Data Protection Policy of the Komax Group
This data protection policy informs you about how we, Komax AG and its affiliated group companies (hereinafter referred to as "Komax" or “Komax Group”, “we”, “us”) collect and process your personal data (hereinafter also referred to as “data” or “personal data”) in connection with the processing activities described below. This data protection policy applies to all our websites or apps (hereinafter referred to as the "Komax Website") that are under Komax’s control and refer to this data protection policy.
If you provide us with personal data of other persons (e.g. employee data), we assume that you are authorized to do so and that the data is correct. You confirm this by submitting data on other persons. Please ensure that the other persons are aware of this data protection policy.
We are obliged to handle your data responsibly. This data protection policy is designed to meet the requirements of the Swiss data protection law and the EU General Data Protection Regulation (GDPR). However, whether and to what extent these laws are applicable depends on the individual case.
This data protection policy provides you with information about:
- Which of your personal data we collect and process for which purpose (Section 1).
- What legal framework we use as a basis for processing (Section 2).
- Which cookies / tracking and other technologies we use (Section 3).
- How long we process your personal data (Section 4).
- To whom we disclose your personal data (Section 5).
- How we protect your data (Section 6).
- What rights you have with regard to your personal data (Section 7).
- Who is responsible for processing your data and who you can contact if you have any questions (Section 8).
- Which data protection guidelines apply in each case (Section 9).
1. Description and scope of data processing
1.1. Visiting the Komax website, creating log files
Every time you visit the Komax website, the web server automatically collects data and information from the computer system of the incoming computer. This includes, in particular, information about the browser type and version used, the user’s operating system, the user’s Internet service provider, the referrer URL (websites from which the user’s system accesses the Komax website), websites accessed by the user’s system via the Komax website, as well as the user’s IP address, access date and time, and the client’s file request (file name and URL). This data is stored in the log files of our system (or with third parties) together with other data and collected only for the purpose of statistical evaluation.
Komax also records client side error logs. This recording in the Data Protection Preference Center can be prevented.
Some pages of the Komax website can only be viewed by registering users in advance. The respective terms and conditions of usealso apply to this.
If you use other electronic services, such as our Wi-Fi network, we collect certain technical data. The technical data also includes the logs in which we record the use of our systems (log data). In some cases, we can also assign your end device (tablet, PC, smartphone, etc.) a unique identification number (an ID). We use this data to ensure a reliable connection, convenient use of the Komax website and other electronic services, the evaluation of system security and stability, as well as for other administrative purposes. This data generally does not allow us to draw any conclusions about your identity. However, in the context of user accounts or registrations, they can be combined with other data categories – and thus, if necessary, with your person.
1.2. Contact by email
On the Komax website, you have the option of contacting us via the e-mail address(es) listed on the website. In this case, we store the data transmitted with the e-mail. Email traffic is unencrypted. You use these services at your own risk.
1.3. Contact forms
1.4. Mailing list / Newsletter
On the Komax website, it is also possible to register for a mailing list for media releases in electronic form and to subscribe to further newsletters (industry news, product news, events, etc.). When you log in, the data you enter in the input screen will be transmitted to us. Some information is sent by (foreign) companies of the Komax Group or third parties. By registering, you agree that we process your data, that we transfer your data to companies or third parties (including the USA) located abroad (also outside Switzerland), that we understand your clicking and opening behavior and that we contact you directly in individual cases. You also confirm that you have read and understood our data protection policy. You can revoke your subscription to the mailing list or newsletter at any time.
Insofar as we refer to third-party websites for product information, events, etc. and you visit these websites, the corresponding data protection guidelines of the respective website operator apply. Komax has no influence on this.
1.5. Job Applications
Our job vacancies are published on the Komax website. Our job advertisements and your online application are processed using the “Haufe Talent Management Tool” tool of our software partner Haufe-umantis AG. A separate data protection policy applies to the application process.
1.6. In the context of business relationships
We process your data that we receive in the context of our business relationship with our customers, other business partners and other persons involved. This includes, in particular, contact details such as title, first name, last name, gender, date of birth, address, e-mail address, telephone number and other contact details as well as communication data such as exchanged communication content from e-mails, other written correspondence, telephone conversations, video conferences, etc. and information on the type, time and place of communication.
