privacy

Privacy Policy

Responsible body within the meaning of data protection laws, in particular the EU General Data Protection Regulation (GDPR), is:

elite Web Group
F. Lamza
8408 Winterthur

E-Mail: info@candy24.ch
Website: https://www.candy24.ch/

General note

Based on Article 13 of the Swiss Federal Constitution and the data protection regulations of the federal government (Data Protection Act, DSG), every person has the right to protection of their privacy and protection against misuse of their personal data. The operators of these pages take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this data protection declaration.

In cooperation with our hosting providers, we try to protect the databases as well as possible against unauthorized access, loss, misuse or falsification.

We would like to point out that data transmission on the Internet (e.g. when communicating by e-mail) can have security gaps. A complete protection of the data against access by third parties is not possible.

By using this website, you agree to the collection, processing and use of data as described below. This website can generally be visited without registration. Data such as the pages called up or the name of the file called up, the date and time are stored on the server for statistical purposes, without this data being directly related to your person. Personal data, in particular name, address or e-mail address, are collected on a voluntary basis as far as possible. The data will not be passed on to third parties without your consent.

Processing of personal data

Personal data is all information that relates to a specific or identifiable person. A data subject is a person about whom personal data is processed. Processing includes any handling of personal data, regardless of the means and procedures used, in particular the storage, disclosure, procurement, deletion, storage, modification, destruction and use of personal data.

We process personal data in accordance with Swiss data protection law. In addition, we process personal data in accordance with the following legal bases in connection with Art. 6 Para

  • lit. a) Processing of personal data with the consent of the person concerned.
  • lit. b) Processing of personal data to fulfill a contract with the data subject and to carry out appropriate pre-contractual measures.
  • lit. c) Processing of personal data to fulfill a legal obligation to which we are subject under any applicable EU law or under any applicable law of a country in which the GDPR is fully or partially applicable.
  • lit. d) Processing of personal data to protect the vital interests of the data subject or another natural person.
  • lit. f) Processing of personal data in order to protect our legitimate interests or those of third parties, provided that the fundamental freedoms and fundamental rights and interests of the data subject do not prevail. Legitimate interests are in particular our business interest in being able to provide our website, information security, the enforcement of our own legal claims and compliance with Swiss law.

We process personal data for the duration necessary for the respective purpose or purposes.In the case of longer-lasting storage obligations due to legal and other obligations to which we are subject, we restrict the processing accordingly

Privacy policy for cookies

This website uses cookies. These are small text files that make it possible to store specific, user-related information on the user's device while he is using the website. Cookies make it possible, in particular, to determine the frequency of use and the number of users of the pages, to analyze behavior of the page use, but also to make our offer more customer-friendly. Cookies remain stored at the end of a browser session and can be called up again when you visit the site again. If you do not want this, you should set your Internet browser so that it refuses to accept cookies.

Privacy Policy for SSL Encryption

This website uses SSL encryption for security reasons and to protect the transmission of confidential content, such as requests that you send to us as the site operator. You can recognize an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in your browser line.

If SSL encryption is activated, the data you transmit to us cannot be read by third parties.

Third Party Services

This website may use Google Maps for embedding maps, Google Invisible reCAPTCHA for protection against bots and spam, and YouTube for embedding videos.

These services of the American Google LLC use cookies, among other things, and as a result data is transmitted to Google in the USA, whereby we assume that no personal tracking takes place in this context solely through the use of our website.

Google has undertaken to ensure adequate data protection in accordance with the American-European and the American-Swiss Privacy Shield.

More information can be found in the Google Privacy Policy.

Privacy policy for contact form

If you send us inquiries via the contact form, your details from the inquiry form, including the contact details you provided there, will be stored by us for the purpose of processing the inquiry and in the event of follow-up questions. We will not pass on this data without your consent.

Privacy policy for newsletter data

If you would like to receive the newsletter offered on this website, we need an e-mail address from you as well as information that allows us to verify that you are the owner of the e-mail address provided and that receipt of the newsletter agree. Further data is not collected. We use this data exclusively for sending the requested information and do not pass it on to third parties.

You can revoke your consent to the storage of the data, the e-mail address and their use for sending the newsletter at any time, for example via the "unsubscribe" link in the newsletter.

Data protection declaration for the right to information, deletion, blocking

You have the right to free information about your stored personal data, its origin and recipient and the purpose of the data processing as well as a right to correction, blocking or deletion of this data at any time. You can contact us at any time at the address given in the imprint if you have any further questions on the subject of personal data.

Privacy policy for objecting to advertising mails

The use of contact data published as part of the imprint obligation for sending unsolicited advertising and information material is hereby prohibited. The operators of the pages expressly reserve the right to take legal action in the event of unsolicited sending of advertising information, such as spam e-mails .

