Purpose of this document
Within the framework of using our website, your personal data will be processed by us as the data controller and stored for the duration necessary to fulfil the specified purposes and to comply with legal obligations. Below we have set out information about which data are concerned, how they are processed and what rights you are entitled to with respect to this.
In pursuance of Article 4(1) of the General Data Protection Regulation (GDPR), ‘personal data’ means any information relating to an identified or identifiable natural person.
1 Contact details
Name and contact details of the controller and the company data protection officer. This data protection information applies to data processing on the website www.linkyard.ch as well as www.linkyard.cloud by the controller:
3150 Schwarzenburg, Switzerland
(hereinafter “ linkyard”)
Telephone: +41 31 508 7620
Linkyard’s company data protection officer can be contacted at the above address, FAO the Data Protection department, or at support@ linkyard.ch.
2 Collection and storage of personal data
Collection and storage of personal data as well as type and purpose, and use thereof.
2.1 When visiting the website
You can view the website www.linkyard.ch without having to disclose details regarding your identity. The browser used on your device simply sends information to our website’s server automatically (e.g. date and time of access, name and URL of the retrieved file, browser type and version, and website from which our website is accessed (referrer URL)).
This also includes the IP address of your requesting device. This is temporarily stored in a so-called logfile and automatically deleted after 2 weeks.
The processing of the IP address is carried out for the technical and administrative purposes of establishing and maintaining a connection in order to guarantee the security and functionality of our website and to be able to track any illegal attacks thereon, if necessary.
The legal basis for processing the IP address is Art. 6(1)(f) GDPR. Our legitimate interest follows from the aforementioned security interest and the necessity to provide our website without any problems.
We cannot draw any immediate conclusions as to your identity from processing the IP address in the logfile.
2.2 When making contact requests
You can contact us at any time about the products and services offered by us by telephone or email, using the contact information indicated on our website.
If personal data are collected when you contact us, we will use this information to respond to your request and to make you an offer geared to your needs.
The data processing is carried out following your request and is required in pursuance of Art. (6)(1)(b) GDPR for the aforementioned purposes for the performance of the contract and pre-contractual measures. In addition, the data processing within the framework of the request for test access is based on our legitimate interests in pursuance of Art. (6)(1)(f) GDPR. These also arise from the aforementioned purposes.
The personal data concerning you, which we collect for the enquiry, will be stored for a period of 10 years within the framework of our statutory storage periods and will subsequently be deleted.
2.3 When applying for vacancies
In the “Jobs” section, you are able to apply for job vacancies or send us a speculative application.
We need your application documents in order to ascertain from whom the application originates and in order to be able to answer and deal with them.
The data processing takes place following your request and only to the extent that it is required within the framework of responding to the application and establishing the employment relationship in pursuance of Art. 88(1) GDPR in conjunction with Section 26(1) of the Federal Data Protection Act as amended, in order to undertake pre-contractual measures in pursuance of Art. (6)(1)(b) GDPR or in order to safeguard our legitimate interests in pursuance of Art. (6)(1)(f) GDPR.
Applications which have not been considered will be deleted after 6 months at the latest, unless you have consented to a longer storage period in pursuance of Art. (6)(1)(a) GDPR.
2.4 When registering for status messages
We regularly publish messages regarding the problems we are currently experiencing under the subdomain status.linkyard.ch, in order to keep our customers constantly informed. For instance, this may relate to service problems or restrictions in performance.
You can subscribe to the messages, either as an email message or a text message on your mobile phone. To do this, you either have to provide an email address or a mobile phone number and subsequently sign up for the messaging service. You are therefore consenting to the receipt of relevant messages and the use of the specified email address or mobile phone number for this purpose in pursuance of Art. (6)(1)(a) GDPR.
You can withdraw your consent at any time with effect for the future. To do this, please use the unsubscribe link contained in the email messages or send us an email at firstname.lastname@example.org.
After unsubscribing from the email or SMS notifications, your data will be automatically deleted and you will not receive any further messages.
