We are subject to Swiss data protection law and, if applicable, foreign data protection law, in particular that of the European Union (EU) with the General Data Protection Regulation (GDPR). The European Commission recognizes that Swiss data protection law provides adequate data protection.
Responsibility for the processing of personal data:
Emmentaler Schaukäserei AG
3416 Affoltern i.E.
We point out if there are other responsible parties for the processing of personal data in individual cases.
Personal data are all details that relate to a specific or identifiable natural person. An affected person is a person whose personal data we process.
Processing includes every handling of personal data, regardless of the means and methods used, such as querying, matching, adapting, archiving, retaining, reading, disclosing, obtaining, collecting, deleting, revealing, organizing, storing, modifying, distributing, linking, destroying, and using personal data.
The European Economic Area (EEA) includes the Member States of the European Union (EU) as well as the Principality of Liechtenstein, Iceland, and Norway. The General Data Protection Regulation (GDPR) refers to the processing of personal data as the processing of personal data.
We process personal data in accordance with Swiss data protection law, in particular the Federal Data Protection Act (Datenschutzgesetz, DSG) and the Data Protection Ordinance (Datenschutzverordnung, DSV).
We process - if and insofar as the General Data Protection Regulation (GDPR) is applicable - personal data according to at least one of the following legal bases:
We process those personal data that are necessary to be able to carry out our activities and tasks in a sustainable, user-friendly, secure, and reliable manner. Such personal data can in particular fall into the categories of inventory and contact data, browser and device data, content data, meta or marginal data and usage data, location data, sales data, and contract and payment data.
We process personal data for the duration necessary for the respective purpose or purposes or as required by law. Personal data that is no longer necessary is anonymized or deleted.
We may have personal data processed by third parties. We may process personal data jointly with third parties or transfer it to third parties. Such third parties are in particular specialized providers whose services we use. We also ensure data protection with such third parties.
We only process personal data with the consent of the data subject unless the processing is permitted for other legal reasons. Processing without consent may, for example, be permitted to fulfill a contract with the data subject and for corresponding pre-contractual measures, to protect our predominant legitimate interests because the processing is evident from the circumstances or after prior information.
In this context, we process in particular information that a data subject voluntarily provides to us when making contact - for example by regular mail, email, instant messaging, contact form, social media or phone - or when registering for a user account. We may store such information, for example, in an address book, in a customer relationship management system (CRM system) or with comparable tools. If we receive data about other people, the transmitting persons are obliged to ensure data protection towards these people and to ensure the accuracy of this personal data.
We also process personal data that we obtain from third parties, procure from publicly accessible sources or collect during the exercise of our activities and tasks, provided and to the extent that such processing is legally permissible.
We process personal data about applicants to the extent necessary to assess their suitability for employment or for the subsequent execution of an employment contract. The necessary personal data results in particular from the requested information, for example in the context of a job advertisement. We also process personal data that applicants voluntarily communicate or publish, especially as part of cover letters, curriculum vitae and other application documents, and online profiles.
We process - if and to the extent the General Data Protection Regulation (GDPR) applies - personal data about applicants in particular according to Art. 9 para. 2 lit. b GDPR.
We process personal data primarily in Switzerland and the European Economic Area (EEA). However, we can also export or transfer personal data to other countries, especially to process or have them processed there.
We can export personal data to all states and territories on Earth and elsewhere in the universe, provided the local law, according to the decision of the Swiss Federal Council, ensures adequate data protection and - if and insofar as the General Data Protection Regulation (GDPR) applies - according to the decision of the European Commission, ensures adequate data protection.
We can transfer personal data to countries whose law does not guarantee adequate data protection, provided data protection is guaranteed for other reasons, especially based on standard data protection clauses or with other appropriate guarantees. Exceptionally, we can export personal data to countries without adequate or suitable data protection if the special data protection requirements are met, for example, the explicit consent of the affected persons or a direct connection with the conclusion or execution of a contract. We are happy to provide affected persons with information about any guarantees upon request or provide a copy of any guarantees.
We grant affected persons all claims according to the applicable data protection law. Affected persons have the following rights in particular:
We may postpone, restrict, or refuse the exercise of the rights of affected persons within the legally permissible framework. We can point out any requirements that need to be met for the exercise of their data protection claims. For example, we can refuse the provision of information with reference to trade secrets or the protection of other persons, either entirely or partially. We can also refuse the deletion of personal data, either entirely or partially, with reference to legal retention obligations.
We may exceptionally charge for the exercise of rights. We will inform affected persons in advance of any costs.
We are obliged to identify affected persons who request information or assert other rights using appropriate measures. Affected persons are obliged to cooperate.
Individuals have the right to enforce their data protection rights in court or to file a complaint with a competent data protection supervisory authority.
The data protection supervisory authority for private entities and federal bodies in Switzerland is the Federal Data Protection and Information Commissioner (FDPIC).
Individuals have – if and to the extent the General Data Protection Regulation (GDPR) applies – the right to file a complaint with a competent European data protection supervisory authority.
We take appropriate technical and organizational measures to ensure data security that is commensurate with the respective risk. However, we cannot guarantee absolute data security.
Access to our website is encrypted (SSL / TLS, especially with the Hypertext Transfer Protocol Secure, abbreviated HTTPS). Most browsers indicate encrypted transport with a padlock in the address bar.
Our digital communication is – as in principle all digital communication – subject to mass surveillance without cause or suspicion, as well as other monitoring by security authorities in Switzerland, the rest of Europe, the United States of America (USA), and other countries. We cannot directly influence the processing of personal data by intelligence services, police authorities, and other security agencies.