Google AdWords

This website uses Google Conversion Tracking. If you have reached our website via an ad placed by Google, Google Adwords will set a cookie on your computer. The conversion tracking cookie is set when a user clicks on an ad served by Google. These cookies lose their validity after 30 days and are not used for personal identification. If the user visits certain pages of our website and the cookie has not yet expired, we and Google can recognize that the user clicked on the ad and was redirected to this page. Each Google AdWords customer receives a different cookie. This means that cookies cannot be tracked via the websites of AdWords customers. The information obtained using the conversion cookie is used to create conversion statistics for AdWords customers who have opted for conversion tracking. Customers find out the total number of users who clicked on their ad and were redirected to a page with a conversion tracking tag. However, they do not receive any information with which users can be personally identified.

If you do not want to participate in the tracking, you can reject the setting of a cookie required for this - for example via browser settings that generally deactivate the automatic setting of cookies or set your browser so that cookies from the domain "googleleadservices.com" be blocked.

Please note that you may not delete the opt-out cookies as long as you do not want measurement data to be recorded. If you have deleted all your cookies in the browser, you must set the respective opt-out cookie again.

Use of Google Remarketing

This website uses the remarketing function of Google Inc. The function is used to present interest-based advertisements to website visitors within the Google advertising network. A so-called "cookie" is stored in the browser of the website visitor, which makes it possible to recognize the visitor when he or she calls up websites that belong to the Google advertising network. On these pages, the visitor can be presented with advertisements that refer to content that the visitor has previously accessed on websites that use Google's remarketing function.

According to its own statements, Google does not collect any personal data during this process. If you still do not want Google's remarketing function, you can always deactivate it by making the appropriate settings under http://www.google.com/settings/ads. Alternatively, you can disable the use of cookies for interest-based advertising through the Ad Network Initiative by following the instructions at http://www.networkadvertising.org/managing/opt_out.asp.

Privacy Policy for Google Analytics

This website uses Google Analytics, a web analytics service provided by Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA. To deactivate Google Analytics, Google provides a browser plug-in at https://tools.google.com/dlpage/gaoptout?hl=de. Google Analytics uses cookies.These are small text files that make it possible to store specific, user-related information on the user's device. These enable Google to analyze the use of our website. The information collected by the cookie about the use of our website (including your IP address) is usually transmitted to a Google server in the USA and stored there. We would like to point out that on this website Google Analytics has been expanded to include the code "gat._anonymizeIp();" in order to ensure that IP addresses are recorded anonymously (so-called IP masking). If anonymization is active, Google shortens IP addresses within member states of the European Union or in other contracting states of the Agreement on the European Economic Area, which means that no conclusions can be drawn about your identity. Only in exceptional cases will the full IP address be sent to a Google server in the USA and shortened there. Google complies with the data protection provisions of the "Privacy Shield" agreement and is registered with the "Privacy Shield" program of the US Department of Commerce and uses the information collected to evaluate the use of our websites, to prepare reports for us regarding this and to provide other related services to us to provide. You can find out more at https://www.google.com/intl/de/analytics/privacyoverview.html.

Privacy Policy for Google AdSense

This website uses Google AdSense, a service for integrating advertisements from Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA. GoogleAdSense uses so-called "cookies", text files which are stored on your computer and which enable an analysis of the use of the website. Google AdSense also uses so-called web beacons (invisible graphics). These web beacons can be used to evaluate information such as visitor traffic on these pages. The information generated by cookies and web beacons about the use of this website (including your IP address) and the delivery of advertising formats is transmitted to a Google server in the USA and stored there. This information may be passed on by Google to Google's contractual partners. However, Google will not merge your IP address with other data stored by you. You can prevent the installation of cookies by setting your browser software accordingly; we would like to point out to you however that in this case you can if applicable not use all functions of this website in full. By using this website, you consent to the processing of data about you by Google in the manner and for the purposes set out above.

Privacy Policy for Facebook

This website uses features from Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA. When you visit our pages with Facebook plug-ins, a connection is established between your browser and the Facebook servers. Data is already being transferred to Facebook. If you have a Facebook account, this data can be linked to it. If you do not want this data to be assigned to your Facebook account, please log out of Facebook before visiting our site. Interactions, in particular using a comment function or clicking a "Like" or "Share" button, are also passed on to Facebook. You can find out more at https://de-de.facebook.com/about/privacy.

Privacy Policy for Instagram

Functions of the Instagram service are integrated on our website. These functions are offered by Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA.If you are logged into your Instagram account, you can click the Instagram button to link the content of our pages to your Instagram profile. This allows Instagram to assign your visit to our pages to your user account. We would like to point out that we, as the provider of the pages, have no knowledge of the content of the transmitted data or how it is used by Instagram.

