Privacy Policy

With this Privacy Policy we inform you about the personal data we collect in connection with our Activities and tasks including ours leutenegger.com website edit. We provide information in particular on why, how and where we process which personal data. We also provide information about the rights of persons whose data we process.

Further privacy statements and other legal documents such as general terms and conditions (GTCs), terms of use, or participation conditions may apply for individual or additional activities and services.

We are subject to Swiss data protection law as well as any applicable foreign data protection law, such as particularly that of the European Union (EU) with the General Data Protection Regulation (GDPR). The European Commission acknowledges, that Swiss data protection law ensures an adequate level of data protection.

1. Contact addresses

Responsibility for processing personal data:

Leutenegger + Frei Ltd
Stefan Matti
St. Margrethenstrasse 35
9204 Andwil SG
info@leutenegger.com

We will point this out if, in individual cases, there are other controllers responsible for the processing of personal data.

2. Definitions and Legal Foundations

2.1 Terms

Personal Data are all Information relating to an identified or identifiable natural person. Affected person is a person whose personal data we process.

Edit comprises one Handling of personal data, independent of the means and procedures used, for example the querying, matching, adapting, archiving, retaining, reading out, disclosing, procuring, recording, collecting, deleting, revealing, organising, structuring, storing, altering, distributing, linking, destroying and using of personal data.

The European Economic Area (EEA) includes the Member states of the European Union (EU) as well as the Principality of Liechtenstein, Iceland and Norway. The General Data Protection Regulation (GDPR) refers to the processing of personal data as the processing of personal data.

2.2 Legal basis

We process personal data in accordance with Swiss data protection law, in particular the Federal Data Protection Act (Data Protection Act, DSG) and the Data Protection Regulation (Data Protection Regulation, GDPR).

We process personal data – insofar and to the extent that the General Data Protection Regulation (GDPR) applies – in accordance with at least one of the following legal bases:

  • Article 6(1)(b) GDPR for the necessary processing of personal data for the performance of a contract with the data subject, and for the implementation of pre-contractual measures.
  • Art. 6(1)(f) GDPR for the necessary processing of personal data to safeguard our legitimate interests or those of third parties, provided that the fundamental freedoms and fundamental rights, as well as the interests of the data subject, do not prevail. Legitimate interests include, in particular, our interest in being able to carry out and communicate our activities and operations permanently, in a user-friendly, secure and reliable manner, the guarantee of information security, protection against misuse, the enforcement of our own legal claims, and compliance with Swiss law.
  • Art. 6(1)(c) GDPR for the necessary processing of personal data to fulfil a legal obligation to which we are subject under any applicable law of member states in the European Economic Area (EEA).
  • Art. 6(1)(e) GDPR for the necessary processing of personal data for the performance of a task carried out in the public interest.
  • Article 6(1)(a) GDPR for the processing of personal data with the consent of the data subject.
  • Art. 6(1)(d) GDPR for the necessary processing of personal data to protect the vital interests of the data subject or another natural person.

3. Scope, extent and purpose

We process those personal data that required so that we can carry out our activities and operations permanently, in a user-friendly, secure and reliable manner. Such personal data may, in particular, fall into the categories of inventory and contact data, browser and device data, content data, meta or peripheral data and usage data, location data, sales data, and contract and payment data.

We process personal data during that Duration, which is necessary for the respective purpose or purposes or by law. Personal data which are no longer required for processing will be anonymised or deleted.

We can personal data by third parties to process. We may process or transmit personal data jointly with third parties or to third parties. Such third parties are in particular specialized service providers whose services we use. We also ensure data protection with such third parties.

We process personal data only with the consent of the data subject, unless processing is permitted for other legal reasons. Processing without consent may be permitted, for example, for the performance of a contract with the data subject and for corresponding pre-contractual measures, to safeguard our overriding legitimate interests, because the processing is apparent from the circumstances or after prior notification. In addition, personal data is processed for marketing and advertising purposes. This includes, in particular, personal data such as first name, last name and e-mail address. The newsletter can be unsubscribed from at any time using the unsubscribe link at the end of the newsletter.

