Privacy statement
Privacy Statement
Validity
This privacy statement governs how the Sitios association ("Sitios", "we"), c/o Pro Infirmis, Feldeggstrasse 71, 8032 Zürich, Switzerland, handles the personal data of customers and visitors ("you") to its website and mobile applications, e.g. apps, ("website"), regardless of whether these originate from the data subject themselves or from third parties, and regardless of whether the personal data are transmitted to Sitios via the website or via another channel.
Contact us
You can contact us in the following ways:
Verein Sitios
c/o Pro Infirmis
Feldeggstrasse 71
CH-8032 Zürich
hello@sitios.info
www.sitios.info
General information
Sitios offers information on the accessibility of points of interest and feedback options via its website and a smartphone app.
Sitios observes the statutory provisions on data protection. All personal data collected during registration or generated during use and protected by the Swiss Data Protection Act (hereinafter "DSG") or the European General Data Protection Regulation (hereinafter "EU GDPR") will be used exclusively for the purpose of fulfilling the contract, unless you have expressly consented to further use, in particular in accordance with this data protection declaration, or the applicable law permits this. Our employees are obliged to treat personal data confidentially.
As we process most personal data electronically, we have taken appropriate organizational and technical measures (e.g. IT security measures) to ensure that your personal data is protected. We also regularly train our employees in data protection and information security.
What personal data is collected and for what purpose
We may collect from you master data ( display name, surname, first name, company, address, e-mail, etc. ), your entries in our database with date, your online preferences (in particular your needs profile, subscribed messages, language) as well as your comments and feedback.
For commercial users , we may also collect usage data and payment data and specific data about the entries for which commercial users are responsible.
We use this personal data to communicate with you, for evaluation, in the case of commercial users to conclude and process transactions with you, to operate the website, for billing or market research and for marketing, for example to analyze our customer base or to contact you by post, e-mail or text messages. We may also supplement your master data in our database with industry information and interests.
Input fields for personal data that are mandatory for the use of our services are marked accordingly when they are collected. The provision of personal data in other fields is voluntary. You can inform us at any time that you no longer wish this voluntarily provided personal data to be processed (see section 13Your rights).
We may collect personal data about your creditworthiness in order to protect ourselves against payment defaults.
Your surfing and app usage data is then collected. This includes, for example, information about which app or browser and which browser version you used to visit the website and when, which operating system you use, from which website you accessed our website via a link, and which elements of the website you use and how. This personal data is stored together with the IP address of your access device. They are used to display our website correctly and to optimize our systems, to protect against attacks or other legal violations and to personalize the systems for you. We do not draw any conclusions about the persons concerned from this surfing and usage data and only evaluate the personal data anonymously, unless we need the personal data to clarify legal violations.
Storage period
We only process personal data for as long as necessary for the respective purpose or as required by law.
If you have set up an account with us, we will retain the master data you provide for an unlimited period. However, you can request the deletion of the account at any time (see section 13Your rights). We will delete the master data unless we are required by law to retain it.
Deletion can take place immediately or as part of periodic deletion runs.
If we wish to refuse further business contacts with a data subject due to misuse, payment defaults or other legitimate reasons, we will retain the relevant personal data for five years, or ten years in the event of recurrence.
Processing by third parties and abroad
We may also have personal data processed by third parties for the aforementioned purposes.
These companies are marketing and market research companies, companies that carry out the technical operation of our information technology for us (outsourcing partners), operators of analysis services (see section 8) , financial service providers, debt collection companies or lawyers and authorities. If we commission third parties to process personal data, the third party will be carefully selected and must take appropriate security measures to guarantee the confidentiality and security of your personal data.
Processing by us or the named third parties may also take place in other European or non-European countries. We ensure that sufficient contractual guarantees are in place to ensure that such a third party uses the personal data in accordance with the legal requirements and exclusively in the interests of Sitios. These guarantees are based on the standards of the European Commission (also recognized in Switzerland). You have the right to inspect the corresponding guarantees in the respective contracts.
We have commissioned the following third parties to process personal data:
- Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA;
- YouTube LLC, 901 Cherry Avenue, San Bruno, CA 94066, USA;
- Amazon Web Services (AWS), Amazon Web Services, Inc, 410 Terry Avenue North, Seattle WA 98109, USA;
- Heroku by Salesforce, 415 Mission Street, Suite 300, San Francisco, CA
94105, USA ; - CAOS AG (ZITADEL), Lerchenfeldstrasse 3, 9014 St. Gallen, CH;
- N ew Relic Inc, 188 Spear Street, Suite 1200, San Francisco, CA 94105;
- SolarWinds Worldwide LLC, 7171 Southwest Parkway, Bldg 400, Austin, TX 78735.
Sitios has the right to transfer the operation of the platform to other organizations and, for this purpose, to transfer the data processed in accordance with this privacy statement to the new organization.
