Privacy statement
Privacy statement
Thank you for your interest in our website at the URL www.uma-soft.ch. Please find below information about how we handle your data if you use our services. Your use of our website is generally anonymous. While the data exchanged during your visit is encrypted (https) by default, we wish to remind you specifically that the transmission of data via the Internet such as in e-mail communication is inherently insecure. Therefore, you should not send any personal and sensitive data that you wish to keep private (e.g. relating to your health) to us by e-mail.
Our website is subject to Swiss data protection law, in particular the current Federal Data Protection Act (FADP). Our website is also subject to applicable foreign data protection laws such as the General Data Protection Regulation (GDPR) of the European Union (EU). The EU recognises that Switzerland has legislation in place to ensure adequate data protection.
We reserve the right to modify our privacy statement at any time by publishing it on this website.
Contact:
UMa Soft GmbH
Bösch 21
6331 Hünenberg
Switzerland
1. Terms and definitions / legal bases
In order to ensure that the privacy statement is easy to read and understand, the most important terms are explained below:
Personal data means any information relating to an identified or identifiable natural person. A natural person is regarded as being identifiable if they can be identified directly or indirectly, in particular by reference to an identifier such as a name, to an identification number, to location data, to an online identifier or to one or more characteristics specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
Processing means any operation connected with personal data, in particular the retention, disclosure, acquisition, deletion, storage, modification, destruction and use of personal data, irrespective of the means and procedures used.
The way that we process personal data is compliant with Swiss data protection law. In principle, insofar as the GDPR applies, we process personal data for the purpose of fulfilling contracts. Apart from that, personal data are processed on the following lawful bases:
-
Article 6(1)(a) GDPR for the processing of personal data with the consent of the data subject.
-
Article 6(1)(b) GDPR for the processing of personal data required in order to fulfil a contract with the data subject and to perform corresponding pre-contractual measures.
-
Article 6(1)(c) GDPR for the processing of personal data required in order to fulfil a legal obligation with which we have to comply pursuant to an applicable EU law or pursuant to any applicable law of a country in which the GDPR applies in full or in part.
-
Article 6(1)(d) GDPR for the processing of personal data required in order to protect the vital interests of the data subject or another natural person.
-
Article 6(1)(f) GDPR for the processing of personal data required in order to protect our legitimate interests or those of third parties, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject. Legitimate interests is the term used to refer in particular to our business interests in connection with the provision of our website, data security, settlement of our own legal claims and compliance with Swiss law.
2. Storage of access data
Every time our website is accessed, information about the request is stored in a log file on our provider’s web server. We collect the following data for technical reasons:
-
IP address, date and time of the request
-
time zone difference compared to Greenwich Mean Time (GMT)
-
content of the request (specific page)
-
access status/http status code
-
volume of data transmitted in each case
-
website from which the request was received
-
browser
-
operating system and its interface
-
browser software version
It is necessary for us to collect these data for technical reasons. These data do not allow us to draw any conclusions about you as an individual.
3. External links
Where our website contains links to external websites, you will be redirected from our websites to the linked websites of the other providers. We have no control over the content of external links and therefore we are not responsible for such content. We specifically make no representations regarding their content. If you are directed to an external website, the privacy statement provided on that website will apply. We would therefore kindly ask you to visit the linked websites of the other providers concerned in order to find out how they handle your data.
4. Cookies
Cookies are small text files that the web browser places on the user’s device for the purpose of storing specific information. The next time the same device is used to access our website, the information stored in cookies will be sent back to our website (“first-party cookie”) or to another website to which the cookie belongs (“third-party cookie”).
From the information stored and sent back in the cookie, the website concerned recognises that the user has accessed and visited it before using the web browser on his/her device. We use that information to display the website optimally to the user based on his/her preferences.
However in order to do this, only the cookie itself on the device is identified. Any further storage of personal data will only be carried out with the user’s express consent or if such storage is essential in order to be able to use the service offered and accessed.
Nevertheless, you can configure your browser so that you are able to decide whether you want to accept or block a cookie before it is placed on your device. You also have the option to regularly delete cookies from your device. Make sure that you have configured all of the browsers on your different devices (tablets, smartphones, PCs, etc.). There are different configurations for cookie management and your preferences depending on your browser. More information on this can be found in the Help menu of your browser, along with information on how to edit your cookie preferences.
We wish to point out that deactivating cookies may prevent you from being able to use all the functions on our website.
5. Storage and sharing of data with third parties
We will only pass on your personal data with your express consent, if there is a legal obligation for us to do so or if it is necessary for us to do so in order to enforce our rights, in particular for the purpose of enforcing claims arising from the contractual relationship. In addition, we will only pass on your data to third parties if it is necessary for us to do so in connection with the use of the website and order processing (including outside the website).
6. Retention period
We only store personal data for as long as is necessary in order to fulfil the relevant purpose as well as our legitimate interests. If the data are subject to a retention obligation pursuant to legal regulations to which we are subject, we will retain the data in accordance with the legal retention obligation. Retention obligations which make it obligatory for us to retain data result from accounting regulations and from tax law, for example. In accordance with these regulations, the retention period for business correspondence, contracts concluded and payment documents is up to ten years.
7. Your rights with regard to your data
7.1 Right to information
You have the right to request confirmation that your personal data have been processed or that no data have been processed, free of charge. If data have been processed, you have the right to obtain access to those personal data.
7.2 Right to correction, restriction and deletion
You have the right to ask for your data to be corrected, supplemented or blocked as quickly as possible. You have the right to have your data deleted (known as the ‘right to be forgotten’). In such a case, we are required to provide you with confirmation of any correction, deletion or restriction of data processing.
7.3 Right to data portability
If and to the extent that the GDPR applies, you have the right to be sent the personal data that relates to you, and that you provided to the data controller, in a structured, common and machine-readable format.
7.4 Right of objection
You have the right to object to the processing of your personal data pursuant to Article 6(1)(f) GDPR (cf. clause 2 of this privacy statement with regard to this) at any time.
7.5 Right to be notified regarding breach of data protection
We are obliged to notify you regarding any breach of your personal data if there is a high risk to your personal rights and associated freedoms.
Persons whose personal data we process have the right to appeal to a competent regulatory authority responsible for data protection. The regulatory authority responsible for data protection in Switzerland is the Federal Data Protection and Information Commissioner (FDPIC).
In case of doubt, the German version shall prevail.