Logo

+41 41 53 30 195

Information regarding privacy and the use of cookies.

Privacy Policy

Privacy Policy

Information on data protection and the use of cookies

1. Preamble

The protection of your personal data is particularly important to us. You can therefore use our website without providing such data. However, if you wish to make use of certain offers or services on our website, this may entail the processing of your personal data in individual cases. In this context, we will obtain your consent if there is no legal basis for such data processing, but the processing is necessary for the use of our website.

The processing of personal data on our part always takes place in accordance with the relevant provisions of the EU General Data Protection Regulation (GDPR) and the other data protection regulations applicable in Germany. The aim of our privacy policy is to inform both you and the interested public about the scope, purpose and nature of the personal data we collect and process. We also want to inform you about your rights as a data subject.

As the controller, we have initiated a series of technical and organizational measures (TOMs) in order to offer you the fullest possible protection of your personal data when using our website. However, we would like to point out that data transmission on the Internet can have fundamental security gaps and that we cannot guarantee absolute protection for this reason. You therefore always have the option of transmitting personal data to us by other means (e.g. by telephone or post).

2. Definitions

When creating our privacy policy, we rely on the terms that are also used within the GDPR. At the same time, we want our privacy policy to be easy to understand and easy to read in accordance with the subject matter. We would therefore like to define the terms used in this policy in advance:

 

2.1. „Personal data“

Personal data is any information relating to an identified or identifiable natural person (hereinafter “data subject”). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

2.2. „Data subject“

Data subject is any identified or identifiable natural person whose personal data is processed by the controller responsible for the processing.

2.3. „Processing“

Processing is any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

 

2.4. „Restriction of processing“

Restriction of processing is the marking of stored personal data with the aim of restricting its future processing.

2.5. „Profiling“

Profiling means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location or movements.

2.6. „Pseudonymization“

Pseudonymization is the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organizational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.

2.7. „Controller or controller responsible for the processing“
 

Controller or controller responsible for the processing is the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data. Where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.

 

2.8. „Processor“

Processor is a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.

2.9. „Recipient“

Recipient is a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients.

2.10. „Third party“

Third party is a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorized to process personal data.

2.11. „Consent“

Consent is any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.

3. Data Controller

Data Controller is:

Verreaud Ltd.
A11 2 Alexandra Gate
Cardiff CF24 2 SA (United Kingdom)

Phone: +41 41 53 30 195
Mail: info@verreaud-diamanten.ch
Web: www.verreaud-diamanten.ch

4. Cookies

Like many other websites, our website also uses cookies, i.e. small text files that are stored on your computer via your browser. Such a cookie contains a cookie ID, i.e. an unambiguous identifier through which the cookie and thus your browser can be assigned to our site and our server. This enables us to recognize and identify your browser and thus distinguish it from other browsers that may use different cookies.

By using cookies, we can provide user-friendly services via our website and constantly improve and optimize the offers and information on our website. The purpose of recognition and identification is therefore to simplify the use of our website.

For example, users who agree to the use of cookies do not have to re-enter their access data or update their shopping cart each time they visit the relevant page.

You can prevent the setting of cookies at any time by making the appropriate settings in your browser and thus permanently object to the setting of cookies. You also have the option of deleting cookies that have already been set within your browser. However, if you object to the setting of cookies in this way, you may not be able to use all the functions of our website to their full extent.

 

5. General Information and Data Collection

When you access our website, general information and data is collected and stored in so-called log files on our server. These are usually

Accessing browser type and version,

Accessing operating system,

referrer URL (website from which you were redirected to our site),

subpages accessed,

Date and time of access,

IP address (internet protocol address),

ISP of the accessing system (Internet service provider) and

data and information similar to the above-mentioned data and information that we need to defend against cyberattacks and other attacks on our IT systems.

We use this information without drawing conclusions about the data subject, but need it in order to

display and maintain the content of our website correctly and truthfully,

successively improve the content of our website and the advertising for it,

ensure and guarantee the general functionality and operability of our website and our IT systems and

to be able to provide law enforcement authorities with relevant information in the event of criminal offenses in connection with our website.

