I. General information about data protection
a) Name and address of the data controller
Handling your personal data properly is a matter of particular importance to us, Spemot AG, Industriestrasse 70, CH-4657 Dulliken. We use your personal data in accordance with the applicable data protection provisions in Switzerland as well as in the European Union. In the following we explain which personal data is collected by us, how this data is used by us and which rights you have in respect of the utilisation of your data.
b) Contact individual in the event of questions concerning data protection
If you have questions about data protection at Spemot, want to ask for information or the erasure of your data, please contact our data protection officer by sending an e-mail to email@example.com .
The contact details of our Data Protection Officer are as follows:
Data Protection Officer
c) Scope of the processing of personal data
We process personal data essentially only insofar as this is necessary in order to provide services and a properly functioning website. Personal data is processed essentially only after consent has been given. An exception exists in cases in which obtaining consent in advance is not possible for factual reasons and the processing of the data is permitted by statutory regulations.
II. Collecting and saving personal data
a) Offers and enquiries
Irrespective of how you wish to contact us, whether in person, by telephone, electronically or using a contact form, we always proceed in the same manner in the interest of rendering personal service. Whenever possible, we endeavour to inform you in advance about our data protection provisions and to obtain your consent before we begin processing your offer or enquiry. For this purpose we save the following personal data in our system:
Last name and first name;
Address (street, house number, postcode, town, country);
Further contact data (telephone number, e-mail address).
In the event of enquiries concerning technical services (e.g. repairs, guarantee work, etc.), we save the following data in our system in addition to the aforementioned personal data:
the serial numbers; as well as
the user data of your products.
b) Visiting our website
By using our website you agree to the collection, utilisation and transfer of your data in accordance with the following explanatory information contained in this data protection declaration.
Every time one of our websites is accessed, our system automatically records the following information:
Information about the browser type as well as the utilised version;
Operating system and internet service provider of the user;
IP address of the user;
Website from which the user reached our websites;
Websites that are accessed by the user’s system via our website.
This information is saved in order to ensure the proper functioning ability of our websites. In addition, we use the data to optimise our website and to ensure the security of our system. The saving of this data is essential for the operation of the website. For this reason, you do not have the right to file a complaint in this respect. The collected data will be deleted at the latest after seven days. While saving for a longer period is possible, in this case the IP addresses will be anonymised, meaning that attribution is no longer possible.
Cookies do not damage your system’s hard disk, nor is personal data transferred to us by cookies. The user data collected by technically necessary cookies is not used to create user profiles. You can configure the saving of cookies in your browser settings. Deactivating cookies may mean that you are not able to use all the functions of our websites.
III. Exchanging personal data with third parties
Independent service providers are selected by us with care and fulfil high data protection and data security standards. They are obliged to maintain strict confidentiality and process data exclusively on our behalf and in accordance our instructions. The legal basis for cooperation with these service providers are the corresponding Swiss and European Union data protection provisions.
a) Transferring customer data for the order settlement purposes
Personal data collected by us within the context of the order settlement will be processed and used to fulfil contractual obligations. This data required to perform services may also be transferred to commissioned third parties, e.g. transport companies, banks, insurers and other service providers.
b) Rendering technical services for the purpose of worldwide quality assurance
Together with partners we operate a global network of service points that are responsible for rending technical enquiries, repairs and guarantee work on our products. While settling these services we communicate with our partners on a case-by-case basis using secure data transmission channels in order to provide fault diagnoses, to clarify guarantee claims and to exchange expertise. In this conjunction it is often necessary for personal data as well as utilisation-specific data to be exchanged. For this purpose we save and transmit the following personal data:
Last name and first name;
Address (street, house number, postcode, town, country);
Further contact data (telephone number, e-mail address);
Serial number as well as the user data of the device.
c) Use of social media plugins
Our websites use social media plugins of the social networks Facebook (operated by Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2; Twitter (operated by Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA; and Pinterest (operated by Pinterest Inc., 808 Brannan Street, San Francisco, CA 94103-490 USA). The plugins are indicated by the respective logins. If you access our websites, our browser establishes a direct link to the servers of the plugin operators. The content of the plugin is transferred directly to your browser and in integrated in the website by this. As the operator of our websites we have no knowledge whatsoever about the content and scope of the collection and utilisation of this data. If a user is not a member of the social media networks used by us, there is nevertheless possibility that the IP address could be identified and saved by the operators of the social media networks.
If you do not want the operators of the social media networks to attribute your visit to our website to your social media user account, we kindly ask you to log out of the corresponding social media networks before visiting our website.
We use appropriate technical and organisational security measures to protect your data from accidental or wilful manipulations, partial or comprehensive loss, destruction or third-party access. Our security measures are improved on an ongoing basis in accordance with technological developments.
V. Rights of the data subject
You have a right to be informed about the saved personal data relating to you, and a right to the rectification of incorrect data as well as to the blocking and/or erasure of this data. Please do not hesitate to contact us for information about your personal data, to arrange correction of incorrect data or to block or erase such data, as well as for further questions concerning the use of your personal data. Please submit your enquiry, clearly identifying your person, to the contact individual specified in Fig. I. b).
