Privacy Policy

The website of Lucerne Business (hereinafter referred to as “Lucerne Business”) is subject to Swiss data protection law, especially the Swiss Federal Act on Data Protection (FADP), and applicable foreign law such as the EU General Data Protection Regulation (GDPR). The EU recognises that Swiss data protection law ensures an adequate level of data protection.


Access to our website is via transport encryption (SSL/TLS).


We are delighted that you are interested in our company. We take data protection particularly seriously. As a basic rule, it is possible to use the website of Lucerne Business without having to provide any personal details. However, if a data subject wishes to take advantage of specific services offered by our company via our website, it may be necessary to process personal data. If the processing of personal data is required and there is no legal basis for processing of this kind, we generally obtain the consent of the data subject.


The processing of personal data, for example, the name, address, e-mail address or telephone number of a data subject shall always be carried out in line with the statutory data protection provisions. The aim of this privacy policy is for our company to inform the general public about the type, scope and purpose of the personal data we collect, use and process. In addition, this privacy policy also serves to inform data subjects about their rights.


Lucerne Business, as controller, has introduced numerous technical and organisational measures in order to ensure the most comprehensive protection of the personal data processed via this website. Nevertheless, as a basic rule, there may be gaps in security when transferring data on the Internet, which means that absolute protection cannot be guaranteed. For this reason, each data subject is free also to send us personal data via alternative methods, such as over the phone. 

 

 

1. Name and address of operator

 

The operator within the meaning of the law (hereinafter referred to as the “Operator”) is

 

Lucerne Business

Alpenquai 30

CH-6005 Luzern

Phone +41 41 367 44 00

 

 

2. General information about data processing


We initially only collect and make use of the data mentioned in section 3 when you visit our website. Apart from this, we process personal data from our users only to the extent required for providing a well-functioning website and our content and services. We only collect and make use of personal data from our users on a regular basis after obtaining their consent. An exception applies in cases in which it is not possible to obtain consent in advance due to material reasons and processing of the data is permitted by statutory provisions.

 

2.1. Legal basis for the processing of personal data

In cases where we obtain the data subject’s consent for the processing of personal data, the Swiss Federal Act on Data Protection (FADP) and, if and insofar as applicable, Art. 6(1)(a) of the EU General Data Protection Regulation (GDPR) serve as the legal basis for the processing of personal data.


For the processing of personal data required for fulfilment of a contract to which the data subject is party, the Swiss Federal Act on Data Protection (FADP) and, if and insofar as applicable, Art. 6(1)(b) of the GDPR serve as the legal basis. This also applies to processing necessary for carrying out pre-contractual measures.


For the processing of personal data required for fulfilment of a legal obligation to which our company is subject, the Swiss Federal Act on Data Protection (FADP) and, if and insofar as applicable, Art. 6(1)(c) of the GDPR serve as the legal basis.


If processing is necessary to safeguard a justified interest of our company or a third party and the interests, basic rights and freedoms of the data subject do not outweigh the former interest, the Swiss Federal Act on Data Protection (FADP) and, if and insofar as applicable, Art. 6(1)(f) of the GDPR serve as the legal basis for processing.
 

2.2. Deletion of data and storage period

The personal data of the data subject shall be deleted or blocked as soon as the purpose of storage ceases to apply. Storage can also take place if this is required by the European or national legislator in Union ordinances, laws or other provisions to which the Operator is subject. Data are also blocked or deleted if a retention period prescribed by the aforementioned norms expires unless further storage of the data is required for the conclusion or fulfilment of a contract.

 

3. Provision of the website and creation of log files


3.1. Description, purpose and scope of data processing

Each time our website is visited, our system automatically records data and information from the computer system of the computer from which the site is visited. The following data are collected:

 

  • Information about the type of browser and the version used
  • Operating system of the user
  • IP address of the user
  • Date and time of access
  • Websites from which user’s system accesses our website
  • Websites retrieved by the user’s system via our website
  • Username (if the user has logged in)

 

The temporary storage of the IP address by the system is necessary to facilitate the delivery of the website to the user’s computer. To this end the user’s IP address must remain stored for the duration of the session. The log files contain IP addresses and other data facilitating assignment to a user. This might be the case, for instance, if the link to the website from which the user accesses the website, or the link to the website to which the user switches contains personal data.


The data are also stored in the log files of our system. No storage of these data together with other personal data of the user takes place. Storage in log files takes place to safeguard the functionality of the website. In addition, the data serve to enhance the website and safeguard the security of our IT systems. No evaluation of the data for marketing purposes takes place in this connection.


