Germany Flag 30x18
Union-Jack 30x18

Privacy Policy

In this privacy policy, we, including this website and various social media offerings, hereinafter referred to as the „Operator,“ collectively explain how we collect and otherwise process personal data. This is not an exhaustive description; other privacy policies, such as the disclaimer, may govern specific matters. Personal data refers to all information relating to an identified or identifiable person.

If you provide us with personal data of other individuals (e.g., family members, colleagues), please ensure that these individuals are aware of this privacy policy, and only share their personal data with us if you are permitted to do so and if the personal data is accurate.

This privacy policy is aligned with the EU General Data Protection Regulation (GDPR). Although the GDPR is a regulation of the European Union, it is relevant to us. The Swiss Data Protection Act (DPA) is heavily influenced by EU law, and companies outside the European Union or the EEA must comply with the GDPR under certain circumstances.

1. Controller / Data Protection Officer

If you have data protection concerns, you can contact us at the address provided: dataprotection@sweets.education

2. Collection and Processing of Personal Data

We primarily process personal data that we receive from our customers, business partners, and other involved parties in the course of our business relationships, or that we collect from users during the operation of our websites, apps, and other applications.

To the extent permitted, we also obtain certain data from publicly accessible sources (e.g., debt enforcement registers, land registries, commercial registers, press, internet) or receive such data from other companies, authorities, and third parties.

In addition to the data you provide directly to us, the categories of personal data we receive about you from third parties include, in particular:

  • Information from public registers;
  • Information obtained in connection with administrative or legal proceedings;
  • Information related to your professional roles and activities (e.g., to enable us to conduct business with your employer);
  • Information about you in correspondence and discussions with third parties;
  • Credit reports (if we conduct business with you personally);
  • Information provided by people in your environment (family, advisors, legal representatives, etc.) so we can conclude or perform contracts with you or involving you (e.g., references, delivery addresses, powers of attorney);
  • Information on compliance with legal requirements, such as anti-money laundering and export restrictions;
  • Information from banks, insurance companies, sales partners, and other contractual partners regarding the use or provision of services by you (e.g., payments made, purchases);
  • Information about you from media and the internet (if relevant in the specific case, e.g., for applications, press reviews, marketing/sales);
  • Your addresses, interests, and other sociodemographic data (for marketing);
  • Data related to your use of the website (e.g., IP address, MAC address of your smartphone or computer, device and settings information, cookies, date and time of visit, accessed pages and content, used functions, referring website, location data).<br />

3. Purposes of Data Processing and Legal Bases

We primarily use the personal data we collect to conclude and perform contracts with our customers and business partners, particularly in the context of our activities with customers and the purchase of products and services from our suppliers and subcontractors, as well as to comply with our legal obligations domestically and internationally. If you work for such a customer or business partner, your personal data may also be affected in this capacity.

Additionally, we process personal data about you and other individuals, to the extent permitted and deemed appropriate, for the following purposes, in which we (and sometimes third parties) have a legitimate interest corresponding to the purpose:

    • Offering and further developing our products, services, websites, apps, and other platforms on which we are present;
    • Communicating with third parties and processing their inquiries of all kinds (e.g., applications, media inquiries, follower support, etc.);
    • Reviewing and optimizing needs analysis procedures for direct customer contact and collecting personal data from publicly available sources for customer acquisition;
    • Advertising and marketing (including hosting events), unless you have objected to the use of your data (if we send you advertising as an existing customer, you can object at any time, and we will place you on a blacklist for further advertising);
    • Market and opinion research, media monitoring;
    • Asserting legal claims and defending in connection with legal disputes and administrative proceedings;
    • Preventing and investigating criminal offenses and other misconduct (e.g., conducting internal investigations, data analysis for fraud prevention);
    • Ensuring our operations, particularly IT, websites, apps, and other platforms;
    • Video surveillance to maintain property rights and other measures for IT, building, and facility security, as well as protecting our employees, other individuals, and assets entrusted to us (e.g., access controls, visitor lists, network and email scanners, telephone recordings);
    • Buying and selling business units, companies, or parts of companies and other corporate transactions, including the transfer of personal data, as well as measures for business management and compliance with legal, regulatory, and internal operator requirements.

