Thank you for your interest in our company. We take data protection seriously.
You can use our website without providing any personal data. If a person wishes to make use of our company’s services via our website, the processing of personal data may become necessary. If the processing of personal data is necessary and there is no legal basis for such processing, we always obtain the consent of the person in question.
The processing of personal data (e.g. name, address, e-mail address or telephone number of a person concerned) is always carried out in accordance with the GDPR and in accordance with the country-specific data protection regulations applicable to us.
As data processors, we have implemented numerous technical and organisational measures to ensure the most complete protection possible for personal data processed via our website. However, data transmission via the Internet can always contain security gaps. This means that 100% protection cannot be guaranteed.
“personal data” means any information relating to an identified or identifiable natural person (hereinafter referred to as “data subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by association with an identifier such as a name, an identification number, location data, an online identifier or one or more specific characteristics which express the physical, physiological, genetic, psychological, economic, cultural or social identity of that natural person;
“data subject” means any identified or identifiable natural person whose personal data are processed by the controller;
“processing” means any operation carried out with or without the aid of automated procedures or any such series of operations relating to personal data, such as the collection, organisation, sorting, storage, adaptation or alteration, reading, querying, use, disclosure by transmission, dissemination or any other form of provision, comparison or linking, restriction, erasure or destruction;
“restriction of processing” means the marking of stored personal data with the aim of restricting their future processing;
“profiling” means any automated processing of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects relating to the work performance, economic situation, health, personal preferences, interests, reliability, behaviour, whereabouts or relocation of that natural person;
“controller” means the natural or legal person, authority, body or office which, alone or in association with others, decides on the purposes and means of processing personal data; where the purposes and means of such processing are specified by Union law or by the law of the Member States, the controller or certain criteria for his appointment may be laid down by Union law or by the law of the Member States;
“recipient” means any natural or legal person, authority, institution or other body to which personal data is disclosed, whether or not it is a third party. However, authorities receiving personal data under Union law or the law of the Member States under a particular investigation mandate shall not be considered recipients; the processing of such data by the said authorities shall be carried out in accordance with the applicable data protection rules in accordance with the purposes of the processing;
“third party” means any natural or legal person, authority, institution or other body other than the data subject, the data controller, the data processor, the persons authorised to process the personal data under the direct responsibility of the data controller or the data processor;
“consent” of the data subject means any voluntary declaration of consent in the specific case, in an informed and unequivocal manner, in the form of a declaration or other clear affirmative act, with which the data subject indicates his or her consent to the processing of personal data concerning him or her.
Data Controller :
CH-9000 St. Gallen
represented by the managing director Mr. Alexander Senger, E-Mail: email@example.com, Phone: +41 (0)81 599 39 34
As data protection representative resident in the EU area, we determine:
Dr. V. Senger
You can use our website without disclosing your identity. However, when you visit our website, the browser used on your device automatically sends information to the server of our website. This information is temporarily stored in a so-called log file. The following information is recorded without your intervention and stored until it is automatically deleted:
The mentioned data will be processed by us for the following purposes:
The legal basis for data processing is Art. 6 para. 1 sentence 1 lit. f GDPR. Our legitimate interest follows from the purposes listed above for data collection. Under no circumstances do we use the data collected for the purpose of drawing conclusions about you personally.
Information is stored in the cookie in connection with the specifically used terminal device. However, this does not mean that we immediately become aware of your identity.
On the one hand we use these cookies to make your visit of our website more pleasant to you. For example, we use so-called session cookies to recognize that you have already visited individual pages of our website. These session cookies will be deleted automatically after you leaving our site.
In addition, we also use temporary cookies that are stored on your end device for a specified period of time to enhance your user experience. If you repeatedly visit our site, it is automatically recognized that you have already been with us and your entries and settings are restored. We also use this technique to make it easy for you to shop, for example by noting the items you have already placed in your shopping cart.
The data processed by cookies is required for the aforementioned purposes in order to protect our legitimate interests and those of third parties pursuant to Art. 6 Para. 1 S. 1 lit. f GDPR.
Most browsers automatically accept cookies. However, you can configure your browser so that no cookies are stored on your computer or so that a message appears before a new cookie is created. Please note that the complete deactivation of cookies can lead to you not being able to use all functions of our website.