To the extent permitted, we also extract from publicly accessible sources (e.g. commercial registers, media, Internet, etc.) Data In addition to data that you give us directly, this includes data that we receive about you from third parties (authorities, other third parties), in particular information from public registers, in connection with official and judicial proceedings, in connection with your professional functions and activities, information about you in correspondence and meetings with third parties, information that informs us of persons from your environment (e.g. family, consultants, legal representatives, employers) so that we can conclude or process contracts for or with you (e.g. references, powers of attorney), your address and, if applicable, interests and other socio-demographic data (for marketing).
2. Legal framework for data processing
2.1. As part of our services and to fulfill our contractual obligations
Data is processed for the purpose of providing our services to our customers, including pre-contractual measures and post-contractual support.
The data collected in this way is used for the entire processing of our service, including any subsequent warranty cases, technical administration, etc. Further details on data processing purposes can be found in the relevant contractual documents and terms and conditions.
2.2. In the context of the balancing of interests
To the extent necessary and permissible, we process your data beyond the actual fulfillment of the contract in order to protect the legitimate interests of us or third parties. These include:
- Consultation and exchange of data with information centers and other third parties (e.g. debt enforcement register);
- Review and optimize needs analysis procedures for direct engagement with customers and collect personal data from publicly available sources for the purpose of customer acquisition;
- Advertising or market and opinion research, insofar as you have not objected to the use of your data;
- Assertion of legal claims and defense in legal disputes
- Ensuring IT security and IT operations;
- Prevention and investigation of criminal offenses;
- Measures for business management and further development of services and products and the Komax website;
- Purchase and sale of business units, companies or parts of companies and other transactions under company law and the associated transfer of data as well as business management measures.
2.3. Based on your consent
If you have given us your consent to process data for certain purposes, this processing is lawful on the basis of your consent. Consent can be revoked at any time. Withdrawal of consent shall not affect the lawfulness of the data processed up to the time of withdrawal.
2.4. Due to legal requirements or in the public interest
In addition, we are subject to various legal obligations based on which we must process your data.
3. Cookies / tracking and other technologies
3.1. Use of analysis services
The information generated by performance cookies (see below) about the use of the website (incl. IP address) is transmitted to the Google server in the USA and stored there. We have configured the service in such a way that the IP addresses of website users within Europe are shortened before being redirected to the USA and therefore cannot be tracked. Google provides us with reports and can therefore be regarded as our order processor. Google also processes certain data for its own purposes. Under certain circumstances, Google can use the collected data to draw conclusions about the identity of the visitors to the websites and therefore create personal profiles and link the data obtained with any existing Google accounts of these persons. Google may also pass on this information to third parties if this is required by law or third parties process this data on behalf of Google. If you consent to the use of Google, you explicitly consent to such processing, which also includes the transfer of personal data to the USA and other countries. Further information on Google Analytics’ data protection can be found here or from Google Tag Manager here.
We also use Salesforce Marketing Cloud Account Engagement Analytics (formerly Pardot), a marketing analysis service of our order processor Salesforce, Inc., Mission St, San Francisco, CA 94105, USA, on the Komax website for marketing automation purposes (e-mail marketing, social media marketing, mobile marketing and online advertising). If you subscribe to our newsletter in particular, you explicitly consent to such processing, which also includes the transfer of personal data to the USA and other countries. Learn more here.
If you do not want your visit to the Komax website to be evaluated by the analytics services, this can be done, for example, by deactivating the performance cookies in the Cookie Settings.
Further information on the cookies used, in particular the description of the categories of cookies used (strictly necessary cookies, performance cookies, functional cookies and targeting cookies) and their meaning can be found in the Cookie Settings.
3.3. Google Maps
3.4. Social Media
On the Komax website, we use plug-ins from social networks such as YouTube, Xing and LinkedIn. The corresponding buttons / symbols can be found on the Komax website. These items are configured to be disabled by default. By clicking on the buttons / symbols, the respective operators of the social networks can register that you are on the Komax website, where your location is and use this information for their own purposes. The processing of your data is the responsibility of the respective operator in accordance with their data protection declaration. Komax does not receive any information from the operators of the social networks.
