Privacy policy

1. introduction

This privacy policy of Fairlane Consulting GmbH, publisher of FACES (hereinafter “FACES”) informs you as a subscriber and user of our magazine “FACES”, our website “faces.ch” and the newsletter of “FACES” (hereinafter “offers”) about the collection and processing of your data (both personal data and non-personal data). We will also inform you about the duration of the processing of your data, the legal basis for the processing – if such processing is necessary – and about the rights to which you are entitled vis-à-vis us with regard to the processing of your personal data. This privacy policy applies to all your data that we already have or that we will have in the future.

Please read this privacy policy carefully. If you do not agree with the data protection declaration, you should not use the FACES services.

2. responsible body

Fairlane Consulting GmbH, based at Bertastrasse 1, 8003 Zurich, Switzerland, is responsible for data processing in accordance with this privacy policy.

For concerns and inquiries related to data protection, please contact info@faces.ch.

3. personal data and proper processing

3.1 Data origin

When using our offers and in contact with “FACES”, e.g. when visiting our website, using one of our other digital services, concluding a contract, registering for an account or contacting us, we collect certain data.

3.2 What is personal data?

The term “personal data” used here includes all information that is or can be assigned to you as a user of the “FACES” services. Irrespective of whether they were entered by you or collected from you or we received them in any other way.

However, the term “personal data” within the meaning of this privacy policy does not include the personal data that you enter yourself and that you manage (hereinafter also referred to as “customer data”). Such customer data is therefore not the subject of this privacy policy. If you provide us with personal data of other persons (e.g. email, name, address, etc.), please ensure that these persons are aware of this privacy policy and only share their personal data with us if you are authorized to do so under applicable data protection law.

3.3 The proper processing of personal data

“FACES” is responsible for monitoring all your personal data. This applies to data that we collect, process and use in connection with your use of the “FACES” services or in any other way.

However, we are not responsible for monitoring customer data. We collect, process and use customer data exclusively in the capacity of data processor on behalf of the respective user and in accordance with the applicable Swiss data protection laws.

If you use our services, we also assume that you are the sole data controller with regard to the personal data in the areas managed by you in relation to “FACES” within the meaning of data protection law. You are therefore responsible for the lawfulness of the collection, processing and use of customer data in accordance with the statutory provisions. You thereby ensure that you are authorized to commission “FACES” and to transfer the customer data to “FACES” as a data processor in this context. The provisions on commissioned data processing can be found in section 9.

3.4 Our handling of your data (processing purpose)

We collect, process and use your personal data for the following purposes:

• To manage, operate, maintain and improve the “FACES” services.
• To assess your eligibility for certain types of offers.
• To support the improvement and personalization of our services.
• For analyses and for researching customer behavior.
• To answer your inquiries in connection with the offers of “FACES”.
• To communicate with you about other matters, such as sending you confirmations, reminders or information about our offers.
• To comply with legal obligations, to prevent the unlawful use of our services, to resolve disputes and to enforce our contractual agreements.
• For other purposes to which you have consented in individual cases.
• In any other way within the framework of the applicable legal provisions.

If required by law, we will ask for your consent before collecting, processing and using your personal data for the above-mentioned purposes. If we wish to use your personal data for another purpose, we will also inform you of this. We only make this use if it is necessary and permissible within the framework of the applicable legal regulations or if you have given your consent.

Only “FACES” and its third-party service providers will have access to your personal data for the above-mentioned purposes.

In order to use our offers, you may have to provide certain personal data that is necessary or legally required for the establishment and processing of the contractual relationship and fulfillment of the associated contractual obligations. Without this data, we will not be able to conclude and execute the contract for the most part. It is also necessary to log access to our digital services and the associated collection of connection data (such as the IP address). This happens automatically during use and cannot be switched off individually. Therefore, if you do not agree to the collection of such data, you should refrain from using our services.

If “FACES” changes its structure and enters into a merger, acquisition, demerger or liquidation (“Transaction”) or a sale of shares or assets, your information may be transferred or assigned by “FACES” to or disclosed to an acquiring company in the event of such a Transaction or in the evaluation of such a Transaction (including letters of intent and/or due diligence). In any case, such disclosure or transfer will be secured by contracts or agreements to ensure that your data is used in accordance with applicable laws.

