1 Section: General Information
The responsible person in the sense of Art. 5 j) of the Swiss Federal Law on Data Protection (Data Protection Act, "FADP" for short) is:
Stonehaven Cozmix Group AG
legally represented by its Managing Director Matthias Hofer.
1.2 General, principles
With reference to the definition in Art. 5 a) FADP, the term "personal data" means all information that relates to an identified or identifiable natural person. This includes, for example, name, address, e-mail addresses, user behavior. With regard to the other terms, in particular the terms "processing", "controller", "order processor" and "consent", we refer to the legal data protection definitions of Art. 5 FADP.
As a matter of principle, we only process personal data insofar as this is necessary to provide our website and the content and services we offer. The processing of personal data is only carried out in accordance with Art. 6 et seq., 30 et seq. FADP and therefore regularly only if you have given us consent within the meaning of Art. 6 para. 6 FADP or the processing is permitted by law.
We explain the purposes underlying the processing of personal data in the following sections for each of the data processing operations mentioned. If we process personal data for another purpose that does not correspond to the purpose for which the personal data was originally collected, we will inform you of this again.
Insofar as we make use of contracted service providers or wish to use your personal data for advertising purposes, we will inform you in detail about the respective processes below.
We ask you to note that you are not legally obligated to provide personal data. However, we need your personal data in some cases to provide our website and the content and services we offer. We will inform you about this in detail below. Please also note that if you do not provide us with the required data, you may not be able to use our website and/or the content and services we offer. On the other hand, failure to provide voluntary information will not result in any disadvantages.
In some cases, we use external service providers who have been carefully selected and commissioned by us to process personal data. These service providers are bound by our instructions and are regularly monitored by us. You will find more detailed information in the following sections.
Your personal data will be deleted or blocked as soon as the purpose of storage ceases to apply. Storage may also take place if this is provided for by legal regulations to which we are subject. In this case, the data will be blocked or deleted when the storage period prescribed by the respective regulations has expired. The latter does not apply if further storage of the data is necessary for the conclusion or fulfillment of a contract.
If third parties to whom we disclose data are based abroad, we will inform you separately in the following sections. We only disclose personal data abroad if the requirements of Art. 16 to 18 FADP are met.
1.3 Your rights
You have the following rights with regard to the personal data concerning you:
- the right to information according to the regulations of 25 to 27 FADP,
- the right to issue or transfer data in accordance with the provisions of Art. 28 and 29 FADP,
- the legal rights under Art. 32 FADP;
You also have the option of filing a complaint with the FDPIC pursuant to Art. 49 FADP.
2 Section: Processing of personal data when using our website
In the following, we inform you about the acquisition and processing of personal data when using our website https://www.stonehaven-consulting.com/ (hereinafter "website"):
2.1 Processing of personal data during informative use of our website
If you call up our website without registering or otherwise providing us with information ("informational use"), we only collect the personal data that your web browser transmits to our server. If you wish to view our website, we collect the following data, which is technically necessary for us to enable you to view our website and to ensure its stability and security:
- IP address
- Date and time of the request
- Time zone difference from Greenwich Mean Time (GMT)
- Content of the request (concrete page)
- Access status/HTTP status code
- Data volume transferred in each case
- Website from which the request comes
- Operating system and its interface
- Language and version of the browser software.
The aforementioned data is also stored in so-called log files on our servers. Not affected by this are your IP address or other data that allow the data to be assigned to you. A storage of this data together with other personal data of you does not take place.
The collection and temporary storage of the IP address is necessary to enable the delivery of our website to your terminal device. For this purpose, your IP address must be stored for the duration of your visit to our website. The storage of the above-mentioned data in log files serves to ensure the functionality and optimization of our website and to ensure the security of our information technology systems. An evaluation of this data for marketing purposes does not take place . In the above purposes lies our legitimate interest in processing the data. D he processing of your personal data is carried out in compliance with the provisions of the FADP, in particular the principles of Art. 6 et seq., 30 et seq. FADP and is justified by our overriding interest according to Art. 31 Para. 1 and Para. 2 FADP, insofar as you have not given us your consent for this.
We store the above data on servers of [SiteGround] a provider with server locations in Switzerland and USA, with whom we have concluded a commissioned processing agreement in accordance with Art. 9 FADP. This ensures that the standards and regulations of Swiss data protection law are complied with.
The above data for the provision of our website will be deleted when the respective session has ended. A deletion of the data in log files takes place after seven days at the latest. The collection of the above data to provide our website and the storage of this data in log files is mandatory for the operation of our website. There is no possibility to object.
In addition to the above-mentioned data, we use technical aids for various functions when using our website, in particular cookies, which can be stored on your terminal device. Cookies are small text files that are stored on the storage medium of your end device, for example on a hard drive, and through which we, as the body that sets the cookie, receive certain information. Cookies cannot execute programs or transmit viruses to your end device. This website uses the following types of cookies, the scope and functionality of which are explained below.
