We recognize the importance of your privacy and of transparency in our processing of your personal data.
At IC Hotz GmbH, we recognize the importance of your privacy and of transparency in our processing of your personal data. This general privacy notice (General Privacy Notice) informs you about the personal data we collect and process in connection with the provision of our solutions and our services provided in this context, which are listed in Section 15 of this General Privacy Notice (Service-Specific Information), as well as our general business activities. We may have additional privacy notices (the Additional Privacy Notices) which apply in addition or instead of this General Privacy Notice in specific situations or for specific Services, in which case the terms of such Additional Privacy Notices will prevail over those of this General Privacy Notice. By accessing and using our Services, or otherwise providing us your information, you expressly acknowledge that we may collect and process your personal data in accordance with this General Privacy Notice.
2. Key points
We do not store your personal data for longer than necessary to fulfill the purposes set out in this Privacy Notice (see Section 11). We apply commercially accepted security measures and take commercially reasonable efforts to protect your personal data. However, no IT infrastructure is completely secure and we cannot provide a full guarantee that our environment will never be compromised (see Section 12). You may contact us (email@example.com) to exercise your rights pertaining to your personal data (see Sections 14 and 15). However, you must contact your organization directly if your query regards our processing of your personal data on behalf of your organization (see Section 8).
3. Responsible for processing of your personal data
IC Hotz GmbH, Obermühle 5, 6340 Baar, Switzerland, is responsible for the processing, as controller, of your personal data. You will find our contact details below in Section 13.
4. Collecting your personal data
We collect the personal data that you or your organization provide to us. We collect the personal data that you or your Organization provide to us when interacting with us and/or using our Services, for example when you use our Digital Solutions, communicate with us, create and/or manage your account, fill out website forms, subscribe to our newsletter, participate in a contest, promotion, survey or other promotion, participate in a blog or forum, contribute to market research we conduct, share information at a trade show or other event. In particular, we may collect and process personal data about individuals with whom we interact, such as the name, title, position, company name, email and/or postal address and the professional fixed and/or mobile phone number. This information may either be directly provided by you or provided by your organization (e.g. if you are the contact person designated by your employer to manage the relationship with us). We may also ask our third party partners to collect this information for us.
Some information is mandatory, and some is optional. It is mandatory that you complete the data fields identified by an asterisk. If one or more mandatory data fields are not completed, we will not be able to provide access to our Services. You are not required to complete the optional data fields in order to access our Services.
Certain personal data are also collected in an automated manner. We also automatically collect personal data, including by means of tools, web forms, cookies, and other active elements, as further described in this General Privacy Notice. You may define certain authorizations relating to the automatic collection of your personal data when you configure your device or your internet browser according to available functionalities. You may also define certain settings for the automated collection of your personal data through the cookies setting plug-in available on the Digital Solutions. For more detailed information, please see the cookie section below (Section 13).
5. Processing your personal data
We process your personal data by automated means for the purposes indicated in this General Privacy Notice and in accordance with applicable law.
We process your personal data in compliance with applicable law, in particular Swiss data protection law and, to the extent they apply to us, other data protection legislations, such as the EU General Data Protection Regulation (GDPR) or its equivalent in the United Kingdom, using computers or computer tools, in line with the purposes set out in this General Privacy Notice and any Additional Privacy Notice. We may process your personal data to create a profile about you and provide you with more relevant information and services (profiling), for instance to show you more relevant information based on prior interactions with our Services. You may have the right to object to such activities, in accordance with applicable data protection laws (see Section 14 below for additional information on your rights). We, however, do not make decisions exclusively on the basis of automated processing which has legal effects on the data subjects or affect them significantly (automated individual decision). We may combine your personal data with other information (aggregate) or erase any information that allows us to identify you (anonymize), so that it is no longer considered personal data under applicable data protection law, in which case this General Privacy Notice will no longer apply and we may use such data for purposes not contemplated by this General Privacy Notice (e.g. for benchmarking or analytics purposes, or to develop and market new services). You may object to the anonymization or aggregation of your personal data for this purpose at any time (see Section 14 below for additional information on your rights). We take the technical and organizational appropriate security measures to prevent unauthorized access, disclosure, modification, alteration, or destruction of your personal data, as specified in Section 12 below.
6. Legal ground on which we process your personal data
We process your personal data only if we have a valid legal ground to do so. We will only process your personal data if we have a valid legal ground for doing so. Unless we must process your personal data for one of the reasons listed below, we will process your personal data as data processor for the providing of our Services to our customers (see Section 8). Depending on the processing activity carried out, we may also process your personal data if: The processing is necessary to fulfil our contractual obligations to you or to take pre-contractual steps at your request (Contractual Necessity), in particular in case processing your personal data is strictly required to provide you with the Services where your activities are not conducted on behalf of an organization. When the GDPR applies, Contractual Necessity is based on Article 6(1)(b) GDPR. The processing is necessary for the fulfilment of our legitimate business interests, and only to the extent that your interests or fundamental rights and freedoms do not require us to refrain from processing (Legitimate Interests). When the GDPR applies, Legitimate Interest is based on Article 6(1)(f) GDPR. We have obtained your prior consent in a clear and unambiguous manner (Consent). When the GDPR applies, Consent is based on Article 6(1)(a) GDPR. The processing is necessary to comply with our legal or regulatory obligations (Legal Obligation). When the GDPR applies, Legal Obligation is based on Article 6(1)(c) GDPR.
