- Name and contact details of the controller and the company data protection officer
Responsible in the sense of the basic data protection regulation and other national data protection laws of the EU member states as well as other data protection regulations is:
The data protection officer of the responsible person is:
Address as above
- Legal basis for the collection, storage, processing and transfer of personal data
Insofar as we obtain the consent of the data subject for processing of personal data, Art. 6 para. 1 lit. a EU General Data Protection Regulation (GDPR) as legal basis.
In the processing of personal data necessary for the performance of a contract to which the data subject is a party, Art. 6 para. 1 lit. b DSGVO as legal basis. This also applies to processing operations required to carry out pre-contractual measures.
Insofar as processing of personal data is required to fulfill a legal obligation that is subject to our company, Art. 6 para. 1 lit. c DSGVO as legal basis.
In the event that vital interests of the data subject or another natural person require the processing of personal data, Art. 6 para. 1 lit. d DSGVO as legal basis.
If processing is necessary to safeguard the legitimate interests of our company or a third party, and if the interests, fundamental rights and freedoms of the data subject do not prevail over the first interest, Art. 6 para. 1 lit. f DSGVO as legal basis for processing.
- Data deletion and storage duration
Apart from the website-based data (section 4a below), personal data will only be deleted at the request of the user. The deletion of data concerning economic processes (in particular orders) is only possible after expiry of the legal retention period (usually 10 years). In this case, a blocking can be requested.
If a request for deletion by a user can be legally fulfilled, the corresponding data will be deleted from the system. In these cases, however, we recommend a blocking instead of a deletion, so that any possibility of a faulty new entry can be ruled out.
In addition, such storage may be provided for by the European or national legislator in EU regulations, laws or other regulations to which the controller is subject.
- Scope of the collection and storage of personal data as well as the nature and purpose of their use
- a) When visiting the website
When you visit our website http://sanavital.ch, the browser used on your device automatically sends information to the server of our website. This information is temporarily stored in a so-called log file. The following information will be collected without your intervention and stored until automated deletion:
- IP address
- Date and time of the request
- Time zone difference to Greenwich Mean Time (GMT)
- content of the request (concrete page)
- Access Status / HTTP status code
- each transferred amount of data
- Website from which the request comes
- Browser type and version
- Operating system and its interface
- Language and version of the browser software
- Name of the visited website
- Message about successful call
The data mentioned are processed by us for the following purposes:
- Ensure a smooth connection of the website
- Ensure comfortable use of our website
- Evaluation of system security and stability as well
- for further administrative purposes.
The legal basis for data processing is Art. 6 para. 1 p. 1 lit. f DSGVO. Our legitimate interest follows from the data collection purposes listed above. In no case we use the collected data for the purpose of drawing conclusions about you.
- b) When registering for our newsletter
If you subscribe to our newsletter, your e-mail address according to Art. 6 para. 1 p. 1 lit. a DSGVO is used to regularly send you our newsletter. For the receipt of the newsletter the indication of an e-mail address is sufficient. It is possible to unsubscribe at any time, for example via the link at the end of each newsletter. Alternatively you can also send your unsubscribe request in a message.
The e-mail address will be permanently stored unless the user requests the deletion (in which case we recommend blocking the data instead of deleting it, so that any possibility of incorrect entry can be ruled out). When a user unsubscribes from the newsletter, the address is blocked.
Information about opening such circulars or clicking on links in them is only statistically recorded.
- c) When using a contact form
For questions of any kind, we offer you the opportunity to contact us via a form provided on the website. Your contact details are requested in this process. Data processing takes place in accordance with Art. 6 para. 1 p. 1 lit. a DSGVO on the basis of your given consent.
The purpose of this data collection is to be able to contact you and to provide you with the information that may be of importance to you.
- d) When using one of our services
The purpose of this data collection is to provide you with the service of interest, to be able to contact you and to provide you with the information that may be of importance to you.
- e) Use of personal data
Personal information may be used to give you the most personalized experience possible when dealing with us.
This may include providing personalized content and personalized communications, whether by ourselves or by third parties; to present social media features; and analyze traffic. This information may be shared with multimedia services, sponsors, analysts, or third party service providers.
- Disclosure of data
As directed by our business, we share personally identifiable information with third parties. Such third parties can be:
- shipping partners who take care of the delivery of ordered goods;
- administrative partners who are related to customer service (e.g., call centers);
- partners who provide other services for us, e.g. trustees, advertising agencies, lawyers, administrative staff, IT specialists, data processors, etc.;
- partners in our own group (e.g., country organizations), as required by legal requirements;
- Provider of third-party services.
- Partners, sponsors and other enterprises offering products for sale.
For the legal basis, see cipher 2.
- Personal data sent voluntarily to us
Unsolicited information which is sent to us by the user, e.g. unsolicited applications and other communications can be recorded and retained. They will be deleted on request.
In the cookie information is stored, each resulting in connection with the specific terminal used. However, this does not mean that we are immediately aware of your identity.
