Privacy Policy

Privacy Policy

We are very pleased about your interest in our company. Privacy holds a particularly high priority for the management of Gabriel-Glas (Switzerland) GmbH. The use of the websites of Gabriel-Glas (Switzerland) GmbH is generally possible without providing any personal data.

In this privacy policy, we, Gabriel-Glas (Switzerland) GmbH (hereinafter referred to as “we”), describe how we collect and process personal data. This privacy policy is not exhaustive; other statements related to data protection may regulate specific situations. Personal data, for the purposes of this privacy policy, refers to any information related to an identified or identifiable person.

  1. Responsible Entity and Contact

The entity responsible for the data processing we describe here is Gabriel-Glas (Switzerland) GmbH, unless specified otherwise in individual cases. Inquiries concerning data protection can be directed to us, accompanied by a copy of the ID or passport to identify the user, by letter or email at: Gabriel-Glas (Switzerland) GmbH, Unterdorfstrasse 21, 6274 Eschenbach/ Switzerland / Tel: +41 41 448 19 16 / welcome@gabriel-glas.com

  1. Collection and Processing of Personal Data

We primarily process personal data in the following categories:

  • Customer data from customers to whom we offer or have offered services.
  • Personal data that we indirectly receive from our customers during service provision.
  • When visiting our website
  • During the use of our newsletter
  • When participating in an event we organize.
  • During communications or visits.
  • In other contractual relationships, e.g., as a supplier, service provider, or consultant.
  • During job applications
  • When legally or regulatory obliged to do so.
  • When observing our due diligence or other legitimate interests, e.g., to avoid conflicts of interest, prevent money laundering or other risks, ensure data accuracy, check creditworthiness, ensure security, or assert our rights.

More detailed information can be found in the description of each category of processing in section 5.

  1. Categories of Personal Data

The type of personal data we process depends on your relationship with us and the purpose for which we process it. Apart from your contact details, we also process additional information about you or people associated with you. This information can, in certain circumstances, also include particularly sensitive personal data.

We collect the following categories of personal data, depending on the purpose of the processing:

  • Contact details (e.g., first name, last name, address, phone number, email)
  • Customer information (e.g., date of birth, nationality, marital status, profession, title, position, passport/ ID number, AHV number)
  • Risk assessment data (e.g., creditworthiness information, trade register data)
  • Financial information (e.g., bank account details)
  • Mandate data, depending on the order (e.g., tax information, statutes, protocols, employee data (e.g., salary, social insurance), accounting data, beneficial owners, ownership structures)
  • Website data (e.g., IP address, device information (UDI), browser info, website usage (analysis and use of plugins, etc.)
  • Application data (e.g., CV, work references)
  • Marketing information (e.g., newsletter sign-up)
  • Security and network data (e.g., visitor lists, access controls, network and mail scanner, call lists)

Where permitted, we also obtain certain data from publicly accessible sources (e.g., debt collection registers, land registers, trade registers, press, internet) or receive such from our clients and their employees, from authorities, (arbitration) courts, and other third parties. In addition to the data about you that you provide directly to us, the categories of personal data that we receive about you from third parties include information from public registers, information related to official and legal procedures, information related to your professional functions and activities (for instance, to conclude and process business with your employer), credit reports, information about you from people in your environment (family, consultants, legal representatives, etc.) so that we can conclude or process contracts with you or involving you (e.g., references, your delivery address, powers of attorney), information about you for our compliance with legal requirements (e.g., anti-money laundering and export regulations).

  1. Purpose of Data Processing and Legal Basis
    4.1 Provision of Services

We primarily process personal data that we receive from our clients in the context of our client relationships and other contractual relationships with business partners.

Specifically, the personal data of our clients includes the following information:

  • Contact information (e.g. name, first name, address, phone number, email, other contact details)
  • Personal information (e.g. date of birth, nationality, marital status, profession, title, position, passport/ID number, social security number, family circumstances, etc.)
  • Risk assessment data (e.g. credit information, commercial register data, sanction lists, specialized databases, internet data)
  • Financial information (e.g. bank account details, investments or holdings)
  • Client data, depending on the assignment e.g. tax information, statutes, protocols, employee data (e.g. salary, social insurance), accounting data, etc.
  • Specially protected personal data: This may also include sensitive personal data such as health data, religious beliefs, or social assistance measures, especially when we provide payroll or accounting services.

