Data protection
1. What this privacy policy is about
WildVenture GmbH (“we” “us”) takes the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with statutory data protection regulations. This privacy policy informs you about how we process personal data and demonstrates our commitment to protecting it.
We obtain and process personal data concerning you or other persons (so-called "third parties"). We use the term "data" here synonymously with "personal data".
In this data protection declaration, we describe what we do with your data when you use the website www.carboncare.org or www.carboncare.ch ("our website"), obtain our services or products, communicate with us or otherwise with us have to do. If necessary, we will provide you with timely written notice of any additional processing activity not mentioned in this Privacy Policy. In addition, we can inform you separately about the processing of your data, for example in declarations of consent, contractual conditions, additional data protection declarations, forms, and notices.
If you provide us with data about other people such as family members, work colleagues, company details, etc., we assume that you are authorized to do so and that this data is correct. By transmitting data via third parties, you confirm this. Please also ensure that these third parties have been informed of the privacy policy.
This data protection declaration is designed to comply with the requirements of the EU General Data Protection Regulation ("GDPR") and the revised Swiss Data Protection Act ("DSG"), which came into force on September 1, 2023. However, whether and to what extent these laws are applicable depends on the individual case.
2. Who is responsible for processing your data
WildVenture GmbH, Oberbergstrasse 110, CH-6390 Engelberg, is responsible under data protection law for the data processing described in this data protection declaration, unless otherwise communicated in individual cases.
In sections 5, 6, 7, 8, 9 and 10 you will find further information on third parties with whom we work and who are responsible for your processing. If you have any questions about exercising your rights against these third parties, please contact them directly.
For every data processing, there are one or more bodies that are responsible for ensuring that the processing complies with the requirements of data protection law. This position is called the responsible person. For example, it is responsible for answering requests for information (Section 13 ) or ensuring that personal data is secured and is not used inappropriately.
Other bodies may also be responsible for the data processing described in this data protection declaration if they have a say in the purpose or design. If you would like information about the individual responsible for specific data processing, you are welcome to request information from us within the scope of your right to information (Section 13). WildVenture GmbH remains your primary contact, even if there are other co-responsible parties.
For your data protection concerns and to exercise your rights, you can contact the following contact point:
WildVenture GmbH
Oberbergstrasse 110
CH-6390 Engelberg
datenschutz@carboncare.org
+41 41 511 26 03
3. Type and extent
Personal data that is collected as a result of using CarbonCare's services and our website is generally collected. These include in particular:
Technical data: When you use our website or other electronic offers, we collect the IP address of your device and other technical data to ensure the functionality and security of these offers. This data also includes logs that record the use of our systems. We generally retain technical data for 60 months. In order to ensure the functionality of our offers, we can also assign you or your device an individual code (e.g., in the form of a cookie, see Section 4. The technical data in themselves generally does not allow any conclusions to be drawn about your identity. Within the framework of However, user accounts, registrations or the processing of contracts can be linked to other categories of data (and thus, if necessary, to you personally). The technical data includes, among other things, the date and time you access our website, IP address, name and version of your web browser, the website (URL) that you visited before accessing our website, certain cookies (see Section 4 .
Communication data: If you contact us via the contact form, by email or telephone, by letter or other means of communication, we collect the data exchanged between you and us, including contact details and peripheral data of the communication.
Registration data: Certain offers and services can only be used with a user account or registration, which can be done directly with us or via our external login service providers. You will need to provide us with certain information and we will collect information about your use of the offer or service. This includes, among other things, the following data: name, email address, telephone number, position within a company, correspondence, and other communication with customers. We generally retain registration data for 60 months after the end of use of the service or the termination of the user account.
Master data: We refer to master data as the basic data that we need in addition to the contract data (see immediately) for the processing of our contractual and other business relationships or for marketing and advertising purposes, your bank details, customer history, signature authorizations and declarations of consent. We process your master data if you are a customer or other business contact or work for one (e.g., as a contact person for the business partner), or because we want to address you for our own purposes or the purposes of the contractual partner (e.g., in the context of marketing and Advertising, newsletters, etc.). We receive master data from you (e.g., when concluding a contract or as part of registration), from departments for which you work, or from third parties such as our contractual partners. We generally store this data for 10 years from the last exchange with you, but at least from the end of the contract. The deadline may be longer if this is necessary for evidentiary reasons or to comply with legal or contractual requirements or for technical reasons. For purely marketing and advertising contacts, the period is usually much shorter, usually no more than 5 years since the last contact.