In addition, to improve usability, we also use temporary cookies that are stored on your device for a specified period of time. If you visit our site again to take advantage of our services, it will automatically recognize that you have already been with us and what inputs and settings you have made, so you do not have to re-enter them.
The data processed by cookies are for the purposes mentioned in order to safeguard our legitimate interests as well as third parties according to Art. 6 para. 1 sentence 1 lit. f DSGVO required.
Most browsers accept cookies automatically. However, you can configure your browser so that no cookies are stored on your computer or always a hint appears before a new cookie is created. However, disabling cookies completely may mean that you can not use all features of our website.
- Analysis tools
The tracking measures listed below and used by us are based on Art. 6 para. 1 sentence 1 lit. f DSGVO. With the tracking measures that are being used, we want to ensure a needs-based design and the continuous optimization of our website. On the other hand, we use the tracking measures to statistically record the use of our website and evaluate it for the purpose of optimizing our offer for you. These interests are to be regarded as justified within the meaning of the aforementioned provision.
The respective data processing purposes and data categories can be found in the corresponding tracking tools.
- i) Google Analytics
For the purpose of customizing and continually optimizing our pages, we use Google Analytics, a web analytics service provided by Google Inc. (https://www.google.com/intl/en/about/) (1600 Amphitheater Parkway, Mountain View, CA 94043, USA, hereafter “Google”). In this context, pseudonymised usage profiles are created and cookies (see point 4) are used. The information generated by the cookie about your use of this website such as
- browser type / version,
- used operating system,
- Referrer URL (the previously visited page),
- host name of the accessing computer (IP address),
- time of server request,
are transmitted to a Google server in the US and stored there. The information is used to evaluate the use of the website, to compile reports on website activity and to provide other services related to website activity and internet usage for the purposes of market research and tailor-made website design. This information may also be transferred to third parties if required by law or if third parties process this data in the order. Under no circumstances will your IP address be merged with any other data provided by Google. The IP addresses are anonymized, so that an assignment is not possible (IP masking).
You can prevent the installation of cookies by setting the browser software accordingly; however, we point out that in this case not all features of this website may be fully exploited.
You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) and the processing of this data by Google by downloading and installing a browser add-on (https: //tools.google.com/dlpage/gaoptout?hl=en)
As an alternative to the browser add-on, especially for browsers on mobile devices, you can prevent the collection by Google Analytics by clicking on this link. An opt-out cookie will be set that will prevent the future collection of your data when you visit this website. The opt-out cookie is only valid in this browser and only for our website and is stored on your device. If you delete the cookies in this browser, you must set the opt-out cookie again.
For more information about privacy related to Google Analytics, see the Google Analytics Help Center
- ii) Google Adwords Conversion Tracking
To statistically record the use of our website and to evaluate it for the purpose of optimizing our website, we also use Google conversion tracking. In doing so, Google Adwords will set a cookie (see paragraph 5) on your computer if you have reached our website via a Google ad.
These cookies lose their validity after 30 days and are not used for personal identification. If the user visits certain pages of the Adwords customer’s website and the cookie has not yet expired, Google and the customer can recognize that the user clicked on the ad and was redirected to this page.
Every Adwords customer receives a different cookie. Cookies can not be tracked via the websites of Adwords customers. The information gathered using the conversion cookie is used to generate conversion statistics for Adwords customers who have opted for conversion tracking. Adwords customers hear the total number of users who clicked on their ad and were redirected to a conversion tracking tag page. However, they do not receive information that personally identifies users.
- Social Media Plug-ins
We rely on our website on the basis of Art. 6 para. 1 sentence 1 lit. f DSGVO social plug-ins from the social networks Facebook, Twitter and Instagram, in order to make our law firm better known. The underlying commercial purpose is to be regarded as a legitimate interest within the meaning of the GDPR. Responsibility for the operation compliant with data protection is to be guaranteed by their respective providers. The integration of these plug-ins by us is done by means of the so-called two-click method to protect visitors to our website in the best possible way.
- a) Facebook
On our website social media plugins from Facebook are used to personalize their use. For this we use the “LIKE” or “SHARE” button. It is an offer from Facebook. If you visit a page of our website that contains such a plugin, your browser establishes a direct connection to the Facebook servers. The content of the plugin is transmitted by Facebook directly to your browser and incorporated by him into the website.
By integrating the plugins, Facebook receives the information that your browser has accessed the corresponding page of our website, even if you do not have a Facebook account or are currently not logged in to Facebook. This information (including your IP address) is transmitted from your browser directly to a Facebook server in the US and stored there.
If you are logged in to Facebook, Facebook can assign the visit to our website directly to your Facebook account. If you interact with the plugins, for example by pressing the “LIKE” or “SHARE” button, the corresponding information is also transmitted directly to a Facebook server and stored there. The information will also be posted on Facebook and displayed to your Facebook friends.
Facebook may use this information for the purpose of advertising, market research and tailor-made Facebook pages. For this purpose, Facebook uses user, interest and relationship profiles, for example, to evaluate your use of our website in relation to the advertisements displayed on Facebook, to inform other Facebook users about your activities on our website, and to provide other services related to the use of Facebook.
