PRIVACY POLICY

Privacy policy

With this privacy policy, we inform you about what personal data we process, how, and where, especially in connection with our website www.ellaellos.net and our other offerings. This privacy policy also informs about the rights of individuals whose data we process.

Special, supplementary, or additional privacy policies, as well as other legal documents such as Terms and Conditions (T&C), Terms of Use, or participation conditions, may apply to individual or additional offerings and services.

Contact address

Responsible for the processing of personal data:

ELLA & ELLOS 
Burgstrasse 148         
8706 Meilen  
info@ellaellos.ch

We point out if in individual cases there are other responsible parties for the processing of personal data.

Processing of personal data

Privacy policy

TERMS

Personal data is all information related to a specific or identifiable person. An affected person is someone whose personal data is processed. Processing includes any handling of personal data, regardless of the means and procedures used, especially storing, disclosing, obtaining, collecting, deleting, storing, modifying, destroying, and using personal data.

TYPE, SCOPE, AND PURPOSE

Privacy policy

We process those personal data necessary to provide our offer sustainably, user-friendly, safe, and reliable, to communicate with you and your employer, to conclude contracts and process orders. This data can be used for marketing and PR purposes, as well as market and customer analysis and business management, and in individual cases for legal proceedings, investigations, and fraud prevention. We also process publicly accessible or provided by GDPR-compliant providers of business-related personal data for marketing purposes. The processing of this personal data is based on our legitimate interest (according to Art. 6 Para. 1 lit. f GDPR) to send relevant information and offers about our products and services to these people. We have carefully weighed the interests, fundamental rights, and freedoms of these people and have come to the conclusion that our interest in improving and optimizing our products and services, as well as in effective marketing strategies, outweighs the nature of the data processed and the benefits that you can derive from our offers. You have the right to object to this processing at any time, and we will no longer process the data of these people for these purposes if an objection is raised, unless we can demonstrate compelling legitimate grounds for the processing that override the interests, rights, and freedoms of these people.

Such personal data may fall into the categories of inventory and contact data, browser and device data, content data, meta or peripheral data and usage data, location data, sales, contract and payment data. Further possible are credit reports, references, receipts concerning you, recommendations and hints from third parties, your social media/online activities and publications in which you appear, excerpts from government registers and data from legal proceedings.

We process personal data for the duration required for the respective purpose or purposes or as required by law. Personal data whose processing is no longer necessary will be anonymized or deleted. Individuals whose data we process generally have a right to erasure.

We generally only process personal data if the processing is legally permitted, for example, to fulfill a contract with the affected person and for corresponding pre-contractual measures, to protect our predominant legitimate interests, because the processing is apparent from the circumstances, or after prior information.

In this context, we process in particular data that an affected person voluntarily and independently transmits to us when making contact – for example, by postal mail, email, contact form, social media, or telephone – or when registering for a user account. We may store such data, for example, in an address book or with comparable tools. If you transmit personal data about third parties to us, you are obliged to ensure data protection towards such third parties and to ensure the accuracy of such personal data.

We also process personal data that we receive from third parties, obtain from publicly accessible sources, or collect when providing our offer, provided and to the extent that such processing is legally permitted.

PROCESSING OF PERSONAL DATA BY THIRD PARTIES, INCLUDING ABROAD

Privacy policy

We may have personal data processed by commissioned third parties, process it together with third parties and with the help of third parties, or transmit it to third parties. Such third parties are particularly providers whose services we use, service providers who partly process your data on our behalf (e.g., IT providers) and partly in their responsibility – e.g., insurance companies, authorities in Switzerland and possibly abroad, business partners, project partners, and others. We also ensure an adequate level of data protection with such third parties. Such third parties are generally located in Switzerland as well as in the European Economic Area (EEA).

However, such third parties may also be located in other countries and territories, provided that their data protection law ensures an adequate level of data protection, according to the assessment of the Federal Data Protection and Information Commissioner (FDPIC), or if there are other reasons, such as through an appropriate contractual agreement, in particular based on standard contractual clauses, or through an appropriate certification, an adequate level of data protection is ensured. Exceptionally, such a third party may be located in a country without adequate data protection, provided that the data protection legal requirements, such as the explicit consent of the affected person, are fulfilled.

RIGHTS OF AFFECTED PERSONS

Affected persons whose personal data we process have rights according to Swiss data protection law. These include the right to information as well as the right to correction, deletion, or blocking of the processed personal data.
Affected persons whose personal data we process have a right to lodge a complaint with a competent supervisory authority. The supervisory authority for data protection in Switzerland is the Federal Data Protection and Information Commissioner (FDPIC).

DATA SECURITY

Privacy policy

We take appropriate and suitable technical and organizational measures to ensure data protection and, in particular, data security. However, the processing of personal data on the Internet can always have security gaps despite such measures. We cannot guarantee absolute data security.

