In this data protection statement, we inform you which personal data we process, for what purpose, how and where, in particular in connection with our website www.baer-ag.com and our other services. This data protection statement also informs you of the rights of persons whose data we process.
Special, supplementary or further data protection statements and other legal documents such as general terms and conditions (GTC), terms of use or conditions of participation may apply to individual or additional offers and services.
Our offer is subject to Swiss data protection law as well as any applicable foreign data protection law, in particular that of the European Union (EU), in the form of the General Data Protection Regulation (GDPR). The European Commission recognises that Swiss data protection law ensures adequate data protection.
Responsibility for the processing of personal data:
BÄR Baumanagement AG
Korporationsweg 13c | CH-8832 Wilen bei Wollerau
BÄR Totalunternehmung AG
Korporationsweg 13c | CH-8832 Wilen bei Wollerau
We indicate any other persons responsible for processing personal data in individual cases.
Personal data is defined as any information relating to an identified or identifiable person. A data subject is a person whose personal data is processed. Processing includes any handling of personal data, irrespective of the means and procedures used, in particular the storage, disclosure, acquisition, collection, deletion, storage, modification, destruction and use of personal data.
The European Economic Area (EEA) comprises the European Union (EU) and the Principality of Liechtenstein, in addition to Iceland and Norway. The General Data Protection Regulation (GDPR) refers to the processing of personal data as handling personal data.
We process personal data in accordance with Swiss data protection law such as, in particular, the Federal Act on Data Protection (DSG) and the Ordinance to the Federal Act on Data Protection (VDSG).
We process personal data – if and to the extent that the General Data Protection Regulation (GDPR) applies – in accordance with at least one of the following legal bases:
We process those personal data that are necessary in order to operate our business in a permanent, user-friendly, secure and reliable manner. Such personal data may fall into the categories of inventory and contact data, browser and device data, content data, meta or marginal data and usage data, location data, sales, contract and payment data.
We process personal data for the duration that is necessary for the respective purpose(s) or that is required by law. Personal data that are no longer required for processing are anonymised or deleted. Persons whose data we process have a fundamental right to have their data deleted.
As a general principle, we only process personal data with the data subject’s consent, except where the processing is permitted for other legal reasons, for example in order to fulfil a contract with the data subject and to take appropriate steps prior to entering into the contract, in order to safeguard our overriding legitimate interests, because the processing is obvious from the circumstances, or after prior information.
Within this framework, we process in particular information provided voluntarily by data subjects themselves when contacting us – for example by letter, email, contact form, social media or telephone – or when registering for a user account. We may, for instance, store such information in an address book or by similar means. If you transmit personal data about third parties to us, you are obliged to guarantee data protection vis-à-vis such third parties and to ensure the accuracy of such personal data.
We also process personal data that we receive from third parties, obtain from publicly accessible sources or collect when providing our services, if and to the extent that such processing is permitted by law.
Personal data from applications are only processed insofar as such data are required to assess the applicant’s suitability for an employment relationship or for the subsequent execution of an employment contract. The personal data required to carry out an application procedure are derived from the information requested or communicated, such as in the context of a job description. Applicants have the opportunity to provide additional information for their respective applications voluntarily.
We may have personal data processed by commissioned third parties or may process personal data together with third parties or with the help of third parties or transmit personal data to third parties. In particular, such third parties are providers whose services we use. We also ensure an adequate level of data protection with regard to such third parties.
Such third parties are generally located in Switzerland and in the European Economic Area (EEA). Such third parties may, however, also be located in other states and territories on Earth or elsewhere in the universe, if their data protection law safeguards an adequate level of data protection according to the Assessment of the Federal Data Protection and Information Commissioner (FDPIC) and – if and to the extent that the General Data Protection Regulation (GDPR) applies – the Assessment of the European Commission, or if an adequate level of data protection is otherwise safeguarded, for example by means of a contractual agreement to that effect, in particular on the basis of standard clauses, or by means of a corresponding certification. By way of exception, such a third party may be located in a country without an adequate level of data protection, provided that the conditions of data protection law, for example, the express consent of the data subject, are fulfilled.
Data subjects whose personal data we process have the rights granted in accordance with Swiss data protection law. These include the right of access and the right to rectify, delete or block the personal data processed.
Data subjects whose personal data we process can – if and to the extent that the General Data Protection Regulation (GDPR) applies – be sent confirmation, free of charge, as to whether we are processing their personal data and, if so, demand access to the personal data we are processing, have the processing of their personal data restricted, exercise their right to data portability and have their personal data rectified, deleted (“right to forget”), blocked or completed.
Data subjects whose personal data we process may – if and to the extent that the GDPR applies – revoke their consent at any time with effect for the future and may object to the processing of their personal data at any time.