Contract data: This is data that arises in connection with the conclusion of a contract or the processing of the contract, e.g., information about contracts and the services to be provided or provided, as well as data from the run-up to the conclusion of a contract that is necessary for processing or that you provide to us voluntarily or disclosed without being asked. We generally collect this data from you, from contractual partners and from third parties involved in the processing of the contract. We generally retain this data for 10 years from the last contractual activity, but at least from the end of the contract. This period may be longer if this is necessary for evidentiary reasons or to comply with legal or contractual requirements or for technical reasons.
You provide us with many of the aforementioned data yourself (e.g., via forms, when communicating with us, in connection with contracts, when using the website, etc.). You are not obliged to do this, subject to individual cases (for example if you use the free calculation more than five times a day). If you want to conclude contracts with us or use services, you must also provide us with data as part of your contractual obligation in accordance with the relevant contract, in particular master, contract, and registration data. When using our website, the processing of technical data is unavoidable. If you would like to receive (regular) access to certain services, you must provide us with registration data. We only provide regular use of the calculator (more than five times a day) if you provide us with registration data because we want to know who is using our service or because we want to communicate with you.
We would like to point out that data transmission over the Internet (e.g., when communicating via email) can have security gaps. Complete protection of data from access by third parties is not possible.
4. Use of online tracking and online advertising techniques
We use various technologies on our website with which we and third parties we engage can recognize you when you use it and (under certain circumstances) also track you across multiple visits. In this section we will inform you about it.
Essentially, it is about us being able to distinguish your access (via your system) from access from other users so that we can ensure the functionality of the website and carry out evaluations and personalization. We do not want to draw conclusions about your identity, even if we can, if we or third parties we engage can identify you through combination with registration data. Even without registration data, the technologies used are designed in such a way that you are recognized as an individual visitor each time you visit the page, for example by our server (or the servers of third parties) assigning you or your browser a specific identification number (so-called "cookies").
Cookies do not cause any damage to your computer and do not contain viruses. Cookies serve to make our offering more user-friendly, effective, and secure. Cookies are small text files that are stored on your computer and that your browser saves.
We use such techniques on our website and allow certain third parties to do the same. Depending on the purpose of these techniques, we will ask for your consent before they are used. You can program your browser so that it blocks certain cookies or alternative technologies, deceives you or deletes existing cookies.
Most of the cookies we use are so-called “session cookies”. They are automatically deleted after your visit. Other cookies remain stored on your device until you delete them. These cookies enable us to recognize your browser the next time you visit.
Our website also uses functions of the web analysis service Google Analytics. Google Ireland (based in Ireland) is the provider of the “Google Analytics” service and acts as data processor. For this purpose, Google Ireland relies on Google LLC (based in the USA) as its data processor (both “Google”). Google uses cookies to track the behavior of visitors to our website (duration, frequency of the page accessed,
WildVenture GmbH, CH-6390 Engelberg, data protection declaration_V2 4 October 01, 2023
geographical origin of access, etc.) and creates reports for us on the use of the website on this basis. We have configured the service so that the IP addresses of visitors to Google in Europe are shortened before being forwarded to the USA and therefore cannot be traced back. Although we can assume that the information, we share with Google is not personal data for Google, it is possible that Google can draw conclusions about the identity of visitors from this data for its own purposes, create personal profiles and share this data with Google -Accounts of these people can be linked. If you agree to the use of Google Analytics, you explicitly consent to such processing, which also includes the transfer of personal data (in particular website and app usage data, device information and individual IDs) to the USA and other countries. Information about Google Analytics data protection can be found here: https://support.google.com/analytics/answer/6004245.
In conjunction with cookies, Google also places small graphic files, so-called “web beacons”, which enable the user or user behavior to be identified. By using the web beacon, simple actions such as visitor traffic on the website can be recorded and collected. The information generated by such web beacons about your use of our website is usually also transmitted to a Google server in the USA and stored there (see just now).
You can set your browser so that you are informed about the setting of cookies and only allow cookies and the display of web beacons in individual cases, exclude the acceptance of cookies or the display of web beacons for certain cases or in general, and the automatic deletion of the Enable cookies when closing the browser. If cookies are deactivated, the functionality of our website may be restricted.
5. Social networks
We may operate on social networks and other platforms and other online presences operated by third parties and collect the data about you described in Section 3 and below. We receive this data from you and the platforms when you come into contact with us via our online presence (e.g., when you communicate with us, comment on our content or visit our presence). At the same time, these platforms evaluate your use of our online presence and link this data with other data about you known to the platforms (e.g., about your behavior and preferences). They also process this data for their own purposes under their own responsibility, in particular for marketing and market research purposes (e.g., to personalize advertising) and to control their platforms (e.g., what content they show you).
We process this data for the purposes stated in section 3 . We can distribute content that you publish yourself (e.g., comments on an announcement) ourselves (e.g., reply on the platform). We or the operators of the platforms may also delete or restrict content from or about you in accordance with the usage guidelines (e.g., inappropriate comments).