3.5 Types of data collection and categories

Personal data that we collect, process and use does not only include information that we actively collect while you interact with us. It also concerns information that you voluntarily provide to us on various occasions via our offers. As a result, it is not possible to compile a complete list of all types of personal data. In general, they include the following information:

• Data provided to us when registering for our services, e.g. surname, first name, contact details, access data such as user name and password – stored in encrypted form, information on advertising, opt-ins and opt-outs, etc.
• Data relating to offers and concluded contracts, e.g. contract date, type, content, product, parties, term, value, adjustments, payment details, contact details, contact persons, billing and correspondence addresses, customer feedback, terminations, disputes, etc.
• Data that is collected or made available when registered and unregistered users use our services. These include the IP and MAC address or Device ID of the device used, cookies, pages accessed by users and search terms entered, entries in dialog boxes, calendar entries, ratings, time and duration of visits, clicks, reactions to our offers, referrer/exit URL, information on the time of use, browser and device type, operating system used and Internet service provider, amount of data transferred. We may merge personal data from one of our services with data from another service.
• Data exchanged in or in relation to contact with us, e.g. communication by letter, telephone, e-mail, responses to communication and offers, preferred communication channels, etc.
• Certain offers can collect and store location-based data if the geolocation function of the device used is activated.
• Data provided to us by third parties with whom we maintain business relationships, e.g. directory entries, address databases, mutations of database entries, creditworthiness data, etc.
• Data that you or third parties disclose when participating in competitions, surveys and the like.
• Data from public sources, e.g. commercial register entries, other telephone directories, etc.

4 Our approach to technology

4.1 Use of app cookies

We use various common technologies to collect, store and analyze data when you use our services. These include, in particular, cookies that can be used to identify your browser or device. Cookies are small text files placed in your browser directory. When a website is accessed, a cookie placed on a device sends information to the browser. Cookies are very common and are used on a large number of websites. In addition to so-called In addition to session cookies, which are automatically deleted after a visit to our services, we also use temporary and permanent cookies, which remain stored on your computer or mobile device for longer. The purpose of these cookies is to improve the performance of the website and the user experience. However, cookies can also be used for advertising purposes. You can change your cookie settings or refuse to accept cookies completely. This allows you to limit the amount of personal data we receive. However, please bear in mind that you may then not be able to benefit from some offers or use them.

4.2 Cookies and technologies used

In addition to cookies, we may also use other technologies (e.g. pixels, web beacons, tags, advertising IDs) to analyze the use of our services, to personalize our services and to display offers and advertising tailored to you. When sending newsletters and e-mails, for example, we may use technologies that allow us to analyze which content is of interest to our users and whether, when and how they react to our offers (e.g. by downloading images in an e-mail, clicking on URLs in an e-mail or on a website, filling out form data, etc.). We assume that by using such functions you consent to the use of corresponding technologies.

Finally, we use various common web analysis and tracking tools to measure and evaluate the use of our services. Such tools, which are usually provided by third parties, provide us with information and statistics about the use of our services, which help us to better understand the use of our services and adapt them to user needs.

4.3 Use of social media plugins and integration of third-party offers

We integrate social network plugins (e.g. Facebook, Instagram, YouTube, Twitter, Pinterest) into our services. These plugins make it easier to share content on these platforms.

When you visit our websites that contain such plugins, a connection to the server of the respective provider can be established automatically. Certain data (e.g. time of visit to the service, browser type, IP address) is collected and stored by the service. If you have a user account with one of these providers, they can assign this information to your profile. If you also interact with these plugins (e.g. by clicking on the “Like” button or by posting a comment), this information will also be transmitted to this provider, stored there and, if applicable, published. When using a social login service (e.g. Facebook Connect), the provider may send us personal data such as your name, e-mail address and profile picture that is stored with them.

Please note that the data processing of these third parties is subject to their terms of use and data protection provisions.

4.4 Microsoft Clarity

In this privacy policy, we would like to inform you about the handling of your personal data in connection with the use of Microsoft Clarity. Microsoft Clarity is an analysis tool from Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA (“Microsoft”). When you visit our website, data is collected and processed through the use of Microsoft Clarity.

1. Purpose of data processing

We use Microsoft Clarity to analyze user behavior on our website, to improve user-friendliness and to better tailor our offers to your needs. Microsoft Clarity collects information about the behavior of visitors to our website, such as clicks, mouse movements, scrolling movements and the time spent on individual pages. However, no personal data is collected directly.

2. Scope of data processing

Microsoft Clarity processes the following data:

• IP address (in anonymized form)
• Device type, operating system and browser information
• Date and time of access
• Referrer URL (the previously visited website)
• Information about the use of our website (e.g. clicks, mouse movements, scrolling movements)

3. Legal basis

The legal basis for the processing of the data is Art. 6 para. 1 lit. f) GDPR. Our legitimate interest is to improve the quality of our website and to make its content more user-friendly.

4. Data transfer to third countries

The data collected is transferred to Microsoft in the USA. Microsoft is certified under the EU-US Privacy Shield, which guarantees compliance with a European level of data protection. Further information can be found at: https://www.privacyshield.gov/participant?id=a2zt0000000KzNaAAK&status=Active

5. Storage duration

The data collected by Microsoft Clarity is deleted after 13 months.

