Data Protection Policy
Pontacol, Industriestrasse 18, 3185 Schmitten, Switzerland and its subsidiaries (“Pontacol”) attach great importance to the protection of your data and collect, process and use your personal data exclusively in compliance with the principles of the Swiss Federal Law on Data Protection («DSG») and the European General Data Protection Regulation («EU-GDPR») and in accordance with the principles described below.
The responsible body for the operation of this website (“website”) is Pontacol AG, based at Industriestrasse 18, 3185 Schmitten, Switzerland. Current information about Pontacol and the products and services offered by Pontacol are presented on these purely informative websites. When you visit this website, certain data about you may be stored by us. We will explain this to you in detail below:
1. General
1.1 Personal data is all information that relates to a specific or identifiable natural or legal person. This includes, for example, your name, your telephone number as well as your postal and e-mail address.
1.2 If you only use the website for informational purposes, i.e. if you do not register or otherwise provide us with information, we collect the following technical information (log file data):
– Operating system of the end device with which you visit our website
– Browser (type, version & language settings)
– the amount of data retrieved
– the current IP address of the device you are using to visit our website
– Date and time of access
– the URL of the previously visited website (referrer)
– the URL of the (sub)page that you call up on the website
– the internet service provider of the accessing system
The collection of this data is technically necessary in order to display our website to you and to ensure stability and security. We (and our service provider) do not regularly know who is behind an IP address. We do not combine the data listed above with other data.
The legal basis is Article 6 Paragraph 1 Clause 1 Letter f) GDPR. Since the collection of the data for the provision of the website and the storage in log files for the operation of the website and for protection against misuse are absolutely necessary, our legitimate interest in data processing prevails at this point.
1.3 When you contact us by e-mail, the data you provide (your e-mail address, possibly your name and telephone number) will be stored by us in order to answer your questions and process your concerns. The legal basis in this respect is Article 6 Paragraph 1 Clause 1 Letter f) GDPR. This information is provided expressly on a voluntary basis and with your consent, Article 6 Paragraph 1 Clause 1 Letter a) GDPR. Insofar as this concerns information on communication channels (e.g. e-mail address, telephone number), you also agree that we may also contact you via this communication channel in order to answer your request. You can of course revoke this consent at any time for the future.
Your data, which we received when you contacted us, will be deleted as soon as they are no longer required to achieve the purpose for which they were collected, your request has been processed in full and no further communication with you is necessary or desired by you.
As being responsible for data protection, our company has implemented numerous technical and organizational measures to ensure the most complete protection possible for the personal data processed via this website. Nevertheless, internet-based data transmissions can fundamentally have security gaps. Absolute protection cannot be guaranteed, in any case sending unencrypted e-mails is not secure. We therefore ask you not to send sensitive data by unencrypted e-mail, but to use either encrypted communication channels or the postal ser.
2. Web-Analysis and Cookies, Social Plug-Ins
2.1 When you visit our website, we use so-called “cookies”.
Cookies are data that are stored on your computer by a website that you visit and enable your browser to be reassigned. Cookies transmit information to the entity that uses the cookie. Cookies can store various information, such as your language setting, the duration of your visit to our website or your entries made there. This avoids, for example, having to re-enter required form data each time you use it. The information stored in cookies can also be used to recognize preferences and to align content according to areas of interest.
There are different types of cookies: Session cookies are data sets that are only temporarily stored in the main memory and are deleted when you close your browser. Permanent or persistent cookies are automatically deleted after a specified period, which can vary depending on the cookie. With this type of cookie, the information can also be stored in text files on your computer. However, you can also delete these cookies at any time via your browser settings.
First-party cookies are set by the website you are visiting. Only this website is allowed to read information from these cookies. Third-party cookies are set by organizations that do not operate the website you are visiting. These cookies are used for example by marketing companies.
The legal basis for possible processing of personal data using cookies and their storage period may vary. If you have given us your consent, the legal basis is Article 6 Paragraph 1 Clause 1 Letter a) GDPR. Insofar as the data processing takes place based on our overriding legitimate interests, the legal basis is Article 6 Paragraph 1 Clause 1 Letter f) GDPR. The specified purpose then corresponds to our legitimate interest.
