Privacy policy
Last updated on: 09.05.2024
We attach great importance to the transparent handling of personal data. This privacy policy provides information about what personal data we collect, for what purpose and to whom we pass it on. To ensure a high level of transparency, this privacy policy is regularly reviewed and updated.
1. which services we use
- MailChimp
- MailChimp for WordPress
- Meta Ads
- Google Analytics
- Google Fonts API
- Shopping cart function (Cart Functionality)
- WordPress
2. contact information
If you have any questions or concerns about the protection of your data by us, you can contact us at any time by e-mail at peter.spescha@sunnehus.ch. Responsible for the data processing that takes place via this website is
Sunnehus Foundation
Moosstrasse 41
9658 Wildhaus
Switzerland
Person responsible for data protection:
Peter Spescha
peter.spescha@sunnehus.ch
071 998 55 55
3. general principles
3.1 What data we collect from you and from whom we receive this data
First and foremost, we process personal data that you transmit to us or that we collect when operating our website. We may also receive personal data about you from third parties. This may include the following categories:
- Personal master data (name, address, date of birth, etc.);
- Contact details (cell phone number, e-mail address, etc.);
- Financial data (e.g. account details);
- Online identifiers (e.g. cookie identifiers, IP addresses);
- Location and traffic data;
- Sound and image recordings;
- particularly sensitive data (e.g. biometric data or information about your health).
3.2 Under what conditions do we process your data?
We treat your data confidentially and in accordance with the purposes set out in this privacy policy. In doing so, we ensure transparent and proportionate processing.
If, in exceptional cases, we are not in a position to comply with these principles, data processing may still be lawful because there is a justification. In particular, the following grounds for justification may apply:
- Your consent;
- the performance of a contract or pre-contractual measures;
- our legitimate interests, provided that your interests do not prevail.
3.3 How can you withdraw your consent?
If you have given us your consent to process your personal data for specific purposes, we will process your data within the scope of this consent, unless we have another justification.
You can withdraw your consent at any time by sending an email to the address given in the legal notice. Data processing that has already taken place is not affected by this.
3.4 In which cases can we pass on your data to third parties?
a. Principle
We may need to use the services of third parties or affiliated companies and commission them to process your data (so-called processors). The categories of recipients are as follows:
- Accounting, fiduciary and auditing company;
- Consulting companies (legal advice, taxes, etc.);
- IT service provider (web hosting, support, cloud services, website design, etc.);
- Payment service provider;
- Provider of tracking, conversion and advertising services.
We ensure that these third parties and our affiliated companies comply with data protection requirements and treat your personal data confidentially.
We may also be obliged to disclose your personal data to authorities.
b. Visiting our social media channels
We may have embedded links to our social media channels on our website. This is visible to you in each case (typically via corresponding icons). If you click on the icons, you will be redirected to our social media channels.
In this case, the social media providers will be informed that you have accessed their platform from our website. The social media providers can use the data collected in this way for their own purposes. We would like to point out that we have no knowledge of the content of the transmitted data or its use by the providers.
c. Transfer abroad
Under certain circumstances, your personal data may be transferred to companies abroad as part of order processing. These companies are obliged to protect data to the same extent as we are. The transfer may take place worldwide.
If the level of data protection does not correspond to that in Switzerland, we will carry out a prior risk assessment and contractually ensure that the same level of protection is guaranteed as in Switzerland (e.g. by means of the new standard contractual clauses of the EU Commission or other legally prescribed measures). If our risk assessment is negative, we will take additional technical measures to protect your data. You can access the EU Commission's standard contractual clauses at the following link: https://commission.europa.eu/publications/standard-contractual-clauses-controllers-and-processors-eueea_de
3.5 How long do we store your data?
We only store personal data for as long as is necessary to fulfill the individual purposes for which the data was collected.
Data that we store when you visit our website is stored for twelve months. An exception applies to analysis and tracking data, which may be stored for longer.
We store contract data for longer, as we are obliged to do so by law. In particular, we must retain business communications, concluded contracts and accounting documents for up to 10 years. If we no longer need such data from you to perform the services, the data will be blocked and we will only use it for accounting and tax purposes.
