PRIVACY POLICY

PRIVACY POLICY

Data Protection declaration

Responsible in terms of data protection laws, in particular the EU General Date Protection Regulation (GDPR), is:

Prosura AG

Apollonia Gisin

8808 Pfäffikon

E-Mail: contact (at)prosura.ch

General Information

This Privacy Policy explains what information we collect, how we use it, with whom we share it, and the choices you have to control, access, and update your information when you browse our website, or use any services that we may offer through this website.

Based on Article 13 of the Swiss Federal Constitution and the data protection provisions of the Swiss Confederation (Data Protection Act, DPA), every person has the right to protection of his or her privacy and to protection against misuse of his or her personal data. The operators of these pages take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the legal data protection regulations as well as this data protection declaration.

In cooperation with our hosting providers, we make every effort to protect the databases as well as possible against unauthorised access, loss, misuse or falsification.

We would like to point out that data transmission on the Internet (e.g. communication by e-mail) can have security gaps. Complete protection of data against access by third parties is not possible. By using this website, you consent to the collection, processing and use of data in accordance with the following description. This website can generally be visited without registration. In the process, data such as pages accessed or names of the accessed file, date and time are stored on the server for statistical purposes without this data being directly related to your person. Personal data, in particular name, address or e-mail address, are collected on a voluntary basis as far as possible. We do not share any of your personally identifiable information with third parties for their own marketing use unless you explicitly give us permission to do so.

Processing of personal data

Personal data is any information relating to an identified or identifiable person. A data subject is a person about whom personal data is processed. Processing includes any handling of personal data, regardless of the means and procedures used, in particular the storage, disclosure, acquisition, deletion, storage, modification, destruction and use of personal data. We process personal data in accordance with Swiss data protection law. Furthermore, we process personal data in accordance with the following legal bases in connection with Art. 6 (1) of the GDPR - insofar as and to the extent that the EU GDPR is applicable:

lit. a) The data subject has given consent to the processing of personal data relating to him or her for a specific purpose or purposes.
lit. b) The processing is necessary for the performance of a contract to which the data subject is party or for the implementation of pre-contractual measures taken at the data subject's request.

lit. c) Processing is necessary for compliance with a legal obligation to which the controller is subject.

lit. d) The processing is necessary to protect the vital interests of the data subject or another natural person.

lit. f) Processing is necessary for the purposes of protecting the legitimate interests of the controller or of a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require the protection of personal data.

Processing of special categories of personal data

Personal data Art. 9 para.2 GDPR

lit.b) Insofar as special categories of personal data within the meaning of Art. 9 (1) GDPR (e.g. health data, such as severely disabled status or ethnic origin) are requested from applicants in the context of the application procedure so that the person responsible or the person concerned can exercise the rights accruing to him or her under labour law and social security and social protection law and fulfil his or her obligations in this respect, their processing is carried out in accordance with Art. 9 (2) lit. b. GDPR, in the case of the protection of vital interests of the applicants or other persons pursuant to Art. 9 para. 2 lit. c. GDPR or for the purposes of preventive health care or occupational medicine, for the assessment of the employee's fitness for work, for medical diagnostics, care or treatment in the health or social sector or for the management of systems and services in the health or social sector pursuant to Art. 9 para. 2 lit. h. GDPR. In the case of a communication of special categories of data based on voluntary consent, their processing is based on Art. 9 para. 2 lit. a. GDPR.

Relevant legal basis

In accordance with Art. 13 GDPR, we inform you of the legal basis for our data processing. If the legal basis is not stated in the data protection declaration, the following applies: The legal basis for obtaining consent is Art. 6(1)(a) and Art. 7 GDPR the legal basis for processing to fulfil our services and carry out contractual measures and respond to enquiries is Art. 6(1)(b) GDPR, the legal basis for processing to fulfil our legal obligations is Art. 6(1)(c) GDPR, and the legal basis for processing to protect our legitimate interests is Art. 6(1)(f) GDPR. In the event that vital interests of the data subject or another natural person make processing of personal data necessary, Art. 6 (1) (d) GDPR serves as the legal basis.

Security

We use technology and security precautions, rules and other procedures to protect your personal data from unauthorised access, improper use, disclosure, loss or destruction. It is, however, your personal responsibility to ensure that the computer you are using is adequately secured and protected against malicious software, such as trojans, computer viruses and worm programs. You are aware of the fact that without adequate security measures (e.g. secure web browser configuration, up-to-date antivirus software, personal firewall software, no usage of software from dubious sources) there is a risk that the data and passwords you use to protect access to your data, could be disclosed to unauthorised third parties.

Transfer of data to third parties

Your personal data is neither transferred nor sold or otherwise transmitted to third parties in any form, unless this is required for the purpose of processing a contract or to fulfil our statutory tasks, or if you have expressly consented to this.

