Läckerli Huus AG
Flachsackerstrasse 50
CH-4402 Frenkendorf
UID CHE-105.958.419
is the operator of the websites www.laeckerli-huus.ch and www.schoggi-huus.ch and the provider of the services offered on these and is thus responsible for the processing of your personal data, and for the compliance of data processing with the applicable data protection legislation.
Your trust is important to us, and that is why we take the topic of data protection seriously and strive to ensure a corresponding level of security. Naturally, we comply with the legal requirements of the Swiss Federal Act on Data Protection (DPA), the Ordinance to the Swiss Federal Data Protection Act (OFADP), the Swiss Federal Telecommunications Act (TCA) and other possibly applicable data protection provisions under Swiss or EEA law, in particular the General Data Protection Regulation (GDPR). For the sake of simplicity, the DPA terminology is used here but it also applies to the equivalent GDPR terms.
We ask you to inform yourself regularly about the contents of our privacy policy. We will adapt the privacy policy as soon as changes to data processing undertaken by us make this necessary. We will inform you as soon as the changes require your cooperation (e.g. consent) or some other individual notification.
The following information specifies what personal data we collect from you and what purposes we use it for.
When you visit our website, our servers store a record of each access in a log file. Among other things, the following technical data is collected – as is the case with every connection with a web server – without any action on your part, and is stored by us:
The collection and processing of this data is carried out for the purposes of facilitating the use of our website (establishing the connection), safeguarding the consistent security and stability of the system, and ensuring the optimisation of our online offering, as well as for in-house statistical purposes. The legal basis for processing the data is our legitimate interest in the processing (Art. 31 Par. 1 DPA and Art. 6 Par. 1 point (f) GDPR).
When placing orders in the online shop, you can do so as a guest or open a customer account. When you register for a customer account, we collect the following data:
The data is collected for the purpose of providing customers with password-protected, direct access to the basic data about them that is stored with us. The customers can then view their completed and open orders or manage and/or edit their personal data.
The legal basis for processing the data for this purpose is our legitimate interest in the processing (Art. 31 Par. 1 DPA and Art. 6 Par. 1 point (f) GDPR) or if the processing is directly connected with concluding or handling a contract (Art. 31 Par. 2 DPA or Art. 6 Par. 1 point (b) GDPR).
We may use your contact details, ID and usage data to track you across apps and websites from other companies (tracking). We use this information for the purpose of sales promotion and sending you personalised advertising and to prepare customised products, services and offers for you.
3.2.1 Data linked to you
We may record your contact information, identification and usage data to link them to your identity.
3.2.2 Contact details
Name:
E-mail address:
Physical address:
Other user contact details
3.2.3 Identification
User ID:
Device ID:
3.2.4 Usage data
The legal basis for processing the data is our legitimate interest in the processing (Art. 31 Par. 1 DPA and Art. 6 Par. 1 point (f) GDPR).
If you want to place orders in our online shop, we require the following personal data for handling the contract:
We mainly use the aforementioned data to handle the contract, in particular to process your orders, to deliver ordered products and to ensure correct payment.
Furthermore, we use your personal data, if you have previously given us your consent, to send you promotional material from our company via e-mail, letter or telephone. You can revoke consent for the use of your personal data for advertising at any time, either by writing an e-mail to privacy@laeckerli-huus.ch or by sending a letter to:
Läckerli Huus AG
Flachsackerstrasse 50
CH-4402 Frenkendorf
The legal basis for processing the data for this purpose lies in the direct connection with concluding or handling a contract (Art. 31 Par. 2 point (a) DPA and Art. 6 Par. 1 point (b) GDPR).
If you would like to call us for an order, return an order card or place an or-der in the shop, we require the following data for handling the contract:
We mainly use the aforementioned data to handle the contract, in particular to process your orders, to deliver ordered products and to ensure correct payment.