The purpose of the processing is therefore statistical analysis and to increase data and IT security.

We store the above-mentioned log file data anonymously and separately from any other personal data of the data subject.

6. Contact Form

Due to telemedia law requirements, our website contains an e-mail address and a contact form that allow you to contact us quickly electronically. If you contact us using these communication tools, the personal data you provide will be stored for the purpose of processing and responding to your inquiry and for us to contact you. This data will not be passed on to third parties.

7. Rights of Data Subjects

7.1. Right to confirmation and information

Every data subject has the right to request confirmation from the controller as to whether the controller is processing personal data concerning them. If this is the case, the data subject also has the right to request information free of charge about the personal data stored about them and to receive a copy of this data. In particular, the data subject may request the following information:

the purposes of the processing

the categories of personal data

the recipients or categories of recipients to whom the personal data has been or will be disclosed

the storage period (if possible) or the criteria for determining the storage period

the existence of a right to rectification, a right to erasure, a right to restriction of processing, a right to object to processing and a right to lodge a complaint with the data protection authority

if the data is collected from third parties (i.e. not from the data subject themselves), information about the origin of the data

where applicable, the existence of automated individual decision-making, including profiling and corresponding detailed information about the logic involved in profiling and the extent and impact on the data subject where applicable, the transfer of personal data to a third country or an international organization and – if this is the case – the appropriate safeguards relating to this transfer

7.2. Right to Correction

Data subjects have the right to obtain from the controller rectification of inaccurate personal data concerning them. This also includes the right to request the completion of personal data concerning them by means of a supplementary declaration.

7.3. Right to Deletion (Right to Being Forgotten)

Data subjects have the right to obtain from the controller the erasure of personal data concerning them, unless there is a legal provision to the contrary or the processing is necessary and

 

the data are no longer necessary for the processing purpose for which they were originally collected, the data subject withdraws their consent and there is no other legal basis for further processing,

the data subject objects to the processing (Art. 21 para. 1 GDPR) and there are no overriding legitimate interests for further processing or

the data subject objects to the processing pursuant to Art. 21 para. 2 GDPR, the data has been processed unlawfully,

erasure is required by a legal obligation to which the controller is subject,

the data have been collected in relation to the offer of information society services referred to in Art. 8 para. 1 GDPR.

 

If the personal data subject to the erasure obligation has been made public, we shall take appropriate measures, taking into account the costs and available technical means, to inform other controllers that the controller has requested the erasure of all links to and copies of this data. This does not apply if and to the extent that further processing is necessary.

7.4. Right to Restriction of Processing

Data subjects have the right to obtain from the controller restriction of processing where

 

the accuracy of the personal data is contested by the data subject, for a period enabling the controller to verify the accuracy of the personal data,

the processing is unlawful, but the data subject opposes the erasure and requests the restriction of processing instead,

the controller no longer needs the data for the purposes of the processing, but they are required by the data subject for the establishment, exercise or defense of legal claims,

the data subject has objected to the processing pursuant to Art. 21 para. 1 GDPR, but it has not yet been established whether the legitimate interests of the controller prevail.

7.5. Right to Data Portability

Data subjects have the right to receive the personal data that they have provided to the controller in a commonly used, structured and machine-readable format. Data subjects also have the right to have this data transmitted by the controller to another controller without hindrance from the controller to which the personal data has been provided or to transmit this data to another controller, provided that the processing is based on consent pursuant to Art. 6 para. 1 lit. a or Art. 9 para. 2 lit. b GDPR and the processing is carried out by automated means. This does not apply if the processing by the original controller is necessary for the performance of a public task assigned to it or if the transfer from the original to the new controller is technically impossible or if the rights and freedoms of other persons are affected.

7.6. Right to Objection

Data subjects have the right to object, on grounds relating to their particular situation, to the processing of their personal data if it is processed on the legal basis of Article 6(1)(e) or (f). This also applies to profiling.

