Privacy Policy
This privacy policy (“Privacy Policy”) provides you information on how we (Opticoal AG i.G., Grünmattstrasse 10, 8405 Winterthur, Switzerland) process personal data when providing the services (as defined below, see Art. 2 “Definitions”): which data are collected, why and how we process it, and with whom we share it. Please note that the Cookies and Analytics page is part of the Privacy Policy.
For the sake of clarity, Opticoal AG i.G. will be referred to in the present document as “Opticoal”, “we”, and the associated pronouns. You, as well as the other users of the services, are referred to as “users”, “you” and associated pronouns.
1. Scope
Your privacy matters to us, and the present document addresses the different aspects of data processing in connection with the use of the services.
To provide the services, Opticoal needs to process certain personal data (as defined below), such as your e-mail address, your name, your IP address, etc. We are a Swiss organization relying on international providers, which implies certain cross-border data transfers.
Please note that, we do not use your personal data for any automated decision producing legal effects, and we do not sell, in the meaning defined by the California Consumer Privacy Act (CCPA), Personal Data.
2. Definitions
Anonymization / Anonymized means the process according to which data are rendered not relatable to an individual anymore. Anonymization implies that no re-identification is possible, following techniques such as deidentification and k-anonymization.
Personal data means information that relates to an identified or identifiable individual. The information may be directly or indirectly identifiable (e.g. encrypted personal data remain personal data).
Processing means any operation on personal data, including but not limited to the collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction of personal data.
Services mean any service provided by Opticoal, including the website.
Users mean any person of full age and legally capable of entering into an agreement (according to applicable laws) using the services. Should you be not of full age and legally capable of entering an agreement, please refrain from using any of our services. If you are acting on behalf of a company, we may assume that you are authorized to act on behalf of such company in connection with the acknowledgement and/or acceptance of this privacy policy, regardless of the internal regulations and/or circumstances of that company and entries in the commercial/trade register and without further verification of such authorization.
3. Contact
Should you have any question about this policy, our processing, or if you want to exercise your rights (see article 4 “Your Rights” below), please contact us:
By e-mail: info@opticoal.com
By post: Katharina Lolliger (Opticoal AG i.G.), Grünmattstrasse 10, 8405 Winterthur, Switzerland.
4. Your rights
To exercise your rights, please contact us according to the article 3 “Contact” above. Please note that, depending on the request, we may require additional information and/or a copy of an identification document (such information and document would only be processed for the purpose of establishing your identity and ensuring your data are sent only to you or your legal representative).
You are entitled to exercise your rights according to the applicable law, which may include (non-exhaustively):
Access: you may receive a copy of your personal data in a comprehensive language. If requested, you may also require a copy in a machine-readable format, allowing reusability (portability of data).
Correction: you should be able to correct your personal data through your interface, nevertheless, feel free to contact us to get support.
Deletion: you may request the deletions of your personal data collected under consent or for the performance of a contract.
Withdraw your consent: you may withdraw your consent, for certain purposes or the entire processing of your personal data. Nevertheless, be aware the consent withdrawal might limit your access to the services.
Information: you may request about whether or not personal data about you is processed by Opticoal, as well as more information about the way your personal data are processed, as such as the categories of recipients.
