Privacy Policy - Sephyre

Privacy Statement

Last updated on 16 October 2024

We take the transparent handling of personal data very seriously. This privacy statement provides information about what personal data we collect, for what purpose we collect it, and to whom we disclose it. We review and update this privacy policy regularly to ensure maximum transparency.

What data we collect

General personal data

We process your general personal data. Personal data is any information relating to an identifiable natural person. A natural person is identifiable if the information available allows conclusions to be drawn about the identity of the person.

Example: Your name, IP address, and home address are personal data.

Data provided to us

You often provide us with your personal data. Whenever you enter your personal data and transmit it to us, it is considered to have been provided to us. The transmission of data to us is fundamentally voluntary, but in some cases it is mandatory to use our services.

Example: You enter your data in a contact form or sign up for a newsletter.

Data collected by us

When you use our services, we sometimes collect your data without your active involvement. This data usually consists of data about your device and data about user behavior.

Example: We collect data about the operating system of the device you used to access our website.

Product development

We strive to continuously improve our offerings. This is why we use your personal data to develop and improve our products and services.

Example: We collect data about visitor behavior on the website to continuously improve user-friendliness.

Data transfer

We share your personal data with companies that can decide for themselves how they use the data. This is usually done because it is necessary to comply with legal requirements, when an outstanding claim is transferred to a debt collection agency, or to detect fraudulent activity.

Example: A legal requirement obliges us to share your data with a government agency.

Worldwide

We work with providers from all over the world to process your personal data. This allows us to benefit from global offerings and access the best and most reliable services. The country to which the data is exported may not have the same data protection standards as Switzerland.

Example: We use the services of a cloud provider such as Google, which is based in the US.

The Services We Use

Google Analytics

https://google.com/analytics

ANALYTICS

We use Google Analytics on our website, a service provided by Google Ireland Ltd., Google Building Gordon House, Barrow St, Dublin 4, Ireland, with its headquarters at Google LLC, 1600 Amphitheater Parkway Mountain View, CA 94043, USA, both collectively referred to as “Google.”

What data do we process?

Google Analytics is an analytics service for websites that collects information about how the website is used. In particular, the following information may be collected:

IP address
Technical information such as browser, operating system, or screen resolution
Interactions on the website
Duration of the visit
Time and date of the website visit
Referrer URL

The IP address is anonymized by Google Analytics so that it can no longer be linked to a specific person. When a visitor visits our website for the first time, Google Analytics may generate an identifier to recognize the visitor when they return to the website. If you are logged in to your Google account, data processing may also take place across devices.

For what purpose do we process the data?

The interactions, duration, time, and date are collected so that we can use this data to evaluate and optimize our marketing campaigns and offerings. In addition, we can use this data to determine how visitors interact with our website, i.e., which content is popular with which visitors. The referrer URL is processed for the purpose of measuring the effectiveness and analyzing various marketing channels.

Who do we share the data with?

Our disclosure of data is governed by our statements on data disclosure. As Google is a transnational company, your data may be transferred by Google throughout the world. In particular, it may be transferred to the US, where Google has its headquarters. This is a country where legislation does not guarantee adequate data protection.

Vimeo

https://vimeo.com

MEDIA

We embed videos from Vimeo on our website.

How does the embedding work?

The embedding is done via a plug-in. As soon as you visit one of our pages equipped with a plug-in, a connection to the Vimeo servers is established. The servers are informed which of our subpages you have visited. For more information, please refer to Vimeo’s privacy policy: https://vimeo.zendesk.com/hc/de/sections/203915088-Datenschutz.

Why are we allowed to embed this content?

We embed content via Vimeo in order to make our offerings accessible to a wider audience. This is in our legitimate interest.

What information do you share with the providers?

If you are logged into a user account of a provider, you may enable that provider to associate your browsing behavior directly with your personal profile. We would like to point out that we have no knowledge of the specific content of the data transmitted or how it is used.

If you do not want these providers to be able to associate your visit to our website with your user account, please log out of your respective user account before using our website.

Google Tag Manager

https://tagmanager.google.com

ANALYTICS

We use Google Tag Manager on our website, a service provided by Google Ireland Ltd., Google Building Gordon House, Barrow St, Dublin 4, Ireland, with its headquarters at Google LLC, 1600 Amphitheater Parkway Mountain View, CA 94043, USA, both collectively referred to as “Google.”

