top of page

Data protection declaration ;rung

This data protection declaration (“data protection declaration”) provides information our website visitors, customers and business partners (or people acting on behalf of our customers and business partners) ("You") about how Optik Foto Rutz AG processes personal data ("Data") in accordance with the Swiss Federal Act on Data Protection ("DSG") and the European Data Protection Regulation (" ;GDPR") when you use our website, when you use one of our services/products (“Services”) when you provide us with services/products or in any of the other situations set out in the Data Processed, Purpose and Legal Basis section. Within the scope of application of the GDPR, references in this data protection declaration to the GDPR are to be understood as references to the corresponding provisions of the GDPR.

 

1.Controller and contact information

The person responsible for the processing is Optik Foto Rutz AG Email : optik@rutz-stmoritz.ch

2. Obligation to provide data and your transfer of data to Third party

In principle, you are not obliged to provide us with any data. to provide. However, if you do not provide the information set out in Section 3, we may not be able to process your relevant request, contact you or provide you with the Services.

 

If you provide us with data from third parties (e.g. ü ;about your employer/employees, relatives, family members, colleagues, beneficial owners, etc.), we assume that this data is correct. By sharing such data with us, you confirm that you have the right to do so and that you have informed the data subjects about this privacy policy and our processing of their data.

 

3. Processed data, purpose and legal basis

II.General

We process depending on the circumstances described below different data categories. Within the scope of the GDPR, we base the processing of your data on the following legal bases:

  1. The processing of your data is for the completion or implementation ;performance of the contract with you is required (GDPR 6.1.1.b; e.g. in relation to services/products provided by us);

  2. The processing of your data is to comply with legal obligations to which we are subject , required (GDPR 6.1.1.c; e.g. to comply with legal requirements, guidelines and recommendations from authorities);

  3. The processing of your data is to protect our legitimate interests or those of us The interests of a third party are necessary, unless your interests or fundamental rights and freedoms that require the protection of the data outweigh them (GDPR 6.1.1.f; e.g. for security and access control purposes and for compliance with internal regulations, including such purposes as compliance, risk management, corporate governance and business organization);

and/or

  1. the legal bases specified below.</span

 

1.1Use of the website

Data processing in connection with your use of our website is limited to data necessary for the operation, provision and security of the website and the services offered on it ("website usage data") and for Web analysis purposes ("website analysis data") are required.

Categories of data: When accessing our website (and, ü ;through our website, on the Services) the following information about your device may be automatically collected: IP address, operating system, device type, Browser name and version, date and time of access, address of the website from which you were redirected to our website (if applicable), etc. We may analyze your use of our website using web analytics tools, including Google Analytics (with IP enabled). anonymization). Further information about Google's data usage and configuration options can be found here:

https://www.google.com/intl/en/policies/privacy/partners, http://www.google.com/analytics
/learn/privacy.html
and https://policies.google.com/privacy?hl=de& ;gl=de.

Purpose and legal basis: Processing relating to the use of the website is based on our legitimate interest in operating and securing our website and our services, in particular for security reasons, to ensure the stability and integrity of our systems ensure (GDPR 6.1.1.f). In addition, based on our legitimate interest (GDPR 6.1.1.f), we may carry out basic web analysis in order to optimize the website in terms of user-friendliness and to gain insights into the use of our website and our services. The data collected will not be combined with other data or passed on to third parties. The extended web analysis using cookies is based on your consent within the framework of the GDPR (GDPR 6.1.1.a), see the Cookies section below.

1.2 Cookies

Website analytics data may also be collected through the use of cookies become. Cookies are small files managed by your browser and stored directly on your device when you visit our website. You can deactivate the use of cookies in your browser settings, but this may mean that all functions of our website or services are no longer available to you or function properly.

Categories of data: website usage data, website analytics data and others Data specified in the [Cookie Policy / Consent Management Tool].

Purpose and legal basis: We may use cookies on our website to ensure a user-friendly experience (e.g. session cookies), based on our legitimate interest (GDPR 6.1.1.f). The extended web analysis using cookies is based on your consent within the scope of the GDPR (GDPR 6.1.1.a). Further information can be found in our [Cookie Policy / Consent Management Tool].

1.3 Communication

We will contact you via various channels , e.g. B. if you fill out contact forms or similar forms on our website, send us emails or use other electronic (or printed) means of communication through which data can be exchanged ("communication data").

Categories of data: If you fill out our contact forms, us If you send an email or other form of electronic message (or a paper message, such as a letter), we collect information such as your name, email address (or other form of communication identifier, such as a messenger nickname), your telephone number, the subject, the content of the message, the associated metadata and any other information you disclose in your communications with us.

