Privacy Policy

With this Privacy Policy, we inform you about which personal data we process in connection with our activities and operations, including our website. Specifically, we explain why, how, and where we process which personal data. We also inform about the rights of individuals whose data we process.

For individual or additional activities and operations, other privacy policies and other legal documents such as General Terms and Conditions (GTC), terms of use, or terms of participation may apply.

1. Contact Addresses

Responsibility for the processing of personal data:

Caliza Holding AG
8754 Netstal

We would like to point out that in individual cases there might be other responsible parties for the processing of personal data.

2. Definitions and Legal Bases

2.1 Definitions

Personal data are all details relating to a specific or identifiable natural person. An affected person is a person whose personal data we process.

Processing includes any handling of personal data, regardless of the means and procedures used, for example, querying, matching, adjusting, archiving, retaining, reading out, disclosing, procuring, recording, collecting, deleting, revealing, arranging, organizing, storing, modifying, disseminating, linking, destroying, and using personal data.

2.2 Legal Bases

We process personal data in accordance with Swiss data protection law, in particular the Federal Act on Data Protection (Data Protection Act, DPA) and the Ordinance on Data Protection (Data Protection Ordinance, DPO).

3. Type, Scope, and Purpose

We process personal data that is necessary to continuously, user-friendly, securely, and reliably carry out our activities and operations. Such personal data can particularly fall into the categories of master and contact data, browser and device data, content data, meta or margin data, usage data, location data, sales data, as well as contract and payment data.

We process personal data for the duration necessary for the respective purpose or purposes or as legally required. Personal data no longer required for processing will be anonymized or deleted.

We can have personal data processed by third parties. We may process personal data together with third parties or transfer it to third parties. Such third parties are, in particular, specialized providers whose services we use. We also ensure data protection with such third parties.

We process personal data fundamentally only with the consent of the affected individuals. If and insofar as processing is permissible for other legal reasons, we may refrain from obtaining consent. For instance, we can process personal data without consent to fulfill a contract, to meet legal obligations, or to safeguard overriding interests.

In this context, we particularly process information voluntarily provided to us by an affected person when making contact—e.g., by mail, email, instant messaging, contact form, social media, or phone—or when registering for a user account.

We also process personal data that we obtain from third parties, procure from publicly accessible sources, or collect during the exercise of our activities and operations, provided that such processing is legally permissible.

4. Applications

We process personal data of applicants to the extent necessary to assess their suitability for an employment relationship or for the subsequent execution of an employment contract. The necessary personal data arises particularly from the information requested, for example, in the context of a job advertisement. Furthermore, we process the personal data that applicants voluntarily communicate or publish, especially as part of cover letters, resumes, and other application documents, as well as online profiles.

5. Personal Data Abroad

We process personal data fundamentally in Switzerland. However, we can also disclose or export personal data to other countries, especially for processing or having it processed there.

We can disclose personal data to all countries and territories on Earth as well as elsewhere in the Universe, provided that local law ensures adequate data protection according to a decision of the Swiss Federal Council.

We can disclose personal data to countries whose laws do not guarantee adequate data protection, provided that other reasons ensure appropriate data protection. Suitable data protection can be ensured, for example, by appropriate contractual agreements, based on standard data protection clauses or with other suitable guarantees. In exceptional cases, we can export personal data to countries without adequate or appropriate data protection if the special data protection requirements are met, for instance, the explicit consent of the affected persons or a direct connection with the conclusion or processing of a contract. Upon request, we are happy to provide affected persons with information about any guarantees or supply a copy of the guarantees.

6. Rights of Affected Persons

6.1 Data Protection Rights

We grant affected individuals all claims in accordance with applicable data protection laws. Affected individuals have, in particular, the following rights:

  • Access: Affected individuals can request information on whether we process personal data about them, and if so, which personal data it concerns. Affected individuals also receive the information necessary to assert their data protection rights and ensure transparency. This includes the processed personal data itself, but also, among other things, details on the purpose of processing, the duration of storage, any disclosure or potential export of data to other countries, and the origin of the personal data.
  • Correction and Restriction: Affected individuals can correct inaccurate personal data, complete incomplete data, and have the processing of their data restricted.
  • Deletion and Objection: Affected individuals can have personal data deleted ("right to be forgotten") and object to the processing of their data with effect for the future.
  • Data Release and Data Transfer: Affected individuals can request the release of personal data or the transfer of their data to another responsible party.

We may postpone, limit, or deny the exercise of the rights of affected individuals to the extent legally permissible. We may point out to affected individuals any conditions that may need to be met to exercise their data protection rights. For instance, we can refuse the provision of information citing trade secrets or the protection of other individuals. We may also refuse the deletion of personal data, wholly or in part, citing statutory retention obligations.

