contact@techway.ch
+41 44 585 23 09
TECHWAY Schweiz Logo
EN
DEFRIT

Privacy Policy

Data Protection

With this privacy policy, we explain which personal data we process for what purpose, how and where, particularly in connection with our website https://techway.ch and our other services. We also inform you about the rights of individuals whose data we process.

For individual or additional offerings and services, specific, supplementary or further privacy policies as well as other legal documents such as general terms and conditions, terms of use or participation conditions may apply.

Our offering is subject to Swiss data protection law as well as any applicable foreign data protection law, particularly that of the European Union (EU) with the General Data Protection Regulation (GDPR). The European Commission recognises that Swiss data protection law ensures an adequate level of protection.

1. CONTACT ADDRESSES

Responsibility for processing personal data:

Techway GmbH | Dufourstrasse 43 | 8008 Zurich | contact@techway.ch

We will point out if, in individual cases, there are other controllers responsible for processing personal data.

2. PROCESSING OF PERSONAL DATA

2.1) Definitions

Personal data means all information relating to an identified or identifiable individual. A data subject is a person about whom personal data is processed. Processing encompasses any handling of personal data, regardless of the means and procedures used, particularly storing, disclosing, procuring, collecting, deleting, saving, altering, destroying and using personal data.

The European Economic Area (EEA) comprises the European Union (EU) as well as the Principality of Liechtenstein, Iceland and Norway. The General Data Protection Regulation (GDPR) refers to the processing of personal data as processing of personal data.

2.2) Legal bases

We process personal data in accordance with Swiss data protection law, particularly the Federal Act on Data Protection (FADP) and the Ordinance to the Federal Act on Data Protection (OFADP).

Where and to the extent the General Data Protection Regulation (GDPR) applies, we process personal data on the basis of at least one of the following legal bases:

Art. 6 para. 1 lit. b GDPR for the processing of personal data necessary for the performance of a contract with the data subject and for carrying out pre-contractual measures.
Art. 6 para. 1 lit. f GDPR for the processing of personal data necessary to safeguard our legitimate interests or those of third parties, unless the fundamental freedoms and rights as well as interests of the data subject prevail. Legitimate interests include, in particular, our interest in providing our offering on a permanent, user-friendly, secure and reliable basis and being able to advertise it where necessary, information security and protection against misuse and unauthorised use, the enforcement of our own legal claims and compliance with Swiss law.
Art. 6 para. 1 lit. c GDPR for the processing of personal data necessary for compliance with a legal obligation to which we are subject under any applicable law of member states in the European Economic Area (EEA).
Art. 6 para. 1 lit. e GDPR for the processing of personal data necessary for the performance of a task carried out in the public interest.
Art. 6 para. 1 lit. a GDPR for the processing of personal data with the consent of the data subject.
Art. 6 para. 1 lit. d GDPR for the processing of personal data necessary to protect the vital interests of the data subject or another natural person.

2.3) Type, scope and purpose

We process the personal data necessary to provide our offering on a permanent, user-friendly, secure and reliable basis. Such personal data may fall into the categories of inventory and contact data, browser and device data, content data, meta or peripheral and usage data, location data, sales, contract and payment data.

We process personal data for the duration required for the respective purpose or purposes or as required by law. Personal data that is no longer necessary will be anonymised or deleted. Individuals whose data we process generally have a right to erasure.

We generally process personal data only with the consent of the data subject, unless processing is permitted for other legal reasons, for example to perform a contract with the data subject and for corresponding pre-contractual measures, to safeguard our overriding legitimate interests, because processing is evident from the circumstances or after prior information.

In this context, we particularly process information voluntarily and directly provided to us by a data-subject person when making contact – for example by postal mail, email, contact form, social media or telephone – or when registering for a user account. We may store such information, for example, in an address book or comparable tools. If you transmit personal data about third parties to us, you are obliged to ensure data protection for such third parties and to guarantee the accuracy of such personal data.

We also process personal data that we receive from third parties, obtain from publicly accessible sources or collect in the course of providing our offering, insofar as such processing is legally permissible.

