RISCH
CONTENT
General Information
GENERAL INFORMATION
In this document, we refer to the European General Data Protection Regulation (GDPR), as it is stricter than Swiss data protection law and therefore covers all eventualities. All articles mentioned below can be found in the GDPR.
The topics of data protection and information security are the foundation for stable and trustworthy communication for KISS organizations and hold a high priority in our daily operations. For this reason, the protection of your personal data (hereinafter referred to as "data") is an important concern for us.
We comply with all relevant regulations when handling data – particularly those of the General Data Protection Regulation (GDPR) and the Telecommunications Act (TKG) in their respective valid versions. Additionally, we have taken the necessary technical and organizational measures to ensure appropriate data protection.
In the following, we would like to inform you in detail about which data is collected when you visit our website and use our services, and how this data is subsequently processed and used by us.
If you use our website solely for accessing information, it is generally not necessary for you to provide personal data. However, certain data that can be linked to an individual must be processed for the operation of the website. This concerns only the data transmitted to us by your internet browser. Specifically, the following data may be transmitted:
Purpose
This data is collected to facilitate the access and use of the webpages you visit, for statistical purposes, and to improve our internet offerings.
Legal basis
The legal basis for this is our legitimate interest in accordance with Art 6 (1) lit f GDPR to ensure the operation of the website, conduct error and availability analysis, and defend against attacks.
Google and YouTube may be recipients of this data. More details are provided below.
Storage duration
The data is stored for a maximum of four weeks, unless there is a legal obligation to retain it beyond that period. Data may also be stored longer if necessary to investigate attacks on our website.
To enable you to fully utilize our web offerings, we use "cookies." Cookies are small text files that allow the recognition of the user and the analysis of your use of our website. These text files store a randomly generated unique identification number. The cookie also contains information about its origin and the duration of its storage. These cookies cannot store other data. Setting cookies does not allow us to access files on your computer.
The cookies we set do not pose a threat to the user's computer system, as they do not cause any damage or contain viruses or similar threats.
The use of cookies can be prevented by adjusting your browser settings. If your browser supports the "Do-Not-Track" technology and you have enabled it, no usage profile will be created based on your visit. However, please note that without cookies, the full functionality of this website may not be available.
We use the "Google Maps" component of Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043 USA (hereafter "Google Maps") on our site.
Each time you access a page with the "Google Maps" component, a cookie is set by Google to process user settings and data when displaying the page where "Google Maps" is integrated. This cookie is generally not deleted when you close your browser; instead, it expires after a certain time unless you manually delete it beforehand.
If you do not agree to this processing of your data, you can disable the "Google Maps" service, which will prevent data from being transferred to Google. To do this, you must disable the JavaScript function in your browser. However, please note that in this case, "Google Maps" may not be usable or may only be available to a limited extent.
The use of "Google Maps" and the information obtained via "Google Maps" is governed by Google's Terms of Service at http://www.google.de/intl/de/policies/terms/regional.html and the additional terms of service for "Google Maps" at https://www.google.com/intl/de_de/help/terms_maps.html.
YouTube videos are embedded on our website, which are stored on "www.youtube.com" and can be played directly from our website. We use the "extended data protection mode" option provided by YouTube, meaning that no data about you as a user is transmitted to YouTube unless you play the videos. Once you play the videos, YouTube cookies are stored on your computer, and data is transmitted to YouTube's operator, Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (hereafter "Google"). When playing YouTube videos, the following data is transmitted to Google: IP address and cookie ID, the specific address of the page you accessed on our site, browser language settings, system date and time of access, and your browser's identifier. This data is transmitted regardless of whether you are logged into a YouTube user account or not. If you are logged in, this data is directly associated with your account. You can prevent this by logging out before activating the start button.
YouTube or Google stores this data as usage profiles and uses it for advertising, market research, and/or demand-driven website design. You have the right to object to the creation of these usage profiles, which you must address directly with Google, the operator of YouTube. Further information on YouTube's data protection is available at www.google.at/intl/de/policies/privacy/.
By playing the YouTube videos, you consent to the processing of your data by Google. We do not process the affected data.
Purpose
If you contact us via the contact form on the website, by email, or by phone, your provided data will be stored by us for the purpose of processing your request and for possible follow-up questions.
The legal basis for this is our legitimate interest in accordance with Art 6 (1) lit f GDPR to respond to your inquiry, or the initiation or fulfillment of a contract in accordance with Art 6 (1) lit b GDPR.
