Privacy Policy

Privacy is a matter of trust, and your trust is important to us. Trust begins with transparency. In this privacy statement, we therefore inform you how and why we collect, process and use your personal data. This data protection declaration is based on the European Data Protection Regulation - DSGVO for short - which has established itself internationally as a benchmark for strong, effective data protection.

In principle, Novissa AG, Schulstrasse 1a, 2572 Sutz, is responsible for data processing in accordance with this data protection declaration.

Our data processing activities primarily concern our customers, but also other persons whose personal data we process. In this regard, this privacy notice applies across all of our business areas and regardless of the channel through which you contact us, e.g. in a branch, by phone, in an online shop, on a website, in an app, via a social network, at an event, etc. This privacy policy applies to the processing of both already collected and future personal data. For certain offers and services (e.g. competitions), additional data protection provisions may also apply, which are supplementary to this data protection declaration. This data protection statement does not apply if another company is responsible for a certain data processing. For example, another company may be responsible for a certain data processing, alone or jointly with us, if you visit our social media sites (e.g. Facebook fan pages) or interact with social plug-ins integrated into our websites (e.g. the Facebook "Like" button), if you visit a website of a third party linked by us, or if we disclose personal data to third parties such as authorities (for details on such disclosures, see section 8). In these cases, please consult the privacy policy of the company concerned, which you can usually find on their website.

Data protection law regulates the processing of personal data. This also applies to this privacy statement. "Personal data" means any information that can be associated with a specific natural person, i.e. a human being. "Processing" means any handling of your personal data. In Switzerland, information that relates to a specific legal person (e.g. information about a contract with a company) is also considered personal data.

- Technical data (log files): When you visit our websites, we process personal data depending on the offer and functionality. This includes data automatically collected for technical reasons and stored in log files, so-called log files. These include, for example, the IP address and device-specific information such as the MAC address and the operating system of the end device (tablet, PC, smartphone, etc.), information about your Internet service provider, information about content accessed and the date and time of the visit to the website or information about logins.

- Cookies and similar technologies: Depending on the functionality, we also use cookies. Cookies are small files that our website automatically creates in your browser and that are stored on your terminal device. Cookies contain a unique number (an ID) that we can assign to a specific Internet user, but usually without knowing the user's name, and, depending on the purpose of use, other information, e.g. about pages accessed and the duration of the visit to a page.

- On the one hand, we use session cookies in which, among other things, information about the origin and storage period of the cookie is stored. These cookies are deleted after each visit to our website. We use such cookies, for example, to store a shopping basket over several page views of the user.

- On the other hand, we use permanent cookies that remain stored for a certain period of time even after the end of the respective browser session. Such cookies are used to recognise a visitor on a subsequent visit, e.g. to save language settings over several browser sessions or to display content on the website tailored to your interests. For example, we collect information about your visits, the pages viewed, articles viewed and your shopping basket. After the programmed duration has expired (usually between one month and two years), such cookies are automatically deactivated.

We also use similar technologies such as pixel tags (small image files that are loaded from a server and thereby transmit certain information to the operator of the server) or fingerprints (information about the configuration of a device or about a browser). Some cookies or similar technologies originate from other Novis companies or also from third-party companies. This is the case, for example, when we use third-party functions on our website. It also concerns evaluation services that also work with cookies and similar technologies; you will find further information on this below. This enables our partners to address you with individualised advertising on our websites or on websites of third parties as well as on social networks and to measure their effect.

- User behaviour data: We use Google Analytics on our website, an analysis service provided by Google LLC in the USA. Google uses cookies for this, which enable an analysis of the use of the website. In this way, Google collects information about your behaviour on our website and the end device used for this purpose (tablet, PC, smartphone, etc.). This includes usage data such as the type and version of the browser, the address (URL) of the website from which you accessed our website, the name of your provider, the IP address of the terminal device, the date and time of access to our website, as well as the pages visited and the length of stay. This information is stored on a Google server in the USA. However, your IP address will be shortened beforehand in the EU or EEA. Only in exceptional cases will the full IP address be transferred to the USA. Google is bound by the US Privacy Shield programme in the USA. Based on this information, we receive evaluations from Google. Google Analytics also makes it possible to assign data, sessions and interactions across several end devices to a pseudonymous user ID and thus to analyse the activities of a user who is not known by name across devices. For more information, please see Google's terms of use or privacy policy (https://policies.google.com).

