II. Responsible person
Bossard AG, Steinhauserstrasse 70, 6301 Zug, Switzerland (“Bossard,” “we” or “us”) is responsible for the processing of personal data associated with the use of the website www.bossard.com.
III. Contact data
Bossard AG, Steinhauserstrasse 70, 6301 Zug, Switzerland
E-mail address: firstname.lastname@example.org
IV. Nature and purpose of processing and respective legal basis
We process your personal data for the following purposes:
1. When visiting our website
When visiting our website, our servers temporarily save every access in a log file. The following data can be collected without your assistance and we will save it until it is automatically deleted after no more than 30 days:
- IP address of the requesting computer;
- Date of access;
- Name and URL of the accessed file;
- Website from which the access occurs (referrer URL);
- Operating system of the requesting computer and the browser used and
- access provider.
The collection and processing of this data occurs to allow the use of our website (establishing a connection), permanently ensure the system security and stability and for the technical administration of the network infrastructure. We therefore cannot make any conclusions about you as a person.
Article 6 (1) lit. f GDPR is the legal basis for this processing. The legitimate interest is to enable the use of the website. You can receive more information about the consideration of interests by request.
2. When registering on our website
A comprehensive selection of documented expertise about fastening technology is available to read and download on our website. You must register before downloading this information. We collect the following data as part of the registration on the website:
- Title, first name, last name
- E-mail address
- Choosing to subscribe to our newsletter and the desired country of the newsletter
Disclosing this data is voluntary. However, if you do not specify this data, we will not provide you with the corresponding information. This data is collected to prevent improper use as much as possible. Article 6 (1) lit. b GDPR is the legal basis for this processing. In addition, you can subscribe to the newsletter during the registration (see section IV.3.). If you delete your registration, your personal data will also be deleted or anonymized.
3. When subscribing to our newsletter
If you have expressly consented, we will use your e-mail address to send you our newsletter on a regular basis and to also inform you of offers and promotions from time to time. You only need to specify your last name, first name, country, an e-mail address and your company in order to receive the newsletter. The company must be specified to be able to identify you as a corporate customer. In addition, you can select any title and specify your name so that we can address you personally in every newsletter.
Disclosing this data is voluntary. However, if you do not specify this data, we cannot provide you with the newsletter or may not be able to provide it to you fully. Article 6 (1) lit. f GDPR is the legal basis for this processing with respect to the general newsletter. The legitimate interest is that the processing of your data is necessary to send you the newsletter as desired. You can receive more information about the consideration of interests by request. Article 6 (1) lit. a GDPR is the legal basis for this processing with respect to a personalized newsletter.
There is a link at the end of every newsletter that you can use to unsubscribe from the newsletter at any time. You can also unsubscribe from the newsletter at any time by sending an e-mail to email@example.com. After unsubscribing, your data is deleted or anonymized, unless storing your e-mail address is necessary to ensure that you no longer receive a newsletter.
4. When using the contact form
You can send us general inquiries via the contact form provided on our website. You must enter a valid e-mail address as well as your title, last name, first name, your zip code, city and your country here. Additional information can be optionally provided.
This data is collected in order to know from who inquired, to answer to the best of our abilities and to respond as requested (by mail, telephone or e-mail). Disclosing this data is voluntary. However, if you do not specify this data, we cannot answer your inquiry or we may not be able to answer it fully. Article 6 (1) lit. f GDPR is the legal basis for this processing. The legitimate interest is that the processing of your personal data is necessary to be able to respond to your inquiries accordingly. You can receive more information about the consideration of interests by request. The personal data will be deleted or anonymized after 30 days.
5. Web Analytics
The personal data is directly anonymized and the anonymized data is deleted after 26 months.
Please note that we only process your personal data for other purposes if we are legally required to do so (e.g. transmission to courts or law enforcement agencies) if you have consented to the respective processing in question or if the processing is lawful under the applicable law.
V. Recipients and categories of recipients
We process your personal data in departments that need to know the personal data.
We may send your personal data to the recipients and categories of recipients listed below for the respective purposes. You can find additional information about the recipients and categories of recipients below in the Cookie Information annex.
1. Private third parties – affiliated companies or other third parties.
2. Order processor – When providing our services, we rely on various (technical) service providers (affiliated companies or third parties) to provide our services, while observing the applicable data protection law. Personal data is forwarded to third parties in this context only so that these service providers can process the personal data on our behalf and based on our instructions (so-called “order processing,” the service provider is the “order processor”), insofar as this is required to provide our services. The order processors are subject to contractual obligations for the implementation of reasonable technical and organizational measures to protect your personal data and they only process your data according to our instructions.
3. Public authorities, courts, external advisors – if required or legally permissible.
Your personal data is generally only processed and used within the EU. If a data transfer occurs within the EU and use occurs outside the EU as an exception (e.g. to technical service providers), this always happens in compliance with the applicable data protection law.
VI. Automated decision-making
We do not carry out any automated decision-making through our website regarding the processing of personal data.
VII. Your Rights
If you have consented to the processing of your personal data, you can always revoke your consent with effect for the future. Such a revocation does not affect the legality of the processing carried out based on the consent until the revocation.
You can also view and change the data stored in your customer account by logging into our website with your login data. You can delete your data or your entire customer account at any time. This can be done by using the corresponding option in your customer account. We point out that in the case of your data being deleted, it is not possible or not fully possible to utilize our offering.
You may have the following rights pursuant to the applicable provisions of the EU General Data Protection Regulation as well as applicable national data protection laws:
- Right to information;
- Right to rectification;
- Right to restriction of processing;
- Right to deletion / right to be forgotten;
- Right to data transferability;
- Right of objection.
Please note that the aforementioned rights may be restricted by national law. You can find additional information about your rights in the annex of your rights. To claim one of your rights listed above or if you have questions about your rights, you can always contact us via the contact data mentioned above in section III.
You also have the right to submit a complaint to the competent data protection authority.
VIII. Cookies and similar technologies
Most browsers accept cookies automatically. However, you can configure your browsers so that no cookies are stored on your computer or so that a note appears before a new cookie is created. Please note, however, that disabling cookies may mean you are not able to use all of our website’s functions.
You will find additional information about the nature, name, type, purpose of collection, storage duration of cookies, etc. in the Cookie Information annex.
Retargeting is a process by which we want to address you again. After visiting our website, this application allows you to see our ads when you continue to use the internet. This is done by means of the cookies stored in your browser, through which your usage behavior is recorded and evaluated by our retargeting partner Google AdWords when visiting different websites. In this way, your previous visit to our website can be determined by the retargeting partners. According to their own statements, our retargeting partners do not merge the data collected as part of retargeting with your personal data, which may be stored by our retargeting partners. In particular, our retargeting partners say that they use a pseudonymization during retargeting.
IX. Data Security
We use suitable technical and organizational security measures to protect your personal data we store against manipulation, partial or complete loss and from unauthorized access by third parties. Our security measures are continuously improved in line with technological developments.
When you register with us as a customer, you can only access your customer account after entering your personal password.