If we have received your valid documented consent to receive advertising, we will send you unsolicited advertising with a direct connection and with requested content. You can revoke consent for the use of your data for advertising at any time, either by writing an e-mail to privacy@laeckerli-huus.ch or by sending a letter to:
Läckerli Huus AG
Flachsackerstrasse 50
CH-4402 Frenkendorf
The legal basis for processing the data for this purpose lies in the direct connection with concluding or handling a contract (Art. 31 Par. 2 point (a) DPA and Art. 6 Par. 1 point (b) GDPR).
In terms of marketing, the legal basis for the consent and the legitimate interest (Art. 31 DPA Par. 1) are considered.
We will only disclose your personal data to third parties (outside of the company) if you have expressly consented to it, if it is directly connected to concluding or handling a contract, if it is necessary to protect a legitimate public interest or if there is a legal obligation to do so.
In addition, we disclose your data to third parties insofar as this is necessary within the context of using the website and handling the contract (also outside the website), in particular for processing your bookings. This particularly applies to the following categories of recipients:
We rely on certain services from third parties in order to be able to perform our services. These services relate, for example, to the transport service provider responsible for shipping ordered goods.
One service provider to which the personal data collected via the website is transferred and/or which has or may have access to such data is our ERP provider. Enterprise Resource Planning (ERP) covers all core processes necessary for running a company.
Dynasoft AG
Niklaus-Konrad-Strasse 16
CH-4501 Solothurn
Nesolu GmbH
Tangentenweg 34
CH-4058 Basel
The website is hosted – without the CMS – on our own servers in Switzerland. The disclosure of data is for the purposes of providing and maintaining the functionality of our website.
The legal basis for processing the data for this purpose lies in the direct connection with concluding or handling a contract (Art. 31 Par. 1 DPA and Art. 6 Par. 1 point (f) GDPR).
We exchange our data with external service providers in order to enhance and amend our address material. We have ensured that these service providers comply with both the DPA and GDPR. On request, we will give details of these service providers.
If we make an advance performance (e.g. in the case of a purchase on account), we may obtain credit information from a credit agency on the basis of mathematical/statistical methods, in order to safeguard our legitimate interests. To this end, we pass on the personal data required for a credit check to this credit agency:
Intrum Justitia AG
Eschenstrasse 12
CH-8603 Schwerzenbach
and use the information received on the statistical likelihood of a payment default to take a well-considered decision as to whether to establish, con-duct or terminate the contractual relationship. The credit information can in-clude probability values (score values) that are calculated on the basis of scientifically recognised mathematical/statistical methods; this calculation involves address data, among other things. Your interests worthy of protec-tion are taken into consideration, according to the legal requirements.The aforementioned purposes represent our legitimate interest in data processing within the meaning of Art. 31 Par. 2 point (c) DPA.
When you make a credit card payment on the website, we will forward your credit card information to your credit card issuer and credit card acquirer. If you decide to pay by credit card, you will be asked to enter all the necessary information.
The legal basis for processing the data for this purpose lies in the direct connection with concluding or handling a contract (Art. 31 Par. 1 DPA and Art. 6 Par. 1 point (f) GDPR).
Regarding the processing of your credit card information by these third parties, we ask you to also read the general terms and conditions and the privacy policy of your credit card issuer.
In order to operate our business economically and to identify market trends as well as the wishes of contractual partners and users, we analyse the data available to us on business transactions, contracts, inquiries, etc. In doing so, we process stock data, communication data, contract data, payment data, usage data, metadata and the legal basis for processing the data is our legitimate interest in the processing (Art. 31 Par. 1 DPA and Art. 6 Par. 1 point (f) GDPR).
The analyses are carried out for the purpose of business evaluation, mar-keting and market research. In doing so, we can consider the profiles of registered users with information e.g. about services they have used. The analyses assist us in our efforts to increase user-friendliness and to optimise our offering and cost-efficiency. The analyses are exclusively for our own use and are not disclosed externally unless they are anonymous analyses comprising amalgamated values.