Google Tag Manager is a service that allows various tracking tags (e.g., Facebook Pixel, Google Analytics, Hotjar, etc.) to be managed centrally. Google Tag Manager itself does not collect any data. The tags that collect the data we manage via Google Tag Manager are listed in this privacy policy.

MonsterInsights

https://www.monsterinsights.com/

ANALYTICS

MonsterInsights is a WordPress plugin used to integrate and manage Google Analytics on a website. With MonsterInsights, website owners can track important statistics such as visitor numbers, session duration, page views, and bounce rates, which help them better understand their visitors’ behavior and adjust their marketing strategies accordingly.

MonsterInsights also allows users to create custom events and goals to measure the success of specific actions on the website, such as clicks on certain buttons or form submissions. This data can be used to measure and improve the effectiveness of advertising campaigns, content, and other marketing activities.

In addition, MonsterInsights also offers features such as e-commerce tracking, which can track the performance of online stores, and the ability to create custom reports to gain more detailed insights.

reCAPTCHA

https://www.google.com

WIDGETS

We use Google reCAPTCHA on our website, a service provided by Google Ireland Ltd., Google Building Gordon House, Barrow St, Dublin 4, Ireland, with its headquarters at Google LLC, 1600 Amphitheater Parkway Mountain View, CA 94043, USA, both collectively referred to as “Google.”

What data do we process?

Google reCAPTCHA is a verification service for websites to distinguish human users from bots. In particular, the following information may be collected:

IP address
Technical information such as browser, operating system, or screen resolution
Interactions with the captcha

The IP address is anonymized by Google reCAPTCHA so that it can no longer be linked to a specific person. When a visitor visits our website for the first time, Google reCAPTCHA may generate an identifier to recognize the visitor when they return to the website.

For what purpose do we process the data?

The IP address is processed to analyze the approximate location of the visitor and to prevent any suspicious activity, namely to identify IP addresses associated with spam or other unwanted behavior. The technical information is processed so that the captcha can be adapted to the device or browser and to detect deviations from normal usage. Interactions with the captcha are processed to record behavior patterns to distinguish human behavior from automated bots. The aim of Google reCAPTCHA is to protect input forms from bots and spam, while at the same time reliably enabling human input. The data collected is not used to identify you personally.

Who do we pass the data on to?

Our transfer of data is governed by our statements on data transfer. As Google is a transnational company, your data may be transferred by Google throughout the world. In particular, it may be transferred to the US, where Google has its headquarters. This is a country where legislation does not guarantee adequate data protection.

PrivacyBee

https://www.privacybee.io/

DATA PROTECTION

We use PrivacyBee on our website, a service provided by PrivacyBee AG, Laupenstrasse 1, 3008 Bern, Switzerland. PrivacyBee is used to identify all services relevant to data protection and to generate a customized privacy policy for the website.

What data do we process?

PrivacyBee is a service for generating privacy policies, which are then integrated into our website via JavaScript. The following data is processed for the provision of this service:

IP address
Browser type and version
Operating system
Date and time of access to our privacy policy

For what purpose do we process the data?

Collecting this data enables us to display the privacy policy correctly on your device configuration and to ensure that the content is correct and up to date.

Who do we share the data with?

Our disclosure of data is governed by our data disclosure policy. The data collected through the use of PrivacyBee remains with PrivacyBee.

How can you prevent the processing of your data?

To prevent PrivacyBee from processing your data, you can disable JavaScript in your browser. However, please note that if you disable JavaScript, you may not be able to use all the features of our website. We do not offer a specific opt-out option for the PrivacyBee service itself, as the service is essential for providing our privacy policy.

Privacy Statement

What do we do?

Sephyre GmbH (PO Box, 4450 Sissach) operates the website www.sephyre.com (hereinafter referred to as “we” or “us”). On this website, you can find out about our organization, use our online services, and contact us.

The protection of your personal data is very important to us. In this privacy policy, we provide you with transparent and understandable information about what data we collect via our website and how we handle it.

For this reason, we use the icons of the PRIVACY ICONS association. They are intended to help you quickly gain an overview of how we process your data.

What information do we provide?

Who is responsible for data processing
What data is collected
For what purpose this data is collected
To whom we pass on this data
How you can object to data processing
What rights you have and how you can exercise them

Definition of terms

What is personal data?

Personal data (synonymous with the term “personal information”) is any information relating to an identified or identifiable natural person. For example, this includes your name, address, date of birth, email address, telephone number, and IP address. Data about personal preferences, such as leisure activities or memberships, also counts as personal data.

What are special categories of personal data?

