Data pro­tec­tion declaration

With this data pro­tec­tion decla­ra­ti­on we inform which per­so­nal data we pro­cess in con­nec­tion with our acti­vi­ties and ope­ra­ti­ons inclu­ding our https://amena.ch/-Web­site. In par­ti­cu­lar, we inform about what for, how and whe­re we pro­cess which per­so­nal data. We also inform about the rights of per­sons who­se data we process.

Indi­vi­du­al or addi­tio­nal acti­vi­ties and ope­ra­ti­ons may be sub­ject to addi­tio­nal pri­va­cy state­ments as well as other legal docu­ments such as Gene­ral Terms and Con­di­ti­ons (GTC), Terms of Use or Con­di­ti­ons of Participation.

We are sub­ject to Swiss data pro­tec­tion law as well as any appli­ca­ble for­eign data pro­tec­tion law such as, in par­ti­cu­lar, that of the Euro­pean Uni­on (EU) with the Gene­ral Data Pro­tec­tion Regu­la­ti­on (GDPR). The Euro­pean Com­mis­si­on reco­gni­zes that Swiss data pro­tec­tion law ensu­res ade­qua­te data protection.

1. Cont­act address

Respon­si­bi­li­ty for the pro­ces­sing of per­so­nal data:

Reto Sei­ler
Sta­ti­on­s­tras­se 17a
8952 Schlie­ren

info@amena.ch

We point out if the­re are other per­sons respon­si­ble for the pro­ces­sing of per­so­nal data in indi­vi­du­al cases.

2. Terms and legal basis

2.1 Terms

Per­so­nal data is any infor­ma­ti­on that rela­tes to an iden­ti­fied or iden­ti­fia­ble natu­ral per­son. A data sub­ject is a per­son about whom we pro­cess per­so­nal data.

Pro­ces­sing includes any hand­ling of per­so­nal data, regard­less of the means and pro­ce­du­res used, such as query­ing, matching, adap­ting, archi­ving, sto­ring, rea­ding out, dis­clo­sing, pro­cu­ring, recor­ding, coll­ec­ting, dele­ting, dis­clo­sing, arran­ging, orga­ni­zing, sto­ring, modi­fy­ing, dis­se­mi­na­ting, lin­king, des­troy­ing and using per­so­nal data.

The Euro­pean Eco­no­mic Area (EEA) com­pri­ses the mem­ber sta­tes of the Euro­pean Uni­on (EU) plus the Prin­ci­pa­li­ty of Liech­ten­stein, Ice­land and Nor­way. The Gene­ral Data Pro­tec­tion Regu­la­ti­on (GDPR) refers to the pro­ces­sing of per­so­nal data as pro­ces­sing of per­so­nal data.

2.2 Legal basis

We pro­cess per­so­nal data in accordance with Swiss data pro­tec­tion law such as, in par­ti­cu­lar, the Swiss Fede­ral Act on Data Pro­tec­tion (Data Pro­tec­tion Act, DPA) and the Ordi­nan­ce on Data Pro­tec­tion (Data Pro­tec­tion Ordi­nan­ce, DPA).

We pro­cess — if and to the ext­ent that the Gene­ral Data Pro­tec­tion Regu­la­ti­on (GDPR) is appli­ca­ble — per­so­nal data in accordance with at least one of the fol­lo­wing legal bases:

