Privacy Policy
With this Privacy Policy we inform you about the personal data we collect in connection with our Activities and tasks including ours leutenegger.com website edit. We provide information in particular on why, how and where we process which personal data. We also provide information about the rights of persons whose data we process.
Further privacy statements and other legal documents such as general terms and conditions (GTCs), terms of use, or participation conditions may apply for individual or additional activities and services.
We are subject to Swiss data protection law as well as any applicable foreign data protection law, such as particularly that of the European Union (EU) with the General Data Protection Regulation (GDPR). The European Commission acknowledges, that Swiss data protection law ensures an adequate level of data protection.
1. Contact addresses
Responsibility for processing personal data:
Leutenegger + Frei Ltd
Stefan Matti
St. Margrethenstrasse 35
9204 Andwil SG
info@leutenegger.com
We will point this out if, in individual cases, there are other controllers responsible for the processing of personal data.
2. Definitions and Legal Foundations
2.1 Terms
Personal Data are all Information relating to an identified or identifiable natural person. Affected person is a person whose personal data we process.
Edit comprises one Handling of personal data, independent of the means and procedures used, for example the querying, matching, adapting, archiving, retaining, reading out, disclosing, procuring, recording, collecting, deleting, revealing, organising, structuring, storing, altering, distributing, linking, destroying and using of personal data.
The European Economic Area (EEA) includes the Member states of the European Union (EU) as well as the Principality of Liechtenstein, Iceland and Norway. The General Data Protection Regulation (GDPR) refers to the processing of personal data as the processing of personal data.
2.2 Legal basis
We process personal data in accordance with Swiss data protection law, in particular the Federal Data Protection Act (Data Protection Act, DSG) and the Data Protection Regulation (Data Protection Regulation, GDPR).
We process personal data – insofar and to the extent that the General Data Protection Regulation (GDPR) applies – in accordance with at least one of the following legal bases:
- Article 6(1)(b) GDPR for the necessary processing of personal data for the performance of a contract with the data subject, and for the implementation of pre-contractual measures.
- Art. 6(1)(f) GDPR for the necessary processing of personal data to safeguard our legitimate interests or those of third parties, provided that the fundamental freedoms and fundamental rights, as well as the interests of the data subject, do not prevail. Legitimate interests include, in particular, our interest in being able to carry out and communicate our activities and operations permanently, in a user-friendly, secure and reliable manner, the guarantee of information security, protection against misuse, the enforcement of our own legal claims, and compliance with Swiss law.
- Art. 6(1)(c) GDPR for the necessary processing of personal data to fulfil a legal obligation to which we are subject under any applicable law of member states in the European Economic Area (EEA).
- Art. 6(1)(e) GDPR for the necessary processing of personal data for the performance of a task carried out in the public interest.
- Article 6(1)(a) GDPR for the processing of personal data with the consent of the data subject.
- Art. 6(1)(d) GDPR for the necessary processing of personal data to protect the vital interests of the data subject or another natural person.
3. Scope, extent and purpose
We process those personal data that required so that we can carry out our activities and operations permanently, in a user-friendly, secure and reliable manner. Such personal data may, in particular, fall into the categories of inventory and contact data, browser and device data, content data, meta or peripheral data and usage data, location data, sales data, and contract and payment data.
We process personal data during that Duration, which is necessary for the respective purpose or purposes or by law. Personal data which are no longer required for processing will be anonymised or deleted.
We can personal data by third parties to process. We may process or transmit personal data jointly with third parties or to third parties. Such third parties are in particular specialized service providers whose services we use. We also ensure data protection with such third parties.
We process personal data only with the consent of the data subject, unless processing is permitted for other legal reasons. Processing without consent may be permitted, for example, for the performance of a contract with the data subject and for corresponding pre-contractual measures, to safeguard our overriding legitimate interests, because the processing is apparent from the circumstances or after prior notification. In addition, personal data is processed for marketing and advertising purposes. This includes, in particular, personal data such as first name, last name and e-mail address. The newsletter can be unsubscribed from at any time using the unsubscribe link at the end of the newsletter.