For further information on the processing carried out by the operators of these platforms, please refer to the platforms' data protection information. There you will also find out in which countries they process your data, what information, deletion and other data subject rights you have and how you can exercise these or obtain further information. We currently use the following platform:
• LinkedIn: https://ch.linkedin.com/company/carboncare-co2
6. Digital infrastructure
be able to use the necessary digital infrastructure in connection with our activities and activities. These include, for example, hosting and storage services from selected providers.
The provider of our website automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:
IP address
Browser type and browser version
WildVenture GmbH, CH-6390 Engelberg, data protection declaration_V2 5 October 01, 2023
operating system used
Referrer URL
Host name of the accessing computer
Time of server request
This data cannot be directly assigned to specific persons. This data will not be merged with other data sources. We reserve the right to subsequently check this data if we become aware of concrete indications of illegal use.
This data and all data on this website are stored by our hosting provider K+S Information (Schweiz) GmbH, Fracht West, CH-8058 Zurich Airport, whose privacy policy can be found at: ssl.loggpro.net/ksinfo/.
We use specialized audio and video conferencing services to communicate online. For example, we can use it to hold virtual meetings and conduct online lessons. The legal texts of the individual services such as data protection declarations and terms of use also apply to participation in audio and video conferences.
7. Purpose of data processing
We will use personal data as follows:
to provide the services offered by WildVenture GmbH (acceptance, management and processing of contractual relationships);
to provide you with our website and services;
for market research, to improve our services and operations and for product development;
to respond to your inquiries;
to maintain and develop customer relationships;
for marketing purposes, e.g., to make you a (supplementary) offer;
to be able to create usage statistics;
for internal training purposes and quality control;
to comply with laws, instructions and recommendations from authorities and internal regulations (compliance);
to prevent, detect and combat abuse;
to answer legitimate official inquiries or in connection with the enforcement of claims or other legal disputes that concern WildVenture GmbH or in which WildVenture GmbH is involved.
We process data for marketing purposes and to maintain relationships, for example to send our customers and other contractual partners personalized advertising about our products and services. This can, for example, be in the form of newsletters and other regular contacts, via channels for which we have contact information from you, but also as part of individual marketing campaigns. You can reject such contacts at any time or refuse or revoke your consent to be contacted for advertising purposes.
We send notifications and communications via email and other communication channels such as instant messaging or SMS.
We also send notifications with the help of specialized service providers.
We particularly use:
Mailchimp: communication platform; Provider: The Rocket Sience Group LLC DBA Mailchimp (USA) as a subsidiary of Inuit Inc. (USA); Data protection information: https://www.intuit.com/privacy/statement/ , including "Region and state -specific terms ").
8. Legal basis
If we ask you for your consent for certain processing operations, we will inform you separately about the corresponding purposes of the processing. You can revoke your consent at any time with future effect by sending us a written notice (by post) or, unless otherwise stated or agreed, by email; You can find our contact details in section 2 . Once we have received notice of your withdrawal of consent, we will no longer process your data for the purposes to which you originally consented, unless we have another legal basis for doing so. Revoking your consent will not affect the lawfulness of the processing carried out based on your consent before its revocation.
Where we do not ask for your consent for processing, we will base the processing of your personal data on the fact that the processing is necessary for the initiation or performance of a contract with you (or the entity you represent) or that we or a third party have a legitimate interest in particular in order to pursue the purposes and associated goals described above in section 7 and to be able to carry out corresponding measures. Our legitimate interests also include compliance with legal regulations, unless this is already recognized as a legal basis by the applicable data protection law (e.g., in the case of the GDPR, the law in the EEA and Switzerland). This also includes the marketing of our products and services, the interest in better understanding our markets and the safe and efficient management and further development of our company.
We rely in particular on the following legal bases:
. 6 Para. 1 lit. a GDPR for the processing of personal data with the consent of the person concerned.
. 6 Para. 1 lit. b GDPR for the necessary processing of personal data to fulfill a contract with the data subject and to carry out pre-contractual measures.
. 6 Para. 1 lit. c GDPR for the necessary processing of personal data to fulfill a legal obligation to which we are subject under any applicable law of member states in the European Economic Area (EEA).
. 6 Para. 1 lit. d GDPR for the necessary processing of personal data in order to protect the vital interests of the data subject or another natural person.
. 6 Para. 1 lit. e GDPR for the necessary processing of personal data to carry out a task that is in the public interest.
