Privacy Policy

In this Privacy Policy we provide you with information about the personal data that we process in relation to our activities and operations, including our website www.jehleag.ch. We inform you in particular for what purpose, how and where we process personal data, as well as the types of personal data that we process. We also provide you with information about the rights available to the people whose data we process.

Additional privacy policies and other legal documents, such as general terms and conditions of business (GTC), terms of use or terms of participation may apply to individual or additional activities and operations.

We are subject to Swiss data protection law as well as any applicable foreign data protection law, such as in particular European Union (EU) law and the General Data Protection Regulation (GDPR). The European Commission recognises that Swiss data protection law ensures an adequate level of data protection.

1. Contact addresses

Controller:

JEHLE AG
Büntenstrasse 180
CH-5275 Etzgen

Aktivieren Sie Javascript um diese geschützte E-Mail Adresse zu sehen.

Please note that there may be other controllers for data processing purposes in specific individual cases.

2. Definitions and legal bases

2.1 Definitions

Personal data means any information concerning an identified or identifiable natural person. A data subject is a person whose personal data we process.

Processing means any operation which is performed on personal data, irrespective of the means and processes used, such as the consultation, alignment, adaptation, archival, storage, retrieval, sharing, obtaining, recording, collection, erasure, disclosure, ordering, organisation, saving, alteration, dissemination, cross-referencing, destruction or usage of personal data.

The European Economic Area (EEA) comprises the Member States of the European Union (EU) as well as the Principality of Liechtenstein, Iceland and Norway.

2.2 Legal bases

We process personal data in accordance with Swiss data protection law, including in particular the Swiss Federal Act on Data Protection (Swiss Data Protection Act, DSG) and the Swiss Ordinance on Data Protection (Swiss Data Protection Ordinance, DSV).

Where and insofar as the General Data Protection Regulation (GDPR) is applicable, we process personal data with reference to at least one of the following legal bases:

Point (b) of Article 6(1) GDPR where the processing of personal data is necessary for the performance of a contract to which the data subject is party or in order to take steps prior to entering into a contract.

Point (f) of Article 6(1) GDPR where the processing of personal data is necessary in order to uphold legitimate interests pursued by us or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject. Legitimate interests include in particular our interest in conducting our activities and operations on an ongoing basis, in a user-friendly manner, securely and reliably and being able to communicate concerning them, the guarantee of information security, protection against misuse, the enforcement of legal claims available to us and compliance with Swiss law.

Point (c) of Article 6(1) GDPR where the processing of personal data is necessary for compliance with a legal obligation to which we are subject under any applicable law of a member state of the European Economic Area (EEA).

Point (e) of Article 6(1) GDPR where the processing of personal data is necessary for the performance of a task carried out in the public interest.

Point (a) of Article 6(1) GDPR where the processing of personal data occurs with the consent of the data subject.

Point (d) of Article 6(1) GDPR where the processing of personal data is necessary in order to protect the vital interests of the data subject or of another natural person.

3. Nature, scope and purpose

We process personal data that are necessary to enable us to conduct our activities and operations on an ongoing basis, in a user-friendly manner, securely and reliably. These personal data may include in particular master data and contact data, browser and device data, data relating to content, meta data, usage data, location data, sales data as well as data relating to contracts and payments.

We process personal data for the duration necessary for the respective purpose or purposes or required by law. Any personal data that no longer need to be processed are anonymised or erased.

We may arrange for personal data to be processed by third parties. We may process personal data in conjunction with or transmit personal data to third parties. Such third parties include in particular specialist providers that furnish services to us. We guarantee compliance with privacy rights also by any such third parties.

As a general rule, we only process personal data with the consent of the data subject. Where and insofar as processing is permitted on account of another legal basis, we may dispense with obtaining consent. We may process personal data without consent for example for the performance of a contract, in order to comply with legal obligations or in order to uphold overriding interests.

In this regard, we process in particular any information that a data subject has voluntarily provided to us when contacting us – for example via letter, email, instant messaging, the contact form, social media or telephone – or when registering for a user account. We may store this information for instance in an address book, in a customer relationship management system (CRM system) or using comparable auxiliary instruments. If we receive data concerning other persons, the persons transmitting those data to us are obliged to guarantee the privacy rights of these persons and to ensure the accuracy of these personal data.

We also process personal data that we receive from third parties, that we obtain from publicly accessible sources or that we collect when carrying out our activities and operations, where and insofar as such processing is permitted by law.

4. Job applications

We process personal data relating to job applicants, where they are necessary for assessing suitability for an employment relationship or for the subsequent management of an employment relationship. The necessary personal data are contained in particular in any information requested, for example in relation to a job advert. We also process personal data that job applicants provide or publish voluntarily, in particular within a covering letter, curriculum vitae or other job application documents as well as online profiles.

