Basics

This privacy policy is intended to inform the users of this website about the type, scope and purpose of the collection and use of personal data by the website operator Bella Haas “Well-Being” Free Trade. This is not a final description; other data protection declarations or general terms and conditions, conditions of participation and similar documents may regulate specific issues.

This privacy policy is based on the European General Data Protection Regulation (DSGVO/GDPR). Although the DSGVO is a regulation of the European Union (EU), it is important for us. The Swiss Data Protection Act (DSG) is strongly influenced by EU law and companies outside the European Union or the European Economic Area (EEA) must comply with the DSGVO under certain circumstances.

Responsible person

Bella Haas “Well-Being” Free Trade is responsible for the data processing described here. If you have any data protection concerns, you can inform us via e-mail to bewell@bellawell.ch or by post to the address in the imprint.

Aim of processing personal data and legal basis

We only process personal data of our users if this is necessary to provide a functional website as well as our contents and services.

In addition, we process personal data of you and other persons, to the extent permitted and deemed appropriate, also for the following purposes in which we (and sometimes also third parties) have a justified interest corresponding to the purpose::

• Providing and further developing our offers, services and websites, apps and other platforms on which we are present;Kommunikation mit Dritten und Bearbeitung derer Anfragen (z.B. Bewerbungen, Medien- anfragen);
• Review and optimization of procedures for needs analysis for direct customer contact and collection of personal data from publicly available sources for customer acquisition;
• Advertising and marketing (including the performance of events), provided that you have not objected to the use of your data (if we send you as an existing customer advertising from us, you can object to this at any time; we will then place you on a blacklist against further advertising mailings);
• Market and opinion research, media monitoring;
• Assertion of legal claims and defence in connection with legal disputes and official proceedings;
• Prevention and investigation of criminal offences and other misconduct (e.g. conducting internal investigations, data analyses to combat fraud);
• Ensuring our operations, especially IT, our websites, apps and other platforms;
• Acquisition and sale of business divisions, companies or parts of companies and other transactions under company law and the associated transfer of personal data as well as measures for business management and compliance with legal and regulatory obligations and internal regulations from Bella Haas “Well-Being” Free Trade

If you have given us your consent to process your personal data for specific purposes (for example when registering to receive newsletters or carrying out a background check), we will process your personal data within the scope of and based on this consent, unless we have another legal basis and require one. A given consent can be revoked at any time, but this has no effect on data processing that has already taken place.

Cookies/Tracking and other technologies in connection with the use of our website

Hosting Provider & Server Logfiles

The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:

• IP address
• Browser type and browser version
• operating system used
• referrer URL
• Host name of the accessing computer
• Time of the server request
• Amount of data sent in bytes

These data cannot be directly assigned to specific persons. These data are not combined with other data sources. We reserve the right to check these data subsequently if we become aware of concrete indications of an illegal use. The data is stored for security reasons, e.g. to clarify cases of misuse. If data have to be deleted for reasons of evidence, they are excluded from deletion until the incident has been finally clarified.

These data and all data on this website are stored by our hosting provider Hostpoint AG, Neue Jonastrasse 60, CH-8640 Rapperswil-Jona, whose data protection declaration you will find here. We have concluded a contract with Hostpoint AG for order data processing.

Cookies

Like many other websites, we also use so-called “cookies”. Cookies are small text files that are transferred from a website server to your hard drive. This automatically provides us with certain data such as IP address, browser used, operating system and your connection to the Internet. Cookies serve to make our website more user-friendly, effective and secure. Cookies cannot be used to start programs or to transmit viruses to a computer. Based on the information contained in cookies, we can make navigation easier for you and enable the correct display of our web pages. Under no circumstances will the data we collect be passed on to third parties or linked to personal data without your consent. Of course, you can also view our website without cookies. Internet browsers are regularly set to accept cookies. In general, you can deactivate the use of cookies at any time via the settings of your browser. Please use the help functions of your Internet browser to find out how you can change these settings. Please note that some features of our website may not work if you have disabled the use of cookies.

Registration and comments on contributions

On this website we offer users the opportunity to register by providing personal data. The data is entered into an input mask and transmitted to us and stored. You can then log in to our website and use certain functions such as the comment function.

When visitors write comments on the website, we also collect the information displayed in the comment form, the visitor’s IP address and the user agent string (which identifies the browser) to help detect spam. Visitor comments could be examined by an automated spam detection service.

An anonymized string (also called a hash) can be created from your email address and sent to the Gravatar service to check if you are using it. You can find the privacy policy of the Gravatar service here. After your comment has been shared, your profile picture will be publicly visible in the context of your comment.

If you are a registered user and upload photos to this website, you should avoid uploading photos with an EXIF GPS location. Visitors to this website may download photos stored on this website and extract their location information.

Contact forms

If you contact us by e-mail or online form with questions of any kind, you give us your voluntary consent for the purpose of contacting us. This requires at least the specification of a valid e-mail address. This is used to assign the request and then reply to it. Further information is required for consultation requests. The information you provide will be stored for the purpose of processing your inquiry and for possible follow-up questions. Contact form usage could be analyzed by an automated spam detection service.

Embedded content from other websites

Contributions on this website may contain embedded content (e.g. videos, images, contributions, etc.). Embedded content from other websites behaves exactly as if the visitor had visited the other website.

These websites may collect information about you, use cookies, embed third-party tracking services and record your interaction with that embedded content, including your interaction with the embedded content, if you have an account and are logged in to this website. For information on data processing, we refer to the relevant websites.

