1. Introduction

Operaio GmbH (hereinafter referred to as “Operaio,” “we,” or “us”) assures you that the data you provide will always be handled with care, responsibility, and in compliance with the relevant data protection regulations, based on this privacy policy.

Below, you will find information on how we process your personal data when you use our services, visit our website, communicate or otherwise engage with us.

2. Our Contact Information

The entity responsible for processing personal data is:

Operaio GmbH
Industriestrasse 46
CH-8152 Glattbrugg
Tel.: +41 58 510 83 99
Email: customer@operaio.ch

For requests related to the protection of your personal data, you can create a ticket on our or contact us via email at customer@operaio.ch.

3. Personal Data

“Personal Data” refers to any information relating to an identified or identifiable natural person (hereinafter “data subject”); a “data subject” is a natural person whose personal data is processed; “processing” means any handling of personal data, such as assigning it to an identifier like a name, identification number, or location data.

This includes various categories of data, such as name, contact information, email address, IP address, or contract data. Statistical data or anonymized data that cannot be directly linked to you as a person is not included.

We primarily receive this data from you as the data subject and not from third parties. If you provide us with data about other persons, we assume that you are authorized to do so, that this data is accurate, and that you have ensured that these persons, if necessary, have been informed of this disclosure and have given their consent.

4. Legal Basis and Purposes of Data Processing

We primarily process your personal data to establish or fulfill contracts with you and any involved third parties. Furthermore, we process your personal data to comply with legal obligations imposed on us and/or based on your consent (e.g., contact form).

Additionally, we process your personal data, as well as the data of other individuals, to the extent permitted and as deemed appropriate, for the following purposes where we have a legitimate interest:

• For marketing purposes and relationship management, as well as to improve our services and operations (including organizing events), provided you have not objected to the use of your data.
• The IP address is only evaluated by us in the event of attacks on the website’s network infrastructure and for statistical purposes. However, it is possible that service providers engaged by us, including the tools they use on our website, process your IP address (see specifically Sections 11 ff. below).
• To ensure our operations, particularly IT and our website.

5. Contact Form

We offer you the opportunity to contact us via the form provided on our website, for example, if you have questions about our services or products or would like a non-binding consultation. To address your inquiry, it is necessary to provide your contact information, such as your name, address, phone number, email, and your inquiry.

The data you enter will always be transmitted in encrypted form (https) since it is generated and transmitted directly from an installed form component within the website. The data provided to us during contact will only be processed for the purpose of handling the inquiry, resolving technical problems, and ensuring information security. Otherwise, the entered data will not be further analyzed or linked with other data.

6. Newsletter

You can subscribe to a newsletter from us. If you do so and consent to receive the newsletter, you agree to the use of your email address for this purpose. We use a tool called Mailchimp for the newsletter. This external newsletter service provider may collect data (see further information here: https://www.intuit.com/privacy/statement/). You can unsubscribe from the newsletter at any time.

Emails may be sent with images that allow individual tracking (e.g., delivery, opening, and click rates) or contain links that allow personal analysis. These analyses are used to ensure the quality of the newsletter and to better respond to the interests of the readership.

7. Support

We offer you the opportunity to open a support ticket without an account to discuss your concerns with us. The data you provide (name, address, phone number, email) will be processed by us to handle the support ticket, and there is generally no transfer of data to third parties.

8. Online Appointment Scheduling

We offer you the opportunity to schedule an online appointment with us to discuss your concerns. The data you provide (name, address, phone number, email) will be processed by us to manage the online appointment, and there is generally no transfer of data to third parties.

In connection with the booking of online appointments, we use a tool from an external service provider, namely Microsoft Booking. It is contractually ensured that this provider does not process your personal data for its own purposes.

9. Job Applications

We occasionally publish job advertisements (e.g., on our website, on relevant portals, etc.). You can submit your application either by mail or electronically, e.g. through our website. In the case of such (digital) applications and in the case of spontaneous applications, your applicant and application data will be stored and processed electronically by us for the purpose of handling the application process.

If an employment contract is concluded following the application process, the data submitted during the application will be stored in your personnel file for the purpose of regular organizational and administrative processes, considering further legal obligations.

If an application is rejected, the data submitted to us will be deleted immediately after our notification of the rejection decision. Deletion is exceptionally waived if the data must be stored longer due to legal requirements.

If you explicitly consent to a longer storage of your data, for example, for inclusion in our applicant database, the data will be further processed based on your consent. You can withdraw your consent at any time by notifying us, effective for the future. A corresponding message to the contact point mentioned in Section 2 is sufficient. However, processing carried out before your withdrawal is not affected by this.

