Data protection

Privacy policy

Thank you for visiting our website team-change-x.ch and for your interest in our company.

The protection of your personal data, such as date of birth, name, telephone number, address, etc., is an important concern for us.

The purpose of this privacy policy is to inform you about the processing of your personal data that we collect when you visit our website. Our data protection practices comply with the statutory provisions of the Swiss Federal Act on Data Protection (FADP) and the EU General Data Protection Regulation (GDPR). The following privacy policy serves to fulfill the information obligations arising from the FADP and the GDPR. These can be found, for example, in Art. 19 ff. DSG and Art. 13 ff. of the GDPR.

Owner or person responsible

The controller within the meaning of Art. 5(j) FADP and Art. 4(7) GDPR is the person who alone or jointly with others determines the purposes and means of the processing of personal data. The controller pursuant to Art. 4 no. 7 GDPR is also the recipient of the personal data within the meaning of Art. 4 no. 9 GDPR. Any third-party recipients are identified separately.

With regard to our website, the owner or controller is:

Team Change Xperience GmbH
Mühlestr. 12
8864 Reichenburg
Switzerland
E-Mail: mail@team-change-x.ch
Tel.: +41 (0)55 55 204 55

Provision of the website and creation of log files

Each time our website is accessed, our system automatically collects data and information from the accessing device (e.g. computer, cell phone, tablet, etc.).

What personal data is collected and to what extent is it processed?

(1) Information about the browser type and version used;
(2) The operating system of the accessing device;
(3) Host name of the accessing computer;
(4) The IP address of the accessing device;
(5) Date and time of access;
(6) Websites and resources (images, files, other page content) that were accessed on our website;
(7) Websites from which the user’s system came to our website (referrer tracking);
(8) Message as to whether the access was successful;
(9) Amount of data transferred

This data is stored in the log files of our system. This data is not stored together with the personal data of a specific user, so that individual site visitors cannot be identified.

Legal basis for the processing of personal data

Personal data is processed in accordance with the principle of lawfulness (Art. 6 para. 1 FADP) and the requirement of good faith (Art. 6 para. 2 FADP and Art. 2 CC) and Art. 6 para. 1 lit. f GDPR (legitimate interest).

Purpose of data processing

The temporary (automated) storage of the data is necessary for the course of a website visit in order to enable the website to be delivered. Personal data is also stored and processed to maintain the compatibility of our website for as many visitors as possible and to combat misuse and troubleshooting. For this purpose, it is necessary to log the technical data of the accessing computer in order to be able to react as early as possible to display errors, attacks on our IT systems and/or errors in the functionality of our website. In addition, we use the data to optimize the website and to generally ensure the security of our IT systems.

Duration of storage

The aforementioned technical data is deleted as soon as it is no longer required to ensure the compatibility of the website for all visitors, but no later than 3 months after accessing our website.

Restriction, objection, correction and deletion options

You may at any time request the restriction of processing in accordance with Art. 18 GDPR or object to processing in accordance with Art. 21 GDPR and request the rectification or erasure of data in accordance with Art. 16 or 17 GDPR. You can find out which rights you are entitled to and how to assert them at the bottom of this privacy policy.

Special functions of the website

Our website offers you various functions that collect, process and store personal data when you use them. Below we explain what happens to this data:

Contact form(s)

  • What personal data is collected and to what extent is it processed?

    The data entered by you in our contact forms, which you have entered in the input mask of the contact form.

  • Legal basis for the processing of personal data

    Personal data is processed in accordance with the principle of lawfulness (Art. 6 para. 1 FADP) and the requirement of good faith (Art. 6 para. 2 FADP or Art. 2 CC) as well as Art. 6 para. 1 lit. a GDPR or Art. 9 para. 2 lit. a GDPR (consent by clear affirmative action or conduct or express consent).

  • Purpose of data processing

    We will only use the data collected via our contact form or via our contact forms to process the specific contact request received via the contact form. Please note that we may also send you e-mails to the address provided in order to fulfill your contact request. The purpose of this is so that you can receive confirmation from us that your request has been forwarded to us correctly. However, sending this confirmation e-mail is not obligatory for us and is for your information only.

  • Duration of storage

    After your request has been processed, the data collected will be deleted immediately, provided there are no statutory retention periods.

  • Restriction, objection, correction and deletion options

    You may at any time request the restriction of processing in accordance with Art. 18 GDPR or object to processing in accordance with Art. 21 GDPR and request the rectification or erasure of data in accordance with Art. 16 or 17 GDPR. You can find out which rights you are entitled to and how to assert them at the bottom of this privacy policy.

  • Necessity of providing personal data

    The use of the contact forms is voluntary. You are not obliged to contact us via the contact form, but can also use the other contact options provided on our website. If you wish to use our contact form, you must complete the fields marked as mandatory. If you do not complete the required information on the contact form, you will either not be able to send the request or we will not be able to process your request due to a lack of information.

Appointment booking form

 

  • Scope of the processing of personal data

    The data you enter in our appointment booking form.

 

  • Legal basis for the processing of personal data

    Personal data is processed in accordance with the principle of lawfulness (Art. 6 para. 1 FADP) and the principle of good faith (Art. 6 para. 2 FADP and Art. 2 CC) and Art. 6 para. 1 lit. b GDPR (implementation of (pre-)contractual measures).

 

  • Purpose of data processing

    We will only use the data collected via our appointment booking form to process appointment requests received via the appointment booking form.

 

  • Duration of storage

    Your appointment booking will be deleted by us immediately 12 months after the appointment has been scheduled, provided there are no statutory retention obligations. We reserve the right to delete your data without giving reasons and without prior or subsequent information.

