With this Data Protection Declaration we inform about the processing of personal data in connection with our website part.solutions and our other online offer.

For individual or additional offers and services, special, supplementary or further data protection declarations as well as other legal documents such as general terms and conditions (GTC), terms of use or conditions of participation may apply.

Our online offer is subject to Swiss data protection law as well as any applicable foreign data protection law, in particular that of the European Union (EU) with the General Data Protection Regulation (GDPR). The European Commission recognises that Swiss data protection law ensures an adequate level of data protection.

Contact

Responsibility for the online offer:

part.solutions GmbH
St. Gallerstrasse 49
Bau 3
9100 Herisau
Switzerland

 

1.1 Data Protection Officer

We have the following data protection officers as contact points for data subjects and as contact persons for supervisory authorities for data protection inquiries:

part.solutions GmbH, Valentin Thomann, St. Gallerstrasse 49, 9100 Herisau

Processing of personal data

 

2.1 Terms

Personal data is all information relating to an identified or identifiable person. A data subject is a person about whom personal data is processed. Processing includes any handling of personal data, regardless of the means and procedures used, the storage, disclosure, procurement, collection, deletion, storage, modification, destruction, and use of personal data.

2.2 Legal basis

We process personal data in accordance with Swiss data protection law, in particular the Federal Act on Data Protection (FADP) and  the Ordinance to the Federal Act on Data Protection (VDSG).

If and to the extent that the General Data Protection Regulation (GDPR) is applicable, we process personal data in accordance with at least one of the following legal bases:

Kind. 6 para. 1 lit. b GDPR for the necessary processing of personal data for the performance of a contract with the data subject and for the implementation of pre-contractual measures.

Kind. 6 para. 1 lit. f GDPR for the necessary processing of personal data in order to safeguard the legitimate interests of us or of third parties, unless the fundamental freedoms and fundamental rights as well as interests of the data subject prevail. Legitimate interests are in particular our interest in being able to provide our online offer permanently, user-friendly, securely and reliably and to advertise it if necessary, information security and protection against misuse and unauthorized use, the enforcement of our own legal claims and compliance with Swiss law.

Kind. 6 para. 1 lit. c GDPR for the necessary processing of personal data to fulfil a legal obligation to which we are subject in accordance with any applicable law of member states in the European Economic Area (EEA).

Kind. 6 para. 1 lit. e GDPR for the necessary processing of personal data for the performance of a task that is in the public interest.

Kind. 6 para. 1 lit. a GDPR for the processing of personal data with the consent of the data subject.

Kind. 6 para. 1 lit. d GDPR for the necessary processing of personal data in order to protect the vital interests of the data subject or another natural person.

2.3 Type, scope, and purpose

We process the personal data of our clients and suppliers that are necessary to provide our online offer permanently, user-friendly, securely and reliably. Such personal data may fall into the categories of inventory and contact data, content data, meta or marginal data as well as usage data, location data, contract data and payment data. We process personal data for the duration that is required for the respective purpose or purposes or by law. Personal data whose processing is no longer necessary will be anonymized or deleted.

In principle, we process personal data only with the consent of the data subject, unless the processing is permitted for other legal reasons, for example for the performance of a contract with the data subject and for corresponding pre-contractual measures to safeguard our overriding legitimate interests, because the processing is apparent from the circumstances or after prior information.

In this context, we process information that a data subject voluntarily and himself transmits to us when contacting us – for example by post, e-mail, contact form, social media or telephone – or when registering for a user account. We may store such information, for example, in an address book or with comparable tools. If you transmit personal data to us via third parties, you are obliged to ensure data protection vis-à-vis such third parties and to ensure the accuracy of such personal data. We also process personal data that we receive from third parties, obtain from publicly accessible sources, or collect when providing our online offer, if and to the extent that such processing is permissible for legal reasons.

 

2.4 Processing of personal data by third parties, including abroad

We may have personal data processed by third parties, in particular processors, or processed together with third parties and with the help of third parties or transmitted to third parties. Such third parties are in particular providers or suppliers whose services we use. We also guarantee adequate data protection for such third parties.

