This Privacy Policy informs you about which personal data we process in connection with our activities and operations, including our website store.swiss-ski.ch. We explain in particular what, how, and where we process personal data and inform about the rights of individuals whose data we process.
Additional privacy statements and other legal documents, such as Terms and Conditions, Terms of Use, or Participation Terms, may apply to specific activities and operations.
Responsibility for processing personal data:
Swiss-Ski Store GmbH
Arastrasse 6
3048 Worblaufen
store@swiss-ski.ch
We will indicate if there are other controllers responsible for processing personal data in individual cases.
Data Protection Representation in the European Economic Area (EEA):
We have the following data protection representative in accordance with Art. 27 GDPR. This representative serves as an additional point of contact for supervisory authorities and individuals in the European Union (EU) and the rest of the EEA for inquiries related to the General Data Protection Regulation (GDPR):
VGS Datenschutzpartner UG
Am Kaiserkai 69
20457 Hamburg
Germany
info@datenschutzpartner.eu
Personal data refers to any information relating to an identified or identifiable natural person. A data subject is a natural person whose personal data is processed.
Processing includes any handling of personal data, irrespective of the means and procedures used, including storage, disclosure, procurement, collection, deletion, retention, alteration, destruction, or use of personal data.
The European Economic Area (EEA) includes the member states of the European Union (EU) as well as Liechtenstein, Iceland, and Norway. The General Data Protection Regulation (GDPR) refers to the regulation of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data.
We process personal data in accordance with applicable law, including the Swiss Federal Data Protection Act (DPA) and the Data Protection Ordinance (DPO) and, where applicable, the GDPR.
We process personal data particularly for the following purposes:
In connection with the conclusion and fulfillment of contracts as well as to perform pre-contractual obligations.
To safeguard legitimate interests of ours or of third parties, provided the interests of the data subject do not outweigh. Legitimate interests include our interest in permanently, user-friendly, securely, and reliably optimizing our services, products, activities, and operations, for direct marketing, usage behavior and analysis purposes, ensuring system and information security, protecting against misuse, enforcing our own legal claims.
To fulfill legal or regulatory obligations.
Where applicable, to the extent of the data subject's consent.
We process those personal data necessary to carry out our activities and operations in a permanent, user-friendly, secure, and reliable manner. Such personal data may particularly include categories of master and contact data, browser and device data, content data, metadata, and usage data, location data, sales data, and contract and payment data.
We process personal data for as long as necessary for the respective purpose or purposes or as legally required. Personal data that is no longer required will be anonymized or deleted.
Master data refers to data necessary for contract conclusion, such as name, address, age/date of birth, bank details, etc.
When using our website or app, your device's location services may be used to collect location data. This is done for targeted marketing purposes. No movement or other profiles are created from this data.
This includes device information such as browser information, operating system, IP address, login data, session duration, date, and time of visit, etc.
Usage data includes information on services and products you use or purchase, such as order information, order frequency, sales data, order time, etc.
To provide our services and products as well as for maintenance and marketing purposes, we may have personal data processed by third parties, jointly processed with third parties, or transmitted to third parties. Such third parties are particularly specialized providers whose services we utilize. We may also share data with our partners or companies managed jointly. We require third parties to adhere to data protection policies in accordance with this policy. Due to legal or regulatory requirements, we may be obliged to disclose data to competent courts, authorities, or other governmental bodies.
In this context, we particularly process information that a data subject voluntarily and actively provides when contacting us — e.g., by mail, email, instant messaging, contact forms, social media, or phone — or when registering for a user account. We may store such information, for example, in an address book or with similar tools.
We primarily process personal data in Switzerland and the EEA. However, we may also export or transfer personal data to other countries, particularly to process it there or have it processed.
If personal data is processed in countries that do not ensure adequate data protection, the conclusion of standard contractual clauses or other guarantees ensures that appropriate technical and organizational measures are implemented to provide adequate protection for your data.
Data subjects whose personal data we process have rights under Swiss data protection law. These include the right to information as well as the right to correction, deletion, or transfer of processed personal data. Data deletion applies only to data in the production system – due to legitimate interests, to comply with legal and/or regulatory retention and other obligations, as well as for technical reasons, we note that data deletion does not include backup copies. Data subjects whose personal data we process may request information once a year free of charge about whether and which personal data we process.
If the processing of personal data is based on consent, this consent may be withdrawn at any time with future effect.
Data subjects whose personal data we process have the right to lodge a complaint with the competent supervisory authority. The supervisory authority for data protection in Switzerland is the Federal Data Protection and Information Commissioner (FDPIC).
We implement appropriate technical and organizational measures to ensure a level of data security appropriate to the risk. However, we cannot guarantee absolute data security.
Access to our website is via transport encryption (SSL/TLS, in particular with Hypertext Transfer Protocol Secure, abbreviated HTTPS). Most browsers indicate transport encryption with a padlock in the address bar.