We process this personal data for the described purposes based on the following legal grounds:

  • Completion or execution of a contract with or for the benefit of the affected person, including contract initiation and potential enforcement (e.g. consulting, trust)
  • Fulfillment of a legal obligation (e.g., when we fulfill our duties as auditors for the “Gewerbe Treuhand Luzern” or are required to disclose information)
  • Protection of legitimate interests, (e.g. for administrative purposes, quality improvement, ensuring security, risk management, enforcing our rights, defending against claims, or checking for potential conflicts of interest)
  • Consent (e.g. to send you marketing information).

 4.2 Indirect Data Processing from Service Provision

When providing services for our clients, we may also process personal data that we did not collect directly from the affected persons or personal data of third parties. These third parties are typically employees, contact persons, family members, or individuals associated with the client or the affected persons for other reasons. We need this personal data to fulfill contracts with our clients. We receive this data from our clients or from third parties commissioned by our clients. Third parties, whose information we process for this purpose, are informed by our clients about our processing. Our clients can refer to this data protection declaration.

The personal data of people related to our clients includes:

  • Contact information (e.g. name, first name, address, phone number, email, other contact details, marketing data)
  • Personal information (e.g. date of birth, nationality, marital status, profession, title, position, passport/ID number, social security number, family circumstances, etc.)
  • Financial information (e.g. bank account details, investments or holdings)
  • Client data, depending on the assignment e.g. tax information, statutes, protocols, employee data (e.g. salary, social insurance), accounting data
  • Specially protected personal data: This can also include sensitive personal data such as health data, religious beliefs, or social assistance measures, especially when we provide payroll or accounting services.

We process this personal data for the described purposes based on the following legal grounds:

  • Completion or execution of a contract with or for the benefit of the affected person (e.g., when we fulfill our contractual obligations)
  • Fulfillment of a legal obligation (e.g., when we fulfill our auditing duties or are required to disclose information)
  • Protection of legitimate interests, especially our interest in providing optimal service to our clients.

 4.3 Use of Our Website

No personal data needs to be disclosed to use our website. However, with each call-up, the server captures a series of user information, which is temporarily stored in the server’s log files.

This general information does not relate to any specific individual. The collection of this information or data is technically necessary to display our website and ensure its stability and security. This information is also collected to improve the website and analyze its usage.

This specifically includes the following information: 

  • Contact information (e.g., name, first name, address, telephone number, e-mail)
  • Other information that you transmit to us via the website
  • Technical information automatically sent to us or our service providers, user behavior information, or website settings (e.g., IP address, UDI, device type, browser, number of clicks on the site, opening newsletters, clicking on links, etc.)

We process this personal data for the described purposes based on the following legal grounds:

  • Pursuing legitimate interests (e.g., for administrative purposes, improving quality, analyzing data, or promoting our services)
  • Consent (e.g., for the use of cookies or newsletters).

 4.4 Newsletter Use

If you subscribe to our newsletter, we use your email address and other contact data to send you the newsletter. You can subscribe to our newsletter with your consent. The mandatory information for sending the newsletter is your full name and your email address, which we save after your registration. The legal basis for processing your data in connection with our newsletter is your consent to the sending of the newsletter. You can revoke this consent and unsubscribe from the newsletter at any time.

4.5 Participation in Events

If you participate in an event organized by us, we collect personal data to organize and conduct the event and possibly send you additional information afterward. We also use your information to inform you about other events. At these events, we may photograph or film you and publish this material internally or externally.

This specifically includes the following information:

  • Contact information (e.g., name, first name, address, telephone number, email)
  • Personal information (e.g., profession, role, title, employing company, dietary habits)
  • Images or videos
  • Payment information (e.g., bank details).

We process this personal data for the described purposes based on the following legal grounds:

  • Fulfillment of a contractual obligation with or for the benefit of the affected person, including contract initiation and any enforcement (enabling participation in the event)
  • Pursuing legitimate interests (e.g., conducting events, disseminating event information, providing services, efficient organization)
  • Consent (e.g., to send you marketing information or create visual material).