Such third parties are generally located in Switzerland and in the European Economic Area (EEA), including the European Union (EU) and the Principality of Liechtenstein. However, such third parties may also be located in other countries, provided that, in the opinion of the Federal Data Protection and Information Commissioner (FDPIC) and – if  and to the extent that the General Data Protection Regulation (GDPR) is applicable – in  the opinion of the European Commission – their data protection law  guarantees an adequate level of data protection, or if, for other reasons, such as a corresponding contractual agreement,  in particular on the basis of standard contractual clauses, or through appropriate certification, adequate data protection is guaranteed. For third parties in the United States of America (USA), certification under the Privacy Shield can ensure adequate data protection. Exceptionally, such a third party may be in a country without adequate data protection, provided that the data protection requirements, such as the explicit consent of the data subject, are met.

Rights of data subjects

Data subjects whose personal data we process have the rights under Swiss data protection law. This includes the right to information as well as the right to correction, deletion or blocking of the processed personal data.

Data subjects whose personal data we process may – if and to the extent that the General Data Protection Regulation (GDPR) is applicable – confirm free of charge whether we are processing their personal data and, if so, request information about the processing of their personal data, have the processing of their personal data restricted, exercise their right to data portability and correct, delete (“right to be forgotten”), block or complete their personal data.

Data subjects whose personal data we process can – if and to the extent that the GDPR is applicable – revoke their consent at any time with effect for the future and object to the processing of their personal data at any time.

Data subjects whose personal data we process have the right to lodge a complaint with a competent supervisory authority. The supervisory authority for data protection in Switzerland is the Federal Data Protection and Information Commissioner (FDPIC).

Data integrity

We take appropriate and appropriate technical and organizational measures to ensure data protection and, in particular, data security. However, despite such measures, the processing of personal data on the Internet can always have security gaps. Therefore, we cannot guarantee absolute data security.

Access to our online offer is via transport encryption (SSL / TLS with HTTPS).

Access to our online offer is subject – as in principle to all Internet use – to mass surveillance without cause and without suspicion as well as other surveillance by security authorities in Switzerland, the European Union (EU), the United States of America (USA) and other countries. We cannot directly influence the corresponding processing of personal data by secret services, police departments and other security authorities.

 

Use of the website

5.1 Cookies

We may use cookies for our website. Cookies – also from third parties whose services we use (third-party cookies) – are data in text form that are stored in your browser. Cookies cannot run programs or transmit malware such as Trojans and viruses.

Cookies can be stored temporarily in your browser as “session cookies” when you visit our website or as so-called permanent cookies for a certain period of time. “Session cookies” are automatically deleted when you close your browser. Permanent cookies make it possible to recognize your browser the next time you visit our website and, for example, to measure the reach of our website. However, permanent cookies can also be used, for example, for online marketing.

You can deactivate and delete cookies in whole or in part at any time in your browser settings. Without cookies, our online offer may no longer be fully available. We actively ask you – if and to the extent necessary – for your explicit consent for the use of cookies.

In the case of cookies used for measuring success and reach or for advertising, a general objection (“opt-out”) is possible for numerous services via the Network Advertising Initiative (NAI), YourAdChoices (Digital Advertising Alliance) or Your Online Choices (European Interactive Digital Advertising Alliance, EDAA).

5.2 Server log files

We may collect the following information for each access to our website, provided that it is transmitted by your browser to our server infrastructure or can be determined by our web server: date and time including time zone, Internet Protocol (IP) address, access status (HTTP status code), operating system including user interface and version, browser including language and version, individual page of our website accessed including transmitted  Amount of data, last website accessed in the same browser window (referrer).

We store such information, which can also represent personal data, in server log files. The information is required in order to provide our online offer permanently, user-friendly and reliably as well as to ensure data security and thus in particular the protection of personal data – also by third parties or with the help of third parties.