 

  • Restriction, objection, correction and deletion options

    You may at any time request the restriction of processing in accordance with Art. 18 GDPR or object to processing in accordance with Art. 21 GDPR and request the rectification or erasure of data in accordance with Art. 16 or 17 GDPR. You can find out which rights you are entitled to and how to assert them at the bottom of this privacy policy.

 

  • Necessity of providing personal data

    It is necessary to use our appointment booking form if you wish to book an appointment with us online. You must provide certain mandatory information to book online. If you do not complete the mandatory information, your appointment booking cannot be accepted or processed.

Disclosure of information to third parties

Personal data is processed in accordance with the principle of lawfulness (Art. 6 para. 1 FADP) and the principle of good faith (Art. 6 para. 2 FADP and Art. 2 Swiss Civil Code).

The disclosure of data to third parties depends on the scope of the activities or offers of our website or our business model described below.

In principle, we only keep your data for as long as necessary and treat it confidentially. Exceptions to this are the transfer of personal data to debt collection service providers, to public bodies and authorities and to private individuals who are entitled to it on the basis of legal provisions, court decisions or official orders, as well as the transfer to authorities for the purpose of initiating legal proceedings or for criminal prosecution purposes if our legally protected rights are attacked.

Statistical analysis of visits to this website – web tracker

We collect, process and store the following data when this website or individual files on the website are accessed: IP address, website from which the file was retrieved, name of the file, date and time of retrieval, amount of data transferred and notification of the success of the retrieval (so-called web log). We use this access data exclusively in non-personalized form for the continuous improvement of our website and for statistical purposes.

Any personal data is processed in accordance with the principle of lawfulness (Art. 6 para. 1 FADP) and the principle of good faith (Art. 6 para. 2 FADP and Art. 2 Swiss Civil Code). We also use the following web trackers to analyze visits to this website:

 

  • Airbrake

    We use the Airbrake service of Airbrake Technologies, Inc, 98 San Jacinto Blvd, Suite 1300, 78701 Austin, United States, on our website: privacy@airbrake.io, Website: https://airbrake.io/. Your personal data will be transferred to so-called insecure third countries that do not guarantee adequate data protection through their legislation. Your data will only be passed on if suitable data protection is guaranteed. This can be guaranteed in particular by

    • international treaties
    • data protection clauses in a contract between the controller or processor and its contractual partner that have been communicated to the FDPIC in advance
    • specific guarantees drawn up by the competent federal body and communicated to the FDPIC in advance
    • standard data protection clauses that the FDPIC has previously approved, issued or recognized, or
    • binding internal company data protection regulations that have been approved in advance by the FDPIC or by a data protection authority of a country that guarantees adequate protection

    If such guarantees are not in place, your data may only be disclosed if you have given your consent, the disclosure is directly related to the conclusion or execution of a contract, or the disclosure is necessary for the enforcement of claims before courts and authorities or to protect public interests. From the perspective of the EU, the data processing takes place in a third country for which there is no adequacy decision by the EU Commission. Therefore, the usual level of protection for the GDPR cannot be guaranteed for the transfer, as it cannot be ruled out that authorities in the third country, for example, may access the data collected. Your data can only be transferred to these third countries if it is ensured that the personal data is adequately protected by the recipient. This can be done through the use of standard contractual clauses, in the case of data transfers within a group through so-called Binding Corporate Rules, through an obligation to comply with rules of conduct that have been declared generally applicable by the Commission or through certification of the processing operation.

    The legal basis for the transfer of personal data is your consent in accordance with Art. 6 para. 6 DSG or Art. 31 para. 2 DSG and Art. 6 para. 1 lit. a DSGVO or Art. 9 para. 2 lit. a DSGVO, which you have given on our website.

    The service is used for error monitoring of applications used by us so that errors with the applications can be found and rectified more quickly.

    You can withdraw your consent at any time. You can find more information on withdrawing your consent either in the consent itself or at the end of this privacy policy.

    Further information on the handling of the transferred data can be found in the provider’s privacy policy at https://airbrake.io/privacy.

 

  • Google

    We use the Google service of Google Ireland Limited, Gordon House, Barrow Street, 4 Dublin, Ireland, on our website: support-deutschland@google.com, Website: https://www.google.com/. According to the Swiss authorities, processing takes place in safe third countries. You can find Switzerland’s list of countries and further information at the following link: https://www.edoeb.admin.ch/edoeb/de/home/datenschutz/handel-und-wirtschaft/uebermittlung-ins-ausland.html. Personal data is also transferred to the USA. With regard to the transfer of personal data to the USA, there is an adequacy decision on the EU-US Data Privacy Framework of the EU Commission within the meaning of Art. 45 GDPR (hereinafter: DPF – Data Protection Framework). https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en ). The operator of the service is certified under the DPF, so that the usual level of protection of the GDPR applies to the transmission.

    The legal basis for the transfer of personal data is your consent in accordance with Art. 6 para. 6 DSG or Art. 31 para. 2 DSG and Art. 6 para. 1 lit. a DSGVO or Art. 9 para. 2 lit. a DSGVO, which you have given on our website.

    We use Google to be able to load additional Google services on the website. The service is used to provide additional Google services, such as the required data processing for the provision of streams and fonts and relevant Google search content. It is technically required in order to be able to exchange the site visitor’s information already available to Google between the Google services and to be able to provide the site visitor with individual content adapted to their Google account.