10. Data Sharing and International Data Transfer

As part of the above-mentioned processing purposes (Section 4), it may be necessary for us to share your personal data with the recipients listed below. These recipients process your data either on our behalf, jointly, or under their own responsibility. Where we are required to do so, we ensure that the recipients handle your data confidentially and in accordance with applicable legal regulations and that they use your data only for the purpose of the respective service.

Your personal data may be transferred to the providers of the tools mentioned in Section 11. For further information, please refer to Section 11.

• External service providers, including data processors: IT service providers, cloud and hosting providers;
• Domestic and foreign authorities, offices, and courts, particularly if we are legally obliged to do so.

Recipients may be located both domestically and abroad, meaning your data may be processed outside Switzerland, particularly in the USA.

If the recipient is in a country without adequate legal data protection, we contractually ensure that they comply with the applicable data protection regulations unless they are already subject to a legally recognized framework for ensuring data protection, or we cannot rely on an exemption. Such an exemption may exist if you have consented to the transfer, if the data is generally accessible and you have not objected to its processing, or if the disclosure is required for legal proceedings abroad, in cases of overriding public interests, or if contract execution requires such disclosure.

11. Cookies / Tracking and other Technologies related to our Website Use

When using our website, data is logged and stored (primarily technical data). Additionally, we use “cookies” and similar technologies to identify your browser or device. A “cookie” is a small text file transmitted to your computer and stored by your browser when you browse our pages.

We use different types of cookies on our website: so-called session-related temporary cookies (session cookies) which are technically necessary for operating the website. However, they do not remain on your computer. When you leave our website, the temporary cookie is also deleted. We also use permanent cookies. These remain stored on your computer and allow us to recognize your browser on your next visit. Additionally, we use service providers who can also place cookies on your device for us (so-called third-party cookies). These cookies help us tailor our site to the specific needs of our visitors. By using these cookies, we receive information about which content you viewed or searched for or which websites you visited before.

The technical data we collect, and the cookies used generally do not contain personal data. However, it is possible that the third-party providers we engage may store personal data about you, collect information about you with the technical data and/or cookies used, and possibly link it to your personal information.

We use our own tools and third-party services, which may themselves use cookies on our website, particularly to improve the functionality or content of our website, create statistics, and display advertising. Currently, we primarily use the offerings of the following service providers and advertising partners.

Within the framework of our so-called consent banner on our website, you have the option to configure the use of cookies accordingly (except for session-related temporary cookies). However, we would like to point out that you may not be able to fully utilize all functions of our website in this case.

11.1. Borlabs Cookie

Borlabs Cookie is a special cookie notification plugin for WordPress. The WordPress Cookie Plugin by Borlabs allows your visitors to select via a checkbox or switch button which cookies they want to consent to (opt-in).

11.2. Google Site Kit

Site Kit is a WordPress plugin developed by Google that provides various tools and information from Google on a website. It offers website owners useful features to optimize and improve the performance of their site. Some uses of Site Kit include:

• Website Analysis: Site Kit displays key metrics from Google Analytics directly in the WordPress dashboard, allowing website owners to monitor visitor numbers, session duration, bounce rates, and other important statistics.
• Search Engine Optimization (SEO): With Site Kit, website owners can easily gain insights into the performance of their site in search engines. It shows important SEO metrics from Google Search Console, such as keywords, impressions, clicks, and click-through rates (CTR).
• PageSpeed Insights: Site Kit also integrates Google PageSpeed Insights into the WordPress dashboard, enabling website owners to assess the speed and performance of their website. This helps in identifying and fixing issues that could affect the website’s speed and user experience.

11.3. Google Web Fonts

We use so-called web fonts provided by Google on our website for uniform presentation of fonts. When you visit one of our pages, your browser loads the required web fonts into your browser cache to correctly display texts and fonts.

The browser you use establishes a connection to Google’s servers. This allows Google to know that your website was accessed via your IP address. If your browser does not support web fonts, a standard font from your computer will be used.

The use of Google Web Fonts is in the interest of a uniform and appealing presentation of our online offerings. For more information on Google Web Fonts, see Google Web Fonts FAQs: https://developers.google.com/fonts/faq.

11.4. Google reCAPTCHA

We use Google reCAPTCHA on our website, a service provided by Google Ireland Ltd., Google Building Gordon House, Barrow St, Dublin 4, Ireland, with its headquarters at Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, collectively “Google.”

Google reCAPTCHA is a verification service for websites to distinguish human users from bots. In particular, the following information may be collected: IP address, technical information such as browser, operating system, or screen resolution, and interactions with the Captcha.

Google reCAPTCHA anonymizes the IP address, making it impossible to link the data to a specific person. When a visitor first visits our website, Google reCAPTCHA may generate an identifier to recognize the visitor on a subsequent visit.

