Based on Article 13 of the Swiss Federal Constitution and the data protection regulations of the Swiss Confederation (Data Protection Act, DPA) as well as the EU General Data Protection Regulation (GDPR), every person is entitled to the protection of their privacy as well as the protection against misuse of personal data. The protection of your personal data is important to DataStore. We will handle your data sensitively and carefully to ensure a high level of data security.
2. Name and address of the responsible person
The responsible party within the meaning of the Swiss Data Protection Act (DSG) and the EU General Data Protection Regulation (DSGVO) is:
Telephone: +41 56 419 71 71
DataStore AG has not appointed a data protection advisor or data protection officer within the meaning of Art. 10 DSG or Art. 37 DSGVO. Any inquiries, claims or information relating to data protection law are to be directed to the aforementioned contact details of the person responsible.
3. Categories of personal data processed
The following categories of personal data may be processed DataStorest name, gender, place of residence (private and/or business), date of birth, information on function and professional or other interests;
Communication data: These are, for example, telephone number, e-mail address (private and/or business), fax number if applicable, communication content (e.g. e-mails, letters, faxes), preferred communication channel and correspondence language;
Contract Data: This includes in particular, but is not limited to, information on business transactions to date, information on business transactions, inquiries, offers, terms and conditions and contracts regarding products and services supplied and sold as well as ordered and purchased, information in connection with queries, complaints and differences regarding products and services or the contracts concluded in this regard, such as warranty and guarantee cases, withdrawals, etc.;
Financial data, such as payment details, credit card details and other payment details, billing and shipping addresses, etc.;
Data in connection with the marketing of products and services: This includes, but is not limited to, information about marketing activities such as receipt of newsletters, newsletter opt-ins and opt-outs, documents received, invitations and participation in events and special activities, personal preferences and interests, etc.;
Data related to the use of the website: This includes in particular, but is not limited to, IP address and other identifiers (e.g. username on social media, MAC address of the smartphone or computer, cookies, web beacons, pixel tags, log files, local shared objects (Flash cookies) or other technologies that automatically collect personal data), date and time of the visit or use of the websites, pages and content accessed, referring websites, etc.. For further details, please refer to section 8 "Automated data collection and processing on our website";
Voluntary information: This includes data that you provide to DataStore on a voluntary basis without DataStore specifically asking for it, such as special marketing preferences, etc.Third-party data: If you provide DataStore with personal data of third parties (e.g. subcontractors, employees, etc.) in the course of a business transaction, we also process this data.
We collect and process data from the following persons (hereinafter "Business Partners"):
Registered and non-registered visitors to our website;
Contacts and employees of manufacturers, suppliers, distributors, vendors and providers of the products and services we request;
Customers, purchasers and recipients/beneficiaries or interested parties of our products and services (including warranty, repair and service services) or their contacts and employees;
Contacts and employees of business partners and affiliates, employment agencies and staffing companies (as well as referred workers) and other trade and business partners;
Recipients of our newsletters; participants of market research and opinion surveys conducted by DataStore; participants of courses, seminars and events offered by DataStore;
Users of the WIFIs offered in our business premises and other locations;
The aforementioned personal data is generally collected directly from the data subjects in the course of using the website, when requesting or using products or services, participating in market or other surveys, at our events or in direct communication with us via e-mail, telephone or other means. However, the data may also be collected indirectly, namely when transactions are made for the benefit of or for delivery to a business partner by another business partner, on the recommendation of third parties (e.g. recommendation by acquaintances of the business partner) or by obtaining or purchasing supplementary information from third party data sources (e.g. social media, address dealers).
4. Purpose of processing and legal basis
We process the data of business partners - to the extent permitted by applicable law - in particular, but not exclusively, for the following purposes:
For the conclusion and processing of your contractual relationship as well as for the processing of your inquiries or your orders (Art. 30 and Art. 31 para. 1 and para. 2 let. a DSG / Art. 6 para. 1 let. b DSGVO): In this context, the purposes of the data processing depend on the intended transaction. We collect this data in order to provide you with our services or to be able to obtain such services from you;
For the operation of our website (Art. 30 as well as Art. 31 para. 1 and para. 2 let. b DSG / Art. 6 para. 1 let. b and f DSGVO): This includes, in particular, the administration of the users of the website and the activities carried out on it, the operation and further development of the website, ensuring a problem-free connection setup, the evaluation of system security and stability and other administrative purposes. Your data collected in this context will not be used to draw conclusions about your person. Information of this kind is only evaluated statistically by DataStore in order to optimize our website and the technology behind it, to combat abuse, for the purposes of legal investigations, proceedings and to respond to inquiries from authorities.
