1. What is this privacy statement about?
VRMandat.com is concerned that you are fully informed about the processing of your personal data. With this data protection declaration we therefore inform you how and why we store, process and use your personal data. It's important to us that you understand:
• what personal data we collect and process about you;
• when we store your personal data;
• the purpose for which we use your personal data;
• how long we keep your personal data;
• who has access to your personal data; and
• which rights you have with regard to your personal data.
2. Who are we?
The following company ("we" or "us") is responsible for data processing in accordance with this data protection declaration: VRMandat.com is offered by Composit Management & Training GmbH.
Composit Management & Training GmbH
Phone: +41 79 303 33 69
• Persons who write to us or contact us in any other way or who are mentioned in our communications with us;
• Persons who make use of other services from us or who come into contact with services from us - in particular, who create a profile in whole or in part in the database;
• Visitors to our website and visitors to our social media channels;
• Recipients of information and marketing communication.
4. Which personal data do we process and for what purposes?
Depending on the occasion and purpose, we process different personal data. You will find more detailed information in this section and in our General Terms and Conditions (AGB). Among other things, we process personal data - possibly also particularly sensitive personal data - in the following situations for the following purposes:
• Communication: We process personal data when you contact us or we contact you, e.g. when you contact our customer service and when you write or call us.
• use of services: We process personal data when you make use of our services, e.g. when you create a profile completely or partially in the database.
• Visiting websites: When you visit our websites, we process personal data depending on the offer and functionality. This includes technical data such as information about the time of access to our website, the duration of the visit, the pages accessed and information about the end device used (e.g. tablet, PC or smartphone). We use this information to provide and personalize the website, for IT security reasons and to improve the usability of the website. We also use "cookies"; these are files that are stored on the end device when you visit our website. Cookies are in many cases necessary for the functionality of the website and are automatically deleted after the visit. Other cookies are used to personalize the offer or may allow us to display targeted advertisements from third parties and are stored for a period of time. You can configure your mobile device so that a message appears before a new cookie is created. This also allows you to reject cookies. You can also delete cookies from your end device. You also have the option of preventing the collection of data generated by the cookie (including your IP address) and the processing of this data by downloading and installing an appropriate browser add-on. However, if you refuse or disable cookies, you may not be able to use the full functionality of the Site.
• Analysis services: We may also use analysis services such as Google Analytics, a service provided by Google, Inc. (USA). Detailed information about the behaviour on the website concerned is collected. This information could be stored by Google in the USA. If you have activated the anonymous IP function, your IP address will be shortened beforehand in the EU or EEA. Only in exceptional cases will the full IP address be transmitted to the USA. Google Analytics also makes it possible to assign data, sessions and interactions across multiple end devices to a pseudonymous user ID and thus analyze the activities of an unknown user across all devices. For more information, please see Google's privacy statement at https://policies.google.com
• We may also incorporate features of other providers that may result in the relevant provider receiving information about you. In most of these cases, however, we do not know the name of the website visitor.
• Business partner: We work together with various companies and business partners. We process personal data about the contact persons in these companies, e.g. name, function, title and communication with us, for contract initiation and processing, planning, VR mediation, accounting purposes, training purposes, customer or supplier relationship management and for other purposes connected with the contract. We may also process personal data to improve our customer orientation, customer satisfaction and retention (Customer/Supplier Relationship Management).
• Compliance with legal requirements: We process personal data to comply with legal requirements, including court or government orders, to ensure compliance and to detect and investigate abuses.
• Legal protection: We process personal data in order to protect our rights, e.g. to assess claims from us, from affiliated companies, from employees or from contractual and business partners and, if necessary, to enforce them in court, pre- or extrajudicially and before authorities in Switzerland and abroad or to defend ourselves against claims.
5. To whom do we pass on your personal data?
We may disclose your personal information to third parties if we wish to use their services ("Order Data Processors"). This includes, for example, IT services, services in the field of VR mediation, fee benchmarks or company administration. It is also possible that personal data may be passed on to other companies (also) for their own purposes. In these cases, the recipient of the data is responsible under data protection law. This applies, for example, to the following cases:
• e.g. to cooperation or network partners.
• We may disclose your personal data to third parties (e.g. authorities in Switzerland and abroad) if this is required by law. We also reserve the right to process your personal data in order to comply with a court order or to assert or defend legal claims or we consider it necessary for other legal reasons.
• If we transfer claims against you to other companies such as collection agencies.