5. Data processing
Purpose: Answer to any request (including support)
Categories of data collected: Identity data (such as a name), contact information (such as an e-mail address), technical information (such as IP address, location), any data transmitted in the request
Lawful basis: Performance of a contract
Categories of recipients: Opticoal (2)
Purpose: Cookies (3)
Categories of data collected: Technical information, location, settings preferences
Lawful basis: Performance of a contract
Categories of recipients: Opticoal (2)
Purpose: Analytics (3) (no-tracking)
Categories of data collected: Technical information
Lawful basis: Legitimate interest
Categories of recipients: Opticoal (2)
Purpose: Cookies (3) (marketing purposes)
Categories of data collected: Technical information, history information, profiling
Lawful basis: Consent
Categories of recipients: Opticoal (2)
Purpose: Analytics (3) (tracking)
Categories of data collected: Technical information, history information, ad data
Lawful basis: Consent
Categories of recipients: Opticoal (2)
Purpose: Monitoring and technical maintenance
Categories of data collected: IP address, any data relevant to the defect description, device performance data, location
Lawful basis: Legitimate interest
Categories of recipients: Opticoal (2)
Purpose: Supplier management
Categories of data collected: Identity data (such as a name), contact information (such as an e-mail address)
Lawful basis: Performance of a contract
Categories of recipients: Opticoal (2)
Purpose: Customer management
Categories of data collected: Identity data (such as a name), contact information (such as an e-mail address), data relevant to the transactions
Lawful basis: Performance of a contract
Categories of recipients: Opticoal (2)
Purpose: Member management
Categories of data collected: Identity data (such as a name), contact information (such as an e-mail address)
Lawful basis: Performance of a contract
Categories of recipients: Opticoal (2)
Purpose: Commercial prospecting
Categories of data collected: Identity data (such as a name), contact information (such as an e-mail address)
Lawful basis: Legitimate interest
Categories of recipients: Opticoal (2)
Purpose: Archives
Categories of data collected: All personal data (to the extent necessary)
Lawful basis: Compliance with legal obligation / Legitimate interest
Categories of recipients: Opticoal (2)
Show Cookie Options
(1) The types of data are for an illustrative purpose and not exhaustive. For an exhaustive list of all types of data collected, please contact us at the address indicated in art. 3 ”Contact”.
(2) For the purpose of this section, this also includes subprocessors acting on behalf of the recipient. Please refer to art. 10.1 “Subprocessors”.
(3) Regarding cookies and analytics, please refer to art. 9 “Cookies and Analytics” below.
6. Retention
We store personal data for the time necessary to achieve the purpose of processing as well as a retention period of 12 months, unless otherwise provided by the applicable law, especially in the matter of archives. Please note that once the retention period is over, and except the case of our archives, personal data may be deleted or anonymized, and as such, out of scope from data protection regulation and from the privacy policy.
7. Locations of processing and data transfer
Your personal data may be processed in various locations, including but not limited to:
Switzerland,
EEA,
USA.
We operate globally, as a consequence, cross-border transfers are necessary to provide you the services. Nevertheless, we seek to protect your personal data, by applying security processes (see article 11 “Security” below) and requesting legal guarantees from our partners. By accepting the privacy policy, you are aware and consent to the transfer of your personal data.
8. Legal Disclosure
Be aware that we may disclose personal data, if needed to comply with legal proceedings, including court orders, subpoenas or warrants, or in response to a request from courts, law enforcement agencies, regulators, or other public agencies. This is our obligation to comply with the law and legal proceedings, and for EEA such a disclosure would be made under the basis of article 6. (c) of GDPR.
9. Cookies and analytics
Opticoal relies on cookies and analytics to know more about the interactions with our services and improve them accordingly. Opticoal uses these technologies in particular for the following purposes:
Obtain statistics and analysis on interactions with the services, including details about how and where our services are accessed from, when and how often users use the services, which areas of the services keep the interest of our users.
Collect information on functionality and performance of our services,
Security, including fraud prevention,
Know more about the audience of our services,
Subject to your consent: marketing and advertisements, which include advertising-related tracking.
In particular, we use Google Analytics. This service of Google LLC in Mountain View, USA or Google Ireland Limited in Dublin, Ireland, respectively ("Google") enables us to measure and evaluate the use of our services (website) on a non-personal basis. The service uses permanent cookies, which are set by Google. Google does not receive any personal data from us (and does not retain any IP addresses), but may track your use of our services (website), combine this information with data from other websites that you have visited and which are also tracked by Google, and use this information for its own purposes (e.g. management of advertising). If you have registered yourself with Google, Google also knows you. Google is responsible for the processing of your personal data in accordance with Google's privacy policy. Google merely informs us how our services (website) are used without giving any personal information about you. Google has committed itself to ensuring adequate data protection in accordance with the U.S.-EU and the U.S.-Swiss Privacy Shield and to complying with the requirements of GDPR. For more information, please see Google's privacy policy.