Obtaining personal data from third parties
We also use data from third-party sources for our accessibility database. This is data about companies (restaurants, hotels, etc.) or similar establishments that is freely available. We endeavor to refrain from collecting personal data in this context and instruct the contributors to our database accordingly . If we nevertheless process personal data in individual cases, the data subjects have the rights set out in para. 13 below.
Analysis services
We use third-party services to analyze your surfing behavior. In some cases, we also integrate content from other websites.
We use analysis services to measure and evaluate the use of the website and the app.
In the case of analysis services, the personal data collected in this way is transmitted anonymously to servers of the commissioned third parties abroad, including in the USA.
Cookies and pixel tags
We use cookies and pixel tags on our website.
Cookies are data packets that are sent from our website's web server to your browser, stored on your computer and can be retrieved by the web server on a subsequent visit. Cookies store information about your online preferences and enable us to improve your surfing experience. A distinction is made between session cookies and permanent cookies.
Session cookies are used to assign information stored on the server during a specific visit to our website (e.g. in the online store) to you or your Internet browser each time you visit (e.g. so that the contents of your shopping cart are not lost). Session cookies are deleted after you close your Internet browser.
Permanent cookies are used to save your default settings (e.g. the language of the website) over several visits to our website, i.e. even after you close your Internet browser, or to enable automatic login. Permanent cookies are only deleted after your Internet browser settings have been changed (e.g. one month after your last visit). By using our website, you consent to the use of permanent cookies.
You can delete existing session or permanent cookies in your Internet browser at any time and deactivate the setting of further cookies in your browser settings. However, deactivation may impair the functions of our website.
When you visit our website, you will be asked whether you wish to deactivate the use of cookies, except for the cookies required for the operation of the website.
Pixel tags (also known as tracking pixels, web beacons, clear GIFS or canvas) are small graphics that are loaded into your Internet browser when you visit our website. When the pixel tag is called up by your Internet browser, certain information is stored in the log files of the relevant server (e.g. the date and time of your web visit or certain data about your end device, such as the screen resolution or its IP address).
Legal basis of the processing
The legal basis for the processing of personal data by us is generally Article 31(2)(a) FADP (processing directly related to the conclusion or performance of a contract; corresponds to Article 6(1)(b) EU GDPR) and Article 31(1) FADP (consent of the data subject or obligation to process by law; corresponds to Article 6(1)(a) EU GDPR).
In cases in which we wish to refuse to conclude contracts with data subjects in the future due to abuse, payment default or for similar legitimate reasons, we reserve the right to retain the surname, first name, address and e-mail address of a data subject as well as the personal data relating to the circumstances of the case in question on the basis of Article 31 paragraph 1 FADP (corresponds to Article 6 paragraph 1 letter f EU GDPR) in our own interest.
The processing of your personal data by other Group companies is also based on Art. 31 para. 1 FADP (corresponds to Art. 6 para. 1 letter f EU GDPR).
Your rights
Upon request, we will provide any data subject with information as to whether and, if so, which personal data relating to them is being processed (right to confirmation, right to information).
At your request:
- we partially or completely refrain from processing personal data (right to withdraw your consent to the processing of personal data that is not absolutely necessary; right to be forgotten). We will also communicate your request to be forgotten to third parties to whom we have previously forwarded your personal data.
- we will rectify the relevant personal data (right to rectification);
- we will restrict the processing of the relevant personal data (right to restriction of processing; in this case, we will only store your personal data or use it to protect our legal claims or the rights of another person);
- you will receive the personal data concerned in a structured, commonly used and machine-readable format (right to data portability ).
To make such a request to exercise a right described in this section, for example if you no longer wish to receive email newsletters from us or wish to delete your account, please use the relevant function on our website or contact our Data Protection Officer or an employee as described in section 2 (Contact).
If we do not comply with a request, we will inform you of the reasons for this. For example, we may legally refuse to erase your personal data if it is still required for the original purposes (e.g. if you continue to receive a service from us), if the processing is based on a compelling legal basis (e.g. statutory accounting requirements), or if we have an overriding interest of our own (e.g. in the event of a legal dispute against the data subject).
If we assert an overriding interest in the processing of your personal data, you still have the right to object to the processing if your particular situation results in a different balancing of interests compared to other data subjects (right to object). This could be the case, for example, if you are a person of public interest or if the processing creates the risk that you will be harmed by third parties.
If you are not satisfied with our response to your request, you have the right to lodge a complaint with a competent supervisory authority, for example in your country of residence or at the registered office of Sitios (right to lodge a complaint).
Severability clause and amendments
Should individual provisions of this privacy statement be invalid, incomplete or unenforceable, the remaining provisions of this privacy statement shall remain in force.
Due to the further development of our website and offers or due to changed legal or official requirements, it may become necessary to change this data protection declaration. You will be informed about the changes.
Applicable law and place of jurisdiction
This privacy statement and the contracts concluded based on or in connection with this privacy statement are subject to Swiss law, unless the law of another country is mandatorily applicable. The place of jurisdiction is the registered office of Sitios, unless another place of jurisdiction is mandatory.