1.1 Philanthropy Services AG (Rittergasse 35, 4051 Basel) is responsible for your personal data.
1.2 If you have any questions regarding data protection, you can contact us by e-mail at email@example.com.
2. Personal Data
2.1 When you register as a user on our platform www.stiftungschweiz.ch («stiftungschweiz.ch»), we collect the following personal data:
• your first and last name, date of birth and contact details (address, telephone number and email address);
• information about the organisation or company you work for.
2.2 If you as a (registered) user wish to make or receive a donation payment via our donation payment system, we also collect the following personal data as part of this payment processing:
• payment and bank information (especially on the donation amount as well as your bank details [bank institute, account number, IBAN]);
• other information that you provide to us or that becomes known to us in the course of concluding or processing a contract with you.
2.3 In addition, we may use your personal data for our offers or offer packages from publicly accessible sources (e.g. commercial register).
3. Processing of Personal Data
3.1 We process your personal data for the following purposes:
• to communicate with you in the context of the registration process and any conclusion of a contract as well as the processing of the contract;
• to carry out money laundering checks in the context of concluding or processing a contract – if and to the extent required by law;
• in order to conclude and process contracts with you within the scope of our offer, in particular in the area of donation payments;
• to advertise our offers or offer packages (newsletter distribution and the like).
3.2 In addition, we may also process your personal data for the following purposes in which we have a legitimate interest commensurate with the purpose:
• advertising and marketing, unless you have objected to the use of your data (if we send you advertising from us as a registered user, you can object to this at any time, we will then put you on a block list against further advertising mailings);
• offer and further development of our offers, services and website, app and other platforms on which we are present;
• assertion of legal claims and defence in connection with legal disputes and official proceedings;
• prevention and investigation of criminal offences and other misconduct (e.g. conducting internal investigations, data analysis to combat fraud);
• guarantees of our operations, in particular IT, our website, app and other platforms.
3.3 If you have given us consent to process your personal data for certain purposes (e.g. when you register to receive newsletters or carry out a background check), we process your personal data within the scope of and based on this consent, unless we have another legal basis and we require one. Consent given can be revoked at any time, but this has no effect on data processing that has already taken place.
4. Cookies/Tracking and other Technologies
4.1 We use «cookies» and comparable technologies on stiftungschweiz.ch and the associated mobile app, which can be used to identify your browser or device. A cookie is a small file that is sent to your computer or automatically stored on your computer or mobile device by the web browser you are using when you visit our website or install an app. If you visit the website again or use our app, we can recognise you in this way, even if we do not know who you are. In addition to cookies that are only used during a session and deleted after your visit to the website («session cookies»), cookies can also be used to store user settings and other information for a certain period of time (e.g. two years) («permanent cookies»). However, you can set your browser to reject cookies, save them for one session only or otherwise delete them prematurely. Most browsers are preset to accept cookies. We use persistent cookies so that your user preferences are remembered (e.g. language, autologin), so that we better understand how you use our offers and content, and so that we can show you offers and advertising tailored to you. If you block cookies, certain functionalities (such as language selection, shopping cart, ordering processes) may no longer work.
4.2 We also include visible and invisible image elements in our newsletters and other marketing emails in some cases and where permitted, by retrieving these from our servers we can determine whether and when you have opened the email so that we can also measure and better understand how you use our offers and tailor them to you. You can block this in your email program; most are preset to do this.
4.3 By using our website and app and consenting to receive newsletters and other marketing emails, you consent to the use of these techniques. If you do not want this, you must set your browser or e-mail programme accordingly or uninstall the app if this cannot be adjusted via the settings.
5. Data Transfer and Data Transmission Abroad
5.1 We may also disclose your personal data to the following third parties as necessary and permissible within the scope of our business activities and purposes:
• service providers, including order processors (such as IT providers);
• dealers, suppliers, subcontractors and other business partners;
• other clients (other donors or donation recipients);
• domestic and foreign authorities, official agencies or courts;
• the public or visitors to our website.
5.2 These recipients may be in Switzerland or abroad. If we transfer your data to a country without adequate legal data protection, we ensure an adequate level of protection through appropriate contracts (so-called standard contractual clauses) or rely on the legal exceptions. You can obtain a copy of the contractual guarantees mentioned from us at any time. We reserve the right to black out copies for reasons of data protection or confidentiality or to supply only excerpts.
6. Duration of the Retention of Personal Data
6.1 We process and store your personal data for as long as it is necessary for the fulfilment of our contractual and legal obligations or otherwise for the purposes pursued with the processing, i.e. for example for the duration of the entire business relationship as well as beyond that in accordance with the statutory retention and documentation obligations. In doing so, it is possible that personal data will be retained for the time during which claims can be made against our company and to the extent that we are otherwise required to do so by law or legitimate business interests require it. As soon as your personal data is no longer required for the above-mentioned purposes, it will be deleted or made anonymous as far as possible. For operational data (e.g. system logs, logs), shorter retention periods of twelve months or less generally apply.
7. Data Security
7.1 We take appropriate technical and organisational security measures to protect your personal data from unauthorised access and misuse, such as IT and network security solutions, access controls and restrictions, encryption of data carriers and transmissions, pseudonymisation, controls.
8. Obligation to Provide your Personal Data
8.1 Within the scope of our business relationship, you must provide the personal data that is required for the establishment and implementation of a business relationship and the fulfilment of the associated contractual obligations. Without this data, we are not in a position to conclude or process a contract with you. Our website also cannot be used if certain information to secure data traffic (such as IP address) is not disclosed.
9. Your Rights
9.1 You are entitled to request detailed information about what personal data we hold about you and how we process it. You can request a copy of your personal data, have your data corrected or deleted, restrict our processing activities concerning this information and object to the processing of your personal data. You are entitled to withdraw your consent at any time and we may continue to process your personal data to the extent required or permitted by law.
9.2 You also have the option of filing a complaint with a local supervisory authority (in Switzerland, the Federal Data Protection and Information Commissioner) (http://www.edoeb.admin.ch).