3.2. Legal basis for data processing

The legal basis for the temporary storage of the data and log files is the Swiss Federal Act on Data Protection (FADP) and, if and insofar as applicable, Art. 6(1)(f) of the GDPR.

 

3.3. Duration of storage

The data are deleted as soon as they are no longer required for the purpose for which they were collected. Technical server log files are automatically deleted after 365 days.
 

3.4. Right of objection and disposal

The collection of data for provision of the website and the storage of data in log files are essential for operation of the website. There is therefore no right of objection on the part of the user.
 

4. Use of cookies

 

This website uses cookies. Cookies are text files that are placed and stored on a computer system via an Internet browser.


Numerous websites and servers use cookies. Many cookies contain a so-called cookie ID. A cookie ID is a unique identifier of the cookie. It consists of a string of characters through which websites and servers can be assigned to the specific Internet browser in which the cookie was stored. This allows the visited websites and servers to differentiate between the individual browser of the data subject and other Internet browsers that contain other cookies. A specific Internet browser can be recognised and identified via the unique cookie ID.

 

Through the use of cookies, the users of this website can be provided with user-friendly services that would otherwise not be possible without the placing of cookies.


The information and services on our website can be optimised in the interests of the user using a cookie. As mentioned above, cookies allow us to recognise the users of our website. The purpose of this is to make it easier for users to use our website. The user of a website that uses cookies must not, for example, re-enter their login details every time they visit the website as this step is taken by the website and the cookie placed on the user’s computer system. A further example is the cookie for a basket in an online shop. The online shop remembers the items that a customer has put into their virtual basket via a cookie.


The data subject can prevent cookies from being placed by our website at any time via the relevant settings on the Internet browser in use, thus permanently preventing the placing of cookies. Furthermore, cookies that have already been placed can be deleted at any time via an Internet browser or other software programs. This is possible in all current Internet browsers. If the data subject deactivates the placing of cookies in the Internet browser in use, in some circumstances not all functions of our website will be fully usable.

 

4.1. Description, purpose and scope of data processing

Our website uses cookies. If a user retrieves a website, a cookie can be stored on the user’s operating system. This cookie contains a string of characters that allows the browser to be uniquely identified the next time the website is retrieved.


We use cookies to make our website more user-friendly. The user data collected through cookies required for technical reasons are not used to create user profiles.

 

We also use cookies on our website that permit an analysis of the surfing behaviour of users.

The following data can be transmitted in this way:

 

  • Search terms entered
  • Frequency of site retrievals
  • Use of website functions

 

Analysis cookies are used for the purpose of improving the quality of our website and its contents. The analysis cookies provide us with insights into how the website is used so that we can consistently enhance our offering.

 

4.2. Legal basis for data processing

The legal basis for the processing of personal data using cookies is the Swiss Federal Act on Data Protection (FADP) and, if and insofar as applicable, Art. 6(1)(f) of the GDPR.

 

4.3. Duration of storage, right of objection and disposal

Cookies are stored on the user’s computer and transmitted from there to our website. You as user therefore also have full control over the use of cookies. By altering the settings in your Internet browser, you can deactivate or restrict the transmission of cookies. Cookies already stored can be deleted at any time. This can also take place automatically. If cookies for our website are deactivated, you may no longer be able to make full use of all the functions of the website.

 

5. Newsletter


5.1. Description, purpose and scope of data processing

Newsletters are dispatched subject to registration by the user on our website. Our website offers the option of subscribing to a free newsletter. When registering for the newsletter, the data from the input screen are transmitted to us.


The following details are recorded on registration: title, first name, last name and e-mail address of the user. In addition, the following data are collected on registration that serve to prevent misuse of the services or e-mail address used and to provide evidence of your consent:

 

  • IP address of the retrieving computer
  • Date and time of registration

 

Your consent to the processing of the data is obtained when you submit registration and reference is made to this privacy policy. Newsletters are also dispatched due to the sale of goods or services. If you purchase goods or services on our website and provide your e-mail address for this purpose, this can subsequently be used by us for newsletter dispatch.  In such a case we will only use the newsletter for the direct marketing of proprietary goods and services of a similar nature.


No data shall be passed on to third parties in connection with the processing of data for the dispatch of newsletters. The data are used solely for dispatching the newsletter.