4.6 Direct Communication and Visits

If you contact us (e.g., by phone, email, or chat) or we contact you, we process the necessary personal data. We also process this personal data when you visit us. In this case, you may have to leave your contact details before your visit or at the reception. These are retained by us for some time to protect our infrastructure and information.

For conducting telephone conferences, online meetings, video conferences, and/or webinars (online meetings), we use the Zoom or Microsoft Teams service. We process, in particular, the following information:

  • Contact information (e.g., name, first name, address, phone number, email)
  • Communication-related data (e.g., IP address, communication duration, communication channel)
  • Recordings of conversations, e.g., during video conferences (only with the consent of all participants)
  • Other information that the user uploads, provides, or creates during the use of the video conferencing service, metadata used to maintain the provided service. Additional information on the processing of personal data by Zoom or Microsoft Teams can be found in their privacy policies.
  • Personal information (e.g., profession, role, title, employing company)
  • Date and reason for the visit.

We process this personal data for the described purposes based on the following legal grounds:

  • Fulfillment of a contractual obligation with or for the benefit of the affected person, including contract initiation and any enforcement (provision of a service)
  • Pursuing legitimate interests (e.g., security, traceability, and management and administration of customer relationships).
4.7 Applications

You can submit your application for a position with us by post or via the email address provided on our website. The application documents and all personal data disclosed to us are treated strictly confidentially, not disclosed to third parties, and are only processed for the purpose of processing your application for employment with us. Without your contrary consent, your application file will either be returned to you or deleted/destroyed after the completion of the application process, unless it is subject to a legal retention requirement. The legal basis for processing your data is your consent, the fulfillment of the contract with you, and our legitimate interests.

We process, in particular, the following information:

  • Contact information (e.g., name, first name, address, telephone number, email)
  • Personal information (e.g., profession, role, title, employing company)
  • Application documents (e.g., cover letter, certificates, diplomas, CV)
  • Assessment information (e.g., recruitment consultant assessment, reference information, assessments)

We process this personal data for the described purposes based on the following legal grounds:

  • Pursuing legitimate interests (e.g., hiring new employees)
  • Consent.

 4.8 Suppliers, Service Providers, Other Contractual Partners

If we enter into a contract with you for you to provide a service for us, we process personal data from you or your employees. We need this to communicate with you and utilize your services. We may also process this personal data to check for a conflict of interest related to our activity for our audit office (Gewerbe Treuhand Luzern) and to ensure that we do not assume unwanted risks, e.g., in relation to money laundering or sanctions.

We process, in particular, the following information:

  • Contact information (e.g., name, first name, address, phone number, email)
  • Personal information (e.g., profession, role, title, employing company)
  • Payment information (e.g., bank details)

We process this personal data for the described purposes based on the following legal grounds:

  • Fulfillment of a contractual obligation with or for the benefit of the affected person, including contract initiation and any enforcement (provision of a service)
  • Pursuing legitimate interests (e.g., effective management, and administration of business relationships).
  1. Tracking Technologies

We use cookies on our website. These are small files that your browser automatically creates and which are stored on your device (laptop, tablet, smartphone, etc.) when you visit our site.

Cookies store information that arises in connection with the specific device being used. However, this does not mean that we directly become aware of your identity. The use of cookies serves, on the one hand, to make the use of our offer more pleasant for you. For example, we use session cookies to recognize that you have already visited individual pages of our website. These are automatically deleted after leaving our site.

Furthermore, for the purpose of user-friendliness, we also use temporary cookies, which are stored on your device for a specified period of time. If you visit our site again to use our services, it is automatically recognized that you have been with us before and which inputs and settings you have made so that you don’t have to enter them again. On the other hand, we use cookies to statistically record the use of our website and to evaluate it for the purpose of optimizing our offer for you. These cookies enable us to automatically recognize that you have already been with us when you visit our site again. These cookies are automatically deleted after a defined period of time.

The data processed by cookies is necessary for the aforementioned purposes. Most browsers accept cookies automatically. However, you can configure your browser so that no cookies are stored on your computer or a message always appears before a new cookie is created. The complete deactivation of cookies may, however, result in you not being able to use all functions of our website.