Special categories of personal data (synonymous with the term “sensitive data”) are:

Data concerning religious, ideological, political, or trade union beliefs or activities
Data concerning health, privacy, racial or ethnic origin, as well as sex life and sexual orientation
Data on administrative or criminal proceedings and sanctions, as well as data on social assistance measures
Genetic data and biometric data that uniquely identify a person

Where necessary and where you disclose such data to us yourself, we may process data that belongs to a special category of personal data. In this case, its processing is subject to stricter confidentiality.

What is the processing of personal data?

Processing (synonymous with the term “handling”) refers to any handling of personal data, regardless of the means and procedures used, in particular the collection, storage, retention, use, modification, disclosure, archiving, deletion, or destruction of personal data.

What is the disclosure of personal data?

This is the transfer or making available of personal data, e.g. publication or disclosure to a third party.

Contact Information

If you have any questions or concerns about how we protect your data, please contact our data protection officer:

Sephyre GmbH

Ramon Kobler

PO Box

4450 Sissach

ramon@sephyre.com

Data Security

We will store your data securely and take all reasonable measures to protect your data from loss, access, misuse, or alteration.

Our contractual partners and employees who have access to your data are obliged to comply with data protection regulations. In some cases, it will be necessary for us to pass on your requests to companies affiliated with us for the purpose of order processing. In these cases, your data will also be treated confidentially.

Within our website, we use the SSL (Secure Socket Layer) procedure in conjunction with the highest level of encryption supported by your browser.

Rights of data subjects

Right to information

You can request information about the data we have stored about you at any time. Please send your request for information together with credible proof of identity to ramon@sephyre.com.

The information will be provided in writing or in another form, including electronically if necessary. If you request it, we can also provide the information verbally, if you prove your identity in another form. If you submit your request for information electronically, we will provide the information in a common electronic format, unless you specify otherwise.

The information is generally provided free of charge. If additional copies are requested, a reasonable fee may be charged.

The right to obtain a copy of the processed data must not affect the rights and freedoms of other persons.

In the event of manifestly unfounded or excessive requests for information, we reserve the right to refuse to provide the information within the limits of the law or to charge a reasonable fee for it.

The processing of your request is subject to the statutory period of 30 days. Due to the complexity and high number of requests, we may extend this period by two further months if necessary. You will be informed of the extension within one month of submitting your request for information. At the same time, you will be given the reasons for the extension.

Deletion and correction

You have the right to request the deletion or correction or completion of your data at any time, provided that there are no legal retention obligations or legal grounds for permission to the contrary.

Please note that exercising your rights may conflict with contractual agreements and may have corresponding effects on the performance of the contract (e.g., premature termination of the contract or cost consequences).

Restriction of processing

You also have the right to request a restriction of processing if you dispute the accuracy of the data, the processing is unlawful, the data is no longer required, or you have objected to the processing.

If the processing of the data is restricted, it may only be stored. Further processing may only take place with your consent, for the assertion, exercise or defense of legal claims, for the protection of the rights of another person or for reasons of important public interest. You will be notified if the restriction is lifted.

Right to data disclosure and transfer

You have the right to receive your data in a commonly used file format or (if technically feasible) to have it transferred to a third party if we process your data automatically and if:

You have given your consent to the processing of this data; or
You have provided the data in connection with the conclusion or execution of a contract.

Right to object

You have the right to object at any time, on grounds relating to your particular situation, to processing, including profiling, based on our legitimate interests. This right also applies to processing for direct marketing purposes.

Legal recourse

If you are affected by the processing of personal data, you have the right to enforce your rights in court or to lodge a complaint with the competent supervisory authority. The competent supervisory authority in Switzerland is the Federal Data Protection and Information Commissioner.

Data processing in general

What data do we process about you and from whom do we receive this data?

We primarily process personal data that you provide to us or that we collect when operating our website. Under certain circumstances, we may also receive personal data about you from third parties. This may include the following categories:

Basic personal data (name, address, date of birth, etc.)
Contact details (mobile phone number, email address, etc.)
Financial data (e.g., account details)
Online identifiers (e.g., cookie identifiers, IP addresses)

This data may come from the following sources:

Information from publicly available sources (e.g., media, Internet)
Information from public registers (e.g., commercial register, debt collection register, land register)
Information in connection with official or legal proceedings
Information about your professional functions and activities (e.g., professional networks)
Information about you in correspondence and meetings with third parties
Credit reports (if we conduct personal transactions with you)
Information about you provided to us by people in your environment so that we can conclude or execute contracts with you
Data in connection with the use of the website

Under what conditions do we process your data?