6.1 Performance measurement and range measurement

Notifications and messages can contain web links or web beacons that record whether an individual message has been opened and which web links have been clicked. Such web links and web beacons may also record the use of notifications and communications on a personal basis. We need this statistical recording of usage for measuring success and reach in order to be able to offer notifications and messages based on the needs and reading habits of the recipients effectively and user-friendly as well as permanently, securely and reliably.

6.2 Consent and objection

In principle, you must expressly consent to the use of your e-mail address and your other contact addresses, unless the use is permitted for other legal reasons. For any consent to receive e-mails, we use “double opt-in”, i.e., you will receive an e-mail with a web link that you must click to confirm so that no misuse by unauthorized third parties can take place. We may log such consents, including Internet Protocol (IP) address, date and time for evidentiary and security purposes.

In principle, you can unsubscribe from notifications and communications such as newsletters at any time. We reserve the right to receive notifications and messages that are absolutely necessary for our online offer. By unsubscribing, you can in particular object to the statistical recording of usage for performance and range measurement.

 

6.3 Service providers for notifications and communications

We may have notifications and communications sent by service providers or sent with the help of service providers. We also guarantee adequate data protection for such service providers.

Social Media

We are present on social media platforms and other online platforms in order to communicate with interested persons and to inform them about our online offer. Personal data may also be processed outside Switzerland and the European Economic Area (EEA), including the European Union (EU) and the Principality of Liechtenstein.

The General Terms and Conditions (GTC), data protection declarations and other provisions of the individual operators of such online platforms also apply. These provisions provide information about the rights of data subjects, including in particular the right of access.

For our social media presence on Facebook, Instagram, and LinkedIn, if and to the extent that the GDPR is applicable, we are jointly responsible for the so-called page insights together with the respective operating companies. Page Insight provides insight into how visitors interact with our presence on Facebook, Instagram, and LinkedIn. We use page insights to provide our social media presences effectively and user-friendly. All social media operators have published information on Page Insights data as  well as an addendum regarding responsibility for Page Insights.

Users of social media platforms have the option of logging in or registering for our online offer with their corresponding user account (“Social Login”). The respective terms and conditions of the respective social media platforms apply, such as general terms and conditions (GTC), data protection declarations or terms of use.

 

Third Party Services

We may use third-party services to provide our online offer permanently, user-friendly, secure and reliable. Such services also serve to embed content in our online offer. Such services – such as hosting and storage services, video services and payment services – require your Internet Protocol (IP) address, otherwise such services cannot transmit the corresponding content. Such services may be located outside Switzerland and the European Economic Area (EEA), including the European Union (EU) and the Principality of Liechtenstein, provided that adequate data protection is guaranteed.

For their own security-relevant, statistical and technical purposes, third parties whose services we use may also process aggregated, anonymized or pseudonymized data in connection with our online offer and from other sources – including cookies, log files and tracking pixels. Such data is not used to reach data subjects directly in connection with our online offer.

 

8.1 Social Media Features and Social Media Content

 

8.1.1 AddThis

We use AddThis to enable you to share content from our online offer on social media and other online platforms and to use other social media functions. Cookies are also used. AddThis is a service of the American Oracle Corporation. Social media and other online platforms where you are logged in as a user can assign the use of our online offer to your profile.

Further information on the type, scope and purpose of data processing can be found in the AddThis Privacy Policy and in the General Data Protection Declaration of Oracle. In addition, it is possible to inform yourself about cookies and web beacons at AddThis and  Oracle for advertising interests as well as to object to interest-based advertising.

If you do not wish to receive emails from people who share content with AddThis via email, you can opt out of emails via AddThis.

 

8.1.2 Facebook, Instagram, LinkedIn

We use social plugins from Facebook, Instagram, and LinkedIn to embed functions and content of these services into our website. Such functions are, for example, «Like» or «Share». Cookies are also used. Further information can be found on the page about “Social plug-ins” of Facebook, Instagram and LinkedIn.

