haar-shop.ch AG, Glütschbachstrasse 61, 3661 Uetendorf is the operator of the website www.haar-shop.ch and the services offered on it and therefore responsible for the collection, processing and use of your personal data and the compatibility of the data processing with the applicable data protection laws.
Your trust is important to us, which is why we take the subject of data protection seriously and ensure the relevant security. It goes without saying that we comply with the legal provisions of the Federal Data Protection Act (DSG), the Ordinance to the Federal Data Protection Act (VDSG), the Telecommunications Act (TCA) and any other applicable data protection provisions of Swiss or EU law, in particular the General Data Protection Regulation (GDPR).
So that you know which personal data we collect and for what purposes we use these, please take note of the following information.
When visiting our website, our servers temporarily save each access in a log file. The following technical data is collected without any action on your part, as is generally the case with any connection to a web server, and stored by us until these are automatically deleted after 12 months at the latest:
These data are collected and processed for the purpose of enabling the use of our website (establishing a connection), to permanently guarantee system security and stability and to optimise our website as well as for internal statistical purposes. This is our legitimate interest in data processing within the meaning of article 6 para 1 lit f GDPR.
To place orders in the online shop, you can order as a guest or open a customer account. During registration for a customer account we collect the following data:
We collect this data for the purpose of providing the customer with password-protected direct access to his basic data stored with us. The customer can view his completed and open orders or manage or change his personal data.
The legal basis for the processing of data for this purpose is the consent given by you in accordance with article 6 para. 1 lit a EU GDPR.
If you would like to place orders in our online shop, we require the following data to process the contract:
The legal basis of the data processing for this purpose is the fulfilment of a contract according to article 6 para 1 lit. b EU GDPR.
E-mail advertising with newsletter subscription
If you register for our newsletter, we will use the data required for this purpose or provided separately by you to regularly send you
our email newsletter based on your consent as per article 6 para 1 page 1 lit a GDPR.
You can unsubscribe from the newsletter at any time, either by sending a message to the contact option described below or via a dedicated link provided in the newsletter. After unsubscribing, we will delete your e-mail address unless you have expressly consented to further use of your data or we reserve the right to use your data for other purposes which are permitted by law and about which we inform you in this policy.
E-mail advertising without registration for the newsletter and your right of objection If we receive your e-mail address in connection with the sale of a product or service and you have not objected to this, we reserve the right, on the basis of § 7 para 3 UWG, to send you regular offers by e-mail on products from our product range that are similar to those already purchased. This serves to protect our legitimate interests, which outweigh any other interests, in addressing our customers in advertising.
You may object to this use of your e-mail address at any time by sending a message to the contact option described below or via a dedicated link provided in the advertising e-mail, without incurring any costs other than the transmission costs according to the basic rates.
The newsletter is sent as part of a processing operation on our behalf by a service provider with whom we will share your e-mail address for this purpose.
This service provider is located in the USA and is certified under the EU-US Privacy Shield. You can view a current certificate here . Based on this agreement between the USA and the European Commission, the latter has established an adequate level of data protection for companies certified under the Privacy Shield.
Postal advertising and your right of objection
In addition to that, we reserve the right to use your first and last name as well as your postal address for advertising purposes, for example to send you interesting offers and information regarding our products by letter. This serves to protect our legitimate interests, which outweigh any other interests, in addressing our customers in advertising as per article 6 para 1 p 1 lit f GDPR.
Personal data are collected when you provided these to us voluntarily in the context of contacting us by form or email. We exclusively use your data to offer you the desired information or services, which means that only the information and data are stored and processed
that are absolutely necessary to answer your questions or to process a contractual relationship.
When contacting us without a subsequent order, your data will be deleted from our customer database if you ask for this.
If you use the live chat tool to contact us, the data you voluntarily submit (name, email address, message) will be stored by our service provider Userlike on servers located in Germany and processed there exclusively for the purpose of answering the enquiry and deleted after that. Userlike does not use your data for any purpose that goes beyond that.
We will only share your personal data if you have expressly consented to this, if there is a legal obligation to do so or if this is necessary to enforce our rights, in particular to enforce claims arising from the contractual relationship.
