Privacy policy

General note

Based on Article 13 of the Swiss Federal Constitution and the data protection regulations of the federal government (Datenschutzgesetz, DSG), every person is entitled to privacy protection and protection against misuse of their personal data. The operator of this website takes the protection of the visitor’s personal data very seriously. We treat your personal data confidentially and in line with legal data protection regulations and this privacy policy.

In cooperation with our hosting providers, we make every effort to protect the databases as well as possible against unauthorized access, loss, misuse or forgery.

We want to point out that data transmission on the Internet (e.g. e-mail communication) can have security gaps and risks. Full protection of data against access by third parties is not possible.

By visiting and using this website, you agree to the collection, processing and use of data as described in the following. Our website can generally be visited without any registration. Data, such as the visited pages, the name of the retrieved file, date or time, are stored on the server for statistical purposes without a direct link to your person. Personal data, particularly name, address or email address, are collected on a voluntary basis as far as possible. The data will not be passed on to third parties without your consent.

Processing of personal data

Personal data include all information relating to a specific or identifiable person. A data subject is a person about whom personal data are processed. Processing includes any handling of personal data, regardless of the means and procedures used, in particular the storage, disclosure, procurement, deletion, saving, modification, destruction and use of personal data.

We process personal data in accordance with the Swiss data protection law (Datenschutzrecht). In addition, we process personal data – insofar as and insofar as the EU GDPR is applicable – in accordance with the following legal principles in connection with Art. 6 Para. 1 GDPR:

  • Art. 6 Para. 1 S. 1 lit. a. GDPR: The data subject has given consent to the processing of his/her personal data for one or more specific purposes.

  • Art. 6 Para. 1 S. 1 lit. b. GDPR: The processing is necessary for the fulfillment of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering a contract.

  • Art. 6 Para. 1 S. 1 lit. c. GDPR: The processing is necessary to comply with a legal obligation to which the controller is subject.

  • Art. 6 Para. 1 S. 1 lit. d. GDPR: Processing is necessary in order to protect the vital interests of the data subject or of another natural person.

  • Art. 6 Para. 1 S. 1 lit. f. GDPR: Processing is necessary for the purpose of the legitimate interests pursued by the controller or a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child. Legitimate interests are, in particular, our business interest in being able to provide our website, information security, the enforcement of our own legal claims and compliance with Swiss law.

  • Art. 9 Para. 2 lit. b. GDPR: Insofar as special categories of personal data within the meaning of Art. 9 Para. 1 GDPR (e.g. health data, such as severe disability or ethnic origin) are requested from applicants in the course of an application process so that the person responsible or the person concerned can exercise the rights arising from labor law and the law on social security and social protection and fulfill his or her obligations in this regard, their processing takes place in accordance with Art. 9 Para. 2 lit. b. GDPR, in the case of protecting the vital interests of applicants or other persons in accordance with Art. 9 Para. 2 lit. c. DSGVO or for the purposes of health care or occupational medicine, for the assessment of the employee’s ability to work, for medical diagnostics, care or treatment in the health or social area or for the administration of systems and services in the health or social area in accordance with Art. 9 Para. 2 lit. h. GDPR. In the case of a notification of special categories of data based on voluntary consent, the processing takes place on the basis of Art. 9 Para. 2 lit. a. GDPR.

We process personal data for the duration necessary for the respective purpose or purposes. In the event of longer-lasting storage obligations due to legal and other obligations to which we are subject, we restrict the processing accordingly.

Relevant legal bases

In accordance with Art. 13 GDPR, we will inform you of the legal basis for our data processing. If the legal basis is not mentioned in the data protection declaration, the following applies:

The legal basis for obtaining consent is Art. 6 Para. 1 lit. a. and Art. 7 GDPR, the legal basis for processing to fulfill our services and implement contractual measures as well as answering inquiries is Art. 6 Para. 1 lit. b. GDPR, the legal basis for processing to fulfill our legal obligations is Art. 6 Para. 1 lit. c. GDPR, and the legal basis for processing to safeguard our legitimate interests is Art. 6 Para. 1 lit. f. GDPR. In the event that vital interests of the data subject or another natural person require the processing of personal data, Art. 6 Para 1 lit. d. GDPR serves as the legal basis.