We are entitled also to transfer your personal data abroad to third-party firms (contracted service providers) for the purpose of data processing laid out in this privacy policy. They are obliged to comply with data protection regulations to the same extent as we are. If the level of data protection in a country does not correspond to the level of Swiss or European data protection, we will ensure suitable data protection, as foreseen by law, through contracts, data protection clauses, specific guarantees, standard data protection clauses or so-called binding corporate rules. This means that the protection of your personal data abroad corresponds to that in Switzerland and the EEA. (Art. 16 DPA and Art. 46 GDPR).
In many respects, cookies help to make your visit to our website easier, more pleasant and more expedient. Cookies are information files that your web browser saves automatically on your end device when you visit our website.
We use cookies, for example, to provide you with the shopping basket func-tion across multiple pages, and to temporarily store your entries when you complete a form on the site so that you do not need to repeat entries when you access another subpage. Cookies may also be used to identify you, af-ter your registration, as a registered user on the website, without your having to log in again when you access a different subpage.
Most Internet browsers accept cookies automatically. However, your browser can be set in such a way that no cookies are stored on your end device or a notification is shown whenever you receive a new cookie. On the following websites of browser providers, you will find explanations of how to configure the processing of cookies for the most common browsers:
Disabling cookies may mean that you will be unable to use all of the fea-tures of our website.
We use the web analysis service provided by Google Analytics for the pur-poses of needs-based design and ongoing optimisation of our website. To this end, pseudonymised usage profiles are created and small text files are used (“cookies”), which are stored on your end device. The information gen-erated by the cookie on your use of this website is transmitted to the servers of the providers of these services, where it is stored and edited on our behalf. In addition to the data specified under Section 1, we thereby obtain, among other things, the following information:
The information is used to evaluate usage of the website, to compile reports on website activities and to provide other website and Internet-related services for the purposes of market research and the needs-based design of this website. This information may also be sent to third parties if required by law or if third parties are processing this data on a contract basis.
On the basis of our legitimate interests (i.e. our interests in the analysis, optimisation and economic operation of our online offering), we use the services of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”).
Google is certified under the Privacy Shield Agreement and thus offers a guarantee of compliance with European data protection legislation (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).
We use Google’s online marketing tool “AdWords” to place ads on the Google advertising network (e.g. in search results, in videos, on websites, etc.), so that they are displayed to users with a presumable interest in the ads. This allows us to more specifically display ads for and within our online offering in order to present only such ads to users that potentially match their interests. Showing users, for example, ads for products that they have been showing an interest in on other websites, is known as “remarketing”. Accordingly, when a user accesses our and other websites where the Google advertising network is active, Google immediately executes a code from Google and incorporates so-called (re)marketing tags (invisible graphics or code, also known as “web beacons”) into the website. These enable an individual cookie, i.e. a small file, to be stored on the user’s device (instead of cookies, comparable technologies can also be used). It is recorded in this file which websites the user has visited, what content interests him or her and what offers the user has clicked on, as well as technical information about the browser and operating system, referring websites, visit time and other information on usage of the online offering.
Furthermore, we receive an individual “conversion cookie”. The information obtained through this cookie is used by Google to generate conversion sta-tistics for us. However, we only see the anonymous total number of users who clicked on our ad and were redirected to a page with a conversion tracking tag. We do not receive any information that allows users to be per-sonally identified.
The data of users is processed pseudonymously within the Google adver-tising network. This means that Google does not, for example, store and process the users’ names or e-mail addresses, but processes the relevant data in relation to cookies within pseudonymous user profiles. From Google’s perspective, the ads are thus not managed and displayed to a specifically identified person but to the cookie owner, regardless of who that cookie owner is. This does not apply if a user has explicitly allowed Google to process the data without such pseudonymisation. The information col-lected about users is transmitted to Google and stored on Google’s servers in the United States.
More information about Google’s data use, about settings and opt-out op-tions can be found in Google’s privacy policy (https://policies.google.com/technologies/ads) as well as in the settings for the display of ads by Google (https://adssettings.google.com/authenticated).
