The responsible body within the meaning of the data protection laws, in particular the EU General Data Protection Regulation (DSGVO), is:
Castu Service AG
Based on Article 13 of the Swiss Federal Constitution and the data protection regulations of the Swiss Confederation (Data Protection Act, DSG), every person has the right to protection of their privacy as well as protection against misuse of their personal data. The operators of these pages take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the legal data protection regulations as well as this data protection declaration.
In cooperation with our hosting providers, we make every effort to protect the databases as well as possible against unauthorised access, loss, misuse or falsification.
We would like to point out that data transmission on the Internet (e.g. communication by e-mail) can have security gaps. Complete protection of data against access by third parties is not possible.
By using this website, you consent to the collection, processing and use of data as described below. This website can generally be visited without registration. Data such as pages accessed or the name of the file accessed, date and time are stored on the server for statistical purposes without this data being directly related to your person. Personal data, in particular name, address or e-mail address, are collected on a voluntary basis as far as possible. The data will not be passed on to third parties without your consent.
Processing of personal data
Personal data is any information relating to an identified or identifiable person. A data subject is a person about whom personal data is processed. Processing includes any handling of personal data, regardless of the means and procedures used, in particular the storage, disclosure, acquisition, deletion, storage, modification, destruction and use of personal data.
We process personal data in accordance with Swiss data protection law. Furthermore, we process personal data in accordance with the following legal bases in connection with Art. 6 Para. 1 DSGVO - insofar as and to the extent that the EU-DSGVO is applicable:
- Consent (Art. 6 para. 1 p. 1 lit. a. DSGVO) - The data subject has given his/her consent to the processing of personal data relating to him/her for a specific purpose or purposes.
- Performance of a contract and pre-contractual enquiries (Art. 6 para. 1 p. 1 lit. b. DSGVO) - Processing is necessary for the performance of a contract to which the data subject is party or for the performance of pre-contractual measures taken at the data subject's request.
- Legal obligation (Art. 6 para. 1 p. 1 lit. c. DSGVO) - Processing is necessary for compliance with a legal obligation to which the controller is subject.
- Protection of vital interests (Art. 6 para. 1 p. 1 lit. d. DSGVO) - Processing is necessary to protect the vital interests of the data subject or another natural person.
- Legitimate interests (Art. 6 para. 1 p. 1 lit. f. DSGVO) - Processing is necessary to protect the legitimate interests of the controller or a third party, unless such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require the protection of personal data.
- Application procedure as a pre-contractual or contractual relationship (Art. 9(2)(b) GDPR) - Insofar as special categories of personal data within the meaning of Art. 9(1) GDPR (e.g. health data, such as severely disabled status or ethnic origin) are requested from applicants in the context of the application procedure, so that the controller or the data subject can fulfil the duties incumbent on him or her under employment law and the law on the protection of personal data. If the data is requested from job applicants so that the data controller or the data subject can exercise his or her rights under labour law and social security and social protection law and fulfil his or her obligations in this respect, it is processed in accordance with Article 9(2)(b) of the GDPR. DSGVO, in the case of the protection of vital interests of the applicants or other persons pursuant to Art. 9 para. 2 lit. c. DSGVO or for the purposes of preventive health care or occupational medicine, for the assessment of the employee's fitness for work, for medical diagnostics, care or treatment in the health or social sector or for the management of systems and services in the health or social sector pursuant to Art. 9 para. 2 lit. h. DSGVO. In the case of a communication of special categories of data based on voluntary consent, their processing is based on Art. 9 para. 2 lit. a. DSGVO.
We process personal data for the duration required for the respective purpose or purposes. In the case of longer-term retention obligations due to legal and other obligations to which we are subject, we restrict processing accordingly.
Relevant legal basis
In accordance with Art. 13 DSGVO, we inform you of the legal basis for our data processing. If the legal basis is not stated in the data protection declaration, the following applies: The legal basis for obtaining consent is Art. 6(1)(a) and Art. 7 DSGVO, the legal basis for processing to fulfil our services and carry out contractual measures and respond to enquiries is Art. 6(1)(b) DSGVO, the legal basis for processing to fulfil our legal obligations is Art. 6(1)(c) DSGVO, and the legal basis for processing to protect our legitimate interests is Art. 6(1)(f) DSGVO. In the event that vital interests of the data subject or another natural person make processing of personal data necessary, Art. 6 (1) (d) DSGVO serves as the legal basis.
