PRIVACY POLICY

Last updated: 19th July 2023

OUT PRIVACY POLICY GOVERNS YOUR VISIT TO WWW.ALLASSO.CH. WITH THE FOLLOWING STATEMENT, WE COMPLY WITH OUR STATUTORY DUTY TO INFORM YOU ABOUT THE STORAGE OF DATA, THE TYPE OF DATA, THEIR PURPOSE, AND OUR IDENTITY. WE ALSO NOTIFY YOU OF THE INITIAL REGISTRATION AND THE TYPE OF DATA SUBMITTED. YOU CAN FIND OUR COMPLETE CONTACT DETAILS AT THE END OF THIS PRIVACY POLICY.

Based on Article 13 of the Swiss Federal Constitution and the data protection regulations of the Federal Government (New Federal Act on Data Protection 2022, nFADP) and in accordance with GDPR, every person is entitled to the protection of their privacy and to protection against misuse of their personal data. We comply with these terms. Personal data will be kept strictly confidential and will not be sold or passed on to third parties, your personal data will be kept with Allasso.The details can be found in the following explanations.

We look forward to your visit to our website and your interest in our offers. For external links to third-party content, we accept no liability despite careful content control since we have not initiated the transmission of this information, have not selected or changed the addressee of the transmitted information and the transmitted information itself.

The protection of your personal data during the collection, processing and use during your visit to our website is very important to us and takes place within the framework of the legal regulations. The use of our website is usually possible without providing personal data. As far as on our sides personal data (for example name, address or e-mail address) are raised, this takes place only after registration on the website. These data will not be disclosed to third parties without your explicit consent. We point out in this context that the transmission of data on the Internet (for example in the case of communication by e-mail) may have security gaps. Complete protection of the data from access by third parties is not possible.

Our Terms and Conditions (“Terms”) govern all use of our Service and together with the Privacy Policy constitutes your agreement with us (“Agreement”).

In the following, we will explain what information we collect during your visit to our website and how it is used:

1. YOUR RIGHTS UNDER NEW FEDERAL ACT ON DATA PROTECTIN (nFADP)

1.1. If you are a resident of Switzerland, you have the following rights in relation to your Data:

1.1.1. Right to access – the right to request (i) copies of the information we hold about you at any time, or (ii) that we modify, update or delete such information. If we provide you with access to the information we hold about you, we will not charge you for this, unless your request is “manifestly unfounded or excessive.” Where we are legally permitted to do so, we may refuse your request. If we refuse your request, we will tell you the reasons why.

1.1.2. Right to correct – the right to have your Data rectified if it is inaccurate or incomplete.

1.1.3. Right to erase – the right to request that we delete or remove your Data from our systems.

1.1.4. Right to restrict our use of your Data- the right to “block” us from using your Data or limit the way in which we can use it.

1.1.5. Right to data portability- the right to request that we move, copy or transfer your Data.

1.1.6. Right to object – the right to object to our use of your Data including where we use it for our legitimate interests.

1.2. To make enquiries, exercise any of your rights set out above, or withdraw your consent to the processing of your Data (where consent is our legal basis for processing your Data), please contact us via this e-mail address: vc@allasso.ch

1.3. If you are not satisfied with the way a complaint you make in relation to your Data is handled by us, you may be able to refer your complaint to the relevant data protection authority.

1.4. It is important that the Data we hold about you is accurate and current. Please keep us informed if your Data changes during the period for which we hold it.

2. YOUR DATA PROTECTION RIGHTS UNDER GENERAL PROTECTION REGULATION (GDPR)

2.1. If you are a resident of the European Union (EU) and European Economic Area (EEA), you have certain data protection rights, covered by GDPR. – See more at https://eur-lex.europa.eu/eli/reg/2016/679/oj

2.2. We aim to take reasonable steps to allow you to correct, amend, delete, or limit the use of your Personal Data.

2.3. If you wish to be informed what Personal Data, we hold about you and if you want it to be removed from our systems, please email us at vc@allasso.ch.

