The ‘controller’ for the purposes of data protection legislation, including the EU General Data Protection Regulation (GDPR) in particular, is:
Nellen & Partner AG
9000 St. Gallen
Telephone: +41 (0)71 228 33 66
The operators of this website take the protection of your personal data very seriously. We treat your personal data as confidential.
In conjunction with our hosting providers, we endeavour to protect databases against unauthorised access, loss, misuse and imitation as far as possible.
Please note that there may be security loopholes when transmitting data over the internet (e.g. in email communications). It is impossible to completely protect data against third-party access.
By using this website, you give your consent to the collection, processing and usage of data in accordance with the specifications below. This website can generally be visited without registering for it. At the time of visiting, data such as the pages viewed/the name of the file viewed, the date and the time are stored on the server for statistical purposes. This data is not linked to you personally. Personal data, including names, addresses and email addresses, are collected on a voluntary basis where possible. Your data is not disclosed to third parties without your consent.
Personal data refers to any information relating to an identified or identifiable person. A data subject is a person whose personal data is processed. Processing means any operation involving personal data, regardless of the means or methods used, and includes the archiving, dissemination, procurement, erasure, storage, modification, destruction and usage of personal data.
We process personal data in accordance with Swiss data protection law. Additionally, we process personal data based on the following legal grounds in connection with GDPR Article 6(1) if and to the extent that the EU’s GDPR is applicable:
We process personal data for the length of time necessary for the relevant purpose or purposes. If we are subject to legal or other obligations mandating a longer retention period, we restrict the processing accordingly.
Taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of processing as well as the risks of varying likelihood and severity for rights and freedoms of natural persons, we implement appropriate technical and organisational measures in accordance with statutory specifications to ensure a level of security appropriate to the risk.
In particular, the measures include safeguards for the confidentiality, integrity and availability of data by controlling the physical and electronic access to the data as well as retrieval of it, input, forwarding, backups and separation of the data. Furthermore, we have established procedures to ensure that data subjects’ rights are fulfilled, data is erased and there is a response to threats to the data. Moreover, we take into account the protection of personal data from as early as the development or selection stages for hardware, software and processes in accordance with the principle of data protection through the technology’s design and through preset configurations that emphasise data protection.
As part of our processing of personal data, it may transpire that data is transferred or disclosed to other entities, businesses, legally independent organisational units or individuals. The recipients of this data may be, for example, IT contractors or providers of services and content that are embedded in a website. In such cases, we observe the statutory provisions and, in particular, sign corresponding contracts and agreements for the protection of your data with the recipients of your data.
Insofar as we process data in a ‘third country’ (i.e. outside of the European Union (EU) or European Economic Area (EEA)) or data is processed as part of the utilisation of third-party services or as part of the disclosure or transfer of data to other people, entities or businesses, this data is processed solely in accordance with statutory provisions..
We only process data in third countries when they have a recognised level of data protection, have a contractual obligation from the European Commission’s standard protection clauses or have certificates or binding internal data protection provisions (GDPR Articles 44 to 49, European Commission information page: ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection_en), and this is in any case subject to your explicit consent or must be a transfer necessitated by contract or law.
A distinction can be made between the following cookie types and functions:
Duration of storage: if we do not explicitly inform you of a specific length of time for which permanent cookies will be stored (e.g. as part of a cookie opt-in function), please assume that the storage duration may be up to two years.
Processing of cookie data based on consent: we use a procedure for cookie consent management that obtains users’ consent to the usage of cookies and to the mentioned processes and providers as part of the cookie consent management procedure. This consent can be managed and withdrawn by users. The procedure saves the consent declaration so that consent does not have to be asked for again and so that there is evidence of consent in accordance with legal obligations. The consent can be saved on a server and/or in a cookie (using an ‘opt-in cookie’ or comparable technologies) so that the consent can be linked to a user or a user’s device. Unless information about specific providers of cookie management services differs, the following information applies: consent can be stored for up to two years. A pseudonymous user identifier is formed as part of this and saved along with the time of the consent and details about the extent of the consent (e.g. which categories of cookies and/or service providers), the browser, the system and the device used.
The provider of this website automatically gathers and saves information in server log files that your browser automatically transfers to us. This information includes:
This data cannot be matched with specific individuals. This data is not merged with other data sources. We do reserve the right to review this data at a later date if we gain knowledge of concrete indications of unlawful use.
If you send us enquiries using the contact form, the details you provide on the enquiry form, including the contact details you have entered on it, will be stored with us for the purpose of processing the enquiry and in case there are follow-up questions. We do not share this data without your consent and treat it as confidential.
