Privacy Policy

Protecting your personal data is important to us. You can expect us to be sensitive and careful with your data and ensure a high level of data security.

We collect and use your personal data exclusively within the framework of the applicable data protection regulations.

This Privacy Policy applies to personal data that we have received from individuals through various sources (customers, suppliers, business partners, websites, social media).

1 Contacts

1.1    Name and address of responsible party 
The party responsible for the processing of your data is:

SIGA Services AG 
Rütmattstrasse 7
CH-6017 Ruswil 
E-Mail: webmaster@siga.swiss
Telefon: +41 (0) 41 499 69 69
Internet: http://www.siga.swiss

1.2    Name and address of representative in the EU
The representative in the EU for the responsible party is:

SIGA Cover GmbH
Hauptpl. 12
85276 Pfaffenhofen an der Ilm
Germany
E-Mail: webmaster@siga.swiss

2 Extent and Purpose of Collection, Processing and Use of Personal Data

Personal data is ‘any information relating to an identified or identifiable natural person’. Online identifiers, such as IP addresses may be considered as personalised data, unless they are deliberately made anonymous.

We process your personal data for the following purposes:

  • Enquiries via contact forms
  • Customer support
  • Making an appointment
  • Opening an account
  • Orders (such as in our online shop)
  • Applications (via online form or email)
  • Marketing purposes
  • Optimisation of the website (adapting the website to your needs)
  • Defence against and recording of hacking attacks
  • Generating usage statistics
  • Needs assessment (such as via surveys and evaluations)

2.1 Visits to the Website

When you visit our website, our servers temporarily store the following data in a log file, the so-called server log files:

  • IP address of the requesting computer
  • Date and time of access/retrieval
  • Name and URL of the retrieved data
  • Operating system of your computer and the browser you are using
  • The country from which the access to our website occurred
  • Name of your Internet access provider
  • Time zone difference from Greenwich Mean Time (GMT)
  • Content of the request (concrete page)
  • Access status/HTTP status code
  • Amount of data transferred in each case
  • Last visited website
  • Browser settings
  • Language and version of browser software
  • Activated browser plugins

We have a legitimate interest in temporarily storing your personal data and the log files. That legitimate interest is

  • To accurately deliver the information on our website
  • To optimise the content of our website and the advertising for it
  • In the event of a cyber-attack, to provide law enforcement agencies any information necessary for law enforcement
  • To continue to improve our services and our website
  • To collect statistical data
  • To process orders in our online shop

2.2 Newsletter

If you wish to subscribe to our newsletter, we need your email address.

After you sign up for our newsletter, our legitimate interest in processing your data lies in providing our existing business customers (business-to-business) with information and advertising about our products.

For the newsletter subscription, we use the so-called double opt-in procedure. This means that, after your give us your email address, we will send a confirmation email to the specified email address, requesting that you to confirm whether you wish to receive our newsletter. You can confirm by clicking on an activation link provided in the confirmation email.

The dispatch of our newsletter takes place via ‘MailChimp’, a newsletter delivery platform of the US vendor Rocket Science Group, LLC, 675 Ponce De Leon Ave NE #5000, Atlanta, GA 30308, USA. The email addresses of our newsletter recipients, as well as additional details mentioned here, are stored on MailChimp servers in the US. MailChimp uses this information for distribution purposes and to evaluate the newsletter on our behalf. In addition, MailChimp may use this data for optimising and improving its own services, such as email, technical optimisation of distribution and presentation of the newsletter or for economic purposes in order to determine which countries the recipients come from. However, MailChimp does not use data of our recipients to correspond directly with them with or with third parties. We have faith in the reliability of MailChimp and their data security measures. MailChimp is certified under the US-EU Data Protection Agreement ‘Privacy Shield’ and thereby commits itself to comply with EU data protection requirements. (https://www.privacyshield.gov/participant?id=a2zt0000000TO6hAAG).

