Espazzola Shop Privacy Policy

Thank you for your interest in our company. We take data protection seriously.

Below you can find an English translation of our privacy policy originally published in German. This translation is provided for your convenience. In case of conflicting statements the German version takes precedence.

You can use our website without providing any personal data. If a person wishes to make use of our company’s services via our website, the processing of personal data may become necessary. If the processing of personal data is necessary and there is no legal basis for such processing, we always obtain the consent of the person in question.

The processing of personal data (e.g. name, address, e-mail address or telephone number of a person concerned) is always carried out in accordance with the GDPR and in accordance with the country-specific data protection regulations applicable to us.

With the following privacy policy we would like to inform the public about the type, scope and purpose of the personal data collected, used and processed by us. Likewise affected persons will be informed about their rights by this privacy policy.

As data processors, we have implemented numerous technical and organisational measures to ensure the most complete protection possible for personal data processed via our website. However, data transmission via the Internet can always contain security gaps. This means that 100% protection cannot be guaranteed.

1. Definitions

This privacy policy is based on the definitions used by the European legislator of directives and regulations for the adoption of the GDPR (Article 4 GDPR). This privacy policy should be both easy to read and easy to understand for everyone. To ensure this, we would like to first explain the terms used:

2. Name and Contact Details of the Data Controller

This privacy policy applies to data processing by:

Data Controller :

PROTONEA Senger
Meienbergstrasse 6
CH-9000 St. Gallen

represented by the managing director Mr. Alexander Senger, E-Mail: info@espazzola.ch, Phone: +41 (0)81 599 39 34


As data protection representative resident in the EU area, we determine:

Dr. V. Senger
Prof.-Buttersack-Strasse 5
D-85778 Haimhausen

E-Mail: datenschutz@espazzola.de

3. Collection and Storage of Personal Data as well as Type and Purpose of Their Use

a) when visiting the website

You can use our website without disclosing your identity. However, when you visit our website, the browser used on your device automatically sends information to the server of our website. This information is temporarily stored in a so-called log file. The following information is recorded without your intervention and stored until it is automatically deleted:

The mentioned data will be processed by us for the following purposes:

The legal basis for data processing is Art. 6 para. 1 sentence 1 lit. f GDPR. Our legitimate interest follows from the purposes listed above for data collection. Under no circumstances do we use the data collected for the purpose of drawing conclusions about you personally.

In addition, we use cookies and analysis services when you visit this website. You will find further details below and in section 4. f) of this privacy policy.

We use cookies on our site. These are small files that your browser automatically creates and that are stored on your device (laptop, tablet, smartphone, etc.) when you visit our website. Cookies do no damage to your end device, do not contain viruses, Trojans or other malware.

Information is stored in the cookie in connection with the specifically used terminal device. However, this does not mean that we immediately become aware of your identity.

On the one hand we use these cookies to make your visit of our website more pleasant to you. For example, we use so-called session cookies to recognize that you have already visited individual pages of our website. These session cookies will be deleted automatically after you leaving our site.

In addition, we also use temporary cookies that are stored on your end device for a specified period of time to enhance your user experience. If you repeatedly visit our site, it is automatically recognized that you have already been with us and your entries and settings are restored. We also use this technique to make it easy for you to shop, for example by noting the items you have already placed in your shopping cart.

On the other hand, we use cookies to statistically record the use of our website and to evaluate it for the purpose of optimising our offer (see “Google Analytics” further below in this document). These cookies enable us to automatically recognize when you return to our site and are automatically deleted after a defined period of time. You can prevent these specific cookies from being set as specified in the “Goolge Analytics” section.

The data processed by cookies is required for the aforementioned purposes in order to protect our legitimate interests and those of third parties pursuant to Art. 6 Para. 1 S. 1 lit. f GDPR.

Most browsers automatically accept cookies. However, you can configure your browser so that no cookies are stored on your computer or so that a message appears before a new cookie is created. Please note that the complete deactivation of cookies can lead to you not being able to use all functions of our website.

c) for Orders on our Website

You can place orders on our website.

