Data Protection

Thank you for visiting our website. The following outlines the personal data we collect, how we use it and for what purpose.

 

Information on Data Protection for Website Visitors
Information on Data Protection for Customers, Suppliers, and Partners
Information on Data Protection for Applicants and Employees

Data Protection for Website Visitors

1. Owner and Privacy Officer

1.1 Owner

Owner and Privacy Officer is the company:

 

FROX AG
Seestrasse 88
CH-8712 Stäfa
E-mail: datenschutz@frox.ch
Phone: +41 55 254 12 54

1.2 Data Protection Officer

Our Data Protection Officer can be contacted at the above address.

1.3 EU representative

Should we require an EU representative, the following company has been commissioned:

 

Bucher & Suter AG
Stubenwald-Allee 19
D-64624 Bensheim
E-mail: info@bucher-suter.de
Phone: +49 6251 8622 500

2. Purposes of Data Processing and Legal Basis

2.1 When visiting our website

When you visit our website www.frox.ch the browser you use automatically sends information to the server of our website. This information is temporarily stored in a so-called logfile. The following information is collected and stored until deleted automatically:

 

• IP address
• Browser
• Operating system and its interface
• Browser software language and version
• Date and time of the query
• Time zone difference to Greenwich Mean Time (GMT)
• Country
• Content of the request (specific page)
• Access status / HTTP status code
• Transferred amount of data
• Website from where the request originates

 

We process the above data to establish a smooth connection and make our website user-friendly, maintain network and information security, evaluate system security and stability and for administrative purposes. Furthermore, user data is evaluated anonymously. This enables us to adapt our contents and products and services to suit user needs.

 

You are not legally or contractually obliged to provide us with personal data. However, we do use the data you provide for the purpose of using our website.

 

The legal basis for data processing is the protection of our legitimate interest. Our legitimate interest follows from the data collection purposes listed above. We do not use the collected data for the purpose of drawing conclusions about you. In addition, we use cookies and tracking tools on our website. Further information can be found under Section 4 of this Privacy Statement.

2.2 Signing up for our newsletter

If you have consented to receive our newsletters, invitations to events and other relevant information, we use your name and e-mail address to send you information electronically.

 

We send newsletters and other e-mails (information on technologies, projects, events, etc.) using our customer management system. The service provider of our customer management system has access to collected data from abroad. Our service provider needs this access to provide their service. Further information on the international transfer of personal data can be found under Section 3.2. The customer management system records data such as “opening rate”, “click rate”, “delivered”, (“successful delivery”, “bounces”, “unsubscribe”, “spam reports”), “HTML Clickmap”, “most frequently clicked links”, “contacts with the most interactions”, “time spent viewing the e-mail” (“read”, “skimmed”, “viewed briefly”), “interaction over the course of time”, and “opened according to e-mail client”.

 

You can withdraw your consent at any time in the future and unsubscribe our newsletters and e-mails by either using the link at the end of each newsletter or e-mail or alternatively the e-mail address of the Data Protection/Privacy Officer mentioned above (Section 1). This means that we will no longer process data based on this consent and it will be deleted provided no other legal basis exists (e.g., a contract concluded between us) or statutory retention obligations exist.

2.3 When using our contact form

For questions of any kind, we offer you the option to contact us via a form provided on our website. You will need to provide us with details such as your first name, last name, and a valid e-mail address (mandatory fields marked with an asterisk) so that we know who sent the request (and from where) and to enable us to respond accordingly. Further details such as company and phone number can be provided voluntarily.

 

Data processing for the purpose of contacting us is based on your consent.

 

The personal data we collect for the contact form is stored in our customer management system and passed on to the responsible department to ensure that your request is dealt with quickly and professionally. After your request for the purpose of which you contacted us has been dealt with, the information you provide will be deleted unless there is a new legal basis for processing your data.

3. Disclosure of Personal Data

3.1 Disclosure of personal data within the EU/EEA

We only share your personal data with third parties if:

 

• you have given your consent;
• disclosure is required for the assertion, exercise or defence of legal claims or protection of our legitimate interests and there is no reason to assume that you have a predominantly legitimate interest in not disclosing your information;
• disclosure is a legal obligation; and
• it is legally permissible and required for the fulfilment of our contractual obligations with you including the data processing aspects mentioned in this privacy statement.

