Data protection

Legal notice: Data protection

1. Limitation of liability

The content of this website has been created with the utmost care. However, the supplier assumes no liability for the correctness, completeness and actuality of the content provided. The user uses the content of the website at their own risk. Contributions identified by name reflect the opinion of respective author and not always the opinion of the supplier. The use of the supplier's website does not constitute a contractual relationship between the user and the supplier. This website may contain links to third-party websites ("external links"). These websites are subject to the liability of the respective operators. Brütsch/Rüegger does not accept liability for damages which arise directly or indirectly from the use of this website, unless they are a result of intent or gross negligence on the part of Brütsch/Rüegger.
 

2. Intellectual property

The intellectual property contained on this website, such as copyrights, design rights, trademarks, etc., is protected. This website does not constitute a right to use the intellectual property of Brütsch/Rüegger or third parties.
 

3. Copyrights

The content published on this website is subject to Swiss copyright law. Any use not permitted by Swiss copyright law requires prior authorisation in writing from the supplier or the respective copyright holder. This applies in particular to duplication, editing, translation, saving, processing or reproduction of content in databases or other electronic media and systems. Content and rights of third parties are marked as such. Unauthorised duplication or transfer of individual items of content or entire pages is not permitted and is punishable. It is only permitted to create copies and downloads for personal, private and not commercial use.
The display of this website in third-party frames in only permitted with written consent.
 

4. Privacy statement

Brütsch/Rüegger Werkzeuge AG in Urdorf is the operator of the website www.brw.ch and of the services offered via the website, and is therefore responsible for collecting, processing and using your personal data and for ensuring that data processing complies with the applicable data protection legislation. 

We value your trust, therefore we take the issue of data protection seriously and ensure that appropriate security is in place. Naturally, we comply with the statutory provisions of the Federal Act on Data Protection (DSG), the Ordinance to the Federal Act on Data Protection (VDSG), the Telecommunications Act (FMG) and other statutory data protection provisions of Swiss or EU law that may apply, in particular the EU General Data Protection Regulation (GDPR).

Please note the following information so that you know what personal information we collect from you and what we use it for.

 

4.1 Visiting our website

When you visit our website, our server makes a temporary record of each webpage you access in a log file. As part of this process, the following technical data is collected without any action on your part, as it generally is with every connection to a web server, and is retained by us until it is automatically deleted after six months at the latest:

  • the IP address of the computer accessing the website
  • the name of the owner of the IP address range (usually your inter-net access provider)
  • the date and time of access
  • the website from which our website was accessed (referrer URL), together with the search term, where applicable
  • the name and the URL of the retrieved data
  • the status code (error message, for example)
  • your computer’s operating system 
  • the browser you are using (type, version and language)
  • the transfer protocol used (such as HTTP/1.1)
  • where applicable, your user name from registration/authentication

This data is collected and processed in order to allow our website to be used (connection set-up), to ensure the system is permanently secure and robust, to optimise our online services, and for in-house statistical purposes. Herein lies our legitimate interest in processing data within the meaning of Art. 6(1)(f) of the EU GDPR. 

 

4.2 Opening a customer account

In order to place orders in our online shop, you can order as a guest or create a customer account. When you register for a customer account, we collect the following data:

  • company
  • first name and surname
  • postal address
  • telephone
  • e-mail address
  • password
  • tax number

The data is collected in order to provide the customer with password-protected, direct access to the basic data that we store about them. The customer can use their customer account to view their completed and open orders or to manage or change their personal data. 

The legal basis for processing data for this purpose lies in the consent you have provided in accordance with Art. 6(1)(a) of the EU GDPR.

 

4.3 Shopping via the online shop

If you want to place orders in our online shop, we need the following data in order to be able to perform the contract:

  • company
  • first name and surname
  • billing address (and delivery address if different)
  • payment details (depending on the chosen payment method)
  • e-mail address
  • log-in data, i.e. user name and password (for registered customers)

Unless otherwise noted in this privacy statement or unless you have provided separate consent for us to do otherwise, we will only use the aforementioned data in order to perform the contract, namely in order to process your orders, to deliver the products that have been ordered, and to ensure payment is correct.