On the grounds of our legitimate interests in and for the purposes of the analysis, optimisation and economic operation of our online offering, use is made within our online offering of the so-called “Facebook pixel” from the Facebook social network, operated by Facebook Inc., 1 Hacker Way, Menlo Park, CA 94025, USA or, if you are an EU resident, by Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (“Facebook”).
Facebook is certified under the Privacy Shield Agreement and thus offers a guarantee of compliance with European data protection legislation (https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active).
The Facebook pixel enables Facebook to identify the visitors to our online offering as a target group for the display of advertisements (so-called “Fa-cebook ads”). Accordingly, we use the Facebook pixel to display the Face-book ads placed by us only to such Facebook users who have shown an in-terest in our online offering or who share certain characteristics (e.g. interest in certain topics or products as determined on the basis of web pages visited), which we pass on to Facebook (so-called “custom audiences”).With the help of the Facebook pixel, we also want to make sure that our Facebook ads match the potential interests of users and are not a nuisance. The Facebook pixel also helps us to determine the effectiveness of Facebook ads for statistical and market research purposes, by indicating whether users were redirected to our website after clicking on a Facebook ad (so-called “conversion”).
The data is processed by Facebook within the scope of Facebook’s data use policy. Correspondingly general notes on the display of Facebook ads can be found in the Facebook data use policy: www.facebook.com/policy. Special information and details about the Facebook pixel and how it works can be found in the Help section of Face-book: www.facebook.com/business/help/651294705016616.
You may object to your data being collected by the Facebook pixel and used to display Facebook ads. To set which types of ads are shown to you within Facebook, you can go to the page set up by Facebook and follow the instructions regarding the settings for usage-based advertising: www.facebook.com/settings. The settings are platform-independent, i.e. they are adopted for all devices, such as desktop comput-ers or mobile devices.
You may also object to the use of cookies for range measurement and ad-vertising purposes via the deactivation page of the network advertising initi-ative (http://optout.networkadvertising.org/) and additionally via the US website (http://www.aboutads.info/choices) or the European website (http://www.youronlinechoices.com/uk/your-ad-choices/).
We maintain an online presence within social networks and platforms in or-der to communicate with customers, interested parties and users that are active there, and to inform them about our services.
Please note that this may involve the processing of user data outside of the EEA. This may lead to risks for the users because, for example, it may be more difficult for them to assert their rights. With respect to providers in the USA certified under the Privacy Shield, we point out that they are thereby committed to respecting EEA data protection standards.
Furthermore, the data of the users is usually processed for market research and advertising purposes. For example, usage profiles can be created from the user behaviour and the resulting interests of the users. In turn, the usage profiles can be used, for example, to place advertisements within and outside the platforms that are presumably in line with the users’ interests. For these purposes, cookies are usually stored on the users’ computers in which the user behaviour and the interests of the users are stored. Fur-thermore, data can be stored in the usage profiles independently of the de-vices used by the users (in particular if the users are members of the re-spective platforms and are logged in to them).
The processing of the users’ personal data is based on our legitimate inter-ests in an effective manner of informing users and communicating with them pursuant to Art. 6 Par. 1 point (f) GDPR. If the users are asked by the respective providers to give their consent to the data processing (i.e. to de-clare their agreement, e.g. by ticking a check box or clicking on a button), the legal basis for the processing is Art. 6 Par. 1 point (a), Art. 7 GDPR.
For a detailed description of the respective ways of processing and the opt-out options, we refer to the following links leading to information of the pro-viders. We also point out that the most effective way of obtaining infor-mation and asserting user rights is by addressing the providers themselves. Only the providers have access to the user data and can directly take ap-propriate measures and give information. If you nevertheless need help, feel free to contact us.
Facebook (Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland).
Privacy policy: https://www.facebook.com/about/privacy/
Opt-out: https://www.facebook.com/settings?tab=ads
And http://www.youronlinechoices.com
Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active
Google/YouTube (Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA).