Our digital communication is subject – like virtually all digital communication – to indiscriminate and suspicion-independent mass surveillance as well as other monitoring by security authorities in Switzerland, other parts of Europe, the United States of America (USA), and other countries. We have no direct influence on the corresponding processing of personal data by intelligence agencies, police stations, and other security authorities.
We may use cookies. Cookies – both our own cookies (first-party cookies) and cookies from third parties whose services we use (third-party cookies) – are data stored in your browser. Such stored data does not need to be limited to traditional text cookies. Cookies cannot execute programs or transmit malware such as Trojans and viruses.
Cookies may be stored in your browser temporarily as "session cookies" or for a specific period as so-called permanent cookies. "Session cookies" are automatically deleted when you close your browser. Permanent cookies have a certain storage duration but can be manually deleted at any time from your browser history. Cookies enable, in particular, the recognition of your browser on your next visit to our website and, for example, measuring the reach of our website. Permanent cookies can also be used for online marketing.
Necessary cookies are automatically activated as they are technically required for the provision and optimization of our website and for system security. When using necessary cookies, your browser automatically sends information to our servers. This includes the IP address, language settings, session duration, referral URL, details about the web browser and operating system, as well as the date and time of the visit. In addition to necessary cookies, we also use optional cookies, provided you consent to their use. You can disable or delete optional cookies in your browser settings at any time, either fully or partially. Without optional cookies, our website may not be available in full.
We store such information, which may also represent personal data, in server log files. This information is required to provide our website permanently, user-friendly, and reliably, and to ensure data security and, in particular, the protection of personal data – also through or with the help of third parties.
We may use tracking pixels on our website. Tracking pixels are also known as web beacons. Tracking pixels – including those from third parties whose services we use – are small, usually invisible images that are automatically retrieved when you visit our website. Tracking pixels can capture the same information as server log files.
We send notifications and communications via email and other communication channels such as instant messaging or SMS.
Notifications and communications may contain web links or tracking pixels that track whether a specific notification was opened and which web links were clicked. Such web links and tracking pixels can also collect personal data on the use of notifications and communications. We need this statistical tracking of use for success and reach measurement to send notifications and communications effectively and user-friendly based on the needs and reading habits of recipients, as well as permanently, securely, and reliably.
If the processing of your data is based on consent, you can object to the processing at any time.
We send notifications and communications with the help of specialized service providers. We use in particular:
Salesforce Marketing Cloud: Marketing automation platform; provider: Salesforce, Inc. (USA)
We are present on social media platforms and other online platforms to communicate with interested individuals and to inform about our activities and operations. In connection with such platforms, personal data may also be processed outside Switzerland and the EEA. For this purpose, we use social media or other platform plugins. By clicking on the respective icon or logo, you will be automatically linked to the Swiss-Ski account on the respective platform. The General Terms and Conditions (GTC), Terms of Use, Privacy Policies, and other provisions of the individual operators of such platforms also apply.
For our social media presence on Facebook, including the so-called Page Insights, we are jointly responsible with Meta Platforms Ireland Limited (Ireland). Meta Platforms Ireland Limited is part of Meta Companies (including in the USA). Page Insights provide information on how visitors interact with our Facebook presence. We use Page Insights to effectively and user-friendly provide our social media presence on Facebook.
Further details about the nature, scope, and purpose of data processing, information about the rights of data subjects, and the contact details of Facebook as well as Facebook's data protection officer can be found in Facebook's Privacy Policy. We have entered into the "Controller Addendum" with Facebook, agreeing in particular that Facebook is responsible for ensuring the rights of data subjects. For Page Insights, the relevant information can be found on the page "Information on Page Insights" including "Information on Page Insights Data."
We use third-party services to carry out our activities and operations permanently, user-friendly, securely, and reliably. Such services may also serve to embed content on our website. These services require your IP address as the relevant content cannot otherwise be transmitted.
For their own security-related, statistical, and technical purposes, third parties whose services we use may process data related to our activities and operations in an aggregated, anonymized, or pseudonymized form. This may include performance or usage data.
We use, in particular:
Google Services: Providers: Google LLC (USA) / Google Ireland Limited (Ireland) for users in the EEA and Switzerland (Privacy Policy).
We use third-party services to enable the direct playback of audiovisual media such as music or videos on our website.
We use, in particular:
Vimeo: Videos; provider: Vimeo Inc. (USA) (Privacy Policy).
YouTube: Videos; provider: Google (including in the USA) (Privacy Policy).
We operate e-commerce and use third-party services to successfully offer services, content, or goods.
We use payment service providers to process payments from our customers securely and reliably. The terms and conditions of the respective payment service providers, such as General Terms and Conditions (GTC) or Privacy Policies, apply.
We may adjust and supplement this Privacy Policy at any time. Therefore, we recommend regularly checking our website for possible updates.
August 2024