Privacy Policy

This privacy policy informs you about the personal data we process in connection with our activities and operations, including our website. In particular, we inform you about what, how, and where we process personal data, and explain the rights of individuals whose data we process.

​

Additional privacy policies or other legal documents such as General Terms and Conditions (GTC), terms of use, or participation conditions may apply to specific or additional activities and operations.

​

1. Contact Details

 

Controller:

 

Gasser Apparatebau Switzerland

Hechtmühle 185

9053 Teufen

Switzerland
 

info@gasser-apparatebau.ch

gasser-apparatebau.ch

Phone: +41 (0)71 333 36 88 

​

2. Terminology and Legal Basis

​

2.1 Terminology

Personal data refers to all information that relates to an identified or identifiable natural person. A data subject is a person about whom we process personal data.

​

Processing includes any handling of personal data, regardless of the methods and procedures used. This includes, for example, requesting, comparing, adjusting, archiving, storing, reading, disclosing, collecting, recording, deleting, organizing, modifying, distributing, linking, destroying, and using personal data.

 

2.2 Legal Basis

We process personal data in accordance with Swiss data protection law, in particular the Federal Act on Data Protection (FADP) and the Ordinance to the Federal Act on Data Protection (OFADP).

 

3. Type, Scope and Purpose

We process the personal data required to permanently, user-friendly, securely, and reliably carry out our activities and operations. Such data may fall into the categories of inventory and contact data, browser and device data, content data, metadata and peripheral data, usage data, location data, sales data, as well as contract and payment data.

​

We process personal data for the duration required for the respective purpose(s) or as required by law. Personal data no longer required is anonymized or deleted.

​

We may have personal data processed by third parties. We may also process or transmit personal data jointly with third parties, particularly with specialized service providers. Even in such cases, we ensure data protection is upheld.

We generally process personal data only with the consent of the individuals concerned. Where processing is permissible for other legal reasons, we may forgo obtaining consent. For example, we may process personal data without consent to fulfill a contract, comply with legal obligations, or protect overriding interests.

​

In this context, we particularly process information voluntarily submitted to us by the affected individuals when contacting us—e.g. by mail, email, instant messaging, contact form, social media, or phone—or when registering for a user account. We may store such information in an address book or similar tools. If data about other individuals is provided to us, the transmitting individuals must ensure data protection for those persons and the accuracy of the transmitted data.

​

We also process personal data obtained from third parties, from publicly accessible sources, or collected during the course of our activities, provided such processing is legally permitted.

​

4. Personal Data Abroad

We primarily process personal data in Switzerland. However, we may also disclose or export personal data to other countries, especially for processing purposes.

​

We may disclose personal data to all countries and territories on Earth and elsewhere in the universe, provided their legal systems ensure adequate data protection in accordance with the decision of the Swiss Federal Council.

​

We may also disclose personal data to countries without adequate data protection if suitable safeguards are in place—for example, through appropriate contractual arrangements, based on standard data protection clauses, or other guarantees. In exceptional cases, we may export data without adequate or suitable protection if specific data protection requirements are met, such as the explicit consent of the data subject or if directly related to contract performance. We will gladly provide information on safeguards upon request.

​

5. Rights of Data Subjects

​

5.1 Data Protection Claims

We grant individuals all rights under applicable data protection laws. In particular, individuals have the following rights:

​

• Access: Individuals may request confirmation of whether we process their personal data and, if so, which data. They will also receive information necessary to assert their data protection rights and ensure transparency, including data categories, processing purposes, storage duration, data transfers, and data origin.

​

• Correction and Restriction: Individuals may request correction of incorrect data, completion of incomplete data, and restriction of processing.

​

• Erasure and Objection: Individuals may request deletion of their data ("right to be forgotten") and object to future processing.

​

• Data Portability: Individuals may request their data be handed over or transferred to another controller.

​

We may defer, limit, or deny the exercise of these rights within the legal framework. We may inform affected individuals of any requirements for exercising their rights. For example, we may refuse access due to trade secrets or to protect other individuals, or refuse deletion due to legal retention obligations.

​

In exceptional cases, we may charge for the exercise of rights and will inform users in advance of any such costs.

​

We are obligated to identify data subjects with reasonable measures when they exercise their rights. Individuals must cooperate in this identification process.

​

5.2 Right to Complain

Data subjects have the right to assert their data protection claims legally or file a complaint with a competent data protection authority.