If the data subject raises such an objection, we will no longer process the personal data concerned unless we can prove that our own interests in further processing outweigh the rights, freedoms and interests of the data subject or that further processing serves our legal defense or the assertion or exercise of legal claims.

If we process data for direct marketing purposes, the data subject has the right to object at any time, including to profiling, as long as and to the extent that it is related to direct marketing.

If the data subject raises such an objection to direct marketing, we will no longer process the personal data concerned.

Furthermore, data subjects have the right to object, on grounds relating to their particular situation, to the processing of their personal data for scientific, statistical or historical purposes (Art. 89 (1) GDPR). This does not apply if the processing is in the public interest and is necessary for the performance of a task in this regard.

Notwithstanding other provisions of this privacy policy, data subjects are free to exercise their right to object in connection with information society services by means of an automated procedure.

 

7.7. Right not to be subject to automated individual decision-making, including profiling

Data subjects have the right not to be subject to a decision based solely on automated processing of personal data concerning them, including profiling, which produces legal effects concerning them or similarly significantly affects them. This does not apply if

such a decision is necessary for entering into, or performance of, a contract between the data subject and the controller, such a decision is permissible under the law to which the controller is subject and that law provides appropriate safeguards for the rights, freedoms and legitimate interests of the data subject, the data subject has expressly consented.

If an automated individual decision is necessary for the performance or initiation of a contract or is based on consent, we take measures to protect the rights, freedoms and legitimate interests of the data subject. This includes the right of the data subject to request the intervention of a person from the controller, to present their own point of view and to contest the decision.

7.8. Right to Withdraw Consent

Data subjects have the right to withdraw their consent to the processing of personal data at any time.

7.9. Contact for Data Subjects

To exercise the data subject rights mentioned in this section, data subjects can generally contact any of our employees.


7.10. Right to Appeal to the Information Commissioner’s Office

Without prejudice to any other administrative or judicial remedy, every data subject shall have the right to lodge a complaint with a supervisory authority, in particular in the Member State of his or her habitual residence, place of work or place of the alleged infringement if the data subject considers that the processing of personal data relating to him or her infringes the provisions of the GDPR.

8. Privacy policy for Google Analytics with anonymization function

Our website uses components of Google Analytics, a web analysis service for the collection, compilation and evaluation of data about the behavior of users of our website. In particular, the service collects data about the website from which the user has visited our website (referrer), which subpages the user has accessed and how long they have spent on the respective pages. We use this data to improve our website and to analyze the costs and usage of online advertising.

Google Analytics is operated by Google LLC, 1600 Amphitheatre Pkwy, Mountain View, CA 94043, United States of America.

We have added the suffix “_gat.anonymizeIp” to Google Analytics. This shortens and anonymizes the IP address of a user who accesses our website from the European Union or a signatory state to the Agreement on the European Economic Area.

Google Analytics analyzes the flow of visitors to our website by, among other things, using the transmitted data and information to provide us with detailed reports on the activities and behavior of users of our website and to offer us other services related to our website.

Google Analytics places a cookie on the user’s computer system, which makes it possible to analyze the use of our website. If the user accesses one of our subpages on which Google Analytics is integrated, the user’s browser is prompted to transmit data to Google Analytics for the purpose of commission billing and online advertising. In this way, Google Analytics receives personal data, such as the user’s IP address, in order to track the origin of the users and the ad clicks for commission settlements.

The cookie is used to collect and store personal data (for example, the location from which our website was accessed, the time of access and its duration or the frequency of the user’s visits). This data, including the IP address, is transferred to the United States of America and stored there. Google Analytics may pass this data on to third parties.

As described in section 5 of our privacy policy, the data subject can prevent the setting of cookies and delete cookies that have already been set. This also applies to cookies set by Google Analytics.

Furthermore, every data subject has the right to permanently object to the processing of their personal data by Google Analytics. To do this, the data subject can download and install a browser add-on at https://tools.google.com/dlpage/gaoptout. This informs Google Analytics that the above-mentioned personal data may not be transmitted and thus constitutes an objection.

