Политика приватности

The present website represents an offering by the Swiss Stiftung Museum Burghalde. The aim of this data privacy statement is to inform you about the processing of personal data as part of our offering.

Our offering is subject to Swiss data protection law in conjunction with other applicable international data protection laws, such as that of the European Union (EU) with its General Data Protection Regulation (GDPR). The EU recognises that an adequate level of data protection is ensured by the Swiss data protection law.

Any individual or additional offerings and services may be subject to special, supplementary or additional data privacy statements.

  1. Processing of personal data

    1. Personal data includes all information that relates to a specific or identifiable person. A person concerned is a person whose personal data is processed. Processing involves any type of use of personal data, irrespective of the means and procedures applied, in particular the retention, disclosure, acquisition, deletion, storage, modification, destruction and use of personal data.
    2. We shall process any data required for providing our offering in an effective and user-friendly but also durable, secure and reliable manner.
    3. We shall process personal data only on the basis of the consent of the person concerned unless permitted for other reasons, for example in fulfilment of a contract with the person concerned and for executing any corresponding pre-contractual measures, in order to preserve our prevailing legitimate interests, because the processing is evident from the circumstances, or after prior information. In this context, we particularly process data which a person concerned has transmitted to us personally, for example by making contact by post, e-mail, contact forms, telephone or social media or by voluntarily registering for a user account. We shall be entitled to save such information in an address book, a customer relationship management system (CRM system), an online shop software or any other comparable tool.
    4. We shall process personal data for the duration required for the respective purpose or purposes. In the case of a prolonged retention obligation based on legal or other requirements we may be subject to, the processing of data shall be limited accordingly.
    5. We shall be entitled to allow personal data to be processed by third parties – in Switzerland and abroad. Such processors commissioned shall process personal data on our account. Furthermore, we may also seek assistance from third parties for processing personal data – in Switzerland and abroad. We undertake to ensure that such third parties provide an adequate level of data protection.
    6. We are actively involved in social media platforms and other online platforms in order to communicate with clients and interested parties as well as to inform about our offering. The corresponding general terms and conditions, data privacy statements as well as other provisions set forth by the individual operators shall be applicable.
  2. Legal bases for the processing of personal data

    1. We shall process personal data in accordance with Swiss data protection law and in particular the Data Protection Act.
    2. We shall process personal data according to the following legal bases – if and inasmuch as the GDPR is applicable:
      • art. 6 para. 1 lit. a GDPR for processing personal data on the basis of the consent of the person concerned
      • art. 6 para. 1 lit. b GDPR for the processing of personal data required for fulfilling a contract with the person concerned as well as for executing pre-contractual measures
      • art. 6 para. 1 lit. c GDPR for processing personal data required for fulfilling a legal requirement that we are subject to according to applicable law of the EU or according to applicable law of a country in which the GDPR is applicable in full or in part
      • art. 6 para. 1 lit. d GDPR for processing personal data required for protecting the vital interests of the person concerned or any other natural person
      • art. 6 para. 1 lit. f GDPR for processing personal data required for preserving the legitimate interests of us or of third parties, except where such interests are overridden by the interests for fundamental rights and freedoms of the person concerned. Legitimate interests comprise our economic interest in providing and advertising our offering, the security of information as well as the protection against misuse and unauthorised use, the assertion of our own legal claims and the compliance with Swiss law.
  3. Organisational and technical measures

    1. We shall take adequate and suitable organisational and technical measures in order to guarantee data privacy and data safety.
    2. Access to our offering is granted via transport encryption (SSL / TLS).
    3. Despite taking adequate and suitable measures, processing personal data on the Internet may entail security vulnerability. We are, therefore, not in a position to guarantee total data security.
    4. As any type of Internet use, access to our offering is subject to groundless and random mass surveillance or other types of surveillance conducted by security authorities in Switzerland, within the EU, in the United States of America (USA) and other countries. We are not in a position to directly influence the corresponding processing of personal data by intelligence services, police services or any other security authorities.
  4. Cookies, log files and tracking pixels