Cookies can be temporarily stored in the browser as "session cookies" or for a specific period as so-called permanent cookies. "Session cookies" are automatically deleted when the browser is closed. Permanent cookies have a specific storage duration. Cookies, in particular, allow us to recognize a browser the next time our website is visited and, for example, to measure the reach of our website. However, permanent cookies can also be used for online marketing.
For cookies used for performance and reach measurement or advertising, a general objection ("opt-out") is possible for numerous services through the AdChoices (Digital Advertising Alliance of Canada), the Network Advertising Initiative (NAI), YourAdChoices (Digital Advertising Alliance) or Your Online Choices (European Interactive Digital Advertising Alliance, EDAA).
We can record the following information for every access to our website if it is transmitted from your browser to our server infrastructure or can be determined by our web server: Date and time including time zone, Internet Protocol (IP) address, access status (HTTP status code), operating system including user interface and version, browser including language and version, the specific sub-page of our website accessed including the amount of data transferred, the last website accessed in the same browser window (referrer).
We store such information, which may also constitute personal data, in server log files. The information is necessary to provide our website in a permanent, user-friendly, and reliable manner and to ensure data security and, in particular, the protection of personal data – also by third parties or with the help of third parties.
We may use tracking pixels on our website. Tracking pixels are also referred to as web beacons. Tracking pixels - also from third parties, whose services we use - are small, usually invisible images that are automatically retrieved when visiting our website. With tracking pixels, the same information as in server log files can be recorded.
We send notifications and messages via email and other communication channels such as instant messaging or SMS.
Notifications and communications may contain web links or tracking pixels that capture whether an individual message was opened and which web links were clicked. Such web links and tracking pixels can also record the use of notifications and messages in a personalized manner. We need this statistical recording of use for success and reach measurement in order to be able to send notifications and messages effectively, user-friendly, continuously, securely and reliably based on the needs and reading habits of the recipients.
You must basically explicitly consent to the use of your email address and your other contact addresses, unless the use is permitted for other legal reasons. Whenever possible, we use the "double opt-in" process for any consent, which means that you will receive an email with a web link that you must click to confirm, so that no abuse can occur by unauthorized third parties. We may log such consents, including Internet Protocol (IP) address as well as date and time, for evidence and security reasons.
You can basically object to receiving notifications and messages such as newsletters at any time. With such an objection, you can also object to the statistical recording of use for success and reach measurement. This does not affect required notifications and messages related to our activities and operations.
We send notifications and messages with the help of specialized service providers.
We are present on social media platforms and other online platforms to communicate with interested parties and to inform about our activities and operations. In connection with such platforms, personal data may also be processed outside Switzerland and the European Economic Area (EEA).
For our Facebook social media presence, including the so-called Page Insights, we are - to the extent that the General Data Protection Regulation (GDPR) applies - jointly responsible with Meta Platforms Ireland Limited (Ireland). The Meta Platforms Ireland Limited is part of the Meta Companies (among others in the USA). The Page Insights provide information on how visitors interact with our Facebook presence. We use Page Insights to effectively and user-friendly provide our Facebook social media presence.
We use services from specialized third parties to be able to carry out our activities and tasks permanently, user-friendly, safe, and reliably. With such services, we can, among other things, embed functions and content into our website. When embedding, the services used for technical reasons at least temporarily capture the Internet Protocol (IP) addresses of the users.
For necessary security-related, statistical, and technical purposes, third parties, whose services we use, can process data in connection with our activities and tasks in an aggregated, anonymized, or pseudonymized manner. These are, for example, performance or usage data to be able to offer the respective service.
We especially use:
We use services from specialized third parties to access the required digital infrastructure in connection with our activities and tasks. These include, for example, hosting and storage services from selected providers.
We especially use:
We use services from selected providers to communicate better with third parties, such as potential and existing customers.
We use services from third parties to embed maps on our website.
We especially use:
We use services from specialized third parties to enable the direct playback of digital audio and video content, such as music or podcasts.
We especially use:
We use services from third parties to embed selected fonts as well as icons, logos, and symbols on our website.
We especially use:
We use specialized service providers to securely and reliably process payments from our customers. The legal texts of individual service providers, such as General Terms and Conditions (GTC) or privacy statements, additionally apply for the processing of payments.
We specifically use:
We use third-party services to verify the identity of users. We particularly need these services for age verification for content and services that we can only offer to adults, and for identity verification for offers where "Know Your Customer" (KYC) obligations exist.
We use extensions for our website to access additional features.
We try to determine how our online offer is used. In this context, we can, for example, measure the success and reach of our activities and actions, as well as the impact of third-party links to our website. We can also try out and compare how different parts or versions of our online offer are used (the "A/B test" method). Based on the results of the success and reach measurement, we can particularly fix errors, strengthen popular content, or make improvements to our online offer.
For success and reach measurement, in most cases, the Internet Protocol (IP) addresses of individual users are saved. In this case, IP addresses are generally shortened ("IP masking") to follow the principle of data economy.
For success and reach measurement, cookies may be used, and user profiles created. Possible user profiles may include, for example, the individual pages visited or viewed content on our website, information about the size of the screen or browser window, and the approximate location. Generally, any user profiles are created in a pseudonymized form and are not used to identify individual users. Some third-party services where users are logged in may associate the use of our online offer with the user account or user profile of the respective service.
We particularly use:
We use video surveillance for the prevention of crimes and for securing evidence in the event of crimes as well as for exercising our property rights. If and insofar as the General Data Protection Regulation (GDPR) applies, this represents overriding legitimate interests according to Art. 6 Para. 1 lit. f GDPR.
We store recordings from our video surveillance as long as they are necessary for evidence purposes.
We may secure recordings due to legal obligations, to enforce our own legal claims, and in case of suspicion of criminal offenses and transmit them to the competent authorities, such as the courts or law enforcement agencies.