2.4) Processing of personal data by third parties, including abroad

We may have personal data processed by commissioned third parties or process it jointly with third parties and with the help of third parties or transmit it to third parties. Such third parties are in particular providers whose services we use. We ensure adequate data protection with such third parties as well.

Such third parties are generally located in Switzerland and in the European Economic Area (EEA). Such third parties may, however, also be located in other states and territories on Earth and elsewhere in the universe, provided their data protection law ensures an adequate level of protection according to the Federal Data Protection and Information Commissioner (FDPIC) and – where and to the extent the General Data Protection Regulation (GDPR) applies – according to the European Commission, or if adequate data protection is ensured for other reasons, such as by means of a corresponding contractual agreement, particularly on the basis of standard contractual clauses, or by means of a corresponding certification. In exceptional cases, such a third party may be located in a country without adequate data protection, provided the data protection requirements such as the explicit consent of the data subject are met.

3. RIGHTS OF DATA SUBJECTS

Data subjects whose personal data we process have the rights under Swiss data protection law. These include the right of access as well as the right to rectification, erasure or blocking of processed personal data.

Data subjects whose personal data we process may – where and to the extent the General Data Protection Regulation (GDPR) applies – obtain, free of charge, confirmation as to whether we process their personal data and, if so, information about such processing, request restriction of processing of their personal data, exercise their right to data portability, and have their personal data rectified, erased (“right to be forgotten”), blocked or completed.

Data subjects whose personal data we process may – where and to the extent the GDPR applies – withdraw consent granted at any time with effect for the future and object at any time to the processing of their personal data.

Data subjects whose personal data we process have the right to lodge a complaint with a competent supervisory authority. The supervisory authority for data protection in Switzerland is the Federal Data Protection and Information Commissioner (FDPIC).

4. DATA SECURITY

We take appropriate and suitable technical and organisational measures to ensure data protection and, in particular, data security. However, processing personal data on the internet may always involve security gaps despite such measures. We therefore cannot guarantee absolute data security.

Access to our online offering is provided by means of transport encryption (SSL / TLS, particularly with Hypertext Transfer Protocol Secure, abbreviated HTTPS). Most browsers indicate transport encryption with a padlock in the address bar.

Access to our online offering is subject – as is any use of the internet – to indiscriminate and suspicionless mass surveillance and other monitoring by security authorities in Switzerland, in the European Union (EU), in the United States of America (USA) and in other countries. We have no direct influence on the corresponding processing of personal data by intelligence services, police authorities and other security authorities.

5. USE OF THE WEBSITE

5.1) Cookies

We may use cookies for our website. Cookies – our own cookies (first-party cookies) as well as cookies from third parties whose services we use (third-party cookies) – are data stored in your browser. Such stored data need not be limited to traditional text cookies. Cookies cannot run programs or transmit malware such as trojans and viruses.

Cookies may be stored in your browser as “session cookies” during your visit to our website or as so-called permanent cookies for a specific period. “Session cookies” are automatically deleted when you close your browser. Permanent cookies have a specific storage duration. They enable your browser to be recognised the next time you visit our website and thus, for example, allow us to measure the reach of our website. Permanent cookies may also be used for online marketing, for example.

You can disable and delete cookies in your browser settings at any time, in whole or in part. Without cookies, our website may no longer be fully available. We will – where and to the extent required – actively request your explicit consent to the use of cookies.

For cookies used for success and reach measurement or for advertising, a general opt-out is possible for numerous services via the Network Advertising Initiative (NAI), YourAdChoices (Digital Advertising Alliance) or Your Online Choices (European Interactive Digital Advertising Alliance, EDAA).

5.2) Server log files

For each access to our website, we may collect the following information, provided it is transmitted by your browser to our server infrastructure or can be determined by our web server: date and time including time zone, internet protocol (IP) address, access status (HTTP status code), operating system including user interface and version, browser including language and version, individual subpage of our website accessed including transmitted data volume, and the last website accessed in the same browser window (referrer).