Purpose and legal basis: We use communication data to respond to your request and any possible ;address any further questions relating to the provision of our services (GDPR 6.1.1.b) and other related questions and matters based on the content of your communications with us based (GDPR 6.1.1.a). We store this data to document our communications with you, for training purposes, for quality assurance, for follow-up inquiries (GDPR 6.1.1.f) and for regulatory purposes (GDPR 6.1.1.c).

1.4 Services

When you use our services, you must register. possibly register, e.g. by opening an account or creating a login, and we collect other service-related data, including contract data (as in Section 3.6), relating to the services (collectively, "Service Data", including registration data and usage data, as set out below defined).

Categories of Data: When you register for our services , you may need to open an account or create a login, for which we will collect information such as: E.g. first name, last name, username, password, email, etc. This may also include other information that we need from you in order to provide you with the Services, such as: For example, depending on the service, other information such as address, telephone number, date of birth, nationality, identification document information, occupation, role and function, financial information (such as income information, asset ownership and tax status), customer history, etc., including information from Third parties and public sources (e.g. anti-fraud or government agencies, websites and government registries) (“Registration Data”). In addition, when you use our Services, we process transaction information (dates, currencies, branches, payer and payee details) and record calls, emails, text messages, social media messages and other communications between you and us up. We also analyze your use of our Services to get to know you better and tailor our Services to you by collecting data about your behavior and preferences, including supplementing such data with information from third parties, including public ones Sources (total "usage data").

Purpose and legal basis: In general, the service data is used to provide you to provide our services (GDPR 6.1.1.b) and to comply with applicable legal requirements and our internal regulations, including the purposes of Money laundering and fraud prevention (GDPR 6.1.1.c and 6.1.1.f). We also process service data to document the provision of our services, for training purposes or for quality assurance, as well as for market research to improve our services and processes and for product development, which is based on our legitimate interest (GDPR 6.1.1.f).

1.5 Contracts

If we enter into or negotiate a contract with you If we conduct such a contract, we collect data in connection with the conclusion and fulfillment of such a contract (“contract data”). In general, we collect this data from you or other contractual partners and from third parties involved in the performance of the contract, but may also collect data from third parties or from public sources (e.g. anti-fraud agencies and governmental sources). registers).

Categories of data: Contract data includes registration data, service data in general and further information, e.g. B. relate to the services to be provided, your preferences or feedback, etc. This includes health data (e.g. refraction data, anatomical values...) from you.

Purpose and legal basis: We use contractual data for the preparation, the conclusion, implementation and management of our contractual relationships as well as for any questions or inquiries that may arise in this context (GDPR 6.1.1.b). Such processing may be necessary to comply with legal requirements and internal regulations, including Know Your Customer processes (GDPR 6.1.1.c and 6.1.1.f). We retain this data to document our communications with you, for training purposes, for quality assurance and for follow-up requests (GDPR 6.1.1.f).

1.6 Profiling

We use your data to process personal aspects relating to To evaluate them automatically (so-called "profiling"), but we will not use them for automated decision-making.

Categories of data: Depending on the specific circumstances, The data categories listed in this section Processed data, purpose and legal basis are used for profiling be.

Purpose and legal basis: Profiling can be used for the purposes described in this section 3 for the purposes set out above, in particular to determine preferences, detect abuse and security risks, carry out statistical analysis or for operational purposes Planning (GDPR 6.1.1.f). Profiling is only used to gain a better understanding of certain aspects and does not lead to automated individual decision making.

 

2 .Disclosure and sharing of data

We disclose your data to third parties under certain cases (cf . Section 4.1), whereby cross-border data transfers can also occur (see section Cross-Border Transfer of data).

2.1 Categories of recipients</span

We make your data available to the following recipients (in accordance with applicable legal regulations):

  1. our group companies;

  2. external service providers (e.g. IT service providers, etc. );

  3. Contractual partners (to the extent that the transfer results from such contracts, e.g. if you use our services as part of a contract that we have concluded with your employer);

  4. competent authorities, including tax authorities and courts (in Switzerland and abroad if we are legally obliged or entitled to do so or if it appears necessary to protect our interests);

  5. Legal and professional advisors, including legal representatives, accountants and auditors ;

  6. Transaction partners and advisors (e.g. in connection with mergers, acquisitions or other business transactions in which we or our affiliates are involved).