If you have given us consent to process your personal data for specific purposes (e.g., subscribing to newsletters or conducting background checks), we process your personal data within the scope of and based on this consent, unless we have another legal basis and require one. Consent can be withdrawn at any time, but this will not affect data processing that has already occurred.

4. Cookies / Tracking and Other Technologies Related to the Use of Our Website

We typically use „cookies“ and similar techniques on our websites and apps to identify your browser or device. A cookie is a small file sent to your computer or automatically stored by your web browser on your computer or mobile device when you visit our website or install our app. When you revisit the website or use our app, we can recognize you, even if we don’t know who you are. In addition to session cookies (which are deleted after your visit), permanent cookies may be used to store user preferences and other information for a specific period (e.g., two years). However, you can configure your browser to reject cookies, store them only for one session, or delete them early. Most browsers are preset to accept cookies. We use permanent cookies to save user preferences (e.g., language, auto-login), to better understand how you use our offerings and content, and to display tailored offers and ads, which may also appear on other companies’ websites. These companies will not learn your identity from us (if we even know it), as they only see that the same user who visited a specific page on our site is now on theirs. Some cookies are set by us, others by contractual partners we work with. If you block cookies, certain functionalities (e.g., language selection, shopping cart, ordering processes) may not work.

We also include visible and invisible image elements in our newsletters and other marketing emails, where permitted, which, when retrieved from our servers, allow us to determine if and when you opened the email. This helps us measure and better understand how you use our offerings and tailor them to you. You can block this in your email program; most are preset to do so.

By using our websites and apps and consenting to receive newsletters and other marketing emails, you agree to the use of these techniques. If you do not want this, you must adjust your browser or email program settings accordingly, or uninstall the app if this cannot be adjusted via settings.

We occasionally use Google Analytics or similar services on our websites. This is a third-party service (e.g., Google LLC in the USA, www.google.com) that allows us to measure and evaluate website usage (non-personally identifiable). Permanent cookies set by the service provider are also used for this purpose. The service provider does not receive personal data from us (nor does it store IP addresses), but it can track your use of the website, combine this information with data from other websites you’ve visited that are also tracked by the provider, and use these insights for its own purposes (e.g., ad targeting). If you have registered with the service provider, they may also know you. The processing of your personal data by the service provider is governed by its privacy policies. The provider only informs us about how our website is used (no personal information about you).

We also use plug-ins from social networks such as Facebook, „X“ (formerly Twitter), YouTube, Google+, Pinterest, TikTok, Instagram, and others on our websites. These are visible to you (typically via corresponding icons). If you activate them (by clicking), the operators of these social networks can register that you are on our website and where, and may use this information for their purposes. The processing of your personal data is then governed by the operator’s privacy policies. We do not receive any information about you from them.

5. Data Sharing and Cross-Border Data Transfer

In the course of our business activities and for the purposes outlined in Section 3, we disclose personal data to third parties, to the extent permitted and deemed appropriate, either because they process it for us or because they want to use it for their own purposes. This particularly concerns the following entities:

      • Our service providers (within the group and externally, e.g., banks, insurance companies), including processors (e.g., IT providers);
      • Dealers, suppliers, subcontractors, and other business partners;
      • Customers;
      • Domestic and foreign authorities, agencies, or courts;
      • Media;
      • The public, including visitors to websites and social media;
      • Competitors, industry organizations, associations, and other bodies;
      • Acquirers or parties interested in acquiring the website;
      • Other parties in potential or actual legal proceedings;
      • Other companies and offerings of the Operator.

