Privacy policy

Version of 23.08.2023/XNUMX

Data protection redIT

Protecting your privacy is important to us. With this data protection declaration we inform you about the type, scope and purpose of the collection and processing of personal data by redIT Services AG (hereinafter “we” or “us”) when using our websites, platforms, apps and other applications as well as when Obtaining services and products or when you otherwise communicate with us or are in contact with us.

If there is any inconsistency between this Privacy Policy and our applicable contractual or business terms and conditions, the provisions of this Privacy Policy will take precedence.

This data protection declaration is designed to meet the requirements of the EU General Data Protection Regulation (“GDPR”) and the Swiss Data Protection Act (“DSG”).

 

1. Responsible body and contact person for data protection issues

The responsible body within the meaning of data protection laws and the contact person for your data protection concerns is:

redIT Services AG
Arbachstrasse 2d
CH-6340 Baar
datenschutz@redIT.ch

 

2. Collection and processing of personal data

Personal data is all information that relates to a specific or identifiable natural person. A data subject is a person about whom personal data is processed. Processing includes any handling of personal data, regardless of the means and procedures used, in particular the acquisition, storage, retention, use, modification, disclosure, archiving, deletion or destruction of data.

We collect personal data transparently, in accordance with the principles of purpose limitation, data avoidance and data economy and only to the extent and for as long as is necessary or is specified by the legislature.

We primarily process personal data that we receive from them and other people involved as part of and to ensure our business relationship with our customers and business partners, or that we receive or collect from their users when operating our websites, platforms, apps and other applications.

To the extent permitted, we also obtain certain data from publicly accessible sources (such as public registers, media, internet) or receive such data from other companies within the beelk group, from official and judicial proceedings from authorities or from other third parties.

In addition to the data we receive directly from you, the categories of personal data we receive from third parties include, but are not limited to:

  • Information from public registers (business registers, commercial registers, land registers, etc.)
  • Information that we learn in connection with administrative and legal proceedings
  • Information on compliance with legal requirements
  • Information related to your business functions and activities
  • Information about you in correspondence and meetings with third parties
  • Information about you that people in your environment (family, advisors, representatives, etc.) give us so that we can conclude or process contracts with you or with your involvement (e.g. references, your address for deliveries, powers of attorney)
  • Information from banks, insurance companies, sales and other contractual partners regarding the use of your services. Providing our services to you (e.g. payments made, purchases made)
  • Information about you from the media and the Internet (if this is appropriate in the specific case)
  • References for applications.

 

3. Purpose of data processing and legal basis

We use the personal data we collect primarily to establish, manage and process contractual relationships with our customers, suppliers and business partners.

In addition, we process personal data, to the extent permitted and deemed appropriate to us, for the following purposes:

  • Develop and improve our offers, services, products, websites, apps and platforms
  • communication with you
  • Marketing and relationship management (unless you have refused or revoked the use of your data for advertising purposes, which you can do at any time)
  • Compliance with laws, instructions and recommendations from authorities, including the enforcement and defense of legal claims
  • Prevention and investigation of crimes and other misconduct (e.g. conducting internal investigations, data analysis to combat fraud)
  • security purposes and access controls
  • Ensuring operation, especially IT, websites, apps and other platforms
  • Risk management and corporate governance
  • Training and quality assurance.

 

4. Cookies, tracking and other technologies in connection with the use of our website, newsletters and other applications

We typically use “cookies” and similar technologies on our websites, platforms, apps and other applications that can identify your browser or device. A cookie is a small file that is sent to your computer or automatically stored on your computer or mobile device by the web browser you use when you visit our websites and platforms or install our apps. If you visit the Website or Platform again or use our App again, we can recognize you, even if we don't know who you are. In addition to cookies that are only used during a session and are deleted after your visit to the website ("session cookies"), cookies can also be used to store user settings and other information over a certain period of time (e.g. two years) ("permanent cookies". »). However, you can set your browser so that it rejects cookies, only saves them for one session or otherwise deletes them early. Most browsers are preset to accept cookies. We use permanent cookies to save user settings (e.g. language, autologin), so that we can better understand how you use our offers and content and so that we can show you offers and advertising tailored to your needs. Certain cookies are set by us, and certain cookies are also set by contractual partners with whom we work. If you block cookies, certain functionalities (such as language selection, shopping cart, ordering processes) may no longer work.

In some of our newsletters and other marketing emails, and where permitted, we also include visible and invisible image elements, by retrieving them from our servers we can determine whether and when you have opened the email, so that we can also measure here and better understand how you can use our offerings and tailor them to you. You can block this in your email program.

By using our websites, platforms, apps and other applications or By agreeing to receive newsletters, you agree to the use of these techniques. If you do not want this, you must set your browser or email program accordingly or uninstall the app if this cannot be adjusted via the settings.

We sometimes use Google Analytics or similar services on our websites. This is a service provided by third parties who may be located in any country in the world (in the case of Google Analytics it is Google Ireland (based in Ireland), Google Ireland relies on Google LLC (based in the USA) as data processor (both «Google», www.google.com), with which we can measure and evaluate the use of the website (not personal). For this purpose, permanent cookies that the service provider sets are also used. We have configured the service in such a way that The IP addresses of visitors are shortened by Google in Europe before being forwarded to the USA and therefore cannot be traced. We have switched off the “Data transfer” and “Signals” settings. Although we can assume that the information we share with Google share, is not personal data for Google, it is possible that Google can use this data to draw conclusions about the identity of visitors for its own purposes, create personal profiles and link this data to the Google accounts of these people. If you have registered with the service provider yourself, the service provider also knows you. The processing of your personal data by the service provider is then the responsibility of the service provider in accordance with its data protection regulations. The service provider only tells us how our website is used (no information about you personally).

