Privacy Policy

Data Protection Statement of Rainer Studhalter

Version effective as of 2024-04-18

With this Data Protection Statement I describe how I collect and process personal data. The term "personal data" in this Data Protection Statement to shall mean any information that identifies, or could reasonably be used to identify any person.

If you provide me with personal data of other people (e.g. family members, work colleagues, etc.), please ensure that they are aware of this Data Protection Statement and only provide me with their data if you are authorized to do so and this data is correct.

This Privacy Notice is aligned with the EU General Data Protection Regulation («GDPR»), the Swiss Data Protection Act («DPA») and the revised Swiss Data Protection («revDPA»). However, the application of these laws depends on each individual case.

1. Responsibility

I am responsible for the data processing that I describe here. You can notify me of any data protection related concerns, using the following contact details:

Name Rainer Studhalter
Address In den Lettenreben 9
4104 Oberwil BL
Switzerland
Contact Form https://studhalter.dev/contact

2. Collection and Processing of Personal Data

I primarily process personal data that I receive as part of my business relationships with customers and business partners, both from these and other people involved, or that I collect from users when operating my website, apps and other applications.

Where permitted, I also obtain certain data from publicly accessible sources (e.g. debt collection registers, land registers, commercial registers, press, internet) or receive such data from authorities and other third parties.

Apart from data you provided to me directly, the categories of data i receive about you from third parties include, but are not limited to, information from public registers, data received in connection with administrative or court proceedings, information in connection with your professional role and activities (e.g., in order to conclude and carry out contracts with your employer), information about you in correspondence and discussions with third parties, credit rating information (if i conduct business activities with you personally), information about you given to me by individuals associated with you (family, consultants, legal representatives, etc.) in order to conclude or process contracts with you or with your involvement (e.g. references, your delivery-address, powers of attorney), information regarding legal regulations such as anti-money laundering and export restrictions, bank details, information regarding insurances, my distributors and other business partners for the purpose of ordering or delivering services to you or by you (e.g., payments made, previous purchases), information about you found in the media or internet (as far as this is indicated in the specific case, e.g. in connection with job applications, media reviews, marketing/sales, etc.), your addresses and, if applicable, interests and other socio-demographic Data (for marketing), as well as data related to your use of my website, see point 4.

3. Purpose of Data Processing and Legal Grounds

I primarily use collected personal data to conclude and process contracts with my clients and business partners, in particular to provide services to my clients, but also, if necessary, to purchase products and services from business partners. If you work for such a client or business partner, your personal data may also be affected in this capacity.

In addition, I process personal data from you and other persons, to the extent permitted and deemed appropriate to me, also for the following purposes in which I (and sometimes third parties) have a legitimate interest corresponding to the purpose:

  • providing and developing my products, services and website, apps and other platforms, on which i am active
  • communication with third parties and processing of their requests
  • review and optimization of procedures regarding needs assessment for the purpose of direct client approach as well as obtaining personal data from publicly accessible sources for client acquisition
  • Advertising and marketing (including the organization of events), unless you have objected to the use of your data. If I send you advertising as an existing client, you can object to this at any time.
  • market and opinion research, media surveillance
  • asserting legal claims and defense in legal disputes and official proceedings
  • prevention and investigation of criminal offences and other misconduct (e.g. conducting internal investigations, data analysis to combat fraud)
  • Ensuring my operations, especially IT, my website, apps and other platforms

If you have given me your consent to process your personal data for specific purposes (e.g. when you register to receive newsletters), I will process it within the scope of and based on this consent, unless I have another legal basis, provided that i require one. Consent given can be withdrawn at any time, but this does not affect data processed prior to withdrawal.

4. Data related to the use of my website

When you access my website, even if you do not actively submit information, information of a general nature is automatically collected. These include the type of web browser, the operating system used, your IP address, referrer URL, date and time of access and similar.

