Moser-Baer AG cares about its business relationship with you and your organisation and looks forward to being able to provide you with products, services and information in future.In this data protection statement, we explain how Moser-Baer AG collects or processes personal data. This statement is not a definitive description; if necessary, specific issues may be governed by other data protection statements or general business terms and conditions.The protection of your personal data is important to us. For this reason, we only process personal data in accordance with the applicable data protection law, in particular, the Swiss Federal law regarding data protection and, where relevant, the EU General Data Protection Regulation, which came into force on 25 May 2018.
Data protection officer
Moser-Baer AG is aware of the importance of data protection and has voluntarily appointed a Data Protection Officer. If necessary, this person will also act as our EEA representative in accordance with Art. 27 GDPR. Moser-Baer AG, Spitalstrasse 7, 3454 Sumiswald is responsible for data processing, as detailed in this statement, unless otherwise specified for individual cases. If you have any concerns regarding data protection legislation, please contact our Data Protection Officer (firstname.lastname@example.org), who will be pleased to answer any of your questions.
Collecting and processing personal data
Personal data refers to data that we can use to identify you and that enables us to make contact with you. We primarily process personal data that we have obtained as part of our business relationship with our customers, their business partners or other persons associated with them or that you have provided to us voluntarily. If permitted, we also gather certain data from publicly accessible sources (such as the commercial register, media, Internet, land register and debt collection register) or obtain it from authorities or other third parties. The personal data that we process may include your name, surname, business address, e-mail address, telephone number and job title and that of your colleagues.In addition to the data that you provide us with directly, this also includes the categories of personal data that we obtain from third parties about you, particularly information from public registers, information that we become aware of in connection with official or legal proceedings, information in connection with your professional roles and activities (so that, with your assistance, we may e.g. conclude or undertake business with your employer), information about you in correspondence and discussions with third parties, credit checks (if we undertake personal business with you), information about you that we receive from people with whom you are associated (family, advisers, legal representatives, etc.), to enable us to conclude or undertake agreements with you or involving you (e.g. references, your address for deliveries, powers of attorney, information on compliance with legal provisions, such as combating money laundering and export restrictions), information from banks, insurance companies, sales and other partners with whom we have agreements, for the use or provision of services by you (e.g. payments or purchases made), information from the media or the Internet about you (if this is indicated in the specific case, e.g. with regard to an application, press review, marketing/sales, etc.), your addresses and interests, if appropriate, and other sociodemographic data (for marketing), data in connection with website usage (e.g. IP address, MAC address of the smartphone or computer, information about your device and settings, cookies, date and time of your visit, pages and content accessed, functions used, referencing websites, location information).
Purpose and basis of data processing
Moser-Baer AG uses the personal data obtained from you primarily to enable us to undertake and conclude agree-ments with you and our business partners. This includes the purchase and sale of products, the manufacture of products, the provision of services and development services, support and training. We also process your personal data and that of others, if permitted and if we consider it to be appropriate, for the following purposes:
- To offer and develop our products, services and websites, apps and other platforms on which we have a presence;
- Communication with third parties and dealing with their requests (e.g. applications, media enquiries);
- Procedures for needs analyses for the purpose of direct customer contact and collection of personal data from publicly accessible sources for customer acquisition;
- Publicity and marketing, provided that you have not objected to your data being used;
- Enforcement of legal claims and defence in connection with legal disputes and administrative proceedings;
- Prevention and clarification of offences and other forms of misconduct (e.g. completion of internal investigations, data analysis for combating fraud);
- Ensuring our operation, particularly IT, buildings, vehicle fleets, our website and other platforms;
- Purchase and sale of business units, companies or parts of companies and other transactions under corporate law and, in connection with this, the transmission of personal data and measures for business management, insofar as this is required to comply with legal and regulatory obligations.
When processing personal data for the purposes detailed in this statement, this is based on, inter alia, our legitimate interest in maintaining, developing and managing our business relationship and communication with you as business partner about our products and services.
If you have given us your consent to process your personal data for specific purposes (for example, as a result of your enquiry regarding Mobatime products and services, an order, etc.), we process your personal data within the scope of and based on this consent, if we have no other legal basis and we require such a basis. You may revoke your consent at any time. However, this does not affect any data processing that has already been undertaken.
Cookies/tracking and other technologies in connection with the use of our website
Our websites typically use “cookies” and similar technologies which are used to enable identification of your browser or device. A cookie is a small file sent to your computer or saved automatically to your computer or mobile device by your browser when you visit our website. This enables us to recognise you when you access this website again, even though we do not know who you are. In addition to cookies that are only used during a session and that are deleted after you leave the website (“session cookies”), cookies can also be used to store user settings and other information for a specific period of time (“permanent cookies”). However, you can amend the settings in your browser to reject cookies, to save them for one session only or to delete them prior to their expiry date. Most browsers are set to accept cookies. We use permanent cookies to enable you to save your user settings (e.g. language, auto login), and to enable us to understand you better in terms of how you use our services and content. Some cookies are set by us and some are also set by the contract partners with whom we collaborate. If you block cookies, certain functionalities (such as choice of language) may no longer work.