    The service or we collect the following data for processing purposes: Background data stored in the Google user account or with other Google services about the site visitor, background data for the provision of Google services such as streaming data or advertising data, data about the site user’s use of Google search, information about the end device used, the IP address and the user’s browser and other data from Google services for the provision of Google services related to our website.

    If the service is activated on our website, our website establishes a connection to the servers of Google Ireland Limited and transmits the required data. As part of order processing, personal data may also be transmitted to the servers of Google LLC, 1600 Amphitheatre Parkway, 94043 Mountain View, United States. When using the Google service on our website, Google may transmit and process information from other Google services in order to provide background services for the display and data processing of the services provided by Google. For this purpose, data may also be transferred to the Google services Google Apis, Doubleclick, Google Cloud, Google Ads and Google Fonts in accordance with the Google privacy policy. You can view the provider’s certification under the EU-US Data Privacy Framework at https://www.dataprivacyframework.gov/list retrieve.

    You can withdraw your consent at any time. You can find more information on withdrawing your consent either in the consent itself or at the end of this privacy policy.

    Further information on the handling of the transferred data can be found in the provider’s privacy policy at https://policies.google.com/privacy.

    The provider also offers an opt-out option at https://support.google.com/My-Ad-Center-Help/answer/12155451?hl=de .

 

  • Google Tag Manager

    • What personal data is collected and to what extent is it processed?

      On our website we use the Google Tag Manager service provided by Google Ireland Ltd, Gordon House, Barrow Street, 4 Dublin, Ireland, e-mail: support-deutschland@google.com, Website: https://www.google.com/ (hereinafter: Google Tag Manager). Google Tag Manager provides a technical platform for executing and controlling other web services and web tracking programs in a bundled manner by means of so-called “tags”. In this context, Google Tag Manager stores cookies on your computer and, if web tracking tools are executed using Google Tag Manager, analyzes your surfing behavior (so-called “tracking”). This data sent by individual tags integrated in Google Tag Manager is merged, stored and processed by Google Tag Manager under a uniform user interface. All integrated “tags” are listed separately in this privacy policy. You can find more information on data protection for the tools integrated in Google Tag Manager in the relevant section of this privacy policy. When using our website with activated integration of Google Tag Manager tags, data, in particular your IP address and your user activities, are transmitted to servers of Google Ireland Limited. With regard to the web services integrated via Google Tag Manager, the regulations in the respective section of this privacy policy apply. The tracking tools used in Google Tag Manager ensure that the IP address is anonymized by Google Tag Manager before transmission by means of IP anonymization of the source code. Google Tag Manager only enables the anonymized collection of IP addresses (so-called IP masking).

    • Legal basis for the processing of personal data

      The legal basis for data processing is your consent in our information banner regarding the use of cookies and web tracking (consent by clear affirmative action or behavior) in accordance with Art. 13 para. 1 FADP and Art. 6 para. 1 lit. a GDPR.

    • Purpose of data processing

      On our behalf, Google will use the information obtained via Google Tag Manager to evaluate your visit to this website, to compile reports on website activity and to provide us with other services relating to website activity and internet usage.

    • Duration of storage

      Google will store the data relevant to the function of Google Tag Manager for as long as it is necessary to fulfill the booked web service. Data collection and storage is anonymized. If there is any personal reference, the data will be deleted immediately, provided that it is not subject to any statutory retention obligations. In any case, the deletion takes place after expiry of the retention obligation.

    • Objection and deletion option

      You can prevent the collection and forwarding of personal data to Google (in particular your IP address) and the processing of this data by Google by deactivating the execution of script code in your browser, installing a script blocker in your browser or activating the “Do Not Track” setting in your browser. You can also prevent Google from collecting the data generated by the Google cookie and relating to your use of the website (including your IP address) and from processing this data by Google by clicking on the following link http://tools.google.com/dlpage/gaoptout?hl=de download and install the available browser plug-in. You can find Google’s security and data protection principles at https://policies.google.com/privacy.

 

  • Gstatic

    We use the Gstatic service of Google Ireland Limited, Gordon House, Barrow Street, 4 Dublin, Ireland, on our website: support-deutschland@google.com, Website: https://www.google.com/. According to the Swiss authorities, processing takes place in safe third countries. You can find Switzerland’s list of countries and further information at the following link: https://www.edoeb.admin.ch/edoeb/de/home/datenschutz/handel-und-wirtschaft/uebermittlung-ins-ausland.html. Personal data is also transferred to the USA. With regard to the transfer of personal data to the USA, there is an adequacy decision on the EU-US Data Privacy Framework of the EU Commission within the meaning of Art. 45 GDPR (hereinafter: DPF – Data Protection Framework). https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en ). The operator of the service is certified under the DPF, so that the usual level of protection of the GDPR applies to the transmission.

    The legal basis for the transfer of personal data is your consent in accordance with Art. 6 para. 6 DSG or Art. 31 para. 2 DSG and Art. 6 para. 1 lit. a DSGVO or Art. 9 para. 2 lit. a DSGVO, which you have given on our website.

    Gstatic is a background service used by Google to retrieve static content in order to reduce bandwidth usage and load required catalog files in advance. In particular, the service loads background data for Google Fonts and Google Maps.

    As part of order processing, personal data may also be transmitted to the servers of Google LLC, 1600 Amphitheatre Parkway, 94043 Mountain View, United States. You can view the provider’s certification under the EU-US Data Privacy Framework at https://www.dataprivacyframework.gov/list retrieve.

    You can withdraw your consent at any time. You can find more information on withdrawing your consent either in the consent itself or at the end of this privacy policy.

    Further information on the handling of the transferred data can be found in the provider’s privacy policy at https://policies.google.com/privacy.

