The responsible body within the meaning of data protection laws, in particular the EU General Data Protection Regulation (GDPR), is:
UPR Consulting AG
Based on Article 13 of the Swiss Federal Constitution and the data protection regulations of the Federal Republic of Germany (Data Protection Act, DSG), every person is entitled to protection of his privacy as well as to protection against misuse of his/her personal data. The operators of these sites take the protection of your personal data very seriously. We treat your personal data with confidentiality and in accordance with the statutory data protection regulations and this data protection declaration.
In cooperation with our hosting providers, we strive to protect the databases as much as possible from third-party access, loss, misuse or counterfeiting.
We would like to point out that data transmission over the Internet (e.g. when communicating via e-mail) may have security gaps. Complete protection of data against access by third parties is not possible.
By using this website, you agree to the collection, processing and use of data as described below. This website can always be visited without registration. Data such as pages accessed or the names of the retrieved file, date and time are stored on the server for statistical purposes without this data being directly related to you. Personal data, in particular name, address or e-mail address are collected as far as possible on a voluntary basis. Without your consent, the data will not be passed on to third parties.
Processing of personal data
Personal data is any information relating to an identified or identifiable person. A data subject is a person through which personal data is processed. Editing includes all handling of personal data, regardless of the means and procedures used, in particular the retention, disclosure, procure, deletion, storage, modification, destruction and use of personal data.
We process personal data in accordance with Swiss data protection law. In addition, if and insofar as the EU GDPR is applicable, we process personal data in accordance with the following legal bases in connection with Article 6(1). 1 GDPR:
- Lit. a) Processing of personal data with the consent of the data subject.
- Lit. b) Processing of personal data for the performance of a contract with the data subject as well as for the implementation of corresponding pre-contractual measures.
- Lit. c) Processing of personal data in order to fulfil a legal obligation to which we are subject in accordance with applicable EU law or, if applicable, the applicable law of a country in which the GDPR is fully or partially applicable.
- Lit. (d) processing of personal data in order to protect the vital interests of the data subject or any other natural person.
- Lit. f) processing of personal data in order to safeguard the legitimate interests of us or third parties, unless the fundamental freedoms and fundamental rights as well as the interests of the data subject prevail. Legitimate interests are, in particular, our business interest in being able to provide our website, information security, the enforcement of our own legal claims and compliance with Swiss law.
We process personal data for the duration required for the respective purpose or purpose. In the event of longer retention obligations due to legal and other obligations to which we are subject, we shall restrict the processing accordingly.
This website uses SSL/TLS encryption for security reasons and to protect the transmission of confidential content, such as the requests you send to us as a site operator. You can recognize an encrypted connection by the fact that the address bar of the browser changes from “http://” to “https://” and by the lock icon in your browser line.
If SSL or TLS encryption is enabled, the data you submit to us cannot be read by third parties.
Data transfer security (without SSL)
Please note that data transmitted over an open network such as the Internet or an e-mail service without SSL encryption is accessible to everyone. You can recognize an unencrypted connection by the fact that the address line of the browser displays “http://” and no lock icon appears in your browser line. Information transmitted over the Internet and content received online may be transmitted over third-party networks. We cannot guarantee the confidentiality of communications or documents transmitted through such open networks or third-party networks.
If you disclose personal information through an open network or third-party networks, you should be aware that your data will be lost or that third parties are potentially accessing that information and, consequently, the data will be collect and use consent. In many cases, the individual data packets are transmitted in encrypted form, but not the names of the sender and the recipient. Even if the sender and the recipient live in the same country, data is transmitted frequently and without controls via third countries, i.e. also via countries that do not provide the same level of data protection as your country of residence. We assume no responsibility for the security of your data during transmission via the Internet and disclaim any liability for direct and indirect losses. We kindly ask you to use other means of communication if you consider this necessary or reasonable for security reasons.
Despite extensive technical and organizational safeguards, data may be lost or intercepted and/or tampered with by unauthorized persons. We take appropriate technical and organisational security measures as far as possible to prevent this within our system. However, your computer is outside the security area that we can control. It is your responsibility as a user to inform yourself about the necessary security precautions and to take appropriate measures in this regard. As a website operator, we are not liable for any damage that you may incur as a result of data loss or manipulation.
Data which you provide in online forms can be passed on to commissioned third parties for order processing and can be viewed by them and processed if necessary.