 

For processing your data, we use the professional support of external service providers. This applies especially to the operation of our website, dealing with your contact requests, in particular through the customer management system, sending our newsletters and other e-mails as well as providing maintenance and support services. Our service providers have been carefully selected and commissioned by us and are bound by our instructions.

3.2 International transfer of personal data

Our contractual partners, with whose help we operate our website and process associated personal data, may be based in Switzerland or other countries (also countries outside Europe, e.g., USA).

 

We allow your data to be processed abroad when suitable guarantees are in place for their adequate protection, e.g., through the conclusion of so-called standard contractual clauses. Further information, in particular regarding the guarantees available in case of international transfer as well as copies, can be obtained from the Data Protection/Privacy Officer (Section 1).

4. Cookies and Tracking Tools

The tracking measures we use allow us to ensure a needs-based design as well as the continuous optimization of our website. We also use tracking measures to statistically record the use of our website and evaluate the resulting data for the purpose of optimizing our products and services. The mentioned tracking measures are legitimate interests and are therefore the required legal basis for data processing. You can adjust your browser settings to disable tracking by choosing the “Do not track” function on your browser. In our Cookie Policy, we inform you about how and for what purposes we use cookie technologies and what choices you have.

5. Social Media Plugins

It is in our legitimate interest to use Social Media plugins on our website for advertising purposes. The responsibility for data protection compliant operation must be ensured by the individual provider. The integration of these plugins by us takes place by the so-called two-click method to offer visitors to our website the best possible protection. The plugins are initially activated by clicking on the corresponding buttons. If these are greyed, the plugins are inactive. You have the option of activating the plugins once or permanently.

 

The plugins establish a direct connection between your browser and the servers of the respective social networks (LinkedIn, Twitter, Facebook, XING, YouTube, etc.). This initially takes place after activating the plugin. We have no influence on the nature and amount of data the plugin sends to the server of the social network.

 

The plugin informs the respective network that you have visited our website as a user. It is possible that your IP address is stored. Once you are logged in to your respective network account (LinkedIn, Twitter, Facebook, XING, YouTube, etc.) when you visit our website, the mentioned information is linked with the same. If you do not wish the network provider to link the data via the activated plugin with your stored member data, you must log out from your network account before activating the plugin.

 

If you are not a member of the respective network, it is still possible that the platform is able to identify and store your IP address.

5.1 LinkedIn

Our website uses buttons of the service LinkedIn of LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA (“LinkedIn”). You recognize LinkedIn plugins by the LinkedIn logo or “Recommend/Share” button. Information on all LinkedIn plugins can be found under: https://www.linkedin.com/developers/products. With the aid of the buttons, it is possible to share an article or a page from our website on LinkedIn or to follow us on LinkedIn. LinkedIn receives information on visits by users and interactions with services provided by third parties when users login via LinkedIn and use the LinkedIn Share button. Detailed information on how LinkedIn uses your data can be found in the privacy statement of LinkedIn under: https://www.linkedin.com/legal/privacy-policy.

5.2 Twitter

Our website uses buttons of the service Twitter of Twitter Inc., 795 Folsom St., Suite 600, San Francisco, CA 94107, USA (“Twitter”). You recognize Twitter plugins by the Twitter logo or terms such as “Twitter” or “Follow”. Information on all Twitter plugins can be found under: https://developer.twitter.com/en/docs/twitter-for-websites. With the aid of the buttons, it is possible to share an article or a page from our website on Twitter or to follow us on Twitter. Twitter receives information on visits by users and interactions with services provided by third parties when users login via Twitter and use the Twitter Share button. Detailed information on how Twitter uses your data can be found in the privacy statement of Twitter under: https://twitter.com/privacy.