​

In Switzerland, the Federal Data Protection and Information Commissioner (FDPIC) is the supervisory authority for private entities and federal bodies.

​

6. Data Security

We take appropriate technical and organizational measures to ensure a level of data security appropriate to the respective risk. However, we cannot guarantee absolute data security.

​

Access to our website is protected by transport encryption (SSL / TLS, particularly using the Hypertext Transfer Protocol Secure, abbreviated HTTPS). Most browsers indicate encrypted connections with a padlock icon in the address bar.

​

Our digital communications—like all digital communications in general—are subject to mass surveillance without specific cause or suspicion, as well as other forms of monitoring by security authorities in Switzerland, the rest of Europe, the United States of America (USA), and other countries. We have no direct control over the handling of personal data by intelligence services, law enforcement agencies, or other security authorities.

​

7. Use of the Website

​

7.1 Cookies

We may use cookies. Cookies—whether our own (first-party cookies) or those from third parties whose services we use (third-party cookies)—are data stored in the browser. These stored data are not necessarily limited to traditional text-based cookies.

​

Cookies can be stored in the browser either temporarily as "session cookies" or for a specified period as so-called permanent cookies. Session cookies are automatically deleted when the browser is closed. Permanent cookies have a defined storage duration. Cookies allow, for example, recognition of a browser on subsequent visits to our website and thus enable us to measure the reach of our website. Permanent cookies may also be used for online marketing purposes.

​

Cookies can be completely or partially disabled and deleted at any time in the browser settings. Without cookies, our website may no longer function fully. Where required, we actively request explicit consent for the use of cookies.

​

For cookies used for performance and reach measurement or advertising purposes, a general opt-out is available for many services via AdChoices (Digital Advertising Alliance of Canada), the Network Advertising Initiative (NAI), YourAdChoices (Digital Advertising Alliance), or Your Online Choices (European Interactive Digital Advertising Alliance, EDAA).

​

7.2 Server Log Files

We may collect the following information for each access to our website, provided it is transmitted by your browser to our server infrastructure or can be determined by our web server: date and time including time zone, Internet Protocol (IP) address, access status (HTTP status code), operating system including user interface and version, browser including language and version, the specific sub-page of our website accessed including the amount of data transferred, and the last webpage visited in the same browser window (referrer).

​

We store such information—which may also constitute personal data—in server log files. This information is necessary to ensure the long-term, user-friendly, and reliable provision of our website and to guarantee data security, especially the protection of personal data—also through or with the help of third parties.

​

7.3 Tracking Pixels

We may use tracking pixels on our website. Tracking pixels—also known as web beacons—are small, typically invisible images that are automatically retrieved when visiting our website, including those provided by third-party services we use. Tracking pixels can capture the same information as server log files.

 

7.4 Comments

We allow users to publish comments on our website. In this context, we process in particular the information voluntarily submitted by the commenting person, as well as the associated Internet Protocol (IP) address and the date and time. This information is necessary to enable the publication of comments and to ensure protection against misuse, which is in our overriding legitimate interest.

​

8. Notifications and Communications

We send notifications and communications via email and other communication channels, such as instant messaging or SMS.

​

8.1 Performance and Reach Measurement

Notifications and communications may contain web links or tracking pixels that record whether a message has been opened and which links were clicked. These web links and tracking pixels may also collect usage data on a personal basis. We require this statistical usage tracking to measure the performance and reach of our communications in order to send them effectively, in a user-friendly manner, and on a long-term, secure, and reliable basis—tailored to the needs and reading habits of recipients.

​

8.2 Consent and Objection

In general, you must explicitly consent to the use of your email address and other contact details unless their use is permitted for other legal reasons. Where applicable, we use the “double opt-in” procedure for consent, meaning you will receive an email with a confirmation link that must be clicked to prevent unauthorized use by third parties. We may log such consents, including the IP address, date, and time, for evidence and security purposes.

​

You may unsubscribe from notifications and communications, such as newsletters, at any time. By doing so, you may also object to the statistical tracking of their use for performance and reach measurement. Mandatory notifications and communications related to our activities and operations remain unaffected.

​

8.3 Service Providers for Notifications and Communications

We send notifications and communications with the help of specialized service providers.

In particular, we use:

​

• CleverReach: Email marketing platform; Provider: CleverReach GmbH & Co. KG (Germany); Data protection information: “Data Protection and Security”, Privacy Policy, “Data Security”.