We store such information, which may also constitute personal data, in server log files. This information is necessary to provide our online offering on a permanent, user-friendly and reliable basis and to ensure data security and thus, in particular, the protection of personal data – also by third parties or with the help of third parties.

5.3) Tracking pixels

We may use tracking pixels on our website. Tracking pixels are also called web beacons. Tracking pixels – including those from third parties whose services we use – are small, usually invisible images that are automatically retrieved when visiting our website. Tracking pixels can capture the same information as server log files.

5.4) Comments

We enable you to publish comments on our website. In this context, we process in particular the information provided directly to us by a commenting person, as well as the internet protocol (IP) address used and date and time. This information is required to enable the publication of comments and to ensure protection against misuse, which is in our overriding legitimate interest.

6. NOTIFICATIONS AND COMMUNICATIONS

We send notifications and communications such as newsletters by email and via other communication channels such as instant messaging.

6.1) Success and reach measurement

Notifications and communications may contain web links or tracking pixels that record whether an individual message was opened and which web links were clicked. Such web links and tracking pixels may also record the use of notifications and communications on a personal basis. We need this statistical recording of usage for success and reach measurement in order to offer notifications and communications effectively and in a user-friendly manner and on a permanent, secure and reliable basis, tailored to the needs and reading habits of recipients.

6.2) Consent and objection

As a rule, you must expressly consent to the use of your email address and other contact details, unless the use is permissible for other legal reasons. For any consent to receive emails, we use the double opt-in procedure where possible, meaning you will receive an email with a web link that you must click to confirm, so that no misuse by unauthorised third parties can occur. We may log such consents, including internet protocol (IP) address as well as date and time, for evidentiary and security purposes.

You can generally unsubscribe from notifications and communications such as newsletters at any time. Notifications and communications that are essential for our offering remain reserved. By unsubscribing, you can in particular object to the statistical recording of usage for success and reach measurement.

6.3) Service providers for notifications and communications

We send notifications and communications via services of third parties or with the help of service providers. Cookies may also be used in this context. We ensure adequate data protection with such services as well.

We use in particular:

Mailchimp: communication platform; provider: The Rocket Science Group LLC d/b/a Mailchimp (USA); information on data protection: privacy policy; “Mailchimp and European Data Transfers”.

7. SOCIAL MEDIA

We are present on social media platforms and other online platforms to communicate with interested persons and to provide information about our offering. Personal data may also be processed outside Switzerland and the European Economic Area (EEA).

The general terms and conditions and terms of use as well as privacy policies and other provisions of the individual operators of such online platforms also apply. These provisions inform in particular about the rights of data subjects, including the right of access.

For our social media presence on Facebook, including the so-called Page Insights, we are – where and to the extent the GDPR applies – jointly responsible with Facebook Ireland Limited in Ireland. Page Insights provide information about how visitors interact with our Facebook presence. We use Page Insights to provide our social media presence on Facebook effectively and in a user-friendly manner.

Further information on the type, scope and purpose of data processing, notes on the rights of data subjects as well as the contact details of Facebook and Facebook’s data protection officer can be found in Facebook’s privacy policy (“Data Policy”). We have concluded the “Controller Addendum” with Facebook and have agreed, in particular, that Facebook is responsible for ensuring the rights of data subjects. For the so-called Page Insights, the corresponding information can be found on Facebook’s pages “Information about Page Insights” including “Page Insights Controller Addendum” and “Information about Page Insights Data” respectively.

8. SUCCESS AND REACH MEASUREMENT

8.1) Google Analytics

We use Google Analytics to analyse how our website is used, enabling us, for example, to measure the reach of our website and the success of third-party links to our website. This is a service of the American Google LLC. For users in the European Economic Area (EEA) and in Switzerland, the Irish Google Ireland Limited is responsible.

Google attempts to identify individual visitors to our website even when they use different browsers or devices (cross-device tracking). Cookies are also used for this purpose. Google Analytics requires your internet protocol (IP) address, which, however, is not merged with other Google data.

In any case, we have your internet protocol (IP) address anonymised by Google before analysis. As a result, your full IP address is generally not transmitted to Google in the USA.