Safety measures

We take appropriate technical and organizational measures in accordance with the legal requirements taking into account the state of the art, the implementation costs and the type, scope, circumstances and purposes of the processing as well as the different probabilities of occurrence and the extent of the threat to the rights and freedoms of natural persons to ensure a level of protection appropriate to the risk.

The measures include, in particular, ensuring the confidentiality, integrity and availability of data by controlling physical and electronic access to the data as well as access, input, disclosure, ensuring availability and their separation. Furthermore, we have set up procedures that ensure the exercise of data subject rights, the deletion of data and reactions to data threats. Furthermore, we already take the protection of personal data into account during the development or selection of hardware, software and processes in accordance with the principle of data protection, through technology design and through data protection-friendly default settings.

Transmission of personal data

As part of our processing of personal data, it may happen that the data is transmitted to other bodies, companies, legally independent organizational units or persons or that it is disclosed to them. The recipients of this data can include, for example, service providers commissioned with IT tasks or providers of services and content that are integrated into a website. In such a case, we observe the legal requirements and, in particular, conclude appropriate contracts or agreements with the recipients of your data that serve to protect your data.

Data processing in third countries

If we process data in a third country (i.e. outside the European Union (EU), the European Economic Area (EEA)) or the processing within the framework of the use of third-party services or the disclosure or transmission of data to other persons, bodies or companies takes place, this is only done in accordance with the legal requirements.

Subject to express consent or contractually or legally required transmission, we only process the data in third countries with a recognized level of data protection, contractual obligation through so-called standard protection clauses of the EU Commission, if there are certifications or binding internal data protection regulations (Art. 44 to 49 GDPR, information page of the EU Commission: https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection_en).

Data protection declaration for SSL/TLS encryption

Our website uses SSL/TLS encryption for security reasons and to protect the transmission of confidential content, such as requests that you send to us as site operator. You can recognize an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line.

If SSL or TLS encryption is activated, the data that you transmit to us cannot be read by third parties.

Privacy policy for cookies

This site uses cookies. Cookies are text files containing data from visited websites or domains and that are stored by a browser on the user’s computer. A cookie is primarily used to store information about a user during or after the visit of the website or within the online offer. The stored information may include, for example, the language settings on a website, the login status, a shopping cart or the place where a video was watched. The term cookies also includes other technologies that fulfill the same functions as cookies (e.g. when user information is stored using pseudonymous online identifiers, also known as “user IDs”).

The following cookie types and functions are distinguished:

  • Temporary cookies (also: session or session cookies): Temporary cookies are deleted at the latest after a user has left an online service and closed his browser.

  • Permanent cookies: Permanent cookies remain stored even after the browser is closed. For example, the login status can be saved or preferred content can be displayed directly when the user visits a website again. Likewise, the preferences of users, which are used for reach measurement or for marketing purposes, can be stored in such a cookie.

  • Permanent cookies: Permanent cookies remain stored even after the browser is closed. For example, the login status can be saved or preferred content can be displayed directly when the user visits a website again. Likewise, the preferences of users, which are used for reach measurement or for marketing purposes, can be stored in such a cookie.

  • First-party cookies: First-party cookies are set by us.

  • Third-party cookies (also: Drittanbieter-Cookies): Third-party cookies are mainly used by advertisers (so-called third parties) to process user information.

  • Necessary (also: essential or absolutely necessary) cookies: On the one hand, cookies can be absolutely necessary for the operation of a website (e.g. to save logins or other user input or for security reasons).

  • Statistics, marketing and personalization cookies: Cookies are also generally used to measure range and when the interests or behavior of a user (e.g. viewing certain content, using functions, etc.) on individual websites are to be saved in a user profile. Such profiles are used to show users, for example, content that corresponds to their potential interests. This process is also referred to as “tracking”, i.e. tracking the potential interests of users. If we use cookies or “tracking” technologies, we will inform you separately in our data protection declaration or when obtaining consent.