This website uses the Google Maps product offering. This enables us to display interactive maps to you directly on the website, which allows you convenient use of the Maps function. By visiting our website, Google receives information that you have visited the corresponding page on our website. This occurs irrespective of whether Google provides an account that you are logged into or whether there is no such account. If you are logged into Google, your data will be directly matched with your account. If you do not want your data to be matched with your Google profile, you must log out before activating the button. Google stores your data in user profiles and uses it for the purposes of marketing, market research and/or designing its website according to user needs. In particular, data is analysed to provide advertising targeted to user needs (even for users not logged in) and to inform other users of the social network about your activity on our website. You have a right to object to the creation of such user profiles, though you must contact Google to exercise this right. Further information about the purpose and scope of Google’s data collection and processing as well as further information about your rights in relation to it and potential settings for protecting your privacy is available at: www.google.de/intl/en/policies/privacy.
We use Google reCAPTCHA (‘reCAPTCHA’) on our website. The provider of it is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (‘Google’). The intention behind reCAPTCHA is to check if the data entered on our website (e.g. on a contact form) comes from a person or an automated program. To this end, reCAPTCHA analyses the behaviour of website visitors based on various attributes. This analysis begins automatically as soon as website visitors access the website. For the analysis, reCAPTCHA evaluates various pieces of information (e.g. IP address, dwell time on the website or user’s mouse movements). The data collected during the analysis is forwarded to Google. The reCAPTCHA analyses take place fully in the background. Website visitors are not advised that an analysis is being performed.
We use on our website the marketing services of the social network LinkedIn, belonging to LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland (‘LinkedIn’).
Information is recorded through this, for example, about the operating system, the browser, the website that you have visited beforehand (referrer URL), the pages that the user has visited, the products and services that the user has clicked on and the date and time of your visit to our website.
The information generated by these cookies about your use of this website is transferred in a pseudonymous format to a LinkedIn server in the United States and stored there. Accordingly, LinkedIn does not store the user’s name or email address. Rather, the above data is linked only to the person who generated the cookie. This does not apply if the user has allowed LinkedIn to process data without making it pseudonymous or has a LinkedIn account.
You can prevent cookies from being stored by activating the corresponding settings in your browser software, though be aware that you may not be able to use the complete functionality of this website in that case. You can object to the usage of your data directly to LinkedIn: www.linkedin.com/psettings/guest-controls/retargeting-opt-out.
We use LinkedIn Analytics so that we can analyse how our website is used and regularly improve it. Using the acquired statistics, we can improve our offering and make it more appealing to you as a user. All LinkedIn companies have accepted standard contractual clauses to ensure that the transfer of data to the US and Singapore that is required for the development, provision and maintenance of the services occurs lawfully. If we ask users for consent, the legal grounds for the processing are GDPR Article 6(1)(a). Otherwise, the legal grounds for using LinkedIn Analytics are GDPR Article 6(1)(f).
Information about the external provider: LinkedIn Ireland Unlimited Company Wilton Place, Dublin 2 Ireland; Nutzervereinbarung and Datenschutzerklärung.
Functions for the YouTube service are integrated into this website. YouTube belongs to Google Ireland Limited, a company registered and operated under Irish law based at Gordon House, Barrow Street, Dublin 4, Ireland. It operates the services in the European Economic Area and Switzerland.
The copyrights and all other rights to content, images, photographs or other files on the website are the property solely of the operator of this website or the specially named right holders. Written approval must be obtained in advance from the copyright holder to reproduce any file. Anyone who commits a copyright violation without approval from the relevant right holder may be subject to criminal prosecution and potentially required to pay damages.
All information provided on our website has been carefully examined. We endeavour to offer information that is current, accurate and complete. Nevertheless, mistakes cannot be ruled out fully, which means that we cannot provide any guarantee for the completeness, accuracy or currency of information, including that of a journalistic or editorial nature. Liability claims for losses of a material or non-material nature that are caused by using the information offered are excluded unless there is demonstrable evidence of culpability as a result of intent or gross negligence.
The publisher may, at its discretion and without warning, modify or erase text and is not required to update the content of this website. This website is visited or accessed at the visitor’s own risk. The publisher, its clients and its partners are not responsible for losses, be they direct, indirect, random, determinable in advance or consequential, that are claimed to have been incurred through visiting this website. The aforementioned parties therefore do not assume any liability for them..
The publisher also does not assume any responsibility or liability for the content or availability of third-party websites that are accessible through external links on this website. Solely the operators of the linked websites are responsible for the content of those websites. The publisher therefore explicitly distances itself from any third-party content that is potentially questionable under criminal or liability laws or that offends common decency.