    The provider also offers an opt-out option at https://support.google.com/My-Ad-Center-Help/answer/12155451?hl=de .

 

  • OneTrust

    We use the OneTrust service provided by OneTrust, LLC, 1200 Abernathy Road, 30328 Atlanta, United States, on our website: info@onetrust.com, Website: https://www.onetrust.com/. Your personal data will be transferred to so-called insecure third countries that do not guarantee adequate data protection through their legislation. Your data will only be passed on if suitable data protection is guaranteed. This can be guaranteed in particular by

    • international treaties
    • data protection clauses in a contract between the controller or processor and its contractual partner that have been communicated to the FDPIC in advance
    • specific guarantees drawn up by the competent federal body and communicated to the FDPIC in advance
    • standard data protection clauses that the FDPIC has previously approved, issued or recognized, or
    • binding internal company data protection regulations that have been approved in advance by the FDPIC or by a data protection authority of a country that guarantees adequate protection

    If such guarantees are not in place, your data may only be disclosed if you have given your consent, the disclosure is directly related to the conclusion or execution of a contract, or the disclosure is necessary to enforce claims before courts and authorities or to protect public interests. Personal data is also transferred to the USA. With regard to the transfer of personal data to the USA, there is an adequacy decision on the EU-US Data Privacy Framework of the EU Commission within the meaning of Art. 45 GDPR (hereinafter referred to as DPF). https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en ). The operator of the service is certified under the DPF, so that the usual level of protection of the GDPR applies to the transmission.

    The legal basis for the transmission and processing is Art. 31 para. 1 FADP and Art. 6 para. 1 lit. c GDPR. The use of the service helps us to comply with our legal obligations.

    By integrating OneTrust, we fulfill our legal obligation with regard to the consent management required for cookies.

    You can access the provider’s certification under the EU-US Data Privacy Framework at https://www.dataprivacyframework.gov/list .

    The rights to which you are entitled with regard to processing can be found at the end of this privacy policy.

    Further information on the handling of the transferred data can be found in the provider’s privacy policy at https://www.onetrust.com/privacy-notice/.

Integration of external web services and processing of data outside the EU

We use active content from external providers, so-called web services, on our website. By accessing our website, these external providers may receive personal information about your visit to our website. Data may be processed outside Switzerland and the EU. You can prevent this by installing an appropriate browser plugin or deactivating the execution of scripts in your browser. This may result in functional restrictions on websites that you visit.

We use the following external web services:

  • Amazon CloudFront (CDN)

    We use the Amazon CloudFront (CDN) service of Amazon Web Services EMEA SARL, 38 avenue John F. Kennedy, L-1855 Luxembourg, Luxembourg, e-mail: privacyshield@amazon.com, Website: https://aws.amazon.com/de/cloudfront/. According to the Swiss authorities, processing takes place in safe third countries. You can find Switzerland’s list of countries and further information at the following link: https://www.edoeb.admin.ch/edoeb/de/home/datenschutz/handel-und-wirtschaft/uebermittlung-ins-ausland.html. Personal data is also transferred to the USA. With regard to the transfer of personal data to the USA, there is an adequacy decision on the EU-US Data Privacy Framework of the EU Commission within the meaning of Art. 45 GDPR (hereinafter: DPF – Data Protection Framework). https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en ). The operator of the service is certified under the DPF, so that the usual level of protection of the GDPR applies to the transmission.

    The legal basis for the transfer of personal data is our legitimate interest in processing in accordance with Art. 6 para. 1 lit. f GDPR. Our legitimate interest lies in achieving the purpose described below.

    Amazon CloudFront CDN is a content delivery network that mirrors our content across different servers to ensure optimal accessibility worldwide.

    You can access the provider’s certification under the EU-US Data Privacy Framework at https://www.dataprivacyframework.gov/list .

    With regard to processing, you have the right to object as set out in Art. 21 GDPR. Further information can be found at the end of this privacy policy.

    Further information on the handling of the transferred data can be found in the provider’s privacy policy at https://aws.amazon.com/de/privacy/?nc1=f_pr.

 

  • Calendly

    We use the Calendly service of Calendly LLC, 1315 Peachtree St NE, GA 30309 Atlanta, United States, on our website: support@calendly.com, Website: https://calendly.com/. Your personal data will be transferred to so-called insecure third countries that do not guarantee adequate data protection through their legislation. Your data will only be passed on if suitable data protection is guaranteed. This can be guaranteed in particular by

    • international treaties
    • data protection clauses in a contract between the controller or processor and its contractual partner that have been communicated to the FDPIC in advance
    • specific guarantees drawn up by the competent federal body and communicated to the FDPIC in advance
    • standard data protection clauses that the FDPIC has previously approved, issued or recognized, or
    • binding internal company data protection regulations that have been approved in advance by the FDPIC or by a data protection authority of a country that guarantees adequate protection

    If such guarantees are not in place, your data may only be disclosed if you have given your consent, the disclosure is directly related to the conclusion or execution of a contract, or the disclosure is necessary for the enforcement of claims before courts and authorities or to protect public interests. From the perspective of the EU, the data processing takes place in a third country for which there is no adequacy decision by the EU Commission. Therefore, the usual level of protection for the GDPR cannot be guaranteed for the transfer, as it cannot be ruled out that authorities in the third country, for example, may access the data collected. Your data can only be transferred to these third countries if it is ensured that the personal data is adequately protected by the recipient. This can be done through the use of standard contractual clauses, in the case of data transfers within a group through so-called Binding Corporate Rules, through an obligation to comply with rules of conduct that have been declared generally applicable by the Commission or through certification of the processing operation.