Notes on legal bases: The legal basis on which we process your personal data by using cookies depends on whether we ask for your consent. If this is the case and you consent to the use of cookies, the legal basis for the processing of your data is the declared consent. Otherwise, the data processed using cookies will be processed on the basis of our legitimate interests (e.g. in the commercial operation of our online offer and its improvement) or if the use of cookies is necessary to fulfill our contractual obligations.

Storage period: If we do not provide you with any explicit information on the term of storage of permanent cookies (e.g. as part of a so-called cookie opt-in), please assume that the storage period can be up to two years.

General information on revocation and objection (opt-out): Depending on whether the processing is based on consent or legal permission, you have the option at any time to revoke your consent or to object to the processing of your data by cookie technologies (collectively referred to as “opt-out”). You can initially declare your objection using the settings in your browser, e.g. by deactivating the use of cookies (which can also limit the functionality of our website and online service). An objection to the use of cookies for online marketing purposes can also be declared using a variety of services available on the internet. In addition, you can receive further objection notices as part of the information on the service providers and cookies used.

Processing of cookie data on the basis of consent: We use a cookie consent management procedure, in the context of which the user consents to the use of cookies or the processing mentioned in the context of the cookie consent management procedure and providers can be obtained and managed and revoked by the users. The declaration of consent may be stored here so that the query does not have to be repeated and to be able to prove the consent in accordance with the legal obligation. The storage can take place on the server side and/or in a cookie (so-called opt-in cookie, or with the help of comparable technologies) in order to be able to assign the consent to a user or his device. Subject to individual information about the providers of cookie management services, the following information applies: The duration of the storage of the consent can be up to two years. A pseudonymous user identifier is created and stored with the time of the consent, information on the scope of the consent (e.g. which categories of cookies and/or service providers) and the browser, system and end device used.

  • Types of data processed: usage data (e.g. websites visited, interest in content, access times), meta/communication data (e.g. device information, IP addresses).

  • Affected persons: users (e.g. website visitors, users of online services).

  • Legal basis: consent (Art. 6 Para. 1 S. 1 lit. a. GDPR), legitimate interests (Art. 6 Para. 1 S. 1 lit. f. GDPR).

Data protection declaration for server log files

The host provider of our website automatically collects and stores information in so-called server log files, which your browser automatically transmits to us.

These are:

  • Browser type and version
  • Used operating system 
  • Referrer URL
  • Host name of the accessing computer
  • Time of server request
This data cannot be linked to specific persons and are not merged with other data sources. We reserve the right to subsequently check this data in case we become aware of specific indications of illegal use.

Rights of data subjects

Right to confirmation
Every data subject has the right to request confirmation from the operator of the website whether personal data are being processed. If you would like to make use of this right of confirmation, you can contact us at any time.

Right to information
Every person affected by the processing of personal data has the right to receive free information from the website operator about the personal data stored and a copy of this information at any time.

Furthermore, the following information can be provided if necessary:

  • Processing purposes

  • Categories of personal data being processed

  • Recipients to whom the personal data have been or will be disclosed

  • If possible, the planned duration for which the personal data will be stored or, if this is not possible, the criteria used to determine that duration

  • Your right regarding correction or deletion of your personal data or the restriction of processing by the controller or the objection to this processing

  • Existence of a right of appeal to a supervisory authority

  • If the personal data are not collected from the data subject: all available information about the origin of the data

Furthermore, the data subject has the right to information on whether personal data has been transmitted to a third country or to an international organization. If this is the case, the person concerned has the right to receive information about the appropriate guarantees in connection with the transmission.

If you would like to make use of this right to information, you can contact us at any time.

Right to rectification
Every person affected by the processing of personal data has the right to demand the immediate correction of incorrect personal data concerning them.

Furthermore, the data subject has the right – taking into account the purposes of the processing – to request the completion of incomplete personal data, also by means of a supplementary declaration.

