Website Privacy Policy
This privacy policy applies to SmartPath AG and all of its affiliated companies (hereinafter "SmartPath AG"), namely:
SmartPath AG
Kägiswilerstrasse 17
6060 Sarnen
Switzerland
Tel. +41 41 661 1000
E-mail address: contact@asksmartpath.com
UID number: CHE-499.893.384
1. General information
SmartPath AG takes the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the legal data protection regulations as well as this privacy policy. In handling data, SmartPath AG is guided by the Swiss Federal Data Protection Act (DSG) and the EU General Data Protection Regulation (GDPR).
This Privacy Policy explains how we process the personal data we collect from our existing and potential customers when they use our websites, which are subject to this Privacy Policy. Personal data is any data by which you can be personally identified.
Note on the responsible entity
The data controller for SmartPath AG is:
SmartPath AG
Kägiswilerstrasse 17
6060 Sarnen
Switzerland
Tel. +41 41 661 1000
E-mail address: contact@asksmartpath.com
UID number: CHE-499.893.384
Contact SmartPath AG
Please contact Sebastian Bauer with any questions or comments about this privacy policy at sebastian.bauer@asksmartpath.com.
Scope of this privacy policy
This Privacy Policy applies to the following services:
- Visiting our websites, filling out a form on one of our websites.
- Contacting us with a request to call us back via the website or phone/social media channels.
- Marketing goods or services that we think may be of interest to you and your business.
2. Principles of Data Processing at SmartPath AG
Lawfulness
Processing must be based on a lawful basis (law, ordinance, statutes, regulations or equivalent) or carried out with the consent of the data subjects.
Principle of good faith
The data must be processed in good faith. Personal data may not be obtained if the data subject is not aware of it or if this is done against his or her will.
Proportionality
Processing must be appropriate, i.e. reasonably related to the purpose and limited to what is necessary to achieve the objective.
Purpose
Personal data may only be obtained for a specific purpose that is recognizable to the data subject; it may only be processed in a way that is compatible with this purpose.
Identifiable procurement
The procurement of personal data and, in particular, the purpose of its processing must be recognizable to the data subject; the purpose of the processing must be stated when the data is procured or must be evident from the circumstances. Where necessary, consent to processing is obtained. This must be given voluntarily (prohibition of coupling) and explicitly for each data processing operation individually. Consent may be revoked at any time in its entirety or for individual data processing purposes.
Accuracy and right to be forgotten
Accuracy and right to be forgotten Personal data must be as complete and up-to-date as circumstances permit. The data subject may request that inaccurate data be corrected. Personal data shall be inactivated, anonymized or destroyed as soon as it is no longer required for the purpose of processing.
Data security
The data protection officer and the order processor ensure data security appropriate to the risk by means of suitable technical and organizational measures. It is ensured that personal data is only processed on the instructions of the data controller.
Privacy by Design and by Default
The data protection officer is obliged to design the data processing technically and organizationally in such a way that the data protection regulations are complied with from the outset, even without special adjustments. He shall take this into account from the planning stage onwards.
Accountability
SmartPath AG establishes and maintains control mechanisms and systems to ensure and actively demonstrate that the conformity of the data processing with the GDPR is guaranteed throughout the entire operation.
Rights of the data subjects
Individuals whose data is processed by SmartPath AG have the right to know what the data is. If necessary, they can demand that the data be corrected or deleted.
Revocation of your consent to data processing
Many data processing operations are only possible with your express consent. You can revoke consent you have already given at any time. For this purpose, an informal communication by e-mail to us is sufficient. The legality of the data processing carried out until the revocation remains unaffected by the revocation.
Right of appeal to the competent supervisory authority
In the event of violations of data protection law, the data subject has a right of appeal to the competent supervisory authority.
Switzerland
Data Protection Commissioner of the Cantons of Schwyz, Obwalden and Nidwalden.
Right to data portability
You have the right to have data that we process automatically on the basis of your consent or in fulfillment of a contract handed over to you or to a third party in a common, machine-readable format. If you request the direct transfer of the data to another responsible party, this will only be done insofar as it is technically feasible.
Information, blocking, deletion
Within the framework of the applicable legal provisions, you have the right at any time to free information about your stored personal data, its origin and recipient and the purpose of data processing and, if necessary, a right to correction, blocking or deletion of this data. For this purpose, as well as for further questions on the subject of personal data, you can contact us at any time at the address given in the imprint.
Objection to advertising e-mails
We hereby object to the use of contact data published within the framework of the imprint obligation to send advertising and information material that has not been expressly requested. The operators of the pages expressly reserve the right to take legal action in the event of the unsolicited sending of advertising information, such as spam e-mails.
3. Data Collection on our website
Who is responsible for data collection on this website?
Data processing on this website is carried out by the website operator. You can find his contact details in the imprint of this website.
How do we collect your data?
On the one hand, your data is collected by you providing it to us. This can be, for example, data that you enter in a contact form. Other data is collected automatically by our IT systems when you visit the website. This is mainly technical data (e.g. Internet browser, operating system or time of page view). This data is collected automatically as soon as you enter our website.
What do we use your data for?