​

• SendGrid: Platform for transactional emails (“Simply send emails”); Providers: Twilio Inc. (USA) / Twilio Ireland Limited (Ireland); Data protection information: Privacy Policy.

​

9. Social Media

We maintain a presence on social media platforms and other online platforms in order to communicate with interested individuals and to provide information about our activities and services. In connection with such platforms, personal data may also be processed outside of Switzerland.

​

The terms of service, usage policies, privacy policies, and other provisions of the respective platform operators also apply. These policies provide information about the rights of individuals directly vis-à-vis the respective platform—such as the right to access personal data.

​

10. Third-Party Services

We use services provided by specialized third parties in order to operate our activities and services in a permanent, user-friendly, secure, and reliable manner. These services may allow us to embed features and content into our website. For technical reasons, these services must at least temporarily collect users’ Internet Protocol (IP) addresses when embedded.

​

For necessary security, statistical, and technical purposes, third parties whose services we use may process data related to our activities in aggregated, anonymized, or pseudonymized form. Such data may include performance or usage information required to provide the respective service.

​

We specifically use:

​

• Google Services:
  Providers: Google LLC (USA) / Google Ireland Limited (Ireland) for users in the European Economic Area (EEA) and Switzerland.
  General data protection information:

  • “Data Privacy and Security Principles”

  • Privacy Policy

  • “Google is committed to complying with applicable data protection laws”

  • “Privacy Guide for Google Products”

  • “How we use data from sites or apps that use our services” (Google information)

  • “Types of cookies and other technologies used by Google”

  • “Personalized Ads” (activation / deactivation / settings)

​

• Microsoft Services:
  Providers: Microsoft Corporation (USA) / Microsoft Ireland Operations Limited (Ireland) for users in the European Economic Area (EEA), the United Kingdom, and Switzerland.
  General data protection information:

  • “Privacy at Microsoft”

  • “Privacy and Trust Center”

  • Privacy Policy

  • Privacy Dashboard (Data and Privacy Settings)

 

10.1 Digital Infrastructure

We use services provided by specialized third parties to access the digital infrastructure required for our activities and operations. This includes, for example, hosting and storage services from selected providers.

 

We specifically use:

​

• Cloudflare: Content Delivery Network (CDN); Provider: Cloudflare Inc. (USA); Data protection information: “Privacy”, Privacy Policy, Cookie Policy.

• Hetzner: Hosting and other infrastructure; Providers: Hetzner Online GmbH / Hetzner Cloud GmbH (both Germany); Data protection information: Privacy Policy, “Privacy FAQ”.

• Hostpoint: Hosting; Provider: Hostpoint AG (Switzerland); Data protection information: Privacy Policy.

• Hoststar: Hosting; Provider: Multimedia Networks AG (Switzerland); Data protection information: Privacy Policy, “Data Security at Hoststar”.

• Infomaniak: Hosting; Provider: INFOMANIAK NETWORK SA (Switzerland); Data protection information:

  • “Infomaniak and the Protection of Your Personal Data”

  • Privacy Policy

  • Cookie Policy

  • “Certifications and Labels”

• METANET: Hosting; Provider: METANET AG (Switzerland); Data protection information: Privacy Policy, “Technical and Organizational Measures”.

• Novatrend: Hosting; Provider: NovaTrend Services GmbH (Switzerland); Data protection information: Privacy Policy.

 

10.2 Social Media Features and Content

We use third-party services and plugins to embed functions and content from social media platforms and to enable content sharing on social media platforms and other channels.

In particular, we use:

​

• Facebook (Social Plugins): Embedding Facebook functions and content, such as "Like" or "Share" buttons; Providers: Meta Platforms Ireland Limited (Ireland) and other Meta companies (including in the USA); Data protection information: Privacy Policy.

• Instagram Platform: Embedding Instagram content; Providers: Meta Platforms Ireland Limited (Ireland) and other Meta companies (including in the USA); Data protection information: Instagram Privacy Policy, Facebook Privacy Policy.

