With this Privacy Policy, we are informing you about the processing of personal data in connection with our comlab.ch website and our other online services.

For individual and additional offers and services, additional, special and supplementary privacy policies as well as legal documents such as General Terms & Conditions, Conditions of Use or Eligibility Requirements may be applicable.

Our online services shall be subject to the Swiss data protection legislation as well as to any applicable foreign data protection legislation, in particular the one of the European Union (EU) including the General Data Protection Regulation (GDPR). The EU acknowledges that the Swiss data protection legislation guarantees an adequate level of data protection.

1. Contact Addresses

1.1 Responsibility for the Online Services

1.2 Data Protection Representation in the EU and in the EEA

We have the following data protection representation in the European Union (EU) or in the European Economic Area (EEA) including the Principality of Liechtenstein pursuant to Art. 27 GDPR as an additional point of contact for supervisory authorities and data subjects for enquiries relating to the General Data Protection Regulation (GDPR):

VGS Datenschutzpartner UG
Am Kaiserkai 69
20457 Hamburg
Germany

2. Processing of Personal Data

2.1 Definitions

Personal data shall include any information that relates to an identified or identifiable person. A data subject shall be any person whose personal data is processed. Processing shall comprise any handling of personal data, irrespective of the means and procedures applied, in particular any collection, destruction, disclosure, erasure, modification, retention, storage, and utilisation of personal data.

2.2 Lawfulness of Processing

We process personal data in accordance with the Swiss data protection legislation, in particular, as in the Federal Act on Data Protection (FADP) and the Ordinance to the Federal Act on Data Protection .

We process personal data in accordance with at least one of the following legal bases, insofar and inasmuch as the General Data Protection Regulation (GDPR) of the European Union (EU) is applicable:

  • Art. 6 (1) point (b) GDPR for the required processing of personal data for the performance of a contract to which the data subject is party as well as in order to take steps prior to entering into a contract.

  • Art. 6 (1) point (f) GDPR for the required processing of personal data for the purposes of the legitimate interests pursued by us or by a third party, except where such interests are overridden by the fundamental rights and freedoms as well as by interests of the data subject. Legitimate interests are in particular our interest in providing and advertising our online services in a permanent, user-friendly, safe and reliable manner, information security as well as any protection against misuse and unauthorised use, the enforcement of own legal claims and compliance with the Swiss legislation.

  • Art. 6 (1) point (c) GDPR for the required processing of personal data for compliance with a legal obligation to which we are subject according to any applicable legislation of the EU or according to any applicable legislation of any country in which the GDPR is applicable either in whole or in part.

  • Art. 6 (1) point (e) GDPR for the required processing of personal data for the performance of a task carried out in the public interest.

  • Art. 6 (1) point (a) GDPR for the processing of personal data with the consent of the data subject.

  • Art. 6 (1) point (d) GDPR for the required processing of personal data in order to protect the vital interests of the data subject or of another person.

2.3 Type, Scope and Purpose

We shall process any personal data that is required to enable us to provide our online services in a permanent, user-friendly, safe and reliable manner. Such personal data can fall into the categories of existing and contact data, content data, meta data and usage data as well as contract data and payment data.

We shall process personal data for any duration that is required for the respective purpose or the respective purposes, or required by law. Personal data, the processing of which is no longer required, shall be anonymised or erased.

In principle, we shall process personal data only after the consent of the data subject has been given, unless processing is permissible for any other legal reasons, for example for the performance of a contract to which the data subject is party and for corresponding measures prior to entering into a contract to safeguard our prevailing legitimate interests, since such processing is apparent from the circumstances or after prior information.

In this context, in particular, we process data which the data subject has communicated to us in making contact – for example via letter post, email, contract form, social media or telephone – voluntarily and on her own. We may store such information for example in an address book, customer relationship management system (CRM system) or using comparable aids. If you transmit personal data from third parties to us, you are obligated to guarantee the data protection for such third parties as well as to ensure the accuracy of such personal data.

We also process personal data which we receive from third parties, collect while providing our online services or procure from publicly accessible sources, insofar and inasmuch as such processing is legally permissible.

Personal data from job applications shall only be processed if such personal data affect the suitability for an employment contract or are required for the later performance of an employment contract. The personal data which is required for an job application arise from the requested or communicated details, for example, within the context of a job description. Applicants have the option of transmitting further details for their applications.

2.4 Processing of Personal Data by Third Parties as well as within the Group

We can have personal data processed by third parties such as, in particular, contract processors, or process personal data together with third parties as well as with the aid of third parties, or transmit personal data to third parties. Such third parties are in particular suppliers and other service providers.

We can also have personal data processed within the Comlab group, in particular by sister companies or subsidiaries, or process personal data together with such companies as well as with the aid of such companies, or transmit these to third parties.

Such third parties and companies are generally located in Switzerland or the European Union (EU) or in the European Economic Area (EEA). However, such third parties and companies can also be located in other states in the world and elsewhere in the universe, provided their data protection regulations guarantee adequate data protection according to the evaluation of the Federal Data Protection and Information Commissioner (FDPIC) and – if and to the extent that the General Data Protection Regulation (GDPR) of the EU is applicable – according to the evaluation of the European Commission, or if for other reasons, such as through a corresponding contractual agreement, particularly based on standard contract clauses, or a corresponding certification, adequate data protection is guaranteed. For third parties and companies in the United States of America (USA), the certification in accordance with the Privacy Shield can guarantee an adequate level of data protection. As an exception, such a third party or such a company can be located in a country without adequate data protection, provided the data protection requirements such as, for example, the express consent of the data subject, are fulfilled.