6. When do we disclose your personal data abroad?
The recipients of your personal data (see 5) may be located abroad. The countries concerned may not have laws that protect your personal data to the same extent as in Switzerland, the EU or the EEA. If we transfer your personal data to such a country, we are obliged to ensure the protection of your personal data in an appropriate manner. One way of doing this is to conclude data transfer agreements with the recipients of your personal data in third countries that ensure the necessary data protection. This includes contracts approved, issued or recognised by the competent authorities, so-called standard contractual clauses. Transmission to recipients who are subject to the so-called "US Privacy Shield Programme" is also permitted. Please contact us if you would like a copy of our data transfer contracts
7. Do we carry out automated individual decisions?
"Automated individual case decision" refers to decisions that are automated, i.e. without relevant human influence, and that have negative legal effects or other similar negative effects on you. We will inform you separately if we use automated individual case decisions.
8. How do we protect your personal data?
We take appropriate security measures of a technical nature (e.g. server hosting in Switzerland, SSL encryption, pseudonymisation, logging, access restrictions, data security, etc.) and of an organisational nature (e.g. instructions to our employees, confidentiality agreements, checks, etc.) to safeguard the security of your personal data, to protect it against unauthorised or unlawful processing and to counteract the risk of loss, accidental alteration, unintentional disclosure or unauthorised access. However, security risks can generally not be completely ruled out; certain residual risks are usually unavoidable.
9. How long do we store your personal data?
We store your personal data in personal form for as long as it is necessary for the specific purpose for which we have collected it, for contracts as a rule at least for the duration of the contractual relationship. In addition, we store your personal data as long as they are subject to a legal storage obligation.
10. What rights do you have in connection with the processing of your personal data?
You may object to data processing at any time, in particular data processing in connection with direct advertising (e.g. against advertising e-mails). You also have the following rights: Right to information: You have the right to request access to your personal data stored by us at any time when we process it. This gives you the opportunity to check which personal data we process about you and that we use it in accordance with the applicable data protection regulations. Right of rectification: You have the right to have incorrect or incomplete personal data rectified and to be informed of the rectification; in the specific case of VRMandat.com, you can do this yourself after accessing your profile (login). In this case, we shall inform the recipients of the data concerned of the adjustments made, unless this is impossible or involves disproportionate effort. Right to deletion: You have the right to have your personal data deleted under certain circumstances. In the specific case of VRMandat.com, you can do this yourself (request deletion) after accessing your profile (login). In individual cases, the right to deletion may be excluded. Right to limitation of processing: You have the right, under certain conditions, to request that the processing of your personal data be restricted. Right to Data Transfer: Under certain circumstances, you have the right to obtain from us the personal data you have provided to us in a readable format. Right of appeal: You have the right to lodge a complaint with a competent supervisory authority against the way in which your personal data is processed. Right of revocation: In principle, you have the right to revoke your consent at any time. In the past, however, processing activities based on your consent will not become unlawful as a result of your revocation.
11. On what legal basis do we process your personal data?
When processing your personal data, we rely in particular on the following principles:
• The performance of a contract with the person concerned or for pre-contractual measures at their request;
• legitimate interests; this includes, for example, the interest in good customer service, maintaining contacts and other communication with customers, even outside of a contract; in advertising and marketing activities; in getting to know our customers and others better; in improving products and services and developing new ones; in internal Group administration and internal Group traffic, which is necessary in a Group with a division of labour; in combating fraud, e.g. in the fight against fraud; in the development of new products and services; in the development of new products and services; in the development of new products and services; in the development of new products and services; in the development of new products and services; in the development of new products and services; in the development of new products and services; in the development of new products and in the development of new products and services; in the development of new products and services; in the development of new products and in the development of new products and services; in the development of new products and services; in the development of new products and services in online shops and the prevention and investigation of criminal offences; in the protection of customers, employees and other persons and data, secrets and assets; in the guarantee of IT security, especially in connection with the use of websites, apps and other IT infrastructure; in the guarantee and organisation of business operations, including the operation and further development of websites and other systems; in corporate management and development; in the sale or purchase of companies, parts of companies and other assets; in the enforcement or defence of legal claims; and in compliance with Swiss law and internal rules;
• on a consent, provided that we ask them separately for consent;
• a compliance requirement.
12. Do you have a duty to disclose your personal data to us?
A duty to disclose personal data to us generally does not exist, by the way, unless you have a contractual relationship with us that gives rise to such a duty. However, we will need to collect and process personal data that is necessary or legally required for the establishment and performance of a contractual relationship (in particular our business activities in connection with VR mediation) and for the fulfilment of the associated obligations. Otherwise we shall not be able to conclude or continue the relevant contract. The processing of certain data is also mandatory when using websites. Here you can prevent cookies (you will find more information about this in this privacy statement). However, for technical reasons, it is not possible to prevent the logging of certain, generally but not personal data such as your IP address. When communicating with us, we must also at least process the personal data that you provide to us or that we provide to you.