2.5 When using our service desk
We accept fault reports and enquiries under the subdomain servicedesk.linkyard.ch. This requires prior registration, involving entering a valid email address. A registration link is subsequently sent to the email address you entered, which will allow you to complete your registration after you have indicated your name and chosen a password. The specified data are stored in a user profile.
We are able to assign your messages to you and also deal with them accordingly at a later time via the user profile and, if necessary, the handling of your messages and requests can be tracked by both you and us. In addition, we use the email address if we need to contact you, for instance in the event of queries. In addition, you will automatically receive email notifications about the processing status of your message/request.
The requests may be subject to a charge. If you do not yet have a support contract with linkyard, we will draw your attention to this before responding to the request and make you an appropriate offer.
The data processing is carried out following your request and is necessary in pursuance of Art. (6)(1)(b) GDPR for the aforementioned purposes for the performance of the contract regarding the use of the service desk and pre-contractual measures for this. In addition, the data processing within the framework of generating a user profile is based on our legitimate interests in pursuance of Art. (6)(1)(f) GDPR in order to look after you and handle your request in the best way possible.
We use Atlassian’s services to provide the service desk. In connection with this, Atlassian will process personal data which may arise when using the service on our behalf. We have concluded a processing contract with Atlassian. The service provider gives an assurance, by means of this contract, that the data will be processed in accordance with the General Data Protection Regulation and guarantees that the rights of the data subject will be protected.
We will store your personal data which we collect for the request and processing thereof for a period of up to 10 years within the framework of our statutory storage periods, and subsequently delete the data. Your user profile will remain in place until you wish to have it deleted and will subsequently be deleted after 3 years at the end of the year. It will then only be possible to use the service desk after you have re-registered.
3 Circulation of data
3.1 Web hosting
We use the web hosting service WP Engine, 504 Lavaca Street, Suite 1000, Austin, TX 78701, USA (hereinafter “WP Engine”) to provide this website.
A web hosting service is required in order to offer a website. WP Engine is utilised in pursuance of Art. (6)(1)(f) GDPR due to our legitimate economic interest in making our offer available on this website. In connection with the hosting, WP Engine processes personal data which may arise when using the website on our behalf.
Within the framework of using the services of WP Engine, it cannot be excluded that personal data may be transferred to, and stored on, a WP Engine server in the USA. WP Engine complies with the data protection regulations of the “U.S. Privacy Shield” and is registered with the U.S. Department of Commerce’s “US Privacy Shield” programme. In addition, we have concluded a processing contract with WP Engine. The service provider gives an assurance, by means of this contract, that the data will be processed in accordance with the General Data Protection Regulation and guarantees that the rights of the data subject will be protected.
Moreover, a circulation of personal data may, if necessary, be considered if
• you have given your explicit consent to this in pursuance of Art. (6)(1)(a) GDPR;
• this is required in pursuance of Art. (6)(1)(b) GDPR for the performance of a contract with you or pre-contractual measures (e.g. in the case of circulation to software manufacturers for the purposes of purchasing licences or in the case of sharing payment details with payment service providers and/or financial institutions in order to carry out a payment transaction);
• a legal obligation exists for circulation in pursuance of Article 6(1)(c) GDPR.
The data circulated may be used by the recipients exclusively for the stated purposes.
4 Cookies and pixel tags
The cookie stores information that arises in connection with the specific device used. However, this does not mean that we will receive direct knowledge of your identity.
We use pixel tags (also called tracking pixels) as part of our online offer. Pixels are small graphics that are embedded via the HTML code of our site. The pixel tag itself does not store or change any information on your device, so pixels on your device do not cause any damage, do not contain viruses, Trojans or other malware.
The pixels send your IP address, the referrer URL of the website visited, the time when the pixel was viewed, the browser used, and previously set cookie information to a web server. This allows us to carry out reach measurements and other statistical evaluations which help to optimise our offer.
In addition, we also use temporary cookies to optimise the user-friendliness of the site, which are stored on your device for a specified period of time. If you revisit our website in order to use our services, the system automatically recognises that you have already visited the website and remembers your previous entries and settings so that you do not have to re-enter them.
The data processed by cookies are required for the stated purposes in order to safeguard our legitimate interests as well as those of third parties in pursuance of Art. 6(1)(f) GDPR.