An overview of your rights is set out below:
a) Right to confirmation and information
You have at all times the right to obtain confirmation from us about whether data relating to you is being processed. If this is the case, you have the right to be provided by us with information free of charge about your saved personal data, in addition to a copy of this data. In addition, there is also an entitlement to information:
1. about the purposes of the processing;
2. about the categories of personal data that are processed;
3. about the recipients or categories of recipients to whom the personal data has been disclosed or is set to be disclosed, in particular in the case of recipients in third-party countries or at international organisations;
4. if possible, about the planned period of the storage of the personal data, or, if this is not possible, the criteria used to establish this period;
5. about the existence of a right to the correction or erasure of the personal data relating to you, or to restrict the processing by the data controller by objecting to this processing;
6. about the existence of the right to complain to a supervisory authority;
7. if the personal data was not collected from you, about all available information concerning the origin of the data;
8. about the existence of automated decision-making including profiling pursuant to Article 22 Paragraphs 1 and 4 GDPR and – at least in these cases – effective information about the involved logic as well as the scope and the intended effects of such processing for you.
If personal data is transferred to a third party state or an international organisation, you have the right to be informed about appropriate guarantees pursuant to Article 46 GDPR in conjunction with the transfer.
b) Right to correction
You have the right to demand that we correct and/or complete incorrect personal data relating to you without delay.
c) Right to erasure
You have the right to demand that we erase personal data relating to you without delay, and we are obliged to delete personal data without delay, insofar as one of the following reasons applies:
1. The personal data has been collected or otherwise processed for reasons that are no longer required.
2. You revoke your consent upon which the processing pursuant to Article 6 Paragraph 1 GDPR Letter a or Article 9 Paragraph 2 Letter a GDPR was based, and further legal grounds for the processing are lacking.
3. You object to the processing pursuant to Article 21 Paragraph 1 GDPR and no paramount legitimate grounds for the processing exist, or you object to the processing pursuant to Article 21 Paragraph 2 GDPR.
4. The personal data were processed unlawfully.
5. The deletion of the personal data is required to fulfil a legal obligation under EU law or the law of the member states to which we are subject.
6. The personal data was collected in respect of offered services of the information company pursuant to Article 8 Paragraph 1 GDPR.
If we publicly disclosed the personal data and are obliged to erase this pursuant to Art. 17 Para. 1 GDPR, then we take suitable measures, taking account of the available technology and cost of implementation, including those of a technical nature, to inform the data controllers who process the personal data that you have demanded the erasure of all links to this personal data or copies or replications of this personal data.
d) Right to restrict the processing
You have the right to demand that we restrict the processing if one of the following preconditions has been met:
1. the accuracy of the personal data is contested by you, and this is done for a period of time that enables us to check the accuracy of the personal data;
2. the processing is unlawful and you rejected the erasure of the personal data, and instead demanded that use of the personal data is restricted;
3. we no longer require the personal data for the purpose of the processing, although you require the data to assert, to exercise or defend against legal claims, or
4. You have objected to the processing pursuant to Article 21 Paragraph 1 GDPR, for so long as it has not been established whether the legitimate grounds of our company outweigh your grounds.
If the processing of the personal data relating to you has been restricted, this data – apart from its saving – may be processed only with your consent or to asset, exercise or defend against legal claims or to protect the rights of another natural person or legal entity or for reasons of important public interest of the EU or of a member state.
If processing has been restricted in accordance with the aforementioned preconditions, we shall inform you before the restriction is lifted.
e) Right to data portability
You have the right to receive the personal data relating to you that you made available to us in a structured, accessible and machine-readable format, and you have the right to transmit this data to another data controller without hindrance by us, insofar as
1. the processing is based on consent pursuant to Article 6 Paragraph 1 Letter a GDPR or Article 9 Paragraph 2 Letter a GDPR or a legal agreement pursuant to Article 6 Paragraph 1 Letter b GDPR, and
2. the processing is performed with the help of automated processes.
When exercising your right to data portability, you have the right to cause the personal data to be transferred directly by us to another data controller, insofar as this is technically feasible.
f) Right to object
You have the right, for reasons arising out of your particular situation, to object at any time to the processing of the personal data relating to you, performed on the basis of Article 6 Paragraph 1 Letters e or f GDPR; this also applies to profiling based on these provisions.
We shall no longer process the personal data, unless we are able to demonstrate mandatory reasons for the processing that are worthy of protection and outweigh your interests, rights and freedoms, or if the processing serves to assert, exercise or defend against legal claims.
If personal data is processed by us in order to operate direct marketing, you have the right to object at any time to the processing of the personal data relating to you for the purpose of such marketing; this also applies to profiling, insofar as this is associated with such direct marketing.
g) Automated decisions including profiling
You have the right not to be subject to decisions based on automated processing – including profiling – that have legal effect on you or otherwise impair you to a significant extent.
h) Right to revoke statutory data protection consent
You have the right to revoke consent to process personal data at any time. The lawfulness of the processing performed on the basis of your consent up to the date of revocation shall not be affected by the withdrawal of this consent.
i) Right to complain to a supervisory authority
You have the right to complain to a supervisory authority, in particular in the member state of your place of residence, your place of work of the place of the alleged breach, if you are of the opinion that the processing of the personal data relating to you is unlawful.
VI. Storage location and retention period of your personal data
We save our data on systems in the country in which we do business (Switzerland). Unless otherwise specified, we save personal data only for as long as this is required to fulfil the pursued purpose or is necessary on the basis of statutory regulations, or until you withdraw consent.
This data protection declaration applies exclusively to Spemot. It does not extend to third parties to which we refer using our website. We have no influence over the data protection provisions of third parties linked to our websites. The operators of the linked websites are exclusively responsible for their content.
VIII. Date of the data protection declaration
This data protection declaration is currently valid and dates from 25 May 2018. You may access and print this out from our website under http://www.spemot.com/english/e_dataprotection.html at any time.