The legal basis for processing data for this purpose lies in the performance of a contract in accordance with Art. 6(1)(b) of the EU GDPR.

 

4.4 Transferring data to third parties

We will only pass on your personal data if you have provided your express consent for us to do so, if there is a legal obligation to do so, or if this is necessary in order to enforce our rights, in particular to asserts claims arising from the contractual relationship. 

In addition, we will pass your data on to third parties insofar as this is required in relation to the use of the website and performance of the contract (also outside of the website), namely in order to process your transactions. This includes the re-spective transport service providers who have been commissioned to deliver the goods that have been ordered. Two service providers to whom personal data collected via the web site is passed on, or who has or can have access to personal data, are our web development partners, Arcmedia AG, Winkelriedstrasse 37, 6003 Lucerne, Switzerland, and Opacc Software AG, Industriestrasse 13, 6010 Kriens, Switzerland. The data is passed on in order to deliver and maintain our website’s functionalities. Herein lies our legitimate interest within the meaning of Art. 6(1)(f) of the EU GDPR.

In cases where we provide advance deliveries before receiving a payment, e.g. in the case of a purchase on account, we can, where appropriate, appoint a credit agency to carry out a credit check on the basis of mathematical and statistical methods in order to safeguard our legitimate interests. For this purpose, we submit the personal data required for a credit check to the credit agency Creditreform Egeli Zürich AG, Binzmühlestrasse 13, 8050 Zürich, Switzerland, and use the information provided about how likely from a statistical point of view the customer is to fail to make payment in order to make a considered decision as to whether to establish, perform or terminate the contractual relationship. The credit report can include probability values (score values) that have been calculated on the basis of scientifically proven mathematical and statistical methods and on the basis of data such as address details. Your legitimate interests will be taken into account in ac-cordance with the provisions of the law. For the purposes described above, our legitimate interest lies in processing data within the meaning of Art. 6(1)(f) of the EU GDPR.

Finally, if you pay by credit card on the website, we will pass your credit card details on to your credit card provider and to the credit card acquirer. If you decide to pay by credit card, you will be asked to enter all the necessary information. The legal basis for passing on data lies in performing a contract in accordance with Art. 6(1)(b) of the EU GDPR. We ask that you read your credit card provider’s terms and conditions and privacy statement as far as your credit card details being processed by these third parties is concerned.

 

4.5 Transferring data overseas

We are also entitled to transfer your personal data to third party companies (contracted service providers) overseas for the data processing purposes described in this privacy statement. They are bound by data protection to the same extent as we are. If the level of data protection in a country does not correspond to the level of data protection in Switzerland or Europe Union, we will ensure by way of contract that your personal data will be protected to the same level as in Switzerland or in the EU at all times.

 

4.6 Cookies

Cookies help us in many ways to make your visit to our website an easier, more pleasant and more meaningful experience. Cookies are information files which your web browser automatically stores on your computer's hard drive when you visit our website. 

For example, we use cookies to provide you with the shopping basket function over several pages and to temporarily store your input as you complete a form on the website so that you do not have to re-input the details when accessing another sub-page. Cookies may also be used to identify you as a registered user once you have registered on the website, without you having to log in again when you access another subpage.

Most web browsers automatically accept cookies. However, you can configure your browser so that cookies are not stored on your computer or so that a message always appears when you receive a new cookie. On the following pages you will find explanations on how to configure the handling of cookies for the most popular internet browsers:

Disabling cookies may mean that you will not be able to use all the features of our website.

 

4.7 Tracking tools

a. General information

We use the web analytics service provided by Google Analytics to continually optimise our website and to design it on a needs-based basis. In this context, pseudonymised usage profiles are created and small text files ("cookies"), which are stored on your computer, are used. The information generated by the cookies about how you use this website is transferred to the service providers’ servers, where it will be stored and prepared for us. In addition to the data listed under point 1, we may potentially receive the following information:

  • navigation path taken by a visitor to the site
  • time spent on the website or sub-page
  • the sub-page from which the visitor leaves the website 
  • the country, region or city from which the website is accessed 
  • end device (type, version, depth of colour, resolution, width and height of the browser window)
  • returning or new visitors

The information will be used to evaluate how the website is used, to compile reports about activity on the website, and to provide other website and internet us-age services for the purposes of market research and to design this website on a needs-based basis. This information may also be passed on to third parties where required to do so by law, or where third parties process this data on our behalf.

