Data Protection

With this statement, we provide you with information about how we handle and protect personal data on our website.

In this statement, we explain:

• who processes personal data
• Which personal data we process
• For which purposes we process personal data,
• On which legal basis we process personal data,
• Who we share personal data with
• How long do we store personal data
• whether you are required to provide us with personal data, and
• What rights you have as a data subject in the European Union.

The Swiss Data Protection Act applies to our data processing. Under certain circumstances, the European General Data Protection Regulation may also apply, which we abbreviate as GDPR below.

We can amend this privacy policy at any time. The version published on our website applies in each case.

Date of last change: January 1, 2024

The person responsible within the meaning of data protection law is:

areg.ch
Fabrikstrasse 10
CH-4614 Hägendorf
switzerland
www.areg.ch
info@areg.ch

‍

If you have a question or concern about data protection, please contact:

areg.ch
Christoph Egger
Fabrikstraße 10
CH-4614 Hägendorf
switzerland
www.areg.ch
info@areg.ch

When you visit our website (www.areg.ch), our server creates a so-called log file. In it, we collect and process the following data:

The IP address from which our website was accessed. This is a number used on the Internet that can be used to communicate on the Internet.

The date and time of access to our website.

HTTP protocol information, such as protocol type, protocol version, HTTP requests, status codes, information about the transferred data. This is technical data that is generated by network traffic on the Internet.

Error messages that occurred during access.

The type and version of the browser that the user is using, its operating system and the model of the computer or mobile device.

The website from which the user accesses our website.

Contact form

If you use our contact form We use, collect and process the following data:
firm
First and last name
phone number
email address
The date and time the message was sent
Message that you send to us

Social plugins

Our contact page uses a Google Maps plugin. Google Maps is a map service provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, California 94043, USA. When you access the contact page, your browser creates a direct connection with Google's server and the map content is transmitted directly to the browser by Google. Personal data (including IP address, date and time of visit, location data) may be transmitted to Google. We have no influence on the further processing of personal data by Google. For more information about Google's privacy protection, please here.

Cookies

We use cookies (small text files on your computer) to display our website correctly, to save your user preferences (e.g. language settings) and for security reasons (e.g. to prevent malware or spam messages).

‍

We collect and process personal data for the following purposes:

With regard to log files: We use this data to understand and solve technical problems, to troubleshoot, to ward off attacks on our infrastructure, to support analyses in the event of a hacker attack and to compile visitor statistics to our website. We do not use this data for direct marketing, profiling or automated decisions in individual cases.

With regard to contact form data: We use this information to understand your concerns and to contact you about them. We do not use this data for direct marketing, profiling or automated decisions in individual cases.

With regard to cookies: We use cookies to display our website correctly, to save your user preferences (e.g. language settings), to measure user behavior on our website and for security reasons (e.g. to prevent malware or spam messages).

If the GDPR applies to the processing of your personal data, we must provide you with the so-called legal basis for data processing at this stage.

We collect and process personal data on the basis of the following legal bases.

With regard to log files: We may process the data because we have a legitimate interest in accordance with Article 6 (1) (f) GDPR. This consists of understanding and solving technical problems, finding errors, fending off attacks on our infrastructure, carrying out analyses in the event of a hacker attack and compiling visitor statistics.

With reference to data from the contact form. The contact form may contain personal data about our customers as well as about third parties.

If the data relates to the customer: We may process the data as this is necessary in accordance with Article 6 (1) (b) GDPR to fulfill a contract or to carry out pre-contractual measures taken at the request of the data subject.

If the data does not relate to the customer: We may process the data because we and our customers have a legitimate interest in accordance with Article 6 (1) (f) GDPR. This consists of offering, providing and invoicing services to our clients in the area of the share register and the general meeting.

With regard to cookies: We may process the data because we have a legitimate interest in accordance with Article 6 (1) (f) GDPR. This consists of ensuring the security and functionality of our website and providing you with a pleasant user experience on the website.

We disclose personal data to the following persons:

to contract processors who process personal data on our behalf, in particular IT service providers.