2.4. In certain circumstances, you have the following data protection rights:

2.4.1. the right to access, update or to delete the information we have on you;

2.4.2. the right of rectification. You have the right to have your information rectified if that information is inaccurate or incomplete;

2.4.3. the right to object. You have the right to object to our processing of your Personal Data;

2.4.4. the right of restriction. You have the right to request that we restrict the processing of your personal information;

2.4.5. the right to data portability. You have the right to be provided with a copy of your Personal Data in a structured, machine-readable and commonly used format;

2.4.6. the right to withdraw consent. You also have the right to withdraw your consent at any time where we rely on your consent to process your personal information;

2.5. Please note that we may ask you to verify your identity before responding to such requests. Please note, we may not able to provide Service without some necessary data.

2.6. You have the right to complain to a Data Protection Authority about our collection and use of your Personal Data. For more information, please contact your local data protection authority in the European Economic Area (EEA).

3. YOUR DATA PROTECTION RIGHTS UNDER THE CALIFORNIA PRIVACY PROTECTION ACT (CalOPPA)

3.1. CalOPPA is the first state law in the nation to require commercial websites and online services to post a privacy policy. The law’s reach stretches well beyond California to require a person or company in the United States (and conceivable the world) that operates websites collecting personally identifiable information from California consumers to post a conspicuous privacy policy on its website stating exactly the information being collected and those individuals with whom it is being shared, and to comply with this policy. – See more at: https://consumercal.org/about-cfc/cfc-education-foundation/california-online-privacy-protection-act-caloppa-3/

3.2. According to CalOPPA we agree to the following:

3.2.1. users can visit our site anonymously;

3.2.2. our Privacy Policy link includes the word “Privacy”, and can easily be found on the page specified above on the home page of our website;

3.2.3. users will be notified of any privacy policy changes on our Privacy Policy Page;

3.2.4. users are able to change their personal information by emailing us at vc@allasso.ch.

3.3. Our Policy on “Do Not Track” Signals:

3.3.1. We honor Do Not Track signals and do not track, plant cookies, or use advertising when a Do Not Track browser mechanism is in place. Do Not Track is a preference you can set in your web browser to inform websites that you do not want to be tracked.

3.3.2. You can enable or disable Do Not Track by visiting the Preferences or Settings page of your web browser.

4. YOUR DATA PROTECTION RIGHTS UNDER THE CALIFORNIA CONSUMER PRIVACY ACT (CCPA)

4.1. If you are a California resident, you are entitled to learn what data we collect about you, ask to delete your data and not to sell (share) it. To exercise your data protection rights, you can make certain requests and ask us:

4.2. What personal information we have about you. If you make this request, we will return to you:

4.2.1. The categories of personal information we have collected about you.

4.2.2. The categories of sources from which we collect your personal information.

4.2.3. The business or commercial purpose for collecting or selling your personal information.

4.2.4. The categories of third parties with whom we share personal information.

4.2.5. The specific pieces of personal information we have collected about you.

4.2.6. A list of categories of personal information that we have sold, along with the category of any other company we sold it to. If we have not sold your personal information, we will inform you of that fact.

4.2.7. A list of categories of personal information that we have disclosed for a business purpose, along with the category of any other company we shared it with.

4.3. Please note, you are entitled to ask us to provide you with this information up to two times in a rolling twelve-month period. When you make this request, the information provided may be limited to the personal information we collected about you in the previous 12 months.

4.4. To delete your personal information. If you make this request, we will delete the personal information we hold about you as of the date of your request from our records and direct any service providers to do the same. In some cases, deletion may be accomplished through de-identification of the information. If you choose to delete your personal information, you may not be able to use certain functions that require your personal information to operate.

4.5. To stop selling your personal information. If you submit a request to stop selling your personal information, we will stop selling it. If you are a California resident, to opt-out of the sale of your personal information, send us an email with title “Do Not Sell My Personal Information” to submit your request.

4.5.1. Please note, if you ask us to delete or stop selling your data, it may impact your experience with us, and you may not be able to participate in certain programs or membership services which require the usage of your personal information to function. But in no circumstances, we will discriminate against you for exercising your rights.

4.5.2. To exercise your California data protection rights described above, please send your request(s) by one of the following means:

4.5.2.1. By email: vc@allasso.ch.

4.6. Your data protection rights, described above, are covered by the CCPA, short for the California Consumer Privacy Act. To find out more, visit the official California Legislative Information website. The CCPA took effect on 01/01/2020.

5. CHILDREN’S PRIVACY

5.1. Our Services are not intended for use by children under the age of 13 (“Child” or “Children”).

5.2. We do not knowingly collect personally identifiable information from Children under 13. If you become aware that a Child has provided us with Personal Data, please contact us. If we become aware that we have collected Personal Data from Children without verification of parental consent, we take steps to remove that information from our servers.