• LinkedIn Consumer Solutions Platform: Embedding LinkedIn functions and content, e.g., via plugins such as the "Share Plugin"; Provider: Microsoft. LinkedIn-specific data protection information:

  • Privacy

  • Privacy Policy

  • Cookie Policy

  • Cookie Management / Opt-out of Email and SMS Communication

  • Opt-out of Interest-Based Advertising

• TikTok (Social Plugins): Embedding TikTok functions and content, such as "Share to TikTok"; Providers:

  • TikTok Information Technologies UK Limited (UK) and TikTok Technology Limited (Ireland) for users in the European Economic Area (EEA), the UK, and Switzerland

  • TikTok Inc. (USA) for users in the USA

  • TikTok Pte. Ltd. (Singapore) for users in the rest of the world
    Data protection information:

  • Privacy Policy

  • Privacy Policy for Younger Users

  • Cookie Policy

  • TikTok for Business – Privacy and Cookie Policy

• Twitter for Websites: Integration of Twitter functions and content, such as embedded tweets or "Follow" and "Tweet" buttons; Providers:

  • Twitter International Unlimited Company (Ireland) for users in the EEA, UK, and Switzerland

  • X Corp. (USA) for users in the rest of the world
    Data protection information:

  • Privacy Policy

  • Additional Information on Data Processing

  • “Privacy … on Twitter for Websites”

  • Personalization Based on Inferred Identity

  • Privacy Controls for Personalized Ads

 

10.3 Map Services

We use third-party services to embed maps into our website.

​

In particular, we use:

​

• Google Maps including Google Maps Platform: Mapping service; Provider: Google.
  Google Maps-specific data protection information: “How Google uses location information”.

 

10.4 Digital Audio and Video Content

We use services from specialized third parties to enable the direct playback of digital audio and video content, such as music or podcasts.

​

In particular, we use:

​

• Vimeo: Video platform; Provider: Vimeo Inc. (USA); Data protection information: Privacy Policy, “Privacy”.

• YouTube: Video platform; Provider: Google. YouTube-specific data protection information:

  • Privacy and Security Center

  • “My Data on YouTube”

 

10.5 Fonts

We use third-party services to embed selected fonts as well as icons, logos, and symbols into our website.

In particular, we use:

​

• Adobe Fonts: Fonts; Providers: Adobe Inc. (USA) for users in North America / Adobe Systems Software Ireland Limited (Ireland) for users in the rest of the world. Data protection information:

  • Adobe Privacy Center

  • Adobe Fonts Privacy Policy

  • Adobe Privacy Policy

  • Privacy Questions?

  • Adobe Privacy Settings

• Font Awesome: Icons and logos; Provider: Fonticons Inc. (USA); Data protection information: Privacy Policy.

• Google Fonts: Fonts; Provider: Google. Google Fonts-specific data protection information:

  • Privacy and Google Fonts

  • Privacy and Data Collection

 

10.6 E-Commerce

We operate e-commerce and use third-party services to successfully offer services, content, or goods.

In particular, we use:

​

• Shopware: Open commerce platform; Provider: shopware AG (Germany); Data protection information: Privacy Policy.

 

10.7 Payments

We use specialized service providers to process payments from our customers securely and reliably. The legal texts of the respective providers, such as general terms and conditions (GTC) or privacy policies, apply in addition to our own when processing payments.

​

In particular, we use:

• PostFinance: E-payment solutions; Provider: PostFinance AG (Switzerland); Data protection information:

  • “Legal Notices and Accessibility”

  • “Privacy” (including privacy policies)

​

10.8 Advertising

We use the option to display targeted advertising for our activities and services via third parties such as social media platforms and search engines.

​

We aim to reach individuals who are already interested in our activities or who may be (remarketing and targeting). For this purpose, we may transmit relevant—potentially also personal—data to third parties that enable such advertising. We may also determine whether our advertising is successful, i.e., whether it leads to visits to our website (conversion tracking).

​

Third-party platforms where we advertise and where you are logged in as a user may associate the use of our website with your profile on their platform.

​

We also allow third-party advertising—usually in exchange for compensation—to be embedded in our website. These third parties may also associate the use of our website with your user profile on their platforms, if you are logged in there.

​

We specifically use:

​

• Facebook Ads: Social media advertising; Providers: Meta Platforms Ireland Limited (Ireland) and other Meta companies (including in the USA). Data protection: remarketing and targeting via Facebook Pixel and Custom Audiences, including Lookalike Audiences;

• Privacy Policy

• Ad Preferences (login required)

• Google Ads: Search engine advertising; Provider: Google. Google Ads-specific information: advertising based on search queries and other signals, using domains like doubleclick.net, googleadservices.com, and googlesyndication.com.

