Tapadar GmbH Privacy Policy

Our Privacy Policy is based primarily on the revised Swiss Data Protection Act (DPA).

This Privacy Policy sets out how Tapadar GmbH, Würenlingen, Switzerland processes your personal data.

Personal data is defined as any information relating to a specific or definable natural person. Processing includes any operation with personal data, irrespective of the means and procedures by which it is processed, in particular the collection, storage, use, revision, disclosure, archiving or destruction of data.

If you give us personal data relating to other persons, you must ensure that these persons are aware of the terms of this Privacy Policy. You may only supply us with such data if you are authorized to do so.

1.    Responsibility

The entity responsible for data protection purposes is 

Tapadar GmbH
Poststrasse 5
5303 Würenlingen

If you have an inquiry relating to data protection, you can contact us either in writing at the above address or via email at [email protected]

2.    What personal data is collected and for what purposes?

We process the personal data we receive in the course of our business relationships with our customers and other business partners, as well as other persons involved in these relationships. The data processed includes the person’s name, mailing address, phone no. and email address. 

2.1    Visiting our website, cookies and analytics programs

When visiting our website, its server temporarily stores users’ access data. This data includes:
•    IP address and MAC address of the smartphone or other device
•    Date and time the site was accessed
•    Content of the request (specific page accessed)
•    Website from which the site was accessed (referrer URL)
•    The browser used
•    The device’s operating system and name of the user’s access provider
We do not use any cookies, social media plug-ins or analytics programs such as Google Analytics.

2.2    Emails

Like many of our customers, we regularly use email to communicate. However, it is important to note that unencrypted emails can be read, and in certain circumstances manipulated, by third parties, in particular by the sender’s and recipient’s access providers. We assume that anyone communicating with us via email is aware of these risks and agrees to exchange messages via unencrypted email. Please notify us if you no longer wish to communicate with us in this way. If a message is altered after we have sent it out, we are not legally bound by its contents.
Information communicated to us via unencrypted email is stored on the servers of Hetzner Online GmbH in Germany. This storage is governed by Hetzner Online GmbH’s privacy policy (https://www.hetzner.com/legal/privacy-policy).

2.3    Data processing purposes

We primarily use the personal data we collect to conclude and process our contracts with our customers and business partners and to meet our statutory obligations in Switzerland and abroad. If you work for one of these clients or business partners, your personal data may also be affected in the course of carrying out this function.
In addition, we process personal data belonging to you and other persons to the extent permitted and where we believe it is necessary to enable us to operate, in particular in relation to our IT and our banking transactions.
If you have consented to the processing of your personal data for particular purposes, we will process your personal data on the basis of and within the limits of this consent, assuming there is no other legal basis to permit processing and we would need one to do so. Consent may be revoked at any time, but does not affect data processing that has already occurred.

3. Disclosure of your data to third parties

We will only disclose your data to third parties if you give explicit permission, if there is a legal obligation or authorization to do so, if the disclosure is necessary to exercise, assert or defend our legal rights, or if the disclosure of data is necessary to perform contractual relationships with you. 

4. Security of your data

We have put suitable technical and organizational security measures in place to protect your personal data from unauthorized access and misuse. When you access our website, the SSL encryption protocol is used.

5. Duty to provide personal data

In the course of our business relationship, you must provide the personal data required to establish and conduct a business relationship and fulfill the associated contractual duties. Normally, we will not be able to conclude a contract with you (or the person or entity you represent) or perform the contract without this data.
Moreover, you may not use the website if certain information relating to the data traffic (e.g. IP address) is not disclosed.

6. Your rights as an affected person

Within the framework of the data protection law applicable to you and to the extent provided therein, you have the right to information, correction and deletion and the right to limit data processing, object to our data processing and release certain personal data in order to transfer it to another entity (data portability).
Please note that we reserve the right to assert the restrictions provided for by law if we are obliged to retain or process certain data, have an overriding interest in doing so (insofar as the interest is recognized by law), or need the data in order to assert our rights. If this gives rise to costs for you, we will inform you in advance. 
We informed you in section 2.3 about the option of revoking your consent. Please note that exercising this right may conflict with contractual arrangements and may have consequences such as premature termination of the contract or additional costs. In this case, we will inform you in advance, where this is not already governed by contract. 
Exercising such rights generally requires you to provide proof of identity (e.g. a copy of your identity card, if your identity cannot be established or verified by other means). To exercise your rights, you can contact us at the address specified in section 1 of this Privacy Policy. 
In addition, every person affected has the right to enforce their claims in court or file a complaint with the competent data protection authority. The competent data protection authority in Switzerland is the Federal Data Protection and Information Commissioner (https://www.edoeb.admin.ch).

7. Digital infrastructure

We use the services of specialized third parties to provide essential digital infrastructure for our activities. This includes hosting and storage services from selected providers.

In particular we use:
•    lavitto: Hosting; Provider: lavitto ag; Information on data protection: https://www.lavitto.ch/datenschutz

8. Amendments

We may amend this Privacy Policy at any time without prior announcement. The current version published on our website shall apply.

Last revised: September 2023.