4. Duration of processing of your personal data
We will only process your data for as long as it is necessary for the respective purpose and fulfillment of our contractual and legal obligations, including statutory retention obligations (generally 10 years), or if you have given us yourconsent. We will continue to process your data as long as we have a legitimate interest in the storage. This may be the case in particular if we require personal data in order to enforce or defend claims, for archiving purposes and to guarantee IT security.
5. Data transfer and transfer abroad
We only pass on your data to third parties in the context of our business activities and for the purposes described in this data protection policy if we are obliged to do so by law, court order or official regulations, if the transfer is necessary for the establishment, exercise or defense of legal claims or for the processing of contracts and activities or on the basis of consent. These third parties include in particular:
- Order processors such as providers, service providers for evaluating the benefits of the Komax website (marketing purposes), service providers for IT services (data management, data storage, technical support, etc.), service providers in the area of recruitment, talent management, HR or other services;
- External business partners, including other companies within the Komax Group, and experts associated with contractual services and for their own purposes.
We process personal data not only in Switzerland. Your data can be processed in the European Union as well as in any country in the world (including the USA). If the level of data protection in the country where the third party processing the data is located is deemed inappropriate for Swiss circumstances or within the meaning of the EU General Data Protection Regulation (including the USA), we grant suitable data protection by means of appropriate guarantees, unless there is a statutory exception (e.g. consent), the recipient is not already subject to a legally recognized set of rules to ensure data protection or we can rely on an exception. Such contractual provisions (guarantees) partially compensate for a weaker or lack of legal protection, but not all risks can be completely excluded (e.g. from government access abroad).
Please also note that data exchanged over the Internet is often transferred via third countries. Your data may therefore be transferred abroad even if the sender and recipient are located in the same country.
6. Data security
We use appropriate technical and organizational measures in the systems to protect your data stored by us from loss, destruction, alteration and unauthorized access by third parties.
Safety measures of a technical nature include: e.g. encryption (including login data) and pseudonymization of data, logging, access restrictions and storage of backup copies.
We also take our own internal company data protection very seriously. Our employees and the service companies commissioned by us are obliged to maintain confidentiality and to comply with data protection regulations. Our order processors are also obliged to take appropriate technical and organizational security measures. Furthermore, they will only be granted access to the personal data to the extent necessary.
Our security measures are continuously adapted in line with technological developments. However, absolute protection cannot be guaranteed.
7. Your rights
You have several options when using the Komax website and our services. You can choose not to provide any data at all by not filling in any forms or data fields in this regard on the Komax website, blocking cookies and not providing us with personalized data in the context of our business relationship.
In addition, if required by applicable law, you have:
- the right to be informed whether and what data we process about you;
- the right to rectification if the data are inaccurate;
- the right to request erasure;
- the right to request the restriction of data processing;
- the right to withdraw your consent;
- where applicable, the right to request that we provide certain data in a commonly used electronic format;
- the right to object to our data processing;
- if necessary, the right to express your point of view in an automated individual decision and to request that the decision be reviewed by a natural person.
Your rights are not absolute. However, we reserve the right to apply the restrictions provided for by law. We will inform you accordingly.
Each data subject also has the right to enforce their claims in court or to lodge a complaint with the competent data protection authority. The competent data protection authority in Switzerland is the Swiss Federal Data Protection and Information Commissioner (www.edoeb.admin.ch). A list of European data protection authorities can be found here.
8. Our contact address
Komax AG, Dierikon, Switzerland, is responsible under data protection law for data processing in accordance with these data protection guidelines, unless otherwise specified in individual cases (e.g. in other data protection declarations, on forms, contracts, etc.).
If you have any questions about this data protection policy, our use of your data or your rights in accordance with Section 7, you can contact us at:
- Komax AG, Industriestrasse 6, 6036 Dierikon, Switzerland
Please enclose an appropriate identification of your person.
9. Subject to change
We reserve the right to amend this data protection policy at any time, in particular if we change our data processing procedures or if new legislation becomes applicable. The current version published at https://www.komaxgroup.com/de/privacy applies; previous versions are replaced by the new version.
Last updated, November 2022