Most browsers automatically accept cookies. However, you can configure your browser so that no cookies are stored on your computer or so that a notice always appears before a new cookie is created. However, completely disabling cookies may result in you not being able to use all the functions of our website. You can prevent the use of pixels on our pages by means of appropriate tools and/or browser add-ons (e.g. by using the add-on “AdBlock” for the Firefox browser).
For more opt-out options, please refer to the following information about the tools we use.
5 Web analysis
The tracking and targeting measures listed below and used by us are undertaken on the basis of Art. (6)(1)(f) GDPR.
The aim of the tracking measures used is to ensure that we design our website based on users’ needs and we continuously optimise the website. On the other hand, we use the tracking measures to statistically record and evaluate the use of our website for the purposes of optimising our offer for you.
We want to ensure, by means of the targeting measures used, that you only see advertising which is based on your actual or perceived interests on your devices.
These interests are to be deemed to be legitimate within the meaning of the aforementioned provision.
The respective data processing purposes and data categories can be found in the corresponding tracking and targeting tools.
5.1 Google Marketing Platform
We use the Google Marketing Platform (DoubleClick products and Google Analytics), a web analytics and advertising service provided by Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; hereinafter “Google”) on our website. The service combines the Google products DoubleClick Digital Marketing and Google Analytics 360 Suite. In this context, pseudonymised user profiles are created and cookies (see subparagraph 4) are used. The information generated by the cookie about your use of this website, such as
• browser type/version,
• operating system used,
• referrer URL (the previously visited site),
• hostname of the accessing computer (IP address),
• time of the server request,
are transferred to a Google server in the USA and stored there. Google is subject to the EU-US Privacy Shield so that an adequate level of data protection is guaranteed. In addition, we have concluded a processing contract with Google for the use of Google Analytics. Google gives an assurance, by means of this contract, that the data will be processed in accordance with the General Data Protection Regulation and guarantees that the data subject’s rights will be protected.
Within the framework of the Analytics 360 Suite, information is used to evaluate the use of the website, to compile reports on website activities, and to provide other services related to website usage and internet usage for the purposes of market research and needs-based design of these webpages.
Within the framework of DoubleClick Digital Marketing, information is collected and evaluated in order to optimise pop-ups. The technologies used allow us to specifically appeal to you with advertising related to your individual interests. For example, the technologies record which of our contents you are interested in. Based on the information, we may also display offers on third-party sites that are specifically tailored to your interests, as demonstrated by your previous user behaviour. Your user behaviour is exclusively recorded and evaluated pseudonymously and does not allow us to identify you.
This information may also be transferred to third parties if this is required by law or inasmuch as third parties process this data on our behalf. Under no circumstances will your IP address be merged with other data by Google. The IP addresses are anonymised so that it cannot be associated with you (IP masking).
You can prevent the installation of cookies by setting the browser software accordingly. However, we would point out that, in this case, you may not be able to use all of the functions of this website in full.
You can also prevent the collection of the data generated by Analytics 360 and related to your use of the website (including your IP address) and the processing of this data by Google by downloading and installing a browser add-on . As an alternative to the browser add-on, especially during browsing on mobile devices, you can also prevent the collection by Analytics 360 by clicking on this link. An opt-out cookie is set to prevent the future collection of your data when you visit this website. The opt-out cookie is only valid in this browser and only for our website and is stored on your device. If you delete the cookies in this browser you must set the opt-out cookie again.
You can also adjust the settings for displaying advertising related to your interests by DoubleClick Digital Marketing via Google’s ads settings manager.
More information about data protection related to the Google Marketing Platform can be found here.
5.2 Google Ads Conversion Tracking
In order to statistically record the use of our website and to evaluate it for the purposes of optimising our offer for you, we also use Google Conversion Tracking. Google Ads sets a cookie (see subparagraph 4) on your computer, provided you arrived at our website via a Google ad. Google is subject to the EU-US Privacy Shield so that an adequate level of data protection is guaranteed.
These cookies expire after 30 days and are not used for personal identification. If the user visits certain pages of the AdWords customer’s website and the cookie has not yet expired, Google and the customer can identify that the user has clicked on the ad and has been redirected to this page.