  1. Web and Newsletter Analysis

To gain insight into the use of our website, improve our internet offer, and also address you with advertising on third-party websites or on social media, we use the following web analysis tools and retargeting technologies: Google Analytics, Google Ads, Woo-Commerce, Meta (Facebook/Instagram), LinkedIn, TikTok, and BREVO (Newsletter).

These tools are provided by third parties. Typically, the information collected about the use of a website through the use of cookies or similar technologies is transmitted to the third party’s server. Depending on the third party, these servers are located abroad.

The data is usually transmitted after truncation of the IP addresses, preventing the identification of individual devices. A transfer of this information by third parties only takes place due to legal regulations or as part of order data processing.

6.1 Google Analytics

We use Google Analytics on our websites, a web analysis service of Google LLC, Mountain View, California, USA; responsible for Europe is Google Limited Ireland (“Google”). To deactivate Google Analytics, Google provides a browser plugin at https://tools.google.com/dlpage/gaoptout?hl=en. Google Analytics uses cookies. These are small text files that enable user-related information to be stored on the user’s device. These allow an analysis of our website offer by Google. The information collected by the cookie about the use of our pages (including your IP address) is usually transmitted to a Google server in the USA and stored there. We note that on this website, Google Analytics has been extended with the code “gat._anonymizeIp();” to ensure anonymous collection of IP addresses (so-called IP masking). If anonymization is active, Google shortens IP addresses within member states of the European Union or in other contracting states of the Agreement on the European Economic Area, so no conclusions about your identity are possible. Only in exceptional cases will the full IP address be sent to a Google server in the US and shortened there. Google may also associate your IP address with other Google data. For data transfers to the USA, Google has committed to signing and adhering to the EU standard contractual clauses.

6.2 Google Maps

We use Google Maps (API) on our website from Google Inc. (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; responsible for Europe is Google Limited Ireland, “Google”). Google Maps is a web service for displaying interactive (land) maps to visually present geographic information. By using this service, our location is shown to you and a possible approach is facilitated. As soon as you access the subpages in which the map from Google Maps is integrated, information about your use of our website (e.g., your IP address) is transmitted to Google servers in the USA and stored there. This happens regardless of whether Google provides a user account that you are logged in to or if there is no user account. If you are logged in to Google, your data will be directly linked to your account. If you do not want to be associated with your profile on Google, you must log out before activating the button. Google stores your data (even for users who are not logged in) as usage profiles and evaluates them.

For data transfers to the USA, Google has committed to signing and adhering to the EU standard contractual clauses.

6.3 Social Media Plugins

On our website, we use so-called social media plugins (“Plugins”) from third-party providers. The plugins can be recognized by the logo of the respective social network. Through the plugins, we offer you the opportunity to interact with social networks and other users. We use the following plugins on our website: Meta (Facebook/Instagram), LinkedIn, TikTok, YouTube. When you access our website, your browser establishes a direct connection to the servers of the third party. The content of the plugin (e.g., YouTube videos) is transmitted directly from the respective third party to your browser and integrated into the page.

Data transfer for the display of content (e.g., publications on Meta) takes place regardless of whether you have an account with the third-party provider and are logged in there. If you are logged into the third-party provider, the data collected from us is also directly associated with your account with the third-party provider. If you activate the plugins, the information is also published in the social network and displayed there to your contacts. Please refer to the data protection notices of the third-party providers for the purpose and scope of data collection and further processing and use of the data by third parties, as well as your related rights and settings options for protecting your privacy. The third party stores the data collected about you as user profiles and uses them for advertising, market research, and/or demand-oriented design of its website. Such an evaluation is also carried out for users who are not logged in, in particular to display demand-oriented advertising and to inform other users of the social network about your activities on our website. If you want to prevent the third-party providers from associating the data collected via our web presence with your personal profile in the respective social network, you must log out of the respective social network before visiting our website. You can also completely prevent the loading of plugins with specialized add-ons for your browser, such as “Ghostery” (https://www.ghostery.com/) or “NoScript” (http://noscript.net/).

