Privacy Policy
1. Contact Addresses
Responsibility for the processing of personal data:
Norbert Kathriner
Bächtelenweg 73
3084 Wabern bei Bern
info@norbert-kathriner.ch
We will point out if there are other responsible parties for the processing of personal data in individual cases.
2. Terms and Legal Bases
2.1 Terms
Personal data is all information relating to an identified or identifiable person. A data subject is a person about whom personal data is processed.
Processing includes any handling of personal data, regardless of the means and procedures used, in particular the retention, disclosure, procurement, collection, deletion, storage, modification, destruction and use of personal data.
The European Economic Area (EEA) comprises the member states of the European Union (EU) as well as the Principality of Liechtenstein, Iceland and Norway. The General Data Protection Regulation (GDPR) refers to the processing of personal data as processing of personal data.
2.2 Legal bases
We process personal data in accordance with Swiss data protection law, in particular the Federal Act on Data Protection (FADP) and the Ordinance to the Federal Act on Data Protection (OFADP).
We process – if and to the extent that the General Data Protection Regulation (GDPR) is applicable – personal data in accordance with at least one of the following legal bases:
- Art. 6 para. 1 lit. b GDPR for the necessary processing of personal data for the performance of a contract with the data subject and for the implementation of pre-contractual measures.
- Art. 6 para. 1 lit. f GDPR for the necessary processing of personal data to protect the legitimate interests of us or third parties, unless the fundamental freedoms and rights and interests of the data subject prevail. Legitimate interests are, in particular, our interest in being able to provide our offer on a permanent, user-friendly, secure and reliable basis and to be able to advertise it if necessary, information security and protection against misuse and unauthorized use, the enforcement of our own legal claims and compliance with Swiss law.
- Art. 6 para. 1 lit. c GDPR for the necessary processing of personal data for the fulfillment of a legal obligation to which we are subject under any applicable law of member states in the European Economic Area (EEA).
- Art. 6 para. 1 lit. e GDPR for the necessary processing of personal data for the performance of a task carried out in the public interest.
- Art. 6 para. 1 lit. a GDPR for the processing of personal data with the consent of the data subject.
- Art. 6 para. 1 lit. d GDPR for the necessary processing of personal data to protect the vital interests of the data subject or another natural person.
3. Nature, Scope and Purpose
We process the personal data that is required to provide our offer on a permanent, user-friendly, secure and reliable basis. Such personal data may fall in particular into the categories of inventory and contact data, browser and device data, content data, meta or marginal data and usage data, location data, sales, contract and payment data.
We process personal data for the period of time that is required for the respective purpose(s) or by law. Personal data that is no longer required to be processed will be anonymized or deleted. Individuals whose data we process generally have a right to erasure.
We may have personal data processed by third parties. We may process personal data jointly with third parties or transfer it to third parties. Such third parties are in particular specialized providers whose services we use. We also ensure adequate data protection for such third parties.
We process personal data only after the data subject has given their consent, unless the processing is permitted for other legal reasons, for example to fulfill a contract with the data subject and for corresponding pre-contractual measures, to protect our overriding legitimate interests, because the processing is evident from the circumstances or after prior information.
In this context, we process in particular information that a data subject voluntarily and independently transmits to us when contacting us – for example by post, e-mail, instant messaging, contact form, social media or telephone – or when registering for a user account. We may store such information, for example, in an address book or with comparable tools. If you transmit personal data about third parties to us, you are obliged to ensure data protection vis-à-vis such third parties and to ensure the accuracy of such personal data.
We also process personal data that we receive from third parties, obtain from publicly accessible sources or collect when providing our offer, if and to the extent that such processing is permitted for legal reasons.
4. Applications
We process personal data about applicants to the extent that it is necessary for assessing their suitability for an employment relationship or for the subsequent execution of an employment contract. The required personal data results in particular from the information requested, for example in the context of a job advertisement. We also process the personal data that applicants voluntarily provide, in particular as part of cover letters, resumes and other application documents.
5. Personal Data Abroad
We process personal data primarily in Switzerland and the European Economic Area (EEA). However, we may also export or transfer personal data to other countries, in particular to process it there or have it processed.
We may export personal data to all countries and territories on Earth and elsewhere in the universe, provided that the law there, according to the assessment of the Federal Data Protection and Information Commissioner (FDPIC) or according to a decision of the Swiss Federal Council, ensures an adequate level of data protection and – if and to the extent that the General Data Protection Regulation (GDPR) is applicable – according to a decision of the European Commission, ensures an adequate level of data protection.