 

5.2. Legal basis for data processing

Newsletters are dispatched subject to registration by the user on our website. If the user has given consent, the legal basis for the processing of data following newsletter registration by the user is the Swiss Federal Act on Data Protection (FADP) and, if and insofar as applicable, Art. 6(1)(a) of the GDPR.


The legal basis for newsletter dispatch following the sale of goods and services is the Swiss Federal Act on Data Protection (FADP) and Swiss law in the area of the Federal Act on Unfair Competition (UCA) or, if and insofar as applicable, Section 7(3) of the UCA in conjunction with Art. 6(1)(f) of the GDPR.

 

5.3. Duration of storage

The data are deleted as soon as they are no longer required for the purpose for which they were collected. The user’s e-mail address is therefore stored for as long as the newsletter subscription is activated.

 

5.4. Right of objection and disposal

The newsletter subscription can be cancelled by the user at any time. Each newsletter contains a corresponding link for this purpose.
 

6. Contact forms and e-mail contact


6.1. Description, purpose and scope of data processing

Our website contains contact forms which can be used to contact us electronically. If a user makes use of this option, the data entered in the input screen are transmitted to us and stored. These data are:

 

  • Company (optional)
  • Surname
  • First name
  • Telephone number (optional)
  • E-mail address
  • Message

 

The following data are also stored at the time the message is sent:

 

  • IP address of the user
  • Date and time of registration

 

We process the personal data from the input screen only for the purpose of processing the contact. In the event of contact by e-mail, this also entails the requisite legitimate interest in processing the data. The other personal data processed during transmission serve to prevent misuse of the contact form and safeguard the security of our IT systems.


No data are forwarded to third parties in this connection. The data are used solely for processing the conversation.

 

6.2. Legal basis for data processing

If the user has given consent, the legal basis for the processing of data is the Swiss Federal Act on Data Protection (FADP) and, if and insofar as applicable, Art. 6(1)(a) of the GDPR.

 

The legal basis for the processing of data transmitted when sending an e-mail is the Swiss Federal Act on Data Protection (FADP) and, if and insofar as applicable, Art. 6(1)(f) of the GDPR. If the purpose of the e-mail contact is to conclude a contract, the Swiss Federal Act on Data Protection (FADP) and, if and insofar as applicable, Art. 6(1)(b) of the GDPR serve as an additional legal basis for processing.

 

6.3. Duration of storage

The data are deleted as soon as they are no longer required for the purpose for which they were collected. For personal data from the input screen of the contact form and such data sent by e-mail, this is the case once the applicable conversation with the user is over. The conversation is over when it can be assumed from the circumstances that the matter in question has been conclusively resolved.

 

6.4. Right of objection and disposal

The user has the option of withdrawing their consent to the processing of their personal data at any time. If the user contacts us by e-mail (or via the contact form), they can withdraw their consent to the storage of their personal data at any time. In such a case the conversation cannot be continued and the withdrawal of consent must be made by telephone.

All personal data stored during the establishment of contact will in this case be deleted.

 

7. Rights of the data subject

 

If your personal data are processed, you are the “data subject” within the meaning of the Swiss Federal Act on Data Protection (FADP) and, if and insofar as applicable, the GDPR and are entitled to the following rights towards us as controller. You can make use of your rights by contacting us to inform us of your request.

 

7.1. Right of information

Each data subject affected by the processing of personal data is entitled at any time to receive information free of charge from the controller about the personal data concerning their person that are stored and a copy of such data.


You can request confirmation from the controller as to whether personal data concerning you are processed by us.

 

7.2. Right of correction

Each data subject affected by the processing of personal data is entitled to request the immediate correction of incorrect personal data relating to them. The data subject is also entitled to request the completion of any incomplete personal data, also by means of a supplementary statement, by taking into account the purposes of the processing.


7.3. Right to restriction of processing

Each data subject affected by the processing of personal data is entitled to request from the controller a restriction of processing if one of the conditions set out by the legislator in the Swiss Federal Act on Data Protection (FADP) and, if and insofar as applicable, Art. 18(1) of the GDPR is applicable.


7.4. Right to deletion

Each data subject affected by the processing of personal data is entitled to request from the controller the immediate deletion of personal data relating to them if one of the reasons cited in the Swiss Federal Act on Data Protection (FADP) and, if and insofar as applicable, Art. 17(1) of the GDPR applies.