6.4 Newsletter Tracking

We use the software BREVO, formerly Sendinblue, to send our newsletters. With this software, newsletters can be sent and analyzed. To carry out this analysis, we collect device and access data. To collect this, the newsletter contains a pixel. The newsletter or the websites accessible from this newsletter are also tracked with cookies. A pixel is an image file that is stored on the recipient’s device.

With the help of these technologies, we receive information about whether the newsletter has arrived, has been opened, and which contents have been clicked. We use this information to improve our newsletter and our offers. The setting of a pixel can be prevented by deactivating HTML in the mail program (varies depending on the mail program).

  1. Data Sharing and Data Transmission

We only pass on your data to third parties if this is necessary to provide our service, if these third parties provide a service for us, if we are legally or officially obliged to do so, or if we have a predominant interest in sharing the personal data. We will also share personal data with third parties if you have given your consent or have requested us to do so.

Not all personal data is transmitted in encrypted form by default. Unless explicitly agreed otherwise with the customer, accounting data, payroll administration data, payroll statements, and payroll certificates are transmitted unencrypted (but with the highest security and confidentiality).

The following categories of recipients may receive personal data from us:
•    Parent company: Gabriel-Glas GmbH, Schwarzstrasse 9, A-5400 Hallein.
•    Audit office: Gewerbe Treuhand Luzern
•    Service providers (e.g., IT service providers, hosting providers, suppliers, consultants, lawyers, insurance companies).
•    Third parties within the scope of our legal or contractual obligations, authorities, state institutions, courts.

We conclude contracts with service providers who process personal data on our behalf, obliging them to ensure data protection. Our service providers are mainly located in Switzerland or in the EU / EEA. Certain personal data may also be transferred to the USA (e.g., Google Analytics data) or in exceptional cases to other countries worldwide. If data transfer to other countries that do not have an adequate level of data protection is necessary, this takes place on the basis of EU standard contractual clauses (e.g., in the case of Google) or other suitable instruments).

  1. Duration of Retention of Personal Data

We process and store your personal data as long as it is necessary to fulfill our contractual and legal obligations or other purposes pursued with processing, i.e., for example, for the duration of the entire business relationship (from initiation, processing to the termination of a contract) and beyond in accordance with statutory retention and documentation obligations. It is possible that personal data will be retained for the time during which claims can be asserted against our company (i.e., especially during the statutory limitation period) and to the extent that we are otherwise legally obliged to do so or if legitimate business interests require it (e.g., for evidence and documentation purposes). As soon as your personal data is no longer required for the above-mentioned purposes, they will generally be deleted or anonymized wherever possible. For operational data (e.g., system logs, logs), shorter retention periods of twelve months or less generally apply.

  1. Data Security

We take appropriate technical and organizational security measures to protect your personal data from unauthorized access and misuse, such as the issuance of instructions, training, IT and network security solutions, access controls and restrictions, encryption of data carriers and transmissions, pseudonymization, and controls.

  1. Obligation to Provide Personal Data

In the context of our business relationship, you must provide the personal data necessary for the initiation and implementation of a business relationship and the fulfillment of the associated contractual obligations (you generally do not have a legal obligation to provide us with data). Without this data, we will not be able to conclude or process a contract with you (or the entity or person you represent). The website also cannot be used if certain information to ensure data traffic (e.g., IP address) is not disclosed.

  1. Your Rights

In connection with our processing of personal data, you have the following rights:

  • Right to information about personal data stored with us, the purpose of processing, the origin, and the recipients or categories of recipients to whom personal data is passed on.
  • Right to correction if your data is incorrect or incomplete.
  • Right to restrict the processing of your personal data
  • Right to request the deletion of processed personal data
  • Right to data portability
  • Right to object to data processing or to revoke consent to the processing of personal data at any time without giving reasons.
  • Right to complain to a competent supervisory authority, if provided for by law.

To assert these rights, please contact the address given in section 1.

Please note, however, that we reserve the right to assert the legally provided restrictions, e.g., if we are obliged to store or process certain data, have an overriding interest in it (insofar as we may invoke it), or need it to assert claims. If costs arise for you, we will inform you in advance.

  1. Changes to the Privacy Policy

We expressly reserve the right to change this privacy policy at any time.
Last update: August 2023

0
    0
    Your Cart
    Your cart is empty
      Calculate Shipping
      Apply Coupon