Privacy Policy
1. Data Protection at a Glance
General Information
The following information provides a simple overview of what happens to your personal data when you visit our website. Personal data includes all data that can personally identify you. Detailed information on the topic of data protection can be found in our privacy policy listed below this text.
Data Collection on Our Website
Who is responsible for the data collection on this website?
The data processing on this website is the responsibility of Weseta Textil AG. You can find our contact details in the imprint of this website.
How do we collect your data?
Your data is collected in two ways. On the one hand, your data is collected when you provide it to us. This could be, for example, data that you enter into a contact form or through an online order.
Other data is automatically collected by our IT systems when you visit the website. These are mainly technical data (e.g., internet browser, operating system, or time of page access). This data is collected automatically as soon as you enter our website.
What do we use your data for?
When using the online shop, personal data may be processed in various ways. Some of the data is collected to ensure the website is provided without errors. Other data can be used to analyze your user behavior. Furthermore, the data is also used for orders in the online shop, creating a customer account/registration in the online shop, newsletters, the magazine, participation in competitions, submitting reviews, and customer inquiries via the contact form. Your data is stored by Weseta Textil AG. This mainly includes company-specific data such as addresses, phone numbers, contact persons, tax numbers, product-specific data, as well as data about our business processes (quotes, delivery notes, invoices, etc.).
We would like to point out that this data is used by Weseta Textil AG solely for the purpose of managing our business relationship.
What rights do you have regarding your data?
You have the right at any time to receive information free of charge about the origin, recipients, and purpose of your stored personal data. You also have the right to request the correction, blocking, or deletion of this data. For this purpose, as well as for other questions regarding data protection, you can contact us at any time at the address provided in the imprint. Furthermore, you have the right to lodge a complaint with the competent supervisory authority.
You also have the right, under certain circumstances, to request the restriction of the processing of your personal data. Details can be found in the privacy policy under "Right to Restrict Processing."
How long do we store your data?
We store your data for as long as the processing purpose requires. Once the purpose is no longer applicable or you request the deletion of your data, we will delete it unless we have overriding interests or a legal basis for longer retention.
2. General information and mandatory disclosures
Data Protection
Weseta Textil AG takes data protection very seriously and complies with legal data protection regulations. Your data is stored using technical and organizational measures to ensure it is not accessible to third parties.
Please note that the internet is a publicly accessible system. Data entered into the system may be lost, sent to the wrong recipient, or fall into unauthorized hands. For this reason, all personal information and data are provided voluntarily and at your own risk. This privacy policy applies to all services offered by us.
Notice Regarding the Responsible Entity
The entity responsible for data processing on this website is:
WESETA TEXTIL AG
Bergen 4
CH-8765 Engi / Glarus Süd
+41 55 642 61 00
mail@weseta.ch
Right to Object to Data Collection in Specific Cases and to Direct Marketing (Art. 21 GDPR)
If data processing is based on Article 6(1)(e) or (f) GDPR, you have the right at any time, for reasons arising from your particular situation, to object to the processing of your personal data; this also applies to profiling based on these provisions. The specific legal basis for processing can be found in this privacy policy. If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights, and freedoms, or the processing serves to assert, exercise, or defend legal claims (objection under Article 21(1) GDPR).
If your personal data is processed for direct marketing purposes, you have the right to object at any time to the processing of your personal data for such marketing; this also applies to profiling insofar as it is related to direct marketing. If you object, your personal data will no longer be used for direct marketing purposes (objection under Article 21(2) GDPR).
Right to File a Complaint with the Competent Supervisory Authority
In the event of violations of the GDPR, individuals have the right to lodge a complaint with a supervisory authority, particularly in the member state of their habitual residence, place of work, or location of the alleged violation. This right is without prejudice to other administrative or judicial remedies.
Right to Data Portability
You have the right to receive data that we process automatically based on your consent or in fulfillment of a contract in a commonly used, machine-readable format. If you request the direct transfer of data to another responsible party, this will only be done if it is technically feasible.
SSL or TLS Encryption
This site uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as orders or inquiries you send to us as the site operator. You can recognize an encrypted connection by the browser’s address bar changing from "http://" to "https://" and by the lock symbol in your browser bar.
When SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.
Access, Blocking, Deletion, and Correction
You have the right, within the scope of applicable legal provisions, to obtain information free of charge at any time about your stored personal data, its origin, recipients, and the purpose of the data processing. You also have the right to request the correction, blocking, or deletion of this data. For this and other questions regarding personal data, you can contact us at any time at the address provided in the imprint.
Right to Restrict Processing
You have the right to request the restriction of the processing of your personal data. To do so, you can contact us at any time at the address provided in the imprint. The right to restrict processing exists in the following cases:
- If you dispute the accuracy of the personal data we have stored about you, we usually need time to verify this. During the verification period, you have the right to request the restriction of the processing of your personal data.
