Data Protection Statement
of Almandin Tec AG
- Almandin Tec AG, a Swiss corporation with its place of business in Rüschlikon, Switzerland ("we", "our" or "us"), is the provider of the website www.olloworld.com and other websites and mobile applications with similar contents (together the "Platform"). Data protection is important to us.
- This data protection statement (the "Data Protection Statement") describes particularly how we handle personal data, namely concerning the collection, storage and usage thereof. Furthermore, it sets forth how collected personal data may be examined, corrected or deleted.
- If you ("you", "your" or "yours") provide us with personal data of other persons (such as family members, work colleagues, friends or persons you do not know yet), please make sure the respective persons are aware of this Data Protection Statement and only provide us with their data if you are allowed to do so and such personal data is correct.
- Controller, Data protection Officer and Representative
- The "controller" of data processing as described in this data protection statement (i.e. the responsible person) is Almandin Tec unless we have informed you differently in certain cases. You can notify us of any data protection related concerns using the following contact details: Almandin Tec AG, Rüschlikon, Switzerland, firstname.lastname@example.org.
- Acceptance and Amendment of this Data Protection Statement
- By either visiting our Platform or registering with us, you ("you" or "your") accept to be bound to and expressly consent to this Data Protection Statement.
- We reserve the right to modify this Data Protection Statement at any time, at our discretion, without giving reasons. We will give due notice of any modifications of the Data Protection Statement on our Platform.
- If you have given us your consent to process your personal data for certain purposes (for example when registering to receive newsletters or carrying out a background check), we will process your personal data within the scope of and based on this consent, unless we have another legal basis, provided that we require one. Consent given can be withdrawn at any time, but this does not affect data processed prior to withdrawal.
- Collection and Processing of Personal Data
- We collect the following personal data of the users of our Platform:
Information You Give Us: We receive and store any information you provide on our Platform or give us in any other way. You can choose not to provide certain information, but then you might not be able to take advantage of many of our features or functions.
Information Clearly Indicated: We may collect personal data which is clearly indicated on our Platform.
Automatic Information: We receive and store certain types of information whenever you interact with us. For example, we use "cookies" and we obtain certain types of information when your web browser accesses our Platform. Moreover, we may use Google Analytics or similar services for purposes of web analytics as well as social media plugins. Further information about automatic information can be found under Section 6 ff. below.
Mobile: When you download or use applications created by us and, where applicable, have requested or consented to location services, we may receive information about your location and your mobile device, including a unique identifier for your device. We may use this information to provide you with location-based services, such as search results, and other personalised content. Most mobile devices allow you to turn off location services. Further information about mobile can be found under Section 9 below.
Email Communications: To help us make emails more useful and interesting, we often receive a confirmation when you open emails from us if your computer supports such capabilities. We may also compare our customer list to lists received from other companies in an effort to avoid sending unnecessary messages to our customers.
Information from Other Sources: We might receive information about you from other sources and add it to our account information, if any. We reserve the right to obtain information on your payment behaviour from third parties (e.g. mail-order companies, credit agencies) to offer you certain payment methods (e.g. payment on account) or other financial services.
- Purpose of Data Processing
- We may use personal data collected according to this Data Protection Statement as follows:
in order to create and manage user accounts;
in order to improve our services;
for marketing purposes, i.e. particularly in order to understand better the needs of the users;
in order to confirm addresses that you provide on the Platform, and that may be shared with an address verification vendor for accuracy, and which the vendor may keep on file;
in order to update your address information maintained in your online account;
in order to perform the services on our Platform and the obligations to be performed by us according to our agreements with you;
in order to collect and process payments made by you;
in order to comply with administrative, tax, investigative or other audit requirements or any other legal or regulatory disclosure requirements;
in order to resolve disputes, collect fees and troubleshoot problems;
for other purposes which are clearly indicated on our Platform.
- Further purposes of data processing are set out in other Sections of this Data Protection Statement.
- Only those employees of us shall have access to your personal data who must know this data. Under no circumstances we will sell or market your personal data to third parties unless otherwise provided in this Privacy Statement.
