We take the protection of your personal data and compliance with applicable data protection laws very seriously. The following declaration gives you a detailed overview of how we guarantee this protection, what kind of data is collected for what purpose and how we process it.

To enable Cardea to offer the services offered to all visitors to the Cardea website and/or customers, Cardea requires various user data. Depending on how you use the Cardea services and/or web services, this also includes personal data originating from the user himself or from third parties.

The processing of personal data, such as the name, address, e-mail address or telephone number of a person concerned, is always carried out in accordance with the country-specific data protection regulations applicable to Cardea AG. Cardea AG has implemented all necessary technical and organisational measures to ensure the complete protection of personal data transmitted and processed via the Cardea AG website or other sources. Nevertheless, Internet-based data transmissions can in principle have security gaps, so that absolute protection cannot be guaranteed. For this reason, every user of Cardea services is free to transmit personal data to us by alternative means (e.g. letter, telephone). By using the Cardea services and/or agreeing to the GTC, the users/customers agree to the processing of the collected data in the described manner and for the specified purpose.

Legal basis

Cardea AG and the websites and/or internet-based services it provides are subject to Swiss Federal Act on Data Protection (FADP) and any applicable foreign data protection law, such as General Data Protection Regulation (GDPR) of the European Union. The EU recognises that Swiss data protection law guarantees adequate data protection. Cardea AG can change this data protection declaration at any time by publishing it on the website.

Responsible Body

The body responsible for data processing on and in connection with this website is Cardea AG, Winkelriedstr. 27, 8006 Zurich, represented by Dr. Christoph Treichler, Managing Partner, (hereinafter: “Cardea”). Further and detailed information on Cardea can be found under Contact.

Collection and processing of personal data

When you visit the website, your IP address, the files accessed on the website, the amount of data transferred, the server response code to your browser’s request, the type of browser you use and the date and duration of your visit are stored. Cardea uses tracking systems to obtain information about the search behaviour of users in order to improve its services. The data is statistically evaluated in summary form for the ongoing optimisation of the websites. This tracking data does not allow any conclusions to be drawn about individual users (personal data). Cardea also uses anonymous user data for market research and consulting purposes.

Cardea may ask users for voluntary personal information. Such data is generally requested when the user registers for an online service, when the user wishes to send information in connection with an online transaction or when the user contacts Cardea about the website or services. Cardea is entitled to process the data about the users received in relation to the business connections or in connection with these, regardless of whether these originate from the user himself or from third parties, in accordance with the legal bases/data protection laws. This applies in particular:

  • When the user registers, personal details are requested, such as name, e-mail address and other contact details. This information is recorded. This is necessary to recognize registered users of the website. It may be recorded which services the user prefers so that Cardea can tailor the offer and services to the user.
  • If the user takes part in a competition, customer event or other sales promotion, Cardea may ask for the user’s name, address, telephone number and e-mail address for organisational reasons.
  • If the user purchases something from the website, e.g. a consultant profile, Cardea requires the user’s name, address, telephone number and e-mail address to process the order. In addition, information on the method of payment is required for chargeable services. These will be kept safe by Cardea.
  • If the user decides to transmit via the website personal data that Cardea or its business partners require, for example in order to correspond with the user, Cardea will inform the user how such data is used. If the user does not wish this data to be used as a basis for further contacts with him and the user informs Cardea of this, Cardea will comply with this wish.
  • If Cardea uses the personal information and data received by Cardea from other sources to inform the user about services, for administration and customer service, for marketing activities, to analyse the user’s preferred purchasing decisions and to ensure that the services, content and advertising offered by Cardea are tailored to the needs and interests of the user. For these purposes, Cardea may retain user information for a reasonable period of time, and Cardea may need to disclose this information to service providers and agents or disclose personal information in order to comply with laws or regulations.
  • Cardea intends to continuously improve the content and function of the website. For this reason, Cardea may monitor traffic patterns and use of the Website in order to improve the design and construction of the Website and to provide interesting content.

Confidentiality

  • Cardea commits itself to treat any unreleased data confidentially and, in particular, not to make it accessible to third parties.
  • Every user is obliged to treat e-mails and other contact data from users received in connection with the use of Cardea and its websites confidentially and not to make them accessible to third parties without the consent of their originator.

Your rights for information and change/deletion

You are entitled to obtain information about the data that you have provided to Cardea or that Cardea has stored about you. And of course you can ask us to correct incorrect data at any time or request the deletion of stored data. If the user’s personal details change, if the user’s opinion about any marketing advantages changes or if questions arise regarding the use of the data, Cardea can be contacted at info@cardea.ch .