Where and insofar as the General Data Protection Regulation (GDPR) is applicable, we process personal data relating to job applicants in particular in accordance with point (b) of Article 9(2) GDPR.

5. Personal data abroad

We process personal data as a general rule in Switzerland and in the European Economic Area (EEA). However, we may also export or transfer personal data to other countries and process them or arrange for them to be processed in those countries.

We may export personal data to all countries or territories in the world or elsewhere in the universe, provided that the local laws guarantee adequate data protection in accordance with a resolution of the Swiss Federal Council or – where and insofar as the General Data Protection Regulation (GDPR) is applicable – in accordance with a decision of the European Commission.

We may transmit personal data to countries the laws of which do not guarantee adequate data protection, provided that data protection is otherwise guaranteed, in particular on the basis of standard contractual clauses or other suitable guarantees. Under exceptional circumstances, we may export personal data to countries without adequate or suitable data protection, provided that the specific prerequisites under data protection law are met, such as for example the express consent of the data subject or a direct connection with the conclusion of performance of a contract. Upon request, we are pleased to provide information to data subjects concerning any guarantees or to provide copies of any guarantees.

6. Rights of data subjects

6.1 Rights under data protection law

We guarantee all rights to data subjects in accordance with the applicable data protection law. Data subjects have in particular the following rights:

Access: data subjects may obtain confirmation as to whether we are processing personal data concerning them, and if so which personal data. Data subjects will also receive any information that is necessary in order to exercise their rights under data protection law and to ensure transparency. This information includes the personal data processed as such, although also, amongst other things, information concerning the purpose of processing, the duration of storage, any disclosure or export of data to another country as well as the origin of personal data.

Rectification or restriction of processing: Data subjects may obtain the rectification of inaccurate personal data, have incomplete personal data completed and obtain the restriction of processing of their data.

Erasure and objection: data subjects may obtain the erasure of personal data (“right to be forgotten”) and object to any future processing of their data.

Surrender of data and data portability: data subjects may obtain the surrender of personal data or the transfer of their data to another controller.

Where permitted by law, we may defer, restrict or reject the exercise of rights by data subjects. We may refer data subjects to any prerequisites that must be met for the exercise of their rights under data protection law. We may for example refuse to provide information either entirely or in part in order to uphold a business secret or to protect other persons. We may for example also refuse to erase personal data either entirely or in part by invoking statutory retention requirements.

Under exceptional circumstances, we may charge costs for the exercise of rights. We shall inform data subjects in advance concerning any costs.

We are obliged to identify by appropriate means any data subjects who exercise their right of access or any other rights. Data subjects are obliged to cooperate.

6.2 Right to complaint

Data subjects have the right to enforce their rights under data protection law through legal action or to lodge a complaint with a competent data protection supervisory authority.

The data protection supervisory authority for private controllers and federal entities in Switzerland is the Federal Data Protection and Information Commissioner (FDPIC).

Where and insofar as the General Data Protection Regulation (GDPR) is applicable, data subjects have the right to lodge a complaint with a competent European data protection supervisory authority.

7. Data security

We implement appropriate technical and organisational measures to guarantee a level of data security that is commensurate with the respective risk. However, we are unable to guarantee data security.

Our website can be accessed via transport encryption (SSL / TLS, in particular according to Hypertext Transfer Protocol Secure, abbreviated to HTTPS). Most browsers mark transport encryption with a padlock in the address line.

Our digital communication – as is the case in general for any digital communication – is subject to mass observation without any requirement for a specific cause or suspicion as well as other monitoring by security authorities in Switzerland, elsewhere in Europe, the United States of America (USA) and other countries. We are unable to exercise any direct influence on the respective processing of personal data by secret services, police agencies and other security authorities.

8. Usage of the website

8.1 Cookies

We may use cookies. Cookies – either our own cookies (first-party cookies) or cookies of third parties whose services we use (third-party cookies) – are data that are stored in the browser. Any such stored data need not be limited to traditional cookies in text form.

Cookies can be stored in the browser either temporarily as “session cookies” or for a particular period of time as “permanent” cookies. “Session cookies” are automatically erased when the browser is closed. Permanent cookies are stored for a particular period of time. Cookies make it possible in particular to recognise a browser the next time our website is visited, thereby for instance measuring the reach of our website. Permanent cookies can also be used for instance for online marketing.

Cookies can be disabled or erased either entirely or in part in the browser settings at any time. Without cookies, it is possible that our website may no longer be fully available.