Within this framework, we process in particular data that a data subject provides when making contact – for example, by post, email, instant messaging, contact form, social media or telephone – or when registering for a user account voluntarily transmitted to us. We can store such details, for example, in an address book, a Customer Relationship Management (CRM) system, or with comparable tools. If we receive data about other individuals, the transmitting individuals are obliged to ensure data protection concerning these individuals, as well as to guarantee the accuracy of this personal data.
We also process personal data that we receive from third parties, obtain from publicly accessible sources, or collect in the course of our activities and operations, insofar as and to the extent that such processing is legally permissible.
4. Applications
We process personal data of applicants to the extent that it is necessary for assessing their suitability for an employment relationship or for the subsequent performance of an employment contract. The personal data required is determined in particular by the information requested, for example, in the context of a job advertisement. We also process personal data that applicants voluntarily disclose or publish, in particular as part of cover letters, CVs and other application documents, as well as online profiles.
We process personal data about applicants – if and to the extent that the GDPR applies – in particular in accordance with Art. 9(2)(b) GDPR.
5. Personal Data Abroad
We are processing personal data Basically in Switzerland and the European Economic Area (EEA). However, we may also export or transmit personal data to other countries, particularly for processing or to have it processed there.
We can process personal data in all States and territories on Earth as elsewhere in Universe to export, provided that the law there according to Resolution of the Swiss Federal Council adequate data protection and, insofar as the General Data Protection Regulation (GDPR) is applicable, in accordance with European Commission Decision ensures adequate data protection.
We may transfer personal data to countries whose laws do not provide adequate data protection, provided that data protection is otherwise ensured, particularly on the basis of standard data protection clauses or with other appropriate safeguards. Exceptionally, we may export personal data to countries without adequate or appropriate data protection if the specific data protection requirements are met, such as the explicit consent of the data subjects or a direct connection with the conclusion or execution of a contract. We are happy to provide data subjects with information about any safeguards or supply a copy of any safeguards upon request.
6. Rights of data subjects
6.1 Data Protection Rights
We grant data subjects all rights in accordance with applicable data protection law. Data subjects have in particular the following rights:
- Information Affected individuals can request information as to whether we process personal data relating to them, and if so, what personal data this concerns. Affected individuals also receive the information necessary to assert their data protection rights and ensure transparency. This includes the personal data processed as such, but also, among other things, details of the purpose of processing, the duration of storage, any disclosure or export of data to other countries, and the origin of the personal data.
- Correction and disclaimer: Affected individuals can correct inaccurate personal data, complete incomplete data, and restrict the processing of their data.
- Deletion and objection: Affected individuals can request the deletion of personal data («right to be forgotten») and object to the processing of their data with effect for the future.
- Data release and data transfer: Affected persons can request the disclosure of personal data or the transfer of their data to another controller.
We can postpone, restrict, or refuse the exercise of data subject rights within the legally permissible framework. We can inform data subjects of any prerequisites that may need to be met for the exercise of their data protection claims. For example, we may refuse disclosure, in whole or in part, by referring to trade secrets or the protection of other persons. By way of example, we may also refuse the deletion of personal data, in whole or in part, by referring to statutory retention obligations.
We can for the exercise of the rights exceptionally Costs to be anticipated. We will inform affected persons in advance of any potential costs.
We are obliged to identify data subjects who request information or assert other rights with appropriate measures. Data subjects are obliged to cooperate.
6.2 Right to complain
Affected individuals have the right to enforce their data protection rights through legal proceedings or to lodge a complaint with a competent data protection supervisory authority.
Federal Data Protection and Information Commissioner (FDPIC) Federal Data Protection and Information Commissioner (EDÖB).
Data subjects have the right, if and to the extent that the General Data Protection Regulation (GDPR) applies, to lodge a complaint with a competent European data protection supervisory authority to raise.
7. Data Security
We take appropriate technical and organisational measures to ensure data security commensurate with the respective risk. However, we cannot guarantee absolute data security.
