Privacy Policy.

Preamble

 

With the following privacy policy we would like to inform you which types of your personal data (hereinafter also abbreviated as "data") we process for which purposes and in which scope. The privacy statement applies to all processing of personal data carried out by us, both in the context of providing our services and in particular on our websites, in mobile applications and within external online presences, such as our social media profiles (hereinafter collectively referred to as "online services").

The terms used are not gender-specific.

Last Update: 13. August 2020

 

 

Table of contents

 

  • Preamble

  • Controller

  • Overview of processing operations

  • Contact information of the data protection officer

  • Legal Bases for the Processing

  • Security Precautions

  • Transmission and Disclosure of Personal Data

  • Data Processing in Third Countries

  • Use of Cookies

  • Provision of online services and web hosting

  • Contacting us

  • Job Application Process

  • Newsletter and Electronic Communications

  • Commercial communication by E-Mail, Postal Mail, Fax or Telephone

  • Onlinemarketing

  • Plugins and embedded functions and content

  • Erasure of data

  • Changes and Updates to the Privacy Policy

  • Rights of Data Subjects

  • Terminology and Definitions

 

 

Controller

 

MVM Pack-Holding AG
Tramstrasse 20
4142 Münchenstein
Switzerland

  • Authorised Representatives: Christian Reinau, CEO MVM Pack-Holding AG
  • E-mail address: group@mueller-group.com
  • Legal Notice: www.mueller-group.com/imprint

 

 

Contact information of the data protection officer

 

  • E-mail address: datenschutz@mueller-group.com

 

 

Overview of processing operations

 

The following table summarises the types of data processed, the purposes for which they are processed and the concerned data subjects.

 

Categories of Processed Data

  • Inventory data (e.g. names, addresses).

  • Job applicant details (e.g. Personal data, postal and contact addresses and the documents pertaining to the application and the information contained therein, such as cover letter, curriculum vitae, certificates, etc., as well as other information on the person or qualifications of applicants provided with regard to a specific job or voluntarily by applicants).

  • Content data (e.g. text input, photographs, videos).

  • Contact data (e.g. e-mail, telephone numbers).

  • Meta/communication data (e.g. device information, IP addresses).

  • Usage data (e.g. websites visited, interest in content, access times).

  • Location data (Data that indicates the location of the end device of an end user).

 

Categories of Data Subjects

  • Job applicants.

  • Prospective customers.

  • Communication partner (Recipients of e-mails, letters, etc.).

  • Users (e.g. website visitors, users of online services).

 

Purposes of Processing

  • Provision of our online services and usability.

  • Conversion Tracking.

  • Job Application Process (Establishment and possible later execution as well as possible later termination of the employment relationship.).

  • Direct marketing  (e.g. by e-mail or postal).

  • Interest-based and behavioral marketing.

  • contact requests and communication.

  • Conversion tracking (Measurement of the effectiveness of marketing activities).

  • Profiling (Creating user profiles).

  • Remarketing.

  • Web Analytics (e.g. access statistics, recognition of returning visitors).

  • Security measures.

  • Targeting (e.g. profiling based on interests and behaviour, use of cookies).

  • Contractual services and support.

  • Managing and responding to inquiries.

 

 

Legal Bases for the Processing

 

In the following we inform you about the legal basis of the General Data Protection Regulation (GDPR), on the basis of which we process personal data. Please note that, in addition to the regulations of the GDPR, the national data protection regulations may apply in your country or in our country of residence or domicile. If, in addition, more specific legal bases are applicable in individual cases, we will inform you of these in the data protection declaration.

 

  • Consent (Article 6 (1) (a) GDPR) - The data subject has given consent to the processing of his or her personal data for one or more specific purposes.

  • Performance of a contract and prior requests (Article 6 (1) (b) GDPR) - Performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract.

  • Legitimate Interests (Article 6 (1) (f) GDPR) - Processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data.

  • Article 9 (1)(b) GDPR (job application process as a pre-contractual or contractual relationship) (If special categories of personal data within the meaning of Article 9 (1) GDPR (e.g. health data, such as severely handicapped status or ethnic origin) are requested from applicants within the framework of the application procedure, so that the responsible person or the person concerned can carry out the obligations and exercising specific rights of the controller or of the data subject in the field of employment and social security and social protection law, their processing shall be carried out in accordance with Article 9 (2)(b) GDPR , in the case of the protection of vital interests of applicants or other persons on the basis of Article 9 (1)(c) GDPR  or for the purposes of preventive health care or occupational medicine, for the assessment of the employee's ability to work, for medical diagnostics, care or treatment in the health or social sector or for the administration of systems and services in the health or social sector in accordance with Article 9 (1)(d) GDPR. In the case of a communication of special categories of data based on voluntary consent, their processing is carried out on the basis of Article 9 (1)(a) GDPR.) - .

National data protection regulations in Switzerland: In addition to the data protection regulations of the Basic Data Protection Ordinance, national regulations apply to data protection in Switzerland. This includes in particular the Federal Data Protection Act (DSG). The DSG applies in particular if no EU/EEC citizens are affected and, for example, only data of Swiss citizens are processed.

 

 

Security Precautions

 

We take appropriate technical and organisational measures in accordance with the legal requirements, taking into account the  state of the art, the costs of implementation and the nature, scope, context and purposes of processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons, in order to ensure a level of security appropriate to the risk.