Security of user data – How data is protected

Cardea offers a secure server for orders or access to account information. Cardea takes appropriate measures to ensure that the transmitted data is stored securely, correctly and up-to-date and that it is only stored for as long as is necessary for the purpose of use.

Personal data is protected against unauthorised processing by appropriate technical and organisational measures (Art. 7 FADP). The user is responsible for the confidential storage of his user data and for all activities carried out via his access. He is obliged to treat the user names and passwords assigned to him confidentially and to make them accessible only to authorised persons within the company.

The personal settings that a user enters are stored. This ensures that every user finds his personal settings each time he logs in. Cookies are usually used for this purpose. The user has the option of preventing the installation of cookies by making the appropriate browser settings. However, rejecting cookies can have a negative effect on the unrestricted use of the website.

Declaration of consent and information about other persons

  • By submitting personal data, the user consents to the processing of personal data, including critical personal data, for the above purposes. The User also consents to the transfer of the data to countries or jurisdictions that do not provide the same level of data protection as the country in which the User is located (e.g. Germany), if necessary for the above purposes. If Cardea carries out such a data transfer, Cardea or the receiving entity may enter into a contract to ensure the protection of the data.
  • If the user submits information to Cardea about another person, the user confirms that he/she has been instructed by this person to act on his/her behalf, that this person consents to the processing of personal data, including critical personal data, and that the user has informed this person of the identity and purposes listed above for which the personal data will be used. If Cardea contacts this person for the first time, it may be informed from which source Cardea has received the data.

Passwords

In order for Cardea to be able to offer a personalised service to the user, he may be asked to set up one or more passwords. This will give the User access to certain services or areas of the Website or the Website(s) of other providers whose products or services are available through a link from the Website. If necessary, Cardea may forward the password details sent to these authorised providers. The user himself is responsible for the control and use of his passwords.

No liability

Cardea does not guarantee the correctness, accuracy, timeliness, reliability and completeness of the information on the website. Liability claims against Cardea as operator of the website for material or immaterial damage caused by access, use or non-use of the information, technical faults or the like are excluded. All offers are non-binding and can be completely changed or discontinued at any time. This also applies to products or services of providers to which contact requests from users were forwarded after their consent.

Cardea additionally offers links to external websites of third parties. Cardea accepts no responsibility for the content or data protection guidelines of third-party websites or third-party advertisers, nor for the way in which they use the data of their users. In particular, it is pointed out that Cardea, unless expressly stated otherwise, is not a representative for these websites or advertisers and has no authority to represent them.

Other provisions / Place of jurisdiction

The contractual relationship between Cardea and the respective user shall be governed exclusively by Swiss law. The place of jurisdiction is the city of Zurich. However, Cardea is also entitled to assert its rights at the domicile of the user or before any other competent authority. Between the user and Cardea, the current version of the General Terms and Conditions published on the Internet shall apply in each case.

Data processors

Hosting-Provider & Server-LogFiles

The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:

  • IP address
  • Browser type and browser version
  • used operating system
  • Referrer URL
  • Hostname of the accessing computer
  • Time of the server request

These data cannot be directly assigned to specific persons. These data will not be merged with other data sources. We reserve the right to subsequently check this data if we become aware of concrete indications of illegal use.

This data and all data on this website is stored by our hosting provider Hoststar – Multimedia Networks AG, Kirchgasse 30, CH-3312 Fraubrunnen (www.hoststar.ch).

Google Analytics

This website uses Google Analytics, a web analysis service provided by Google Inc., 1600 Amphitheatre, Parkway Mountain View, CA 94043, USA (“Google”). Google Analytics uses “cookies”, which are text files placed on your computer, to help the website analyze how users use the site. The information generated by cookies about the use of the website is usually transferred to a Google server in the USA and stored there. If IP anonymisation is activated on the website, however, Google will shorten your IP address beforehand within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA where it will be shortened. On behalf of the operator of this website, Google will use this information for the purpose of evaluating website usage, compiling reports on website activity and providing other services to website operators relating to website activity and internet usage. The IP address transmitted by the browser as part of Google Analytics is not combined with other data from Google. You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. You can also prevent Google from collecting the data generated by the cookie and related to your use of the website (including your IP address) and Google from processing this data by downloading and installing the browser plug-in available under the following link.

We have concluded a corresponding contract with the provider for order data processing.