For process and offer optimization (Art. 30 as well as Art. 31 para. 1 and para. 2 let. e DSG / Art. 6 para. 1 let. a and f DSGVO): This includes quality control, the preparation of statistics, budgets, management information as well as their evaluation, market research, the further development of products, services as well as the company and its processes;
For marketing and advertising purposes (Art. 30 as well as Art. 31 para. 1 DSG / Art. 6 para. 1 let. a and f DSGVO): This includes customer loyalty, the implementation of customer loyalty programs, the optimization of customer offers, market or opinion research as well as the implementation of customer events. You may object to any processing or use of your data for direct marketing purposes at any time. The objection must be addressed to the person responsible;
To comply with legal and regulatory requirements (Art. 30 as well as Art. 31 para. 1 DSG / Art. 6 para. 1 let. c DSGVO): We process your data to fulfill the legal obligations to which we are subject. This includes the processing of data in the context of obligations to provide information to authorities as well as compliance with tax and / or commercial regulations (e.g. retention obligations of business and accounting records);
For the sale or purchase of business units, companies or parts of companies and other transactions under company law (Art. 30 as well as Art. 31 para. 1 DSG / Art. 6 para. 1 let. a and f DSGVO).
In the aforementioned purposes also lies our legitimate interest in the processing of personal data pursuant to Art. 31 para. 1 DSG or Art. 6 para. 1 let. f DSGVO. Processing of personal data for purposes other than those described will only take place if permitted by law or if you have consented to the changed purpose of the data processing. In the event of further processing for purposes other than those for which the data was originally collected, we will inform you about these other purposes before further processing and provide you with all relevant information.
5. Categories of recipients of data
In principle, your personal data will only be passed on to the recipients named below without your express prior consent:
DataStore uses the following processors:
Subcontractors and cooperation partners engaged by DataStore to provide the services owed to you.
Companies for the purpose of centralized order processing and financial accounting.
Logistics service provider to ship the products, marketing materials or other items you order from DataStore.
Payment service providers to process payments from you to DataStore or vice versa;
Service provider for collection services, advertising and marketing, sending newsletters or conducting customer surveys.
IT service provider for the provision of cloud services, software and hardware, and for carrying out maintenance work.
Software provider for the use of communication offers with customers, in particular also for the implementation of event offers. The transfer of data to processors takes place based on Art. 9 DSG or Art. 28 (1) DSGVO, alternatively on the basis of our legitimate interest in the economic and technical advantages associated with the use of specialized processors and the fact that your rights and interests in the protection of your personal data do not prevail, Art. 31 (1) DSG or Art. 6 (1) f DSGVO.
6. Data transmission abroad
In the course of processing your personal data, we may transfer your personal data to trusted recipients in third countries. Third countries are countries that are outside the European Union (EU) or the European Economic Area (EEA).
If we transfer personal data to third countries, this is done on the basis of a so-called adequacy decision of the Federal Council or the European Commission, or, in the absence of such a decision, on the basis of appropriate safeguards pursuant to Article 16 (2) FADP or Article 46 (2) GDPR, in particular so-called standard contractual clauses, which have also been issued by the European Commission or recognized, issued or approved by the Federal Data Protection and Information Commissioner (FDPIC). A copy of these appropriate guarantees can be inspected at our premises. In the present case, it cannot be ruled out that we may transfer personal data to recipients in the USA.
7. Duration of storage
We store your personal data until the purpose on which the processing is based (see section 4 above) no longer applies. If we are legally obligated to store personal data, the data will be stored for the duration of the legal obligation. For commercial documents, which include financial accounting and the supporting documents (including invoices), this is up to 10 years. If necessary, your data will be blocked for ongoing operations during this time, provided that there is no other purpose for the processing.
8. Automated data collection and processing on our website
Our website uses the technologies and tools described below. If you do not wish to use them, we will provide you with various options and settings for the respective tool to prevent their use. Where the processing of your data is based on your consent, you can revoke your consent at any time without affecting the lawfulness of the processing carried out based on the consent until revocation.
The legal basis for the processing of personal data using cookies is Art. 30 and Art. 31 para. 1 DSG and Art. 6 para. 1 let. f DSGVO.