• “Advertising” (Google)

• “Why am I seeing this ad?”

• Instagram Ads: Social media advertising; Providers: Meta Platforms Ireland Limited (Ireland) and other Meta companies. Data protection: remarketing and targeting via Facebook Pixel and Custom Audiences, including Lookalike Audiences;

• Instagram Privacy Policy

• Facebook Privacy Policy

• Ad Preferences (Instagram) (login required)

• Ad Preferences (Facebook) (login required)

• LinkedIn Ads: Social media advertising; Providers: LinkedIn Corporation (USA) / LinkedIn Ireland Unlimited Company (Ireland). Data protection: remarketing and targeting via the LinkedIn Insight Tag;

• Privacy

• Privacy Policy

• Cookie Policy

• Opt-out of personalized ads

• Snapchat Ads: Social media advertising; Provider: Snap Inc. (USA). Data protection: remarketing and targeting using the Snap Pixel;

• Our Privacy Promise

• Privacy Overview

• Privacy Policy

• Region-specific policies including for the EEA and the UK

• Privacy by Product (incl. advertising)

• Privacy Settings

• Cookie Policy

• Cookie Settings

• TikTok Ads: Social media advertising; Providers:

• TikTok Information Technologies UK Limited (UK) and TikTok Technology Limited (Ireland) for users in the EEA, UK, and Switzerland

• TikTok Inc. (USA) for users in the USA

• TikTok Pte. Ltd. (Singapore) for users in the rest of the world
  Data protection: remarketing and targeting using the TikTok Pixel;

• Privacy Policy

• Privacy Policy for Younger Users

• Cookie Policy

• TikTok for Business – Privacy and Cookie Policy

​

11. Website Extensions

We use extensions on our website to enable additional functionality.

​

In particular, we use:

​

• Google reCAPTCHA: Spam protection (distinguishing between legitimate human comments and unwanted comments from bots or spam); Provider: Google. Google reCAPTCHA-specific information:

• “What is reCAPTCHA?”

• hCaptcha: Spam protection (distinguishing between legitimate human comments and unwanted comments from bots or spam); Provider: Intuition Machines Inc. (USA); Data protection information:

• Privacy Policy

• AI Ethics Policy

• ShortPixel: Image hosting and optimization; Provider: ID SCOUT SRL (Romania); Data protection information:

• Privacy Policy

• “Legal & Privacy”

• TinyPNG: Image optimization; Provider: Tinify BV (Netherlands); Data protection information:

• Terms of Use

​

12. Performance and Reach Measurement

We seek to determine how our online offering is used. In this context, we may, for example, measure the success and reach of our activities and operations as well as the impact of third-party links to our website. We may also test and compare how different parts or versions of our online offering are used (“A/B testing” method). Based on the results of performance and reach measurement, we can fix errors, strengthen popular content, or make improvements to our online offering.

​

For performance and reach measurement, the Internet Protocol (IP) addresses of individual users are usually stored. IP addresses are generally shortened (“IP masking”) in order to follow the principle of data minimization through appropriate pseudonymization.

 

Cookies may be used for performance and reach measurement, and user profiles may be created. Such user profiles may include, for example, the specific pages visited or content viewed on our website, information about the screen or browser window size, and at least approximate location data. As a rule, any user profiles created are strictly pseudonymized and are not used to identify individual users. However, certain third-party services, where users are logged in, may potentially associate the use of our online offering with the respective user account or profile of that service.

​

We specifically use:

​

• Google Analytics: Performance and reach measurement; Provider: Google. Google Analytics-specific information: includes measurement across different browsers and devices (cross-device tracking) as well as the use of pseudonymized Internet Protocol (IP) addresses, which are only exceptionally transferred in full to Google in the USA.

  • Privacy

  • Browser Add-on to Disable Google Analytics

• Google Tag Manager: Integration and management of other services for performance and reach measurement as well as additional services from Google and third parties; Provider: Google. Google Tag Manager-specific information:

  • “Data collected with Google Tag Manager”

  • Additional data protection details can be found in the privacy policies of the individual integrated and managed services.

• Matomo: Performance and reach measurement; Provider: Matomo (open-source software). Data protection information: used on our own server infrastructure and with pseudonymized Internet Protocol (IP) addresses.

  • List of all Matomo Features