Data protection and legal information
In its capacity as owner of this website, Post CH Ltd (“Swiss Post”, “we”, or “us”) processes the data collected when you visit and use this website. Further details about Post CH Ltd are available from the About us section of the website.
The protection of your personal data is of great importance to us. We therefore handle your personal data with great care and in compliance with the applicable statutory data protection provisions, particularly Swiss data protection law and the European General Data Protection Regulation (GDPR).
1. Who owns the data collected and who is responsible for data processing?
Post CH Ltd, Wankdorfallee 4, CH-3030 Berne is the provider of the digital presence and responsible for data processing.
You can contact our data protection officer for the Group and your team by post at the following address: Swiss Post, Ms Gabriele Schmid, Group data protection officer, Wankdorfallee 4, CH-3030 Bernr or by email at: firstname.lastname@example.org.
2. What data do we collect?
When goods are ordered, we will also process the following personal data relating to you:
* Personal information, including contact details, date of birth and address
* Data on the goods ordered
* Contract data
* Login information
* Postal delivery data
* Usage data
2.1 Automatic logging
Our web servers automatically log every visit in a temporary log file. User-specific data (such as the identification data of the browser used, the operating system of the requesting computer, the amount of data transferred, the name of the Internet Service Provider, the date and time of access) and technical data (such as the name and URL of the referring web page at the time that the website was accessed via a link and, additionally, the search term if it was accessed via a search engine) are logged and analyzed anonymously. First and foremost, this data is needed to enable the use of our content (connection set-up), and is also used for
internal, system-related purposes – such as technical administration and system security – and optimizing your search experience. As part of this, so-called cookies may be used (see section 4 below). IP addresses are used for automated security checks, e.g. automatically verified to combat fraud and immediately deleted. For the purposes of the GDPR, our justification for this comes from the need to implement pre-contractual measures and from our legitimate interest pursuant to Art. 6 para. 1 letters b and f GDPR.
2.2 Additional data processing
To be able to order goods, you must provide personal data such as your name, address and e-mail address. The data is processed in accordance with a contractual agreement and the associated General Terms and Conditions (GTC).
Payment can only be made by credit card. A secure SSL connection to PostFinance is established for this as part of the order process. Payments for goods are made via the credit card providers shown on the shop. We do not process this data, nor do we have any access to your details. The relevant provisions of PostFinance and its partners apply to the recording of payment data.
In addition, we process personal data when you decide to send it to us; for example, by sending us a message via our contact forms. The information you provide us with will be recorded in our IT systems.
3. How do we use your data?
Data processing helps us to develop and improve our digital presence and to optimize our range of services. We use the data collected by automatic logging for the following purposes:
* To enable your use of the digital presence (establishing a connection).
* For internal management of the website, for example technical administration and maintenance of system security.
* To optimize user friendliness, we collect statistics on user behaviour on our website. This data is analyzed (see also section 4.4).
* To process orders
* To tailor our website to specific target groups (with targeted content or information on the website that may be of interest to you).
* To prevent fraud and improve the security of the website.
In the areas of validity of the GDPR, the basis for processing can be found in Art. 6 para. 1 letters b and f GDPR.
4.1 What is a cookie?
A cookie is a text file with short data sequences (a sequence of letters and numbers) that by itself cannot perform any operations. This text file is transferred to your browser by the web server when you visit a website. The cookie is stored on your local computer.
In the areas of validity of the GDPR, the basis for processing can be found in Art. 6 para. 1 letter a GDPR.
We use the following cookie categories:
- Necessary: these cookies are necessary for our website to function properly and to provide you with the basic shop functions. They are also necessary for security checks and to combat fraud.
- Marketing: these cookies collect information on your usage behaviour in order to provide you with personalized sponsored contents about our products. We may share this information and a customer identification such as an encrypted e-mail address or device data with third parties such as Facebook and Google in order to present you with relevant advertisements on third-party websites and apps.
- Personalized: these cookies collect information on your usage behaviour and your preferences in the shop in order to identify your shopping preferences and present you with personalized content from our shop or from our shop partners.
- Convenience: these cookies enable us to provide greater functionality and personalization, e.g. by analyzing the websites you have used previously.
You can view which cookies are being run in your browser’s log. You can delete cookies in your browser security settings at any time and change your preferences in your browser too.
We use selected cookies from third-party providers (known as third-party cookies). Necessary cookies are set automatically, including those from the company Shopify (see section 8). All other cookies are only set after obtaining your consent. This particularly includes cookies from the following providers:
* Google Analytics Remarketing, the provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
This function allows the advertising target groups created with Google Analytics Remarketing to be linked to the cross-device functions of Google AdWords and Google DoubleClick. This allows interest-based, personalized advertising messages that were tailored to you based on your earlier usage and surfing behaviour on one device (e.g. mobile phone) to also be shown on another of your devices (e.g. tablet or PC).
If you have given permission, Google will link your web and app browser history to your Google account for this purpose. In this way, the same personalized advertising messages can be displayed on every device with which you log in to your Google account.