In addition, we will share your data with third parties, to the extent necessary as part of using the website and processing contracts (also outside the website), such as processing your bookings. This includes transport providers who has been commissioned to ship the ordered goods. One service provider with whom we share personal data collected via the website or who has or can have access to your data is our webhost mgt-commerce gmbh, Mendelssohnstrasse 27, 10405 Berlin. The website is hosted on servers in Germany. The data is transferred for the purpose of providing and maintaining the functionality of our website. This is our legitimate interest within the meaning of article 6 para 1 lit f EU GDPR.
Identity and credit check when selecting Powerpay payment methode
For the purpose of its own identity and credit checks, Powerpay or partner companies commissioned by Powerpay transmit data to credit agencies (credit reference agencies) and receive information from them as well as, if applicable, credit information on the basis of mathematical-statistical methods, in the calculation of which, address data is included, among other things. Detailed information on this and the credit agencies used can be found in the data protection regulations of Powerpay. The received information about the statistical probability of a default on payment is used by Powerpay to make a balanced decision regarding the reasoning, execution or termination of a contractual relationship.
Furthermore, Powerpay may potentially use the assistance of third parties to uncover or prevent fraud. Data obtained with this assistance/tools may be stored by third parties in encrypted form so that they can only be read by Powerpay. These data are only used, if you select a payment method of our cooperation partner Powerpay. Otherwise, the data automatically expire after 30 minutes.
You may revoke your consent vis-a-vis Powerpay at any time. However, Powerpay may still be entitled to process, use and transfer your personal data if this is necessary for payment processing in accordance with the contract or is required to do so by law or ordered by a court or authority.
Integration of the Trusted Shops Trustbadge
We have integrated the Trusted Shops Trustbadge on this website to display our Trusted Shops seal of approval and the collected reviews as well as the offer Trusted Shops products after an order is placed.
This serves to safeguard our legitimate interests, which outweigh any other interests, in the optimal marketing of our products in accordance with article 6 para 1 p 1 lit f GDPR. The Trustbadge and the services advertised in this manner are an offer of Trusted Shops GmbH, Subbelrather Str. 15C, 50823 Cologne.
When the Trustbadge is opened, the web server automatically saves a so-called server log file, which contains your IP address, date and time of the retrieval, transferred data volume and the requesting provider (access data), for example to document your access. These access data are not evaluated and are automatically overwritten at the latest seven days after you visited the site.
Other personal data are only shared with Trusted Shops if you have consented to this, decide to use Trusted Shops products after completing an order or have already registered. In this case the contractual agreement made between you and Trusted Shops applies.
Voucher offers by Sovendus GmbH
To select of a voucher offer that is of current interest to you, we pseudonymise and encrypt the hash value of your e-mail address and your IP address and send it to Sovendus GmbH, Moltkestr. 11, 76133 Karlsruhe (Sovendus) (art 6 para1 f GDPR). The pseudonymised hash value of the e-mail address is used to consider any possible objection to advertising by Sovendus (article 21 para 3, article 6 para1 c GDPR). Sovendus exclusively uses the IP address for data security purposes and is usually made anonymous after seven days (article 6 para1 f GDPR). For billing purposes, we also transmit the order number, order value with the currency, session ID, coupon code and time stamp to Sovendus (article 6 para1 f GDPR). If you are interested in a voucher offer from Sovendus, if there is no objection to your e-mail address and if you click on the voucher banner which is only displayed in this case, we will send the greeting, name and your e-mail address to Sovendus in an encrypted form to prepare the voucher (article 6 para1 b, f GDPR).
For further information on the processing of your data by Sovendus, please refer to the online data protection information at https://www.sovendus.ch/datenschutz
Credit card information
Cookies help in numerous aspects to make your visit to our site easier, more pleasant and more sensible. Cookies are information files that your web browser automatically stores on your computer’s hard drive when visiting our site.
Most Internet browsers automatically accepts cookies. However, you can configure your browser to prevent any cookies from being stored on your computer or so that a message always appears when you receive a new cookie. The following pages provide an explanation as to how you can configure the processing of cookies on most current browsers:
Deactivating cookies may lead to a reduced functioning of the website.