7. Purposes for which we process your personal data
We process your personal data for legitimate and clearly identified purposes. Your personal data is collected and processed for the purpose of operating the Services and for the other legitimate purposes explicitly specified below or in the relevant Additional Privacy Notice, only to the extent relevant to achieve these purposes, and is not further processed in a manner that is incompatible with them. We process your personal data for the following purposes: To provide our Services to you or your Organization.
We mainly process your personal data to provide the requested Services to your Organization and you, including operating the Digital Solutions and providing the requested functionalities, in accordance with your Organization's instructions. In this case, our processing of your personal data in connection with the Services is governed by a contract between us and your Organization, and your use of the Services is subject to your Organization's policies. If your use of our Services is not related to an Organization, our basis for processing the data is our Contractual Necessity. You will find additional information about our activities in connection with the specific Services we provide in Section 15.
For our legitimate business operations related to the provision of the Services. Furthermore, we may also process your personal data for our legitimate business operations related to the provision of the Services, which include (i) ensuring that our Services are provided in an efficient and secure way (e.g. through internal analysis of the Services’ stability and security, updates and troubleshooting, as well as support services); (ii) protecting the security of our IT systems, architecture and networks; (iii) managing our customers and suppliers; (iv) improving and developing the Services (including monitoring the use of our Services, and for statistical purposes); (iv) benefiting from cost-effective services (e.g. we may opt to use certain services offered by suppliers rather than undertaking the activity ourselves); and (v) achieving our corporate goals. When doing so, we generally rely on our Legitimate Interests. We may also process your data we have obtained your prior unambiguous Consent. You may withdraw your consent, respectively object to such processing activities, at any time. Additional Information. Additional information on the processing of your personal data for our legitimate business operations:
For ensuring that our Digital Solutions are provided in an efficient and secure way. In addition to the personal data which you or your Organization provide when logging-in to your account or interacting with the Digital Solutions (e.g. when you fill in forms or upload content to the Digital Solutions), we automatically collect technical information about your interactions with the Digital Solutions, such as IP address, the content that was accessed, date and time of access, information about your web browser, your preferences, or other information related to your interaction with the Digital Solutions, including your navigation details on the Digital Solutions. We process this data to establish a connection with your device over the internet, to identify you when you use the Digital Solutions, control the use of the Digital Solutions and for security purposes
If you subscribe to one of our newsletters, we will collect your contact details (name and email address) and use it to provide you with the requested newsletter, based on your Consent. You may unsubscribe from the newsletter service at any time, in which case your contact details will be deleted.
We also process the time of registration and your opt-in confirmation based on our Legal Obligation to demonstrate compliance. We also analyze your use of our newsletter, e.g. whether you have opened it or clicked on certain links, and process this data to optimize and improve our newsletter, based on our Legitimate Interest.
We use the services of third parties to send our newsletters, which will have access to the information strictly required to them in order to provide you with the service. Their privacy statements are applicable in connection with this. Independently from your subscription to our newsletter, we may also contact you by email to inform you about our activities if you or your Organization have previously subscribed or purchased a similar Service from us, if you have not objected to the corresponding use of your email address. You can object to the use of your email address for this purpose at any time by contacting us (see contact detail in section 15). The legal basis for the corresponding processing of your data is our Legitimate Interest to advertise certain sales offers and activities relating to our previous interactions with you.
If we have obtained your consent. In addition to the above, we may process your personal data if we have obtained your prior unambiguous consent for specific purposes. Consent given can be withdrawn at any time, but this does not affect data processed prior to withdrawal.
8. Operations with your organization
9. Circumstances in which we share your personal data with third parties
We may share your personal data with our affiliates or with third parties if this is necessary for the operation of our Services, if there is a legal obligation or permission to do so, or if there is another valid reason to do so. We may share your personal data with our affiliate, with third parties in connection with the operation of the Services or business operations and with subcontractors such as IT service providers, cloud service providers, database providers, automated marketing solutions providers and consultants. You will find additional information on our use of subcontractors for specific Services in Section 15 below. We may also enable you to use third-party services directly from the Digital Solutions, in particular through the social plug-ins and may enable you to use third-party services to log in to the Digital Solutions. In such cases, you acknowledge that the third-party operators of such services may access some of your personal data related to the Digital Solutions, in accordance with their own privacy practices.
We may share your personal data with your Organization to enable it to manage the Services. If you use a Service provided by an Organization you are affiliated with, we share certain data, such as interaction data and diagnostic data to enable your Organization to manage the Services. We may also disclose your personal data to third parties where we have a legal obligation to do so or a legitimate interest in doing so. We may also disclose your personal data where we have a legitimate interest in doing so, for example (i) to respond to a request from a judicial authority or in accordance with a legal obligation; (ii) to bring or defend against a claim or lawsuit; or (iii) in the context of restructuring, in particular if we transfer our assets to another company.