 

5. Social Plugins

We use so-called plug-ins from social networks such as Facebook, LinkedIn, TikTok, YouTube, Instagram, etc. on our websites. This is clear to you in each case (typically via corresponding symbols). We have configured these elements to be disabled by default. If you activate it (by clicking on it), the operators of the respective social networks can register that you are on our website and can use this information for their purposes. The processing of your personal data is then the responsibility of this operator in accordance with its data protection regulations. We do not receive any information about you from him.

 

6. Newsletter

Registration for our newsletter takes place using the “double opt-in” procedure, which means that registrations must be expressly confirmed in a confirmation email so that improper registration with a third-party email address is not possible. Registrations are logged so that confirmation can be verified using the “double opt-in” procedure if necessary. You can unsubscribe from newsletters at any time. In every single newsletter email there is the option to unsubscribe with a single mouse click or tap.

 

7.Microsoft Teams

Microsoft Teams is a teamwork service from Microsoft Corporation, Redmond, Washington, which we use to communicate with our customers, suppliers and business partners. The use of Microsoft Teams is subject to Microsoft's privacy policy, which you accept before using Teams. The data may also be processed in countries without adequate data protection. In these cases, Microsoft uses standard contractual clauses to ensure the protection of personal data. Microsoft is certified under the US-EU Privacy Shield and Swiss-US Privacy Shield. The rights of those affected must be asserted directly against Microsoft.

 

8. Data transfer and data transfer abroad

As part of our business activities and legal obligations, to protect legitimate interests and for the purposes set out in Section 3 above, we may also transmit your personal data to third parties, in particular to the following recipients:

  • to other companies in the beelk group (green4 ag, Ivira AG, Jetag GmbH, beelk Holding AG)
  • to our domestic and foreign service providers, contractual partners (including banks and other payment providers, call centers, subcontractors) and customers
  • to domestic and foreign authorities, offices, courts or other public bodies and institutions if there are legal reasons

all collectively “recipients”.

The recipients are partly in Germany, but can also be anywhere in the world. In particular, you must expect your data to be transferred to other countries in Europe and the USA, where some of our service providers and contractual partners (e.g. Microsoft) are located.

If a recipient is located in a country without adequate legal data protection, we contractually oblige the recipient to comply with the applicable data protection provisions using the European Commission's standard protection clauses, unless the recipient is already subject to a legally recognized set of rules to ensure data protection and we cannot rely on an exception provision . An exception may apply in particular in legal proceedings abroad, but also in cases of overriding public interests or if the execution of a contract requires such disclosure, if you have given your consent or if it concerns data that you have made generally accessible and the processing of which you have not objected to.

 

9. Duration of retention of personal data

We process and store your personal data for as long as it is necessary to fulfill our contractual and legal obligations or for the purposes pursued by the processing, i.e. for example for the duration of the entire business relationship and beyond in accordance with the legal retention and documentation obligations. As soon as your personal data is no longer required for the purposes mentioned above, it will generally be deleted or anonymized as far as possible. Shorter retention periods of twelve months or less generally apply to operational data (e.g. system logs, logs).

 

10. data security

We take appropriate technical and organizational measures to protect your personal data from unauthorized access and misuse. The measures include, in particular, ensuring the confidentiality, integrity and availability of data by controlling and restricting physical and electronic access and access to the data, by issuing guidelines and instructions, training and raising awareness of employees, IT and network security solutions, encryption of data carriers and transmissions, pseudonymization and controls.

 

11. Profiling and automated decision making

We process your personal data partially automatically with the aim of evaluating certain personal aspects (profiling). We use profiling in particular to be able to provide you with targeted information and advice about products. We use evaluation tools that enable us to communicate and advertise as needed, including market and opinion research.

In principle, we do not use fully automated decision-making. If we use such procedures in individual cases, we will inform you separately, provided this is required by law and inform you about the associated rights.

 

12. Rights of the data subject

Within the scope of the data protection law applicable to you and to the extent provided for therein, you have the right to information, correction, deletion, restriction of or objection to our data processing, in particular for the purposes of direct marketing, profiling for direct advertising and other legitimate interests in processing as well as Release of certain personal data for the purpose of transferring it to another location (so-called data portability).

You can revoke your consent given to us at any time with effect for the future.

Please note that the above rights are subject to requirements, exceptions or restrictions under the applicable data protection law (e.g. to protect third parties, to protect trade secrets, in the case of statutory retention or processing obligations, etc.) and may affect or make it impossible to provide our services. This can lead to premature termination of the contract or cost consequences.

Exercising these rights requires that you provide clear proof of your identity (e.g. by providing a copy of your ID or passport). To assert your rights, you can contact us at the address given in Section 1.

Every data subject has the right to enforce their claims in court or to file a complaint with the responsible data protection authority. The responsible data protection authority in Switzerland is the Federal Data Protection and Information Commissioner (http://www.edoeb.admin.ch).

 

13. Changes

We may amend this privacy policy at any time without prior notice. The current version published on our website applies.

 

Imprint

Terms and conditions