For this purpose your personal data needs to be entered into an input mask and transmitted to and stored by us. When you place an order via our website, we first collect the following data in the shop:

This data is collected,

In addition, for a successful order, personal data is required for authentication and payment authorization by the associated payment service providers (PayPal and Stripe). These data are never transmitted to us at any time.

The data will be processed upon your order and/or registration and is required pursuant to Art. 6 para. 1 S. 1 lit. b GDPR for the aforementioned purposes, for the appropriate processing of your order and for the mutual fulfilment of obligations arising from the purchase contract.

The personal data collected by us for the processing of your order will be stored until expiry of the statutory obligation to store data and subsequently deleted. This holds unless we are obliged to store data for a longer period due to tax and commercial law storage and documentation obligations (from HGB, StGB or AO) or you have consented to further storage in accordance with Art. 6 Para. 1 S. 1 lit. a GDPR.

4. Data Processing by Third Parties

In order to offer you the Espazzola and this website, we have to cooperate with other companies. As part of this cooperation, we pass on your personal data to third parties under strict conditions. In doing so, we make sure that this transfer only takes place in accordance with the tasks described here and by meeting the requirements of the GDPR. In the case of passing on your personal data to third parties, the scope of the transmitted data is limited to the necessary minimum.

In any case we will only pass on your personal data to third parties if:

a) Web Hosting

The web pages of the domain espazzola.ch are stored on servers in Switzerland and are transmitted to you from there. In doing so, the data described under 3. a) are recorded and processed on our behalf by the hosting provider:

Hoststar – Multimedia Networks AG, Kirchgasse 30, 3312 Fraubrunnen, Switzerland

Since the EU Commission has found an appropriate level of data protection for Switzerland, this is a permissible data transfer to a third country.

b) Webshop

On our website you have the possibility to buy the Espazzola. To provide the shop functionality we use a plugin of the company:

Ecwid Inc, 144 West D Street, Suite 103, Encinitas, CA 92024 USA

If you have javascript enabled in your browser and have not installed a javascript-blocker, your browser will transmit personal data (your IP address and upon your provision the data mentioned above) to Ecwid servers also situated in the USA. These data are later transmitted to us for order fulfillment.

These data are necessary for the purchase transaction and their collection is therefore permissible. As Ecwid is certified according to the provisions of the Privacy Shield for the protection of personal data, a transfer to the USA is permitted. For more information, see the Privacy Policy of ecwid.

You can install a javascript-blocker (e.g. www.noscript.net or www.ghostery.com) to prevent the execution of javascript code from ecwid as a whole. However, there is then no possibility to use the Espazzola Shop.

c) Payment Service Provider

The purchase of an Espazzola from us is only possible by advance payment. To this end it is necessary to transfer your payment data to one of the services we use:

Stripe Payments Europe Ltd, Block 4, Harcourt Centre, Harcourt Road, Dublin 2, Ireland

or

PayPal (Europe) S.à.r.l. & Cie. S.C.A., 22-24 Boulevard Royal, 2449 Luxembourg, Luxemburg

If you choose one of these payment options, your payment data will be transmitted directly to the appropriate company - without being available to us. In return, we receive a payment confirmation from the respective company and the possibility of (partially) returning the payment in the event of adjustments - e.g. due to repayments.

Stripe or PayPal act as data controller according to the GDPR and do not process your data on our behalf. Likewise data processing by these companies is not controlled by us. In the course of processing your payment transaction, your data may also be passed on by the respective company to third parties and in third countries.

Further details can be found in the privacy policies by Stripe and PayPal.

d) Fulfillment Provider

Espazzolas ordered from us are shipped for customers outside Switzerland by our fulfillment provider in Germany:

PELA Fulfillment UG, Purfingerstr. 8, 85646 Neufarn, Germany

On our behalf, PELA processes the personal data necessary for the compilation and dispatch of your order, namely: your billing or delivery address as indicated by you in our webshop, as well as designation and quantity of articles purchased.

Further details on the conditions under which PELA processes your data can be found in the privacy policy of PELA.

e) Communication by Email

As part of the order process you will receive a confirmation and a shipping notification sent to the email address you have provided. The emails contain the details of your order as entered by you for you to control.

