With this privacy policy, we inform you about which personal data we process in connection with our activities and operations, including our website Craft CMS Monitoring. We specifically inform you about why, how, and where we process which personal data. We also inform you about the rights of individuals whose data we process.
For certain or additional activities and operations, other privacy policies as well as legal documents such as general terms and conditions (GTC), terms of use, or participation conditions may apply.
We are subject to Swiss data protection law and, if applicable, foreign data protection law, particularly that of the European Union (EU) with the General Data Protection Regulation (GDPR). The European Commission recognizes that Swiss data protection law provides adequate data protection.
Responsibility for data processing:
Craft CMS Monitoring
Aachstrasse 11
9327 Tübach
Switzerland
We inform you if there are other controllers for data processing in individual cases.
Personal data are all information about a specific or identifiable natural person. A data subject is a person about whom we process personal data.
Processing includes any handling of personal data, regardless of the means and procedures used, such as querying, comparing, adapting, archiving, storing, reading, disclosing, collecting, erasing, making available, organizing, and using personal data.
The European Economic Area (EEA) includes the Member States of the European Union (EU) as well as the Principality of Liechtenstein, Iceland, and Norway. The General Data Protection Regulation (GDPR) refers to the processing of personal data as the processing of personal data.
We process personal data in accordance with Swiss data protection law, in particular the Federal Act on Data Protection (Data Protection Act, DPA) and the Ordinance on Data Protection (Data Protection Ordinance, DPO).
We process – to the extent and as long as the General Data Protection Regulation (GDPR) is applicable – personal data in accordance with at least one of the following legal bases:
We process the personal data that is necessary to carry out our activities and operations in a sustainable, user-friendly, secure, and reliable manner. Such personal data may particularly fall into the categories of inventory and contact data, browser and device data, content data, metadata or peripheral data, usage data, location data, sales data, as well as contract and payment data.
We process personal data for the duration necessary for the respective purpose(s) or as required by law. Personal data that is no longer needed will be anonymized or deleted.
We may have personal data processed by third parties. We may process personal data jointly with third parties or transfer it to third parties. Such third parties primarily include specialized service providers whose services we use. We ensure data protection even with such third parties.
We generally process personal data only with the consent of the individuals concerned. If and insofar as processing is permissible for other legal reasons, we may forgo obtaining consent. For example, we may process personal data without consent to fulfill a contract, meet legal obligations, or protect overriding interests.
In this context, we particularly process information that an individual voluntarily provides when contacting us – for example, via postal mail, email, instant messaging, contact form, social media, or phone – or when registering for a user account. We may store such information in an address book, a customer relationship management system (CRM system), or similar tools. If we receive data about other individuals, the persons providing such data are obligated to ensure data protection for those individuals and to guarantee the accuracy of the personal data.
We also process personal data that we receive from third parties, obtain from publicly accessible sources, or collect in the course of our activities and operations, provided that such processing is legally permissible.
We primarily process personal data in Switzerland and the European Economic Area (EEA). However, we may also export or transfer personal data to other countries, particularly for processing or having it processed there.
We may export personal data to all countries and territories on Earth as well as elsewhere in the universe, provided that the legal framework in those locations ensures adequate data protection in accordance with the decision of the Swiss Federal Council and – where the General Data Protection Regulation (GDPR) applies – in accordance with the decision of the European Commission.
We may transfer personal data to countries whose legal systems do not guarantee adequate data protection, provided that data protection is ensured by other means, particularly based on standard data protection clauses or other appropriate safeguards. In exceptional cases, we may export personal data to countries without adequate or appropriate data protection if special data protection conditions are met, such as the explicit consent of the individuals concerned or a direct connection with the conclusion or execution of a contract. Upon request, we are happy to provide information about any applicable safeguards or provide a copy of such safeguards.