Data subjects whose personal data we process have the right to complain to a competent supervisory authority. The supervisory authority for data protection in Switzerland is the Federal Data Protection and Information Commissioner (FDPIC).
We take appropriate and suitable technical and organisational measures to ensure data protection and, in particular, data security. However, despite such measures, the processing of personal data on the Internet may always involve security risks. We cannot therefore guarantee absolute data security.
Our online content is accessed by means of transport encryption (SSL/TLS, in particular with the Hypertext Transfer Protocol Secure, HTTPS for short). Most browsers indicate transport encryption by displaying a padlock icon in the address bar.
Access to our online content is – like every use of the Internet, generally speaking – subject to mass surveillance without cause or suspicion and other monitoring by security authorities in Switzerland, the European Union (EU), the United States of America (USA) and other countries. We cannot exert any direct influence on the relevant processing of personal data by secret services, police authorities and other security agencies.
We may use cookies on our website. Cookies – both our own cookies (first-party cookies) and cookies from third parties whose services we use (third-party cookies) – are data in text form that are stored in your browser. Such stored data need not be limited to traditional cookies in text form. Cookies cannot run programs or transmit malware like Trojans and viruses.
When you visit our website, cookies can be stored temporarily in your browser as “session cookies” or for a certain period of time as “permanent cookies”. Session cookies are automatically deleted when you close your browser. Permanent cookies have a specific storage period. In particular, they make it possible to recognise your browser the next time you visit our website and thus to measure the reach of our website, for example. However, permanent cookies can also be used for online marketing, for example.
You can completely or partially deactivate or delete cookies in your browser settings at any time. Without cookies, our website may no longer be fully available. We actively ask you – insofar and to the extent necessary – for your express consent to our use of cookies.
In the case of cookies that are used for performance and reach measurement or for advertising, with regard to many services a general objection (“opt-out”) is possible via the Network Advertising Initiative (NAI), YourAdChoices (Digital Advertising Alliance) or Your Online Choices (European Interactive Digital Advertising Alliance, EDAA).
For every access to our website we may collect the following information if your browser transmits it to our server infrastructure or if it can be determined by our web server: date and time including time zone, Internet Protocol (IP) address, access status (HTTP status code), operating system including user interface and version, browser including language and version, individual sub-pages of our website accessed including the amount of data transmitted, last website accessed in the same browser window (referrer).
We store such information, which may also include personal data, in server log files. We require such information in order to provide our online services in a permanent, user-friendly and reliable manner and to ensure data security and thus, in particular, the protection of personal data – including by means of third parties or with the help of third parties.
We may use tracking pixels on our website. Tracking pixels are also known as web beacons. Tracking pixels – including those of third parties whose services we use – are small, usually invisible images that are automatically generated when you visit our website. Tracking pixels allow the same data to be recorded as in server log files.
We send notifications and messages such as newsletters by email and via other communication channels such as instant messaging.
Notifications and messages may contain links or tracking pixels that log whether an individual message has been opened and which web links were clicked on. Such web links and tracking pixels can even record personal use of notifications and messages. We require these usage statistics to gauge our performance and reach, in order to make notifications and messages effective and user-friendly on the basis of the needs and reading habits of their recipients and provide them permanently, securely and reliably.
As a rule, you must expressly consent to the use of your email address and other contact addresses unless they can be used on other legal grounds. Where possible, we use the double opt-in procedure for you to consent to receive emails. This means that you will receive an email containing a confirmation link that you need to click on so as to prevent misuse by unauthorised third parties. We may log such declarations of consent, including your IP address and the date and time, for reasons of security and documentation.
As a basic principle, you can unsubscribe from notifications and messages such as newsletters at any time. This does not apply to notifications and messages that are strictly necessary for our website. In particular, by unsubscribing, you can object to the collection of statistical usage data for the purposes of measuring performance and reach.
We send notifications and messages via third-party services or with the help of service providers. Cookies may also be used in this context. We guarantee an adequate level of data protection from these services, too.
In particular, we use:
Mailchimp: Communication platform; provider: The Rocket Science Group LLC d/b/a Mailchimp (USA); Data protection information: Privacy Policy “Mailchimp and European Data Transfers” (“Mailchimp and European Data Transfers”).
We maintain a presence on social media platforms and other online platforms in order to communicate with potential customers and provide information about our products and services. In this context, personal data can also be processed outside of Switzerland and the European Economic Area (EEA).
The general terms and conditions (GTC), terms of use, privacy policies and other terms and conditions of each individual operator of such online platforms also apply. In particular, these terms and conditions outline the rights of data subjects, especially their right to access information.
