The controller responsible within the meaning of data protection laws, in particular the EU General Data Protection Regulation (GDPR), is:

Billing address
Centura AG
Meienbergstrasse 5
8645 Jona

Office
Centura AG
Herrenberg 35
8640 Rapperswil

Phone: +41 55 511 24 05
Email: marc.ramser@centura.ch
Website: https://centura.ch/

General notice

Based on Article 13 of the Swiss Federal Constitution and the data protection provisions of the Swiss Confederation, every person has the right to protection of their privacy and protection against misuse of their personal data. The operators of these pages take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this privacy policy.

In cooperation with our hosting providers, we make every effort to protect the databases as well as possible against unauthorized access, loss, misuse or falsification.

Please note that data transmission on the internet, for example communication by email, may have security gaps. Complete protection of data against access by third parties is not possible.

By using this website, you agree to the collection, processing and use of data in accordance with the following description. This website can generally be visited without registration. Data such as accessed pages or names of retrieved files, date and time are stored on the server for statistical purposes without being directly related to your person. Personal data, in particular name, address or email address, is collected on a voluntary basis whenever possible. Data will not be passed on to third parties without your consent.

Processing of personal data

Personal data is all information relating to an identified or identifiable person. A data subject is a person whose personal data is processed. Processing includes any handling of personal data, regardless of the means and procedures used, in particular storing, disclosing, obtaining, deleting, saving, modifying, destroying and using personal data.

We process personal data in accordance with Swiss data protection law. In addition, where and insofar as the GDPR is applicable, we process personal data on the following legal bases in connection with Art. 6 para. 1 GDPR:

• Consent (Art. 6 para. 1 sentence 1 lit. a GDPR) – The data subject has given consent to the processing of personal data concerning them for one or more specific purposes.
• Performance of a contract and pre-contractual inquiries (Art. 6 para. 1 sentence 1 lit. b GDPR) – Processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract.
• Legal obligation (Art. 6 para. 1 sentence 1 lit. c GDPR) – Processing is necessary for compliance with a legal obligation to which the controller is subject.
• Protection of vital interests (Art. 6 para. 1 sentence 1 lit. d GDPR) – Processing is necessary in order to protect the vital interests of the data subject or of another natural person.
• Legitimate interests (Art. 6 para. 1 sentence 1 lit. f GDPR) – Processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, unless such interests are overridden by the interests or fundamental rights and freedoms of the data subject.
• Application procedures as a pre-contractual or contractual relationship (Art. 9 para. 2 lit. b GDPR) – Insofar as special categories of personal data within the meaning of Art. 9 para. 1 GDPR are requested from applicants during the application process, processing takes place on the basis of Art. 9 para. 2 lit. b GDPR, in the case of protecting vital interests on the basis of Art. 9 para. 2 lit. c GDPR, or for preventive healthcare, occupational medicine and medical diagnostics on the basis of Art. 9 para. 2 lit. h GDPR. Where special categories of data are communicated on the basis of voluntary consent, processing takes place on the basis of Art. 9 para. 2 lit. a GDPR.

We process personal data for the period of time required for the respective purpose or purposes. Where longer retention obligations apply due to legal or other obligations to which we are subject, we restrict the processing accordingly.

Relevant legal bases

In accordance with Art. 13 GDPR, we inform you of the legal bases of our data processing. If the legal basis is not specified in this privacy policy, the following applies: the legal basis for obtaining consent is Art. 6 para. 1 lit. a and Art. 7 GDPR, the legal basis for processing for the performance of our services, implementation of contractual measures and responding to inquiries is Art. 6 para. 1 lit. b GDPR, the legal basis for processing to comply with our legal obligations is Art. 6 para. 1 lit. c GDPR, and the legal basis for processing to safeguard our legitimate interests is Art. 6 para. 1 lit. f GDPR. If vital interests of the data subject or another natural person make the processing of personal data necessary, Art. 6 para. 1 lit. d GDPR serves as the legal basis.

Security measures

In accordance with the legal requirements, and taking into account the state of the art, implementation costs, and the nature, scope, circumstances and purposes of the processing, as well as the varying likelihood and severity of the risk to the rights and freedoms of natural persons, we implement appropriate technical and organizational measures to ensure a level of protection appropriate to the risk.

These measures include, in particular, safeguarding the confidentiality, integrity and availability of data by controlling physical and electronic access to the data as well as access concerning the data, input, transfer, securing availability and separation. We have also established procedures to ensure the exercise of data subject rights, deletion of data and responses to risks to the data. Furthermore, we take the protection of personal data into account already during the development or selection of hardware, software and procedures in accordance with the principle of privacy by design and privacy-friendly default settings.

