WE ARE PROJEKTIL Ltd.
We collect and process personal data carefully and only to the extent permitted by law.
In the following we explain which policies we comply with and for what purposes we collect and process personal data via this website and other ways and applications operated by us or affiliated companies.
Personal data are all items of information that relate to an identified or identifiable natural person. Personal data form the basis for identifying or contacting a data subject. Processing includes any handling of personal data, in particular the storage, disclosure, procurement, collection, deletion, storage, modification, destruction and use of personal data.
As a company having its registered office in Switzerland, we comply with the Swiss data protection legislation, in particular with the Federal Act on Data Protection in its current version. In the context of the European General Data Protection Regulation regulations apply which may also be relevant for companies and service providers domiciled in Switzerland. As far as these provisions may be applicable for us, we comply with these provisions.
For the avoidance of doubt, we have no influence on the online monitoring and data processing by Swiss and international security and other authorities that have the corresponding competences.
We process information that a data subject voluntarily and personally provides to us when contacting us – for example, by letter, e-mail, contact form, registering to a user account, social media or phone. All information may be stored in physical and digital address books, in a customer relationship management program or other tools. We may also store and process data we receive legally from third parties, or which are publicly available, as far as the processing of such data is in compliance with the applicable data regulations according to the relevant Swiss and European legislation.
In the following we explain which policies we comply with and for what purpose we collect and process personal data via this website and other websites and applications operated by us or affiliated companies.
When you register and use our services, we collect certain personal data so that we can provide our services targeted to you. Within the scope of communication and data collection, the following data is stored by us or by third party companies that provide the corresponding services:
- Registration data such as name, e-mail address, phone number, address and any other information you choose to provide;
- Data that you have shared with social media services for sharing with the company,
- Activity data,
- technical data such as IP address, browser type and other technical information;
- In the case of invitations to enter in connection with competitions, we may collect further data, in accordance with the relevant invitation to enter,
- If you have registered for a newsletter, we will keep you informed about relevant developments and offers. If you are directed to our websites via a link in the newsletter, you also grant us permission to process and use your IP address together with geodata, web beacons or similar technologies in order to check whether the offers submitted to you in the course of this communication meet your requirements. In addition, we process and use the e-mail address you provide to send you personalized offers in connection with the newsletter. If you no longer wish to receive the newsletter, you can unsubscribe at any time in the newsletter itself,
- we do not collect any financial data from external service providers in the field of payments.
The purpose of this data handling is,
- to communicate with you,
- to provide the business services and functions,
- to give you the opportunity to comment on content,
- to minimize the risk of fraud,
- to be able to provide and improve our services in a contractual and targeted manner,
- the use of the data for marketing purposes,
- the use for research purposes, for example to develop new products and services, but also to participate in competitions,
- to comply with applicable legislation and case law and to be able to respond to requests from administrative or other state authorities,
- to provide the possibility of sharing on social media,
- to protect the company and third parties.
In the context of the European General Data Protection Regulation (GDPR) regulations apply which may also be applicable to companies and service providers domiciled in Switzerland. As far as these provisions may be relevant for us, we comply with these provisions, and as a company based in Switzerland we also comply with the revised Federal Act on Data Protection (Data Protection Act, FADP).
The central aspects of these legal guidelines are listed below:
Right to information
Where personal data are collected, the data subjects are to be provided with a range of information regarding the collection of data, in particular what data are collected and for what purpose.
Right of access by the data subject
The person affected by the data processing is entitled to demand a confirmation that personal data are processed by him or that this is not the case. Where data is processed, the applicable legislation establishes various rights (e.g. the right to obtain a copy of the data).
Right to rectification
The data subject shall have the right to request the controller to rectify any inaccurate personal data concerning him/her without delay. Taking into account the purposes of the processing, the data subject has the right to request the completion of incomplete personal data, including by means of a supplementary declaration.
Right to erasure („right to be forgotten“)
The data subject has the right to request that personal data relating to him/her be deleted immediately and the personal data must be deleted immediately if one of the reasons listed in the applicable legislation applies, for example that the data are no longer necessary for the purpose for which they were collected.
Right to restriction of processing
In certain cases, the data subject has the right to require the restriction of the processing of data. If such a restriction is requested, the data may only be retained, but may no longer be processed.
Right of notification
All recipients to whom personal data have been disclosed must be informed of any correction or deletion of personal data or any restriction on processing, unless this proves impossible or involves disproportionate effort.
Right to data transferability
The data subject has the right to receive the data that he has provided in a structured, common and machine-readable format and has the right to transfer this data to another data controller, for example to change the service provider. However, this right can only be exercised if the data processing is based on the consent of the data subject or on a contract.