The recipients of this data may include, for example, service providers commissioned with IT tasks or providers of services and content that are integrated into a website. In such cases, we observe the legal requirements and, in particular, conclude appropriate contracts or agreements that serve to protect your data with the recipients of your data. In addition, data may be transmitted to third parties if we are under obligation to do so by law or by an enforceable official or court order.

Data processing in third countries

Some recipients of such data are located in Switzerland but can also be anywhere in the world. If we transmit data to a country that does not have appropriate data protection, we ensure an appropriate level of protection by employing contracts accordingly, or we act on the basis of the following statutory/legal exemptions: consent, performance of the contract, the establishment, execution or enforcement of legal claims, overriding public interests, published personal data, or the need to protect the integrity of the persons in question. If we process data in a third country (i.e., outside the European Union (EU), the European Economic Area (EEA)) or the processing takes place in the context of using third-party services or disclosing or transferring data to other persons, entities or companies, this will only be done in accordance with legal requirements.

Subject to express consent or contractually or legally required transfer, we process the data only in third countries with a recognised level of data protection, contractual obligation through so-called standard protection clauses of the EU Commission, in the presence of certifications or binding internal data protection regulations (Art. 44 to 49 GDPR information page of the EU Commission: https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection_en).

Cookies

This website uses cookies. Cookies are text files that contain data from visited websites or domains and are stored by a browser on the user's computer. The primary purpose of a cookie is to store information about a user during or after their visit within an online service. Stored information may include, for example, language settings on a website, login status, a shopping cart or where a video was watched. The term cookie also includes other technologies that perform the same functions as cookies (e.g. where user details are stored using pseudonymous online identifiers, also known as "user IDs").

The following cookie types and functions are distinguished:

Temporary cookies (session cookies): Temporary cookies are deleted at the latest after a user has left an online offer and closed his browser.
Permanent cookies: permanent cookies remain stored even after the browser is closed. For example, the login status can be saved or preferred content can be displayed directly when the user visits a website again. Likewise, the interests of users used for reach measurement or marketing purposes can be stored in such a cookie.
First-Party-Cookies: are set by ourselves.
Third-Party-Cookies: are mainly used by advertisers (third parties) to process user information.
Essential cookies: are essential or absolutely necessary for the functionality of the website.
Statistics, marketing and personalised cookies: Furthermore, cookies are usually also used in the context of range measurement and when a user's interests or behaviour (e.g. viewing certain content, using functions, etc.) on individual websites are stored in a user profile. Such profiles are used, for example, to show users content that matches their potential interests. This procedure is also referred to as "tracking", i.e. tracking the potential interests of users. Insofar as we use cookies or "tracking" technologies, we will inform you separately in our data protection declaration or in the context of obtaining consent.

Notes on legal bases: The legal basis on which we process your personal data using cookies depends on whether we ask you for consent. If this is the case and you consent to the use of cookies, the legal basis for the processing of your data is the consent given. Otherwise, the data processed using cookies is processed on the basis of our legitimate interests (e.g. in the business operation of our online offer and its improvement) or, if the use of cookies is necessary to comply our contractual obligations.

Storage period: If we do not provide you with explicit information on the storage period of permanent cookies (e.g. as part of a so-called cookie opt-in), please assume that the storage period can be up to two years.

General information on revocation and objection (opt-out): Depending on whether the processing is based on consent or legal permission, you have the option at any time to revoke any consent you have given or to object to the processing of your data by cookie technologies (collectively referred to as "opt-out"). You can initially declare your objection by means of your browser settings, e.g. by deactivating the use of cookies (whereby this may also restrict the functionality of our online offer). An objection to the use of cookies for online marketing purposes can also be declared by means of a variety of services, especially in the case of tracking, via the websites https://optout.aboutads.info and https://www.youronlinechoices.com/. In addition, you can receive further instructions on how to object in the context of the information on the service providers and cookies used. Processing of cookie data based on consent: We use a cookie consent management procedure, under which the consent of users to the use of cookies, or the processing and providers mentioned in the cookie consent management procedure can be obtained and managed and revoked by users. The declaration of consent is stored so that it does not have to be repeated and the consent can be proven in accordance with the legal obligation. The storage can take place on the server side and/or in a cookie (so-called opt-in cookie, or with the help of comparable technologies), in order to be able to assign the consent to a user or their device. Subject to individual information on the providers of cookie management services, the following information applies: The duration of the storage of consent can be up to two years. A pseudonymous user identifier is created and stored with the time of consent, information on the scope of consent (e.g., which categories of cookies and/or service providers), as well as the browser, system and end device used.

Types of data processed: Usage data (e.g. web pages visited, interest in content, access times), meta/communication data (e.g. device information, IP addresses).
Persons concerned: Users (e.g., website visitors, users of online services).
Legal bases: Consent (Art. 6 para. 1 p. 1 lit. a. GDPR), legitimate interests (Art. 6 para. 1 p. 1 lit. f. GDPR).

SSL/TLS

This website uses SSL/TLS encryption for security reasons and to protect the transmission of confidential content, such as requests that you send to us as the site operator. You can recognise an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in your browser line. If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.