The provider of this website automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:
- Browser type and browser version
- operating system used
- Referrer URL
- Host name of the accessing machine
- Time of server request
This data cannot be allocated to specific persons. This data is not merged with other data sources. We reserve the right to check this data retrospectively if we become aware of concrete indications of illegal use.
Services of third parties
This website uses Google Maps for embedding maps, Google Invisible reCAPTCHA for protection against bots and spam, and YouTube for embedding videos.
These services of the American Google LLC use, among other things, cookies and as a result, data is transmitted to Google in the USA, whereby we assume that in this context no personal tracking takes place solely through the use of our website.
Google is committed to ensuring adequate data protection in accordance with the US-European and US-Swiss Privacy Shields.
If you send us enquiries via the contact form, your details from the request form, including the contact details you provide there, will be stored with us for the purpose of processing the request and in case of follow-up questions. We do not share this data without your consent.
UPR Consulting is not making use of these messages or data other than to follow up on users’ registered issues or inquiries. Your personal data will be processed and transmitted in accordance with the General Data Protection Regulation (GDPR).
If you wish to receive the newsletter offered on this website, we require an e-mail address from you as well as information that allows us to verify that you are the owner of the e-mail address provided and that you receive the newsletter. agree. No further data will be collected. We use this data exclusively for the sending of the requested information and do not pass it on to third parties.
You can revoke your consent to the storage of the data, the e-mail address and their use for sending the newsletter at any time, for example via the “Unsubscribe” link in the newsletter.
You have the right at any time to free information about your stored personal data, its origin and recipient and the purpose of the data processing as well as the right to rectification, blocking or deletion of this data. You can contact us at any time at the address given in the imprint for further questions on the subject of personal data.
For the provision of paid services, we are asking for additional data, such as payment details, in order to place your order or to be able to execute your job. We store this data in our systems until the legal retention periods have expired.
Using Google Maps
Detailed instructions on how to manage your own data in connection with Google products can be found here.
This website uses Google Conversion Tracking. If you have reached our website via an ad posted by Google, Google Adwords will set a cookie on your computer. The conversion tracking cookie is set when a user clicks on an ad placed by Google. These cookies expire after 30 days and are not used for personal identification. If the user visits certain pages of our website and the cookie has not yet expired, we and Google can recognize that the user has clicked on the ad and has been redirected to this page. Each Google AdWords customer receives a different cookie. Cookies cannot be tracked through AdWords customers’ websites. The information collected using the conversion cookie is used to generate conversion statistics for AdWords customers who have opted for conversion tracking. Customers will find out the total number of users who clicked on their ad and have been redirected to a page tagged with a conversion tracking tag. However, you will not receive any information that can be used to personally identify users.
If you do not wish to participate in the tracking, you can refuse the setting of a cookie required for this purpose – for example, by means of a browser setting, which generally disables the automatic setting of cookies or set your browser so that cookies from the domain ” googleleadservices.com” are blocked.
Please note that you may not delete the opt-out cookies as long as you do not want to record measurement data. If you have deleted all your cookies in the browser, you must set the respective opt-out cookie again.
Using Google Remarketing
This website uses the remarketing function of Google Inc. The feature is used to present interest-based advertisements to website visitors within the Google advertising network. A so-called “cookie” is stored in the browser of the website visitor, which makes it possible to recognize the visitor when he or she accesses websites that belong to Google’s advertising network. On these pages, the visitor may be presented with advertisements relating to content that the visitor has previously accessed on websites that use Google’s remarketing function.
Using Google reCAPTCHA
This website uses the reCAPTCHA service of Google Inc. (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; “Google”). The purpose of the query is to distinguish whether the input is by a human being or by automated, machine processing. The query includes the sending of the IP address and, if necessary, other data required by Google for the service reCAPTCHA to Google. For this purpose, your input will be transmitted to Google and will continue to be used there. However, Google will truncate your IP address beforehand within Member States of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and truncated there. On behalf of the operator of this website, Google will use this information to evaluate your use of this service. The IP address transmitted by your browser as part of reCaptcha will not be merged with other data from Google. Your data may also be transferred to the USA. For data transfers to the USA, an adequacy decision of the European Commission, the “Privacy Shield”, is available. Google participates in the “Privacy Shield” and has submitted to the requirements. By pressing the query, you consent to the processing of your data. The processing shall be carried out on the basis of Article 6 (1) lit. a GDPR with your consent. You can revoke your consent at any time without affecting the legality of the processing carried out on the basis of the consent until the revocation.