Transfer of personal data

As part of our processing of personal data, it may happen that the data is transferred to other bodies, companies, legally independent organizational units or persons, or disclosed to them. Recipients of this data may include, for example, service providers commissioned with IT tasks or providers of services and content integrated into a website. In such cases, we comply with the legal requirements and in particular conclude appropriate contracts or agreements with the recipients of your data that serve to protect your data.

Data processing in third countries

If we process data in a third country, meaning outside the European Union (EU) or the European Economic Area (EEA), or if processing takes place in the context of using third-party services or disclosing or transferring data to other persons, bodies or companies, this is done only in accordance with the legal requirements.

Subject to express consent or contractually or legally required transfer, we process the data only in third countries with a recognized level of data protection, on the basis of contractual obligations through so-called standard contractual clauses of the EU Commission, or where certifications or binding internal data protection rules exist in accordance with Art. 44 to 49 GDPR.

Privacy policy for cookies

This website uses cookies. Cookies are text files that contain data from visited websites or domains and are stored by a browser on the user's computer. A cookie primarily serves to store information about a user during or after their visit within an online offering. Stored information can include, for example, language settings on a website, login status, a shopping cart or the point at which a video was watched. The term cookies also includes other technologies that perform the same functions as cookies.

The following cookie types and functions are distinguished:

• Temporary cookies: They are deleted at the latest after a user leaves an online offering and closes their browser.
• Permanent cookies: They remain stored even after the browser is closed. For example, login status or preferred content can be saved when the user visits a website again.
• First-party cookies: These are set by us ourselves.
• Necessary cookies: These may be absolutely necessary for the operation of a website.

Information on legal bases: The legal basis on which we process your personal data using cookies depends on whether we request your consent. If this is the case and you consent to the use of cookies, the legal basis for processing your data is your declared consent. Otherwise, the data processed with the help of cookies is processed on the basis of our legitimate interests or in order to fulfill our contractual obligations.

Storage period: Unless we provide you with explicit information on the storage period of permanent cookies, please assume that the storage period can be up to two years.

General information on withdrawal and objection: Depending on whether the processing is based on consent or legal permission, you have the option at any time to withdraw consent that has been given or to object to the processing of your data by cookie technologies. You can initially declare your objection by means of your browser settings. An objection to the use of cookies for online marketing purposes can also be declared via https://optout.aboutads.info and https://www.youronlinechoices.com/.

Processing of cookie data on the basis of consent: We use a cookie consent management procedure in which user consent to the use of cookies and the processing operations mentioned can be obtained, managed and revoked. The declaration of consent is stored so that the query does not have to be repeated and so that consent can be demonstrated in accordance with legal obligations.

• Processed data types: usage data as well as meta and communication data.
• Data subjects: users, for example website visitors and users of online services.
• Legal bases: consent and legitimate interests.

Privacy policy for SSL/TLS encryption

For security reasons and to protect the transmission of confidential content, such as inquiries that you send to us as the site operator, this website uses SSL/TLS encryption. You can recognize an encrypted connection by the browser address line changing from http:// to https:// and by the lock symbol in your browser line.

If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.

Privacy policy for server log files

The provider of this website automatically collects and stores information in so-called server log files that your browser automatically transmits to us. These are:

• browser type and browser version
• operating system used
• referrer URL
• host name of the accessing computer
• time of the server request

This data cannot be assigned to specific persons. This data is not merged with other data sources. We reserve the right to subsequently check this data if concrete indications of unlawful use become known.

Privacy policy for contact form

If you send us inquiries via the contact form, your details from the inquiry form, including the contact data you provide there, will be stored by us for the purpose of processing the inquiry and in the event of follow-up questions. We do not pass on this data without your consent.

Privacy policy for newsletter data

If you would like to receive the newsletter offered on this website, we require an email address from you as well as information that allows us to verify that you are the owner of the email address provided and that you agree to receive the newsletter. No further data is collected. We use this data exclusively to send the requested information and do not pass it on to third parties.

You can revoke your consent to the storage of the data, the email address and its use for sending the newsletter at any time, for example via the unsubscribe link in the newsletter.

Rights of data subjects

Right to confirmation

Every data subject has the right to request confirmation from the operator of the website as to whether personal data concerning them is being processed. If you wish to exercise this right of confirmation, you may contact the data protection officer at any time.

Right of access

Every person affected by the processing of personal data has the right to receive free information at any time from the operator of this website about the personal data stored about them and a copy of that information. Furthermore, information may be provided about the following:

• the processing purposes
• the categories of personal data being processed
• the recipients or categories of recipients to whom the personal data has been or will be disclosed
• where possible, the planned storage period for the personal data or the criteria used to determine that period
• the existence of a right to rectification or erasure, restriction of processing, or objection to processing
• the existence of a right to lodge a complaint with a supervisory authority
• where the personal data was not collected from the data subject: all available information about the source of the data

The data subject also has the right to be informed whether personal data has been transferred to a third country or to an international organization. If this is the case, the data subject also has the right to be informed of the appropriate safeguards relating to the transfer. If you wish to exercise this right of access, you may contact our data protection officer at any time.

