Data protection
Introduction
We («we», «us», «our») take the protection of the data of the users («user» or «you») of our website and/or our mobile app (the «Website» or the « mobile app») very seriously and we are committed to protecting the information that users make available to us in connection with the use of our website and/or our mobile app (collectively: «digital assets»). Furthermore, we undertake to protect and use your data in accordance with applicable law.
This Privacy Policy explains our practices regarding the collection, use, and disclosure of your information through the use of our digital assets (the "Services") when you access the Services through your devices.
Please read the Privacy Policy carefully and ensure you fully understand our practices regarding your information before using our Services. If you have read and fully understood this policy and do not agree with our practices, you must stop using our digital assets and services. By using our services, you accept the terms of this privacy policy. Continued use of the Services constitutes your acceptance of this Privacy Policy and any changes thereto.
In this privacy policy you will learn:
-
How we collect data
-
What data we collect
-
Why we collect this data
-
Who we share the data with
-
Where the data is stored
-
How long the data is retained
-
How we protect the data
-
How we deal with minors
-
Updates or changes to the Privacy Policy
What data do we collect?
Below is an overview of the data we may collect:
-
Unidentified and non-identifiable information that you provide during the registration process or that is collected through the use of our Services (“Non-Personally Identifiable Information”). Non-personal data do not allow any conclusions as to who collected them. Non-Personally Identifiable Information that we collect consists primarily of technical and aggregate usage information.
-
Individually identifiable information, ie anything from which you can be identified or could be identified with reasonable effort ("Personal Information"). The Personal Information we collect through our Services may include information requested from time to time, such as names, email addresses, addresses, phone numbers, IP addresses and more. If we combine personal information with non-personal information, we treat it as personal information for as long as it is combined.
How do we collect data?
Below are the main methods we use to collect data:
-
We collect data when you use our services. Therefore, when you visit our digital assets and use the Services, we may collect, record and store usage, sessions and related information.
-
We collect data that you provide to us yourself, for example if you contact us directly via a communication channel (e.g. an e-mail with a comment or feedback).
-
We may collect information from third party sources as described below.
-
We collect information that you provide to us when you log into our Services through a third party such as Facebook or Google.
Why do we collect this data?
We may use your data for the following purposes:
-
to provide and operate our Services;
-
to develop, customize and improve our Services;
-
to respond to your feedback, requests and requests and to offer assistance;
-
to analyze request and usage patterns;
-
for other internal, statistical and research purposes;
-
to improve our data security and fraud prevention capabilities;
-
to investigate violations and enforce our terms and policies and to comply with applicable law, regulation or governmental request;
-
to provide you with updates, news, promotional materials and other information related to our Services. In the case of promotional e-mails, you can decide for yourself whether you wish to continue to receive them. If not, just click the unsubscribe link in those emails.
Who do we share this data with?
We may share your data with our service providers in order to operate our services (e.g. storing data via third-party hosting services, providing technical support, etc.).
We may also disclose your information in the following circumstances: (i) to investigate, detect, prevent, or address unlawful activity or other wrongdoing; (ii) to establish or exercise our rights of defense; (iii) to protect our rights, property, or personal safety, or the safety of our users or the public; (iv) in the event of a change of control of us or any of our affiliated companies (by way of a merger, acquisition or purchase of (substantially) all assets, etc.); (v) to collect, hold and/or manage your data using authorized third party service providers (e.g. cloud service providers) as appropriate for business purposes; (vi) to work collaboratively with third parties to improve your user experience. To avoid misunderstandings, we would like to point out that we can transfer or pass on non-personal data to third parties or use them in any other way at our own discretion.
Cookies and Similar Technologies
When you visit or access our Services, we authorize third parties to use web beacons, cookies, pixel tags, scripts, and other technologies and analytics services ("Tracking Technologies"). These Tracking Technologies may enable third parties to collect your information automatically in order to improve the browsing experience on our digital assets, to optimize their performance and to ensure a customized user experience, as well as for security and fraud prevention purposes.
To learn more about this, please read our cookie policy.
We will not share your email address or other personally identifiable information with any advertising company or advertising network without your consent.
Where do we store the data?
Non-Personally Identifiable Information
Please note that our companies and our trusted partners and service providers are located around the world. For the purposes explained in this Privacy Policy, we store and process all non-personal data that we collect in different jurisdictions.