For more information, see Instagram's privacy policy: http://instagram.com/about/legal/privacy/

External payment service providers

This website uses external payment service providers, via whose platforms the users and we can carry out payment transactions. For example over

  • PostFinance (https://www.postfinance.ch/de/detail/srechtes-barrierefreiheit.html)
  • Visa (https://www.visa.de/bedingungen/visa-privacy-center.html)
  • Mastercard (https://www.mastercard.ch/de-ch/datenschutz.html)
  • American Express (https://www.americanexpress.com/de/content/privacy-policy-statement.html)
  • Paypal (https://www.paypal.com/de/webapps/mpp/ua/privacy-full)
  • Bexio AG (https://www.bexio.com/de-CH/datenschutz)
  • Payrexx AG (https://www.payrexx.ch/site/assets/files/2592/datenschutzerklaerung.pdf)
  • Apple Pay (https://support.apple.com/de-ch/ht203027)
  • Stripe (https://stripe.com/ch/privacy)
  • Klarna (https://www.klarna.com/de/datenschutz/)
  • Skrill (https://www.skrill.com/de/fusszeile/datenschutzanleitung/)
  • Giropay (https://www.giropay.de/rechts/datenschutz-agb/) etc.

As part of the fulfillment of contracts, we use the payment service providers on the basis of the Swiss Data Protection Ordinance and, if necessary, Art. 6 Para. 1 lit. b. EU GDPR. In addition, we use external payment service providers on the basis of our legitimate interests in accordance with the Swiss Data Protection Ordinance and, if necessary, in accordance with Article 6 Paragraph 1 lit. f. EU GDPR in order to offer our users effective and secure payment options

The data processed by the payment service provider includes inventory data, such as name and address, bank data, such as account numbers or credit card numbers, passwords, TANs and checksums, as well as contract, total and recipient-related information. The information is required to carry out the transactions. However, the data entered will only be processed and stored by the payment service providers. We as the operator do not receive any information about the (bank) account or credit card, only information to confirm (accept) or reject the payment. Under certain circumstances, the payment service provider may transmit the data to credit agencies. The purpose of this transmission is to check identity and creditworthiness. For this we refer to the terms and conditions and data protection notices of the payment service providers.

The terms and conditions and data protection notices of the respective payment service provider, which can be accessed on the respective website or transaction applications, apply to payment transactions. We also refer to this for the purpose of further information and the assertion of revocation, information and other data subject rights.

Order processing in the online shop with customer account

We process the data of our customers in accordance with the data protection regulations of the federal government (Data Protection Act, DSG) and the EU-DSGVO, as part of the ordering process in our online shop, to enable them to select and order the selected products and services, as well as their To enable payment and delivery or execution.

The processed data includes master data (inventory data), communication data, contract data, payment data and the persons affected by the processing include our customers, interested parties and other business partners. The processing is carried out for the purpose of providing contractual services as part of the operation of an online shop, Billing, delivery and customer services. We use session cookies, e.g. for storing the contents of the shopping cart, and permanent cookies, e.g. for storing the login status.

The processing takes place on the basis of Art. 6 Para. 1 lit. b (implementation of order processes) and c (legally required archiving) DSGVO. The information marked as required is required for the establishment and fulfillment of the contract. We disclose the data to third parties only within the scope of delivery, payment or within the scope of legal permissions and obligations. The data will only be processed in third countries if this is necessary to fulfill the contract (e.g. at the customer's request for delivery or payment).

Users can optionally create a user account, in particular by being able to view their orders. As part of the registration, the required mandatory information is communicated to the users. The user accounts are not public and cannot be indexed by search engines such as Google. If users have terminated their user account, their data will be deleted with regard to the user account, subject to their retention being necessary for commercial or tax reasons in accordance with Article 6 (1) (c) GDPR. Information in the customer account remains until it is deleted with subsequent archiving in the event of a legal obligation. It is the user's responsibility to back up their data before the end of the contract in the event of termination.

When registering and registering again as well as using our online services, we store the IP address and the time of the respective user action. The storage takes place on the basis of our legitimate interests, as well as the user's protection against misuse and other unauthorized use. In principle, this data will not be passed on to third parties unless it is necessary to pursue our claims or there is a legal obligation to do so in accordance with Article 6 (1) (c) GDPR.

Deletion takes place after statutory warranty and comparable obligations have expired; the necessity of storing the data is checked at irregular intervals. In the case of legal archiving obligations, the deletion takes place after their expiry.

Copyright

The copyright and all other rights to content, images, photos or other files on the website belong exclusively to the operator of this website or the specifically named rights holders. For the reproduction of all files, the written consent of the copyright holder must be obtained in advance.

Anyone who commits a copyright infringement without the consent of the respective rights holder can be prosecuted and may be liable for damages.

Changes

We may change this privacy policy at any time without prior notice. The current version published on our website applies. Insofar as the data protection declaration is part of an agreement with you, in the event of an update we will inform you of the change by e-mail or by other suitable means.

Questions for the data protection officer

If you have any questions about data protection, please send us an email or contact the person responsible for data protection in our organization listed at the beginning of the data protection declaration.

Winterthur, 16.09.2018
Source: SwissAnwalt