We use cookies to ensure the proper operation of the website, to provide basic functionalities, to measure reach and – with your consent – to customize our services to preferred areas of interest.
The cookies used on this website are:
Google Analytics (GA 4): Session, Google, Purpose: Persistent third-party cookie for the purpose of distinguishing users in the context of tracking by Google Analytics.
You can delete cookies already stored on your end device at any time. If you want to prevent the storage of cookies, you can do this via the settings in your internet browser. Alternatively, you can also install so-called ad blockers. Please note that individual functions of our website may not work if you have deactivated the use of cookies.
When accessing our website, all users of our website are also informed by an information banner about the use of cookies by us and are referred to this data protection notice. As a user, you will also be asked for your consent to the use of certain cookies, which are particularly relevant for the personalization of services and for marketing measures. Once you have given your consent, you can revoke it at any time with effect for the future by clicking on the cookie banner at the bottom left and unchecking the analysis cookies.
2.2 If you have given your consent, Google Analytics, a web analysis service provided by Google LLC, is used on this website. The responsible body for users in the EU/EEA and Switzerland is Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”).
Scope of processing:
Google Analytics uses cookies, which enable an analysis of your use of our website. The information collected by the cookies about your use of this website is usually transmitted to a Google server in the USA and stored there.
With Google Analytics 4, the anonymization of IP addresses is activated by default. Due to IP anonymization, your IP address will be shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be sent to a Google server in the USA and shortened there. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.
During your visit to the website, your user behavior is recorded in the form of “events”. Events can be:
– Page Views
– First visit to the website
– Start of session
– Your “click path”, interaction with the website
– Scrolls (whenever a user scrolls to the bottom of the page (90%))
– Clicks on external links
– internal searches
– Interaction with videos
– Ads seen / clicked
In addition, the following is recorded:
– Your approximate location (region)
– Your IP address (in abbreviated form)
– technical information about your browser and the end devices you use (e.g. language setting, screen resolution)
– Your internet provider
– the referrer URL (from which website/which advertising medium you came to this website)
Purposes of processing:
On behalf of the operator of this website, Google will use this information to evaluate your (pseudonymous) use of the website and to compile reports on website activity. The reports provided by Google Analytics are used to analyze the performance of our website and the success of our marketing campaigns.
Recipients of the data are/can be:
Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (as processor according to Article 28 GDPR)
Google LLC, 1600 Amphitheater Parkway Mountain View, CA 94043, USA
Alphabet Inc., 1600 Amphitheater Parkway Mountain View, CA 94043, USA
It cannot be ruled out that US authorities will access the data stored by Google.
Third country transfer:
If data is processed outside the EU/EEA and there is no level of data protection that corresponds to the European standard, we have concluded EU standard contractual clauses with the service provider to create an appropriate level of data protection. Google Ireland’s parent company, Google LLC, is based in California, USA. A transfer of data to the USA and access by US authorities to the data stored by Google cannot be ruled out. The USA is currently considered a third country from a data protection point of view. You do not have the same rights there as within the EU/EEA. You may not be entitled to any legal remedies against access by authorities.
Storage duration:
The data sent by us and linked to cookies are automatically deleted after 2 or 14 months. Data that has reached the end of its retention period is automatically deleted once a month.
Legal basis:
The legal basis for this data processing is your consent in accordance with Article 6 Paragraph 1 Clause 1 Letter a) GDPR.
Revocation:
You can revoke your consent at any time with effect for the future by calling up the cookie settings at the bottom left of the website at the cookie icon and changing your selection there. The lawfulness of the processing carried out based on the consent until the revocation remains unaffected.
Alternatively, you can prevent the storage of cookies from the outset by setting your browser software accordingly. However, if you configure your browser so that all cookies are rejected, functionalities on this and other websites may be restricted. You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by Google:
a) Do not give your consent to the setting of the cookie or
b) Download and install the browser add-on to deactivate Google Analytics under the following link: https://tools.google.com/dlpage/gaoptout?hl=de
You can find more information about the terms of use of Google Analytics and data protection at Google at https://marketingplatform.google.com/about/analytics/terms/de/ and at https://policies.google.com/?hl=de.