Data transmission security without SSL

Please note that data transmitted over an open network such as the Internet or an e-mail service without SSL encryption can be viewed by anyone. You can recognise an unencrypted connection by the fact that the address line of the browser shows "http://" and no lock symbol is displayed in your browser line. Information transmitted over the Internet and content received online may be transmitted over third-party networks. We cannot guarantee the confidentiality of any communications or materials transmitted over such open or third-party networks. If you disclose personally identifiable information over an open network or third-party networks, you should be aware that your information may be lost or potentially accessed by third parties and, as a result, the information may be collected and used without your consent. Although in many cases the individual data packets are transmitted in encrypted form, the names of the sender and recipient are not. Even if the sender and the recipient reside in the same country, data transmission via such networks often also takes place without controls via third countries, i.e. also via countries that do not offer the same level of data protection as your country of domicile. We assume no responsibility for the security of your data during transmission over the Internet and disclaim any liability for direct or indirect losses. We ask you to use other means of communication should you consider this necessary or reasonable for security reasons. Despite extensive technical and organisational security precautions, it is possible that data may be lost or intercepted and/or manipulated by unauthorised persons. As far as possible, we take appropriate technical and organisational security measures to prevent this within our system. However, your computer is located outside the security area that we can control. It is your responsibility as a user to inform yourself about the necessary security precautions and to take appropriate measures in this regard. As the website operator, we are in no way liable for any damage that you may suffer as a result of data loss or manipulation. Data that you enter in online forms may be passed on to authorised third parties for the purpose of order processing and may be viewed and possibly processed by them.

Server-Log-Files

The provider of this WebSite automatically collects and stores information in server log files, which your browser automatically transmits to us. These are:

Browser type and Bowser version
Operating system used
Referrer URL
Host name of the accessing computer
Time of the server request

This data cannot be assigned to specific persons. A combination of this data with other data sources is not made. We reserve the right to check this data retrospectively if we become aware of concrete indications of illegal use.

Third party services

In some cases, third-party content is integrated into our websites, e.g. YouTube videos, maps from Google Maps, RSS feeds, graphics from other websites or Google invisible reCHAPTA for protection against bots and spam. These services of the American Google LLC use cookies, among other things, and as a result, data is transferred to Google in the USA, although we assume that no personal tracking takes place in this context solely through the use of our website. Google has undertaken to ensure adequate data protection in accordance with the US-European and the US-Swiss Privacy Shield. Further information can be found in Google's privacy policy.

Your rights as a data subject

You have the right to obtain access to the personal data about you and to request its rectification or erasure, or restriction of processing or, where applicable, the right to object to processing or the right to data portability. For any request concerning the processing of your personal data, we invite you to contact the operational controller responsible.

Contradiction advertising mails

The use of contact data published within the scope of legal notice obligation to send advertising and information material that has not been expressly requested is hereby prohibited. The operators of the pages expressly reserve the right to take legal action in the event of the unsolicited sending of advertising information, such as spam e-mails.

Chargeable services

For the provision of chargeable services, we request additional data, such as payment details, in order to be able to execute your order. We store this data in our systems until the statutory retention periods have expired.

Application of Google Maps

This website uses Google Maps API to visually display geographical information. When using Google Maps, Google also collects, processes and uses data on the use of the map functions by visitors. You can find more information about data processing by Google in the Google privacy policy. There you can also change your personal privacy settings in the Privacy Centre. Detailed instructions on managing your own data in connection with Google products can be found here.

Copyright

The copyright and all other rights to the content, images, photos or other files on the website belong exclusively to the operator of this website or to the specifically named copyright holders. Any reproduction, retransmission or other use is strictly prohibited. Request for permission to reproduce any information contained on this Website should be addressed to the website operator. Anyone who commits a copyright infringement without the consent of the respective copyright holder may be liable to prosecution and possibly to damages.

General exclusion of liability

All information on our website has been carefully checked. We provides no warranty and makes no representations of any kind whatsoever regarding: the currency, accuracy or completeness of the content, the results to be obtained by any user of the Site or any third party content accessible on or through the Site. We to the maximum extent permitted by current laws and/or regulations disclaim any and all liability for losses or damages (direct or indirect) of any kind whatsoever arising directly or indirectly as a result of the content, any links, third party content, any errors in omissions from the site, any inability to access or use the website for any reason. The operators of the linked pages are solely responsible for their content. The publisher thus expressly dissociates itself from all third-party content that may be relevant under criminal or liability law or that may offend common decency.

Amendments

We may change this Policy from time to time (e.g. if the law changes). Any changes will be immediately posted on the Website and you will be deemed to have accepted the terms of the Policy on your first use of the Website following the alterations. We recommend that you check this page regularly to keep up-to-date.

Contacting us

If you have any questions about data protection, please write to us by e-mail or contact the person responsible for data protection in our organisation listed at the beginning of the data protection declaration directly.

CH-8808 Pfäffikon, 08.2023