    The legal basis for the transfer of personal data is your consent in accordance with Art. 6 para. 6 DSG or Art. 31 para. 2 DSG and Art. 6 para. 1 lit. a DSGVO or Art. 9 para. 2 lit. a DSGVO, which you have given on our website.

    The service supports us by providing an online calendar to record and manage appointments booked or reserved by you.

    You can withdraw your consent at any time. You can find more information on withdrawing your consent either in the consent itself or at the end of this privacy policy.

    Further information on the handling of the transferred data can be found in the provider’s privacy policy at https://calendly.com/privacy.

 

 

  • Google Cloud APIs

    We use the Google Cloud APIs service provided by Google Ireland Limited, Gordon House, Barrow Street, 4 Dublin, Ireland, on our website: support-deutschland@google.com, Website: https://www.google.com/. According to the Swiss authorities, processing takes place in safe third countries. Switzerland’s list of countries and further information can be found at the following link: https://www.edoeb.admin.ch/edoeb/de/home/datenschutz/handel-und-wirtschaft/uebermittlung-ins-ausland.html. Personal data is also transferred to the USA. With regard to the transfer of personal data to the USA, there is an adequacy decision on the EU-US Data Privacy Framework of the EU Commission within the meaning of Art. 45 GDPR (hereinafter: DPF – Data Protection Framework). https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en ). The operator of the service is certified under the DPF, so that the usual level of protection of the GDPR applies to the transmission.

    The legal basis for the transfer of personal data is your consent in accordance with Art. 6 para. 6 DSG or Art. 31 para. 2 DSG and Art. 6 para. 1 lit. a DSGVO or Art. 9 para. 2 lit. a DSGVO, which you have given on our website.

    We use Google APIs to be able to load additional Google services on the website. Google Apis is a collection of interfaces for communication between the various Google services used on your website. The service is used in particular to display Google Fonts fonts and to provide the Google Maps map.

    The service or we collect the following data for processing: IP address

    If the service is activated on our website, our website establishes a connection to the servers of Google Ireland Limited and transmits the required data. As part of order processing, personal data may also be transmitted to the servers of Google LLC, 1600 Amphitheatre Parkway, 94043 Mountain View, United States. When using the Google service on our website, Google may transmit and process information from other Google services in order to provide background services for the display and data processing of the services provided by Google. For this purpose, data may also be transferred to the Google services Google Cloud, Google Maps, Google Ads and Google Fonts in accordance with the Google Privacy Policy under the data protection responsibility of Google. You can view the provider’s certification under the EU-US Data Privacy Framework at https://www.dataprivacyframework.gov/list retrieve.

    You can withdraw your consent at any time. You can find more information on withdrawing your consent either in the consent itself or at the end of this privacy policy.

    Further information on the handling of the transferred data can be found in the provider’s privacy policy at https://policies.google.com/privacy.

    The provider also offers an opt-out option at https://support.google.com/My-Ad-Center-Help/answer/12155451?hl=de .

 

  • Google Fonts

    We use the Google Fonts service of Google Ireland Limited, Gordon House, Barrow Street, 4 Dublin, Ireland, e-mail on our website: support-deutschland@google.com, Website: https://www.google.com/. According to the Swiss authorities, processing takes place in safe third countries. You can find Switzerland’s list of countries and further information at the following link: https://www.edoeb.admin.ch/edoeb/de/home/datenschutz/handel-und-wirtschaft/uebermittlung-ins-ausland.html. Personal data is also transferred to the USA. With regard to the transfer of personal data to the USA, there is an adequacy decision on the EU-US Data Privacy Framework of the EU Commission within the meaning of Art. 45 GDPR (hereinafter: DPF – Data Protection Framework). https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en ). The operator of the service is certified under the DPF, so that the usual level of protection of the GDPR applies to the transmission.

    The legal basis for the transfer of personal data is your consent in accordance with Art. 6 para. 6 DSG or Art. 31 para. 2 DSG and Art. 6 para. 1 lit. a DSGVO or Art. 9 para. 2 lit. a DSGVO, which you have given on our website.

    We use the Google Fonts service to integrate attractive fonts on our website in order to display our website to you in a visually improved version. The service may also be used on our website if other Google services are loaded on our website that require Google Fonts fonts to run. This is the case, for example, if our website uses Google services that require Google Fonts to run.

    For the processing itself, the service or we collect the following data: Data on fonts, IP address of the site visitor, statistics on the use of fonts and other data from Google services related to our website.

    If the service is activated on our website, our website establishes a connection to the servers of Google Ireland Limited and transmits the required data. As part of order processing, personal data may also be transmitted to the servers of Google LLC, 1600 Amphitheatre Parkway, 94043 Mountain View, United States. When using the Google service on our website, Google may transmit and process information from other Google services in order to provide background services for the display and data processing of the services provided by Google. For this purpose, data may also be transferred to the Google services Google Apis, Google Cloud and Google Ads in accordance with the Google Privacy Policy. You can view the provider’s certification under the EU-US Data Privacy Framework at https://www.dataprivacyframework.gov/list retrieve.

    You can withdraw your consent at any time. You can find more information on withdrawing your consent either in the consent itself or at the end of this privacy policy.

    Further information on the handling of the transferred data can be found in the provider’s privacy policy at https://policies.google.com/privacy.

    The provider also offers an opt-out option at https://support.google.com/My-Ad-Center-Help/answer/12155451?hl=de .