Privacy policy: https://policies.google.com/privacy
Opt-out: adssettings.google.com/authenticated
Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active
Vimeo
We may incorporate the videos of the Vimeo platform of Vimeo Inc., Atten-tion: Legal Department, 555 West 18th Street, New York, New York 10011, USA. Privacy policy: vimeo.com/privacy. We point out that Vimeo may use Google Analytics, and refer to the respective privacy policy: https://policies.google.com/privacy;
opt-out options for Google Analytics: http://tools.google.com/dlpage/gaoptout?hl=de; or Google’s settings for data use for marketing purposes: https://adssettings.google.com/.
YouTube
We incorporate the videos on the YouTube platform of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
Privacy policy: https://adssettings.google.com/authenticated
Google fonts
We incorporate the fonts (“Google fonts”) provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
Privacy policy: https://www.google.com/policies/privacy/
Opt-out: https://adssettings.google.com/authenticated
Google Maps
We incorporate the maps of the service “Google Maps” provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. The data processed can include, in particular, the IP addresses and locations of the users, although such data is not collected without the users’ consent (usually granted in the settings of their mobile devices). The data may be processed in the USA. Privacy policy: https://www.google.com/policies/privacy/
Opt-out: https://adssettings.google.com/authenticated
For the sake of completeness, we point out to users who are resident or domiciled in Switzerland that in the USA there are surveillance measures in place by authorities in the USA that generally entail the storage of all personal data of all persons whose data was transferred from Switzerland to the USA. This is done without any differentiation, limitation or exception on the basis of the goal pursued, and without an objective criterion that would make it possible to limit the access of authorities in the USA to the data and its later use to very specific, strictly limited purposes which can justify the intervention associated with access to this data and also with its use. Furthermore, we point out that in the USA, there are no legal remedies available for affected Swiss residents that allow them to obtain access to the data concerning them and to effect its correction or deletion, and that there is no effective legal protection against general access rights for authorities in the USA. We explicitly point out this legal and factual situation to the persons concerned so that they can make a correspondingly informed decision as to giving their consent to the use of their data.
To users residing in EEA Member States, we point out that, from the point of view of the European Union – among other things as a consequence of the issues mentioned in this section – the USA does not have adequate levels of data protection. To the extent that we have laid out in this privacy policy that recipients of data (such as Google) are based in the USA, we will ensure that your data is protected at a reasonable level by our partners either through contractual arrangements with these companies or by safeguarding that these companies are certified under the EEA-US Privacy Shield and/or the Swiss-US Privacy Shield.
You have the right to receive information, on request, about the personal data that we store about you. In addition, you have the right to have inaccurate data corrected and the right to have your personal data deleted, as far as this is not contrary to any statutory duty to preserve records or any facts that permit us to process the personal data.
You also have the right to request that we return the personal data you have given us in a common electronic format (right to data portability). On request, we will also pass the data on to a third party of your choice.
You can reach us for the aforementioned purposes via the e-mail address privacy@laeckerli-huus.ch. We may, at our own discretion, require proof of identity in order to process your requests.
We use appropriate technical and organisational security measures to pro-tect your personal data stored with us against manipulation, partial or com-plete loss, and unauthorised access by third parties. Our security measures are continuously improved in line with technological developments.
You should always treat your access data as confidential and close the browser window when you have ended communication with us, especially if you use an end device that is shared with others.
We also take company-internal data protection very seriously. Our employ-ees and contracted service providers have been obliged by us to maintain confidentiality and to comply with data protection regulations.
We only keep personal data for as long as it is necessary to use the aforementioned tracking and analysis services as well as any further processing within the scope of our legitimate interests. We keep contract data for the duration of the statutory retention period, as this is required by statutory duties to preserve records. Duties to preserve records that oblige us to store personal data arise in particular from accounting provisions and from tax law provisions. According to these regulations, business communication, concluded contracts and accounting vouchers may have to be kept for up to 10 years.
You have the right to complain to a data protection supervisory authority at any time (Federal Data Protection and Information Commissioner in Switzerland or European Data Protection Officers (EDPO) throughout the European Union (EU)).
As at: 01.09.2023