Privacy Policy of Fixit AG
Version from 01 September 2024
Introduction
Thank you for your interest in our company. We take the protection of your privacy and your private data very seriously. Protecting your personal data is very important to us.
We collect, process and use your personal data in accordance with the European General Data Protection Regulation (EU GDPR), the Swiss Data Protection Act [Datenschutzgesetz, DSG] and the revised Swiss Data Protection Act [Revidierte Datenschutzgesetz, revDSG], the national data protection regulations applicable to our company and the content of this data protection information.
We would like to inform you which of your personal data we collect, process and use and which rights you are entitled to under data protection law. With the following information, we fulfil our information obligations in accordance with Art. 13 and 14 EU GDPR.
1. Controller / data protection officer / representative
Fixit Group Switzerland is responsible for the data processing described here, unless otherwise stated in individual cases.
If you have any data protection concerns, you can inform us of these at the following contact address:
Fixit AG
Schachen 416
5113 Holderbank
Phone: +41 62 887 53 00
info@fixit.ch
Our representative according to Art. 27 GDPR is:
Eva Borovanova
Our representative according to Art. 27 GDPR is:
Landshuter Straße 30
85356 Freising
Phone: +49 8161 602 490 10
Mobile: +49 151 145 211 83
Eva.Borovanova@fixit-gruppe.com
2. Personal data
Personal data are individual details about your personal circumstances. This includes all information about your identity, such as your name, your email address, your telephone number, your bank details or your postal address.
However, information that cannot be linked to your identity (such as anonymised data for statistical analyses) is not considered personal information.
3. Purposes for the processing of personal data
The primary purpose for processing your personal data via the various communication channels (telephone, post, email, etc.) is pre-contractual consultation and the preparation of offers, contract fulfilment, invoicing and the assertion and safeguarding of contractual claims. If you do not provide us with this data or do not provide it to the extent required, we will not be able to provide the (pre-)contractual services you have requested.
In addition, we process your data for the purposes of further property and customer acquisition, for marketing activities, for statistical purposes and for internal Group data exchange.
4. Legal basis for the processing of data
The data is processed on the basis of the permissions under the EU GDPR, DSG and revDSG, primarily for the performance of contracts, for our own legitimate interests, for the fulfilment of legal and contractual obligations as well as on the basis of your consent.
Categories of personal data:
- customer data;
- supplier and business partner data;
- interested party data;
categories of recipients of the data;
- external service providers within the scope of service provision (e.g., forwarding agent, banks);
- processors (e.g. IT service providers);
- internal processing by integrated specialist departments;
- intra-group processing;
- other external bodies (e.g., auditors and tax consultants, insurance companies);
- public authorities (e.g., tax and financial authorities, social security organisations);
Your personal data will only be passed on to public authorities if we are obligated or authorised to do so by law and/or official or court orders.
Furthermore, we do not pass on the data to third parties without your express consent, in particular not for advertising purposes.
5. Storage duration and erasure periods
We only process your personal data for as long as and to the extent necessary for the above-mentioned purposes of data processing or if we are legally obliged to do so. In doing so, we take into account the corresponding contractual and statutory limitation and retention periods as well as other relevant legal deadlines.
6. Transfer to recipients in third countries – Group companies of the group FIXIT GRUPPE
All companies and branches that belong to our group FIXIT GRUPPE (hereinafter referred to as ‘Group companies’) and have their registered office or place of business in a third country may be recipients of personal data. The addresses of all Group companies can be found on our website www.fixit-gruppe.com. Furthermore, a list of all Group companies can be requested from us or our data protection officer.
The EU Commission has confirmed an adequate level of data protection in Switzerland (Commission Decision 2000/518/EC).
In addition, we will agree on the EU Standard Contractual Clauses with all recipients from third countries before the first transfer of personal data. This ensures that suitable guarantees, enforceable rights and effective legal remedies resulting from the EU Standard Contractual Clauses are guaranteed for all processing of personal data. Any data subject can obtain a copy of the Standard Contractual Clauses from us or our data protection officer.
7. Data protection information for the session with Microsoft teams
Purposes and legal bases of processing
We use the Microsoft Teams tool to conduct telephone conferences, online meetings, video conferences and/or webinars (hereinafter referred to as ‘Microsoft Teams’): ‘Online Meetings’). Microsoft Teams is a service of the Microsoft Corporation.
Please note that this data protection notice only informs you of the processing of your personal data by us if you organise Online Meetings with us. If you access the Microsoft Teams website, the provider of Microsoft Teams is the controller. If you require information about the processing of your personal data by Microsoft, please refer to the relevant Microsoft statement.
Various types of data are processed when using Microsoft Teams. The scope of the data also depends on the data you provide before or when participating in an Online Meeting.
The following personal data is subject to processing:
- IP address;
- user details: e.g., display name, email address, if applicable, profile picture (optional), preferred language;
- meeting metadata: e.g. date, time, meeting ID, telephone numbers, location;
- text, audio and video data: You may have the opportunity to use the chat function in an Online Meeting. In this respect, the text entries you make are processed in order to display them in the Online Meeting. In order to enable the display of video and the playback of audio, the data from the microphone of your end device and from any video camera on the end device are processed accordingly for the duration of the meeting. You can switch off or mute the camera or microphone yourself at any time via the Microsoft Teams applications.
The legal basis for data processing when conducting Online Meetings is Art. 6 (1) lit. b) GDPR, insofar as the meetings are conducted within the framework of contractual relationships.
Insofar as the processing of personal data should be an elementary component of the use of Microsoft Teams, Art. 6 (1) lit. f) GDPR is the legal basis for data processing. In these cases, we are interested in the effective organisation of Online Meetings.
If there is no contractual relationship, the legal basis is Art. 6 (1) lit. f) GDPR. Our interest here is in the effective realisation of Online Meetings.
8. Recipients / disclosure of personal data
Personal data that is processed in connection with participation in Online Meetings will not be passed on to third parties unless it is intended to be passed on. Please note that content from Online Meetings as well as face-to-face meetings is often used to communicate information with customers, interested parties or third parties and is therefore intended to be passed on.
Other recipients: The provider of Microsoft Teams necessarily receives knowledge of the above-mentioned data, insofar as this is provided for in our order processing contract with Microsoft Teams.
9. Transfer of personal data to a third country
Data processing outside the European Union (EU) does not take place, as we have limited our storage location to data centres in the European Union. However, we cannot rule out the possibility that data is routed via Internet servers located outside the EU. This may be the case in particular if participants in an Online Meeting are in a third country.
However, the data is encrypted during transport via the Internet and thus protected against unauthorised access by third parties.
10. Duration of storage of personal data
We generally erase personal data when there is no need for further storage. A requirement may exist, in particular, if the data is still needed to fulfil contractual services, to check and grant or defend against warranty and guarantee claims. In the case of statutory retention obligations, erasure will only be considered after expiry of the respective retention obligation.
11. Quelle der personenbezogenen Daten
In principle, we collect personal data directly from the data subject or in co-operation with an authority, or it originates from transmissions from Group companies. In individual cases, we collect personal data from publicly accessible sources.
12. Rights of the data subjects
If the necessary requirements are met, you have the following rights:
- right of access;
- right to rectification;
- right to erasure;
- right to lodge a complaint with the national data protection authority;
- right to restriction of data processing;
- right to data portability;
If the processing of personal data is based on consent, you have the right to withdraw this consent at any time by any means. This data will then no longer be used unless there is another reason for lawful processing.
If we process data on the basis of a balancing of interests, you as the data subject have the right to object to the processing of personal data, taking into account the provisions of Art. 21 GDPR.