Some of the data is collected to ensure error-free provision of the website. Other data may be used to analyze your user behavior.
What rights do you have regarding your data?
You have the right to receive information about the origin, recipient and purpose of your stored personal data free of charge at any time. You also have a right to request the correction, blocking or deletion of this data. For this purpose as well as for further questions on the subject of data protection, you can contact us at any time at the address given in the imprint. Furthermore, you have the right to lodge a complaint with the competent supervisory authority.
Analysis tools and tools from third-party providers
When visiting our website, your surfing behavior may be statistically analyzed. This is done primarily with cookies and with so-called analysis programs. The analysis of your surfing behavior is usually anonymous; the surfing behavior cannot be traced back to you. You can object to this analysis or prevent it by not using certain tools. You can find detailed information on this in the following privacy policy. You can object to this analysis. We will inform you about the objection options in this privacy policy.
Cookies
Some of the Internet pages use so-called cookies. Cookies do not cause any damage to your computer and do not contain viruses. Cookies serve to make our offer more user-friendly, more effective and safer. Cookies are small text files that are stored on your computer and saved by your browser.
Most of the cookies we use are so-called "session cookies". They are automatically deleted after the end of your visit. Other cookies remain stored on your terminal device until you delete them. These cookies allow us to recognize your browser on your next visit.
You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general and activate the automatic deletion of cookies when closing the browser. If cookies are deactivated, the functionality of this website may be limited.
Cookies that are required to carry out the electronic communication process or to provide certain functions that you have requested are stored on the basis of Art. 6 (1) lit. f GDPR. The website operator has a legitimate interest in storing cookies for the technically error-free and optimized provision of its services. Insofar as other cookies (e.g. cookies for analyzing your surfing behavior) are stored, these are treated separately in this data protection declaration.
Server log files
The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:
- browser type and browser version
- Operating system used
- referrer URL
- Host name of the accessing computer
- Time of the server request
- IP address
This data is not merged with other data sources. The basis for data processing is Art. 6 (1) lit. f GDPR, which permits the processing of data for the fulfillment of a contract or pre-contractual measures.
Contact form
If you send us inquiries via contact forms, your data from the inquiry form, including the contact data you provided there, will be stored by us for the purpose of processing the inquiry and in case of follow-up questions. We do not pass on this data to third parties outside our company without your consent. The processing of the data entered in the contact forms are therefore based exclusively on your consent (Art. 6 para. 1 lit. a GDPR). You can revoke this consent at any time. For this purpose, an informal communication by e-mail to us is sufficient. The legality of the data processing operations carried out until the revocation remains unaffected by the revocation.
The data you entered in the contact forms will remain with us until you request us to delete it, revoke your consent to store it or the purpose for storing the data no longer applies. Mandatory legal provisions - in particular retention periods - remain unaffected.
Processing of data (customer and contract data)
We collect, process and use personal data only to the extent necessary for the establishment, content or modification of the legal relationship (inventory data). This is done on the basis of Art. 6 (1) lit. b GDPR, which permits the processing of data for the fulfillment of a contract or pre-contractual measures. We collect, process and use personal data about the use of our websites (usage data) only to the extent necessary to enable the user to use the service.
The basis for data processing is Art. 13 para. 2 lit. a DSG / Art. 6 para. 1 lit. b GDPR, which permits the processing of data for the fulfillment of a contract or pre-contractual measures.
SSL or TLS encryption
For security reasons and to protect the transmission of confidential content, such as orders or requests that you send to us as the site operator, this site uses SSL or TLS encryption. You can recognize an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in your browser line. If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.
4. Passing On of Information
Information disclosure at SmartPath AG
We restrict access to personally identifiable information to internal individuals at SmartPath AG who have a need to know that information.
Information Sharing Outside SmartPath AG, with Our Partners and Third Parties
We will not share your processed personal information with other individuals or companies outside of our organization, except as provided under this policy or with your consent. We may share your personal information with the following third parties and others for the following purposes:
- Suppliers or other subcontractors with whom we have a business relationship and who provide products and services to us so that we can provide services to you (e.g., partners who provide software support, website hosting and website management);
- With our professional and legal advisors for commercial, financial or legal advisory purposes;
- If we sell business assets, your personal information may be disclosed to a prospective buyer. In these circumstances, we will attempt to bind the buyer to the terms of this Privacy Policy;
- In exceptional circumstances, personal information may be disclosed to third parties, such as law enforcement and regulatory agencies, so that we can protect our rights, property or the safety of our customers, employees and assets;
- We may also disclose your personal information when necessary to comply with a legal obligation in a particular jurisdiction, including when this is based on a voluntary act or decision on our part (for example, our decision to operate in a particular country or the like).
5. Your Obligations
You vouch for the quality of the information you provide through our services. All personal information you provide to SmartPath AG must be factually accurate, correct and up to date. You will ensure that you provide truthful, accurate and up-to-date information that complies with this principle.
7. Storage
Unless otherwise regulated in this privacy policy, we generally store the data for a period of six months from collection. After that, the data will be deleted, unless you have consented to a longer storage or there are special legal obligations to retain data or an overriding business interest of our own.