 

  • Google reCaptcha

    We use the Google reCaptcha service provided by Google Ireland Limited, Gordon House, Barrow Street, 4 Dublin, Ireland, on our website: support-deutschland@google.com, Website: https://www.google.com/. According to the Swiss authorities, processing takes place in safe third countries. You can find Switzerland’s list of countries and further information at the following link: https://www.edoeb.admin.ch/edoeb/de/home/datenschutz/handel-und-wirtschaft/uebermittlung-ins-ausland.html. Personal data is also transferred to the USA. With regard to the transfer of personal data to the USA, there is an adequacy decision on the EU-US Data Privacy Framework of the EU Commission within the meaning of Art. 45 GDPR (hereinafter: DPF – Data Protection Framework). https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en ). The operator of the service is certified under the DPF, so that the usual level of protection of the GDPR applies to the transmission.

    The legal basis for the transfer of personal data is your consent in accordance with Art. 6 para. 6 DSG or Art. 31 para. 2 DSG and Art. 6 para. 1 lit. a DSGVO or Art. 9 para. 2 lit. a DSGVO, which you have given on our website.

    If Google reCaptcha is activated on our website, the data collected by Google reCaptcha will be transmitted to servers of Google Ireland Limited. As part of order processing, personal data may also be transmitted to the servers of the parent company Google LLC, 1600 Amphitheatre Parkway, 94043 Mountain View, United States. Based on specific characteristics and an analysis of the page behavior, the service recognizes whether the input made is automated input by means of a program (so-called bot) or a human being. The service has three different levels. Either the service automatically recognizes that the input is not automated by a bot or it lets the user select a Captcha checkbox. A third option is to display small image or voice tasks / text tasks that must be solved by the site visitor. Google reCaptcha is a Capcha service that is used on our website for security reasons in order to prevent bots (robot programs) from interacting with our website. Google reCaptcha verifies on our behalf that only humans and not bots can use our website. In particular, this enables us to protect the special functions of our website (e.g. contact forms or other input options such as the login area) from abusive page access.

    For the processing itself, the service or we collect the following data: User behavior (e.g. mouse gestures or input behavior), IP address, browser data, computer information.

    If you wish to use the input options protected by Google reCaptcha on our website, you must allow the use of Google reCaptcha and, if necessary, solve the corresponding captchas. If you do not fill in the captcha or do not allow the use of Google reCaptcha, you will not be able to use the form protected by the captcha. Alternatively, you can always use our other contact options (e.g. post or e-mail). You can view the provider’s certification under the EU-US Data Privacy Framework at https://www.dataprivacyframework.gov/list retrieve.

    You can withdraw your consent at any time. You can find more information on withdrawing your consent either in the consent itself or at the end of this privacy policy.

    Further information on the handling of the transferred data can be found in the provider’s privacy policy at https://policies.google.com/privacy.

    The provider also offers an opt-out option at https://support.google.com/My-Ad-Center-Help/answer/12155451?hl=de .

 

  • Legally ok

    On our website we use the Legally ok service provided by Legally ok GmbH, Schochenmühlestrasse 6, 6340 Baar, Switzerland, e-mail: hello@legally-ok.com, Website: https://www.legally-ok.com/. Processing takes place exclusively in Switzerland in accordance with the data protection legislation applicable there. Processing also takes place in a third country outside the EU. The Commission has issued an adequacy decision for this third country. On the website of the EU Commission (Link: https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/adequacy-decisions_de) you will find a current list of all adequacy decisions.

    The legal basis for the transmission and processing is Art. 31 para. 1 FADP and Art. 6 para. 1 lit. c GDPR. The use of the service helps us to comply with our legal obligations.

    With the help of the service, the contents of our legal texts are reloaded onto our website. The current legal texts are reloaded via the integration on our website. This integration may also be used to load additional technical modules with regard to the legal texts or legally required elements.

    The rights to which you are entitled with regard to processing can be found at the end of this privacy policy.

    Further information on the handling of the transferred data can be found in the provider’s privacy policy at https://www.legally-ok.com/datenschutz/.

 

  • Stripe

    We use the Stripe service of Stripe Payments Europe Limited, The One Building, 1, Grand Canal Street Lower , D02 HD59 Dublin, Ireland, on our website: privacy@stripe.com, Website: https://stripe.com/. According to the Swiss authorities, processing takes place in safe third countries. You can find Switzerland’s list of countries and further information at the following link: https://www.edoeb.admin.ch/edoeb/de/home/datenschutz/handel-und-wirtschaft/uebermittlung-ins-ausland.html. Personal data is also transferred to the USA. With regard to the transfer of personal data to the USA, there is an adequacy decision on the EU-US Data Privacy Framework of the EU Commission within the meaning of Art. 45 GDPR (hereinafter: DPF – Data Protection Framework). https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en ). The operator of the service is certified under the DPF, so that the usual level of protection of the GDPR applies to the transmission.

    The legal basis for the transfer of personal data is the contract already concluded or to be concluded between you and us in accordance with Art. 31 para. 2 let. a FADP and Art. 6 para. 1 let. b GDPR.

    The plugin allows us to implement the services of Stripe, an online payment service provider that enables companies and individuals to accept payments over the Internet, on our website. This simplifies and automates payment processes.

    You can access the certification of the parent company within the framework of the EU-US Data Privacy Framework at https://www.dataprivacyframework.gov/list .

    The rights to which you are entitled with regard to processing can be found at the end of this privacy policy.

    Further information on the handling of the transferred data can be found in the provider’s privacy policy at https://stripe.com/de/privacy.