If and insofar as the GDPR applies, we are jointly responsible with Facebook Ireland Limited in Ireland for our social media presence on Facebook, including Page Insights. The Page Insights show how users interact with our Facebook page. We use Page Insights to make our social media presence on Facebook effective and user-friendly.
For more information about the nature, scope and purpose of data processing, information about the rights of data subjects and the contact details for Facebook and the data protection officer of Facebook, see Facebook’s Data Policy. We have concluded the Controller Addendum with Facebook and thereby agreed, in particular, that Facebook is responsible for ensuring the rights of data subjects. For information about the Page Insights, see Facebook’s “Information about Page Insights”, including the “Page Insights Controller Addendum” and “Information about Page Insights Data”.
We use Google Analytics to analyse how our website is used; in doing so, we are also able to measure the reach of our website and the success of links to our website on third-party pages. It is a service provided by Google LLC in the USA. Google Ireland Limited in Ireland is responsible for users in the European Economic Area (EEA) and Switzerland.
Google attempts to record individual visitors to our website, including when they use different browsers or devices (this is known as cross-device tracking). Cookies are also used in this context. Google Analytics requires your IP address, although this is not merged with any other data held by Google.
In any case, we have your IP address anonymised before it is analysed by Google. As a result, your complete IP address will not be transmitted to Google in the USA as a matter of principle.
We use Google Analytics with Google Signals. As a result, we receive enhanced statistics relating to visitors to our website who have activated personalised advertisements as logged-in Google users. In spite of these enhanced statistics, we are unable to associate them with individual Google user profiles.
For more information about the nature, scope and purpose of data processing, see Google’s Privacy and Security Principles and Privacy Policy, the Google product privacy guide (including Google Analytics), the information about how Google uses data from websites that use Google services, and the information about how Google uses cookies. In addition, there is the option of using the Google Analytics opt-out browser add-on and deactivating personalised advertisements.
We use Google Tag Manager to integrate analytics or advertising services from Google or third parties into our website and manage them. It is a service provided by Google LLC in the USA. Google Ireland Limited in Ireland is responsible for users in the European Economic Area (EEA) and Switzerland. Although no cookies are used in this context, cookies can be used in connection with the related and managed services. This privacy policy provides details about the processing of personal data by such services.
We use third-party services that are necessary for ensuring our website is permanent, user-friendly, secure and reliable. We also use such services to embed content in our website. Such services – e.g. hosting and storage services, video services and payment services – require your IP address as the services would otherwise be unable to transfer their content. These types of services can be based outside of Switzerland and the European Economic Area (EEA), provided that an adequate level of data protection is guaranteed.
Third parties whose services we use can process aggregated, anonymised or pseudonymised data in connection with our website as well as from other sources, including cookies, log files and tracking pixels, for their own security, statistical and technical purposes.
We use third-party services to use the digital infrastructure we need for our website. For example, these services include hosting and storage services from specialised providers.
We use Google Maps to embed maps on our website. Cookies are also used in this context. Google Maps is a service provided by the US company Google LLC. The Irish company Google Ireland Limited is responsible for users in the European Economic Area (EEA) and in Switzerland. For more information about the nature, scope and purpose of data processing, see Google’s Privacy and Security Principles and Privacy Policy, the Google product privacy guide (including Google Maps), the information about how Google uses data from websites that use Google services, and the information about how Google uses cookies. There is also the option of objecting to personalised advertising.
9.3.1 We use Adobe Fonts (formerly Typekit) to embed selected fonts on our website. No Cookies are used for this. This is a service provided by Adobe Systems Software Ireland Limited in Ireland or Adobe Inc. in the USA. For more information on the nature, scope and purpose of data processing, see the Adobe privacy policy, the information about data protection in relation to Adobe Fonts and in the Adobe Privacy Center.
9.3.2 We use Font Awesome to embed selected icons on our website. Cookies are also used in this context. This is a service by the US company Fonticons Inc., which, according to its own information, respects European data protection law. For more information on the nature, scope and purpose of data processing, see the Font Awesome Privacy Policy.
9.3.3 We use Google Fonts to embed selected fonts on our website. No Cookies are used for this. This service is provided independently of other Google services by Google LLC in the USA. Google Ireland Limited in Ireland is responsible for users in the European Economic Area (EEA) and Switzerland. For more information on the nature, scope and purpose of data processing, see Google’s Privacy and Security Principles and Privacy Policy.
We use Facebook Ads to advertise our products and services more strategically on Facebook. Facebook Ads are provided by Facebook Ireland Ltd. in Ireland or Facebook Inc. in the USA. Cookies are also used for Facebook Ads.