Within this framework, we process in particular data that a data subject provides when making contact – for example, by post, email, instant messaging, contact form, social media or telephone – or when registering for a user account voluntarily transmitted to us. We can store such details, for example, in an address book, a Customer Relationship Management (CRM) system, or with comparable tools. If we receive data about other individuals, the transmitting individuals are obliged to ensure data protection concerning these individuals, as well as to guarantee the accuracy of this personal data.

We also process personal data that we receive from third parties, obtain from publicly accessible sources, or collect in the course of our activities and operations, insofar as and to the extent that such processing is legally permissible.

4. Applications

We process personal data of applicants to the extent that it is necessary for assessing their suitability for an employment relationship or for the subsequent performance of an employment contract. The personal data required is determined in particular by the information requested, for example, in the context of a job advertisement. We also process personal data that applicants voluntarily disclose or publish, in particular as part of cover letters, CVs and other application documents, as well as online profiles.

We process personal data about applicants – if and to the extent that the GDPR applies – in particular in accordance with Art. 9(2)(b) GDPR.

5. Personal Data Abroad

We are processing personal data Basically in Switzerland and the European Economic Area (EEA). However, we may also export or transmit personal data to other countries, particularly for processing or to have it processed there.

We can process personal data in all States and territories on Earth as elsewhere in Universe to export, provided that the law there according to Resolution of the Swiss Federal Council adequate data protection and, insofar as the General Data Protection Regulation (GDPR) is applicable, in accordance with European Commission Decision ensures adequate data protection.

We may transfer personal data to countries whose laws do not provide adequate data protection, provided that data protection is otherwise ensured, particularly on the basis of standard data protection clauses or with other appropriate safeguards. Exceptionally, we may export personal data to countries without adequate or appropriate data protection if the specific data protection requirements are met, such as the explicit consent of the data subjects or a direct connection with the conclusion or execution of a contract. We are happy to provide data subjects with information about any safeguards or supply a copy of any safeguards upon request.

6. Rights of data subjects

6.1 Data Protection Rights

We grant data subjects all rights in accordance with applicable data protection law. Data subjects have in particular the following rights:

  • Information Affected individuals can request information as to whether we process personal data relating to them, and if so, what personal data this concerns. Affected individuals also receive the information necessary to assert their data protection rights and ensure transparency. This includes the personal data processed as such, but also, among other things, details of the purpose of processing, the duration of storage, any disclosure or export of data to other countries, and the origin of the personal data.
  • Correction and disclaimer: Affected individuals can correct inaccurate personal data, complete incomplete data, and restrict the processing of their data.
  • Deletion and objection: Affected individuals can request the deletion of personal data («right to be forgotten») and object to the processing of their data with effect for the future.
  • Data release and data transfer: Affected persons can request the disclosure of personal data or the transfer of their data to another controller.

We can postpone, restrict, or refuse the exercise of data subject rights within the legally permissible framework. We can inform data subjects of any prerequisites that may need to be met for the exercise of their data protection claims. For example, we may refuse disclosure, in whole or in part, by referring to trade secrets or the protection of other persons. By way of example, we may also refuse the deletion of personal data, in whole or in part, by referring to statutory retention obligations.

We can for the exercise of the rights exceptionally Costs to be anticipated. We will inform affected persons in advance of any potential costs.

We are obliged to identify data subjects who request information or assert other rights with appropriate measures. Data subjects are obliged to cooperate.

6.2 Right to complain

Affected individuals have the right to enforce their data protection rights through legal proceedings or to lodge a complaint with a competent data protection supervisory authority.

Federal Data Protection and Information Commissioner (FDPIC) Federal Data Protection and Information Commissioner (EDÖB).

Data subjects have the right, if and to the extent that the General Data Protection Regulation (GDPR) applies, to lodge a complaint with a competent European data protection supervisory authority to raise.