Our website uses SSL/TLS encryption for security reasons and to protect the transmission of confidential content, such as requests that you send to DataStore as the site operator. You can recognize an encrypted connection by the fact that the address line of the browser changes from http:// to https:// and by the lock symbol in your browser line.
If SSL or TLS encryption is activated, the data you transmit to DataStore cannot be read by third parties.
c. Contact form
If you send DataStore inquiries via the contact form, your data from the inquiry form, including the contact data you provided there, will be stored by DataStore for the purpose of processing the inquiry and in case of follow-up questions.
By pressing the query, you consent to the corresponding processing of your data. The processing is thus carried out on the basis of Art. 31 para. 1 DSG or Art. 6 para. 1 let. a DSGVO with your consent. You can revoke your consent at any time without affecting the lawfulness of the processing carried out on the basis of the consent until revocation. We do not pass on the data from the contact form to third parties without your consent.
d. Newsletter data
For actively registered customers (resellers and managed service providers) we offer the possibility to register for the free newsletter offered on this website. For this purpose, we obtain from you an e-mail address and information that allows DataStore to verify that you are the owner of the specified e-mail address and agree to receive the newsletter. Further data will not be collected. We use this data exclusively for sending the requested information and do not pass it on to third parties.
You can revoke your consent to the storage of the data, the e-mail address and their use for sending the newsletter at any time. You will find a link to unsubscribe from the newsletter in every newsletter. Alternatively, you can also send your revocation to the following e-mail address email@example.com.
e. Google Maps
Our website uses the offer of Google Maps. This allows DataStore to display interactive maps directly on the website and enables you to comfortably use the map function. By visiting the website, Google receives the information that you have accessed the corresponding subpage of our website. This occurs regardless of whether Google provides a user account through which you are logged in or whether there is no user account. If you are logged in to Google, your data will be directly assigned to your account. If you do not want the assignment with your profile at Google, you must log out before activating the button. Google stores your data as usage profiles and uses them for the purposes of advertising, market research and/or demand-oriented design of its website. Such an evaluation is carried out in particular (even for users who are not logged in) to provide needs-based advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles, whereby you must contact Google to exercise this right. For more information on the purpose and scope of data collection and processing by Google, as well as further information on your rights in this regard and settings options for protecting your privacy, please visit: https://policies.google.com/privacy?hl=en-US
Our website uses Google conversion tracking. If you have reached our website via an ad placed by Google, Google Ads will set a "cookie" (see section 8. a. above) on your computer. The cookie for conversion tracking is set when a user clicks on an ad placed by Google. These cookies lose their validity after 30 days and are not used for personal identification. If the user visits certain pages of our website and the cookie has not yet expired, we and Google can recognize that the user clicked on the ad and was redirected to this page. Each Google Ads customer receives a different cookie. Cookies can therefore not be tracked across Ads customers' websites. The information obtained using the conversion cookie is used to create conversion statistics for ads customers who have opted in to conversion tracking. Clients learn the total number of users who clicked on their ad and were redirected to a page tagged with a conversion tracking tag. However, they do not receive any information that can be used to personally identify users.
If you do not wish to participate in the tracking, you can refuse the setting of a cookie required for this - for example, via a browser setting that generally deactivates the automatic setting of cookies or set your browser so that cookies from the domain "googleleadservices.com" are blocked.
Please note that you may not delete the opt-out cookies as long as you do not want any measurement data to be recorded. If you have deleted all your cookies in the browser, you must set the respective opt-out cookie again.
The legal basis for the processing of personal data using Google Ads is Art. 30 and Art. 31 para. 1 DSG and Art. 6 para. 1 let. f DSGVO.
f. Google Remarketing
Our website uses the remarketing function of Google Inc. The function is used to present interest-based advertisements to website visitors within the Google advertising network. A "cookie" is stored in the browser of the website visitor (see section 8. a. above), which makes it possible to recognize the visitor when they visit websites that belong to the Google advertising network. On these pages, the visitor can be presented with advertisements that relate to content that the visitor has previously accessed on websites that use Google's remarketing function.
The legal basis for the processing of personal data using Google Remarketing is Art. 30 and Art. 31 para. 1 DSG and Art. 6 para. 1 let. f DSGVO.