We also have a ‘Job processing contract’ with MailChimp. This is a contract in which MailChimp has committed to protecting on our behalf the privacy of our users’ data in accordance with its privacy policy, and in particular not to disclose it to third parties. (https://mailchimp.com/legal/forms/data-processing-agreement/).

MailChimp’s Privacy Policy is available here (https://mailchimp.com/legal/privacy/).

You have the option to unsubscribe from our newsletter at any time. A link for cancelling the newsletter can be found at the end of every newsletter. To do this, click on the appropriate button in the newsletter that you receive. You also have the option of sending your request to the following email address:  newsletter@siga.swiss .

2.3 Making Contact

On our website, you can get in touch with us by using the contact form and/or you can send us an email. The data collected on the contact form can be seen on the contact form in question.

This data is stored and used only for the purposes of answering your request or for technical administrative purposes in order to make contact.

Our legitimate interest as well as your’s lies in responding to your needs. If you are making contact in connection with the fulfilment of a contract to which you are a party, or within the context of pre-contractual steps, then this is an additional legal basis for processing your personal data.

You can always opt out of this data processing at any time. Please send your opt-out request to the following email address: webmaster@siga.swiss

2.4 Promotional Use

We use your personal data on the basis of our legitimate interest for the following purposes:

  • For ongoing improvement of your shopping experience and to make it more customer-friendly and personal
  • To communicate with you about your orders
  • To communicate with existing business customers (business-to-business) from time to time about specific products or marketing campaigns that require your email address
  • To recommend products or services that might interest you

 

At any time, you have the right to opt out of our direct mail or to unsubscribe from it: webmaster@siga.swiss

2.5 Comments

It is possible for you to offer comments. To do this, we need your name or a pseudonym. We request this information in order to permit transparent and personalised communications between authors and those making comments.

Additionally, your IP address and email address may be recorded or queried. This is done for our security in case someone leaves illegal content in their comments. Also, storing this information can prevent spam.

The personal information you provide will not be merged with other data.

2.6 Market Research

We do not use data collected in the context of market research for commercial purposes. Detailed information (in particular for evaluating your disclosures) can be found in the context of the survey or where you provide information. Your survey responses will not be disclosed to third parties or published.

The legal basis for the processing of your personal data is the existence of an agreement and/or a legitimate interest.

2.7 Online-Shops

2.7.1 General

If you wish to take advantage of the services of our online shops at webshop.siga.swiss, you need to provide us with data required to process your order. Mandatory contractual obligations required for processing are marked separately. Additional information is voluntary.

During order processing, our service providers will receive the data necessary for orders and order processing. This data includes several items, such as your email address and telephone number, in order, for example, to set up an individual delivery date for you. More information about data protection at these vendors is available on their websites.

2.7.2 Setting up a Customer Account

When you open an account, you will be given password-protected direct access to the data that we have stored about you (such as your name and address). On your customer account, you can view data about orders you have placed and about orders recently dispatched.

To process your order, we need your correct name, address and numerical data. We need to have your email address so that we can confirm the receipt of your order and its shipping status, and also to communicate with you in general. We also use your email address for identification (your login name) when you log in to your account.

Customer accounts are not public and cannot be indexed by search engines. If you close your account, the related data, subject to legal retention requirements, will be deleted. If you terminate your contract before it ends, you are responsible for backing up your personal data. We reserve the right to permanently delete all data stored during the contract period.

2.7.3 Customer Accounts

You may use your account to log in to our online store.

If you do not log out of your account, you will remain automatically logged in for a certain period on the device used. This feature allows you faster access to the online store.

When you create an account or revise data you have previously provided, this data will be permanently stored in your account settings and can be used for future orders without re-entering it.

If you have set up an account at our online store, your personal data will be used to process your order and make it easy to process future orders. To prevent unauthorised third party access to your personal data, the ordering process is encrypted using TLS technology.