All our contract processors (e.g. IT service providers) process personal data in Switzerland. Swiss data protection law provides an appropriate level of data protection. You can the European Commission's adequacy decision hereretrieve.

We reserve the right to transfer data to third countries as part of the use of social plug-ins (see section 2.1). Google is affiliated with the so-called Privacy Shield and thus offers an appropriate level of data protection in accordance with the GDPR and Article 6 (1) of the Swiss Data Protection Act. You can the European Commission's adequacy decision here download the Privacy Shield guidelines from the Federal Data Protection and Information Commissioner here.

We store personal data as follows:

With regard to log files: The data remains on our systems until operational necessity ceases and the legal or contractual deadlines have expired and is then automatically deleted. For most data, the maximum storage period is one year.

With regard to data from the contact form: We delete the data from the contact form after we have processed your request.

With regard to cookies: Most of our cookies are deleted after the session between your browser and our servers has ended. Certain cookies for saving user preferences (e.g. language settings) are deleted after one year.

In order for us to be able to provide you with our services, you must provide us with at least the following information: Your contact and billing details.

If your personal data is processed and the GDPR is applicable, you have the following rights vis-à-vis us:

Right to information. You can request confirmation from us as to whether we process personal data concerning you. If so, you can request information from us about this personal data as well as the following information: the purposes for which we process it;
the categories of personal data that we process;
the recipients or categories of recipients to whom the personal data have been or will be disclosed;
the planned period of storage of personal data or, if specific information is not possible, criteria for determining the storage period;
the existence of a right to correct or delete personal data, a right to restrict processing or a right to object to this processing;
the existence of a right to lodge a complaint with a supervisory authority;
all available information about the origin of the data if the personal data is not collected from the data subject;
the existence of automated decision-making, including profiling, in accordance with Article 22 (1) and (4) GDPR and — at least in these cases — meaningful information about the logic involved and the scope and intended effects of such processing for the data subject.

You have the right to request information as to whether personal data concerning you is transferred to a third country or to an international organization. In this context, you may request to be informed of the appropriate guarantees in accordance with Article 46 GDPR in connection with the transfer.

Right to rectification. You have the right to correct and/or complete personal data if the processed personal data is incorrect or incomplete. We must make the correction immediately.

Right to restrict processing. You can request that the processing of personal data be restricted under the following conditions: if you dispute the accuracy of the personal data for a period of time that enables us to verify its accuracy;
if the processing is unlawful and you refuse to delete the personal data and instead request that the use of the personal data be restricted;
if we no longer need the personal data for processing purposes, but you need it to assert, exercise or defend legal claims; or
if you have filed an objection to processing and it is not yet clear whether our legitimate reasons outweigh your reasons.

If the processing of personal data has been restricted, this data — apart from storage — may only be processed with your consent or to assert, exercise or defend legal claims or to protect the rights of another natural or legal person or for reasons of important public interest of the European Union or one of its member states

If the restriction of processing has been lifted in accordance with the above conditions, we will inform you when we remove the restriction.

Obligation to delete. You can request that we delete the personal data immediately, and we are required to delete this data immediately if one of the following reasons applies:
The personal data is no longer necessary for the purposes for which we collected or otherwise processed it.
You object to the processing and there are no overriding legitimate reasons for the processing.
The personal data was processed unlawfully.

The right to deletion does not exist insofar as processing is necessary to assert, exercise or defend legal claims.

Right to be informed. If you have asserted the right to correct, delete or restrict processing, we are obliged to notify all recipients to whom the personal data has been disclosed of this correction or deletion of the data or restriction of processing, unless this proves impossible or involves disproportionate effort.

Right of objection. For reasons arising from your particular situation, you have the right to object at any time to the processing of personal data that we process on the basis of a legitimate interest.

In this case, we will no longer process the personal data concerning you, unless we can prove compelling legitimate grounds for processing that outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.

Right to lodge a complaint with a supervisory authority. Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement, if you believe that the processing of personal data infringes the GDPR. A list of supervisory authorities can be found here.