It is possible to opt out in general from numerous services that use cookies to measure the success and reach of the website or for advertising via AdChoices (Digital Advertising Alliance of Canada), the Network Advertising Initiative (NAI), YourAdChoices (Digital Advertising Alliance) or Your Online Choices (European Interactive Digital Advertising Alliance, EDAA).

8.2 Server log files

Whenever our website is accessed we are able to record the following information, provided that it is transmitted from your browser to our server infrastructure or can be identified by our web server: date and time including time zone, internet protocol (IP) address, access status (HTTP status code), operating system including user interface and version, browser including language and version, individual pages on our website that are accessed including the volume of data transmitted, and the last website visited using the same browser window (referrer).

We store this information, which may also contain personal data, in server log files. The information is necessary in order to provide our website on an ongoing basis, in a user-friendly manner and reliably and also in order to ensure data security and thus in particular protection for personal data – including by or with the assistance of third parties.

8.3 Tracking pixels

We may use tracking pixels on our website. Tracking pixels are also referred to as web beacons. Tracking pixels – which may also be operated by third parties whose services we use – are small, normally invisible images that are automatically loaded whenever our website is visited. Tracking pixels may record the same information as server log files.

9. Notifications and messages

We send notifications and messages by email and via other communication channels, such as for instance instant messaging or SMS.

9.1 Measurement of success and reach

Notifications and messages may contain online links or tracking pixels that record whether an individual message has been opened and whether any online links have been clicked on. These online links and tracking pixels may register how notifications and messages have been used also by a specific person. We need these statistical records relating to usage in order to measure success and reach, so that we can accordingly send notifications and messages in a more effective and user-friendly manner that takes account of the needs and reading habits of recipients and also do so securely and reliably on an ongoing basis.

9.2 Consent and objection

As a general rule, you need to consent expressly to the usage of your email address and any other contact address for you, unless it can be lawfully used for any other reason. Where possible, we use the “double opt in” procedure in order to obtain any consent, which means that you receive an online link that you have to click to confirm, in order to avoid misuse by unauthorised third parties. For evidentiary and security purposes, we may log any such consent exclusively according to internet protocol (IP) address as well as date and time.

As a general rule, you can object at any time to the receipt of notifications and messages such as for example newsletters. By objecting in this manner, you can also object at the same time to the collection of statistics relating to usage for the purpose of measuring success and reach. The above does not apply in relation to any notifications and messages that are necessary in relation to our activities and operations.

9.3 Messaging and notification services

We send notifications and messages using specialist service providers.

We use in particular:

Mailchimp: communication platform, provider: The Rocket Science Group LLC DBA Mailchimp (USA) as a subsidiary of Intuit Inc. (USA); information concerning data protection: Privacy Policy (Intuit) including “Country and Region-Specific Terms”, “Mailchimp Privacy FAQs”, “Mailchimp and European Data Transfers”, “Security”, Cookie Statement, “Privacy Rights Requests”, “Legal”.

10. Social media

We are present on social media platforms and other online platforms in order to communicate with interested persons and to provide information concerning our activities and operations. It is possible that personal data may be processed also outside Switzerland and the European Economic Area (EEA) within the ambit of such platforms.

The general terms and conditions of business (GTC), the terms of use and the privacy policies and other provisions of the individual operations of these platforms are also applicable. These provisions contain information in particular concerning the rights that data subjects have directly against the respective platform, such as for instance the right of access.

Where and insofar as the General Data Protection Regulation (GDPR) is applicable, we have the status of joint controller along with Meta Platforms Ireland Limited (Ireland) for our social media presence on Facebook, including “Page Insights”. Meta Platforms Ireland Limited is part of Meta (amongst other locations in the USA). Page Insights provide information about how visitors interact with our Facebook profile. We use Page Insights to operate our social media presence on Facebook effectively and in a user-friendly manner.

Further information concerning the nature, extent and purpose of data processing, information concerning the rights of data subjects and contact data from Facebook and the Facebook data protection officer can be found in the Facebook Privacy Policy. We have concluded a “Controller Addendum” with Facebook and thus agreed in particular that Facebook is responsible for guaranteeing the rights of data subjects. The respective information concerning Page Insights can be found on the page “Information about Page Insights” including “Information about Page Insights Data”.

11. Third party services

We use the services of specialist third parties to be able to conduct our activities and operations on an ongoing basis, in a user-friendly manner, securely and reliably. These services enable us, amongst other things, to incorporate functions and content into our website. When embedding such functions and content, the services used record at least temporarily the internet protocol (IP) addresses of users for mandatory technical reasons.

Third parties whose services we use may process data in relation to our activities and operations in aggregated, anonymised or pseudonymised form for necessary security-related, statistical or technical purposes. These may include for instance data relating to performance or usage in order to be able to offer the particular service.