We use Google Analytics with Google Signals. This provides us with enhanced statistics on visitors to our website who have enabled personalised advertising as logged-in users of Google. Despite these enhanced statistics, we cannot establish a link to individual Google user accounts.

Further information on the type, scope and purpose of data processing can be found in Google’s principles for privacy and security and in Google’s privacy policy, in the privacy guide for Google products (including Google Analytics), in the information on how Google uses data from websites that use Google services and in the information on cookies at Google. There is also the option to use the “Browser add-on to deactivate Google Analytics” and to object to personalised advertising.

8.2) Google Tag Manager

We use Google Tag Manager to integrate and manage analytics or advertising services from Google as well as from third parties on our website. This is a service of the American Google LLC. For users in the European Economic Area (EEA) and in Switzerland, the Irish Google Ireland Limited is responsible. No cookies are used in this process, but cookies may be used within the integrated and managed services. We provide information about the processing of personal data by such services in this privacy policy.

9. SERVICES OF THIRD PARTIES

We use third-party services to provide our offering on a permanent, user-friendly, secure and reliable basis. Such services also serve to embed content into our website. Such services – for example hosting and storage services, video services and payment services – require your internet protocol (IP) address, otherwise such services cannot transmit the corresponding content. Such services may be located outside Switzerland and the European Economic Area (EEA), provided adequate data protection is ensured.

For their own security-related, statistical and technical purposes, third parties whose services we use may also process data related to our offering and from other sources – including cookies, log files and tracking pixels – in aggregated, anonymised or pseudonymised form.

9.1) Digital infrastructure

We use third-party services to obtain the digital infrastructure required for our offering. These include, for example, hosting and storage services from specialised providers.

We use in particular:

Hostfactory: hosting; provider: OptimaNet Schweiz AG
WordPress: website builder

9.2) Audio and video conferences

We use services for audio and video conferences to communicate with our clients and other persons. This enables us to conduct audio and video conferences, virtual meetings and training such as webinars. In addition to this privacy policy, any terms of the services used, such as terms of use or privacy policies, also apply.

9.2) a) We use Microsoft Teams, a service of the American Microsoft Corporation. For users in the European Economic Area (EEA), in the United Kingdom and in Switzerland, Microsoft Ireland Operations Limited is responsible. Further information on the type, scope and purpose of data processing can be found in Microsoft’s privacy policy, on the pages “Privacy at Microsoft” and “Security and Compliance in Microsoft Teams” and in Microsoft’s Trust Center.

9.2) b) We use Zoom, a service of the American Zoom Video Communications Inc. Zoom grants the rights under the European General Data Protection Regulation (GDPR) also to users in Switzerland. Further information on the type, scope and purpose of data processing can be found in Zoom’s privacy policies as well as on the page “Legal and Privacy”.

9.3) Social media functions and content

9.3) a) LinkedIn
We use the option to embed functions and content from LinkedIn on our website with the help of plugins. This allows us, for example, to enable you to use the “Share” function of LinkedIn on our website. Cookies are also used. Further information can be found on LinkedIn’s page about plugins.

The plugins are an offering of LinkedIn Ireland Unlimited Company in Ireland and the American LinkedIn Corporation. If you are logged in as a user on LinkedIn, LinkedIn can assign the use of our online offering to your profile. Further information on the type, scope and purpose of data processing can be found in LinkedIn’s privacy policy, cookie policy and on LinkedIn’s privacy portal. You can also object to personalised advertising.

9.4) Maps

We use Google Maps to embed maps into our website. Cookies are also used. Google Maps is a service of the American Google LLC. For users in the European Economic Area (EEA) and in Switzerland, the Irish Google Ireland Limited is responsible. Further information on the type, scope and purpose of data processing can be found in Google’s principles for privacy and security and in Google’s privacy policy, in the privacy guide for Google products (including Google Maps), in the information on how Google uses data from websites that use Google services and in the information on cookies at Google. There is also the option to object to personalised advertising.