  • Art. 6 par. 1 lit. b GDPR for the neces­sa­ry pro­ces­sing of per­so­nal data for the ful­fill­ment of a con­tract with the data sub­ject as well as for the imple­men­ta­ti­on of pre-con­trac­tu­al measures.
  • Art. 6 par. 1 lit. f GDPR for the neces­sa­ry pro­ces­sing of per­so­nal data to pro­tect the legi­ti­ma­te inte­rests of us or of third par­ties, unless the fun­da­men­tal free­doms and rights and inte­rests of the data sub­ject over­ri­de. Legi­ti­ma­te inte­rests include, in par­ti­cu­lar, our inte­rest in being able to car­ry out our acti­vi­ties and ope­ra­ti­ons per­ma­nent­ly, in a user-fri­end­ly, secu­re and relia­ble man­ner and to com­mu­ni­ca­te about them, the gua­ran­tee of infor­ma­ti­on secu­ri­ty, pro­tec­tion against misu­se, the enforce­ment of our own legal claims and com­pli­ance with Swiss law.
  • Art. 6 par. 1 lit. c GDPR for the neces­sa­ry pro­ces­sing of per­so­nal data to com­ply with a legal obli­ga­ti­on to which we are sub­ject under any appli­ca­ble law of Mem­ber Sta­tes in the Euro­pean Eco­no­mic Area (EEA).
  • Art. 6 par. 1 lit. e GDPR for the neces­sa­ry pro­ces­sing of per­so­nal data for the per­for­mance of a task car­ri­ed out in the public interest.
  • Art. 6 par. 1 lit. a GDPR for the pro­ces­sing of per­so­nal data with the con­sent of the data subject.
  • Art. 6 par. 1 lit. d GDPR for the neces­sa­ry pro­ces­sing of per­so­nal data to pro­tect vital inte­rests of the data sub­ject or ano­ther natu­ral person.

3. Type, scope and purpose

We pro­cess tho­se per­so­nal data that are neces­sa­ry to car­ry out our acti­vi­ties and ope­ra­ti­ons in a dura­ble, user-fri­end­ly, safe and relia­ble man­ner. Such per­so­nal data may fall into the cate­go­ries of inven­to­ry and cont­act data, brow­ser and device data, con­tent data, meta or mar­gi­nal data and usa­ge data, loca­ti­on data, sales data, and con­tract and pay­ment data, in particular.

We pro­cess per­so­nal data for the peri­od of time that is neces­sa­ry for the respec­ti­ve purpose(s) or requi­red by law. Per­so­nal data who­se pro­ces­sing is no lon­ger neces­sa­ry is anony­mi­zed or deleted.

We may have per­so­nal data pro­ces­sed by third par­ties. We may pro­cess per­so­nal data joint­ly with third par­ties or trans­fer it to third par­ties. Such third par­ties are, in par­ti­cu­lar, spe­cia­li­zed pro­vi­ders who­se ser­vices we use. We also ensu­re data pro­tec­tion with such third parties.

We pro­cess per­so­nal data only with the con­sent of the data sub­ject, unless the pro­ces­sing is per­mit­ted for other legal reasons. Pro­ces­sing wit­hout con­sent may be per­mis­si­ble, for exam­p­le, for the per­for­mance of a con­tract with the data sub­ject and for cor­re­spon­ding pre-con­trac­tu­al mea­su­res, in order to safe­guard our over­ri­ding legi­ti­ma­te inte­rests, becau­se the pro­ces­sing is evi­dent from the cir­cum­s­tances or after pri­or information.

In this con­text, we pro­cess in par­ti­cu­lar infor­ma­ti­on that a data sub­ject vol­un­t­a­ri­ly pro­vi­des to us when cont­ac­ting us — for exam­p­le, by mail, e‑mail, instant mes­sa­ging, cont­act form, social media or tele­pho­ne — or when regis­tering for a user account. We may store such infor­ma­ti­on, for exam­p­le, in an address book or with com­pa­ra­ble tools. If we recei­ve data about other per­sons, the trans­mit­ting per­sons are obli­ged to ensu­re data pro­tec­tion towards the­se per­sons as well as to ensu­re the accu­ra­cy of this per­so­nal data.

We also pro­cess per­so­nal data that we recei­ve from third par­ties, obtain from publicly available sources or coll­ect in the cour­se of our acti­vi­ties and ope­ra­ti­ons, if and to the ext­ent that such pro­ces­sing is per­mit­ted for legal reasons.