MailChimp

The newsletter is sent via “MailChimp”, a newsletter distribution platform of the US provider Rocket Science Group, LLC, 675 Ponce De Leon Ave NE #5000, Atlanta, GA 30308, USA.

The e-mail addresses of our newsletter recipients, as well as their other data described in this notice, are stored on MailChimp’s servers in the USA. MailChimp uses this information to send and evaluate newsletters on our behalf. Furthermore, according to its own information, MailChimp may use this data to optimise or improve its own services, e.g. for the technical optimisation of the dispatch and presentation of the newsletter or for economic purposes in order to determine from which countries the recipients come. However, MailChimp does not use the data of our newsletter recipients to write to them or pass them on to third parties.

We rely on the reliability and IT and data security of MailChimp. MailChimp is certified under the US-EU data protection agreement „Privacy Shield“and is therefore committed to complying with EU data protection regulations. In addition, we have concluded a „Data-Processing-Agreement“ with Mailchimp. This is a contract in which MailChimp undertakes to protect the data of our users, to process it on our behalf in accordance with their data protection regulations and, in particular, not to pass it on to third parties. You can view the privacy policy of MailChimp here.

Vtiger

The processing of contacts including personal data is carried out with the help of the CRM provider Vtiger. You can find Vtiger’s privacy policy here.

Google Fonts

Google Fonts are used on this website. To the best of our knowledge, no personal data is stored by Google. For technical reasons, however, your IP address must be transmitted to Google so that the fonts can be transmitted to your browser. You can view more information about Google Fonts from Google here .

Facebook

On our pages you will find plugins of the social network Facebook (Facebook Inc., 1 Hacker Way, Menlo Park, California 94025, USA). You can recognize the Facebook plugins by the Facebook logo on our page. You can find an overview of the Facebook plugins here: https://developers.facebook.com/docs/plugins/.

When you visit our pages, the plugin establishes a direct connection between your browser and the Facebook server. Facebook receives the information that you have visited our site with your IP address. This allows Facebook to associate visiting our pages with your user account. We would like to point out that, as the provider of the pages, we do not have any knowledge of the content of the data transmitted or its use by Facebook. Further information on this can be found in Facebook’s data protection declaration at: https://de-de.facebook.com/policy.php.

If you do not want Facebook to be able to assign visits to our pages to your Facebook user account, please log out of your Facebook user account.

Twitter

On our pages, functions of the Twitter service are integrated. These functions are offered by Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA. By using Twitter and the “Re-Tweet” function, the websites you visit are linked to your Twitter account and made known to other users. Data is also transferred to Twitter. We would like to point out that, as the provider of the pages, we do not have any knowledge of the content of the transmitted data or its use by Twitter. Further information on this can be found in Twitter’s data protection declaration at: https://twitter.com/privacy.

You can change your data protection settings on Twitter in the account settings at: https://twitter.com/account/settings ändern.

Google+

Our pages use Google+ functions. Provider is Google Inc., 1600 Amphitheatre Parkway Mountain View, CA 94043, USA.

Collection and dissemination of information: You can use the Google+ button to publish information worldwide. The Google+ button gives you and other users personalized content from Google and our partners. Google stores both information that you gave +1 for an item and information about the page you viewed when you clicked +1. Your +1 may be displayed as a clue along with your profile name and photo in Google services, such as search results or your Google profile, or elsewhere on web pages and ads on the Internet.

Google records information about your +1 activity to improve Google services for you and others. To use the Google+ button, you need a globally visible, public Google profile that includes at least the name you choose for the profile. This name is used in all Google services. In some cases, this name may also replace another name you used when sharing content through your Google Account. The identity of your Google profile may be displayed to users who know your email address or have other identifying information about you.

Use of Information Collected: In addition to the uses described above, the information you provide will be used in accordance with applicable Google privacy policies. Google may publish or share aggregated statistics about users’ +1 activity with users and partners, such as publishers, advertisers or affiliates.

Note: Google+ for personal users will be discontinued on 2 April 2019. From that date, Google will begin deleting content from Google+ home accounts. Google+ photos and videos in the album archive and on Google+ pages will also be deleted.