9.5) Entertainment

We use YouTube to embed videos into our website. Cookies are also used. YouTube is a service of the American Google LLC. For users in the European Economic Area (EEA) and in Switzerland, the Irish Google Ireland Limited is responsible. Further information on the type, scope and purpose of data processing can be found in Google’s principles for privacy and security and in Google’s privacy policy, in the privacy guide for Google products (including YouTube), in the information on how Google uses data from websites that use Google services and in the information on cookies at Google. There is also the option to object to personalised advertising.

9.6) Fonts

We use Google Fonts to embed selected fonts into our website. No cookies are used. This is a service of the American Google LLC offered independently of other Google services. For users in the European Economic Area (EEA) and in Switzerland, the Irish Google Ireland Limited is responsible. Further information on the type, scope and purpose of data processing can be found in Google’s principles for privacy and security as well as in Google’s privacy policy.

9.7) Advertising

9.7) a) Google Ads
We use Google Ads (formerly AdWords) to advertise our offering in a targeted manner on the Google search engine and elsewhere on the internet, for example on other websites, including based on search queries. Google Ads is an offering of the American Google LLC. For users in the European Economic Area (EEA) and in Switzerland, the Irish Google Ireland Limited is responsible. Cookies are also used with Google Ads. Google uses various domain names – particularly doubleclick.net, googleadservices.com and googlesyndication.com – for Google Ads.

With such advertising, we particularly aim to reach people who are interested in our online offering or already use it. For this purpose, we transmit corresponding – possibly also personal – information to Google (remarketing). We can also determine whether our advertising is successful, that is, whether it leads to visits to our website (conversion tracking).

Further information on the type, scope and purpose of data processing can be found in Google’s principles for privacy and security and in Google’s privacy policy, in the information on how Google uses data from websites that use Google services and in the information on cookies at Google. There is also the option to object to personalised advertising.

9.7) b) LinkedIn Ads
We use LinkedIn Marketing Solutions to advertise our offering in a targeted manner on LinkedIn (LinkedIn Ads). This is an offering of LinkedIn Ireland Unlimited Company in Ireland and the American LinkedIn Corporation. Cookies are also used.

With such advertising, we particularly aim to reach people who are interested in our online offering or already use it. For this purpose, we transmit, particularly with the LinkedIn Insight Tag, corresponding – possibly also personal – information to LinkedIn (retargeting). We can also determine whether our advertising is successful, that is, whether it leads to visits to our website (conversion tracking). If you are logged in as a user on LinkedIn, LinkedIn can assign the use of our online offering to your profile.

Further information on the type, scope and purpose of data processing can be found in LinkedIn’s privacy policy, cookie policy and on LinkedIn’s privacy portal. You can also object to personalised advertising.

10. EXTENSIONS FOR THE WEBSITE

10.1)

We use Google reCAPTCHA to protect input forms from bots and spam while reliably enabling input by humans. Cookies are also used. This is a service of the American Google LLC. For users in the European Economic Area (EEA) and in Switzerland, the Irish Google Ireland Limited is responsible. Further information on the type, scope and purpose of data processing can be found in Google’s principles for privacy and security and in Google’s privacy policy as well as in the information on cookies at Google.

10.2)

We use jQuery, a free JavaScript library of the JS Foundation. We integrate the library via the content delivery network (CDN) Google Hosted Libraries (domain name ajax.googleapis.com) to improve the speed of our website. Cookies are used only if necessary to prevent misuse and for security-related purposes. This is a service of the American Google LLC offered independently of other Google services. For users in the European Economic Area (EEA) and in Switzerland, the Irish Google Ireland Limited is responsible.

Further information on the type, scope and purpose of data processing can be found in Google’s principles for privacy and security and in Google’s privacy policy, as well as in the terms of use for Google Hosted Libraries.

11. FINAL PROVISIONS

We created this privacy policy with the privacy generator from Datenschutzpartner.

We may amend and supplement this privacy policy at any time. We will inform about such amendments and supplements in an appropriate manner, particularly by publishing the current privacy policy on our website.

We value the trust of our clients and therefore do not place names and logos on our website.

Since 2017, TECHWAY has already developed and implemented solutions for more than 10,000 users. Call us or write to us if we may support you as well.