Privacy notice

Important: This text has been translated with the help of an AI and is only intended for better understanding. However, only the German version is legally binding.

We hereby provide information about the processing of personal data in connection with our "amorloo" portal and our other online services, including information about what data we collect, where and for what purpose we process it. We also provide information about the rights to which persons whose data we process are entitled. Specific or additional offers and services may be subject to separate, supplementary or additional data protection declarations and other legal documents such as General Terms and Conditions (GTC), terms of use or conditions of participation.

Our online offering is subject to Swiss data protection law and any applicable foreign data protection law, in particular the General Data Protection Regulation (GDPR) of the European Union (EU). The European Commission has determined that Swiss data protection law ensures adequate protection of data.

  1. Contact Addresses

    SWARETIQ GmbH
    Aeschengraben 29
    CH-4051 Basel
    Trade register: CHE-213.683.691
    VAT number: CHE-213.683.691 VAT

    Contact
    E-Mail: info@amorloo.com
    Internet: amorloo.com

  2. Processing of Personal Data
    1. Definition
      Personal data refers to any information relating to a specific or identifiable person. A data subject is defined as a person about whom personal data is processed. The term "processing" covers all actions involving personal data, regardless of the methods and procedures used, including the retention, disclosure, acquisition, collection, erasure, storage, modification, destruction and use of personal data. In addition to the European Union (EU), the European Economic Area (EEA) also includes the Principality of Liechtenstein, Iceland and Norway. In the General Data Protection Regulation (GDPR), the processing of personal data is referred to as the processing of personal data.
    2. Legal Basis
      We process personal data in accordance with the provisions of Swiss data protection law, in particular the Federal Act on Data Protection (FADP) and the Ordinance to the Federal Act on Data Protection (OFADP). If and insofar as the General Data Protection Regulation (GDPR) is applicable, the processing of personal data is carried out in accordance with at least one of the following legal bases:
      - Art. 6 para. 1 lit. b GDPR: Necessary processing of personal data for the performance of a contract with the data subject and for the implementation of pre-contractual measures.
      - Art. 6 para. 1 lit. f GDPR: Necessary processing of personal data in order to protect the legitimate interests of us or of third parties, except where such interests are overridden by the fundamental freedoms and rights and interests of the data subject. The legitimate interests include, in particular, our interest in providing our online offering in a permanent, user-friendly, secure and reliable manner and, if necessary, to advertise it, to ensure information security and protection against misuse and unauthorized use, to enforce our own legal claims and to comply with Swiss law.
      - Art. 6 para. 1 lit. c GDPR: Necessary processing of personal data to fulfill a legal obligation to which we are subject under applicable law of the Member States in the European Economic Area (EEA).
      - Art. 6 para. 1 lit. e GDPR: Necessary processing of personal data for the performance of a task carried out in the public interest.
      - Art. 6 para. 1 lit. a GDPR: Processing of personal data with the consent of the data subject.
      - Art. 6 para. 1 lit. d GDPR: Necessary processing of personal data in order to protect the vital interests of the data subject or of another natural person.
    3. Type, Scope and Purpose
      We process the personal data required to provide our online offering in a permanent, user-friendly, secure and reliable manner. This personal data may include inventory and contact data, browser and device data, content data, meta or marginal data as well as usage data, location data, sales, contract and payment data. The duration of the processing of personal data depends on the respective purpose or the legal requirements. As soon as the processing of personal data is no longer necessary, it is anonymized or deleted. Data subjects whose data we process generally have the right to erasure (see GTCs). In principle, we only process personal data with the consent of the data subject, unless the processing is permitted for other legal reasons, such as to fulfill a contract with the data subject, to protect our overriding legitimate interests, if the processing is obvious or after prior information. As part of this processing, we process in particular the information that a data subject voluntarily and independently provides to us when contacting us via various channels such as post, email, contact form, social media or telephone or when registering for a user account. Such data may, for example, be stored in an address book, a customer relationship management system (CRM system) or similar tools. If users transmit personal data to us via third parties, they are obliged to guarantee the data protection provisions vis-à-vis these third parties and to ensure the accuracy of this personal data. Furthermore, we process personal data that we receive from third parties, obtain from publicly accessible sources or collect when providing our online offering, if and to the extent that such processing is permitted for legal reasons.
    4. Processing of Personal Data by Third Parties, including Abroad
      We reserve the right to have personal data processed by commissioned third parties or to process it jointly with third parties or to transfer it to third parties, in particular providers whose services we use. We also guarantee appropriate data protection for these third parties. These third parties are generally located in Switzerland or the European Economic Area (EEA). However, it is possible that such third parties may also be located in other countries, provided that the data protection law of the respective country guarantees adequate data protection in the opinion of the Federal Data Protection and Information Commissioner (FDPIC) and - if the General Data Protection Regulation (GDPR) is applicable - in the opinion of the European Commission. This can be achieved through corresponding contractual agreements, in particular on the basis of standard contractual clauses, or through certifications. In the United States of America (USA), for example, certification in accordance with the Privacy Shield can guarantee adequate data protection. In exceptional cases, such a third party may be located in a country without adequate data protection, provided that the data protection requirements, such as the express consent of the data subject, are met.
  3. Rights of Data Subjects