Google Tag Manager
We also use the Google Tag Manager to manage usage-based advertising services. The Tag Manager tool itself is a cookie-free domain and does not collect any personal data. Instead, the tool rather triggers other tags that in turn may collect data under certain circumstances (see above in this context). If you have disabled it at the domain or cookie level, it will persist for all tracking tags implemented with Google Tag Manager.
We use the Google Analytics web analysis service of to design our website according
to your needs and to continuously optimise it. In this context, pseudonymous user profiles are created and small text files are stored on your computer (cookies). The information generated by the cookie about your website usage is transmitted to the servers of the providers of these services, stored there and prepared for us. In addition to the data listed under point 1, we may also receive the following information:
The information is used to evaluate the use of the website, to compile reports on website activities and to provide further services associated with the use of the website and the Internet for the purposes of market research and demand-orientated website design. This information may also be shared with third parties if the law requires to so or if third parties process this data on our behalf.
The provider of Google Analytics is Google Inc, a company of the holding company Alphabet Inc, based in the USA. Before the data are transmitted to the provider, the IP address is shortened through IP anonymisation (‘anonymizeIP’) on this website within the member states of the European Union or in other contracting states of the Agreement on the European Economic Area. The anonymous IP address transmitted by your browser within the framework of Google Analytics is not combined with other Google data. The full IP address is only transferred to a Google server in the USA and shortened there in exceptional cases. In these cases, we provide contractual guarantees to ensure that Google Inc. maintains an adequate level of data protection. According to Google Inc. under no circumstances will the IP address be associated with other data that concern the user.
Further information about the web analysis service used can be found on the Google Analytics website. Instructions on how to prevent the processing of your data by the web analysis service are provided onhttp://tools.google.com/dlpage/gaoptout?hl=de.
Our website also uses Google Optimize. Google Optimize analyses the use of different variants of our website and helps us improve the usability according to the user behaviour on our site. Google Optimize is a Google Analytics integrated tool.
Google AdWords Conversion Tracking
We also use Google Adwords Conversion Tracking. Google AdWords will store a cookie on your computer if you have reached our website via a Google ad. These cookies expire after 30 days and are not used to identify you personally. If you visit certain pages of our site and the cookie has not expired, we and Google can detect that someone has clicked on as ad and was redirected to our site. Every AdWords customer is issued a cookie. Cookies can therefore not be tracked via the websites of AdWords customers. The information collected using the conversion cookie is used to compile conversion statistics for AdWords customers who have opted for conversion tracking. AdWords customers are informed of the total number of users who clicked on their ad and were redirected to a page tagged with a conversion tracking tag. However, they do not receive information that can be used to identify users personally. If you do not wish to take part in the tracking process, you can also refuse the required storing of a cookie - for example, by changing your browser settings which generally deactivate the automatic saving of cookies. You can also disable cookies for conversion tracking by setting your browser to block cookies from the domain ‘googleadservices.com.’
This website uses Hotjar, an analysis software of Hotjar Ltd (Level 2, St Julian's Business Centre, 3, Elia Zammit Street, St Julian's STJ 1000, Malta, Europe; ‘Hotjar’). Hotjar allows you to measure and evaluate the usage behaviour (clicks, mouse movements, scroll heights etc.) on our website. The information generated by your website visit is transmitted to the Hotjar servers in the EU and stored there. Hotjar uses this information to provide us with reports on the use of our website, as well as other services related to website usage and internet analysis of the website. You may object to Hotjar collecting your information by clicking on the following link and following the instructions provided: https://www.hotjar.com/opt-out.
For completeness sake, we would like to point out to users who are residence or domiciled in Switzerland that monitoring measures are in place in the USA by US authorities, which generally allow the storage of all personal data of all persons whose data has been transferred from Switzerland to the USA. This is done without differentiation, restriction or exception on the basis of the objective pursued and without any objective criterion making it possible to limit the access and subsequent use of the data by the US authorities to very specific and strictly limited purposes that can justify the interference linked both to the access and to the use of these data. Furthermore, we would like to point out that there are no legal remedies available in the USA for data subjects from Switzerland that would allow them to gain access to the data concerning them and to obtain its correction or deletion, or that there is no effective judicial legal protection against the general access rights of US authorities. We explicitly emphasise this legal and factual situation to the person concerned in order to make an appropriately informed decision to consent to the use of their data.