We use in particular:

Google services: providers: Google LLC (USA) / Google Ireland Limited (Ireland) for users in the European Economic Area (EEA) and Switzerland; general information concerning data protection: “Our privacy and security principles”, Privacy Policy, “We are committed to complying with applicable data protection laws”, “Google Product Privacy Guide”, “How Google uses information from sites or apps that use our services” (information from Google), “Types of cookies and other technologies used by Google”, “Settings for personalized ads” (enabling / disabling / settings).

Microsoft services: providers: Microsoft Corporation (USA) / Microsoft Ireland Operations Limited (Ireland) for users in the European Economic Area (EEA), the United Kingdom and Switzerland; general information concerning data protection: “Privacy at Microsoft”, “Data protection and privacy (Trust Center)”, Privacy Policy, Privacy dashboard (data and data protection settings).

11.1 Digital infrastructure

We use services of specialist third parties in order to be able to use digital infrastructure required within the ambit of our activities and operations. These include for example hosting and storage services from selected providers.

We use in particular:

METANET: hosting; provider: METANET AG (Switzerland); information concerning data protection: Privacy Policy, “Technical and organisational measures”.

11.2 Audio and video conferences

We use specialist services for audio and video conferences in order to be able to communicate online. We may for example hold virtual discussions or conduct online training and webinars. The legal documents relevant for the individual services such as privacy policies and terms of use also apply in the event of participation in audio or video conferences.

Depending upon your circumstances at home, we recommend that you switch your microphone to mute as the default setting and blur the background or post a virtual background when participating in audio or video conferences.

We use in particular:

Microsoft Teams: platform amongst other things for audio and video conferences; provider: Microsoft; information specific to Teams: “Privacy and Microsoft Teams”.

11.3 Map material

We use third party services in order to incorporate maps into our website.

We use in particular:

Google Maps including the Google Maps Platform: map service; provider: Google; information specific to Google Maps: “How does Google use location information”.

11.4 Digital audio and video content

We use the services of specialist third parties in order to enable the direct playback of digital audio and video content, such as for example music or podcasts.

We use in particular:

YouTube: video platform; provider: Google; information specific to YouTube: “Privacy and safety center”, “Your Data in YouTube”.

11.5 Documents

We use third party services in order to incorporate documents into our website. These documents may include for example forms, PDF files, presentations, tables and text documents.

11.6 Fonts

We use third party services in order to incorporate selected fonts as well as icons, logos and symbols into our website.

We use in particular:

Adobe Fonts: fonts; provider: Adobe Inc. (USA) for users in North America / Adobe Systems Software Ireland Limited (Ireland) for users in the rest of the world; information concerning data protection: “Adobe Privacy Centre”, Privacy Policy (Adobe Fonts), Privacy Policy (Adobe), “Privacy Questions”, “Adobe Privacy Choices”.

12. Measurement of success and reach

We endeavour to establish how our online content is used. In this regard we may for example measure the success and reach of our activities and operations as well as the efficacy of links on our website. However, we may for example also take samples and compare how different parts or versions of our online content are used (“A/B test” method). Based on the results of the measurement of success and reach, we may in particular rectify errors, enhance popular content or make improvements to our online content.

In most cases, the internet protocol (IP) addresses of individual users are stored when measuring success and reach. In such cases, IP addresses are generally truncated (“IP masking”), thereby complying with the principle of data minimisation thanks to the resulting pseudonymisation.

Cookies may be used and user profiles created when measuring success and reach. Any user profiles generated include for example the individual pages visited or the content viewed on our website, information concerning the size of the screen or browser window and the – at least approximate – location. As a general rule, any user profiles are created exclusively in pseudonymised form and are not used to identify any specific individual users. Some third party services to which users are logged in may potentially allocate usage of our online content to the user account or user profile for the respective service.

We use in particular:

Google Analytics: Measurement of success and reach; provider: Google; information specific to Google Analytics: measurement, also across multiple browsers and devices (cross-device tracking) and using pseudonymised internet protocol (IP) addresses, which are only transferred to Google in the USA under exceptional circumstances, “Safeguarding your data”, “Google Analytics Opt-out Browser Add-on”.

Google Tag Manager: incorporation and management of other services for measuring success and reach along with other services of Google and of third parties; provider: Google; information specific to Google Tag Manager: “Data collected by Google Tag Manager”; further information concerning data protection can be obtained from the individual services incorporated and managed.

13. Final provisions

We have created this data protection declaration with the data protection generator of Datenschutzpartner.

We may amend or supplement this Privacy Policy at any time. We shall provide information concerning any such amendments or supplements in a suitable manner, in particular by publication of the relevant up-to-date Privacy Policy on our website.