This website uses Google AdSense, a service for integrating advertisements from Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. GoogleAdSense uses so-called “cookies”, text files that are stored on your computer and which enable an analysis of the use of the website. Google AdSense also uses so-called web beacons (invisible graphics). These web beacons can be used to evaluate information such as visitor traffic on these pages. The information generated by cookies and web beacons about the use of this website (including your IP address) and delivery of advertising formats is transmitted to a Google server in the USA and stored there. This information may be passed on by Google to Google’s contractual partners. However, Google will not merge your IP address with other data you store. You can prevent the installation of cookies by setting your browser software accordingly; however, we would like to point out that in this case you may not be able to use all functions of this website to the full extent. By using this website, you consent to the processing of the data collected about you by Google in the manner and for the purposes described above.
This website uses so-called web fonts provided by Google to display fonts in a consistent manner. When you visit a page, your browser loads the required web fonts into its browser cache to display texts and fonts correctly. If your browser does not support web fonts, a default font will be used by your computer.
Google Tag Manager
Google Tag Manager is a solution that allows us to manage so-called website tags from one interface and thus integrate Google Analytics and other Google marketing services into our online offering. The Tag Manager itself, which implements the tags, does not process personal data of the users. With regard to the processing of users’ personal data, reference is made to the following information on the Google services. Usage Policies: https://www.google.com/intl/de/tagmanager/use-policy.html.
External payment service providers
This website uses external payment service providers, through whose platforms users and we can make payment transactions. For example, via
- PostFinance (https://www.postfinance.ch/de/detail/rechtliches-barrierefreiheit.html)
- Visa (https://www.visa.de/nutzungsbedingungen/visa-privacy-center.html)
- Mastercard (https://www.mastercard.ch/de-ch/datenschutz.html)
- American Express (https://www.americanexpress.com/de/content/privacy-policy-statement.html)
- Paypal (https://www.paypal.com/de/webapps/mpp/ua/privacy-full)
- Bexio AG (https://www.bexio.com/de-CH/datenschutz)
- Payrexx AG (https://www.payrexx.ch/site/assets/files/2592/datenschutzerklaerung.pdf)
- Apple Pay (https://support.apple.com/de-ch/ht203027)
- Stripe (https://stripe.com/ch/privacy)
- Klarna (https://www.klarna.com/de/datenschutz/)
- Skrill (https://www.skrill.com/de/fusszeile/datenschutzrichtlinie/)
- Giropay (https://www.giropay.de/rechtliches/datenschutz-agb/) etc.
In the context of the fulfilment of contracts, we shall set the payment service providers on the basis of the Swiss Data Protection Ordinance and, if necessary, Article 6(3) of the 1 lit. b. EU GDPR. In addition, we set external payment service providers on the basis of our legitimate interests in accordance with Swiss Data Protection Ordinance and, where necessary, in accordance with Art. 1 lit. f. EU GDPR to provide our users with effective and secure payment options.
The data processed by the payment service providers includes inventory data, such as name and address, bank details, such as account numbers or credit card numbers, passwords, TANs and checksums, as well as contract, sums and recipient-related information. The information is required to carry out the transactions. However, the entered data is only processed by the payment service providers and stored by them. As an operator, we do not receive any information about (bank) account or credit card, but only information to confirm (acceptance) or refuse payment. The data may be transmitted by the payment service providers to economic information agencies. The purpose of this transmission is to verify identity and creditworthiness. For this purpose, we refer to the general terms and conditions and data protection notices of the payment service providers.
The terms and conditions and data protection notices of the respective payment service providers apply to the payment transactions, which can be accessed within the respective website or transaction applications. We also refer to these for further information and assertion of revocation, information and other data subject rights.
Newsletter – Mailchimp
The newsletters are sent by mail service provider ‘MailChimp’, a newsletter delivery platform of the US provider Rocket Science Group, LLC, 675 Ponce De Leon Ave NE #5000, Atlanta, GA 30308, USA. The data protection regulations of the shipping service provider can be viewed here. The Rocket Science Group LLC d/b/a MailChimp is certified under the Privacy Shield Agreement and provides a guarantee to comply with the European level of data protection (PrivacyShield). The shipping service provider is based on our legitimate interests in accordance with Art. 1 lit. f GDPR and an order processing contract in accordance with Article 28(2) 3 p. 1 GDPR.