Google Adwords Remarketing
We use Google Adwords to promote this website in Google search results
and on third-party websites. To do so, when you visit our website, Google stores a so-called remarketing cookie, which automatically enables interest-based advertising by means of a pseudonymous cookie ID and based on the pages you visit. This serves to safeguard our legitimate interests, which outweigh any other interests, in the optimal marketing of our website in accordance with article 6 para 1 p 1 lit f GDPR. When the purpose seizes to exist and at the end of our use of Google AdWords Remarketing, the data collected in this context is deleted.
Any further processing of data will only take place if you have consented to Google linking your web and app browsing history to your Google Account and using information from your Google Account to customise the ads shown to you online. If that is the case, if you are logged into Google while visiting our website, Google will use your data together with Google Analytics data to create and define target group lists for cross-device remarketing. To do so, your personal Google data will be linked temporarily with the Google Analytics data, to create target groups.
Google AdWords Remarketing is an offer of Google LLC (www.google.de). The main office of Google LLC is located in the USA and is certified under the EU-US Privacy Shield. You can view a current certificate here . Based on this agreement between the USA and the European Commission, the latter has established an adequate level of data protection for companies certified under the Privacy Shield.
We promote this website on the Facebook platform via Facebook (Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA). To this end, when you visit our website a cookie is set by Facebook, which enables interest-based advertising by means of a pseudonymous cookie ID and based on the sites you visit. As a Facebook member, you can deactivate the Retargeting Cookie using this link.
Alternatively, you can set your browser to inform you about any cookies that are set and decide in individual cases on their acceptance or exclude the acceptance of cookies for certain cases or in general. If you do not accept cookies, the website’s functionalities may be limited.
Review and shopping cart cancellation reminders by Nosto Solutions Oy
If you have explicitly provided your consent during or after an order as per article 6 para 1 page 1 lit a GDPR, we will transmit your email address to Nosto Solutions Oy, Bulevardi 21 00180 Helsinki (Finland), to enable them to send you review reminders or a reminder to conclude an open shopping cart by email.
You may revoke this consent at any time by sending a message to the contact options described below or directly in the unsubscribe link included in each e-mail.
You have the right to request information about the personal data that we store about you. In addition, you have the right to have incorrect data corrected and the right to have your personal data deleted, as long as this does not conflict with any legal obligation to retain data or a permission to process the data.
You also have the right to reclaim the data you have given us (right to data portability). We will also share the data with a third party should you send us a relevant request. You have the right to receive data in a current file format.
If you have any questions regarding the collection, processing or use of your personal data, for information, correction, blocking or deletion of data as well as revocation of a consent you have granted or objection to a specific use of data, please contact us directly via the contact information listed in our imprint.
We use the relevant technical and organisational security measures to protect your personal data stored with us against manipulation, partial or complete loss and against unauthorised access by third parties. Our security measures are continuously improved in line with technological developments.
You should always keep your access data confidential and close the browser window when you have finished communicating with us, especially if you share the computer with others.
We also take the company’s internal data protection very seriously. We have committed our employees and the service companies commissioned by us to maintain secrecy and to comply with data protection regulations.
We store personal data only as long as it is necessary to use the above-mentioned tracking and analysis services and to further process within the scope of our legitimate interest. We save contractual data for a longer period of time, as this is prescribed by statutory storage obligations. Retention obligations, which require us to store data, result from accounting regulations and from tax regulations.
According to these regulations, business communications, concluded contracts and accounting records must be stored for up to 10 years. As soon as we no longer require the data to execute the services for you, the data are blocked.
This means that the data may thus only be used for accounting and tax purposes.
You have the right to complain to a data protection supervisory authority at any time.
As at: Thun, 24.05.2018