When you register or re-register for our online services, we store your IP address and the time of day for all user activity. Storage is based on our legitimate interests and protection against misuse and other unauthorised use. In principle, there is no disclosure of this data to third parties unless such is necessary for the pursuit of our claims or there is a legal obligation. We process usage data (such as web pages visited in connection with our online services, interest in our products) and content data (such as entries in a contact form or user profiles) for commercial purposes in a user profile so that we can make suggestions based on previously used services.

2.8 Online Applications

If you apply for a job with us, we will use your data in order to process your application. During the application process we will store information in our applicant database, such as your personal details, postal and contact addresses and other documents that are part of your application, including a cover letter, your CV and certificates. In addition, applicants may voluntarily submit additional information. This data is stored exclusively in connection with your application and will be analysed, edited and disclosed internally. The data may also be processed for statistical purposes (such as reporting). In this case, no conclusions regarding individuals would be possible. By submitting your application to us, you consent to the processing of your data for the purposes of the application process.

Apart from this, your application data will be processed by a host provider on our behalf on the basis of contracts pursuant to Article 28 of the General Data Protection Regulation (GDPR)

The legal basis for the processing of your personal data is a common interest in the processing of your application. If your application information is processed in connection with the fulfilment of a contract to which you are a party, or within the context of pre-contractual steps, then this will be an additional legal basis for processing your personal data.

If we enter into an employment contract with you, the data transmitted will be stored for the purpose of processing the employment relationship in compliance with the legal requirements. If the application process does not result in your employment, your personal records will be stored for six months and will then be deleted unless you have given us consent to use your information for further application procedures.

Quite aside from the foregoing, you have the option of deleting your electronic data at any time. Your deletion request may be sent to the person designated as a contact person or to:  hr@siga.swiss .

3 Deletion

We process and store your personal data only for the time needed to achieve the storage purpose or as provided by laws or regulations to which we are subject. If the storage purpose ceases to exist and a prescribed retention period expires, your data will be locked or deleted routinely and as required by law. If your data is not deleted because it is needed for other lawful purposes, processing will be restricted.

In addition, we will delete your data if you send a request to webmaster@siga.swiss and we have no legal or contractual retention obligations or other processing obligations with regard to such data.

4 Disclosure to Third Parties

We will disclose your personal data outside the SIGA group only if you have expressly agreed to this. We are obliged by law to have a legitimate interest in this or this must be necessary to enforce our rights, in particular the enforcement of claims arising from the contractual relationship. In addition, we will disclose your information to third parties if this is required for use of the website or is necessary to provide you the requested services. The use of the data disclosed to third parties is strictly restricted to the above-mentioned purposes.

We disclose certain items of your personal data to the following categories of recipients in the EU/EEA/CH areas, but at the same time we ensure the protection of your personal data:

  • Companies of the SIGA Group
  • Operators of information technology, financial and travel services
  • Hosting providers
  • Transport and logistics companies
  • Official authorities

Your details are stored in our customer relationship management system (‘CRM’) are stored. We use the CRM system FileMaker/MS Dynamics on the basis of our legitimate interests (efficient and fast processing of user requests, customer service, marketing). To this end, we have entered into a contract with Microsoft containing so-called standard contractual clauses. Under this contract, Microsoft is committed to the processing of user data only in accordance with our instructions and in compliance with EU data protection standards. Microsoft is also certified under the Privacy Shield agreement and thus provides an additional guarantee of compliance with European data protection legislation (https://www.privacyshield.gov/participant?id=a2zt0000000KzNaAAK).

Various third-parties are also explicitly mentioned in this Privacy Policy (e.g. in Section. 8 ‘Web Analysis Tools’). On the basis of our legitimate interests, (such as an interest in the analysis, optimisation and cost-effective operation of our online services), we use content or services provided by third parties in order to integrate their content and services, such as fonts. The following overview provides a list of other service providers to whom personal data collected via the website will be disclosed or which may have access to it:

  • External fonts from ‘fonts.com’. The integration of fonts is provided via a server call to ‘fonts.com’, which is a service of the third-party provider Monotype Imaging Holdings, Inc. Privacy Policy: https://www.monotype.com/legal/privacy-policy
  • Location detection is provided via Geo IP, a service ‘MaxMind’ of the third-party provider MaxMind Inc. provided. Privacy Policy: https://www.maxmind.com/de/privacy_policy
  • External code for the JavaScript framework ‘jQuery’ is provided by the third-party provider jQuery Foundation: https://jquery.org
  • The online survey tool of the service ‘Google Surveys’ by the third-party provider Google Inc. 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Privacy Policy: https://www.google.com/policies/privacy/
  • The social media management tool ‘Hootsuite’ by the third-party provider Hootsuite, Inc. Privacy Policy: https://hootsuite.com/de/legal/privacy
  • The processing of reservation requests for the SIGA Guesthouse via Protel by the third-party provider protel hotelsoftware GmbH, Europaplatz 8, 44269 Dortmund, Germany. Privacy Policy: http://www.protel.net/de/impressum/

When we employ subcontractors to provide our services, we make the appropriate legal arrangements as well as taking appropriate technical and organisational steps to ensure that your personal data is protected following the applicable legal provisions.

5 Transfer to Foreign Countries

SIGA also has the right to transfer your personal data to third parties abroad, particularly companies of the SIGA group, as long as this is appropriate for the data processing described in this Privacy Policy. In the process, the legal requirements for transmission of personal data to third parties will, of course, be complied with. These parties must meet the same requirements for data protection that we are obliged to observe. If the data protection level in a country does not comply with Swiss or EU data protection legislation, we will at all times ensure contractually or by other means that the protection of your personal data is comparable to that of Switzerland or the European Union.

6  Cookies

On our website, we rely on the basis of a legitimate interest on so-called cookies. These are small text files that are stored by the browser on your mobile device. When you visit a website, a cookie may be stored on your operating system. This cookie contains a character string that allows unambiguous identification of the browser when you access the website again.

By means of a cookie, information and services on our website can be tailored to your needs. Cookies allow us to recognise visitors. The purpose of this recognition is to facilitate the use of our website.

We use temporary cookies. They are automatically deleted when you close your browser. These include especially session cookies. They store a so-called session ID that can assign several requests from your browser to a shared session. This allows your computer to be recognised when you return to the website. We use these types of cookies to ensure the operation and functionality of our website.

We also use cookies that overlap sessions. These remain on your hard drive beyond the session. In particular, thanks to these cookies, we can make our service more user-friendly.

Preference cookies enable a website to remember information that affects the way a web page looks or behaves, including your preferred language or the region where you are.

You can view and delete the cookies stored on your computer and configure them generally in your browser settings. Further information can be obtained from the manufacturer or by using the help function of your Internet browser. However, disabling cookies may make some functions of our portal unavailable.

At the following links you can find out about the options available for this in the most frequently used browsers:

7 Pixels, Local Storage and Similar Technologies

We also use other technologies such as web beacons and local storage. We use these technologies in order to determine which features are especially popular so that we can offer users a more personalised experience, and to adjust user-specific advertising.

Web beacons (also known as clear GIFs, tracking pixels or pixel tags) are small code units that are installed in or on a website, mobile app or advertisement. These web beacons can request specific information about your browser and your device, such as the operating system, browser type, device type and version, the referring webpage, the website visited, the IP address and other similar information.

Local storage is an industry-standard technology that enables a Web site or mobile app to store and retrieve data on a computer, mobile phone or other device.

8  Web Analytics and Tracking Tools

Our website uses features of the following web analytics and tracking services:Unsere Webseite verwendet Funktionen der folgenden Webanalyse- und Trackingdienste:

  • Google Universal Analytics
  • Google AdWords
  • Google Tag Manager

For details, see the explanations below..

8.1 Google (Universal) Analytics

Based on our legitimate interests, we rely on Google Analytics, a web analytics service provided by Google Inc. (‘Google’), 1600 Amphitheatre Parkway Mountain View, CA 94043, USA. Google uses cookies.