1 DSG or Art. 6 Para. 1 lit. f GDPR for the necessary processing of personal data in order to protect the legitimate interests of us or third parties, unless the fundamental freedoms and fundamental rights and interests of the data subject outweigh this. Legitimate interests include, in particular, our interest in being able to carry out our activities and activities in a permanent, user-friendly, secure and reliable manner and to be able to communicate about them, ensuring information security, protecting against misuse, enforcing our own legal claims and complying with Swiss law.
9. Transmission of your personal data
We generally do not pass on personal data to third parties, with the following exceptions:
IT service providers used by us;
accounting service providers we use;
Third parties who are or are commissioned by us to provide the services at home and abroad;
other third parties to whom we have to pass on personal data in order to be able to provide our services in the interests of the customer.
All of these categories of recipients may in turn involve third parties so that your data can also become accessible to them. We can restrict processing by certain third parties (e.g., IT providers), but not that of other third parties (e.g., authorities).
We also enable certain third parties to collect personal data from you on our website (in particular providers of tools that we have integrated on our website, etc.). To the extent that we are not significantly involved in this data collection, these third parties are solely responsible for it. If you have any concerns or want to assert your data protection rights, please contact this third party directly. See paragraphs 4 and 6 for the website.
10. Transfer of your personal data abroad
We generally process personal data in Switzerland. However, we can also export or transfer personal data to other countries, in particular in order to process it or have it processed there.
We can export personal data to all countries provided that the law there guarantees adequate data protection in accordance with a decision of the Swiss Federal Council and - if and to the extent that the General Data Protection Regulation of the European Union (GDPR) is applicable - in accordance with a decision of the European Commission.
Occasionally, and only, if necessary, we may transfer personal data to foreign recipients, including countries that do not offer the same level of data protection as Switzerland or Europe. In particular, some data is processed in India. We will only arrange such transfer abroad if it is necessary to fulfill the services.
If a recipient is located in a country without adequate legal data protection, we contractually oblige the recipient to comply with the applicable data protection (for this purpose we use the standard contractual clauses of the European Union which are recognized by the Federal Data Protection and Information Commissioner FDPIC). As an exception, we can export personal data to countries without adequate or suitable data protection if the special data protection requirements are met, for example the express consent of the data subjects or a direct connection with the conclusion or execution of the contract.
Please also note that data exchanged over the Internet is often routed via third countries. Your data can therefore end up abroad even if the sender and recipient are in the same country.
Data is processed in the following European countries:
Italy
Germany
11. Duration of storage
We process your data for as long as our processing purposes, the legal retention periods and our legitimate interests in processing for documentation and evidence purposes require it, or for as long as storage is required for technical reasons. Further information on the respective storage and processing times can be found under the individual data categories. If there are no legal or contractual obligations to the contrary, we will delete or anonymize your data after the storage or processing period has expired as part of our usual processes.
12. Protection of personal data
We use appropriate technical and organizational measures to protect the confidentiality and integrity of personal data within the framework of legal regulations.
We protect your data transmitted via our website during transport using suitable encryption mechanisms. But we can only secure areas that we control. We also require our processors to take appropriate security measures. However, security risks cannot generally be completely ruled out; residual risks are unavoidable.
13. Right to information, deletion, blocking
The applicable data protection law grants you the right to object to the processing of your data under certain circumstances, in particular those for direct marketing purposes and other legitimate interests in the processing.
To make it easier for you to control the processing of your personal data, you also have the following rights in connection with our data processing, depending on the applicable data protection law:
the right to request information from us as to whether and what data we process about you;
the right for us to correct data if it is inaccurate;
the right to request deletion of data;
the right to request that we release certain personal data in a common electronic format or to transfer it to another person responsible;
the right to withdraw consent to the extent that our processing is based on your consent;
the right to request further information necessary to exercise these rights.
If you wish to exercise any of the above rights against us, please contact us in writing, at our location or, unless otherwise stated or agreed, by email; You can find our contact details in section 2 . In order for us to rule out misuse, we must identify you (in particular by querying the information we have about you, e.g., email address, telephone number, position in the company, company turnover, etc.).
Please note that these rights are subject to requirements, exceptions or restrictions under applicable data protection law (e.g., to protect third parties or trade secrets). For example, we can also refuse to delete personal data in whole or in part with reference to legal retention obligations or legitimate retention interests. We will inform you accordingly if necessary.
We may, in exceptional circumstances, provide for costs for the exercise of the rights. We will inform those affected in advance about any costs.
If you do not agree with how we handle your rights or data protection, please let us know. In particular, if you are located in the EEA, the UK or Switzerland, you also have the right to complain to your country's data protection supervisory authority.
14. Contact
If you have any questions regarding the processing of your personal data, please contact the contact point specified in Section 2 .
15. Final provision
We can adapt and supplement this data protection declaration at any time. We will provide information about such adjustments and additions in an appropriate form, in particular by publishing the current data protection declaration on our website.