Privacy Policy
The purpose of this Privacy Policy is to inform you which personal data we process in connection with our activities, including our website www.swd-technology.com. In particular, we provide information on why, how and where we process which personal data. We also provide information on the rights of individuals whose data we process.
For individual or additional activities and ventures, further privacy policies and other legal documents such as the General Terms and Conditions (GTC), Terms of Use or Terms of Participation may apply.
We are subject to Swiss data protection law as well as any applicable foreign data protection law, in particular that of the European Union (EU) in the form of the General Data Protection Regulation (GDPR). The European Commission recognizes that Swiss data protection law guarantees an adequate level of data protection.
1. Contact addresses
Controller for processing personal data:
SWD AG Stator- und Rotortechnik
Kaisermatt 3
5026 Densbüren
Switzerland
In individual cases, there may be other controllers for processing personal data or joint controllers with at least one other controller.
2. Terms and legal basis
2.1 Terms
Personal data are all information relating to an identified or identifiable natural person. A data subject is a person about whom we process personal data.
Processing includes any handling of personal data, regardless of the means and procedures used, for example querying, aligning, adapting, archiving, storing, retrieving, disclosing, obtaining, recording, collecting, gathering, deleting, publishing, ordering, organizing, saving, modifying, disseminating, linking, destroying and using personal data.
The European Economic Area (EEA) comprises the Member States of the European Union (EU) plus the Principality of Liechtenstein, Iceland and Norway. The General Data Protection Regulation (GDPR) defines the processing of personal data as the handling of data related to a person.
2.2 Legal basis
We process personal data in accordance with Swiss data protection law, in particular the Federal Act on Data Protection (Data Protection Act, FADP) and the Ordinance on Data Protection (Data Protection Ordinance DPO).
We process – if and to the extent that the General Data Protection Regulation (GDPR) is applicable – personal data in accordance with at least one of the following legal bases:
- Article 6(1)(b) GDPR for the processing of personal data necessary for the performance of a contract with the data subject and to take steps prior to entering into a contract.
- Article 6(1)(f) GDPR for the processing of personal data necessary to protect our legitimate interests or those of third parties, unless this is overridden by the fundamental rights and freedoms and interests of the data subject. Legitimate interests include, in particular, our interest in carrying out our activities and ventures on a long-term, user-friendly, secure and reliable basis as well as being able to communicate about them, guaranteeing information security, protecting against misuse, enforcing our own legal claims and complying with Swiss law.
- Article 6(1)(c) GDPR for the processing of personal data necessary to comply with a legal obligation to which we are subject under the applicable law of Member States of the European Economic Area (EEA).
- Article 6(1)(e) GDPR for the processing of personal data necessary to perform a task carried out in the public interest.
- Article 6(1)(a) GDPR for the processing of personal data with the consent of the data subject.
- Article 6(1)(d) GDPR for the processing of personal data necessary to protect the vital interests of the data subject or another natural person.
3. Type, scope and purpose
We process the personal data that is required to be able to carry out our activities and ventures on a long-term, user-friendly, secure and reliable basis. In particular, such personal data may fall into the categories of inventory and contact data, browser and device data, content data, metadata or marginal data and usage data, location data, sales data as well as contract and payment data.
We process personal data for the duration that is required for the respective purpose or purposes or by law. Personal data which no longer needs to be processed is anonymized or deleted. We may have personal data processed by third parties.
We may process personal data together with third parties or transfer it to third parties. Such third parties are, in particular, specialized providers whose services we make use of. We also guarantee data protection at such third parties.
We process personal data generally only with the consent of the data subjects. If and to the extent that processing is permissible for other legal reasons, we may chose not to obtain consent. For example, we may process personal data without consent to perform a contract, to comply with legal obligations or to protect overriding interests.
We also process personal data that we receive from third parties, obtain from publicly accessible sources or collect in the course of our activities and ventures, if and insofar as such processing is permitted for legal reasons.
4. Communication
We process personal data in order to be able to communicate with third parties. In this context, we process in particular data that a data subject transmits when contacting us, for example by letter post or email. We may store such data in an address book or with similar tools.