If you would like to make use of this right to rectification, you can contact us at any time.

Right to erasure (right to be forgotten)
Any person affected by the processing of personal data has the right to request from the person responsible for this website the immediate deletion of his/her personal data if one of the following reasons applies and if the processing is not necessary:

  • The personal data were collected for purposes or otherwise processed for which they are no longer necessary

  • The data subject withdraws their consent on which the processing was based and there is no other legal basis for the processing

  • The data subject objects to the processing for reasons arising from their particular situation and there are no overriding legitimate reasons for the processing, or the data subject objects to the processing in the case of direct advertising and the associated profiling 

  • The personal data was processed unlawfully

  • The personal data must be erased for compliance with a legal obligation in Union law or law of the member state to which the website operator is subject

  • The personal data was collected in relation to offered information society services, made directly to a child

If one of the above reasons applies and you wish to have personal data stored by the operator of this website deleted, you can contact us at any time. We will ensure that the request for deletion is complied with immediate effect.

Right to restriction of processing
Any person affected by the processing of personal data has the right to request that the person responsible for this website restrict the processing if one of the following conditions is met:

  • The accuracy of the personal data is contested by the data subject, for a period enabling the controller to verify the accuracy of the personal data

  • The processing is unlawful, the data subject refuses to have the personal data deleted and instead requests that the use of the personal data be restricted

  • The person responsible no longer needs the personal data for the purposes of processing, but the data subject needs them to assert, exercise or defend legal claims

  • The data subject has lodged an objection to the processing for reasons arising from their particular situation and it is not yet clear whether the legitimate reasons of the person responsible outweigh those of the data subject

If one of the above conditions is met and you wish to request the restriction of personal data stored by the operator of this website, you can contact us at any time. We will arrange for the restriction of processing.

Right to data portability
Every person affected by the processing of personal data has the right to receive the personal data in a structured, common and machine-readable format. The data subject also has the right to have this data transmitted to another person responsible if the legal requirements are met.

Furthermore, the data subject has the right to have the personal data transmitted directly from one person responsible to another person responsible, insofar as this is technically feasible and provided that this does not affect the rights and freedoms of other persons.

To assert the right to data transferability, you can contact us at any time.

Right to object
Every person affected by the processing of personal data has the right to object at any time to the processing of personal data for reasons that arise from the data subject’s particular situation.

The operator of this website will no longer process the personal data in the event of an objection, unless we can demonstrate compelling legitimate grounds for the processing which outweigh the interests, rights and freedoms of the data subject, or if the processing is necessary for the assertion, exercise or defense of legal claims.

To exercise the right to object, you can contact us directly.

Right to withdraw consent under data protection law
Any person affected by the processing of personal data has the right to revoke a given consent to the processing of personal data at any time.

If you would like to assert your right to revoke your consent, you can contact us at any time.

Third party services – Google

This website may use services of the US company Google LLC that are listed below.

For the exceptional cases in which personal data are transferred to the USA, Google LLC has committed itself to the EU-US Privacy Shield (https://www.privacyshield.gov/EU-us-Framework).

Since ruling C-311/18 of the European Court of Justice of July 16, 2020 in the case C-311/18 iS Data Protection Commissioner v. Facebook Ireland Ltd and Maximilian Schrems, this framework is no longer considered a legitimate basis for data transfer. On September 8, 2020, the Swiss Federal Data Protection and Information Commissioner also designated the Swiss-US Privacy Shield as an insufficient basis for data transfer. Until the Swiss Federal Government has decided how to proceed with the Swiss-US Privacy Shield, our website may continue to use Google services.

Further information can be found in Google’s privacy policy.

Google analytics

With the statistics obtained by using Google Analytics we are able to improve our offer on the website and increase the value for the visitor. Our website may use Google Analytics for a cross-device analysis of visitor flows, performed by using a user ID. If the visitor has a Google user account, the user can deactivate the cross-device analysis of your usage in the settings there under “My data”, “Personal data”.