3.6 How do we protect your data?
We will keep your data secure and take all reasonable steps to protect your data from loss, access, misuse or alteration.
Our contractual partners and employees who have access to your data are obliged to comply with data protection regulations. In some cases, it will be necessary for us to pass on your inquiries to companies affiliated with us. Your data will also be treated confidentially in these cases.
We use the SSL (Secure Socket Layer) method on our website in conjunction with the highest level of encryption supported by your browser.
3.7 What rights do you have?
a. Right to information
You can request information about the data we have stored about you at any time. Please send your request for information together with proof of identity to info@sunnehus.ch.
You also have the right to receive your data in a commonly used file format if we process your data automatically and if:
- you have given your consent to the processing of this data; or
- you have disclosed data in connection with the conclusion or execution of a contract.
We may restrict or refuse to provide information or data if this conflicts with our legal obligations, our own legitimate interests, public interests or the interests of a third party.
The processing of your request is subject to the statutory processing period of 30 days. However, we may extend this period due to a high volume of requests, for legal or technical reasons or because we require more detailed information from you. You will be informed of the extension in good time, at least in text form.
b. Erasure and rectification
You have the option of requesting the deletion or correction of your data at any time. We may reject the request if statutory provisions oblige us to store your data for a longer period or to retain it unchanged, or if your request conflicts with a legal permission.
Please note that exercising your rights may conflict with contractual agreements and may have a corresponding impact on the performance of the contract (e.g. premature termination of the contract or cost consequences).
c. Legal process
If you are affected by the processing of personal data, you have the right to enforce your rights in court or to file a complaint with the competent supervisory authority. The competent supervisory authority in Switzerland is the Federal Data Protection and Information Commissioner: https://www.edoeb.admin.ch
3.8 Changes to the privacy policy
We may change this privacy policy at any time. The changes will be published on sunnehus.ch, you will not be informed separately.
4. individual data processing operations
4.1 Provision of the website and creation of log files
What information do we receive and how do we use it?
When you visit sunnehus.ch, certain data is automatically stored on our servers or on servers of services and products that we purchase and/or have installed for the purposes of system administration, for statistical or backup purposes or for tracking purposes. These are
- the name of your Internet service provider;
- Your IP address (under certain circumstances);
- the version of your browser software;
- the operating system of the computer used to access the URL;
- the date and time of access;
- the website from which you are visiting URL;
- the search terms you used to find the URL.
Why are we allowed to process this data?
This data cannot be assigned to a specific person and is not merged with other data sources. The log files are stored in order to guarantee the functionality of the website and to ensure the security of our information technology systems. This is our legitimate interest.
How can you prevent data collection?
The data is only stored for as long as is necessary to achieve the purpose for which it was collected. Accordingly, the data is deleted at the end of each session. The storage of log files is absolutely necessary for the operation of the website; you therefore have no option to object to this.
4.2 MailChimp
We use the MailChimp service offered by The Rocket Science Group, LLC, 675 Ponce de Leon Ave NE, Suite 5000, Atlanta, GA 30308, USA, to send newsletters and email notifications.
When you register for our newsletter, the data you provide and your email address will be transmitted to MailChimp, stored and processed. This enables us to send you regular updates, offers and information.
By registering for the newsletter, your IP address and the date of registration are stored. This storage serves solely as proof in the event that a third party misuses an email address and registers to receive the newsletter without the knowledge of the authorized party.
MailChimp offers extensive analysis options on how the sent newsletters are opened and used. These analyses are group-related and are not used by us for individual evaluation.
The data stored by MailChimp will be deleted as soon as you unsubscribe from our newsletter. This does not affect data stored by us for other purposes.
MailChimp has its own data protection guidelines and practices, which may differ from those of our website. You can find more information on data protection at MailChimp at: https://mailchimp.com/legal/privacy/. If you have any questions about the data collected by MailChimp or wish to exercise your rights in relation to this data, you should contact The Rocket Science Group, LLC directly.
4.3 MailChimp for WordPress
On our website we use the plugin "MailChimp for WordPress" to integrate the registration functions for our newsletter and other e-mail communications via MailChimp, a service of The Rocket Science Group, LLC, 675 Ponce de Leon Ave NE, Suite 5000, Atlanta, GA 30308, USA.