The social plugins are an offer of Facebook Ireland Ltd. in Ireland, or the American Facebook Inc. and LinkedIn Inc. based in Sunnyvale, California. If you are logged in as a user on Facebook, Instagram or LinkedIn, the respective service can assign the use of our online offer to your profile. Further information on the type, scope and purpose of data processing can be found in the respective data guidelines.

8.2 Maps

We use Google Maps to embed maps into our website. Cookies are also used. Google Maps is a service of the American Google LLC. The Irish Google Ireland Limited is responsible for users in the European Economic Area (EEA) and Switzerland  . Further information on the type, scope and purpose of data processing can be found  in the principles for data protection and security and in  Google’s privacy policy, in the guide to data protection in Google products  (including Google Maps),  in the information on how Google uses data from websites on which Google services are used and in the information about cookies on Google  . It is also possible to object to personalized advertising.

8.3 Entertainment

We use YouTube to embed videos into our website. Cookies are also used. YouTube is a service of the American Google LLC. The Irish Google Ireland Limited is responsible for users in the European Economic Area (EEA) and Switzerland. Further information on the type, scope and purpose of data processing can be found  in the principles for data protection and security and in  Google’s privacy policy, in the guide to data protection in Google products  (including YouTube),  in the information on how Google uses data from websites on which Google services are used and in the information about cookies at Google.  . It is also possible to object to personalized advertising.

8.4 Documents

The documents transferred to us by our clients and suppliers are processed in-house. To protect your personal data held by us against unauthorized access and misuse, we have taken extensive technical and operational security precautions. Our security procedures to protect against damage, destruction or unauthorized access are regularly reviewed and adapted to technological progress. Contract, order, and other texts required for order transmission, review and processing are managed in a protected area. We reserve the right to delete data that has been transmitted to us and forwarded or processed by us if it contains in any form data of third parties who have not been fully informed about the transfer or have consented to it.

8.5 Measuring success and reach

8.5.1 Google Analytics

We use Google Analytics to analyze how our website is used, whereby we may also measure, for example, the reach of our website and the success of third-party links to our website. It is a service of the American Google LLC. The Irish Google Ireland Limited is responsible for users in the European Economic Area (EEA) and Switzerland.

Google also tries to record individual visitors to our website if they use different browsers or devices (cross-device tracking). Cookies are also used. Google Analytics requires your Internet Protocol (IP) address, but it will not be merged with other Google data.

In any case, we have your Internet Protocol (IP) address anonymized by Google before analysis. As a result, your full IP address will not be transmitted to Google in the USA.

8.6 Advertising

We use Facebook Ads to be able to advertise our online offer on Facebook. Facebook Ads is an offer of Facebook Ireland Ltd. in Ireland, or the American Facebook Inc. Facebook Ads also uses cookies.

With such advertising, we would like to reach people who are interested in our online offer or already use our online offer. For this purpose, we transmit corresponding – possibly also personal – information to Facebook (Custom Audiences including Lookalike Audiences), with the so-called Facebook pixel. We can also determine whether our advertising is successful, i.e., whether it leads to visits to our website (conversion tracking).

Further information on the type, scope and purpose of data processing can be found in Facebook’s data policy. In addition, Facebook users can use advertising preferences to  influence which advertisements they see on Facebook and which advertisements are displayed to them on Facebook in the future. We use various services such as Google Ads (formerly AdWords), Google AdSense or advertising services of the above-mentioned Facebook Inc. and LinkedIn Inc. in order to be able to advertise our online offer on the Google search engine and elsewhere on the Internet, for example on other websites, among other things on the basis of search queries.  Further information on the type, scope and purpose of data processing can be found  in the principles for data protection and security and  in  the data protection declaration of Google, Facebook and LinkedIn, which you can view via the corresponding portals. On the corresponding portals, you also have the option  of objecting to personalized advertising or remedying it by changing your cookie preferences.

 

Final provisions

We may amend and supplement this Data Protection Declaration at any time. We will inform about such adjustments and additions in an appropriate form, in particular by publishing the current data protection declaration on our website.