Privacy Policy

This privacy policy explains how, where and for which purpose we process personal data in connection with our web presence and specifically our website. This privacy policy also provides information on the rights of the individuals whose data we process.

Individual or additional offers and services may be subject to special, supplementary or other privacy policies and other legal documents, such as general terms and conditions (GTC), terms of use or terms of participation.

1. Contact details

Data controller responsible for processing of personal data

design-build AG

Zürcherstrasse 39
8952 Schlieren, Switzerland

Please note that other controllers may be responsible in individual circumstances.

2. Processing of personal data

2.1 Terminology

Personal data refers to all data that refers to an identified or identifiable person. A data subject is a person whose personal data is processed. Processing comprises all handling of personal data, regardless of the methods and processes used, specifically the storage, disclosure, procurement, gathering, erasure, storage, alteration, destruction and use of personal data.

2.2 Legal basis

We process personal data in line with Swiss data protection legislation, in particular the Federal Act on Data Protection (FADP) and the Ordinance to the Federal Act on Data Protection (DPO).

2.3 Type, scope and purpose

We process the personal data that is necessary to provide a permanent, user-friendly, secure and reliable web presence. Such personal data may fall into the categories of existing and contact data, browser and device data, content data, meta and marginal data, user data, location data and sales, contract and payment data.

We process personal data for the duration required for the respective purpose(s) or required by law. Personal data that no longer needs to be processed is anonymised or erased. Data subjects are generally entitled to have their data erased.

We only process personal data with the consent of the data subject, unless the processing is permissible on other legal grounds, such as for the fulfilment of a contract with the data subject and for corresponding pre-contractual measures in order to preserve our overriding legitimate interests as the processing is obvious from the circumstances, or following prior information.

Within this scope, we primarily process information provided to us voluntarily by the data subject themselves when contacting us – e.g. by letter, email, contact form, social media or phone – or when registering for a user account. We may store such information in an address book, customer relationship management system (CRM system) or use similar tools. If you transfer personal data about third parties to us, you must guarantee the privacy of such third parties and also ensure that the personal data is accurate.

We also process personal data that we receive from third parties, procure from public sources or collect during the provision of our web presence, if and insofar as such processing is permissible by law.

Personal data from job applications is only processed insofar as it is required for assessing the suitability of the applicant for the vacancy or the subsequent fulfilment of the employment contract. The personal data required to implement the application process is generated from information requested and/or disclosed; for instance, within the scope of a job description. Applicants may send further voluntary information to support their application.

2.4 Processing of personal data by third parties, including abroad

We may engage third parties to process personal data, or process personal data in collaboration with, or with the help of, third parties, or transfer personal data to third parties. Such third parties are, in particular, providers whose services we have purchased. We guarantee that such third parties also maintain an adequate level of data protection.

All such third parties are generally based in Switzerland and the European Economic Area (EEA). Such third parties may also be located in other countries and global regions if their data protection laws provide adequate data protection according to the assessment of the Federal Data Protection and Information Commissioner (FDPIC) or if adequate data protection is guaranteed on another basis, such as a corresponding contractual agreement, particularly on the basis of standard contractual clauses, or by means of a corresponding certification. In exceptional circumstances, such a third party may be located in a country without adequate data protection if the data protection requirements are met; for instance, explicit consent from the data subject.

3. Rights of data subjects

Data subjects whose personal data is processed by us have rights granted to them by Swiss data protection law. These include the right to be informed and the right to rectify, erase or block processed personal data.

Data subjects whose personal data is processed by us have the right to complain to a responsible supervisory authority. The Swiss data protection supervisory authority is the Federal Data Protection and Information Commissioner (FDPIC).

4. Data security

We implement adequate and suitable technical and organisational measures to guarantee data protection and, in particular, data security. However, the processing of personal data on the internet may feature security gaps despite such measures. Therefore, we cannot guarantee complete data security.

Access to our online content is provided with transport encryption (SSL/TLS, in particular with the Hypertext Transfer Protocol Secure (HTTPS)). Most browsers display a padlock in the address bar when transport encryption is active.

As with all internet use generally, access to our web presence is subject to mass monitoring without cause or suspicion and other monitoring by security authorities in Switzerland, the European Union (EU), the United States of America (USA) and other countries. We have no direct influence over the corresponding processing of personal data by secret services, police forces or other security agencies.

5. Website use

5.1 Cookies

We may use cookies on our website. Both our own cookies (first-party cookies) and cookies of third parties whose services we use (third-party cookies) are text files that are stored in your browser. Saved data of this kind need not be restricted to traditional cookies in text form. Cookies cannot execute any programs or transfer malware such as Trojans or viruses.

Cookies may be stored in your browser temporarily as session cookies or for a set period as permanent cookies when you visit our website. Session cookies are deleted automatically when you close your browser. Permanent cookies are stored for a set duration. These make it possible, in particular, to recognise your browser when you next visit our website and thus measure the reach of our website. However, permanent cookies may also be used for online marketing.

You can deactivate and delete all or some cookies in your browser settings at any time, but without cookies you may not be able to use all the functions of our website. We actively request your explicit consent for the use of cookies if and insofar as required.

You can opt out of cookies used to analyse success and reach or for advertising for a number of services via the Network Advertising Initiative (NAI), YourAdChoices (Digital Advertising Alliance) or Your Online Choices (European Interactive Digital Advertising Alliance, EDAA).