7. Data Security

We take appropriate technical and organisational measures to ensure data security commensurate with the respective risk. However, we cannot guarantee absolute data security.

Access to our website is via transport encryption (SSL / TLS, in particular with Hypertext Transfer Protocol Secure, abbreviated HTTPS). Most browsers indicate transport encryption with a padlock in the address bar.

Our digital communication is subject – as Basically All digital communication – mass surveillance without cause or suspicion, and other surveillance by security authorities in Switzerland, the rest of Europe, the United States of America (USA) and other states. We cannot directly influence the corresponding processing of personal data by intelligence services, police forces and other security authorities.

8. Website Usage

8.1 Cookies

We can use cookies. Cookies – both first-party cookies and third-party cookies from services we use – are data stored in the browser. Such stored data is not necessarily limited to traditional text-based cookies.

Cookies can be temporarily stored in the browser as «session cookies» or for a specific period as so-called permanent cookies. «Session cookies» are automatically deleted when the browser is closed. Permanent cookies have a fixed storage duration. Cookies make it possible, in particular, to recognise a browser on your next visit to our website and thereby measure the reach of our website, for example. Permanent cookies can, however, also be used for online marketing, for example.

Cookies can be deactivated in whole or in part at any time in the browser settings and deleted. Without cookies, our website may not be fully available at best. We request your express consent to the use of cookies, at least where and to the extent necessary.

For cookies used for success and reach measurement or for advertising, a general objection («opt-out») is possible for numerous services via the AdChoices (Digital Advertising Alliance of Canada), which Network Advertising Initiative (NAI), YourAdChoices (Digital Advertising Alliance) or Your Online Choices (European Interactive Digital Advertising Alliance, EDAA) is possible.

8.2 Server Log Files

We may record the following information for each access to our website, provided it is transmitted by your browser to our server infrastructure or can be determined by our web server: Date and time including time zone, Internet Protocol (IP) address, access status (HTTP status code), operating system including user interface and version, browser including language and version, individual sub-page of our website accessed including amount of data transferred, website last accessed in the same browser window (Referer or Referrer).

We store such information, which may also constitute personal data, in server log files. The information is required to provide our website permanently, in a user-friendly and reliable manner, and to ensure data security and, in particular, the protection of personal data – also by third parties or with the assistance of third parties.

8.3 Tracking pixels

We can use counting pixels on our website. Counting pixels are also referred to as web beacons. Counting pixels – including those from third parties whose services we use – are small, typically invisible images that are automatically retrieved when you visit our website. Counting pixels can collect the same information as server log files.

9. Social Media

We have a presence on social media and other online platforms to communicate with interested individuals and inform them about our activities and operations. In connection with such platforms, personal data may also be processed outside of Switzerland and the European Economic Area (EEA).

The General Terms and Conditions (GTC) and terms of use, as well as data protection declarations and other provisions of the individual operators of such platforms, also apply in each case. These provisions provide information, in particular, about the rights of data subjects directly vis-à-vis the respective platform, which includes, for example, the right of access.

For our Facebook social media presence including the so-called Page Insights, we are – insofar and to the extent that the General Data Protection Regulation (GDPR) is applicable – jointly responsible with Meta Platforms Ireland Limited (Ireland). Meta Platforms Ireland Limited is part of the Meta Companies (amongst other places in the USA). Page Insights provide information on how visitors interact with our Facebook presence. We use Page Insights to effectively and user-friendly provide our social media presence on Facebook.

Further details on the type, scope and purpose of data processing, information on the rights of data subjects and the contact details of Facebook as well as Facebook's data protection officer can be found in the Facebook Privacy Policy. We have the so-called with Facebook «Additional information for those responsible» completed, and thus it is particularly agreed that Facebook is responsible for ensuring the rights of data subjects. The corresponding information for so-called Page Insights can be found on the page «Information on Page Insights» including «Information about page insights data».