Third parties who transmit data about other persons are obliged to guarantee data protection to such data subjects. Among other things, the accuracy of the personal data transmitted must be ensured.
We use selected services from suitable providers in order to be able to communicate better with third parties.
5. Applications
We process personal data about applicants to the extent necessary to assess their suitability for employment or for the subsequent execution of an employment contract. The necessary personal data result in particular from the information requested, for example in a job advertisement. We may publish job advertisements with the help of suitable third parties, for example in electronic and printed media or on job portals and job platforms.
We also process personal data that applicants voluntarily disclose or publish, in particular as part of covering letters, CVs and other application documents as well as online profiles.
Where and to the extent the General Data Protection Regulation (GDPR) is applicable, we process personal data about applicants in particular in accordance with Art. 9(2)(b) GDPR.
We use selected services of suitable third parties to advertise jobs via e-recruiting and to enable and manage applications. We use in particular:
- Abacus Human Resources: HR management, in particular applicant management; providers: Abacus Research AG and other Abacus Group companies (Switzerland, Germany); data protection information: Privacy Policy.
6. Data security
We take appropriate technical and organizational measures to ensure data security appropriate to the respective risk. Through our measures we ensure in particular the confidentiality, availability, traceability and integrity of the personal data processed, but without being able to guarantee absolute data security.
Access to our website and our other online presence is carried out using transport encryption (SSL/TLS, in particular Hypertext Transfer Protocol Secure, or HTTPS for short). Most browsers mark transport encryption with a small padlock in the address bar.
Our digital communication – like generally all digital communication – is subject to mass surveillance without cause or suspicion by security agencies in Switzerland, the rest of Europe, the United States of America (USA) and other countries. We cannot exert any direct influence on the corresponding processing of personal data by secret services, police forces or other security agencies. We also cannot rule out the possibility that individual data subjects may be monitored in a targeted manner.
7. Personal data abroad
We process personal data generally in Switzerland and the European Economic Area (EEA). However, we may also export or transfer personal data to other countries, in particular to process or have it processed there.
We may export personal data to all states and territories on earth and elsewhere in the universe provided local law guarantees adequate data protection in accordance with a decision of the Swiss Federal Council and – if and to the extent that the General Data Protection Regulation (GDPR) is applicable – adequate data protection in accordance with a decision of the European Commission.
We may transfer personal data to countries whose law does not guarantee adequate data protection provided the data protection is ensured for other reasons, in particular on the basis of standard data protection clauses or other appropriate safeguards. In exceptional cases, we may export personal data to countries without adequate or suitable data protection if the special data protection requirements are met, for example the express consent of the data subjects or a direct connection with entering into or processing a contract. On request, we will be happy to provide data subjects with information about any guarantees or provide a copy of any guarantees.
8. Rights of data subjects
8.1 Data protection entitlements
We grant data subjects all entitlements under the applicable data protection law. In particular, data subjects have the following rights:
- Information: Data subjects may request information as to whether we process their personal data and, if so, what personal data is involved. Data subjects also receive the information they need to enforce their data protection entitlements and ensure transparency. This includes the personal data processed as such, but also details on the purpose of processing, the duration of storage, any disclosure or export of data to other countries and the origin of the personal data.
- Rectification and restriction: Data subjects can have inaccurate personal data rectified, incomplete data completed and restrict the processing of their data.
- Erasure and objection: Data subjects can have personal data erased (“the right to be forgotten”) and object to the processing of their data with effect for the future.
- Data release and transfer: Data subjects may ask for their personal data to be released or transferred to another controller.
We may postpone, restrict or refuse the exercise of the rights of data subjects to the extent permitted by law. We may inform data subjects of any requirements that need to be met in order to exercise their rights under data protection law. For example, we may refuse to provide information in whole or in part with reference to trade secrets or to protect other persons. For example, we may also refuse to erase personal data in whole or in part with reference to statutory retention obligations.
We may impose charges for exercising rights in exceptional cases. We inform data subjects of any costs in advance.