Storage duration
The data will only be stored as long as it is necessary to fulfill the respective purpose or required by legal retention periods.
Purpose
You have the option to subscribe to our newsletter via our website. This allows you to stay up to date with interesting news, topic-related information, and invitations to our events. For this, we need your name, email address, and your confirmation that you agree to receive the newsletter. Upon subscribing to our newsletter, we will also store your IP address and the date and time of your subscription. This is to protect us in case a third party abuses your email address and subscribes to the newsletter without your knowledge, as well as to provide proof of your consent. Additionally, we use a double opt-in process.
A statistical analysis of opening, reading, and click behavior is also carried out in connection with the newsletter. This allows us to offer you better services and ensure that you only receive the information that truly interests you.
Legal basis
The legal basis for the newsletter subscription is your consent according to Art 6 (1) lit a GDPR. The creation of the statistics is based on our legitimate interest according to Art 6 (1) lit f GDPR, as explained by the aforementioned purposes. You can object to this by unsubscribing from the newsletter.
Apart from the website subscription, we will also use your email address, provided in an existing contract relationship with you, to send you newsletters. You will always have the option to reject the newsletter easily and free of charge. The legal basis here is our legitimate interest to keep you informed, in combination with the exception for business relationships according to § 107 (3) Telecommunications Act (TKG 2003).
Recipient
For sending newsletters, we use the dynpg service provided by gamper media GMBH, Zufikon. They have committed to comply with data protection regulations.
Storage duration
The data will be deleted after unsubscribing from the newsletter.
Revocation
You can cancel your subscription at any time by clicking the "Unsubscribe from newsletter" button. You can also contact us via email or phone. Your data will then be promptly deleted in connection with the newsletter service. The legality of the processing that took place before your revocation remains unaffected.
APPLICATION PROCEDURE
Purpose
The personal data you submit during the course of an application (including correspondence) is processed for the purpose of recording and storing as well as coordinating and evaluating the application process. Additionally, with your consent, your application data may be retained for future application procedures. Furthermore, we store your application data to assert and defend against legal claims. We also conduct anonymous statistical evaluations of the applicant structure.
Without the provision of your application data, it is not possible to consider your application in the application process, as we would otherwise not be able to assess whether you are suitable for the respective position.
Legal Basis
The processing is based on the following legal grounds:
Storage Duration
After rejection, the personal data you submitted will be stored for eight months and then deleted. In the case of your consent for the retention of evidence, your application data will be deleted two years after rejection.
Recipients
Your personal data will not be shared with third parties. For the management of applications, we use the software solution provided by Sage GmbH.
BUSINESS RELATIONSHIPS
Depending on the contract, it is necessary to process certain data to either make use of services or provide them on our part.
Purpose
For the initiation of a contract (offer creation, participation in tenders, etc.), we process the necessary data.
Additionally, data is processed during ongoing business relationships, which is necessary for providing our services, customer care and information, including internal documentation and administration. Furthermore, data is stored to comply with legal obligations (particularly the Federal Tax Code - BAO) and to assert and defend legal claims, if necessary.
Legal Basis
The following legal bases apply in this case:
Storage Duration
Data is generally stored only as long as necessary to fulfill the mutual contractual obligations.
To comply with legal obligations (particularly Section 132 BAO, Sections 190, 212 UGB), storage occurs for a duration of 7 years from the end of the calendar year. In certain cases, such as the assertion and defense of legal claims, data may be stored for a longer period. Specifically, contracts and related data are stored for 30 years due to the general statute of limitations under Section 1489 ABGB. Until the point of deletion, the data will be restricted so that no further processing or access occurs. In certain cases, data may be retained longer to assert and defend legal claims.
Recipients
To provide our services, we may engage various contractual or business partners who contribute to the delivery or performance. These partners are contractually bound to confidentiality. Additionally, your data may be shared with authorities or courts if we are legally obligated to do so.
PHOTO AND/OR VIDEO RECORDINGS AT COMPANY EVENTS
Purpose
As is customary at any event, photos and/or videos are taken at the events organized by us. Our aim is not to identify individual persons, but purely to document the event. For documentation purposes, the photos and/or videos are securely stored by us and may also be published on the internet (on our website), in our company magazine, or via newsletter. Additionally, they may be archived for future reference. Furthermore, we may present these photos/videos at future events (e.g., annual/jubilee events).
Legal Basis
The processing (taking, presenting, and publishing of photos/videos) is based on our overriding legitimate interest in documenting our own events and archiving them (Section 12 DSG). This also includes the interest in informing the public, customers, and stakeholders about company events, as well as documenting the company's history with photo and video material for future generations.