- If the processing of your personal data was/is unlawful, you can request the restriction of data processing instead of deletion.
- If we no longer need your personal data, but you need it to assert, exercise, or defend legal claims, you have the right to request the restriction of the processing of your personal data instead of deletion.
- If you have objected under Article 21(1) GDPR, a balance must be struck between your interests and ours. As long as it has not been determined whose interests prevail, you have the right to request the restriction of the processing of your personal data.
If you have restricted the processing of your personal data, this data – apart from being stored – may only be processed with your consent or for the assertion, exercise, or defense of legal claims, or to protect the rights of another natural or legal person, or for reasons of important public interest of Switzerland, the European Union, or a member state.
3. Data Collection on Our Website
Cookies
Our websites use what are known as cookies in some instances. Cookies do not damage your computer and do not contain viruses. Cookies are used to make our offering more user-friendly, effective, and secure. Cookies are small text files that are stored on your computer and saved by your browser.
Most of the cookies we use are "session cookies," which are automatically deleted after your visit. Other cookies remain on your device until you delete them. These cookies enable us to recognize your browser on your next visit.
You can configure your browser to inform you about the setting of cookies, to allow cookies only in individual cases, to exclude the acceptance of cookies for specific cases or in general, and to activate the automatic deletion of cookies when closing the browser. If cookies are deactivated, the functionality of this website may be limited.
Cookies that are necessary to carry out the electronic communication process or to provide certain functions you desire (e.g., shopping cart functionality) are stored based on Article 6(1)(f) GDPR. The website operator has a legitimate interest in storing cookies for the technically error-free and optimized provision of its services. Any other cookies (e.g., cookies for analyzing your browsing behavior) are addressed separately in this privacy policy.
Server Log Files
The provider of the pages automatically collects and stores information in what are known as server log files, which your browser automatically transmits to us. These include:
- Browser type and version
- Operating system used
- Referrer URL
- Hostname of the accessing computer
- Time of the server request
- IP address
This data is not merged with other data sources.
The collection of this data is based on Article 6(1)(f) GDPR. The website operator has a legitimate interest in the technically error-free presentation and optimization of its website, for which the server log files must be recorded.
4. Contact Form
Purpose
When you send us inquiries via the contact form, the information provided in the form, including your contact details, will be stored by us for the purpose of processing the inquiry and in case of follow-up questions.
Recipients
We do not share this data without your consent.
Legal Basis
The processing of the data entered into the contact form is carried out exclusively based on your consent (Article 6(1)(a) GDPR).
You can revoke this consent at any time. A simple notification via email to us is sufficient. The legality of the data processing carried out until the revocation remains unaffected by the revocation.
Storage/Deletion
The data you enter in the contact form will remain with us until you request its deletion, revoke your consent to its storage, or the purpose for data storage no longer applies (e.g., after your inquiry has been processed). Mandatory statutory provisions – particularly retention periods – remain unaffected.
5. Orders in the Online Shop
Purpose
Weseta Textil AG collects and processes the data you provide when ordering products in the online shop to facilitate the purchase of our products.
Legal Basis
The processing of your data is necessary for the conclusion and fulfillment of online purchase contracts in accordance with Article 6(1)(b) GDPR.
Storage / Deletion
The data required for contract processing will be stored until the expiration of statutory warranty periods unless legal retention obligations prevent deletion, or the data is required in individual cases for the defense or enforcement of legal claims.
Recipients
The necessary data for payment processing is shared with the payment service providers you select. Your order and processing data is shared with our logistics partners and suppliers.
Weseta Textil AG has integrated components from the following payment service providers into the online shop:
For payments by invoice, available only in Switzerland, components of Byjuno AG, a full payment service provider that handles payment processing (hereinafter "Byjuno"). If you select the payment by invoice option during the order process, data is automatically transmitted to Byjuno. The personal data transmitted to Byjuno generally includes first name, last name, address, gender, email address, IP address, and, if applicable, date of birth, phone number, mobile phone number, as well as other data necessary for payment processing. The personal data exchanged between Byjuno and Weseta Textil AG may also be transmitted by Byjuno to credit agencies. This transmission serves the purpose of identity and creditworthiness checks. Byjuno may also share personal data with service providers or subcontractors if necessary to fulfill contractual obligations or process the data. You may revoke your consent to the handling of personal data at any time with Byjuno. A revocation does not affect personal data that must be processed, used, or transmitted to ensure payment processing in compliance with the contract.
All other payment options for Switzerland and the EU are processed by Datatrans AG in Switzerland. We only receive transaction data such as the transaction amount and a payment confirmation from Datatrans. For information on how Datatrans handles your payment data and the Payment Pages solution used by us, please visit: www.datatrans.ch/de/features/checkout-loesungen/payment-pages/.