5.3 Facebook

Our website uses buttons of the service Facebook of Facebook Inc., 1601 S California Ave, Palo Alto, California 94304, USA (“Facebook”). You recognize Facebook plugins by the Facebook logo, the term “Like”, “Thumbs up” symbol or the addition “Facebook Social Plugin”. Information on all Facebook plugins can be found under: https://developers.facebook.com/docs/plugins/. With the aid of the buttons, it is possible to share an article or a page from our website on Facebook or to follow us on Facebook. Facebook receives information on visits by users and interactions with services provided by third parties when users login via Facebook and use the Facebook Share button. Information on how social plugins function on Facebook can be found under: https://www.facebook.com/help/203587239679209.
Detailed information on how Facebook uses your data can be found in the privacy statement of Facebook under: https://www.facebook.com/about/privacy/.

5.4 XING

Our website uses buttons of the service XING of XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany (“XING”). You recognize XING plugins by the XING logo or “Share” button. Information on all XING plugins can be found under: https://dev.xing.com/. With the aid of the buttons, it is possible to share an article or a page from our website on XING or to follow us on XING. XING receives information on visits by users and interactions with services provided by third parties when users login via XING and use the XING Share button. Detailed information on how XING uses your data can be found in the privacy statement of XING under: https://privacy.xing.com/de/datenschutzerklaerung.

5.5 YouTube

Our website uses buttons of the service YouTube of Google LLC, D/B/A YouTube, 901 Cherry Ave., San Bruno, CA 94066, USA (“YouTube”). You recognize YouTube plugins by the YouTube logo. Information on all YouTube plugins can be found under: https://developers.google.com/youtube. With the aid of the buttons, it is possible to follow us on YouTube. YouTube receives information on visits by users and interactions with services provided by third parties when users login via YouTube. Detailed information on how YouTube uses your data can be found in the privacy statement of the YouTube operator Google under: https://policies.google.com/privacy.

6. Rights of the Data Subject

In accordance with data protection law concerning your personal data and its processing, you have the following rights as a data subject:

 

• To request information about the personal data we have processed.
• To request that inaccurate or incomplete personal data we have stored is corrected or completed without delay.
• To request the deletion of the personal data we have stored, provided the processing of this data is not essential in exercising the right to freedom of expression and information, in fulfilling a legal obligation, for reasons of public interest, or for the assertion, exercise or defence of legal claims.
• To request that a restriction be placed on the processing of the personal data provided: a) you contest the accuracy of the data; b) processing is unlawful, yet you refuse deletion of the data; c) we no longer require the data, yet you require the data for the assertion, exercise or defence of legal claims; or d) you have filed an objection against the processing of the data.
• To withdraw the consent given to us by you at any time, which means that we may no longer carry out any data processing activities in the future based on this consent.
• To file an objection against the processing of your personal data provided it is processed based on legitimate interests and if there are grounds that arise from your particular situation or the objection is against direct advertising, whereby in the latter case you have a general right to object, which we shall respect without the assertion that a particular situation exists.
• To receive the personal data you have provided to us in a structured, commonly used and machine-readable format or to request that it is transferred to another party provided the conditions for this are met.
• To file a complaint with the responsible supervisory authority.

 

If you have any questions regarding the existence or exercise of these rights, you can contact the Data Protection/Privacy Officer mentioned under Section 1 at any time.

7. Data Security

During your website visit, we use the SSL (Secure Socket Layer) method together with the highest encryption level supported by your browser. Generally this is 256-bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead. You can ascertain whether a specific page on our website is transmitted in encrypted form by the closed image of the key or lock symbol in the bottom status bar of your browser. We also use suitable technical (e.g., IT system security and building protection) and organizational (e.g., internal guidelines, training, directives) security measures to protect your data from accidental or malicious manipulation, partial or complete loss, and destruction and to prevent unauthorized access by third parties. Our security measures are improved on an ongoing basis as technological development advances.

8. Topicality and Amendment of our Privacy Statement

This Privacy Statement is currently valid and was issued in February 2021. It may be necessary to amend this Privacy Statement due to the development of our website and products and services or based on amended statutory or official requirements. We therefore recommend that this Privacy Statement is reviewed at regular intervals.