Access to our website is via transport encryption (SSL / TLS, in particular with Hypertext Transfer Protocol Secure, abbreviated HTTPS). Most browsers indicate transport encryption with a padlock in the address bar.
Our digital communication is subject – as Basically All digital communication – mass surveillance without cause or suspicion, and other surveillance by security authorities in Switzerland, the rest of Europe, the United States of America (USA) and other states. We cannot directly influence the corresponding processing of personal data by intelligence services, police forces and other security authorities.
8. Website Usage
8.1 Cookies
We can use cookies. Cookies – both first-party cookies and third-party cookies from services we use – are data stored in the browser. Such stored data is not necessarily limited to traditional text-based cookies.
Cookies can be temporarily stored in the browser as «session cookies» or for a specific period as so-called permanent cookies. «Session cookies» are automatically deleted when the browser is closed. Permanent cookies have a fixed storage duration. Cookies make it possible, in particular, to recognise a browser on your next visit to our website and thereby measure the reach of our website, for example. Permanent cookies can, however, also be used for online marketing, for example.
Cookies can be deactivated in whole or in part at any time in the browser settings and deleted. Without cookies, our website may not be fully available at best. We request your express consent to the use of cookies, at least where and to the extent necessary.
For cookies used for success and reach measurement or for advertising, a general objection («opt-out») is possible for numerous services via the AdChoices (Digital Advertising Alliance of Canada), which Network Advertising Initiative (NAI), YourAdChoices (Digital Advertising Alliance) or Your Online Choices (European Interactive Digital Advertising Alliance, EDAA) is possible.
8.2 Server Log Files
We may record the following information for each access to our website, provided it is transmitted by your browser to our server infrastructure or can be determined by our web server: Date and time including time zone, Internet Protocol (IP) address, access status (HTTP status code), operating system including user interface and version, browser including language and version, individual sub-page of our website accessed including amount of data transferred, website last accessed in the same browser window (Referer or Referrer).
We store such information, which may also constitute personal data, in server log files. The information is required to provide our website permanently, in a user-friendly and reliable manner, and to ensure data security and, in particular, the protection of personal data – also by third parties or with the assistance of third parties.
8.3 Tracking pixels
We can use counting pixels on our website. Counting pixels are also referred to as web beacons. Counting pixels – including those from third parties whose services we use – are small, typically invisible images that are automatically retrieved when you visit our website. Counting pixels can collect the same information as server log files.
9. Social Media
We have a presence on social media and other online platforms to communicate with interested individuals and inform them about our activities and operations. In connection with such platforms, personal data may also be processed outside of Switzerland and the European Economic Area (EEA).
The General Terms and Conditions (GTC) and terms of use, as well as data protection declarations and other provisions of the individual operators of such platforms, also apply in each case. These provisions provide information, in particular, about the rights of data subjects directly vis-à-vis the respective platform, which includes, for example, the right of access.
For our Facebook social media presence including the so-called Page Insights, we are – insofar and to the extent that the General Data Protection Regulation (GDPR) is applicable – jointly responsible with Meta Platforms Ireland Limited (Ireland). Meta Platforms Ireland Limited is part of the Meta Companies (amongst other places in the USA). Page Insights provide information on how visitors interact with our Facebook presence. We use Page Insights to effectively and user-friendly provide our social media presence on Facebook.
Further details on the type, scope and purpose of data processing, information on the rights of data subjects and the contact details of Facebook as well as Facebook's data protection officer can be found in the Facebook Privacy Policy. We have the so-called with Facebook «Additional information for those responsible» completed, and thus it is particularly agreed that Facebook is responsible for ensuring the rights of data subjects. The corresponding information for so-called Page Insights can be found on the page «Information on Page Insights» including «Information about page insights data».
10. Third-party services
We use services from specialised third parties to ensure that our activities and operations can be carried out permanently, in a user-friendly, secure, and reliable manner. Such services allow us, among other things, to embed functions and content into our website. When such content is embedded, the services used collect users' Internet Protocol (IP) addresses, at least temporarily, for technical reasons.