- Cookies and other Automatic Information
- If you visit our Platform, small files may be saved automatically on your computer. This occurs by means of so-called "cookies" or similar files which help us in various aspects, e.g. in order to learn about the preferences of our users and to improve our Platform.
- Examples of the information we collect and analyse include: The Internet protocol (IP) address used to connect your computer to the Internet; confirmations of receipt and read confirmations regarding emails; login; email address; password; computer and connection information such as browser type and version; and time zone setting, browser plug-in types and versions; operating system and platform; visiting history; the full Uniform Resource Locators (URL) clickstream to, through and from our website (including date and time); cookie number; products or services you viewed or searched for.
- We may also collect technical information to help us identify your device for fraud prevention and diagnostic purposes.
- With most browsers, you are able to erase cookies from your computer or block them. Reference is made to your browser instructions to learn more about these functions. However, doing so may impact your use of the Platform.
- Website Analysis
- We use third party service providers such as Google Inc. to assist us in better understanding the use of our Platform. We may e.g. use Google Analytics.
- Our service providers will place cookies on your computer and will receive information that we select that will educate us on such things as how visitors navigate around our Platform, what products are browsed and general purchasing information.
- Our service providers analyses this information and provides us with aggregate reports. The information and analysis provided by our service providers will be used to assist us in better understanding our visitors’ interests in our Platform and how to better serve those interests.
- The information collected by our service providers may be transferred to other countries such as the U.S. Moreover, we may link to and combine such information with information that we collect about you while you are visiting our Platform.
- You can prevent cookies from being saved through a setting in your browser.
- Social Media Plugins
- We may use so-called social plugins of third party providers on our Platform (such us Facebook, Twitter and Google+). These social plugins allow the visitors of our Platform to share contents with other users of social networks.
- In case a social plugin is visible on a website (e.g. the “like-button” of Facebook) a connection to the server of the provider of this website will be established automatically. Data on the visit of our Platform may be transmitted to the respective third party provider. It the visitor of our Platform is also registered with the third party provider, the visit on our Platform may be related to the account of the visitor concerning its respective social network (e.g. its Facebook-account).
- We cannot influence the extent and way of data transfer due to a social media plugin. Information about the purpose and extent of the collection and use of data as well as your rights and possibilities of modification in order to protect your privacy can be found on the website of the respective third party provider.
- Most mobile devices provide users with the ability to disable location services.
- If you have questions about how to disable your device's location services, we recommend you contact your mobile service carrier or your device manufacturer.
- Direct Marketing
- We may from time to time process your personal information to send you marketing email about our products. In this case your prior consent is required. These emails may contain features that help us make sure you received and were able to open the message.
- You may opt out of receiving such marketing email messages at any time and free of charge.
- Transfer of Data to Third Parties in Switzerland and Abroad
- In the context of our business activities and in line with the purposes of the data processing set out in this Data Protection Statement, we may transfer data to third parties, insofar as such a transfer is permitted and we deem it appropriate, in order for them to process data for us or, as the case may be, their own purposes. In particular, the following categories of recipients may be concerned (together the “Recepients”):
our service providers (such as e.g. banks, insurances), including processors (such as e.g. IT providers);
dealers, suppliers, subcontractors and other business partners;
domestic and foreign authorities or courts;
the public, including users of our websites and social media;
competitors, industry organizations, associations, organizations and other bodies;
acquirers or parties interested in the acquisition of us;
other parties in possible or pending legal proceedings;
- Certain Recipients may be within Switzerland, but they may also be located in any country worldwide. In particular, you must anticipate your data to be transmitted to the USA where some of our service providers may be located (such as Google, Amazon, Salesforce.com or other CRM System, Expedia).
- If we transfer data to a country without adequate legal data protection, we ensure an appropriate level of protection as legally required by way of using appropriate contracts (in particular on the basis of the standard contract clauses of the European Commission) or binding corporate rules or we rely on the statutory exceptions of consent, performance of contracts, the establishment, exercise or enforcement of legal claims, overriding public interests, published personal data or because it is necessary to protect the integrity of the persons concerned.