The shipping service provider may use the data of the recipients in a pseudonymous form, i.e. without assignment to a user, for the optimization or improvement of its own services, e.g. for the technical optimization of the dispatch and presentation of the newsletters or for statistical purposes. However, the shipping service provider does not use the data of our newsletter recipients to write it down or to pass the data on to third parties.
We process the data of our customers in accordance with the data protection regulations of the Federal Government (Data Protection Act, DSG) and the EU GDPR within the scope of our contractual services.
In doing so, we process inventory data (e.g., customer master data, such as names or addresses), contact data (e.g. e-mail, telephone numbers), content data (e.g. text entries, etc.), contract data (e.g. contract subject matter, term), payment data (e.g. bank details, payment history), usage and metadata (e.g. in the context of the evaluation and success measurement of marketing measures). Those affected include our customers, interested parties as well as their customers, users, website visitors or employees as well as third parties. The purpose of the processing is the provision of contractual services, billing and our customer service. The legal bases of the processing are derived from Article 6(4) of the 1 lit. b GDPR (contractual services), Art. 1 lit. f GDPR (analysis, statistics, optimization, security measures). We process data that are necessary for the establishment and fulfilment of the contractual services and indicate the necessity of their disclosure. Disclosure to external parties is only made if it is required under an order. When processing the data provided to us in the context of an order, we act in accordance with the instructions of the client as well as the legal requirements of order processing in accordance with: Article 28 GDPR and process the data for purposes other than those specified in the order.
We delete the data after the expiry of statutory warranty and comparable obligations. The need to retain the data is checked at irregular intervals. In the case of the statutory archiving obligations, the deletion takes place after the expiry of them. In the case of data that has been disclosed to us in the context of an order by the client, we delete the data in accordance with the specifications of the order, in principle after the end of the order.
Note regarding data transfers to the USA (United States of America)
For the sake of completeness, we would like to point out that users based in Switzerland are provided with monitoring measures by US authorities, which generally allow the storage of all personal data from Switzerland – which have been transferred to the USA.
This is done without differentiation, limitation or exception on the basis of the objectives pursued and without an objective criterion which makes it possible to restrict the access of the US authorities to the data and their subsequent use to very specific, strictly limited purposes capable of justifying access to and interference with such data. In addition, we would like to point out that in the USA there are no remedies for the data subjects from Switzerland, which would allow access to the data concerning you and to obtain their correction or deletion, or there is no effective judicial protection against general access rights of US authorities. We explicitly draw the attention of the data subject to this legal and factual situation in order to make a correspondingly informed decision to consent to the use of his data.
We would like to point out to users residing in an EU Member State that the US does not have a sufficient level of data protection from the European Union’s point of view.
The copyright and all other rights to content, images, photos or other files on the website belong exclusively to the operator of this website or to the specifically named rights holders. For the reproduction of all files, the written consent of the copyright holder must be obtained in advance.
Anyone who commits a copyright infringement without the consent of the respective right holder can make himself liable to prosecution and, if necessary, to pay compensation.
All information on our website has been carefully checked. We make every effort to offer our information available up-to-date, correct and complete. Nevertheless, the occurrence of errors cannot be completely ruled out, which means that we cannot guarantee the completeness, correctness and topicality of information, even of a journalistic and editorial nature. Liability claims arising from material or non-material damage caused by the use of the information offered are excluded, provided that there is no demonstrable intentional or grossly negligent fault.
The publisher may, at its sole discretion and without notice, modify or delete texts and is not obliged to update the contents of this website. The use or access to this website is at the visitor’s own risk. The publisher, its principals or partners are not responsible for damages, such as direct, indirect, incidental, predetermined or consequential damages, which are allegedly caused by the visit to this website and therefore do not assume any Liability.
The publisher also assumes no responsibility and liability for the content and availability of third-party websites that can be accessed via external links of this website. The operators of the linked pages are solely responsible for their content. The publisher thus expressly distances himself from all contents of third parties that may be relevant under criminal law or liability law or which violate good morals.
Questions to the Data Protection Supervisor
In the event these terms are translated into any language other than German, the German version will govern, the translated version is for convenience only and will not be interpreted to modify the German version. You can find the German version of these terms at Datenschutzerklärung UPR Consulting AG
Lauerz, Jan 17, 2020