We grant data subjects all rights in accordance with the applicable data protection law. Data subjects have the following rights in particular:
können die Ausübung der Rechte von betroffenen Personen im rechtlich zulässigen Rahmen aufschieben, einschränken oder verweigern. Wir können betroffene Personen auf allenfalls zu erfüllende Voraussetzungen für die Ausübung ihrer datenschutzrechtlichen Ansprüche hinweisen. Wir können beispielsweise die Auskunft mit Verweis auf Geschäftsgeheimnisse oder den Schutz anderer Personen ganz oder teilweise verweigern. Wir können beispielsweise auch die Löschung von Personendaten mit Verweis auf gesetzliche Aufbewahrungspflichten ganz oder teilweise verweigern.
können für die Ausübung der Rechte ausnahmsweise Kosten vorsehen. Wir informieren betroffene Personen vorgängig über allfällige Kosten.
sind verpflichtet, betroffene Personen, die Auskunft verlangen oder andere Rechte geltend machen, mit angemessenen Massnahmen zu identifizieren. Betroffene Personen sind zur Mitwirkung verpflichtet.
Affected individuals have the right to enforce their data protection claims through legal channels or to lodge a complaint with a competent data protection supervisory authority.
The data protection supervisory authority for private controllers and federal agencies in Switzerland is the Federal Data Protection and Information Commissioner (FDPIC).
Affected individuals also have the right – provided that the General Data Protection Regulation (GDPR) applies – to lodge a complaint with a competent European data protection supervisory authority.
Wir treffen geeignete technische und organisatorische Massnahmen, um eine dem jeweiligen Risiko angemessene Datensicherheit zu gewährleisten. Wir können aber keine absolute Datensicherheit gewährleisten.
Der Zugriff auf unsere Website erfolgt mittels Transportverschlüsselung (SSL / TLS, insbesondere mit dem Hypertext Transfer Protocol Secure, abgekürzt HTTPS). Die meisten Browser kennzeichnen Transportverschlüsselung mit einem Vorhängeschloss in der Adressleiste.
Unsere digitale Kommunikation unterliegt – wie grundsätzlich jede digitale Kommunikation – der Massenüberwachung ohne Anlass und Verdacht sowie sonstiger Überwachung durch Sicherheitsbehörden in der Schweiz, im übrigen Europa, in den Vereinigten Staaten von Amerika (USA) und in anderen Staaten. Wir können keinen direkten Einfluss auf die entsprechende Bearbeitung von Personendaten durch Geheimdienste, Polizeistellen und andere Sicherheitsbehörden nehmen.
We may use cookies. Cookies – both first-party cookies (set by us) and third-party cookies (set by external services we use) – are data stored in the browser. Such stored data is not necessarily limited to traditional text-based cookies.
Cookies can be stored temporarily in the browser as "session cookies" or for a specific period as "persistent cookies." "Session cookies" are automatically deleted when the browser is closed. Persistent cookies have a defined storage duration. Cookies enable us to recognize a browser upon a subsequent visit to our website, allowing, for example, the measurement of website reach. Persistent cookies may also be used for online marketing.
Cookies can be disabled or deleted at any time, either entirely or partially, through browser settings. Without cookies, our website may no longer be fully available. We actively request explicit consent for the use of cookies – at least where required.
For cookies used for performance and reach measurement or advertising purposes, a general opt-out is available for many services through AdChoices (Digital Advertising Alliance of Canada), the Network Advertising Initiative (NAI), YourAdChoices (Digital Advertising Alliance), or Your Online Choices (European Interactive Digital Advertising Alliance, EDAA).
We may collect the following information for each access to our website, provided that this information is transmitted by your browser to our server infrastructure or can be determined by our web server: Date and time including time zone, Internet Protocol (IP) address, access status (HTTP status code), operating system including user interface and version, browser including language and version, individual sub-page of our website accessed including amount of data transferred, last website accessed in the same browser window (referrer).