The legal basis for the use of Google Analytics is Art. 6, Para. 1. Lit. f. GDPR. The IP address transmitted by your browser in the context of Google Analytics is not merged with other data from Google. Note that when we use Google Analytics on our website, it will have been extended by the code “_anonymizeIp();” in order to ensure anonymous collection of IP addresses. This means that IP addresses are shortened before processing, so that a reference to a specific person is no longer possible. If the data collected about the visitor contains a personal reference, this will be excluded and the personal data will be immediately deleted.

Only in exceptional cases the full IP address will be transferred to a Google server in the USA and shortened there. On behalf of the operator of our website, Google will use this information to evaluate the visitor’s use of the website, to compile reports about the website activities and to provide further services to the website operator in connection with the use of the website and the internet.

Google Analytics uses cookies. The information generated by the cookie about the visitor’s use of our website is usually transferred to a Google server in the USA and stored there. You may refuse the use of cookies by selecting the appropriate settings on your browser, but please note that if you do this you may not be able to use the full functionality of this website. You can also prevent the sending of data generated by the cookie and related to your use of the website (including your IP address) to Google and the processing of this data by Google by downloading and installing a browser plugin available on Google’s website: https://tools.google.com/dlpage/gaoptout?hl=en

Privacy policy for LinkedIn

Our website uses features of the social network of LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland («LinkedIn»).

Each time you access one of our pages that contains LinkedIn features, a connection to LinkedIn’s servers is established. LinkedIn will be notified that you have visited our sites using your IP address. When you click on LinkedIn’s “recommend” button and are logged in to your LinkedIn account, LinkedIn is able to link your visit to our site to you and your account. Note that we, as the provider of this website, have no knowledge of the content of the transmitted data or its use by LinkedIn.

For more information, please refer to the LinkedIn privacy policy at https://www.linkedin.com/legal/privacy-policy

Privacy policy for contact form

If you send us an enquiry via the contact form that may be available on the website, your data from the contact form, including the contact data you entered there, will be stored by us for the purpose of processing the enquiry and in case of follow-up questions. We will not pass on this data without your consent.

Data protection declaration for objection to advertising e-mails

We hereby object to the use of our contact data and details published as part of this website’s imprint obligation to send unsolicited advertising and information material. The website operator expressly reserves the right to take legal action in the event of unsolicited advertising being sent, such as spam e-mails.

Paid services

In order to provide services that are subject to a charge, we will ask for additional data, such as payment details, to process your order or to carry out your order or transaction. We store this data in our systems until the statutory retention periods have expired.

Contractual services

We process the data of our contractual and business partners, e.g. customers, suppliers and interested parties (collectively referred to as “contractual partners”) in the context of contractual and comparable legal relationships and related measures and in the context of communication with the contractual partners (or pre-contractual), e.g responding to requests.

We process these data to fulfill our contractual obligations, to safeguard our rights and for the purposes of administrative tasks associated and the corporate organization. We only pass on the data of the contractual partners to third parties within the framework of the applicable law to the extent that this is necessary for the aforementioned purposes or to fulfill legal obligations or with the consent of the persons concerned (e.g. to telecommunications, transport and other auxiliary services involved as well as subcontractors, banks, tax and legal advisors, payment service providers or tax authorities). The contractual partners will be informed about other forms of processing, e.g. for marketing purposes, within the scope of this data protection declaration.

We inform the contractual partners which data are required for the aforementioned purposes before or as part of the data collection, e.g. in online forms, by means of special markings (e.g. colors) or symbols (e.g. asterisks or similar), or personally.

We delete the data after expiry of statutory warranty and comparable obligations related to the performed services unless the data is stored in a customer account, e.g. as long as it must be kept for legal archiving reasons (e.g. for tax purposes usually 10 years). We delete data disclosed to us by the contractual partner as part of an order or transaction in accordance with the specifications of the order/transaction, generally after the end of the order/transaction.

Insofar as we use third-party providers or platforms to provide our services, the terms and conditions and data protection notices of the respective third-party providers or platforms apply in the relationship between the users and the providers.

