Privacy Policy

1. Introduction

We will inform you below, amongst other things, about who is responsible for processing your data, what data we collect in connection with your visit to our website and the use of our services, for which purposes we process this data and to whom we may disclose this data. We will also inform you about how long it takes to process your data, the legal basis of processing (if necessary) and what rights you have in relation to us with regard to the processing of your data. This Privacy Policy applies to all data relating to you that we have already collected or will collect in the future. Please note that we may amend the Privacy Policy from time to time. The current version published on our website shall apply.

 

Personal data covers all information relating to an identified or identifiable person (hereinafter referred to as “personal data”). This includes, in particular, information such as name, address, telephone number, email address, and in some cases also IP addresses and device IDs. In addition to personal data, the generic term “data” in this Privacy Policy also includes non-personal and anonymised data. Processing refers to any handling of data, irrespective of the means and procedures used, in particular the collection, storage, use, modification, disclosure, archiving or deletion of data (hereinafter referred to as “processing”).

 

If you provide us with personal data of other persons, please ensure that they are aware of this Privacy Policy. You should only share their personal data with us if you are entitled to do so under the applicable data protection legislation.
 

2. Name and address of the controller

The controller responsible for data processing in accordance with this Privacy Policy is:


 Tuscany Italian Kitchen GmbH

Alpenstrasse 11, 6300 Zug, Switzerland

info@tikswiss.com

+41 41 212 08 83

3. Categories of processed data

We collect specific data when you visit our website, use our services and contact us. In principle, we collect this data directly from you. Personal data that we process may include the following:
 

  • Data collected or disclosed when you visit our website or use our services. This includes but is not limited to the IP and MAC address or device ID of the device used, cookies, pages accessed and search terms entered, entries in dialogue boxes, reviews, time and duration of visits, clicks, referrer/exit URLs, information about the time of use, browser and device type, operating system and Internet service provider used and the amount of data transferred. 
  • Data exchanged with us or in relation to contacting us, e.g. via letter, telephone, email, contact form, etc. (in particular name, contact details, gender, marital status, date of birth, job title, photograph, employees, language, payment information).
  • Data disclosed when registering for a newsletter or downloading files (e.g. software) (in particular email address and name).
  • Data provided when creating a customer account for online shopping and in connection with orders placed (in particular user name, password, chosen payment method and delivery address).
  • Data relating to offers and concluded contracts (e.g. contract date, type, content, product, parties, term, value, amendments, payment details, contact details, contact persons, billing and correspondence addresses, customer feedback, terminations, disputes, etc.).
  • Data disclosed when using the comment function (in particular email address, your chosen user name – unless you post anonymously – and your IP address).
  • Data that you provide when participating in competitions, surveys and similar activities.



The above data does not always constitute personal data. As a rule, we cannot assign data that is generated when using our services without registration (e.g. for a newsletter or online shop) to a specifically identified individual. In individual cases, however, this may be possible in combination with other data.

Please note that information provided in connection with the use of the contact form or comment function may include particularly sensitive data (such as health data) and is provided by you voluntarily. 

4. Purpose of data processing

We process personal data to the extent permitted under applicable legislation, for the following purposes in particular:
 

  • initiating, concluding, fulfilling and performing contracts;
  • offering, developing and improving our services, developing new services, operating, maintaining, optimising and safeguarding the security of our services and infrastructure;
  • managing users of our services, identity checks, logins, and other authentication processes;
  • maintaining, managing and developing our customer relationships, communicating with customers and third parties, promotional activities, advertising and marketing, offering tailor-made services and relevant content;
  • for quality control, compilation of statistics;
  • to comply with legal and regulatory obligations and internal rules; for law enforcement; for civil, administrative and criminal proceedings; for complaints handling; to combat abuse; and for investigations and responses to enquiries from public authorities and government agencies.



5. Legal basis

We use the personal data for the above purposes on the basis of the following legal grounds insofar as such is required under applicable data protection legislation:

  • contractual fulfilment;
  • compliance with legal obligations;
  • consent given to us or to third parties;
  • our legitimate interests and those of third parties, in particular:
  • the offer and provision of services;
  • advertising and marketing;
  • contact maintenance and communication with users;
  • user administration, identity checks, logins;
  • compliance with legal and regulatory obligations, law enforcement, civil, administrative and criminal proceedings, complaints, investigations and responses to enquiries from public authorities.