    1. With every visit to our website, we track the following data once transmitted to our server infrastructure by your browser, and we save these data in log files:
      • date and time including time zone
      • Internet Protocol (IP) address
      • access status (HTTP status code)
      • operating system including user interface and version
      • browser including version and language
      • individual page accessed and data volume transferred
      • last-accessed website (referrer)
      Such data may represent personal data. This kind of data is required for providing our offering in a durable, secure and reliable manner as well as for guaranteeing data security and especially the protection of personal data – also through third parties or with the assistance of third parties.
    2. We use cookies on our website. The cookies we use – also the cookies of third parties and their services (third-party cookies) – are text files that are saved in your browser. Cookies may be saved in your browser when accessing our website. Cookies specifically enable us to recognise your browser during your next visit of our website. Cookies cannot be used to run programmes or deliver malware like Trojans and other viruses. Cookies are required for providing our offering including our website in a more effective and user-friendly but also durable, secure and reliable way, especially by analysing its use in order to facilitate trouble-shooting and improvement.

      You may disable or delete cookies partially or entirely in your browser settings at any time. Without using cookies, our offering may not be fully available anymore. We shall inform you directly – as and when deemed necessary –about the use of cookies or shall ask you for your consent to using cookies.
  5. Internet audience measurement

    We use Matomo (formerly Piwik), an open-source software, for analysing the use of our offering, anonymising the tracked IP addresses prior to analysing them. Matomo also uses cookies. We use Matomo on our own server infrastructure, and it is required for providing our offering including our website in a more effective and user-friendly but also durable, secure and reliable way, especially by analysing its use including Internet audience measurement and performance measurement in order to facilitate trouble-shooting and improvement. In the following, you may object to the statistical analysis conducted by Matomo:

  6. Services provided by third parties

    1. We use services provided by third parties – in Switzerland and abroad, including the United States of America (USA) – in order to be able to provide our offering in a more effective and user-friendly but also durable, secure and reliable way. Such services – including hosting and storage services – will require your Internet Protocol (IP) address, as the corresponding contents may not be delivered or provided otherwise. Such services may also process further data in connection with our offering and in connection with information stemming from other sources for their own statistical and technical use, for example by using cookies, log files and tracking pixels.
    2. We use MailChimp in order to send and administer emails., which also requires cookies. MailChimp is a service provided by the American The Rocket Science Group, LLC d/b/a MailChimp, which is subject to both the EU/American and also Swiss/American privacy shields. The Rocket Science Group consequently undertakes to provide adequate data protection. In particular, The Rocket Science Group discloses the following information regarding the type, scope and purpose of data processing in connection with MailChimp: data privacy statement, information regarding General Data Protection Regulation, MailChimp, privacy shield and GDPR as well as entry in the privacy shield list.
  7. Rights of persons concerned

    1. Persons concerned whose personal data we process have a number of rights according to the Swiss law on data protection, including the right of information as well as the right of correction, deletion or blocking of personal data processed.
    2. Persons concerned whose personal data we process may– if and as far as the GDPR is applicable – request confirmation of whether we have processed their data and, if yes, they may request additional information free of charge regarding the type of processing of their personal data, a limit for processing their personal data, or they may exercise their right of data portability and have their personal data rectified, deleted (“right to be forgotten”) or blocked.
    3. Persons concerned whose personal data we process may – if and as far as the GDPR is applicable – revoke their permissions granted at any time and object to the processing of their personal data at any time.
    4. Persons concerned whose personal data we process have a right of appeal with a competent supervisory authority. The competent supervisory authority for data privacy in Switzerland is the Federal Data Protection and Information Commissioner (FDPIC).
  8. Contact details

    1. Any enquiries made by supervisory authorities and persons concerned may reach us by e-mail or post to:

      Stiftung Museum Burghalde
      Schlossgasse 23
      5600 Lenzburg

  9. Final provisions

    We are authorised to amend our data privacy statement at any time. We undertake to inform persons concerned about any such amendments on our website in a suitable form.