 

 

Information on the use of cookies

Scope of the processing of personal data

We integrate and use cookies on various pages to enable certain functions of our website and to integrate external web services. Cookies are small text files that your browser can store on your access device. These text files contain a characteristic string of characters that uniquely identifies the browser when you return to our website. The process of saving a cookie file is also referred to as “setting a cookie”. Cookies can be set both by the website itself and by external web services.

Legal basis for the processing of personal data

Relevant are Art. 6 ff. FADP (principles) and Art. 6 para. 1 lit. f GDPR (legitimate interest) and Art. 6 para. 1 lit. a or Art. 9 para. 2 lit. a GDPR (consent).

The relevant legal basis can be found in the cookie table listed later in this section.

In general, in the case of cookies that are collected on the basis of a legitimate interest, our legitimate interest is to ensure the functionality of our website and the services integrated into it (technically necessary cookies). In addition, the cookies may increase their user-friendliness and enable a more personalized approach. In this case, we have weighed up your interests against our interests.

With the help of cookie technology, we can only identify, analyze and track individual website visitors if the website visitor has consented to the use of cookies in accordance with Art. 6 para. 6 DSG or Art. 6 para. 1 lit. a DSGVO.

Purpose of data processing

The cookies are set by our website or the external web services in order to maintain the full functionality of our website, to improve user-friendliness or to pursue the purpose stated with your consent. Cookie technology also enables us to recognize individual visitors by means of pseudonyms, e.g. individual or random IDs, so that we can offer more individual services. Details are listed in the table below.

Duration of storage

The cookies listed below are stored in your browser until they are deleted or, in the case of a session cookie, until the session has expired. Details are listed in the following table:

Cookie name Server Provider Purpose Legal basis Storage duration Type
OptanonConsent .calendly.com CookiePro (OneTrust LLC, 1200 Abernathy Rd NE, Building 600, GA 30328 Atlanta, United States) This cookie is set to store information about the cookie categories of the website and the cookie consents of the website visitors. The cookie is required for the cookie banner to work. Fulfillment of legal obligations approx. 12 months Cookie banner
__cf_bm .calendly.com Calendly Cloudflare places the __cf_bm cookie on end-user devices accessing customer websites protected by Bot Management or Bot Fight Mode. The __cf_bm cookie is necessary for these bot solutions to function properly. The cookie contains information to calculate Cloudflare’s own bot score and, if anomaly detection is enabled in Bot Management, a session identifier. The information in the cookie (with the exception of time-related information) is encrypted and can only be decrypted by Cloudflare. Legitimate interest approx. 30 minutes Security
__cfruid .calendly.com Calendly This cookie is part of the CDN services offered by Cloudflare. The CDN services allow us to speed up our website and protect our server connection from abusive access by bots or other attacks by creating a server load balancer. Legitimate interest Session Security
__stripe_mid .calendly.com Stripe This cookie is necessary to carry out credit card transactions on the website via Stripe. With the help of the cookie, the credit card details do not need to be entered. Consent approx. 12 months Configuration
__stripe_sid .calendly.com Stripe This cookie is necessary to carry out credit card transactions on the website via Stripe. With the help of the cookie, the credit card details do not need to be entered. Consent approx. 30 minutes Configuration
_calendly_session calendly.com Calendly The cookie stores the user’s preferences. If the visitor gives consent, this cookie enables the website to add events to the visitor’s calendar. Consent approx. 21 days Configuration
_cfuvid .calendly.com Calendly This cookie is part of the services offered by Cloudflare – including load balancing, delivery of website content and provision of DNS connections for website operators. It is used for rate limiting to distinguish individual users who share the same IP address. Consent Session Configuration
_gcl_au team-change-x.ch Google Tag Manager This cookie is used by Google AdSense to increase the efficiency of advertising. Consent approx. 3 months Marketing
cookieyes-consent team-change-x.ch Website operator The cookie stores the cookie banner settings and the site user’s decision regarding cookies. Fulfillment of legal obligations approx. 12 months Cookie banner
dd_cookie_test_* calendly.com Datadog (Datadog, Inc., 620 8th Avenue, Floor 45, 10018 New York, United States) This cookie is used to test whether cookies can be set. Fulfillment of legal obligations approx. 70 seconds Cookie banner
m m.stripe.com Stripe Determines the device used to access the website. This allows the website to be formatted accordingly. Technically necessary approx. 24 months Comfort
wp-wpml_current_language team-change-x.ch Website operator The cookie saves the language setting or recognizes the browser language and directs the user of this website directly to the appropriate multilingual content. Consent Session Configuration

Possibility of objection, revocation of consent and deletion

You can set your browser according to your wishes so that the setting of cookies is generally prevented. You can then decide on a case-by-case basis whether to accept cookies or to accept cookies in general. Cookies can be used for various purposes, e.g. to recognize that your access device is already connected to our website (permanent cookies) or to save recently viewed offers (session cookies). If you have expressly given us permission to process your personal data, you can revoke this consent at any time. Please note that this does not affect the lawfulness of the processing carried out on the basis of your consent until you withdraw it.

 

Data security and data protection, communication by e-mail

Your personal data is protected by technical and organizational measures during collection, storage and processing in such a way that it is not accessible to third parties. In the case of unencrypted communication by e-mail, we cannot guarantee complete data security on the transmission path to our IT systems, so we recommend encrypted communication or the postal service for information requiring a high level of confidentiality.

Duration of data storage and rights of the data subject

Duration of storage

We only store the personal data to the extent and for as long as this is necessary to fulfill the purposes for which the personal data was collected, we have a legitimate overriding interest in storing it or are legally obliged to do so.