We may exceptionally charge for the exercise of rights. We inform affected individuals in advance of any potential costs.

We are obligated to identify affected individuals who request information or assert other rights using appropriate measures. Affected individuals are obligated to cooperate.

6.2 Right to Complain

Affected individuals have the right to enforce their data protection claims in court or to lodge a complaint with a competent data protection supervisory authority.

The supervisory authority for private entities and federal bodies in Switzerland is the Federal Data Protection and Information Commissioner (FDPIC).

7. Data Security

We take appropriate technical and organizational measures to ensure data security commensurate with the respective risk. However, we cannot guarantee absolute data security.

Access to our website is secured using transport encryption (SSL / TLS, especially with the Hypertext Transfer Protocol Secure, abbreviated HTTPS). Most browsers indicate transport encryption with a padlock in the address bar.

Our digital communication is subject – as fundamentally all digital communication – to mass surveillance without reason or suspicion, as well as other monitoring by security agencies in Switzerland, the rest of Europe, the United States of America (USA), and other countries. We have no direct influence on the corresponding processing of personal data by intelligence services, police departments, and other security authorities.

8. Use of the Website

8.1 Cookies

We may use cookies. Cookies - both our own cookies (First-Party-Cookies) and cookies from third parties whose services we use (Third-Party-Cookies) - are data stored in the browser. Such stored data is not necessarily limited to traditional text-form cookies.

Cookies can be stored temporarily in the browser as "session cookies" or for a specific period as so-called permanent cookies. "Session cookies" are automatically deleted when the browser is closed. Permanent cookies have a specific storage duration. Cookies, in particular, allow us to recognize a browser on a subsequent visit to our website and, for instance, to measure the reach of our website. However, permanent cookies can also be used for online marketing.

Cookies can be fully or partially deactivated and deleted in the browser settings at any time. Without cookies, our website may not be fully available. We ask - at least where and as far as necessary - for explicit consent to the use of cookies.

8.2 Server Log Files

For every access to our website, we can record the following information, provided they are transmitted from your browser to our server infrastructure or can be determined by our web server: Date and time including time zone, Internet Protocol (IP) address, access status (HTTP status code), operating system including user interface and version, browser including language and version, individual sub-page of our website accessed including the amount of data transferred, and the last webpage accessed in the same browser window (referer or referrer).

We store such information, which may also include personal data, in server log files. This information is necessary to provide our website in a permanent, user-friendly, and reliable manner and to ensure data security, particularly the protection of personal data – even by third parties or with the help of third parties.

8.3 Tracking Pixels

We may use tracking pixels on our website. Tracking pixels are also referred to as web beacons. Tracking pixels - including those from third parties whose services we use - are typically small, usually invisible images that are automatically retrieved when visiting our website. Tracking pixels can collect the same information as server log files.

9. Social Media

We have a presence on social media platforms and other online platforms to communicate with interested individuals and inform about our activities and operations. In connection with such platforms, personal data may also be processed outside Switzerland.

The respective General Terms and Conditions (GTC) and terms of use, as well as privacy policies and other provisions of the operators of such platforms, apply. These provisions specifically inform about the rights of affected individuals directly against the respective platform, including, for example, the right to access.

10. Third-Party Services

We use services from specialized third parties to be able to conduct our activities and operations permanently, user-friendly, securely, and reliably. With such services, among other things, we can embed features and content into our website. Due to technical reasons, when such embedding takes place, the services used temporarily capture the Internet Protocol (IP) addresses of users.

For required security-related, statistical, and technical purposes, third parties whose services we use may process data related to our activities and operations in an aggregated, anonymized, or pseudonymized form. This refers, for example, to performance or usage data, to be able to offer the respective service.

10.1 Digital Infrastructure

We use services from specialized third parties to utilize the necessary digital infrastructure related to our activities and operations. This includes, for example, hosting and storage services from selected providers.

10.2 Audio and Video Conferences

We use specialized services for audio and video conferences to communicate online. We can use them, for instance, to hold virtual meetings or conduct online classes and webinars. Additional legal texts of individual services such as privacy policies and terms of use apply to participating in audio and video conferences.

We recommend, depending on the situation, to mute the microphone by default when participating in audio or video conferences, to blur the background, or to use a virtual background.

We especially use:

10.3 Fonts

We use third-party services to embed selected fonts as well as icons, logos, and symbols into our website.

Specifically, we use:

11. Final Provisions

We have created this privacy statement with the Data Protection Generator from Datenschutzpartner.

We can adjust and supplement this privacy statement at any time. We will inform about such adjustments and supplements in an appropriate manner, especially by publishing the respective current privacy statement on our website.

Copyright © 2016 Caliza Holding AG. All rights reserved. Privacy Policy. Webpartner ONFLOW GmbH