3. Rights of Data Subjects

Any data subjects whose personal data is processed by us shall have the rights according to the Swiss data protection legislation. This shall include the right to information as well as the right to block, correct or erase the personal data processed.

Any data subjects whose personal data is processed by us, if and to the extent that the GDPR is applicable, may request a confirmation free of charge as to whether we process their personal data and, if yes, information about the processing of their personal data, may have the processing of their personal data restricted, may exercise their right to data portability and may have their personal data blocked, completed, corrected or erased ("right to be forgotten").

Any data subjects whose personal data is processed by us, if and to the extent that the GDPR is applicable, may revoke at any time any consents given and may raise an objection against any processing of their personal data at any time effective for the future.

Any data subjects whose personal data is processed by us shall have the right to file a complaint with any supervisory authority in charge. The supervisory authority in charge of data protection in Switzerland is the Federal Data Protection and Information Commissioner (FDPIC).

4. Data Security

We shall take reasonable and adequate technical and organisational measures to ensure data protection and data security. In any case, the processing of personal data on the internet can always have security vulnerabilities in spite of such measures. Therefore, we cannot ensure absolute data security.

Any access to our online services are secured using transport encryption (SSL / TLS with HTTPS).

5. Use of the Website

5.1 Cookies

We may use cookies for our website. Cookies are data – also from third parties whose services we use (third-party cookies) – often in the form of text files which are stored in your browser. Cookies cannot execute programmes or transmit malware, such as Trojans and viruses.

When you visit our website, cookies may be temporarily stored in your browser as so-called "session cookies" or for a certain period of time as so-called permanent cookies. "Session cookies" are automatically erased when you close your browser. Permanent cookies in particular enable us to recognise your browser when you visit our website again, and thus allow us to measure the reach of our website, for example. However, permanent cookies can also be used for online marketing purposes.

You may disable and delete cookies in your browser settings in whole or in part at any time. Without cookies, however, our online services may no longer be available to their full extent. We ask you – if and to the extent required – to consent to the use of cookies.

With cookies which are used for analytics and marketing, you can make a general objection to these for numerous services ("opt-out") via Networking Advertising Initiative, YourAdChoices (Digital Advertising Alliance) and / or Your Online Choices (European Interactive Digital Advertising Alliance, EDAA).

5.2 Log Files

We may record the following details for each access to our website, provided these can be transmitted from your browser to our server infrastructure or transmitted from our web server: Date and time including time zone, Internet Protocol (IP) address, access status (HTTP status code), operating system including user interface and version, browser including language and version, individual sites accessed and the amount of data transferred, last website accessed (referer / referrer).

We store such details which may also represent personal data, in log files. The data is required to enable us to provide our online services permanently, safely and reliably and in a user-friendly manner in order to ensure data security and thus, in particular, the protection of personal data, also by third parties or with the help of third parties.

6. Third-Party Services

We may use the services of third parties in order to provide our online services permanently, safely and reliably and in a user-friendly manner. Such third-party services also allow us to embed content into our online services. Such third-party services – for example hosting and storage services such as jsDelivr (Privacy Policy) – require your Internet Protocol (IP) address, as otherwise such services cannot transmit the corresponding content. Such third-party services can be located outside of Switzerland and the European Union (EU) or the European Economic Area (EEA) provided an adequate level of data protection is guaranteed.

For their own safety-related, statistic and technical purposes, services from third parties can also process data in connection with our online services as well as from other sources – among other things with cookies, log files and tracking pixels – in anonymised, aggregated or pseudonymised form. Such data shall not be used to reach data subjects in connection with our online services.

6.1 JavaScript Libraries

We use jQuery, a free JavaScript library from the JS Foundation. We incorporate the library using jQuery.com so that we can improve the speed of our website. jQuery is supplied in this context via the content delivery network (CDN) StackPath, a service from StackPath LLC in America. They may also use cookies. Further details about the type, scope and purpose of data processing can be found in the Privacy Policy of StackPath.

We use jQuery, a free JavaScript library from the JS Foundation. We incorporate the library via the content delivery network (CDN) Google Hosted Libraries (domain name ajax.googleapis.com) so that we can improve the speed of our website. Cookies are only used here if they are required for the prevention of misuse and for purposes related to security. This is a service offered by American Google LLC, offered independently of other Google services. Further details about the type, scope and purpose of data processing can be found in the Principles for Data and Security and in the Privacy Policy of Google as well as in the Conditions of use for Google Hosted Libraries.

6.2 Social Media Functions

We use AddThis to allow you to share contents from our online services on social media and other online platforms as well as to use other social media functions. Cookies are also used in the course of this service. AddThis is a service provided by the American Oracle Corporation. Further details about the type, scope and purpose of data processing can be found on the page on data processing and data protection of AddThis and in the Privacy Policy of Oracle. You also have the option of opting out of personalised advertising.

7. Final Provisions

We may adapt and add to this Privacy Policy at any time. We will inform you of such adaptations and additions in a suitable form, in particular by publishing the respective valid Privacy Policy on our website.

COMLAB Deutschland GmbH
Itterpark 2 | D-40724 Hilden
Phone +49 30 755 45 26 70
Fax +49 30 755 45 26 71

COMLAB (Beijing) Co., Ltd
Ground Floor | Tower B | Zhongchu Building N023
ShijingshanLu | Shijingshan District Beijing 100049 | P.R. China
Phone +86 (0) 10 6888 0043
Fax +86 (0) 10 6886 0561
Hotline/Support 4006-50-8108

www.comlab.cn