Access to our online offer is made using transport encryption (SSL / TLS, especially with the Hypertext Transfer Protocol Secure, abbreviated HTTPS). Most browsers mark transport encryption with a padlock in the address bar.

Access to our online offer is subject – as is generally the case with any internet use – to indiscriminate and suspicion-independent mass surveillance as well as other surveillance by security authorities in Switzerland, in the European Union (EU), in the United States of America (USA), and in other states. We cannot directly influence the corresponding processing of personal data by secret services, police stations, and other security authorities.

Use of the Website

COOKIES

Privacy policy

We may use cookies for our website. Cookies – both our own cookies (First-Party Cookies) and cookies from third parties whose services we use (Third-Party Cookies) – are data stored in your browser. Such stored data does not have to be limited to traditional cookies in text form.

Cookies cannot execute programs or transmit malware such as Trojans and viruses. Cookies can be stored in your browser temporarily as “session cookies” or for a certain period as so-called permanent cookies when you visit our website. “Session cookies” are automatically deleted when you close your browser. Permanent cookies have a specific storage duration. They enable, in particular, the recognition of your browser on your next visit to our website and thereby measure, for example, the reach of our website. However, permanent cookies can also be used for online marketing, for example.

You can deactivate and delete cookies in your browser settings at any time, either completely or partially. Without cookies, our website may not be fully available. We ask you – if and to the extent necessary – to actively consent to the use of cookies.

For cookies used for success and reach measurement or for advertising, a general objection (“opt-out”) is possible for numerous services via the Network Advertising Initiative (NAI), YourAdChoices (Digital Advertising Alliance), or Your Online Choices (European Interactive Digital Advertising Alliance, EDAA).

SERVER LOG FILES

Data protection

We can record the following data for each access to our website, provided it is transmitted from your browser to our server infrastructure or can be determined by our web server: Date and time, including time zone, Internet Protocol (IP) address, access status (HTTP status code), operating system including user interface and version, browser including language and version, individual sub-page of our website accessed, including the amount of data transferred, the last webpage called up in the same browser window (referer or referrer).

We store such data, which can also represent personal data, in server log files. The data is necessary to provide our online offer sustainably, user-friendly, and reliably, and to ensure data security and thus, in particular, the protection of personal data – also by third parties or with the help of third parties.

COUNTING PIXELS

We can use counting pixels on our website. Counting pixels are also known as web beacons. Counting pixels – also from third parties whose services we use – are small, usually invisible images that are automatically retrieved when you visit our website. Counting pixels can record the same data as in server log files.

Social Media

Privacy policy

We are present on social media platforms and other online platforms to communicate with interested people and to inform about our offer. Personal data may also be processed outside Switzerland and the European Economic Area (EEA).

The general terms and conditions (T&C), terms of use, privacy policies, and other provisions of the individual operators of such online platforms also apply. These provisions provide information in particular about the rights of affected persons, which include in particular the right to information.

Success and Reach Measurement

GOOGLE ANALYTICS

Privacy policy

We use Google Analytics to analyze how our website is used. This includes measuring the reach of our website and the success of third-party links on our site. It is a service provided by the American Google LLC. For users in the European Economic Area (EEA) and Switzerland, the Irish Google Ireland Limited is responsible.

Google tries to track individual visitors to our website even when they use different browsers or devices (Cross-Device Tracking). Cookies are also used for this purpose. Google Analytics requires your Internet Protocol (IP) address, but it is not merged with other data from Google.

In any case, we anonymize your Internet Protocol (IP) address before Google analyzes it. As a result, your complete IP address is generally not transmitted to Google in the USA.

Further details about the nature, extent, and purpose of the data processing can be found in Google’s privacy and security principles and privacy policy, in the guide to privacy for Google products (including Google Analytics), in the information on how Google uses data from websites where Google services are used, and in the information about Google’s cookies. Moreover, there is the option to use the “Browser Add-on for Disabling Google Analytics” and to object to personalized advertising.

GOOGLE TAG MANAGER

Data protection

We use Google Tag Manager to integrate and manage services for analytics or advertising from Google and third parties into our website. This is a service provided by the American Google LLC. For users in the European Economic Area (EEA) and Switzerland, the Irish Google Ireland Limited is responsible. No cookies are used in this process, but cookies may be used in the context of the integrated and managed services. We provide information on the processing of personal data through such services in this privacy statement.

DIGITAL INFRASTRUCTURE

We use third-party services to access the necessary digital infrastructure for our offerings. This includes, for example, hosting and storage services from specialized providers.

AUDIO AND VIDEO CONFERENCES

Privacy policy

We use services for audio and video conferences to communicate with our customers and other people. This allows us to conduct audio and video conferences, virtual meetings, and training sessions such as webinars. In addition to this privacy policy, the respective conditions of the used services such as terms of use or privacy statements also apply.