To support this function, Google Analytics collects users’ Google-authenticated IDs, which are temporarily linked to our Google Analytics data for the purpose of defining and creating target
* Google AdWords and Google conversion tracking; the provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
We use so-called conversion tracking within the framework of Google AdWords. A cookie for the conversion tracking is placed when you click on an advertisement shown by Google. These cookies lose their validity after 30 days and are not used to personally identify users. If the user visits certain pages of this website and the cookie is still valid, Google and we may recognize that the user has clicked on the advertisement and was redirected to this page.
Every Google AdWords customer receives a different cookie. The cookies cannot be tracked on the websites of Google AdWords customers. The information collected with the help of the conversion cookie serve the purpose of creating conversion statistics for AdWords customers that have opted for conversion tracking. The customers find out the total number of users who clicked on their advertisement before being forwarded to a site equipped with a conversion tracking tag. However, they do not receive any information with which they can personally identify users. If you do not want to take part in the tracking, you can object to this use by disabling the Google conversion tracking cookie via the user settings in your Internet browser. In this way, you will not be included in the conversion tracking statistics.
* Facebook pixel; the provider is Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA (“Facebook”).
This enables the behaviour of page visitors to be tracked after they were redirected to the provider’s website after clicking on a Facebook advertisement. This allows the effectiveness of Facebook advertisements to be assessed for statistical and market-research purposes and future advertising measures to be optimized.
The collected data is anonymous for us as the operators of this website and we cannot draw any conclusions about the identity of the users. The data is, however, stored and processed by Facebook so that a connection can be made to the respective user profile and so that Facebook can use the data for its own advertisement purposes in accordance with the Facebook Data Policy. This allows Facebook to show advertisements on Facebook pages as well as outside of Facebook. We, as site operators, cannot influence this use of data.
You can find more information about how to protect your privacy in Facebook’s Data Policy: https://facebook.com/about/privacy/.
You can also disable the “custom audiences” remarketing function in the “ad preferences” area at https://www.facebook.com/ads/preferences/entry_product=ad_settings_screen. You must be logged into Facebook to do this.
If you do not have a Facebook account, you can disable Facebook’s usage-based advertisements on the European Interactive Digital Advertising Alliance’s website: https://www.youronlinechoices.com/uk/your-ad-choices
4.4 How safe is it to enable cookies?
It is safe to activate cookies when visiting our digital presence. When using a third-party computer, however, we recommend deleting cookies and your browser history to prevent subsequent users from being able to see your surfing behaviour.
5. What web analytics services do we use?
Where the GDPR applies, the processing is based on Art. 6 para. 1 letter f GDPR.
6. Social media plugins
On certain sites we use the Facebook, Twitter and WhatsApp sharing functions. This allows you to share individual content. To protect your data and privacy, we use the two-click method for recommendations in social networks. The privacy policies of the individual social networks apply to the processing of this data. Where the GDPR applies, the processing is based on our legitimate interest in accordance with Art. 6 para. 1 letter f GDPR.
7. Contactung us via e-mail or the contact form
If you contact us via e-mail or the contact form, we will store the information you share with us (name, e-mail address, telephone number) in order to answer your queries. We delete data arising in this context when it no longer needs to be stored, or restrict the processing if there are legal storage obligations. This data is processed on the basis of Art. 6 para. 1 letter b GDPR, provided that your request is related to the fulfilment of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on our legitimate interest (Art. 6 para. 1 letter f GDPR), since we have a legitimate interest in the effective processing of the queries we receive.
8. Will we share your data with anyone else?
Swiss Post may involve third parties to render services and is entitled to supply the necessary data to the third parties involved. In particular, Swiss Post is authorized to transfer your personal data to our contractual partners for further processing in accordance with this Privacy
Policy. These third parties may also process data outside Switzerland and the European Union.
The shop is hosted by the company Shopify, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland in its data center in Canada. The company Shopify processes data on our behalf and is subject to the same obligations regarding guaranteeing data protection as Swiss Post itself.
In addition, data will be disclosed to third parties only within the parameters described in the sections above. We will retain your information for no longer than necessary and it will remain confidential. This excludes transmission of data to governmental institutions and authorities as well as to private persons with a right thereto based on statutory regulations, court orders or regulatory decisions, as well as its transfer to governmental institutions for the purposes of taking legal action or prosecution should our legally protected rights be challenged.
9. Your rights
9.1 Amendment, blocking and deletion / withdrawal of consent
You have the right to request information on the processing of your personal data and can seek its amendment, blocking or deletion.
9.2 Contact information
If you have questions, suggestions or concerns in relation to the handling of your data, you are welcome to contact us by e-mail: email@example.com
10. How secure is your data?
The data we collect and save is treated confidentially and, using appropriate technical and organizational precautions, protected from loss or manipulation as well as from unauthorized access by third parties.
The information that is exchanged between your hardware and us is encrypted, with the exception of e-mails, which are not encrypted and are therefore exposed to the typical security risks for this means of communication.
We do not accept liability for any unauthorized access or loss of personal data that is beyond our control.