Right to object
The data subject shall also have the right to object at any time, for reasons arising from his or her particular situation, to certain processing of personal data relating to him or her, including profiling based on these provisions. Subsequently, the data may no longer be processed, unless the data processor can prove compelling reasons for the processing which are worthy of protection and which outweigh the interests, rights and freedoms of the data subject, or the processing serves to assert, exercise or defend legal claims. Where personal data are processed for direct marketing purposes, the data subject shall have the right to object at any time to the processing of personal data concerning him/her for the purposes of such advertising, including profiling in so far as it is related to such direct marketing.
Right to waive an automated decision in individual cases
In addition, the data subject has the right not to be subject to a decision based exclusively on automated processing, including profiling, which has legal effect against him or her or significantly affects him or her in a similar manner.
Right to be informed of data protection violations
Should the provisions on the protection of personal data be violated, the person affected by the violation will be informed, provided that this entails a high risk for personal rights and freedoms.
Special protection for children
Furthermore, the applicable legislation also provides special protection for children. For example, in the case of services offered directly to a child, consent to the processing of the child’s data must be given or authorized by the holder of parental responsibility, whereby the age limit in question may be defined differently in the various countries within the scope of application of the GDPR.
Technical measures for data security
We protect personal data through appropriate technical and organizational security measures and store them on secure servers. The website is protected against manipulation by the usual state-of-the-art measures and against access, modification or distribution by unauthorized persons. This includes taking data protection aspects into account as early as the planning phase of our services („privacy by design“), and our new products or services are offered with data protection-friendly default settings („privacy by default“).
Transfer of data to third parties
We are entitled to pass on your personal data to service providers for the purposes of the contract, including abroad. These are, for example, cloud service providers, other companies in the group, other providers of services relevant to the provision of corporate services, including, for example, IT service providers, management consultants and lawyers, and public authorities.
Therefore, you authorize us to fully or partially contract third parties whose intervention seem to be opportune for the proper development of the services provided by us. In this case, we are obliged to the subcontracted party to undersign a contract which stipulates the obligations the latter must fulfil regarding the personal data protection, by using standard agreements which are in compliance with the European and Swiss legislation. In particular, said third party will be required to comply with the same data protection obligations as those which we have promised to our users, as well as sufficient guarantees that it shall apply the appropriate technical and organizational measures to ensure that the data use conforms to the applicable regulations. We will be diligent in its selection of providers via the application of legally compliant verification mechanisms, with the objective of minimizing as much as possible the risks which may affect the security of the information which the third party may access.
A complete list of the data processors involved can be requested from us.
Data subjects whose personal data we process have a right of administrative complaint to the competent supervisory authority. The supervisory authority for data protection in Switzerland is the Federal Data Protection and Information Commissioner (FDPIC).
Third party software
Third-party software is integrated on our website and applications. This is done in particular with the purpose of better understanding the interests of the user and for targeted communication, especially for marketing purposes.
Below supplementary information on the most important corresponding third-party applications, whereby these companies are also legally obliged to respect the applicable data protection regulations:
This website also uses plugins from the social networks Facebook and Instagram, which are operated by Meta Platforms Inc., („Meta“). If you visit our website from Internet pages equipped with such a plugin, a connection to the Meta servers is established. This transmits to the Meta server which of our Internet pages you have visited in detail. If you are logged in as a member of Facebook or Intagram, Meta assigns this information to your personal Facebook or Instagram user account. When using the plugin functions (e.g. clicking the „Like“ button, submitting a comment) this information is also assigned to your account, which you can prevent by logging out before using the plugin. You can find more information on the collection and use of data by Meta, on your rights in this regard and on ways to protect your privacy in the Meta data protection information (https://www.facebook.com/privacy/policy/).
On request, we provide a complete list of all implemented third-party software and tools.
We have no influence on the content of external websites that are accessible via links on our website. We therefore accept no responsibility for the content of these external websites. The respective provider or operator of the sites is always responsible for the content of the linked sites. The linked sites were checked for possible legal violations at the time of linking. Illegal contents were not identifiable at the time of linking. However, a permanent control of the contents of the linked pages is not reasonable without concrete evidence of a violation of the law. We will remove such links as soon as we become aware of any infringements.
Jurisdiction, Applicable Law and International Users in general
Therefore, this Policy is intended to cover collection of personal information within our home jurisdiction. Some countries may require stricter privacy policies than those described in this Policy. If you are accessing the Site from a foreign country, you understand and agree that your personal information may be transferred to, stored, and processed in our home jurisdiction or the jurisdiction of the third parties described herein, and that the data protection and other laws of our home jurisdiction or the jurisdiction of such third parties might not be as comprehensive as those in your country.
WE ARE PROJEKTIL AG Baslerstrasse 30 8048 Zürich
Alexa Meierhofer Tel. Nr.: 079 528 29 30
Last updated: 19 December 2023