6. COLLECTION, STORAGE OF PERSONAL DATA AND PURPOSE OF USE

6.1. When visiting the website: Every time a customer (or other visitors) accesses our website, the internet browser used on your device (computer, laptop, tablet, smartphone, etc.) automatically sends information to the server of our website. This information is temporarily stored in a so-called log file (log file) on the server-side (web hosting provider). The following data will be collected without your intervention and stored until automated deletion:

6.1.1. If the necessary IP address of the requesting computer, as well as a device ID or individual device identifier and device type,

6.1.2. name of the retrieved file and amount of data transferred, as well as date and time of retrieval,

6.1.3. Message about successful call,

6.1.4. requesting domain (origin of your request, from which you came to our website(s)),

6.1.5. Description of the type of internet browser used and, if applicable, the operating system of your terminal and the name of your access provider,

6.1.6. Location information, including location data from your mobile device. Please note that on most mobile devices, you can control or disable the use of location services in the mobile device’s settings menu.

6.2. Our legitimate interest in accordance with (Art. 6 (1) (f) GDPR), for the collection of data is based on the following purposes:

6.2.1. Ensuring a smooth connection setup and comfortable use of the website,

6.2.2. Evaluation of system security and stability as well for further administrative purposes.

6.3. In no case, we use the collected data for the purpose of drawing conclusions about you:

6.3.1. When concluding a contractual relationship of any kind; or

6.3.2. When concluding any contractual relationship of any kind on our website, we ask you for the following personal data:

6.3.2.1. Data that personally identifies you (“Personal Data”), may include, but is not limited to:

6.3.2.1.1. such as your natural first and last name, email address, position, company name or university name, company address, VAT number, social media account, website and phone number.

6.3.2.1.2. other personal data which we are legally obliged or authorized to collect and process and which we need for your authentication, identification or verification of the data we collect.

6.4. The mentioned data will be processed to process the contractual relationship. The processing of data is based on (Art. 6 (1) (b) GDPR). The retention period is limited to the purpose of the contract and, if available, statutory and contractual retention requirements.

6.5. Tracking Cookies Data

6.5.1. We may use cookies and similar tracking technologies to track the activity on our Service and we hold certain information.

6.5.2. Cookies are files with a small amount of data which may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your device. Other tracking technologies are also used such as beacons, tags and scripts to collect and track information and to improve and analyze our Service.

6.5.3. Cookies may also be used for other purposes on our Website.

6.5.4. You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Service.

6.5.5. If you disable the use of cookies on your web browser or remove or reject specific cookies from our Website or linked sites than you may not be able to gain access to all of the content and facilities in those websites.

7. TRANSFER OF PERSONAL DATA

7.1. A transfer of your data to third parties for purposes other than those listed below does not take place. We only pass on your data to third parties if:

7.1.1. You have given your express consent to this (Art. 6 (1) (a) GDPR),

7.1.2. this is necessary for the settlement of contractual relationships with you (Art. 6 (1) (b) GDPR),

7.1.3. there is a legal obligation to pass it on (Art. 6 (1) (c) GDPR),

7.1.4. disclosure is required for asserting, exercising or defending legal claims and there is no reason to assume that you have a predominantly legitimate interest in not disclosing your data (Article 6 (1) (f) GDPR).

7.2. In these cases, however, the amount of data transmitted is limited to the minimum required. Our privacy policy is consistent with applicable data protection laws and the data is processed only in the European Union. A transfer to third countries does not take place and is not intended.

8. AFFECTED RIGHTS

8.1. On request, we will be pleased to inform you whether and which clearly personal data about you are stored (Article 15 GDPR), in particular the processing purposes, the category of personal data, the categories of recipients to whom your data has been disclosed or will, the planned storage period, the right of rectification, deletion, limitation of processing or opposition, the existence of a right of appeal, the origin of their data, if they were not collected from us, as well as the existence of automated decision-making including profiling.

8.2. You also have the right to correct any incorrectly collected personal data or to complete incomplete data collected (Art. 16 GDPR).

8.3. Furthermore, you have the right to demand that we restrict the processing of your data, provided that the legal conditions for doing so are met (Art. 18 GDPR).

