Data Protection Statement
Protecting your privacy is important to us. In this data protection statement, we, DMB Technics AG (hereinafter ‘DMB’, ‘we’, or ‘us’) explain the personal data we collect and process and how we do so. This is not an exhaustive description; in many instances, other data protection statements, general terms and conditions, terms of participation, and other documents govern specific situations. The term ‘personal data’ is understood to mean all information relating to a specific or identifiable person.
We collect and process your personal data carefully, and only for the purposes and to the extent described in this data protection statement and within the limits of applicable law. We retain your personal data only to the extent and for the duration required to provide our service(s) or as required by law. We make every effort to protect your personal data from third-party attacks, loss, misuse or falsification.
This data protection statement is applicable to all data processing of all DMB companies in all regions and has its basis in Switzerland’s Data Protection Act (FADP). It also takes into account the requirements of the EU General Data Protection Regulation (GDPR). Whether and to what extent these laws are applicable, however, depends on the specific situation.
This Data Protection statement is available in a German and an English version. In the event of any discrepancies between these two versions, the German version shall be definitive.
2. Data protection officer
The Legal department of DMB Technics AG is responsible for compliance with the applicable data protection regulations. If you have questions or concerns about data protection, you can contact us at the following address:
DMB Technis AG | Legal | Bösch 41, 6331 Hünenberg | firstname.lastname@example.org
3. Collection and processing of personal data
We primarily process the personal data that we receive in the course of our business relationship with our customers and other business partners, submitted by these parties or other involved individuals, or which we collect from users of our website and other applications.
If you provide us with the personal data of other individuals, please ensure that these individuals are familiar with this data protection statement, and only share their personal data with us if you are authorised to do so and if this personal data is accurate.
Where permissible, we also obtain certain data from publicly accessible sources (e.g. debt collection registers, land registers, commercial registers, the press, the internet) or receive it from governmental authorities or other third parties, especially for the purpose of entering into or concluding contracts with you.
Besides the data that we receive directly from the relevant individual, we may also receive personal data from third parties. Examples include, in particular:
- information from public registers
- information that we receive in connection with administrative or legal proceedings
- information connected to your professional roles and activities (e.g. in the course of a business relationship with your employer)
- information about you from correspondence and conversations (with third parties)
- credit checks (if we are conducting business with you directly)
- information about you that people who know you (family, advisers, legal representatives, etc.) provide us with so that we can enter into or conclude contracts with you or with your involvement
- information from the media and internet about your person (if indicated in the case in hand, e.g. in connection with an application, press review, marketing/sales, etc.)
- your addresses and, if applicable, interests and other socio-demographic data (for marketing)
With every use of our website, certain data is collected and saved in the server’s logfiles (e.g. IP address, MAC address of your smartphone or computer, information about your device and settings, cookies, time and date of visit, pages and content accessed, functions used, referring website, location data). This general data is not connected with a defined individual when it is processed. The collection of this data is technically necessary in order to display our website to you and to ensure its stability and security.
To conduct teleconferences, online meetings, video conferences and webinars, we use M365 Teams and other communication tools. In this context, data such as your user name, information about the device, such as the network and internet connection of each user (IP address, MAC address, device type, operating system, etc.) is processed, as well as other information that the user uploads, provides or creates in the process of using the service. Where applicable, other personal data may also be transmitted between DMB and participants: for example, chat messages, images, files, audio and video recordings, contact details, or metadata used to maintain the service provided. Recordings are only made with prior notification and are saved locally. You can find additional information about the processing of personal data by these communication tools in their respective data protection statements.
4. Purposes and legal basis for data processing
We primarily use the personal data we collect in order to enter into or conclude contracts with our customers and business partners, particularly in connection with the development, consultation and distribution of (customer-specific) displays for our customers, as well as in connection with the sale of products at our suppliers and subcontractors. If you are in the employ of such a customer or business partner, you may also be affected in this role with regard to your personal data. Additionally, we use the collected data to fulfil our legal requirements domestically and abroad.