 

b. Google Analytics 

The provider of Google Analytics is Google Inc., a subsidiary of the holding com-pany Alphabet Inc., with headquarters in the USA. Before the data is transmitted to the provider, the IP address is abbreviated by activating IP anonymisation (“anonymizeIP”) on this website within the Member States of the European Union or in other contracting states to the Agreement on the European Economic Area. The anonymised IP address transmitted from your browser as part of the Google Analytics process is not merged with any other Google data. Only in exceptional cases will the full IP address be transferred to a Google server in the USA and abbreviated there. In cases such as these, we use contractual guarantees to en-sure that Google Inc. observes an adequate level of data protection. In accord-ance with Google Inc., the IP address will never be associated with other data relating to the user. 

More information about the web analytics service used can be found on Google Analytics’ website. Instructions on how you are able to prevent your data from being processed by the web analytics service can be found at tools.google.com/dlpage/gaoptout.

 

c. Hotjar 

Brütsch/Rüegger Werkzeuge AG uses the web analytics service Hotjar Ltd. on some websites. Hotjar Ltd. is a European company with headquarters in Malta (Hotjar Ltd, Level 2, St Julians Business Centre, 3, Elia Zammit Street, St Julians STJ 1000, Malta, Europe, tel.: +1 (855) 464-6788).

This tool can be used to track movements on the websites on which Hotjar is used (so-called heat maps). For example, you can identify how far users scroll down and which buttons the users click on and how often they do so. It is also possible to use the tool to obtain feedback directly from the website users. In this way, we gain valuable information to help us make our websites even faster and more cus-tomer-friendly.

When using this tool, we pay particular attention to protecting your personal data. This means we are only able to track which buttons are clicked, mouse move-ments, how far the user is scrolling down, the screen size of the device, device type and browser information, geographical location (just the country) and the preferred language for viewing our website. Areas of the websites in which per-sonal data is displayed about you or a third party are automatically hidden from Hotjar and are therefore cannot be tracked at any time.

Hotjar provides every user with the option of using a "Do Not Track Header" to prevent the Hotjar tool from being used, so that no data about the visit to the re-spective website is recorded. This is a setting supported by all current versions of standard browsers. As part of this process, your browser sends a request to Hotjar with the instruction to disable tracking for the relevant user. In the event that you use different browsers or computers to access the brw.ch website, you need to set the "Do Not Track Header" separately for each of these browsers or comput-ers.

You can find detailed instructions with information for your browser at:

www.hotjar.com/opt-out

You can find more information about Hotjar Ltd. and the Hotjar tool at:

www.hotjar.com

Hotjar Ltd.’s privacy statement can be found at:

www.hotjar.com/privacy

 

d. Facebook plug-ins

A social plug-in for the social network Facebook.com, operated by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA, is integrated into our website. 

When you access our website, which contains a plug-in of this kind, your browser will establish a direct connection to Facebook’s servers. The content of the plug-in is transmitted from Facebook directly to your browser and from there, integrated into in the website. We therefore have no influence over the scope and content of the data which Facebook collects using this plug-in and therefore inform you in keeping with our current understanding. For more information, see: www.facebook.com/help/.

By integrating the plug-in, Facebook receives the information that you have ac-cessed from the corresponding page of our website. If you are logged into Face-book, Facebook can match your visit to your Facebook account. If you interact with the plug-in, such as by pressing the Like button or by adding a comment, the corresponding information will be transmitted from your browser directly to Face-book, where it will be stored. If you are not a member of Facebook, it is still possible that Facebook will detect and store your IP address.

For details regarding the purpose and scope of data collection and further pro-cessing and use of data by Facebook, as well as your rights in this respect and settings options for protecting your privacy, please refer to Facebook’s data pro-tection notice via the following link: www.facebook.com/policy.php.