In some instances, and if permitted, we integrate visible and invisible image elements in our newsletters and other marketing e-mails, such that when these access our server, we can identify whether and when you have opened the e-mail, so that we can measure this and also have a better understanding of how you use our services to enable us to tailor these to suit your interests. You can block this in your e-mail program; most programs are set to do this.
By using our websites and giving your consent to receive newsletters and other marketing e-mails, you agree to the use of this technology. If you are not happy with this arrangement, you need to amend your browser or e-mail pro-gram settings accordingly.
Dissemination and transmission of data
If permitted and if we consider it to be appropriate, Moser-Baer AG shall also disclose personal data to third parties, within the scope of business activities in accordance with clause 4, if this is necessary for processing a business transaction. This covers the following parties, collectively referred to as the recipient:
- Providers of services to Moser-Baer AG (such as banks, insurance companies, IT providers, installation compa-nies, freight forwarders, etc.);
- Retailers, manufacturers, suppliers, subcontractors and other business partners;
- Agencies, authorities or courts, at home and abroad;
- Other parties in potential or actual legal proceedings;
- Other companies within the Moser-Baer Group.
Recipients may be located at home or abroad. In particular, you must bear in mind that your data may be transferred to any country in which manufacturers, suppliers, service providers, or companies within the Moser-Baer Group are represented. If Moser-Baer AG transmits data to a country that does not have appropriate legal data protection, we ensure an adequate level of protection through the use of appropriate agreements. In doing this, we make particular use of what are known as standard contractual clauses stipulated by the European Commission, which can be ac-cessed here , here and here , or rules known as binding corporate rules for an appropriate level of protection or we rely on the legal exceptions of consent, contract processing, determination, exercise or enforcement of legal claims, predominant public interests, published personal data or because it is necessary to protect the integrity of the person concerned.
Retention period for personal data
Moser-Baer AG processes and stores your personal data for as long as it is required for the fulfilment of contractual and legal obligations or other purposes monitored for processing and also in accordance with legal retention and documentation obligations. At the same time, personal data may be retained for the period in which claims against our company may be asserted, and if we are otherwise legally required to retain it, or if it is necessary for a legitimate business interest (e.g. for evidence and documentation purposes). As soon as your personal data is no longer required for the aforementioned purposes, it will be deleted, or anonymised, as far as this is possible.
Measures to protect your data
Moser-Baer AG takes appropriate technical and organisational security measures to protect your personal data against unauthorised access and misuse, such as controlling access to buildings, network security, employee training, encryption of data, media, etc.
The security guidelines and procedures are reviewed regularly to enable us to determine the effectiveness of technical and operational measures.
Rights of the person concerned
Within the context of the data protection law applicable to you and as far as provision is made (such as in the case of the GDPR), you have the right to information, amendment, deletion and otherwise restriction of data processing and to object to our processing your data and to the publishing of certain personal data for the purpose of transmission elsewhere (known as data portability). However, please note that we reserve the right to assert the limitations provided for by law, if, for example, we are obliged to retain or process certain data, have a major interest in this data (provided that we may rely on that) or if it is required for the enforcement of any claims. If charges are payable, we shall inform you in advance. We have already informed you of the option to revoke your consent in clause 3. Please note that exercising these rights may conflict with contractual agreements and may have consequences, such as early contract termination or cost implications. If this is the case, we shall inform you in advance, if this is not already covered by the contract.
Exercising these rights usually requires you to provide clear proof of your identity (e.g. by providing a copy of your ID card or passport if your identity is not otherwise clear or cannot be verified). To exercise your rights, you may contact us at the address specified in clause 1.
Furthermore, all persons concerned have the right to assert their claims or submit a complaint to the responsible data protection authority. The responsible data protection authority in Switzerland is the Federal Data Protection and Information Commissioner (http://www.edoeb.admin.ch).
Procedure regarding a breach of data protection
If Moser-Baer AG identifies a breach of data protection, that is to say if sensitive data is lost or accessed, amended, used or otherwise misused by unauthorised persons, the following steps are initiated:
- Contain the breach and perform a preliminary assessment.
- Evaluate the risk for the parties concerned.
- Provide information about the breach of data protection swiftly as possible in accordance with legal requirements.
Further steps and measures shall be initiated in accordance with Moser-Baer AG ICS guidelines.
We may amend this data protection statement at any time and without prior notice. The version published on our website shall be deemed to be the currently applicable version. If the data protection statement is part of an agreement with you, in the event of any updates, we shall inform you of the change by e-mail or suitable alternative method.
Sumiswald, September 2019