6. Publication and disclosure of data

We may disclose and share data as follows:


Contract data processors

We may commission third parties to provide specific services (e.g. in the area of IT, operation of applications, administration, shipping, etc.) and to process and store data (known as “contract data processors”). Contract data processors acting on our behalf may have access to personal data. We require such processors to comply with the applicable data protection law and to process data only as we ourselves are permitted to do. Data processors who may receive personal data may be located in any country, in particular in Switzerland, Germany, Israel and the USA.

Contractual partners

We may disclose data to contractual partners (e.g. sales partners, service providers, financial institutions, etc.). We do this, for example, to fulfil contractual obligations, to offer certain services, for debt collection and marketing purposes, to analyse the use and operation of our services, systems and infrastructure, and to process payments. Potential recipients may also be buyers or parties interested in acquiring business units, companies or parts thereof. Contractual partners may have access to personal data and process it for their own purposes (for example, to fulfil a contract or their own legal obligations). They are obliged to comply with applicable data protection legislation.

Contractual partners who may receive personal data may be located in any country, in particular in Switzerland, in EU and EEA countries, as well as in the USA.


Disclosure to public authorities

In certain situations, we may disclose information to public authorities, government agencies and other third parties. We do so in cases where we are required to by public authorities or official agencies or where, in our assessment, we are legally obliged to do so.

7. Retention period

We store personal data for as long as this is necessary for the purpose for which the data has been collected. Specific personal data is also subject to legally binding retention obligations of ten or more years, which we must comply with. We may also store personal data for at least the duration of the applicable limitation periods, which in many cases is five or ten years. Personal data that is collected in relation to the use of our services (e.g. protocols, logs, analyses, etc.) and which is not subject to such retention or limitation periods is generally deleted earlier as soon as there is no further purpose in the processing of the data. Data may also be stored in anonymised form for longer periods of time. Subject to an express contractual agreement, we are not obliged to store data for a specific period of time.

8. Data security

We apply appropriate technical and organisational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or unauthorised access by third parties. Our security measures are improved continuously in accordance with the development of the technology.

9. Your rights (rights of the data subject)

Every data subject has the right of access to personal data concerning them. In addition, they have the right to request that we rectify, erase and restrict personal data concerning them and to object to such processing of personal data. The exercise of such rights usually requires the data subject to be able to clearly establish their identity. If the processing of personal data is based on consent, the data subject may withdraw their consent at any time. In certain cases, the data subject has the right to receive the data generated when using online services in a structured, commonly used, machine-readable format enabling further use and transmission. Enquiries relating to these rights should be directed to the above address. We reserve the right to restrict the rights of the data subject within the scope of applicable legislation and, for example, to not provide complete information or to not delete data. We would also like to draw your attention to the fact that if your personal data is deleted, services may no longer be available or may only be available to a limited extent.


 Every data subject has the right to lodge a complaint with the competent data protection authority. In the case of a controller in Switzerland, this is the Federal Data Protection and Information Commissioner. In the case of a controller in the Principality of Liechtenstein, it is the Liechtenstein Data Protection Office.

10. Cookies, web analytics and tracking tools

We use a variety of common technologies to collect, store and evaluate data when you visit our website and use our services.

In particular, these include cookies that can be used to identify your browser or device. A cookie is a small file that is sent to your computer or automatically stored on your computer or mobile device by the web browser used. When you access a service again, it can recognise your browser or device using the cookie. Cookies can store user settings and other information. We use session cookies. These are required to perform the basic functions of our services and are deleted automatically after use. In addition, we also use temporary and permanent cookies, which remain stored on your computer or mobile device for a longer period of time. The information collected through cookies enables us to improve our website and services in line with customer needs and to provide you with tailored offers.

You can block the use of cookies in your browser settings or delete them from there. Please note that if cookies are not permitted, it may not be possible to use all of the functions of a service to their full extent and that if cookies are deleted, any opt-out cookies you may have set will also be deleted. Such opt-out cookies would then have to be reactivated when you visit the respective service the next time. Otherwise, you will be recognised as a new user and your data will be collected again.

In addition to cookies, we use web analytics and tracking tools to measure and evaluate the use of our website and services, to personalise our services and display tailored offers and advertising. Data processing by such tools, which are usually provided by third parties, is subject to the terms of use and data protection policies of those third parties.


 11. Integration of third-party services

We integrate services and content from third parties on our websites that may enable you to interact with third parties (e.g. YouTube videos or payment via an online payment service provider). For this purpose, any data provided may be transmitted to these third parties for processing and performing the relevant service or processed directly by them.

Please note that data processing by these third parties is governed by their terms of use and privacy policy.