Furthermore, we process your personal data and that of other individuals – as permitted and indicated – for the following purposes, in which we (and, at times, others) have a legitimate interest for a business purpose:
- the provision and ongoing development of our products, services and websites and other platforms on which we maintain a presence
- communication with third parties and processing of their inquiries (e.g. applications, media inquiries)
- testing and optimisation of processes for analysis of needs for the purpose of direct customer contact, as well as collection of personal data from publicly accessible sources for the purpose of customer acquisition
- sales and marketing (including staging of events), as long as you have not objected to the use of your data (if we send you marketing materials as a regular customer, you may request at any time to stop receiving marketing mails from us)
- marketing and opinion research, media observation
- assertion and defence of claims in connection with legal disputes and administrative proceedings
- prevention of and investigation into criminal acts and other misconduct (e.g. internal investigations, anti-fraud data analysis)
- maintenance of reliable operations, including our IT, website and other platforms in particular
- measures for IT, building and facilities security and protection of our employees and other persons and assets that belong to or are entrusted to us
- purchase and sale of divisions, companies or parts of companies and other business transactions and the transfer of personal data and business management measures associated therewith and to the extent necessary to meet legal and regulatory requirements and DMB’s internal guidelines
If you have provided consent for us to process your personal data for particular purposes (for example, by registering to receive the newsletter), we will process your personal data in connection with and based on this consent, as long as we have no other legal basis and require one. Any consent provided may be revoked at any time, however, this does not have an effect on any previous data processing.
5. Cookies/tracking and other technologies in connection with the use of our website
However, you can set your browser settings so that your browser rejects cookies, saves them for only one session, or otherwise deletes them prematurely. Most browsers are set by default to accept cookies. If you block cookies, certain functions (e.g. language selection) may no longer work.
5.2 Newsletter and marketing emails
With your consent, you can subscribe to our electronic newsletter. You can use the relevant web form to sign up. We may also send you the newsletter in connection with a business or contractual relationship with you. You can withdraw your consent at any time by clicking on the link provided in every newsletter to unsubscribe. You may also inform the data protection officer as listed in section 2 above.
We use the MailPoet Sending Service for our newsletter and other marketing emails. This service allows us to track the opening of and clicks on our emails. We use this information to improve the content of our newsletters and marketing emails. Other than your email address, we do not record any additional identifiable information.
You can learn more about the data that is processed by MailPoet at https://automattic.com/privacy/.
By using our website and consenting to receiving newsletters and other emails, you are consenting to the use of this technology. If you do not wish to have this information processed, you must configure your browser and/or email settings accordingly.
5.3 Web tracking (esp. Google Analytics)
We utilise a variety of technical tracking and analysis systems to measure and evaluate the use of our services. These measurements may be anonymous or tied to specific persons. Data collected by us or by the providers of such technical systems may be transmitted for processing to third parties.
We use Google Analytics, or Tag Manager, Google Fonts and Recaptcha, all services of Google Inc., based in the USA (www.google.com). Data collected in this process may be transmitted to a Google server in the USA or a third country; however, the IP addresses are anonymized so that they cannot be traced. The IP address provided by your browser in connection with Google Analytics is never associated with other Google data. You can decline the collection and processing of this data by these analytical tools by setting an opt-out cookie that prevents future collection of your data when visiting this website. You can find detailed information about this at: http://tools.google.com/dlpage/gaoptout?hl=en
Google Analytics allow us to measure and evaluate the use of the website (not linked to specific persons). The service provider uses permanent cookies for this purpose. Although we can assume that the information we share with Google does not constitute personal data for Google, Google may be able to draw conclusions from this data about the identities of website visitors for its own purposes, create personal profiles, and link this data with the Google accounts of these individuals. in this case, the processing of this personal data by the service provider is the responsible of the service provider in accordance with its own data protection policies. The service provider only shares information with us about how our website is being used (no information about you personally).
We do not use any plug-ins from social networks on our websites.
6. Data transfer abroad
Your personal data will not be transmitted, sold or otherwise provided to third parties except where required for the purpose of contractual implementation or fulfilment of our legal responsibilities or if you have explicitly authorised it. Third parties refers here in particular to distributors, suppliers, subcontractors and/or other business partners and customers. Whenever possible, these recipients are located domestically (in Switzerland), but they may also be located abroad. You should expect in particular that your data may be transmitted to countries in which DMB has branches, agents or other offices and to other countries in Europe and Asia where our business partners are located.