2.3 For the uniform display of fonts on our website, we use Google Fonts from Google LLC, 1600 Amphitheater Parkway Mountain View, CA 94043, USA. The responsible body for users in the EU/EEA and Switzerland is Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland.
When you visit our website, the required data is loaded into your browser cache in order to display text and fonts correctly. This requires a connection to the Google servers and personal data, in particular the IP address, may be transmitted to the servers of Google LLC. in the US. Google Fonts are transferred to your browser’s cache to avoid multiple loading. If your browser does not support Google Fonts or prevents access, a standard font will be used by your computer.
Insofar as data is processed outside the EEA, where there is no data protection level corresponding to the European standard, we have concluded EU standard contractual clauses with the service provider to create a secure level of data protection.
You can find more information about Google Fonts at https://developers.google.com/fonts/faq and in Google’s privacy policy: https://www.google.com/policies/privacy/
Data collection and storage only takes place with express consent in accordance with Article 6 Paragraph 1 Clause 1 Letter a) GDPR. This can be revoked at any time with effect for the future.
2.4 This site uses Google Maps map service. Google Maps is a map service provided by Google LLC, 1600 Amphitheater Parkway Mountain View, CA 94043, USA. The responsible body for users in the EU/EEA and Switzerland is Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland.
To use the Google Maps functions, information, including the IP address and the address entered as part of the route function, can be transmitted to the provider’s servers. This information is usually transmitted to a Google server in the USA and stored there. When you visit a website that contains Google Maps, your browser establishes a direct connection with the Google servers, whereby the map content is sent to your browser and integrated by it. The provider of this site has no influence on this data transfer. According to the current state of knowledge, this includes the following data:
– the date and time of the visit to the relevant website,
– Internet address or URL of the accessed website,
– IP address, (starting) address entered as part of route planning
Google Maps is used in the interest of an attractive presentation of our online offers and to make it easier to find the places we have indicated on the website. If you do not want Google to process data via this service, you can deactivate the use of JavaScript in your browser settings. Please note that in this case the interactive map function of Google Maps cannot be used.
If data is processed outside the European Economic Area / the EU, where there is no data protection level corresponding to the European standard, Google uses standard contractual clauses according to its own information.
You can find more information on handling user data in Google’s data protection declaration: https://www.google.de/intl/de/policies/privacy/.
Data collection and storage only takes place with express consent in accordance with Article 6 Paragraph 1 Clause 1 Letter a) GDPR. This can be revoked at any time with effect for the future.
To protect against attacks, harmful bots and to improve performance, we use the services of our technology partner CloudFlare Inc., 101 Townsend St, San Francisco, CA 94107 USA for our website. All data to and from this server is transmitted through Cloud-flare’s CDN (“Content Delivery Network”). Cloudflare provides internet security services and distributed DNS (domain name servers) services that act as a reverse proxy for websites.
Cloudflare collects statistical data about visits to this website. The access data includes Name of the accessed website, file, date and time of access, amount of data transferred, notification of successful access, browser type and version, the user’s operating system, referrer URL (the previously visited page), IP address and the requesting provider. Cloudflare uses the log data for statistical evaluations for the purpose of operation, security and optimization of its own offering.
If a customer account is deleted, the data will be deleted from the servers. In addition, you always have the option to clean data from the cache. Log files are retained for up to 7 days.
Further information on data processing by the provider, in particular on data protection and data security, can be found at: https://www.cloudflare.com/security-policy/
Insofar as data is processed outside the EEA, where there is no data protection level corresponding to the European standard, we have concluded EU standard contractual clauses with the service provider to create a secure level of data protection.
The legal basis for data processing when using Cloudflare is our legitimate interest in protecting our website in accordance with Article 6 Paragraph 1 Clause 1 Letter f) GDPR and Article 25 Paragraph 2 Clause 2 TTDSG on the protection of our website.