Cookies that are stored associated with your web browser:
- Transient cookies: These cookies are automatically deleted when you close your web browser. These include, in particular, session cookies. These store a so-called session ID, which can be used to assign various requests from your web browser to the joint session. This makes it possible to recognize your terminal device when you return to our website. Session cookies are deleted as soon as you log out or close the web browser.
- Persistent cookies: These cookies are automatically deleted after a specified period of time, which may differ depending on the cookie. You can delete these cookies at any time in the settings of your web browser.
- Other technologies: These features do not rely on cookies, but on similar technical mechanisms, such as Flash cookies, HTML5 objects, or an analysis of your browser settings. Here, too, you can consent or object.
The cookies also store data and information such as multilingualism (language setting) and entered search terms (search function).
The processing of personal data through the above cookies serves the following purposes:
- Technically necessary cookies: The technical structure of our website requires us to use techniques, in particular cookies. Without these, our website cannot be displayed or used completely and/or without errors. For example, some functions of our website require that your web browser can still be identified after a page change. In these cases, these are basically transient cookies that are deleted after the end of your website visit, at the latest when you close your browser. As far as technically necessary cookies are concerned, our legitimate interest in processing the data lies in the aforementioned purposes. The processing of your personal data is carried out in compliance with the provisions of the FADP, in particular the principles of Art. 6 et seq., 30 et seq. FADP and is justified by our overriding interest according to Art. 31 Para. 1 and Para. 2 FADP, insofar as you have not given us your consent for this.
- Optional cookies (if you give your consent): We set various cookies only after your consent, which you can select during your first visit to our website via the so-called cookie consent tool. The functions are activated only in case of your consent. These cookies are used in particular so that we can analyze visits to our website and thereby improve our website and/or individual functions as well as the user experience as a whole, e.g. also to make it easier for you to use it via different browsers or terminal devices, to recognize you when you visit it again or to place advertisements (possibly also to orient advertisements to interests, to measure the effectiveness of advertisements or to show interest-oriented advertisements).
The above cookies are stored on your terminal device and transmitted from it to our server. You can therefore configure the processing of data and information by cookies yourself. You can make appropriate configurations in the settings of your web browser, through which you can, for example, reject third-party cookies or cookies altogether. In this context, we would like to point out that you may then not be able to use all functions of our website properly. If you wish to prevent data from being processed by Flash cookies, you must make the appropriate settings in your Flash player or install an add-on, e.g. for the Google Chrome web browser the add-on "Adobe Flash Killer Cookie" or for the Firefox web browser the add-on "Better Privacy". If you want to prevent the use of HTML5 storage objects, you must use your web browser in private mode - if available. Alternatively, you can also make the appropriate settings in our Consent Manager. Regardless, we recommend a regular manual deletion of cookies as well as your browser history.
2.3 Other functions and offers of our website
In addition to the aforementioned informative use of our website, we offer various services that you can use if you are interested. For this purpose, it is usually necessary to provide further personal data. We need this data to provide the respective service. The above principles apply to this.
In some cases, we use external service providers who have been carefully selected and commissioned by us to process this data. These service providers are bound by our instructions and are regularly monitored by us.
Insofar as personal data is passed on to third parties in the course of services that we offer together with partners, you can find more detailed information in the following descriptions of the individual services.
If these third parties are based abroad, you can find more detailed information on the consequences of this circumstance in the following descriptions of the individual services.
2.4 Contact us
If you contact us by e-mail, the personal data you send us with your e-mail will be stored. The data will be used exclusively to answer your questions. The data will not be passed on to third parties.
The processing of your above personal data is solely for the purpose of processing your requests. In the above purposes also lies our legitimate interest in the processing of data. The processing of your personal data is carried out in compliance with the provisions of the FADP, in particular the principles of Art. 6 et seq., 30 et seq. FADP and is justified by our overriding interest according to Art. 31 Para. 1 and Para. 2 FADP, unless you have given us your consent for this. If you want to work towards the conclusion of a contract by your question, the processing of personal data is additionally justified by Art. 31 Para. 1 and Para. 2 a) FADP.
Subject to deviating statutory retention periods, the data will be deleted as soon as it is no longer required to achieve the purpose for which it was collected. This is the case when we have finally processed your request.
2.5 Use of the registration form for start-ups
If you would like to have your start-up included in our Start-Up Database, we offer the possibility to use our registration form. You can enter your data in an input mask. This data will be transmitted to us and stored. Mandatory data are marked accordingly and must be entered in full. Otherwise, we will refuse to include your start-up in our start-up database. Further information is voluntary.
The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. This is the case if you wish to have the entry in the Start-Up Database deleted. Legal retention periods remain unaffected.