We use similar services from other providers with locations worldwide. These providers may record the user's use of the relevant website, for example through the use of cookies and similar technologies. These records may be linked to similar information from other websites. The behaviour of a particular user can thus be recorded across several websites and across several end devices. The respective provider may also use this data for its own purposes, e.g. for personalised advertising on its own website and on other websites to which it supplies advertising. If a user is registered with the provider, the provider can assign the usage data to this person. For this purpose, he will usually obtain the consent of the person concerned and enable him to revoke this consent according to his specifications. The processing of such personal data here is carried out by the provider under its responsibility and in accordance with its own data protection provisions.

- Social plug-ins: Our websites use social plug-ins, e.g. from Facebook, YouTube, Twitter or Instagram. This displays buttons of the respective providers, e.g. the "Like" button of Facebook, or content of the respective provider is integrated on the website. When you call up a website that uses such a social plug-in, your browser establishes a connection with the provider in question. The content of the social plug-in is transmitted to your browser by the provider concerned and integrated into the website in question by the browser. Through this process, the provider in question receives the following data in particular:

- the information that your browser has called up the website in question;

- the IP address of the device used, even if you do not have an account with the provider.

If you are logged in to the provider in question at the same time, the provider can assign the visit to your personal profile. If you interact with a social plug-in - e.g. press a "Like" button or post a comment - the corresponding information is transmitted from your browser to the provider concerned and stored there. It may also be published on your profile with the provider concerned and displayed to your contacts. If you visit our social media sites (e.g. Facebook fan pages) or interact with social plug-ins integrated into our websites (e.g. the Facebook "Like" button), personal data may also be transmitted directly to the provider concerned or collected and stored by it. The provider of the social network in question is primarily responsible for processing this data. Insofar as we are jointly responsible with the provider in question, we will enter into a corresponding agreement with them, the main content of which you can find out from the provider. Further information on data processing by social network providers can be found in the data protection statements of the relevant social networks (e.g. Facebook, YouTube, Twitter, Instagram).

Provision of the website: The recording of certain log files and use of certain cookies is necessarily associated with the provision of the website and its functions for technical reasons. Other cookies and similar technologies help us to provide and ensure the various features and offerings of our website and to make our website more attractive;

- Website administration: the storage and processing of log files and cookies helps us to maintain and troubleshoot our website, to ensure the security of our website and to combat fraud;

- Website personalisation: we tailor certain areas and content of our website to your needs and interests, for example. by storing your language choices or displaying content in a personalised way;

- User behaviour analysis: we use web analytics services to better understand how our websites are used and to improve their content, functionality and discoverability.

- Advertising: We may target you with interest-based advertising on our websites or on third party websites, or display our advertisements to you as you continue to use the internet after visiting our websites;

- Cookies and similar third party technologies enable those companies to provide services to us or target you with advertisements that may be of particular interest to you.

.If you have a customer account with us, we may also analyse this personal data and link it with other personal data, for example with non-personal statistical information and with other personal data that we have collected about you, in order to derive information about your preferences and affinities for certain products or services. Even if you are not logged in when you visit our website, this data may be assigned to your profile.

You can configure your terminal device so that a notice appears before a new cookie is created. This also allows you to reject cookies. You can also delete cookies from your terminal device. You also have the option of preventing the collection of the data generated by the cookie (incl. your IP address) and the processing of this data by downloading and installing an appropriate browser add-on. However, rejecting or deactivating cookies may mean that you cannot use all the functions of the website. You can prevent the use of Google Analytics by installing an add-on for your browser, a so-called browser add-on. You also have the option to revoke any consent you may have given to the respective providers or to object to their processing, e.g. in the case of Google via https://adssettings.google.com. If you do not want a social network provider to collect data about you via our website, you must log out of the provider in question before visiting our website. Even when logged out, the providers collect anonymised data via the social plug-ins. This data can be assigned to your profile if you log in to the provider concerned at a later time. In these cases, the provider in question processes personal data in each case under its own responsibility and in accordance with its own data protection provisions. If you wish to prevent the provider from assigning data to your profile, you must delete the relevant cookies. You can also completely prevent the loading of social plug-ins with add-ons for your browser, e.g. with NoScript.