2.2 Cross-border transfer of data

We transfer your data to countries within the EEA or the United Kingdom and the following countries outside Switzerland or the EEA/UK, provided that (a) these countries ensure an adequate level of data protection as assessed by the relevant authority, (b) we ensure an adequate level of data protection based on appropriate safeguards, such as: B. the EU standard contractual clauses ("EU-SCC"), which have been adapted to Swiss law to the necessary extent ("CH-SCC"), or (c) the transfer is based on a statutory exception: [ ...] . To obtain a copy of the EU-SCC / CH-SCC, please contact us using the contact details provided in the Controller and Contact Information section.

 

3 .Storage periods and deletion

We process and store data for as long as our processing purposes, the legal retention periods and our legitimate interests in the documentation require and within the scope of what is technically feasible. Unless there are legal or contractual obligations to the contrary, we will delete or anonymize your data after the storage or processing period has expired. For specific uses/categories of data, we will generally retain your data as follows:

      • Website usage data: Website usage data is processed for as long as it is necessary to enable the desired access and to ensure the stability and integrity of the systems ensure.

      • Website analysis data: The website analysis data is stored as long as as necessary to carry out the analysis.

      • Cookies: Cookies are stored on your device for The period of time required to achieve the corresponding purpose and as further stated in the [Cookie Policy / Consent Management Tool].

      • Communication data: Communication data will be deleted after your request has been answered or completed. scht if and to the extent that (a) we are not legally obliged to store this data (e.g. for billing or document storage purposes) or (b) we do not have an overriding legitimate interest in storing this data for documentation, quality assurance or similar business purposes or to assess, assert or defend against legal claims.

      • Usage data: We generally keep the data for as long as how you access/obtain (or are authorized to access/access) our services and this data will be retained upon termination of your contractual relationship and/or deletion of your account deleted if and to the extent that (a) we are not legally obliged to retain this data (e.g. for billing or documentation purposes), or (b) we do not have an overriding legitimate interest in retaining this data for documentation purposes - , quality assurance or similar business purposes or to assess, assert or defend legal claims have.

      • Contractual data: We generally retain contractual data for the duration the limitation period for contractual claims, calculated from the end of the contractual relationship, if and to the extent (a) we are not legally obliged to retain this data for a longer period of time (e.g. for billing or receipt storage purposes) or (b) we do not have an overriding legitimate interest in retaining this data for documentation, quality assurance purposes. or similar business purposes or to assess, assert or defend legal claims have.

 

4 .Your rights as a data subject

As a data subject, you have the following rights:

      1. Information, i.e. h. You can request information from us as to whether we process data about you and, if so, you can request that further information be provided.

      2. Correction, i.e. h. You can ask us to correct or supplement your data if it is incorrect or incomplete.

      3. Deletion, i.e. h. You can request the deletion of your data. We will generally comply with a request for deletion unless we are legally obliged to retain it or have an overriding legitimate interest in retaining this data.

      4. contradiction, i.e. h. the right to object to the processing of your data based on our legitimate interest (GDPR 6.1.1.f) by explaining your particular reasons and specific circumstances on which your objection is based.

      5. to restrict editing, i.e. h. You can request that we temporarily restrict the processing of your data.

      6. Data portability, i.e. h. You can request that we provide you with the data that you have provided to us in electronic form (to the extent this is technically possible).

      7. To revoke your consent, i.e. h. You can revoke your consent if and to the extent that you have previously given your consent for a specific purpose of processing your data. This does not affect the lawfulness of the processing carried out before the withdrawal (or processing based on a legal basis other than your consent) and may result in us no longer being able to provide you with our services. nnen.

If you would like to exercise any of these rights, please contact Please contact us using the contact details provided in the Controller and Contact Information section. Before we respond to your request, we will ask you for proof of identity. This way we can ensure that your data is not passed on to unauthorized parties.

We would like to point out that your rights are subject to restrictions , which we can rely on in individual cases.

 

5 .Data security

We take appropriate technical and organizational security measures to protect your data from unauthorized persons access or unauthorized modification, distribution or destruction. Please note that these security measures cannot completely exclude the security risks associated with the processing of data.

 

6 .Complaints / supervisory authority

If you believe that the processing of your data violates applicable law If you violate data protection laws, you can file a complaint with the relevant data protection authority.

For the optics, Foto Rutz AG is the federal Data Protection and Public Information Officer (EDÖB), Feldeggweg 1, 3003 Bern, Switzerland (https:/ /www.edoeb.admin.ch). Depending on where you live, you also have the option of filing a complaint with the data protection authority where you live.

 

7 .Changes to this data protection declaration

This privacy policy is not part of a contract with you, and we can change them at any time. The version published on our website is the currently valid version.

Last updated: August 31, 2023</span

bottom of page