By selecting the relevant payment option, you consent to the transmission of personal data required for payment processing.
6. Creation of a Customer Account/Registration in the Online Shop
Purpose
Creating a customer account is generally voluntary.
Legal Basis
The processing of your data is based on the consent you have given in accordance with Article 6(1)(a) GDPR. You have the right to revoke your consent at any time by deactivating your customer account.
Storage/Deletion
Your data will generally be stored until the deactivation/deletion of your customer account and thereafter for a period of two years, provided that legal retention obligations do not prevent deletion and the data is not required in individual cases to defend or enforce legal claims.
7. Newsletter Advertising
Purpose
The following information explains the content of our newsletter, the registration, delivery, and statistical evaluation process, as well as your rights to object. By subscribing to our newsletter, you agree to receive it and to the described procedures.
Newsletter Content
We send newsletters, emails, and other electronic notifications with promotional information (hereafter referred to as “newsletters”) only with the consent of the recipients in accordance with Article 6(1)(a) GDPR or legal authorization. If the newsletter’s content is specifically described during registration, it is decisive for the user’s consent. Otherwise, our newsletters contain information about our services and us.
Double-Opt-In and Logging
Registration for our newsletter occurs via a double-opt-in process. This means you receive an email after registration asking you to confirm your subscription. This confirmation is necessary to ensure that no one can subscribe using someone else’s email address. The newsletter registration is logged to provide evidence of the registration process in compliance with legal requirements. This includes storing the registration and confirmation timestamps and the IP address. Changes to your data stored by the mailing service provider are also logged.
Registration Data
To subscribe to the newsletter, it is sufficient to provide your email address. Optionally, we ask for a name to allow personal address in the newsletter.
Logging
Logging of the registration process is based on our legitimate interests. Our interest lies in using a user-friendly and secure newsletter system that serves both our business interests and the expectations of users while allowing us to provide proof of consent.
Cancellation/Revocation
You can unsubscribe from the newsletter at any time via a link in each newsletter email or by contacting Weseta Textil AG directly.
Delivery
The newsletters are sent using the mailing service provider "MailChimp," a newsletter delivery platform operated by the US company Rocket Science Group, LLC, 675 Ponce De Leon Ave NE #5000, Atlanta, GA 30308, USA. You can view the mailing service provider’s privacy policy here: https://mailchimp.com/legal/privacy/. Rocket Science Group LLC d/b/a MailChimp is certified under the Privacy Shield Agreement, guaranteeing compliance with Swiss and European data protection standards (https://www.privacyshield.gov/participant?id=a2zt0000000TO6hAAG&status=Active). The mailing service provider is used based on our legitimate interests under Article 6(1)(f) GDPR and an order processing agreement under Article 28(3)(1) GDPR.
Mailing Service Provider
The mailing service provider may use recipient data in pseudonymized form (i.e., without assigning it to a user) to optimize or improve its services, such as for the technical optimization of delivery and newsletter presentation or for statistical purposes. However, the mailing service provider does not use recipient data to contact recipients directly or to share data with third parties.
Newsletter Performance Tracking
The newsletters include a “web beacon,” a pixel-sized file retrieved from our server or, if we use a mailing service provider, from its server when the newsletter is opened. When this file is retrieved, technical information (e.g., about your browser, system, IP address, and time of retrieval) is collected.
This information is used to improve the services based on technical data or target groups and their reading behavior (e.g., retrieval locations determined using IP addresses or access times). Statistical analysis also includes determining whether newsletters are opened, when they are opened, and which links are clicked. Although this information can technically be assigned to individual newsletter recipients, it is neither our goal nor, if applicable, that of the mailing service provider to observe individual users. Instead, the evaluations help us understand our users’ reading habits and adapt our content to them or send different content tailored to users’ interests.
8. Competitions
Purpose
The personal data you provide is processed for the purpose of handling the competition (e.g., drawing winners).
Legal Basis
The processing of participants' and winners' data is necessary for participation in the competition in accordance with Article 6(1)(b) GDPR. Failure to provide the specified data will result in your inability to participate in the competition. The publication of winners is based on your consent provided under Article 6(1)(a) GDPR. You have the right to revoke your consent at any time, free of charge.
Storage / Deletion
The data of all participants will be deleted three months after the competition ends, provided that statutory retention obligations do not prevent deletion and the data is not required in individual cases to defend or enforce legal claims.
9. Submission of Reviews
Purpose
When you submit a review, we process your review (including title and comment) along with additional data (e.g., name, email address, location, and last order number). This processing is for the purpose of collecting and publishing customer reviews by Weseta Textil AG.