8.4. You have the right to receive the personal data relating to you in a structured, common, and machine-readable format or to request the transfer to another person responsible (Art. 20 GDPR).

8.5. In addition, you are entitled to the so-called “right to be forgotten”. You can request the deletion of your personal data from us, provided that the legal prerequisites exist (Art. 17 GDPR). Regardless of this, your personal data will be automatically deleted by us if the purpose of the data collection has been omitted or the data processing has been unlawful.

8.6. IN ACCORDANCE WITH ART. 7 (3) GDPR, YOU HAVE THE RIGHT TO REVOKE YOUR ONCE GIVEN CONSENT TO US AT ANY TIME. AS A RESULT, WE ARE NO LONGER ALLOWED TO CONTINUE THE DATA PROCESSING BASED ON THIS CONSENT FOR THE FUTURE.

8.7. You also have the right to object to the processing of your personal data at any time, provided that a right of objection is provided for by law. In the case of an effective revocation, your personal data will also be automatically deleted by us (Article 21 GDPR). If you would like to exercise your right of revocation or objection, it is sufficient to send an e-mail to the e-mail address listed at the end of this privacy policy. In case of violations of the data protection regulations, you have acc. Art. 77 GDPR the possibility to file a complaint with a supervisory authority.

9. DURATION OF DATA STORAGE

9.1. The data collected will be stored by us as long as necessary for the performance of the contracts we have entered into, or you have not exercised your right to cancellation or your right to transfer data to another company.

9.2. For example, we use cookies to statistically record and evaluate the use of our website and to optimize our offer for you. These cookies allow us to automatically recognize when you visit our website again that you have already been with us. These cookies are automatically deleted after a defined time. The data processed by cookies are for the purposes mentioned in order to safeguard our legitimate interests as well as third parties according to (Art. 6 (1) (g) GDPR) required. Most browsers accept cookies automatically. If you do not want us to recognize information about your computer, please set your Internet browser to delete cookies from your computer hard drive, block all cookies, or warn you before a cookie is stored. You can find out how to delete or block cookies in the Help and Support section of your Internet browser. There you will find instructions for searching the file or directory where cookies are stored. Please note in any case that the complete deactivation of cookies may mean that you cannot use all functions of our website.

10. DATA SECURITY

10.1. We take all necessary technical and organizational security measures to store your personal data so that it is not accessible to third parties or the public. If you would like to contact us by e-mail, we would like to point out that the confidentiality of the transmitted information cannot be completely guaranteed with this communication method. We, therefore, recommend that you send us confidential information only by post. For email communication, we recommend the best possible encryption of your outbox via SSL technology. For more information, please contact your e-mail service provider.

11. LINKS

11.1. Our Service may contain links to other sites that are not operated by us. If you click a third party link, you will be directed to that third party’s site. We strongly advise you to review the Privacy Policy of every site you visit. We have no control over and assume no responsibility for the content, privacy policies or practices of any third party sites or services.

12. ANALYTICS

12.1. We may use third-party Service Providers to monitor and analyze the use of our Service.

12.1.1. Google Analytics.

12.1.1.1. Google Analytics is a web analytics service offered by Google that tracks and reports website traffic. Google uses the data collected to track and monitor the use of our Service. This data is shared with other Google services. Google may use the collected data to contextualize and personalize the ads of its own advertising network.

12.1.1.2. For more information on the privacy practices of Google, please visit the Google Privacy Terms web page: https://policies.google.com/privacy?hl=en

12.1.2. We also encourage you to review the Google’s policy for safeguarding your data: https://support.google.com/analytics/answer/6004245.

13. PAYMENTS

13.1. We may provide paid products and/or services within Service. In that case, we use third-party services for payment processing (e.g. payment processors).

13.2. We will not store or collect your payment card details. That information is provided directly to our third-party payment processors whose use of your personal information is governed by their Privacy Policy. These payment processors adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, Mastercard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of payment information.

14. UP-TO-DATENESS AND CHANGE OF THIS DATA PROTECTION EXPLANATION

14.1. This privacy policy is currently valid.

14.2. Due to the further development of our website and offers or due to changed legal or regulatory requirements, it may be necessary to change this privacy policy. The current privacy policy can be viewed and printed on our website at any time using the link below.

14.3. You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.

15. CONTACT US

15.1. If you have any questions about this Privacy Policy, please contact us:

15.1.1. By email: vc@allasso.ch