10. International transfers
Your personal data is in general stored near to the geographic location where you reside but may in certain circumstances be disclosed in other countries. We generally store your personal data near to the geographic location where you reside (e.g. in the EU for EEA, UK and Swiss residents, and in the U.S. for U.S. residents). In certain circumstances, in particular in connection with the operations of our subcontractors, your personal data may, however, be made available to recipients located abroad. Please consult section 15 (Service-Specific Information) for additional information about international transfers. In such cases, we will ensure that suitable safeguards are in place, in accordance with applicable data protection laws, for instance by relying on standard contractual clauses adopted by the European Commission. If you transmit information and data to us, you are expressly deemed to acknowledge to such data transfers. You may request additional information in this regard and obtain a copy of the relevant safeguards upon request by sending a request to the contact address indicated in Section 15 below.
11. Storing personal data
Your personal data will not be stored longer than necessary. We will erase or anonymize personal data as soon as it is no longer necessary for us to fulfil the purposes set out in this General Privacy Notice. This period varies, depending on the type of data concerned and the applicable legal requirements. In view of the legal obligations incumbent upon us, certain information relating in particular to the contractual relationship must be retained for at least 10 years.
When we process your personal data as Processor for your Organization, we will retain your data for the duration of our contract with your Organization, plus any period thereafter during which we must retain it for a legal or technical reason (such as evidentiary or tax purposes). If you leave your Organization (e.g. in the event of change of employment), or if your Organization requests us to do so, your account and access to the Services will be removed. In this case, we will delete from our servers or anonymized any personal data associated with your account. More information on each type of processing can be found in Section 15.
We maintain physical, technical and procedural safeguards to keep secure your personal data. We are committed to the security of your personal data, and have in place physical, administrative and technical measures designed to keep secure your personal data and to prevent unauthorized access to it. We restrict access to your personal data to those persons who need to know it for the purpose described in this General Privacy Notice. In addition, we use standard security protocols and mechanisms to exchange the transmission of sensitive data. Although we take appropriate steps to protect your personal data, no IT infrastructure is completely secure. Therefore, we cannot guarantee that data you provide to us is safe and protected from all unauthorized third-party access and theft. We waive any liability in this respect. The internet is a global environment. As a result, by sending information to us electronically, such data may be transferred internationally over the internet depending upon your location. Internet is not a secure environment, and this General Privacy Notice applies to our use of your personal data once it is under our control only. Given the inherent nature of the internet, all internet transmissions are done at your own risk. If we have reasonable reasons to believe that your personal data have been acquired by an unauthorized person, and applicable law requires notification, we will promptly notify your Organization or you directly (depending on our contractual obligation toward your Organization, if any), of the breach by email (if we have it) and/or by any other channel of communication (including by posting a notice on the Digital Solutions).
14. Rights with regard to the processing of your personal
You have the right to access your personal data we process and may request without limitation that they be removed, updated, or rectified. If you are using a Service provided by your Organization, you should direct your privacy inquiries relating to our use of your personal data on behalf of your Organization, including any requests to exercise your data protection rights, directly to your Organization’s contact person. In other cases, you may contact us directly to exercise your rights. Unless otherwise provided by law, you have the right to know whether we are processing your personal data, to know the content of such personal data, to verify its accuracy, and to the extent permitted by law, to request that it be supplemented, updated, rectified or erased. You also have the right to ask us to cease any specific processing of personal data that may have been obtained or processed in breach of applicable law, and you have the right to object to any processing of personal data for legitimate reasons. Where we rely on your consent to process your personal data, we will seek your freely given and specific consent by providing you with informed and unambiguous indications relating to your personal data. You may revoke at any time such consent (without such withdrawal affecting the lawfulness of processing made prior to). The above does not restrict any other rights you might have pursuant to applicable data protection legislation under certain circumstances. In particular, if the GDPR applies to the processing of your personal data the GDPR grants you certain rights as a data subject if the respective requirements are met. If you want to exercise any of your rights, or want additional information about them, please contact us using the contact detailed listed below (see Section 15). You have the right to lodge a complaint with the competent authority. If you are not satisfied with the way in which we process your personal data, you may lodge a complaint with the competent data protection supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement, in addition to the rights described above. Although this is not required, we recommend that you contact us first, as we might be able to respond to your request directly.
15. Service-specific information
This section of the General Privacy Notice contains the information which is specific to certain Digital Solutions and other Services. It applies in addition to the other sections of this General Privacy Notice. Wix Poll
16. Contact us
If you believe your personal data has been used in a way that is not consistent with this General Privacy Notice, or if you have any questions or queries regarding the collection or processing of your personal data, please contact us at firstname.lastname@example.org.
17. Updates to this General Privacy Notice
This General Privacy Notice may be subject to amendments. Any changes or additions to the processing of personal data as described in this General Privacy Notice affecting you will be communicated to you through an appropriate channel, depending on how we normally communicate with you (including by email and/or via the Digital Solutions, e.g. banners, pop-ups or other notification mechanisms). If you do not agree to the changes made, you must stop accessing and/or using the impacted Services.
Last update: 2022/09/22