If you are a member of Facebook and do not want Facebook to either gather information about you via our website or to link it to your member details stored by Facebook, you need to log out of Facebook before visiting our website.

 

e. Facebook RETARGETING/REMARKETING.

We can use Facebook’s "Custom Audience" function to target you as a visitor to our website by advertising on your Facebook wall. To this end, we send your e-mail address to Facebook Inc. in the USA, who matches it against the user e-mail addresses it has stored there, and so is able to determine whether you are also a Facebook user with this e-mail address.

For further information on the purpose and scope of data collection by Facebook, see www.facebook.com/about/privacy/.

In order to prevent our personalised advertising from appearing on your Facebook wall, you can use a different e-mail address to the one you may have registered with Facebook.

Insofar as you accept our privacy policy by deliberately, explicitly and actively clicking on it, you consent to us passing your e-mail address on to Facebook Inc. for remarketing purposes.

You can access the content of your consent at any time via our website. Your consent can be revoked at any time with future effect.

 

4.8 Note on transferring data to the USA 

For the sake of completeness, we point out to users residing in or with a registered office in Switzerland that in the USA, U.S. authorities undertake monitoring activi-ties which generally allow for the storage of all personal data of all individuals whose data has been transmitted from Switzerland to the USA. This takes place without any distinction, restriction or exception based on the aim being pursued and without an objective criterion, allowing the US authorities access to the data, and to restrict subsequent use of the data to very specific, strictly limited purposes, which justify intervention in terms of both access to this data as well as usage of this data. We also point out that there are no legal remedies available in the USA for the individuals concerned from Switzerland, which allows them access to the data pertaining to them or to have their personal data corrected or deleted, nor is there any effective legal protection against general access rights on the part of US authorities. We explicitly point these circumstances and legal position out to those affected so that they can make an informed decision about whether to con-sent to their data being used.

We point out to users residing in a Member State of the EU that the USA does not have a sufficient level of data protection from the point of view of the European Union, due, among other things, to the issues discussed in this section. Where we have outlined in this privacy statement that recipients of data (such as Google) have their headquarters in the USA, we will ensure either by contractual arrangements with these companies or by ensuring that these companies are certified under the EU/Swiss-US Privacy Shield, that your data is adequately protected by our partners.

 

4.9 Right of access, rectification, deletion and restriction of processing; right to data portability

You are entitled to request to receive information about the personal data we have stored about you. You are also entitled to correct inaccurate data and to delete your personal data, provided this does not contravene any statutory retention requirements or any permission which authorises us to process the data.

You are also entitled to demand that we surrender the data that you have provided to us (right to data portability). Upon your request, we will pass your data on to a third party of your choice. You are entitled to receive the data in a standard file format.

You can contact us for the aforementioned purposes via the e-mail address info@brw.ch . We can, at our own discretion, ask for proof of identity in order to be able to process your requests. 

 

4.10 Data security

We make use of appropriate technical and organisational security measures to protect data we store about you from being manipulated, being lost in part or entirely, and to protect against unauthorised access by third parties. Our security measures are continuously improved in line with technological developments.

You should always treat your login details as confidential and close the browser window when you have finished communicating with us, especially if you share your computer with others.

We also take inhouse data protection very seriously. Our employees and ap-pointed service providers are bound to maintain confidentiality and to comply with the provisions of data protection law.

 

4.11 Data storage 

We only store personal data for as long as it is required in order to use the afore-mentioned tracking and analysis services and to continue processing the data within the context of our legitimate interest. Contract details will be retained for longer as there is a legal obligation to retain data. Accounting provisions and tax regulations set out retention obligations which obligate us to retain data. In accordance with these requirements, business communications, signed contracts and accounting records are to be retained for up to 10 years. This data will be blocked if we no longer need it in order to be able to carry out services for you. This means that the data may then only be used for accounting and tax purposes.

 

4.12 Right to file a complaint with a data protection supervisory authority

You are entitled to file a complaint at any time with a data protection supervisory authority.

 

Brütsch/Rüegger may amend this legal information at any time via an update. Furthermore, Brütsch/Rüegger reserves the right to amend, reduce or remove the availability of the website at its own discretion at any time without prior notice.

As of: 17 May 2018