Data protection Statement
Staufen.Inova AG is happy about your visit to this website and your interest in our products and services. We would like to inform you here that we take protection of your personal data and their confidentiality very seriously. Therefore, we would like to inform you about which data we save when and what purpose we use them for, of course under observation of the applicable data protection provisions, in the following data protection notice. If you have any questions on how your personal data are handled beyond this, please feel free to contact us.
Validity of the data protection statement
The continuous technological further development, changes to the legal situation and our services, as well as other reasons, may require adjustments of our data protection notice. We therefore reserve the right to change this data protection statement at any time and ask you to check the current status periodically. Staufen.Inova AG will not inform you proactively. This data protection declaration shall apply to all Staufen.Inova AG websites and their sub-sites. These may contain cross-references (links) to third-party companies that this data protection declaration does not cover.
General information on data protection at Staufen.Inova AG
Unless presented differently in the following paragraphs, personal data shall generally not be collected, processed or used during use of our websites. When you access our websites, our web servers will automatically record general information. This includes the type of web browser, the operating system used, the domain name of the internet service provider, the IP address of the computer used, the website from which you visit us, the pages that you visit on our site and the data and duration of your visit. We cannot use these data to identify the individual user. We will only statistically evaluate the information and use it only to improve appeal, contents and functions of our websites and to permanently ensure these.
The term of personal data
The term of personal data is defined in the Data Protection Act. According to this, these are individual data about personal or factual situations of a determined or determinable natural person. This includes your actual name, address, phone number or birth date. The EU General Data Protection Regulation (GDPR), which will enter into effect as of May 25th, 2018, defines personal data as follows: Any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
Collection and processing of personal data
Staufen.Inova AG will only collect personal data when you disclose it on your own, e.g. to perform an order, for registration with the academy or an event. You will be informed about the intended purpose of processing and, if necessary, asked to consent to storage. Staufen.Inova AG and its service providers will use the information collected during your registration for performance of our services and to send you offers for further education, also from our partner companies, by mail. We also inform our customers about our interesting further education offers that are similar to the ones they use by phone and email. You may, of course, object to use of your data for advertising purposes towards Staufen.Inova AG, Reitergasse 11, 8004 Zurich, Switzerland, under firstname.lastname@example.org, or revoke your granted consent at any time. Without your consent, the personal data collected in the scope of our websites will be used only for processing of the order or to reply to requests. Only with your consent will your data be used beyond this in a centrally managed customer and potential customer database managed under the responsibility of Staufen AG (Customer Relationship Management Software Microsoft Dynamics). You can revoke your respective consent at any time, effective for the future. Your data will not be sold, rented out or provided to third parties in any other manner than described here. Personal data shall only be submitted to state institutions and authorities in the scope of mandatory national legal provisions. Our employees, cooperation partners and agencies are obligated to strictest secrecy by us.
You have the option of contacting us via our email address or the contact form. Of course, we will use the personal data submitted to us in this manner only for the purpose for which you submit them to us when you contact us. As far as we request any input via our contact form that is not necessary for contacting us, we have always marked this as optional. This information serves to specify your request and improve processing of your request. Disclosure of this information shall expressly be on a voluntary basis and with your consent. As far as this is information on communication channels (e.g. email address, phone number), you also agree that we may contact you through this communication channel as well in order to answer your request. Of course, you may revoke this consent at any time, effective for the future. Please contact email@example.com.
Your data will generally not be transferred to any third parties outside of Staufen.Inova AG, except if we are legally required to do so or if forwarding of the data is required to perform the contract, or if you have expressly consented to passing on of your data. External service providers and partner companies will only receive your data as far as this is required to process your request. In this case, handling of the submitted data shall, however, be limited to the required minimum. As far as our service providers and partners come into contact with your personal data, we will ensure that they comply with the provisions of the data protection laws in the same manner.
Please also note the respective data protection notices of the providers. The respective service providers shall be responsible for the contents of third-party services. We shall review the services for compliance with the statutory requirements at the reasonable scope.