We store such information, which may also constitute personal data, in server log files. The information is required to provide our website in a permanent, user-friendly and reliable manner and to ensure data security and thus in particular the protection of personal data - also by third parties or with the help of third parties.
We send notifications and communications via email and other communication channels such as instant messaging or SMS.
Notifications and communications may contain web links or tracking pixels that record whether an individual message has been opened and which web links have been clicked. Such web links and tracking pixels can also track the use of notifications and communications on a personal level. We require this statistical tracking for performance and reach measurement to ensure that notifications and communications are sent in an effective, user-friendly, secure, and reliable manner, tailored to the needs and reading habits of recipients.
You must generally provide explicit consent for the use of your email address and other contact details unless their use is permissible for other legal reasons. Where possible, we use the "double opt-in" procedure, meaning you receive an email with a web link that you must click to confirm your consent, preventing misuse by unauthorized third parties. We may log such consents, including the Internet Protocol (IP) address, date, and time, for proof and security purposes.
You may generally object to receiving notifications and communications, such as newsletters, at any time. Such an objection also applies to the statistical tracking of usage for performance and reach measurement. However, necessary notifications and communications related to our activities and operations remain unaffected.
We send notifications and communications with the help of specialized service providers.
We use services from specialized third parties in order to be able to carry out our activities and operations in a permanent, user-friendly, secure and reliable manner. Among other things, we can use such services to embed functions and content in our website. In the case of such embedding, the services used record the Internet Protocol (IP) addresses of users at least temporarily for technically compelling reasons.
For necessary security, statistical and technical purposes, third parties whose services we use may process data in connection with our activities and operations in aggregated, anonymized or pseudonymized form. This is, for example, performance or usage data in order to be able to offer the respective service.
We use in particular:
We use specialized audio and video conferencing services to communicate online. For example, we can use them to hold virtual meetings or conduct online lessons and webinars. For participation in audio and video conferences, the legal texts of the individual services, such as data protection declarations and terms of use, also apply.
Depending on your life situation, we recommend muting the microphone by default when participating in audio or video conferences and blurring the background or displaying a virtual background.
We use services from specialized third parties to enable the direct playback of digital audio and video content, such as music or podcasts.
We utilize the opportunity to display advertising for our activities and services on third-party platforms, such as social media platforms and search engines.
With such advertising, we particularly aim to reach individuals who are already interested in our activities and services or might be interested in them (Remarketing and Targeting). For this purpose, we may transmit relevant – possibly personal – data to third parties that facilitate such advertising. Additionally, we can determine whether our advertising is successful, meaning whether it leads to visits to our website (Conversion Tracking).
Third parties on whose platforms we advertise and where you are registered as a user may be able to associate the use of our online services with your profile on their platform.
We specifically use:
We use specialized service providers to process our customers' payments securely and reliably. The legal texts of the respective service providers, such as General Terms and Conditions (GTC) or Privacy Policies, additionally apply to payment processing.
We specifically use:
We try to determine how our online offering is used. In this context, we can, for example, measure the success and reach of our activities and operations as well as the effect of third-party links to our website. We can also, for example, test and compare how different parts or versions of our online offering are used (“A/B test” method). Based on the results of the success and reach measurement, we can in particular correct errors, strengthen popular content or make improvements to our online offering.
For success and reach measurement, in most cases, the Internet Protocol (IP) addresses of individual users are stored. In this case, IP addresses are generally shortened ("IP-Masking") to follow the principle of data minimization through appropriate pseudonymization.
Cookies may be used in success and reach measurement, and user profiles may be created. If created, user profiles may include, for example, the individual pages visited or content viewed on our website, information about screen or browser window size, and the – at least approximate – location. Generally, any user profiles are created solely in pseudonymized form and are not used to identify individual users. Some third-party services, where users are logged in, may associate the use of our online services with the user account or user profile on the respective service.
We may amend and supplement this privacy policy at any time. We will provide information about such amendments and additions in an appropriate form, in particular by publishing the current privacy policy on our website.