The IP address is processed by Google reCAPTCHA to analyze the approximate location of the visitor and to prevent potentially suspicious activities, particularly to identify IP addresses associated with spam or other undesirable behavior. The technical information is processed so that the Captcha can be adapted to the device or browser and to detect deviations from usual user behavior. The interactions with the Captcha are processed to detect behavioral patterns to distinguish human behavior from automated bots. The goal of Google reCAPTCHA is to protect input forms from bots and spam while reliably enabling inputs from humans. The data collected is not used to personally identify you.

Data sharing by us is governed by our statements on data sharing. Since Google is a transnational company, your data may be transferred by Google worldwide. Particularly, it may be transferred to the USA, where Google’s headquarters are located, a country where the legislation does not provide adequate protection for data.

11.5. Social Media Plugins

We use so-called social media plugins from social networks such as LinkedIn, YouTube, Facebook, and X on our website. This is usually visible through corresponding icons. We have configured our website so that social media plugins are deactivated by default. If you activate a plugin (by clicking on it), a connection to the servers of the provider of the respective plugin will be established, and the providers may see that you are on our website. The processing of your personal data is the responsibility of the providers, and we do not receive any information about you from them.

11.6. Framing

We use so-called framing from networks such as YouTube on our website. Framing essentially means “embedding.” We embed videos, photos, or text messages from these networks on our website so that you can view them directly on our website. However, the actual content remains on the networks’ platforms. If the content is deleted there, it will also disappear from our website. We use the so-called “extended privacy mode.” A cookie is only stored on your computer when you play the video. If you want to ensure that no data is stored about you by the companies, do not click on the embedded videos.

11.7. Social Networks / Platforms

We are present on social networks and other platforms operated by third parties and process data about you in this context.

Furthermore, we also receive data from you on our platforms. However, the platforms can also analyze your usage and use the data for their own purposes. Currently, we use the platforms listed below and refer to their respective privacy policies:

• Facebook: https://de-de.facebook.com/privacy/policy
• LinkedIn: https://ch.linkedin.com/legal/privacy-policy?trk=homepage-basic_auth-button_privacy-policy
• X: https://twitter.com/de/privacy

Some of the platform operators may be located outside Switzerland. For information on data disclosure abroad, please refer to Section 6.

12. Retention Period

We process and retain your personal data as long as necessary to fulfill our contractual and legal obligations or to comply with applicable legal regulations or if they are required for the purposes for which they were collected. As far as possible, we anonymize or delete your personal data as soon as it is no longer needed, or at the latest after the expiration of the legally prescribed retention period.

You can request the deletion of your personal data at any time by submitting a corresponding request to the contact point mentioned in Section 2. We will comply with your request unless we are obliged to retain the data for other reasons (e.g., legal retention obligations).

13. Rights of the Data Subject

In principle, you have the right to request information from us at any time about whether we are processing personal data about you. Furthermore, you have the right to have your personal data corrected, blocked, or deleted by us. This excludes data that we need to complete outstanding orders or to enforce existing rights and claims, as well as data that we are required to retain by law. You may also object to the disclosure of certain personal data. In addition, you can request that we return the data you have provided to us.

You may revoke your consent to the use of your personal data at any time. However, your revocation is limited to the storage and use of personal data that we are not legally permitted to store or use without your consent. Furthermore, your revocation does not affect the processing operations that have already been carried out based on your consent.

To exercise your rights, please contact us in writing and provide proof of your identity (contact details in Section 2). If your rights are not restricted by legal provisions or overriding public or private interests, we will gladly comply with your request. The Federal Data Protection and Information Commissioner (https://www.edoeb.admin.ch/edoeb/de/home.html) acts as the supervisory authority in data protection matters.

14. Liability for Links

We have no influence on the current and future design and content of the linked/connected pages on our website. This statement applies to all links and references set within our own internet offering. For illegal, incorrect, or incomplete content, and especially for damages arising from the use or non-use of such information, the provider of the page to which reference is made is solely liable, not the one who merely refers to the respective publication via links. We exclude any liability within the framework of legal permissibility.

15. Data Security / Technical and Organizational Measures

We would like to point out that communication with us via the public, freely accessible internet involves certain security risks over which we have no influence and no control. Please contact us if you wish to communicate via a secure connection.

For our website and to protect the transmission of confidential content, we use SSL or TLS encryption for security reasons. You can recognize an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line. When SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.

To protect your personal data, we also apply technical and organizational measures (TOMs). These measures are regularly reviewed and adjusted.

16. Changes

We reserve the right to change this privacy policy at any time. The version currently published on our website is applicable. This privacy policy does not establish any contractual or other formal legal relationship with or on behalf of any party.

Glattbrugg, August 14, 2024