For necessary safety-related, statistical, and technical purposes, third parties whose services we use may process data in an aggregated, anonymised, or pseudonymised form in connection with our activities and operations. For example, this includes performance or usage data in order to be able to offer the respective service.
We use in particular:
- Google-Dienste Providers: Google LLC (USA) / Google Ireland Limited (Ireland) for users in the European Economic Area (EEA) and Switzerland; General data protection information: «Principles of data protection and security», Privacy Policy, «Google is committed to complying with applicable data protection laws», «Guide to data protection in Google products», «Wie wir Daten von Websites oder Apps verwenden, auf denen unsere Dienste genutzt werden» (Informationen von Google), «Types of cookies and other technologies used by Google», «Personalised Advertising (Enable / Disable / Settings).
- Microsoft Services: Providers: Microsoft Corporation (USA) / Microsoft Ireland Operations Limited (Ireland) for users in the European Economic Area (EEA), the UK, and Switzerland; General data protection information: «Microsoft Privacy», «Data Protection and Privacy (Trust Centre)», Privacy Policy, Data Protection Dashboard (Data and Privacy Settings).
10.1 Digital Infrastructure
We use services from specialised third parties to utilise the digital infrastructure required in connection with our activities and operations. This includes, for example, hosting and storage services from selected providers.
10.2 Audio and Video Conferencing
We use specialised audio and video conferencing services to communicate online. This allows us to hold virtual meetings, for example, or conduct online classes and webinars. In addition, the legal texts of the individual services, such as data protection declarations and terms of use, apply to participation in audio and video conferences.
We recommend, depending on your personal circumstances when participating in audio or video conferences, to mute your microphone by default and to blur your background or use a virtual background.
10.3 Social Media Features and Social Media Content
We use third-party services and plugins to embed social media platform features and content, and to enable sharing of content on social media platforms and through other channels.
We use in particular:
- Facebook (Social Plugins). Embedding Facebook features and Facebook content, for example «Like» or «Share»; providers: Meta Platforms Ireland Limited (Ireland) and further Meta companies (including in the USA); Data protection information: Privacy Policy.
- Instagram platform Embedding Instagram content; Providers: Meta Platforms Ireland Limited (Ireland) and further Meta companies (including in the USA); Data protection information: Privacy Policy (Instagram), Privacy Policy (Facebook).
- LinkedIn Consumer Solutions Platform: Embedding LinkedIn features and content, for example with Plugins as much «Share Plugin»; Provider: Microsoft; LinkedIn-specific details: «Privacy, Privacy Policy, Cookie Policy, Cookie Management / Opting out of email and SMS communication from LinkedIn, Objection to interest-based advertising.
10.4 Maps
We use third-party services to embed maps on our website.
We use in particular:
- Google Maps including Google Maps Platform: Mapping Service; Provider: Google; Google Maps-specific details: «How Google Uses Location Information».
10.5 Digital Audio and Video Content
We use services from specialised third parties to enable the direct playback of digital audio and video content, such as music or podcasts.
We use in particular:
- SoundCloud Music and podcast platform; Provider: SoundCloud Global Limited & Co. KG (Germany); Data protection information: Privacy Policy, Cookie Policy.
- Spotify: Music and podcast platform; provider: Spotify AB (Sweden); data protection information: «Privacy Centre», Privacy Policy.
- Vimeo: Video platform; Provider: Vimeo Inc. (USA); Data protection information: Privacy Policy, «Data protection».
- YouTube Video platform; Provider: Google; YouTube-specific details: «Datenschutz- und Sicherheitscenter», «My data on YouTube».
10.6 Documents
We use third-party services to embed documents into our website. Such documents may include, for example, forms, PDF files, presentations, spreadsheets, and text documents. This allows us not only to enable viewing, but also editing or commenting on such documents.
10.7 Fonts
We use third-party services to embed selected fonts as well as icons, logos, and symbols into our website.
We use in particular:
- Google Fonts: Fonts; Provider: Google; Google Fonts-specific details: «Datenschutz und Google Fonts», «Privacy and data collection».