We are obliged to take appropriate measures to identify data subjects who request information or assert other rights. Data subjects are obliged to cooperate.
8.2 Legal protection
Data subjects have the right to enforce their data protection entitlements through legal channels or to file a notification or complaint with a competent data protection supervisory authority.
The data protection supervisory authority for complaints by data subjects against private controllers and federal bodies in Switzerland is the Federal Data Protection and Information Commissioner (FDPIC).
European data protection supervisory authorities for complaints from data subjects – if and to the extent that the General Data Protection Regulation (GDPR) is applicable – are organized as members of the European Data Protection Board (EDPB). In some member states in the European Economic Area (EEA), data protection supervisory authorities are federal, particularly in Germany.
9. Use of the website
We may use cookies. Cookies – both our own cookies (first-party cookies) and cookies from third parties whose services we use (third-party cookies) – are files that are stored in the browser. Such stored data need not be limited to traditional cookies in text form.
Cookies can be stored in the browser temporarily as “session cookies” or for a certain period of time as permanent cookies. Session cookies are automatically deleted when the browser is closed. Permanent cookies have a set storage period. In particular, cookies enable us to recognize a browser the next time you visit our website and thus measure the reach of our website, for example. However, permanent cookies can also be used, for example, for online marketing.
Cookies can be disabled or deleted in whole or in part at any time in the browser settings. Without cookies, our website may no longer be fully available. We actively request – at least if and to the extent necessary – your explicit consent to the use of cookies.
For cookies used for performance and reach measurement or for advertising, a general opt-out is possible for many services via AdChoices (Digital Advertising Alliance of Canada), the Network Advertising Initiative (NAI), YourAdChoices (Digital Advertising Alliance) or Your Online Choices (European Interactive Digital Advertising Alliance, EDAA).
9.2 Logging
For each visit to our website and other online presence, we may log at a minimum the following details, provided these are transmitted to our digital infrastructure during such access: date and time including time zone, IP address, access status (HTTP status code), operating system including user interface and version, browser including language and version, individual sub-page of our website accessed including the amount of data transferred, website most recently accessed in the same browser window (referrer).
We record such information, which may also represent personal data, in log files. The information is necessary in order to be able to provide our online presence permanently, in a user-friendly and reliable manner. The information is also required to ensure data security – including by third parties or with the help of third parties.
9.3 Tracking pixels
We may integrate tracking pixels into our online presence. Tracking pixels are also known as web beacons. Tracking pixels, including those from third parties whose services we use, are typically small, invisible images or JavaScript-formulated scripts that are automatically retrieved when you access our online presence. Tracking pixels can record at least the same information as in log files.
10. Notifications and messages
We send notifications and messages by email and other communication channels such as instant messaging or SMS.
10.1 Measuring success and reach
Notifications and messages may include web links or tracking pixels that record whether an individual message has been opened and which web links have been clicked. Such web links and tracking pixels may also record the use of notifications and messages on a personal basis. We require this statistical recording of usage for measuring success and reach in order to be able to send notifications and messages effectively and in a user-friendly manner as well as permanently, securely and reliably based on the needs and reading habits of recipients.
10.2 Consent and objection
You must generally consent to the use of your email address and other contact addresses, unless the use is permitted for other legal reasons. We can use the “double opt-in” procedure to obtain consent that has been confirmed twice. In this case, you will receive a notification with instructions for the duplicate confirmation. We may record consents obtained, including the IP address and time stamp, for evidentiary and security reasons.
You may generally object to receiving notifications and communications, such as newsletters, at any time. With such an objection, you can also object to the statistical recording of usage for success and reach measurement. Required notifications and messages in connection with our activities and ventures remain reserved.
10.3 Notification and message service providers
We send notifications and messages with the help of specialized service providers.
In particular, we use:
- Amazon Simple Email Service (SES): email delivery platform; provider: Amazon Web Services Inc. (USA); data protection information: Privacy Notice, “Privacy Center”, “Privacy FAQ”.