10. Third-party services

We use services from specialised third parties to ensure that our activities and operations can be carried out permanently, in a user-friendly, secure, and reliable manner. Such services allow us, among other things, to embed functions and content into our website. When such content is embedded, the services used collect users' Internet Protocol (IP) addresses, at least temporarily, for technical reasons.

For necessary safety-related, statistical, and technical purposes, third parties whose services we use may process data in an aggregated, anonymised, or pseudonymised form in connection with our activities and operations. For example, this includes performance or usage data in order to be able to offer the respective service.

We use in particular:

10.1 Digital Infrastructure

We use services from specialised third parties to utilise the digital infrastructure required in connection with our activities and operations. This includes, for example, hosting and storage services from selected providers.

10.2 Audio and Video Conferencing

We use specialised audio and video conferencing services to communicate online. This allows us to hold virtual meetings, for example, or conduct online classes and webinars. In addition, the legal texts of the individual services, such as data protection declarations and terms of use, apply to participation in audio and video conferences.

We recommend, depending on your personal circumstances when participating in audio or video conferences, to mute your microphone by default and to blur your background or use a virtual background.

10.3 Social Media Features and Social Media Content

We use third-party services and plugins to embed social media platform features and content, and to enable sharing of content on social media platforms and through other channels.

We use in particular:

10.4 Maps

We use third-party services to embed maps on our website.

We use in particular:

10.5 Digital Audio and Video Content

We use services from specialised third parties to enable the direct playback of digital audio and video content, such as music or podcasts.

We use in particular:

10.6 Documents

We use third-party services to embed documents into our website. Such documents may include, for example, forms, PDF files, presentations, spreadsheets, and text documents. This allows us not only to enable viewing, but also editing or commenting on such documents.

10.7 Fonts

We use third-party services to embed selected fonts as well as icons, logos, and symbols into our website.

We use in particular:

10.8 Advertising

We are taking the opportunity to specifically Advertising for our activities and tasks to be displayed to third parties, such as social media platforms and search engines.

We particularly want to reach people with such advertising who are already interested in our activities and work, or who might be interested in them (Remarketing and TargetingFor this, we can transmit corresponding - possibly also personal - data to third parties that enable such advertising. We can also determine whether our advertising is successful, meaning in particular whether it leads to visits to our website. (Conversion Tracking).

Third parties with whom we advertise and where you are logged in as a user, may at most associate the use of our online services with your profile there.

We use in particular:

11. Website Extensions

We use extensions for our website to be able to use additional functions.

We are using in particular:

  • Google reCAPTCHA: Spam protection (distinction between desired comments from humans and unwanted comments from bots, as well as spam); Provider: Google; Google reCAPTCHA-specific information: «What is reCAPTCHA?.

12. Success and Reach Measurement

We are trying to determine how our online offering is used. In this context, for example, we can measure the success and reach of our activities and operations, as well as the impact of third-party links on our website. However, we can also, for example, test and compare how different parts or versions of our online offering are used («A/B testing» method). Based on the results of the success and reach measurement, we can in particular correct errors, strengthen popular content, or make improvements to our online offering.

For measuring success and reach, Internet Protocol (IP) addresses of individual users are stored in most cases. In this instance, IP addresses are Basically shortened («IP masking») to follow the principle of data minimisation through corresponding pseudonymisation.

Cookies may be used for measuring success and reach, and user profiles may be created. Any user profiles created will include, for example, the individual pages visited or content viewed on our website, information on the size of the screen or browser window, and the – at least approximate – location. Fundamentally all user profiles will be created pseudonymously and not used for the identification of individual users. Individual third-party services where users are logged in may possibly associate the use of our online services with the user account or user profile on the respective service.

We use in particular:

13. Final Provisions

We have this privacy policy with the Data Protection Generator from Data Protection Partner created.

We may modify and amend this privacy policy at any time. We will provide appropriate notice of such modifications and amendments, in particular by publishing the current version of the privacy policy on our website.