10.8 Advertising
We are taking the opportunity to specifically Advertising for our activities and tasks to be displayed to third parties, such as social media platforms and search engines.
We particularly want to reach people with such advertising who are already interested in our activities and work, or who might be interested in them (Remarketing and TargetingFor this, we can transmit corresponding - possibly also personal - data to third parties that enable such advertising. We can also determine whether our advertising is successful, meaning in particular whether it leads to visits to our website. (Conversion Tracking).
Third parties with whom we advertise and where you are logged in as a user, may at most associate the use of our online services with your profile there.
We use in particular:
- Facebook-Werbung Social media advertising; Providers: Meta Platforms Ireland Limited (Ireland) and further Meta companies (among other things in the USA); Data protection information: Remarketing and targeting, in particular with Facebook Pixel as Custom Audiences including Lookalike Audiences, Privacy Policy, «Advertising preferences» (Registration as a user required).
- Google Ads Search engine advertising; Provider: Google; Google Ads-specific information: advertising based on search queries, among other things, whereby various domain names – in particular doubleclick.net, googleadservices.com, and googlesyndication.com – are used for Google Ads., «Advertising, «Why am I seeing a specific advertisement?».
- Instagram Ads Social media advertising; Providers: Meta Platforms Ireland Limited (Ireland) and further Meta companies (including in the USA); Data protection information: Remarketing and targeting, in particular with Facebook Pixel as Custom Audiences including Lookalike Audiences, Privacy Policy (Instagram), Privacy Policy (Facebook), «Advertising Preferences (Instagram) (Registration as a user required), «Advertising preferences (Registration as a user required).
- LinkedIn Ads: Social Media advertising; Providers: LinkedIn Corporation (USA) / LinkedIn Ireland Unlimited Company (Ireland); Data protection information: Remarketing and targeting, in particular with the LinkedIn Insight Tag, «Data protection», Privacy Policy, Cookie Policy, Objection to personalised advertising.
11. Website Extensions
We use extensions for our website to be able to use additional functions.
We are using in particular:
- Google reCAPTCHA: Spam protection (distinction between desired comments from humans and unwanted comments from bots, as well as spam); Provider: Google; Google reCAPTCHA-specific information: «What is reCAPTCHA?.
12. Success and Reach Measurement
We are trying to determine how our online offering is used. In this context, for example, we can measure the success and reach of our activities and operations, as well as the impact of third-party links on our website. However, we can also, for example, test and compare how different parts or versions of our online offering are used («A/B testing» method). Based on the results of the success and reach measurement, we can in particular correct errors, strengthen popular content, or make improvements to our online offering.
For measuring success and reach, Internet Protocol (IP) addresses of individual users are stored in most cases. In this instance, IP addresses are Basically shortened («IP masking») to follow the principle of data minimisation through corresponding pseudonymisation.
Cookies may be used for measuring success and reach, and user profiles may be created. Any user profiles created will include, for example, the individual pages visited or content viewed on our website, information on the size of the screen or browser window, and the – at least approximate – location. Fundamentally all user profiles will be created pseudonymously and not used for the identification of individual users. Individual third-party services where users are logged in may possibly associate the use of our online services with the user account or user profile on the respective service.
We use in particular:
- Google Analytics Success and reach measurement; Provider: Google; Google Analytics-specific details: Measurement across different browsers and devices Cross-Device Tracking and with pseudonymised Internet Protocol (IP) addresses, which only exceptionally fully transferred to Google in the USA, «Data protection», «Browser-Add-on zur Deaktivierung von Google Analytics».
- Google Tag Manager: Integration and management of other services for success and reach measurement as well as other services from Google and third parties; Provider: Google; Google Tag Manager-specific details: «Data collected with Google Tag Manager»; Further information on data protection can be found with the individual integrated and managed services.
13. Final Provisions
We have this privacy policy with the Data Protection Generator from Data Protection Partner created.
We may modify and amend this privacy policy at any time. We will provide appropriate notice of such modifications and amendments, in particular by publishing the current version of the privacy policy on our website.