7.5. Right to data portability

Each data subject affected by the processing of personal data is entitled to receive the personal data relating to them that has been made available to a controller by the data subject in a structured, current and machine-readable format. They also have the right to transmit these data to another controller without obstruction from the controller to whom the personal data have been made available as long as the processing is based on consent in accordance with the Swiss Federal Act on Data Protection (FADP) and, if and insofar as applicable, Art. 6(1)(a) or Art. 9(2)(a) of the GDPR or on an agreement in accordance with Art. 6(1)(b) of the GDPR and processing takes place by way of automated processes.


7.6. Right of objection

Each data subject affected by the processing of personal data is entitled, for reasons relating to their particular situation, to file an objection at any time to the processing of personal data relating to them carried out on the basis of the Swiss Federal Act on Data Protection (FADP) and, if and insofar as applicable, Art. 6(1)(e) or (f) of the GDPR. This also applies to any profiling based on these provisions.


The company will no longer process the personal data in the event of an objection unless we are able to provide evidence of compelling legitimate grounds for such processing that outweigh the interests, rights and freedoms of the data subject or such processing serves the assertion, exercise or defence of legal claims.


 If the company processes personal data for the purpose of direct marketing, the data subject is entitled at any time to file an objection to the processing of personal data for the purpose of such marketing. This also applies to any profiling connected with such direct marketing. If the data subject objects to processing for the purpose of direct marketing, the personal data will no longer be processed for this purpose.


7.7. Right to revocation of declaration of consent under data protection law

Each data subject affected by the processing of personal data is entitled at any time to revoke their consent to the processing of personal data.
 You have the right to revoke your declaration of consent under data protection law at any time. The revocation of consent does not affect the legality of processing carried out on the basis of consent up to the time of revocation.


7.8. Right to lodge a complaint with a supervisory authority

Without prejudice to any other administrative or judicial redress, you are entitled to lodge a complaint with a supervisory authority, in particular in the member state of your place of residence, workplace or the place of suspected infringement, if you believe the processing of personal data relating to you to violate the Swiss Federal Act on Data Protection (FADP) and, if and insofar as applicable, the GDPR.

 

8. Google Analytics data protection provisions


The controller has integrated the component Google Analytics on this website. Google Analytics uses cookies and generally stores them outside the EU/EFTA. Google uses this information to evaluate the use of the website and compile reports on website activities and Internet usage. Google also by its own account transfers this information to third parties where required to do so by law or if third parties process this data on behalf of Google. The IP address transmitted by the browser in connection with Google Analytics is not combined with any other Google data. Users can prevent the storage of cookies (see “4. Use of cookies”). Users can also prevent the data collected by cookies and relating to their use of the website (including the IP address) from being transmitted to and processed by Google by downloading and installing the browser plug-in available at the following link: https://tools.google.com/dlpage/gaoptout?hl=en.

 

9. Google Analytics Remarketing data protection provisions

 

Our website uses the features of Google Analytics Remarketing in connection with the multi-device features of Google AdWords and Google DoubleClick. The provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.


This feature enables the advertising target groups created with Google Analytics Remarketing to be linked with the multi-device features of Google AdWords and Google DoubleClick so that interest-based, personalised advertising messages adapted to you on one end device (e.g. mobile phone) on the basis of your previous usage and surfing behaviour can also be displayed on another of your end devices (e.g. tablet or PC).


Once you have granted the corresponding consent, Google links your web and app browsing history with your Google account for this purpose. This means that the same personalised advertising messages can be activated on each end device with which you log into your Google account.


In order to support this feature, Google Analytics collects Google-authenticated IDs of the users that are temporarily linked with our Google Analytics data in order to define and create target groups for multi-device advertising.


You can permanently prevent multi-device remarketing/targeting by deactivating personalised advertising in your Google account; to do so, please follow this link: https://adssettings.google.com/authenticated?hl=en.


The pooling of the data collected in your Google account takes place exclusively on the basis of your consent that you can grant to or withdraw from Google (Art. 6(1)(a) of the GDPR). Data collection processes not pooled in your Google account (e.g. because you do not have a Google account or have objected to pooling) are based on Art. 6(1)(f) of the GDPR. The legitimate interest is derived from the fact that the website operator has an interest in the anonymised analysis of website visitors for marketing purposes.


Further information and the data protection provisions can be found in Google’s privacy policy at https://policies.google.com/technologies/ads?hl=en.

 

10. Google AdWords and Conversation Tracking data protection provisions


This website uses Google AdWords. AdWords is an online advertising programme of Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States (“Google”).