Collectively, these are referred to as “Recipients.” Some of these recipients are located domestically, but they may be anywhere in the world. You should expect your data to be transferred to all countries where the Operator is represented through group companies, branches, or other offices, as well as to other countries in Europe and the USA where our service providers are located (e.g., Microsoft, Mailchimp, Elementor, Amazon, Salesforce.com, Stripe, PayPal, and others). When we transfer data to a country without adequate legal data protection, we ensure an appropriate level of protection as required by law through corresponding contracts (e.g., based on the EU Commission’s Standard Contractual Clauses, https://eur-lex.europa.eu), or Binding Corporate Rules, or we rely on legal exceptions such as consent, contract performance, the establishment, exercise, or enforcement of legal claims, overriding public interests, published personal data, or the need to protect the integrity of the individuals concerned. You can request a copy of the aforementioned contractual safeguards from the contact person listed in Section 1 at any time, though we reserve the right to redact copies for data protection or confidentiality reasons or to provide only excerpts without further explanation.

6. Retention Period of Personal Data

We process and store your personal data as long as necessary to fulfill our contractual and legal obligations or for the purposes pursued with the processing, such as for the duration of the entire business relationship (from initiation to termination of a contract) and beyond, in accordance with legal retention and documentation requirements. Personal data may be retained for the period during which claims can be asserted against our company, as well as to the extent we are legally obligated to do so or legitimate business interests require it (e.g., for evidence and documentation purposes). Once your personal data is no longer needed for the above purposes, it will generally be deleted or anonymized as far as possible. For operational data (e.g., system logs), shorter retention periods of twelve months or less typically apply.

7. Data Security

We take appropriate technical and organizational security measures to protect your personal data from unauthorized access and misuse.

In the context of our business relationship, you must provide the personal data necessary for establishing and conducting a business relationship and fulfilling the associated contractual obligations (you generally do not have a legal obligation to provide us with data). Without this data, we will typically not be able to conclude or perform a contract with you (or the entity or person you represent). The website also cannot be used if certain data required to ensure data traffic (e.g., IP address) is not disclosed.

8. Profiling and Automated Decision-Making

We partially process your personal data automatically to evaluate certain personal aspects (profiling). We use profiling, in particular, to provide targeted information and advice about products. This involves using evaluation tools that enable needs-based communication and advertising, including market and opinion research.

For establishing and conducting the business relationship and otherwise, we generally do not use fully automated decision-making (as regulated, for example, in Art. 22 GDPR). If we use such procedures in individual cases, we will inform you separately if required by law and explain your related rights.

9. Rights of the Data Subject

Under applicable data protection law and to the extent provided therein (e.g., under the GDPR), you have the right to access, rectification, deletion, restriction of processing, and to object to our data processing, as well as the right to receive certain personal data for transfer to another entity (data portability). However, please note that we reserve the right to invoke legally provided restrictions, such as if we are obligated to retain or process certain data, have an overriding interest (to the extent we may rely on it), or need the data to assert claims. If costs are incurred by you, we will inform you in advance. We have already informed you about the possibility of withdrawing your consent in Section 3. Note that exercising these rights may conflict with contractual agreements, which could result in consequences such as early contract termination or costs. We will inform you in advance where this is not already contractually regulated.

Exercising such rights generally requires you to clearly prove your identity (e.g., with a copy of your ID if your identity is not otherwise clear or verifiable). To assert your rights, you can contact us at the address provided in Section 1.

Every data subject also has the right to enforce their claims in court or lodge a complaint with the competent data protection authority.

10. Changes

We may amend this privacy policy at any time without prior notice. The current version published on our website applies. If the privacy policy is part of an agreement with you, we will inform you of updates via email or another suitable method in the event of changes.

Version: 01.01.2025

HOME

LANGUAGE

Germany Flag 30x18
Union-Jack 30x18

NAVIGATE

NAVIGATE