You are also welcome to contact us by email. If you do so, we will save your details for processing the request and in the event that follow-up questions arise.

This is also our legitimate interest pursuant to Art 6 para. 1 S. 1 lit. f) GDPR. We only store and use further personal data if you give your consent or if this is legally permissible without special consent.

When sending emails we pay attention to an encrypted transmission as far as technically feasible. However, we would like to point out that continuous encryption of the emails during transport to you can usually not be guaranteed.

f) Google Analytics

The tracking measures listed below and used by us are carried out on the basis of Art. 6 para. 1 S. 1 lit. f GDPR. With the tracking measures used, we want to ensure that our website is designed to meet our customers requirements and that we implement the best further improvements. Furthermore we use the collected data to statistically evaluate the use of our website for the purpose of optimising our offer. These interests are legitimate within the meaning of the aforementioned regulation.

To this end use Google Analytics, a web analysis service of Google Inc. (“Google”).

Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA

Google has signed the Privacy Shield Agreement between the European Union and the USA and is certified under this act.

Google Analytics uses “cookies”, which are text files placed on your computer, to help analyze how users use this web-site. The information gathered about the use of this website through page visitors by use of these cookies is generally transmitted to and stored on a Google server in the USA.

We fully use IP anonymization offered by Google on this website. Before being transmitted to the USA, Google will shorten your IP address within member states of the European Union or other signatory states to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there.

Due to the shortened IP address (“IP anonymization”), this address can no longer be linked to a specific person. In addition, the IP address transmitted by your browser as part of Google Analytics is not merged with other Google data. All transmitted data will be deleted automatically by Google after a specified period of time - typically 14 months.

On our behalf, Google will use this information to evaluate the use of the website, to compile reports on website activity and to provide further information, as well as to provide us with services related to the use of our website and our use of the Internet.

You may block the use of cookies by selecting the appropriate settings on your browser. However, please note that if you do so you may not be able to use all functionality on this website.

You may prevent the transfer to Google of the data generated by your use of the website (including your IP address) as well as the processing of the data through Google by downloading and installing the browser plug-in available through the following link:

https://tools.google.com/dlpage/gaoptout?hl=en.

Alternatively to this browser plugin or for browsers on mobile devices, you can click on the following link to set an opt-out cookie that will prevent further collection by Google Analytics within this website: disable Google Analytics (this opt-out cookie only works in the affected browser and only for this domain. If you delete the cookies in your browser, you must click this link again).

The links published on our website are researched and compiled by us with the greatest possible care. However, we have no influence on the current and future design and content of the linked pages. We are not responsible for the content of the linked pages and expressly do not endorse the content of these pages.

For illegal, incorrect or incomplete contents as well as for damages arising from the use or non-use of the information, the provider of the website to which reference is made is solely liable. The liability of the person who merely refers to the publication through a link is excluded. We are only responsible for external references if we have positive knowledge of them, especially so of any illegal or criminal content, and if it is technically possible and reasonable for us to prevent their use.

6. Concerned Rights

You have the right:

7. Right of Appeal

If your personal data are processed on the basis of legitimate interests pursuant to Art. 6 para. 1 S. 1 lit. f GDPR, you have the right to object eto the processing of your personal data pursuant to Art. 21 GDPR, provided that there are reasons for this which arise from your particular situation or the objection is directed against direct advertising. In the latter case, you have a general right of objection, which we will implement without the need of you specifying a particular situation.

If you would like to make use of your right of revocation or objection, simply send an e-mail to: info@espazzola.ch

8. Data Security

When you connect to our website we use the common SSL (Secure Socket Layer) method in connection with the highest level of encryption supported by your browser to protect your data. Usually this is a 256 bit encryption. Whether a single page of our website is transmitted in encrypted form is indicated by the display of the closed lock symbol in the status bar of your browser.

We also use suitable technical and organisational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or unauthorised access by third parties. Our security measures are continuously improved in line with technological developments.

9. Up-to-dateness and Amendment of this Privacy Policy

This privacy policy is currently valid and was last updated as of May 2018.

Due to further development of our website and offers placed thereon or due to changed legal or official requirements, it may become necessary to change this privacy policy. The most current version can always be found on this page.