We use Google Analytics, including features of Universal Analytics. Universal Analytics allows us to analyse activities on our sites across devices (such as access via a laptop and then later from a tablet). This makes it possible to assign data, sessions and interactions across multiple devices to a pseudonymous user ID, thus analysing a user’s activities across devices.

The information generated by cookies about your use of this website (including your IP address) is usually sent to a Google server in the USA and stored there. Google has been certified under the Privacy Shield agreement and thus offers an additional guarantee of compliance with European data protection legislation (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).

Google uses this information on our behalf in order to evaluate your use of our website, to compile reports about website activities and to provide us with other services related to website use and Internet use. The IP address provided by Google Analytics will not be merged with other Google data.

We use Google Analytics only with activated IP anonymisation. This means that user IP addresses

will be shortened by Google within the member states of the European Union or in other contracting countries of the European Economic Area Agreement. Only in exceptional cases will the full IP address be sent to a Google server in the US and shortened there.

You may prevent Google from collecting and transferring data generated by cookies and related to your use of the website (including your IP address) as well as the processing of this data by Google by downloading the browser plugin available at the following link and installing it (https://tools.google.com/dlpage/gaoptout?hl=en). This will set an opt-out cookie, which prevents future collection of your information when you visit this website. However, you should be aware that you may not be able to use all the features of this website to their full extent in this case. To prevent Universal Analytics from tracking across various devices, you must opt-out on all systems that you use. More information on Universal Analytics is available at: https://support.google.com/analytics/answer/2838718?hl=de&ref_topic=6010376

More information about their Terms of Use and Privacy Policy is available at: https://www.google.com/analytics/terms/de.html or at https://policies.google.com/?hl=de.

8.2 Google AdWords

Based on legitimate interest, we use ‘Google AdWords, which is a component of the online advertising program Google Marketing Services.

Google AdWords creates a cookie on your computer (‘conversion cookie) if you arrived at our website via a Google ad. These cookies are no longer valid after 30 days. They do not contain personal data and thus are not used for personal identification. If you visit certain web pages on our website and the cookie has not yet expired, we as well as Google will know that you clicked on an ad and were directed to this page. Each Google AdWords advertiser has a separate cookie. Thus, there is no way that cookies can be tracked via the websites of AdWords clients. Information obtained using conversion cookies is used to generate conversion statistics for AdWords clients who have opted for conversion tracking. We receive no information that allows you to be identified individually.

The information collected by cookies about your use of this website is usually transmitted to a Google server in the USA and stored there. Google has been certified under the Privacy Shield agreement and thus offers an additional guarantee of compliance with European data protection legislation.

(https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).

You may opt out of Google’s content-related advertising. To do this you need to access the link https://www.google.de/settings/ads from all browsers that you use and adjust the desired settings there.

For more information about Google AdWords Terms of Use and Privacy Policy, visit https://www.google.com/policies/technologies/ads/.

8.3 Google Tag Manager

We also use the ‘Google Tag Manager’ to integrate and manage the Google analysis and marketing services on our website. Google Tag Manager, a service provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043 (‘Google’), is a solution that enables marketers to manage web page tags via a single interface. The Tag Manager tool itself, which implements the tags, is a cookie-less domain and does not collect personal data. However, the tool will trigger other tags, which in turn will collect data under certain circumstances. Google Tag Manager itself does not have access to this data. If disabled at the domain or cookie level, it will remain in effect for all tracking tags implemented with Google Tag Manager. More information is available in the terms of use for this service.

For more information about Google’s data usage for marketing purposes, see the
main page: https://www.google.com/policies/technologies/ads. The privacy policy of Google is available at https://www.google.com/policies/privacy.

If you wish to opt out of the interest-based advertising by Google Marketing Services, you may adjust the settings and opt-out options: http://www.google.com/ads/preferences.

9 Social Plugins

We use plugins on our website . Plugins are small programs or program packages with which software can be adapted and extended according to your own needs. Many programs such as graphics programs, media players or Internet browsers in their basic version support the functions that an ordinary user will need.

