statutory retention periods have expired.

The use of Google reCAPTCHA

We use “Google reCAPTCHA” (hereinafter “reCAPTCHA”) on our websites. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, hereinafter “Google”. The purpose of reCAPTCHA is to check whether data has been entered on our websites (e.g., in a contact form) by a human being or by an automated programme. For this purpose, reCAPTCHA analyses the behaviour of the website visitor based on various characteristics. This analysis begins automatically as soon as the website visitor enters the website. reCAPTCHA evaluates various pieces of information (e.g. IP address, time spent by the website visitor on the website or mouse movements made by the user) to complete this analysis. The data collected during the analysis is forwarded to Google. The reCAPTCHA analyses run entirely in the background. Website visitors are not informed that an analysis is taking place.

The data processing is based on Article 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in protecting its web offers from abusive automated spying and from spam. Please see the following links: https://www.google.com/intl/de/policies/privacy/ and https://policies.google.com/terms?hl=de for more information on Google reCAPTCHA and Google’s privacy policy.

Privacy Policy for Google Analytics

This website uses Google Analytics, a web analytics service provided by Google Ireland Limited. If the data controller on this website is located outside the European Economic Area or Switzerland, then the Google Analytics data processing is carried out by Google LLC. Google LLC and Google Ireland Limited are hereinafter referred to as “Google”.

The statistics obtained enable us to improve our offer and make it more interesting for you as a user. This website also uses Google Analytics for a cross-device analysis of visitor flows, which is carried out via a user ID. If you have a Google user account, you can deactivate the cross-device analysis of your usage in the settings there under “My data”, “Personal data“.

The legal basis for the use of Google Analytics is Article 6 para. 1 p. 1 lit. f GDPR. The IP address transmitted by your browser as part of Google Analytics will not be merged with any other Google data. Please note that on this website Google Analytics has been extended by the code “_anonymizeIp();” to ensure anonymised collection of IP addresses. This means that IP addresses are processed in abbreviated form, which excludes the possibility of personal references being made. If the data collected about you is related to a person, this is immediately excluded and the personal data is deleted immediately.

Only in exceptional cases will the full IP address be transferred to a Google server in the USA and abbreviated there. Google will use this information on behalf of the operator of this website for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage to the website operator.

Google Analytics uses cookies. The information generated by the cookie about your use of this website is generally transmitted to a Google server in the USA and stored there. You may refuse the use of cookies by selecting the appropriate settings on your browser, however, please note that if you do this you may not be able to use the full functionality of this website. In addition, you can prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) by Google, as well as the processing of this data by Google, by downloading and installing the browser plugin available under the following link: Google Analytics deactivate.

In addition, you can also prevent the use of Google Analytics by clicking on this link: Google Analytics deactivate. This will save what is known as an opt-out cookie on your data carrier, which prevents the processing of personal data by Google Analytics. Please note that if you delete all cookies on your end device, these opt-out cookies will also be deleted, i.e., you will have to set the opt-out cookies again if you wish to continue to prevent this form of data collection. The opt-out cookies are set per browser and computer/end device and must therefore be activated separately for each browser, computer or other end device.

Privacy policy for the use of Google Web Fonts

This website uses what are known as web fonts provided by Google for the uniform display of fonts. When you call up a page, your browser loads the required web fonts into its browser cache to display texts and fonts correctly. If your browser does not support web fonts, your computer will use a standard font.

Further information on Google Web Fonts can be found at https://developers.google.com/fonts/faq and in Google’s privacy policy: https://www.google.com/policies/privacy/

Google Tag Manager

Google Tag Manager is a solution with which we can manage what are known as website tags via an interface and so integrate services such as Google Analytics and other Google marketing services into our online offer. The tag manager itself, which implements the tags, does not process any personal data about users. With regard to the processing of users’ personal data, please refer to the following information on Google services. Usage guidelines:https://www.google.com/intl/de/tagmanager/use-policy.html.

Copyrights

The copyright and all other rights to the content, images, photos or other files on the website belong exclusively to the operator of this website or to the specifically named copyright holders. The written consent of the copyright holder must be obtained in advance for the reproduction of any files.

Anyone who commits a copyright infringement without the consent of the respective copyright holder may be liable to prosecution and potentially for damages.

General disclaimer

All the information on our website has been carefully checked. We make every effort to ensure that the information we provide is up-to-date, correct and complete. Despite this, it is impossible to rule out completely errors occurring, which means that we cannot guarantee that the information is complete, correct and up-to-date, including journalistic and editorial information. Liability claims involving damage caused by the use of any information provided, including any kind of information that is incomplete or incorrect, will therefore be rejected.

The publisher may change or delete texts at its own discretion and without notice and has no obligation to update the content of this website. Use of or access to this website is at the visitor’s own risk. The publisher, its clients or partners are not responsible for damages, such as direct, indirect, incidental, consequential, or punitive damages, allegedly caused using this website and consequently assume no liability for such damages.

The publisher also accepts no responsibility or liability for the content and availability of third-party websites that can be accessed using external links on this website. The operators of the linked sites are entirely responsible for their content. The publisher therefore expressly distances itself from all third-party content that may be relevant under criminal or liability law or that may offend common decency.

Modifications

We may amend this privacy policy at any time without prior notice. The current version published on our website will apply. As far as the privacy policy is part of an agreement with you, we will inform you of the change by e-mail or other suitable means in the event of an update.

Questions for the data protection officer

If you have any questions about data protection, please write to us by e-mail or make direct contact with the data protection officer listed at the beginning of this privacy policy.

26.08.2022
Source: SwissAnwalt

x