We may transfer personal data to countries whose law does not ensure an adequate level of data protection, provided that data protection is ensured for other reasons, in particular through suitable guarantees in the form of standard data protection clauses. As an exception, we may export personal data to countries without adequate or suitable data protection if the special data protection requirements are met, for example the express consent of the data subjects.
6. Rights of Data Subjects
Data subjects whose personal data we process have the rights under Swiss data protection law. These include the right to information and the right to rectification, erasure or blocking of the processed personal data.
Data subjects whose personal data we process may – if and to the extent that the General Data Protection Regulation (GDPR) is applicable – request free of charge confirmation as to whether we are processing their personal data and, if so, request information about the processing of their personal data, restrict the processing of their personal data, exercise their right to data portability and have their personal data rectified, erased («right to be forgotten»), blocked or completed.
Data subjects whose personal data we process may – if and to the extent that the GDPR is applicable – revoke their consent at any time with effect for the future and object to the processing of their personal data at any time.
Data subjects whose personal data we process have the right to lodge a complaint with a competent supervisory authority. The supervisory authority for data protection in Switzerland is the Federal Data Protection and Information Commissioner (FDPIC).
7. Data Security
We take reasonable and appropriate technical and organizational measures to ensure data protection and in particular data security. However, the processing of personal data on the Internet may always have security vulnerabilities despite such measures. We can therefore not guarantee absolute data security.
Access to our online offer is via transport encryption (SSL / TLS, in particular with the Hypertext Transfer Protocol Secure, abbreviated HTTPS). Most browsers indicate transport encryption with a padlock in the address bar.
Access to our online offer is subject – like any Internet use – to mass surveillance without cause or suspicion and other surveillance by security authorities in Switzerland, in the European Union (EU), in the United States of America (USA) and in other countries. We have no direct influence on the corresponding processing of personal data by intelligence agencies, police agencies and other security authorities.
8. Use of the Website
8.1 Cookies
We may use cookies. Cookies – both our own cookies (first-party cookies) and cookies from third parties whose services we use (third-party cookies) – are data that is stored in your browser. Such stored data does not have to be limited to traditional cookies in text form. Cookies cannot execute programs or transmit malware such as Trojans and viruses.
Cookies can be stored temporarily as «session cookies» or for a certain period of time as so-called permanent cookies when you visit your browser. «Session cookies» are automatically deleted when you close your browser. Permanent cookies have a certain storage period. Cookies make it possible in particular to recognize your browser the next time you visit our website and thereby, for example, to measure the reach of our website. However, permanent cookies can also be used, for example, for online marketing.
You can deactivate and delete cookies completely or partially in your browser settings at any time. Without cookies, our website may no longer be available to its full extent. We ask you – if and to the extent necessary – to actively give your express consent for the use of cookies.
For cookies that are used for measuring success and reach or for advertising, a general objection («opt-out») is possible for numerous services via AdChoices (Digital Advertising Alliance of Canada), the Network Advertising Initiative (NAI), YourAdChoices (Digital Advertising Alliance) or Your Online Choices (European Interactive Digital Advertising Alliance, EDAA).
8.2 Server Log Files
We may collect the following information for each access to our website, provided that it is transmitted from your browser to our server infrastructure or can be determined by our web server: date and time including time zone, Internet Protocol (IP) address, access status (HTTP status code), operating system including user interface and version, browser including language and version, accessed individual sub-page of our website including transmitted data volume, last website accessed in the same browser window (referer or referrer).
We store such information, which may also constitute personal data, in server log files. The information is required to provide our online offer on a permanent, user-friendly and reliable basis and to ensure data security and thus in particular the protection of personal data – also by third parties or with the help of third parties.
9. Social Media
We are present on social media platforms and other online platforms in order to communicate with interested people and to inform them about our offer. Personal data may also be processed outside of Switzerland and the European Economic Area (EEA).
The general terms and conditions (GTC) and terms of use as well as data protection declarations and other provisions of the individual operators of such online platforms also apply. These provisions provide information in particular about the rights of data subjects, which include, for example, the right to information.
10. Services of Third Parties
We use services from third parties to be able to provide our offer on a permanent, user-friendly, secure and reliable basis. Such services can also be used to embed content in our website. Such services require your Internet Protocol (IP) address, as such services cannot otherwise transmit the corresponding content.
For their own security-relevant, statistical and technical purposes, third parties whose services we use may also process data in connection with our offer and from other sources – including with cookies, log files and tracking pixels – in aggregated, anonymized or pseudonymized form.
