Declaration on the protection of personal data of the online boutique Pastry shop MARNIN
Version from 18 March 2019
With this data protection declaration, we, Pastry shop MARNIN, describe how we collect and further process personal data. This data protection declaration is not necessarily a complete description of our data processing. It is possible that other data protection declarations or general terms and conditions, conditions of participation or similar documents may apply to specific circumstances.
The term “personal data” in this data protection statement means any information that identifies, or could reasonably be used to identify any person.
If you provide us personal data of other people (such as family members, co-workers), please ensure that the respective person is aware of this data protection statement and only provide us with their data if you are authorised to do so and if such personal data is correct.
This data protection declaration is in line with the EU General Data Protection Regulation (GDPR). Although the GDPR is a European Union (EU) regulation, it may be relevant to us. Swiss data protection legislation (FADP) is strongly influenced by EU law. Furthermore, in some cases, companies outside the European Union or the European Economic Area (EEA) must comply with the GDPR.
1. Data Controller / Data Processor / Representative
The “owner” of the data processing as described in this declaration on data protection is Pastry shop MARNIN, Piazza San Antonio, 6600 Locarno. Unless in some cases we have informed you otherwise, our data protection officers are Arno and Franca Antognini. You can inform us of any data protection issues using the following contact details: Data Protection Officer, Pastry shop MARNIN, Piazza San Antonio, 6600 Locarno, or by e-mail to firstname.lastname@example.org with the subject “Data Protection”.
2. Collection and processing of personal data
We use the personal data collected by us primarily to conclude and execute contracts with our customers, in particular in connection with the sale of our products, and to fulfil our legal obligations in Switzerland.
In addition to the data you provide directly to us to enable us to complete the correct operation of your orders (e.g. your delivery address), data relating to the use of the website is stored (e.g. IP address, MAC address of your smartphone or computer, data relating to your device and its settings, cookies, date and time of visit, pages and content displayed, functions used, referring website, location).
3. Cookies/tracking and other technologies related to the use of our website
We use “cookies” and similar techniques on our websites to identify your browser or device. A cookie is a small file sent to your computer or stored automatically on your computer or mobile device automatically by your browser when you visit our website. When you return to this website, we may recognise you even without knowing who you are. In addition to cookies used only during a session and deleted after your visit to the website (“session cookies”), cookies may be used to store your settings and other information for a period of time (“persistent cookies”). You can set your browser to reject cookies, whether you save them for a visit or delete them in advance Most browsers are willing to accept cookies. We use persistent cookies to record your settings (e.g. autologin) to better understand how you use our offers and content and to be able to display offers and advertisements tailored to your needs. Which may also occur on websites of other companies; however, we do not tell them who you are, as far as we know, because they see that a user of their website has also visited one of our pages. If you block cookies, some functions (e.g. shopping cart, ordering processes) may no longer work.
We use Google Analytics or similar services on our websites. This is a third-party service that can be located in any country in the world (in the case of Google Analytics of Google LLC in the USA, www.google.com), with which we can measure and evaluate the use of the website (in a non-personal way). For this purpose, cookies set by the service provider are used permanently. The service provider does not receive any personal data (and does not store IP addresses), but may keep track of your use of the websites by combining this information with other sites visited by you and monitored by the providers, and use these results for its own purposes (e.g. advertising control). To the extent that the user has registered with the service provider, the service provider knows his or her identity. The processing of your personal data by the service provider is carried out under the responsibility of the service provider in accordance with data protection regulations. We only receive information from the service provider about the use of our website (and not personal information).
4. Data security
We take appropriate technical and organisational measures to protect personal data from unauthorised access and misuse, including instructions, training, IT and network security solutions, access controls and restrictions, encryption of media and data transmission, pseudonymisation, controls.
5. Rights of the interested party
Under current data protection legislation and to the extent that it appears in it (as in the case of the FAPD), you have the right to information, correction, deletion, the right to limit the processing of data and, otherwise, the right to object to our data processing and the publication of certain personal data for transmission to third parties in another location (so-called data portability). Please note that we reserve the right to invoke the limitations provided for by law, in particular when we are obliged to store or manage certain data for which we have a decisive interest (insofar as we can assert our rights) or need them. Please note that the exercise of this right may interfere with contractual agreements and may result in early termination of the contract or financial consequences. In this case, we will inform you in advance if no contractual agreements have been made.
The exercise of these rights generally requires proof of identity (e.g. by presenting a copy of your identity document in cases where your identity cannot be clearly verified). In order to assert your rights, you may contact us at the address given in point 1.
In addition, every data subject has the right to lodge a complaint with the competent data protection authority. The Swiss data protection authority is the Federal Data Protection and Information Commissioner (FDPIC) (http://www.edoeb.admin.ch)