11. Social Media
We are present on social media platforms and other online platforms to communicate with interested parties and inform them about our activities and ventures. In connection with such platforms, personal data may also be processed outside Switzerland and the European Economic Area (EEA).
The General Terms and Conditions (GTC) and Terms of Use as well as the privacy policies and other provisions of the individual operators of such platforms also apply in each case. In particular, these provisions provide information on the rights of data subjects directly in respect of the platforms concerned, such as the right of access.
12. Third-party services
We use services from specialized third parties to be able to carry out our activities and ventures on a permanent, user-friendly, secure and reliable basis. Such services allow us to embed features and content on our website, among other things. In the event of such an embedding, the services used record users’ IP addresses at least temporarily for technical reasons.
For necessary security-related, statistical and technical purposes, third parties whose services we use may process data in connection with our activities and ventures in aggregated, anonymized or pseudonymized form. This includes, for example, performance or usage data to be able to offer the service in question. In particular, we use:
- Google services: providers: Google LLC (USA)/Google Ireland Limited (Ireland) for users in the European Economic Area (EEA) and Switzerland; general information on data protection: “Privacy & Security Principles”, Privacy Policy, “Google is committed to complying with applicable data protection laws”, “Google Product Privacy Guide”, “How Google uses information from sites or apps that use our services” (information from Google), “Types of cookies and other technologies used by Google”, “Personalized advertising” (enable/disable/settings).
- Microsoft services: providers: Microsoft Ireland Operations Limited (Ireland) for users in the European Economic Area (EEA), Switzerland and the United Kingdom; Microsoft Corporation (USA) for users in the rest of the world; general information on data protection: ”Privacy at Microsoft ”, “Data Protection and Privacy”, Privacy Statement, “Data and Privacy Settings”.
12.1 Digital infrastructure
We use services from specialist third parties to be able to access the required digital infrastructure in connection with our activities and ventures. These include, for example, hosting and storage services from selected providers.
In particular, we use:
- METANET: hosting; provider: METANET AG (Switzerland); data protection information: Privacy Policy, “Technical and organizational measures”.
12.2 Automation and integration of apps and services
We use specialized platforms to integrate and connect existing third-party apps and services. Such “no-code” platforms also allow us to automate processes and activities with third-party apps and services.
12.3 Audio and video conferencing
We use specialized services for audio and video conferencing to communicate online. We can, for example, hold virtual meetings or conduct online lessons and webinars. When taking part in audio and video conferences, the legal texts of the individual services, such as privacy policies and terms of use, also apply.
Depending on your personal situation, we recommend that you set the microphone to mute by default and blur the background or display a virtual background when taking part in audio or video conferences.
We use the following in particular:
- Skype: audio and video conferences; Skype-specific providers: Skype Communications SARL (Luxembourg)/Microsoft Corporation (USA)/Microsoft Ireland Operations Limited (Ireland) for users in the European Economic Area (EEA), the United Kingdom and Switzerland; data protection information: ”Skype Legal Information”, “Privacy and Security”.
- Webex: video conferences; provider: Cisco Systems Inc. (USA); data protection information: ”Cisco Online Privacy Statement”, “Cisco Webex Compliance and Certifications”.
- Zoom: video conferences; provider: Zoom Video Communications Inc. (USA); data protection information: Privacy Policy, “Zoom Privacy”, “Legal Compliance Center”.
12.4 Online cooperation
We use third party services to enable online collaboration. In addition to this Privacy Policy, any directly visible conditions of the services used, such as terms of use or privacy policies, also apply.
In particular, we use:
- Microsoft Teams: platform for productive collaboration, in particular with audio and video conferences; provider: Microsoft; Teams-specific details: ”Privacy and Microsoft Teams”.
12.5 Digital audio and video content
We use specialized third-party services to enable the direct playback of digital audio and video content such as music or podcasts.
In particular, we use:
- YouTube: video platform; provider: Google; YouTube-specific information: ”Privacy and Safety Center”, “Your Data in YouTube”.
12.6 Fonts
We use third-party services to embed selected fonts as well as icons, logos and symbols on our website.