In particular, we want to use such advertisements to reach people who are interested in our website or who already use it. For this purpose, we send the relevant information to Facebook, including personal information if necessary (custom audiences including lookalike audiences), by means of the Facebook pixel, in particular. Additionally, we are able to determine whether our advertising is successful, i.e. whether it has resulted in visits to our website (this is known as conversion tracking).
Further information on the nature, scope and purpose of data processing can be found in Facebook’s Data Policy. Additionally, Facebook users can change their Ad preferences to control what adverts they see on Facebook and what adverts will be shown to them on Facebook in future.
We use Google Ads (formerly AdWords) to advertise our website strategically in the Google search engine and elsewhere on the Internet, such as on other websites, on the basis of search queries. Google Ads is a service provided by Google LLC in the USA. Google Ireland Limited in Ireland is responsible for users in the European Economic Area (EEA) and Switzerland. Google Ads also uses cookies. Google uses various domain names – especially doubleclick.net, googleadservices.com and googlesyndication.com – for Google Ads.
In particular, we want to use such advertisements to reach people who are interested in our website or who already use it. For this purpose, we send the relevant information to Google (remarketing), including personal information. Additionally, we are able to determine whether our advertising is successful, i.e. whether it has resulted in visits to our website (this is known as conversion tracking).
For more information on the nature, scope and purpose of data processing, see Google’s Privacy and Security Principles and Privacy Policy, the information about how Google uses data from websites that use Google services, and the information about how Google uses cookies. There is also the option of objecting to personalised advertising.
We use Instagram Ads to advertise our products and services more strategically on Instagram. Instagram Ads are provided by Facebook Ireland Limited in Ireland or Facebook Inc. in the USA. Cookies are also used in this context.
In particular, we want to use such advertisements to reach people who are interested in our website or who already use it. For this purpose, we send the relevant information to Facebook, including personal information if necessary (custom audiences including lookalike audiences), by means of the Facebook pixel, in particular. Additionally, we are able to determine whether our advertising is successful, i.e. whether it has resulted in visits to our website (this is known as conversion tracking).
For more information on the nature, scope and purpose of data processing, see the Instagram Privacy Policy and Facebook’s Data Policy. In addition, users can also access the Instagram advertising preferences to check which interests the advertising relates to, as well as via Facebook’s Ad preference settings to control which advertisements are displayed to them.
We use LinkedIn Marketing Solutions to advertise our products and services more strategically on LinkedIn (LinkedIn Ads). This service is provided by the LinkedIn Ireland Unlimited Company in Ireland or the LinkedIn Corporation in the USA. Cookies are also used in this context.
In particular, we want to use such advertisements to reach people who are interested in our website or who already use it. For this purpose, we send the relevant information to LinkedIn (retargeting), including personal information if necessary, by means of the LinkedIn Insight Tag, in particular. Additionally, we are able to determine whether our advertising is successful, i.e. whether it has resulted in visits to our website (this is known as conversion tracking). If you are logged in on LinkedIn as a user, LinkedIn will be able to associate your use of our website with your profile.
For more information on the nature, scope and purpose of data processing, see LinkedIn’s Privacy Policy, Cookie Policy and Privacy Hub. There is also the option of objecting to personalised advertising.
10.1 We use Google reCAPTCHA to protect input forms from bots and spam, while at the same time reliably enabling human input. Cookies are also used in this context. It is a service provided by Google LLC in the USA. Google Ireland Limited in Ireland is responsible for users in the European Economic Area (EEA) and Switzerland. For more information on the nature, scope and purpose of data processing, see Google’s Privacy and Security Principles and Privacy Policy and the information about how Google uses cookies.
10.2 We use jQuery, a free JavaScript library from the JS Foundation. We embed the library using jQuery.com so that we can improve the speed of our website. jQuery is provided via the Content Delivery Network (CDN) StackPath, a service of StackPath LLC in the USA. Cookies may also be used in this context. For more information about the nature, scope and purpose of data processing, see StackPath’s Privacy Statement.
10.3 We use jQuery, a free JavaScript library from the JS Foundation. We embed the library via the content delivery network (CDN) Google Hosted Libraries (domain name ajax.googleapis.com) so that we can improve the speed of our website. Cookies are only used if they are necessary for the prevention of misuse and for security-related purposes. This service is provided independently of other Google services by Google LLC in the USA. Google Ireland Limited in Ireland is responsible for users in the European Economic Area (EEA) and Switzerland.
For more information on the nature, scope and purpose of data processing, see Google’s Privacy and Security Principle and Privacy Policy and the Terms of Use for Google-Hosted Libraries.
We may adapt and supplement this data protection statement at any time. We will provide notification of any such adjustments and additions in an appropriate form, in particular by publishing the respective current privacy policy on our website.