They are processed in particular for the following purposes:

  • Ensuring smooth usage of my website
  • Ensuring and evaluating system security and stability, especially to detect misuse
  • For the optimal display and optimization of my website
  • For statistical analysis of access numbers

This data is also stored in the log files of my system. Storage of this data together with other personal data of the user does not take place. I do not use your data to draw conclusions about your person. However, I reserve the right to subsequently check the server log files if there are concrete indications of illegal use.

4.1. Cookies

I do not use cookies on my website.

4.2. Tracking techniques

I do not use tracking techniques on my website.

5. Datatransfer and Transfer of Data Abroad

I also disclose personal data to third parties as part of my business activities, where permitted and deemed appropriate. This particularly concerns the following type of recipients:

  • service providers, dealers, suppliers and other business partners
  • clients
  • domestic and foreign authorities or courts
  • the media
  • the public, including users of my websites and social media
  • competitors, industry organizations, associations, organizations and other bodies
  • other parties in possible or pending legal proceedings

together Recipients.

These recipients are mainly located in Switzerland, but can also be in the European Economic Area (EEA), but in exceptional cases potentially in any country in the world.

If a recipient is located in a country without adequate legal data protection, I contractually oblige the recipient to comply with the applicable data protection regulations, unless they are already subject to a legally recognized set of rules to ensure data protection and I cannot rely on an exception provision. To do this, I use the European Commission's revised standard contractual clauses, which are available here: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?. An exception may apply in particular in legal proceedings abroad, but also in cases of overriding public interests or if the execution of a contract requires such disclosure, if you have given your consent or if it concerns data that you have made generally accessible and the processing of which you have not objected to.

6. Retention Periods for your Personal Data

I process and retain your personal data as long as required for the performance of my contractual obligation and compliance with legal obligations or other purposes pursued with the processing, i.e. for the duration of the entire business relationship (from the initiation, during the performance of the contract until it is terminated) as well as beyond this duration in accordance with legal retention and documentation obligations. Personal data may be retained for the period during which claims can be asserted against me or insofar as i am otherwise legally obliged to do so or if legitimate business interests require further retention (e.g., for evidence and documentation purposes). As soon as your personal data are no longer required for the above-mentioned purposes, they will be deleted or anonymized, to the extent possible.

7. Data Security

I have taken appropriate technical and organizational security measures to protect your personal data from unauthorized access and misuse such as IT and network security solutions, access controls and restrictions, encryption of data carriers and transmissions.

8. Provision of personal data

As part of our business relationship, it is essential to provide the personal data that is necessary for the establishment and implementation of a business relationship and the fulfillment of the associated contractual obligations. As a rule, you do not have a legal obligation to provide me with data. However, without this data, I will usually not be able to conclude or process a contract with you (or the entity or person you represent).

9. Your Rights

In accordance with and as far as provided by applicable law, you have the right to access, rectification and erasure of your personal data, the right to restriction of processing or to object to our data processing, as well as to receive certain personal data for transfer to another controller (data portability). Hower, i reserve the right to enforce statutory restrictions on my part, for example if i am obliged to retain or process certain data, have an overriding interest (insofar as i may invoke such interests) or need the data for asserting claims. If exercising certain rights will incur costs on you, i will notify you thereof in advance. You can revoke your consent to data processing at any time. Please further note that the exercise of these rights may be in conflict with contractual agreements and this may result in consequences such as premature contract termination or involve further costs. If this is the case, i will inform you in advance unless it has already been contractually agreed upon.

The exercise of such rights generally requires that you provide clear proof of your identity (e.g. by providing a copy of your ID, where your identity is not evident otherwise or cannot be verified in another way). To assert your rights, you can use the contact information, provided in Section 1 above

Every data subject also has the right to enforce their claims in court or to file a complaint with the responsible data protection authority. The responsible data protection authority in Switzerland is the Federal Data Protection and Information Commissioner (https://www.edoeb.admin.ch).

10. Amendments of this Data Protection Statement

I may amend this Data Protection Statement at any time without prior notice. The current version published on my website shall apply. If the Data Protection Statement is part of an agreement with you, i will notify you by e-mail or other appropriate means in case of an amendment.