5.2 Server log files

We may collect the following information each time you access our website if it is transferred from your browser to our server infrastructure, or if it can be determined by our web server: Date and time, including time zone, internet protocol (IP) address, access status (HTTP status code), operating system including user interface and version, browser including language and version, individual sub-pages of our website accessed including data volume transferred and the last website accessed in the same browser window (referrer URL).

We store such information, which can also constitute personal data, in server log files. This information is required in order for us to provide permanent, user-friendly and reliable online content, and to ensure data security and thus, in particular, the protection of personal data – including by third parties or with the help of third parties.

5.3 Tracking pixels

We may use tracking pixels on our website. Tracking pixels are also called web beacons. Tracking pixels, including those of third parties whose services we use, are small, usually invisible images that are automatically accessed when visiting our website. Tracking pixels can be used to collect the same information as in server log files.

6. Notifications and messages

We send notifications and messages, e.g. newsletters, via email and other communication channels, such as instant messaging.

6.1 Success and reach analysis

Notifications and messages may contain web links or tracking pixels that record if an individual message has been opened and which web links were clicked during this process. Such web links and tracking pixels can also record the use of notifications and messages by individual persons. We require this statistical record of use to analyse our success and reach in order to send effective, user-friendly, permanent, secure and reliable notifications and messages based on the recipients’ requirements and reading habits.

6.2 Consent and objection

You must provide explicit consent to the use of your email address and other contact details, unless their use is permissible on other legal grounds. We use the double opt-in method whenever possible for any consent required for the receipt of email newsletters; this means that you receive an email with a web link that you must click to confirm to prevent misuse by unauthorised third parties. We may log such consent, including your internet protocol (IP) address and the date and time, for reasons of evidence and security.

You may unsubscribe from notifications and messages, such as newsletters, at any time. We reserve the right to send notifications and messages that are of crucial importance for the provision of our web presence. By unsubscribing, you can object to the statistical recording of your usage for success and reach analysis.

6.3 Notification and message service providers

We send notifications and messages via, or with the help of, third-party service providers. Cookies may also be used during this process. We also guarantee an adequate level of privacy for such services.

In particular, we use:

  • ClickDimensions: a platform for email marketing and other CRM-based marketing; provider: ClickDimensions LLC (USA); privacy information: Privacy Policy.

7. Social media

We maintain a presence on social media platforms and other online platforms to communicate with prospective customers and inform these of our services. This may lead to the processing of personal data outside Switzerland and the European Economic Area (EEA).

The general terms and conditions (GTCs), terms of use, privacy policies and other terms of the various operators of these online platforms apply in each case. These terms provide information in particular on the rights of data subjects including, specifically, the right to information.

8. Success and reach analysis

We use services and programs to ascertain how our online presence is used. These can help us to measure the success and reach of our online presence and the effectiveness of third-party links to our website. We can also trial and compare how different versions of our online presence or parts of our online presence are used (A/B test method). Based on the results of the success and reach analysis, we can rectify faults, amplify the most popular content and make improvements to our online presence.

When using services and programs for success and reach analysis, the internet protocol (IP) addresses of individual users are saved. IP addresses are always shortened to ensure compliance with the principle of data economy through the corresponding pseudonymisation and to improve the privacy of visitors to our website (IP masking).

Where success and reach analysis services and programs are used, cookies may be set and user profiles generated. User profiles may, for example, include pages visited or content viewed on our website, information on the size of screen or browser window and – at least approximate – user locations. User profiles are always generated in pseudonymised form. We do not use user profiles to identify individual visitors to our website. Some services for which you are a registered user may assign the use of our online presence to your profile with the respective service, whereby you must generally have given prior consent to such assignment.

In particular, we use:

9. Third-party services

We use third-party services to ensure the permanent, user-friendly, secure and reliable provision of our web presence. Such services also serve to embed contents in our website. These services, e.g. hosting and storage services, video services and payment services, require your internet protocol (IP) address as they would otherwise not be able to transfer the corresponding content. Such services may be located outside Switzerland and the European Economic Area (EEA) as long as an adequate level of privacy is guaranteed.

Third parties whose services we use may also process aggregated, anonymised or pseudonymised data in connection with our web presence and from other sources – which may include cookies, log files and tracking pixels – for their own security, statistical and technical purposes.

9.1 Contact options

We use third-party services to enable us to better communicate with you and other individuals; i.e. customers. We guarantee that such third parties also maintain an adequate level of data protection.

In particular, we use:

9.2 Maps

We use third-party services to embed maps in our website.

In particular, we use:

9.3 Fonts

We use third-party services to embed selected fonts, icons, logos and symbols in our website.

In particular, we use:

9.4 Advertising

We use the opportunity to display targeted advertising for our services to third parties, such as social media platforms and search engines.

We use this kind of advertising in order to reach those individuals in particular with an interest in our online content or who already use our web content (remarketing and targeting). To do so, we may transmit the relevant – potentially also personal – data to third parties that offer such advertising. We can also track the success of our advertising; i.e. specifically whether it has led to visits to our website (conversion tracking).

Third parties engaged by us for advertising and with which you are registered as a user may assign this usage of our content to any profile you hold with them.

In particular, we use:

10. Final provisions

We reserve the right to amend and add to this Privacy Policy at any time. We will provide information on such amendments and addenda in a suitable format, particularly by publishing the respective current Privacy Policy on our website.