The information generated by the cookie about your use of this website is transmitted to a Google server in the USA and stored there. Google complies with the data protection regulations of the “US Privacy Shield” and is registered with the U.S. Department of Commerce’s “US Privacy Shield” programme. In addition, we have concluded a processing contract with Google for the use of Google Ads. Google gives an assurance, by means of this contract, that the data will be processed in accordance with the General Data Protection Regulation and the protection of the data subject’s rights is guaranteed.
Each Ads customer receives a different cookie. Consequently, cookies cannot be tracked via the websites of Ads customers. The information obtained with the aid of the conversion cookie is used to generate conversion statistics for ads customers who have opted for conversion tracking. We see the total number of users who clicked on their ad and were redirected to a website having a conversion tracking tag. However, they do not receive any information that can be used to personally identify users.
If you do not wish to participate in the tracking process, you can also refuse the setting of a cookie required for this purpose – for example, by means of a browser setting which generally disables the automatic setting of cookies. You can also disable cookies for conversion tracking by setting your browser to block cookies from the “www.googleadservices.com” domain. Google’s privacy notice regarding conversion tracking can be found here.
6 Data subject’s rights
You have the right:
• to withdraw your consent at any time in pursuance of Art. 7(3) GDPR. As a result, we will no longer be allowed to continue the data processing based on this consent for the future;
• to obtain access to your personal data processed by us in pursuance of Art. 15 GDPR. In particular, you may obtain information about the purposes of the processing, the category of personal data, the categories of recipients to whom your data have been or will be disclosed, the envisaged storage period, the existence of the right to request rectification and erasure of personal data, restriction of processing or to object to such processing, the existence of a right to lodge a complaint, information as to the source of your data if they have not been collected by us, and the existence of automated decision-making, including profiling and, where applicable, meaningful information about the details thereof;
• to obtain without undue delay the rectification of inaccurate personal data or to have your incomplete personal data stored by us completed in pursuance of Article 16 GDPR;
• to obtain the erasure of your personal data stored by us in pursuance of Article 17 GDPR, unless the processing is necessary for exercising the right to freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the establishment, exercise or defence of legal claims;
• to obtain restriction of the processing of your personal data in pursuance of Article 18 GDPR, inasmuch as the accuracy of the data is contested by you, the processing is unlawful but you oppose the erasure thereof and we no longer need the data, but they are required by you for the establishment, exercise or defence of legal claims or you have objected to the processing in pursuance of Article 21 GDPR;
• to receive your personal data, which you have provided to us, in a structured, commonly used and machine-readable format or to have your data transmitted to another controller in pursuance of Article 20 GDPR, and
• to lodge a complaint with a supervisory authority in pursuance of Article 77 GDPR. As a rule, you can contact the supervisory authority in your habitual residence or place of work or our company domicile.
7 Information about the right to object (Art. 21 GDPR)
You have the right to object, on grounds relating to your particular situation, at any time to the processing of personal data concerning you which is carried out based on Article 6(1)(f) GDPR (data processing on the basis of weighing of interests); this also applies to a profiling from Article 4(4) GDPR based on this provision.
If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing, which override your interests, rights and freedoms, or the processing is used for the establishment, exercise or defence of legal claims.
If you object to the processing of data for direct marketing purposes, we will immediately discontinue the processing. In this case, it is not necessary to indicate a specific situation. This also applies to profiling insofar as it is related to such direct marketing.
If you would like to exercise your right to object, you only need to send an email to this effect to email@example.com.
8 Data security
All data sent personally by you are transmitted encrypted using the commonly used and secure standard TLS (Transport Layer Security). TLS is a safe and proven standard which is also used in online banking, for example. You can recognise a secure TLS connection, among other things, by the ‘s’ extension to the http (that is to say https://..) in your browser’s address bar or by the lock icon at the bottom of your browser.
Furthermore, we use appropriate technical and organisational security measures in order to protect your data against accidental or intentional manipulations, partial or complete loss, and destruction or unauthorised access by third parties. Our security measures are continually being improved in line with technological developments.