Privacy Policy

At Diso, protecting the privacy of visitors to our Web sites is of greatest importance. That’s why we have taken the necessary steps to meet worldwide data privacy requirements. We treat your „personal data“ according to the laws of the EU, Switzerland and other applicable local laws which regulate the storage, process, access and transfer of personal data.

Responsible Body

The responsible body in the sense of national data protection laws and the EU General Data Protection Regulation as well as other data protection regulations is:

Diso AG
Länggassstrasse 21
3012 Bern
Switzerland

E-mail: info(at)diso.ch
Tel: +41 31 958 90 98
Fax: +41 31 958 90 99

We have a data protection representative in the EU as an additional point of contact for supervisory authorities and data subjects for all questions related to EU data protection law:

Securize IT Solutions AG
Sendlinger-Tor-Platz 8
80336 Munich
Germany

E-mail: info(at)securize.de
Tel: +49 89 244 192 330
Fax: +49 89 244 192 230

In the following, we inform you about the processing of your personal data in the context of the use of our website. If you have any further questions regarding data protection in connection with our website or the services offered, please contact our data protection officer at info(at)diso.ch

Scope, purpose and legal basis of the processing of personal data

As a matter of principle, we collect and use personal data of our users only to the extent that this is necessary for the provision of a functional website as well as our content and services. The collection and use of personal data of our users is only carried out with the consent of the user. An exception applies in those cases where it is not possible to obtain prior consent and the processing of the data is permitted by legal regulations.

Categories of processed data

Personal Information

You can visit our Web sites without providing any personal information. We may collect your personally identifiable information (such as name, address, telephone number, e-mail address or other identifying information) only when you choose to submit it to us. We may also collect health information about you that you provide by responding to our questions or surveys.

Logfiles

Each time our website is accessed, our system automatically collects data and information from the computer system of the accessing computer.

The following data (“technical information”) is collected in this process:

  • Information about the browser type and the version used.
  • The operating system of the user
  • The user’s Internet service provider
  • The IP address of the user
  • Date and time of access
  • Websites from which the user’s system accesses our website
  • Websites that are accessed by the user’s system via our website
 

The data is stored in the log files of our system. This data is not stored together with other personal data of the user. We process this technical information for network security purposes, e.g. to combat attacks, for marketing purposes, to better understand the needs of our users, and to improve our website offering.

These purposes also constitute our legitimate interest in data processing pursuant to Art. 6 (1) lit. f GDPR. The collection of data for the provision of the website and the storage of the data in log files is absolutely necessary for the operation of the website. Consequently, there is no possibility of objection on the part of the user.

Cookies
We use cookies on our website for a number of purposes. They help us to provide you with a good experience when you browse our website, and also allow us to improve our site. By continuing to browse the site, you are agreeing to our use of cookies. Cookies are small text files stored on your computer system. Please note that some of these cookies are transferred from our server to your computer system, mostly so-called “session cookies”. “Session cookies” are characterized by being automatically deleted from your hard drive upon the end of the browser session. Other cookies remain on your computer system and allow us to recognize your computer system during your next visit (so-called permanent cookies).

 

We use the following cookies:

Strictly necessary cookies
These are cookies that are required for the operation of our website.

Analytical/performance cookies
They allow us to recognise and count the number of visitors and to see how visitors move around our website when they are using it. This helps us to improve the way our website works, for example, by ensuring that users find what they are looking for easily.

Functionality cookies
These are used to recognise you when you return to our website. This enables us to personalise our content for you, greet you by name and remember your preferences (for example, your choice of language or region).

Targeting cookies
These cookies record your visit to our website, the pages you have visited and the links you have followed. We will use this information to make our website and the advertising displayed on it more relevant to your interests. We may also share this information with third parties for this purpose.

Google Analytics and Google Tag Manager

Google Analytics and Google Tag Manager use cookies. The information generated by the cookie about your use of the website will be transmitted to and stored by Google on servers in the United States.

In case IP-anonymisation is activated on this website, your IP-address will be truncated within the area of Member States of the European Union or other parties to the Agreement on the European Economic Area. Only in exceptional cases the whole IP-address will be first transferred to a Google server in the USA and truncated there. The IP-anonymization is active on this website.

Google will use this information on behalf of the operator of this website for the purpose of evaluating your use of the website, compiling reports on website activity for website operators and providing them other services relating to website activity and internet usage.

The IP-address, which your Browser conveys within the scope of Google Analytics, will not be associated with any other data held by Google. You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website.

You can also opt-out from being tracked by Google Analytics with effect for the future by downloading and installing Google Analytics Opt-out Browser Addon for your current web browser:http://tools.google.com/dlpage/gaoptout?hl=en

Youtube-Videos

This website also use the Youtube Embedding feature to display and play videos from “Youtube”, which is owned by Google.

When the playback of embedded Youtube videos starts, the provider “Youtube” uses cookies to collect information about user behavior. According to “Youtube”, these are used, among other things, to capture video statistics, improve user-friendliness and prevent abusive practices.

If you’re logged in to Google, your data will be assigned directly to your account when you click on a video. If you do not wish to associate with your profile on YouTube, you must log out before activating the button.

Google stores your data (even for non-logged-in users) as usage profiles and evaluates them. According to Article 6 (1) (f) of the GDPR, such an evaluation is based on the legitimate interests of Google in the display of personalized advertising, market research and/or tailor-made design of its website. You have a right to object to the creation of these User Profiles, and you must be directed to YouTube to use them.