We use Zoom in particular, a service of the American Zoom Video Communications Inc. Zoom also grants rights according to the European General Data Protection Regulation (GDPR) to users in Switzerland. Further details about the nature, extent, and purpose of the data processing can be found in Zoom’s privacy policies and on the “Legal and Privacy” page of Zoom.

MAPS

We use Google Maps to embed maps into our website. Cookies are also used in this process. Google Maps is a service provided by the American Google LLC. For users in the European Economic Area (EEA) and Switzerland, the Irish Google Ireland Limited is responsible. Further details about the nature, extent, and purpose of the data processing can be found in Google’s privacy and security principles and privacy policy, in the guide to privacy for Google products (including Google Maps), in the information on how Google uses data from websites where Google services are used, and in the information about Google’s cookies. Moreover, there is the option to object to personalized advertising.

ADVERTISING

Data protection

Google

We use Google Ads (formerly AdWords) to specifically advertise our offerings on the Google search engine and elsewhere on the Internet, such as on other websites, based on search queries. Google Ads is a service provided by the American Google LLC. For users in the European Economic Area (EEA) and Switzerland, the Irish Google Ireland Limited is responsible. Cookies are also used in Google Ads. Google uses various domain names – especially doubleclick.net, googleadservices.com, and googlesyndication.com – for Google Ads.

With such advertising, we especially want to reach people who are interested in our online offerings or already use our online offerings. For this purpose, we transmit corresponding – possibly also personal – information to Google (Remarketing). We can also determine whether our advertising is successful, that is, whether it leads to visits to our website (Conversion Tracking).

Further details about the nature, extent, and purpose of the data processing can be found in Google’s privacy and security principles and privacy policy, in the information on how Google uses data from websites where Google services are used, and in the information about Google’s cookies. Moreover, there is the option to object to personalized advertising.

Extension for the Website

Privacy policy

We use Akismet to distinguish desired comments from humans from unwanted comments from bots and other spam. Cookies are also used in this process. Akismet is a service of Aut O’Mattic A8C Ireland Ltd. in Ireland or the American Automattic Inc., which is known for its WordPress.com offering, among other things. Further details about the nature, extent, and purpose of the data processing can be found in Automattic’s privacy statement for websites and in Automattic’s general privacy policy.

Newsletter

NEWSLETTER DATA

Data protection

If you wish to subscribe to the newsletter offered on the website, we require your email address and information that allows us to verify that you are the owner of the provided email address and agree to receive the newsletter. Other data is not collected or only on a voluntary basis. For the processing of the newsletters, we use newsletter service providers, which are described below.

MAILCHIMP

Privacy policy

This website uses MailChimp for sending newsletters. The provider is INTUIT Inc. (hereinafter “INTUIT mailchimp”). MailChimp is a service with which the newsletter dispatch can be organized and analyzed. The data you provide for the purpose of subscribing to the newsletter (e.g., email address) will be stored on MailChimp’s servers.

Our newsletters sent via MailChimp allow us to analyze the behavior of newsletter recipients. Among other things, it can be analyzed how many recipients opened the newsletter message and how often which link in the newsletter was clicked. With the help of so-called Conversion Tracking, it can also be analyzed whether a predefined action (e.g., purchase of a product on this website) occurred after clicking on the link in the newsletter. Further information about security through MailChimp newsletters can be found at: https://mailchimp.com/en/about/security/.

Data processing is based on your consent (Art. 6 para. 1 lit. a GDPR). You can revoke this consent at any time by unsubscribing from the newsletter. The legality of the data processing operations already carried out remains unaffected by the revocation.

If you do not want an analysis by MailChimp, you must unsubscribe from the newsletter. For this purpose, we provide a corresponding link in every newsletter message.

The data you have stored with us for the purpose of subscribing to the newsletter will be stored by us or the newsletter service provider until you unsubscribe from the newsletter and deleted from the newsletter distribution list after you unsubscribe from the newsletter. Data stored for other purposes with us remains unaffected by this.

After you unsubscribe from the newsletter distribution list, your email address may be stored by us or the newsletter service provider in a blacklist, if this is necessary to prevent future mailings. The data from the blacklist is used only for this purpose and is not merged with other data. This serves both your interest and our interest in complying with the legal requirements for sending newsletters (legitimate interest in the sense of Art. 6 para. 1 lit. f GDPR). The storage in the blacklist is not limited in time. You can object to the storage if your interests outweigh our legitimate interest.

For more information, see MailChimp’s privacy policy at: https://www.intuit.com/privacy/statement/.

Final Provisions

Privacy policy

We may adapt and supplement this Privacy Policy at any time. We will inform about such adaptations and supplements in a suitable manner, in particular by publishing the current Privacy Policy on our website.

January 2024.