We process your data in good faith and in accordance with the purposes set out in this privacy policy. We ensure that processing is transparent and proportionate.

If, in exceptional cases, we are unable to comply with these principles, data processing may still be lawful because there is a legitimate reason for doing so. Legitimate reasons include:

Your consent
The performance of a contract or pre-contractual measures
Compliance with legal requirements
Our legitimate interests, provided that your interests do not outweigh these interests.

Under certain circumstances, you may be required to provide us with certain personal data so that we can establish business relations with you. Without such data, we are normally unable to execute a contract. The website cannot normally be used if certain information required to ensure data traffic, such as your IP address, is not disclosed.

How can you revoke your consent?

If you have given us your consent to process your personal data for specific purposes, we will process your data within the scope of this consent, unless we have another legal basis or another legal requirement applies.

At any time, you can revoke your consent for the future by sending an email to the address given in the legal notice. Data processing that has already taken place is not affected by the revocation and remains valid.

In which cases do we pass on your data to third parties?

a. Principle

We may need to use the services of third parties or affiliated companies and commission them to process your data (so-called processors). Categories of recipients are specifically:

Accounting, trust, and auditing companies
Consulting companies (legal advice, taxes, etc.)
IT service providers (web hosting, support, cloud services, website design, etc.)
Payment service providers (only with your prior consent)
Providers of tracking, conversion, and advertising services

We ensure that data is only passed on with your express consent, unless it is for the purpose of commissioned data processing. We also ensure that these third parties and our affiliated companies comply with data protection requirements and treat your personal data confidentially. Under certain circumstances, we may also be obliged to disclose your personal data to authorities.

b. Disclosure to partners and cooperating companies

We work with various companies and partners who publish their offerings on our website. You can recognize that these are third-party offerings (marked as “advertisement”).

If you take advantage of such an offer, we will transfer your personal data (e.g., name, function, communication, etc.) to the relevant partner or cooperating company whose offer you wish to take advantage of, provided that you have expressly consented to this in advance. These partners and cooperating companies are independently responsible for the personal data they receive. After the data has been transferred, the data protection provisions of the respective partner apply.

c. Transfer to other countries

Under certain circumstances in the context of order processing, your personal data may be transferred to companies in other countries. These companies are subject to the same data protection obligations as we are. The transfer may take place worldwide.

If the level of data protection does not correspond to that of Switzerland, we will carry out a prior risk assessment and contractually ensure that the same level of protection as in Switzerland is guaranteed (e.g. by means of the new standard contractual clauses of the European Commission or other measures required by law). If our risk assessment is negative, we will take additional technical measures to protect your data. You can access the European Commission’s standard contractual clauses at the following link.

How long do we store your data?

We only store personal data for as long as is necessary to fulfill the individual purposes for which the data was collected.

We store contract data longer, as we are required to do so by law. Specifically, we must retain business communications, concluded contracts, and booking receipts for up to 10 years. If we no longer need such data from you to perform the services, the data will be restricted for further processing and we will only use it for accounting and tax purposes.

Data processing in detail

Provision of the website and creation of log files

When you visit www.sephyre.com, i.e. without registering or disclosing any other information, only the data that your browser automatically transmits to our server is collected. This data is technically necessary for the operation of the website.

What data do we process?

The following data in particular is processed for the provision of the website and the creation of log files:

Name of the Internet service provider
IP address
Technical information such as browser, operating system, or screen resolution
The date and time of access
Referrer URL

This data cannot be assigned to a specific person and is not merged with other data sources.

For what purpose do we process the data?

The log files are processed to guarantee the functionality of the website and to ensure the security of our information technology systems.

Who do we pass the data on to?

Our transfer of data is governed by our statements on data transfer.

How can you prevent data processing?

The data is only stored for as long as is necessary to achieve the purpose for which it was collected. Accordingly, the data is deleted after each session ends. The storage of log files is essential for the operation of the website, so you have no option to object to this unless you do not visit our website.

Cookies

Our website uses cookies. Cookies are text files that are stored on your device’s operating system with the help of your browser when you visit our website. Cookies do not cause any damage to your computer and do not contain viruses. Some cookies are technically necessary for the website to function. Most of the cookies we use are so-called “session cookies.” They are automatically deleted after the end of your visit. Other cookies remain stored on your device until you delete them or they expire.

For what purpose do we process the data?