For more information on data protection at “YouTube”, please see the provider’s Privacy Policy at: https://policies.google.com/privacy

Hotjar

Diso uses the web analysis service Hotjar on websites.

With this tool, movements on the websites (so-called heat maps) can be understood and thereby, feedback to be obtained directly from the users of the website. Hotjar allows Diso to gain valuable information regarding the use of our websites so that we can make our websites faster and more customer-friendly. The portions of our websites where personally identifiable information is displayed/entered by the Diso user or third parties, are automatically hidden from Hotjar and are therefore not traceable.

By visiting Hotjar’s opt-out page and clicking on the option “Deactivate Hotjar” you can prevent Hotjar from collecting your data on this website. This deactivation is possible at any time. For details about data processing by Hotjar, please refer to https://www.hotjar.com/privacy

Leadinfo

We use the lead generation service of Leadinfo B.V., Rotterdam, Netherlands. This recognizes visits by companies to our website based on IP addresses and shows us publicly available information, such as company names or addresses. In addition, Leadinfo sets two first-party cookies to evaluate user behavior on our website and processes domains from form entries (e.g., “leadinfo.com”) to correlate IP addresses with companies and improve the services. For more information, please visit www.leadinfo.com. On this page: www.leadinfo.com/en/opt-out you have an opt-out option. If you opt-out, your information will no longer be collected by Leadinfo.

3. Transfer of your data to third parties

We only transfer your personal data to third parties if the transfer is necessary to fulfill our contractual obligations to you and we are legally entitled or obliged to transfer the data or you have given us your consent to do so.

In certain cases, we also use external service providers or affiliated companies that are commissioned by us to process data for us in accordance with our instructions. Such service providers are contractually bound by us as processors and are not allowed to use your data for any other purposes. Processors engaged by us provide the following services for us in particular: Hosting, assessment services, maintenance and support, and web analytics. The transfer of data to processors is based on our legitimate interest in the economic and technical benefits associated with the use of specialized processors, Art. 6, GDPR.

If we are legally obliged to do so or if this is permitted under data protection law, we transmit personal data to authorities, for example the police or public prosecutor’s office. The transfer of this data is based on our legitimate interest in combating abuse, prosecuting criminal offences and securing, asserting and enforcing claims and that your rights and interests in the protection of your personal data are not overridden, Art. 6, GDPR.

4. Data deletion and storage period

The personal data of the user will be deleted or blocked as soon as the purpose of storage no longer applies or is no longer required. In this context, personal data may be stored for the time during which claims can be asserted against our company (statutory limitation periods may range from three to thirty years).

Storage may also be carried out if this has been provided for by the national or European legislator in legal ordinances, laws or other regulations to which the responsible party is subject. The storage periods are then up to ten years.

Data will also be blocked or deleted if a storage period prescribed by the above standards expires, unless there is a need for further storage of the data for the conclusion or performance of a contract.

5. Right of objection according to Art. 21 GDPR

You have the right to object at any time to the processing of personal data concerning you.

We will no longer process the personal data concerning you unless we can demonstrate compelling legitimate reasons for the processing which override your interests and rights or the processing is for the establishment, exercise or defense of legal claims.

If the personal data concerning you is processed for the purposes of direct marketing, you have the right to object at any time. If you object to the processing for direct marketing purposes, the personal data concerning you will no longer be processed for these purposes.

You have the possibility to exercise your right to object by means of automated procedures and technical specifications usinginformation society services.

6. Rights of the data subject

It is important to Diso AG to make processes for processing personal data transparent. Therefore, we point out that in addition to the right to object, you can exercise other rights if the respective legal requirements are met:

Right to information/right to rectification
You can obtain information from us at any time and free of charge as to whether personal data relating to you is being processed by us and also specifically what data is being stored about you, as well as request a copy of the stored data. You can also have incorrect data corrected and completed.

Right to deletion
You can request the deletion of your personal data. Please note that there are legal obligations to retain data, e.g. for contracts concluded, such as when booking programs, and that we are therefore not permitted to delete your data completely in every case. In this case, your data will be marked with the aim of restricting its future processing.

Right to restriction of processing
You have the right to request a restriction in the processing of your personal data if the accuracy of the personal data is disputed by you, for the period of time that allows the controller to verify the accuracy of the personal data. If the processing is unlawful and you refuse the erasure of the personal data and instead request the restriction of the use of the personal data from us, we will follow the request. Restriction of processing will also take place if we no longer need your personal data for processing purposes, but you need it for the assertion, exercise or defense of your own legal claims, or you have objected to the processing pursuant to Article 21(1) of the GDPR, as long as it has not yet been determined whether the legitimate grounds of the controller override your grounds. You will be informed by us before the restriction is lifted.

Right to data portability
You have the right to receive the personal data concerning you that you have provided to us in a structured, common and machine-readable format, and to transfer this data to another controller without hindrance from us. The prerequisite is that a) the processing is based on consent pursuant to Art. 6, GDPR or Art. 9, GDPR or on a contract pursuant to Art. 6, GDPR and b) the processing is carried out with the help of automated procedures. When exercising the right to data portability, you have the right to request that the personal data be transferred directly from us to another controller, where technically feasible.

To make use of your rights, you can contact us by e-mail at info(at)diso.ch.

7. Consent

You have the right to revoke your declaration of consent under data protection law at any time with effect for the future. The revocation of consent does not affect the lawfulness of the processing carried out on the basis of the consent until the revocation. In some cases, despite the revocation, we are entitled to continue processing your personal data on another legal basis (for the performance of a contract).