- You can obtain a copy of the mentioned contractual guarantees at any time from the contact person named under Section 1 above. However, we reserve the right to redact copies for data protection reasons or reasons of secrecy or to produces excerpts only.
- Retention Periods for your Personal Data
- We process and retain your personal data as long as required for the performance of our contractual obligation and compliance with legal obligations or other purposes pursued with the processing, i.e. for the duration of the entire business relationship (from the initiation, during the performance of the contract until it is terminated) as well as beyond this duration in accordance with legal retention and documentation obligations.
- Personal data may be retained for the period during which claims can be asserted against our company or insofar as we are otherwise legally obliged to do so or if legitimate business interests require further retention (e.g., for evidence and documentation purposes).
- As soon as your personal data are no longer required for the above-mentioned purposes, they will be deleted or anonymised, to the extent possible. In general, shorter retention periods of no more than twelve months apply for operational data (e.g., system logs).
- We have taken appropriate technical and organisational security measures to protect your personal data from unauthorised access and misuse such as internal policies, training, IT and network security solutions, access controls and restrictions, encryption of data carriers and transmissions, pseudonomsations, inspections.
- You can be assured that your personal information and account information is reasonably secure on our Platform. We employ encryption technology (SSL) in all parts of our Platform that require you to provide your login credentials, financial or credit card information. The personally identifiable information we collect is stored in secure operating environments that are not available to the public. Credit card information is encrypted. All the information we collect and store is protected by l by the providers firewall. Also, any information we store at our business is kept physically secure, and only designated employees may obtain access to it. However, “perfect security” does not exist on the Internet.
- While we strive to protect your personally identifiable information, we cannot ensure or warrant the security of any information you transmit to us or from our online products or services, and you do so at your own risk. Once we receive your transmission, we make reasonable efforts to ensure its security on our systems.
- Obligation to Provide Personal Data to Us
- In the context of our business relationship you must provide us with any personal data that is necessary for the conclusion and performance of a business relationship and the performance of our contractual obligations (as a rule, there is no statutory requirement to provide us with data). Without this information, we will usually not be able to enter into or carry out the Agreement with you (or the entity or person you represent).
- In addition, the website cannot be used unless certain information is disclosed to enable data traffic (e.g. IP address).
- We may partially process your personal data automatically with the aim of evaluating certain personal aspects (profiling). In particular, profiling allows us to inform and advise you about products possibly relevant for you more accurately. For this purpose, we may use evaluation tools that enable us to communicate with you and advertise you as required, including market and opinion research.
- Your Rights
- In accordance with and as far as provided by applicable law (as is the case where the GDPR is applicable), you have the right to access, rectification and erasure of your personal data, the right to restriction of processing or to object to our data processing in addition to right to receive certain personal data for transfer to another controller (data portability). Please note, however, that we reserve the right to enforce statutory restrictions on our part, for example if we are obliged to retain or process certain data, have an overriding interest (insofar as we may invoke such interests) or need the data for asserting claims.
- If exercising certain rights will incur costs on you, we will notify you thereof in advance. We have already informed you of the possibility to withdraw consent in Section 3 above.
- Please further note that the exercise of these rights may be in conflict with your contractual obligations and this may result in consequences such as premature contract termination or involve costs. If this is the case, we will inform you in advance unless it has already been contractually agreed upon.
- In general, exercising these rights requires that you are able to prove your identity (e.g., by a copy of identification documents where your identity is not evident otherwise or can be verified in another way). In order to assert these rights, please contact us at the addresses provided in Section 2 above.
- In addition, every data subject has the right to enforce his/her rights in court or to lodge a complaint with the competent data protection authority. The competent data protection authority of Switzerland is the Federal Data Protection and Information Commissioner (http://www.edoeb.admin.ch).
- Accessibility of this Data Protection Statement
This Data Protection Statement is accessible on our Platform. You can access, download save and print it out for your convenience.
Version dated 19.6.2019