You can place orders on our website.
For this purpose your personal data needs to be entered into an input mask and transmitted to and stored by us. When you place an order via our website, we first collect the following data in the shop:
This data is collected,
In addition, for a successful order, personal data is required for authentication and payment authorization by the associated payment service providers (PayPal and Stripe). These data are never transmitted to us at any time.
The data will be processed upon your order and/or registration and is required pursuant to Art. 6 para. 1 S. 1 lit. b GDPR for the aforementioned purposes, for the appropriate processing of your order and for the mutual fulfilment of obligations arising from the purchase contract.
The personal data collected by us for the processing of your order will be stored until expiry of the statutory obligation to store data and subsequently deleted. This holds unless we are obliged to store data for a longer period due to tax and commercial law storage and documentation obligations (from HGB, StGB or AO) or you have consented to further storage in accordance with Art. 6 Para. 1 S. 1 lit. a GDPR.
In order to offer you the Espazzola and this website, we have to cooperate with other companies. As part of this cooperation, we pass on your personal data to third parties under strict conditions. In doing so, we make sure that this transfer only takes place in accordance with the tasks described here and by meeting the requirements of the GDPR. In the case of passing on your personal data to third parties, the scope of the transmitted data is limited to the necessary minimum.
In any case we will only pass on your personal data to third parties if:
The web pages of the domain espazzola.ch are stored on servers in Switzerland and are transmitted to you from there. In doing so, the data described under 3. a) are recorded and processed on our behalf by the hosting provider:
Hoststar – Multimedia Networks AG, Kirchgasse 30, 3312 Fraubrunnen, Switzerland
Since the EU Commission has found an appropriate level of data protection for Switzerland, this is a permissible data transfer to a third country.
On our website you have the possibility to buy the Espazzola. To provide the shop functionality we use a plugin of the company:
Ecwid Inc, 144 West D Street, Suite 103, Encinitas, CA 92024 USA
The purchase of an Espazzola from us is only possible by advance payment. To this end it is necessary to transfer your payment data to one of the services we use:
Stripe Payments Europe Ltd, Block 4, Harcourt Centre, Harcourt Road, Dublin 2, Ireland
PayPal (Europe) S.à.r.l. & Cie. S.C.A., 22-24 Boulevard Royal, 2449 Luxembourg, Luxemburg
If you choose one of these payment options, your payment data will be transmitted directly to the appropriate company - without being available to us. In return, we receive a payment confirmation from the respective company and the possibility of (partially) returning the payment in the event of adjustments - e.g. due to repayments.
Stripe or PayPal act as data controller according to the GDPR and do not process your data on our behalf. Likewise data processing by these companies is not controlled by us. In the course of processing your payment transaction, your data may also be passed on by the respective company to third parties and in third countries.
Espazzolas ordered from us are shipped for customers outside Switzerland by our fulfillment provider in Germany:
PELA Fulfillment UG, Purfingerstr. 8, 85646 Neufarn, Germany
On our behalf, PELA processes the personal data necessary for the compilation and dispatch of your order, namely: your billing or delivery address as indicated by you in our webshop, as well as designation and quantity of articles purchased.
As part of the order process you will receive a confirmation and a shipping notification sent to the email address you have provided. The emails contain the details of your order as entered by you for you to control.
You are also welcome to contact us by email. If you do so, we will save your details for processing the request and in the event that follow-up questions arise.
This is also our legitimate interest pursuant to Art 6 para. 1 S. 1 lit. f) GDPR. We only store and use further personal data if you give your consent or if this is legally permissible without special consent.
When sending emails we pay attention to an encrypted transmission as far as technically feasible. However, we would like to point out that continuous encryption of the emails during transport to you can usually not be guaranteed.
The tracking measures listed below and used by us are carried out on the basis of Art. 6 para. 1 S. 1 lit. f GDPR. With the tracking measures used, we want to ensure that our website is designed to meet our customers requirements and that we implement the best further improvements. Furthermore we use the collected data to statistically evaluate the use of our website for the purpose of optimising our offer. These interests are legitimate within the meaning of the aforementioned regulation.
To this end use Google Analytics, a web analysis service of Google Inc. (“Google”).
Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA
Google has signed the Privacy Shield Agreement between the European Union and the USA and is certified under this act.
Google Analytics uses “cookies”, which are text files placed on your computer, to help analyze how users use this web-site. The information gathered about the use of this website through page visitors by use of these cookies is generally transmitted to and stored on a Google server in the USA.
We fully use IP anonymization offered by Google on this website. Before being transmitted to the USA, Google will shorten your IP address within member states of the European Union or other signatory states to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there.
Due to the shortened IP address (“IP anonymization”), this address can no longer be linked to a specific person. In addition, the IP address transmitted by your browser as part of Google Analytics is not merged with other Google data. All transmitted data will be deleted automatically by Google after a specified period of time - typically 14 months.
On our behalf, Google will use this information to evaluate the use of the website, to compile reports on website activity and to provide further information, as well as to provide us with services related to the use of our website and our use of the Internet.
You may prevent the transfer to Google of the data generated by your use of the website (including your IP address) as well as the processing of the data through Google by downloading and installing the browser plug-in available through the following link:
Alternatively to this browser plugin or for browsers on mobile devices, you can click on the following link to set an opt-out cookie that will prevent further collection by Google Analytics within this website: disable Google Analytics (this opt-out cookie only works in the affected browser and only for this domain. If you delete the cookies in your browser, you must click this link again).
The links published on our website are researched and compiled by us with the greatest possible care. However, we have no influence on the current and future design and content of the linked pages. We are not responsible for the content of the linked pages and expressly do not endorse the content of these pages.
For illegal, incorrect or incomplete contents as well as for damages arising from the use or non-use of the information, the provider of the website to which reference is made is solely liable. The liability of the person who merely refers to the publication through a link is excluded. We are only responsible for external references if we have positive knowledge of them, especially so of any illegal or criminal content, and if it is technically possible and reasonable for us to prevent their use.
You have the right:
to request information about your personal data processed by us in accordance with Art. 15 GDPR. In particular, you may request information about the purposes of processing, the category of personal data, the categories of recipients to whom your data have been or will be disclosed, the planned storage period, the existence of a right to rectification, deletion, restriction of processing or objection, the existence of a right of appeal, the origin of your data, if these have not been collected by us, and the existence of automated decision-making including profiling and, if applicable, meaningful information on their details;
in accordance with Art. 16 GDPR, to demand without delay the correction of incorrect or incomplete personal data stored by us;
to request the deletion of your personal data stored with us in accordance with Art. 17 GDPR, unless the processing is necessary to exercise the right to freedom of expression and information, to fulfil a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims;
in accordance with Art. 18 GDPR, to restrict the processing of your personal data if you dispute the accuracy of the data, if the processing is unlawful but you refuse to consent to the deletion of the data and we no longer need the data, but if you need it to assert, exercise or defend legal claims or if you have filed an objection to the processing in accordance with Art. 21 GDPR;
in accordance with Art. 20 GDPR, to receive your personal data that you have provided to us in a structured, current and machine-readable format or to request its transfer to another person responsible;
in accordance with Art. 7 para. 3 GDPR, to revoke your consent to us at any time. As a result, we are no longer allowed to continue processing data based on this consent in the future
and to complain to a supervisory authority pursuant to Art. 77 GDPR. As a rule of thumb, you can contact the supervisory authority of your usual place of residence or work.
If your personal data are processed on the basis of legitimate interests pursuant to Art. 6 para. 1 S. 1 lit. f GDPR, you have the right to object eto the processing of your personal data pursuant to Art. 21 GDPR, provided that there are reasons for this which arise from your particular situation or the objection is directed against direct advertising. In the latter case, you have a general right of objection, which we will implement without the need of you specifying a particular situation.
If you would like to make use of your right of revocation or objection, simply send an e-mail to: firstname.lastname@example.org
When you connect to our website we use the common SSL (Secure Socket Layer) method in connection with the highest level of encryption supported by your browser to protect your data. Usually this is a 256 bit encryption. Whether a single page of our website is transmitted in encrypted form is indicated by the display of the closed lock symbol in the status bar of your browser.
We also use suitable technical and organisational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or unauthorised access by third parties. Our security measures are continuously improved in line with technological developments.