Legal Basis
The data processing is based on your consent in accordance with Article 6(1)(a) GDPR. You have the right to revoke your consent at any time, free of charge.
10. Social Media
Facebook Plugins (Like & Share Button)
Our website integrates plugins from the social network Facebook, provided by Facebook Inc., 1 Hacker Way, Menlo Park, California 94025, USA. You can recognize Facebook plugins by the Facebook logo or the "Like Button" on our site. An overview of Facebook plugins can be found here: https://developers.facebook.com/docs/plugins.
When you visit our site, a direct connection is established between your browser and the Facebook server via the plugin. Facebook receives information that your IP address has visited our website. If you click the Facebook "Like Button" while logged into your Facebook account, you can link the content of our pages to your Facebook profile. This allows Facebook to associate your visit to our site with your user account.
Please note that we, as the site operator, have no knowledge of the content of the transmitted data or its use by Facebook. For more information, refer to Facebook's privacy policy: https://de-de.facebook.com/privacy/explanation.
If you do not want Facebook to associate your visit to our site with your Facebook account, please log out of your Facebook account.
The use of Facebook plugins is based on Article 6(1)(f) GDPR. The website operator has a legitimate interest in achieving the widest possible visibility on social media.
11. Other
Google Fonts
We integrate fonts ("Google Fonts") provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
Privacy Policy: https://www.google.com/policies/privacy/.
Opt-Out: You can prevent cookies from being set by Google by downloading and installing the browser plugin available at the following link: https://tools.google.com/dlpage/gaoptout?hl=de.
12. Remarketing Privacy Policy
Third-party providers, including Google, place ads on websites across the Internet. Third-party providers, including Google, use stored cookies to serve ads based on a user's previous visits to this website.
13. Google Analytics
We use Google Analytics, a web analytics service provided by Google LLC (“Google”), based on our legitimate interests (i.e., interest in analyzing, optimizing, and economically operating our online offering within the meaning of Article 6(1)(f) GDPR). Google uses cookies. The information generated by the cookie about the users' use of the online offering is usually transmitted to and stored on a Google server in the USA.
Google is certified under the Privacy Shield Agreement, providing a guarantee to comply with European data protection law (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).
Google will use this information on our behalf to evaluate the use of our online offering by users, compile reports on activities within this online offering, and provide us with other services related to the use of this online offering and Internet usage. Pseudonymous usage profiles of users can be created from the processed data.
We use Google Analytics with IP anonymization enabled. This means that the users’ IP address is truncated by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases is the full IP address transmitted to a Google server in the USA and truncated there.
The IP address transmitted by the user's browser will not be merged with other Google data. Users can prevent the storage of cookies by configuring their browser settings accordingly. Additionally, users can prevent the collection of data generated by the cookie and related to their use of the online offering, as well as the processing of this data by Google, by downloading and installing the browser plugin available at the following link: http://tools.google.com/dlpage/gaoptout?hl=de.
The personal data of users will be deleted or anonymized after 14 months.
For more information on Google's data usage, settings, and opt-out options, please refer to Google’s privacy policy (https://policies.google.com/technologies/ads) and the settings for managing the display of Google ads (https://adssettings.google.com/authenticated).
(Swissanwalt, 2019)
Consent to the Use of Cookies
To ensure our website functions properly, we use cookies. To obtain your valid consent for the use and storage of cookies in the browser you use to access our website and to document this consent appropriately, we use a consent management platform: CookieFirst. This technology is provided by Digital Data Solutions BV, Plantage Middenlaan 42a, 1018 DH, Amsterdam, Netherlands. Website: https://cookiefirst.com, referred to as CookieFirst.
When you access our website, a connection to the CookieFirst server is established, allowing us to obtain valid consent from you for the use of specific cookies. CookieFirst then stores a cookie in your browser to enable only the cookies you have consented to and to document this properly. The processed data is stored until the specified retention period expires, or until you request the deletion of the data. Certain statutory retention periods may apply in some cases.
CookieFirst is used to obtain the legally required consent for the use of cookies. The legal basis for this is Article 6(1)(c) of the General Data Protection Regulation (GDPR).
Data Processing Agreement
We have entered into a data processing agreement with CookieFirst. This agreement is a data protection requirement that ensures the data of our website visitors is processed only in accordance with our instructions and in compliance with the GDPR.
Server Log Files
Our website and CookieFirst automatically collect and store information in so-called server log files, which your browser automatically transmits to us. The following data is collected:
- Your consent status or the withdrawal of your consent
- Your anonymized IP address
- Information about your browser
- Information about your device
- The date and time of your visit to our website
- The URL of the webpage where your consent settings were saved or updated
- The approximate location of the user who saved their consent preferences
- A universally unique identifier (UUID) of the website visitor who clicked the banner cookie