If you register for our newsletter via the form provided on our website, the data you enter, such as your e-mail address and, if applicable, other information, will be transmitted to MailChimp and stored there. This enables us to send you regular updates, offers and other information.
The "MailChimp for WordPress" plugin also supports the integration of certain WordPress functions with MailChimp, such as the collection of statistics on registration activity or the customization of registration forms.
4.4 Meta Ads
Our website uses Meta Ads, an online advertising service provided by Meta Platforms, Inc, 1601 Willow Road, Menlo Park, CA 94025, USA (formerly known as Facebook, Inc.). With the help of Meta Ads, we can place targeted advertisements to draw users' attention to our products or services.
When you visit our website, Meta Ads may place a cookie on your device that enables your use of the website to be analyzed. In addition, Meta can use this cookie to track your usage behavior across different websites and devices and, on this basis, place personalized advertisements.
The data collected by the cookie is transmitted to Meta and stored there. Meta can link this data to your Meta account (formerly Facebook account) and use it for its own advertising purposes.
To generally object to the use of cookies on your computer, you can set your Internet browser so that cookies can no longer be stored on your computer in the future or cookies that have already been stored are deleted. However, disabling cookies may result in some functions of our website no longer working properly.
For more information on how Meta Ads handles user data, please refer to Meta's privacy policy: https://www.facebook.com/privacy/policy/. If you do not want Meta to use data for advertising purposes, you can adjust the corresponding settings in your Meta account.
4.5 Google Analytics
We use Google Analytics on our website, a web analysis service provided by Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; "Google"). Google Analytics uses "cookies", which are text files placed on your computer, to help the website analyze how users use the site.
The information generated by the cookie about your use of the website will generally be transmitted to and stored by Google on servers in the United States. However, if IP anonymization is activated on this website, your IP address will be shortened by Google beforehand within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there.
Google will use this information on behalf of the operator of this website to evaluate your use of the website, to compile reports on website activity and to provide other services relating to website activity and internet usage to the website operator.
The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.
You can prevent the storage of cookies by selecting the appropriate settings in your browser software; however, please note that if you do this you may not be able to use the full functionality of this website. You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by Google by downloading and installing the browser plug-in available at the following link: https://tools.google.com/dlpage/gaoptout.
4.6 Google Fonts API
On our website, we use the Google Fonts API, a service of Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; "Google"), to integrate fonts. By integrating these fonts, your browser will establish a connection to Google's servers when you visit our website in order to download and correctly display the fonts.
Through this connection, data, in particular your IP address and information about the browser you are using, may be transmitted to Google and stored on Google's servers. These servers may be located in the USA or other countries.
If you wish to prevent the transfer of data as part of the Google Fonts API, you can block access to the domain fonts.googleapis.com in your browser settings. Please note that in this case our website may not be displayed correctly.
4.7 Shopping cart function (Cart Functionality)
Our website offers a shopping cart functionality that allows visitors to select products or services and reserve them for purchase. During this process, data about the selected products, quantity and total price may be stored.
To facilitate the purchase process, our website may also store information such as your name, delivery and billing address, email address and other data relevant to the purchase. This data is used to facilitate the purchase process and provide you with a seamless user experience.
The data collected as part of the shopping cart functionality is stored on our servers and is only accessible to authorized persons who are tasked with managing and processing orders. This data will not be disclosed to third parties without your express consent, unless this is required by law or necessary for the performance of the contract, e.g. for the delivery of the ordered products by a third-party provider.
To improve the user experience, our website also uses cookies that allow the contents of your shopping cart to be saved, even if you leave the website and return later. You can delete or block these cookies at any time via your browser settings.
4.8 WordPress
Our website is based on the WordPress platform, a content management system developed by Automattic Inc, 60 29th Street #343, San Francisco, CA 94110, USA. WordPress enables us to create, manage and publish content.
When you use our website, which is based on WordPress, various data, including your IP address, the date and time of access and information about the browser you are using, may be collected and stored. This data is mainly used for administrative purposes and to ensure the trouble-free operation of the website.
Some WordPress functions, such as comments or contact forms, may collect additional personal data when you use them.