We use cookies so that we can make our website more user-friendly, effective, and secure based on the data collected. Specifically, we use cookies to store your preferences (e.g., language and location settings), to provide quick access and attractive presentation of the website content (e.g., through the use of fonts and content delivery networks), and to analyze the use of this website for statistical evaluation and continuous improvement (usually through third-party cookies). The specific purposes for which we use (technically non-essential) cookies are set out in the following sections of this privacy policy.

Who do we share the data with?

Our disclosure of data is governed by our statements on data disclosure. In addition, the following statements on individual data processing in this privacy policy should be noted.

How can you prevent data processing?

Cookies are stored on your computer. You can delete them completely or deactivate or restrict their transmission by changing the settings in your browser. If you deactivate cookies for our website, you may not be able to use all the functions of the website to their full extent.

Instructions for the most common browsers can be found here:

For Google Chrome
For Apple Safari
For Microsoft Edge
For Mozilla Firefox

For cookies used to measure success and reach or for advertising, a general objection (“opt-out”) is possible for numerous services via the Network Advertising Initiative (NAI), YourAdChoices (Digital Advertising Alliance) or Your Online Choices (European Interactive Digital Advertising Alliance, EDAA).

Tracking pixels

We may use tracking pixels on our website or in our emails. Tracking pixels are also known as web beacons. Tracking pixels are small, usually invisible images that are automatically retrieved when you visit our website or open our emails.

What data do we process?

Tracking pixels can be used to collect the same information as log files. In addition, movement profiles of the entire session can be collected. In particular, tracking pixels are used by third parties whose services we use. Detailed information about these third-party services is provided below in this statement.

For what purpose do we process the data?

Tracking pixels are used by various tracking services to analyze the use of this website for statistical evaluation and continuous improvement. Tracking pixels can also be used for email tracking.

Who do we share the data with?

Our disclosure of data is governed by our statements on data disclosure. Please also note the information in this privacy policy regarding the individual tracking services.

How can you prevent data processing?

To prevent data processing using tracking pixels, you can install suitable browser extensions such as uBlockOrigin and block external graphics in your email program.

Google Analytics

What data do we process?

Google Analytics is an analytics service for websites that collects information about how the website is used. In particular, the following information may be collected:

IP address
Technical information such as browser, operating system, or screen resolution
Interactions on the website
Duration of the visit
Time and date of the website visit
Referrer URL

For what purpose do we process the data?

Your IP address is used to determine your approximate location. We use the information obtained from this to measure the relevance of our offerings in different regions. We also use the IP address to determine where visitors to our website came from. The technical information is processed so that the website can be displayed satisfactorily on any device. The interactions, duration, time, and date are collected so that we can use this data to evaluate and optimize our marketing campaigns and offerings. In addition, we can use this data to determine how visitors interact with our website, i.e., which content is popular with which visitors. The referrer URL is processed for the purpose of measuring the effectiveness and analyzing various marketing channels.

Who do we share the data with?

Vimeo

We embed videos from Vimeo on our website.

How does the embedding work?

The integration is done via a plug-in. As soon as you visit one of our pages equipped with a plug-in, a connection to the Vimeo servers is established. The servers are informed which of our subpages you have visited. For more information, please refer to Vimeo’s privacy policy: https://vimeo.zendesk.com/hc/de/sections/203915088-Datenschutz.

Why are we allowed to embed this content?

We embed content via Vimeo in order to make our offerings accessible to a wider audience. This is in our legitimate interest.

What information do you share with the providers?

If you do not want these providers to be able to associate your visit to our website with your user account, please log out of your respective user account before using our website.

Google Tag Manager

MonsterInsights

reCAPTCHA

What data do we process?

Google reCAPTCHA is a verification service for websites to distinguish human users from bots. In particular, the following information may be collected:

IP address
Technical information such as browser, operating system, or screen resolution
Interactions with the captcha

For what purpose do we process the data?

Who do we pass the data on to?

PrivacyBee

What data do we process?

PrivacyBee is a service for generating privacy policies, which are then integrated into our website via JavaScript. The following data is processed for the provision of this service:

IP address
Browser type and version
Operating system
Date and time of access to our privacy policy

For what purpose do we process the data?

Collecting this data enables us to display the privacy policy correctly on your device configuration and to ensure that the content is correct and up to date.

Who do we share the data with?

Our disclosure of data is governed by our data disclosure policy. The data collected through the use of PrivacyBee remains with PrivacyBee.

How can you prevent the processing of your data?

Will our privacy statement always remain the same?

We may change this privacy statement at any time. The changes will be published at www.sephyre.com. You will not be notified separately.