Graf + Cie AG and each of its affiliates and subsidiaries (collectively "Graf") is aware that the security of your private information from the use of the Graf website is an important concern. Graf takes the protection of your personal data very seriously. Personal data means any information which may lead to your identification (hereinafter “Personal Data”). This Privacy Statement explains which data Graf collects and how Graf uses and protects the data collected. It also applies to any Personal Data that Graf processes.
“Personal Data” means any information relating to an identified or identifiable natural person (“data subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
“Controller” means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.
“Processing” means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction
2. Contact Details
Please contact Graf + Cie AG with any problems, questions or suggestions that you may have. The constant development of the internet requires occasional adjustments to this privacy statement. Graf retains the right to make changes when necessary.
The Controller of your Personal Data is:
Graf + Cie AG
+41 55 221 71 11
3. Collection of Data
When you visit and access the Graf website, the following information is automatically stored in log files: Internet Protocol (IP) address, date, time, browser request and general information on your operating system and browser. This data may be used to improve the content and usefulness of this website, to understand your usage of the website and to customize content based on your usage.
“Site Usage Information” includes, but is not limited to: (i) your browser type, device type, carrier (if applicable), device address, operating system, operating system address, IP address and the domain name from which you accessed a site; (ii) information about your region, continent, country, city, postal code, time zone, and general location; and (iii) information about your browsing activities on and through a site (also known as “click stream” data), such as (a) the date and time you visit one of the sites; (b) the areas or pages of a site that you visit; (c) the amount of time you spend viewing a site; (d) the website or pages you visited prior to visiting a site; (e) the websites or pages you visit after you leave a site; (f) social plug-ins with which you have interacted on Graf’s site; and (g) other similar site usage data.
This data, which is collected automatically or passively from or about you, could possibly lead to your identification, but Graf does not use it for that purpose.
You may furthermore actively provide Personal Data through various forms to inquire or receive information, products and more. In each case such Personal Data will be used to fulfil your request (e.g. placing an enquiry or order, signing up for a newsletter).
Even though Graf may be able to combine this data actively provided by you with the data collected automatically or passively from you, Graf does not do so. With regard to the Personal Data provided by you (e.g. for products or services you have requested, or for other purposes you have authorized), Graf relies on technical and organizational means to assure that applicable data security regulations are followed.
4. Processing of Personal Data/Transfer of Personal Data
The Personal Data collected by Graf as mentioned under section 3 “Collection of Data” stays with data processors or servers acting on Graf’s behalf and responsible to Graf. The Personal Data collected by Graf will not be passed on by Graf or by Graf’s agents for use by third parties in any form whatsoever, unless Graf has obtained your consent or is legally obliged to do so. For clarifications sake, the only exception thereto arises with regard to data collected passively from you on Graf’s website from third party cookies or related technologies. Such third party cookie/related technology providers may use your Personal Data for their own purposes and transfer such data into other jurisdictions (see thereto the also Graf’s Cookie Notice).
Graf will retain control of and responsibility for the use of any Personal Data processed by Graf. Some of this data may be stored or processed at computers located in other jurisdictions, such as the United States, whose data protection laws may differ from the jurisdiction in which you live. In such cases, Graf will ensure that appropriate protections are in place to require the data processor in that country to maintain protections on your Personal Data that are equivalent to those that apply in the country in which you live. In case you have questions relating to your Personal Data and potential transfers of your Personal Data and the potential protections taken connected to such transfers please do not hesitate to send an e-mail to firstname.lastname@example.org or contact the Controller at the address as set forth above under the section 2 “Contact Details”.
5. Purposes of Use
The Personal Data that you actively provide to Graf will only be used for the purpose for which you provide such data (e.g. for supplying you with the requested products or services or for other purposes for which you have given your consent), except where otherwise provided by law. The data which is collected automatically or passively from or about you is used from time to time for statistical purposes or other purposes (including for purposes of third party providers of cookies and/or related technologies) (please see thereto also Graf’s Cookie Notice).
Graf uses technical and organizational security precautions to protect your Personal Data from manipulation, loss, destruction or access by unauthorized persons. Any Personal Data that is provided to Graf by you will be encrypted in transit to prevent its possible misuse by third parties. Graf’s security procedures are continuously revised based on new technological developments.
7. Right of Access to, Rectification, Erasure or Restriction of Processing, Right to Object to Processing, Right to Data Portability
You have the right to request from the Controller (1) access to and (2) rectification or (3) erasure of your Personal Data or (4) restriction of processing of your Personal Data as well as you can (5) object to the processing of your Personal Data. In addition, you have (6) a right to data portability. Just send an e-mail to the Controller of your data email@example.com or contact the Controller at the address as set forth above under the section 2 “Contact Details”.
8. Right to Withdraw Consent at Any Time
You have the right at any time to withdraw your consent to the processing of your Personal Data for the future. For clarifications sake such withdrawal will, however, not affect the lawfulness of processing based on consent before its withdrawal. Again, just send an e-mail to the Controller of your Personal Data firstname.lastname@example.org or contact the Controller at the address as set forth above under the section 2 “Contact Details”.
9. Data Retention
Graf only retains personal data for as long as necessary for Graf to render a service you have requested or to which you have given your consent, except where otherwise provided by law (e.g. in connection with a pending litigation). With regard to data collected passively from you please also consider Graf’s Cookie Notice.
10. Right to Lodge a Complaint with a Supervisory Authority
If you are based in the EU you might have in addition the right to lodge a complaint with a supervisory authority in case you do not agree with the processing of your Personal Data.
BY PROVIDING PERSONAL DATA TO GRAF AND BY USING GRAF’S WEBSITE, YOU CONSENT TO THE COLLECTION AND USE OF YOUR PERSONAL DATA IN ACCORDANCE WITH THIS PRIVACY STATEMENT.
Last update: July 1, 2019