Our website uses the reCAPTCHA service of Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland "Google"). The query serves the purpose of distinguishing whether the input is made by a human or by automated, machine processing. The query includes the sending of the IP address and possibly other data required by Google for the reCAPTCHA service to Google. For this purpose, your input is transmitted to Google and further used there. However, your IP address will be shortened beforehand by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. In the event of a corresponding order from our side, Google will use this information to evaluate your use of this service. The IP address transmitted by your browser as part of reCAPTCHA will not be merged with other data from Google. Your data may also be transmitted to the USA in the process. An adequacy decision of the European Commission, the "Privacy Shield", is in place for data transfers to the USA. Google participates in the "Privacy Shield" and has submitted to the requirements.
By pressing the query, you consent to the corresponding processing of your data. The processing is thus based on Art. 31 (1) DSG or Art. 6 (1) a DSGVO with your consent.
g. Google Analytics
Our website uses Google Analytics, a web analytics service provided by Google Ireland Limited. If the data controller on our website is located outside the European Economic Area or Switzerland, then the Google Analytics data processing is carried out by Google LLC. Google LLC and Google Ireland Limited are hereinafter referred to as "Google".
The statistics obtained enable us to improve our offer and make it more interesting for you as a user. Our website also uses Google Analytics for a cross-device analysis of visitor flows, which is carried out via a user ID. If you have a Google user account, you can deactivate the cross-device analysis of your usage in the settings there under "My data", "Personal data".
The legal basis for the use of Google Analytics is Art. 30 and Art. 31 (1) DSG and Art. 6 (1) f DSGVO. The IP address transmitted by your browser as part of Google Analytics will not be merged with other data from Google. We would like to point out that on our website Google Analytics has been extended by the code "_anonymizeIp();" to ensure anonymized collection of IP addresses. This means that IP addresses are processed in abbreviated form, which means that they cannot be linked to a specific person. If the data collected about you is related to a person, this is immediately excluded and the personal data is deleted immediately.
Only in exceptional cases will the full IP address be transferred to a Google server in the USA and shortened there. If we commission Google to do so, Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide the website operator with other services related to website and Internet use. For the exceptional cases in which personal data is transferred to the USA, Google has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.
Furthermore, you can prevent the use of Google Analytics by clicking on this link: https://tools.google.com/dlpage/gaoptout?hl=en. This will save a so-called opt-out cookie on your data carrier, which prevents the processing of personal data by Google Analytics. Please note that if you delete all cookies on your terminal device, these opt-out cookies will also be deleted, i.e. you will have to set the opt-out cookies again if you wish to continue to prevent this form of data collection. The opt-out cookies are set per browser and computer/end device and must therefore be activated separately for each browser, computer or other device.
h. LinkedIn und XING
We use the marketing services of the social networks LinkedIn of LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland ("LinkedIn") and XING, Grosse Bleichen 27, Kaisergalerie, 20354 Hamburg, Germany ("XING") within our online offer.
The information generated by the cookie about your use of this website is transmitted pseudonymously to a server of LinkedIn and XING also in the European Union and the USA and stored there. LinkedIn and XING therefore do not store the name or email address of the respective user. Rather, the above-mentioned data is only assigned to the person for whom the cookie was generated. This does not apply if the user has allowed LinkedIn or XING to process without pseudonymization or has a LinkedIn and/or XING account.
We use LinkedIn Analytics to analyze and regularly improve the use of our website. The statistics obtained enable DataStore to improve our offer and make it more interesting for you as a user. All LinkedIn companies have adopted the standard contractual clauses to ensure that the data traffic to the USA and Singapore necessary for the development, implementation and maintenance of the services takes place in a lawful manner.
If we ask for consent for the use of "Linkedin" and "XING", the legal basis for the processing of the corresponding data is Art. 31 para. 1 DSG and Art. 6 para. 1 let. a DSGVO, otherwise Art. 30 and Art. 31 para. 1 DSG and Art. 6 para. 1 let. f DSGVO. Third-party provider information: LinkedIn Ireland Unlimited Company Wilton Place, Dublin 2 Ireland; https://www.linkedin.com/help/linkedin/answer/3537/aktualisierte-nutzervereinbarung-und-datenschutzrichtlinie?lang=en
i. Newsletter - Mailchimp
The newsletter is sent using the dispatch service provider 'MailChimp', a newsletter dispatch platform of the US provider Rocket Science Group, LLC, 675 Ponce De Leon Ave NE #5000, Atlanta, GA 30308, USA. The Rocket Science Group LLC d/b/a MailChimp is certified under the Privacy Shield agreement and thereby offers a guarantee of compliance with the European level of data protection (PrivacyShield). The shipping service provider is used based on our legitimate interests pursuant to Art. 31 para. 1 DSG or Art. 6 para. 1 let. f DSGVO and an order processing agreement pursuant to Art. 9DSG or Art. 28 para. 3 DSGVO.