4. Per­so­nal data abroad

We pro­cess per­so­nal data basi­cal­ly in Switz­er­land and in the Euro­pean Eco­no­mic Area (EEA). Howe­ver, we may also export or trans­fer per­so­nal data to other count­ries, in par­ti­cu­lar in order to pro­cess it or have it pro­ces­sed there.

We may export per­so­nal data to all sta­tes and ter­ri­to­ries on Earth as well as else­whe­re in the uni­ver­se, pro­vi­ded that the law the­re ensu­res ade­qua­te data pro­tec­tion in accordance with the decis­i­on of the Swiss Fede­ral Coun­cil and — if and to the ext­ent that the Gene­ral Data Pro­tec­tion Regu­la­ti­on (GDPR) is appli­ca­ble — in accordance with the decis­i­on of the Euro­pean Com­mis­si­on.

We may trans­fer per­so­nal data to count­ries who­se laws do not ensu­re ade­qua­te data pro­tec­tion, pro­vi­ded that data pro­tec­tion is ensu­red for other reasons, in par­ti­cu­lar on the basis of stan­dard data pro­tec­tion clau­ses or with other appro­pria­te safe­guards. Excep­tio­nal­ly, we may export per­so­nal data to count­ries wit­hout ade­qua­te or appro­pria­te data pro­tec­tion if the spe­cial data pro­tec­tion requi­re­ments are met, for exam­p­le, the express con­sent of the data sub­jects or a direct con­nec­tion with the con­clu­si­on or per­for­mance of a con­tract. We will be hap­py to pro­vi­de infor­ma­ti­on about any gua­ran­tees to data sub­jects upon request or pro­vi­de a copy of any guarantees.

5. Rights of data subjects

5.1 Claims under data pro­tec­tion law

We grant data sub­jects all claims in accordance with appli­ca­ble data pro­tec­tion law. Data sub­jects have the fol­lo­wing rights in particular:

  • Infor­ma­ti­on: Data sub­jects may request infor­ma­ti­on as to whe­ther we pro­cess per­so­nal data about them and, if so, what per­so­nal data is invol­ved. Data sub­jects are also pro­vi­ded with the infor­ma­ti­on neces­sa­ry to assert their claims under data pro­tec­tion law and to ensu­re trans­pa­ren­cy. This includes the pro­ces­sed per­so­nal data as such, but also, among other things, infor­ma­ti­on on the pur­po­se of pro­ces­sing, the dura­ti­on of sto­rage, any dis­clo­sure or export of data to other count­ries and the ori­gin of the per­so­nal data.
  • Cor­rec­tion and rest­ric­tion: Data sub­jects can have incor­rect per­so­nal data cor­rec­ted, incom­ple­te data com­ple­ted and the pro­ces­sing of their data restricted.
  • Dele­ti­on and objec­tion: Data sub­jects can have per­so­nal data dele­ted (“right to be for­got­ten”) and object to the pro­ces­sing of their data with effect for the future.
  • Data release and data trans­fer: Data sub­jects may request the sur­ren­der of per­so­nal data or the trans­fer of their data to ano­ther data controller.

We may sus­pend, limit or deny the exer­cise of data sub­jects’ rights to the ext­ent per­mit­ted by law. We can point out to data sub­jects any requi­re­ments they may have to meet in order to exer­cise their rights under data pro­tec­tion law. For exam­p­le, we may refu­se to pro­vi­de infor­ma­ti­on in who­le or in part on the grounds of trade secrets or the pro­tec­tion of others. For exam­p­le, we may also refu­se to dele­te per­so­nal data in who­le or in part with refe­rence to sta­tu­to­ry reten­ti­on obligations.

We may excep­tio­nal­ly pro­vi­de for cos­ts for the exer­cise of the rights. We inform affec­ted per­sons in advan­ce about any costs.

We are requi­red to take reasonable steps to iden­ti­fy data sub­jects who request infor­ma­ti­on or assert other rights. Affec­ted per­sons are obli­ged to cooperate.

5.2 Right to complain

Data sub­jects have the right to enforce their data pro­tec­tion claims through legal chan­nels or to lodge a com­plaint with a com­pe­tent data pro­tec­tion super­vi­so­ry authority.