We take appropriate security measures of a technical nature (e.g. encryption, pseudonymisation, logging, access restriction, data backup, etc.) and of an organisational nature (e.g. instructions to our employees). We take appropriate security measures of a technical nature (e.g. encryption, pseudonymisation, logging, access restriction, data backup, etc.) and of an organisational nature (e.g. instructions to our employees, confidentiality agreements, checks, etc.) in order to maintain the security of your personal data, to protect it against unauthorised or unlawful processing and to counteract the risk of loss, unintentional modification, unintentional disclosure or unauthorised access. However, security risks cannot generally be completely excluded; certain residual risks are usually unavoidable.

We store your personal data in personal form for as long as it is necessary for the specific purpose for which we collected it, in the case of contracts usually at least for the duration of the contractual relationship. We also store personal data if we have a legitimate interest in storing it. This may be the case in particular if we need personal data to enforce or defend claims, for archiving purposes and to ensure IT security. We also store your personal data for as long as it is subject to a statutory retention obligation. For example, a ten-year retention period applies to certain data. For other data, short retention periods apply in each case, e.g. for recordings from video surveillance or for recordings of certain processes on the Internet (log data). In certain cases, we also ask for your consent if we want to store personal data for longer (e.g. for job applications that we want to keep pending). After expiry of the aforementioned periods, we delete or anonymise your personal data.

You have the right to object to data processing if we process your personal data on the basis of a legitimate interest. You can also object at any time to data processing in connection with direct advertising (e.g. advertising e-mails). This also applies to profiling, insofar as it is connected with such direct advertising. Übersetze nach Englisch (GB) Insofar as the respective applicable requirements are met and no legal exceptions apply, you also have the following rights:

- Right to information: You have the right to be informed in a transparent, clearly understandable and comprehensive manner about how we process your personal data and what rights you have in connection with the processing of your personal data. This privacy statement fulfils this obligation. If you would like further information, please feel free to contact us.

- Right to information: You have the right to request information about your personal data stored by us at any time and free of charge. This gives you the opportunity to check what personal data we are processing about you. In individual cases, the right to information may be restricted or excluded, in particular if there are doubts about your identity or if this is necessary to protect other persons.

- Right to rectification: You have the right to have incorrect or incomplete personal data corrected or completed and to be informed about the correction.

- Right to erasure: You have the right to request the erasure of your personal data if the personal data is no longer necessary for the purposes pursued, you have effectively revoked your consent or effectively objected to the processing, or the personal data is being processed unlawfully. In individual cases, the right to erasure may be excluded, in particular if the processing is necessary for the exercise of freedom of expression or for the exercise of legal claims.

- Right to restriction of processing: You have the right to request that the processing of your personal data be restricted under certain conditions. This may mean, for example, that personal data is (temporarily) not further processed or that published personal data is (temporarily) removed from a website.

- Right to data transfer: You have the right to receive from us the personal data that you have provided to us in a structured, common and machine-readable format, provided that the specific data processing is based on your consent or is necessary for the performance of the contract and the processing is carried out with the help of automated procedures.

- Right of revocation: Insofar as we process your personal data on the basis of consent, you have the right to revoke your consent at any time. The revocation only applies to the future; however, processing activities based on your consent in the past do not become unlawful as a result of your revocation.

You are also free to lodge a complaint with a competent supervisory authority about the way in which your personal data is processed if you believe that the data processing violates applicable law. The competent supervisory authority in Switzerland is the Federal Data Protection and Information Commissioner (FDPIC).

This Privacy Policy may be amended over time, in particular if we change our data processing practices or if new legislation becomes applicable. We will actively notify individuals whose contact details are registered with us of any significant changes where this can be done without disproportionate effort. In general, the data protection statement in the version current at the start of the processing in question applies to data processing in each case.