We use in particular:
- Google services: Providers: Google LLC (USA) / Google Ireland Limited (Ireland) for users in the European Economic Area (EEA) and in Switzerland; General information on data protection: «Principles on data protection and security», Privacy Policy, «Google is committed to complying with applicable data protection laws», «Guide to data protection in Google products», «How we use data from websites or apps on or in which our services are used» (information from Google), «Types of cookies and other technologies used by Google», «Personalized advertising» (activation / deactivation / settings).
10.1 Digital Infrastructure
We use services from third parties to be able to use the required digital infrastructure for our offer. These include, for example, hosting and storage services from specialized providers.
We use in particular:
- Cloudflare: Content Delivery Network (CDN); Cloudflare Inc. (USA); Information on data protection: «Data protection», Privacy Policy, Cookie Policy.
- Cyon: Hosting; Provider: Cyon GmbH (Switzerland); Information on data protection: «Data protection», Privacy Policy.
- WordPress.com: Blog hosting and website builder; Providers: Automattic Inc. (USA) / Aut O’Mattic A8C Ireland Ltd. (Ireland) for users in Europe, among others.
10.2 Social Media Features and Social Media Content
We use services and plugins from third parties to embed functions and content from social media platforms and to enable the sharing of content on social media platforms and in other ways.
We use in particular:
- Facebook (Social Plugins): Embedding of Facebook functions and Facebook content, for example «Like» or «Share»; Providers: Meta Platforms Ireland Limited (Ireland) and other Meta companies (including in the USA); Information on data protection: Privacy Policy.
- LinkedIn Consumer Solutions Platform: Embedding functions and content from LinkedIn, for example with plugins such as the «Share Plugin»; Providers: LinkedIn Ireland Unlimited Company (Ireland) for users in the European Economic Area (EEA) and in Switzerland / LinkedIn Corporation USA) for users in the rest of the world; Information on data protection: «Privacy», Privacy Policy, Cookie Policy, Cookie Management / Objection to e-mail and SMS communication from LinkedIn, Objection to interest-based advertising.
- Twitter for Websites: Embedding functions and content from Twitter, for example to display tweets; Providers: Twitter International Company (Ireland) for users in the European Economic Area (EEA) and in Great Britain / Twitter Inc. (USA) for users in the rest of the world; Information on data protection: Privacy Policy, «Twitter for Websites – Information on ads and data protection», «How we use cookies and similar technologies», «Personalization based on inferred identity», «Privacy settings for personalized ads».
10.3 Fonts
We use Google Fonts to embed selected fonts into our website. No cookies are used in the process. This is a service provided by the American Google LLC, which is offered independently of other Google services. Google Ireland Limited, based in Ireland, is responsible for users in the European Economic Area (EEA) and Switzerland. Further information on the type, scope and purpose of data processing can be found in Google’s Privacy and Security Principles and Privacy Policy.
11. Extensions for the website
We use extensions for our website in order to be able to use additional functions.
We use in particular:
- Google reCAPTCHA: Spam protection (differentiation between desired comments from humans and unwanted comments from bots and spam); Google reCAPTCHA-specific information on data protection: «What is reCAPTCHA?».
12. Success and reach measurement
We use services and programs to determine how our online offering is used. In this context, we can, for example, measure the success and reach of our online offering and the effect of third-party links on our website. However, we can also try out and compare how different versions of our online offering or parts of our online offering are used («A/B test» method). Based on the results of the success and reach measurement, we can in particular fix errors, strengthen particularly popular content or make improvements to our online offering.
When using services and programs for success and reach measurement, the Internet Protocol (IP) addresses of individual users must be stored. IP addresses are always shortened in order to follow the principle of data economy through the corresponding pseudonymization and to improve the data protection of visitors to our website («IP masking»).
When using services and programs for success and reach measurement, cookies can be used and user profiles can be created. User profiles include, for example, the pages visited or content viewed on our website, information on the size of the screen or browser window and the – at least approximate – location. In principle, user profiles are created exclusively in pseudonymized form. We do not use user profiles to identify individual visitors to our website. Individual services in which you are registered as a user may be able to assign the use of our online offering to your profile with the respective service, whereby you usually had to give your consent to this assignment in advance.
We use in particular:
- Matomo: Success and reach measurement; Provider: Matomo (free open source software); Information on data protection: Use on own server infrastructure and with pseudonymized Internet Protocol (IP) addresses, «List of all Matomo Features».
13. Final provisions
We can adapt and supplement this privacy policy at any time. We will inform you about such adaptations and additions in a suitable form, in particular by publishing the current privacy policy on our website.