Cookies, IP address, anonymized use evaluation
This website uses Google Analytics, a web analysis service of Google Inc. (“Google”). Google Analytics uses “cookies”, i.e. text files that are stored on your computer and that permit analysis of your use of the website. The information generated by the cookie regarding your use of this website (including your IP address) will be transferred to a server of Google in the USA and stored there. Google will use this information in order to evaluate your use of the website, in order to compile reports on the website activities for the website operators and in order to render further services connected to use of the website. Google may also pass this information on to third parties as far as required by law or as far as third parties process these data on the order of Google. Google shall in no case combine your IP address with any other data of Google. You may prevent installation of the cookies by setting your browser software accordingly; however, please note that you may be unable to use all functions of this website in full then. By using this website, you agree to processing of the data collected about you by Google in the manner and for the purpose described above. By using this internet offer, you agree to processing of the data collected about you by Google in the manner and for the purpose described above.
You may prevent the installation of Google cookies by setting your browser software accordingly and thus prevent collection and processing of your user data. However, please note that you may be unable to use all functions of this internet offer in full.
This website uses Google Analytics. On the order of the operator of this website, Google shall evaluate your use of the website, in order to compile reports on the website activities and in order to render further services connected to use of the website.
Since the coordination of the Hamburg officer for data protection and freedom of information with Google based on the resolution of the Düsseldorfer Kreis on the data-protection-compliant design of analysis methods for determination of the reach of internet offers, it has been possible to use Google Analytics in compliance with data protection and without complaints under certain conditions. Of course, we comply with these requirements. Google Analytics also uses “cookies”. The information generated by the cookie regarding your use of this website is usually transferred to a server of Google in the USA and stored there. You may prevent storage of the cookies by setting your browser software accordingly; however, please note that you may be unable to use all functions of this website in full then. You may also prevent transmission of the data generated by the cookie regarding your use of the website (incl. your IP address) to Google and processing of such data by Google by downloading and installing a browser add-on.
Google Tag Manager
For reasons of transparency, we inform you that we use the Google Tag Manager. The Google Tag Manager does not record any personal data directly. The Tag Manager makes it easier for us to integrate and manage our tags. Tags are small code elements that are used, among others, to measure traffic and visitor behavior and to record the effects of online advertisement and social channels. We use the tag manager for the Google services Google Analytics and GA Audience. If you have deactivated it, this deactivation will be considered by the Google Tag Manager. For more information on the Google Tag Manager, see: https://www.google.com/intl/de/tagmanager/use-policy.html
We use the service Friendly Captcha on our websites, operated by Friendly Captcha GmbH, Am Anger 3-5, 82237 Wörthsee, Germany. This service checks whether the entries on a contact form, for example, are actually made by a human user or by machine or automated programs (“bots”). For this purpose, program code from Friendly Captcha was integrated so that the user’s device can establish a connection to Friendly Captcha’s servers in order to receive a calculation task from Friendly Captcha. The visitor’s device solves the calculation task, which takes up certain system resources, and sends the calculation result to our web server. This contacts the Friendly Captcha server via an interface and receives as a response whether the puzzle was solved correctly by the device. Depending on the result, we can apply security rules to requests via our website and thus, for example, process them further or reject them.
The data is used exclusively for the protection against bots described above. Friendly Captcha does not set or read cookies on the visitor’s device. IP addresses are only stored in hashed (one-way encrypted) form and do not allow us and Friendly Captcha to identify individuals. The legal basis for the processing is the legitimate interest according to Art. 6 para. 1 lit. f EU-GDPR in protecting websites against abusive access by bots, spam protection, and protection against attacks (e.g., mass requests) and in general to detect and prevent abusive or technically damaging use of our website.
For more information about Friendly Captcha’s privacy practices, please visit here
BCdiploma / Provider of Open Badges/ Digital Training Certificates
We use the services of BCdiploma, provided by Blockchain Certified SAS, 104 Avenue Albert 1er, 92500 Rueil Malmaison, France.
BCdiploma is a service for administering, preparing and backing up digital training certificates in Open Badge format. BCdiploma facilitates the issuance of digital and authenticated certificates based on Ethereum blockchain technology.
