Privacy policy

With this data protection declaration, we inform you about the personal data we process in the course of our activities and operations, including our website lunetterie.ch. In particular, we will inform you of the purpose, manner and location of personal data processing. We also inform you of the rights of the persons whose data we process.

Other data protection declarations as well as other legal documents, such as general terms and conditions (GTC), terms of use or conditions of participation, may apply to individual or additional activities and events.

We are subject to Swiss data protection law as well as any foreign data protection law that may be applicable, in particular that of the European Union (EU) with the General Data Protection Regulation (GDPR). The European Commission recognizes that Swiss data protection law guarantees adequate data protection.

1. contact addresses

Responsibility for processing personal data :

Lunetterie du Léman SA
Rue de Lausanne 10
1800 Vevey
Switzerland

info@lunetterie.ch

We draw your attention to the fact that, in some cases, there are other persons responsible for processing personal data.

2. legal concepts and foundations

2.1 Definitions

Personal data is any information relating to an identified or identifiable natural person. A data subject is a person about whom we process personal data.

Visittreatment includes any handling of personal data, which that are the means and processes used, for example the consultation, comparison, adaptation, archiving, storage, extraction, communication, collection, input, collection, deletion, disclosure, classification, organization, storage, modification, dissemination, interconnection, destruction and use of personal data.

TheEuropean Economic Area (EEA ) comprises the member states of the European Union (EU) plus the Principality of Liechtenstein, Iceland and Norway. The General Data Protection Regulation (GDPR) describes the processing of personal data as the processing of personal data.

2.2 Legal basis

We process personal data in accordance with Swiss data protection legislation, in particular the Federal Data Protection Act (DPA) and the Data ProtectionOrdinance (DPO).

We process – if and insofar as the General Data Protection Regulation (GDPR) is applicable – personal data in accordance with at least one of the following legal bases:

  • Art. 6, paragraph 1, letter b of the RGPD for the necessary processing of personal data for the performance of a contract with the data subject as well as for the performance of pre-contractual measures.
  • Art. 6, para. 1, let. f of the GDPR for the necessary processing of personal data to safeguard our legitimate interests or those of third parties, insofar as fundamental rights and freedoms and the interests of the data subject do not prevail. Legitimate interests include our interest in being able to carry out our business and activities in a sustainable, user-friendly, secure and reliable manner, as well as communicating about this, guaranteeing information security, protecting against misuse, enforcing our own legal claims and complying with Swiss law.
  • Art. 6, paragraph 1, letter c of the GDPR for the necessary processing of personal data in order to fulfil a legal obligation to which we are subject in accordance with the possibly applicable law of the member states of the European Economic Area (EEA).
  • Art. 6, para. 1, let. e of the GDPR for the necessary processing of personal data for the performance of a task in the public interest.
  • Art. 6, para. 1, let. a of the RGPD for the processing of personal data with the consent of the data subject.
  • Art. 6, para. 1, let. d of the GDPR for the necessary processing of personal data to protect the vital interests of the data subject or another natural person.

3. nature, scope and purpose

We process personal data that is necessary for us to be able to carry out our activities and operations in a sustainable, user-friendly, safe and reliable manner. This personal data may belong in particular to the following categories: inventory and contact data, browser and device data, content data, metadata or marginal data and usage data, location data, sales data as well as contract and payment data.

We process personal data only as long as necessary for the purpose(s) concerned or as required by law. Personal data whose processing is no longer necessary is rendered anonymous or deleted.

We may have personal data processed by third parties. We may process personal data in collaboration with third parties or pass them on to third parties. These third parties include specialized service providers whose services we use. We also guarantee data protection with these third parties.

In principle, we only process personal data with the consent of the persons concerned. If and insofar as processing is permitted for other legal reasons, we may waive the requirement for consent. For example, we may process personal data without consent in order to fulfill a contract, comply with legal obligations or protect overriding interests.

In particular, we process information that a data subject voluntarily provides to us when making contact – for example by post, e-mail, instant messaging, contact form, social media or telephone – or when registering a user account. For example, we may store such information in an address book, in a customer relationship management (CRM) system or using comparable tools. Where data relating to other persons is transmitted to us, the persons transmitting the data are obliged to guarantee the data protection of these persons and the accuracy of this personal data.

In addition, we process personal data that we receive from third parties, obtain from publicly available sources or collect in the course of our activities and operations, if and insofar as such processing is permitted for legal reasons.

4. personal data abroad

In principle, we process personal data in Switzerland and in the European Economic Area (EEA). We may, however, export or transfer personal data to other countries, in particular in order to process it or have it processed in those countries.