On our website, we have incorporated links to our social media profiles on the following social networks:

  • Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA
  • Google Inc., 1600 Amphitheatre, Parkway, Mountain View, CA 94043, USA
  • Instagram Inc., 1601 Willow Road, Menlo Park, California 94025, USA
  • Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA
  • YouTube, a service operated by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA
  • LinkedIn Inc., 2029 Stierlin Ct, Mountain View, CA 94043, USA 
  • Xing SE, Dammtorstrasse 30, 20354 Hamburg, Germany

When you access a link to one of our social media profiles, a direct connection between your browser and the server of the social network in question is made. This provides the network with the information that you have visited our website with your IP address and called up the link. If you access a link to a network while logged in to your account on the relevant network, the contents of our page may be linked to your profile on the network, which means that the network might assign your visit to our website directly to your user account and we will receive your personal data, such as name, email, location, friends list and profile picture. From these data, we can provide certain functions on the web pages. To prevent this, you should log out before clicking on the corresponding links. In any case, an assignment will occur if you log on to the relevant network after clicking the link.

If you are logged on to a social network during your visit to our website via your user account, the provider may also assign the page visit to your user account. If you interact with a plugin, the corresponding information will also be transmitted directly to a server of the provider in the US and stored there. The information will also be posted to your account on the social network and displayed in your contacts.

Even if you are not logged in to the providers of the plugins while visiting our site, data collected by the plugins may be assigned under certain circumstances your user account. A plugin sets a cookie with an ID every time the web page is called up. Since your browser sends this cookie each time you connect to a server of the provider without being asked, the social networks could thus in principle create a profile of which website the user has called up that belongs to the identifier. If necessary, it would then be possible to assign this identifier to a person again later, for example, when logging in to the provider later.

In addition, you may choose the function ‘block third-party cookies’ in your browser settings, and then your browser will not send cookies to the social network server. With this setting, however, in addition to the plugins, other cross-page features of other providers may no longer work.

For more information on the purpose and scope of data collection and further processing and use of your personal data, please see the privacy policies of the various providers:

There you will also find further information on your rights in this respect and options to protect your privacy as well as information about your right to opt out of the creation of user profiles.

10 Your Rights

If the legal basis for processing is our legitimate interest in the processing of your personal data, you may object to such processing at any time and we will carefully review such concerns.

Similarly, you may at any time revoke your consent for us to process your personal data.

In addition, you are entitled to the rights of access, rectification, cancellation, restriction and data portability with regard to your personal data. If you believe that the processing of your personal data violates data protection legislation or if your data protection claims have otherwise been violated in some way, you may also file a complaint with to the regulatory authority. In Switzerland this would be the Swiss Federal Data Protection and Information Commissioner (FDPIC).

Please contact us if you have any concerns, questions, suggestions or requests: webmaster@siga.swiss

11 Use of the Website by Minors

The website is aimed at an adult audience. It is prohibited for minors, especially minors under the age of 16, to transfer personally identifiable information to us or to register for a service. If we determine that such data has been transmitted to us, they will be deleted from our database. The parents (or the legal representatives) of the minor may get in touch with us and request deletion or cancellation.

12 Data securityDatensicherheit

We take technical and organisational precautions to protect your personal data against tampering, loss, destruction or access by unauthorised persons, and to protect your rights as well as to be in compliance with applicable data protection laws.

The measures taken are designed to ensure the confidentiality and integrity of your personal data and to ensure the availability and robustness of our systems and services in the processing of your personal data over the long term. These steps should also ensure the rapid restoration of data availability and access to in the event of a physical or technical incident.

Our data processing and security measures are continuously improved in line with technological developments.

We also take our own, in-house data protection very seriously. Our employees and the service companies engaged by us are sworn to observe confidentiality and to comply with data protection regulations. Moreover, they are allowed access to your information only to the extent necessary.

13  Changes to the Privacy Policy

We reserve the right to change this Privacy Policy at any time in accordance with applicable data protection legislation. Current version: 25 May 2018.