We offer this service for our own training programs. The use of certificates prepared using BCdiploma by training attendees is voluntary. The type and scope of data depends on the training. If the training attendee uses training certificates created via BCdiploma, their personal data will be processed for the following purposes: Preparation and issuance of training certificates for the training attendee in digital form , making the certificates available to the training attendee by means of a special online link, and the ability for third parties to verify the authenticity of training certificates, insofar as a verification link has been delivered to the third party by the training attendee.
All data that is readily accessible to third parties is encrypted and only such encrypted data will be stored in a public blockchain. Consequently, any other subscriber to the blockchain will only have access to encrypted data. Certificate data is stored in the blockchain so that it remains available for the entire life of this blockchain.
The legal basis for processing is the fulfillment of the contractual relationship by attending the training (Art. 6 (1.b) EU GDPR). Moreover, processing is also based on our legitimate interests (Art. 6(1.f) EU GDPR), specifically to automate and reduce the cost of issuing and storing certificates, to ensure the authenticity of the certificates we issue (and prevent forgery) and to be able to trace how our certificates are used.
Staufen.Inova AG uses technical and organizational safety measures in order to protect your data managed by us from accidental or willful manipulation, loss, destruction or access by unauthorized persons. Our safety measures will be continually improved according to the technological development.
Rights of data subjects
If your personal data are processed, you are a data subject within the meaning of the GDPR and you have the following rights towards the controller:
- Right to information according to section 15 GDPR
You may demand confirmation from us on whether personal data referring to you are processed by us. If we have processed any data on you, you have further information rights named in section 15 GDPR.
- Right to correction
If your data that we have recorded about you are inaccurate or incomplete, you may demand rectification according to section 16 GDPR without delay.
- Right to restriction of processing
Subject to the provisions of section 18 GDPR, you may also demand restriction of processing of the personal data referring to you under certain circumstances. After the restriction, your data must only be processed with your consent or to assert, exercise or defend legal claims or to protect the rights of any other natural person or legal entity, or for reasons of an important public interest of the Union or a member state. We will inform you before the restriction is revoked.
- Right to deletion
If one of the reasons from section 17 para. 1 GDPR is present, you may demand that we erase the personal data referring to you without delay, except if an exception from the deletion obligation according to section 17 para. 3 GDPR applies.
- Right to information
If you have asserted your right to rectification, deletion or restriction of processing against us, we shall be obligated according to section 19 GDPR to inform all recipients of your personal data of this, except if notification is impossible or subject to an unreasonable effort. You also have the right to be informed about the recipients. You have the right to be informed about these recipients by the controller.
- Right to transferability of data
You also have the right according to section 20 GDPR to receive the personal data referring to you from us in a machine-readable format and to transfer the data to another controller without obstruction if the prerequisites of section 20 para. 1 lit. a GDPR are met.
- Right to object
You have the right to object to distribution of the personal data referring to you towards Staufen.Inova AG according to set. 6 para. 1 lit. f GDPR. You have the right to revoke consent granted to us at any time, effective for the future. This shall only require an informal notification of the responsible office or firstname.lastname@example.org. If you revoke your consent, we shall delete your personal data. Data that we must keep due to archiving obligations under the law, articles of associations or contracts, shall be blocked instead of being deleted in order to prevent use for any other purposes.
Staufen.Inova AG shall no longer process your personal data, except if protection-worthy reasons for processing overrule your interests, rights and freedoms or if processing serves to assert, exercise or defend legal claims.
- Right to revocation of the declaration of consent under data protection law
You have the right to revoke your declaration of consent under data protection law at any time by declaration towards Staufen AG. Revocation of your consent shall not affect legality of the processing that took place due to your consent until revocation.
Data protection officer
8004 Zurich, Switzerland
Tel.: +41 44 786 33 11
Fax: +41 44 786 33 80
Staufen.Inova is legally represented by the management (Mr. Jürg Hodel, Mr. Urs Hirt and Mr. Thomas Spiess).