6. Possibility of objection and removal

You can object to the collection and processing of your data by Microsoft Clarity by deactivating the use of cookies in your browser. Please note, however, that this may impair the functionality of our website.

7. Further information

Further information on data protection at Microsoft Clarity can be found in Microsoft’s privacy policy: https://privacy.microsoft.com/de-de/privacystatement

If you have any questions or concerns about data protection in connection with Microsoft Clarity, you are welcome to contact us or our data protection officer. You can find the contact details in our privacy policy.

5. publication and forwarding of data

5.1 Forwarding of personal data

We may commission third parties with the provision of certain services, e.g. in the area of IT, operation of applications, administration, printing, dispatch, etc. and with the processing and storage of data (so-called “contract data processors”). Contract data processors may have access to personal data and process it on our behalf. In doing so, we oblige the processors to comply with data protection law and to process data only in the same way as we do ourselves. Processors who may receive personal data may be located in any country, in particular in Switzerland, in countries of the EU and the EEA or in the USA, Canada. We take into account the recommendations and information provided by the national data protection officer, the Federal Data Protection and Information Commissioner (FDPIC)

We do not sell, trade or rent out your personal data. Any communication of personal data is carried out in strict compliance with the applicable legal provisions. The following is a list of possible recipients of your personal data (not exhaustive):

• Fairlane Consulting GmbH
• Third-party service provider
• Courts, enforcement and supervisory authorities

We share personal data where we believe it is necessary to comply with the law or to protect the security of our website or third parties against fraud.

6. protection of your personal data

6.1 What are we doing to protect ourselves?

“FACES” is aware of the importance of data security and data protection. We have therefore designed the use of our services to be as secure as possible. We have put appropriate safety precautions in place. This includes technical and organizational measures against unauthorized access, improper use, modification, unlawful or accidental destruction and accidental loss, both online and offline.

If personal data that is not already public is transferred to a country without adequate data protection, we ensure adequate data protection by using sufficient contractual guarantees, namely on the basis of the EU standard contractual clauses, Binding Corporate Rules, or we rely on the exception of consent, contract performance, the establishment, exercise or enforcement of legal claims, overriding public interests or because it is necessary to protect the integrity of a data subject.

We must also point out that, despite all our efforts to protect your personal data from possible risks and dangers on the Internet, there is no absolute security. We therefore ask you to support our IT security efforts and not to disclose any sensitive data or data that is not required in a specific case. In addition, you can help us to protect your personal data by logging out when you leave an area protected by user login.

6.2 Storage of your data

We store personal data for as long as this is necessary for the purpose for which we collected it. Individual personal data is also subject to legally binding retention obligations of ten or more years, which we must comply with. We may also store personal data for at least the duration of the applicable statute of limitations, which is usually five or ten years. We generally delete personal data that is generated in connection with the use of our services (e.g. protocols, logs, analyses, etc.) and that is not subject to any such retention or limitation periods as soon as we are no longer interested in processing it. Data can also be stored for longer in anonymized form. Subject to an express contractual agreement, we are under no obligation to you to retain data for a certain period of time.

7. sending e-mails, links to other websites

7.1 Storage of your data

We may send you emails for various reasons, for example:

• You have ordered offers from “FACES” or registered or logged in online for offers from “FACES” and thus receive notifications about orders, registrations, logins, etc.
• We will contact you regarding a request made to us.
• We would like to provide you with important information, such as updates, data protection notifications, warnings, etc.
• You have subscribed to our newsletter and/or registered to receive other marketing information.

8. your rights in connection with personal data

You have the right to receive information about the personal data that we store about you free of charge upon request. In addition, you have the right to have incorrect data corrected and the right to have your personal data deleted, provided that this does not conflict with any legal obligation to retain data or an authorization that allows us to process the data. The exercise of such rights generally requires that the data subject can clearly prove their identity.

If the processing of personal data is based on consent, the consent can be revoked by you as the data subject at any time. In EU member states and Within the EEA, you have the right in certain cases to receive the data generated when using online services in a structured, commonly used and machine-readable format that enables further use and transmission. Inquiries in connection with these rights should be sent to info@faces.ch.

We reserve the right to restrict your rights within the framework of the applicable law and, for example, not to provide complete information or not to delete data. We would also like to draw your attention to the fact that if you delete your personal data, our services will no longer be available in whole or in part, or you may not be able to use them. can be used.

Every data subject has the right to lodge a complaint with the competent data protection authority. In the case of a controller in Switzerland, this is the Federal Data Protection and Information Commissioner (http://www.edoeb.admin.ch).