The data pro­tec­tion super­vi­so­ry aut­ho­ri­ty for pri­va­te data con­trol­lers and fede­ral bodies in Switz­er­land is the Fede­ral Data Pro­tec­tion and Infor­ma­ti­on Com­mis­sio­ner (FDPIC).

Data sub­jects have — if and to the ext­ent that the Gene­ral Data Pro­tec­tion Regu­la­ti­on (GDPR) is appli­ca­ble — the right to lodge a com­plaint with a com­pe­tent Euro­pean data pro­tec­tion super­vi­so­ry aut­ho­ri­ty.

6. Data security

We take sui­ta­ble tech­ni­cal and orga­niza­tio­nal mea­su­res to ensu­re data secu­ri­ty that is appro­pria­te to the respec­ti­ve risk. Howe­ver, we can­not gua­ran­tee abso­lu­te data security.

Access to our web­site takes place using trans­port encryp­ti­on (SSL / TLS, in par­ti­cu­lar with the Hyper­text Trans­fer Pro­to­col Secu­re, abbre­via­ted HTTPS). Most brow­sers mark trans­port encryp­ti­on with a pad­lock in the address bar.

Our digi­tal com­mu­ni­ca­ti­ons — like all digi­tal com­mu­ni­ca­ti­ons in prin­ci­ple — are sub­ject to mass sur­veil­lan­ce wit­hout cau­se or sus­pi­ci­on and other moni­to­ring by secu­ri­ty aut­ho­ri­ties in Switz­er­land, the rest of Euro­pe, the United Sta­tes of Ame­ri­ca (USA) and other count­ries. We can­not direct­ly influence the cor­re­spon­ding pro­ces­sing of per­so­nal data by secret ser­vices, poli­ce agen­ci­es and other secu­ri­ty authorities.

7. Web­site use

7.1 Coo­kies

We may use coo­kies. Coo­kies — our own coo­kies (first-par­ty coo­kies) as well as coo­kies from third par­ties who­se ser­vices we use (third-par­ty coo­kies) — are data that are stored in the brow­ser. Such stored data need not be limi­t­ed to tra­di­tio­nal coo­kies in text form.

Coo­kies can be stored in the brow­ser tem­po­r­a­ri­ly as “ses­si­on coo­kies” or for a cer­tain peri­od of time as so-cal­led per­ma­nent coo­kies. “Ses­si­on coo­kies” are auto­ma­ti­cal­ly dele­ted when the brow­ser is clo­sed. Per­ma­nent coo­kies have a spe­ci­fic sto­rage peri­od. In par­ti­cu­lar, coo­kies make it pos­si­ble to reco­gni­ze a brow­ser the next time it visits our web­site and thus, for exam­p­le, to mea­su­re the reach of our web­site. Howe­ver, per­ma­nent coo­kies can also be used for online mar­ke­ting, for example.

Coo­kies can be com­ple­te­ly or par­ti­al­ly deac­ti­va­ted and dele­ted in the brow­ser set­tings at any time. Wit­hout coo­kies, our web­site may no lon­ger be ful­ly available. We actively request — at least if and to the ext­ent neces­sa­ry — the express con­sent to the use of cookies.

7.2 Ser­ver log files

We may coll­ect the fol­lo­wing infor­ma­ti­on for each access to our web­site, pro­vi­ded that this infor­ma­ti­on is trans­mit­ted by your brow­ser to our ser­ver infra­struc­tu­re or can be deter­mi­ned by our web ser­ver: Date and time inclu­ding time zone, Inter­net Pro­to­col (IP) address, access sta­tus (HTTP sta­tus code), ope­ra­ting sys­tem inclu­ding user inter­face and ver­si­on, brow­ser inclu­ding lan­guage and ver­si­on, indi­vi­du­al sub-page of our web­site acces­sed inclu­ding amount of data trans­fer­red, web­site last acces­sed in the same brow­ser win­dow (refe­rer or referrer).