In particular, we use:
- Google Fonts: fonts; provider: Google; Google Fonts-specific information: ”Your Privacy and Google Fonts”, “Data protection and data collection”.
12.7 Advertising
We use the ability to display targeted advertisements for our activities and ventures to third parties such as social media platforms and search engines.
With such advertisements, we would particularly like to reach people who are already interested in our activities and ventures or could be interested in them (remarketing and targeting). For this purpose, we may disclose corresponding information – possibly also personal information – to third parties that enable such advertising. We may also determine whether our advertising is successful, in particular whether it leads to visits to our website (conversion tracking).
Third parties with whom we advertise and with whom you are logged in as a user may, if need be, associate the use of our website with your profile there. In particular, we use:
- Google Ads: search engine advertising; provider: Google; Google Ads-specific information: advertising based, amongst other things, on search queries; different domain names – in particular doubleclick.net, googleadservices.com and googlesyndication.com – are used for Google Ads, “Advertising” (Google), “Control the ads you see when you see them”.
- LinkedIn ads: social media advertising; providers: LinkedIn Corporation (USA)/LinkedIn Ireland Unlimited Company (Ireland); data protection information: remarketing and targeting in particular with the LinkedIn Insight Tag, “Privacy”, Privacy Policy, Cookie Policy, Opt out of targeted advertising.
13. Extensions for the website
We use extensions for our website to be able to use additional features. We may use selected services from suitable providers or use such extensions on our own server infrastructure.
In particular, we use:
- Google reCAPTCHA: spam protection (distinguishing between desirable content from people and unwanted content from bots and spam); provider: Google; Google reCAPTCHA-specific information: “What is reCAPTCHA?” (“What is reCAPTCHA?”).
14. Measuring success and reach
We try to determine how our online services are being used. In doing so, we may measure, for example, the success and reach of our activities and ventures and the impact of third-party links on our website. However, we can also, for example, try out and compare how different parts or versions of our online offering are used (“A/B testing” method). Based on the results of the success and reach measurement, we can in particular correct errors, strengthen popular content or make improvements to our online offering.
In most cases, the IP addresses of individual users are stored for the purpose of measuring success and reach. In this case, IP addresses are generally truncated (“IP masking”) in order to comply with the principle of data minimization through the corresponding pseudonymization.
Cookies may be used and user profiles may be created for measuring success and reach. Any user profiles created include, for example, the individual pages visited or the content viewed on our website, details of the size of the screen or browser window and the – at least approximate – location. In principle, any user profiles are only created in pseudonymized form and are not used to identify individual users. Individual third-party services with which users are logged in may assign the use of our online offer to the user account or user profile for the service in question.
In particular, we use:
- Google Analytics: success and reach measurement; provider: Google; Google Analytics-specific information: measurement, including across different browsers and devices (cross-device tracking) and with pseudonymized IP addresses that are only in exceptional cases fully transmitted to Google in the USA, “Privacy”, “Google Analytics opt-out browser add-on”.
- Google Tag Manager: integration and administration of other services for measuring success and reach as well as other services from Google and third parties; provider: Google; Google Tag Manager-specific information: “Data collected by Google Tag Manager”; further information on data protection can be found in the individual services integrated and managed.
15. Video surveillance
We use video surveillance to prevent criminal offenses, to preserve evidence in the event of criminal offenses and to exercise our right to control access to our premises. If and to the extent that the General Data Protection Regulation (GDPR) is applicable, these are overriding legitimate interests pursuant to Art. 6(1)(f) GDPR.
We store recordings from our video surveillance for as long as they are necessary to preserve evidence.
We may secure recordings due to legal obligations, to enforce our own legal entitlements and in the event of suspicion of criminal offenses, as well as transfer them to competent bodies such as, in particular, court or law enforcement authorities.
16. Final provisions
We created this Privacy Policy using the Data Protection Generator from data protection partner.
We may amend and supplement this Privacy Policy at any time. We will provide information about such amendments and additions in an appropriate manner, in particular by publishing the current Privacy Policy on our website.