Data Protection for Customers, Suppliers, and Partners

 

FROX AG is part of the Noser Group. You are receiving this information because you are a (potential) customer, supplier or partner of FROX AG or the Noser Group or you work for a (potential) customer, supplier or partner of FROX AG or the Noser Group. In this capacity and as part of our business relationship, you provide us with various personal data. FROX AG and the Noser Group attach great importance to the transparent handling of your data and respectful collaboration. We would therefore like to inform you how we manage your personal data. At the same time, we fulfil with this information our legal obligations insofar as they affect us.

Where the terms “we” or “us” are used in this information, this refers to FROX AG.

 

If you require information on using our website or relating to our newsletters and other e-mails, please contact the Data Protection/Privacy Officer mentioned under Section 1.

1. Owner and Privacy Officer

1.1 Owner

The following company is responsible for your data:

 

FROX AG
Seestrasse 88
CH-8712 Stäfa
E-mail: datenschutz@frox.ch
Phone: +41 55 254 12 54

1.2 Data Protection Officer

Our Data Protection Officer can be contacted at the above address.

1.3 EU representative

Should we require an EU representative, the following company has been commissioned:

 

Bucher & Suter AG
Stubenwald-Allee 19
D-64624 Bensheim
E-mail: info@bucher-suter.de
Phone: +49 6251 8622 500

2. What Categories of Personal Data Are Processed by Us?

2.1 Processing of personal data

We mainly process the following personal data:

 

• Master data (e.g., name, if necessary date of birth), contact data (e.g., phone number, e-mail address, place of work, business card), signatures you have provided, and submitted powers of attorney
• User accounts for using our systems
• Data required for granting access to our business premises
• Your position and employer and, if relevant for the business relationship, your professional activities, experience and qualifications, references as well as information on the services you have provided to us
• In certain cases (e.g., as part of cooperation with financial institutions), and only if lawful, we will also receive from you information relating to debt enforcement or criminal records (e.g., if the project in which you are involved requires such proof and we are the person responsible for this information)
• Information about you in correspondence, e-mails and meetings, your opinions, feedback, and statements submitted and gathered as part of business activities
• Data of consultants and partners of your and, if necessary, their employees
• In certain cases, also financial data such as bank account details for payment purposes or data from your insurance company for the purpose of claims management
• Information in the context of judicial and extrajudicial proceedings
• Data available to the public

2.2 From whom do we receive your data?

We receive your data from you directly or from the company that employs you. We also retrieve data from public registers or databases such as the commercial register or the Internet. Insofar as permitted, we also receive such data from other companies of the Noser Group, from authorities and other third parties.

2.3 Obligation to share your data

In most cases, you are not legally obliged to share your personal data with us. Nonetheless, it is possible that you will have to provide this data on the basis of a contract with you or with the company for which you work (e.g., this is the case if you are mentioned as a contact person in a contract or are required to provide certain data, such as a statement of debt collection, references, etc., based on a contractual agreement). Certain data must also be provided for the purpose of concluding a contract (e.g., name, address, bank details). In some cases, failure to provide the data may lead to a breach of contract.

3. Purposes of Data Processing and Legal Basis

3.1 Use of personal data

We use collected personal data to carry out our business activities, in particular for the purpose of:

 

• concluding and managing contracts, including correspondence, invoicing, contract management, project development and management as well as safeguarding and management of contractual claims;
• establishing and maintaining business relationships, including marketing (e.g., provision of information about our products and services, invitation to events), maintaining contacts, correspondence, customer management, and customer satisfaction surveys;
• managing authorizations and use of our IT systems and internal tools;
• settling claims and insurance cases;
• carrying out of restructurings, company acquisitions and sales;
• supporting our operations, managing our group, and ensuring sustainability, e.g., retention, accounting, consulting with specialists on business incidents, fulfilling obligations to inform administrative bodies and authorities, ensuring compliance, and secure access to buildings and systems.

3.2 Legal basis for processing your data

The legal basis for processing your data is primarily the implementation of contractual measures and fulfilment as well as the management of contracts concluded with you. In addition, we are legally obliged to collect and process certain data, e.g., for the purpose of bookkeeping and accounting. Furthermore, it may be necessary to process your data to protect our legitimate interests. This is the case, for example, if we:

 

• approach our existing customers, partners, and new customers as part of marketing campaigns;
• uphold and enforce our legal rights;
• ensure the security and availability of our IT systems and other infrastructures;
• carry out or optimize business processes (including management and administration of the company and the Noser Group) as well as company acquisitions and restructurings;
• share data with our service providers for the purpose of performing certain tasks for us.