We take appropriate technical and organisational measures in accordance with the legal requirements, taking into account the state of technology, the implementation costs and the nature, scope, circumstances and purposes of the processing, as well as the different probabilities of occurrence and the extent of the threat to the rights and freedoms of natural persons, in order to ensure a level of protection appropriate to the risk.
The measures include, in particular, ensuring the confidentiality, integrity and availability of data by controlling physical and electronic access to the data as well as access to, entry into, disclosure of, assurance of availability of and segregation of the data. We also have procedures in place to ensure the exercise of data subjects' rights, the deletion of data and responses to data compromise. Furthermore, we already take the protection of personal data into account in the development or selection of hardware, software and procedures in accordance with the principle of data protection, through technology design and through data protection-friendly default settings.
Transmission of personal data
In the course of our processing of personal data, it may happen that the data is transferred to other bodies, companies, legally independent organisational units or persons or that it is disclosed to them. The recipients of this data may include, for example, service providers commissioned with IT tasks or providers of services and content that are integrated into a website. In such cases, we observe the legal requirements and, in particular, conclude appropriate contracts or agreements that serve to protect your data with the recipients of your data.
Data processing in third countries
If we process data in a third country (i.e., outside the European Union (EU), the European Economic Area (EEA)) or the processing takes place in the context of the use of third-party services or the disclosure or transfer of data to other persons, bodies or companies, this is only done in accordance with the legal requirements.
Subject to express consent or contractually or legally required transfer, we only process data in third countries with a recognised level of data protection, contractual obligation through so-called standard protection clauses of the EU Commission, in the presence of certifications or binding internal data protection regulations (Art. 44 to 49 DSGVO, information page of the EU Commission: https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection_de).
The following cookie types and functions are distinguished:
- Temporary cookies (also: session cookies): Temporary cookies are deleted at the latest after a user has left an online offer and closed his browser.
- Permanent cookies: Permanent cookies remain stored even after the browser is closed. For example, the login status can be saved or preferred content can be displayed directly when the user visits a website again. Likewise, the interests of users used for range measurement or marketing purposes can be stored in such a cookie.
- First-party cookies: First-party cookies are set by ourselves.
- Third-party cookies: Third-party cookies are mainly used by advertisers (so-called third parties) to process user information.
- Necessary (also: essential or absolutely necessary) cookies: Cookies may be absolutely necessary for the operation of a website (e.g. to store logins or other user input or for security reasons).
Storage period: If we do not provide you with explicit information on the storage period of permanent cookies (e.g. in the context of a so-called cookie opt-in), please assume that the storage period can be up to two years.
- Types of data processed: Usage data (e.g. websites visited, interest in content, access times), meta/communication data (e.g. device information, IP addresses).
- Data subjects: Users (e.g. website visitors, users of online services).
- Legal basis: Consent (Art. 6 para. 1 p. 1 lit. a. DSGVO), Legitimate Interests (Art. 6 para. 1 p. 1 lit. f. DSGVO).
This website uses SSL/TLS encryption for security reasons and to protect the transmission of confidential content, such as enquiries that you send to us as the site operator. You can recognise an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in your browser line.
If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.
The provider of this website automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:
- browser type and browser version
- operating system used
- referrer URL
- host name of the accessing computer
- time of the server request
This data cannot be assigned to specific persons. This data is not merged with other data sources. We reserve the right to check this data retrospectively if we become aware of concrete indications of illegal use.
Data protection declaration for contact form
If you send us enquiries via the contact form, your details from the enquiry form, including the contact details you have provided there, will be stored by us for the purpose of processing the enquiry and in the event of follow-up questions. We will not pass on this data without your consent.
Use of Google Maps
This website uses the services of Google Maps. This enables us to show you interactive maps directly on the website and allows you to use the map function conveniently. By visiting the website, Google receives the information that you have called up the corresponding sub-page of our website. This takes place regardless of whether Google provides a user account via which you are logged in or whether no user account exists. If you are logged in to Google, your data will be directly assigned to your account. If you do not wish your data to be associated with your Google profile, you must log out before activating the button. Google stores your data as usage profiles and uses them for the purposes of advertising, market research and/or the needs-based design of its website. Such an evaluation is carried out in particular (even for users who are not logged in) to provide needs-based advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles, and you must contact Google to exercise this right. Further information on the purpose and scope of data collection and processing by Google, as well as further information on your rights in this regard and settings options for protecting your privacy, can be found at: www.google.de/intl/de/policies/privacy.