Customer account: Contractual partners may be able to create an account within our offer (“customer account” for short). If it is necessary to register a customer account, contractual partners will be informed of this as well as of the information required for registration. Customer accounts are not public and cannot be indexed by search engines. As part of the registration and subsequent registrations and uses of the customer account, we store the IP addresses of the customers together with the access times in order to be able to prove the registration and to prevent any misuse of the customer account.

If customers have terminated their customer account, the data relating to the customer account will be deleted, subject to their retention being required for legal reasons. It is the customer’s responsibility to back up their data upon termination of the customer account.

Analyzes and market research: For business reasons and in order to be able to identify market trends and the wishes of contractual partners and users, we analyze the data we have on business transactions, contracts, inquiries, etc., whereby the group of persons concerned includes contractual partners, interested parties, customers, visitors and users of our offer.

The analyzes are carried out for the purpose of business evaluations, marketing and market research (e.g. to determine customer groups with different characteristics). If available, we can take into account the profiles of registered users together with their information, e.g. on services used. The analyzes serve us alone and are not disclosed externally, unless they are anonymous analyzes with summarized, i.e. anonymous values. Furthermore, we take the privacy of the users into account and process the data for analysis purposes as pseudonymously as possible and, if feasible, anonymously (e.g. as summarized data).

E-commerce: We process the data of our customers in order to enable them to select, purchase or order the selected products, goods and associated services, as well as their payment and delivery or execution. If necessary for the execution of an order/service, we may use service providers to carry out services for our customers. We use the services of banks and payment service providers to process payment transactions. The required information is marked as such in the context of the ordering or comparable acquisition process and includes the information required for delivery or provision and billing as well as contact information in order to be able to hold any consultation.

Consultancy services: We process our customers’ data as part of our contractual services, including, for example, conceptual and strategic advice, planning, software and design development/consulting or strategies, implementation of strategies and processes, handling, data analysis/consulting services and training services can belong.

Note on data transfer to the USA

Our website includes tools from companies based in the USA. When these tools are active, your personal data may be transferred to the US servers of the respective company.

We would like to point out that the USA is not a safe third country within the meaning of EU data protection law. US companies are obliged to release personal data to security authorities without you as the person concerned being able to take legal action against this. It can therefore not be ruled out that US authorities (e.g. secret services) will process, evaluate and permanently store your data on US servers for monitoring purposes.

We have no influence on these processing activities.

Copyrights

The copyright and all other rights to content, images, photos or other files on the website belong exclusively to the operator of this website or the specifically named rights holders. For the reproduction of all files, the written consent of the copyright holder must be obtained in advance.

Anyone who commits a copyright infringement without the consent of the respective rights holder may be liable to prosecution and may be liable for damages.

General disclaimer

All information on this website has been carefully checked. We make every effort to ensure that the information we offer is up-to-date, correct in terms of content and complete. Nevertheless, the occurrence of errors cannot be completely ruled out, which means that we cannot guarantee the completeness, correctness and topicality of data and information, including that of a journalistic and editorial nature. Liability claims arising material or non-material damages caused by the use of the information provided are excluded, unless there is evidence of willful intent or gross negligence.

The publisher may change or delete text at its own discretion and without notice and is not obliged to update the content of this website. Use of or access to this website is at the visitor’s own risk. The publisher, its clients or partners are not responsible for any damages, whether direct, indirect, accidental, foreseeable or consequential, allegedly resulting from visiting this website and therefore no liability is assumed.

The publisher also assumes no responsibility or liability for the content and availability of third-party websites that can be accessed via external links on this website. The operators of the linked (web)sites are solely responsible for their content. The publisher expressly distances himself from all third-party content that may be relevant under criminal or liability law, that violate common decency, that may be considered immoral or creates a liability.

Changes

We may adjust this privacy policy at any time without prior notice. The current version published on our website applies. If the privacy policy is part of an agreement with you we will inform you about changes by email or by other suitable means in the event of an update.

Questions

If you have any questions about data protection and the privacy policy please contact us via email:

hq@greenipath.com

Baar, 23th January 2023