 

Before we process data on the basis of our legitimate interests, we ensure that your privacy rights do not outweigh our legitimate interests. If you do not agree to the processing on this basis and certain conditions are met, you can file an objection. An objection against direct advertising can be filed at any time. Further information regarding your rights can be found under Section 6. We also process on rare occasions personal data you have provided to us voluntarily and without the existence of the aforementioned legal basis. With regard to such data, you may withdraw your consent at any time, which means that we may no longer use the data and it will be deleted. This does not affect already processed data.

4. Disclosure of Personal Data

The disclosure of data constitutes data processing. We therefore only pass on your personal data to third parties if there is a legal basis for doing so (as described in Section 3 our legal bases are usually a contract concluded with you, legal obligations, legitimate interests, or your consent). As far as permissible, personal data is shared with other companies of the Noser Group for the purpose of administration and management of the Group including service providers who take over certain functions on our behalf and support us in our activities. In addition, your data may also be shared with partners and customers, if required by the business relationship, the project or usual market practices. Your personal data will also be shared with the following service providers, companies, and authorities:

 

• Companies that provide services on our behalf on a contractual basis such as IT hosting and maintenance providers, including Cloud service providers (e.g., Salesforce, Microsoft, Atlassian, Cisco), marketing agencies, consultants, banks, insurance companies, postal shipping, etc., including data processors. Other subcontractors and business partners, whose services we may lawfully obtain or with whom we have joint business relations.
• Authorities, law enforcement bodies, courts, if required for the purposes listed above, if required by law or for the legal protection of our legitimate interests in compliance with applicable legislation.
• Counterparties in company acquisitions.

 

The third parties listed above, to whom we may possibly transfer personal data, may be based in Switzerland or in other countries, also in countries outside Europe, e.g., the USA. If we process personal data abroad or do so in the context of using third-party services or disclosing or transferring data to third parties, this will only take place if there are appropriate guarantees for adequate protection of the transferred data, e.g., by concluding the so-called standard contractual clauses, adequacy decisions, etc. You can request detailed information on this, and in particular, a copy of the specific guarantees in place at any time from the Data Protection/Privacy Officer mentioned under Section 1.

5. Duration of Storage of Your Data

Your data will be stored: (i) as long as required for the purpose of processing; and/or (ii) as long as data storage is based on a legal obligation, e.g., legal retention obligations for business records; and/or (iii) as long as storage is necessary for the assertion, exercise or defence of legal claims. Once we no longer require your personal data for any of the above purposes, it will be deleted or anonymized as far as practically possible.

6. Rights of the Data Subject

In accordance with data protection law concerning your personal data and its processing, you have the following rights as a data subject:

 

• To request information about the personal data we have processed.
• To request that inaccurate or incomplete personal data we have stored is corrected or completed without delay.
• To request the deletion of the personal data we have stored, provided the processing of this data is not essential in exercising the right to freedom of expression and information, in fulfilling a legal obligation, for reasons of public interest, or for the assertion, exercise or defence of legal claims.
• To request that a restriction be placed on the processing of the personal data provided: a) you contest the accuracy of the data; b) processing is unlawful, yet you refuse deletion of the data; c) we no longer require the data, yet you require the data for the assertion, exercise or defence of legal claims; or d) you have filed an objection against the processing of the data.
• To withdraw the consent given to us by you at any time, which means that we may no longer carry out any data processing activities in the future based on this consent.
• To file an objection against the processing of your personal data provided it is processed based on legitimate interests and if there are grounds that arise from your particular situation or the objection is against direct advertising, whereby in the latter case you have a general right to object, which we shall respect without the assertion that a particular situation exists.
• To receive the personal data you have provided to us in a structured, commonly used and machine-readable format or to request that it is transferred to another party provided the conditions for this are met.
• To file a complaint with the responsible supervisory authority.