2.5 Our website also uses functions of various social networks (“social plug-ins”).
2.6 Social plug-ins are buttons on our website. When you visit our website, these buttons do not send any data to the respective social networks without your intervention. Only when you click on a button is a direct connection established with the server of the respective social network and this can collect data and set cookies. You can find more information about cookies in our cookie information.
2.7 If you are logged into a social network, this can assign your visit to this website to your user account. A social network cannot assign the visit to other Pontacol websites until you have used the respective button there as well.
2.8 We have no influence on the amount of data collected by the social networks with their buttons. The purpose and scope of the data collection and the further processing and use of the data by the respective social networks as well as your rights in this regard and setting options for the protection of your privacy can be found in the data protection information of the respective social networks.
2.9 We use social plug-ins from the following social networks:
– LinkedIn Inc. (www.linkedin.com, LinkedIn Headquarters 2029 Stierlin Ct. Ste. 200 Mountain View, CA 94043, USA);
2.10 This website uses LinkedIn Services to improve the user experience on our website, to enable you to apply via LinkedIn, to facilitate use of the LinkedIn social network and to contact other LinkedIn users. The provider is LinkedIn Corporation, 599 N Mathilda Ave, Sunnyvale, CA 94085, USA.
LinkedIn receives information about your visits to and interactions with the LinkedIn services we offer, e.g. if you log in via LinkedIn or use plug-ins (e.g. “Share with LinkedIn” or “Apply with LinkedIn”). When you use the LinkedIn services on our website, LinkedIn uses your login information, cookies, device information, and internet protocol address (“IP address”) to identify you and log your usage. You can find more information about the cookies used by LinkedIn at: https://www.linkedin.com/legal/cookie-policy.
If you are a member of the provider’s social network and are logged in to the social network during your visit to this website, your data and information about your visit to this website can be linked to your profile on the social network. We have no influence on the exact scope of the data collected about you by the provider. Further information on the scope, type, purpose of data processing, retention periods and your rights and data protection settings can be found in the LinkedIn data protection information at https://www.linkedin.com/legal/privacy-policy and https://www.linkedin.com/legal/privacy-policy-summary.
In cases where you expressly consent to the processing of your data, e.g. if you, as a LinkedIn member, consent to our request for access to your resources on LinkedIn, your consent is the legal basis for data processing Article 7 Paragraph 1 GDPR. In other cases, e.g. if you apply to us via LinkedIn, the processing of your personal data is necessary for the establishment of the employment relationship (Article 6 Paragraph 1 Letter b) GDPR and Article 26 DSG). Otherwise, our legitimate interest in the processing of your data is justified by the above-mentioned purposes (Article 6 Paragraph 1 Letter f) GDPR).
To prevent LinkedIn from collecting data for advertising purposes, you can set a cookie via this link: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out
In addition, you can make further data protection adjustments via this link: https://www.linkedin.com/help/linkedin/answer/62931/manage-advertising-preferences?lang=en
3. Data transfer and data use by third parties
3.1 We will not pass on your data to third parties unless we are (i) legally obliged to do so or (ii) you have given us your consent to do so.
3.2 In order to maintain our website, we must provide certain personal data to our hosting provider, cyon GmbH, Brunngässlein 12, 4052 Basel, Switzerland. With this so-called order data processing, these service providers are also obliged to process your personal data only for the same purposes as we do and in compliance with data protection regulations (including the necessary security measures).
3.3 In addition, we may be obliged to transmit your personal data to other recipients, such as to authorities to fulfil statutory notification obligations.
– Financial authorities
– Customs authorities
– Social insurance institutions
3.4 As part of the further provision and processing of the services you have requested, data may also be disclosed abroad outside the European Union. Countries outside the European Union (and the European Economic Area “EEA”) handle the protection of personal data differently than countries inside the European Union. We also use service providers located in third countries outside the European Union to process your data. There is currently no decision by the EU Commission that these third countries generally offer an adequate level of protection.