    1. Persons whose personal data we process have certain rights under Swiss data protection law. These include the right to information and the right to rectification, erasure or blocking of their personal data (more on this in the GTCs). If the General Data Protection Regulation (GDPR) is applicable, data subjects also have the right to obtain confirmation free of charge as to whether we are processing their personal data and, if this is the case, to request information about the processing of their personal data. They may also request the restriction of the processing of their personal data, exercise their right to data portability and have their personal data rectified, erased (the "right to be forgotten"), blocked or completed. Furthermore, data subjects whose personal data we process have the right to withdraw their consent at any time with effect for the future and to object to the processing of their personal data at any time. Data subjects also have the right to lodge a complaint with a competent supervisory authority. The supervisory authority for data protection in Switzerland is the Federal Data Protection and Information Commissioner (FDPIC).
  4. Data Security
    1. We take appropriate and suitable technical and organizational measures to ensure data protection, in particular with regard to data security. Despite these measures, however, security gaps can occur when processing personal data on the Internet, which is why we cannot guarantee absolute data security. Our online offering is accessed via transport encryption (SSL / TLS), in particular with the Hypertext Transfer Protocol Secure (HTTPS). Most browsers indicate a secure connection with a padlock symbol in the address bar. It should be noted that access to our online offering - like any Internet use in general - is subject to potential monitoring by security authorities, both in Switzerland and in the European Union (EU), the United States of America (USA) and other countries. We have no direct influence on the processing of personal data by secret services, police authorities and other security agencies.
  5. Usage of Website
    1. Cookies
      We may use cookies on our website. These are data in text form that are stored in your browser both by our website (first-party cookies) and by third parties whose services we use (third-party cookies). It is important to emphasize that cookies cannot execute programs and cannot transmit malware such as Trojans or viruses. We only use technically necessary cookies. For reasons of user convenience, we do not use tracking cookies at all.
    2. Tracking Pixel
      We may use tracking pixels, also known as web beacons, on our website. These tracking pixels, including those from third parties whose services we use, are small, normally invisible images that are automatically retrieved when our website is visited. Tracking pixels can be used to collect the same information as server log files.
    3. Server Log Files
      For each access to our website, we may collect the following information, provided that it is transmitted by your browser to our server infrastructure or can be determined by our web server: Date and time including time zone, Internet Protocol (IP) address, access status (HTTP status code), operating system including user interface and version, browser including language and version, individual subpage of our website accessed including amount of data transferred and the last website accessed in the same browser window (referer or referrer). Such information, which may also constitute personal data, is stored in server log files. This information is necessary in order to provide our online services in a permanent, user-friendly and reliable manner and to ensure data security, in particular the protection of personal data, including by third parties or with the support of third parties.
  6. Notifications and Messages
    1. We send notifications and communications, such as newsletters, both by e-mail and via other communication channels such as instant messaging.
    2. Performance Measurement and Reach Measurement
      Notifications and messages may contain web links or tracking pixels that are used to record whether an individual message has been opened and which web links have been clicked on. These web links and tracking pixels may also collect personal data by analyzing the use of notifications and messages. The statistical recording of usage is necessary to measure success and to determine reach. This enables notifications and messages to be offered in an effective, user-friendly, permanent, secure and reliable manner based on the needs and reading habits of the recipients.
    3. Consent and Objection
      In principle, we require the express consent of the user for the use of their e-mail address and other contact addresses, unless the use is permitted for other legal reasons. If users wish to consent to receiving emails, we use the "double opt-in" procedure wherever possible. This means that users receive an email with a confirmation link that they must click on to ensure that no misuse by unauthorized third parties takes place. For security reasons and as proof, such consents can be logged, including your IP address and the date and time. Users have the option of unsubscribing from notifications and messages, such as newsletters, at any time. This does not apply to notifications and messages that are essential for our online offering. By unsubscribing, users can object in particular to the statistical recording of usage for measuring success and reach.
    4. Service Provider for Notifications and Messages
      We use third-party services or rely on service providers to send notifications and messages. Cookies may also be used for this purpose. We ensure that appropriate data protection is also guaranteed when using such services.
  7. Third Party Services
    1. In order to provide our online offering in a permanent, user-friendly, secure and reliable manner, we use third-party services. These services also enable us to embed content in our online offering. These services include, for example, hosting and storage services, video services and payment services. These services require your Internet Protocol (IP) address in order to provide the corresponding content. It is possible that such services are located outside Switzerland and the European Economic Area (EEA), provided that adequate data protection is guaranteed. For their own security, statistical and technical purposes, third-party providers whose services we use may also aggregate, anonymize or pseudonymize data in connection with our online offering and from other sources, including cookies, log files and tracking pixels.
    2. Payments
      In order to process our customers' payments securely and reliably, we use payment service providers that guarantee an appropriate level of data protection. Processing is carried out in accordance with the terms and conditions of the respective payment service providers, including their general terms and conditions (GTC) or data protection declarations.
    3. Fonts
      We use Google Fonts to embed selected fonts in our website. No cookies are used for this. This service is provided by the American company Google LLC and is independent of other Google services. For users in the European Economic Area (EEA) and Switzerland, the Irish company Google Ireland Limited is responsible. Further information on the type, scope and purpose of data processing can be found in Google's data protection and security guidelines and privacy policy.
  8. Final Clauses
    1. We reserve the right to amend and supplement this privacy policy at any time. We will inform you of such amendments and additions in an appropriate form, in particular by publishing the current data protection declaration on our website.