Data protection

With the privacy statement, we would like to inform you about data processing in connection with our range of services.

Our range of services is subject to Swiss data protection law as well as, if and insofar as it is applicable, non-Swiss data protection law such as the European Union’s General Data Protection Regulation (GDPR). The EU recognises that Swiss data protection law provides appropriate data protection.

Pursuant to Article 13 of the Swiss Constitution and the governmental regulations on data protection (Swiss Data Protection Act, DSG), everyone is entitled to the protection of their privacy and the protection of their personal data against misuse. We comply with these provisions.

 

Processing personal data

Personal data is all data relating to a particular or identifiable person. A data subject is a person whose personal data is being processed. Processing refers to any handling of personal data, irrespective of the means and procedures used, in particular keeping, disclosing, obtaining, erasing, storing, altering, destroying and using personal data.

We process personal data in accordance with Swiss data protection law.

We also process personal data in accordance with the following legal basis, if and insofar as the GDPR is applicable:

  • Art. 6 Para. 1(a) GDPR for processing personal data with the consent of the data subject.
  • Art. 6 Para. 1(b) GDPR for the necessary processing of personal data to fulfil a contract with the data subject and to carry out appropriate precontractual measures.
  • Art. 6 Para. 1(c) GDPR for the necessary processing of personal data in compliance with a legal obligation to which we are subject in accordance with applicable EU law, if the need arises, or the applicable law of a country in which the GDPR is fully or partly applicable, if the need arises.
  • Art. 6 Para. 1(d) GDPR for the necessary processing of personal data in order to protect the vital interests of the data subject or another natural person.
  • Art. 6 Para. 1(f) GDPR for the necessary processing of personal data to preserve our legitimate interests or those of third parties, insofar as this does not override the fundamental rights and freedoms of the data subject. In particular, legitimate interests are our business interests in being able to provide our website, information security, asserting our own legal claims and complying with Swiss law.


Collecting and using personal data

The AIAG collects personal data when you register for membership or fill in a form, because you have provided us with the data or have visited our website. The data collected may include your contact details as well as certain personal information (such as age or gender) or data regarding your job, employment status and education/training.

The AIAG collects personal information for processing in the following areas:

  • AIAG membership administration
  • Sharing information about AIAG activities
  • Developing and organising AIAG events
  • Administration of contacts and relationships

Personal data is treated as confidential and is neither sold to nor passed on to third parties.

 

Rights of data subjects

Data subjects whose personal data we process have rights in accordance with Swiss data protection law.

Data subjects whose personal data we process, if and insofar as the GDPR is applicable, can exercise the following rights:

  • Obtain information about your stored personal data;
  • Amend incorrect personal data;
  • Erase the data we have stored about you provided we are not obliged or entitled by applicable law to keep your data;
  • Restrict the processing of your data provided we are not yet allowed to erase it due to statutory obligations;
  • Object to us processing your data;
  • Data portability provided you have given us your consent to process your data or concluded a contract with us.

Data subjects whose personal data we process have the right to appeal to a member of an appropriate supervisory authority. The supervisory authority for data protection in Switzerland is the Federal Data Protection and Information Commissioner (FDPIC).


Access data/server log files

We work in close cooperation with our hosting providers to do our all to protect the databases as successfully as possible against third-party access, loss, misuse and fraud.

When accessing our website, the following data is stored in log files: IP address, date, time, browser request and generally transmitted information about the operating system and browser. This usage data forms a basis for statistical, anonymous evaluations that enable us to identify trends that we can use to help improve our website content.

 

 


 


 

Google Analytics

This website uses Google Analytics, a web analytics service provided by Google Inc. (“Google”). Google Analytics uses “cookies”, which are text files saved on your computer that make it possible to analyse how you use the website.

The information generated by cookies about your usage of this website is usually transmitted to a Google server in the USA, where it is saved.  If IP anonymisation is activated on this website, however, Google will truncate your IP address within European Union Member States or other signatory states of the Agreement on the European Economic Area prior to its transmission.

Only in exceptional cases will the full IP address be sent to a Google server in the USA and then truncated. Google will use this information to evaluate how you use the website in order to compile website activity reports for the website operator as well as to provide additional services associated with the usage of the website and the Internet. Google may also share this information with third parties where this is required by law or in order for third parties to process this data on its behalf. The IP addresses transmitted from your browser within the scope of Google Analytics will not be consolidated with other data from Google.

You can prevent cookies from being installed by activating the appropriate browser software settings. Please note, however, that if you do this, you may not have full and comprehensive use of all the functions of this website.  By using this website, you agree to Google processing the information collected about you in the manner and for the purpose described above.

You can find more information about the web analysis service used on the Google Analytics website https://www.google.com/analytics/. You can find instructions on how to prevent your data from being processed by the web analysis service here: https://tools.google.com/dlpage/gaoptout?hl=en-GB.

 

Google reCAPTCHA

To protect forms from spam, we use the Google Inc. (Google) reCAPTCHA service.

reCAPTCHA allows to check if data input on our website is performed by humans or by an automatic program (e.g. in a contact form). For this purpose, reCAPTCHA analyses the behaviour of the website user through various characteristics. This analytic process starts automatically when the website user accesses the website. In order to run this analysis, reCAPTCHA evaluates various information (e.g. IP address, website user dwell time on the website or mouse movements made by the user). The data collected during the analysis is passed on to Google.

reCAPTCHA analyses run completely in the background. Website users are not notified that an analysis is running.

You can find further information on Google reCAPTCHA and Google’s privacy statement via the following links: https://www.google.com/recaptcha and https://www.google.com/privacy.

 

SSL encryption 

To protect the security of your data during transfer, we use state-of-the-art encryption technology (e.g. SSL) via HTTPS.


Contact form

By contacting us via e-mail or a contact form, you give your consent to contact you. This requires a valid e-mail address, which is allocated to the request so that a response can be sent to it. The information you provide will be stored for the purpose of processing the request and for possible follow-up questions.

 

Data security

We use appropriate technical and organisational security measures to protect your personal data stored from manipulation, partial or complete loss and unauthorised access by third parties. We are continuously improving our security measures in line with the latest technological developments.

We take reasonable precautions to protect your information. The transmission of information via the Internet and other electronic means always carries certain security risks and we cannot guarantee the security of information transmitted in this way.

 

Responsible person

If you have any questions about data protection, please contact the member of staff responsible for data protection in our association:

AIAG
Data Protection Officer
Seilergraben 61
CH-8001 Zurich
Switzerland
info@aiag-iahi.org

 

Amendments to this privacy statement

We reserve the right to amend this privacy statement at any time and without prior notice.

AIAG privacy statement, last updated: August 2018