How long is the data retained?
Please note that we retain the information we collect for as long as is necessary to provide our services, comply with our legal and contractual obligations to you, resolve disputes, and enforce our agreements.
We can correct, supplement or delete incorrect or incomplete data at any time at our own discretion.
How do we protect the data?
Non-Personally Identifiable Information
Please note that our companies and our trusted partners and service providers are located around the world. For the purposes explained in this Privacy Policy, we store and process all non-personal data that we collect in different jurisdictions.
Payments/eCom Privacy
All payment options offered by us and our hosting provider for our digital assets comply with the regulations of the PCI-Dss (data security standard of the credit card industry) of the PCI Security Standards Council (council for security standards of the credit card industry). This is a collaboration between brands such as Visa, MasterCard, American Express and Discover. PCI-DSS requirements help to ensure the secure handling of credit card data (including physical, electronic and procedural measures) by our shop and the service providers.
Notwithstanding the measures and efforts taken by us and our hosting provider, we cannot and do not guarantee the absolute privacy or security of any information that you upload, post or otherwise disclose to us or others.
For this reason, we would like to ask you to set strong passwords and, if possible, not to transmit to us or others confidential information, the disclosure of which you believe could cause serious or lasting harm to you. In addition, since email and instant messaging are not considered secure forms of communication, we ask that you do not share any confidential information through any of these communication channels.
How do we deal with minors?
The Services are not intended for users who have not yet reached the legal age of majority. We will not knowingly collect information from children. If you are under the age of majority, you should not download or use the Services or provide any information to us.
We reserve the right to request proof of age at any time so that we can verify that minors are using our Services. In the event that we become aware that a minor is using our Services, we may block or block access to our Services for such users and we may delete any information we hold about that user. If you have reason to believe that a minor has provided us with information, please contact us as set out below.
We will only use your personal information for the purposes set out in the Privacy Policy and only when we are satisfied that:
-
the use of your personal information is necessary to perform or enter into a contract (e.g. to provide you with the Services themselves or customer or technical support);
-
the use of your personal data is necessary to comply with a relevant legal or regulatory obligation, or
-
the use of your personal information is necessary to support our legitimate business interests (provided that we do so at all times in a manner that is proportionate and respects your privacy rights).
As an EU resident you can:
-
request confirmation as to whether or not personal data concerning you is being processed and request access to your stored personal data and certain additional information;
-
request to receive personal data that you have provided to us in a structured, commonly used and machine-readable format;
-
request rectification of your personal data held by us;
-
request the erasure of your personal data;
-
object to our processing of your personal data;
-
request the restriction of the processing of your personal data, or
-
lodge a complaint with a supervisory authority.
However, please note that these rights are not absolute and may be subject to our own legitimate interests and regulatory requirements. If you have general questions about the personal information we collect and how we use it, please contact us as provided below.
In the course of providing the Services, we may transfer information across borders to affiliates or other third parties and from your country/jurisdiction to other countries/jurisdictions around the world. By using the Services, you consent to the transfer of your data outside of the EEA.
If you are a resident of the EEA, your personal data will only be transferred to locations outside the EEA where we are satisfied that an adequate or comparable level of protection of personal data is in place. We will take appropriate steps to ensure that we have appropriate contractual arrangements in place with our third parties to ensure that appropriate safeguards are in place to minimize the risk of unlawful use, alteration, destruction, loss or theft of your personal information and that such third parties will act in accordance with applicable laws at all times.
Updates or changes to the Privacy Policy
-
We may, in our sole discretion, revise this Privacy Policy from time to time, the version posted on the Website will always be current (see "Revision"). We encourage you to periodically review this Privacy Policy for changes. If there are any significant changes, we will post a notice on our website. Your continued use of the Services after notification of changes has been posted to our website constitutes your acknowledgment and acceptance of the changes to the Privacy Policy and your agreement to be bound by the terms of those changes.
Contact
-
If you have general questions about the Services or the information we collect about you and how we use it, please contact us at:
-
-
Name: Bergdorf AG
-
Address: Jubilee Street 31, 3005 Bern, Switzerland
-
Email address: mail@bergdorf.org
-
-
-
-
Status: 29.10.2020