We may also use services provided by third parties such as data processors to process your personal data on our behalf, as required and where permitted by data protection law. For example, we save data to a Microsoft cloud drive. These servers are located, without exception, in the European Union. All these countries are governed by the EU General Data Protection Regulation (GDPR), which ensures a high level of data protection. The cloud provider is regarded as the processor pursuant to the GDPR. In the context of its operation and maintenance of the cloud, the provider theoretically has access to the data.
We enter into agreements for data processing with processors that ensure secure and lawful handling of the data. The agreement obligates the service provider to reliable handling of the data and ensures that the data is used exclusively for contract data processing purposes.
Additionally, data may be transmitted to third parties, e.g. domestic and international authorities, if required by law or by enforceable administrative or judicial order.
If a recipient is located in a country without reasonable data protection laws, we ensure a reasonable level of protection by means of contractual agreements, if they are not already subject to existing legally recognized standards for data protection and we cannot rely on an exemption clause. An exemption may apply in particular to foreign legal proceedings, but also in cases of overwhelming public interest or if implementation of a contract requires such a disclosure of data, if you have provided your consent or if it is a matter of generally accessible data about you for which you have not objected to processing.
7. Retention period for personal data
We process and save your personal data as long as required to fulfil our contractual and legal duties or for the other purposes for which we process. Personal data may be stored for as long as claims may be asserted against our company and where we are legally required to or justifiable business interests require us to store this data. As soon as your personal data is no longer needed for the purposes listed above, it will generally be deleted or anonymized to the extent possible.
8. Data security
We take appropriate technical and organisational security measures for the protection of your personal data from unauthorised access, misuse, loss and destruction. This includes measures such as issuing policies, training, IT and network security solutions, access controls and limits, encryption of data carriers and transmission, as well as pseudonymization and controls.
The security measures are based on the current state of the art, the risks associated with the processing, and the level of protection the data requires. The technical and organisational measures are constantly adapted to new technological developments and organisational changes.
9. Duty to provide personal data
In the context of our business relationship, you must provide any personal data that is required to commence and continue a business relationship and for the fulfilment of the contractual obligations associated therewith (there is generally no legal requirement for you to provide us with data). Without this data, we will generally not be in a position to enter into or conclude a contract with you (or the position or person you represent).
Our website can be used even if your IP address is not visible.
10. Profiling and automated decision-making
We do not use any fully-automated decision-making to initiate or continue our business relationship, or for any other purpose. Should we make use of such processes in isolated cases, we will provide you with special notice thereof where so required by law and inform you of your associated rights.
We do not conduct profiling with personal data and have not integrated profiling into our website.
11. Rights of the data subject
Within the scope of the data protection law applicable to you and where provided by the law, you have the right to information, correction, deletion, the right to restrict data processing and to object to our data processing as well as to the issuance of certain personal data for transfer to another place. Please note, however, that we reserve the right to assert the limitations stipulated by law, for instance, if we are required to store or process certain data, have an overriding interest in it (insofar as we are permitted to invoke it) or require it for the enforcement of claims.
If there are costs associated with your request, we will inform you in advance. We have already informed you in section 4 above of your option of revoking consent. Please note that the exercise of these rights may be in conflict with contractual arrangements and may therefore have consequences such as additional costs or the premature cancellation of your contract. In such cases, we will inform you in advance where this is not already contractually regulated.
The exercise of such rights generally requires you to provide proof of your identity (e.g. with a copy of your identification in cases where your identity is not otherwise clear and/or cannot be verified). To assert your rights, you can contact us at the address provided in section 2.
In addition, every data subject has the right to legally enforce their claims or to submit a complaint to the responsible data protection authority. The responsible data protection authority in Switzerland is the Federal Data Protection and Information Commissioner (https://www.edoeb.admin.ch).
New legal provisions, business decisions or technological developments may require changes to our data protection statement. For this reason, DMB may change the data protection statement at any time without prior notification. The applicable current version is always the version published on our website.
Last updated 28 August 2023
Download Data Protection Statement