Right to rectification

Every person affected by the processing of personal data has the right to request the immediate rectification of inaccurate personal data concerning them. Furthermore, the data subject has the right, taking into account the purposes of the processing, to request completion of incomplete personal data.

Right to erasure (right to be forgotten)

Every person affected by the processing of personal data has the right to demand from the controller of this website that personal data concerning them be erased without undue delay, provided that one of the following reasons applies and insofar as processing is not required:

• The personal data has been collected or otherwise processed for purposes for which it is no longer necessary.
• The data subject withdraws consent on which the processing was based and there is no other legal basis for the processing.
• The data subject objects to the processing for reasons arising from their particular situation and there are no overriding legitimate grounds for the processing, or they object to processing for direct marketing purposes.
• The personal data has been processed unlawfully.
• The erasure of personal data is necessary to comply with a legal obligation.
• The personal data was collected in relation to information society services offered directly to a child.

If one of the above reasons applies and you wish to arrange for the erasure of personal data, you may contact our data protection officer at any time. The data protection officer of this website will ensure that the erasure request is complied with without delay.

Right to restriction of processing

Every person affected by the processing of personal data has the right to demand from the controller of this website restriction of processing where one of the following conditions applies:

• The accuracy of the personal data is contested by the data subject.
• The processing is unlawful, the data subject opposes the erasure of the personal data and requests restriction of its use instead.
• The controller no longer needs the personal data for the purposes of the processing, but the data subject requires it for the establishment, exercise or defense of legal claims.
• The data subject has objected to processing and it has not yet been determined whether the legitimate grounds of the controller override those of the data subject.

If one of the above conditions applies and you wish to request the restriction of personal data, you may contact our data protection officer at any time.

Right to data portability

Every person affected by the processing of personal data has the right to receive the personal data concerning them in a structured, commonly used and machine-readable format. They also have the right to have that data transmitted to another controller where the legal requirements are met.

Furthermore, the data subject has the right to have the personal data transmitted directly from one controller to another, where technically feasible and insofar as this does not adversely affect the rights and freedoms of other persons.

Right to object

Every person affected by the processing of personal data has the right to object, on grounds relating to their particular situation, at any time to the processing of personal data concerning them.

In the event of an objection, the operator of this website will no longer process the personal data unless we can demonstrate compelling legitimate grounds for the processing or the processing serves the establishment, exercise or defense of legal claims.

Right to withdraw consent under data protection law

Every person affected by the processing of personal data has the right to withdraw consent given for the processing of personal data at any time.

If you wish to exercise your right to withdraw consent, you may contact our data protection officer at any time.

Privacy policy for objection to advertising emails

The use of contact data published as part of the legal notice obligation for sending unsolicited advertising and information materials is hereby objected to. The operators of the pages expressly reserve the right to take legal action in the event of the unsolicited sending of advertising information, such as spam emails.

Web fonts

This website uses so-called web fonts hosted locally on our own server for the uniform display of typefaces. When you access a page, your browser loads the required web fonts from our server into your browser cache in order to display texts and typefaces correctly. No connection to third-party servers takes place. If your browser does not support web fonts, a standard font from your computer will be used.

Copyright

The copyright and all other rights to content, images, photos or other files on the website belong exclusively to the operator of this website or the specifically named rights holders. Written consent of the copyright holder must be obtained in advance for the reproduction of all files.

Anyone who commits a copyright infringement without the consent of the respective rights holder may be liable to prosecution and possibly damages.

General disclaimer

All information on our website has been carefully checked. We endeavor to provide our information offering in an up-to-date, correct and complete manner. Nevertheless, the occurrence of errors cannot be completely ruled out, so we cannot assume any guarantee for completeness, correctness and timeliness of information. Liability claims arising from material or immaterial damage caused by the use of the information provided are excluded unless there is evidence of intentional or grossly negligent fault.

The publisher may change or delete texts at its own discretion and without prior notice and is not obliged to update the content of this website. Use of or access to this website is at the visitor's own risk. The publisher, its clients or partners are not responsible for damages such as direct, indirect, incidental or consequential damages allegedly caused by visiting this website.

The publisher also accepts no responsibility or liability for the content and availability of third-party websites accessible via external links on this website. The operators of the linked pages are solely responsible for their content. The publisher therefore expressly distances itself from all third-party content that may be relevant under criminal or liability law or offend common decency.

Changes

We may amend this privacy policy at any time without prior notice. The version currently published on our website applies. If the privacy policy is part of an agreement with you, we will inform you of the change by email or by other suitable means in the event of an update.

Questions for the data protection officer

If you have any questions about data protection, please send us an email or contact the person responsible for data protection named at the beginning of this privacy policy in our organization directly.
Source: SwissAnwalt