If the user’s computer system is later reset, formatted, deleted or reinstalled, the user must reinstall the aforementioned browser add-on in order to deactivate Google Analytics. The same applies if the add-on is uninstalled for whatever reason.

We would like to point out that it is possible that the general data and information mentioned in section 6 of this privacy policy may be transmitted to the provider and that the provider may store it.

Google’s privacy policy can be found at https://www.google.de/intl/de/policies/privacy.

The Google Analytics privacy policy can be viewed here: http://www.google.com/analytics/terms/de.html

A detailed description of the service can be found here: https://www.google.com/intl/de_de/analytics/

9. Privacy policy for YouTube

Our website uses components of the video portal YouTube. YouTube allows users to upload and publish video material free of charge and to view, rate and comment on the video content of other users through web streaming.

YouTube is operated by YouTube LLC, 901 Cherry Ave, San Bruno, CA 94066, United States of America, a subsidiary of Google LLC, 1600 Amphitheatre Pkwy, Mountain View, CA 94043, United States of America.

If the user accesses a sub-page of our website that includes the YouTube plug-in, the user’s browser automatically downloads a representation of this YouTube component. In this context, YouTube receives information about which subpage the user has accessed.

An overview of YouTube services can be viewed here: https://www.youtube.com/yt/about/de

If the user is also a member of YouTube and logged in to YouTube during the visit to our website, YouTube recognizes which subpages of our website the user visits and assigns this data to the user’s YouTube profile. This also happens if the data subject clicks on a YouTube button using the components offered on our website.

The user can prevent the transmission of this data to YouTube by ending their YouTube session before visiting our website and logging out.

We would like to point out that it is possible that the general data and information mentioned in section 6 of this privacy policy may be transmitted to the provider and that the provider may store it.

YouTube’s privacy policy is available here: https://www.google.de/intl/de/policies/privacy

10. Legal Grounds for Data Processing

The legal basis of Art. 6 para. 1 lit. a) GDPR is relevant if the data subject has consented to the processing of their personal data.

The processing of personal data for the performance of a contract or for the initiation of a contract with the data subject is based on Art. 6 para. 1 lit. b) GDPR.

The processing of personal data is based on Art. 6 para. 1 lit. c) GDPR if it is carried out on the basis of legal obligations to which we are subject, such as the fulfillment of tax obligations.

The processing of personal data is based on Art. 6 para. 1 lit. d GDPR if it is necessary to protect the vital interests of the data subject or another natural person. This would be the case if a visitor were injured on our premises and we would then have to transmit their name, age, health insurance details or other vital data to a doctor or hospital.

Art. 6 para. lit. f) GDPR justifies the processing of personal data that has no basis in the aforementioned and is necessary for the purposes of the legitimate interests pursued by our company or by a third party. The interests, fundamental rights and freedoms of the data subject must not prevail.

 

11. Reasonable Interests of the Data Controller

When processing personal data on the basis of Art. 6 para. 1 lit. f GDPR, our legitimate interest lies in conducting business activities that are geared towards the well-being of our employees and shareholders.

 

12. Storage Period of Personal Data

The standard for the duration of the storage of personal data is the statutory retention period. After this period has expired, the respective data is routinely deleted, provided that it is required for the fulfillment or initiation of a contract.

 

13. Statutory or contractual requirements for the provision of personal data; necessity for the conclusion of the contract; obligation of the data subject to provide the personal data; possible consequences of failure to provide such data

The provision of personal data may result from contractual (e.g. information on the contractual partner) or legal (e.g. tax regulations) obligations. For example, a data subject may provide personal data for the conclusion of a contract, which is subsequently processed by us. For example, a person may be obliged to provide personal data when concluding a contract with our company. Failure to provide this data would make it impossible to conclude a contract.

The data subject can contact our company before providing personal data. We will inform the data subject whether the provision of this data is contractually or legally required, whether it is necessary for this purpose and what the specific consequences would be if it were not provided.

 

14. Automated Decision-Making and Profiling
 

As a responsible company, we deliberately refrain from automated decision-making or profiling.