We may export personal data to any of the following countries States and territoriesinsofar as local legislation guarantees adequate data protection in accordance with the law. decision of the Swiss Federal Council and – if and insofar as the General Data Protection Regulation (GDPR) is applicable – in accordance with the decision of the European Commission.

We may transfer personal data to countries whose laws do not guarantee adequate data protection, provided that data protection is ensured for other reasons, in particular on the basis of standard data protection clauses or with other appropriate safeguards. Exceptionally, we may export personal data to states that do not have adequate or appropriate data protection if the particular data protection conditions are met, for example the explicit consent of the data subjects or a direct link to the conclusion or performance of a contract. On request, we will be happy to provide information on any warranties or to supply copies of any warranties.

5. rights of the persons concerned

5.1 Data protection rights

We grant data subjects all the rights provided by applicable data protection legislation. In particular, data subjects have the following rights:

  • Information: data subjects may ask whether we process personal data about them and, if so, which personal data. Data subjects are also provided with the information they need to assert their data protection rights and to ensure transparency. This includes not only the personal data processed as such, but also, among other things, information on the purpose of the processing, the retention period, any communication or export of data to other countries and the origin of the personal data.
  • Rectification and restriction: data subjects can have inaccurate personal data rectified, incomplete data completed and the processing of their data restricted.
  • Erasure and objection: data subjects can have their personal data erased (“right to be forgotten”) and object to the processing of their data with effect for the future.
  • Surrender of data and transfer of data: Data subjects may request the surrender of personal data or the transfer of their data to another manager.

We may suspend, limit or refuse the exercise of data subjects’ rights to the extent permitted by law. We may draw the attention of data subjects to any conditions that must be met in order to exercise their data protection rights. For example, we may refuse to provide all or part of the information on the grounds of business confidentiality or the protection of others. We may also refuse, for example, to delete all or part of personal data on the grounds of legal retention obligations.

Exceptionally, we may charge a fee for exercising rights. We will inform you in advance of any costs involved.

We are obliged to take appropriate measures to identify data subjects who request information or assert other rights. The persons concerned are required to cooperate.

5.2 Right of recourse

Data subjects have the right to assert their data protection rights by legal means or to lodge a complaint with a competent data protection supervisory authority.

The Swiss Federal Data Protection and Information Commissioner (FDPIC) is the data protection supervisory authority for private managers and federal bodies in Switzerland.

Data subjects have the right – if and insofar as the General Data Protection Regulation (GDPR) is applicable – to lodge a complaint with a competent European data protection supervisory authority.

6. data security

We take appropriate technical and organizational measures to ensure data security appropriate to the respective risk. However, we cannot guarantee absolute data security.

Our website is accessed using transport encryption (SSL / TLS, in particular Hypertext Transfer Protocol Secure, abbreviated HTTPS). Most browsers indicate transport encryption with a padlock in the address bar.

Our digital communications – like all digital communications – are subject to mass surveillance without cause or suspicion, as well as other forms of surveillance by security authorities in Switzerland, the rest of Europe, the United States of America (USA) and other countries. We have no direct influence on the processing of personal data by secret services, police and other security authorities.

7. use of the website

7.1 Cookies

We may use cookies. Cookies, whether our own cookies (first-party cookies) or cookies from third parties whose services we use (third-party cookies), are data stored in the browser. This stored data is not necessarily limited to traditional text cookies.

Cookies can be stored temporarily in the browser as “session cookies” or for a specific period of time as “permanent cookies”. Session cookies” are automatically deleted when the browser is closed. Permanent cookies are stored for a specific period of time. In particular, cookies enable us to recognize a browser the next time you visit our website and thus measure, for example, the reach of our website. Permanent cookies can also be used for online marketing purposes, for example.

Cookies can be deactivated or deleted in whole or in part at any time in the browser settings. Without cookies, our website may no longer be available in its entirety. We actively seek – at least if and insofar as necessary – explicit consent to the use of cookies.

For cookies used for audience and success measurement or for advertising, a general opposition (“opt-out”) is possible for many services via AdChoices (Digital Advertising Alliance of Canada), the Network Advertising Initiative (NAI), YourAdChoices (Digital Advertising Alliance) or Your Online Choices (European Interactive Digital Advertising Alliance, EDAA).

7.2 Server log files

We may collect the following information for each access to our website, to the extent that it is transmitted by your browser to our server infrastructure or can be determined by our web server: date and time, including time zone, IP (Internet Protocol) address, access status (HTTP status code), operating system, including user interface and version, browser, including language and version, subpage of our website accessed, including amount of data transmitted, last web page accessed in the same browser window (referrer).

We record this information, which may also constitute personal data, in server log files. This information is required to provide our website in a durable, user-friendly and reliable manner, and to ensure data security – in particular the protection of personal data – also by third parties or with the help of third parties.