3 Use of third-party services
We use the following third-party services when processing personal data:
3.1 Use of Google Analytics
We use Google Analytics to analyze the use of our website and to continuously improve individual functions and offers as well as the user experience. Through the statistical evaluation of user behavior, we can improve our offer and make it more interesting for you as a user. The processing of your personal data is carried out in compliance with the provisions of the FADP, in particular the principles of Art. 6 et seq., 30 et seq. FADP and is justified by our overriding interest according to Art. 31 Para. 1 and Para. 2 FADP, insofar as you have not given us your consent for this.
You can prevent the storage of cookies generated by Google Analytics by making the appropriate settings in your web browser. We would like to point out that in this case you may not be able to use all the functions of our website. If you wish to prevent the collection of data generated by the cookie and related to your user behavior (including your IP address) as well as the processing of this data by Google, you can download and install the web browser plugin available under the following link: http://tools.google.com/dlpage/gaoptout?hl=de.
The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. Deletion of user-level and event-level data linked to cookies, user identifiers (e.g., User ID), and advertising IDs (e.g., DoubleClick cookies, Android advertising ID, IDFA (Apple identifier for advertisers) occurs no later than 14 months after their collection.
In order to oblige Google to process the disclosed data only in accordance with our instructions and to comply with the applicable data protection regulations, we have concluded an order processing agreement with Google (Art. 9 FADP).
Even though Google Ireland Limited (see above for address) is responsible for all Google services in Europe, we would like to point out that it cannot be completely ruled out that Google Analytics may also process personal data outside the EU or EEA, such as in the USA, through the parent company Google LLC (see above for address). Insofar as personal data is therefore disclosed in individual cases to foreign countries for which there is currently no international treaty within the meaning of Art. 16 Para. 2 a) FADP, we have standard data protection clauses with Google to ensure adequate protection for the processing of personal data abroad.
In the event of the transfer and processing of personal data in the USA, we would also like to point out that, in the legal opinion of the FDPIC, there is currently no adequate protection for the disclosure of data to the USA in view of the far-reaching access powers of US (intelligence) authorities. From the perspective of data protection law, the USA is a foreign country for which there is currently no international treaty within the meaning of Art. 16 Para. 2 a) FADP. Therefore, please note that US authorities may have unrestricted access to your personal data based on US laws and regulations applicable there (e.g. FISA Section 702, Executive Order 12.333) and that you, as a Swiss citizen, may not be entitled to any legal remedies against this access. We have no influence on measures and access by US (intelligence) authorities. By giving your consent, you declare that you are aware of these risks and agree to them.
Third-party information: Google Ireland Limited, Google Building Gordon House, Barrow St, Dublin 4, Ireland.
Further information on data use by Google, on setting and objection options, and on data protection can be found on the following Google web pages:
- Legal framework for data transfers: https://policies.google.com/privacy/frameworks
- Data use by Google when you use websites or apps on which Google services are used: https://policies.google.com/technologies/partner-sites?hl=de
- Data use for advertising purposes: https://policies.google.com/technologies/ads?hl=de
- Settings for personalized advertising by Google: http://www.google.de/settings/ads
4 Note on our presence in social networks
However, we do not use any social media plugins on our website, only links to the aforementioned social network. A disclosure of personal data to the social media platform does not take place by visiting our website itself.
To maintain our presence on the social media platform, we use the technical platform and services of the social media platform for these information services. We would like to point out that you use our presence on the social media platform and its functions on your own responsibility. This applies in particular to the use of interactive functions (e.g. commenting, sharing, rating). When you visit our website, the provider of the social media platform may collect, among other things, your IP address and other information that is present on your terminal device in the form of cookies.
The data obtained about you in this context will be processed by the provider's platform and may be disclosed abroad, in particular to the USA. According to its own information, the provider maintains an adequate level of data protection, which corresponds to the former Swiss-US Privacy Shield and as a precaution we have concluded the standard data protection clauses with the provider's companies. We do not know in what way the social media platform uses the data from your visit to our account and interaction with our posts for its own purposes, how long this data is stored and whether data is passed on to third parties. The processing of data may differ depending on whether you are registered and logged in to the social network or visit the site as a non-registered and/or non-logged-in user. When you access a post or the account, the IP address assigned to your terminal device is transmitted to the provider of the social media platform. If you are currently logged in as a user, a cookie on your end device can be used to track how you have moved around the network. Buttons embedded in websites enable the provider's platform to record your visits to these website pages and assign them to your respective profile. Based on this data, content or advertising can be offered tailored to you. If you want to avoid this, you should log out or deactivate the "stay logged in" function, delete the cookies present on your device and restart your browser.
To exercise your rights, you can contact both us or the provider of the social media platform. To the extent that one party is not responsible for responding or must obtain the information from the other party, we or the provider will then forward your request to the respective partner. Please contact the provider and operator of the social media platform directly for questions about the profiling, processing of your data when using the social media platform. For questions about the processing of personal data in the context of your interaction with us on our site, write to the contact details provided by us above.
If we further develop our website, services and our offers, it may be necessary to adapt and change our data protection declaration. The same applies if legal or official requirements change.