If you do not want Facebook to assign the data collected via our website to your Facebook account, you must log out of Facebook before visiting our website.
Purpose and scope of the data collection and the further processing and use of the data by Facebook as well as their respective rights and settings options for
- b) Twitter
On our website plugins of the short message network of Twitter Inc. (Twitter) are integrated. The Twitter plugins (tweet button) can be recognized by the Twitter logo on our site. An overview of tweet buttons can be found here (https://about.twitter.com/resources/buttons).
When you visit a page of our website that contains such a plugin, a direct connection is established between your browser and the Twitter server. Twitter receives the information that you have visited our site with your IP address. If you click on the Twitter “tweet button” while logged in to your Twitter account, you can link the contents of our pages to your Twitter profile. This allows Twitter to associate your visit to our pages with your user account. We point out that we as the provider of the pages are not aware of the content of the transmitted data and their use by Twitter.
If you do not want Twitter to associate your visit to our pages, please log out of your Twitter account.
- c) LinkedIn
Our website uses features of the LinkedIn network. Providers is LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, United States. Each time you visit one of our pages that contains LinkedIn features, it will connect to LinkedIn servers. LinkedIn is informed that you have visited our website with your IP address. If you click LinkedIn’s “Recommend Button” and are logged in to your LinkedIn account, LinkedIn will be able to associate your visit to our website with you and your user account. We point out that we as the provider of the pages have no knowledge of the content of the transmitted data and their use by LinkedIn.
For more information, see the LinkedIn privacy statement at: https://www.linkedin.com/legal/privacy-policy.
- d) Xing
Our website uses functions of the network XING. Provider is XING AG, Dammtorstrasse 29-32, 20354 Hamburg, Germany. Each time you visit one of our sites that includes Xing features, it connects to Xing servers. A storage of personal data is not done to our knowledge.
In particular, no IP addresses are stored or the usage behavior is evaluated.
- Rights of persons affected
You have the right:
- in accordance with Art. 15 DSGVO, to request information about your personal data processed by us. In particular, you can provide information on the processing purposes, the category of personal data, the categories of recipients to whom your data has been disclosed, the planned retention period, the right to rectification, deletion, limitation of processing or opposition, the existence of a The right to complain, the source of their data, if not collected by us, and the existence of automated decision-making, including profiling and, where appropriate, meaningful information about their details;
- in accordance with Art. 16 DSGVO, immediately demand the correction of incorrect or completed personal data stored by us;
- to demand the deletion of your personal data stored with us, according to art. 17 DSGVO, as far as the processing for the exercise of the right to freedom of expression and information, for the fulfillment of a legal obligation, for reasons of the public interest or for the assertion, exercise or defense of Legal claims is required;
- to demand the restriction of the processing of your personal data in accordance with Art. 18 GDPR, as far as the accuracy of the data is disputed by you, the processing is unlawful, but you reject its deletion and we no longer need the data, but you assert this, Exercise or defense of legal claims or you have objected to the processing in accordance with Art. 21 GDPR;
- in accordance with Art. 20 DSGVO, to receive your personal data provided to us in a structured, standard and machine-readable format or to request transmission to another person responsible;
- according to Art. 7 para. 3 DSGVO, to revoke your once given consent to us at any time. As a result, we are not allowed to continue the data processing based on this consent for the future and
- to complain to a supervisory authority in accordance with Art. 77 GDPR. As a rule, you can contact the supervisory authority of your usual place of residence or work or our company headquarters.
- Right of objection
If your personal data are based on legitimate interests in accordance with Art. 6 para. 1 sentence 1 lit. f DSGVO are processed, you have the right to file an objection against the processing of your personal data in accordance with Art. 21 DSGVO if there are reasons for this arising from your particular situation or if the objection is directed against direct mail. In the latter case, you have a general right of objection, which is implemented by us without specifying any particular situation.
If you would like to exercise your right of revocation or objection, please send an message.
- Data security
We use the popular SSL (Secure Socket Layer) method within the site visit, in conjunction with the highest level of encryption supported by your browser. In general, this is a 256-bit encryption. If your browser does not support 256-bit encryption, we’ll use 128-bit v3 technology instead. Whether a single page of our website is encrypted is shown by the closed representation of the key or lock icon in the lower status bar of your browser.
We also take appropriate technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or total loss, destruction or against unauthorized access by third parties. Our security measures are continuously improved in line with technological developments.
- Google Web Fonts
For uniform representation of fonts, this page uses web fonts provided by Google. When you open a page, your browser loads the required web fonts into your browser cache to display texts and fonts correctly.
For this purpose your browser has to establish a direct connection to Google servers. Google thus becomes aware that our web page was accessed via your IP address. The use of Google Web fonts is done in the interest of a uniform and attractive presentation of our website. This constitutes a justified interest pursuant to Art. 6 (1) (f) DSGVO.
If your browser does not support web fonts, a standard font is used by your computer.