 

If you have any questions regarding the existence or exercise of these rights, you can contact the Data Protection/Privacy Officer mentioned under Section 1 at any time.

7. Data Security

We also use suitable technical (e.g., IT system security and building protection) and organizational (e.g., internal guidelines, training, directives) security measures to protect your data from accidental or malicious manipulation, partial or complete loss, and destruction and to prevent unauthorized access by third parties. Our security measures are improved on an ongoing basis as technological development advances.

8. Topicality and Amendment of our Privacy Statement

This Privacy Statement is currently valid and was issued in February 2021. It may be necessary to amend this Privacy Statement due to the development of our website and products and services or based on amended statutory or official requirements. We therefore recommend that this Privacy Statement is reviewed at regular intervals.

Information on data protection for applicants and employees

Data protection is an important corporate goal for the Noser Group. In this information, Noser Group (as well as “we”, “us”) should be understood to mean the relevant Noser Group company with which you are applying for a position or with which you are currently employed. For a list of Noser Group companies, seehttps://noser-group.ch/firmen-der-noser-gruppe. With this notice we want to inform you – as an employee, learner, job applicant of the Noser Group or, where applicable, contractor who provides services to the Noser Group – about how we process your personal data. You can find more information on the subject of data protection in our privacy policy.

1. Controller

1.1 The person responsible for your personal data is the company that employs you or the company with which you are applying for employment or the company with which you have been employed under a contract (see the list of Noser companies above).

1.2 If you have any questions in connection with this notice, you can contact your responsible human resources department at any time. In the privacy policy you will find the details and contact details of the person responsible for data protection matters for your company (also the details of a data protection officer, if applicable).

2. Purpose of data processing and legal basis

2.1 Human Resources

In order to fulfill our employment contract with you or to carry out the application process, we process the following personal data to the extent permitted by local law:

• Personal master data and identification data such as name, date of birth, gender, signature, residence status and data contained in the identity documents
• Income tax data, social security card; we may collect information about religious affiliation, which we will only process for church tax purposes
• sick leave, disabilities
• Changes in personal circumstances affecting the employment relationship, e.g. B. Marriage, divorce or similar.
• Department, function, activity, phone number, picture if applicable
• Private email address, emergency contacts
• Birthday and anniversary dates
• attendance and absence times
• Marital status, information about family members, including minors, to the extent necessary for the award of applicable benefits, securities or relocation assistance
• Training, course and further education data and measures, skills and professional experience
• Information in connection with benefits in kind and work equipment of the company, such as
  e.g. B. Business expenses (e.g. cash expenses, company credit cards, cell phones and company cars or private cars if compensation is claimed for them), the benefits you sign up for, your use of Company equipment and tools, travel preferences, details of the beneficiaries
• Qualifications, assessments
• capital accumulation benefits
• pension funds
• Information about violations of law or company policy or criminal convictions if you have consented to a background check or if we are authorized/required by law to do so.
• In certain cases and only with your consent, we also process behavioral profile analysis (VPA).

We process the aforementioned data for the following purposes:

• Selection and Recruitment Procedures
• Electronic time recording
• Birthday and Anniversary Directory
• Payroll accounting system (payroll, allowance, expense accounting)
• Personnel file/electronic personnel file
• HR administration
• Special payments, provision of benefits in kind and work equipment
• vacation planning
• Creation of professional profiles (specialist knowledge, qualifications and skills) that are required for assignments with customers or partners
• Fulfillment of legal and contractual storage and proof obligations

2.2 IT and communication management, business process

In connection with IT and communication management and in the ordinary course of business, we process the following personal data:

• Contact details of all participants in the e-mail procedure
• Business email traffic and internal instant messaging traffic
• Contact details (business email, telephone, location of employment), name, position and, if applicable – with your consent – picture
• User profiles for internal applications and IT services

We process the aforementioned data for the following purposes:

• Ensuring the proper course of business
• Ensuring internal and external communication (e.g. through internal contact lists and databases)
• Sending internal newsletters

2.3 Building and Security Management

In the area of ​​building and security management, we process the following personal data:

• Key and Badge Users
• issue and return dates
• Information about the persons responsible for security (names and contact details)