The dispatch service provider may use the data of the recipients in pseudonymous form, i.e. without assignment to a user, to optimize or improve its own services, e.g. to technically optimize the dispatch and presentation of the newsletters or for statistical purposes. However, the dispatch service provider does not use the data of our newsletter recipients to write to them itself or to pass the data on to third parties.
The copyright and all other rights to content, images, photos or other data on our website, belong exclusively to the operator of this website or the specifically named rights holders. For the reproduction of any files, the written consent of the copyright holder must be obtained in advance. Anyone who commits a copyright infringement without the consent of the respective copyright holder may be liable to prosecution and possibly to damages.
10. General disclaimer for our internet offer
All information on our website has been carefully checked. We make every effort to ensure that the information we provide is up-to-date, correct and complete. Nevertheless, the occurrence of errors cannot be completely excluded, so we cannot guarantee the completeness, accuracy and timeliness of information, including journalistic-editorial nature. Liability claims regarding damage caused by the use of any information provided, including any kind of information which is incomplete or incorrect, will therefore be rejected.
We may modify or delete text at our own discretion and without notice and are not obliged to update the contents of this website. The use of or access to our website is at the visitor's own risk. We, our clients or partners are not responsible for any damages, such as direct, indirect, incidental, consequential or punitive damages, alleged to have been caused by the use of our website and consequently assume no liability for such damages.
We also assume no responsibility or liability for the content and availability of third-party websites that can be accessed via external links from our website. The operators of the linked sites are solely responsible for their content. We thus expressly distance ourselves from all third-party content that may be relevant under criminal or liability law or that may offend common decency.
11. Your rights
Right to information (Art. 25 DSG or Art. 15 DSGVO): You have the right to request information from DataStore at reasonable intervals about your personal data processed by DataStore. Upon request, we will provide you with a copy of the data that is the subject of processing.
Right to rectification (Art. 32 DSG or Art. 16 DSGVO): You have the right to demand that we correct incorrectly processed data.
Right to restrict processing (Art. 30 para. 2 let. b DSG or Art. 18 DSGVO): Under certain circumstances, you have the right to restrict the processing of your personal data (e.g. with regard to the duration of use, the subject matter or the purpose of the processing, etc.). In such a case, we may only continue to process the data in the previous manner if there is a legally provided justification.
Right to erasure (Art. 30 para. 3 DSG or Art. 17 DSGVO): You also have the right to demand that we erase your personal data. We are obliged to delete, among other things, if you expressly prohibit DataStore from processing and there is no justifiable reason for further processing, if your personal data is no longer required for the purposes for which it was collected or otherwise processed, if you have revoked consent once given, or if the data was processed unlawfully.
Right to data surrender and transfer (Art. 28 DSG or Art. 20 DSGVO): Where we process your data automatically for the conclusion or execution of a contract or with your consent, we must surrender this data to you in a machine-readable format or - at your choice - transfer it to a third party at your request.
Right to object (Art. 21 DSGVO): If the processing of your data by DataStore is based on the performance of a task carried out in the public interest or is carried out in the exercise of official authority (Art. 6 (1) sentence 1 (e) DSGVO) or if the data processing is based on our legitimate interests, you have the right, on the basis of the DSGVO, to object to the processing of your personal data at any time for reasons arising from your particular situation. We will then terminate the processing unless we can demonstrate compelling legitimate grounds for the processing that override your interests in terminating the processing.
The objection to the processing of your personal data for direct marketing purposes is possible at any time without restrictions.
If the data processing by DataStore is based on your consent, you have the right to revoke any consent given to DataStore at any time. The lawfulness of the processing carried out on the basis of the consent until the revocation remains unaffected by the revocation.Right of notification or complaint (Art. 49 DSG or Art. 77 DSGVO): To the extent applicable to you, there is a right of notification or complaint to a competent data protection authority. The competent supervisory authority for Switzerland can be reached at the following address: Federal Data Protection and Information Commissioner, Feldeggweg 1, CH 3003 Bern.
13. Questions about data protection
If you have any questions about data protection, please write to DataStore by e-mail or directly contact the data protection officer in our organization listed at the beginning of this privacy statement.