As part of Google AdWords, we use so-called conversation tracking. When you click on an advertisement placed by Google, a cookie is set for conversation tracking. Cookies are small text files that the Internet browser stores on the user’s computer. These cookies expire after 30 days and cannot be used to identify the user personally. If the user visits certain pages of this website and the cookie has not yet expired, Google and ourselves can detect that the user has clicked on the ad and been redirected to this website.


Each Google AdWords customer receives a different cookie. The cookies cannot be tracked via the websites of AdWords customers. The information gathered using the conversion cookie is used to generate conversion statistics for AdWords customers who have opted for conversation tracking. Customers are told the total number of users who have clicked on their ad and who were redirected to a page with a conversion tracking tag. They do not, however, receive information which can be used to identify users personally. If you do not wish to participate in tracking, you can prevent this by simply deactivating the Google conversation tracking cookie via your Internet browser under user settings. You will thereafter not be included in the conversation tracking statistics.


‘Conversation cookies’ are stored on the basis of Art. 6(1)(f) of the GDPR. The website operator has a legitimate interest in the analysis of user behaviour in order to enhance both its website and its advertising.


Further information about Google AdWords and Google conversion tracking can be found in Google’s data protection provisions: https://policies.google.com/privacy?hl=en.


You can configure your browser to notify you whenever a cookie is set up, to accept or reject cookies in individual cases, not to accept any cookies at all and to automatically delete cookies when you close your browser. Deactivating cookies can limit the functionality of this website.

 

11. Google Maps data protection provisions


This website uses the Google Maps map service via an API (programming interface). The provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”).


To use the Google Maps feature, it is necessary to store your IP address. In general, this information is sent to a Google server in the USA and stored there. The operator of this website has no further influence on the data transfer.


We use Google Maps for the purpose of presenting our online offers attractively and making the locations we have indicated on our website easy to find. This constitutes a legitimate interest within the meaning of Art. 6(1)(f) of the GDPR.


Further information about data protection with Google can be found at the following link: https://policies.google.com/privacy?hl=en.

 

12. Google Web Fonts data protection provisions

 

This website uses so-called web fonts provided by Google for the uniform presentation of fonts. When retrieving a website, your browser loads the requisite web fonts into its browser cache in order to display texts and fonts correctly.


To do so, the browser you use needs to connect with the servers of Google. As a result, Google receives knowledge that our website has been retrieved via your IP address. The use of Google web fonts takes place for the purpose of a uniform and appealing presentation of our website. This constitutes a legitimate interest within the meaning of Art. 6(1)(f) of the GDPR.


If your browser does not support web fonts, a standard font will be used by your computer.


Further information can be found at https://developers.google.com/fonts/faq and in Google’s privacy policy: https://policies.google.com/privacy?hl=en.

 

13. YouTube data protection provisions

 

 So-called social plug-ins (“plug-ins”) from YouTube are integrated on our website. YouTube is an Internet video portal enabling video publishers to publish video clips free of charge and other users to view, assess and comment on these, also free of charge. YouTube permits the publication of all kinds of videos so that both complete film and television programmes as well as music videos, trailers and videos created by users themselves can be retrieved via the Internet portal.


The operating company of YouTube is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. YouTube, LLC is a subsidiary of Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA.

 

 Each time individual pages of this website that are operated by the controller and into which a YouTube component (YouTube video) is integrated are called up, the Internet browser on the information technology system of the data subject is automatically initiated by the YouTube component to download a presentation of the corresponding YouTube component from YouTube. Further information about YouTube can be found at https://www.youtube.com/intl/en/yt/about/. As part of this technical process, YouTube and Google receive knowledge about which specific subpage of our website is visited by the data subject.


As long as the data subject is simultaneously logged into YouTube, YouTube recognises upon retrieval of a subpage containing a YouTube video which specific subpage of our website the data subject is visiting. This information is collected by YouTube and Google and allocated to the applicable YouTube account of the data subject.


YouTube and Google are always notified via the YouTube component that the data subject has visited our website whenever the data subject is simultaneously logged into YouTube at the time our website is retrieved; this takes place irrespective of whether or not the data subject clicks on a YouTube video. Should the data subject not wish this information to be transferred to YouTube and Google in this way, they can prevent this by logging out of their YouTube account before calling up our website.


The data protection provisions published by YouTube, retrievable from https://policies.google.com/privacy?hl=en, contain details about the collection, processing and use of personal data by YouTube and Google.