WiredMinds

Products and services of WiredMinds AG (www.wiredminds.de) are used on this website for marketing and optimization purposes. Data is collected, processed and stored from which user profiles are created under a pseudonym. Where possible and reasonable, the user profiles are made completely anonymous. Cookies may be used for this purpose. Cookies are small text files that are stored in the visitor’s Internet browser and serve to recognise the Internet browser. The collected data, which may also contain personal data, is transmitted to WiredMinds or collected directly by WiredMinds. WiredMinds may use information, which is left by visits on the web pages, in order to provide anonymizated use profiles. The data obtained will not be used to personally identify the visitor to this website without the separate consent of the person concerned and will not be merged with personal data about the bearer of the pseudonym. If IP addresses are collected, they will be made anonymous immediately after collection by deleting the last number block. The collection, processing and storage of data may be revoked at any time with effect for the future.

If you object to the further and future recording of your visitor session for web analysis, click on the following link (this function is cookie-based and therefore browser-dependent): Exclude from website tracking.


LinkedIn

Our website uses features of the LinkedIn network. The provider is LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA. Each time you visit one of our pages that contains LinkedIn features, a connection is established to LinkedIn servers. LinkedIn will be notified that you have visited our web pages with your IP address. If you click the LinkedIn “Recommend” button and are logged into your LinkedIn account, LinkedIn will be able to associate your visit to our site with you and your user account. We would like to point out that, as the provider of the pages, we have no knowledge of the content of the transmitted data or its use by LinkedIn.

Further information can be found in LinkedIn’s privacy policy: https://www.linkedin.com/legal/privacy-policy

XING

Our website uses functions of the XING network. The provider is XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany. Each time you access one of our pages that contains XING functions, a connection is established to XING servers. To the best of our knowledge, personal data is not stored. In particular, no IP addresses are stored or the usage behavior evaluated.

Further information on data protection and the XING Share button can be found in XING’s Privacy Policy: https://www.xing.com/app/share?op=data_protection

 

Cookies & Web-Beacons

Cardea may use cookies, web beacons etc. in order to provide you with our services more individually. Cookies are small files that are stored in the browser of your PC during your visit to the Cardea website. Our cookies do not contain any personal information, so that your private and personal sphere remains protected. Most browsers automatically accept cookies. If you wish to view our website without cookies, you can prevent cookies from being saved on your PC by selecting “do not accept cookies” in your browser settings. If you do not accept cookies, this can lead to functional limitations of our offers.

  • Cardea may use information about the user that Cardea receives via cookies. These are files that Cardea receives from the user’s computer or other access device and which Cardea may access when the user views an e-mail from Cardea or when the user visits the website in the future. Cardea makes this possible by using so-called web beacons (sometimes referred to as clear GIFs or web bugs) in e-mails. Cardea uses cookies and web beacons to identify users, personalize the website and services, and monitor the success of Cardea’s marketing efforts. These facilities store small pieces of information about visitors to the website. This means that these visitors can be identified and welcomed the next time they visit the site. It also means that when the user opens an email from Cardea, Cardea will be able to see which pages of the website the user is visiting.
  • If the user wishes to delete the cookies already stored on his computer, he is requested to follow the instructions of his file management software to find the file or directory in which the cookies are stored. If the user wishes to prevent cookies from being stored on the computer in the future, the instructions of the browser provider can be read by clicking on “Help” in the browser menu. More information about how to delete or control cookies can be found at www.AboutCookies.org. The user should be aware that deleting cookies or blocking future cookies may prevent access to certain areas or features of the website.
  • Web beacons do not store any further information on the user’s computer, but they do use cookies on the user’s computer to tell Cardea when the user has opened an e-mail from Cardea. If the user objects to the use of web beacons, it is advisable to follow the instructions for deleting existing cookies and blocking future cookies. However, Cardea still knows how many e-mails have been opened by Cardea and automatically receives the IP address of the user (a unique identifier of the computer or other access device of the user), but the user is not personally identified. With or without web beacons, the IP address can be recorded when the user visits the website.

Newsletter data / Info services

If you would like to receive the newsletter or other information offered on the website once or regularly, we require an e-mail address from you as well as information that allows us to verify that you are the owner of the e-mail address provided and that you agree to receive the newsletter/info service. We use these data exclusively for the dispatch of the requested information.

You can revoke your consent to the storage of data, e-mail address and their use to send the newsletter at any time, for example via the “Unsubscribe” link in the newsletter.

The registration to our newsletter takes place in a so-called double opt-in procedure. This means that after registration you will receive an e-mail in which you will be asked to confirm your registration. This confirmation is necessary so that nobody can register with external e-mail addresses.

The registrations for the newsletter are logged in order to be able to prove the registration process according to the legal requirements. This includes the storage of the registration and confirmation times as well as the IP address. Likewise the changes of your data stored with MailChimp are logged.