7.3 Tracking pixels

We may use tracking pixels on our website. Pixels are also known as web beacons. Pixels – also those of third parties whose services we use – are small, generally invisible images that are automatically called up when you visit our website. Tracking pixels collect the same information as server log files.

8. social media

We have a presence on social media platforms and other online platforms so that we can communicate with interested parties and keep them informed about our business and activities. In the context of these platforms, personal data may also be processed outside Switzerland and the European Economic Area (EEA).

The general terms and conditions (GTC) and conditions of use as well as the data protection declarations and other provisions of the individual operators of these platforms also apply. In particular, these provisions provide information on the rights of data subjects directly vis-à-vis the platform in question, including, for example, the right of access.

For our social media presence on Facebook, including so-called Pages-Insights, we are – if and insofar as the General Data Protection Regulation (GDPR) is applicable – jointly responsible with Meta Platforms Ireland Limited (Ireland). Meta Platforms Ireland Limited is one of the Meta companies (including in the USA). Pages-Insights provide information on how visitors interact with our Facebook presence. We use Pages-Insights to make our social media presence on Facebook more efficient and user-friendly.

Further information on the nature, extent and purpose of data processing, information on the rights of data subjects and contact details for Facebook and the Facebook data protection officer can be found in the Facebook privacy statement. We have entered into what is known as the “Responsible Party Supplement” with Facebook, and have thus agreed in particular that Facebook is responsible for guaranteeing the rights of data subjects. For Pages-Insights, the relevant information can be found on the “Pages-Insights information” page, including “Pages-Insights data information”.

9. third-party services

We use the services of specialized third parties to enable us to carry out our activities and operations in a sustainable, user-friendly, secure and reliable manner. Among other things, these services enable us to integrate functions and content into our website. During such integration, the services used at least temporarily capture users’ Internet Protocol (IP) addresses for imperative technical reasons.

For security, statistical and technical reasons, third parties whose services we use may process aggregated, anonymous or pseudonymized data in connection with our activities. This includes, for example, performance or usage data, in order to be able to offer the service concerned.

In particular, we use

9.1 Digital infrastructure

We use the services of specialized third parties to provide us with the digital infrastructure required for our activities and operations. These include hosting and storage services provided by selected suppliers.

In particular, we use

9.2 Cartographic material

We use third-party services to integrate maps into our website.

In particular, we use

9.3 Fonts

We use third-party services to integrate selected fonts, icons, logos and symbols into our website.

In particular, we use

9.4 Advertising

We use the ability to display targeted advertisements about our business and activities to third parties, such as social media platforms and search engines.

With this advertising, we aim to reach people who are already interested in our activities or who might be interested in them(remarketing and targeting). For this purpose, we may pass on relevant data – possibly also personal data – to third parties who enable such advertising. We can also determine whether our advertising is effective, i.e. whether it leads to visits to our website (conversion tracking).

Third parties with whom we advertise and where you are registered as a user may associate the use of our online offer with your profile there.

In particular, we use

10. measuring success and reach

We try to find out how our online offer is used. For example, we can measure the success and scope of our activities and operations, as well as the effect of third-party links to our website. But we can also, for example, test and compare how different parts or versions of our online offering are used (“A/B test” method). Based on the results of success and reach measurement, we can correct errors, reinforce popular content or make improvements to our online offering.

In most cases, the Internet Protocol (IP) addresses of individual users are recorded to measure success and reach. In this case, IP addresses are usually abbreviated (“IP masking”) to comply with the principle of data minimization, thanks to the corresponding pseudonymization.

When measuring success and reach, cookies may be used and user profiles created. The user profiles that may be created include, for example, the individual pages visited or content viewed on our website, details of screen or browser window size and location – at least approximately. In principle, any user profiles are created exclusively as pseudonyms and are not used to identify individual users. Some third-party services to which users are registered may link the use of our online offering to the user’s account or profile with the relevant service.

In particular, we use

  • Antispam Bee privacy-friendly, yet effective and reliable spam protection (distinction between comments intended by humans and comments not intended by robots, as well as spam); developers: Pluginkollektiv (in Germany and the rest of Europe); data protection information: use on own server infrastructure and without cookies, documentation (Pluginkollektiv), documentation (GitHub).
  • Imagify: image optimization; provider: WP MEDIA (France); data protection information: conditions (“Terms of Service”), “Frequently Asked Questions” (“FAQ”).

11. Final provisions

We may amend and supplement this data protection declaration at any time. We will inform you of these changes and additions in a suitable form, in particular by publishing the current data protection declaration on our website.

This data protection has been automatically translated.