10. Sharing Personal Data
Subprocessors
Opticoal relies on different partners to provide you the services, which may access certain personal data. This includes the following categories of partners:
Technical services, such as hosting, or technical support.
These providers are acting as subprocessors of Opticoal (for EEA, this corresponds to the article 28 of GDPR). Opticoal strives to ensure that all service providers with access to personal data will only act within the framework we set through our legal framework, such as applicable law (under adequation decision), data processing agreement, standard contractual clauses, binding corporate rules, and/or privacy shield. We also put in place some security safeguards, such as data minimization, to ensure these subprocessors access your data on a need-to-know basis.
External Links
When a reference is made to external contents, please note that Opticoal has no control over the privacy policies, contents or security safeguards of the providers of these contents, and, as such, may not be held responsible in any way for the actions, as well as the privacy policy, content, and any other matter regarding these third parties. If you disagree with the privacy policy of these providers, please refrain to the use of these services.
Security
Security matters to us, and we have put in place security safeguards to protect information submitted to us. Whilst we cannot ensure or guarantee that loss, misuse or alteration of information will never occur, we use reasonable efforts to prevent it. No method of transmission over the internet, or method of electronic storage, is 100% secure, and we cannot ensure or warrant the security of any information you provide to us.
When using the services or providing personal data to us, unless your specific instruction of communicating through postal service, we may communicate with you electronically regarding security, privacy, and administrative issues relating to your use of the services.
If we learn of an incident that may qualify as a breach under applicable law, when and to the extent required by law, we will attempt to notify you electronically, by posting a notice on the services and/or by sending an e-mail to you.
Dispute Resolution and Governing Law
Subject to any mandatory provisions or requirements of other laws, this privacy policy shall be governed by and construed in accordance with the laws of Switzerland, without regard to its conflict of law principles, as well as without regard to the Convention on Contracts for the International Sale of Goods (CISG).
In the event of any dispute, controversy, disagreement or claim arising out of or relating to the services, or any provision of the terms or the breach thereof, the parties shall try to settle those conflicts amicably between themselves. If, within 30 days, the parties cannot reach an agreement despite good faith discussions, any party may submit the dispute to the competent courts.
Any dispute shall be subject to the exclusive jurisdiction of the courts of the canton of Zurich, Switzerland, venue being Zurich.
11. Further Provisions
Entire Agreement. The privacy policy constitutes the entire and exclusive understanding and agreement between you and us on the matter of privacy.
Severability. Should any part of the privacy policy be held to be invalid or unenforceable, the unenforceable part will be given effect to the greatest extent possible, or, if it cannot legally be given any effect, will be replaced by the valid provision the nearest to the intention of the parties, and the remaining parts will remain in full force and effect in their original version.
Interpretation. Use of section headers is made for convenience only and will not have any impact on the interpretation of any provision.
Update and Enforceability. The last version of the privacy policy is the enforceable version. We may modify this policy at any time, without prior notice, and such changes will be effective from the date of their publication (unless otherwise provided). In the case of material changes, the privacy policy will only become effective upon the notice provided in this version, no less than 30 days before its date of entry into force. Your use of any of the services following an update is deemed acceptance of the last version.
Assignment. You may not assign or transfer your rights related to the services, in whole or in part, by operation of law or otherwise, without our prior written consent.
Consent to electronic communications. You are aware and acknowledge that any communication by electronic means is associated with risks, in particular interceptions, corrupted or infected content, or misdirected, delayed, or never received communication. Opticoal advises its customers to adopt sufficient security measures on its systems, data, and communications. Electronic communications (e.g. e-mails) and its attachments are confidential. If you receive messages in error, please inform the sender and delete any copy of the message. In addition, electronic communications do not constitute in itself financial advice. As a matter of principle, before acting on any information, you should consider its completeness and appropriateness having regard to the relevant matter and seek independent financial advice. In any case, Opticoal shall not be liable for such inherent risks and any damages arising in connection. By using the services, you consent to receive and engage electronic communications from/with us. You agree that any notices, agreements, disclosures, or other communications that we send to you electronically will satisfy any legal communication requirements, including that those communications be in writing.