We have therefore taken special measures to ensure that your data is processed just as securely in third countries as it is within the European Union. With service providers in third countries, we conclude the standard data protection clauses provided by the Commission of the European Union. These clauses provide suitable guarantees for the protection of your data with service providers in third countries.
4. Job Portal
4.1 Pontacol also operates an online job portal on the website. Open positions are then advertised, and applicants are given the opportunity to send us their application dossier directly online (via e-mail). If you send us your dossier electronically, you send it directly to our server in Switzerland. We will treat your application dossier and all the data it contains with the utmost confidentiality and for a specific purpose, i.e., only process it for the purpose of assessing your suitability for the advertised position (HR purposes) and protect this data against unauthorized access by third parties with adequate security measures. Please note that unencrypted e-mails are not transmitted with access protection.
We also use an online recruiting tool from the Swiss company Ostendis AG (Provider: Ostendis AG, 5706 Boniswil, Switzerland, CHE-102.097.264). Further data protection guidelines for this online recruiting tool can be found in the Ostendis AG data protection declaration.
Your details will be used to process your application and to decide about establishing an employment relationship. The legal basis is Article 6 Paragraph 1 Clause b) GDPR. Furthermore, your personal data can be processed insofar as this should be necessary to defend against legal claims asserted against us from the application process. The legal basis for this is Article 6 Paragraph 1 Clause 1 Letter f) GDPR. The legitimate interest in processing also lies in the stated purposes.
If there is an employment relationship between you and us, we can process the personal data we have already received from you for the purposes of the employment relationship if this is necessary for the implementation or termination of the employment relationship or for the exercise or fulfilment of obligations arising from a law or a collective agreement, a Company or service agreement (collective agreement) resulting rights and obligations of the representation of interests of the employees is required.
Your application data will not be processed beyond the use described.
4.2 A transfer of this data to third parties and abroad (i.e. countries outside of Switzerland) is possible. If the recipients abroad do not have adequate data protection, we will take appropriate safeguards to ensure that the recipients abroad are subject to the same data protection standards. Your application dossier and the data it contains will only be stored with us for as long as the purpose of storage requires; otherwise, your data will be deleted. If you are not hired after an online application, we allow ourselves to keep your application dossier with us for an additional period of 6 months and, if necessary, to contact you directly if there are newly advertised positions with a suitable profile. Should we hire us, the data stored about you will be migrated to our central HR administration.
5. Information, correction and deletion
We would be happy to provide you with information as to whether personal data relating to you are being processed; if this is the case, you have a right to information about this personal data and to the information listed in detail in Article 15 GDPR. In addition, you have the right to rectification (Article 16 GDPR), the right to restriction of processing (Article 18 GDPR), the right to deletion (Article 17 GDPR) and the right to data portability under the respective legal requirements (Article 20 GDPR).
Under the legal requirements, you have the right to object to the processing (Article 21 GDPR).
To exercise your above rights, please contact the offices listed below. The exercise of your above rights is free of charge for you.
Notwithstanding these rights and the possibility of asserting another administrative or judicial remedy, you have the option at any time to assert your right to lodge a complaint with a supervisory authority, in particular in the member state of your place of residence, your place of work or the place of the alleged infringement if you believe that the processing of your personal data violates data protection regulations (Article 77 GDPR).
We store your personal data for as long as it is necessary to fulfil our legal and contractual obligations.
If it is no longer necessary to store the data for the fulfilment of contractual or legal obligations, your data will be deleted unless their further processing is necessary for the following purposes:
– Fulfilment of storage obligations under commercial and tax law.
– Preservation of evidence within the framework of the statutory statute of limitations. According to the statute of limitations of civil law, these statutes of limitations can be up to 20 years in some cases.
6. Contact
We are at your disposal for further questions about data protection and the processing of your personal data as well as for requests for information. You can reach us at: info@pontacol.com or via the contact details given on our website legal notice.
Data Protection Officer EU
intersoft consulting services AG
Beim Strohhause 17
20097 Hamburg
Germany
Email: DSB-Pontacol@interfsoft-consulting.de
