This Privacy Notice informs you ("you" or "User") about how Thematica SA ("we", "us" or "Thematica") treats your personal data ("Data") according to the Swiss Federal Act on Data Protection ("DPA") and the EU General Data Protection Regulation ("GDPR"), when you use Thematica's website (the "Website").
1. Controller and Contact DetailsController is Thematica SA, Rue de la Fontaine 15, 1204 Geneva, Switzerland, with the Website available at www.thematica.com. You may also contact Thematica by phone +41 (0)22 788 02 00 or email firstname.lastname@example.org. Thematica's EU representative is Datenschutzpartner AG, Hauptstrasse 19, 5742 Kölliken, Schweiz.
2. Collected Data, Purpose and Legal BasisThe processing of personal data is limited to data that is required to operate, provide and secure the Website and related services, as set out in the following table.
Access to the Website
When accessing our Website, the following information about your device may be collected automatically in so called server logfiles: server name, IP address, operating system, type of device, browser name and version, date and time of access, address of the website from which you were redirected to our Website (if applicable).
We use this data based on our legitimate interest (GDPR 6.1.f) to operate and secure our Website, in particular for security reasons to ensure the stability and integrity of our systems.
If you desire to subscribe to our newsletter, we will collect from you the following Data: First Name, Last Name, Company, E-Mail Address. Newsletter subscriptions will follow the double opt-in method.
We use this data based on your consent (GDPR 6.1.a) as part of your subscription request, in order to provide you with our newsletter.
We may analyze your use of our Website with web analysis tools such as Google Analytics (with IP anonymization activated). Further information on the use of data by Google and configuration options can be found here, and information on how to restrict such use here:
We perform basic web analysis based on our legitimate interest (GDPR 6.1.f) to optimize the Website regarding usability and to gain insight about the use of our Website. The collected data will not be merged with other personal data or disclosed to third parties.
If you fill out our contact form, send us an email or another form of electronic message, we may collect such information as your Name, E-Mail Address, Phone Number, Subject Matter and corresponding Message.
We use this data to process your inquiry (GDPR 6.1.a) and possible further questions you might have in relation to our services (GDPR 6.1.b).
Cookies allow us to recognize your browser on your next visit in order to provide you a userfriendly experience based on our legitimate interest (GDPR 6.1.f).
3. Transfer of Data and Crossborder TransfersWe may use service providers in Switzerland for the hosting and operation of our Website. Such service providers may have access to the Data, strictly limited to the performance of their services for us. Otherwise we do not transfer Data to any third parties. We do not transfer your Data to any country outside of Switzerland (or grant access to your Data to anybody in a country outside of Switzerland), with the exception that we share such Data with our newsletter service provider as required to enable such provider to send out the newsletter on our behalf, strictly limited to the performance of such service. To the extent such service provider is located outside of Switzerland or the EEA, appropriate safeguards based on the EU Standard Contractual Clauses have been implemented to ensure an adequate level of data protection.
4. Retention / Storage PeriodsWe will retain/store your Data as follows:
As long as required to enable the requested access and secure the stability and integrity of our systems.
Your Data will be stored for as long as required to provide the newsletter to you. If you do not confirm a subscription request as part of the double opt-in procedure, your related Data will be deleted from our temporary subscription request list and no subscription will take place.
To the extent any personal data is collected at all, such will be stored only for as long as required to perform the analysis and will thereafter be deleted or anonymized.
Your Data will be deleted after responding to / completing your inquiry, if and to the extent (a) we are not legally obliged to retain such Data (e.g. for accounting or document retention purposes) and (b) we do not have an overriding legitimate interest to retain such data for the assessment or exercise of or for the defense against legal claims.
Cookies will be stored on your device for the time period required to achieve the related purpose and will thereafter be deleted by your browser.
5. Right to Object / No Requirement to Provide DataRegarding any processing of your Data based on our legitimate interest (GDPR 6.1.f), you have the right to object to such processing by explaining your particular reasons and circumstances on which your objection is based.
Regarding cookies through which certain Data may be collected, you can block the setting of such cookies at any time by changing the settings in your browser accordingly. You will then be notified whenever your browser attempts to create a cookie and you can decide whether you want to allow the cookie or not. Please note that a deactivation of cookies may result in a limited user experience and you may not be able to use every function of our Website.
You are not required to provide us with any Data. If you do not provide us with certain information, however, we may not be able to process your request or provide you any services.
6. Your Rights as Affected Data SubjectYou have the right to request information about your Data we process. In particular, you have - or may have, depending on the circumstances - the right to:
- Information, i.e. to ask us whether we are processing Data about you, and if so, to provide
you with further information related thereto.
- Correction, i.e. to ask us to correct your Data if it is incorrect or incomplete.
Deletion, i.e. to delete your Data (to the extent we are not under a legal obligation or have
an overriding legitimate interest to retain such Data).
- Restrict Processing, i.e. to ask us to temporarily restrict our processing of your Data.
- Data Portability, i.e. to ask us to provide you in electronic form (to the extent technically
feasible) the Data you have provided to us.
- Withdraw Your Consent i.e. to withdraw your consent if and to the extent you have previously given your consent to any specific purpose of processing of your Data. This will not affect the lawfulness of any processing carried out before you withdraw your consent and it may mean that we will no longer be able to provide such services to you as are dependent on your consent.
In case you wish to exercise any of these rights, please contact us as specified in Section 1. Before responding to your request, we may ask for proof of identity. This helps us to ensure that your Data is not disclosed to any person who has no right to receive it.
7. Data SecurityWe have put appropriate technical and organizational security policies and procedures in place to protect your Data from loss, misuse, alteration or destruction. We limit access to personal data in general. Those individuals who have access to the data are required to maintain the confidentiality of such information.
8. Complaint / Regulatory AuthorityIf you believe that our processing of your Data contradicts the applicable data protection laws, you have the possibility to lodge a complaint with the appropriate data protection authority.
The data protection authority for Switzerland is the Swiss Federal Data Protection and Information Commissioner (FDPIC), Feldeggweg 1, CH-3003 Berne (https://www.edoeb.admin.ch).