Analytics services

This website uses functions of the web analysis service Google Analytics. The provider is Google Inc, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA. Google LLC complies with European data protection law and is certified under the Privacy Shield Agreement.

Google Analytics uses so-called “cookies”. These are text files that are stored on your computer and enable an analysis of your use of the website. The information generated by the cookie about your use of this website is usually transferred to a Google server in the USA and stored there.

We have activated the IP anonymization function on this website. This will cause your IP address to be cut by Google within Member States of the European Union or in other countries party to the Agreement on the European Economic Area before being transmitted to the USA. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide the website operator with other services relating to website and Internet use. The IP address transmitted by your browser in the context of Google Analytics is not merged with other Google data.

You can prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by Google by downloading and installing the browser plug-in available under the following link: https://tools.google.com/dlpage/gaoptout?hl=en

If you want to block Google’s processing of data from this website only, please click here.

Social Media

We also use plug-ins from social networks such as Facebook, YouTube, Google+, Pinterest, Instagram, Xing or LinkedIn on our website. This can be seen for you in each case (typically via the corresponding symbols. We have configured these elements to be disabled by default. If you activate them (by clicking), the operators of the respective social networks can register that you are on our site and where and can use this information for their purposes. The processing of your personal data is then the responsibility of this operator according to its data protection regulations. We do not receive any information from you from them.

Google Fonts

For a uniform representation of the fonts this page uses web fonts from Google. When you open a page, your browser loads the required web fonts into your browser cache to display texts and fonts correctly.

To do this, your browser must connect directly to the Google servers. Google becomes aware that our website has been accessed via your IP address. The use of Google Web Fonts is in the interest of a uniform and appealing representation of our Plugins. If your browser does not support web fonts, a default font is used by your computer.

For more information about how they use your information, please see Google’s FAQ and Google’s Privacy Policy.

Data transfer and data transmission abroad

As a rule, your personal data will not be transmitted to third parties for purposes other than those mentioned. We will only pass on your data to third parties if:

• you have given your explicit consent,
• processing is required to process a contract with you,
• the processing is necessary to fulfil a legal obligation,
• the processing is necessary to protect legitimate interests and there is no reason to believe that you have an overriding interest worthy of protection in not disclosing your data,
• other reasons stated in this privacy policy.

Duration of the storage of personal data

We process and store your personal data as long as it is necessary for the fulfilment of our contractual and legal obligations or otherwise for the purposes pursued with the processing, i.e. for the duration of the entire business relationship (from the initiation, processing up to the termination of a contract) as well as beyond that in accordance with the legal storage and documentation obligations. It is possible that personal data may be stored for the period during which claims can be asserted against our company and insofar as we are otherwise legally obliged to do so or justified business interests require this (e.g. for evidence and documentation purposes). As soon as your personal data are no longer required for the above-mentioned purposes, they will be deleted or made anonymous as far as possible. For operational data (e.g. system logs), shorter retention periods of twelve months or less generally apply.

Data security

We take appropriate technical and organisational security precautions to protect your personal data from unauthorised access and misuse. To protect the security of your data during transmission, we use state-of-the-art encryption methods (e.g. SSL) via HTTPS.

Obligation to provide personal data

As part of our business relationship, you must provide the personal data that is necessary for the establishment and execution of a business relationship and the fulfilment of the associated contractual obligations (as a rule, you do not have a statutory obligation to provide us with data). Without this information, we will generally not be able to enter into or process a contract with you (or the entity or person you represent). Also the website cannot be used if certain information to ensure data traffic (such as IP address) is not disclosed.

Profiling and automated decision making

As a matter of principle, we do not use fully automated automatic decision making (as regulated, for example, in Art. 22 DSGVO) to establish and carry out the business relationship or otherwise. Should we use such procedures in individual cases, we will inform you of this separately, insofar as this is prescribed by law and will inform you of the associated rights.

Rights of the persons concerned

You have the right to information, correction, deletion, the right to restrict data processing and otherwise to object to our data processing and to the disclosure of certain personal data for transfer to another party within the scope of the data protection law applicable to you and to the extent provided for therein (such as something in the case of the DSGVO). Please note, however, that we reserve the right to enforce the statutory restrictions, for example if we are obliged to store or process certain data, have an overriding interest in it (insofar as we may invoke it) or need it for asserting claims. If there are costs for you, we will inform you in advance. We have already informed you of the possibility of revoking your consent in Section 3. Note that the exercise of these rights can conflict with contractual agreements and this can have consequences such as premature contract termination or cost consequences. We will inform you in advance if this is not already contractually regulated.

The execution of such rights requires that you clearly prove your identity (e.g. by a copy of your identity card). To assert your rights, you can contact us at the address given in paragraph 1.

For users who register on our website, we also store the personal information that they provide in their user profiles. All users can view, change or delete their personal information at any time (the user name cannot be changed). Website administrators can also view and modify this information. If you have an account on this website or have written comments or contacted us via contact forms, you can request an export of your personal data, including any data you have provided to us. In addition, you can request the deletion of all personal data that we have stored about you. This does not include the data that we have to keep for administrative, legal or security reasons.

Furthermore, every data subject has the right to enforce his claims in court or to lodge a complaint with the competent data protection authority. The responsible data protection authority in Switzerland is the Federal Data Protection and Information Commissioner (http://www.edoeb.admin.ch).

Amendment

We may revise this Privacy Policy at any time without notice. The current version published on our website applies. If the Privacy Policy is part of an agreement with you, we will notify you of the change by e-mail or other appropriate means in the event of an update.

–
Zurich, September 2018