Version effective as of 08-19-2020
With this Data Protection Policy Kirchhofer AG (hereinafter "we" or "us") describes how personal data are processed, as well as the rights of the data subject.
We take the protection of your personal data and their confidential treatment seriously. Your personal data will be processed in accordance with the legal provisions of the data protection laws of Switzerland, in particular the Federal Act on Data Protection (hereinafter "FADP"), and if applicable the General Data Protection Regulation of the European Union (hereinafter "GDPR"). The terms used, such as "personal data" or their "processing", correspond with the definitions in Article 3 FADP and Article 4 GDPR.
You may be affected by our data processing in your capacity as client, employee or business partner.
If you provide us with personal data of other persons (such as family members, work colleagues, friends), please make sure the respective persons are aware of this Data Protection Policy and only provide us with their data if you are allowed to do so and such personal data is correct.
The controller responsible for data processing is:
You can contact our data protection officer concerning any data protection related concerns using the following contact details:
email@example.com, Hans Wolf, General-Guisan-Strasse 27b, 3800 Interlaken
We only process personal data concerning clients that we obtain from our clients directly, such as but not limited to name, address, purchases, information in correspondence, payment details, interests and preferences.
Further, we process various personal data obtained in the context of our business relationships from involved individuals (e.g. employees, representatives of suppliers, subcontractors or others) but also from third parties or publicly accessible sources, such as but not limited to information from public registers, in connection with administrative or court proceedings, information in connection with professional role and activities (e.g., in order to conclude and carry out contracts with employer), information in correspondence, bank details, information given to us by individuals associated with you (employer, family, legal representatives, etc.), contact and other details (e.g. delivery-address, powers of attorney) for the purpose to conclude or process contracts with you or with your involvement, information regarding legal regulations such as anti-money laundering and export restrictions, information regarding insurances, previous purchases, information in the media or internet (e.g. in connection with job applications, etc.).
Further, we collect personal data from users using our websites, in particular but not limited to IP address, information regarding device and settings, date and time of visits, sites and content retrieved, applications used, referring website, localization data).
We primarily use collected personal data in order to conclude and process contracts with our clients and business partners, in particular in connection with trade of watches, jewelry, leather goods, accessories, cosmetic products and treatments, textiles, luggage, souvenirs and gifts as well as distribution of In-House catalogues and organization of events, as well as in order to comply with our domestic and foreign legal obligations.
Further, we use collected data concerning the interests and preferences of our clients for marketing purposes.
In addition, in line with applicable law and where appropriate, we may process your personal data and personal data of third parties for the following purposes, which are in our legitimate interest, such as:
If you have given us your consent to process your personal data for certain purposes (for example when registering to receive newsletters, or entering into a contract with us), we will process your personal data within the scope of and based on this consent, unless we have another legal basis, provided that we require one. Consent given can be withdrawn at any time, but this does not affect data processed prior to withdrawal.
In addition, we use iFrames for direct access to content of the brand owners of our products. If you are directed to the websites of a brand owner via iFrames, you will be made aware by an advance appropriate display. We have no control over this content and any collection of personal data on these websites, which lays in the sole responsibility of the respective brand owner and occurs according to its data protection regulations. We do not receive any information about you from the respective brand owner. If you do not agree, please do not view the contents via iFrames.
In the context of our business activities and in line with the purposes of the data processing set out in Section 3 of this Data Protection Policy, we may disclose personal data to third parties, insofar as such disclosure is permitted and we deem it appropriate, in order for them to process data for us. In particular, the following categories of recipients may be concerned:
We store and process your personal data within Switzerland or the European Union. We use subcontractors located in Switzerland and the European Union only and ensure an appropriate level of protection by appropriate contracts or we rely on the statutory exceptions of consent, performance of contracts, or the establishment, exercise or enforcement of legal claims.
We store and process your personal data until:
We assure to respect your request for deletion or objection to further processing insofar as no longer processing or storage is required:
in which cases we will only delete your personal data after these periods have expired.
As soon as your personal data are no longer required for the above-mentioned purposes, they will be deleted or anonymized to the extent possible. Shorter retention periods of no more than twelve months apply for operational data (e.g., system logs).
We have taken appropriate technical and organizational security measures to protect your personal data from unauthorized access and misuse such as internal policies, training, IT and network security solutions, access controls and restrictions.
As a person affected by the data processing, you have numerous rights at your disposal:
Please note, however, that we reserve the right to enforce statutory restrictions on our part, for example if we are obliged to retain or process certain personal data, or have an overriding interest or need the personal data for asserting claims. Should any costs incur for exercising certain rights, we will notify you thereof in advance.
In general, exercising these rights requires that you are able to prove your identity (e.g., by a copy of identification documents). In order to assert these rights, please contact us via the address of our data protection officer provided in Section 1 of this Data Protection Policy.
We may amend this Data Protection Policy at any time without prior notice. The current version published on our website shall apply. If the Data Protection Policy is part of an ongoing agreement with you, we will notify you by e-mail or other appropriate means in case of an amendment.