Right to information

You have the right to request confirmation as to whether we are processing your personal data. If this is the case, you have a right to information about the information specified in 25 ff. FADP or Art. 15 para. 1 GDPR, provided that the information cannot be refused, restricted or postponed by the data controller (see Art. 26 f. FADP or Art. 15 para. 4 GDPR). We will also be happy to provide you with a copy of the data.

Right of rectification

In accordance with Art. 32 para. 1 FADP or Art. 16 GDPR, you have the right to demand that incorrectly stored personal data (e.g. address, name, etc.) be corrected, provided that this claim does not conflict with any legal obligation. You can also request the completion of the data stored by us at any time. A corresponding adjustment will be made immediately.

Right to erasure

In accordance with Art. 17 (1) GDPR, you have the right to request that we erase the personal data collected about you if

  • the data is either no longer required;
  • the legal basis for processing has ceased to exist without substitution due to the withdrawal of your consent;
  • there are no longer any legitimate reasons for processing;
  • your data is processed unlawfully;
  • a legal obligation requires this.

Pursuant to Art. 17 (3) GDPR, the right does not exist if

  • the processing is necessary for the exercise of the right to freedom of expression and information;
  • your data has been collected on the basis of a legal obligation;
  • the processing is necessary for reasons of public interest;
  • the data is required for the establishment, exercise or defense of legal claims.

Right to restriction of processing

Pursuant to Art. 18 (1) GDPR, you have the right in individual cases to request the restriction of the processing of your personal data.

This is the case if

  • the accuracy of the personal data is disputed by you;
  • the processing is unlawful and you do not consent to deletion;
  • the data are no longer required for the purpose of processing, but the data collected serve the assertion, exercise or defense of legal claims;
  • an objection to the processing pursuant to Art. 21 (1) GDPR has been lodged and it is still unclear which interests prevail.

Right of revocation

If you have given us your express consent to process your personal data (Art. 6 para. 6 FADP and Art. 31 para. 1 FADP; Art. 6 para. 1 lit. a GDPR or Art. 9 para. 2 lit. a GDPR), you can withdraw this consent at any time. Please note that this does not affect the lawfulness of the processing carried out on the basis of the consent until revocation. Data for which we are legally obliged to retain will be deleted after the deadline has expired.

Right to object

In accordance with Art. 21 GDPR, you have the right to object at any time to the processing of personal data concerning you that has been collected on the basis of Art. 6 para. 1 lit. f GDPR (in the context of a legitimate interest). If you have given us your express consent to process your personal data (Art. 6 para. 6 GDPR and Art. 31 para. 1 GDPR), you can withdraw this consent at any time. Please note that this does not affect the lawfulness of the processing carried out on the basis of the consent until revocation. You only have this right if there are special circumstances that speak against the storage and processing. Data for which we are legally obliged to store will be deleted after expiry of the deadline.

How do you exercise your rights?

You can exercise your rights at any time by contacting us using the contact details below:

Team Change Xperience GmbH
Mühlestr. 12
8864 Reichenburg
Switzerland
E-Mail: mail@team-change-x.ch
Tel.: +41 (0)55 55 204 55

Right to data portability

In accordance with Art. 20 GDPR, you have the right to receive the personal data concerning you. We will provide the data in a structured, commonly used and machine-readable format. The data can be sent either to you yourself or to a controller named by you.

We will provide you with the following data on request:

  • Data collected on the basis of consent (Art. 31 para. 1 FADP and Art. 6 para. 1 let. a GDPR);
  • Data that we have received from you in the context of existing contracts (Art. 31 para. 2 let. a FADP and Art. 6 para. 1 let. b GDPR and Art. 9 para. 2 let. a GDPR);
  • Data that has been processed as part of an automated procedure.

We will transfer the personal data directly to a controller requested by you, insofar as this is technically feasible. Please note that we may not transfer data that interfere with the overriding interests of third parties in accordance with Art. 26 para. 1 let. b FADP or Art. 20 para. 4 GDPR, or only to a limited extent.

Notifications to the FDPIC and the right to lodge a complaint

Pursuant to Art. 49 FADP, data subjects may file a complaint with the supervisory authority if there are sufficient indications that data processing may violate data protection regulations. The supervisory authority for data protection in Switzerland is the Federal Data Protection and Information Commissioner (FDPIC).

Further information can be found in the FDPIC’s contact form: https://www.edoeb.admin.ch/edoeb/de/home/deredoeb/kontakt.html

If you suspect that your data is being processed unlawfully on our website, you can bring about a judicial clarification of the issue in accordance with Art. 32 FADP. As a rule, an action under Art. 28 ff. ZGB should be sought. If you are affected by the processing of data by federal bodies, the procedure is governed by Art. 41 FADP. In this case, you can also contact the FDPIC (see reference to the contact form above).

Right to lodge a complaint with the supervisory authority pursuant to Art. 77 (1) GDPR

If you suspect that your data is being processed unlawfully on our website, you can of course seek legal clarification of the issue at any time. You also have every other legal option available to you. Irrespective of this, you have the option of contacting a supervisory authority in accordance with Art. 77 para. 1 GDPR. The right to lodge a complaint pursuant to Art. 77 GDPR is available to you in the EU Member State of your place of residence, your place of work and/or the place of the alleged infringement, i.e. you can choose the supervisory authority to which you turn from the above-mentioned places. The supervisory authority with which the complaint has been lodged will then inform you of the status and outcome of your complaint, including the possibility of a judicial remedy pursuant to Art. 78 GDPR.

Legally ok – Data protection solution for websites – privacy policy, imprint, cookie banner

The privacy policy, the imprint and the cookie banner of this website were created free of charge with the all-in-one website data protection solution Legally ok .