Use of Google reCAPTCHA
We use "Google reCAPTCHA (hereinafter »reCAPTCHA«) on our website. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, hereinafter »Google«. The purpose of reCAPTCHA is to check whether data entry on our websites (e.g. in a contact form) is made by a human being or by an automated programme. For this purpose, reCAPTCHA analyses the behaviour of the website visitor on the basis of various characteristics. This analysis begins automatically as soon as the website visitor enters the website. For the analysis, reCAPTCHA evaluates various information (e.g. IP address, time spent by the website visitor on the website or mouse movements made by the user). The data collected during the analysis is forwarded to Google. The reCAPTCHA analyses run entirely in the background. Website visitors are not informed that an analysis is taking place.
This website uses so-called web fonts provided by Google for the uniform display of fonts. When you call up a page, your browser loads the required web fonts into its browser cache in order to display texts and fonts correctly. If your browser does not support web fonts, a standard font will be used by your computer.
Use of Matomo
The information generated by the cookie about your use of the website is stored on a server in Germany.
The IP address is anonymised immediately after processing and before it is stored. You have the option of preventing the installation of cookies by changing the settings of your browser software. We would like to point out that if you change the setting accordingly, not all functions of this website may be available.
You can decide whether a unique web analysis cookie may be stored in your browser to enable the website operator to collect and analyse various statistical data.
This website uses functions of Facebook Inc, 1601 S. California Ave, Palo Alto, CA 94304, USA . When you call up our pages with Facebook plug-ins, a connection is established between your browser and the Facebook servers. In the process, data is already transmitted to Facebook. If you have a Facebook account, this data can be linked to it. If you do not wish this data to be associated with your Facebook account, please log out of Facebook before visiting our site. Interactions, in particular the use of a comment function or the clicking of a »Like« or »Share« button, are also passed on to Facebook. You can find out more at https://www.facebook.com/about/privacy.
Functions of the Instagram service are integrated on our website. These functions are offered by Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA. If you are logged into your Instagram account, you can link the content of our pages to your Instagram profile by clicking on the Instagram button. This allows Instagram to associate the visit to our pages with your user account. We would like to point out that we, as the provider of the pages, have no knowledge of the content of the transmitted data or its use by Instagram.
Note on data transfer to the USA
Among other things, tools from companies based in the USA are integrated on our website. If these tools are active, your personal data may be transferred to the US servers of the respective companies. We would like to point out that the USA is not a safe third country in the sense of EU data protection law. US companies are obliged to hand over personal data to security authorities without you as a data subject being able to take legal action against this. It can therefore not be ruled out that US authorities (e.g. intelligence services) process, evaluate and permanently store your data located on US servers for monitoring purposes. We have no influence on these processing activities.
The copyright and all other rights to the content, images, photos or other files on the website belong exclusively to the operator of this website or to the specifically named rights holders. The written consent of the copyright holder must be obtained in advance for the reproduction of any files. Anyone who commits a copyright infringement without the consent of the respective copyright holder may be liable to prosecution and possibly to damages.
All information on our website has been carefully checked. We make every effort to ensure that the information we provide is up-to-date, accurate and complete. Nevertheless, the occurrence of errors cannot be completely ruled out, which means that we cannot guarantee the completeness, correctness and up-to-dateness of information, including journalistic and editorial information. Liability claims regarding damage caused by the use of any information provided, including any kind of information which is incomplete or incorrect, will therefore be rejected.
The publisher may change or delete texts at his own discretion and without notice and is not obliged to update the contents of this website. The use of or access to this website is at the visitor's own risk. The publisher, its principals or partners are not responsible for damages, such as direct, indirect, incidental, consequential or punitive damages, allegedly caused by the use of this website and consequently assume no liability for such damages.
The publisher also accepts no responsibility or liability for the content and availability of third-party websites that can be accessed via external links on this website. The operators of the linked sites are solely responsible for their content. The publisher thus expressly distances itself from all third-party content that may be relevant under criminal or liability law or that may offend common decency.
We may amend this data protection declaration at any time without prior notice. The current version published on our website shall apply. Insofar as the data protection declaration is part of an agreement with you, we will inform you of the change by e-mail or other suitable means in the event of an update.
Questions to the data protection officer
If you have any questions about data protection, please write to us by e-mail or contact the data protection officer directly at the beginning of data protection.
Krattigen, January 2022
This data protection declaration is a translation of the German version generated with the help of SwissAnwalt.ch