The measures include, in particular, safeguarding the confidentiality, integrity and availability of data by controlling physical and electronic access to the data as well as access to, input, transmission, securing and separation of the data. In addition, we have established procedures to ensure that data subjects' rights are respected, that data is erased, and that we are prepared to respond to data threats rapidly. Furthermore, we take the protection of personal data into account as early as the development or selection of hardware, software and service providers, in accordance with the principle of privacy by design and privacy by default.

SSL encryption (https): In order to protect your data transmitted via our online services in the best possible way, we use SSL encryption. You can recognize such encrypted connections by the prefix https:// in the address bar of your browser.

 

 

Transmission and Disclosure of Personal Data

 

In the context of our processing of personal data, it may happen that the data is transferred to other places, companies or persons or that it is disclosed to them. Recipients of this data may include, for example, payment institutions within the context of payment transactions, service providers commissioned with IT tasks or providers of services and content that are embedded in a website. In such a case, the legal requirements will be respected and in particular corresponding contracts or agreements, which serve the protection of your data, will be concluded with the recipients of your data.

Data Transmission within the Group of Companies: We may transfer personal data to other companies within our group of companies or otherwise grant them access to this data. Insofar as this disclosure is for administrative purposes, the disclosure of the data is based on our legitimate business and economic interests or otherwise, if it is necessary to fulfill our contractual obligations or if the consent of the data subjects or otherwise a legal permission is present.

Data Transfer within the Organization: We may transfer or otherwise provide access to personal information to other locations within our organization. Insofar as this disclosure is for administrative purposes, the disclosure of the data is based on our legitimate business and economic interests or otherwise, if it is necessary to fulfill our contractual obligations or if the consent of those concerned or otherwise a legal permission is present.

 

 

Data Processing in Third Countries

 

If we process data in a third country (i.e. outside the European Union (EU), the European Economic Area (EEA)) or the processing takes place in the context of the use of third party services or disclosure or transfer of data to other persons, bodies or companies, this will only take place in accordance with the legal requirements.

Subject to express consent or transfer required by contract or law, we process or have processed the data only in third countries with a recognised level of data protection, on the basis of special guarantees, such as a contractual obligation through so-called standard protection clauses of the EU Commission or if certifications or binding internal data protection regulations justify the processing (Article 44 to 49 GDPR, information page of the EU Commission: https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection_en).

 

 

Use of Cookies

 

Cookies are text files that contain data from visited websites or domains and are stored by a browser on the user's computer. A cookie is primarily used to store information about a user during or after his visit within an online service. The information stored can include, for example, the language settings on a website, the login status, a shopping basket or the location where a video was viewed. The term "cookies" also includes other technologies that fulfil the same functions as cookies (e.g. if user information is stored using pseudonymous online identifiers, also referred to as "user IDs").

The following types and functions of cookies are distinguished:

  • Temporary cookies (also: session cookies): Temporary cookies are deleted at the latest after a user has left an online service and closed his browser.

  • Permanent cookies: Permanent cookies remain stored even after closing the browser. For example, the login status can be saved or preferred content can be displayed directly when the user visits a website again. The interests of users who are used for range measurement or marketing purposes can also be stored in such a cookie.

  • First-Party-Cookies: First-Party-Cookies are set by ourselves.

  • Third party cookies: Third party cookies are mainly used by advertisers (so-called third parties) to process user information.

  • Necessary (also: essential) cookies: Cookies can be necessary for the operation of a website (e.g. to save logins or other user inputs or for security reasons).

  • Statistics, marketing and personalisation cookies: Cookies are also generally used to measure a website's reach and when a user's interests or behaviour (e.g. viewing certain content, using functions, etc.) are stored on individual websites in a user profile. Such profiles are used, for example, to display content to users that corresponds to their potential interests. This procedure is also referred to as "tracking", i.e. tracking the potential interests of users. . If we use cookies or "tracking" technologies, we will inform you separately in our privacy policy or in the context of obtaining consent.

Information on legal basis: The legal basis on which we process your personal data with the help of cookies depends on whether we ask you for your consent. If this applies and you consent to the use of cookies, the legal basis for processing your data is your declared consent. Otherwise, the data processed with the help of cookies will be processed on the basis of our legitimate interests (e.g. in a business operation of our online service and its improvement) or, if the use of cookies is necessary to fulfill our contractual obligations.

Retention period: Unless we provide you with explicit information on the retention period of permanent cookies (e.g. within the scope of a so-called cookie opt-in), please assume that the retention period can be as long as two years.

General information on Withdrawal of consent and objection (Opt-Out): Respective of whether processing is based on consent or legal permission, you have the option at any time to object to the processing of your data using cookie technologies or to revoke consent (collectively referred to as "opt-out"). You can initially explain your objection using the settings of your browser, e.g. by deactivating the use of cookies (which may also restrict the functionality of our online services). An objection to the use of cookies for online marketing purposes can be raised for a large number of services, especially in the case of tracking, via the websites https://www.aboutads.info/choices/ and https://www.youronlinechoices.com. In addition, you can receive further information on objections in the context of the information on the used service providers and cookies.

Processing Cookie Data on the Basis of Consent: Before we process or have processed data within the context of the usage of cookies, we ask the users for their consent, which can be revoked at any time. Before the consent has not been given, we may use cookies that are necessary for the operation of our online services.

  • Processed data types: Usage data (e.g. websites visited, interest in content, access times), Meta/communication data (e.g. device information, IP addresses).

  • Data subjects: Users (e.g. website visitors, users of online services).

  • Legal Basis: Consent (Article 6 (1) (a) GDPR), Legitimate Interests (Article 6 (1) (f) GDPR).