We store such infor­ma­ti­on, which may also con­sti­tu­te per­so­nal data, in ser­ver log files. The infor­ma­ti­on is neces­sa­ry to pro­vi­de our web­site per­ma­nent­ly, user-fri­end­ly and relia­bly as well as to ensu­re data secu­ri­ty and thus in par­ti­cu­lar the pro­tec­tion of per­so­nal data — also by third par­ties or with the help of third parties.

7.3 Track­ing pixel

We may use track­ing pixels on our web­site. Track­ing pixels are also known as web bea­cons. Coun­ting pixels — also from third par­ties who­se ser­vices we use — are small, usual­ly invi­si­ble images that are auto­ma­ti­cal­ly retrie­ved when you visit our web­site. Coun­ting pixels can be used to cap­tu­re the same infor­ma­ti­on as ser­ver log files.

8. Third par­ty services

We use ser­vices of spe­cia­li­zed third par­ties in order to car­ry out our acti­vi­ties and ope­ra­ti­ons in a dura­ble, user-fri­end­ly, safe and relia­ble man­ner. Among other things, such ser­vices allow us to embed func­tions and con­tent on our web­site. In the case of such embed­ding, the ser­vices used record the Inter­net Pro­to­col (IP) addres­ses of the users at least tem­po­r­a­ri­ly for tech­ni­cal­ly com­pel­ling reasons.

For neces­sa­ry secu­ri­ty, sta­tis­ti­cal and tech­ni­cal pur­po­ses, third par­ties who­se ser­vices we use may pro­cess data rela­ted to our acti­vi­ties and ope­ra­ti­ons in aggre­ga­ted, anony­mi­zed or pseud­ony­mi­zed form. This is, for exam­p­le, per­for­mance or usa­ge data in order to be able to offer the respec­ti­ve service.

8.1 Digi­tal infrastructure

We use ser­vices from spe­cia­li­zed third par­ties to access requi­red digi­tal infra­struc­tu­re in con­nec­tion with our acti­vi­ties and ope­ra­ti­ons. The­se include, for exam­p­le, hos­ting and sto­rage ser­vices from sel­ec­ted providers.

We use in particular:

  • Host­point: Hos­ting; Pro­vi­der: Host­point AG (Switz­er­land); Data pro­tec­tion infor­ma­ti­on: Pri­va­cy poli­cy.
  • Stack­Path CDN: Con­tent Deli­very Net­work (CDN); Anbie­te­rin­nen: Stack­Path LLC (USA) / High­winds Net­work Group Inc. (USA); Data pro­tec­tion infor­ma­ti­on: Pri­va­cy poli­cy.

8.2 Audio and video conferencing

We use spe­cia­li­zed audio and video con­fe­ren­cing ser­vices to com­mu­ni­ca­te online. For exam­p­le, we can use it to hold vir­tu­al mee­tings or con­duct online clas­ses and web­i­nars. For par­ti­ci­pa­ti­on in audio and video con­fe­ren­ces, the legal texts of the indi­vi­du­al ser­vices such as data pro­tec­tion decla­ra­ti­ons and terms of use app­ly in addition.

Depen­ding on the life situa­ti­on, we recom­mend muting the micro­pho­ne by default when par­ti­ci­pa­ting in audio or video con­fe­ren­ces, as well as blur­ring the back­ground or fading in a vir­tu­al background.

We use in particular:

9. Exten­si­ons for the website

We use exten­si­ons for our web­site in order to be able to use addi­tio­nal functions.

We use in particular:

10. Final provisions

We have crea­ted this pri­va­cy poli­cy with the data pro­tec­tion gene­ra­tor of Daten­schutz­part­ner.

We may amend and sup­ple­ment this pri­va­cy poli­cy at any time. We will inform about such adjus­t­ments and addi­ti­ons in an appro­pria­te form, in par­ti­cu­lar by publi­shing the respec­ti­ve cur­rent pri­va­cy poli­cy on our website.