Storage Duration
The photos/videos are stored for as long as they are necessary for the stated purpose. Photo/video recordings are generally deleted immediately if they are not suitable for the above purposes, would violate the legitimate interests of the person depicted, or if the person objects.
Objection
You are not obligated to be photographed or recorded. If you do not agree with being photographed or filmed, please inform the photographer on-site. You may also contact us after photos/videos have already been taken. More information about the right to object can be found below.
ADMINISTRATION OF DATA SUBJECT RIGHTS REQUESTS
Purpose
The purpose is to handle your requests concerning data subject rights under the GDPR. Additionally, we store this data beyond the processing of your request as proof that we have fulfilled our legal obligation to handle your request in a timely and appropriate manner.
Legal Basis
The legal basis for processing your requests is Article 12 ff GDPR. Accordingly, we must send you all communications related to your data subject rights. Storage beyond the processing of the request is based on our legitimate interest according to Article 6(1)(f) GDPR, derived from the above-mentioned purpose.
Storage Duration
Your data will be stored for three years after the request is processed. This is due to the general statute of limitations according to Section 24(4) DSG. Until the point of deletion, the data will be restricted so that no further processing or access occurs.
If personal data concerning you is processed (collected, recorded, stored, evaluated, modified, read, queried, disclosed, disseminated, compared, linked, restricted, deleted, destroyed, etc.), you are considered a data subject under the GDPR. As a data subject, you have the following rights against any data controller processing your personal data:
RIGHT TO INFORMATION
According to Art. 15 GDPR, you have the right to request information and demand details regarding all personal data concerning you that is processed by the company. In such a case, you must be provided with the relevant data. Additionally, you have the right to receive the following information:
RECTIFICATION
According to Art. 16 GDPR, you have the right to request the rectification of inaccurate personal data concerning you and/or the completion of incomplete personal data without undue delay.
DELETION
According to Art. 17 GDPR, you have the right to request the immediate deletion of personal data concerning you. The controller is obliged to delete personal data immediately if one of the following reasons applies:
THE RIGHT TO DELETION DOES NOT APPLY where processing is necessary:
If the controller has made your personal data public and is obliged to delete it, they must take reasonable steps, including technical measures, to inform other data controllers processing your personal data that you have requested the deletion of any links to, copies, or replication of such personal data.
RESTRICTION
Under Art. 18 GDPR, you have the right to request the restriction of processing when:
Where processing has been restricted, such personal data shall, with the exception of storage, only be processed with your consent or for the establishment, exercise, or defense of legal claims, or for the protection of the rights of another natural or legal person, or for reasons of important public interest of the Union or a Member State. You must be informed before the restriction is lifted.
NOTIFICATION
If you have exercised your right to rectification, deletion, or restriction of processing, the controller is obliged to inform all recipients to whom your personal data has been disclosed, unless this proves impossible or involves disproportionate effort.
DATA PORTABILITY
You have the right to receive the personal data concerning you, which you have provided to a controller, in a structured, commonly used, and machine-readable format. You also have the right to transmit that data to another controller without hindrance, provided that:
You can also request that your personal data be transmitted directly from one controller to another, where technically feasible.
This right does not apply to processing necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller. It must not adversely affect the rights and freedoms of others.
OBJECTION
Under Art. 21 GDPR, you have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you that is based on Art. 6(1)(e) or (f). The right to object applies where the processing:
The right to object also applies to processing for direct marketing purposes.
In connection with the use of information society services, you may exercise your right to object by automated means using technical specifications, notwithstanding Directive 2002/58/EC.
If the processing is for a task carried out in the public interest, you may only object if the processing is not necessary in this context, and:
WITHDRAWAL OF CONSENT
You have the right to withdraw your consent to data processing at any time. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.
COMPLAINT
If you believe that the processing of your personal data violates data protection law or your data protection rights have been infringed in any way, we ask that you contact us so we can address your concerns. However, you also have the right to file a complaint with the relevant data protection authority.
Your trust is especially important to us. If you have any further questions regarding data protection in connection with our organization, please feel free to contact us via our official contact address (info@kiss-risch.ch).
We would like to point out that by using this website, copyright, name, trademark rights, and other rights of third parties must be observed. You agree to refrain from any improper use of the entire content (especially images, videos, fonts, and trademarks).
Version October 2023
|
|
|
 |
|
Unterstützt von:
|
 |
